Make sure the passwd, group, shadow, and gshadow files are unlocked on
exit. Add function fail_exit(). Use fail_exit() instead of exit().
This commit is contained in:
parent
bded00fd11
commit
d1290c0d5d
@ -1,7 +1,14 @@
|
||||
2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
* NEWS, src/newusers.c: Make sure the passwd, group, shadow, and
|
||||
gshadow files are unlocked on exit. Add function fail_exit(). Use
|
||||
fail_exit() instead of exit().
|
||||
|
||||
2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
* NEWS, src/gpasswd.c: Make sure the group and gshadow files are
|
||||
unlocked on exit. Add function fail_exit().
|
||||
unlocked on exit. Add function fail_exit(). Use fail_exit()
|
||||
instead of exit().
|
||||
|
||||
2008-03-08 Nicolas François <nicolas.francois@centraliens.net>
|
||||
|
||||
|
2
NEWS
2
NEWS
@ -64,6 +64,8 @@ shadow-4.1.0 -> shadow-4.1.1 UNRELEASED
|
||||
* newusers will behave more like useradd regarding the choice of UID or
|
||||
GID or regarding the validity of user and group names.
|
||||
* New option -r, --system for system accounts.
|
||||
* Make sure the passwd, group, shadow, and gshadow files are unlocked on
|
||||
exit.
|
||||
- passwd
|
||||
* Make sure that no more than one username argument was provided.
|
||||
- pwck
|
||||
|
@ -71,7 +71,11 @@ static long sha_rounds = 5000;
|
||||
static int is_shadow;
|
||||
#ifdef SHADOWGRP
|
||||
static int is_shadow_grp;
|
||||
static int gshadow_locked = 0;
|
||||
#endif
|
||||
static int passwd_locked = 0;
|
||||
static int group_locked = 0;
|
||||
static int shadow_locked = 0;
|
||||
|
||||
#ifdef USE_PAM
|
||||
static pam_handle_t *pamh = NULL;
|
||||
@ -79,6 +83,7 @@ static pam_handle_t *pamh = NULL;
|
||||
|
||||
/* local function prototypes */
|
||||
static void usage (void);
|
||||
static void fail_exit (int);
|
||||
static int add_group (const char *, const char *, gid_t *, gid_t);
|
||||
static int get_uid (const char *, uid_t *);
|
||||
static int add_user (const char *, uid_t, gid_t);
|
||||
@ -113,6 +118,29 @@ static void usage (void)
|
||||
exit (1);
|
||||
}
|
||||
|
||||
/*
|
||||
* fail_exit - undo as much as possible
|
||||
*/
|
||||
static void fail_exit (int code)
|
||||
{
|
||||
if (shadow_locked) {
|
||||
spw_unlock ();
|
||||
}
|
||||
if (passwd_locked) {
|
||||
pw_unlock ();
|
||||
}
|
||||
if (group_locked) {
|
||||
gr_unlock ();
|
||||
}
|
||||
#ifdef SHADOWGRP
|
||||
if (gshadow_locked) {
|
||||
sgr_unlock ();
|
||||
}
|
||||
#endif
|
||||
|
||||
exit (code);
|
||||
}
|
||||
|
||||
/*
|
||||
* add_group - create a new group or add a user to an existing group
|
||||
*/
|
||||
@ -460,7 +488,7 @@ static void process_flags (int argc, char **argv)
|
||||
char buf[BUFSIZ];
|
||||
snprintf (buf, sizeof buf, "%s: %s", Prog, argv[1]);
|
||||
perror (buf);
|
||||
exit (1);
|
||||
fail_exit (1);
|
||||
}
|
||||
}
|
||||
|
||||
@ -540,7 +568,7 @@ static void check_perms (void)
|
||||
|
||||
if (retval != PAM_SUCCESS) {
|
||||
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
|
||||
exit (1);
|
||||
fail_exit (1);
|
||||
}
|
||||
#endif /* USE_PAM */
|
||||
}
|
||||
@ -558,24 +586,27 @@ static void open_files (void)
|
||||
*/
|
||||
if (!pw_lock ()) {
|
||||
fprintf (stderr, _("%s: can't lock /etc/passwd.\n"), Prog);
|
||||
exit (1);
|
||||
fail_exit (1);
|
||||
}
|
||||
|
||||
if ( (is_shadow && !spw_lock ())
|
||||
|| (!gr_lock ())
|
||||
passwd_locked++;
|
||||
if (is_shadow && !spw_lock ()) {
|
||||
fprintf (stderr, _("%s: can't lock /etc/shadow.\n"), Prog);
|
||||
fail_exit (1);
|
||||
}
|
||||
shadow_locked++;
|
||||
if (!gr_lock ()) {
|
||||
fprintf (stderr, _("%s: can't lock /etc/group.\n"), Prog);
|
||||
fail_exit (1);
|
||||
}
|
||||
group_locked++;
|
||||
#ifdef SHADOWGRP
|
||||
|| (is_shadow_grp && !sgr_lock())
|
||||
if (is_shadow_grp && !sgr_lock ()) {
|
||||
fprintf (stderr, _("%s: can't lock /etc/gshadow.\n"), Prog);
|
||||
fail_exit (1);
|
||||
}
|
||||
gshadow_locked++;
|
||||
#endif
|
||||
) {
|
||||
fprintf (stderr,
|
||||
_("%s: can't lock files, try again later\n"), Prog);
|
||||
(void) pw_unlock ();
|
||||
if (is_shadow) {
|
||||
(void) spw_unlock ();
|
||||
}
|
||||
(void) gr_unlock ();
|
||||
exit (1);
|
||||
}
|
||||
|
||||
if ( (!pw_open (O_RDWR))
|
||||
|| (is_shadow && !spw_open (O_RDWR))
|
||||
|| !gr_open (O_RDWR)
|
||||
@ -584,17 +615,7 @@ static void open_files (void)
|
||||
#endif
|
||||
) {
|
||||
fprintf (stderr, _("%s: can't open files\n"), Prog);
|
||||
(void) pw_unlock ();
|
||||
if (is_shadow) {
|
||||
spw_unlock ();
|
||||
}
|
||||
(void) gr_unlock ();
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadow_grp) {
|
||||
(void) sgr_unlock();
|
||||
}
|
||||
#endif
|
||||
exit (1);
|
||||
fail_exit (1);
|
||||
}
|
||||
}
|
||||
|
||||
@ -611,28 +632,22 @@ static void close_files (void)
|
||||
#endif
|
||||
) {
|
||||
fprintf (stderr, _("%s: error updating files\n"), Prog);
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadow_grp) {
|
||||
(void) sgr_unlock();
|
||||
}
|
||||
#endif
|
||||
(void) gr_unlock ();
|
||||
if (is_shadow) {
|
||||
(void) spw_unlock ();
|
||||
}
|
||||
(void) pw_unlock ();
|
||||
exit (1);
|
||||
fail_exit (1);
|
||||
}
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadow_grp) {
|
||||
(void) sgr_unlock();
|
||||
gshadow_locked--;
|
||||
}
|
||||
#endif
|
||||
(void) gr_unlock ();
|
||||
group_locked--;
|
||||
if (is_shadow) {
|
||||
(void) spw_unlock ();
|
||||
shadow_locked--;
|
||||
}
|
||||
(void) pw_unlock ();
|
||||
passwd_locked--;
|
||||
}
|
||||
|
||||
int main (int argc, char **argv)
|
||||
@ -840,7 +855,7 @@ int main (int argc, char **argv)
|
||||
spw_unlock ();
|
||||
}
|
||||
(void) pw_unlock ();
|
||||
exit (1);
|
||||
fail_exit (1);
|
||||
}
|
||||
|
||||
close_files ();
|
||||
@ -852,7 +867,6 @@ int main (int argc, char **argv)
|
||||
pam_end (pamh, PAM_SUCCESS);
|
||||
#endif /* USE_PAM */
|
||||
|
||||
exit (0);
|
||||
/* NOT REACHED */
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user