nekral-guest
722941eae1
Document the differences between locking an account and locking a password.
2007-11-17 22:07:47 +00:00
nekral-guest
0743a7236d
Same fixes as applied to usermod: refuse to unlock an account when it
...
would result in a passwordless account.
2007-11-17 22:05:31 +00:00
nekral-guest
85463e754d
Refuse to unlock an account when it would result in a passwordless
...
account. Based on Openwall's patch shadow-4.0.4.1-owl-usermod-unlock.diff
2007-11-17 22:02:22 +00:00
nekral-guest
5e438aa46c
Make sure that the prefix is the name of a directory (not only the
...
beginning of a directory).
Openwall patch shadow-4.0.4.1-owl-userdel-path_prefix.diff.
2007-11-17 21:24:06 +00:00
nekral-guest
1f4488f963
* src/newgrp.c: Do not give an indication that the group has no
...
password.
* src/newgrp.c: Do not only bail on syslog if the password is not
valid. Also give an indication to the user on stderr.
2007-11-17 21:03:33 +00:00
nekral-guest
225b096838
Remove a comment which states that an user shall provide a password to
...
switch to her group.
2007-11-17 20:41:49 +00:00
nekral-guest
8e568ef697
Last parts of the Openwall patch shadow-4.0.4.1-owl-chage-drop-priv.diff:
...
* src/chage.c: Make chage -l also drop the saved GID.
* src/chage.c: Prefer setregid/setreuid to setgid/setuid.
2007-11-17 20:28:32 +00:00
nekral-guest
24cfb1c158
* src/chage.c: Remove cleanup(). pw_lock is never called. Replace
...
cleanup(2) by spw_unlock and remove the calls to cleanup(1).
* src/chage.c: Remove variable pwrw. It is always set to 0. The
password database is always read only.
2007-11-17 20:09:54 +00:00
nekral-guest
cbb2911b7f
* man/generate_translations.mak: Generic rules for all the
...
generated translated manpages (if ENABLE_REGENERATE_MAN).
* man/Makefile.am: Removed rules for all the generated translated
manpages.
* man/sv/Makefile.am, man/de/Makefile.am, man/fr/Makefile.am,
man/pl/Makefile.am, man/ru/Makefile.am, man/it/Makefile.am:
Include generate_translations.mak to handle the generated
translations (XML and roff files).
* man/Makefile.am: Translated XML files moved from the CLEANFILES
variable of man/Makefile.am to the various languages Makefiles.
2007-11-17 18:45:22 +00:00
nekral-guest
a9f2f60c68
Fixes from Openwall patch shadow-4.0.4.1-alt-man.diff:
...
* man/useradd.8.xml: Indicate that the NIS caveats is also valid
for any external database as LDAP.
* man/groupadd.8.xml: Likewise.
* man/groupadd.8.xml: Reorder and reformat the caveats bullets.
2007-11-17 18:13:17 +00:00
nekral-guest
77bfba3017
Document that chpasswd does not use PAM to update the passwords. This fixes
...
http://bugs.debian.org/396726 . Debian patch 411_chpasswd_document_no_pam.
2007-11-17 17:31:54 +00:00
nekral-guest
7eed43550c
Provide URLs for the Debian bugs.
2007-11-17 17:24:23 +00:00
nekral-guest
0fd1ed4517
Avoid terminating the PAM library in the forked child. This is done later
...
in the parent after closing the PAM session.
This fixes http://bugs.debian.org/412061 .
Debian patch 405_su_no_pam_end_before_exec.
2007-11-17 17:19:44 +00:00
nekral-guest
7503c8a029
Mention sg in the newgrp manpage. Debian patch 410_newgrp_man_mention_sg.
2007-11-17 17:03:01 +00:00
nekral-guest
be972d7db3
Fix typo: the warndays option was called warning. This is now warndays,
...
as documented in the manpage and usage. Debian patch 417_passwd_warndays.
2007-11-17 16:57:37 +00:00
nekral-guest
fb6cb07a60
Remove the preprocessor check SHADOWPWD. The variable is no more defined
...
(and always assumed). Debian patch 493_pwck_no_SHADOWPWD.
2007-11-17 16:50:26 +00:00
nekral-guest
5bcc89ffe7
Add NEWS entries for the last 2 changes.
2007-11-17 16:43:00 +00:00
nekral-guest
e47ee90033
-l/-u options: edit the shadow account expiry field *in addition* to
...
editing the password field. Debian patch 494_passwd_lock.
2007-11-17 16:40:39 +00:00
nekral-guest
5d2ca8b240
Do not request a password when a user uses newgrp to switch to her primary
...
group. Debian patch 497_newgrp_primary_group.
2007-11-17 16:19:00 +00:00
nekral-guest
90ef765c2e
Log an error if the password entry could not be
...
found (respect LOG_UNKFAIL_ENAB to avoid logging a password). This
fixes the Debian bug http://bugs.debian.org/451521
2007-11-17 16:05:54 +00:00
nekral-guest
ca875647b9
-b documenation: Use the same notation for the -d argument as in the -d documentation.
2007-11-17 15:27:12 +00:00
nekral-guest
e39a941413
Allow the -b option even without the -D option.
2007-11-17 15:07:59 +00:00
nekral-guest
87b5ce3036
Use the same error message for the below errors.
...
(option working ONLY if another is specified).
2007-11-17 14:49:39 +00:00
nekral-guest
af045a0733
Make usermod -o and -u work independently of the argument order.
2007-11-17 14:40:54 +00:00
nekral-guest
488184394e
Validate that two of the -L, -p, and -U options are not used at the same
...
time after the parsing of options. -U used to be allowed after -p or -L,
but not before.
2007-11-17 14:33:26 +00:00
nekral-guest
71392cdc8f
Make usermod -d and -m work independant of the argument order. Thanks to
...
Justin Pryzby <jpryzby+d@quoininc.com> for the patch. This fixes Debian's
bug #451518 .
2007-11-17 14:21:05 +00:00
nekral-guest
4aafb131ca
* NEWS, lib/nscd.c: Execute nscd -i instead of using the private
...
glibc socket to flush the nscd tables. This comes from the RedHat
patch shadow-4.0.16-nscd.c.
* lib/commonio.c: Forbid inheritance of the passwd and group files
to the spawed processes (like nscd). This comes from the RedHat
patch shadow-4.0.17-notInheritFd.patch.
* lib/nscd.h: Update header.
2007-11-17 14:04:05 +00:00
nekral-guest
24e742d202
* src/usermod.c (fail_exit): Add static variables pw_locked,
...
spw_locked, gr_locked, and sgr_locked to indicate which files must
be unlocked.
* src/usermod.c (open_files, close_files): Open and close the
group files as well as the passwd files. This permit to check if
the group files modification are allowed before writing the passwd
files.
* src/usermod.c (grp_update, update_gshadow, update_group): Do not
return a status code, but call fail_exit() in case of error. The
group files are no more opened and closed in update_gshadow() and
update_group().
* src/usermod.c (main): move the call to grp_update between
open_files and close_files.
* src/usermod.c: Differentiate failure to add a group entry and
failure to add a shadow group entry.
2007-11-17 11:42:47 +00:00
nekral-guest
326074388c
Differentiate failure to update a group entry and failure to update a shadow group entry.
2007-11-17 11:31:06 +00:00
nekral-guest
9afe59af3e
Inform the user if out of memory while updating a group database.
2007-11-16 23:39:42 +00:00
nekral-guest
7ecdf9b71f
Update the group database before flushing the nscd caches.
2007-11-16 23:29:41 +00:00
nekral-guest
0325483ee4
Abort if an error is found while updating the user or group database. No
...
changes will be written in the databases.
2007-11-16 23:26:56 +00:00
nekral-guest
b370e1502e
It is no more needed to check that the user's groups are specified only
...
once in the group file. This is checked by gr_update().
2007-11-16 23:05:24 +00:00
nekral-guest
07c2610170
* lib/commonio.c (next_entry_by_name): New function.
...
* NEWS, lib/commonio.c (commonio_update): When an entry is updated, make
sure that there are no other entry with the same name. This fixes
an infinite loop in userdel and usermod when an (erroneous) group
file contains two entries with the same name.
(https://bugzilla.redhat.com/show_bug.cgi?id=240915 )
2007-11-16 22:59:14 +00:00
nekral-guest
c2ebdc4b5d
Fix date entry.
2007-11-16 22:33:59 +00:00
nekral-guest
449f17385a
* libmisc/salt.c: Make sure the salt string is terminated at the
...
right place (either 8th, or 11th position).
* NEWS, src/chgpasswd.c, src/chpasswd.c: The protocol + salt does
not need 15 chars. No need for a temporary buffer.
This change the fix committed on 2007-11-10. The salt provided to
pw_encrypt could have been too long.
2007-11-16 19:02:00 +00:00
nekral-guest
e163c5fe9c
Fix typo: missing / in <placeholder-1/>. This caused the gpasswd title to be incomplete in the French manpage.
2007-11-16 14:10:29 +00:00
nekral-guest
f55e00dc4e
Add support for uClibc with no l64a().
2007-11-16 12:36:21 +00:00
nekral-guest
e0edb7db17
Add support for systems with no innetgr(). On those systems, username
...
with an @ will be treated like any other username (i.e. lookup in the
local database for an user with an @). Thanks to Mike Frysinger for the
patch.
2007-11-16 11:32:42 +00:00
nekral-guest
690f7aee2e
Indentation fix.
2007-11-16 10:50:38 +00:00
nekral-guest
8d527f156d
Declare the child and pid variable at the beginning of a block. This
...
fixes a compilation issue with gcc 2.95. The intent is the same as
Gentoo's patch shadow-4.0.12-gcc2.patch.
2007-11-14 13:46:15 +00:00
nekral-guest
15f43716c1
Add a variable to set the suid permissions. This should simplify Gentoo's
...
patch shadow-4.0.11.1-perms.patch.
2007-11-14 13:32:25 +00:00
nekral-guest
b2120265fd
Added the subversion svn:keywords property (Id) for proper identification.
2007-11-10 23:46:11 +00:00
nekral-guest
fb3b2ddbff
Restore the ignore patterns from the previous repository.
2007-11-10 23:34:37 +00:00
nekral-guest
0f09d5378a
Update the PO files.
2007-11-10 22:36:37 +00:00
nekral-guest
f9de15fdcf
Don't ask for a password if there are no group passwords. Just directly
...
give up. This comes from the Fedora's patch shadow-4.0.13-newgrpPwd.patch,
and seems to be the only part with an effect.
2007-11-10 18:54:40 +00:00
nekral-guest
1bdb92706e
Fix chpasswd and chgpasswd stack overflow. Based on Fedora's shadow-4.0.18.1-overflow.patch.
2007-11-10 18:48:23 +00:00
nekral-guest
6a051e1544
Allow non numerical group identifier to be specified with useradd's -g
...
option. Applied Debian patch 397_non_numerical_identifier. Thanks also to
Greg Schafer <gschafer@zip.com.au>.
2007-11-10 15:51:38 +00:00
nekral-guest
8609e24880
Update the version number to 4.0.18.2 and the gettext version to 0.16.
2007-10-27 23:22:11 +00:00
nekral-guest
a8856cbfbd
Remove a plural form. nplurals=1 for japanese. Moreover, msgstr[0] was identical to msgstr[1].
2007-10-27 23:18:08 +00:00