forked from shadow-maint/shadow
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
2166 lines (1999 loc) · 104 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
863
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
$Id$
shadow-4.1.5.1 -> shadow-4.2 UNRELEASED
*** general
* Handle libc whose crypt() returns NULL when passed a salt that
violates specs or system requirements (e.g. FIPS140). This is needed
with glibc/eglibc 2.17 for tools checking passwords (passwd (non PAM
enabled) or newgrp), and for tools generating encrypted passwords
(chgpasswd, chpasswd, or gpasswd when non PAM enabled or when a fixed
crypt method is requested on the command line, and newusers, or passwd
in their non PAM enabled versions)
* Fix segfault when reading groups split on multiple lines. This impacts
most user/group management tools when MAX_MEMBERS_PER_GROUP is set.
- su
* When su receives a signal (SIGTERM, or SIGINT/SIGQUIT in non
interactive mode), kill the child process group, rather than just the
immediate child.
* Fix segmentation faults for users without a proper home or shell in
their passwd entries.
- login
* Fix segmentation faults for users without a proper home or shell in
their passwd entries.
*** documentation
* Fixed useradd man page (--home-dir option, instead of --home).
*** translation
* Updated Russian translation.
* Updated German man pages translation.
* Fixed gshadow Japanese man page translation.
shadow-4.1.5 -> shadow-4.1.5.1 2012-05-25
- login
* Log into utmp(x) when PAM is enabled, but do not log into wtmp.
This complete pam_lastlog which logs into wtmp and in into utmp(x).
- su
* non PAM enabled versions: do not fail if su is called without a
controlling terminal.
- userdel
* Fix segfault when userdel removes the user's group.
*** documentation
* .so links now point to paths relative to the top-level manual hierarchy
*** translation
* Updated French man pages translation.
* Updated German man pages translation.
* Updated Polish man pages translation. (logoutd.8)
shadow-4.1.4.3 -> shadow-4.1.5 2012-02-12
*** security
* su -c could be abused by the executed command to invoke commands with
the caller privileges. See below. (CVE-2005-4890)
*** general
* report usage error to stderr, but report usage help to stdout (and return
zero) when explicitly requested (e.g. with --help).
* initial support for tcb (http://openwall.com/tcb/) for useradd,
userdel, usermod, chage, pwck, vipw.
* Added support for ACLs and Extended Attributes in useradd and usermod.
Support shall be enabled with the new --with-acl or --with-attr
configure options.
* Added diagnosis for lock failures.
* use libsemanage instead of the semanage tool.
- chage
* Add --root option.
- chfn
* Add --root option.
- chgpasswd
* When the gshadow file exists but there are no gshadow entries, an entry
is created if the password is changed and group requires a
shadow entry.
* Add --root option.
- chpasswd
* PAM enabled versions: restore the -e option to allow restoring
passwords without knowing those passwords. Restore together the -m
and -c options. (These options were removed in shadow-4.1.4 on PAM
enabled versions)
* When the shadow file exists but there are no shadow entries, an entry
is created if the password is changed and passwd requires a
shadow entry.
* Add --root option.
- chsh
* Add --root option.
- faillog
* The -l, -m, -r, -t options only act on the existing users, unless -a is
specified.
* Add --root option.
- gpasswd
* Add --root option.
- groupadd
* Add --root option.
- groupdel
* Add --root option.
- groupmems
* Fix parsing of gshadow entries.
* Add --root option.
- groupmod
* Fixed groupmod when configured with --enable-account-tools-setuid.
* When the gshadow file exists but there are no gshadow entries, an entry
is created if the password is changed and group requires a
shadow entry.
* Add --root option.
- grpck
* Add --root option.
* NIS entries were dropped by -s (sort).
- grpconv
* Add --root option.
- grpunconv
* Add --root option.
- lastlog
* Add --root option.
- login
* Fixed limits support (non PAM enabled versions only)
* Added support for infinite limits and group based limits (non PAM
enabled versions only)
* Fixed infinite loop when CONSOLE is configured with a colon-separated
list of TTYs.
* Fixed warning and support for CONSOLE_GROUPS for users member of more
than 16 groups.
* Do not log into utmp(x) or wtmp when PAM is enabled. This is done by
pam_lastlog.
- newgrp, sg
* Fix parsing of gshadow entries.
- newusers
* Add --root option.
- passwd
* Add --root option.
- pwpck
* NIS entries were dropped by -s (sort).
* Add --root option.
- pwconv
* Add --root option.
- pwunconv
* Add --root option.
- useradd
* If the skeleton directory contained hardlinked files, copies of the
hardlink were removed from the skeleton directory.
* Add --root option.
- userdel
* Check the existence of the user's mail spool before trying to remove
it. If it does not exist, a warning is issued, but no failure.
* Do not remove a group with the same name as the user (usergroup) if
this group isn't the user's primary group.
* Add --root option.
* Add --selinux-user option.
- usermod
* Accept options in any order (username not necessarily at the end)
* When the shadow file exists but there are no shadow entries, an entry
is created if the password is changed and passwd requires a
shadow entry, or if aging features are used (-e or -f).
* Add --root option.
- su
* Document the su exit values.
* When su receives a signal, wait for the child to terminate (after
sending a SIGTERM), and kill it only if it did not terminate by itself.
No delay will be enforced if the child cooperates.
* Default ENV_SUPATH is /sbin:/bin:/usr/sbin:/usr/bin
* Fixed infinite loop when CONSOLE is configured with a colon-separated
list of TTYs.
* Fixed warning and support for CONSOLE_GROUPS for users member of more
than 16 groups.
* Do not forward the controlling terminal to commands executed with -c.
This prevents tty hijacking which could lead to execution with the
caller's privileges.
* Close PAM sessions as root. This will be more friendly to PAM modules
like pam_mount or pam_systemd.
* Added support for PAM modules which change PAM_USER.
*** translation
* Updated Brazilian Portuguese translation.
* Updated Catalan translation.
* Updated Czech translation.
* Updated Danish translation.
* New Danish man pages translation.
* Updated French translation.
* Updated French man pages translation.
* Updated German translation.
* Updated German man pages translation.
* Updated Greek translation.
* Updated Italian man pages translation.
* Updated Japanese translation.
* Updated Kazakh translation.
* Updated Norwegian Bokmål translation.
* Updated Portuguese translation.
* Updated Russian translation.
* Updated Simplified Chinese translation.
* Updated Simplified Chinese man pages translation.
* Updated Swedish translation.
* Updated Vietnamese translation.
shadow-4.1.4.2 -> shadow-4.1.4.3 2011-02-15
*** security
- CVE-2011-0721: An insufficient input sanitation in chfn can be exploited
to create users or groups in a NIS environment.
shadow-4.1.4.1 -> shadow-4.1.4.2 2009-07-24
- general
* Improved support for large groups (impacts most user/group management
tools).
- addition of system users or groups
* Speed improvement. This should be noticeable in case of LDAP configured
systems. This should impact useradd, groupadd, and newusers
* Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in
reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN
is already used but there are still dome gaps.
- login
* Add support for shells being a shell script without a shebang.
- su
* Preserve the DISPLAY and XAUTHORITY environment variables. This was
only the case in the non PAM enabled versions.
* Add support for shells being a shell script without a shebang.
*** translation
* The Finnish translation of passwd(1) was outdated and is no more
distributed.
shadow-4.1.4 -> shadow-4.1.4.1 2009-05-22
- login
* Fix failures with empty usernames on non PAM versions.
* Fix CONSOLE (securetty) support on non PAM versions.
- newgrp
* Return the exit status of the child.
- userdel
* On Linux, do not check if an user is logged in with utmp, but check if
the user is running some processes.
* If not on Linux, continue to search for an utmp record, but make sure
the process recorded in the utmp entry is still running.
* Report failures to remove the user's mailbox
* When USERGROUPS_ENAB is enabled, remove the user's group when the
user was the only member.
* Do not fail when -r is used and the home directory does not exist.
- usermod
* Check if the user is busy when the user's UID, name or home directory
is changed.
shadow-4.1.3.1 -> shadow-4.1.4 2009-05-10
- packaging
* Enable --enable-account-tools-setuid by default for PAM builds.
* Add configure option --enable-utmpx, disabled by default to mimic
the previous behavior on Linux (where utmp and utmpx are identical).
* Fix build failure on non-PAM systems when --without-pam is not
specified.
- chpasswd
* Change the passwords using PAM. This permits to define the password
policy in a central place. The -c/--crypt-method, -e/--encrypted,
-m/--md5 and -s/--sha-rounds options are no more supported on PAM
enabled systems.
- grpck
* Warn if a group has an entry in group and gshadow, and the password
field in group is not 'x'.
- login
* Do not trust the current utmp entry's ut_line to set PAM_TTY. This could
lead to DOS attacks.
* (PAM) Even if the user was already authenticated (-f flag), ask the
user to update his authentication token if needed.
- lastlog
* Fix regression causing empty reports.
- newusers
* Change the passwords using PAM. This permits to define the password
policy in a central place. The -c/--crypt-method and -s/--sha-rounds
options are no more supported on PAM enabled systems.
- pwck
* Warn if an user has an entry in passwd and shadow, and the password
field in passwd is not 'x'.
*** translation
- Updated Czech translation
- Updated French translation
- Updated German translation
- Updated Japanese translation
- Updated Korean translation
- Updated Portuguese translation
- Updated Russian translation
shadow-4.1.3 -> shadow-4.1.3.1 2009-04-15
*** security:
- Due to bad parsing of octal permissions, the permissions on tty (login)
but also UMASK were set wrongly (and weirdly). Only shadow-4.1.3 was
affected.
*** general
- login
* Fix regression when no user is specified on the command line.
- userdel
* Fixed SE Linux support
- vipw
* SE Linux: Set the default context to the context of the file being
edited. This ensures that the backup file inherit from the file's
context.
*** translation
- Updated Norwegian Bokmål translation
shadow-4.1.2.2 -> shadow-4.1.3 2009-04-12
*** general:
- packaging
* Fixed support for OpenPAM.
* Fixed support for uclibc.
* Added configure --enable-account-tools-setuid (default) /
--disable-account-tools-setuid options. This permits to disable the
PAM authentication of the caller for chage, chgpasswd, chpasswd,
groupadd, groupdel, groupmod, newusers, useradd, userdel, and usermod.
This authentication is not necessary when these tools are not
installed setuid root.
* Added configure --with-group-name-max-length (default) /
--without-group-name-max-length options. This permits to configure the maximum length allowed for group names:
<no option> -> default of 16 (like today)
--with-group-name-max-length -> default of 16
--without-group-name-max-length -> no max length
--with-group-name-max-length=n > max is set to n
No sanity checking is performed on n so people could do
something neat like --with-group-name-max-length=MAX_INT
- addition of users or groups
* Speed improvement in case UID_MAX/SYS_UID_MAX/GID_MAX/SYS_GID_MAX is
used for an user/group. This should be noticeable in case of LDAP
configured systems. This should impact useradd, groupadd, and newusers
- error handling improvement
* Make sure errors and incomplete changes are reported to syslog and
audit in case of unexpected failures.
* Report system inconsistencies to syslog and audit.
* Only report success to syslog and audit if the changes are really
performed in the system databases.
This is still not complete.
- /etc/login.defs
* New CREATE_HOME variable to tell useradd to create a home directory by
default.
- Translations
* New Kazakh translation.
* Spanish manpages are no more distributed. They are outdated. Please
contact [email protected] if you wish to
provide updates.
- faillog
* Accept users specified as a numerical UID, or ranges of users (-user,
user-, user1-user2).
* -l, -m, and -r now apply not only to existing users, but to all the
specified UIDs.
* Options can be specified in any order.
- gpasswd
* Added support for long options --add (-a), --delete (-d),
--remove-password (-r), --restrict (-R), --administrators (-A), and
--members (-M).
* Added support for usernames with arbitrary length.
* audit logging improvements.
* error handling improvement (see above).
* Log permission denied to syslog and audit.
- groupadd
* audit logging improvements.
* error handling improvement (see above).
* Speedup (see "addition of users or groups" above).
* do not create groups with GID set to (gid_t)-1.
* Allocate system group GIDs in reverse order. This could be useful
later to increase the static IDs range.
- groupdel
* audit logging improvements.
* error handling improvement (see above).
- groupmems
* Check if user exist before they are added to groups.
* Avoid segfault in case the specified group does not exist in /etc/group.
* Everybody is allowed to list the users of a group.
* /etc/group is open readonly when one just wants to list the users of a
group.
* Added syslog support.
* Use the groupmems PAM service name instead of groupmod.
* Fix segmentation faults when adding or removing users from a group.
* Added support for shadow groups.
* Added support long options --add (-a), --delete (-d), --purge (-p),
--list (-l), --group (-g).
- groupmod
* audit logging improvements.
* error handling improvement (see above).
* do not create groups with GID set to (gid_t)-1.
- grpck
* warn for groups with GID set to (gid_t)-1.
- login
* Restore the echoctl, echoke, onclr flags to the terminal termio flags.
Reset echoprt, noflsh, tostop. This behavior seems to have change by
mistake in earlier releases (4.0.8, for no obvious reason).
- newusers
* Implement the -r, --system option.
* Speedup (see "addition of users or groups" above).
* do not create users with UID set to (gid_t)-1.
* do not create groups with GID set to (gid_t)-1.
* Allocate system account UIDs/GIDs in reverse order. This could be useful
later to increase the static IDs range.
- passwd
* For compatibility with other passwd version, the --lock an --unlock
options do not lock or unlock the user account anymore. They only
lock or unlock the user's password.
- pwck
* warn for users with UID set to (uid_t)-1.
- su
* Preserve COLORTERM in addition to TERM when su is called with the -l
option.
- useradd
* audit logging improvements.
* Speedup (see "addition of users or groups" above).
* See CREATE_HOME above.
* New -M/--no-create-home option to disable CREATE_HOME.
* do not create users with UID set to (gid_t)-1.
* Added -Z option to map SELinux user for user's login.
* Allocate system user UIDs in reverse order. This could be useful
later to increase the static IDs range.
- userdel
* audit logging improvements.
* Do not fail if the removed user is not in the shadow database.
* When the user's group shall be removed, do not fail if this group is
not in the gshadow file.
* Delete the SELinux user mapping for user's login.
- usermod
* Allow adding LDAP users (or any user not present in the local passwd
file) to local groups
* do not create users with UID set to (gid_t)-1.
* Added -Z option to map SELinux user for user's login.
shadow-4.1.2.1 -> shadow-4.1.2.2 23-11-2008
*** security
- Fix a race condition in login that could lead to gaining ownership or
changing mode of arbitrary files.
- Fix a possible login DOS, which could be caused by injecting forged
entries in utmp.
shadow-4.1.2 -> shadow-4.1.2.1 26-06-2008
*** security
- Fix an "audit log injection" vulnerability in login.
This vulnerability makes it easier for attackers to hide activities by
modifying portions of log events, e.g. by appending an addr= statement
to the login name.
shadow-4.1.1 -> shadow-4.1.2 25-05-2008
*** security:
- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
chgpasswd; and also passwd if configured without PAM support).
The number of rounds and number of salt bytes was fixed to their lower
allowed values (resp. configurable and 8), hence voiding some of the
advantages of this encryption method. Dictionary attacks with
precomputed tables were easier than expected, but still harder than with
the MD5 (or DES) methods.
*** general:
- packaging
* Distribute the chfn, chsh, and userdel PAM configuration file.
* Fix the detection of the audit, pam, and selinux library and header
file; and fail if the feature is requested but not present on the
system.
* Fix build failure when configured with audit support.
- chfn
* Allow non-US-ASCII characters in the GECOS fields ("name", "room
number", and "other info" fields).
- login
* Do not fail if a shell option, specified after --, has more than 2
letters.
- su
* If the SULOG_FILE does not exist when an su session is logged, make
sure the file is created with group root, instead of using the group
of the caller.
- vipw
* Resume properly after ^Z.
*** documentation:
- Document the -r, --system option in the useradd, groupadd, and newusers
manpages.
- Document the -c, --crypt-method and -s, --sha-rounds options in the
newusers manpage.
- Document the -k, --skel option in the useradd manpage.
- Tag the section which require --enable-shadowgrp or --with-sha-crypt
accordingly.
shadow-4.1.0 -> shadow-4.1.1 02-04-2008
*** general:
- security
* Do not seed the random number generator each time, and use the time in
microseconds to avoid having the same salt for different passwords
generated in the same second.
- packaging
* Do not install the shadow library per default.
- general
* Do not translate the messages sent to syslog. This avoids logging
PAM error messages in the users's locale.
- etc/login.defs
* Set GID_MIN to the same value as UID_MIN by default (1000).
* Added variables SYS_UID_MIN (100), SYS_UID_MAX (999), SYS_GID_MIN (100),
SYS_GID_MAX (999) for system accounts.
- etc/useradd
* /etc/default/useradd now defines HOME as /home to match FHS.
- chage
* Fix bug which forbid to set the aging information of an account with a
passwd entry, but no shadow entry.
- faillog
* faillog -r now only reset the entries of existing users. This makes
faillog faster.
- gpasswd
* Fix failures when the gshadow file is not present.
* When a password is moved to the gshadow file, use "x" instead of "!"
to indicate that the password is shadowed (consistency with grpconv).
* Make sure the group and gshadow files are unlocked on exit.
- groupadd
* New option -p/--password to specify an encrypted password.
* New option -r, --system for system accounts.
- groupdel
* Do not fail if the group does not exist in the gshadow file.
* Do not rewrite the group or gshadow file in case of error.
* Make sure the group and gshadow files are unlocked on exit.
* Fail if the system is not configured to support split groups and
different group entries have the name of the group to be deleted.
- groupmems
* Fix buffer overflow when adding an user to a group. Thanks to Peter Vrabec.
- groupmod
* New option -p/--password to specify an encrypted password.
* Make sure the group and gshadow files are unlocked on exit.
* When the GID of a group is changed, update also the GID of the passwd
entries of the users whose primary group is the group being modified.
- grpck
* Fix logging of changes to syslog when a group file is provided,
without a gshadow file.
- lastlog
* Accept users specified as a numerical UID, or ranges of users (-user,
user-, user1-user2).
- login
* Use PATH and SUPATH to set the PATH environment variable, even when
support for PAM is enabled.
* If started as init, start a new session.
- newgrp
* Fix segfault when an user returns to an unknown GID (either the user
was deleted during the user's newgrp session or the user's passwd
entry referenced an invalid group). Add a syslog warning in that case.
* Use the correct AUDIT_CHGRP_ID event instead of AUDIT_USER_START, when
changing the user space group ID with newgrp or sg.
- newusers
* The new users are no more added to the list of members of their groups
because the membership is already set by their primary group.
* Added support for gshadow.
* Avoid using the same salt for different passwords.
* Fix support for the NONE crypt method.
* newusers will behave more like useradd regarding the choice of UID or
GID or regarding the validity of user and group names.
* New option -r, --system for system accounts.
* Make sure the passwd, group, shadow, and gshadow files are unlocked on
exit.
- passwd
* Make sure that no more than one username argument was provided.
* Make SE Linux tests more strict, when the real UID is 0 SE Linux
checks will be performed.
- pwck
* Fix logging of changes to syslog when a passwd file is provided,
without a shadow file.
- su
* su's arguments are now reordered. If needed, use -- to separate su's
options from the shell's options.
- sulogin
* If started as init, start a new session.
- useradd
* New option -l to avoid adding the user to the lastlog and faillog databases.
* Fix the handling of the --defaults option (it required an argument,
but should behave as -D)
* Document the --defaults option, which was already described in the
useradd's Usage information.
* New option -r, --system for system accounts.
* New options -U, --user-group and -N, --no-user-group. These options
should replace nflg from the previous versions. Please set any -n
option to deprecated because its meaning differs from one distribution
to the other.
* Make sure the passwd, group, shadow, and gshadow files are unlocked on
exit.
- usermod
* Keep the access and modification time of files when moving an user's home
directory.
* Check that the new fields set with -u, -s, -l, -g, -f, -e, -d, and -c
differ from the old ones. If a requested new value is equal to the old
one, no changes will be performed for that field. If no fields are
changed, usermod will exist successfully with a warning. This avoids
logging changes to syslog when there are actually no changes.
* Fix the handling of -a when a user is being renamed (with -l)
- vipw/vigr
* Recommend editing the shadowed (resp. regular) file if the regular (resp.
shadowed) file was edited.
shadow-4.0.18.2 -> shadow-4.1.0 09-12-2007
*** security:
- chgpasswd
When compiled with PAM support, it used the chpasswd policy file instead
of the chgpasswd policy file. If an administrator added some restriction
to the chgpasswd policy file, they were not taken into account.
*** general:
- Add support for SHA256 and SHA512 encrypt methods (supported by new
libc).
- useradd: Allow non numerical group identifier to be specified with
useradd's -g option.
- chgpasswd, chpasswd: Fix chpasswd and chgpasswd stack overflow.
- newgrp: Do not give an indication that the group has no password. Ask
for the password, as if there were a password.
- The permissions of the suid binaries is now configurable in
src/Makefile.am. Note that changing the permissions is not recommended.
- newgrp.c: Declare the child and pid variable at the beginning of a block.
This fixes a compilation issue with gcc 2.95.
- login_nopam: Add support for systems with no innetgr(). On those
systems, username with an @ will be treated like any other username
(i.e. lookup in the local database for an user with an @). Thanks to
Mike Frysinger for the patch.
- Add support for uClibc with no l64a().
- userdel, usermod: Fix infinite loop caused by erroneous group file
containing two entries with the same name. (The fix strategy differs
from
(https://bugzilla.redhat.com/show_bug.cgi?id=240915)
- userdel: Abort if an error is detected while updating the passwd or group
databases. The passwd or group files will not be written.
- usermod: Update the group database before flushing the nscd caches.
- usermod: Make sure the group modifications will be allowed before
writing the passwd files.
- Flush the nscd tables using nscd -i instead of the private glibc socket.
- usermod: Make usermod options independent of the argument order.
- newgrp: Do not request a password when a user uses newgrp to switch to
her primary group.
- passwd: -l/-u options: edit the shadow account expiry field *in
addition* to editing the password field.
- pwck: Remove the SHADOWPWD preprocessor check. Some check for /etc/shadow
were always missing.
- su: Avoid terminating the PAM library in the forked child. This is done
later in the parent after closing the PAM session.
- userdel: Fix the homedir prefix checking.
- passwd, usermod: Refuse to unlock an account when it would result in a
passwordless account.
- Full review of the usage of getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam(). There should be no functional changes.
- gpasswd: Only read information from the local file group database. It
writes the changes in /etc/group and/or /etc/gshadow, but used to read
information from getgrnam (hence possibly from another group database).
- New login.defs variable: MAX_MEMBERS_PER_GROUP. It should provide a
better support for split groups. Be careful when using this variable:
not all tools support well split groups (in or out of the shadow
tool suite). It fixes gpasswd and chgpasswd when split groups are used.
- Use MD5_CRYPT_ENAB, ENCRYPT_METHOD, SHA_CRYPT_MIN_ROUNDS, and
SHA_CRYPT_MAX_ROUNDS to define the default encryption algorithm for the
passwords.
- chpasswd, chgpasswd, newusers: New options -c/--crypt-method and
-s/--sha-rounds to supersede the system default encryption algorithm.
- chpasswd, chgpasswd, newusers: DES is no more the default algorithm. They
will respect the system default configured in /etc/login.defs
*** documentation:
- Generate the translated manpages from PO at build time.
- The generated manpages will change depending on the configure options.
If you use different options than the one used for the distributed
archive, you should re-generate the manpages.
- login.defs should now describe all the variables.
- The tools' documentation details the login.defs variables they use.
shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007
*** general:
- usermod: fixed handle -a option (by Benno Schulenberg
- useradd: improved auditing support
(https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=211659),
- groupadd, groupdel, groupmod, useradd, userdel, usermod: flush nscd cashes
after close /etc/{group,passwd} files,
- su: If compiled without PAM support, enforce the limits from /etc/limits
when one of the -, -l, or --login options is set, even if called by root.
- limits: Support for 2 new resource limits: max nice value, and max real
time priority. The resource limits are not used when compiled with PAM.
*** documentation:
- updated translations: fi, ja, nl, tl, zh_CN.
- groupadd.8, groupmod.8, login.1, useradd.8, userdel.8, usermod.8: grammar
mistakes and other corrections (by Schulenberg <[email protected]>),
shadow-4.0.18 -> shadow-4.0.18.1 03-08-2006
*** general:
- groupmems: fixed compilation when PAM is disabled
(by Johannes Winkelmann <[email protected]>),
- fixed missing man pages in dist tar ball necessary on build when
PAM is disabled.
shadow-4.0.17 -> shadow-4.0.18 01-08-2006
*** general:
- su: fixed set environment too early when using PAM, so move it to !USE_PAM
(patch submitted by Mike Frysinger <[email protected]>),
- groupadd, groupmod, useradd, usermod: fixed UID/GID overflow (fixed
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920)
- passwd, useradd, usermod: fixed inactive/mindays/warndays/maxdays overflow
(similar to RH#198920),
- groupmems: rewritten for use PAM and getopt_long() and now it is enabled
for build and install (patch by George Kraft <[email protected]>),
- S/Key: removed assign getpass() to libshadow_getpass() on autoconf level
(patch by Ulrich Mueller <[email protected]>; http://bugs.gentoo.org/139966),
- usermod: back to previous -a option semantics and clarify -a behavior
on documentation level (by Greg Schafer <[email protected]>),
- chsh, groupmod: rewritten for use getopt_long().
- updated translations: ca, cs, da, eu, fr, gl, hu, ko, pl, pt, ru, sv, tr, uk, vi.
*** documentation:
- fr and ru man pages are up to date,
- partially translated sv man pages set added
(by Daniel Nylander <[email protected]>),
- pl chage(1), chsh(1), groupmod(8): translation finished.
shadow-4.0.16 -> shadow-4.0.17 10-07-2006
*** general:
- userdel, usermod: fixed segfault on remove home directory when it can't
be removed; for example when it is /dev/null (fixed http://bugs.gentoo.org/139148),
- improved SELinux detection on autoconf level (based on patch by
Dan Yefimov <[email protected]>),
- removed using private implementation getpass() libc function
(now getpass() is used also when S/KEY support is enabled),
- move nologin do $(sbindir),
- useradd: fixed mail spool file creation (bug cached by Frans Pop
fixed http://bugs.debian.org/374705),
- updated translations: cs, da, de, ko, nb, nl, pt, ro, ru, sk, sv, vi,
- new translations: dz, km, ne.
*** documentation:
- ru man pages up to date,
- lastlog(8): updated pl translation,
- faillog(5): added missing information about fail_locktime element of
faillog struct (by Thorsten Kukuk <[email protected]>),
- updated translations: eu, fr, pl.
- reverted using docbook.sourceforge.net in XSL url.
shadow-4.0.15 -> shadow-4.0.16 05-06-2006
*** general:
- userdel: better fix for old CERT VU#312962 (which was fixed in shadow 4.0.8):
fixed forgotten checking of the return value from fchown() before
proceeding with the fchmod() (based on Owl patch prepared by
Rafal Wojtczuk <[email protected]>),
- userdel: use login.defs::MAIL_DIR instead hardcoded /var/mail in created
mailbox path (based on Owl fixes submited
by Solar Designer <[email protected]>),
- by default do not use libshadow_getpass() as getpass() replacemement.
Use libshadow_getpass() only when S/KEY support is enabled.
Current glibc getpass() handles correctly longer than 8 characters
passwords and libshadow_getpass() is used only because libc getpass()
do not handles password prompting with echo enabled,
- move login.defs::MD5_CRYPT_ENAB to non-PAM part,
- userdel: rewritten for use getopt_log(),
- install default/template configuration files:
-- if shadow is configured with use PAM install /etc/pam.d/* files,
-- if shadow do not uses PAM install /etc/{limits,login.acces} files,
-- install /etc/login.defs and /etc/default/useradd files,
- fixed handle relative symlinks too in lib/commonio.c
(merge patch from Fedora),
- properly notify nscd to flush its cache
(https://bugzilla.redhat.com/bugzilla/186803),
- useradd, usermod: fixes for verify return values mkdir() and chown()
on copy files (merge 482_libmisc_copydir_check_return_values Debian
patch),
- login, su (non-PAM variant): export MAIL only when MAIL_CHECK_ENAB
is enabled (Mike Frysinger <[email protected]>),
- pgck, grpck: warn when the members of a group differ in /etc/groups
and /etc/gshadow (fixed http://bugs.debian.org/75181),
- su: fixed exit with a status 0 when the invoked command is terminated
by a signal which was not catched
(fixed by Eero Häkkinen <[email protected]>),
- login: cancel login timeout after authentication so that patient people
timing out on network directory services can log in with local
accounts (http://bugs.debian.org/107148),
- chgpasswd: fixes for build correctly with --disable-shadowgrp
(patch by Johannes Winkelmann <[email protected]>).
- updated translations: cs, da, es, eu, fi, fr, gl, hu, id, pt, ru, sk, sv, vi.
- new translations: hu.
*** documentation:
- new cs man pages: groupmems(8), groupmod(8), grpck(8), gshadow(5)
(by Miroslav Kure <[email protected]>),
- regenerate roff man pages using docbook-style-xsl-1.70.1,
- bunch of cleanups in chfn(1), faillog(8), gpasswd(1), groupadd(8),
groupmems(8), limits(5), login(1), login.defs(5), newgrp(1), passwd(1),
passwd(5) and su(1) (by Yuri Kozlov <[email protected]>),
- update pl vipw(8) man page,
- added chgpasswd(8) ru man page,
- updated ru login.defs(5), passwd(1), userdel(8), usermod(8) man pages,
- pw_auth(3) man page removed (outdated),
- install limits(5), login.access(5) and porttime(5) man pages only when
shadow is built with PAM support disabled,
- passwd(1): better document how password strength is checked
(fixed http://bugs.debian.org/115380),
- usermod(8): added missing -a option description
(by Christian Perrier <[email protected]>),
- hu chsh(1), lugin(1), newgrp(1): fixed typos
(by Koblinger Egmont <[email protected]>),
- login.defs(5): remove information about CREATE_HOME (patch by
Mike Frysinger <[email protected]>),
- chgpasswd(8): new man page.
shadow-4.0.14 -> shadow-4.0.15 13-03-2006
*** general:
- do not install translated man pages if shadow is configured with
--disable-nls
(based patch submited by Mike Frysinger <[email protected]>),
- added fixes for detect BSD's S/Key with updated the skeychallenge()
function for take a fourth argument in case BSD version (patch submited by
Mike Frysinger <[email protected]>),
- login: default UMASK if not specified in login.defs is 022 (pointed by
Peter Vrabec <[email protected]>),
- chgpasswd: new tool (by Jonas Meurer <[email protected]>),
- lastlog: print the usage and exit if an additional argument is provided to
lastlog (merge 488_laslog_verify_arguments Debian patch),
- login, newgrp, nologin, su: do not link with libselinux (merge
490_link_selinux_only_when_needed Debian patch),
- chage, chfn, chsh, passwd: fixed confusing error message if /proc is not
mounted (http://bugs.debian.org/352494 patch Nicolas François
- login (merge 433_login_more_LOG_UNKFAIL_ENAB Debian patch):
- TOO MANY LOGIN... logged if PAM_MAXTRIES or failcount >= retries (was
onl test PAM_MAXTRIES),
- print to stderr (in addition to syslog) in case of maximum number of
tries exceeded,
- always prints the number of tries in the syslog entry.
- add special handling for PAM_ABORT
- add an entry to faillog, as when USE_PAM is not defined. (#53164)
- changed pam_end to PAM_END. This is certainly was a mistake. PAM_END is
pam_close_session pam_end. Here, the session is still not open, we
don't have to close it.
- a HAVE_PAM_FAIL_DELAY is missing,
- su: fixed pam session support (patch from Topi Miettinen; fixed #57526,
#55873, 57532 Debian bugs),
- userdel: user's group is already removed by update_groups().
remove_group() is not needed (bug introduced in 4.0.14 on merge FC fixes).
Fixed by Nicolas François <[email protected]>,
- useradd: always remove group and gshadow databases lock, Fixed by Nicolas
François <[email protected]>
(http://bugs.debian.org/348250)
- auditing fixes:
- corrected prototypes in lib/prototypes.h (thre is no audit_help_log();
added audit_logger() prototype),
- useradd: fixed excess audit_logger() argument,
- chage: added missing \n on display password status if password must be
changed,
- useradd: fixed allow non-unique UID (http://bugs.debian.org/351281),
- various code cleanups for make possible compilation of shadow with -Wall
-Werror (by Alexander Gattin <[email protected]>),
- su: move exit() outside libmisc/shell.c::shell() for handle shell() errors
on higher level (now is better visable where some programs exit with 126
and 127 exit codes); added new shell() parameter (char *const envp[])
which allow fix preserving environment in su on using -p, (patch by
Alexander Gattin <[email protected]>),
- su: added handle -c,--command option for GNU su compliance (merge
437_su_-c_option Debian patch),
- login: added translate login prompt string (suggested by Evgeniy
Dushistov),
- updated translations: ca, cs, da, el, es, eu, gl, fi, fr, it, nb, nl, pt,
pt_BR, ro, ru, sk, sv, tl, vi, zh_CN,
- new translations: gl.
*** documentation:
- ru man pages: added new nologin(8) and updated all other man pages (by
Yuri Kozlov <[email protected]>),
- chsh(1), su(1): update fi translations generated from XML files
(Tommi Vainikainen <thv [email protected]>),
- expiry(1), faillog(5), faillog(8), gpasswd(1), groupadd(8), groupdel(8),
logoutd(8), nologin(8), vipw(8): added new cs man pages, (by Miroslav Kure
- login.defs(5): default UMASK if not specified in login.defs is 022
(pointed by Peter Vrabec <[email protected]>),
- useradd(8): better document that -d will not add the user's home directory
if it does not already exist (http://bugs.debian.org/154996),
- nologin(8) man pages added (merge 478_nologin.8.xml Debian patch).
shadow-4.0.13 -> shadow-4.0.14 03-01-2006
*** general:
- fixes in handling login.defs: $MAIL_FILE is used in userdel and usermod,
$MD5_CRYPT_ENAB is used by crypt_make_salt, which is used by chpasswd,
gpasswd and newusers.
Both variables moved to PAM not dependent (447_missing_login.defs_variables
Debian patch),
- chage: fix chage display when the last change field is set to 0.
This is consistent with PAM (merge 427_chage_expiry_0 Debian patch),
- su: if an password is expired, su should propose to change this password
(fixed http://bugs.debian.org/321384),
- login: added auditing support (based on Fedora patch for login from util-linux),
- useradd: merge PUG fixes from RedHat patch,
- nologin: new program,
- vipw: added a "quiet" mode (http://bugs.debian.org/190252),
- newgrp: added auditing support (by Steve Grubb <[email protected]>),
- switch over to a new logging function (by Steve Grubb <[email protected]>),
- userdel: fix incorrect audit record in userdel
(https://bugzilla.redhat.com/bugzilla/174392),
- userdel: remove the user's group unless it is not really a user-private group
for better PUG support (based on FC patch),
- userdel: make the -f option force the removal of the user's group (even if it
is the primary group of another user)
(merge 453_userdel_-f_removes_group Debian patch),
- usermod: rewritten for use getopt_long() (Christian Perrier <[email protected]>),
- grpck: fixed segmentation fault on using -s when /etc/gshadow is empty (fix by
Tomasz Lemiech <[email protected]>),
- passwd: remove handle -f, -g and -s options.
- added handle -s/--shell, -m/-p/preserve-environment options like GNU su
(based on patches from Debian submited by
Nicolas François <[email protected]>)
- su: export $USER and $SHELL as well as $HOME (http://bugs.debian.org/11003 and
http://bugs.debian.org/11189),
- su, vipw: rewritten for use getopt_long(),
- su: log successful/failed through syslog (http://bugs.debian.org/190215),
- updated translations: ca, cs, da, eu, fi, fr, it, pl, pt, ru, sv, tl, vi,
- new translations: gl.
*** documentation:
- added es, ko vigr(8) and vipw(8), hu lastlog(8), ko vipw(8), zh_CN su(1),
zh_TW chpasswd(8) and su(1),
- added tr man pages: chage(1), chfn(1), groupadd(8), groupdel(8), groupmod(8),
login(1), passwd(1), passwd(5), shadow(5), su(1) useradd(8), userdel(8),
usermod(8),
- passwd5): added es, hu, pt_BR, zh_CN zh_TW translations,
- added full set (up to date) fr man pages
(by Nicolas François <[email protected]>),
- pwck(1): document -q option,
- WARNING: all translated man pages are now in UFT-8,
- added full set of ru man pages (by Yuri Kozlov <[email protected]>),
- login(1): better explain the respective roles of login, init and getty with regards
to the utmp file (merge 440_manpages-login.1 Debian patch),
- login(1): document how to initiate a trusted path on linux
(http://bugs.debian.org/305600),
- userdel(8): document the -f option; document the group removal behavior (merge
455_userdel.8.xml Debian patch),
- groupadd(8), useradd(8): document that useradd/groupadd refuse adding entries already in an
external database (http://bugs.debian.org/282184),
- updated it groupdel(8), passwd(1), pwconv(8), useradd(8), userdel(8), usermod(8) man pages
(merge 205_it-manpages Debian patch),
- added fi chfn(1), chsh(1), passwd(1), su(1),
- newusers(8): added it translation,
- newgrp(1): added de, es, zh_CN, zh_TW translations.
shadow-4.0.12 -> shadow-4.0.13 10-10-2005
*** general:
- chage: removed duplicated pam_start(),
- chfn, chsh: finished PAM support using pam_start() and co.,
- userdel: userdel should not remove the group which is primary for someone else
(fix by Nicolas François <[email protected]>
http://bugs.debian.org/295416),
- login: use "%c" in strftime() output (based on patch from
http://bugs.debian.org/89902 by Christian Perrier <[email protected]>),
- fixedlib/commonio.c: don't assume selinux is enabled if is_selinux_enabled()
returns -1 (merge isSelinuxEnabled FC patch by Jeremy Katz <[email protected]>),
- login, su (non-PAM case): fixed setup max address space limits (added missing break
statement in case) spotted by Lasse Collin <[email protected]>,
- auditing support added. Patch prepared by Peter Vrabec <[email protected]> basing
on work by Steve Grubb from http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159215
Now auditing support have commands: chage, gpasswd, groupadd, groupdel, groupmod,
useradd, userdel, usermod.
- chage, chfn, chsh, passwd: change to use new selinux API for
selinux_check_passwd_access() (patch from Fedora by Dan Walsh <[email protected]>),
- use #ident preprocesor directive istead RCID macro with content similar
to example described in ident(1) man page (modern compilers like latest GCC
removes not used functions by global optimization).
So "ident /usr/bin/passwd" will show again some useable informations
- su: fixed twice copy environment which causes auth problems
(bug was introduced in 4.0.12; fix by Nicolas François <[email protected]>),
- chage: differentiate the different failure causes by the exit value
This will permit to adduser Debian script to detect if chage failed because the
system doesn't have shadowed passwords (fix for http://bugs.debian.org/317012),
- merge 010_more-i18ned-messages Debian patch which adds i18n support for few
more messages (originally patch was prepared by Guillem Jover <[email protected]>),
- lastlog: added handle -b option which allow print only lastlog records older than
specified DAYS (fix by <[email protected]>),
- chpasswd, gpasswd, newusers: fixed libmisc/salt.c for use login.defs::MD5_CRYPT_ENAB
only if PAM support is disabled (fix by John Gatewood Ham <[email protected]>),
- passwd: rewritten for use getopt_long(),
- newgrp: when newgrp process sits between parent and child shells, it should
propagate STOPs from child to parent and CONTs from parent to child,
otherwise e.g. bash's "suspend" command won't work
Fixed Debian http://bugs.debian.org/314727
- updated translations: da, es, fr, pt, ro, ru.
*** documentation:
- chsh(1), groupadd(8), newusers(8), pwconv(8), useradd(8), userdel(8), usermod(8):
added missing references to /etc/login.defs and login.defs(5)
(Christian Perrier <[email protected]>),
- passwd(5): rewritten based on work by Greg Wooledge <[email protected]>
http://bugs.debian.org/328113
- login(1): added securetty(5) to SEE ALSO section
(fixed Debian bug http://bugs.debian.org/325773),
- groupadd(8), useradd(8): fix regular expression describing allowed login/group
names (pointed by Nicolas François <[email protected]>)
(correct is [a-z_][a-z0-9_-]*[$]),
- groupadd(8), useradd(8): documents in CAVEATS section the limitations shadow
places on user and group names (fix by Mike Frysinger <[email protected]>).
- chage(1), groupadd(8): document -h,--help option.