Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: shadow | Distribution: SUSE Linux Enterprise 15 |
Version: 4.8.1 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 150600.15.45 | Build date: Thu May 9 10:50:03 2024 |
Group: System/Base | Build host: h01-armsrv1 |
Size: 4104734 | Source RPM: shadow-4.8.1-150600.15.45.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://github.com/shadow-maint/shadow | |
Summary: Utilities to Manage User and Group Accounts |
This package includes the necessary programs for converting plain password files to the shadow password format and to manage user and group accounts.
BSD-3-Clause AND GPL-2.0-or-later
* Fri Sep 08 2023 [email protected] - bsc#1214806 (CVE-2023-4641): Fix potential password leak - Add shadow-CVE-2023-4641.patch * Tue Jul 11 2023 [email protected] - bsc#1213189: Change lock mechanism to file locking to prevent lock files after power interruptions - Add shadow-4.8.1-lock-mechanism.patch * Tue Jul 04 2023 [email protected] - bsc#1206627: Add --prefix support to passwd, chpasswd and chage Needed for YaST - Add shadow-4.8.1-add-prefix-passwd-chpasswd-chage.patch * Tue Apr 18 2023 [email protected] - bsc#1210507 (CVE-2023-29383): Check for control characters - Add shadow-CVE-2023-29383.patch * Fri Nov 18 2022 [email protected] - Added patch: * shadow-4.8.1-AUDIT_NO_ID.patch + fix bsc#1205502: useradd audit event user id field cannot be interpreted * Wed Jan 12 2022 [email protected] - The legacy code does not support /etc/login.defs.d used by YaST. Enable libeconf to read it (bsc#1192954). * Wed Nov 17 2021 [email protected] - shadow-util-linux.patch: * Add support for LOGIN_KEEP_USERNAME from util-linux >= 2.37. - Refresh shadow-login_defs-suse.patch. * Thu Jan 28 2021 [email protected] - Do not require libeconf-devel on products without /usr/etc. * Thu Jan 21 2021 [email protected] - Split login.defs configuration file into own sub-package, which allows to install util-linux or pam on small embedded/edge systems or container without the need to pull in the full shadow suite. * Wed Nov 11 2020 [email protected] - Amend patches/useradd-userkeleton.patch to also write into existing directories and prefer files from /etc * Wed Nov 11 2020 [email protected] - Add patch useradd-userkeleton.patch to extend original C code of useradd to handle /usr/etc/skel (boo#1173321) - Remove /usr/etc/skel support in useradd.local script * Mon Nov 02 2020 [email protected] - Change again useradd.local script to let it work even for system accounts and work together with SELinux (bsc#1178296) - Change patch useradd-script.patch to support the four arguments used by the useradd.local script (bsc#1178296) * Fri Oct 09 2020 [email protected] - Add support for /usr/etc/skel to useradd.local script (boo#1173321) * Thu Oct 08 2020 [email protected] - shadow-login_defs-check.sh: Fix the regexp to get a real variable list (boo#1164274). * Tue Sep 08 2020 [email protected] - login.defs: Add support for new util-linux-2.36 login variable MOTD_FIRSTONLY (shadow-util-linux.patch). - shadow-login_defs-comments.patch: Remove duplicated LASTLOG_UID_MAX. - shadow-login_defs-check.sh: Update for new build system. - shadow-util-linux.patch: Restore lost chunk: SYSLOG_SU_ENAB is not used in SUSE Linux. - Refresh shadow-login_defs-suse.patch and shadow-login_defs-comments.patch. * Fri May 22 2020 [email protected] - Use pure #!/bin/sh in: * useradd.local * userdel-post.local * userdel-pre.local * Fri Jan 24 2020 [email protected] - Update to 4.8.1: * selinux: include stdio * man: don't suggest making groupmems user-writeable * Makefile: bail out on error in for loops * Adding logging of SSH_ORIGINAL_COMMAND to nologin * add new HOME_MODE login.defs option * Add tty logging to useradd * Useradd: make non-executable shell check only a warning * Update Dutch translation * user_busy: Do not mistake a regular user process for a namespaced one * Revert "Honor --sbindir and --bindir for binary installation" - Remove shadow-4.8-shell-check.patch: included - Remove shadow-4.8-selinux-include.patch: upstreamed * Mon Jan 20 2020 [email protected] - Set 0755 for chpasswd, groupadd, groupdel, groupmod, newusers, useradd, userdel, usermod explicitly. * Thu Jan 16 2020 [email protected] - bsc#1160729: Make valid shell check only a warning * Add shadow-4.8-shell-check.patch * Tue Dec 17 2019 [email protected] - Update to 4.8: * Initial optional bcrypt support. * Make build/install of 'su' optional. * Fix for vipw not resuming correctly when suspended * Sync password field descriptions in manpages * Check for valid shell argument in useradd * Allow translation of new strings through POTFILES.in * Migrate to itstool for translations * Migrate to new SELinux api * Support --enable-vendordir * pwck: Only check homedir if set and not a system user * Support nonstandard usernames * sget{pw,gr}ent: check for data at EOL * Add YYY-MM-DD support in chage * Fix failing chmod calls for suidubins * Fix --sbindir and --bindir for binary installations * Fix LASTLOG_UID_MAX in login.defs * Fix configure error with dash - Remove because upstreamed: * libeconf.patch * shadow-usermod-variable.patch - Rebase: * shadow-login_defs-unused-by-pam.patch * chkname-regex.patch * shadow-util-linux.patch * shadow-login_defs-comments.patch - Add shadow-4.8-selinux-include.patch See https://github.com/shadow-maint/shadow/pull/200 * Mon Oct 07 2019 [email protected] - libeconf.patch: Add support for libeconf and /usr/etc for login.defs. - Move first configuration files and pam config files to /usr/etc * Mon Sep 02 2019 [email protected] - bsc#1144060: Add pam_keyinit.so to /etc/pam.d configuration files to support kernel keyring feature - Update pamd.tar.bz2 with pam configuration files accordingly * Mon Aug 19 2019 [email protected] - encryption_method_nis.patch: drop, DES should really not be used anymore anywhere, even with NIS - shadow-login_defs-suse.patch: remove encryption NIS entry * Fri Jul 26 2019 [email protected] - Fix incorrect variable name in usermod (shadow-usermod-variable.patch). - shadow-login_defs-comments.patch: * Drop SHA_CRYPT_*_ROUNDS that are in the upstream login.defs. * Add missing LASTLOG_UID_MAX. * Refresh shadow-login_defs-suse.patch. - Port shadow-login_defs-check.sh to match the current spec file and login.defs. * Thu Jul 25 2019 [email protected] - Provide "useradd_or_adduser_dep" for sysuser-shadow * Sat Jul 20 2019 [email protected] - shadow-login_defs-suse.patch: Set ALWAYS_SET_PATH default to "yes" (bsc#353876#c7). * Fri Jul 19 2019 [email protected] - Fix comment about patch in spec file * Fri Jun 14 2019 [email protected] - Update to 4.7: * Spawn: don't loop forever on ECHILD * Do not fail locking if there is a stale lockfile (Tomas Mraz) * Use lckpwdf if prefix not set (Tomas Mraz) * Build: check correct DocBook version (Jan Tojnar) * Usermod: Print 'no changes' to stdout, not stderr (Serge Hallyn) * Add support for btrfs subvolumes for home (Adam Majer) * Fix chpasswd long line handling (Nathan Ruiz) * Use secure_getenv for gettime (Chris Lamb) * Make sp_lstchg reproducible (Chris Lamb) * Do not crash commonio_close if db file is not open (Tomas Mraz) * Don't flush nscd and sssd cache in read-only mode (Charlie Vuillemez) * French manpage update (Alban VIDAL) * Fix manpage defaults for SUB_UID/GID_COUNT (Tomas Mraz) * Sync po files from shadow.pot (Alban VIDAL) * Usermod: guard against unsafe chown of homedir contents (Tomas Mraz) * Add LASTLOG_UID_MAX to login.defs (Tomas Mraz) * new[ug]idmap file capabilities support (Giuseppe Scrivano and Christian Brauner) * Fix segfault in useradd (bsc#1141113, Tomas Mraz) * Coverity issues (Tomas Mraz) * Flush sssd caches (Jakub Hrozek) * Log UID in nologin (Vladimir Ivanov) * run pam_getenvlist after setup_env in su.c (Michael Vogt) * Support systems with only utmpx (A. Wilcox) * Fix unguarded ENABLE_SUBIDS code (Jan Chren (rindeal)) * Update po/zh_CN translation (Lion Yang) * Create parent dirs for useradd -m (Michael Vetter) * Prevent usermod segv * Fix usermod crash (fariouche) - Remove btrfs-subvolumes.patch (fate#316134): upstreamed: https://github.com/shadow-maint/shadow/pull/149 - Remove useradd-mkdirs.patch (bsc#865563): upstreamed https://github.com/shadow-maint/shadow/pull/112 - Remove shadow-4.6.0-fix-usermod-prefix-crash.patch upstreamed https://github.com/shadow-maint/shadow/issues/110 - Remove shadow-4.6-bsc1141113-useradd-segfault.patch (SLE15 SP3 and openSUSE Leap 15.3 only) upstreamed https://github.com/shadow-maint/shadow/issues/125 - Rebase userdel-script.patch - Rebase useradd-script.patch - Rebase shadow-util-linux.patch * Thu May 30 2019 [email protected] - Make building more verbose - Use spec-cleaner * Thu May 02 2019 [email protected] - don't specify MOTD_FILE in login.defs but fall back to built in defaults of login (boo#1133929) * Tue Apr 30 2019 [email protected] - Split shadow-login_defs.patch hunks to its logical components (bsc#1121197): * shadow-login_defs-unused-by-pam.patch * shadow-login_defs-comments.patch * shadow-util-linux.patch * shadow-login_defs-suse.patch * Move appropriate hunks to chkname-regex.patch and encryption_method_nis.patch * Remove GROUPADD_CMD that is not supported (bsc#1121197#c14). - Split getdef-new-defs.patch hunks to its logical components (bsc#1121197): * encryption_method_nis.patch * chkname-regex.patch * shadow-util-linux.patch Add support for login: ALWAYS_SET_PATH and LOGIN_PLAIN_PROMPT. * useradd-script.patch, userdel-script.patch * Remove duplicated definitions of MOTD_FILE and ENV_PATH. - Add shadow-login_defs-unused-check.sh to allow verification of login.defs variable usage (bsc#1121197). - Add virtual symbols for login.defs compatibility (bsc#1121197). * Wed Jan 23 2019 [email protected] - btrfs-subvolumes.patch: implement support for creating user home directories on btrfs subvolumes (fate#316134) * Wed Oct 31 2018 [email protected] - Add empty /etc/sub{u,g}id files. useradd and usermod add entries for users only when those files exist. Having those entries is a requirement to create user namespaces, for instance, when running podman as a non-root user. * Mon May 14 2018 [email protected] - Update to 4.6: * Newgrp: avoid unnecessary lookups * Make language less binary * Add error when turning off man switch * Spelling fixes * Make userdel work with -R * newgidmap: enforce setgroups=deny if self-mapping a group * Norwegian bokmål translation * pwck: prevent crash by not passing O_CREAT * WITH_TCB fixes from Mandriva * Fix pwconv and grpconv entry skips * Fix -- slurping in su * add --prefix option - Remove CVE-2018-7169.patch: upstreamed - Remove shadow-4.1.5.1-pam_group.patch: upstreamed - Update userdel-script.patch: change due to prefix - Update useradd-mkdirs.patch: change due to prefix Additionally changed in that patch (bsc#1106914): * Test for strdup() failure * Directory to 0755 instead 0777 - Add shadow-4.6.0-fix-usermod-prefix-crash.patch: Fixes crash in usermod when called with --prefix. See https://github.com/shadow-maint/shadow/issues/110 * Thu Feb 22 2018 [email protected] - Use %license (boo#1082318) * Fri Feb 16 2018 [email protected] - Added CVE-2018-7169.patch: Fixed an privilege escalation in newgidmap, which allowed an unprivileged user to be placed in a user namespace where setgroups(2) is allowed. (CVE-2018-7169 bsc#1081294) * Wed Nov 08 2017 [email protected] - bsc#1061838: Revert: Requires: group(mail) Introduced circular dependency * Fri Oct 13 2017 [email protected] - Revert accidentalied prerequisites. Use PreReq for permissions * Thu Oct 12 2017 [email protected] - Prequire group(shadow), group(root), user(root) * Mon Oct 09 2017 [email protected] - bsc#1061838: Add Requires for group(mail) * Thu Sep 14 2017 [email protected] - boo#1048645: Set suid bit for newuidmap and newgimap * Thu Sep 14 2017 [email protected] - Revert the changes for bsc#1023895 back Pulls in too many deps into ring0. Next version of shadow plans to have no conditional man pages. * Fri Sep 08 2017 [email protected] - run spec-cleaner - bsc#1023895: man page contained invalid options because they depend on compile flags and we shipped pre built ones. New BuildRequires: docbook-xsl-stylesheets docbook_4 xml2po xsltproc * Thu Jun 08 2017 [email protected] - Adjust requires (we need user/group root instead of aaa_base now) * Mon May 22 2017 [email protected] - New upstream version 4.5 - Refreshed patches: * shadow-login_defs.patch * chkname-regex.patch * getdef-new-defs.patch * useradd-mkdirs.patch - Upstreamed patches: * shadow-4.1.5.1-manfix.patch * shadow-4.1.5.1-errmsg.patch * shadow-4.1.5.1-backup-mode.patch * shadow-4.1.5.1-audit-owner.patch * shadow-4.2.1-defs-chroot.patch * shadow-4.2.1-merge-group.patch * Fix-user-busy-errors-at-userdel.patch * useradd-clear-tallylog.patch - shadow-4.1.5.1-pam_group.patch dynamically added users via pam_group are not listed in groups databases but are still valid - shadow.keyring: update keyring with current maintainer's keyid only - Serge Hallyn 'F1D08DB778185BF784002DFFE9FEEA06A85E3F9D' - disable_new_audit_function.patch: Disable newer libaudit functionality for older distributions * Mon Feb 20 2017 [email protected] - useradd: call external program "/sbin/pam_tally2" to reset failed login counter in "/var/log/tallylog" (bsc#980486, useradd-clear-tallylog.patch) * Wed Nov 02 2016 [email protected] - add keyring, three public keys from https://pkg-shadow.alioth.debian.org/download.php * Tue Oct 18 2016 [email protected] - bsc#1002975: Use permissions according to permissions package and dont try to manipulate them in %files section. * Wed Sep 14 2016 [email protected] - boo#994486: Include shadow.5 manpage Previously this was provided by man-pages package in the man-pages-addons tarball which got removed later on. * Tue May 31 2016 [email protected] - Add package dependency for aaa_base, fixing bnc#899409 (was done by [email protected] but not submitted to Factory) * Mon May 30 2016 [email protected] - shadow 4.2.1 requested by fate#320422 - bsc#979069: Dont include shadow-4.1.5.1-bug935203-manpage.patch - Dont set SUID bit yet. Once bsc#979282 is through, which will adapt the permissions package, we can enable the SUID bits. Remove the files used to circumvent the check. - Remove: * shadow-rpmlintrc * shadow-subids * shadow-subids.easy * shadow-subids.secure * shadow-subids.paranoid * Thu May 19 2016 [email protected] - Update to shadow-4.2.1: - add support for subuids/subgids via newuidmap/newgidmap - Rename chkname-regex.diff to chkname-regex.patch - Rename encryption_method_nis.diff to encryption_method_nis.patch - Rename getdef-new-defs.diff to getdef-new-defs.patch - Rename shadow-login_defs.diff to shadow-login_defs.patch - Rename userdel-scripts.diff to userdel-script.patch - Rename useradd-script.diff to useradd-script.patch - Rename useradd-default.diff to useradd-default.patch - Rename useradd-mkdirs.diff to useradd-mkdirs.patch - Add fixes from Red Hat/Fedora: - shadow-4.1.5.1-audit-owner.patch.patch: - log owner changes for home directory - shadow-4.1.5.1-userdel-helpfix.patch.patch: - give a hint about what happens when you force the removal of a user - shadow-4.2.1-defs-chroot.patch.patch: - initialize uid_t uid_min and uid_t uid_max not before we need them - shadow-4.2.1-merge-group.patch.patch: - simplify by using a single call to snprintf() - Add upstream fix - Fix-user-busy-errors-at-userdel.patch: - call sub_uid_close() * Fri Jan 15 2016 [email protected] - Moved call from %verifyscript into %post: * Caused call to %service_add_post shadow.service shadow.timer during rpm -qV shadow * Wed Jul 15 2015 [email protected] - Add systemd unit files to continuously check password & groupfile integrity * Idea from Arch Linux * pending request to systemd-presets-branding-openSUSE to enable by default
/etc/default/useradd /etc/pam.d/chage /etc/pam.d/chfn /etc/pam.d/chpasswd /etc/pam.d/chsh /etc/pam.d/groupadd /etc/pam.d/groupdel /etc/pam.d/groupmod /etc/pam.d/newusers /etc/pam.d/passwd /etc/pam.d/useradd /etc/pam.d/userdel /etc/pam.d/usermod /etc/subgid /etc/subuid /usr/bin/chage /usr/bin/chfn /usr/bin/chsh /usr/bin/expiry /usr/bin/gpasswd /usr/bin/lastlog /usr/bin/newgidmap /usr/bin/newgrp /usr/bin/newuidmap /usr/bin/passwd /usr/bin/sg /usr/lib/systemd/system/shadow.service /usr/lib/systemd/system/shadow.timer /usr/sbin/chpasswd /usr/sbin/groupadd /usr/sbin/groupdel /usr/sbin/groupmod /usr/sbin/grpck /usr/sbin/newusers /usr/sbin/pwck /usr/sbin/pwconv /usr/sbin/pwunconv /usr/sbin/useradd /usr/sbin/useradd.local /usr/sbin/userdel /usr/sbin/userdel-post.local /usr/sbin/userdel-pre.local /usr/sbin/usermod /usr/sbin/vigr /usr/sbin/vipw /usr/share/doc/packages/shadow /usr/share/doc/packages/shadow/HOWTO /usr/share/doc/packages/shadow/NEWS /usr/share/doc/packages/shadow/README /usr/share/doc/packages/shadow/README.changes-pwdutils /usr/share/licenses/shadow /usr/share/licenses/shadow/COPYING /usr/share/locale/ca/LC_MESSAGES/shadow.mo /usr/share/locale/cs/LC_MESSAGES/shadow.mo /usr/share/locale/da/LC_MESSAGES/shadow.mo /usr/share/locale/de/LC_MESSAGES/shadow.mo /usr/share/locale/dz/LC_MESSAGES/shadow.mo /usr/share/locale/el/LC_MESSAGES/shadow.mo /usr/share/locale/es/LC_MESSAGES/shadow.mo /usr/share/locale/eu/LC_MESSAGES/shadow.mo /usr/share/locale/fi/LC_MESSAGES/shadow.mo /usr/share/locale/fr/LC_MESSAGES/shadow.mo /usr/share/locale/gl/LC_MESSAGES/shadow.mo /usr/share/locale/he/LC_MESSAGES/shadow.mo /usr/share/locale/hu/LC_MESSAGES/shadow.mo /usr/share/locale/id/LC_MESSAGES/shadow.mo /usr/share/locale/it/LC_MESSAGES/shadow.mo /usr/share/locale/ja/LC_MESSAGES/shadow.mo /usr/share/locale/kk/LC_MESSAGES/shadow.mo /usr/share/locale/km/LC_MESSAGES/shadow.mo /usr/share/locale/ko/LC_MESSAGES/shadow.mo /usr/share/locale/nb/LC_MESSAGES/shadow.mo /usr/share/locale/ne/LC_MESSAGES/shadow.mo /usr/share/locale/nl/LC_MESSAGES/shadow.mo /usr/share/locale/nn/LC_MESSAGES/shadow.mo /usr/share/locale/pl/LC_MESSAGES/shadow.mo /usr/share/locale/pt/LC_MESSAGES/shadow.mo /usr/share/locale/pt_BR/LC_MESSAGES/shadow.mo /usr/share/locale/ro/LC_MESSAGES/shadow.mo /usr/share/locale/ru/LC_MESSAGES/shadow.mo /usr/share/locale/sk/LC_MESSAGES/shadow.mo /usr/share/locale/sq/LC_MESSAGES/shadow.mo /usr/share/locale/sv/LC_MESSAGES/shadow.mo /usr/share/locale/tr/LC_MESSAGES/shadow.mo /usr/share/locale/uk/LC_MESSAGES/shadow.mo /usr/share/locale/vi/LC_MESSAGES/shadow.mo /usr/share/locale/zh_CN/LC_MESSAGES/shadow.mo /usr/share/locale/zh_TW/LC_MESSAGES/shadow.mo /usr/share/man/man1/chage.1.gz /usr/share/man/man1/chfn.1.gz /usr/share/man/man1/chsh.1.gz /usr/share/man/man1/expiry.1.gz /usr/share/man/man1/gpasswd.1.gz /usr/share/man/man1/newgidmap.1.gz /usr/share/man/man1/newgrp.1.gz /usr/share/man/man1/newuidmap.1.gz /usr/share/man/man1/passwd.1.gz /usr/share/man/man1/sg.1.gz /usr/share/man/man3/shadow.3.gz /usr/share/man/man5/shadow.5.gz /usr/share/man/man5/subgid.5.gz /usr/share/man/man5/subuid.5.gz /usr/share/man/man8/chpasswd.8.gz /usr/share/man/man8/groupadd.8.gz /usr/share/man/man8/groupdel.8.gz /usr/share/man/man8/groupmod.8.gz /usr/share/man/man8/grpck.8.gz /usr/share/man/man8/lastlog.8.gz /usr/share/man/man8/newusers.8.gz /usr/share/man/man8/pwck.8.gz /usr/share/man/man8/pwconv.8.gz /usr/share/man/man8/pwunconv.8.gz /usr/share/man/man8/useradd.8.gz /usr/share/man/man8/userdel.8.gz /usr/share/man/man8/usermod.8.gz /usr/share/man/man8/vigr.8.gz /usr/share/man/man8/vipw.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 20:14:19 2024