emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* NEWS, src/groupmems.c: Allow everybody to list the users of a group.

Browse Source 
This information is publicly available in /etc/group.
	* NEWS, src/groupmems.c: Open /etc/group read only for the -l option.
This commit is contained in:
nekral-guest 2008-07-27 02:33:37 +00:00
parent 88fce52fbf
commit d5c6257ac2
3 changed files with 25 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,9 @@
2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
* NEWS, src/groupmems.c: Allow everybody to list the users of a group.
This information is publicly available in /etc/group.
* NEWS, src/groupmems.c: Open /etc/group read only for the -l option.
2008-07-27 Nicolas François <nicolas.francois@centraliens.net> 2008-07-27 Nicolas François <nicolas.francois@centraliens.net>
* man/groupmems.8.xml: Sort options alphabetically. * man/groupmems.8.xml: Sort options alphabetically.

3
NEWS
View File

@ -13,6 +13,9 @@ shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED
- groupmems - groupmems
* Check if user exist before they are added to groups. * Check if user exist before they are added to groups.
* Avoid segfault in case the specified group does not exist in /etc/group. * Avoid segfault in case the specified group does not exist in /etc/group.
* Everybody is allowed to list the users of a group.
* /etc/group is open readonly when one just wants to list the users of a
group.
shadow-4.1.2 -> shadow-4.1.2.1 26-06-2008 shadow-4.1.2 -> shadow-4.1.2.1 26-06-2008

33
src/groupmems.c
View File

@ -214,7 +214,7 @@ static void fail_exit (int code)
exit (code); exit (code);
} }
int main (int argc, char **argv) void main (int argc, char **argv)
{ {
char *name; char *name;
struct group *grp; struct group *grp;
@ -232,27 +232,30 @@ int main (int argc, char **argv)
if (NULL == thisgroup) { if (NULL == thisgroup) {
name = whoami (); name = whoami ();
if (NULL == name) { if (!list && (NULL == name)) {
fprintf (stderr, _("%s: your groupname does not match your username\n"), Prog); fprintf (stderr, _("%s: your groupname does not match your username\n"), Prog);
fail_exit (EXIT_NOT_PRIMARY); fail_exit (EXIT_NOT_PRIMARY);
} }
} else { } else {
name = thisgroup; name = thisgroup;
if (!isroot ()) { if (!list && !isroot ()) {
fprintf (stderr, _("%s: only root can use the -g/--group option\n"), Prog); fprintf (stderr, _("%s: only root can use the -g/--group option\n"), Prog);
fail_exit (EXIT_NOT_ROOT); fail_exit (EXIT_NOT_ROOT);
} }
} }
check_perms (); if (!list) {
check_perms ();
if (!gr_lock ()) { if (!gr_lock ()) {
fprintf (stderr, _("%s: unable to lock group file\n"), Prog); fprintf (stderr,
fail_exit (EXIT_GROUP_FILE); _("%s: unable to lock group file\n"), Prog);
fail_exit (EXIT_GROUP_FILE);
}
group_locked = true;
} }
group_locked = true;
if (!gr_open (O_RDWR)) { if (!gr_open (list ? O_RDONLY : O_RDWR)) {
fprintf (stderr, _("%s: unable to open group file\n"), Prog); fprintf (stderr, _("%s: unable to open group file\n"), Prog);
fail_exit (EXIT_GROUP_FILE); fail_exit (EXIT_GROUP_FILE);
} }
@ -265,7 +268,9 @@ int main (int argc, char **argv)
fail_exit (EXIT_INVALID_GROUP); fail_exit (EXIT_INVALID_GROUP);
} }
if (NULL != adduser) { if (list) {
members (grp->gr_mem);
} else if (NULL != adduser) {
if (is_on_list (grp->gr_mem, adduser)) { if (is_on_list (grp->gr_mem, adduser)) {
fprintf (stderr, fprintf (stderr,
_("%s: user `%s' is already a member of `%s'\n"), _("%s: user `%s' is already a member of `%s'\n"),
@ -286,8 +291,6 @@ int main (int argc, char **argv)
} else if (purge) { } else if (purge) {
grp->gr_mem[0] = NULL; grp->gr_mem[0] = NULL;
gr_update (grp); gr_update (grp);
} else if (list) {
members (grp->gr_mem);
} }
if (!gr_close ()) { if (!gr_close ()) {
@ -295,10 +298,6 @@ int main (int argc, char **argv)
fail_exit (EXIT_GROUP_FILE); fail_exit (EXIT_GROUP_FILE);
} }
if (gr_unlock () == 0) { fail_exit (EXIT_SUCCESS);
fprintf (stderr, _("%s: unable to unlock group file\n"), Prog);
}
exit (EXIT_SUCCESS);
} }