base/SOURCES/shadow-4.1.5.1-chgrp-guard.patch

diff -up shadow-4.1.5.1/man/usermod.8.xml.chgrp-guard shadow-4.1.5.1/man/usermod.8.xml
--- shadow-4.1.5.1/man/usermod.8.xml.chgrp-guard	2016-05-04 13:44:17.267917583 +0200
+++ shadow-4.1.5.1/man/usermod.8.xml	2016-05-04 13:44:17.284917968 +0200
@@ -198,6 +198,12 @@
 	    The group ownership of files outside of the user's home directory
 	    must be fixed manually.
 	  </para>
+	  <para>
+	    The change of the group ownership of files inside of the user's
+	    home directory is also not done if the home dir owner uid is
+	    different from the current or new user id. This is safety measure
+	    for special home directories such as <filename>/</filename>.
+	  </para>
 	</listitem>
       </varlistentry>
       <varlistentry>
@@ -364,6 +370,12 @@
 	    must be fixed manually.
 	  </para>
 	  <para>
+	    The change of the user ownership of files inside of the user's
+	    home directory is also not done if the home dir owner uid is
+	    different from the current or new user id. This is safety measure
+	    for special home directories such as <filename>/</filename>.
+	  </para>
+	  <para>
 	    No checks will be performed with regard to the
 	    <option>UID_MIN</option>, <option>UID_MAX</option>,
 	    <option>SYS_UID_MIN</option>, or <option>SYS_UID_MAX</option>
diff -up shadow-4.1.5.1/src/usermod.c.chgrp-guard shadow-4.1.5.1/src/usermod.c
--- shadow-4.1.5.1/src/usermod.c.chgrp-guard	2016-05-04 13:44:17.280917877 +0200
+++ shadow-4.1.5.1/src/usermod.c	2016-05-04 13:44:17.285917991 +0200
@@ -1971,7 +1971,10 @@ int main (int argc, char **argv)
 	}
 
 	if (!mflg && (uflg || gflg)) {
-		if (access (dflg ? user_newhome : user_home, F_OK) == 0) {
+		struct stat sb;
+
+		if (stat (dflg ? user_newhome : user_home, &sb) == 0 &&
+			((uflg && sb.st_uid == user_newid) || sb.st_uid == user_id)) {
 			/*
 			 * Change the UID on all of the files owned by
 			 * `user_id' to `user_newid' in the user's home