Hello community, here is the log from the commit of package pwdutils checked in at Tue May 23 01:23:17 CEST 2006. -------- --- pwdutils/pwdutils.changes 2006-05-19 15:46:25.000000000 +0200 +++ pwdutils/pwdutils.changes 2006-05-22 09:47:40.000000000 +0200 @@ -1,0 +2,5 @@ +Mon May 22 09:47:22 CEST 2006 - kukuk@suse.de + +- Fix usermod -L/-U [#177144] + +------------------------------------------------------------------- New: ---- pwdutils-usermod-bnc177144.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pwdutils.spec ++++++ --- /var/tmp/diff_new_pack.MCsazG/_old 2006-05-23 01:22:41.000000000 +0200 +++ /var/tmp/diff_new_pack.MCsazG/_new 2006-05-23 01:22:41.000000000 +0200 @@ -17,7 +17,7 @@ Group: System/Base Autoreqprov: on Version: 3.0.7.1 -Release: 18 +Release: 19 Summary: Utilities to Manage User and Group Accounts PreReq: grep /bin/cp /bin/mv Requires: pam-modules @@ -42,6 +42,7 @@ Patch3: pwdutils-ldap-rfc2307bis.diff Patch4: pam_login-3.31.diff Patch5: pam_login-3.31-suppress_hostname.patch +Patch6: pwdutils-usermod-bnc177144.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -76,6 +77,8 @@ %patch5 -p1 popd %patch3 +%patch6 +chmod 755 src/tst-usermod %build CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" \ @@ -211,6 +214,8 @@ %{_libdir}/pwdutils/liblog_audit.so.1* %changelog -n pwdutils +* Mon May 22 2006 - kukuk@suse.de +- Fix usermod -L/-U [#177144] * Fri May 19 2006 - kssingvo@suse.de - added option -H to suppress hostname (bugzilla#175376) * Thu May 18 2006 - schwab@suse.de ++++++ pwdutils-usermod-bnc177144.diff ++++++ 2006-05-21 Thorsten Kukuk <kukuk@thkukuk.de> * src/usermod.8: Document -L and -U option. * src/usermod.c (main): Implement lock/unlock of password. * src/tst-chage: Adjust for latest chage fixes. * src/tst-usermod: New test. * src/Makefile.am: Add tst-usermod. --- src/Makefile.am 27 Dec 2005 21:09:10 -0000 1.83 +++ src/Makefile.am 21 May 2006 20:04:56 -0000 @@ -21,7 +21,7 @@ CLEANFILES = *~ tst-chage.* tst-passwd.* tst-group.* tst-groupadd.* \ tst-long-group-entry.* tst-32bit-uid-gid.* tst-userdel.* \ tst-groupmod.* tst-pwconv.* tst-pwunconv.* tst-pwck.* \ - tst-grpck.* ${EXTRA_PRGRAMS} + tst-grpck.* tst-usermod.* ${EXTRA_PRGRAMS} bin_PROGRAMS = chage chfn chsh expiry gpasswd newgrp passwd rpasswd @@ -36,7 +36,7 @@ TESTS = tst-useradd tst-chage tst-passwd tst-groupadd tst-long-group-entry \ tst-32bit-uid-gid tst-userdel tst-groupmod tst-pwconv tst-pwunconv \ - tst-pwck tst-grpck + tst-pwck tst-grpck tst-usermod EXTRA_DIST = ${MANS} ${EXTRA_MANS} ${TESTS} rpasswd-client.c --- src/Makefile.in 27 Dec 2005 21:09:10 -0000 1.132 +++ src/Makefile.in 21 May 2006 20:04:56 -0000 @@ -329,12 +329,12 @@ CLEANFILES = *~ tst-chage.* tst-passwd.* tst-group.* tst-groupadd.* \ tst-long-group-entry.* tst-32bit-uid-gid.* tst-userdel.* \ tst-groupmod.* tst-pwconv.* tst-pwunconv.* tst-pwck.* \ - tst-grpck.* ${EXTRA_PRGRAMS} + tst-grpck.* tst-usermod.* ${EXTRA_PRGRAMS} EXTRA_MANS = pam_rpasswd.8 TESTS = tst-useradd tst-chage tst-passwd tst-groupadd tst-long-group-entry \ tst-32bit-uid-gid tst-userdel tst-groupmod tst-pwconv tst-pwunconv \ - tst-pwck tst-grpck + tst-pwck tst-grpck tst-usermod EXTRA_DIST = ${MANS} ${EXTRA_MANS} ${TESTS} rpasswd-client.c man_MANS = chfn.1 chsh.1 expiry.1 passwd.1 rpasswd.conf.5 rpasswd.1 sg.1 \ --- src/tst-chage 12 Jul 2005 21:17:15 -0000 1.7 +++ src/tst-chage 21 May 2006 20:04:56 -0000 @@ -7,8 +7,11 @@ touch $TEMPDIR/passwd touch $TEMPDIR/shadow ./useradd -G "" -P $TEMPDIR chagetest1 -c "Test account" -./chage -P $TEMPDIR -m 7 -M 92 -d 2000-02-29 -E 2004-02-29 -I 7 -W 14 --service files chagetest1 > tst-chage.run 2>&1 +RET1=$? +./chage -P $TEMPDIR -m 7 -M 92 -d 2000-02-29 -E 2004-02-29 -I 7 -W 14 --service files chagetest1 > tst-chage.out 2>&1 +RET2=$? ./chage -P $TEMPDIR -l chagetest1 > tst-chage.out1 +RET3=$? cat << EOT > tst-chage.expect1 Minimum: 7 Maximum: 92 @@ -20,9 +23,12 @@ Account Expires: Feb 29, 2004 EOT diff -q -u tst-chage.expect1 tst-chage.out1 +RET4=$? + ./chage -P $TEMPDIR -m 7 -M 92 -d 2000-02-29 -E 2004-02-29 -I 0 -W 14 --service files chagetest1 > tst-chage.out 2>&1 +RET5=$? ./chage -P $TEMPDIR -l chagetest1 > tst-chage.out2 -RET1=$? +RET6=$? cat << EOT > tst-chage.expect2 Minimum: 7 Maximum: 92 @@ -30,13 +36,31 @@ Inactive: 0 Last Change: Feb 29, 2000 Password Expires: May 31, 2000 -Password Inactive: Never +Password Inactive: May 31, 2000 Account Expires: Feb 29, 2004 EOT diff -q -u tst-chage.expect2 tst-chage.out2 -RET2=$? +RET7=$? + +./chage -P $TEMPDIR -m 7 -M 92 -d 2000-02-29 -E 2004-02-29 -I -1 -W 14 --service files chagetest1 > tst-chage.out 2>&1 +RET8=$? +./chage -P $TEMPDIR -l chagetest1 > tst-chage.out3 +RET9=$? +cat << EOT > tst-chage.expect3 +Minimum: 7 +Maximum: 92 +Warning: 14 +Inactive: -1 +Last Change: Feb 29, 2000 +Password Expires: May 31, 2000 +Password Inactive: Never +Account Expires: Feb 29, 2004 +EOT +diff -q -u tst-chage.expect3 tst-chage.out3 +RET10=$? rm -rf $TEMPDIR -if [ $RET1 != 0 -o $RET2 != 0 ] ; then +if [ $RET1 != 0 -o $RET2 != 0 -o $RET3 != 0 -o $RET4 != 0 -o $RET5 != 0 -o $RET6 != 0 \ + -o $RET7 != 0 -o $RET8 != 0 -o $RET9 != 0 -o $RET10 != 0 ] ; then exit 1 else exit 0 --- src/usermod.8 15 Aug 2005 11:13:30 -0000 1.2 +++ src/usermod.8 21 May 2006 20:04:56 -0000 @@ -1,5 +1,5 @@ .\" -*- nroff -*- -.\" Copyright (C) 2003, 2005 Thorsten Kukuk +.\" Copyright (C) 2003, 2005, 2006 Thorsten Kukuk .\" Author: Thorsten Kukuk <kukuk@suse.de> .\" .\" This program is free software; you can redistribute it and/or modify @@ -15,7 +15,7 @@ .\" along with this program; if not, write to the Free Software Foundation, .\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. .\" -.TH usermod 8 "Nobember 2003" "pwdutils" +.TH usermod 8 "May 2006" "pwdutils" .SH NAME usermod \- modify a user account .SH SYNOPSIS @@ -99,6 +99,14 @@ Use the Distinguished Name binddn to bind to the LDAP directory. The user will be prompted for a password for simple authentication. .TP +.BI "\-L, \-\-lock" +A system administrator can lock the account of the specified user. +.TP +.B "\-U, \-\-unlock" +A system administrator can unlock the specified account, if the +account is not passwordless afterwards (it will not unlock an +account that has only "!" as a password). +.TP .BI "\-P, \-\-path" " path" The \fIpasswd\fR and \fIshadow\fR files are located below the specified directory path. --- src/usermod.c 15 Aug 2005 11:13:30 -0000 1.33 +++ src/usermod.c 21 May 2006 20:04:56 -0000 @@ -1,4 +1,4 @@ -/* Copyright (C) 2003, 2004, 2005 Thorsten Kukuk +/* Copyright (C) 2003, 2004, 2005, 2006 Thorsten Kukuk Author: Thorsten Kukuk <kukuk@suse.de> This program is free software; you can redistribute it and/or modify @@ -983,7 +983,7 @@ print_help (program); return 0; case 'v': - print_version (program, "2005"); + print_version (program, "2006"); return 0; case '\254': print_usage (stdout, program); @@ -1070,6 +1070,64 @@ old_home = strdupa (pw_data->pw.pw_dir); + /* -L, -U and -p are exclusive. */ + if ((lock_password + unlock_password > 1) || + ((lock_password + unlock_password) && new_password)) + { + print_error (program); + return E_USAGE; + } + + + if (lock_password) + { + const char *pwdp; + + if (pw_data->use_shadow) + pwdp = pw_data->sp.sp_pwdp; + else + pwdp = pw_data->pw.pw_passwd; + + if (pwdp == NULL) + pw_data->newpassword = strdup ("!"); + else if (pwdp[0] != '!') + { + pw_data->newpassword = malloc (strlen (pwdp) + 2); + if (pw_data->newpassword == NULL) + return E_FAILURE; + strcpy (&pw_data->newpassword[1], pwdp); + pw_data->newpassword[0] = '!'; + } + else + { + fprintf (stderr, _("Password for `%s' is already locked!\n"), + pw_data->pw.pw_name); + free_user_t (pw_data); + return E_FAILURE; + } + } + + if (unlock_password) + { + const char *pwdp; + + if (pw_data->use_shadow) + pwdp = pw_data->sp.sp_pwdp; + else + pwdp = pw_data->pw.pw_passwd; + + /* If the password is only "!", don't unlock it. */ + if (pwdp && pwdp[0] == '!' && strlen (pwdp) > 1) + pw_data->newpassword = strdup (&pwdp[1]); + else + { + fprintf (stderr, _("Cannot unlock the password for `%s'!\n"), + pw_data->pw.pw_name); + free_user_t (pw_data); + return E_FAILURE; + } + } + if (new_group) { if ((retval = convert_grpopt_to_name (new_group, NULL, @@ -1316,7 +1374,7 @@ } else if (new_login || new_password || know_uid || new_group || new_comment || new_home || new_shell || know_inactive || - know_expire) + know_expire || lock_password || unlock_password) { /* Only change passwd/shadow file if there are really changes. */ --- src/tst-usermod 1 Jan 1970 00:00:00 -0000 +++ src/tst-usermod 21 May 2006 20:16:50 -0000 @@ -0,0 +1,38 @@ +#!/bin/bash + +export LANG=C + +TEMPDIR=`mktemp -d tests.XXXXXX` + +echo "root:x:0:0:root:/root:/bin/bash" > tst-usermod.passwd +echo "root:valid:0:0:root:/root:/bin/bash" > tst-usermod.noshadow +echo "root:!valid:0:0:root:/root:/bin/bash" > tst-usermod.noshadow.locked +echo "root::0:0:root:/root:/bin/bash" > tst-usermod.noshadow.deleted +echo "root:valid:12116:0:10000::::" > tst-usermod.shadow +echo "root:!valid:12116:0:10000::::" > tst-usermod.locked +echo "root::12116:0:10000::::" > tst-usermod.deleted + +cp -p tst-usermod.noshadow $TEMPDIR/passwd +./usermod -P $TEMPDIR -L root > tst-usermod.run 2>&1 +diff -q -u tst-usermod.noshadow.locked $TEMPDIR/passwd +RET1=$? +./usermod -P $TEMPDIR -U root >> tst-usermod.run 2>&1 +diff -q -u tst-usermod.noshadow $TEMPDIR/passwd +RET2=$? + +cp -p tst-usermod.passwd $TEMPDIR/passwd +cp -p tst-usermod.shadow $TEMPDIR/shadow +./usermod -P $TEMPDIR -L root >> tst-usermod.run 2>&1 +diff -q -u tst-usermod.locked $TEMPDIR/shadow +RET3=$? +./usermod -P $TEMPDIR -U root >> tst-usermod.run 2>&1 +diff -q -u tst-usermod.shadow $TEMPDIR/shadow +RET4=$? + + +rm -rf $TEMPDIR +if [ $RET1 != 0 -o $RET2 != 0 -o $RET3 != 0 -o $RET4 != 0 ] ; then + exit 1 +else + exit 0 +fi ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun...