From: Anders Kaseorg Date: Sun, 10 Aug 2008 02:41:02 +0000 (-0400) Subject: Merge version 1.8. X-Git-Tag: debian/1.8-0debathena1~1 X-Git-Url: http://andersk.mit.edu/gitweb/nss_nonlocal.git/commitdiff_plain/be50308287b0b37ea48be462a4ce38c276a1a839?hp=5b2cf2c48f8c218a1816d5120b042c606bb815d1 Merge version 1.8. Signed-off-by: Anders Kaseorg --- diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..84f9bea --- /dev/null +++ b/debian/changelog @@ -0,0 +1,71 @@ +libnss-nonlocal (1.7-0debathena1) unstable; urgency=low + + * Replace the magic buflen hack with explicit iteration over the nss + chain, so that getpwent/getgrent works with nscd enabled. + * Fix some memory leaks. + * Autotoolfiscate. + * Code cleanup. + + -- Anders Kaseorg Tue, 29 Jul 2008 06:57:53 -0400 + +libnss-nonlocal (1.6-0debathena1) unstable; urgency=low + + * Use a version script to hide internal symbols. + + -- Anders Kaseorg Sat, 15 Mar 2008 06:42:02 -0400 + +libnss-nonlocal (1.5-0debathena1) unstable; urgency=low + + * Add support for NSS_NONLOCAL_IGNORE environment variable, which + causes nss_nonlocal to pretend there are no nonlocal users. This + allows us to support letting adduser add users and groups with the + same name as a nonlocal user/group. + + -- Tim Abbott Mon, 25 Feb 2008 19:12:30 -0500 + +libnss-nonlocal (1.4-0debathena1) unstable; urgency=low + + * Bug fixes and cleanups. + + -- Anders Kaseorg Fri, 15 Feb 2008 21:39:50 -0500 + +libnss-nonlocal (1.3-0debathena2) unstable; urgency=low + + * Set maintainer to debathena@mit.edu. + + -- Tim Abbott Tue, 29 Jan 2008 22:18:25 -0500 + +libnss-nonlocal (1.3-0debathena1) unstable; urgency=low + + * Have initgroups() only add nonlocal groups to nonlocal users. + * If a group called nss-local-users exists, add local users to it. + * If a group called nss-nonlocal-users exists, add nonlocal users to it. + * Create nss-local-users and nss-nonlocal-users at installation. + + -- Tim Abbott Tue, 29 Jan 2008 22:11:37 -0500 + +libnss-nonlocal (1.2) unstable; urgency=low + + * Use a magic buflen instead of thread-local variables, to avoid + strange problems on sarge. + * Don't link with pthread. + + -- Anders Kaseorg Tue, 07 Aug 2007 22:00:28 -0400 + +libnss-nonlocal (1.1) unstable; urgency=low + + * Link with pthread to be safe. + + -- Anders Kaseorg Fri, 03 Aug 2007 21:24:17 -0400 + +libnss-nonlocal (1.0-0debathena2) unstable; urgency=low + + * Section: debathena/libs. + + -- Anders Kaseorg Mon, 23 Jul 2007 14:14:46 -0400 + +libnss-nonlocal (1.0-0debathena1) unstable; urgency=low + + * Initial release. + + -- Anders Kaseorg Thu, 19 Jul 2007 21:07:50 -0400 diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..b8626c4 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +4 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..eef6f44 --- /dev/null +++ b/debian/control @@ -0,0 +1,14 @@ +Source: libnss-nonlocal +Section: debathena/libs +Priority: optional +Maintainer: Debian-Athena Project +Standards-Version: 3.7.2 +Build-Depends: cdbs (>= 0.4.23-1.1), debhelper (>= 4.2.0), libtool, automake1.9, autoconf + +Package: libnss-nonlocal +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: nsswitch proxy module to prevent local account spoofing + This nsswitch module acts as a proxy for other nsswitch modules like + hesiod, but prevents non-local users from potentially gaining local + privileges by spoofing local UIDs and GIDs. diff --git a/debian/control.in b/debian/control.in new file mode 100644 index 0000000..594eb24 --- /dev/null +++ b/debian/control.in @@ -0,0 +1,14 @@ +Source: libnss-nonlocal +Section: debathena/libs +Priority: optional +Maintainer: Debian-Athena Project +Standards-Version: 3.7.2 +Build-Depends: @cdbs@ + +Package: libnss-nonlocal +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: nsswitch proxy module to prevent local account spoofing + This nsswitch module acts as a proxy for other nsswitch modules like + hesiod, but prevents non-local users from potentially gaining local + privileges by spoofing local UIDs and GIDs. diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..f77ee11 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,21 @@ +Copyright © 2007 Anders Kaseorg and Tim Abbott + + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/debian/libnss-nonlocal.postrm b/debian/libnss-nonlocal.postrm new file mode 100644 index 0000000..72967e1 --- /dev/null +++ b/debian/libnss-nonlocal.postrm @@ -0,0 +1,48 @@ +#!/bin/sh +# postrm script for libnss-nonlocal +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `remove' +# * `purge' +# * `upgrade' +# * `failed-upgrade' +# * `abort-install' +# * `abort-install' +# * `abort-upgrade' +# * `disappear' +# +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + purge) + if getent group nss-local-users >/dev/null; then + delgroup --system nss-local-users || : + fi + if getent group nss-nonlocal-users >/dev/null; then + delgroup --system nss-nonlocal-users || : + fi + ;; + + remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) + ;; + + *) + echo "postrm called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + diff --git a/debian/libnss-nonlocal.preinst b/debian/libnss-nonlocal.preinst new file mode 100644 index 0000000..4cb5733 --- /dev/null +++ b/debian/libnss-nonlocal.preinst @@ -0,0 +1,45 @@ +#!/bin/sh +# preinst script for libnss-nonlocal +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' +# for details, see http://www.debian.org/doc/debian-policy/ or +# the debian-policy package + + +case "$1" in + install|upgrade) + if ! getent group nss-local-users >/dev/null; then + addgroup --system nss-local-users + fi + if ! getent group nss-nonlocal-users >/dev/null; then + addgroup --system nss-nonlocal-users + fi + ;; + + abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 1 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + + + diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..c90fcf2 --- /dev/null +++ b/debian/rules @@ -0,0 +1,22 @@ +#!/usr/bin/make -f + +DEB_AUTO_UPDATE_AUTOCONF = 2.50 +DEB_AUTO_UPDATE_AUTOHEADER = 2.50 +DEB_AUTO_UPDATE_AUTOMAKE = 1.9 +DEB_AUTO_UPDATE_ACLOCAL = 1.9 +DEB_AUTO_UPDATE_LIBTOOL = pre + +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/class/autotools.mk + +DEB_CONFIGURE_PREFIX = / + +debian/stamp-autotools-files: DEB_AUTO_UPDATE_AUTOMAKE += --foreign --add-missing + +debian/stamp-autotools-files: aclocal.m4 +aclocal.m4: + touch $@ + +clean:: + rm -f aclocal.m4 config.guess config.sub install-sh ltmain.sh \ + configure config.h.in missing depcomp Makefile.in