Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

shadow-4.8.1-10.7.1 RPM for armv7hl

From OpenSuSE Ports Leap 15.5 for armv7hl

Name: shadow Distribution: openSUSE Step 15
Version: 4.8.1 Vendor: openSUSE
Release: 10.7.1 Build date: Fri Apr 28 14:09:06 2023
Group: System/Base Build host: armbuild22
Size: 3681718 Source RPM: shadow-4.8.1-10.7.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/shadow-maint/shadow
Summary: Utilities to Manage User and Group Accounts
 
This package includes the necessary programs for converting plain
password files to the shadow password format and to manage user and
group accounts.

Provides

Requires

License

BSD-3-Clause AND GPL-2.0-or-later

Changelog

* Tue Apr 18 2023 mvetter@suse.com
  - bsc#1210507 (CVE-2023-29383):
    Check for control characters
  - Add shadow-CVE-2023-29383.patch
* Fri Nov 18 2022 fstrba@suse.com
  - Added patch:
    * shadow-4.8.1-AUDIT_NO_ID.patch
      + fix bsc#1205502: useradd audit event user id field cannot
      be interpreted
* Wed Jan 12 2022 sbrabec@suse.com
  - The legacy code does not support /etc/login.defs.d used by YaST.
    Enable libeconf to read it (bsc#1192954).
* Wed Nov 17 2021 sbrabec@suse.com
  - shadow-util-linux.patch:
    * Add support for LOGIN_KEEP_USERNAME from util-linux >= 2.37.
  - Refresh shadow-login_defs-suse.patch.
* Thu Jan 28 2021 sbrabec@suse.com
  - Do not require libeconf-devel on products without /usr/etc.
* Thu Jan 21 2021 kukuk@suse.com
  - Split login.defs configuration file into own sub-package, which
    allows to install util-linux or pam on small embedded/edge
    systems or container without the need to pull in the full shadow
    suite.
* Wed Nov 11 2020 fvogt@suse.com
  - Amend patches/useradd-userkeleton.patch to also write into
    existing directories and prefer files from /etc
* Wed Nov 11 2020 werner@suse.de
  - Add patch useradd-userkeleton.patch to extend original C code
    of useradd to handle /usr/etc/skel (boo#1173321)
  - Remove /usr/etc/skel support in useradd.local script
* Mon Nov 02 2020 werner@suse.de
  - Change again useradd.local script to let it work even for system
    accounts and work together with SELinux (bsc#1178296)
  - Change patch useradd-script.patch to support the four arguments
    used by the useradd.local script (bsc#1178296)
* Fri Oct 09 2020 werner@suse.de
  - Add support for /usr/etc/skel to useradd.local script (boo#1173321)
* Thu Oct 08 2020 sbrabec@suse.com
  - shadow-login_defs-check.sh: Fix the regexp to get a real variable
    list (boo#1164274).
* Tue Sep 08 2020 sbrabec@suse.com
  - login.defs: Add support for new util-linux-2.36 login variable
    MOTD_FIRSTONLY (shadow-util-linux.patch).
  - shadow-login_defs-comments.patch: Remove duplicated
    LASTLOG_UID_MAX.
  - shadow-login_defs-check.sh: Update for new build system.
  - shadow-util-linux.patch: Restore lost chunk: SYSLOG_SU_ENAB is
    not used in SUSE Linux.
  - Refresh shadow-login_defs-suse.patch and
    shadow-login_defs-comments.patch.
* Fri May 22 2020 fvogt@suse.com
  - Use pure #!/bin/sh in:
    * useradd.local
    * userdel-post.local
    * userdel-pre.local
* Fri Jan 24 2020 mvetter@suse.com
  - Update to 4.8.1:
    * selinux: include stdio
    * man: don't suggest making groupmems user-writeable
    * Makefile: bail out on error in for loops
    * Adding logging of SSH_ORIGINAL_COMMAND to nologin
    * add new HOME_MODE login.defs option
    * Add tty logging to useradd
    * Useradd: make non-executable shell check only a warning
    * Update Dutch translation
    * user_busy: Do not mistake a regular user process for a namespaced one
    * Revert "Honor --sbindir and --bindir for binary installation"
  - Remove shadow-4.8-shell-check.patch: included
  - Remove shadow-4.8-selinux-include.patch: upstreamed
* Mon Jan 20 2020 mvetter@suse.com
  - Set 0755 for chpasswd, groupadd, groupdel, groupmod, newusers,
    useradd, userdel, usermod explicitly.
* Thu Jan 16 2020 mvetter@suse.com
  - bsc#1160729: Make valid shell check only a warning
    * Add shadow-4.8-shell-check.patch
* Tue Dec 17 2019 mvetter@suse.com
  - Update to 4.8:
    * Initial optional bcrypt support.
    * Make build/install of 'su' optional.
    * Fix for vipw not resuming correctly when suspended
    * Sync password field descriptions in manpages
    * Check for valid shell argument in useradd
    * Allow translation of new strings through POTFILES.in
    * Migrate to itstool for translations
    * Migrate to new SELinux api
    * Support --enable-vendordir
    * pwck: Only check homedir if set and not a system user
    * Support nonstandard usernames
    * sget{pw,gr}ent: check for data at EOL
    * Add YYY-MM-DD support in chage
    * Fix failing chmod calls for suidubins
    * Fix --sbindir and --bindir for binary installations
    * Fix LASTLOG_UID_MAX in login.defs
    * Fix configure error with dash
  - Remove because upstreamed:
    * libeconf.patch
    * shadow-usermod-variable.patch
  - Rebase:
    * shadow-login_defs-unused-by-pam.patch
    * chkname-regex.patch
    * shadow-util-linux.patch
    * shadow-login_defs-comments.patch
  - Add shadow-4.8-selinux-include.patch
    See https://github.com/shadow-maint/shadow/pull/200
* Mon Oct 07 2019 kukuk@suse.de
  - libeconf.patch: Add support for libeconf and /usr/etc for
    login.defs.
  - Move first configuration files and pam config files to /usr/etc
* Mon Sep 02 2019 mvetter@suse.com
  - bsc#1144060: Add pam_keyinit.so to /etc/pam.d configuration files
    to support kernel keyring feature
  - Update pamd.tar.bz2 with pam configuration files accordingly
* Mon Aug 19 2019 kukuk@suse.de
  - encryption_method_nis.patch: drop, DES should really not be used
    anymore anywhere, even with NIS
  - shadow-login_defs-suse.patch: remove encryption NIS entry
* Fri Jul 26 2019 sbrabec@suse.com
  - Fix incorrect variable name in usermod
    (shadow-usermod-variable.patch).
  - shadow-login_defs-comments.patch:
    * Drop SHA_CRYPT_*_ROUNDS that are in the upstream login.defs.
    * Add missing LASTLOG_UID_MAX.
    * Refresh shadow-login_defs-suse.patch.
  - Port shadow-login_defs-check.sh to match the current spec file
    and login.defs.
* Thu Jul 25 2019 kukuk@suse.de
  - Provide "useradd_or_adduser_dep" for sysuser-shadow
* Sat Jul 20 2019 sbrabec@suse.com
  - shadow-login_defs-suse.patch: Set ALWAYS_SET_PATH default to
    "yes" (bsc#353876#c7).
* Fri Jul 19 2019 sbrabec@suse.com
  - Fix comment about patch in spec file
* Fri Jun 14 2019 mvetter@suse.com
  - Update to 4.7:
    * Spawn: don't loop forever on ECHILD
    * Do not fail locking if there is a stale lockfile (Tomas Mraz)
    * Use lckpwdf if prefix not set (Tomas Mraz)
    * Build: check correct DocBook version (Jan Tojnar)
    * Usermod: Print 'no changes' to stdout, not stderr (Serge Hallyn)
    * Add support for btrfs subvolumes for home (Adam Majer)
    * Fix chpasswd long line handling (Nathan Ruiz)
    * Use secure_getenv for gettime (Chris Lamb)
    * Make sp_lstchg reproducible (Chris Lamb)
    * Do not crash commonio_close if db file is not open (Tomas Mraz)
    * Don't flush nscd and sssd cache in read-only mode (Charlie Vuillemez)
    * French manpage update (Alban VIDAL)
    * Fix manpage defaults for SUB_UID/GID_COUNT (Tomas Mraz)
    * Sync po files from shadow.pot (Alban VIDAL)
    * Usermod: guard against unsafe chown of homedir contents (Tomas Mraz)
    * Add LASTLOG_UID_MAX to login.defs (Tomas Mraz)
    * new[ug]idmap file capabilities support (Giuseppe Scrivano and Christian Brauner)
    * Fix segfault in useradd (bsc#1141113, Tomas Mraz)
    * Coverity issues (Tomas Mraz)
    * Flush sssd caches (Jakub Hrozek)
    * Log UID in nologin (Vladimir Ivanov)
    * run pam_getenvlist after setup_env in su.c (Michael Vogt)
    * Support systems with only utmpx (A. Wilcox)
    * Fix unguarded ENABLE_SUBIDS code (Jan Chren (rindeal))
    * Update po/zh_CN translation (Lion Yang)
    * Create parent dirs for useradd -m (Michael Vetter)
    * Prevent usermod segv
    * Fix usermod crash (fariouche)
  - Remove btrfs-subvolumes.patch (fate#316134):
    upstreamed: https://github.com/shadow-maint/shadow/pull/149
  - Remove useradd-mkdirs.patch (bsc#865563):
    upstreamed https://github.com/shadow-maint/shadow/pull/112
  - Remove shadow-4.6.0-fix-usermod-prefix-crash.patch
    upstreamed https://github.com/shadow-maint/shadow/issues/110
  - Remove shadow-4.6-bsc1141113-useradd-segfault.patch
    (SLE15 SP3 and openSUSE Leap 15.3 only)
    upstreamed https://github.com/shadow-maint/shadow/issues/125
  - Rebase userdel-script.patch
  - Rebase useradd-script.patch
  - Rebase shadow-util-linux.patch
* Thu May 30 2019 mpluskal@suse.com
  - Make building more verbose
  - Use spec-cleaner
* Thu May 02 2019 lnussel@suse.de
  - don't specify MOTD_FILE in login.defs but fall back to built in
    defaults of login (boo#1133929)
* Tue Apr 30 2019 sbrabec@suse.com
  - Split shadow-login_defs.patch hunks to its logical components
    (bsc#1121197):
    * shadow-login_defs-unused-by-pam.patch
    * shadow-login_defs-comments.patch
    * shadow-util-linux.patch
    * shadow-login_defs-suse.patch
    * Move appropriate hunks to chkname-regex.patch and
      encryption_method_nis.patch
    * Remove GROUPADD_CMD that is not supported (bsc#1121197#c14).
  - Split getdef-new-defs.patch hunks to its logical components
    (bsc#1121197):
    * encryption_method_nis.patch
    * chkname-regex.patch
    * shadow-util-linux.patch
      Add support for login: ALWAYS_SET_PATH and LOGIN_PLAIN_PROMPT.
    * useradd-script.patch, userdel-script.patch
    * Remove duplicated definitions of MOTD_FILE and ENV_PATH.
  - Add shadow-login_defs-unused-check.sh to allow verification of
    login.defs variable usage (bsc#1121197).
  - Add virtual symbols for login.defs compatibility (bsc#1121197).
* Wed Jan 23 2019 adam.majer@suse.de
  - btrfs-subvolumes.patch: implement support for creating user home
    directories on btrfs subvolumes (fate#316134)
* Wed Oct 31 2018 vrothberg@suse.com
  - Add empty /etc/sub{u,g}id files. useradd and usermod add entries for users
    only when those files exist. Having those entries is a requirement to create
    user namespaces, for instance, when running podman as a non-root user.
* Mon May 14 2018 mvetter@suse.com
  - Update to 4.6:
    * Newgrp: avoid unnecessary lookups
    * Make language less binary
    * Add error when turning off man switch
    * Spelling fixes
    * Make userdel work with -R
    * newgidmap: enforce setgroups=deny if self-mapping a group
    * Norwegian bokmål translation
    * pwck: prevent crash by not passing O_CREAT
    * WITH_TCB fixes from Mandriva
    * Fix pwconv and grpconv entry skips
    * Fix -- slurping in su
    * add --prefix option
  - Remove CVE-2018-7169.patch: upstreamed
  - Remove shadow-4.1.5.1-pam_group.patch: upstreamed
  - Update userdel-script.patch: change due to prefix
  - Update useradd-mkdirs.patch: change due to prefix
    Additionally changed in that patch (bsc#1106914):
    * Test for strdup() failure
    * Directory to 0755 instead 0777
  - Add shadow-4.6.0-fix-usermod-prefix-crash.patch:
    Fixes crash in usermod when called with --prefix.
    See https://github.com/shadow-maint/shadow/issues/110
* Thu Feb 22 2018 fvogt@suse.com
  - Use %license (boo#1082318)
* Fri Feb 16 2018 kbabioch@suse.com
  - Added CVE-2018-7169.patch: Fixed an privilege escalation in newgidmap,
    which allowed an unprivileged user to be placed in a user namespace where
    setgroups(2) is allowed. (CVE-2018-7169 bsc#1081294)
* Wed Nov 08 2017 mvetter@suse.com
  - bsc#1061838:
    Revert: Requires: group(mail)
    Introduced circular dependency
* Fri Oct 13 2017 adam.majer@suse.de
  - Revert accidentalied prerequisites.
    Use PreReq for permissions
* Thu Oct 12 2017 schwab@suse.de
  - Prequire group(shadow), group(root), user(root)
* Mon Oct 09 2017 mvetter@suse.com
  - bsc#1061838:
    Add Requires for group(mail)
* Thu Sep 14 2017 mvetter@suse.com
  - boo#1048645:
    Set suid bit for newuidmap and newgimap
* Thu Sep 14 2017 mvetter@suse.com
  - Revert the changes for bsc#1023895 back
    Pulls in too many deps into ring0.
    Next version of shadow plans to have no conditional man pages.
* Fri Sep 08 2017 mvetter@suse.com
  - run spec-cleaner
  - bsc#1023895:
    man page contained invalid options because they depend
    on compile flags and we shipped pre built ones.
    New BuildRequires: docbook-xsl-stylesheets docbook_4 xml2po
    xsltproc
* Thu Jun 08 2017 kukuk@suse.de
  - Adjust requires (we need user/group root instead of aaa_base now)
* Mon May 22 2017 adam.majer@suse.de
  - New upstream version 4.5
  - Refreshed patches:
    * shadow-login_defs.patch
    * chkname-regex.patch
    * getdef-new-defs.patch
    * useradd-mkdirs.patch
  - Upstreamed patches:
    * shadow-4.1.5.1-manfix.patch
    * shadow-4.1.5.1-errmsg.patch
    * shadow-4.1.5.1-backup-mode.patch
    * shadow-4.1.5.1-audit-owner.patch
    * shadow-4.2.1-defs-chroot.patch
    * shadow-4.2.1-merge-group.patch
    * Fix-user-busy-errors-at-userdel.patch
    * useradd-clear-tallylog.patch
  - shadow-4.1.5.1-pam_group.patch
    dynamically added users via pam_group are not listed in groups
    databases but are still valid
  - shadow.keyring: update keyring with current maintainer's keyid
    only - Serge Hallyn 'F1D08DB778185BF784002DFFE9FEEA06A85E3F9D'
  - disable_new_audit_function.patch:
    Disable newer libaudit functionality for older distributions
* Mon Feb 20 2017 josef.moellers@suse.com
  - useradd: call external program "/sbin/pam_tally2" to reset
    failed login counter in "/var/log/tallylog"
    (bsc#980486, useradd-clear-tallylog.patch)
* Wed Nov 02 2016 meissner@suse.com
  - add keyring, three public keys from https://pkg-shadow.alioth.debian.org/download.php
* Tue Oct 18 2016 mvetter@suse.com
  - bsc#1002975: Use permissions according to permissions package
    and dont try to manipulate them in %files section.
* Wed Sep 14 2016 mvetter@suse.com
  - boo#994486: Include shadow.5 manpage
    Previously this was provided by man-pages package in
    the man-pages-addons tarball which got removed later on.
* Tue May 31 2016 mvetter@suse.com
  - Add package dependency for aaa_base, fixing bnc#899409
    (was done by tbehrens@suse.com but not submitted to Factory)
* Mon May 30 2016 mvetter@suse.com
  - shadow 4.2.1 requested by fate#320422
  - bsc#979069: Dont include shadow-4.1.5.1-bug935203-manpage.patch
  - Dont set SUID bit yet. Once bsc#979282 is through, which will adapt the permissions package, we can enable the SUID bits.
    Remove the files used to circumvent the check.
  - Remove:
    * shadow-rpmlintrc
    * shadow-subids
    * shadow-subids.easy
    * shadow-subids.secure
    * shadow-subids.paranoid
* Thu May 19 2016 christian.brauner@mailbox.org
  - Update to shadow-4.2.1:
    - add support for subuids/subgids via newuidmap/newgidmap
  - Rename chkname-regex.diff to chkname-regex.patch
  - Rename encryption_method_nis.diff to encryption_method_nis.patch
  - Rename getdef-new-defs.diff to getdef-new-defs.patch
  - Rename shadow-login_defs.diff to shadow-login_defs.patch
  - Rename userdel-scripts.diff to userdel-script.patch
  - Rename useradd-script.diff to useradd-script.patch
  - Rename useradd-default.diff to useradd-default.patch
  - Rename useradd-mkdirs.diff to useradd-mkdirs.patch
  - Add fixes from Red Hat/Fedora:
    - shadow-4.1.5.1-audit-owner.patch.patch:
    - log owner changes for home directory
    - shadow-4.1.5.1-userdel-helpfix.patch.patch:
    - give a hint about what happens when you force the removal of a user
    - shadow-4.2.1-defs-chroot.patch.patch:
    - initialize uid_t uid_min and uid_t uid_max not before we need them
    - shadow-4.2.1-merge-group.patch.patch:
    - simplify by using a single call to snprintf()
  - Add upstream fix
    - Fix-user-busy-errors-at-userdel.patch:
    - call sub_uid_close()
* Fri Jan 15 2016 fvogt@suse.com
  - Moved call from %verifyscript into %post:
    * Caused call to %service_add_post shadow.service shadow.timer
      during rpm -qV shadow
* Wed Jul 15 2015 jkeil@suse.de
  - Add systemd unit files to continuously check password & groupfile integrity
    * Idea from Arch Linux
    * pending request to systemd-presets-branding-openSUSE to enable by default

Files

/etc/default/useradd
/etc/pam.d/chage
/etc/pam.d/chfn
/etc/pam.d/chpasswd
/etc/pam.d/chsh
/etc/pam.d/groupadd
/etc/pam.d/groupdel
/etc/pam.d/groupmod
/etc/pam.d/newusers
/etc/pam.d/passwd
/etc/pam.d/useradd
/etc/pam.d/userdel
/etc/pam.d/usermod
/etc/subgid
/etc/subuid
/usr/bin/chage
/usr/bin/chfn
/usr/bin/chsh
/usr/bin/expiry
/usr/bin/gpasswd
/usr/bin/lastlog
/usr/bin/newgidmap
/usr/bin/newgrp
/usr/bin/newuidmap
/usr/bin/passwd
/usr/bin/sg
/usr/lib/systemd/system/shadow.service
/usr/lib/systemd/system/shadow.timer
/usr/sbin/chpasswd
/usr/sbin/groupadd
/usr/sbin/groupdel
/usr/sbin/groupmod
/usr/sbin/grpck
/usr/sbin/newusers
/usr/sbin/pwck
/usr/sbin/pwconv
/usr/sbin/pwunconv
/usr/sbin/useradd
/usr/sbin/useradd.local
/usr/sbin/userdel
/usr/sbin/userdel-post.local
/usr/sbin/userdel-pre.local
/usr/sbin/usermod
/usr/sbin/vigr
/usr/sbin/vipw
/usr/share/doc/packages/shadow
/usr/share/doc/packages/shadow/HOWTO
/usr/share/doc/packages/shadow/NEWS
/usr/share/doc/packages/shadow/README
/usr/share/doc/packages/shadow/README.changes-pwdutils
/usr/share/licenses/shadow
/usr/share/licenses/shadow/COPYING
/usr/share/locale/ca/LC_MESSAGES/shadow.mo
/usr/share/locale/cs/LC_MESSAGES/shadow.mo
/usr/share/locale/da/LC_MESSAGES/shadow.mo
/usr/share/locale/de/LC_MESSAGES/shadow.mo
/usr/share/locale/dz/LC_MESSAGES/shadow.mo
/usr/share/locale/el/LC_MESSAGES/shadow.mo
/usr/share/locale/es/LC_MESSAGES/shadow.mo
/usr/share/locale/eu/LC_MESSAGES/shadow.mo
/usr/share/locale/fi/LC_MESSAGES/shadow.mo
/usr/share/locale/fr/LC_MESSAGES/shadow.mo
/usr/share/locale/gl/LC_MESSAGES/shadow.mo
/usr/share/locale/he/LC_MESSAGES/shadow.mo
/usr/share/locale/hu/LC_MESSAGES/shadow.mo
/usr/share/locale/id/LC_MESSAGES/shadow.mo
/usr/share/locale/it/LC_MESSAGES/shadow.mo
/usr/share/locale/ja/LC_MESSAGES/shadow.mo
/usr/share/locale/kk/LC_MESSAGES/shadow.mo
/usr/share/locale/km/LC_MESSAGES/shadow.mo
/usr/share/locale/ko/LC_MESSAGES/shadow.mo
/usr/share/locale/nb/LC_MESSAGES/shadow.mo
/usr/share/locale/ne/LC_MESSAGES/shadow.mo
/usr/share/locale/nl/LC_MESSAGES/shadow.mo
/usr/share/locale/nn/LC_MESSAGES/shadow.mo
/usr/share/locale/pl/LC_MESSAGES/shadow.mo
/usr/share/locale/pt/LC_MESSAGES/shadow.mo
/usr/share/locale/pt_BR/LC_MESSAGES/shadow.mo
/usr/share/locale/ro/LC_MESSAGES/shadow.mo
/usr/share/locale/ru/LC_MESSAGES/shadow.mo
/usr/share/locale/sk/LC_MESSAGES/shadow.mo
/usr/share/locale/sq/LC_MESSAGES/shadow.mo
/usr/share/locale/sv/LC_MESSAGES/shadow.mo
/usr/share/locale/tr/LC_MESSAGES/shadow.mo
/usr/share/locale/uk/LC_MESSAGES/shadow.mo
/usr/share/locale/vi/LC_MESSAGES/shadow.mo
/usr/share/locale/zh_CN/LC_MESSAGES/shadow.mo
/usr/share/locale/zh_TW/LC_MESSAGES/shadow.mo
/usr/share/man/man1/chage.1.gz
/usr/share/man/man1/chfn.1.gz
/usr/share/man/man1/chsh.1.gz
/usr/share/man/man1/expiry.1.gz
/usr/share/man/man1/gpasswd.1.gz
/usr/share/man/man1/newgidmap.1.gz
/usr/share/man/man1/newgrp.1.gz
/usr/share/man/man1/newuidmap.1.gz
/usr/share/man/man1/passwd.1.gz
/usr/share/man/man1/sg.1.gz
/usr/share/man/man3/shadow.3.gz
/usr/share/man/man5/shadow.5.gz
/usr/share/man/man5/subgid.5.gz
/usr/share/man/man5/subuid.5.gz
/usr/share/man/man8/chpasswd.8.gz
/usr/share/man/man8/groupadd.8.gz
/usr/share/man/man8/groupdel.8.gz
/usr/share/man/man8/groupmod.8.gz
/usr/share/man/man8/grpck.8.gz
/usr/share/man/man8/lastlog.8.gz
/usr/share/man/man8/newusers.8.gz
/usr/share/man/man8/pwck.8.gz
/usr/share/man/man8/pwconv.8.gz
/usr/share/man/man8/pwunconv.8.gz
/usr/share/man/man8/useradd.8.gz
/usr/share/man/man8/userdel.8.gz
/usr/share/man/man8/usermod.8.gz
/usr/share/man/man8/vigr.8.gz
/usr/share/man/man8/vipw.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Aug 9 15:28:45 2025