diff --git a/backport-lib-idmapping.c--Use-long-constants-in-prctl-2.patch b/backport-lib-idmapping.c--Use-long-constants-in-prctl-2.patch new file mode 100644 index 0000000000000000000000000000000000000000..2950a89df35c249f07a4bd64d6886d7f7c76440e --- /dev/null +++ b/backport-lib-idmapping.c--Use-long-constants-in-prctl-2.patch @@ -0,0 +1,37 @@ +From 80efeebaf296dc4814e15d67977726b3ee93c048 Mon Sep 17 00:00:00 2001 +From: Alejandro Colomar +Date: Fri, 31 May 2024 18:30:16 +0200 +Subject: [PATCH] lib/idmapping.c: Use long constants in prctl(2), and remove + 0s + +The prctl(2) system-call wrapper is implemented as a variadic function. +This makes it important to pass arguments to it of the right type (and +more importantly of the right width), to avoid undefined behavior. + +While at it, check errors with ==-1, not <0, which is more explicit. + +Also, PR_SET_KEEPCAPS(2const) doesn't need all arguments, so it can be +called with just two of them; remove unnecessary 0s. + +See-also: prctl(2), PR_SET_KEEPCAPS(2const) +Link: +Cc: Xi Ruoyao +Cc: Lukas Slebodnik +Signed-off-by: Alejandro Colomar +--- + lib/idmapping.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/idmapping.c b/lib/idmapping.c +index fe3ccdfe3..5cbb6fefc 100644 +--- a/lib/idmapping.c ++++ b/lib/idmapping.c +@@ -159,7 +159,7 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings + + /* Align setuid- and fscaps-based new{g,u}idmap behavior. */ + if (geteuid() == 0 && geteuid() != ruid) { +- if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) { ++ if (prctl(PR_SET_KEEPCAPS, 1L) == -1) { + fprintf(log_get_logfd(), _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), log_get_progname()); + exit(EXIT_FAILURE); + } diff --git a/backport-man-lastlog-remove-wrong-use-of-keyword-term.patch b/backport-man-lastlog-remove-wrong-use-of-keyword-term.patch new file mode 100644 index 0000000000000000000000000000000000000000..275dd2292d26f8c7f0e532f3b0e7c17f3ba28440 --- /dev/null +++ b/backport-man-lastlog-remove-wrong-use-of-keyword-term.patch @@ -0,0 +1,30 @@ +From 9f57beb31ade241aeda412a8ada4912bab83bd40 Mon Sep 17 00:00:00 2001 +From: Serge Hallyn +Date: Wed, 5 Jun 2024 08:02:27 -0500 +Subject: [PATCH] man/lastlog: remove wrong use of keyword term + +Per https://tdg.docbook.org/tdg/4.5/term, term is a word being +defined in a varlistentry. The 'high uid' description is not a +varlistentry, so and show up in the processed +manpage. See debian Bug#1072297. + +Signed-off-by: Serge Hallyn +--- + man/lastlog.8.xml | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/man/lastlog.8.xml b/man/lastlog.8.xml +index 7a4ba967f..6700791c1 100644 +--- a/man/lastlog.8.xml ++++ b/man/lastlog.8.xml +@@ -211,8 +211,8 @@ + to hang as it processes entries with UIDs 171-799). + + +- Having high UIDs can create problems when handling the +- /var/log/lastlog with external tools. Although the ++ Having high UIDs can create problems when handling the ++ /var/log/lastlog with external tools. Although the + actual file is sparse and does not use too much space, certain + applications are not designed to identify sparse files by default and may + require a specific option to handle them. diff --git a/shadow.spec b/shadow.spec index 8659663478482ded748f47ba091ccca41984293e..bd9a0d43b65e43676290fe399605760dae1b789a 100644 --- a/shadow.spec +++ b/shadow.spec @@ -1,6 +1,6 @@ Name: shadow Version: 4.14.3 -Release: 2 +Release: 3 Epoch: 2 License: BSD and GPLv2+ Summary: Tools for managing accounts and shadow password files @@ -20,6 +20,8 @@ Patch0: usermod-unlock.patch Patch1: shadow-add-sm3-crypt-support.patch Patch2: shadow-Remove-encrypted-passwd-for-useradd-gr.patch Patch3: shadow-libsubid-Dealocate-memory-on-exit.patch +Patch4: backport-lib-idmapping.c--Use-long-constants-in-prctl-2.patch +Patch5: backport-man-lastlog-remove-wrong-use-of-keyword-term.patch BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel BuildRequires: libacl-devel, libattr-devel @@ -189,6 +191,10 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.{la,a} %{_mandir}/*/* %changelog +* Wed Oct 9 2024 zhangxingrong - 2:4.14.3-3 +- lib/idmapping.c: Use long constants in prctl(2) +- man/lastlog: remove wrong use of keyword term + * Fri Sep 6 2024 zhangzikang - 2:4.14.3-2 - libsubid: Dealocate memory on exit