Synopsis

shadow-utils bug fix update

Type/Severity

Bug Fix Advisory

Topic

An updated shadow-utils package that fixes various bugs is now available for Red
Hat Enterprise Linux 5.

Description

The shadow-utils package includes programs for converting UNIX password files to
the shadow password format, as well as tools for managing user and group
accounts.

This update fixes the following bugs:

• Prior to this update, the faillog utility executed command line options
  immediately after they were passed instead of parsing all options first. This
  update modifies the utility so that all command line options are parsed before
  executing the commands. (BZ#619150)
  
• Prior to this update, the faillog utility created huge /var/log/faillog files
  after setting the maximum number of login failures. This update fixes that
  behavior. (BZ#670364)
  
• Prior to this update, an attempt to copy the files of the /etc/skel/ directory
  with support for access control lists (ACLs) to a file system with disabled ACLs
  failed with the error: "copydir(): preserving permissions for
  /home/[username]/.kde: Operation not supported". This update modifies the ACLs
  so that the content of the /etc/skel/ directory is now successfully copied.
  (BZ#673091)
  
• Prior to this update, large user identifiers (UID) and group identifiers (GID)
  on 32-bit systems were not correctly handled. As a consequence, the pwconv and
  pwunconv utilities changed all identifiers greater than 2147483647 to this
  value. With this update, the underlying source code has been modified to ensure
  that the pwconv and pwunconv utilities no longer change the GIDs and UIDs.
  (BZ#681020)
  
• Prior to this update, the useradd(8) manual page contained incorrect
  information about the minimum numeric value for UIDs. This update lists now the
  correct minimum UID number of 500. (BZ#688892)
  
• Prior to this update, the useradd utility did not delete its lock files after
  an unsuccessful execution. This update modifies the utility so that lock files
  are now correctly deleted. (BZ#709605)
  
• Prior to this update, the groupadd manual page description of "-r" was only
  valid for the default value of GID_MIN. This update contains accurate
  information regardless of whether GID_MIN is left at the default value of 500.
  (BZ#715214)
  

All users of shadow-utils are advised to upgrade to this updated package, which
fixes these bugs.

Solution

Before applying this update, make sure all previously-released errata relevant
to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux Desktop 5 x86_64
• Red Hat Enterprise Linux Desktop 5 i386
• Red Hat Enterprise Linux for IBM z Systems 5 s390x
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 619150 - faillog executes during argument parsing
• BZ - 670364 - faillog command creates a huge file (/var/log/faillog)
• BZ - 673091 - No file in /etc/skel is copied by useradd
• BZ - 681020 - pwconv and pwunconv alter uids over 2147483647
• BZ - 688892 - Wrong statement regarding UID allocation in useradd(8)

CVEs

(none)

References

(none)

Red Hat Enterprise Linux Server 5

SRPM
shadow-utils-4.0.17-20.el5.src.rpm	SHA-256: 4c0a9e06d9b46382aee1eb84eee667b4be652681af0b77c6eb09b4c4a002b10d
x86_64
shadow-utils-4.0.17-20.el5.x86_64.rpm	SHA-256: 013996586ef290ca6fea18abd0e9b0c2ce686d35d9ba479b7647105964253fae
ia64
shadow-utils-4.0.17-20.el5.ia64.rpm	SHA-256: 5957ed986f8d7ff6e2235bf949a9cb88bc29747e59473c1f62376c484017fcba
i386
shadow-utils-4.0.17-20.el5.i386.rpm	SHA-256: 2239c00bd9d6df8661d1394e6c3ab77c658f8931a0aa416c5e8c3261788eb0d8

Red Hat Enterprise Linux Workstation 5

SRPM
shadow-utils-4.0.17-20.el5.src.rpm	SHA-256: 4c0a9e06d9b46382aee1eb84eee667b4be652681af0b77c6eb09b4c4a002b10d
x86_64
shadow-utils-4.0.17-20.el5.x86_64.rpm	SHA-256: 013996586ef290ca6fea18abd0e9b0c2ce686d35d9ba479b7647105964253fae
i386
shadow-utils-4.0.17-20.el5.i386.rpm	SHA-256: 2239c00bd9d6df8661d1394e6c3ab77c658f8931a0aa416c5e8c3261788eb0d8

Red Hat Enterprise Linux Desktop 5

SRPM
shadow-utils-4.0.17-20.el5.src.rpm	SHA-256: 4c0a9e06d9b46382aee1eb84eee667b4be652681af0b77c6eb09b4c4a002b10d
x86_64
shadow-utils-4.0.17-20.el5.x86_64.rpm	SHA-256: 013996586ef290ca6fea18abd0e9b0c2ce686d35d9ba479b7647105964253fae
i386
shadow-utils-4.0.17-20.el5.i386.rpm	SHA-256: 2239c00bd9d6df8661d1394e6c3ab77c658f8931a0aa416c5e8c3261788eb0d8

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
shadow-utils-4.0.17-20.el5.src.rpm	SHA-256: 4c0a9e06d9b46382aee1eb84eee667b4be652681af0b77c6eb09b4c4a002b10d
s390x
shadow-utils-4.0.17-20.el5.s390x.rpm	SHA-256: 2fc30819c8c2793342b9265f854c82d420c300f8958ed5cb1240216d4072cb6f

Red Hat Enterprise Linux for Power, big endian 5

SRPM
shadow-utils-4.0.17-20.el5.src.rpm	SHA-256: 4c0a9e06d9b46382aee1eb84eee667b4be652681af0b77c6eb09b4c4a002b10d
ppc
shadow-utils-4.0.17-20.el5.ppc.rpm	SHA-256: cb8e1a74ba9ab3771095d0fdaa4be65b425fa60cd620bd2819c9897df8bc13e0

Red Hat Enterprise Linux Server from RHUI 5

SRPM
shadow-utils-4.0.17-20.el5.src.rpm	SHA-256: 4c0a9e06d9b46382aee1eb84eee667b4be652681af0b77c6eb09b4c4a002b10d
x86_64
shadow-utils-4.0.17-20.el5.x86_64.rpm	SHA-256: 013996586ef290ca6fea18abd0e9b0c2ce686d35d9ba479b7647105964253fae
i386
shadow-utils-4.0.17-20.el5.i386.rpm	SHA-256: 2239c00bd9d6df8661d1394e6c3ab77c658f8931a0aa416c5e8c3261788eb0d8