Re-indent.

2008-02-26 19:17:20 +00:00 · 2008-02-26 19:17:20 +00:00 · f43a4659c6
commit f43a4659c6
parent 2a2b2b3aa4
1 changed files with 107 additions and 102 deletions
--- a/src/gpasswd.c
+++ b/src/gpasswd.c
@ -407,60 +407,63 @@ static void check_perms (const struct group *gr)
 {
 #ifdef SHADOWGRP
 	if (is_shadowgrp) {
-	/*
+		/*
-	 * The policy here for changing a group is that 1) you must be root
+		 * The policy here for changing a group is that
-	 * or 2). you must be listed as an administrative member.
+		 * 1) you must be root or
-	 * Administrative members can do anything to a group that the root
+		 * 2) you must be listed as an administrative member.
-	 * user can.
+		 * Administrative members can do anything to a group that
-	 */
+		 * the root user can.
-	if (!amroot && !is_on_list (sg->sg_adm, myname)) {
+		 */
 		if (!amroot && !is_on_list (sg->sg_adm, myname)) {
 #ifdef WITH_AUDIT
-		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-		              "modify group", group, -1, 0);
+			              "modify group", group, -1, 0);
 #endif
-		failure ();
+			failure ();
-	}
+		}
 	} else
 #endif				/* ! SHADOWGRP */
 	{
 #ifdef FIRST_MEMBER_IS_ADMIN
-	/*
+		/*
-	 * The policy here for changing a group is that 1) you must be root
+		 * The policy here for changing a group is that
-	 * or 2) you must be the first listed member of the group. The
+		 * 1) you must be root or
-	 * first listed member of a group can do anything to that group that
+		 * 2) you must be the first listed member of the group.
-	 * the root user can. The rationale for this hack is that the FIRST
+		 * The first listed member of a group can do anything to
-	 * user is probably the most important user in this entire group.
+		 * that group that the root user can. The rationale for
-	 */
+		 * this hack is that the FIRST user is probably the most
-	/*
+		 * important user in this entire group.
-	 * This feature enabled by default could be a security problem when
+		 *
-	 * installed on existing systems where the first group member might
+		 * This feature enabled by default could be a security
-	 * be just a normal user.  --marekm
+		 * problem when installed on existing systems where the
-	 */
+		 * first group member might be just a normal user.
-	if (!amroot) {
+		 * --marekm
-		if (gr->gr_mem[0] == (char *) 0) {
+		 */
 		if (!amroot) {
 			if (gr->gr_mem[0] == (char *) 0) {
 #ifdef WITH_AUDIT
 				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
 				              "modifying group", group, -1, 0);
 #endif
 				failure ();
 			}
 			if (strcmp (gr->gr_mem[0], myname) != 0) {
 #ifdef WITH_AUDIT
 				audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
 				              "modifying group", myname, -1, 0);
 #endif
 				failure ();
 			}
 		}
 #else				/* ! FIRST_MEMBER_IS_ADMIN */
 		if (!amroot) {
 #ifdef WITH_AUDIT
 			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
 			              "modifying group", group, -1, 0);
 #endif
 			failure ();
 		}
 		if (strcmp (gr->gr_mem[0], myname) != 0) {
 #ifdef WITH_AUDIT
 			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
 			              "modifying group", myname, -1, 0);
 #endif
 			failure ();
 		}
 	}
 #else				/* ! FIRST_MEMBER_IS_ADMIN */
 	if (!amroot) {
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
 		              "modifying group", group, -1, 0);
 #endif
 		failure ();
 	}
 #endif
 	}
 }
@ -550,51 +553,53 @@ static void get_group (struct group *gr)
 #ifdef SHADOWGRP
 	if (is_shadowgrp) {
-	if (sgr_open (O_RDONLY) == 0) {
+		if (sgr_open (O_RDONLY) == 0) {
-		fprintf (stderr, _("%s: can't open shadow file\n"), Prog);
+			fprintf (stderr,
-		SYSLOG ((LOG_WARN, "cannot open /etc/gshadow"));
+			         _("%s: can't open shadow file\n"), Prog);
 			SYSLOG ((LOG_WARN, "cannot open /etc/gshadow"));
 #ifdef WITH_AUDIT
-		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-		              "opening /etc/gshadow", group, -1, 0);
+			              "opening /etc/gshadow", group, -1, 0);
 #endif
-		exit (1);
+			exit (1);
 	}
 	tmpsg = sgr_locate (group);
 	if (NULL != tmpsg) {
 		*sg = *tmpsg;
 		sg->sg_name = xstrdup (tmpsg->sg_name);
 		sg->sg_passwd = xstrdup (tmpsg->sg_passwd);
 		sg->sg_mem = dup_list (tmpsg->sg_mem);
 		sg->sg_adm = dup_list (tmpsg->sg_adm);
 	} else {
 		sg->sg_name = xstrdup (group);
 		sg->sg_passwd = gr->gr_passwd;
 		gr->gr_passwd = "!";	/* XXX warning: const */
 		sg->sg_mem = dup_list (gr->gr_mem);
 		sg->sg_adm = (char **) xmalloc (sizeof (char *) * 2);
 #ifdef FIRST_MEMBER_IS_ADMIN
 		if (sg->sg_mem[0]) {
 			sg->sg_adm[0] = xstrdup (sg->sg_mem[0]);
 			sg->sg_adm[1] = NULL;
 		} else
 #endif
 		{
 			sg->sg_adm[0] = NULL;
 		}
 		tmpsg = sgr_locate (group);
 		if (NULL != tmpsg) {
 			*sg = *tmpsg;
 			sg->sg_name = xstrdup (tmpsg->sg_name);
 			sg->sg_passwd = xstrdup (tmpsg->sg_passwd);
-	}
+			sg->sg_mem = dup_list (tmpsg->sg_mem);
-	if (sgr_close () == 0) {
+			sg->sg_adm = dup_list (tmpsg->sg_adm);
-		fprintf (stderr, _("%s: can't close shadow file\n"), Prog);
+		} else {
-		SYSLOG ((LOG_WARN, "cannot close /etc/gshadow"));
+			sg->sg_name = xstrdup (group);
-#ifdef WITH_AUDIT
+			sg->sg_passwd = gr->gr_passwd;
-		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			gr->gr_passwd = "!";	/* XXX warning: const */
-		              "closing /etc/gshadow", group, -1, 0);
+
 			sg->sg_mem = dup_list (gr->gr_mem);
 			sg->sg_adm = (char **) xmalloc (sizeof (char *) * 2);
 #ifdef FIRST_MEMBER_IS_ADMIN
 			if (sg->sg_mem[0]) {
 				sg->sg_adm[0] = xstrdup (sg->sg_mem[0]);
 				sg->sg_adm[1] = NULL;
 			} else
 #endif
-		exit (1);
+			{
-	}
+				sg->sg_adm[0] = NULL;
 			}
 		}
 		if (sgr_close () == 0) {
 			fprintf (stderr,
 			         _("%s: can't close shadow file\n"), Prog);
 			SYSLOG ((LOG_WARN, "cannot close /etc/gshadow"));
 #ifdef WITH_AUDIT
 			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
 			              "closing /etc/gshadow", group, -1, 0);
 #endif
 			exit (1);
 		}
 	}
 #endif				/* SHADOWGRP */
 }
@ -738,7 +743,7 @@ int main (int argc, char **argv)
 		fputs (_("Who are you?\n"), stderr);
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "user lookup", NULL,
-			      bywho, 0);
+		              bywho, 0);
 #endif
 		failure ();
 	}
@ -773,10 +778,10 @@ int main (int argc, char **argv)
 #endif
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-			      "deleting group password", group, -1, 1);
+		              "deleting group password", group, -1, 1);
 #endif
 		SYSLOG ((LOG_INFO, "remove password from group %s by %s",
-			 group, myname));
+		         group, myname));
 		goto output;
 	} else if (Rflg) {
 		/*
@ -789,7 +794,7 @@ int main (int argc, char **argv)
 #endif
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-			      "restrict access to group", group, -1, 1);
+		              "restrict access to group", group, -1, 1);
 #endif
 		SYSLOG ((LOG_INFO, "restrict access to group %s by %s",
 			 group, myname));
@ -805,15 +810,15 @@ int main (int argc, char **argv)
 		grent.gr_mem = add_list (grent.gr_mem, user);
 #ifdef SHADOWGRP
 		if (is_shadowgrp) {
-		sgent.sg_mem = add_list (sgent.sg_mem, user);
+			sgent.sg_mem = add_list (sgent.sg_mem, user);
 		}
 #endif
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding group member",
-			      user, -1, 1);
+		              user, -1, 1);
 #endif
 		SYSLOG ((LOG_INFO, "add member %s to group %s by %s", user,
-			 group, myname));
+		         group, myname));
 		goto output;
 	}
@ -832,27 +837,27 @@ int main (int argc, char **argv)
 		}
 #ifdef SHADOWGRP
 		if (is_shadowgrp) {
-		if (is_on_list (sgent.sg_mem, user)) {
+			if (is_on_list (sgent.sg_mem, user)) {
-			removed = 1;
+				removed = 1;
-			sgent.sg_mem = del_list (sgent.sg_mem, user);
+				sgent.sg_mem = del_list (sgent.sg_mem, user);
-		}
+			}
 		}
 #endif
 		if (!removed) {
 			fprintf (stderr, _("%s: unknown member %s\n"),
-				 Prog, user);
+			         Prog, user);
 #ifdef WITH_AUDIT
 			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-				      "deleting member", user, -1, 0);
+			              "deleting member", user, -1, 0);
 #endif
 			exit (1);
 		}
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting member",
-			      user, -1, 1);
+		              user, -1, 1);
 #endif
 		SYSLOG ((LOG_INFO, "remove member %s from group %s by %s",
-			 user, group, myname));
+		         user, group, myname));
 		goto output;
 	}
 #ifdef SHADOWGRP
@ -864,10 +869,10 @@ int main (int argc, char **argv)
 	if (Aflg) {
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "setting group admin",
-			      group, -1, 1);
+		              group, -1, 1);
 #endif
 		SYSLOG ((LOG_INFO, "set administrators of %s to %s",
-			 group, admins));
+		         group, admins));
 		sgent.sg_adm = comma_to_list (admins);
 		if (!Mflg) {
 			goto output;
@ -883,7 +888,7 @@ int main (int argc, char **argv)
 	if (Mflg) {
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
-			      "setting group members", group, -1, 1);
+		              "setting group members", group, -1, 1);
 #endif
 		SYSLOG ((LOG_INFO, "set members of %s to %s", group, members));
 #ifdef SHADOWGRP
@ -902,7 +907,7 @@ int main (int argc, char **argv)
 		fprintf (stderr, _("%s: Not a tty\n"), Prog);
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "changing password",
-			      group, -1, 0);
+		              group, -1, 0);
 #endif
 		exit (1);
 	}
@ -936,7 +941,7 @@ int main (int argc, char **argv)
 		SYSLOG ((LOG_ERR, "can't setuid(0)"));
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "changing id to root",
-			      group, -1, 0);
+		              group, -1, 0);
 #endif
 		closelog ();
 		exit (1);