Commit Graph

914 Commits

Author SHA1 Message Date
nekral-guest
653d22c3e9 * src/gpasswd.c: Change of group password enforces gshadow
password. Set /etc/group password to "x".
2011-11-19 14:27:48 +00:00
nekral-guest
29050eadb5 * NEWS, src/userdel.c, man/userdel.8.xml: Add option -Z/--selinux-user.
* libmisc/system.c, lib/prototypes.h, libmisc/Makefile.am: Removed
	safe_system().
	* lib/selinux.c, po/POTFILES.in, lib/prototypes.h,
	lib/Makefile.am: Added helper functions for semanage.
	* README, src/useradd.c, src/usermod.c, src/userdel.c,
	configure.in: Use libsemanage instead of semanage.
2011-11-17 21:51:07 +00:00
nekral-guest
ae0229549d 2011-11-16 Peter Vrabec <pvrabec@redhat.com>
* src/Makefile.am: useradd may need the LIBATTR library.
2011-11-16 21:17:43 +00:00
nekral-guest
d2a516a75d * src/useradd.c: Compil fix when SHADOWGRP is not enabled. 2011-11-16 19:33:51 +00:00
nekral-guest
57f9d5ae9c * src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
	src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c,
	src/usermod.c: Provide the PAM error
	message instead of our own, and log error to syslog.
	* src/groupmems.c: Exit with exit rather than fail_exit in usage().
	* src/newusers.c: Check the number of arguments.
	* src/newusers.c: Do not create the home directory when it is not
	changed.
	* src/useradd.c: Set the group password to "!" rather "x" if there
	are no gshadow file.
2011-11-13 16:24:57 +00:00
nekral-guest
f64c88d629 * src/pwck.c: Removed pw_opened.
* src/pwck.c: optind cannot be greater than argc.
	* src/pwck.c: If spw_opened, then is_shadow is implicitly set.
	* src/pwck.c: Do not report passwd entry without x password and a
	shadow entry in --quiet mode (no interaction with the caller)
	* src/pwck.c: Do not check if the last password change is in the
	future if the time is set to 0.
2011-11-13 16:24:39 +00:00
nekral-guest
f54a68ac76 * src/pwck.c: Compile fix for TCB. 2011-11-11 12:00:05 +00:00
nekral-guest
f3afeb9c04 * NEWS, src/newusers.c, man/newusers.8.xml: Add --root option. 2011-11-06 18:40:22 +00:00
nekral-guest
2a2c8190ec * src/vipw.c: Remove unused variable a. 2011-11-06 18:40:17 +00:00
nekral-guest
f0a63185c9 * src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c,
src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
	src/groupmems.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c,
	src/lastlog.c, src/newusers.c, src/passwd.c, src/pwconv.c,
	src/pwunconv.c, src/su.c, src/useradd.c, src/userdel.c,
	src/usermod.c, src/vipw.c: Align and sort options.
2011-11-06 18:39:59 +00:00
nekral-guest
7d8ca29bea * NEWS, src/pwck.c, man/pwck.8.xm, src/grpck.c, man/grpck.8.xml:
Add --root option.
2011-11-06 18:39:53 +00:00
nekral-guest
f4d95eecc0 Re-indent. 2011-11-06 18:39:42 +00:00
nekral-guest
900943192f * src/pwck.c, man/pwck.8.xml: Add support for long options.
* src/pwck.c, man/pwck.8.xml: Add -h/--help option
	* src/grpck.c, man/grpck.8.xml: Add support for long options.
	* src/grpck.c, man/grpck.8.xml: Add -h/--help option
2011-11-06 18:39:36 +00:00
nekral-guest
b9163f6348 * src/expiry.c, man/expiry.1.xml: Add support for long options.
* src/expiry.c, man/expiry.1.xml: Add -h/--help option
2011-11-06 18:39:30 +00:00
nekral-guest
0530588266 * NEWS, src/chfn.c, man/chfn.1.xml: Add --root option. 2011-11-06 18:39:24 +00:00
nekral-guest
b26f73f427 * src/chfn.c, man/chfn.1.xml: Add support for long options.
* src/chfn.c, man/chfn.1.xml: Add -u/--help option
2011-11-06 18:39:19 +00:00
nekral-guest
e2068416c9 * NEWS, src/vipw.c, man/vipw.8.xml: Add --root option. 2011-11-06 18:39:09 +00:00
nekral-guest
a2d23700e4 * NEWS, src/faillog.c, man/faillog.8.xml: Add --root option.
* NEWS, src/lastlog.c, man/lastlog.8.xml: Likewise.
	* src/faillog.c: Add Prog variable, and prefix error messages with
	Prog rather than "faillog".
	* src/lastlog.c: Likewise.
	* src/lastlog.c: Split usage in smaller messages.
2011-11-06 18:39:03 +00:00
nekral-guest
0857837e64 * NEWS, src/chage.c, man/chage.1.xml: Add --root option. Open
audit and syslog after the potential chroot. chage's usage split
	in smaller messages.
2011-11-06 18:38:57 +00:00
nekral-guest
d15f2c6214 * src/login.c: re-indent.
* src/login.c: Fix support for sub-logins.
2011-11-06 18:38:51 +00:00
nekral-guest
6eb0500d3d * src/faillog.c, src/chage.c, src/newusers.c, src/su.c: The getopt
index of long options is not used.
2011-11-06 18:38:45 +00:00
nekral-guest
7b8c4952a8 * NEWS, src/gpasswd.c, man/gpasswd.1.xml: Add --root option.
* src/gpasswd.c: The getopt index of long options is not used.
2011-11-06 18:38:39 +00:00
nekral-guest
4beca611fb * NEWS, src/chsh.c, man/chsh.1.xml: Add --root option.
chsh's usage split in smaller messages.
	* src/chsh.c: The getopt index of long options is not used.
2011-11-06 18:38:32 +00:00
nekral-guest
1aa30ba551 * NEWS, src/groupmems.c, man/groupmems.8.xml: Add --root option.
Open syslog after the potential chroot.
	* src/groupmems.c: The getopt index of long options is not used.
2011-11-06 18:38:26 +00:00
nekral-guest
ec2b9f59f7 * NEWS, src/passwd.c, man/passwd.1.xml: Add --root option.
passwd's usage split in smaller messages.
	* src/passwd.c: Call sanitize_env() before setting the locales.
2011-11-06 18:38:16 +00:00
nekral-guest
799f30b08d * NEWS, src/chpasswd.c, man/chpasswd.8.xml, src/chgpasswd.c,
man/chgpasswd.8.xml: Add --root option.
	* src/chpasswd.c, src/chgpasswd.c: The getopt index of long
	options is not used.
2011-11-06 18:38:10 +00:00
nekral-guest
bf90350fe7 * NEWS, src/pwconv.c, src/pwunconv.c, src/grpconv.c,
src/grpunconv.c, man/pwconv.8.xml: Add --root option.
	* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
	Add --help option.
	* src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c:
	Add process_flags() and usage().
2011-11-06 18:38:04 +00:00
nekral-guest
c017dd73aa * src/groupdel.c: Add process_flags().
* src/groupdel.c, man/groupdel.8.xml: Add --help option.
	* NEWS, src/groupdel.c, man/groupdel.8.xml: Add --root option. Open
	audit and syslog after the potential chroot.
	* src/groupdel.c: Check atexit failures.
2011-11-06 18:37:57 +00:00
nekral-guest
9195f6085d * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open
audit and syslog after the potential chroot.
	* src/groupmod.c: The index of long options is not used.
2011-11-06 18:37:51 +00:00
nekral-guest
057cbaa4ae * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open
audit after the potential chroot.
	* src/groupadd.c: Check atexit failures.
	* src/groupadd.c: Return E_SUCCESS instead of exit'ing at the end
	of main().
2011-11-06 18:37:45 +00:00
nekral-guest
aa2957e62a * NEWS, src/usermod.c, man/usermod.8.xml: Add --root option. Open
audit and syslog after the potential chroot. userdel's usage split
	in smaller messages.
2011-11-06 18:37:39 +00:00
nekral-guest
50eafd769b * NEWS, src/userdel.c, man/userdel.8.xml: Add --root option. Open
audit and syslog after the potential chroot. userdel's usage split
	in smaller messages.
2011-11-06 18:37:32 +00:00
nekral-guest
cecae46ccf * NEWS, src/useradd.c, man/useradd.8.xml: Add --root option. Open
audit after the potential chroot.
2011-11-06 18:37:25 +00:00
nekral-guest
2afa955401 * src/sulogin.c (main): env is only used when USE_PAM is not set. 2011-10-18 20:28:01 +00:00
nekral-guest
704f28df98 * lib/prototypes.h, libmisc/cleanup.c, lib/spawn.c, src/chage.c:
Add splint annotations.
2011-10-18 20:23:33 +00:00
nekral-guest
d3195c6b5f * src/newusers.c: Fix typo.
* src/useradd.c: Likewise.
2011-10-18 20:13:37 +00:00
nekral-guest
f870cc7eab Miscellaneous:
* lib/prototypes, libmisc/basename.c (Basename): Input is a
	constant string.
	* lib/prototypes.h, lib/spawn.h, lib/spawn.c, src/userdel.c,
	lib/nscd.c, lib/Makefile.am: Delete spawn.h. Move from spawn.h to
	prototypes.h.
	* src/userdel.c: Remove unused variables.
	* lib/nscd.c: Remove unused header files.
	* lib/nscd.c: Add the program name to error messages.
	* lib/nscd.c: Indicate when nscd does not terminate normally (signal).
	* lib/spawn.c: Updated header.
	* lib/spawn.c: Flush stdout and stderr to avoid inheriting from
	ongoing buffers.
	* lib/spawn.c: Avoid implicit conversion of pointer to boolean.
	* lib/spawn.c: Replace perror by a complete message.
	* lib/spawn.c: Continue to wait for the child if another child
	terminates.
	* lib/prototypes.h: The name field from cleanup_info_mod is a
	constant string. (username).
2011-09-18 21:02:43 +00:00
nekral-guest
2b5ba27ff8 * src/grpconv.c: Fail if not called correctly.
* src/grpconv.c: At the end of main, the passwd and shadow files
	are locked. No need to check before unlocking. No need to set the
	lock as false neither since there cannot be anymore failures.
2011-09-18 20:26:27 +00:00
nekral-guest
fa96d1bb78 * src/chage.c: EPOCH is not needed, it's converted to -1 by
strtoday(). But we need to support "-1" specifically.
	* src/chage.c: Fix usage: LOGIN is mandatory.
	* src/chage.c: Display disabled expiry or last change as "-1"
	instead of 1969-12-31. 1969-12-31 is still supported as input from
	the user.
	* src/chage.c: Exit cleanly with fail_exit() (lock files were not
	removed).
2011-09-18 20:24:36 +00:00
nekral-guest
23afb3fd07 * src/useradd.c: Remove def_file. It was always set to
USER_DEFAULTS_FILE.
	* src/useradd.c: Fix cut&paste issue causing bad warning when
	the useradd.default file contains an invalid INACTIVE= value.
	* src/useradd.c: Added missing end of line for rename errors.
	* src/useradd.c: Added -D synopsis to the usage message.
	* src/useradd.c: Do not scale_age(-1), just use -1.
	* src/useradd.c: Added FIXME to be fixed later.
	* src/useradd.c: Allow -e -1 when there is no shadow file.
	* src/useradd.c: Fail, but do not print the usage message when the
	-e argument is not valid.
	* src/useradd.c: No need to check for oflg since uflg is
	already checked.
2011-09-18 18:00:06 +00:00
nekral-guest
6f05b866bc * src/su.c: Too much const were added on 2011-08-15. pw in
save_caller_context() is allocated and freed.
	* src/su.c: Added missing #endif indication
	* src/su.c save_caller_context(): password only needed if
	SU_ACCESS and !USE_PAM.
2011-09-18 17:47:03 +00:00
nekral-guest
603d949ed5 * src/usermod.c: date_to_str() is always called with negativ set
to "never", remove this argument.
	* src/usermod.c: Added missing cast for gr_free argument.
2011-09-18 17:34:21 +00:00
nekral-guest
4ce849a5ed * src/pwconv.c: Fail if not called correctly.
* src/pwconv.c: At the end of main, the passwd and shadow files
	are locked. No need to check before unlocking.
2011-09-18 17:32:04 +00:00
nekral-guest
7b0116c5b4 * src/newusers.c: Initially set the passwd's password to '*'
instead of 'x'. Only when it is confirmed that a shadow entry is
	(will be) added, set the passwd's password to 'x'.
	* src/newusers.c: An invalid line is an error. A failure needs to
	be reported.
2011-09-18 17:29:52 +00:00
nekral-guest
a52a8d8a5d * src/gpasswd.c: Remove log_gpasswd_success_gshadow(). Writing in
gshadowis the last sub-task.
2011-09-18 17:27:18 +00:00
nekral-guest
75936bf9f7 * src/chsh.c: No needto remove lines tarting with '#' from
/etc/shells. This is already done by getusershell() and these
	shell would fail the access(X_OK) test.
2011-09-18 17:24:15 +00:00
nekral-guest
fc0057ff35 2011-08-20 Jonathan Nieder <jrnieder@gmail.com>
* lib/Makefile.am: Added lib/spawn.c and lib/spawn.h.
	* lib/nscd.c, lib/spawn.c, lib/spawn.h: It is not possible to
	differentiate between an nscd failure, and a failure to execute
	due to no nscd with posix_spawn. Use our own run_command routine.
	* src/userdel.c: Use run_command()
2011-08-20 13:33:38 +00:00
nekral-guest
ec309dcac8 re-indent. 2011-08-15 14:40:42 +00:00
nekral-guest
ee0e0f9943 * src/groupmod.c: Check atexit failures. 2011-08-15 14:38:49 +00:00
nekral-guest
7f842bdf4f * src/groupmod.c: Ignore return value from snprintf.
* src/groupmod.c: Add static qualifier to the cleanup structures.
2011-08-15 14:22:33 +00:00
nekral-guest
7c96d6cbcc * src/usermod.c: Do not assign static to NULL.
* src/usermod.c (date_to_str): buf needs to be unique (e.g.
	independent from negativ), and is an out buffer.
	* src/usermod.c: Ignore return value from snprintf, and force
	nul-termination of buffer.
	* src/usermod.c: Improve memory management.
	* src/usermod.c: An audit bloc was not reachable, moved above on
	success to move the home directory.
	* src/usermod.c: Ignore close() return value for the mailbox
	(opened read only).
2011-08-15 09:56:43 +00:00
nekral-guest
5eb9ed0aaf * src/su.c: Added const modifiers.
* lib/prototypes: Synchronize splint annotations.
2011-08-15 09:25:58 +00:00
nekral-guest
94c1763f71 * src/su.c: Add splint annotations.
* src/su.c: Set caller_on_console as boolean.
	* src/su.c: Ignore retunr value from fputs (usage) / puts (prompt).
	* src/su.c: Improved memory management.
2011-08-14 21:44:46 +00:00
nekral-guest
1304a3106b * src/chgpasswd.c, src/chpasswd.c, src/newusers.c: Replace cflg by
a test on crypt_method.
2011-08-14 14:44:35 +00:00
nekral-guest
a9c38f4902 * src/chgpasswd.c: Add splint annotations.
* src/chpasswd.c: Likewise.
	* src/newusers.c: Likewise.
	* libmisc/salt.c, lib/prototypes.h (crypt_make_salt): Likewise.
2011-08-14 14:37:17 +00:00
nekral-guest
745bcb5406 * src/su.c: Add annotations to indicate that su_failure() does
not return.
2011-08-14 13:15:20 +00:00
nekral-guest
905e14ee83 * src/useradd.c: Remove unused Zflg. 2011-07-30 01:47:52 +00:00
nekral-guest
f8d47df43b * src/chgpasswd.c: Fix typo sp -> sg. sg_namp -> sg_name
* src/chgpasswd.c: Always update the group file when SHADOWGRP is
	not enabled.
2011-07-30 01:46:23 +00:00
nekral-guest
934bfa5969 * src/newgrp.c: Fix typo in notreached annotation. 2011-07-30 01:41:56 +00:00
nekral-guest
00d1ab6454 * src/usermod.c: Add annotations to indicate that fail_exit() does
not return.
	* src/usermod.c: Fix typo in notreached annotation.
2011-07-30 01:41:03 +00:00
nekral-guest
75fa697526 * NEWS, src/chpasswd.c: Create a shadow entry if the password is
set to 'x' in passwd and there are no entry in shadow for the
	user.
	* NEWS, src/chgpasswd.c: Create a gshadow entry if the password is 
	set to 'x' in group and there are no entry in gshadow for the 
	group.
2011-07-28 15:17:28 +00:00
nekral-guest
771a3624f5 * src/pwunconv.c: Exit after printing usage when arguments or
options are provided.
	* src/pwunconv.c: Re-indent.
	* src/pwunconv.c: Open the shadow file read only.
	* src/grpunconv.c: Exit after printing usage when arguments or
	options are provided.
	* src/grpunconv.c: Open the gshadow file read only.
2011-07-28 14:40:56 +00:00
nekral-guest
7fed07f1e9 * src/chgpasswd.c: Fix typo. 2011-07-28 14:36:24 +00:00
nekral-guest
2aefca0f2e * NEWS, src/login.c: Do not log in utmp / utmpx / wtmp when PAM is
enabled. This is already done by pam_lastlog.
2011-07-23 11:03:50 +00:00
nekral-guest
7e8aa5429a * src/chpasswd.c: Add annotations to indicate that usage() does
not return.
	* src/chpasswd.c: Reindent.
	* src/chpasswd.c: Remove dead code. No need to set crypt_method
	to NULL when it is already NULL. sflg is only set if crypt_method
	is not NULL.
2011-07-23 08:14:15 +00:00
nekral-guest
2be8650d2c * src/lastlog.c: Add annotations to indicate that usage() does not
return.
2011-07-23 08:10:27 +00:00
nekral-guest
495125415b * src/faillog.c: Add annotations to indicate that usage() does not
return.
	* src/faillog.c: Fix message: this is faillog, not lastlog.
	* src/faillog.c: Check that there are no extra arguments after
	parsing the options.
2011-07-22 23:59:57 +00:00
nekral-guest
1def4ef49d * src/chgpasswd.c: Add annotations to indicate that usage() does
not return.
	* src/chgpasswd.c: Split usage in smaller parts. Those parts are
	already translated for chpasswd. Usage is now closer to
	chpasswd's.
	* src/chgpasswd.c: Remove dead code. No need to set crypt_method
	to NULL when it is already NULL. sflg is only set if crypt_method
	is not NULL.
2011-07-22 23:52:08 +00:00
nekral-guest
bb67476209 * src/expiry.c: Remove dead code.
* src/expiry.c: Improve comments.
2011-07-22 22:39:30 +00:00
nekral-guest
e8373305b4 * src/grpck.c: Added comments.
* src/grpck.c: Avoid implicit conversion of pointer to boolean.
	* src/grpck.c: Remove dead code. argc cannot be lower than optind.
	Avoid checking twice in a row for NULL != list[i].
2011-07-22 22:07:23 +00:00
nekral-guest
8bce7fc016 * src/passwd.c: Overflow when computing the number of days based
on the scaling. Use of long long needed.
2011-07-14 14:03:19 +00:00
nekral-guest
a7fee9db00 * NEWS, src/groupmod.c: When the gshadow file exists but there are
no gshadow entries, an entry is created if the password is changed
	and group requires a shadow entry.
2011-07-14 13:30:05 +00:00
nekral-guest
d4e630b8cc * src/usermod.c (process_flags): Indicate that the user name is
invalid, instead of just a 'field'.
2011-07-14 13:29:59 +00:00
nekral-guest
82b92af086 * src/usermod.c (process_flags): Do not display the usage in case
of an invalid -f value (similar to -e).
2011-07-14 13:29:54 +00:00
nekral-guest
c23e851074 * src/usermod.c (new_pwent): Document that pw_locate will not fail
because getpwnam returned successfully.
2011-07-14 13:29:48 +00:00
nekral-guest
2c6782b501 * NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file
exists but there are no shadow entries, an entry has to be created
	if the password is changed and passwd requires a shadow entry, or
	if aging features are used (-e or -f). Document this and also that
	-e and -f require a shadow file.
2011-07-14 13:29:37 +00:00
nekral-guest
c2f5088067 * src/usermod.c (update_group, update_gshadow): Reduce complexity
and document checks. Some checks were always true/false within
	their call context.
2011-07-14 13:29:32 +00:00
nekral-guest
8195a2b5d8 * src/usermod.c (update_gshadow): is_member was computed twice. 2011-07-14 13:29:27 +00:00
nekral-guest
2798e35d86 * src/usermod.c: usage() does not return. Add annotations. 2011-07-14 13:29:22 +00:00
nekral-guest
d1753cc25d * src/usermod.c (process_flags): Check for oflg is not needed to
check if changes are needed.
2011-07-14 13:29:16 +00:00
nekral-guest
a5ded26850 * src/usermod.c (process_flags): Report usage if no options are
provided. Update the error message.
	* src/usermod.c (process_flags): Check option compatibility and
	dependency before options are discarded when no changes are
	requested.
2011-07-14 13:29:10 +00:00
nekral-guest
d51420bb01 * src/usermod.c (move_home): It is always an error to use -m if
the new home directory already exist (independently from the
	existence of the old home directory did not exist)
2011-07-14 13:29:05 +00:00
nekral-guest
aec025dbf6 * src/usermod.c: Fix typo in comment. 2011-07-14 13:28:59 +00:00
nekral-guest
95257d63a1 * src/groupmod.c: Avoid implicit conversion of pointer to boolean.
* src/groupmod.c: osgrp can be set only if pflg || nflg. No need
	to check for pflg || nflg again
2011-07-08 19:58:40 +00:00
nekral-guest
13873a8799 * lib/fields.c: Fixed typo from 2010-02-15. field insteadof cp
ought to be checked.
	* src/vipw.c: Use Prog instead of progname. This is needed since
	Prog is used in the library.
2011-07-08 19:56:18 +00:00
nekral-guest
cc6eaf9584 Fix typo in comment. 2011-07-08 19:51:32 +00:00
nekral-guest
1a164919f1 Fixed typo. user_home -> mailfile. 2011-07-08 19:50:42 +00:00
nekral-guest
907025eb40 * src/su.c: environ is provided by <unistd.h>.
* src/su.c: Added function prototypes.
	* src/su.c: Rename shellstr parameter to shellname to avoid
	collision with static variable.
	* NEWS, src/su.c: Added support for PAM modules which change
	PAM_USER.
2011-06-16 21:21:29 +00:00
nekral-guest
66d71aafb7 Cleanup. 2011-06-13 18:27:51 +00:00
nekral-guest
317939e821 * src/su.c: After prepare_pam_close_session() there is no need to
close the session in the child. Added pam_setcred to
	prepare_pam_close_session().
2011-06-13 18:27:46 +00:00
nekral-guest
1340beed16 * src/su.c: Also drop the controlling terminal when PAM is not
used.
	* src/su.c: Remove run_shell().
2011-06-13 18:27:40 +00:00
nekral-guest
e9045e9f55 * src/su.c (prepare_pam_close_session): Extract the creation of a
child and listening for signal in the parent from run_shell().
	prepare_pam_close_session() is now executed before the creation of
	the pam session and before the UID is changed. This allows to
	close the session as root.
2011-06-13 18:27:34 +00:00
nekral-guest
69371ba2c2 * src/su.c: Extract export of environment from main(). 2011-06-13 18:27:28 +00:00
nekral-guest
dbe0b96404 * src/su.c: Extract command line processing from main(). 2011-06-13 18:27:23 +00:00
nekral-guest
43e65fdd46 * src/su.c: Close the password databases together with syslog. 2011-06-13 18:27:17 +00:00
nekral-guest
5d6f4f8ea4 * src/su.c: Merge environment setting blocks after the creation of
the session.
2011-06-13 18:27:12 +00:00
nekral-guest
b63c830547 * src/su.c: Cleanup check_perms_nopam(). 2011-06-13 18:27:06 +00:00
nekral-guest
927c2f06a3 * src/su.c: Split check_perms() in to a PAM (check_perms_pam) and
a non-PAM (check_perms_nopam) version.
2011-06-13 18:26:58 +00:00
nekral-guest
40a16a1b04 Compile fixes & cleanups. 2011-06-13 18:26:52 +00:00
nekral-guest
6be3ac560b * src/su.c (save_caller_context): Extract from main() the code
used to save the caller's context.
2011-06-13 18:26:47 +00:00
nekral-guest
b661b913b5 * src/su.c: Cleanup local variables. 2011-06-13 18:26:36 +00:00
nekral-guest
b273c4d19f Cleanup comments. 2011-06-13 18:26:31 +00:00
nekral-guest
7ebfb5c90f * lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not
use the pwent global variable to communicate between APIs of
	different files. Added boolean parameter su_to_root to
	check_su_auth().
	* src/su.c (check_perms): Return the passwd entry of the finally
	authenticated user. Remove usage of the pwent variable.
	* src/su.c: The password of the caller is the one from the
	spwd structure only if the passwd's password is 'x'.
2011-06-13 18:26:26 +00:00
nekral-guest
3abd71c526 * src/su.c: Extract the authentication from the main function. 2011-06-13 18:26:16 +00:00
nekral-guest
dc90c77285 * src/su.c: Define shellstr before the environment so that
restricted_shell is called only once. This will allow moving the
	environment definition after the switch to the new user.
2011-06-13 18:26:10 +00:00
nekral-guest
2f71935616 * src/su.c: Move definition of change_environment and shellstr
after the switch to the final subsystem. The previous architecture
	forced to always change the environment (the shell starts with a
	'*' and was thus restricted, and change_environment could not be
	reset to false).
2011-06-13 18:25:57 +00:00
nekral-guest
941e94f1d2 * src/su.c: No need to change the user's shell in case of
subsystem root. Update the comments.
2011-06-13 18:25:51 +00:00
nekral-guest
4be8077a56 * src/su.c: Group some of the environment processing blocks. The
definition of shellstr, PATH and IFS is not influenced (getenv,
	getdef, restricted_shell) by and does not influence (addenv does
	not change environ) the authentication. And the authentication
	does not overwrite those definitions. This will ease an extraction
	from the big main() function.
2011-06-13 18:25:45 +00:00
nekral-guest
aef33a89c2 * src/su.c: No need to call expire() if there are no shadow entry.
No need to convert a passwd entry into an spwd entry in that case.
2011-06-13 18:25:40 +00:00
nekral-guest
1ddde00b1d * src/su.c: Updating pwent after expire() is not useful. Only the
password information may have changed and they are not used
	anymore afterwards.
2011-06-13 18:25:34 +00:00
nekral-guest
b5403415f7 * NEWS, src/su.c: Do not forward the controlling terminal to
commands executed with -c. This prevents tty hijacking which could
	lead to execution with the caller's privileges. This required to
	forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to
	the executed command.
2011-06-05 14:41:15 +00:00
nekral-guest
a8ca723277 * NEWS, src/userdel.c: Do not remove a group with the same name as
the user (usergroup) if this group isn't the user's primary group.
2011-06-05 12:23:59 +00:00
nekral-guest
14f44bd9c9 * NEWS, src/userdel.c: Check the existence of the user's mail
spool before trying to remove it. If it does not exist, a warning
	is issued, but no failure.
2011-06-04 22:38:57 +00:00
nekral-guest
ce737cf543 * src/sulogin.c: Added Prog, needed because of the last xmalloc()
change.
2011-06-03 21:08:56 +00:00
nekral-guest
597bb764f1 * src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry
to be displayed.
2011-06-02 20:26:30 +00:00
nekral-guest
ee163bed33 * libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in
user_busy() rather than in src/userdel.c or src/usermod.c to
	provide more accurate failure cause (user is logged in or user
	still executes processes).
2011-02-16 20:46:27 +00:00
nekral-guest
0419fc4f5f * NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in
gecos or shell.
2011-02-16 00:18:45 +00:00
nekral-guest
229f243ca0 * NEWS, src/usermod.c: Accept options in any order (username not
necessarily at the end)
2010-08-29 19:02:41 +00:00
nekral-guest
1d336d3a1e * lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
selinux_file_context renamed set_selinux_file_context.
	* lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
	Added reset_selinux_file_context.
	* src/useradd.c: Check the return value of
	set_selinux_file_context and reset_selinux_file_context.
	* libmisc/copydir.c: Check the return value of
	reset_selinux_file_context.
2010-08-28 19:58:00 +00:00
nekral-guest
991ce97170 * src/su.c: Fix handling of environment variables when
the environment is not changed. In particular, this makes su
	behave as documented regarding PATH and IFS (i.e. they are reset)
	when -p is provided.
2010-08-28 19:55:31 +00:00
nekral-guest
ab9427420e * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c,
	src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c,
	src/grpunconv.c, src/chsh.c: Prog changed to a constant string.
2010-08-22 19:36:09 +00:00
nekral-guest
07e462f01f * libmisc/limits.c: Avoid implicit conversion of integer to
boolean.
	* libmisc/basename.c: Avoid implicit conversion of pointer to
	boolean.
	* libmisc/basename.c, lib/prototypes.h (Basename): Return a
	constant string.
	* libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h,
	libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c,
	libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add
	splint annotations.
	* libmisc/chowndir.c: Avoid memory leak.
	* libmisc/chowndir.c: Do not check *printf/*puts return value.
	* libmisc/chowntty.c: Avoid implicit conversion between integer
	types.
	* libmisc/obscure.c: Return a bool when possible instead of int.
	* libmisc/shell.c: Do not check *printf/*puts return value.
	* libmisc/shell.c: Do not check execle return value.
	* libmisc/setupenv.c: Avoid implicit conversion between integer
	types.
	* libmisc/xmalloc.c: size should not be zero to avoid returning
	NULL pointers.
	* libmisc/hushed.c: Do not check *printf/*puts return value.
	* libmisc/system.c: Avoid implicit conversion of integer to
	boolean. safe_system last argument is a boolean.
	* libmisc/system.c: Check return value of dup2.
	* libmisc/system.c: Do not check *printf/*puts return value.
	* libmisc/system.c: Do not check execve return value. 
	* libmisc/salt.c: Do not check *printf/*puts return value.
	* libmisc/loginprompt.c: Do not check gethostname return value.
	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check
	gr_rewind/pw_rewind return value.
	* libmisc/ttytype.c: Limit the number of parsed characters in the
	sscanf format.
	* libmisc/ttytype.c: Test if a type was really read.
	* libmisc/sub.c: Do not check *printf/*puts return value.
	* libmisc/sub.c: Avoid implicit conversion of integer to boolean.
	* src/userdel.c: Fix typo in comment.
	* src/userdel.c: Avoid implicit conversion of boolean to integer.
	* src/userdel.c: safe_system last argument is a boolean.
	* src/newusers.c: Avoid implicit conversion of boolean to integer.
	* src/newusers.c: Avoid implicit conversion of integer to boolean.
	* src/usermod.c: Add brackets.
	* src/usermod.c: Avoid implicit conversion of characters or
	integers to booleans.
	* src/vipw.c: Avoid implicit conversion of integer to boolean.
	* src/su.c: Avoid implicit conversion of integer to boolean.
	* src/su.c: Add brackets.
	* src/useradd.c: Avoid implicit conversion of characters or
	integers to booleans.
2010-08-22 19:13:53 +00:00
nekral-guest
7eb6a4b3a4 Updated copyrights. 2010-08-22 13:04:54 +00:00
nekral-guest
471a2df3a6 * libmisc/obscure.c, lib/prototypes.h (obscure): Return a bool
instead of an int.
	* libmisc/obscure.c, libmisc/tz.c, src/passwd.c, lib/encrypt.c,
	libmisc/copydir.c, lib/prototypes.h: Add splint annotations.
	* libmisc/tz.c: Fix some const issues.
	* libmisc/tz.c: Avoid multi-statements lines.
	* libmisc/tz.c: Add brackets.
	* libmisc/copydir.c: Do not check *printf/*puts return value.
	* libmisc/copydir.c: Fail if we cannot set or reset the SELinux
	fscreate context.
	* libmisc/copydir.c: Use xmalloc instead of malloc.
	* libmisc/copydir.c: Do not check lutimes return value
	* src/vipw.c: Avoid implicit conversion of integer to boolean.
	* src/su.c (iswheel): Return a bool instead of an int.
	* src/passwd.c: Remove insert_crypt_passwd(). Use xstrdup instead.
	* src/passwd.c: Return constant strings when sufficient.
	* src/passwd.c: Do not check *printf/*puts return value.
	* src/passwd.c: Avoid implicit conversion of character to boolean.
	* src/passwd.c: Do not check sleep return value.
	* src/sulogin.c: Do not check *printf/*puts return value.
	* lib/encrypt.c: Do not check fprintf return value.
2010-08-22 12:49:07 +00:00
nekral-guest
7e398a169b * src/sulogin.c: Fix a const issue. 2010-08-21 20:37:23 +00:00
nekral-guest
7bb81f6c3e * src/passwd.c: Fix a const issue.
* src/passwd.c: Avoid multi-statements lines.
2010-08-21 19:55:46 +00:00
nekral-guest
791ebc58dd * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to
copy the extended attributes (the SELinux context is hence reset)
	* src/usermod.c: Copy the extended attributes.
	* src/useradd.c: Only reset the SELinux context.
2010-08-21 17:31:45 +00:00
nekral-guest
f7a00a2334 * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c,
libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c,
	libmisc/loginprompt.c, libmisc/ttytype.c,
	libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c,
	lib/commonio.c, lib/commonio.h: Fix some const issues.
	* libmisc/motd.c: Avoid multi-statements lines.
	* libmisc/motd.c: Support long MOTD_FILE.
	* libmisc/list.c, lib/prototypes.h: Revert previous change.
	dup_list and is_on_list are used with members as defined for the
	group structure, and thus even if the list is not modified, the
	list elements cannot be constant strings.
	* libmisc/system.c: Avoid C++ comments.
	* src/vipw.c: WITH_TCB cannot be tested inside a gettextized
	string. Split the Usage string.
	* lib/commonio.h: Re-indent.
2010-08-21 15:32:53 +00:00
nekral-guest
fad23b25a1 * src/usermod.c: Re-indent. 2010-08-20 18:24:33 +00:00
nekral-guest
16362e289b 2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
* src/useradd.c: spool is a constant string.
	* src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false 

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* src/usermod.c: move_home() is only called if mflg is set.
	* src/usermod.c: Fail is -m is provided but the old home directory
	is not a directory.
	* src/usermod.c: Use the previous improvement of copy_tree to
	provide better error diagnosis.
	* src/usermod.c: When rename() is used, also change the ownership.
	* src/usermod.c: Do not change the ownership of the root directory
	twice.
	* src/usermod.c: When -u is provided, only change the ownership of
	the home directory if it is a directory.
	* src/usermod.c: Also change ownerships when -g is used.

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to
	copy_tree to detect when ownership shall be changed.
	* libmisc/copydir.c: Document the behavior when the IDs are set to
	-1.
	* lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter
	copy_root.
	* libmisc/copydir.c: error() and ctx can be static.
	* libmisc/copydir.c (copy_hardlink): Remove parameter src.

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* libmisc/chowndir.c: Dynamically allocate memory to support
	path longer than 1024 characters.
	* libmisc/chowndir.c: Fix typos in documentation.
	* libmisc/chowndir.c: Support and document the behavior when a old
	or new ID is set to -1.
	* libmisc/chowndir.c: Improved error detection when chown fails.
	* libmisc/chowndir.c: Harmonize error handling strategy when an
	error occurs: stop changing ownership as soon as an error was
	detected.
2010-04-04 20:55:46 +00:00
nekral-guest
427b60f288 * src/su.c: shell's name must be -su when a su fakes a login. 2010-03-30 21:32:36 +00:00
nekral-guest
902aad57af * NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml,
man/usermod.8.xml, src/Makefile.am: Added support for ACLs and
	Extended Attributes.
2010-03-30 21:01:27 +00:00
nekral-guest
97961b8bee * NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml:
PAM enabled versions: restore the -e option to allow restoring
	passwords without knowing those passwords. Restore together the -m
	and -c options.
2010-03-25 20:35:59 +00:00
nekral-guest
fcd5b38caf * src/su.c, src/vipw.c, src/newgrp.c: When the child is
interrupted, stop ourself with a SIGSTOP signal.
2010-03-23 13:05:06 +00:00
nekral-guest
052e9105f7 * src/newgrp.c: Limit the scope of variable pid.
* src/login_nopam.c: Limit the scope of variables end, lineno, i,
	str_len.
	* src/logoutd.c: Limit the scope of variable c.
	* src/vipw.c: Re-indent.
	* src/vipw.c: Close the file after the creation of the backup.
	* src/useradd.c (set_default): Close input file on failure.
	* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
	gid, mode.
	* src/passwd.c: Limit the scope of variables last and ok.
	* src/chage.c: Fix typo (non breaking space).
	* src/login.c: Limit the scope of variables erasechar killchar, c,
	failed.
	* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
	* src/id.c: Limit the scope of variable i.
2010-03-23 11:26:34 +00:00
nekral-guest
68b6e6d2be * src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos. 2010-03-19 11:01:32 +00:00
nekral-guest
5e38d92a95 * src/chsh.c: Even for root, warn if an invalid shell is
specified.
2010-03-18 23:21:00 +00:00
nekral-guest
8e2010a26c * src/useradd.c: When exiting because of a failure, warn if an
home directory created, but cannot be removed.
2010-03-18 18:57:03 +00:00
nekral-guest
0cbbdb32c4 * libmisc/strtoday.c: Add support for numerical dates, assuming
they are already specified in number of days since Epoch. Return
	-2 in case of errors to support the specification of -1.
	* src/usermod.c, src/useradd.c: Adapt to the new error value of
	strtoday().
	* src/chage.c:  Remove isnum(). Adapt to the new error value of
	strtoday(). Support for numerical dates is moved to strtoday().
2010-03-18 11:53:49 +00:00
nekral-guest
27f67dcad0 * src/pwck.c: Unlock the password and shadow files when there is a
failure to prepare the update in memory.
2010-03-18 10:52:52 +00:00
nekral-guest
6a1dea6602 * src/pwck.c: Only log to SYSLOG when acting on system files. 2010-03-18 10:35:11 +00:00
nekral-guest
657271eb04 * src/pwck.c: Remove the -s option from the usage when USE_TCB is
enabled. The option is still supported, but has no effect, as
	documented in the manpage.
2010-03-18 10:25:08 +00:00
nekral-guest
2db82460b1 * src/pwck.c: Document the sections closed by #endif
* src/pwck.c, man/pwck.8.xml: No alternative shadow file can be
	given when USE_TCB is enabled.
2010-03-18 10:23:51 +00:00
nekral-guest
07c6e99725 * src/pwck.c: Do not use pwd_file and spw_file. Always use the
dbname() functions.
2010-03-18 09:46:15 +00:00
nekral-guest
f77e9d0d80 * src/pwck.c: Re-indent. 2010-03-18 09:33:55 +00:00
nekral-guest
a996fac57b * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the
	SHADOWTCB_FAILURE return code instead of 0 or implicit conversion
	to booleans.
2010-03-18 09:21:27 +00:00
nekral-guest
8228f99c36 2010-03-18 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
* src/pwck.c: Add support for TCB.
	* src/pwck.c: Use spw_dbname() instead of spw_file since TCB
	changes from a file to another depending on the user. Also use
	pw_dbname() for consistency.
2010-03-18 09:01:04 +00:00
nekral-guest
41b5cc2d20 * src/faillog.c: Re-indent. 2010-03-18 00:07:00 +00:00
nekral-guest
a013f8519b Updated copyright dates. 2010-03-16 19:15:34 +00:00
nekral-guest
c0e7dcd2fd * man/faillog.8.xml: Document the behavior in display mode of the
-a option.
	* NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to
	the non-display mode. This changes the default behavior of the -l,
	-m, -r, -t options when -a is not specified (restrict to existing
	users).
2010-03-16 19:15:22 +00:00