Commit Graph

2733 Commits

Author SHA1 Message Date
Tobias Stoeckmann
875d2d49c1 chfn: Prevent buffer overflow.
This is a stability fix, not a security fix, because the affected -o
option can only be used by root and it takes a modified passwd file.

If a gecos field for a user has BUFSIZ characters without commas and an
equals sign (i.e. a huge slop/extra field) and chfn is called with -o,
then a buffer overflow occurs.

It is not possible to trigger this with shadow tools. Therefore, the
passwd file must be modified manually.

I have fixed this unlikely case the easiest and cleanest way possible.
Since chfn bails out if more than 80 characters excluding commas are
supposed to be written into gecos field, we can stop processing early on
if -o argument is too long.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2020-07-12 19:09:14 +02:00
Tobias Stoeckmann
83aa88466d chage: Prevent signed integer overflows.
This is merely a stability fix, not a security fix.

As the root user, it is possible to set time values which later on
result in signed integer overflows.

For this to work, an sgetspent implementation must be used which
supports long values (glibc on amd64 only parses 32 bit, not 64).
Either use musl or simply call configure with following environment
variable:

$ ac_cv_func_sgetspent=no ./configure

Also it is recommended to compile with -fsanitize=undefined or
-ftrapv to see these issues easily.

Examples to trigger issues when calling "chage -l user":

$ chage -d 9223372036854775807 user

$ chage -d 106751991167300 user
$ chage -M 9999 user

$ chage -d 90000000000000 user
$ chage -I 90000000000000 user
$ chage -M 9999 user

$ chage -E 9223372036854775807 user

While at it, I fixed casting issues which could lead to signed integer
overflows on systems which still have a 32 bit time_t.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2020-07-12 17:56:38 +02:00
Serge Hallyn
607f1dd549 libsubid: fix a prototype in api.h
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-06-19 22:09:20 -05:00
Serge Hallyn
6baeb25038
Merge pull request #234 from edneville/79_userdel
Adding run-parts for userdel
2020-06-10 00:31:10 -05:00
ed
32cfa176f2 Adding run-parts style for pre and post useradd/del
Signed-off-by: ed neville <ed@s5h.net>
2020-06-10 00:26:55 -05:00
Serge Hallyn
b01bd3b139
Merge pull request #250 from hallyn/libsubid
[strawman] Implement libsubid
2020-06-08 00:10:16 -05:00
Serge Hallyn
0a7888b1fa Create a new libsubid
Closes #154

Currently this has three functions: one which returns the
list of subuid ranges for a user, one returning the subgids,
and one which frees the ranges lists.

I might be mistaken about what -disable-man means;  some of
the code suggests it means just don't re-generate them, but
not totally ignore them.  But that doesn't seem to really work,
so let's just ignore man/ when -disable-man.

Remove --disable-shared.  I'm not sure why it was there, but it stems
from long, long ago, and I suspect it comes from some ancient
toolchain bug.

Create a tests/run_some, a shorter version of run_all.  I'll
slowly add tests to this as I verify they work, then I can
work on fixing the once which don't.

Also, don't touch man/ if not -enable-man.

Changelog:
	Apr 22: change the subid list api as recomended by Dan Walsh.
	Apr 23: implement get_subid_owner
	Apr 24: implement range add/release
	Apr 25: finish tests and rebase
	May 10: make @owner const

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2020-06-07 12:11:58 -05:00
Serge Hallyn
43a917cce5 configure: define abi versions
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2020-06-07 12:07:23 -05:00
Serge Hallyn
089cf55e2c drop svn complications from test runner
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-06-07 12:07:14 -05:00
Serge Hallyn
316a153abb tests: use git to determine top_dir
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-06-07 12:07:09 -05:00
Serge Hallyn
6e6494680d trivial: drop useless version-info from libshadow_la_LDFLAGS
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2020-06-07 12:07:00 -05:00
Serge Hallyn
6155e91f4e
Merge pull request #262 from andydna/master
correct grammar in shadow(5)
2020-06-06 12:59:59 -05:00
andydna
967bfb0376 correct grammar in shadow(5) 2020-06-04 22:29:15 -05:00
Serge Hallyn
9cb21c2bdf
Merge pull request #259 from Inrin/lastlog_MaxPadding
Add maximum padding to fit IPv6-Addresses
2020-05-28 14:45:23 -05:00
Serge Hallyn
5cb839d977
Merge pull request #257 from Frans-Spiesschaert/new_dutch_po_branch
(nl) updated Dutch translation
2020-05-26 14:48:48 -05:00
Inrin
b128222477
Add maximum padding to fit IPv6-Addresses
We use a fixed padding for the From column to fit the maximum of a
minimized IPv6-LL-Address and it's interface.
2020-05-24 23:48:25 +02:00
Frans Spiesschaert
fc95155aa4 (nl) updated Dutch translation 2020-05-24 15:26:06 +02:00
Serge Hallyn
320707fcb0
Merge pull request #251 from lifecrisis/nonexistent
Add "NONEXISTENT" to "login.defs"
2020-05-11 09:13:34 -05:00
Jason Franklin
4086aed1ed
Update the "README" file 2020-05-11 09:27:01 -04:00
Jason Franklin
096dad6305
Add "NONEXISTENT.xml" to "man/Makefile.am" 2020-05-11 09:27:00 -04:00
Jason Franklin
4772689d27
Name "NONEXISTENT" in the man page for "pwck" 2020-05-11 09:27:00 -04:00
Jason Franklin
1566921dd8
Add detailed documentation for "NONEXISTENT" 2020-05-11 09:26:45 -04:00
Jason Franklin
04062cda11
Add "NONEXISTENT" to the "login.defs" man page 2020-05-11 09:26:43 -04:00
Jason Franklin
c040058fe3
Check for "NONEXISTENT" in "src/pwck.c" 2020-05-11 09:26:43 -04:00
Jason Franklin
c56fe7117b
Add "NONEXISTENT" to def_table 2020-05-11 09:26:42 -04:00
Jason Franklin
e2f74c347b
Add "NONEXISTENT" to "etc/login.defs" 2020-05-11 09:26:04 -04:00
Serge Hallyn
f929bfd90b
Merge pull request #237 from ikerexxe/usermod_fails
Check only local groups when adding new supplementary groups to a user
2020-05-01 22:26:41 -05:00
Serge Hallyn
c889ebc2c9
Merge pull request #249 from brauner/coverity
travis: reorder sections and add regenerated coverity token
2020-04-25 12:32:13 -05:00
Christian Brauner
a3a1cf6536
travis: reorder sections and add regenerated coverity token
Also remove the openssl section since both lxc and lxcfs don't need it
either.

Signed-off-by: Christian Brauner <christian@brauner.io>
2020-04-25 18:45:24 +02:00
Serge Hallyn
7e0e931519
Merge pull request #248 from brauner/coverity
travis: add more architectures + enable Coverity
2020-04-25 11:32:23 -05:00
Christian Brauner
97a76bd9e6
travis: add more architectures and Coverity support
Now that travis supports more architectures let's make sure we test on
all of them and that we enable Coverity too.

Signed-off-by: Christian Brauner <christian@brauner.io>
2020-04-25 12:59:25 +02:00
Christian Brauner
69332884b1
Merge pull request #247 from jubalh/unusedcpp
Remove unused variables
2020-04-25 12:34:49 +02:00
Michael Vetter
992c1723af Remove unused 'buf' in shadow.c 2020-04-25 12:23:10 +02:00
Michael Vetter
8eee5d03fd Remove unused variable 'cpp' 2020-04-25 12:10:39 +02:00
Serge Hallyn
77be9c35c7
Merge pull request #244 from sthibaul/master
Fix hurd build
2020-04-23 10:56:48 -05:00
Christian Brauner
f7ae4d48f4
Merge pull request #246 from blueskycs2c/stderr-pr
check_uid_range : warnings go to stderr
2020-04-20 10:01:27 +02:00
blueskycs2c
1d8487d851 check_uid_range : warnings go to stderr 2020-04-20 10:16:19 +08:00
Christian Brauner
52aba825af
Merge pull request #245 from hallyn/2020-04-17/libmisc
remove unused and misleading 'owner' argument from find_new_sub*
2020-04-18 12:32:38 +02:00
Serge Hallyn
25b1a8d591 remove unused and misleading 'owner' argument from find_new_sub*
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-04-17 16:32:44 -05:00
Samuel Thibault
5de28353d4 Fix hurd build
Do not include <sys/prctl.h> we don't have <sys/capability.h>, we don't
need prctl in that case anyway.

Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
2020-04-17 21:50:48 +02:00
Serge Hallyn
7b36b160f7
Merge pull request #243 from blueskycs2c/uid-pr
print a warning from useradd if -u is used with uid number outside ra…
2020-04-16 11:48:21 -05:00
blueskycs2c
00e629c0ba print a warning from useradd if -u is used with uid number outside range. 2020-04-11 22:45:54 +08:00
Christian Brauner
942f1945bb
Merge pull request #242 from topimiettinen/login-defs-modernize
login.defs: warn about weak choices
2020-04-10 16:58:29 +02:00
Topi Miettinen
69301dfa24
login.defs: warn about weak choices
According to crypt(5), MD5 and DES should not be used for new
hashes. Also the default number of SHA rounds chosen by libc is orders
of magnitude too low for modern hardware. Let's warn the users about
weak choices.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
2020-04-10 14:09:55 +03:00
ikerexxe
8762f465d4 useradd: check only local groups with -G option
Check only local groups when adding new supplementary groups to a user

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1727236
2020-03-30 13:08:30 +02:00
ikerexxe
140510de9d usermod: check only local groups with -G option
Check only local groups when adding new supplementary groups to a user

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1727236
2020-03-30 13:07:32 +02:00
Serge Hallyn
125a5dc309
Merge pull request #236 from jsoref/with-an
spelling: with-an
2020-03-20 22:30:16 -05:00
Serge Hallyn
e78be3df43
Merge pull request #232 from eagleoflqj/master
fix typo 登陆->登录
2020-03-20 22:29:55 -05:00
Serge Hallyn
d60b59b156
Merge pull request #226 from ikerexxe/dev1
useradd: clarify the useradd -d parameter behavior in man page
2020-03-20 17:45:37 -05:00
ikerexxe
6543c600d8 useradd: clarify the useradd -d parameter behavior in man page
Explanation: clarify the useradd -d parameter as it does create directory HOME_DIR if it doesn't exit.

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1677005

Changelog: [serge] minor tweak to the text
2020-03-20 17:45:01 -05:00