[nss-pam-ldapd/f15] - backport most of the packaging fixes from raw hide - backport part of r1476 to fix gidNumber parsi
Nalin Dahyabhai
nalin at fedoraproject.org
Wed Jul 27 19:37:12 UTC 2011
commit c57b82aab10a4d4eba196c39328e4cd5ceb31160
Author: Nalin Dahyabhai <nalin at dahyabhai.net>
Date: Wed Jul 27 15:34:46 2011 -0400
- backport most of the packaging fixes from raw hide
- backport part of r1476 to fix gidNumber parsing
nss-pam-ldapd-0.7.x-buffers.patch | 29 +++++++++++++++++++++++++++++
nss-pam-ldapd.spec | 22 +++++++++++++++++-----
2 files changed, 46 insertions(+), 5 deletions(-)
---
diff --git a/nss-pam-ldapd-0.7.x-buffers.patch b/nss-pam-ldapd-0.7.x-buffers.patch
new file mode 100644
index 0000000..d838e86
--- /dev/null
+++ b/nss-pam-ldapd-0.7.x-buffers.patch
@@ -0,0 +1,29 @@
+Parts of r1476 -- leave enough room for GID values above a billion and
+unusually large pwdLastSet values.
+
+diff --git a/nslcd/passwd.c b/nslcd/passwd.c
+index 15124fe..a649322 100644
+--- a/nslcd/passwd.c
++++ b/nslcd/passwd.c
+@@ -390,7 +390,7 @@ static int write_passwd(TFILE *fp,MYLDAP_ENTRY *entry,const char *requser,
+ const char *passwd;
+ uid_t uids[MAXUIDS_PER_ENTRY];
+ int numuids;
+- char gidbuf[10];
++ char gidbuf[32];
+ gid_t gid;
+ char gecos[100];
+ char homedir[100];
+diff --git a/nslcd/shadow.c b/nslcd/shadow.c
+index 6de372b..5d6dae7 100644
+--- a/nslcd/shadow.c
++++ b/nslcd/shadow.c
+@@ -112,7 +112,7 @@ void shadow_init(void)
+
+ static long to_date(const char *date,const char *attr)
+ {
+- char buffer[8];
++ char buffer[32];
+ long value;
+ char *tmp;
+ size_t l;
diff --git a/nss-pam-ldapd.spec b/nss-pam-ldapd.spec
index 396133f..20307ea 100644
--- a/nss-pam-ldapd.spec
+++ b/nss-pam-ldapd.spec
@@ -1,6 +1,6 @@
Name: nss-pam-ldapd
Version: 0.7.13
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: An nsswitch module which uses directory servers
Group: System Environment/Base
License: LGPLv2+
@@ -9,15 +9,16 @@ Source0: http://arthurdejong.org/nss-pam-ldapd/nss-pam-ldapd-%{version}.tar.gz
Source1: http://arthurdejong.org/nss-pam-ldapd/nss-pam-ldapd-%{version}.tar.gz.sig
Source2: nslcd.init
Source3: nslcd.tmpfiles
+Patch0: nss-pam-ldapd-0.7.x-buffers.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openldap-devel, krb5-devel
Obsoletes: nss-ldapd < 0.7
Provides: nss-ldapd = %{version}-%{release}
-# Pull in the pam_ldap module, which is currently bundled with nss_ldap, to
+# Pull in the pam_ldap module, which is its own package in F14 and later, to
# keep upgrades from removing the module. We currently disable nss-pam-ldapd's
# own pam_ldap.so until it's more mature.
-Requires: /%{_lib}/security/pam_ldap.so
+Requires: pam_ldap%{?_isa}
# Pull in nscd, which is recommended.
Requires: nscd
Requires(post): /sbin/ldconfig, chkconfig, grep, sed
@@ -31,6 +32,7 @@ nsswitch module.
%prep
%setup -q
+%patch0 -p1 -b .buffers
%build
%configure --libdir=/%{_lib} --disable-pam
@@ -71,7 +73,7 @@ rm -rf $RPM_BUILD_ROOT
%{_sbindir}/*
/%{_lib}/*.so.*
%{_mandir}/*/*
-%attr(0600,root,root) %config(noreplace) /etc/nslcd.conf
+%attr(0600,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/nslcd.conf
%attr(0644,root,root) %config(noreplace) /etc/tmpfiles.d/%{name}.conf
%attr(0755,root,root) %{_initddir}/nslcd
%attr(0755,nslcd,root) /var/run/nslcd
@@ -106,7 +108,7 @@ else
source=/etc/ldap.conf
fi
target=/etc/nslcd.conf
-if ! grep -q -F "# $comment" $target 2> /dev/null ; then
+if test "$1" -eq "1" && ! grep -q -F "# $comment" $target 2> /dev/null ; then
# Try to make sure we only do this the first time.
echo "# $comment" >> $target
if egrep -q '^uri[[:blank:]]' $source 2> /dev/null ; then
@@ -175,6 +177,16 @@ fi
exit 0
%changelog
+* Wed Jul 21 2011 Nalin Dahyabhai <nalin at redhat.com> 0.7.13-4
+- switch to only munging the contents of /etc/nslcd.conf on the very first
+ install (#706454)
+- make sure that we have enough space to parse any valid GID value when
+ parsing a user's primary GID (#716822)
+- change the file path Requires: we have for pam_ldap into a package name
+ Requires: (#601931)
+- tag nslcd.conf with %%verify(not md5 size mtime), since we always tweak
+ it in %%post (#692225)
+
* Tue Mar 1 2011 Nalin Dahyabhai <nalin at redhat.com> 0.7.13-3
- add a tmpfiles configuration to ensure that /var/run/nslcd is created when
/var/run is completely empty at boot (#656643)
More information about the scm-commits
mailing list