[nss-pam-ldapd/f15] - backport most of the packaging fixes from raw hide - backport part of r1476 to fix gidNumber parsi

Nalin Dahyabhai nalin at fedoraproject.org
Wed Jul 27 19:37:12 UTC 2011 

commit c57b82aab10a4d4eba196c39328e4cd5ceb31160
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date:   Wed Jul 27 15:34:46 2011 -0400

    - backport most of the packaging fixes from raw hide
    - backport part of r1476 to fix gidNumber parsing

 nss-pam-ldapd-0.7.x-buffers.patch |   29 +++++++++++++++++++++++++++++
 nss-pam-ldapd.spec                |   22 +++++++++++++++++-----
 2 files changed, 46 insertions(+), 5 deletions(-)
---
diff --git a/nss-pam-ldapd-0.7.x-buffers.patch b/nss-pam-ldapd-0.7.x-buffers.patch
new file mode 100644
index 0000000..d838e86
--- /dev/null
+++ b/nss-pam-ldapd-0.7.x-buffers.patch
@@ -0,0 +1,29 @@
+Parts of r1476 -- leave enough room for GID values above a billion and
+unusually large pwdLastSet values.
+
+diff --git a/nslcd/passwd.c b/nslcd/passwd.c
+index 15124fe..a649322 100644
+--- a/nslcd/passwd.c
++++ b/nslcd/passwd.c
+@@ -390,7 +390,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
+   const char *passwd;
+   uid_t uids[MAXUIDS_PER_ENTRY];
+   int numuids;
+-  char gidbuf[10];
++  char gidbuf[32];
+   gid_t gid;
+   char gecos[100];
+   char homedir[100];
+diff --git a/nslcd/shadow.c b/nslcd/shadow.c
+index 6de372b..5d6dae7 100644
+--- a/nslcd/shadow.c
++++ b/nslcd/shadow.c
+@@ -112,7 +112,7 @@ void shadow_init(void)
+ 
+ static long to_date(const char *date,const char *attr)
+ {
+-  char buffer[8];
++  char buffer[32];
+   long value;
+   char *tmp;
+   size_t l;
diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec
index 396133f..20307ea 100644
--- a/nss-pam-ldapd.spec
+++ b/nss-pam-ldapd.spec
@@ -1,6 +1,6 @@
 Name:		nss-pam-ldapd
 Version:	0.7.13
-Release:	3%{?dist}
+Release:	4%{?dist}
 Summary:	An nsswitch module which uses directory servers
 Group:		System Environment/Base
 License:	LGPLv2+
@@ -9,15 +9,16 @@ Source0:	http://arthurdejong.org/nss-pam-ldapd/nss-pam-ldapd-%{version}.tar.gz
 Source1:	http://arthurdejong.org/nss-pam-ldapd/nss-pam-ldapd-%{version}.tar.gz.sig
 Source2:	nslcd.init
 Source3:	nslcd.tmpfiles
+Patch0:		nss-pam-ldapd-0.7.x-buffers.patch
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:	openldap-devel, krb5-devel
 Obsoletes:	nss-ldapd < 0.7
 Provides:	nss-ldapd = %{version}-%{release}
 
-# Pull in the pam_ldap module, which is currently bundled with nss_ldap, to
+# Pull in the pam_ldap module, which is its own package in F14 and later, to
 # keep upgrades from removing the module.  We currently disable nss-pam-ldapd's
 # own pam_ldap.so until it's more mature.
-Requires:	/%{_lib}/security/pam_ldap.so
+Requires:	pam_ldap%{?_isa}
 # Pull in nscd, which is recommended.
 Requires:	nscd
 Requires(post):		/sbin/ldconfig, chkconfig, grep, sed
@@ -31,6 +32,7 @@ nsswitch module.
 
 %prep
 %setup -q
+%patch0 -p1 -b .buffers
 
 %build
 %configure --libdir=/%{_lib} --disable-pam
@@ -71,7 +73,7 @@ rm -rf $RPM_BUILD_ROOT
 %{_sbindir}/*
 /%{_lib}/*.so.*
 %{_mandir}/*/*
-%attr(0600,root,root) %config(noreplace) /etc/nslcd.conf
+%attr(0600,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/nslcd.conf
 %attr(0644,root,root) %config(noreplace) /etc/tmpfiles.d/%{name}.conf
 %attr(0755,root,root) %{_initddir}/nslcd
 %attr(0755,nslcd,root) /var/run/nslcd
@@ -106,7 +108,7 @@ else
 	source=/etc/ldap.conf
 fi
 target=/etc/nslcd.conf
-if ! grep -q -F "# $comment" $target 2> /dev/null ; then
+if test "$1" -eq "1" && ! grep -q -F "# $comment" $target 2> /dev/null ; then
 	# Try to make sure we only do this the first time.
 	echo "# $comment" >> $target
 	if egrep -q '^uri[[:blank:]]' $source 2> /dev/null ; then
@@ -175,6 +177,16 @@ fi
 exit 0
 
 %changelog
+* Wed Jul 21 2011 Nalin Dahyabhai <nalin at redhat.com> 0.7.13-4
+- switch to only munging the contents of /etc/nslcd.conf on the very first
+  install (#706454)
+- make sure that we have enough space to parse any valid GID value when
+  parsing a user's primary GID (#716822)
+- change the file path Requires: we have for pam_ldap into a package name
+  Requires: (#601931)
+- tag nslcd.conf with %%verify(not md5 size mtime), since we always tweak
+  it in %%post (#692225)
+
 * Tue Mar  1 2011 Nalin Dahyabhai <nalin at redhat.com> 0.7.13-3
 - add a tmpfiles configuration to ensure that /var/run/nslcd is created when
   /var/run is completely empty at boot (#656643)

More information about the scm-commits mailing list