~xnox/ubuntu/quantal/shadow/clear-locks
» Revision
28
: debian/patches/593_omit_lastchange_field_if_clock_is_misset
« back to all changes in this revision
Viewing changes to debian/patches/593_omit_lastchange_field_if_clock_is_misset
- browse files at revision 28
- compare with another revision
- download diff
- download tarball
- view history from revision 28
- Committer: Bazaar Package Importer
- Author(s): Michael Casadevall
- Date: 2009-04-02 14:05:31 UTC
- Revision ID: james.westby@ubuntu.com-20090402140531-cp96pgusihgl0vk1
Tags: 1:4.1.1-6ubuntu4
* debian/patches/593_omit_lastchange_field_if_clock_is_misset (LP: #349504)
- If the system clock is set to Jan 01, 1970, and a new user is created
the last changed field gets set to 0, which tells login that the
password is expired and must be changed. During installation,
this can cause autologin to fail. Having the clock set to 01/01/1970
on a fresh install is common on the ARM architecture, so this is a high
priority bug since its likely to affect most ARM users on first install
- If the system clock is set to Jan 01, 1970, and a new user is created
the last changed field gets set to 0, which tells login that the
password is expired and must be changed. During installation,
this can cause autologin to fail. Having the clock set to 01/01/1970
on a fresh install is common on the ARM architecture, so this is a high
priority bug since its likely to affect most ARM users on first install
- files modified:
- debian/changelog
added
removed
debian/patches/593_omit_lastchange_field_if_clock_is_misset
1
Index: shadow-4.1.1/src/useradd.c
2
===================================================================
3
--- shadow-4.1.1.orig/src/useradd.c 2009-04-02 21:09:54.260892797 -0400
4
+++ shadow-4.1.1/src/useradd.c 2009-04-02 21:09:54.580852116 -0400
5
@@ -710,6 +710,29 @@
6
spent->sp_namp = (char *) user_name;
7
spent->sp_pwdp = (char *) user_pass;
8
spent->sp_lstchg = time ((time_t *) 0) / SCALE;
9
+
10
+ /*
11
+ * If the system clock is set to Jan-01-1970, the lastchg field will
12
+ * come out as zero (which is the value used when a password is expired
13
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
14
+ * since whatever value we would come up would be wrong anyway.
15
+ */
16
+
17
+ if (spent->sp_lstchg == 0)
18
+ {
19
+ if (spent->sp_pwdp != "!") {
20
+ /* If we're setting a password, display a warning that password aging will be disabled */
21
+ fprintf (stderr,
22
+ _
23
+ ("%s: warning: system clock set to January 01, 1970.\n"
24
+ "The last changed field will be omitted from /etc/shadow.\n"
25
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
26
+ Prog);
27
+ }
28
+
29
+ spent->sp_lstchg = -1;
30
+ }
31
+
32
if (!rflg) {
33
spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1));
34
spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));
35
Index: shadow-4.1.1/src/chpasswd.c
36
===================================================================
37
--- shadow-4.1.1.orig/src/chpasswd.c 2009-04-02 21:09:54.568871823 -0400
38
+++ shadow-4.1.1/src/chpasswd.c 2009-04-02 21:09:54.580852116 -0400
39
@@ -341,6 +341,15 @@
40
41
process_flags (argc, argv);
42
43
+ if (now == 0) {
44
+ fprintf (stderr,
45
+ _
46
+ ("%s: warning: system clock set to January 01, 1970.\n"
47
+ "The last changed field will be omitted from /etc/shadow.\n"
48
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
49
+ Prog);
50
+ }
51
+
52
if (!use_stdout) {
53
check_perms ();
54
55
@@ -439,7 +448,18 @@
56
if (NULL != sp) {
57
newsp = *sp;
58
newsp.sp_pwdp = cp;
59
+
60
+ /*
61
+ * If the system clock is set to Jan-01-1970, the lastchg field will
62
+ * come out as zero (which is the value used when a password is expired
63
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
64
+ * since whatever value we would come up would be wrong anyway.
65
+ */
66
+
67
newsp.sp_lstchg = now;
68
+ if (newsp.sp_lstchg == 0)
69
+ newsp.sp_lstchg = -1;
70
+
71
} else {
72
newpw = *pw;
73
newpw.pw_passwd = cp;
74
Index: shadow-4.1.1/src/passwd.c
75
===================================================================
76
--- shadow-4.1.1.orig/src/passwd.c 2009-04-02 21:09:54.512870154 -0400
77
+++ shadow-4.1.1/src/passwd.c 2009-04-02 21:09:54.580852116 -0400
78
@@ -572,6 +572,24 @@
79
nsp->sp_lstchg = time ((time_t *) 0) / SCALE;
80
81
/*
82
+ * If the system clock is set to Jan-01-1970, the lastchg field will
83
+ * come out as zero (which is the value used when a password is expired
84
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
85
+ * since whatever value we would come up would be wrong anyway.
86
+ */
87
+
88
+ if (nsp->sp_lstchg == 0) {
89
+ fprintf (stderr,
90
+ _
91
+ ("%s: warning: system clock set to January 01, 1970.\n"
92
+ "The last changed field will be omitted from /etc/shadow.\n"
93
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
94
+ Prog);
95
+
96
+ nsp->sp_lstchg = -1;
97
+ }
98
+
99
+ /*
100
* Force change on next login, like SunOS 4.x passwd -e or Solaris
101
* 2.x passwd -f. Solaris 2.x seems to do the same thing (set
102
* sp_lstchg to 0).
103
Index: shadow-4.1.1/libmisc/pwd2spwd.c
104
===================================================================
105
--- shadow-4.1.1.orig/libmisc/pwd2spwd.c 2009-04-02 21:09:48.284851709 -0400
106
+++ shadow-4.1.1/libmisc/pwd2spwd.c 2009-04-02 21:09:54.580852116 -0400
107
@@ -62,6 +62,10 @@
108
sp.sp_min = 0;
109
sp.sp_max = (10000L * DAY) / SCALE;
110
sp.sp_lstchg = time ((time_t *) 0) / SCALE;
111
+
112
+ if (sp.sp_lstchg == 0) {
113
+ sp.sp_lstchg = -1;
114
+ }
115
}
116
117
/*
118
Index: shadow-4.1.1/src/newusers.c
119
===================================================================
120
--- shadow-4.1.1.orig/src/newusers.c 2009-04-02 21:09:54.476851191 -0400
121
+++ shadow-4.1.1/src/newusers.c 2009-04-02 21:09:54.580852116 -0400
122
@@ -65,6 +65,7 @@
123
static int cflg = 0;
124
static int rflg = 0; /* create a system account */
125
static int sflg = 0;
126
+static long now = 0;
127
128
static char *crypt_method = NULL;
129
static long sha_rounds = 5000;
130
@@ -419,7 +420,18 @@
131
const char *salt = crypt_make_salt (crypt_method, crypt_arg);
132
spent.sp_pwdp = pw_encrypt (password, salt);
133
}
134
- spent.sp_lstchg = time ((time_t *) 0) / SCALE;
135
+ spent.sp_lstchg = now;
136
+
137
+ /*
138
+ * If the system clock is set to Jan-01-1970, the lastchg field will
139
+ * come out as zero (which is the value used when a password is expired
140
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
141
+ * since whatever value we would come up would be wrong anyway.
142
+ */
143
+
144
+ if (spent.sp_lstchg == 0)
145
+ spent.sp_lstchg = -1;
146
+
147
spent.sp_min = getdef_num ("PASS_MIN_DAYS", 0);
148
/* 10000 is infinity this week */
149
spent.sp_max = getdef_num ("PASS_MAX_DAYS", 10000);
150
@@ -668,6 +680,8 @@
151
uid_t uid;
152
gid_t gid;
153
154
+ now = time ((time_t *) 0) / SCALE;
155
+
156
Prog = Basename (argv[0]);
157
158
setlocale (LC_ALL, "");
159
@@ -678,6 +692,15 @@
160
161
check_perms ();
162
163
+ if (now == 0) {
164
+ fprintf (stderr,
165
+ _
166
+ ("%s: warning: system clock set to January 01, 1970.\n"
167
+ "The last changed field will be omitted from /etc/shadow.\n"
168
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
169
+ Prog);
170
+ }
171
+
172
is_shadow = spw_file_present ();
173
174
#ifdef SHADOWGRP
175
Index: shadow-4.1.1/src/pwconv.c
176
===================================================================
177
--- shadow-4.1.1.orig/src/pwconv.c 2009-04-02 21:09:48.244903334 -0400
178
+++ shadow-4.1.1/src/pwconv.c 2009-04-02 21:09:54.584850879 -0400
179
@@ -79,6 +79,7 @@
180
const struct spwd *sp;
181
struct spwd spent;
182
char *Prog = argv[0];
183
+ long now = time ((time_t *) 0) / (24L * 3600L);
184
185
setlocale (LC_ALL, "");
186
bindtextdomain (PACKAGE, LOCALEDIR);
187
@@ -104,6 +105,15 @@
188
fail_exit (E_FAILURE);
189
}
190
191
+ if (now == 0) {
192
+ fprintf (stderr,
193
+ _
194
+ ("%s: warning: system clock set to January 01, 1970.\n"
195
+ "The last changed field will be omitted from /etc/shadow.\n"
196
+ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ),
197
+ Prog);
198
+ }
199
+
200
/*
201
* Remove /etc/shadow entries for users not in /etc/passwd.
202
*/
203
@@ -149,7 +159,19 @@
204
spent.sp_flag = -1;
205
}
206
spent.sp_pwdp = pw->pw_passwd;
207
- spent.sp_lstchg = time ((time_t *) 0) / (24L * 3600L);
208
+ spent.sp_lstchg = now;
209
+
210
+ /*
211
+ * If the system clock is set to Jan-01-1970, the lastchg field will
212
+ * come out as zero (which is the value used when a password is expired
213
+ * with passwd -e. In these cases, replace 0 with -1 to omit the field
214
+ * since whatever value we would come up would be wrong anyway.
215
+ */
216
+
217
+ if (spent.sp_lstchg == 0) {
218
+ spent.sp_lstchg = -1;
219
+ }
220
+
221
if (!spw_update (&spent)) {
222
fprintf (stderr,
223
_
Loggerhead is a web-based interface for Breezy
Version: 2.0.1