utmp.c to chowntty.c. checkutmp() now only uses an existing utmp
entry if the pid matches and ut_line matches with the current tty.
This fixes a possible DOS when entries can be forged in the utmp
file.
* libmisc/chowntty.c, src/login.c, lib/prototypes.h: Remove the
tty argument from chown_tty. chown_tty always changes stdin and
does not need this argument anymore.
to create a home directory for new users.
* src/useradd.c, man/useradd.8.xml: New -M/--no-create-home option
and CREATE_HOME usage. System accounts are not impacted by
CREATE_HOME.
* man/useradd.8.xml: Indicate that a new group is created by
default.
* src/useradd.c: Removed TODO item (moved to the TODO file).
Thanks to Peter Vrabec.
* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Build an
index of used IDs to avoid a database request for each id in the
allowed range (when the highest allowed ID is already used).
This speedups the addition of users or groups when the highest
allowed ID is already used. The additional memory usage of the
tools should be acceptable when UID_MAX/SYS_UID_MAX are set to a
reasonable number.
--disable-account-tools-setuid options. This permits to disable
the PAM authentication of the caller for chage, chgpasswd,
chpasswd, groupadd, groupdel, groupmod, newusers, useradd,
userdel, and usermod. This authentication is not necessary when
these tools are not installed setuid root.
changes have started to be reported to syslog.
* src/userdel.c: Fix some result parameters sent to
audit_logger().
* NEWS: Following changes from a patch contributed by Steve Grubb
<sgrubb@redhat.com>
* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
of AUDIT_USER_CHAUTHTOK.
* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead
of AUDIT_USER_CHAUTHTOK.
* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
AUDIT_USER_CHAUTHTOK.
* src/useradd.c: Add missing logs to audit.
* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
* src/userdel.c: Add missing logs to audit.
* configure.in, libmisc/copydir.c: futimes() and lutimes() are not
standard. Check if they are implemented before using them. Do not
set the time of links if lutimes() does not exist, and use
utimes() as a replacement for futimes().
the list, not adduser. This fixes a segmentation fault for every
call of groupmems -d.
* libmisc/list.c: Add assertions to help identifying these issues.
* libmisc/list.c: Avoid implicit conversion of pointers to
booleans.
support for long options --add (-a), --delete (-d),
--remove-password (-r), --restrict (-R), --administrators (-A),
and --members (-M)
* man/gpasswd.1.xml: Document the new long options.
* src/gpasswd.c: The sgrp structure is only used if SHADOWGRP is
defined.
the --lock an --unlock options do not lock or unlock the user
account anymore. They only lock or unlock the user's password.
* man/passwd.1.xml: Document above change. Document how an account
can be locked and what a password lock means.
* src/groupmems.c: members() renamed display_members() to
avoid name clash with its members argument.
* src/groupmems.c: Report failure to unlock to syslog.
* src/groupmems.c: Harmonize error messages.
* src/groupmems.c: Report failures to write the new group file to
syslog (gr_close() failure).
* src/groupmems.c: Don't use fail_exit for non-failure exit.
* src/groupmems.c: Added Prog global variable to indicate the name
of the program in error messages.
2008-07-22 Lukáš Kuklínek <lkukline@redhat.com>
* NEWS, src/groupmems.c: Check if the user added to group actually
exist. RedHat bug #455603
* NEWS, src/groupmems.c: Check if the group exists in the group
local database (/etc/group). RedHat bug #456088
effects. This avoid checking if the user exists in the local passwd
file if not necessary, and thus allow to add LDAP users to local
groups. (The user is already checked against the system
configuration with getpwnam()). Thanks to Dan Kopecek.
* src/newusers.c: Use a bool when possible instead of int
integers.
* src/newusers.c: Avoid implicit conversion of pointers / integers
/ chars to booleans.
* src/newusers.c: Ignore the return value of pam_end() before
exiting.
* src/newusers.c: Ignore return value of setlocale(),
bindtextdomain(), and textdomain().
* src/newusers.c: Avoid multi-statements lines.
* src/newusers.c: Add brackets and parenthesis.
- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
chgpasswd; and also passwd if configured without PAM support).
The number of rounds and number of salt bytes was fixed to their lower
allowed values (resp. configurable and 8), hence voiding some of the
advantages of this encryption method. Dictionary attacks with
precomputed tables were easier than expected, but still harder than with
the MD5 (or DES) methods.
* NEWS, libmisc/salt.c (SHA_salt_size): Seed the RNG, and fix a
overflow. These caused the SHA salt size to always be 8 bytes,
instead of being in the 8-16 range. Thanks to Peter Vrabec
pvrabec@redhat.com for noticing.
* NEWS, libmisc/salt.c (SHA_salt_rounds): Seed the RNG with
seedRNG instead of srand, and fix the same overflow. This caused
the number of rounds to always be the smallest one.
SIGSTOP handling. Raise the signal which stopped the child instead
of always SIGSTOP.
Import Debian patch 406_vipw_resume_properly.
Thanks to Dean Gaudet.
* NEWS, src/vipw.c: Resume properly after ^Z.
Fail if the feature is requested but the library (or
header file) could not be found. If nothing is specified, enable
the feature only if we can find the library (or header file).
$(pamd_files). Remove the duplicate useradd. And sort
alphabetically. Thanks to Mark Rosenstand <mark@borkware.net>.
* NEWS: Prepare next release, 4.1.2.
files are unlocked on exit. Unlock locked files in fail_exit().
Prefer fail_exit() over exit().
* NEWS, src/groupmod.c: When the GID of a group is changed, update
also the GID of the passwd entries of the users whose primary
group is the group being modified.
removed is used by different entries (like commonio_update does).
* NEWS: This fix the behavior of groupdel when the system is not
configured to support split group but different group entries
have the name of the group to be deleted.
unlocked on exit. Add function fail_exit(). Use fail_exit()
instead of exit().
* src/groupdel.c: Fail immediately instead of increasing errors.
Better handling of error cases, like locked group or gshadow file.
to Christian Henz (http://bugs.debian.org/467488)
* src/gpasswd.c (get_group): Do not fail if gshadow is not present. Just use
the group file and set the grent structure
* src/gpasswd.c (check_perms): The permissions should be checked
using both the gshadow and group file. Add a <struct group *>
parameter, and check if the gshadow file exists (is_shadowgrp).
* src/gpasswd.c (main): Do not use sgent.sg_mem or sgent.sg_adm if
the gshadow file is not present (sgent is not initialized in that
case). The fields of sgent can be set, but not used.
