import util-linux-2.40.2-4.el10

.gitignore

@@ -0,0 +1 @@
+SOURCES/util-linux-2.40.2.tar.xz

.util-linux.metadata

@@ -0,0 +1 @@
+59d363aa55d8b74abd7663545c29b353524294af SOURCES/util-linux-2.40.2.tar.xz

SOURCES/0000-login-lastlog-create.patch

@@ -0,0 +1,28 @@
+From a9d027ee07f56b67054ec8ef02481a1e60429f6d Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Wed, 10 Jul 2024 10:29:20 +0200
+Subject: login: lastlog create
+
+This is port of the old RHEL patch to RHEL-10.
+
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ login-utils/login.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/login-utils/login.c b/login-utils/login.c
+index c8544f6a1..3de0398e9 100644
+--- a/login-utils/login.c
++++ b/login-utils/login.c
+@@ -681,7 +681,7 @@ static void log_lastlog(struct login_context *cxt)
+ 	sa.sa_handler = SIG_IGN;
+ 	sigaction(SIGXFSZ, &sa, &oldsa_xfsz);
+ 
+-	fd = open(_PATH_LASTLOG, O_RDWR, 0);
++	fd = open(_PATH_LASTLOG, O_RDWR | O_CREAT, 0);
+ 	if (fd < 0)
+ 		goto done;
+ 	offset = cxt->pwd->pw_uid * sizeof(ll);
+-- 
+2.45.2
+

SOURCES/0001-login-default-motd-file.patch

@@ -0,0 +1,28 @@
+From c4354ccde565c742a75816ef46c2f7265415f1f7 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Wed, 10 Jul 2024 10:30:42 +0200
+Subject: login: default motd file
+
+This is port of the old RHEL patch to RHEL-10.
+
+Signed-off-by: Karel Zak <kzak@redhat.com>
+---
+ include/pathnames.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/include/pathnames.h b/include/pathnames.h
+index de456c53e..ac28a9a50 100644
+--- a/include/pathnames.h
++++ b/include/pathnames.h
+@@ -41,7 +41,7 @@
+ #ifndef _PATH_MAILDIR
+ # define _PATH_MAILDIR		"/var/spool/mail"
+ #endif
+-#define	_PATH_MOTDFILE		"/usr/share/misc/motd:/run/motd:/etc/motd"
++#define	_PATH_MOTDFILE		"/usr/share/misc/motd:/run/motd:/run/motd.d:/etc/motd:/etc/motd.d"
+ #ifndef _PATH_NOLOGIN
+ # define _PATH_NOLOGIN		"/etc/nologin"
+ #endif
+-- 
+2.45.2
+

SOURCES/0002-uuidd-fix-var-lib-libuuid-mode-uuidd-tmpfiles.conf.patch

@@ -0,0 +1,34 @@
+From 151dbf45503032839c02d07d8a5c89e2d064cb34 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 9 Jul 2024 17:04:09 +0200
+Subject: uuidd: fix /var/lib/libuuid mode uuidd-tmpfiles.conf
+
+The directory can be directly used by libuuid, for example, by running
+"uuidgen --time" as root, even if the uuidd daemon is not installed.
+In this case, we must create a clock.txt file with the uuidd group to
+prevent any potential ownership mismatch if the uuidd daemon is
+installed later. The 2xxx mode (setgid) forces open(O_CREAT) in
+libuuid to create the file with the uuidd group.
+
+Please note that mode 2755 is the standard used for years in RHEL.
+
+Signed-off-by: Karel Zak <kzak@redhat.com>
+(cherry picked from commit e0c41735aa13a7a62e42c0428823537d3edc02a8)
+(cherry picked from commit 555152c36b1026ea97eb06a9a57fac154fa36ed0)
+---
+ misc-utils/uuidd-tmpfiles.conf.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/misc-utils/uuidd-tmpfiles.conf.in b/misc-utils/uuidd-tmpfiles.conf.in
+index b362930d8..90b8a8537 100644
+--- a/misc-utils/uuidd-tmpfiles.conf.in
++++ b/misc-utils/uuidd-tmpfiles.conf.in
+@@ -3,4 +3,4 @@
+ # See tmpfiles.d(5) for details
+ #
+ d @runstatedir@/uuidd 2775 uuidd uuidd -
+-d @localstatedir@/lib/libuuid 0755 uuidd uuidd -
++d @localstatedir@/lib/libuuid 2755 uuidd uuidd -
+-- 
+2.45.2
+

SOURCES/0003-uuidd-fix-typo-in-tmpfiles.conf.patch

@@ -0,0 +1,28 @@
+From 5a3ce382501f4b56dbf8a6989d56c7aac63c0314 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Wed, 10 Jul 2024 15:55:35 +0200
+Subject: uuidd: fix typo in tmpfiles.conf
+
+Let's change 2755 to 2775. The directory must be writable for the
+'uuidd' group.
+
+Addresses: http://github.com/util-linux/util-linux/commit/e0c41735aa13a7a62e42c0428823537d3edc02a8
+Signed-off-by: Karel Zak <kzak@redhat.com>
+(cherry picked from commit 7af2539f58b3bd3bb2f5e44138595be116c8d76c)
+---
+ misc-utils/uuidd-tmpfiles.conf.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/misc-utils/uuidd-tmpfiles.conf.in b/misc-utils/uuidd-tmpfiles.conf.in
+index 90b8a8537..2245b1b7e 100644
+--- a/misc-utils/uuidd-tmpfiles.conf.in
++++ b/misc-utils/uuidd-tmpfiles.conf.in
+@@ -3,4 +3,4 @@
+ # See tmpfiles.d(5) for details
+ #
+ d @runstatedir@/uuidd 2775 uuidd uuidd -
+-d @localstatedir@/lib/libuuid 2755 uuidd uuidd -
++d @localstatedir@/lib/libuuid 2775 uuidd uuidd -
+-- 
+2.45.2
+

SOURCES/adjtime

@@ -0,0 +1,2 @@
+0.0 0 0.0
+0

SOURCES/util-linux-chsh-chfn.pamd

@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth       sufficient   pam_rootok.so
+auth       include      system-auth
+account    include      system-auth
+password   include      system-auth
+session    include      system-auth

SOURCES/util-linux-login.pamd

@@ -0,0 +1,16 @@
+#%PAM-1.0
+auth       substack     system-auth
+auth       include      postlogin
+account    required     pam_nologin.so
+account    include      system-auth
+password   include      system-auth
+# pam_selinux.so close should be the first session rule
+session    required     pam_selinux.so close
+session    required     pam_loginuid.so
+# pam_selinux.so open should only be followed by sessions to be executed in the user context
+session    required     pam_selinux.so open
+session    required     pam_namespace.so
+session    optional     pam_keyinit.so force revoke
+session    include      system-auth
+session    include      postlogin
+-session   optional     pam_ck_connector.so

SOURCES/util-linux-remote.pamd

@@ -0,0 +1,15 @@
+#%PAM-1.0
+auth       substack     password-auth
+auth       include      postlogin
+account    required     pam_nologin.so
+account    include      password-auth
+password   include      password-auth
+# pam_selinux.so close should be the first session rule
+session    required     pam_selinux.so close
+session    required     pam_loginuid.so
+# pam_selinux.so open should only be followed by sessions to be executed in the user context
+session    required     pam_selinux.so open
+session    required     pam_namespace.so
+session    optional     pam_keyinit.so force revoke
+session    include      password-auth
+session    include      postlogin

SOURCES/util-linux-runuser-l.pamd

@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth		include		runuser
+session		optional	pam_keyinit.so force revoke
+-session	optional	pam_systemd.so
+session		include		runuser

SOURCES/util-linux-runuser.pamd

@@ -0,0 +1,5 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+session		optional	pam_keyinit.so revoke
+session		required	pam_limits.so
+session		required	pam_unix.so

SOURCES/util-linux-su-l.pamd

@@ -0,0 +1,6 @@
+#%PAM-1.0
+auth		include		su
+account		include		su
+password	include		su
+session		optional	pam_keyinit.so force revoke
+session		include		su

SOURCES/util-linux-su.pamd

@@ -0,0 +1,14 @@
+#%PAM-1.0
+auth		sufficient	pam_rootok.so
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth		sufficient	pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+#auth		required	pam_wheel.so use_uid
+auth		substack	system-auth
+auth		include		postlogin
+account		sufficient	pam_succeed_if.so uid = 0 use_uid quiet
+account		include		system-auth
+password	include		system-auth
+session		include		system-auth
+session		include		postlogin
+session		optional	pam_xauth.so