emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

[svn-upgrade] Integrating new upstream version, shadow (4.0.11)

Browse Source
This commit is contained in:
nekral-guest
2007-10-07 11:46:34 +00:00
parent 8c50e06102
commit b48129fcbb
153 changed files with 8441 additions and 6643 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/Makefile.am
View File

@@ -20,8 +20,8 @@ INCLUDES = \
# and installation would be much simpler (just two directories,
# $prefix/bin and $prefix/sbin, no install-data hacks...)
bin_PROGRAMS = groups login su
ubin_PROGRAMS = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
bin_PROGRAMS = groups login su
ubin_PROGRAMS = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
usbin_PROGRAMS = \
chpasswd \
groupadd \
@@ -40,38 +40,40 @@ usbin_PROGRAMS = \
usermod \
vipw
login_SOURCES = \
login.c \
login_nopam.c
# id and groups are from gnu, sulogin from sysvinit
noinst_PROGRAMS = id sulogin
# id and groups are from gnu, sulogin from sysvinit
suidbins = su
suidubins = chage chfn chsh expiry gpasswd newgrp passwd
suidbins = su
suidubins = chage chfn chsh expiry gpasswd newgrp passwd
LDADD = $(top_builddir)/libmisc/libmisc.a \
$(top_builddir)/lib/libshadow.la
LDADD = $(top_builddir)/libmisc/libmisc.a \
$(top_builddir)/lib/libshadow.la
AM_CPPFLAGS = -DLOCALEDIR=\"$(datadir)/locale\"
chpasswd_LDADD = $(LDADD) $(LIBPAM)
chage_LDADD = $(LDADD) $(LIBPAM)
chfn_LDADD = $(LDADD) $(LIBPAM)
chsh_SOURCES = \
chsh.c \
chsh_chkshell.c
chsh_LDADD = $(LDADD) $(LIBPAM)
groupadd_LDADD = $(LDADD) $(LIBPAM)
groupdel_LDADD = $(LDADD) $(LIBPAM)
groupmod_LDADD = $(LDADD) $(LIBPAM)
login_SOURCES = \
login.c \
login_nopam.c
login_LDADD = $(LDADD) $(LIBPAM)
newusers_LDADD = $(LDADD) $(LIBPAM)
passwd_LDADD = $(LDADD) $(LIBPAM) $(LIBCRACK)
su_SOURCES = su.c suauth.c
su_SOURCES = \
su.c \
suauth.c
su_LDADD = $(LDADD) $(LIBPAM)
useradd_LDADD = $(LDADD) $(LIBPAM)
userdel_LDADD = $(LDADD) $(LIBPAM)
usermod_LDADD = $(LDADD) $(LIBPAM)
AM_CPPFLAGS = -DLOCALEDIR=\"$(datadir)/locale\"
install-am: all-am
$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
ln -sf newgrp $(DESTDIR)$(ubindir)/sg

40
src/Makefile.in
View File

@@ -14,7 +14,7 @@
@SET_MAKE@
SOURCES = chage.c chfn.c chpasswd.c chsh.c expiry.c faillog.c gpasswd.c groupadd.c groupdel.c groupmod.c groups.c grpck.c grpconv.c grpunconv.c id.c lastlog.c $(login_SOURCES) logoutd.c newgrp.c newusers.c passwd.c pwck.c pwconv.c pwunconv.c $(su_SOURCES) sulogin.c useradd.c userdel.c usermod.c vipw.c
SOURCES = chage.c chfn.c chpasswd.c $(chsh_SOURCES) expiry.c faillog.c gpasswd.c groupadd.c groupdel.c groupmod.c groups.c grpck.c grpconv.c grpunconv.c id.c lastlog.c $(login_SOURCES) logoutd.c newgrp.c newusers.c passwd.c pwck.c pwconv.c pwunconv.c $(su_SOURCES) sulogin.c useradd.c userdel.c usermod.c vipw.c
srcdir = @srcdir@
top_srcdir = @top_srcdir@
@@ -77,8 +77,8 @@ chfn_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2)
chpasswd_SOURCES = chpasswd.c
chpasswd_OBJECTS = chpasswd.$(OBJEXT)
chpasswd_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2)
chsh_SOURCES = chsh.c
chsh_OBJECTS = chsh.$(OBJEXT)
am_chsh_OBJECTS = chsh.$(OBJEXT) chsh_chkshell.$(OBJEXT)
chsh_OBJECTS = $(am_chsh_OBJECTS)
chsh_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2)
expiry_SOURCES = expiry.c
expiry_OBJECTS = expiry.$(OBJEXT)
@@ -202,15 +202,15 @@ LTCOMPILE = $(LIBTOOL) --tag=CC --mode=compile $(CC) $(DEFS) \
CCLD = $(CC)
LINK = $(LIBTOOL) --tag=CC --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(AM_LDFLAGS) $(LDFLAGS) -o $@
SOURCES = chage.c chfn.c chpasswd.c chsh.c expiry.c faillog.c \
SOURCES = chage.c chfn.c chpasswd.c $(chsh_SOURCES) expiry.c faillog.c \
gpasswd.c groupadd.c groupdel.c groupmod.c groups.c grpck.c \
grpconv.c grpunconv.c id.c lastlog.c $(login_SOURCES) \
logoutd.c newgrp.c newusers.c passwd.c pwck.c pwconv.c \
pwunconv.c $(su_SOURCES) sulogin.c useradd.c userdel.c \
usermod.c vipw.c
DIST_SOURCES = chage.c chfn.c chpasswd.c chsh.c expiry.c faillog.c \
gpasswd.c groupadd.c groupdel.c groupmod.c groups.c grpck.c \
grpconv.c grpunconv.c id.c lastlog.c $(login_SOURCES) \
DIST_SOURCES = chage.c chfn.c chpasswd.c $(chsh_SOURCES) expiry.c \
faillog.c gpasswd.c groupadd.c groupdel.c groupmod.c groups.c \
grpck.c grpconv.c grpunconv.c id.c lastlog.c $(login_SOURCES) \
logoutd.c newgrp.c newusers.c passwd.c pwck.c pwconv.c \
pwunconv.c $(su_SOURCES) sulogin.c useradd.c userdel.c \
usermod.c vipw.c
@@ -258,10 +258,12 @@ LIBCRACK = @LIBCRACK@
LIBCRYPT = @LIBCRYPT@
LIBICONV = @LIBICONV@
LIBINTL = @LIBINTL@
LIBMD = @LIBMD@
LIBOBJS = @LIBOBJS@
LIBPAM = @LIBPAM@
LIBS = @LIBS@
LIBSELINUX = @LIBSELINUX@
LIBSKEY = @LIBSKEY@
LIBTOOL = @LIBTOOL@
LN_S = @LN_S@
LTLIBICONV = @LTLIBICONV@
@@ -344,33 +346,38 @@ INCLUDES = \
-I${top_srcdir}/lib \
-I$(top_srcdir)/libmisc
login_SOURCES = \
login.c \
login_nopam.c
# id and groups are from gnu, sulogin from sysvinit
suidbins = su
suidubins = chage chfn chsh expiry gpasswd newgrp passwd
LDADD = $(top_builddir)/libmisc/libmisc.a \
$(top_builddir)/lib/libshadow.la
$(top_builddir)/lib/libshadow.la
AM_CPPFLAGS = -DLOCALEDIR=\"$(datadir)/locale\"
chpasswd_LDADD = $(LDADD) $(LIBPAM)
chage_LDADD = $(LDADD) $(LIBPAM)
chfn_LDADD = $(LDADD) $(LIBPAM)
chsh_SOURCES = \
chsh.c \
chsh_chkshell.c
chsh_LDADD = $(LDADD) $(LIBPAM)
groupadd_LDADD = $(LDADD) $(LIBPAM)
groupdel_LDADD = $(LDADD) $(LIBPAM)
groupmod_LDADD = $(LDADD) $(LIBPAM)
login_SOURCES = \
login.c \
login_nopam.c
login_LDADD = $(LDADD) $(LIBPAM)
newusers_LDADD = $(LDADD) $(LIBPAM)
passwd_LDADD = $(LDADD) $(LIBPAM) $(LIBCRACK)
su_SOURCES = su.c suauth.c
su_SOURCES = \
su.c \
suauth.c
su_LDADD = $(LDADD) $(LIBPAM)
useradd_LDADD = $(LDADD) $(LIBPAM)
userdel_LDADD = $(LDADD) $(LIBPAM)
usermod_LDADD = $(LDADD) $(LIBPAM)
AM_CPPFLAGS = -DLOCALEDIR=\"$(datadir)/locale\"
all: all-am
.SUFFIXES:
@@ -596,6 +603,7 @@ distclean-compile:
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chfn.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chpasswd.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chsh.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chsh_chkshell.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/expiry.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faillog.Po@am__quote@
@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gpasswd.Po@am__quote@

14
src/chage.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: chage.c,v 1.47 2005/06/20 15:43:09 kloczek Exp $")
RCSID (PKG_VER "$Id: chage.c,v 1.49 2005/07/11 16:12:38 kloczek Exp $")
#include <ctype.h>
#include <fcntl.h>
#include <getopt.h>
@@ -77,8 +77,13 @@ static long expdays;
#define EPOCH "1969-12-31"
/*
* exit status values
*/
#define E_SUCCESS 0 /* success */
#define E_NOPERM 1 /* permission denied */
#define E_USAGE 2 /* invalid command syntax */
/* local function prototypes */
static void usage (void);
@@ -121,7 +126,7 @@ static void usage (void)
" -M, --maxdays MAX_DAYS set maximim number of days before password\n"
" change to MAX_DAYS\n"
" -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n"));
exit (1);
exit (E_USAGE);
}
static void date_to_str (char *buf, size_t maxsize, time_t date)
@@ -547,7 +552,7 @@ int main (int argc, char **argv)
*/
if (locks && !spw_lock ()) {
fprintf (stderr,
_("%s: can't lock shadow password file"), Prog);
_("%s: can't lock shadow password file\n"), Prog);
cleanup (1);
SYSLOG ((LOG_ERR, "failed locking %s", SHADOW_FILE));
closelog ();
@@ -555,7 +560,7 @@ int main (int argc, char **argv)
}
if (!spw_open (locks ? O_RDWR : O_RDONLY)) {
fprintf (stderr,
_("%s: can't open shadow password file"), Prog);
_("%s: can't open shadow password file\n"), Prog);
cleanup (2);
SYSLOG ((LOG_ERR, "failed opening %s", SHADOW_FILE));
closelog ();
@@ -752,5 +757,4 @@ int main (int argc, char **argv)
closelog ();
exit (E_SUCCESS);
/* NOTREACHED */
}

38
src/chfn.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: chfn.c,v 1.28 2005/06/20 09:36:26 kloczek Exp $")
RCSID (PKG_VER "$Id: chfn.c,v 1.29 2005/07/07 15:32:50 kloczek Exp $")
#include <sys/types.h>
#include <stdio.h>
#include <fcntl.h>
@@ -271,24 +271,6 @@ int main (int argc, char **argv)
fflg++;
STRFCPY (fullnm, optarg);
break;
case 'r':
if (!may_change_field ('r')) {
fprintf (stderr,
_("%s: Permission denied.\n"), Prog);
exit (1);
}
rflg++;
STRFCPY (roomno, optarg);
break;
case 'w':
if (!may_change_field ('w')) {
fprintf (stderr,
_("%s: Permission denied.\n"), Prog);
exit (1);
}
wflg++;
STRFCPY (workph, optarg);
break;
case 'h':
if (!may_change_field ('h')) {
fprintf (stderr,
@@ -298,6 +280,15 @@ int main (int argc, char **argv)
hflg++;
STRFCPY (homeph, optarg);
break;
case 'r':
if (!may_change_field ('r')) {
fprintf (stderr,
_("%s: Permission denied.\n"), Prog);
exit (1);
}
rflg++;
STRFCPY (roomno, optarg);
break;
case 'o':
if (!amroot) {
fprintf (stderr,
@@ -307,6 +298,15 @@ int main (int argc, char **argv)
oflg++;
STRFCPY (slop, optarg);
break;
case 'w':
if (!may_change_field ('w')) {
fprintf (stderr,
_("%s: Permission denied.\n"), Prog);
exit (1);
}
wflg++;
STRFCPY (workph, optarg);
break;
default:
usage ();
}

93
src/chsh_chkshell.c Normal file
View File

@@ -0,0 +1,93 @@
/*
* Copyright 1989 - 1994, Julianne Frances Haugh
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of Julianne F. Haugh nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
#include "rcsid.h"
RCSID ("$Id: chsh_chkshell.c,v 1.1 2005/07/07 08:40:27 kloczek Exp $")
#include <sys/types.h>
#include <stdio.h>
#include <fcntl.h>
#include "prototypes.h"
#include "defines.h"
#ifndef SHELLS_FILE
#define SHELLS_FILE "/etc/shells"
#endif
/*
* check_shell - see if the user's login shell is listed in /etc/shells
*
* The /etc/shells file is read for valid names of login shells. If the
* /etc/shells file does not exist the user cannot set any shell unless
* they are root.
*
* If getusershell() is available (Linux, *BSD, possibly others), use it
* instead of re-implementing it.
*/
int check_shell (const char *sh)
{
char *cp;
int found = 0;
#ifndef HAVE_GETUSERSHELL
char buf[BUFSIZ];
FILE *fp;
#endif
#ifdef HAVE_GETUSERSHELL
setusershell ();
while ((cp = getusershell ())) {
if (*cp == '#')
continue;
if (strcmp (cp, sh) == 0) {
found = 1;
break;
}
}
endusershell ();
#else
if ((fp = fopen (SHELLS_FILE, "r")) == (FILE *) 0)
return 0;
while (fgets (buf, sizeof (buf), fp)) {
if ((cp = strrchr (buf, '\n')))
*cp = '\0';
if (buf[0] == '#')
continue;
if (strcmp (buf, sh) == 0) {
found = 1;
break;
}
}
fclose (fp);
#endif
return found;
}

4
src/gpasswd.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: gpasswd.c,v 1.25 2005/06/20 09:36:27 kloczek Exp $")
RCSID (PKG_VER "$Id: gpasswd.c,v 1.26 2005/07/07 15:11:48 kloczek Exp $")
#include <sys/types.h>
#include <stdio.h>
#include <pwd.h>
@@ -207,7 +207,7 @@ int main (int argc, char **argv)
#ifdef SHADOWGRP
is_shadowgrp = sgr_file_present ();
#endif
while ((flag = getopt (argc, argv, "a:d:grRA:M:")) != EOF) {
while ((flag = getopt (argc, argv, "a:A:d:gM:rR")) != EOF) {
switch (flag) {
case 'a': /* add a user */
user = optarg;

48
src/groupadd.c
View File

@@ -30,12 +30,17 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: groupadd.c,v 1.33 2005/06/20 09:57:51 kloczek Exp $")
RCSID (PKG_VER "$Id: groupadd.c,v 1.37 2005/07/18 13:17:45 kloczek Exp $")
#include <sys/types.h>
#include <stdio.h>
#include <grp.h>
#include <ctype.h>
#include <fcntl.h>
#ifdef USE_PAM
#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <pwd.h>
#endif /* USE_PAM */
#include "defines.h"
#include "prototypes.h"
#include "chkname.h"
@@ -44,11 +49,6 @@ RCSID (PKG_VER "$Id: groupadd.c,v 1.33 2005/06/20 09:57:51 kloczek Exp $")
#include "nscd.h"
#ifdef SHADOWGRP
#include "sgroupio.h"
#ifdef USE_PAM
#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <pwd.h>
#endif /* USE_PAM */
static int is_shadow_grp;
#endif
@@ -295,8 +295,18 @@ static void process_flags (int argc, char **argv)
char *cp;
int arg;
while ((arg = getopt (argc, argv, "og:O:f")) != EOF) {
while ((arg = getopt (argc, argv, "fg:K:o")) != EOF) {
switch (arg) {
case 'f':
/*
* "force" - do nothing, just exit(0), if the
* specified group already exists. With -g, if
* specified gid already exists, choose another
* (unique) gid (turn off -g). Based on the RedHat's
* patch from shadow-utils-970616-9.
*/
fflg++;
break;
case 'g':
gflg++;
if (!isdigit (optarg[0]))
@@ -310,19 +320,16 @@ static void process_flags (int argc, char **argv)
fail_exit (E_BAD_ARG);
}
break;
case 'o':
oflg++;
break;
case 'O':
case 'K':
/*
* override login.defs defaults (-O name=value)
* example: -O GID_MIN=100 -O GID_MAX=499
* note: -O GID_MIN=10,GID_MAX=499 doesn't work yet
* override login.defs defaults (-K name=value)
* example: -K GID_MIN=100 -K GID_MAX=499
* note: -K GID_MIN=10,GID_MAX=499 doesn't work yet
*/
cp = strchr (optarg, '=');
if (!cp) {
fprintf (stderr,
_("%s: -O requires NAME=VALUE\n"),
_("%s: -K requires KEY=VALUE\n"),
Prog);
exit (E_BAD_ARG);
}
@@ -331,15 +338,8 @@ static void process_flags (int argc, char **argv)
if (putdef_str (optarg, cp) < 0)
exit (E_BAD_ARG);
break;
case 'f':
/*
* "force" - do nothing, just exit(0), if the
* specified group already exists. With -g, if
* specified gid already exists, choose another
* (unique) gid (turn off -g). Based on the RedHat's
* patch from shadow-utils-970616-9.
*/
fflg++;
case 'o':
oflg++;
break;
default:
usage ();

4
src/groupmod.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: groupmod.c,v 1.28 2005/06/20 09:57:51 kloczek Exp $")
RCSID (PKG_VER "$Id: groupmod.c,v 1.29 2005/07/07 15:11:48 kloczek Exp $")
#include <sys/types.h>
#include <stdio.h>
#include <grp.h>
@@ -297,7 +297,7 @@ static void process_flags (int argc, char **argv)
char *end;
int arg;
while ((arg = getopt (argc, argv, "og:n:")) != EOF) {
while ((arg = getopt (argc, argv, "g:n:o")) != EOF) {
switch (arg) {
case 'g':
gflg++;

54
src/login.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: login.c,v 1.59 2005/06/20 09:36:27 kloczek Exp $")
RCSID (PKG_VER "$Id: login.c,v 1.66 2005/07/07 15:32:50 kloczek Exp $")
#include "prototypes.h"
#include "defines.h"
#include <sys/stat.h>
@@ -58,7 +58,7 @@ static pam_handle_t *pamh = NULL;
#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
SYSLOG((LOG_ERR,"%s",pam_strerror(pamh, retcode))); \
pam_end(pamh, retcode); exit(1); \
}
#define PAM_END { retcode = pam_close_session(pamh,0); \
@@ -277,9 +277,11 @@ static void init_env (void)
if ((tmp = getenv ("TZ"))) {
addenv ("TZ", tmp);
} else if ((cp = getdef_str ("ENV_TZ")))
}
#ifndef USE_PAM
else if ((cp = getdef_str ("ENV_TZ")))
addenv (*cp == '/' ? tz (cp) : cp, NULL);
#endif /* !USE_PAM */
/*
* Add the clock frequency so that profiling commands work
* correctly.
@@ -287,8 +289,11 @@ static void init_env (void)
if ((tmp = getenv ("HZ"))) {
addenv ("HZ", tmp);
} else if ((cp = getdef_str ("ENV_HZ")))
}
#ifndef USE_PAM
else if ((cp = getdef_str ("ENV_HZ")))
addenv (cp, NULL);
#endif /* !USE_PAM */
}
@@ -347,8 +352,7 @@ int main (int argc, char **argv)
int retcode;
pid_t child;
char *pam_user;
#endif /* USE_PAM */
#ifndef USE_PAM
#else
struct spwd *spwd = NULL;
#endif
/*
@@ -371,8 +375,8 @@ int main (int argc, char **argv)
while ((flag = getopt (argc, argv, "d:f::h:pr:")) != EOF) {
switch (flag) {
case 'p':
pflg++;
case 'd':
/* "-d device" ignored for compatibility */
break;
case 'f':
/*
@@ -389,6 +393,11 @@ int main (int argc, char **argv)
if (optarg)
STRFCPY (username, optarg);
break;
case 'h':
hflg++;
hostname = optarg;
reason = PW_TELNET;
break;
#ifdef RLOGIN
case 'r':
rflg++;
@@ -396,13 +405,8 @@ int main (int argc, char **argv)
reason = PW_RLOGIN;
break;
#endif
case 'h':
hflg++;
hostname = optarg;
reason = PW_TELNET;
break;
case 'd':
/* "-d device" ignored for compatibility */
case 'p':
pflg++;
break;
default:
usage ();
@@ -503,6 +507,7 @@ int main (int argc, char **argv)
setup_tty ();
#ifndef USE_PAM
umask (getdef_num ("UMASK", 077));
{
@@ -519,6 +524,7 @@ int main (int argc, char **argv)
set_filesize_limit (limit);
}
#endif
/*
* The entire environment will be preserved if the -p flag
* is used.
@@ -589,8 +595,8 @@ int main (int argc, char **argv)
fprintf (stderr,
"login: PAM Failure, aborting: %s\n",
pam_strerror (pamh, retcode));
syslog (LOG_ERR, "Couldn't initialize PAM: %s",
pam_strerror (pamh, retcode));
SYSLOG ((LOG_ERR, "Couldn't initialize PAM: %s",
pam_strerror (pamh, retcode)));
exit (99);
}
/*
@@ -649,10 +655,10 @@ int main (int argc, char **argv)
(retcode == PAM_AUTHINFO_UNAVAIL))) {
pam_get_item (pamh, PAM_USER,
(const void **) &pam_user);
syslog (LOG_NOTICE,
SYSLOG ((LOG_NOTICE,
"FAILED LOGIN %d FROM %s FOR %s, %s",
failcount, hostname, pam_user,
pam_strerror (pamh, retcode));
pam_strerror (pamh, retcode)));
#ifdef HAVE_PAM_FAIL_DELAY
pam_fail_delay (pamh, 1000000 * delay);
#endif
@@ -666,16 +672,16 @@ int main (int argc, char **argv)
(const void **) &pam_user);
if (retcode == PAM_MAXTRIES)
syslog (LOG_NOTICE,
SYSLOG ((LOG_NOTICE,
"TOO MANY LOGIN TRIES (%d) FROM %s FOR %s, %s",
failcount, hostname,
pam_user,
pam_strerror (pamh, retcode));
pam_strerror (pamh, retcode)));
else
syslog (LOG_NOTICE,
SYSLOG ((LOG_NOTICE,
"FAILED LOGIN SESSION FROM %s FOR %s, %s",
hostname, pam_user,
pam_strerror (pamh, retcode));
pam_strerror (pamh, retcode)));
fprintf (stderr, "\nLogin incorrect\n");
pam_end (pamh, retcode);

18
src/login_nopam.c
View File

@@ -23,7 +23,7 @@
#ifndef USE_PAM
#include "rcsid.h"
RCSID ("$Id: login_nopam.c,v 1.3 2005/04/17 15:38:56 kloczek Exp $")
RCSID ("$Id: login_nopam.c,v 1.5 2005/07/02 17:53:06 kloczek Exp $")
#include "prototypes.h"
/*
* This module implements a simple but effective form of login access
@@ -103,9 +103,9 @@ int login_access (const char *user, const char *from)
while (!match && fgets (line, sizeof (line), fp)) {
lineno++;
if (line[end = strlen (line) - 1] != '\n') {
syslog (LOG_ERR,
SYSLOG ((LOG_ERR,
"%s: line %d: missing newline or line too long",
TABLE, lineno);
TABLE, lineno));
continue;
}
if (line[0] == '#')
@@ -119,15 +119,15 @@ int login_access (const char *user, const char *from)
|| !(users = strtok ((char *) 0, fs))
|| !(froms = strtok ((char *) 0, fs))
|| strtok ((char *) 0, fs)) {
syslog (LOG_ERR,
SYSLOG ((LOG_ERR,
"%s: line %d: bad field count",
TABLE, lineno);
TABLE, lineno));
continue;
}
if (perm[0] != '+' && perm[0] != '-') {
syslog (LOG_ERR,
SYSLOG ((LOG_ERR,
"%s: line %d: bad first field",
TABLE, lineno);
TABLE, lineno));
continue;
}
match = (list_match (froms, from, from_match)
@@ -135,7 +135,7 @@ int login_access (const char *user, const char *from)
}
(void) fclose (fp);
} else if (errno != ENOENT) {
syslog (LOG_ERR, "cannot open %s: %m", TABLE);
SYSLOG ((LOG_ERR, "cannot open %s: %m", TABLE));
}
return (match == 0 || (line[0] == '+'));
}
@@ -262,7 +262,7 @@ char *string;
if (hp)
return inet_ntoa (*((struct in_addr *) *(hp->h_addr_list)));
syslog (LOG_ERR, "%s - unknown host", string);
SYSLOG ((LOG_ERR, "%s - unknown host", string));
return string;
}

12
src/logoutd.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: logoutd.c,v 1.25 2005/03/31 05:14:54 kloczek Exp $")
RCSID (PKG_VER "$Id: logoutd.c,v 1.26 2005/07/05 20:17:51 kloczek Exp $")
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
@@ -153,15 +153,7 @@ int main (int argc, char **argv)
#ifndef DEBUG
for (i = 0; close (i) == 0; i++);
#ifdef HAVE_SETPGRP
#ifdef SETPGRP_VOID
setpgrp (); /* USG */
#else
setpgrp (getpid (), getpid ());
#endif
#else /* !HAVE_SETPGRP */
setpgid (getpid (), getpid ()); /* BSD || SUN || SUN4 */
#endif /* !HAVE_SETPGRP */
setpgrp ();
/*
* Put this process in the background.

48
src/newgrp.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: newgrp.c,v 1.32 2005/06/20 10:17:08 kloczek Exp $")
RCSID (PKG_VER "$Id: newgrp.c,v 1.34 2005/07/08 17:58:55 kloczek Exp $")
#include <stdio.h>
#include <errno.h>
#include <grp.h>
@@ -63,6 +63,35 @@ static void usage (void)
fprintf (stderr, _("Usage: sg group [[-c] command]\n"));
}
/*
* find_matching_group - search all groups of a given group id for
* membership of a given username
*/
static struct group *find_matching_group (const char *name, gid_t gid)
{
struct group *gr;
char **look;
int notfound = 1;
setgrent ();
while ((gr = getgrent ()) != NULL) {
if (gr->gr_gid != gid) {
continue;
}
/*
* A group with matching GID was found.
* Test for membership of 'name'.
*/
look = gr->gr_mem;
while (*look && (notfound = strcmp (*look++, name)));
if (!notfound)
break;
}
endgrent ();
return gr;
}
/*
* newgrp - change the invokers current real and effective group id
*/
@@ -289,6 +318,23 @@ int main (int argc, char **argv)
fprintf (stderr, _("unknown group: %s\n"), group);
goto failure;
}
/*
* For splitted groups (due to limitations of NIS), check all
* groups of the same GID like the requested group for
* membership of the current user.
*/
grp = find_matching_group (name, grp->gr_gid);
if (!grp) {
/*
* No matching group found. As we already know that
* the group exists, this happens only in the case
* of a requested group where the user is not member.
*
* Re-read the group entry for further processing.
*/
grp = getgrnam (group);
}
#ifdef SHADOWGRP
if ((sgrp = getsgnam (group))) {
grp->gr_passwd = sgrp->sg_passwd;

56
src/passwd.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: passwd.c,v 1.39 2005/06/20 09:36:27 kloczek Exp $")
RCSID (PKG_VER "$Id: passwd.c,v 1.41 2005/07/07 15:32:50 kloczek Exp $")
#include "prototypes.h"
#include "defines.h"
#include <sys/types.h>
@@ -670,22 +670,17 @@ int main (int argc, char **argv)
*/
while ((flag = getopt (argc, argv, "adlqr:uSekn:x:i:w:")) != EOF) {
while ((flag = getopt (argc, argv, "adei:kln:qr:Suw:x:")) != EOF) {
switch (flag) {
case 'x':
age_max = getnumber (optarg);
xflg++;
case 'a':
aflg++;
break;
case 'd':
dflg++;
anyflag = 1;
break;
case 'n':
age_min = getnumber (optarg);
nflg++;
anyflag = 1;
break;
case 'w':
warn = getnumber (optarg);
if (warn >= -1)
wflg++;
case 'e':
eflg++;
anyflag = 1;
break;
case 'i':
@@ -694,16 +689,18 @@ int main (int argc, char **argv)
iflg++;
anyflag = 1;
break;
case 'e':
eflg++;
anyflag = 1;
break;
case 'k':
/* change only if expired, like Linux-PAM passwd -k. */
kflg++; /* ok for users */
break;
case 'a':
aflg++;
case 'l':
lflg++;
anyflag = 1;
break;
case 'n':
age_min = getnumber (optarg);
nflg++;
anyflag = 1;
break;
case 'q':
qflg++; /* ok for users */
@@ -711,18 +708,16 @@ int main (int argc, char **argv)
case 'S':
Sflg++; /* ok for users */
break;
case 'd':
dflg++;
anyflag = 1;
break;
case 'l':
lflg++;
anyflag = 1;
break;
case 'u':
uflg++;
anyflag = 1;
break;
case 'w':
warn = getnumber (optarg);
if (warn >= -1)
wflg++;
anyflag = 1;
break;
case 'r':
/* -r repository (files|nis|nisplus) */
/* only "files" supported for now */
@@ -734,6 +729,11 @@ int main (int argc, char **argv)
exit (E_BAD_ARG);
}
break;
case 'x':
age_max = getnumber (optarg);
xflg++;
anyflag = 1;
break;
default:
usage (E_BAD_ARG);
}

73
src/su.c
View File

@@ -30,42 +30,40 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: su.c,v 1.34 2005/06/20 10:17:08 kloczek Exp $")
#include <sys/types.h>
RCSID (PKG_VER "$Id: su.c,v 1.39 2005/07/18 10:14:39 kloczek Exp $")
#include <grp.h>
#include <pwd.h>
#include <signal.h>
#include <stdio.h>
#include <sys/types.h>
#include "prototypes.h"
#include "defines.h"
#include "pwauth.h"
#include "getdef.h"
#ifdef USE_PAM
#include "pam_defs.h"
#endif
/*
* Assorted #defines to control su's behavior
*/
/*
* Global variables
*/
/* not needed by sulog.c anymore */
static char name[BUFSIZ];
static char oldname[BUFSIZ];
#ifdef USE_PAM
static const struct pam_conv conv = {
misc_conv,
NULL
};
static pam_handle_t *pamh = NULL;
static int caught = 0;
#endif
#include "prototypes.h"
#include "defines.h"
#include <grp.h>
#include <signal.h>
#include <pwd.h>
#include "pwauth.h"
#include "getdef.h"
/*
* Assorted #defines to control su's behavior
*/
/*
* Global variables
*/
/* not needed by sulog.c anymore */
static char name[BUFSIZ];
static char oldname[BUFSIZ];
static char *Prog;
extern struct passwd pwent;
/*
@@ -73,9 +71,8 @@ extern struct passwd pwent;
*/
extern char **newenvp;
extern size_t newenvc;
extern char **environ;
extern size_t newenvc;
/* local function prototypes */
@@ -133,9 +130,8 @@ static void su_failure (const char *tty)
exit (1);
}
#ifdef USE_PAM
static int caught = 0;
#ifdef USE_PAM
/* Signal handler for parent process later */
static void su_catch_sig (int sig)
{
@@ -341,13 +337,6 @@ int main (int argc, char **argv)
*/
if (fakelogin) {
if ((cp = getdef_str ("ENV_TZ")))
addenv (*cp == '/' ? tz (cp) : cp, NULL);
/*
* The clock frequency will be reset to the login value if required
*/
if ((cp = getdef_str ("ENV_HZ")))
addenv (cp, NULL); /* set the default $HZ, if one */
/*
* The terminal type will be left alone if it is present in
* the environment already.
@@ -355,6 +344,13 @@ int main (int argc, char **argv)
if ((cp = getenv ("TERM")))
addenv ("TERM", cp);
#ifndef USE_PAM
if ((cp = getdef_str ("ENV_TZ")))
addenv (*cp == '/' ? tz (cp) : cp, NULL);
/*
* The clock frequency will be reset to the login value if required
*/
if ((cp = getdef_str ("ENV_HZ")))
addenv (cp, NULL); /* set the default $HZ, if one */
/*
* Also leave DISPLAY and XAUTHORITY if present, else
* pam_xauth will not work.
@@ -506,6 +502,8 @@ int main (int argc, char **argv)
if (pwent.pw_shell[0] == '\0')
pwent.pw_shell = "/bin/sh"; /* XXX warning: const */
signal (SIGINT, SIG_IGN);
signal (SIGQUIT, SIG_IGN);
#ifdef USE_PAM
ret = pam_authenticate (pamh, 0);
if (ret != PAM_SUCCESS) {
@@ -586,6 +584,7 @@ int main (int argc, char **argv)
#endif /* !USE_PAM */
signal (SIGINT, SIG_DFL);
#ifndef USE_PAM
cp = getdef_str ((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
/* XXX very similar code duplicated in libmisc/setupenv.c */
@@ -597,10 +596,8 @@ int main (int argc, char **argv)
addenv ("PATH", cp);
}
/* setup the environment for pam later on, else we run into auth problems */
#ifndef USE_PAM
environ = newenvp; /* make new environment active */
#endif
#endif /* !USE_PAM */
if (getenv ("IFS")) /* don't export user IFS ... */
addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */

20
src/sulogin.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: sulogin.c,v 1.18 2005/03/31 05:14:54 kloczek Exp $")
RCSID (PKG_VER "$Id: sulogin.c,v 1.20 2005/07/06 11:33:06 kloczek Exp $")
#include "prototypes.h"
#include "defines.h"
#include "getdef.h"
@@ -108,7 +108,7 @@ static RETSIGTYPE catch (int sig)
dup (0);
} else {
#ifdef USE_SYSLOG
syslog (LOG_WARN, "cannot open %s\n", argv[1]);
SYSLOG (LOG_WARN, "cannot open %s\n", argv[1]);
closelog ();
#endif
exit (1);
@@ -117,7 +117,7 @@ static RETSIGTYPE catch (int sig)
if (access (PASSWD_FILE, F_OK) == -1) { /* must be a password file! */
printf (_("No password file\n"));
#ifdef USE_SYSLOG
syslog (LOG_WARN, "No password file\n");
SYSLOG (LOG_WARN, "No password file\n");
closelog ();
#endif
exit (1);
@@ -125,7 +125,7 @@ static RETSIGTYPE catch (int sig)
#if !defined(DEBUG) && defined(SULOGIN_ONLY_INIT)
if (getppid () != 1) { /* parent must be INIT */
#ifdef USE_SYSLOG
syslog (LOG_WARN, "Pid == %d, not 1\n", getppid ());
SYSLOG (LOG_WARN, "Pid == %d, not 1\n", getppid ());
closelog ();
#endif
exit (1);
@@ -140,10 +140,14 @@ static RETSIGTYPE catch (int sig)
while (*envp) /* add inherited environment, */
addenv (*envp++, NULL); /* some variables change later */
#ifndef USE_PAM
if ((cp = getdef_str ("ENV_TZ")))
addenv (*cp == '/' ? tz (cp) : cp, NULL);
if ((cp = getdef_str ("ENV_HZ")))
addenv (cp, NULL); /* set the default $HZ, if one */
#endif /* !USE_PAM */
(void) strcpy (name, "root"); /* KLUDGE!!! */
signal (SIGALRM, catch); /* exit if the timer expires */
@@ -159,7 +163,7 @@ static RETSIGTYPE catch (int sig)
printf (_("No password entry for 'root'\n"));
#ifdef USE_SYSLOG
syslog (LOG_WARN, "No password entry for 'root'\n");
SYSLOG (LOG_WARN, "No password entry for 'root'\n");
closelog ();
#endif
exit (1);
@@ -181,7 +185,7 @@ static RETSIGTYPE catch (int sig)
*/
if (!cp || !*cp) {
#ifdef USE_SYSLOG
syslog (LOG_INFO, "Normal startup\n");
SYSLOG (LOG_INFO, "Normal startup\n");
closelog ();
#endif
puts ("\n");
@@ -197,7 +201,7 @@ static RETSIGTYPE catch (int sig)
break; /* ... encrypted passwords matched */
#ifdef USE_SYSLOG
syslog (LOG_WARN, "Incorrect root password\n");
SYSLOG (LOG_WARN, "Incorrect root password\n");
#endif
sleep (2);
puts (_("Login incorrect"));
@@ -209,7 +213,7 @@ static RETSIGTYPE catch (int sig)
puts (_("Entering System Maintenance Mode\n"));
#ifdef USE_SYSLOG
syslog (LOG_INFO, "System Maintenance Mode\n");
SYSLOG (LOG_INFO, "System Maintenance Mode\n");
#endif
#ifdef USE_SYSLOG

433
src/useradd.c
View File

@@ -30,26 +30,27 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: useradd.c,v 1.59 2005/06/20 10:17:09 kloczek Exp $")
#include "prototypes.h"
#include "defines.h"
#include "chkname.h"
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
#include <errno.h>
#include <pwd.h>
#include <grp.h>
RCSID (PKG_VER "$Id: useradd.c,v 1.67 2005/07/11 11:58:00 kloczek Exp $")
#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
#include <time.h>
#include <getopt.h>
#include <grp.h>
#include <lastlog.h>
#include <pwd.h>
#ifdef USE_PAM
#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <pwd.h>
#endif /* USE_PAM */
#include <stdio.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <time.h>
#include "prototypes.h"
#include "defines.h"
#include "chkname.h"
#include "pwauth.h"
#include <lastlog.h>
#include "faillog.h"
#include "nscd.h"
#ifndef SKEL_DIR
@@ -630,17 +631,32 @@ static int get_groups (char *list)
static void usage (void)
{
fprintf (stderr,
_
("Usage: useradd [-u uid [-o]] [-g group] [-G group,...] \n"));
fprintf (stderr,
_
(" [-d home] [-s shell] [-c comment] [-m [-k template]]\n"));
fprintf (stderr, _(" [-f inactive] [-e expire]\n"));
fprintf (stderr, _(" [-p passwd] name\n"));
fprintf (stderr,
_(" useradd -D [-g group] [-b base] [-s shell]\n"));
fprintf (stderr, _(" [-f inactive] [-e expire]\n"));
fprintf (stderr, _("Usage: useradd [options] LOGIN\n"
"\n"
"Options:\n"
" -b, --base-dir BASE_DIR base directory for the the new user account\n"
" home directory\n"
" -c, --comment COMMENT set the GECOS field for the new user account\n"
" -d, --home-dir HOME_DIR home directory for the new user account\n"
" -D, --defaults print or save modified default useradd\n"
" configuration\n"
" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"
" -f, --inactive INACTIVE set password inactive after expiration\n"
" to INACTIVE\n"
" -g, --gid GROUP force use GROUP for the new user account\n"
" -G, --groups GROUPS list of supplementary groups for the new\n"
" user account\n"
" -h, --help display this help message and exit\n"
" -k, --skel SKEL_DIR specify an alternative skel directory\n"
" -K, --key KEY=VALUE overrides /etc/login.defs defaults\n"
" -m, --create-home create home directory for the new user\n"
" account\n"
" -o, --non-unique allow create user with duplicate\n"
" (non-unique) UID\n"
" -p, --password PASSWORD use encrypted password for the new user\n"
" account\n"
" -s, --shell SHELL the login shell for the new user account\n"
" -u, --uid UID force use the UID for the new user account\n"));
exit (E_USAGE);
}
@@ -920,182 +936,211 @@ static void process_flags (int argc, char **argv)
{
const struct group *grp;
int anyflag = 0;
int arg;
char *cp;
while ((arg =
getopt (argc, argv, "A:Du:og:G:d:s:c:mk:p:f:e:b:O:M")) != EOF) {
switch (arg) {
case 'b':
if (!Dflg)
usage ();
{
/*
* Parse the command line options.
*/
int c;
static struct option long_options[] = {
{"base-dir", required_argument, NULL, 'b'},
{"comment", required_argument, NULL, 'c'},
{"home-dir", required_argument, NULL, 'd'},
{"defaults", required_argument, NULL, 'D'},
{"expiredate", required_argument, NULL, 'e'},
{"inactive", required_argument, NULL, 'f'},
{"gid", required_argument, NULL, 'g'},
{"groups", required_argument, NULL, 'G'},
{"help", no_argument, NULL, 'h'},
{"skel", required_argument, NULL, 'k'},
{"key", required_argument, NULL, 'K'},
{"create-home", no_argument, NULL, 'm'},
{"non-unique", no_argument, NULL, 'o'},
{"password", required_argument, NULL, 'p'},
{"shell", required_argument, NULL, 's'},
{"uid", required_argument, NULL, 'u'},
{NULL, 0, NULL, '\0'}
};
while ((c =
getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:mMop:s:u:",
long_options, NULL)) != -1) {
switch (c) {
case 'b':
if (!Dflg)
usage ();
if (!VALID (optarg) || optarg[0] != '/') {
fprintf (stderr,
_
("%s: invalid base directory `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
def_home = optarg;
bflg++;
break;
case 'c':
if (!VALID (optarg)) {
fprintf (stderr,
_("%s: invalid comment `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_comment = optarg;
cflg++;
break;
case 'd':
if (!VALID (optarg) || optarg[0] != '/') {
fprintf (stderr,
_
("%s: invalid home directory `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_home = optarg;
dflg++;
break;
case 'D':
if (anyflag)
usage ();
Dflg++;
break;
case 'e':
if (*optarg) {
user_expire = strtoday (optarg);
if (user_expire == -1) {
if (!VALID (optarg)
|| optarg[0] != '/') {
fprintf (stderr,
_
("%s: invalid date `%s'\n"),
("%s: invalid base directory `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
} else
user_expire = -1;
def_home = optarg;
bflg++;
break;
case 'c':
if (!VALID (optarg)) {
fprintf (stderr,
_
("%s: invalid comment `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_comment = optarg;
cflg++;
break;
case 'd':
if (!VALID (optarg)
|| optarg[0] != '/') {
fprintf (stderr,
_
("%s: invalid home directory `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_home = optarg;
dflg++;
break;
case 'D':
if (anyflag)
usage ();
Dflg++;
break;
case 'e':
if (*optarg) {
user_expire = strtoday (optarg);
if (user_expire == -1) {
fprintf (stderr,
_
("%s: invalid date `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
} else
user_expire = -1;
/*
* -e "" is allowed - it's a no-op without /etc/shadow
*/
if (*optarg && !is_shadow_pwd) {
fprintf (stderr,
_
("%s: shadow passwords required for -e\n"),
Prog);
exit (E_USAGE);
/*
* -e "" is allowed - it's a no-op without /etc/shadow
*/
if (*optarg && !is_shadow_pwd) {
fprintf (stderr,
_
("%s: shadow passwords required for -e\n"),
Prog);
exit (E_USAGE);
}
if (Dflg)
def_expire = optarg;
eflg++;
break;
case 'f':
def_inactive = get_number (optarg);
/*
* -f -1 is allowed - it's a no-op without /etc/shadow
*/
if (def_inactive != -1 && !is_shadow_pwd) {
fprintf (stderr,
_
("%s: shadow passwords required for -f\n"),
Prog);
exit (E_USAGE);
}
fflg++;
break;
case 'g':
grp = getgr_nam_gid (optarg);
if (!grp) {
fprintf (stderr,
_
("%s: unknown group %s\n"),
Prog, optarg);
exit (E_NOTFOUND);
}
if (Dflg) {
def_group = grp->gr_gid;
def_gname = optarg;
} else {
user_gid = grp->gr_gid;
}
gflg++;
break;
case 'G':
if (get_groups (optarg))
exit (E_NOTFOUND);
if (user_groups[0])
do_grp_update++;
Gflg++;
break;
case 'h':
usage ();
break;
case 'k':
def_template = optarg;
kflg++;
break;
case 'K':
/*
* override login.defs defaults (-K name=value)
* example: -K UID_MIN=100 -K UID_MAX=499
* note: -K UID_MIN=10,UID_MAX=499 doesn't work yet
*/
cp = strchr (optarg, '=');
if (!cp) {
fprintf (stderr,
_
("%s: -K requires KEY=VALUE\n"),
Prog);
exit (E_BAD_ARG);
}
/* terminate name, point to value */
*cp++ = '\0';
if (putdef_str (optarg, cp) < 0)
exit (E_BAD_ARG);
break;
case 'm':
mflg++;
break;
case 'o':
oflg++;
break;
case 'p': /* set encrypted password */
if (!VALID (optarg)) {
fprintf (stderr,
_
("%s: invalid field `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_pass = optarg;
break;
case 's':
if (!VALID (optarg)
|| (optarg[0]
&& (optarg[0] != '/'
&& optarg[0] != '*'))) {
fprintf (stderr,
_
("%s: invalid shell `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_shell = optarg;
def_shell = optarg;
sflg++;
break;
case 'u':
user_id = get_uid (optarg);
uflg++;
break;
default:
usage ();
}
if (Dflg)
def_expire = optarg;
eflg++;
break;
case 'f':
def_inactive = get_number (optarg);
/*
* -f -1 is allowed - it's a no-op without /etc/shadow
*/
if (def_inactive != -1 && !is_shadow_pwd) {
fprintf (stderr,
_
("%s: shadow passwords required for -f\n"),
Prog);
exit (E_USAGE);
}
fflg++;
break;
case 'g':
grp = getgr_nam_gid (optarg);
if (!grp) {
fprintf (stderr,
_("%s: unknown group %s\n"), Prog,
optarg);
exit (E_NOTFOUND);
}
if (Dflg) {
def_group = grp->gr_gid;
def_gname = optarg;
} else {
user_gid = grp->gr_gid;
}
gflg++;
break;
case 'G':
if (get_groups (optarg))
exit (E_NOTFOUND);
if (user_groups[0])
do_grp_update++;
Gflg++;
break;
case 'k':
def_template = optarg;
kflg++;
break;
case 'm':
mflg++;
break;
case 'M':
/*
* don't create home dir - this is the default,
* ignored for RedHat/PLD adduser compatibility.
*/
break;
case 'o':
oflg++;
break;
case 'O':
/*
* override login.defs defaults (-O name=value)
* example: -O UID_MIN=100 -O UID_MAX=499
* note: -O UID_MIN=10,UID_MAX=499 doesn't work yet
*/
cp = strchr (optarg, '=');
if (!cp) {
fprintf (stderr,
_("%s: -O requires NAME=VALUE\n"),
Prog);
exit (E_BAD_ARG);
}
/* terminate name, point to value */
*cp++ = '\0';
if (putdef_str (optarg, cp) < 0)
exit (E_BAD_ARG);
break;
case 'p': /* set encrypted password */
if (!VALID (optarg)) {
fprintf (stderr,
_("%s: invalid field `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_pass = optarg;
break;
case 's':
if (!VALID (optarg) || (optarg[0] &&
(optarg[0] != '/'
&& optarg[0] != '*'))) {
fprintf (stderr,
_("%s: invalid shell `%s'\n"),
Prog, optarg);
exit (E_BAD_ARG);
}
user_shell = optarg;
def_shell = optarg;
sflg++;
break;
case 'u':
user_id = get_uid (optarg);
uflg++;
break;
default:
usage ();
anyflag++;
}
anyflag++;
}
/*
* Certain options are only valid in combination with others.
* Check it here so that they can be specified in any order.
@@ -1119,7 +1164,9 @@ static void process_flags (int argc, char **argv)
user_name = argv[optind];
if (!check_user_name (user_name)) {
fprintf (stderr, _("%s: invalid user name '%s'\n"),
fprintf (stderr,
_
("%s: invalid user name '%s'\n"),
Prog, user_name);
exit (E_BAD_ARG);
}
@@ -1307,7 +1354,8 @@ static void usr_update (void)
if (is_shadow_pwd && !spw_update (&spent)) {
fprintf (stderr,
_("%s: error adding new shadow password entry\n"),
_
("%s: error adding new shadow password entry\n"),
Prog);
exit (E_PW_UPDATE);
}
@@ -1334,7 +1382,8 @@ static void create_home (void)
/* XXX - create missing parent directories. --marekm */
if (mkdir (user_home, 0)) {
fprintf (stderr,
_("%s: cannot create directory %s\n"),
_
("%s: cannot create directory %s\n"),
Prog, user_home);
fail_exit (E_HOMEDIR);
}
@@ -1377,8 +1426,8 @@ static void create_mail (void)
sprintf (ms, "/var/mail/%s", user_name);
if (access (ms, R_OK) != 0) {
fd = open (ms,
O_CREAT | O_EXCL | O_WRONLY |
O_TRUNC, 0);
O_CREAT | O_EXCL |
O_WRONLY | O_TRUNC, 0);
if (fd != -1) {
fchown (fd, user_id, mail_gid);
fchmod (fd, mode);

59
src/usermod.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: usermod.c,v 1.42 2005/06/20 10:17:10 kloczek Exp $")
RCSID (PKG_VER "$Id: usermod.c,v 1.47 2005/07/07 15:11:48 kloczek Exp $")
#include <sys/types.h>
#include <sys/stat.h>
#include <stdio.h>
@@ -51,8 +51,14 @@ RCSID (PKG_VER "$Id: usermod.c,v 1.42 2005/06/20 10:17:10 kloczek Exp $")
#include "faillog.h"
#include <lastlog.h>
#include "pwauth.h"
#include "nscd.h"
#include "getdef.h"
#include "groupio.h"
#include "nscd.h"
#include "pwio.h"
#ifdef SHADOWGRP
#include "sgroupio.h"
#endif
#include "shadowio.h"
/*
* exit status values
* for E_GRP_UPDATE and E_NOSPACE (not used yet), other update requests
@@ -91,20 +97,21 @@ static char **user_groups; /* NULL-terminated list */
static char *Prog;
static int
uflg = 0, /* specify new user ID */
oflg = 0, /* permit non-unique user ID to be specified with -u */
aflg = 0, /* append to existing secondary group set */
cflg = 0, /* new comment (GECOS) field */
dflg = 0, /* new home directory */
eflg = 0, /* days since 1970-01-01 when account becomes expired */
fflg = 0, /* days until account with expired password is locked */
gflg = 0, /* new primary group ID */
Gflg = 0, /* new secondary group set */
dflg = 0, /* new home directory */
sflg = 0, /* new shell program */
cflg = 0, /* new comment (GECOS) field */
mflg = 0, /* create user's home directory if it doesn't exist */
fflg = 0, /* days until account with expired password is locked */
eflg = 0, /* days since 1970-01-01 when account becomes expired */
Lflg = 0, /* lock the password */
Uflg = 0, /* unlock the password */
lflg = 0, /* new user name */
mflg = 0, /* create user's home directory if it doesn't exist */
oflg = 0, /* permit non-unique user ID to be specified with -u */
pflg = 0, /* new encrypted password */
lflg = 0; /* new user name */
sflg = 0, /* new shell program */
uflg = 0, /* specify new user ID */
Uflg = 0; /* unlock the password */
static int is_shadow_pwd;
@@ -112,14 +119,6 @@ static int is_shadow_pwd;
static int is_shadow_grp;
#endif
#include "groupio.h"
#ifdef SHADOWGRP
#include "sgroupio.h"
#endif
#include "pwio.h"
#include "shadowio.h"
/* local function prototypes */
static int get_groups (char *);
@@ -276,7 +275,7 @@ static void usage (void)
{
fprintf (stderr,
_
("Usage: %s\t[-u uid [-o]] [-g group] [-G group,...] \n"),
("Usage: %s\t[-u uid [-o]] [-g group] [[-G group,...] [-a]] \n"),
Prog);
fprintf (stderr,
_
@@ -473,7 +472,7 @@ static int update_group (void)
user_name, user_newname,
ngrp->gr_name));
}
} else if (was_member && Gflg && !is_member) {
} else if (was_member && !aflg && Gflg && !is_member) {
ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
changed = 1;
SYSLOG ((LOG_INFO, "delete `%s' from group `%s'",
@@ -590,7 +589,7 @@ static int update_gshadow (void)
user_name, user_newname,
nsgrp->sg_name));
}
} else if (was_member && Gflg && !is_member) {
} else if (was_member && !aflg && Gflg && !is_member) {
nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
changed = 1;
SYSLOG ((LOG_INFO,
@@ -737,8 +736,12 @@ static void process_flags (int argc, char **argv)
user_inactive = spwd->sp_inact;
}
while ((arg = getopt (argc, argv, "A:u:og:G:d:s:c:mf:e:l:p:LU")) != EOF) {
while ((arg =
getopt (argc, argv, "ac:d:e:f:g:G:l:Lmop:s:u:U")) != EOF) {
switch (arg) {
case 'a':
aflg++;
break;
case 'c':
if (!VALID (optarg)) {
fprintf (stderr,
@@ -878,6 +881,14 @@ static void process_flags (int argc, char **argv)
if (optind != argc - 1)
usage ();
if (aflg && (!Gflg)) {
fprintf (stderr,
_("%s: -a flag is ONLY allowed with the -G flag\n"),
Prog);
usage ();
exit (E_USAGE);
}
if (dflg && strcmp (user_home, user_newhome) == 0)
dflg = mflg = 0;

12
src/vipw.c
View File

@@ -23,7 +23,7 @@
#include <config.h>
#include "rcsid.h"
RCSID (PKG_VER "$Id: vipw.c,v 1.11 2005/05/25 18:20:25 kloczek Exp $")
RCSID (PKG_VER "$Id: vipw.c,v 1.12 2005/07/07 15:32:50 kloczek Exp $")
#include "defines.h"
#include <errno.h>
#include <sys/stat.h>
@@ -219,17 +219,17 @@ int main (int argc, char **argv)
while ((flag = getopt (argc, argv, "ghps")) != EOF) {
switch (flag) {
case 'p':
do_vipw = 1;
break;
case 'g':
do_vipw = 0;
break;
case 'h':
e = 0;
case 'p':
do_vipw = 1;
break;
case 's':
editshadow = 1;
break;
case 'h':
e = 0;
default:
printf (_("Usage:\n\
`vipw' edits /etc/passwd `vipw -s' edits /etc/shadow\n\