diff --git a/ChangeLog b/ChangeLog index 6ee6288f..21bf2e88 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2010-03-17 Nicolas François + + * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c, + src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the + SHADOWTCB_FAILURE return code instead of 0 or implicit conversion + to booleans. + 2010-03-18 Paweł Hajdan, Jr. * src/pwck.c: Add support for TCB. diff --git a/lib/shadowio.c b/lib/shadowio.c index 56d9a28f..aec90cd9 100644 --- a/lib/shadowio.c +++ b/lib/shadowio.c @@ -132,14 +132,14 @@ int spw_lock (void) return commonio_lock (&shadow_db); #ifdef WITH_TCB } - if (shadowtcb_drop_priv () == 0) { + if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) { return 0; } if (lckpwdf_tcb (shadow_db.filename) == 0) { shadow_db.locked = 1; retval = 1; } - if (shadowtcb_gain_priv () == 0) { + if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) { return 0; } return retval; @@ -152,13 +152,13 @@ int spw_open (int mode) #ifdef WITH_TCB bool use_tcb = getdef_bool ("USE_TCB"); - if (use_tcb && (shadowtcb_drop_priv () == 0)) { + if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) { return 0; } #endif /* WITH_TCB */ retval = commonio_open (&shadow_db, mode); #ifdef WITH_TCB - if (use_tcb && (shadowtcb_gain_priv () == 0)) { + if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) { return 0; } #endif /* WITH_TCB */ @@ -196,13 +196,13 @@ int spw_close (void) #ifdef WITH_TCB bool use_tcb = getdef_bool ("USE_TCB"); - if (use_tcb && (shadowtcb_drop_priv () == 0)) { + if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) { return 0; } #endif /* WITH_TCB */ retval = commonio_close (&shadow_db); #ifdef WITH_TCB - if (use_tcb && (shadowtcb_gain_priv () == 0)) { + if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) { return 0; } #endif /* WITH_TCB */ @@ -219,14 +219,14 @@ int spw_unlock (void) return commonio_unlock (&shadow_db); #ifdef WITH_TCB } - if (shadowtcb_drop_priv () == 0) { + if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) { return 0; } if (ulckpwdf_tcb () == 0) { shadow_db.locked = 0; retval = 1; } - if (shadowtcb_gain_priv () == 0) { + if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) { return 0; } return retval; diff --git a/src/chage.c b/src/chage.c index 4788a202..238a503c 100644 --- a/src/chage.c +++ b/src/chage.c @@ -857,13 +857,14 @@ int main (int argc, char **argv) STRFCPY (user_name, pw->pw_name); #ifdef WITH_TCB - if (!shadowtcb_set_user(pw->pw_name)) - fail_exit(E_NOPERM); + if (shadowtcb_set_user (pw->pw_name) == SHADOWTCB_FAILURE) { + fail_exit (E_NOPERM); + } #endif user_uid = pw->pw_uid; sp = spw_locate (argv[optind]); - get_defaults(sp); + get_defaults (sp); /* * Print out the expiration fields if the user has requested the diff --git a/src/pwck.c b/src/pwck.c index a66eb847..86d87dc0 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -469,12 +469,12 @@ static void check_pw_file (int *errors, bool *changed) if (is_shadow) { #ifdef WITH_TCB if (getdef_bool("USE_TCB")) { - if (!shadowtcb_set_user (pwd->pw_name)) { + if (shadowtcb_set_user (pwd->pw_name) == SHADOWTCB_FAILURE) { printf(_("no tcb directory for %s\n"), pwd->pw_name); printf(_("create tcb directory for %s?"), pwd->pw_name); *errors += 1; if (yes_or_no (read_only)) { - if (!shadowtcb_create(pwd->pw_name, pwd->pw_uid)) { + if (shadowtcb_create(pwd->pw_name, pwd->pw_uid) == SHADOWTCB_FAILURE) { *errors += 1; printf(_("failed to create tcb directory for %s\n"), pwd->pw_name); continue; diff --git a/src/useradd.c b/src/useradd.c index d419039a..d8cb8fbd 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -2003,7 +2003,7 @@ int main (int argc, char **argv) #ifdef WITH_TCB if (getdef_bool ("USE_TCB")) { - if (shadowtcb_create (user_name, user_id) == 0) { + if (shadowtcb_create (user_name, user_id) == SHADOWTCB_FAILURE) { fprintf (stderr, _("%s: Failed to create tcb directory for %s\n"), Prog, user_name); diff --git a/src/userdel.c b/src/userdel.c index 07e3ef14..929c7265 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -757,7 +757,7 @@ static int remove_tcbdir (const char *user_name, uid_t user_id) return 1; } snprintf (buf, buflen, TCB_DIR "/%s", user_name); - if (shadowtcb_drop_priv () == 0) { + if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) { fprintf (stderr, _("%s: Cannot drop privileges: %s\n"), Prog, strerror (errno)); shadowtcb_gain_priv (); @@ -776,7 +776,7 @@ static int remove_tcbdir (const char *user_name, uid_t user_id) } shadowtcb_gain_priv (); free (buf); - if (shadowtcb_remove (user_name) == 0) { + if (shadowtcb_remove (user_name) == SHADOWTCB_FAILURE) { fprintf (stderr, _("%s: Cannot remove tcb files for %s: %s\n"), Prog, user_name, strerror (errno)); ret = 1; @@ -906,7 +906,7 @@ int main (int argc, char **argv) user_home = xstrdup (pwd->pw_dir); } #ifdef WITH_TCB - if (shadowtcb_set_user (user_name) == 0) { + if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) { exit (E_NOTFOUND); } #endif /* WITH_TCB */ diff --git a/src/usermod.c b/src/usermod.c index ad98bb2f..bb9f85ad 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -1774,8 +1774,9 @@ int main (int argc, char **argv) #endif /* ACCT_TOOLS_SETUID */ #ifdef WITH_TCB - if (!shadowtcb_set_user (user_name)) + if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) { exit (E_PW_UPDATE); + } #endif /* @@ -1794,7 +1795,7 @@ int main (int argc, char **argv) #ifdef WITH_TCB if ( (lflg || uflg) - && (!shadowtcb_move (user_newname, user_newid)) ) { + && (shadowtcb_move (user_newname, user_newid) == SHADOWTCB_FAILURE) ) { exit (E_PW_UPDATE); } #endif diff --git a/src/vipw.c b/src/vipw.c index 00b4838a..199b2627 100644 --- a/src/vipw.c +++ b/src/vipw.c @@ -209,7 +209,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) && (errno != EEXIST)) { vipwexit (_("failed to create scratch directory"), errno, 1); } - if (shadowtcb_drop_priv () == 0) { + if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) { vipwexit (_("failed to drop privileges"), errno, 1); } snprintf (fileedit, sizeof fileedit, @@ -245,7 +245,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) } #endif /* WITH_SELINUX */ #ifdef WITH_TCB - if (tcb_mode && (shadowtcb_gain_priv () == 0)) { + if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) { vipwexit (_("failed to gain privileges"), errno, 1); } #endif /* WITH_TCB */ @@ -254,7 +254,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) } filelocked = true; #ifdef WITH_TCB - if (tcb_mode && (shadowtcb_drop_priv () == 0)) { + if (tcb_mode && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) { vipwexit (_("failed to drop privileges"), errno, 1); } #endif /* WITH_TCB */ @@ -268,7 +268,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) vipwexit (file, 1, 1); } #ifdef WITH_TCB - if (tcb_mode && (shadowtcb_gain_priv () == 0)) + if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) vipwexit (_("failed to gain privileges"), errno, 1); #endif /* WITH_TCB */ if (create_backup_file (f, fileedit, &st1) != 0) { @@ -354,7 +354,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) if (unlink (fileedit) != 0) { vipwexit (_("failed to unlink scratch file"), errno, 1); } - if (shadowtcb_drop_priv () == 0) { + if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) { vipwexit (_("failed to drop privileges"), errno, 1); } if (stat (file, &st1) != 0) { @@ -392,8 +392,9 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) #ifdef WITH_TCB if (tcb_mode) { free (to_rename); - if (shadowtcb_gain_priv () == 0) + if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) { vipwexit (_("failed to gain privileges"), errno, 1); + } } #endif /* WITH_TCB */ @@ -474,7 +475,7 @@ int main (int argc, char **argv) if (editshadow) { #ifdef WITH_TCB if (getdef_bool ("USE_TCB") && (NULL != user)) { - if (shadowtcb_set_user (user) == 0) { + if (shadowtcb_set_user (user) == SHADOWTCB_FAILURE) { fprintf (stderr, _("%s: failed to find tcb directory for %s\n"), progname, user);