rpms/shadow-utils/devel shadow-4.0.18.1-sysAccount.patch, NONE, 1.1 shadow-utils.spec, 1.97, 1.98

Fri Mar 16 10:04:24 UTC 2007

Author: pvrabec

Update of /cvs/dist/rpms/shadow-utils/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv28161

Modified Files:
	shadow-utils.spec 
Added Files:
	shadow-4.0.18.1-sysAccount.patch 
Log Message:
- assign system dynamic UID/GID from the top of available UID/GID (#190523)


shadow-4.0.18.1-sysAccount.patch:
 groupadd.c |   20 ++++++++++++++++++--
 useradd.c  |   41 ++++++++++++++++++++++++++++++++++++++---
 2 files changed, 56 insertions(+), 5 deletions(-)

--- NEW FILE shadow-4.0.18.1-sysAccount.patch ---
--- shadow-4.0.18.1/src/useradd.c.sysAccount	2007-03-12 10:49:14.000000000 +0100
+++ shadow-4.0.18.1/src/useradd.c	2007-03-12 12:15:57.000000000 +0100
@@ -854,6 +854,7 @@
 {
 	const struct passwd *pwd;
 	uid_t uid_min, uid_max;
+	char * index;
 
         if (!rflg) {
                 uid_min = getdef_unum ("UID_MIN", 500);
@@ -862,6 +863,8 @@
         else {
                 uid_min = 1;
                 uid_max = getdef_unum ("UID_MIN", 500) - 1;
+		index = alloca (sizeof (char) * uid_max +1);
+		memset (index, 0, sizeof (char) * uid_max + 1);
         }
 
 	/*
@@ -901,11 +904,24 @@
 #endif
 			exit (E_UID_IN_USE);
 		}
-		if (!uflg && pwd->pw_uid >= user_id) {
+		if (!uflg && !rflg && pwd->pw_uid >= user_id) {
 			if (pwd->pw_uid > uid_max)
 				continue;
 			user_id = pwd->pw_uid + 1;
 		}
+		/* create index of occupied system accounts UIDs */
+		if (!uflg && rflg && (pwd->pw_uid <= uid_max)) 
+			index[pwd->pw_uid] = 1;
+		
+	}
+
+	/* find free system account */
+	if(!uflg && rflg) {
+		for( user_id = uid_max; (user_id >= uid_min) && index[user_id]; user_id--);
+		if ( user_id < uid_min ) {
+			fprintf (stderr, _("%s: can't get unique UID\n"), Prog);
+			fail_exit (E_UID_IN_USE);
+		}		
 	}
 
 	/*
@@ -946,6 +962,7 @@
 {
 	const struct group *grp;
 	gid_t gid_min, gid_max;
+	char * index;
 
         if (!rflg) {
                 gid_min = getdef_unum ("GID_MIN", 500);
@@ -953,7 +970,9 @@
         } else {
                 gid_min = 1;
                 gid_max = getdef_unum ("GID_MIN", 500) - 1;
-        }
+       		index = alloca (sizeof (char) * gid_max +1);
+		memset (index, 0, sizeof (char) * gid_max + 1);
+	}
 
 	/*
 	 * Start with some GID value if the user didn't provide us with
@@ -978,12 +997,16 @@
 			user_gid = grp->gr_gid;
 			return;
 		}
-		if (grp->gr_gid >= user_gid) {
+		if (!rflg && grp->gr_gid >= user_gid) {
 			if (grp->gr_gid > gid_max)
 				continue;
 			user_gid = grp->gr_gid + 1;
 		}
+		/* create index of occupied system accounts GIDs */
+		if (rflg && (grp->gr_gid <= gid_max)) 
+			index[grp->gr_gid] = 1;
 	}
+
 #ifndef NO_GETGRENT		/* glibc does have this, so ... */
 	/* A quick test gets here: if the UID is available
 	 * as a GID, go ahead and use it */
@@ -992,6 +1015,18 @@
 		return;
 	}
 #endif
+
+	/* find free system account */
+	if(rflg) {
+		for( user_gid = gid_max; (user_gid >= gid_min) && index[user_gid]; user_gid--);
+		if ( user_gid < gid_min ) {
+			fprintf (stderr,
+				 "%s: can't get unique gid (run out of GIDs)\n",
+				 Prog);
+			fail_exit (4);
+		}
+	}
+
 	if (user_gid == gid_max + 1) {
 		for (user_gid = gid_min; user_gid < gid_max; user_gid++) {
 #ifdef NO_GETGRENT
--- shadow-4.0.18.1/src/groupadd.c.sysAccount	2007-03-12 10:49:14.000000000 +0100
+++ shadow-4.0.18.1/src/groupadd.c	2007-03-12 10:49:14.000000000 +0100
@@ -199,6 +199,7 @@
 {
 	const struct group *grp;
 	gid_t gid_min, gid_max;
+	char * index;
 
 	if (!rflg) {
 		gid_min = getdef_unum ("GID_MIN", 500);
@@ -206,7 +207,9 @@
         } else {
                 gid_min = 1;
                 gid_max = getdef_unum ("GID_MIN", 500) - 1;
-        }
+        	index = alloca (sizeof (char) * gid_max +1);
+		memset (index, 0, sizeof (char) * gid_max + 1);
+	}
 
 	/*
 	 * Start with some GID value if the user didn't provide us with
@@ -251,12 +254,25 @@
 				 Prog, (unsigned int) group_id);
 			fail_exit (E_GID_IN_USE);
 		}
-		if (!gflg && grp->gr_gid >= group_id) {
+		if (!gflg && !rflg && grp->gr_gid >= group_id) {
 			if (grp->gr_gid > gid_max)
 				continue;
 			group_id = grp->gr_gid + 1;
 		}
+		/* create index of occupied system accounts UIDs */
+		if (!gflg && rflg && (grp->gr_gid <= gid_max)) 
+			index[grp->gr_gid] = 1;
+	}
+
+	/* find free system account */
+	if(!gflg && rflg) {
+		for( group_id = gid_max; (group_id >= gid_min) && index[group_id]; group_id--);
+		if ( group_id < gid_min ) {
+			fprintf (stderr, _("%s: can't get unique GID\n"), Prog);
+			fail_exit (E_GID_IN_USE);
+		}	
 	}
+
 	if (!gflg && group_id == gid_max + 1) {
 		for (group_id = gid_min; group_id < gid_max; group_id++) {
 #ifdef NO_GETGRENT


Index: shadow-utils.spec
===================================================================
RCS file: /cvs/dist/rpms/shadow-utils/devel/shadow-utils.spec,v
retrieving revision 1.97
retrieving revision 1.98
diff -u -r1.97 -r1.98
--- shadow-utils.spec	28 Feb 2007 16:24:03 -0000	1.97
+++ shadow-utils.spec	16 Mar 2007 10:04:22 -0000	1.98
@@ -5,7 +5,7 @@
 Summary: Utilities for managing accounts and shadow password files
 Name: shadow-utils
 Version: 4.0.18.1
-Release: 10%{?dist}
+Release: 11%{?dist}
 Epoch: 2
 URL: http://shadow.pld.org.pl/
 Source0: ftp://ftp.pld.org.pl/software/shadow/shadow-%{version}.tar.bz2
@@ -25,6 +25,7 @@
 Patch10: shadow-4.0.18.1-overflow.patch
 Patch11: shadow-4.0.17-useradd.patch
 Patch12: shadow-4.0.18.1-appendOption.patch
+Patch13: shadow-4.0.18.1-sysAccount.patch
 
 License: BSD
 Group: System Environment/Base
@@ -66,6 +67,7 @@
 %patch10 -p1 -b .overflow
 %patch11 -p1 -b .useradd
 %patch12 -p1 -b .appendOption
+%patch13 -p1 -b .sysAccount
 
 rm po/*.gmo
 rm po/stamp-po
@@ -221,6 +223,9 @@
 %{_mandir}/*/man8/faillog.8*
 
 %changelog
+* Fri Mar 16 2007 Peter Vrabec <pvrabec at redhat.com> 2:4.0.18.1-11
+- assign system dynamic UID/GID from the top of available UID/GID (#190523)
+
 * Wed Feb 28 2007 Peter Vrabec <pvrabec at redhat.com> 2:4.0.18.1-10
 - spec file fixes to meet fedora standarts.
 - fix useless call of restorecon(). (#222159) 


