Hello community,
here is the log from the commit of package coreutils
checked in at Wed Oct 22 17:45:26 CEST 2008.
--------
--- coreutils/coreutils.changes 2008-09-18 16:38:34.000000000 +0200
+++ /mounts/work_src_done/STABLE/coreutils/coreutils.changes 2008-10-21 11:31:44.000000000 +0200
@@ -1,0 +2,5 @@
+Tue Oct 21 11:31:35 CEST 2008 - schwab@suse.de
+
+- Fix pam cleanup.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ coreutils.spec ++++++
--- /var/tmp/diff_new_pack.ok9624/_old 2008-10-22 17:43:18.000000000 +0200
+++ /var/tmp/diff_new_pack.ok9624/_new 2008-10-22 17:43:18.000000000 +0200
@@ -24,7 +24,7 @@
License: GNU Free Documentation License, Version 1.2 (GFDL 1.2); GPL v2 or later; GPL v3 or later
Group: System/Base
Version: 6.12
-Release: 29
+Release: 30
Provides: fileutils sh-utils stat textutils mktemp
Obsoletes: fileutils sh-utils stat textutils mktemp
Obsoletes: libselinux <= 1.23.11-3 libselinux-32bit = 9 libselinux-64bit = 9 libselinux-x86 = 9
@@ -189,6 +189,8 @@
%defattr(-,root,root)
%changelog
+* Tue Oct 21 2008 schwab@suse.de
+- Fix pam cleanup.
* Thu Sep 18 2008 schwab@suse.de
- Move readlink and md5sum to /bin.
* Wed Aug 20 2008 schwab@suse.de
++++++ coreutils-6.8-su.diff ++++++
--- /var/tmp/diff_new_pack.ok9624/_old 2008-10-22 17:43:19.000000000 +0200
+++ /var/tmp/diff_new_pack.ok9624/_new 2008-10-22 17:43:19.000000000 +0200
@@ -37,7 +37,7 @@
ls_LDADD += $(LIB_ACL_TRIVIAL) $(LIB_ACL)
--- src/getdef.c
+++ src/getdef.c
-@@ -0,0 +1,257 @@
+@@ -0,0 +1,259 @@
+/* Copyright (C) 2003, 2004, 2005 Thorsten Kukuk
+ Author: Thorsten Kukuk
+
@@ -70,9 +70,9 @@
+#include "getdef.h"
+
+struct item {
-+ char *name; /* name of the option. */
-+ char *value; /* value of the option. */
-+ struct item *next; /* pointer to next option. */
++ char *name; /* Name of the option. */
++ char *value; /* Value of the option. */
++ struct item *next; /* Pointer to next option. */
+};
+
+static struct item *list = NULL;
@@ -109,12 +109,12 @@
+ abort ();
+
+ new->name = strdup (name);
-+ new->value = strdup (value?:"");
++ new->value = strdup (value ?: "");
+ new->next = list;
+ list = new;
+}
+
-+/* search a special entry in the list and return the value. */
++/* Search a special entry in the list and return the value. */
+static const char *
+search (const char *name)
+{
@@ -131,7 +131,7 @@
+ return NULL;
+}
+
-+/* Load the login.defs file (/etc/login.defs) */
++/* Load the login.defs file (/etc/login.defs). */
+static void
+load_defaults_internal (const char *filename)
+{
@@ -173,7 +173,7 @@
+ tmp = strchr (cp, '#'); /* remove comments */
+ if (tmp)
+ *tmp = '\0';
-+ while (isspace ((int)*cp)) /* remove spaces and tabs */
++ while (isspace ((unsigned char) *cp)) /* remove spaces and tabs */
+ ++cp;
+ if (*cp == '\0') /* ignore empty lines */
+ continue;
@@ -183,7 +183,7 @@
+
+ tmp = strsep (&cp, " \t=");
+ if (cp != NULL)
-+ while (isspace ((int)*cp) || *cp == '=')
++ while (isspace ((unsigned char) *cp) || *cp == '=')
+ ++cp;
+
+ store (tmp, cp);
@@ -232,9 +232,10 @@
+ if (val == NULL)
+ return dflt;
+
++ errno = 0;
+ retval = strtol (val, &cp, 0);
-+ if (*cp != '\0' ||
-+ ((retval == LONG_MAX || retval == LONG_MIN) && errno == ERANGE))
++ if (*cp != '\0'
++ || ((retval == LONG_MAX || retval == LONG_MIN) && errno == ERANGE))
+ {
+ fprintf (stderr,
+ "%s contains invalid numerical value: %s!\n",
@@ -259,6 +260,7 @@
+ if (val == NULL)
+ return dflt;
+
++ errno = 0;
+ retval = strtoul (val, &cp, 0);
+ if (*cp != '\0' || (retval == ULONG_MAX && errno == ERANGE))
+ {
@@ -417,7 +419,7 @@
static void run_shell (char const *, char const *, char **, size_t)
ATTRIBUTE_NORETURN;
-@@ -215,7 +238,163 @@ log_su (struct passwd const *pw, bool su
+@@ -215,7 +238,162 @@ log_su (struct passwd const *pw, bool su
}
#endif
@@ -443,30 +445,29 @@
+static void
+cleanup_pam (int retcode)
+{
-+ if (_pam_cred_established)
-+ pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT);
-+
+ if (_pam_session_opened)
+ pam_close_session (pamh, 0);
+
++ if (_pam_cred_established)
++ pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT);
++
+ pam_end(pamh, retcode);
+}
+
-+/* Signal handler for parent process */
++/* Signal handler for parent process. */
+static void
+su_catch_sig (int sig)
+{
+ caught_signal = true;
+}
+
-+/* Export env variables declared by PAM modules */
++/* Export env variables declared by PAM modules. */
+static void
-+export_pamenv(void)
++export_pamenv (void)
+{
-+ char** env;
++ char **env;
+
-+ /* this is a copy but don't care to free as we exec later anyways
-+ * */
++ /* This is a copy but don't care to free as we exec later anyways. */
+ env = pam_getenvlist (pamh);
+ while (env && *env)
+ {
@@ -477,18 +478,18 @@
+}
+
+static void
-+create_watching_parent(void)
++create_watching_parent (void)
+{
+ pid_t child;
+ sigset_t ourset;
+ int status;
+
-+ retval = pam_open_session (pamh,0);
++ retval = pam_open_session (pamh, 0);
+ if (retval != PAM_SUCCESS)
+ {
-+ cleanup_pam(retval);
++ cleanup_pam (retval);
+ error (EXIT_FAILURE, 0, _("cannot not open session: %s"),
-+ pam_strerror (pamh, retval));
++ pam_strerror (pamh, retval));
+ }
+ else
+ _pam_session_opened = 1;
@@ -496,7 +497,7 @@
+ child = fork ();
+ if (child == (pid_t) -1)
+ {
-+ cleanup_pam(PAM_ABORT);
++ cleanup_pam (PAM_ABORT);
+ error (EXIT_FAILURE, errno, _("cannot create child process"));
+ }
+
@@ -504,10 +505,10 @@
+ if (child == 0)
+ return;
+
-+ /* in the parent watch the child */
++ /* In the parent watch the child. */
+
+ /* su without pam support does not have a helper that keeps
-+ * sitting on any directory so let's go to / */
++ sitting on any directory so let's go to /. */
+ if (chdir ("/") != 0)
+ error (0, errno, _("warning: cannot change directory to %s"), "/");
+
@@ -564,7 +565,7 @@
+ kill (child, SIGTERM);
+ }
+
-+ cleanup_pam(PAM_SUCCESS);
++ cleanup_pam (PAM_SUCCESS);
+
+ if (caught_signal)
+ {
@@ -590,7 +591,7 @@
+ const char *cp;
+
+ retval = pam_start (simulate_login ? PAM_SERVICE_NAME_L : PAM_SERVICE_NAME,
-+ pw->pw_name, &conv, &pamh);
++ pw->pw_name, &conv, &pamh);
+ PAM_BAIL_P (return false);
+
+ if (isatty (0) && (cp = ttyname (0)) != NULL)
@@ -604,7 +605,7 @@
+ retval = pam_set_item (pamh, PAM_TTY, tty);
+ PAM_BAIL_P (return false);
+ }
-+#if 0 /* manpage discourages use of getlogin */
++#if 0 /* Manpage discourages use of getlogin. */
+ cp = getlogin ();
+ if (!(cp && *cp && (lpw = getpwnam (cp)) != NULL && lpw->pw_uid == getuid ()))
+#endif
@@ -619,12 +620,12 @@
+ retval = pam_acct_mgmt (pamh, 0);
+ if (retval == PAM_NEW_AUTHTOK_REQD)
+ {
-+ /* password has expired. Offer option to change it. */
++ /* Password has expired. Offer option to change it. */
+ retval = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+ PAM_BAIL_P (return false);
+ }
+ PAM_BAIL_P (return false);
-+ /* must be authenticated if this point was reached */
++ /* Must be authenticated if this point was reached. */
+ return true;
+#else /* !USE_PAM */
char *unencrypted, *encrypted, *correct;
@@ -689,7 +690,7 @@
- error (EXIT_FAILURE, errno, _("cannot set groups"));
+ {
+#ifdef USE_PAM
-+ cleanup_pam(PAM_ABORT);
++ cleanup_pam (PAM_ABORT);
+#endif
+ error (EXIT_FAILURE, errno, _("cannot set groups"));
+ }
@@ -724,17 +725,17 @@
}
shell = xstrdup (shell ? shell : pw->pw_shell);
+
-+ init_groups(pw);
++ init_groups (pw);
+
+#ifdef USE_PAM
-+ create_watching_parent();
-+ /* now we're in the child */
++ create_watching_parent ();
++ /* Now we're in the child. */
+#endif
+
-+ change_identity(pw);
++ change_identity (pw);
+
+ /* Set environment after pam_open_session, which may put KRB5CCNAME
-+ * into the pam_env, etc. */
++ into the pam_env, etc. */
+
modify_environment (pw, shell);
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org