diff -u shadow-4.1.1/debian/changelog shadow-4.1.1/debian/changelog --- shadow-4.1.1/debian/changelog +++ shadow-4.1.1/debian/changelog @@ -1,3 +1,15 @@ +shadow (1:4.1.1-6ubuntu4) jaunty; urgency=low + + * debian/patches/593_omit_lastchange_field_if_clock_is_misset (LP: #349504) + - If the system clock is set to Jan 01, 1970, and a new user is created + the last changed field gets set to 0, which tells login that the + password is expired and must be changed. During installation, + this can cause autologin to fail. Having the clock set to 01/01/1970 + on a fresh install is common on the ARM architecture, so this is a high + priority bug since its likely to affect most ARM users on first install + + -- Michael Casadevall Thu, 02 Apr 2009 14:05:31 -0400 + shadow (1:4.1.1-6ubuntu3) jaunty; urgency=low [ Bryan McLellan ] diff -u shadow-4.1.1/debian/patches/series shadow-4.1.1/debian/patches/series --- shadow-4.1.1/debian/patches/series +++ shadow-4.1.1/debian/patches/series @@ -40,0 +41 @@ +593_omit_lastchange_field_if_clock_is_misset only in patch2: unchanged: --- shadow-4.1.1.orig/debian/patches/538_omit_lastchange_field_if_clock_misset +++ shadow-4.1.1/debian/patches/538_omit_lastchange_field_if_clock_misset @@ -0,0 +1,34 @@ +Index: shadow-4.1.1/src/useradd.c +=================================================================== +--- shadow-4.1.1.orig/src/useradd.c 2009-04-02 13:58:14.668563865 -0400 ++++ shadow-4.1.1/src/useradd.c 2009-04-02 13:58:15.316564108 -0400 +@@ -710,6 +710,29 @@ + spent->sp_namp = (char *) user_name; + spent->sp_pwdp = (char *) user_pass; + spent->sp_lstchg = time ((time_t *) 0) / SCALE; ++ ++ /* ++ * If the system clock is set to Jan-01-1970, the lastchg field will ++ * come out as zero (which is the value used when a password is expired ++ * with passwd -e. In these cases, replace 0 with -1 to omit the field ++ * since whatever value we would come up would be wrong anyway. ++ */ ++ ++ if (spent->sp_lstchg == 0) ++ { ++ if (*user_pass != "!") { ++ /* If we're setting a password, display a warning that password aging will be disabled */ ++ fprintf (stderr, ++ _ ++ ("%s: warning: system clock set to January 01, 1970.\n" ++ "The last changed field will be omitted from /etc/shadow.\n" ++ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ), ++ Prog); ++ } ++ ++ spent->sp_lstchg = -1; ++ } ++ + if (!rflg) { + spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1)); + spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1)); only in patch2: unchanged: --- shadow-4.1.1.orig/debian/patches/593_omit_lastchange_field_if_clock_is_misset +++ shadow-4.1.1/debian/patches/593_omit_lastchange_field_if_clock_is_misset @@ -0,0 +1,34 @@ +Index: shadow-4.1.1/src/useradd.c +=================================================================== +--- shadow-4.1.1.orig/src/useradd.c 2009-04-02 13:56:14.339566819 -0400 ++++ shadow-4.1.1/src/useradd.c 2009-04-02 13:57:56.887564395 -0400 +@@ -710,6 +710,29 @@ + spent->sp_namp = (char *) user_name; + spent->sp_pwdp = (char *) user_pass; + spent->sp_lstchg = time ((time_t *) 0) / SCALE; ++ ++ /* ++ * If the system clock is set to Jan-01-1970, the lastchg field will ++ * come out as zero (which is the value used when a password is expired ++ * with passwd -e. In these cases, replace 0 with -1 to omit the field ++ * since whatever value we would come up would be wrong anyway. ++ */ ++ ++ if (spent->sp_lstchg == 0) ++ { ++ if (*user_pass != "!") { ++ /* If we're setting a password, display a warning that password aging will be disabled */ ++ fprintf (stderr, ++ _ ++ ("%s: warning: system clock set to January 01, 1970.\n" ++ "The last changed field will be omitted from /etc/shadow.\n" ++ "Password aging will be disabled on this account until a new password is set with the system clock properly set.\n" ), ++ Prog); ++ } ++ ++ spent->sp_lstchg = -1; ++ } ++ + if (!rflg) { + spent->sp_min = scale_age (getdef_num ("PASS_MIN_DAYS", -1)); + spent->sp_max = scale_age (getdef_num ("PASS_MAX_DAYS", -1));