From 250e5247f5f9b8dd9acf3e2824c538dac3b2d004 Mon Sep 17 00:00:00 2001 From: Peter Vrabec Date: Nov 18 2009 13:51:58 +0000 Subject: - apply patches{1,2,3} - enable SHA512 in /etc/login.defs --- diff --git a/shadow-4.0.17-login.defs b/shadow-4.0.17-login.defs deleted file mode 100644 index 18733bf..0000000 --- a/shadow-4.0.17-login.defs +++ /dev/null @@ -1,58 +0,0 @@ -# *REQUIRED* -# Directory where mailboxes reside, _or_ name of file, relative to the -# home directory. If you _do_ define both, MAIL_DIR takes precedence. -# QMAIL_DIR is for Qmail -# -#QMAIL_DIR Maildir -MAIL_DIR /var/spool/mail -#MAIL_FILE .mail - -# Password aging controls: -# -# PASS_MAX_DAYS Maximum number of days a password may be used. -# PASS_MIN_DAYS Minimum number of days allowed between password changes. -# PASS_MIN_LEN Minimum acceptable password length. -# PASS_WARN_AGE Number of days warning given before a password expires. -# -PASS_MAX_DAYS 99999 -PASS_MIN_DAYS 0 -PASS_MIN_LEN 5 -PASS_WARN_AGE 7 - -# -# Min/max values for automatic uid selection in useradd -# -UID_MIN 500 -UID_MAX 60000 - -# -# Min/max values for automatic gid selection in groupadd -# -GID_MIN 500 -GID_MAX 60000 - -# -# If defined, this command is run when removing a user. -# It should remove any at/cron/print jobs etc. owned by -# the user to be removed (passed as the first argument). -# -#USERDEL_CMD /usr/sbin/userdel_local - -# -# If useradd should create home directories for users by default -# On RH systems, we do. This option is overridden with the -m flag on -# useradd command line. -# -CREATE_HOME yes - -# The permission mask is initialized to this value. If not specified, -# the permission mask will be initialized to 022. -UMASK 077 - -# This enables userdel to remove user groups if no members exist. -# -USERGROUPS_ENAB yes - -# Use MD5 or DES to encrypt password? Red Hat use MD5 by default. -MD5_CRYPT_ENAB yes - diff --git a/shadow-utils.login.defs b/shadow-utils.login.defs new file mode 100644 index 0000000..b24946d --- /dev/null +++ b/shadow-utils.login.defs @@ -0,0 +1,58 @@ +# *REQUIRED* +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define both, MAIL_DIR takes precedence. +# QMAIL_DIR is for Qmail +# +#QMAIL_DIR Maildir +MAIL_DIR /var/spool/mail +#MAIL_FILE .mail + +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_MIN_LEN Minimum acceptable password length. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_MIN_LEN 5 +PASS_WARN_AGE 7 + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 500 +UID_MAX 60000 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 500 +GID_MAX 60000 + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# If useradd should create home directories for users by default +# On RH systems, we do. This option is overridden with the -m flag on +# useradd command line. +# +CREATE_HOME yes + +# The permission mask is initialized to this value. If not specified, +# the permission mask will be initialized to 022. +UMASK 077 + +# This enables userdel to remove user groups if no members exist. +# +USERGROUPS_ENAB yes + +# Use SHA512 to encrypt password. +ENCRYPT_METHOD SHA512 + diff --git a/shadow-utils.spec b/shadow-utils.spec index 4d13a7c..770c7bc 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,12 +1,12 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.1.4.2 -Release: 1%{?dist} +Release: 2%{?dist} Epoch: 2 URL: http://pkg-shadow.alioth.debian.org/ Source0: ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow/shadow-%{version}.tar.bz2 -Source1: shadow-4.0.17-login.defs -Source2: shadow-4.0.18.1-useradd +Source1: shadow-utils.login.defs +Source2: shadow-utils.useradd Patch0: shadow-4.1.4.2-redhat.patch Patch1: shadow-4.1.4.1-goodname.patch Patch2: shadow-4.1.4.2-leak.patch @@ -36,9 +36,9 @@ are used for managing group accounts. %prep %setup -q -n shadow-%{version} %patch0 -p1 -b .redhat -#%patch1 -p1 -b .goodname -#%patch2 -p1 -b .leak -#%patch3 -p1 -b .fixes +%patch1 -p1 -b .goodname +%patch2 -p1 -b .leak +%patch3 -p1 -b .fixes iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 cp -f doc/HOWTO.utf8 doc/HOWTO @@ -180,6 +180,10 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man8/vigr.8* %changelog +* Wed Nov 18 2009 Peter Vrabec - 2:4.1.4.2-2 +- apply patches{1,2,3} +- enable SHA512 in /etc/login.defs + * Mon Sep 07 2009 Peter Vrabec - 2:4.1.4.2-1 - upgrade diff --git a/shadow-utils.useradd b/shadow-utils.useradd new file mode 100644 index 0000000..4e81146 --- /dev/null +++ b/shadow-utils.useradd @@ -0,0 +1,9 @@ +# useradd defaults file +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel +CREATE_MAIL_SPOOL=yes +