Opened 10 months ago

Closed 9 months ago

#5456 closed enhancement (fixed)

shadow-4.15.0

Reported by: Xi Ruoyao Owned by: lfs-book
Priority: normal Milestone: 12.2
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

New minor version.

Change History (8)

comment:1 by Xi Ruoyao, 10 months ago

libshadow:

  • Use utmpx instead of utmp. This fixes a regression introduced in 4.14.0.
  • Fix build error (parameter name omitted).

Build system:

  • Link correctly with libdl.
  • Install pam configs for chpasswd(8) and newusers(8) when using ./configure --with-libpam --disable-account-tools-setuid.
  • Merge libshadow and libmisc into a single libshadow. This fixes problems in the linker, which were reported at least in Gentoo.
  • Fix build with musl libc.
  • Support out of tree builds

useradd(8):

  • Set proper SELinux labels for def_usrtemplate

comment:2 by Marty Jack, 9 months ago

Careful with /etc/pam.d. This overwrote my /etc/pam.d/login with one that didn't invoke pam_systemd, I had no systemd session, and X wouldn't start. YMMV depending on how you've configured PAM.

The BLFS instructions do have you create a new /etc/pam.d/login that looks like it would work but it's critical to do that step right away.

Last edited 9 months ago by Marty Jack (previous) (diff)

comment:3 by Bruce Dubbs, 9 months ago

Well we do have in the book:

"Warning

If reinstalling shadow for a version update, be sure to re-accomplish the Linux-PAM configuration below. The installation of shadow overwrites many of the files in /etc/pam.d/."

But for those of us that build these packages frequently, it's easy to overlook notes and cautions and warnings.

comment:4 by Marty Jack, 9 months ago

I agree the warning in the book should be adequate.

I now have a local patch that prevents shadow from touching /etc/pam.d and an emergency repopulate /etc/pam.d the way I want it script.

comment:5 by Xi Ruoyao, 9 months ago

Why do we need such a warning and such a patch? If you are building shadow with PAM you should follow BLFS, and BLFS has "pamddir=" which prevents the installation of /etc/pam.d/*.

Last edited 9 months ago by Xi Ruoyao (previous) (diff)

comment:6 by Xi Ruoyao, 9 months ago

The correct warning would be "if you are building shadow with Linux-PAM installed, you should follow <ulink url='...'>BLFS shadow page</ulink> instead of this page."

comment:7 by Xi Ruoyao, 9 months ago

Warning added at r12.1-11-geb7223e80. pamddir= has been added in BLFS at blfs:sha:r12.0-583-g68a9914f3e.

comment:8 by Bruce Dubbs, 9 months ago

Resolution: fixed
Status: newclosed

Fixed at commit dcf5543233a7.

    Update to wheel-0.43.0.
    Update to setuptools-69.2.0 (Python module).
    Update to meson-1.4.0.
    Update to expat-2.6.2 (Security fix).
    Update to iana-etc-20240305.
    Update to vim-9.1.0161.
    Update to xz-5.6.1.
    Update to shadow-4.15.0.
    Update to psmisc-23.7.
    Update to kmod-32.
    Update to elfutils-0.191.
Note: See TracTickets for help on using tickets.