2007-10-07 17:14:02 +05:30
|
|
|
/*
|
2008-04-27 06:10:09 +05:30
|
|
|
* Copyright (c) 1991 - 1994, Julianne Frances Haugh
|
|
|
|
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
|
|
|
* Copyright (c) 2000 - 2006, Tomasz Kłoczko
|
|
|
|
* Copyright (c) 2007 - 2008, Nicolas François
|
2007-10-07 17:14:02 +05:30
|
|
|
* All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
2008-04-27 06:10:09 +05:30
|
|
|
* 3. The name of the copyright holders or contributors may not be used to
|
|
|
|
* endorse or promote products derived from this software without
|
|
|
|
* specific prior written permission.
|
2007-10-07 17:14:02 +05:30
|
|
|
*
|
2008-04-27 06:10:09 +05:30
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
|
|
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
|
|
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
|
|
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
|
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
|
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
|
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
|
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
|
|
|
|
|
|
|
#include <config.h>
|
|
|
|
|
2007-11-11 05:16:11 +05:30
|
|
|
#ident "$Id$"
|
2007-10-07 17:17:01 +05:30
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
#include <ctype.h>
|
|
|
|
#include <fcntl.h>
|
2007-10-07 17:17:57 +05:30
|
|
|
#include <getopt.h>
|
2007-10-07 17:17:01 +05:30
|
|
|
#include <grp.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <sys/types.h>
|
2007-10-07 17:14:38 +05:30
|
|
|
#ifdef USE_PAM
|
2007-10-07 17:17:11 +05:30
|
|
|
#include "pam_defs.h"
|
2007-10-07 17:14:38 +05:30
|
|
|
#include <pwd.h>
|
2007-10-07 17:14:59 +05:30
|
|
|
#endif /* USE_PAM */
|
2007-10-07 17:14:02 +05:30
|
|
|
#include "chkname.h"
|
|
|
|
#include "defines.h"
|
|
|
|
#include "groupio.h"
|
2008-03-09 04:31:49 +05:30
|
|
|
#include "pwio.h"
|
2007-10-07 17:15:23 +05:30
|
|
|
#include "nscd.h"
|
2007-10-07 17:17:01 +05:30
|
|
|
#include "prototypes.h"
|
2007-10-07 17:14:02 +05:30
|
|
|
#ifdef SHADOWGRP
|
|
|
|
#include "sgroupio.h"
|
|
|
|
#endif
|
|
|
|
/*
|
|
|
|
* exit status values
|
|
|
|
*/
|
|
|
|
#define E_SUCCESS 0 /* success */
|
|
|
|
#define E_USAGE 2 /* invalid command syntax */
|
|
|
|
#define E_BAD_ARG 3 /* invalid argument to option */
|
|
|
|
#define E_GID_IN_USE 4 /* gid already in use (and no -o) */
|
|
|
|
#define E_NOTFOUND 6 /* specified group doesn't exist */
|
|
|
|
#define E_NAME_IN_USE 9 /* group name already in use */
|
|
|
|
#define E_GRP_UPDATE 10 /* can't update group file */
|
2007-10-07 17:17:01 +05:30
|
|
|
/*
|
|
|
|
* Global variables
|
|
|
|
*/
|
|
|
|
#ifdef SHADOWGRP
|
|
|
|
static int is_shadow_grp;
|
2008-03-09 04:31:49 +05:30
|
|
|
static int gshadow_locked = 0;
|
2008-03-18 04:32:23 +05:30
|
|
|
#endif /* SHADOWGRP */
|
2008-03-09 04:31:49 +05:30
|
|
|
static int group_locked = 0;
|
|
|
|
static int passwd_locked = 0;
|
2007-10-07 17:14:59 +05:30
|
|
|
static char *group_name;
|
|
|
|
static char *group_newname;
|
2008-01-05 19:47:43 +05:30
|
|
|
static char *group_passwd;
|
2007-10-07 17:14:59 +05:30
|
|
|
static gid_t group_id;
|
|
|
|
static gid_t group_newid;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:14:59 +05:30
|
|
|
static char *Prog;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
static int
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
oflg = 0, /* permit non-unique group ID to be specified with -g */
|
2007-10-07 17:16:07 +05:30
|
|
|
gflg = 0, /* new ID value for the group */
|
2008-01-05 19:47:43 +05:30
|
|
|
nflg = 0, /* a new name has been specified for the group */
|
|
|
|
pflg = 0; /* new encrypted password */
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
/* local function prototypes */
|
2007-10-07 17:14:59 +05:30
|
|
|
static void usage (void);
|
2008-03-09 04:31:49 +05:30
|
|
|
static void fail_exit (int);
|
2007-10-07 17:14:59 +05:30
|
|
|
static void new_grent (struct group *);
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
#ifdef SHADOWGRP
|
2007-10-07 17:14:59 +05:30
|
|
|
static void new_sgent (struct sgrp *);
|
2007-10-07 17:14:02 +05:30
|
|
|
#endif
|
2007-10-07 17:14:59 +05:30
|
|
|
static void grp_update (void);
|
|
|
|
static void check_new_gid (void);
|
|
|
|
static void check_new_name (void);
|
|
|
|
static void process_flags (int, char **);
|
|
|
|
static void close_files (void);
|
|
|
|
static void open_files (void);
|
2007-10-07 17:17:57 +05:30
|
|
|
static gid_t get_gid (const char *gidstr);
|
2008-03-09 04:31:49 +05:30
|
|
|
static void update_primary_groups (gid_t ogid, gid_t ngid);
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
/*
|
|
|
|
* usage - display usage message and exit
|
|
|
|
*/
|
|
|
|
|
2007-10-07 17:14:59 +05:30
|
|
|
static void usage (void)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2008-01-25 02:12:12 +05:30
|
|
|
fputs (_("Usage: groupmod [options] GROUP\n"
|
2008-01-25 02:24:42 +05:30
|
|
|
"\n"
|
|
|
|
"Options:\n"
|
|
|
|
" -g, --gid GID force use new GID by GROUP\n"
|
|
|
|
" -h, --help display this help message and exit\n"
|
|
|
|
" -n, --new-name NEW_GROUP force use NEW_GROUP name by GROUP\n"
|
|
|
|
" -o, --non-unique allow using duplicate (non-unique) GID by GROUP\n"
|
|
|
|
" -p, --password PASSWORD use encrypted password for the new password\n"
|
|
|
|
"\n"), stderr);
|
2007-10-07 17:14:59 +05:30
|
|
|
exit (E_USAGE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
2008-03-09 04:31:49 +05:30
|
|
|
static void fail_exit (int status)
|
|
|
|
{
|
|
|
|
if (group_locked) {
|
|
|
|
gr_unlock ();
|
|
|
|
}
|
2008-03-18 04:32:23 +05:30
|
|
|
#ifdef SHADOWGRP
|
2008-03-09 04:31:49 +05:30
|
|
|
if (gshadow_locked) {
|
|
|
|
sgr_unlock ();
|
|
|
|
}
|
2008-03-18 04:32:23 +05:30
|
|
|
#endif /* SHADOWGRP */
|
2008-03-09 04:31:49 +05:30
|
|
|
if (passwd_locked) {
|
|
|
|
pw_unlock();
|
|
|
|
}
|
|
|
|
exit (status);
|
|
|
|
}
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
/*
|
|
|
|
* new_grent - updates the values in a group file entry
|
|
|
|
*
|
2007-10-07 17:14:59 +05:30
|
|
|
* new_grent() takes all of the values that have been entered and fills
|
|
|
|
* in a (struct group) with them.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void new_grent (struct group *grent)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
|
|
|
if (nflg)
|
|
|
|
grent->gr_name = xstrdup (group_newname);
|
|
|
|
|
|
|
|
if (gflg)
|
|
|
|
grent->gr_gid = group_newid;
|
2008-01-05 19:47:43 +05:30
|
|
|
|
|
|
|
if (pflg)
|
|
|
|
grent->gr_passwd = group_passwd;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
#ifdef SHADOWGRP
|
|
|
|
/*
|
|
|
|
* new_sgent - updates the values in a shadow group file entry
|
|
|
|
*
|
2007-10-07 17:14:59 +05:30
|
|
|
* new_sgent() takes all of the values that have been entered and fills
|
|
|
|
* in a (struct sgrp) with them.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void new_sgent (struct sgrp *sgent)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
|
|
|
if (nflg)
|
|
|
|
sgent->sg_name = xstrdup (group_newname);
|
2008-01-05 19:47:43 +05:30
|
|
|
|
|
|
|
if (pflg)
|
|
|
|
sgent->sg_passwd = group_passwd;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
#endif /* SHADOWGRP */
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
/*
|
|
|
|
* grp_update - update group file entries
|
|
|
|
*
|
|
|
|
* grp_update() writes the new records to the group files.
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void grp_update (void)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
|
|
|
struct group grp;
|
|
|
|
const struct group *ogrp;
|
2007-10-07 17:14:59 +05:30
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
#ifdef SHADOWGRP
|
|
|
|
struct sgrp sgrp;
|
|
|
|
const struct sgrp *osgrp = NULL;
|
2007-10-07 17:14:59 +05:30
|
|
|
#endif /* SHADOWGRP */
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
/*
|
|
|
|
* Get the current settings for this group.
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
ogrp = gr_locate (group_name);
|
2007-10-07 17:14:02 +05:30
|
|
|
if (!ogrp) {
|
2007-10-07 17:14:59 +05:30
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: %s not found in /etc/group\n"),
|
|
|
|
Prog, group_name);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifying group",
|
|
|
|
group_name, -1, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
grp = *ogrp;
|
|
|
|
new_grent (&grp);
|
|
|
|
#ifdef SHADOWGRP
|
2007-10-07 17:14:59 +05:30
|
|
|
if (is_shadow_grp && (osgrp = sgr_locate (group_name))) {
|
2007-10-07 17:14:02 +05:30
|
|
|
sgrp = *osgrp;
|
|
|
|
new_sgent (&sgrp);
|
2008-01-05 19:47:43 +05:30
|
|
|
if (pflg)
|
|
|
|
grp.gr_passwd = SHADOW_PASSWD_STRING;
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
#endif /* SHADOWGRP */
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2008-03-09 04:31:49 +05:30
|
|
|
if (gflg) {
|
|
|
|
update_primary_groups (ogrp->gr_gid, group_newid);
|
|
|
|
}
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
/*
|
|
|
|
* Write out the new group file entry.
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
if (!gr_update (&grp)) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: error adding new group entry\n"), Prog);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding group",
|
|
|
|
group_name, -1, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
if (nflg && !gr_remove (group_name)) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: error removing group entry\n"), Prog);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting group",
|
|
|
|
group_name, -1, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
#ifdef SHADOWGRP
|
2007-10-07 17:17:01 +05:30
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
/*
|
2007-10-07 17:14:59 +05:30
|
|
|
* Make sure there was a shadow entry to begin with. Skip down to
|
|
|
|
* "out" if there wasn't. Can't just return because there might be
|
|
|
|
* some syslogging to do.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
if (!osgrp)
|
2007-10-07 17:14:02 +05:30
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Write out the new shadow group entries as well.
|
|
|
|
*/
|
2008-01-05 19:47:43 +05:30
|
|
|
if (is_shadow_grp && !sgr_update (&sgrp)) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: error adding new group entry\n"), Prog);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding group",
|
|
|
|
group_name, -1, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2008-01-05 19:47:43 +05:30
|
|
|
if (is_shadow_grp && nflg && !sgr_remove (group_name)) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: error removing group entry\n"), Prog);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting group",
|
|
|
|
group_name, -1, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
out:
|
|
|
|
#endif /* SHADOWGRP */
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifing group", group_name,
|
|
|
|
group_id, 1);
|
|
|
|
#endif
|
2007-10-07 17:14:02 +05:30
|
|
|
if (nflg)
|
2007-10-07 17:14:59 +05:30
|
|
|
SYSLOG ((LOG_INFO, "change group `%s' to `%s'",
|
|
|
|
group_name, group_newname));
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2008-03-09 04:31:49 +05:30
|
|
|
if (gflg) {
|
2007-10-07 17:16:25 +05:30
|
|
|
SYSLOG ((LOG_INFO, "change GID for `%s' to %u",
|
2007-10-07 17:14:59 +05:30
|
|
|
nflg ? group_newname : group_name, group_newid));
|
2008-03-09 04:31:49 +05:30
|
|
|
}
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* check_new_gid - check the new GID value for uniqueness
|
|
|
|
*
|
|
|
|
* check_new_gid() insures that the new GID value is unique.
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void check_new_gid (void)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
|
|
|
/*
|
2007-10-07 17:14:59 +05:30
|
|
|
* First, the easy stuff. If the ID can be duplicated, or if the ID
|
|
|
|
* didn't really change, just return. If the ID didn't change, turn
|
|
|
|
* off those flags. No sense doing needless work.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
|
|
|
if (group_id == group_newid) {
|
|
|
|
gflg = 0;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
if (oflg || !getgrgid (group_newid)) /* local, no need for xgetgrgid */
|
2007-10-07 17:14:02 +05:30
|
|
|
return;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Tell the user what they did wrong.
|
|
|
|
*/
|
2007-10-07 17:16:25 +05:30
|
|
|
fprintf (stderr, _("%s: %u is not a unique GID\n"), Prog, group_newid);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modify gid", NULL,
|
|
|
|
group_newid, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GID_IN_USE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* check_new_name - check the new name for uniqueness
|
|
|
|
*
|
2007-10-07 17:14:59 +05:30
|
|
|
* check_new_name() insures that the new name does not exist already.
|
|
|
|
* You can't have the same name twice, period.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void check_new_name (void)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
|
|
|
/*
|
|
|
|
* Make sure they are actually changing the name.
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
if (strcmp (group_name, group_newname) == 0) {
|
2007-10-07 17:14:02 +05:30
|
|
|
nflg = 0;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2007-10-07 17:14:59 +05:30
|
|
|
if (check_group_name (group_newname)) {
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
/*
|
|
|
|
* If the entry is found, too bad.
|
|
|
|
*/
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
/* local, no need for xgetgrnam */
|
2007-10-07 17:14:59 +05:30
|
|
|
if (getgrnam (group_newname)) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: %s is not a unique name\n"), Prog,
|
|
|
|
group_newname);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
|
|
|
"modifying group", group_name, -1, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_NAME_IN_USE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* All invalid group names land here.
|
|
|
|
*/
|
|
|
|
|
2007-10-07 17:15:40 +05:30
|
|
|
fprintf (stderr, _("%s: %s is not a valid group name\n"),
|
2007-10-07 17:14:59 +05:30
|
|
|
Prog, group_newname);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifying group", group_name,
|
|
|
|
-1, 0);
|
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_BAD_ARG);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
2007-10-07 17:17:57 +05:30
|
|
|
/*
|
|
|
|
* get_id - validate and get group ID
|
|
|
|
*/
|
|
|
|
static gid_t get_gid (const char *gidstr)
|
|
|
|
{
|
|
|
|
long val;
|
|
|
|
char *errptr;
|
|
|
|
|
|
|
|
val = strtol (gidstr, &errptr, 10);
|
|
|
|
if (*errptr || errno == ERANGE || val < 0) {
|
|
|
|
fprintf (stderr, _("%s: invalid numeric argument '%s'\n"), Prog,
|
|
|
|
gidstr);
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_BAD_ARG);
|
2007-10-07 17:17:57 +05:30
|
|
|
}
|
|
|
|
return val;
|
|
|
|
}
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
/*
|
|
|
|
* process_flags - perform command line argument setting
|
|
|
|
*
|
2007-10-07 17:14:59 +05:30
|
|
|
* process_flags() interprets the command line arguments and sets the
|
|
|
|
* values that the user will be created with accordingly. The values
|
|
|
|
* are checked for sanity.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void process_flags (int argc, char **argv)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:17:57 +05:30
|
|
|
|
|
|
|
{
|
|
|
|
int option_index = 0;
|
|
|
|
int c;
|
|
|
|
static struct option long_options[] = {
|
|
|
|
{"gid", required_argument, NULL, 'g'},
|
|
|
|
{"help", no_argument, NULL, 'h'},
|
|
|
|
{"new-name", required_argument, NULL, 'n'},
|
|
|
|
{"non-unique", no_argument, NULL, 'o'},
|
2008-01-05 19:47:43 +05:30
|
|
|
{"password", required_argument, NULL, 'p'},
|
2007-10-07 17:17:57 +05:30
|
|
|
{NULL, 0, NULL, '\0'}
|
|
|
|
};
|
|
|
|
while ((c =
|
2008-02-20 02:56:04 +05:30
|
|
|
getopt_long (argc, argv, "g:hn:op:",
|
2007-10-07 17:17:57 +05:30
|
|
|
long_options, &option_index)) != -1) {
|
|
|
|
switch (c) {
|
|
|
|
case 'g':
|
|
|
|
gflg++;
|
|
|
|
group_newid = get_gid (optarg);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
2007-10-07 17:17:57 +05:30
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK,
|
|
|
|
Prog, "modifying group",
|
|
|
|
NULL, group_newid, 0);
|
2007-10-07 17:17:01 +05:30
|
|
|
#endif
|
2007-10-07 17:17:57 +05:30
|
|
|
break;
|
|
|
|
case 'n':
|
|
|
|
nflg++;
|
|
|
|
group_newname = optarg;
|
|
|
|
break;
|
|
|
|
case 'o':
|
|
|
|
oflg++;
|
|
|
|
break;
|
2008-01-05 19:47:43 +05:30
|
|
|
case 'p':
|
|
|
|
group_passwd = optarg;
|
|
|
|
pflg++;
|
|
|
|
break;
|
2007-10-07 17:17:57 +05:30
|
|
|
default:
|
|
|
|
usage ();
|
2007-10-07 17:14:59 +05:30
|
|
|
}
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
}
|
2007-10-07 17:17:57 +05:30
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
if (oflg && !gflg)
|
2007-10-07 17:14:59 +05:30
|
|
|
usage ();
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
if (optind != argc - 1)
|
2007-10-07 17:14:59 +05:30
|
|
|
usage ();
|
2007-10-07 17:14:02 +05:30
|
|
|
|
|
|
|
group_name = argv[argc - 1];
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* close_files - close all of the files that were opened
|
|
|
|
*
|
2007-10-07 17:14:59 +05:30
|
|
|
* close_files() closes all of the files that were opened for this new
|
|
|
|
* group. This causes any modified entries to be written out.
|
2007-10-07 17:14:02 +05:30
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void close_files (void)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:14:59 +05:30
|
|
|
if (!gr_close ()) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: cannot rewrite group file\n"), Prog);
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
gr_unlock ();
|
2008-03-09 04:31:49 +05:30
|
|
|
group_locked--;
|
2007-10-07 17:14:02 +05:30
|
|
|
#ifdef SHADOWGRP
|
2007-10-07 17:14:59 +05:30
|
|
|
if (is_shadow_grp && !sgr_close ()) {
|
|
|
|
fprintf (stderr,
|
2007-10-07 17:16:07 +05:30
|
|
|
_("%s: cannot rewrite shadow group file\n"), Prog);
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2008-03-09 04:31:49 +05:30
|
|
|
if (is_shadow_grp) {
|
2007-10-07 17:14:02 +05:30
|
|
|
sgr_unlock ();
|
2008-03-09 04:31:49 +05:30
|
|
|
gshadow_locked--;
|
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
#endif /* SHADOWGRP */
|
2008-03-09 04:31:49 +05:30
|
|
|
if (gflg) {
|
|
|
|
if (!pw_close ()) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: cannot rewrite passwd file\n"), Prog);
|
|
|
|
fail_exit (E_GRP_UPDATE);
|
|
|
|
}
|
|
|
|
pw_unlock();
|
|
|
|
passwd_locked--;
|
|
|
|
}
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* open_files - lock and open the group files
|
|
|
|
*
|
|
|
|
* open_files() opens the two group files.
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
static void open_files (void)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:14:59 +05:30
|
|
|
if (!gr_lock ()) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: unable to lock group file\n"), Prog);
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2008-03-09 04:31:49 +05:30
|
|
|
group_locked++;
|
2007-10-07 17:14:59 +05:30
|
|
|
if (!gr_open (O_RDWR)) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: unable to open group file\n"), Prog);
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_GRP_UPDATE);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
#ifdef SHADOWGRP
|
2008-03-09 04:31:49 +05:30
|
|
|
if (is_shadow_grp) {
|
|
|
|
if (!sgr_lock ()) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: unable to lock shadow group file\n"),
|
|
|
|
Prog);
|
|
|
|
fail_exit (E_GRP_UPDATE);
|
|
|
|
}
|
|
|
|
gshadow_locked++;
|
|
|
|
if (!sgr_open (O_RDWR)) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: unable to open shadow group file\n"),
|
|
|
|
Prog);
|
|
|
|
fail_exit (E_GRP_UPDATE);
|
|
|
|
}
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
#endif /* SHADOWGRP */
|
2008-03-09 04:31:49 +05:30
|
|
|
if (gflg) {
|
|
|
|
if (!pw_lock ()) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: unable to lock password file\n"),
|
|
|
|
Prog);
|
|
|
|
fail_exit (E_GRP_UPDATE);
|
|
|
|
}
|
|
|
|
passwd_locked++;
|
|
|
|
if (!pw_open (O_RDWR)) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: unable to open password file\n"),
|
|
|
|
Prog);
|
|
|
|
fail_exit (E_GRP_UPDATE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void update_primary_groups (gid_t ogid, gid_t ngid)
|
|
|
|
{
|
|
|
|
struct passwd *pwd;
|
|
|
|
|
|
|
|
setpwent ();
|
|
|
|
while ((pwd = getpwent ()) != NULL) {
|
|
|
|
if (pwd->pw_gid == ogid) {
|
|
|
|
const struct passwd *lpwd;
|
|
|
|
struct passwd npwd;
|
|
|
|
lpwd = pw_locate (pwd->pw_name);
|
|
|
|
if (NULL == lpwd) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: cannot change the primary group of user '%s' from %u to %u, since it is not in the passwd file.\n"),
|
|
|
|
Prog, pwd->pw_name, ogid, ngid);
|
|
|
|
fail_exit (E_GRP_UPDATE);
|
|
|
|
} else {
|
|
|
|
npwd = *lpwd;
|
|
|
|
npwd.pw_gid = ngid;
|
|
|
|
if (!pw_update (&npwd)) {
|
|
|
|
fprintf (stderr,
|
|
|
|
_("%s: cannot change the primary group of user '%s' from %u to %u.\n"),
|
|
|
|
Prog, pwd->pw_name, ogid, ngid);
|
|
|
|
fail_exit (E_GRP_UPDATE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
Ensure that getpwent() is used in setpwent(), getpwent(),
endpwend() sequences (ditto for getgrent(), getspent(), and
getsgent()). The only real (minor) issue was in login, which kept
the passwd file open.
* libmisc/entry.c: Remove unneeded setspent() and endspent() (only
getspnam is called in the middle).
* libmisc/find_new_ids.c: Make sure to close the password and
group files with endpwent() and endgrent().
* libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
is called before).
* src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
src/groups.c: Make sure to close
the password file with endpwent().
* src/login.c: Remove unneeded setpwent() (only xgetpwnam is
called before).
* src/login.c, src/newgrp.c: Fix typos in comments.
2008-04-17 03:22:46 +05:30
|
|
|
endpwent ();
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* main - groupmod command
|
|
|
|
*
|
|
|
|
* The syntax of the groupmod command is
|
|
|
|
*
|
|
|
|
* groupmod [ -g gid [ -o ]] [ -n name ] group
|
|
|
|
*
|
|
|
|
* The flags are
|
|
|
|
* -g - specify a new group ID value
|
|
|
|
* -o - permit the group ID value to be non-unique
|
|
|
|
* -n - specify a new group name
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
int main (int argc, char **argv)
|
2007-10-07 17:14:02 +05:30
|
|
|
{
|
2007-10-07 17:14:38 +05:30
|
|
|
#ifdef USE_PAM
|
|
|
|
pam_handle_t *pamh = NULL;
|
|
|
|
int retval;
|
|
|
|
#endif
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_help_open ();
|
|
|
|
#endif
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
/*
|
|
|
|
* Get my name so that I can use it to report errors.
|
|
|
|
*/
|
2007-10-07 17:14:59 +05:30
|
|
|
Prog = Basename (argv[0]);
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:14:59 +05:30
|
|
|
setlocale (LC_ALL, "");
|
|
|
|
bindtextdomain (PACKAGE, LOCALEDIR);
|
|
|
|
textdomain (PACKAGE);
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:16:07 +05:30
|
|
|
process_flags (argc, argv);
|
2007-10-07 17:15:40 +05:30
|
|
|
|
2007-10-07 17:16:52 +05:30
|
|
|
OPENLOG ("groupmod");
|
|
|
|
|
2007-10-07 17:14:38 +05:30
|
|
|
#ifdef USE_PAM
|
|
|
|
retval = PAM_SUCCESS;
|
|
|
|
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
{
|
|
|
|
struct passwd *pampw;
|
|
|
|
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
|
|
|
|
if (pampw == NULL) {
|
|
|
|
retval = PAM_USER_UNKNOWN;
|
|
|
|
}
|
2007-10-07 17:14:38 +05:30
|
|
|
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
if (retval == PAM_SUCCESS) {
|
|
|
|
retval = pam_start ("groupmod", pampw->pw_name,
|
|
|
|
&conv, &pamh);
|
|
|
|
}
|
2007-10-07 17:14:38 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
if (retval == PAM_SUCCESS) {
|
2007-10-07 17:14:59 +05:30
|
|
|
retval = pam_authenticate (pamh, 0);
|
2007-10-07 17:14:38 +05:30
|
|
|
if (retval != PAM_SUCCESS) {
|
2007-10-07 17:14:59 +05:30
|
|
|
pam_end (pamh, retval);
|
2007-10-07 17:14:38 +05:30
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (retval == PAM_SUCCESS) {
|
2007-10-07 17:14:59 +05:30
|
|
|
retval = pam_acct_mgmt (pamh, 0);
|
2007-10-07 17:14:38 +05:30
|
|
|
if (retval != PAM_SUCCESS) {
|
2007-10-07 17:14:59 +05:30
|
|
|
pam_end (pamh, retval);
|
2007-10-07 17:14:38 +05:30
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (retval != PAM_SUCCESS) {
|
2007-10-07 17:16:07 +05:30
|
|
|
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (1);
|
2007-10-07 17:14:38 +05:30
|
|
|
}
|
2007-10-07 17:14:59 +05:30
|
|
|
#endif /* USE_PAM */
|
2007-10-07 17:14:38 +05:30
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
#ifdef SHADOWGRP
|
2007-10-07 17:14:59 +05:30
|
|
|
is_shadow_grp = sgr_file_present ();
|
2007-10-07 17:14:02 +05:30
|
|
|
#endif
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
{
|
|
|
|
struct group *grp;
|
|
|
|
/*
|
|
|
|
* Start with a quick check to see if the group exists.
|
|
|
|
*/
|
|
|
|
/* local, no need for xgetgrnam */
|
|
|
|
if (!(grp = getgrnam (group_name))) {
|
|
|
|
fprintf (stderr, _("%s: group %s does not exist\n"),
|
|
|
|
Prog, group_name);
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
|
|
|
"modifying group", group_name, -1, 0);
|
2007-10-07 17:17:01 +05:30
|
|
|
#endif
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_NOTFOUND);
|
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-19 04:45:26 +05:30
|
|
|
} else
|
|
|
|
group_id = grp->gr_gid;
|
|
|
|
}
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
/* Set new name/id to original if not specified on command line */
|
|
|
|
if (nflg == 0)
|
|
|
|
group_newname = group_name;
|
|
|
|
if (gflg == 0)
|
|
|
|
group_newid = group_id;
|
|
|
|
#endif
|
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
#ifdef USE_NIS
|
|
|
|
/*
|
|
|
|
* Now make sure it isn't an NIS group.
|
|
|
|
*/
|
|
|
|
if (__isgrNIS ()) {
|
2007-10-07 17:14:59 +05:30
|
|
|
char *nis_domain;
|
|
|
|
char *nis_master;
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:14:59 +05:30
|
|
|
fprintf (stderr, _("%s: group %s is a NIS group\n"),
|
|
|
|
Prog, group_name);
|
2007-10-07 17:14:02 +05:30
|
|
|
|
2007-10-07 17:17:01 +05:30
|
|
|
#ifdef WITH_AUDIT
|
|
|
|
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifying group",
|
|
|
|
group_name, -1, 0);
|
|
|
|
#endif
|
2007-10-07 17:14:59 +05:30
|
|
|
if (!yp_get_default_domain (&nis_domain) &&
|
|
|
|
!yp_master (nis_domain, "group.byname", &nis_master)) {
|
|
|
|
fprintf (stderr, _("%s: %s is the NIS master\n"),
|
|
|
|
Prog, nis_master);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
2008-03-09 04:31:49 +05:30
|
|
|
fail_exit (E_NOTFOUND);
|
2007-10-07 17:14:02 +05:30
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
if (gflg)
|
|
|
|
check_new_gid ();
|
|
|
|
|
|
|
|
if (nflg)
|
|
|
|
check_new_name ();
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Do the hard stuff - open the files, create the group entries,
|
|
|
|
* then close and update the files.
|
|
|
|
*/
|
|
|
|
open_files ();
|
|
|
|
|
|
|
|
grp_update ();
|
2008-03-09 04:31:49 +05:30
|
|
|
|
2007-10-07 17:14:02 +05:30
|
|
|
close_files ();
|
2007-10-07 17:14:38 +05:30
|
|
|
|
2007-10-07 20:06:51 +05:30
|
|
|
nscd_flush_cache ("group");
|
|
|
|
|
2007-10-07 17:14:38 +05:30
|
|
|
#ifdef USE_PAM
|
|
|
|
if (retval == PAM_SUCCESS)
|
2007-10-07 17:14:59 +05:30
|
|
|
pam_end (pamh, PAM_SUCCESS);
|
|
|
|
#endif /* USE_PAM */
|
|
|
|
exit (E_SUCCESS);
|
2007-10-07 17:15:23 +05:30
|
|
|
/* NOT REACHED */
|
|
|
|
}
|
2008-03-09 04:31:49 +05:30
|
|
|
|