From a1b4daed85a68bd9fdba1fe68dc3e64162afd78c Mon Sep 17 00:00:00 2001
From: Marcin Krol <hawk@tld-linux.org>
Date: Tue, 19 Aug 2025 12:47:10 +0200
Subject: [PATCH] - updated to 4.18.0, partial PLD merge

---
 pam-login-delay.patch | 90 -------------------------------------------
 shadow-tld.patch      | 28 +++++++-------
 shadow.spec           | 30 +++++----------
 3 files changed, 24 insertions(+), 124 deletions(-)
 delete mode 100644 pam-login-delay.patch

diff --git a/pam-login-delay.patch b/pam-login-delay.patch
deleted file mode 100644
index 1009e7b..0000000
--- a/pam-login-delay.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-diff -urpa shadow-4.15.1.orig/lib/getdef.c shadow-4.15.1/lib/getdef.c
---- shadow-4.15.1.orig/lib/getdef.c	2024-03-23 21:32:25.000000000 +0100
-+++ shadow-4.15.1/lib/getdef.c	2024-04-02 13:16:27.781730965 +0200
-@@ -83,7 +83,6 @@ static struct itemdef def_table[] = {
- 	{"ENV_PATH", NULL},
- 	{"ENV_SUPATH", NULL},
- 	{"ERASECHAR", NULL},
--	{"FAIL_DELAY", NULL},
- 	{"FAKE_SHELL", NULL},
- 	{"GID_MAX", NULL},
- 	{"GID_MIN", NULL},
-diff -urpa shadow-4.15.1.orig/src/login.c shadow-4.15.1/src/login.c
---- shadow-4.15.1.orig/src/login.c	2024-03-24 00:33:29.000000000 +0100
-+++ shadow-4.15.1/src/login.c	2024-04-02 13:17:10.550309495 +0200
-@@ -489,7 +489,6 @@ int main (int argc, char **argv)
- 	const char     *tmptty;
- 	const char     *cp;
- 	const char     *tmp;
--	unsigned int   delay;
- 	unsigned int   retries;
- 	unsigned int   timeout;
- 	struct passwd  *pwd = NULL;
-@@ -500,6 +499,7 @@ int main (int argc, char **argv)
- 	pid_t          child;
- #else
- 	bool is_console;
-+	unsigned int   delay;
- 	struct spwd *spwd = NULL;
- # if defined(ENABLE_LASTLOG)
- 	char           ptime[80];
-@@ -667,7 +667,6 @@ int main (int argc, char **argv)
- 	}
- 
- 	environ = newenvp;	/* make new environment active */
--	delay   = getdef_unum ("FAIL_DELAY", 1);
- 	retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
- 
- #ifdef USE_PAM
-@@ -683,8 +682,7 @@ int main (int argc, char **argv)
- 
- 	/*
- 	 * hostname & tty are either set to NULL or their correct values,
--	 * depending on how much we know. We also set PAM's fail delay to
--	 * ours.
-+	 * depending on how much we know.
- 	 *
- 	 * PAM_RHOST and PAM_TTY are used for authentication, only use
- 	 * information coming from login or from the caller (e.g. no utmp)
-@@ -693,10 +691,6 @@ int main (int argc, char **argv)
- 	PAM_FAIL_CHECK;
- 	retcode = pam_set_item (pamh, PAM_TTY, tty);
- 	PAM_FAIL_CHECK;
--#ifdef HAS_PAM_FAIL_DELAY
--	retcode = pam_fail_delay (pamh, 1000000 * delay);
--	PAM_FAIL_CHECK;
--#endif
- 	/* if fflg, then the user has already been authenticated */
- 	if (!fflg) {
- 		char          hostn[256];
-@@ -734,12 +728,6 @@ int main (int argc, char **argv)
- 			bool failed = false;
- 
- 			failcount++;
--#ifdef HAS_PAM_FAIL_DELAY
--			if (delay > 0) {
--				retcode = pam_fail_delay(pamh, 1000000*delay);
--				PAM_FAIL_CHECK;
--			}
--#endif
- 
- 			retcode = pam_authenticate (pamh, 0);
- 
-@@ -1029,14 +1017,17 @@ int main (int argc, char **argv)
- 		free (username);
- 		username = NULL;
- 
-+#ifndef USE_PAM
- 		/*
- 		 * Wait a while (a la SVR4 /usr/bin/login) before attempting
- 		 * to login the user again. If the earlier alarm occurs
- 		 * before the sleep() below completes, login will exit.
- 		 */
-+		delay = getdef_unum ("FAIL_DELAY", 1);
- 		if (delay > 0) {
- 			(void) sleep (delay);
- 		}
-+#endif
- 
- 		(void) puts (_("Login incorrect"));
- 
diff --git a/shadow-tld.patch b/shadow-tld.patch
index f75218a..c491a59 100644
--- a/shadow-tld.patch
+++ b/shadow-tld.patch
@@ -1,7 +1,7 @@
-diff -urpa shadow-4.15.1.orig/lib/find_new_gid.c shadow-4.15.1/lib/find_new_gid.c
---- shadow-4.15.1.orig/lib/find_new_gid.c	2024-03-01 02:50:52.000000000 +0100
-+++ shadow-4.15.1/lib/find_new_gid.c	2024-04-02 12:50:48.196919001 +0200
-@@ -40,8 +40,8 @@ static int get_ranges (bool sys_group, g
+diff -urN shadow-4.18.0.orig/lib/find_new_gid.c shadow-4.18.0/lib/find_new_gid.c
+--- shadow-4.18.0.orig/lib/find_new_gid.c	2025-06-24 22:28:01.000000000 +0200
++++ shadow-4.18.0/lib/find_new_gid.c	2025-08-19 12:06:15.181482012 +0200
+@@ -41,8 +41,8 @@
  		/* A requested ID is allowed to be below the autoselect range */
  		*preferred_min = (gid_t) 1;
  
@@ -12,10 +12,10 @@ diff -urpa shadow-4.15.1.orig/lib/find_new_gid.c shadow-4.15.1/lib/find_new_gid.
  
  		/*
  		 * If SYS_GID_MAX is unspecified, we should assume it to be one
-diff -urpa shadow-4.15.1.orig/lib/find_new_uid.c shadow-4.15.1/lib/find_new_uid.c
---- shadow-4.15.1.orig/lib/find_new_uid.c	2024-03-01 02:50:52.000000000 +0100
-+++ shadow-4.15.1/lib/find_new_uid.c	2024-04-02 12:51:12.513247551 +0200
-@@ -40,8 +40,8 @@ static int get_ranges (bool sys_user, ui
+diff -urN shadow-4.18.0.orig/lib/find_new_uid.c shadow-4.18.0/lib/find_new_uid.c
+--- shadow-4.18.0.orig/lib/find_new_uid.c	2025-06-24 22:28:01.000000000 +0200
++++ shadow-4.18.0/lib/find_new_uid.c	2025-08-19 12:06:15.181482012 +0200
+@@ -41,8 +41,8 @@
  		/* A requested ID is allowed to be below the autoselect range */
  		*preferred_min = (uid_t) 1;
  
@@ -26,10 +26,10 @@ diff -urpa shadow-4.15.1.orig/lib/find_new_uid.c shadow-4.15.1/lib/find_new_uid.
  
  		/*
  		 * If SYS_UID_MAX is unspecified, we should assume it to be one
-diff -urpa shadow-4.15.1.orig/src/useradd.c shadow-4.15.1/src/useradd.c
---- shadow-4.15.1.orig/src/useradd.c	2024-03-23 21:32:25.000000000 +0100
-+++ shadow-4.15.1/src/useradd.c	2024-04-02 12:43:41.243157136 +0200
-@@ -93,11 +93,11 @@ static const char Prog[] = "useradd";
+diff -urN shadow-4.18.0.orig/src/useradd.c shadow-4.18.0/src/useradd.c
+--- shadow-4.18.0.orig/src/useradd.c	2025-06-24 22:28:01.000000000 +0200
++++ shadow-4.18.0/src/useradd.c	2025-08-19 12:06:15.181482012 +0200
+@@ -103,11 +103,11 @@
  static gid_t def_group = 1000;
  static const char *def_groups = "";
  static const char *def_gname = "other";
@@ -44,8 +44,8 @@ diff -urpa shadow-4.15.1.orig/src/useradd.c shadow-4.15.1/src/useradd.c
  static const char *def_log_init = "yes";
  
  static long def_inactive = -1;
-@@ -106,7 +106,7 @@ static const char *def_expire = "";
- #define	VALID(s)	(strcspn (s, ":\n") == strlen (s))
+@@ -116,7 +116,7 @@
+ #define VALID(s)  (!strpbrk(s, ":\n"))
  
  static const char *user_name = "";
 -static const char *user_pass = "!";
diff --git a/shadow.spec b/shadow.spec
index 7005cc1..7835232 100644
--- a/shadow.spec
+++ b/shadow.spec
@@ -10,13 +10,13 @@ Summary(pl.UTF-8):	NarzÄdzia do obsÅugi mechanizmu ukrytych haseÅ
 Summary(pt_BR.UTF-8):	UtilitÃ¡rios para o arquivo de senhas Shadow
 Summary(tr.UTF-8):	GÃ¶lge parola dosyasÄ± araÃ§larÄ±
 Name:		shadow
-Version:	4.16.0
+Version:	4.18.0
 Release:	1
 Epoch:		1
 License:	BSD
 Group:		Applications/System
 Source0:	https://github.com/shadow-maint/shadow/releases/download/%{version}/%{name}-%{version}.tar.xz
-# Source0-md5:	eb70bad3316d08f0d3bb3d4bbeccb3b4
+# Source0-md5:	30ef46f54363db1d624587be68794ef2
 Source2:	%{name}-login.defs
 Source3:	%{name}.useradd
 Source10:	chage.pamd
@@ -34,20 +34,22 @@ Source21:	useradd.pamd
 Source22:	userdel.pamd
 Source23:	usermod.pamd
 Patch0:		%{name}-tld.patch
-Patch1:		pam-login-delay.patch
 URL:		https://github.com/shadow-maint/shadow
 BuildRequires:	acl-devel
 BuildRequires:	attr-devel
 BuildRequires:	audit-libs-devel
 BuildRequires:	docbook-dtd45-xml
-BuildRequires:	docbook-style-xsl-nons
-BuildRequires:	gettext-tools >= 0.12.1
+BuildRequires:	docbook-style-xsl-nons >= 1.70.1
+BuildRequires:	gettext-tools >= 0.19
 BuildRequires:	itstool
+BuildRequires:	libbsd-devel
+BuildRequires:	libeconf-devel
 %{?with_selinux:BuildRequires:	libselinux-devel}
 %{?with_selinux:BuildRequires:	libsemanage-devel}
 BuildRequires:	libxslt-progs
 BuildRequires:	linux-libc-headers >= 7:4.7
 BuildRequires:	pam-devel
+BuildRequires:	pkgconfig
 BuildRequires:	tar >= 1:1.22
 BuildRequires:	xz
 Requires:	pam >= 0.99.7.1
@@ -134,8 +136,7 @@ tworzyÄ mapowania uidÃ³w i gidÃ³w w przestrzeniach uÅ¼ytkownikÃ³w.
 
 %prep
 %setup -q
-%patch0 -p1
-%patch1 -p1
+%patch -P0 -p1
 
 %build
 # NOTE:
@@ -192,12 +193,10 @@ cp -p %{SOURCE23} $RPM_BUILD_ROOT/etc/pam.d/usermod
 
 %{__rm} $RPM_BUILD_ROOT/{etc/pam.d,%{_bindir}}/login
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/*/man1/su.1*
+%{__rm} $RPM_BUILD_ROOT%{_mandir}/*/man5/suauth.5*
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man1/login.1*
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man3/*.3*
 
-# packaged in coreutils
-%{__rm} $RPM_BUILD_ROOT%{_bindir}/groups
-%{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man1/groups.1*
 # packaged in util-linux
 %{__rm} $RPM_BUILD_ROOT%{_sbindir}/nologin
 %{__rm} $RPM_BUILD_ROOT%{_mandir}/{,*/}man*/nologin.8*
@@ -226,7 +225,7 @@ fi
 
 %files -f %{name}.lang
 %defattr(644,root,root,755)
-%doc ChangeLog NEWS doc/HOWTO
+%doc ChangeLog NEWS doc/{HOWTO,README.limits}
 %attr(640,root,root) %config %verify(not md5 mtime size) %{_sysconfdir}/default/useradd
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chage
 %attr(640,root,root) %config(noreplace) %verify(not md5 mtime size) /etc/pam.d/chfn
@@ -290,7 +289,6 @@ fi
 %{_mandir}/man5/login.defs.5*
 %{_mandir}/man5/passwd.5*
 %{_mandir}/man5/shadow.5*
-%{_mandir}/man5/suauth.5*
 %{_mandir}/man8/chgpasswd.8*
 %{_mandir}/man8/chpasswd.8*
 %{_mandir}/man8/faillog.8*
@@ -347,7 +345,6 @@ fi
 %lang(de) %{_mandir}/de/man5/login.defs.5*
 %lang(de) %{_mandir}/de/man5/passwd.5*
 %lang(de) %{_mandir}/de/man5/shadow.5*
-%lang(de) %{_mandir}/de/man5/suauth.5*
 %lang(de) %{_mandir}/de/man8/chgpasswd.8*
 %lang(de) %{_mandir}/de/man8/chpasswd.8*
 %lang(de) %{_mandir}/de/man8/faillog.8*
@@ -385,7 +382,6 @@ fi
 %lang(fr) %{_mandir}/fr/man5/login.defs.5*
 %lang(fr) %{_mandir}/fr/man5/passwd.5*
 %lang(fr) %{_mandir}/fr/man5/shadow.5*
-%lang(fr) %{_mandir}/fr/man5/suauth.5*
 %lang(fr) %{_mandir}/fr/man8/chgpasswd.8*
 %lang(fr) %{_mandir}/fr/man8/chpasswd.8*
 %lang(fr) %{_mandir}/fr/man8/faillog.8*
@@ -430,7 +426,6 @@ fi
 %lang(it) %{_mandir}/it/man5/login.defs.5*
 %lang(it) %{_mandir}/it/man5/passwd.5*
 %lang(it) %{_mandir}/it/man5/shadow.5*
-%lang(it) %{_mandir}/it/man5/suauth.5*
 %lang(it) %{_mandir}/it/man8/chgpasswd.8*
 %lang(it) %{_mandir}/it/man8/chpasswd.8*
 %lang(it) %{_mandir}/it/man8/faillog.8*
@@ -464,7 +459,6 @@ fi
 %lang(ja) %{_mandir}/ja/man5/login.defs.5*
 %lang(ja) %{_mandir}/ja/man5/passwd.5*
 %lang(ja) %{_mandir}/ja/man5/shadow.5*
-%lang(ja) %{_mandir}/ja/man5/suauth.5*
 %lang(ja) %{_mandir}/ja/man8/chpasswd.8*
 %lang(ja) %{_mandir}/ja/man8/faillog.8*
 %lang(ja) %{_mandir}/ja/man8/groupadd.8*
@@ -528,7 +522,6 @@ fi
 %lang(ru) %{_mandir}/ru/man5/login.defs.5*
 %lang(ru) %{_mandir}/ru/man5/passwd.5*
 %lang(ru) %{_mandir}/ru/man5/shadow.5*
-%lang(ru) %{_mandir}/ru/man5/suauth.5*
 %lang(ru) %{_mandir}/ru/man8/chgpasswd.8*
 %lang(ru) %{_mandir}/ru/man8/chpasswd.8*
 %lang(ru) %{_mandir}/ru/man8/faillog.8*
@@ -559,7 +552,6 @@ fi
 %lang(sv) %{_mandir}/sv/man5/faillog.5*
 %lang(sv) %{_mandir}/sv/man5/gshadow.5*
 %lang(sv) %{_mandir}/sv/man5/passwd.5*
-%lang(sv) %{_mandir}/sv/man5/suauth.5*
 %lang(sv) %{_mandir}/sv/man8/faillog.8*
 %lang(sv) %{_mandir}/sv/man8/groupadd.8*
 %lang(sv) %{_mandir}/sv/man8/groupdel.8*
@@ -597,7 +589,6 @@ fi
 %lang(uk) %{_mandir}/uk/man5/login.defs.5*
 %lang(uk) %{_mandir}/uk/man5/passwd.5*
 %lang(uk) %{_mandir}/uk/man5/shadow.5*
-%lang(uk) %{_mandir}/uk/man5/suauth.5*
 %lang(uk) %{_mandir}/uk/man8/chgpasswd.8*
 %lang(uk) %{_mandir}/uk/man8/chpasswd.8*
 %lang(uk) %{_mandir}/uk/man8/faillog.8*
@@ -632,7 +623,6 @@ fi
 %lang(zh_CN) %{_mandir}/zh_CN/man5/login.defs.5*
 %lang(zh_CN) %{_mandir}/zh_CN/man5/passwd.5*
 %lang(zh_CN) %{_mandir}/zh_CN/man5/shadow.5*
-%lang(zh_CN) %{_mandir}/zh_CN/man5/suauth.5*
 %lang(zh_CN) %{_mandir}/zh_CN/man8/chgpasswd.8*
 %lang(zh_CN) %{_mandir}/zh_CN/man8/chpasswd.8*
 %lang(zh_CN) %{_mandir}/zh_CN/man8/faillog.8*
-- 
2.49.0