* NEWS, src/groupmod.c: When the gshadow file exists but there are
no gshadow entries, an entry is created if the password is changed and group requires a shadow entry.
This commit is contained in:
parent
d4e630b8cc
commit
a7fee9db00
@ -1,3 +1,9 @@
|
||||
2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
* NEWS, src/groupmod.c: When the gshadow file exists but there are
|
||||
no gshadow entries, an entry is created if the password is changed
|
||||
and group requires a shadow entry.
|
||||
|
||||
2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
* src/usermod.c: Fix typo in comment.
|
||||
|
3
NEWS
3
NEWS
@ -25,6 +25,9 @@ shadow-4.1.4.3 -> shadow-4.1.5 UNRELEASED
|
||||
specified.
|
||||
- groupmod
|
||||
* Fixed groupmod when configured with --enable-account-tools-setuid.
|
||||
* When the gshadow file exists but there are no gshadow entries, an entry
|
||||
is created if the password is changed and group requires a
|
||||
shadow entry.
|
||||
-login
|
||||
* Fixed limits support (non PAM enabled versions only)
|
||||
* Added support for infinite limits and group based limits (non PAM
|
||||
|
@ -2,7 +2,7 @@
|
||||
* Copyright (c) 1991 - 1994, Julianne Frances Haugh
|
||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
||||
* Copyright (c) 2000 - 2006, Tomasz Kłoczko
|
||||
* Copyright (c) 2007 - 2009, Nicolas François
|
||||
* Copyright (c) 2007 - 2011, Nicolas François
|
||||
* All rights reserved.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
@ -147,7 +147,17 @@ static void new_grent (struct group *grent)
|
||||
grent->gr_gid = group_newid;
|
||||
}
|
||||
|
||||
if (pflg) {
|
||||
if ( pflg
|
||||
#ifdef SHADOWGRP
|
||||
&& ( (!is_shadow_grp)
|
||||
|| (strcmp (grent->gr_passwd, SHADOW_PASSWD_STRING) != 0))
|
||||
#endif
|
||||
) {
|
||||
/* Update the password in group if there is no gshadow
|
||||
* file or if the password is currently in group
|
||||
* (gr_passwd != "x"). We do not force the usage of
|
||||
* shadow passwords if it was not the case before.
|
||||
*/
|
||||
grent->gr_passwd = group_passwd;
|
||||
}
|
||||
}
|
||||
@ -165,6 +175,13 @@ static void new_sgent (struct sgrp *sgent)
|
||||
sgent->sg_name = xstrdup (group_newname);
|
||||
}
|
||||
|
||||
/* Always update the shadowed password if there is a shadow entry
|
||||
* (even if shadowed passwords might not be enabled for this group
|
||||
* (gr_passwd != "x")).
|
||||
* It seems better to update the password in both places in case a
|
||||
* shadow and a non shadow entry exist.
|
||||
* This might occur only if there were already both entries.
|
||||
*/
|
||||
if (pflg) {
|
||||
sgent->sg_passwd = group_passwd;
|
||||
}
|
||||
@ -205,9 +222,21 @@ static void grp_update (void)
|
||||
if (NULL != osgrp) {
|
||||
sgrp = *osgrp;
|
||||
new_sgent (&sgrp);
|
||||
if (pflg) {
|
||||
grp.gr_passwd = SHADOW_PASSWD_STRING;
|
||||
}
|
||||
} else if ( pflg
|
||||
&& (strcmp (grp.gr_passwd, SHADOW_PASSWD_STRING) == 0)) {
|
||||
static char *empty = NULL;
|
||||
/* If there is a gshadow file with no entries for
|
||||
* the group, but the group file indicates a
|
||||
* shadowed password, we force the creation of a
|
||||
* gshadow entry when a new password is requested.
|
||||
*/
|
||||
memset (&sgrp, 0, sizeof sgrp);
|
||||
sgrp.sg_name = xstrdup (grp.gr_name);
|
||||
sgrp.sg_passwd = xstrdup (grp.gr_passwd);
|
||||
sgrp.sg_adm = ∅
|
||||
sgrp.sg_mem = dup_list (grp.gr_mem);
|
||||
new_sgent (&sgrp);
|
||||
osgrp = &sgrp; /* entry needs to be committed */
|
||||
}
|
||||
}
|
||||
#endif /* SHADOWGRP */
|
||||
|
Loading…
x
Reference in New Issue
Block a user