please unblock libsemanage/2.0.25-3
Hi,
This release fixes a RC bug.
manoj
diff --git a/changelog b/changelog
index adcb8b4..495d96a 100644
--- a/changelog
+++ b/changelog
@@ -1,3 +1,39 @@
+libsemanage (2.0.25-3) unstable; urgency=high
+
+ * [bab6644]: Also check for the uppoer bound on user ids in login.defs
+
+ Some non-Debian packages (like qmail, shudder) create
+ users not below MIN_UID, but above MAX_UID, in /etc/login.defs
+ (non-system users are supposed to have uids between MIN_UID and
+ MAX_UID.
+
+ genhomedircon.c:gethomedirs() checks pwent.pw_uid against MIN_UID in
+ /etc/login.defs to exclude system users from generating homedir
+ contexts. But unfortunately it does not check it against MAX_UID
+ setting from the same file. This gets us lines like the following in
+ the contexts/files/file_contexts.homedirs file:
+ ,----
+ | #
+ | # Home Context for user user_u
+ | #
+ | /var/qmail/[^/]*/.+ user_u:object_r:user_home_t:s0
+ | /var/qmail/[^/]*/\.ssh(/.*)? user_u:object_r:user_home_ssh_t:s0
+ | /var/qmail/[^/]*/\.gnupg(/.+)? user_u:object_r:user_gpg_secret_t:s0
+ | /var/qmail/[^/]* -d user_u:object_r:user_home_dir_t:s0
+ | /var/qmail/lost\+found/.* <<none>>
+ | /var/qmail -d system_u:object_r:home_root_t:s0
+ | /var/qmail/\.journal <<none>>
+ | /var/qmail/lost\+found -d system_u:object_r:lost_found_t:s0
+ | /tmp/gconfd-.* -d user_u:object_r:user_tmp_t:s0
+ `----
+ This commit adds checking uid value againt MAX_UID too.
+
+ Bug fix: "login.defs:MAX_UID have no effect on generating list of
+ valid users, but MIN_UID does have.", thanks to root
+ (Closes: #510134).
+
+ -- Manoj Srivastava <srivasta@debian.org> Mon, 05 Jan 2009 16:53:48 -0600
+
--
"A man is already halfway in love with any woman who listens to him."
-Brendan Francis
Manoj Srivastava <srivasta@acm.org> <http://www.golden-gryphon.com/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: