blob: de0ba3ebb42238d134bb8b1f140aae3cb45f1064 [file] [log] [blame]
Brad Bishopc342db32019-05-15 21:57:59 -04001From fe34a2a0e44bc80ff213bfd185046a5f10c94997 Mon Sep 17 00:00:00 2001
2From: Chris Lamb <chris@chris-lamb.co.uk>
3Date: Wed, 2 Jan 2019 18:06:16 +0000
4Subject: [PATCH 1/2] Make the sp_lstchg shadow field reproducible (re. #71)
5
6From <https://github.com/shadow-maint/shadow/pull/71>:
7
8```
9The third field in the /etc/shadow file (sp_lstchg) contains the date of
10the last password change expressed as the number of days since Jan 1, 1970.
11As this is a relative time, creating a user today will result in:
12
13username:17238:0:99999:7:::
14whilst creating the same user tomorrow will result in:
15
16username:17239:0:99999:7:::
17This has an impact for the Reproducible Builds[0] project where we aim to
18be independent of as many elements the build environment as possible,
19including the current date.
20
21This patch changes the behaviour to use the SOURCE_DATE_EPOCH[1]
22environment variable (instead of Jan 1, 1970) if valid.
23```
24
25This updated PR adds some missing calls to gettime (). This was originally
26filed by Johannes Schauer in Debian as #917773 [2].
27
28[0] https://reproducible-builds.org/
29[1] https://reproducible-builds.org/specs/source-date-epoch/
30[2] https://bugs.debian.org/917773
31
32Upstream-Status: Backport
33Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
34---
35 libmisc/pwd2spwd.c | 3 +--
36 src/pwck.c | 2 +-
37 src/pwconv.c | 2 +-
38 3 files changed, 3 insertions(+), 4 deletions(-)
39
40diff --git a/libmisc/pwd2spwd.c b/libmisc/pwd2spwd.c
41index c1b9b29ac873..6799dd50d490 100644
42--- a/libmisc/pwd2spwd.c
43+++ b/libmisc/pwd2spwd.c
44@@ -40,7 +40,6 @@
45 #include "prototypes.h"
46 #include "defines.h"
47 #include <pwd.h>
48-extern time_t time (time_t *);
49
50 /*
51 * pwd_to_spwd - create entries for new spwd structure
52@@ -66,7 +65,7 @@ struct spwd *pwd_to_spwd (const struct passwd *pw)
53 */
54 sp.sp_min = 0;
55 sp.sp_max = (10000L * DAY) / SCALE;
56- sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
57+ sp.sp_lstchg = (long) gettime () / SCALE;
58 if (0 == sp.sp_lstchg) {
59 /* Better disable aging than requiring a password
60 * change */
61diff --git a/src/pwck.c b/src/pwck.c
62index 0ffb711efb13..f70071b12500 100644
63--- a/src/pwck.c
64+++ b/src/pwck.c
65@@ -609,7 +609,7 @@ static void check_pw_file (int *errors, bool *changed)
66 sp.sp_inact = -1;
67 sp.sp_expire = -1;
68 sp.sp_flag = SHADOW_SP_FLAG_UNSET;
69- sp.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
70+ sp.sp_lstchg = (long) gettime () / SCALE;
71 if (0 == sp.sp_lstchg) {
72 /* Better disable aging than
73 * requiring a password change
74diff --git a/src/pwconv.c b/src/pwconv.c
75index 9c69fa131d8e..f932f266c59c 100644
76--- a/src/pwconv.c
77+++ b/src/pwconv.c
78@@ -267,7 +267,7 @@ int main (int argc, char **argv)
79 spent.sp_flag = SHADOW_SP_FLAG_UNSET;
80 }
81 spent.sp_pwdp = pw->pw_passwd;
82- spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE;
83+ spent.sp_lstchg = (long) gettime () / SCALE;
84 if (0 == spent.sp_lstchg) {
85 /* Better disable aging than requiring a password
86 * change */
87--
882.17.1
89