X-Git-Url: http://git.home-dn.net/?p=manu%2Flibnss-mysql-bg.git;a=blobdiff_plain;f=debian%2Fpatches%2F04_shadow.dpatch;fp=debian%2Fpatches%2F04_shadow.dpatch;h=0000000000000000000000000000000000000000;hp=dbfff6e4b3b1e67b98e685987eac011df8ac8975;hb=b9298394cf03aa8b47c850c7e4df9dd5499b3be6;hpb=232a60b046fdc5946aebb20ca0d2c0ff6be13c3b diff --git a/debian/patches/04_shadow.dpatch b/debian/patches/04_shadow.dpatch deleted file mode 100755 index dbfff6e..0000000 --- a/debian/patches/04_shadow.dpatch +++ /dev/null @@ -1,42 +0,0 @@ -#! /bin/sh /usr/share/dpatch/dpatch-run -## 04_shadow.dpatch by -## -## All lines beginning with `## DP:' are a description of the patch. -## DP: Add check for egid to properly works like "shadow" enabled authentications - -@DPATCH@ ---- libnss-mysql-bg-1.5/src/lookup.c 2011-09-13 09:28:30.000000000 +0200 -+++ libnss-mysql-bg-1.5/src/lookup.c 2011-09-13 09:47:16.000000000 +0200 -@@ -21,6 +21,8 @@ - #include "nss_mysql.h" - #include /* snprintf () */ - #include /* strcpy () */ -+#include -+#include - - extern conf_t conf; - -@@ -131,12 +133,22 @@ - int attempts = MAX_QUERY_ATTEMPTS; /* Attempt # (countdown) */ - static uid_t euid = -1; /* Last known euid for change detect */ - uid_t cur_euid; /* CURRENT euid */ -+ gid_t cur_egid; /* CURRENT egid */ -+ gid_t shadow_gid; /* gid for group shadow (usually 42 on Debian) */ - - DENTER - - cur_euid = geteuid (); -+ -+ /* Get shadow gid, if needed */ -+ if(cur_euid != 0) { -+ cur_egid = getegid (); -+ struct group *grp = getgrnam("shadow"); -+ shadow_gid = (grp ? grp->gr_gid : -1); -+ } -+ - D ("%s: restricted = %d, cur_euid = %u", FUNCNAME, restricted, cur_euid); -- if (restricted == ntrue && cur_euid != 0) -+ if (restricted == ntrue && cur_euid != 0 && (shadow_gid == -1 || cur_egid != shadow_gid)) - DSRETURN (NSS_NOTFOUND) - - /* Make sure euid hasn't changed, thus changing our access abilities */