diff --git a/NEWS b/NEWS index ed513a47..0e83c781 100644 --- a/NEWS +++ b/NEWS @@ -49,6 +49,7 @@ shadow-4.1.2.2 -> shadow-4.1.3 UNRELEASED * audit logging improvements. * error handling improvement (see above). * Speedup (see "addition of users or groups" above). + * do not create groups with GID set to (gid_t)-1. - groupdel * audit logging improvements. * error handling improvement (see above). @@ -67,13 +68,20 @@ shadow-4.1.2.2 -> shadow-4.1.3 UNRELEASED - groupmod * audit logging improvements. * error handling improvement (see above). + * do not create groups with GID set to (gid_t)-1. +- grpck + * warn for groups with GID set to (gid_t)-1. - newusers * Implement the -r, --system option. * Speedup (see "addition of users or groups" above). + * do not create users with UID set to (gid_t)-1. + * do not create groups with GID set to (gid_t)-1. - passwd * For compatibility with other passwd version, the --lock an --unlock options do not lock or unlock the user account anymore. They only lock or unlock the user's password. +- pwck + * warn for users with UID set to (uid_t)-1. - su * - useradd @@ -81,11 +89,13 @@ shadow-4.1.2.2 -> shadow-4.1.3 UNRELEASED * Speedup (see "addition of users or groups" above). * See CREATE_HOME above. * New -M/--no-create-home option to disable CREATE_HOME. + * do not create users with UID set to (gid_t)-1. - userdel * audit logging improvements. - usermod * Allow adding LDAP users (or any user not present in the local passwd file) to local groups + * do not create users with UID set to (gid_t)-1. shadow-4.1.2.1 -> shadow-4.1.2.2 23-11-2008 diff --git a/src/grpck.c b/src/grpck.c index 877d2b3d..da23710b 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -3,7 +3,7 @@ * Copyright (c) 1996 - 2000, Marek Michałkiewicz * Copyright (c) 2001 , Michał Moskal * Copyright (c) 2001 - 2006, Tomasz Kłoczko - * Copyright (c) 2007 - 2008, Nicolas François + * Copyright (c) 2007 - 2009, Nicolas François * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -542,6 +542,14 @@ static void check_grp_file (int *errors, bool *changed) printf (_("invalid group name '%s'\n"), grp->gr_name); } + /* + * Check for invalid user ID. + */ + if (grp->gr_gid == (gid_t)-1) { + printf (_("invalid user ID '%lu'\n"), grp->gr_gid); + *errors += 1; + } + /* * Workaround for a NYS libc 5.3.12 bug on RedHat 4.2 - * groups with no members are returned as groups with one diff --git a/src/pwck.c b/src/pwck.c index cb695ae2..1d311882 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -3,7 +3,7 @@ * Copyright (c) 1996 - 2000, Marek Michałkiewicz * Copyright (c) 2001 , Michał Moskal * Copyright (c) 2001 - 2006, Tomasz Kłoczko - * Copyright (c) 2007 - 2008, Nicolas François + * Copyright (c) 2007 - 2009, Nicolas François * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -395,6 +395,14 @@ static void check_pw_file (int *errors, bool *changed) *errors += 1; } + /* + * Check for invalid user ID. + */ + if (pwd->pw_uid == (uid_t)-1) { + printf (_("invalid user ID '%lu'\n"), pwd->pw_uid); + *errors += 1; + } + /* * Make sure the primary group exists */