summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/HOME_MODE.xml43
-rw-r--r--debian/changelog21
-rw-r--r--debian/control3
-rw-r--r--debian/copyright6
-rw-r--r--debian/login.install1
-rw-r--r--debian/login.manpages4
-rw-r--r--debian/login.postinst9
-rw-r--r--debian/not-installed6
-rw-r--r--debian/passwd.manpages2
-rw-r--r--debian/patches/Document-the-shadowconfig-utility.patch90
-rw-r--r--debian/patches/Relax-usernames-groupnames-checking.patch124
-rw-r--r--debian/patches/cppw-add-selinux-support.patch (renamed from debian/patches/ccpw-add-selinux-support.patch)2
-rw-r--r--debian/patches/series4
-rw-r--r--debian/patches/useradd-accept-the-O-flag-for-backward-compatibility.patch52
-rwxr-xr-xdebian/rules6
15 files changed, 109 insertions, 264 deletions
diff --git a/debian/HOME_MODE.xml b/debian/HOME_MODE.xml
deleted file mode 100644
index 21aa55f..0000000
--- a/debian/HOME_MODE.xml
+++ /dev/null
@@ -1,43 +0,0 @@
-<!--
- Copyright (c) 1991 - 1993, Julianne Frances Haugh
- Copyright (c) 1991 - 1993, Chip Rosenthal
- Copyright (c) 2007 - 2009, Nicolas François
- All rights reserved.
-
- Redistribution and use in source and binary forms, with or without
- modification, are permitted provided that the following conditions
- are met:
- 1. Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
- 2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
- 3. The name of the copyright holders or contributors may not be used to
- endorse or promote products derived from this software without
- specific prior written permission.
-
- THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--->
-<varlistentry>
- <term><option>HOME_MODE</option> (number)</term>
- <listitem>
- <para>
- The mode for new home directories. If not specified,
- the <option>UMASK</option> is used to create the mode.
- </para>
- <para>
- <command>useradd</command> and <command>newusers</command> use this
- to set the mode of the home directory they create.
- </para>
- </listitem>
-</varlistentry>
diff --git a/debian/changelog b/debian/changelog
index e337434..557e843 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,24 @@
+shadow (1:4.15.2-2) unstable; urgency=medium
+
+ * useradd(8): Fix missing paragraph on username length
+ * d/rules: explicitly set --with-audit and --enable-subordinate-ids
+ * Remove faillog support.
+ Stop installing faillog binary and man pages. Stop creating
+ /var/log/faillog in login.postinst.
+ PAM has removed support for /var/log/faillog by dropping pam_tally, and
+ login itself cannot write to it either.
+ * Use upstream's restrictions on user- and group names again.
+ Upstream started supporting mixed-case names some time ago.
+ Purely numeric names (#79682) are now forbidden again, as there is no
+ way of distinguishing them from user/group IDs otherwise.
+ * Drop useradd's backwards-compatibility -O flag
+ * Remove our copy of HOME_MODE.xml, identical upstream
+ * shadowconfig.8: actually install again
+ * passwd: add Depends: login.
+ Stop-gap until passwd can takeover /etc/login.defs from login.
+
+ -- Chris Hofstaedtler <zeha@debian.org> Tue, 25 Jun 2024 19:42:24 +0200
+
shadow (1:4.15.2-1) unstable; urgency=medium
* New upstream version 4.15.2
diff --git a/debian/control b/debian/control
index e10fe36..2773d10 100644
--- a/debian/control
+++ b/debian/control
@@ -39,7 +39,8 @@ Package: passwd
Architecture: any
Multi-Arch: foreign
Depends:
- libpam-modules
+ libpam-modules,
+ login
Recommends:
sensible-utils
Description: change and administer password and group data
diff --git a/debian/copyright b/debian/copyright
index 13c9b73..f9340ed 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -137,12 +137,6 @@ Copyright: 1999-2001, Ben Collins <bcollins@debian.org>
2017-2022 Balint Reczey <balint@balintreczey.hu>
License: BSD-3-clause
-Files: debian/HOME_MODE.xml
-Copyright: 1991-1993, Chip Rosenthal
- 1991-1993, Julianne Frances Haugh
- 2007-2009, Nicolas François
-License: BSD-3-clause
-
Files: debian/patches/cppw-Add-tool.patch
Copyright: 1997, Guy Maor <maor@ece.utexas.edu>
1999, Stephen Frost <sfrost@snowman.net>
diff --git a/debian/login.install b/debian/login.install
index fd8bd12..ab03fc5 100644
--- a/debian/login.install
+++ b/debian/login.install
@@ -1,6 +1,5 @@
bin/login usr/bin
debian/login.defs etc
sbin/nologin usr/sbin
-usr/bin/faillog
usr/bin/newgrp
usr/share/locale/*/LC_MESSAGES/shadow.mo
diff --git a/debian/login.manpages b/debian/login.manpages
index 6bb716f..1183942 100644
--- a/debian/login.manpages
+++ b/debian/login.manpages
@@ -1,14 +1,10 @@
usr/share/man/*/man1/login.1
usr/share/man/*/man1/newgrp.1
usr/share/man/*/man1/sg.1
-usr/share/man/*/man5/faillog.5
usr/share/man/*/man5/login.defs.5
-usr/share/man/*/man8/faillog.8
usr/share/man/*/man8/nologin.8
usr/share/man/man1/login.1
usr/share/man/man1/newgrp.1
usr/share/man/man1/sg.1
-usr/share/man/man5/faillog.5
usr/share/man/man5/login.defs.5
-usr/share/man/man8/faillog.8
usr/share/man/man8/nologin.8
diff --git a/debian/login.postinst b/debian/login.postinst
index 2261e1b..e91a2d5 100644
--- a/debian/login.postinst
+++ b/debian/login.postinst
@@ -1,16 +1,7 @@
#!/bin/sh
-
set -e
-
if [ "$1" = "configure" ]; then
- # Install faillog during initial installs only
- if [ "$2" = "" ] && [ ! -f "$DPKG_ROOT/var/log/faillog" ] ; then
- touch "$DPKG_ROOT/var/log/faillog"
- chown 0:0 "$DPKG_ROOT/var/log/faillog"
- chmod 644 "$DPKG_ROOT/var/log/faillog"
- fi
-
# Create subuid/subgid if missing
if [ ! -e "$DPKG_ROOT/etc/subuid" ]; then
touch "$DPKG_ROOT/etc/subuid"
diff --git a/debian/not-installed b/debian/not-installed
index 9d7299a..d72a23e 100644
--- a/debian/not-installed
+++ b/debian/not-installed
@@ -1,5 +1,4 @@
bin/groups
-etc/default/useradd
etc/login.defs
etc/pam.d/chfn
etc/pam.d/chage
@@ -15,6 +14,7 @@ etc/pam.d/passwd
etc/pam.d/useradd
etc/pam.d/userdel
etc/pam.d/usermod
+usr/bin/faillog
usr/bin/sg
usr/lib/*/libsubid.la
usr/sbin/logoutd
@@ -24,13 +24,17 @@ usr/share/man/*/man1/logoutd.1
usr/share/man/*/man1/su.1
usr/share/man/*/man3/getspnam.3
usr/share/man/*/man3/shadow.3
+usr/share/man/*/man5/faillog.5
usr/share/man/*/man5/suauth.5
+usr/share/man/*/man8/faillog.8
usr/share/man/*/man8/logoutd.8
usr/share/man/man1/groups.1
usr/share/man/man1/logoutd.1
usr/share/man/man1/su.1
usr/share/man/man3/getspnam.3
usr/share/man/man3/shadow.3
+usr/share/man/man5/faillog.5
usr/share/man/man5/suauth.5
+usr/share/man/man8/faillog.8
usr/share/man/man8/logoutd.8
diff --git a/debian/passwd.manpages b/debian/passwd.manpages
index fee633b..5e07649 100644
--- a/debian/passwd.manpages
+++ b/debian/passwd.manpages
@@ -24,6 +24,7 @@ usr/share/man/*/man8/newusers.8
usr/share/man/*/man8/pwck.8
usr/share/man/*/man8/pwconv.8
usr/share/man/*/man8/pwunconv.8
+usr/share/man/*/man8/shadowconfig.8
usr/share/man/*/man8/useradd.8
usr/share/man/*/man8/userdel.8
usr/share/man/*/man8/usermod.8
@@ -53,6 +54,7 @@ usr/share/man/man8/newusers.8
usr/share/man/man8/pwck.8
usr/share/man/man8/pwconv.8
usr/share/man/man8/pwunconv.8
+usr/share/man/man8/shadowconfig.8
usr/share/man/man8/useradd.8
usr/share/man/man8/userdel.8
usr/share/man/man8/usermod.8
diff --git a/debian/patches/Document-the-shadowconfig-utility.patch b/debian/patches/Document-the-shadowconfig-utility.patch
index a00afb2..5aee1d0 100644
--- a/debian/patches/Document-the-shadowconfig-utility.patch
+++ b/debian/patches/Document-the-shadowconfig-utility.patch
@@ -7,23 +7,59 @@ Its man page also (but it used to be distributed)
Gbp-Topic: debian
---
- man/fr/shadowconfig.8 | 26 +++++++++++++++++++++++++
- man/ja/shadowconfig.8 | 25 ++++++++++++++++++++++++
- man/pl/shadowconfig.8 | 27 ++++++++++++++++++++++++++
- man/shadowconfig.8 | 41 +++++++++++++++++++++++++++++++++++++++
- man/shadowconfig.8.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++
- 5 files changed, 171 insertions(+)
- create mode 100644 man/fr/shadowconfig.8
- create mode 100644 man/ja/shadowconfig.8
- create mode 100644 man/pl/shadowconfig.8
+ man/Makefile.am | 2 ++
+ man/fr/Makefile.am | 1 +
+ man/fr/man8/shadowconfig.8 | 26 +++++++++++++++++++++++
+ man/ja/Makefile.am | 1 +
+ man/ja/man8/shadowconfig.8 | 25 ++++++++++++++++++++++
+ man/pl/Makefile.am | 1 +
+ man/pl/man8/shadowconfig.8 | 27 ++++++++++++++++++++++++
+ man/shadowconfig.8 | 41 ++++++++++++++++++++++++++++++++++++
+ man/shadowconfig.8.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++++
+ 9 files changed, 176 insertions(+)
+ create mode 100644 man/fr/man8/shadowconfig.8
+ create mode 100644 man/ja/man8/shadowconfig.8
+ create mode 100644 man/pl/man8/shadowconfig.8
create mode 100644 man/shadowconfig.8
create mode 100644 man/shadowconfig.8.xml
-diff --git a/man/fr/shadowconfig.8 b/man/fr/shadowconfig.8
+diff --git a/man/Makefile.am b/man/Makefile.am
+index 83b1d68..dab98f4 100644
+--- a/man/Makefile.am
++++ b/man/Makefile.am
+@@ -37,6 +37,7 @@ man_MANS = \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
++ man8/shadowconfig.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+@@ -108,6 +109,7 @@ man_XMANS = \
+ porttime.5.xml \
+ pwck.8.xml \
+ pwconv.8.xml \
++ shadowconfig.8.xml \
+ shadow.3.xml \
+ shadow.5.xml \
+ sg.1.xml \
+diff --git a/man/fr/Makefile.am b/man/fr/Makefile.am
+index 335e029..78aee9a 100644
+--- a/man/fr/Makefile.am
++++ b/man/fr/Makefile.am
+@@ -32,6 +32,7 @@ man_MANS = \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
++ man8/shadowconfig.8 \
+ man1/sg.1 \
+ man3/shadow.3 \
+ man5/shadow.5 \
+diff --git a/man/fr/man8/shadowconfig.8 b/man/fr/man8/shadowconfig.8
new file mode 100644
index 0000000..784da70
--- /dev/null
-+++ b/man/fr/shadowconfig.8
++++ b/man/fr/man8/shadowconfig.8
@@ -0,0 +1,26 @@
+.\" This file was generated with po4a. Translate the source file.
+.\"
@@ -51,11 +87,23 @@ index 0000000..784da70
+.SH TRADUCTION
+Nicolas FRANÇOIS, 2004.
+Veuillez signaler toute erreur à <\fIdebian\-l10\-french@lists.debian.org\fR>.
-diff --git a/man/ja/shadowconfig.8 b/man/ja/shadowconfig.8
+diff --git a/man/ja/Makefile.am b/man/ja/Makefile.am
+index 13f18da..c72097f 100644
+--- a/man/ja/Makefile.am
++++ b/man/ja/Makefile.am
+@@ -27,6 +27,7 @@ man_MANS = \
+ man8/pwck.8 \
+ man8/pwconv.8 \
+ man8/pwunconv.8 \
++ man8/shadowconfig.8 \
+ man1/sg.1 \
+ man5/shadow.5 \
+ man1/su.1 \
+diff --git a/man/ja/man8/shadowconfig.8 b/man/ja/man8/shadowconfig.8
new file mode 100644
index 0000000..a75c6f7
--- /dev/null
-+++ b/man/ja/shadowconfig.8
++++ b/man/ja/man8/shadowconfig.8
@@ -0,0 +1,25 @@
+.\" all right reserved,
+.\" Translated Tue Oct 30 11:59:11 JST 2001
@@ -82,11 +130,23 @@ index 0000000..a75c6f7
+
+.I /usr/share/doc/passwd/README.debian.gz
+には shadow パスワードとそれに関する特徴の簡単な紹介が書かれている。
-diff --git a/man/pl/shadowconfig.8 b/man/pl/shadowconfig.8
+diff --git a/man/pl/Makefile.am b/man/pl/Makefile.am
+index b2f096f..aa79af2 100644
+--- a/man/pl/Makefile.am
++++ b/man/pl/Makefile.am
+@@ -18,6 +18,7 @@ man_MANS = \
+ man8/logoutd.8 \
+ man1/newgrp.1 \
+ man1/sg.1 \
++ man8/shadowconfig.8 \
+ man3/shadow.3 \
+ man8/userdel.8 \
+ man8/usermod.8 \
+diff --git a/man/pl/man8/shadowconfig.8 b/man/pl/man8/shadowconfig.8
new file mode 100644
index 0000000..2016c9f
--- /dev/null
-+++ b/man/pl/shadowconfig.8
++++ b/man/pl/man8/shadowconfig.8
@@ -0,0 +1,27 @@
+.\" $Id: shadowconfig.8,v 1.3 2001/08/23 23:10:51 kloczek Exp $
+.\" {PTM/WK/1999-09-14}
diff --git a/debian/patches/Relax-usernames-groupnames-checking.patch b/debian/patches/Relax-usernames-groupnames-checking.patch
deleted file mode 100644
index bb3c027..0000000
--- a/debian/patches/Relax-usernames-groupnames-checking.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-From: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
-Date: Sat, 22 Jun 2024 17:39:41 +0200
-Subject: Relax usernames/groupnames checking
-
-Allows any non-empty user/grounames that don't contain ':', ',' or '\n'
-characters and don't start with '-', '+', or '~'. This patch is more
-restrictive than original Karl's version. closes: #264879
-Also closes: #377844
-
-Comments from Karl Ramm (shadow 1:4.0.3-9, 20 Aug 2003 02:06:50 -0400):
-
-I can't come up with a good justification as to why characters other
-than ':'s and '\0's should be disallowed in group and usernames (other
-than '-' as the leading character). Thus, the maintenance tools don't
-anymore. closes: #79682, #166798, #171179
-
-Status wrt upstream: Debian specific. Not to be used upstream
-
-Gbp-Topic: debian
----
- lib/chkname.c | 47 +++++++++++++++--------------------------------
- man/groupadd.8.xml | 6 ++++++
- man/useradd.8.xml | 7 ++++++-
- 3 files changed, 27 insertions(+), 33 deletions(-)
-
-diff --git a/lib/chkname.c b/lib/chkname.c
-index 995562f..d9678c6 100644
---- a/lib/chkname.c
-+++ b/lib/chkname.c
-@@ -54,44 +54,27 @@ static bool is_valid_name (const char *name)
- }
-
- /*
-- * User/group names must match BRE regex:
-- * [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\?
-- *
-- * as a non-POSIX, extension, allow "$" as the last char for
-- * sake of Samba 3.x "add machine script"
-- *
-- * Also do not allow fully numeric names or just "." or "..".
-- */
-- int numeric;
--
-- if ('\0' == *name ||
-- ('.' == *name && (('.' == name[1] && '\0' == name[2]) ||
-- '\0' == name[1])) ||
-- !((*name >= 'a' && *name <= 'z') ||
-- (*name >= 'A' && *name <= 'Z') ||
-- (*name >= '0' && *name <= '9') ||
-- *name == '_' ||
-- *name == '.')) {
-+ * POSIX indicate that usernames are composed of characters from the
-+ * portable filename character set [A-Za-z0-9._-], and that the hyphen
-+ * should not be used as the first character of a portable user name.
-+ *
-+ * Allow more relaxed user/group names in Debian -- ^[^-~+:,\s][^:,\s]*$
-+ */
-+ if ( ('\0' == *name)
-+ || ('-' == *name)
-+ || ('~' == *name)
-+ || ('+' == *name)) {
- return false;
- }
-
-- numeric = isdigit(*name);
--
-- while ('\0' != *++name) {
-- if (!((*name >= 'a' && *name <= 'z') ||
-- (*name >= 'A' && *name <= 'Z') ||
-- (*name >= '0' && *name <= '9') ||
-- *name == '_' ||
-- *name == '.' ||
-- *name == '-' ||
-- (*name == '$' && name[1] == '\0')
-- )) {
-+ do {
-+ if ((':' == *name) || (',' == *name) || isspace(*name)) {
- return false;
- }
-- numeric &= isdigit(*name);
-- }
-+ name++;
-+ } while ('\0' != *name);
-
-- return !numeric;
-+ return true;
- }
-
-
-diff --git a/man/groupadd.8.xml b/man/groupadd.8.xml
-index 61a548f..d472bd0 100644
---- a/man/groupadd.8.xml
-+++ b/man/groupadd.8.xml
-@@ -71,6 +71,12 @@
- Fully numeric groupnames and groupnames . or .. are
- also disallowed.
- </para>
-+ <para>
-+ On Debian, the only constraints are that groupnames must neither start
-+ with a dash ('-') nor plus ('+') nor tilde ('~') nor contain a
-+ colon (':'), a comma (','), or a whitespace (space:' ',
-+ end of line: '\n', tabulation: '\t', etc.).
-+ </para>
- <para>
- Groupnames may only be up to &GROUP_NAME_MAX_LENGTH; characters long.
- </para>
-diff --git a/man/useradd.8.xml b/man/useradd.8.xml
-index 17987a6..4fc95d1 100644
---- a/man/useradd.8.xml
-+++ b/man/useradd.8.xml
-@@ -733,7 +733,12 @@
- the <command>ls</command> output.
- </para>
- <para>
-- Usernames may only be up to 256 characters long.
-+ On Debian, the only constraints are that usernames must neither start
-+ with a dash ('-') nor plus ('+') nor tilde ('~') nor contain a
-+ colon (':'), a comma (','), or a whitespace (space: ' ',
-+ end of line: '\n', tabulation: '\t', etc.). Note that using a slash
-+ ('/') may break the default algorithm for the definition of the
-+ user's home directory.
- </para>
- </refsect1>
-
diff --git a/debian/patches/ccpw-add-selinux-support.patch b/debian/patches/cppw-add-selinux-support.patch
index d64210f..0e0566d 100644
--- a/debian/patches/ccpw-add-selinux-support.patch
+++ b/debian/patches/cppw-add-selinux-support.patch
@@ -1,6 +1,6 @@
From: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
Date: Sat, 22 Jun 2024 17:39:41 +0200
-Subject: ccpw: add selinux support
+Subject: cppw: add selinux support
Status wrt upstream: cppw is not available upstream.
Needs to be reviewed by an SE-Linux aware person.
diff --git a/debian/patches/series b/debian/patches/series
index d4bee87..e11ce1a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,9 +1,7 @@
cppw-Add-tool.patch
-ccpw-add-selinux-support.patch
+cppw-add-selinux-support.patch
Let-pam_unix-handle-login-failure-delays.patch
Set-group-and-mode-for-g-shadow-files.patch
Keep-using-Debian-adduser-defaults.patch
Document-the-shadowconfig-utility.patch
Recommend-using-adduser-and-deluser.patch
-Relax-usernames-groupnames-checking.patch
-useradd-accept-the-O-flag-for-backward-compatibility.patch
diff --git a/debian/patches/useradd-accept-the-O-flag-for-backward-compatibility.patch b/debian/patches/useradd-accept-the-O-flag-for-backward-compatibility.patch
deleted file mode 100644
index 74b41c8..0000000
--- a/debian/patches/useradd-accept-the-O-flag-for-backward-compatibility.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
-Date: Sat, 22 Jun 2024 17:39:41 +0200
-Subject: useradd: accept the -O flag for backward compatibility
-
-Note: useradd.8 needs to be regenerated.
-
-Status wrt upstream: not included as this is just specific
- backward compatibility for Debian
-
-Gbp-Topic: debian
----
- man/useradd.8.xml | 5 +++++
- src/useradd.c | 3 ++-
- 2 files changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/man/useradd.8.xml b/man/useradd.8.xml
-index 4fc95d1..c513e56 100644
---- a/man/useradd.8.xml
-+++ b/man/useradd.8.xml
-@@ -333,6 +333,11 @@
- =<replaceable>100</replaceable>&nbsp;<option>-K</option>&nbsp;
- <replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
- </para>
-+ <para>
-+ For the compatibility with previous Debian's
-+ <command>useradd</command>, the <option>-O</option> option is
-+ also supported.
-+ </para>
- <!--para>
- Note: <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>10</replaceable>,<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
- doesn't work yet.
-diff --git a/src/useradd.c b/src/useradd.c
-index ac43edd..1cf3349 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -1215,7 +1215,7 @@ static void process_flags (int argc, char **argv)
- {NULL, 0, NULL, '\0'}
- };
- while ((c = getopt_long (argc, argv,
-- "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U"
-+ "b:c:d:De:f:g:G:hk:O:K:lmMNop:rR:P:s:u:U"
- #ifdef WITH_SELINUX
- "Z:"
- #endif /* WITH_SELINUX */
-@@ -1355,6 +1355,7 @@ static void process_flags (int argc, char **argv)
- kflg = true;
- break;
- case 'K':
-+ case 'O': /* compatibility with previous Debian useradd */
- /*
- * override login.defs defaults (-K name=value)
- * example: -K UID_MIN=100 -K UID_MAX=499
diff --git a/debian/rules b/debian/rules
index ad27cdf..7d20ba6 100755
--- a/debian/rules
+++ b/debian/rules
@@ -13,6 +13,7 @@ DEB_CONFIGURE_EXTRA_FLAGS := \
--with-libpam \
--with-yescrypt \
--enable-shadowgrp \
+ --enable-subordinate-ids \
--enable-lastlog=no \
--enable-man \
--disable-account-tools-setuid \
@@ -25,6 +26,7 @@ DEB_CONFIGURE_EXTRA_FLAGS := \
ifneq ($(DEB_HOST_ARCH_OS),linux)
DEB_CONFIGURE_EXTRA_FLAGS += --enable-logind
+DEB_CONFIGURE_EXTRA_FLAGS += --with-audit
endif
ifneq ($(filter nodoc,$(DEB_BUILD_PROFILES)),)
@@ -40,7 +42,6 @@ CFLAGS += -DDEFAULT_EDITOR="\"sensible-editor\""
dh $@
override_dh_auto_configure:
- cp debian/HOME_MODE.xml man/login.defs.d/HOME_MODE.xml
dh_auto_configure -- $(DEB_CONFIGURE_EXTRA_FLAGS)
override_dh_install-arch:
@@ -66,6 +67,3 @@ override_dh_installpam:
override_dh_auto_clean:
sed -i 's/# Linux only # //' debian/login.pam
dh_auto_clean
-
-override_dh_clean:
- dh_clean ./man/login.defs.d/HOME_MODE.xml