Commit Graph

218 Commits

Author SHA1 Message Date
nekral-guest
29050eadb5 * NEWS, src/userdel.c, man/userdel.8.xml: Add option -Z/--selinux-user.
* libmisc/system.c, lib/prototypes.h, libmisc/Makefile.am: Removed
	safe_system().
	* lib/selinux.c, po/POTFILES.in, lib/prototypes.h,
	lib/Makefile.am: Added helper functions for semanage.
	* README, src/useradd.c, src/usermod.c, src/userdel.c,
	configure.in: Use libsemanage instead of semanage.
2011-11-17 21:51:07 +00:00
nekral-guest
d2a516a75d * src/useradd.c: Compil fix when SHADOWGRP is not enabled. 2011-11-16 19:33:51 +00:00
nekral-guest
57f9d5ae9c * src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
	src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c,
	src/usermod.c: Provide the PAM error
	message instead of our own, and log error to syslog.
	* src/groupmems.c: Exit with exit rather than fail_exit in usage().
	* src/newusers.c: Check the number of arguments.
	* src/newusers.c: Do not create the home directory when it is not
	changed.
	* src/useradd.c: Set the group password to "!" rather "x" if there
	are no gshadow file.
2011-11-13 16:24:57 +00:00
nekral-guest
f0a63185c9 * src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c,
src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
	src/groupmems.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c,
	src/lastlog.c, src/newusers.c, src/passwd.c, src/pwconv.c,
	src/pwunconv.c, src/su.c, src/useradd.c, src/userdel.c,
	src/usermod.c, src/vipw.c: Align and sort options.
2011-11-06 18:39:59 +00:00
nekral-guest
cecae46ccf * NEWS, src/useradd.c, man/useradd.8.xml: Add --root option. Open
audit after the potential chroot.
2011-11-06 18:37:25 +00:00
nekral-guest
d3195c6b5f * src/newusers.c: Fix typo.
* src/useradd.c: Likewise.
2011-10-18 20:13:37 +00:00
nekral-guest
23afb3fd07 * src/useradd.c: Remove def_file. It was always set to
USER_DEFAULTS_FILE.
	* src/useradd.c: Fix cut&paste issue causing bad warning when
	the useradd.default file contains an invalid INACTIVE= value.
	* src/useradd.c: Added missing end of line for rename errors.
	* src/useradd.c: Added -D synopsis to the usage message.
	* src/useradd.c: Do not scale_age(-1), just use -1.
	* src/useradd.c: Added FIXME to be fixed later.
	* src/useradd.c: Allow -e -1 when there is no shadow file.
	* src/useradd.c: Fail, but do not print the usage message when the
	-e argument is not valid.
	* src/useradd.c: No need to check for oflg since uflg is
	already checked.
2011-09-18 18:00:06 +00:00
nekral-guest
905e14ee83 * src/useradd.c: Remove unused Zflg. 2011-07-30 01:47:52 +00:00
nekral-guest
1d336d3a1e * lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
selinux_file_context renamed set_selinux_file_context.
	* lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
	Added reset_selinux_file_context.
	* src/useradd.c: Check the return value of
	set_selinux_file_context and reset_selinux_file_context.
	* libmisc/copydir.c: Check the return value of
	reset_selinux_file_context.
2010-08-28 19:58:00 +00:00
nekral-guest
ab9427420e * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c,
	src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c,
	src/grpunconv.c, src/chsh.c: Prog changed to a constant string.
2010-08-22 19:36:09 +00:00
nekral-guest
07e462f01f * libmisc/limits.c: Avoid implicit conversion of integer to
boolean.
	* libmisc/basename.c: Avoid implicit conversion of pointer to
	boolean.
	* libmisc/basename.c, lib/prototypes.h (Basename): Return a
	constant string.
	* libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h,
	libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c,
	libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add
	splint annotations.
	* libmisc/chowndir.c: Avoid memory leak.
	* libmisc/chowndir.c: Do not check *printf/*puts return value.
	* libmisc/chowntty.c: Avoid implicit conversion between integer
	types.
	* libmisc/obscure.c: Return a bool when possible instead of int.
	* libmisc/shell.c: Do not check *printf/*puts return value.
	* libmisc/shell.c: Do not check execle return value.
	* libmisc/setupenv.c: Avoid implicit conversion between integer
	types.
	* libmisc/xmalloc.c: size should not be zero to avoid returning
	NULL pointers.
	* libmisc/hushed.c: Do not check *printf/*puts return value.
	* libmisc/system.c: Avoid implicit conversion of integer to
	boolean. safe_system last argument is a boolean.
	* libmisc/system.c: Check return value of dup2.
	* libmisc/system.c: Do not check *printf/*puts return value.
	* libmisc/system.c: Do not check execve return value. 
	* libmisc/salt.c: Do not check *printf/*puts return value.
	* libmisc/loginprompt.c: Do not check gethostname return value.
	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check
	gr_rewind/pw_rewind return value.
	* libmisc/ttytype.c: Limit the number of parsed characters in the
	sscanf format.
	* libmisc/ttytype.c: Test if a type was really read.
	* libmisc/sub.c: Do not check *printf/*puts return value.
	* libmisc/sub.c: Avoid implicit conversion of integer to boolean.
	* src/userdel.c: Fix typo in comment.
	* src/userdel.c: Avoid implicit conversion of boolean to integer.
	* src/userdel.c: safe_system last argument is a boolean.
	* src/newusers.c: Avoid implicit conversion of boolean to integer.
	* src/newusers.c: Avoid implicit conversion of integer to boolean.
	* src/usermod.c: Add brackets.
	* src/usermod.c: Avoid implicit conversion of characters or
	integers to booleans.
	* src/vipw.c: Avoid implicit conversion of integer to boolean.
	* src/su.c: Avoid implicit conversion of integer to boolean.
	* src/su.c: Add brackets.
	* src/useradd.c: Avoid implicit conversion of characters or
	integers to booleans.
2010-08-22 19:13:53 +00:00
nekral-guest
791ebc58dd * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to
copy the extended attributes (the SELinux context is hence reset)
	* src/usermod.c: Copy the extended attributes.
	* src/useradd.c: Only reset the SELinux context.
2010-08-21 17:31:45 +00:00
nekral-guest
16362e289b 2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
* src/useradd.c: spool is a constant string.
	* src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false 

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* src/usermod.c: move_home() is only called if mflg is set.
	* src/usermod.c: Fail is -m is provided but the old home directory
	is not a directory.
	* src/usermod.c: Use the previous improvement of copy_tree to
	provide better error diagnosis.
	* src/usermod.c: When rename() is used, also change the ownership.
	* src/usermod.c: Do not change the ownership of the root directory
	twice.
	* src/usermod.c: When -u is provided, only change the ownership of
	the home directory if it is a directory.
	* src/usermod.c: Also change ownerships when -g is used.

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to
	copy_tree to detect when ownership shall be changed.
	* libmisc/copydir.c: Document the behavior when the IDs are set to
	-1.
	* lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter
	copy_root.
	* libmisc/copydir.c: error() and ctx can be static.
	* libmisc/copydir.c (copy_hardlink): Remove parameter src.

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* libmisc/chowndir.c: Dynamically allocate memory to support
	path longer than 1024 characters.
	* libmisc/chowndir.c: Fix typos in documentation.
	* libmisc/chowndir.c: Support and document the behavior when a old
	or new ID is set to -1.
	* libmisc/chowndir.c: Improved error detection when chown fails.
	* libmisc/chowndir.c: Harmonize error handling strategy when an
	error occurs: stop changing ownership as soon as an error was
	detected.
2010-04-04 20:55:46 +00:00
nekral-guest
052e9105f7 * src/newgrp.c: Limit the scope of variable pid.
* src/login_nopam.c: Limit the scope of variables end, lineno, i,
	str_len.
	* src/logoutd.c: Limit the scope of variable c.
	* src/vipw.c: Re-indent.
	* src/vipw.c: Close the file after the creation of the backup.
	* src/useradd.c (set_default): Close input file on failure.
	* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
	gid, mode.
	* src/passwd.c: Limit the scope of variables last and ok.
	* src/chage.c: Fix typo (non breaking space).
	* src/login.c: Limit the scope of variables erasechar killchar, c,
	failed.
	* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
	* src/id.c: Limit the scope of variable i.
2010-03-23 11:26:34 +00:00
nekral-guest
68b6e6d2be * src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos. 2010-03-19 11:01:32 +00:00
nekral-guest
8e2010a26c * src/useradd.c: When exiting because of a failure, warn if an
home directory created, but cannot be removed.
2010-03-18 18:57:03 +00:00
nekral-guest
0cbbdb32c4 * libmisc/strtoday.c: Add support for numerical dates, assuming
they are already specified in number of days since Epoch. Return
	-2 in case of errors to support the specification of -1.
	* src/usermod.c, src/useradd.c: Adapt to the new error value of
	strtoday().
	* src/chage.c:  Remove isnum(). Adapt to the new error value of
	strtoday(). Support for numerical dates is moved to strtoday().
2010-03-18 11:53:49 +00:00
nekral-guest
a996fac57b * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the
	SHADOWTCB_FAILURE return code instead of 0 or implicit conversion
	to booleans.
2010-03-18 09:21:27 +00:00
nekral-guest
c5fc8dd75d * po/POTFILES.in, lib/tcbfuncs.c: Add more strings for
translation.
	* lib/tcbfuncs.c: Indicate the name of the program in error
	messages. Avoid perror.
	* src/useradd.c: Re-indent.
	* src/useradd.c: Add more strings for translation. Indicate the
	name of the program in error messages.
	* src/userdel.c: Re-indent.
	* src/userdel.c: Add more strings for translation. Indicate the
	name of the program in error messages.
2010-03-16 19:14:54 +00:00
nekral-guest
ad6730687f * src/useradd.c: Re-indent.
* src/useradd.c: Added brackets.
	* src/useradd.c: Avoid implicit conversion of integers to
	booleans.
	* src/useradd.c: Harmonize error messages.
2010-03-11 22:03:45 +00:00
nekral-guest
391a384715 2010-01-30 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
* NEWS: Add support for TCB.
	* lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to
	support TCB.
	* lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean
	parameter remove_root.
	* configure.in: Add conditional WITH_TCB.
	* src/userdel.c, src/usermod.c: Add support for TCB. Update call to
	remove_tree().
	* src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled.
	* src/vipw.c: Add support for TCB. Update call to remove_tree().
	* src/useradd.c: Add support for TCB. Open the shadow file outside
	of open_files().
	* src/chage.c: Add support for TCB.
	* src/Makefile.am: Install passwd sgid shadow when TCB is enabled.
	* lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml,
	man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml,
	man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak,
	man/generate_mans.deps, man/Makefile.am: New configuration
	parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB.
	* lib/shadowio.c, lib/commonio.c: Add support for TCB.
2010-03-04 18:11:13 +00:00
nekral-guest
da18e77e9a * src/useradd.c: The default value for the CREATE_MAIL_SPOOL
variable (i.e. if CREATE_MAIL_SPOOL= is specified without any
	values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL=").
2009-09-08 13:16:58 +00:00
nekral-guest
38e7ec3316 * src/useradd.c: Avoid redefinition of SHELL. Use DSHELL instead.
For consistency, change HOME, INACT, EXPIRE, SKEL, and
	CREATE_MAIL_SPOOL to DHOME, DINACT, DEXPIRE, DSKEL, and
	DCREATE_MAIL_SPOOL.
2009-09-08 13:11:03 +00:00
nekral-guest
8806b07bd2 * src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c,
src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c,
	src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c,
	src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: Use
	booleans for tests.
	* src/userdel.c, src/gpasswd.c, src/groupmems.c, src/usermod.c,
	src/groupmod.c, src/passwd.c: Use a break even after usage().
2009-09-05 22:31:29 +00:00
nekral-guest
91b60a955c * NEWS, src/userdel.c, src/lastlog.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c,
	src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c,
	src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c,
	src/faillog.c, src/chsh.c: If someone uses the -h/--help options,
	the usage should not go to stderr nor should the utility exit with
	non-zero status. All of the shadow utils do just this
	unfortunately, so convert them over to sanity.
	* man/groupmems.8.xml, man/gpasswd.1.xml: Added option -h/--help.
2009-09-04 23:02:33 +00:00
nekral-guest
3d10e75117 * src/useradd.c: Fixed wrong format string.
* lib/gshadow.c: Removed declaration of unused variable.
2009-09-04 22:09:58 +00:00
nekral-guest
d6f18c207e * src/useradd.c, src/groupmod.c, src/groupadd.c, src/faillog.c:
Fix typos. Take this opportunity to split the usage messages into
	smaller messages (one per option).
	* src/pwck.c: Fix typo.
2009-06-05 22:16:56 +00:00
nekral-guest
a96a8861dd Fix compilation warnings. 2009-05-10 18:26:33 +00:00
nekral-guest
750093a3ed * lib/commonio.c: Avoid PATH_MAX. On glibc, we can use realpath
with a NULL argument.
	* src/useradd.c: Replace PATH_MAX by a fixed constant. The buffer
	was not meant as a storage for a path.
	* src/useradd.c, src/newusers.c, src/chpasswd.c: Better detection
	of fgets errors. Lines shall end with a \n, unless we reached the
	end of file.
	* libmisc/copydir.c: Avoid PATH_MAX. Support file paths with any
	length. Added readlink_malloc().
2009-05-10 13:49:03 +00:00
nekral-guest
4e75bb57bb * src/newgrp.c, src/chfn.c, src/groupmems.c, src/usermod.c,
src/userdel.c, src/chpasswd.c, src/grpck.c, src/gpasswd.c,
	src/groupdel.c, src/chgpasswd.c, src/vipw.c, src/useradd.c,
	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
	src/groupadd.c, src/chage.c, src/login.c, src/faillog.c,
	src/sulogin.c, src/chsh.c, src/pwconv.c: Added splint annotations.
	* src/userdel.c, src/pwconv.c, src/lastlog.c, src/grpck.c,
	src/vipw.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/login.c,
	src/sulogin.c, src/usermod.c: Use return instead of exit at the
	end of main().
	* src/gpasswd.c, src/passwd.c, src/faillog.c: Use the exitcodes.h
	exit codes.
	* src/chpasswd.c: Added missing ||.
	* src/nologin.c: Do not include exitcodes.h.
	* src/nologin.c: Added brackets.
	* src/nologin.c: Avoid assignments in comparisons.
2009-04-30 21:39:38 +00:00
nekral-guest
1a87c69854 * src/useradd.c: Check assumptions on snprintf().
* src/useradd.c: Replace peror by an strerror and avoid an
	intermediate buffer.
	* src/useradd.c: Save errno between the failure and the report by
	perror/strerror.
	* src/useradd.c: Prefer xmalloc to malloc.
2009-04-24 23:23:51 +00:00
nekral-guest
4d2bee2e23 * NEWS, src/userdel.c: Fixed SE Linux support. semanage should be
called at the end.
	* src/useradd.c: Always call selinux_update_mapping() (i.e.
	semanage), not only when -Z is used.
2009-04-15 21:14:08 +00:00
nekral-guest
554d4f6b95 * src/usermod.c, src/useraddd.c: Fix the usage string so that it
does not change depending on the configure option. Use a format.
2009-04-11 18:39:56 +00:00
nekral-guest
3fdefd3e40 * src/useradd.c, src/usermod.c: Only call selinux_update_mapping()
if Zflg is set.
2009-04-11 16:47:32 +00:00
nekral-guest
8d136297c4 * NEWS, src/useradd.c, man/useradd.8.xml: add -Z option to map
SELinux user for user's login.
	* NEWS, src/usermod.c, man/usermod.8.xml: Likewise.
	* libmisc/system.c, libmisc/Makefile.am, lib/prototypes.h: Added
	safe_system(). Used to run semanage.
	* lib/prototypes.h, libmisc/copydir.c: Make a
	selinux_file_context() an extern function.
	* libmisc/copydir.c: Reset SELinux to create files with default
	contexts at the end of copy_tree().
	* NEWS, src/userdel.c: Delete the SELinux user mapping for user's
	login.
2009-04-11 15:34:10 +00:00
nekral-guest
2c400eff94 * src/useradd.c (get_defaults): Close the default file after the
default values were read.
2009-04-11 14:55:49 +00:00
nekral-guest
46861e6bd8 Removed declaration of ep. No more used.
Re-indent.
2009-04-10 22:35:32 +00:00
nekral-guest
77459dc27d * src/useradd.c, src/usermod.c, libmisc/getgr_nam_gid.c,
libmisc/Makefile.am, lib/prototypes.h: Moved getgr_nam_gid() from
	src/useradd.c and src/usermod.c to libmisc/getgr_nam_gid.c.
2009-04-10 22:34:10 +00:00
nekral-guest
ffd3e43ad8 * src/useradd.c: Get rid of strtol.
* src/useradd.c: Provide better warning in case a default GROUP or
	INACTIVE value is not valid in /etc/default/useradd.
2009-04-10 22:34:04 +00:00
nekral-guest
95bc6eb7b2 * src/useradd.c: Re-indent. 2009-04-10 22:33:57 +00:00
nekral-guest
06c81b67c2 * src/useradd.c: Use getlong instead of get_number. 2009-04-10 22:33:50 +00:00
nekral-guest
a1cac18ac3 * src/useradd.c: Set errno to 0 before calling strtol. 2009-04-05 22:02:50 +00:00
nekral-guest
b23443630c * libmisc/pwd2spwd.c, src/chpasswd.c, src/newusers.c,
src/passwd.c, src/pwck.c, src/pwconv.c, src/useradd.c,
	src/usermod.c: On Jan 01, 1970, do not set the sp_lstchg field to
	0 (which means that the password shall be changed during the next
	login), but use -1 (password aging disabled).
	* src/passwd.c: Do not check sp_min if sp_lstchg is null or -1.
2009-04-05 21:23:27 +00:00
nekral-guest
96c7b12bc4 * src/useradd.c: Likewise for the default file, faillog, lastlog,
and mail spool.
2009-03-21 19:18:06 +00:00
nekral-guest
fafe281d31 * src/useradd.c, man/useradd.8.xml: Added long name for the -l
option: --no-log-init.
2009-03-13 22:30:38 +00:00
nekral-guest
1dc04372df Compile fixes. Fixes warnings. 2009-03-08 23:30:25 +00:00
nekral-guest
28d7f83c87 * NEWS, src/newusers.c, src/usermod.c, src/useradd.c,
src/groupmod.c, src/groupadd.c: Make sure no user or group are
	created with an ID set to -1.
2009-03-08 20:43:15 +00:00
nekral-guest
f3df48ab4f * src/useradd.c: Added missing declaration of Mflg.
* src/pwck.c: Only unlock files if they were locked before (e.g.
	not in read-only mode).
	* src/pwck.c: Quote the username in error messages (harmonization
	with other messages).
	* libmisc/find_new_gid.c: Fixed typo (s/grp->gr_gid/group_id/).
	* libmisc/find_new_gid.c: Likewise.
2008-09-14 13:42:10 +00:00
nekral-guest
b18d46e68d * NEWS, etc/login.defs: New CREATE_HOME variable to tell useradd
to create a home directory for new users.
	* src/useradd.c, man/useradd.8.xml: New -M/--no-create-home option
	and CREATE_HOME usage. System accounts are not impacted by
	CREATE_HOME.
	* man/useradd.8.xml: Indicate that a new group is created by
	default.
	* src/useradd.c: Removed TODO item (moved to the TODO file).
2008-09-13 11:55:41 +00:00
nekral-guest
bab84a13ff Additional PAM cleanup:
* src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
	src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
	src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
	src/chsh.c: If the username cannot be determined, report it as
	such (not a PAM authentication failure).
2008-09-06 23:46:44 +00:00
nekral-guest
f8aef607ae * configure.in: Added option --enable-account-tools-setuid to
enable/disable the usage of PAM to authenticate the callers of
	account management tools: chage, chgpasswd, chpasswd, groupadd,
	groupdel, groupmod, useradd, userdel, usermod.
	* src/Makefile.am: Do not link the above tools with libpam if
	account-tools-setuid is disabled.
	* src/userdel.c, src/newusers.c, src/chpasswd.c, src/usermod.c,
	src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/groupmod.c,
	src/groupadd.c, src/chage.c: Implement ACCT_TOOLS_SETUID
	(--enable-account-tools-setuid).
	* etc/pam.d/Makefile.am: Install the pam service file for the
	above tools only when needed.
	* src/useradd.c, src/userdel.c, src/usermod.c: It is no more
	needed to initialize retval to PAM_SUCCESS.
2008-09-06 21:35:37 +00:00
nekral-guest
18fc4505d3 * src/userdel.c, src/newusers.c, src/chpasswd.c, src/chfn.c,
src/groupmems.c, src/usermod.c, src/groupdel.c, src/chgpasswd.c,
	src/useradd.c, src/groupmod.c, src/groupadd.c, src/chage.c,
	src/chsh.c: Simplify the PAM error handling. Do not keep the pamh
	handle, but terminate the PAM transaction as soon as possible if
	there are no PAM session opened.
2008-09-06 13:28:02 +00:00
nekral-guest
ee4e367ea8 * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
	src/groupadd.c, src/chage.c, src/login.c, src/grpconv.c,
	src/groups.c, src/grpunconv.c, src/chsh.c: Prog is now global (not
	static to the file) so that it can be used by the helper functions
	of libmisc.
	* lib/prototypes.h: Added extern char *Prog.
	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Indicate the
	program name with the warning.
2008-09-06 12:51:53 +00:00
nekral-guest
e3ebd2c736 * src/useradd.c: Fix comment of lflg: it is also used for faillog. 2008-09-04 20:46:00 +00:00
nekral-guest
a21809cdae * lib/prototypes.h, libmisc/audit_help.c: Define new type
shadow_audit_result for the result argument of audit_logger().
	This permits stronger type checking and a better readability of
	the results (SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS constants).
	* src/groupadd.c, src/groupdel.c, src/useradd.c, src/userdel.c:
	Use the SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS results instead
	of 0 or 1 in audit_logger().
2008-09-04 19:35:48 +00:00
nekral-guest
f3c7ca59c5 * src/useradd.c: Log errors to syslog in grp_update() since
changes have started to be reported to syslog.
	* src/userdel.c: Fix some result parameters sent to
	audit_logger().

	* NEWS: Following changes from a patch contributed by Steve Grubb
	<sgrubb@redhat.com>
	* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
	of AUDIT_USER_CHAUTHTOK.
	* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead 
	of AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
	AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
	AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Add missing logs to audit.
	* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
	AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
	* src/userdel.c: Add missing logs to audit.
2008-09-03 21:02:32 +00:00
nekral-guest
aa2fee4969 * src/useradd.c: Harmonize some error messages.
* src/userdel.c: Add log to syslog when the mail file could not be
	removed.
	* src/userdel.c: Give more context an error message (merge with
	perror()).
	* src/usermod.c: Harmonize some error messages.
2008-08-30 18:27:59 +00:00
nekral-guest
d7b55ce2bb * src/groupmems.c: Check the return value of gr_update().
* src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
	src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupmems.c,
	src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
	src/passwd.c, src/pwck.c, src/pwconv.c, src/pwunconv.c,
	src/useradd.c, src/userdel.c, src/usermod.c: Harmonize the error
	message sent to stderr in case of *_update () failure.
	* src/chage.c, src/chsh.c, src/groupadd.c, src/passwd.c: Do not
	log to syslog when pw_update() or spw_update() fail.
	* src/newusers.c: Do not log specific error message to stderr when
	sgr_update() fails.
	* src/pwconv.c: Remove duplicated definition of Prog.
2008-08-30 18:27:34 +00:00
nekral-guest
a3be8ff055 * src/chfn.c: Do not exit on pw_unlock failures.
* src/grpconv.c, src/grpunconv.c, src/pwconv.c, src/pwunconv.c,
	src/vipw.c: Open syslog with the right identification name.
	* src/vipw.c: Log unlock errors to syslog.
	* src/vipw.c: Log edits to syslog.
	* src/chage.c, src/chfn.c, src/chsh.c, src/gpasswd.c,
	src/groupadd.c, src/groupdel.c, src/groupmod.c, src/grpconv.c,
	src/grpunconv.c, src/passwd.c, src/pwck.c, src/pwunconv.c,
	src/useradd.c, src/usermod.c: Harmonize the syslog levels. Failure
	to close or unlock are errors. Failure to open files are warnings.
2008-08-22 02:30:33 +00:00
nekral-guest
82779cd336 * src/chfn.c, src/chgpasswd.c, src/chpasswd.c, src/gpasswd.c,
src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c,
	src/grpconv.c, src/grpunconv.c, src/newusers.c, src/pwconv.c,
	src/pwunconv.c, src/useradd.c, src/userdel.c: Harmonize the name
	of the variables keeping the lock status, to match the shadow
	library prefixes.
2008-08-22 02:22:34 +00:00
nekral-guest
82ed690817 * src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c,
src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
	src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
	src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c,
	src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c: In
	case of a lock failure, indicate to the user that she can try
	again later. Do not log to syslog.
2008-08-22 02:20:53 +00:00
nekral-guest
7fc596fb8a * lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h,
lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
	Added *_dbname() functions to retrieve the name of the databases.
	* lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h,
	lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
	*_name() functions renamed *setname().
	* src/grpck.c, src/pwck.c: Likewise.
	* lib/groupio.h, lib/pwio.h, lib/sgroupio.h, lib/shadowio.h: Added
	the name of the arguments to the prototypes.
	* src/chage, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
	src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
	src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
	src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c,
	src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c:
	Harmonize the erro & syslog messages in case of failure of the
	*_lock(), *_open(), *_close(), *_unlock(), *_remove() functions.
	* src/chgpasswd.c, src/chpasswd.c, src/usermod.c: Avoid
	capitalized messages.
	* src/chpasswd.c, src/useradd.c, src/usermod.c: Harmonize messages
	in case of inexistent entries.
	* src/usermod.c:  Harmonize messages in case of already existing
	entries.
	* src/newusers.c, src/useradd.c: Simplify PAM error handling.
	* src/useradd.c: Report failures to unlock files (stderr, syslog,
	and audit). But do not fail (continue).
	* src/useradd.c (open_files): Do not report to syslog & audit
	failures to lock or open the databases. This might be harmless,
	and the logs were not already informed that a change was
	requested.
	* src/usermod.c: It's not the account which is unlocked, but its
	password.
2008-08-06 15:57:31 +00:00
nekral-guest
538600ef48 * src/chfn.c, src/chsh.c, src/groupdel.c, src/groupmems.c,
src/groupmod.c, src/grpck.c, src/login.c, src/logoutd.c,
	src/newgrp.c, src/newusers.c, src/passwd.c, src/pwck.c,
	src/suauth.c, src/useradd.c, src/userdel.c, src/usermod.c,
	src/vipw.c: Complete the switch from the `' quotation style to ''.
	Do it also in SYSLOG messages. Quote some parameters. All this
	permits to merge some messages.
2008-08-06 15:51:52 +00:00
nekral-guest
eb18ee624f Re-indent. 2008-06-17 22:00:36 +00:00
nekral-guest
ca032792bd * src/useradd.c: If the faillog file exist, warn in case of
failure when open(), lssek(), write() or close() fails when the
	new user's faillog entry is reset.
	* src/useradd.c: Ditto for the lastlog entry.
2008-06-15 22:25:51 +00:00
nekral-guest
936bd6a191 * src/useradd.c: The ID argument of audit_logger is an unsigned
int. Use AUDIT_NO_ID instead of -1.
	* src/useradd.c: Cast the parsed GID/UID to a gid_t/uid_t.
	* src/useradd.c: The size argument of fgets is an int, not a
	size_t.
	* src/useradd.c: Cast number of days to a long integer.
	* src/useradd.c: Use SHADOW_SP_FLAG_UNSET for the initial
	value of spent.sp_flag.
	* src/useradd.c: Use a %lu format and cast group and user IDs to
	unsigned long integers.
2008-06-13 21:06:04 +00:00
nekral-guest
63f0e5e2c0 * src/useradd.c: Use a bool when possible instead of int integers.
* src/useradd.c: Avoid implicit conversion of pointers / integers
	/ chars to booleans.
	* src/useradd.c: Add brackets and parenthesis.
	* src/useradd.c: Avoid assignments in comparisons.
	* src/useradd.c: Ignore the return value of fclose() for read-only
	files.
	* src/useradd.c: Ignore the return value of fflush() before
	closing the files.
	* src/useradd.c: Avoid multi-statements lines.
	* src/useradd.c: Ignore return value of setlocale(),
	bindtextdomain(), and textdomain().
	* src/useradd.c: Ignore the return value of pam_end() before
	exiting.
2008-06-09 22:08:08 +00:00
nekral-guest
623d9e2ab3 * libmisc/chkname.h, libmisc/chkname.c: check_group_name (resp.
check_user_name) renamed to is_valid_user_name (resp.
	is_valid_group_name). is_valid_user_name and is_valid_group_name
	return a bool.
	* src/grpck.c, src/newusers.c, src/usermod.c, src/useradd.c,
	src/groupmod.c, src/pwck.c, src/groupadd.c: Use is_valid_user_name
	and is_valid_group_name, following above change.
	* libmisc/chkname.c: Avoid implicit conversion of chars to
	booleans. Add brackets and parenthesis.
2008-05-25 20:58:16 +00:00
nekral-guest
537496c019 Fix formatting. 2008-05-19 20:31:48 +00:00
nekral-guest
c7302b61ef Make sure every source files are distributed with a copyright and license.
Files with no license use the default 3-clauses BSD license. The copyright
were mostly not recorded; they were updated according to the Changelog.
"Julianne Frances Haugh and contributors" changed to "copyright holders
and contributors".
2008-04-27 00:40:09 +00:00
nekral-guest
1b808e62df Make sure the passwd, group, shadow, and gshadow files are unlocked on
exit. Unlock locked files in fail_exit(). Prefer fail_exit() over exit().
2008-03-08 22:44:53 +00:00
nekral-guest
93e2f66a60 * NEWS, src/useradd.c, man/useradd.8.xml: Added options
-user-group (-U, Uflg) and --no-user-group (-N, Nflg) to replace
  nflg.
* man/login.defs.d/USERGROUPS_ENAB.xml: useradd now also uses
  USERGROUPS_ENAB.
2008-02-25 21:03:46 +00:00
nekral-guest
18c914f086 Added new option -r, --system for system accounts in useradd, groupadd,
and newusers.
2008-02-19 21:01:38 +00:00
nekral-guest
04190741e7 Use the find_new_uid() and find_new_gid() from the library instead of the
local functions.
2008-02-03 16:56:23 +00:00
nekral-guest
3755086645 Fix comment. find_new_fid is no more called is the user specified a group
ID.
2008-01-27 14:31:23 +00:00
nekral-guest
8c229ea473 Re-indent. 2008-01-24 20:54:42 +00:00
nekral-guest
3dd5866244 Replace printf by puts for fixed strings. This would avoid issues caused
by formats introduced in translated strings.
2008-01-24 20:42:12 +00:00
nekral-guest
926aeec06a Apply Christian's recommendation:
s/can't get unique/no more available/
2008-01-23 22:31:38 +00:00
nekral-guest
53561134a9 * s/gid/GID/ in message string.
* Set this string for translation.
2008-01-22 22:57:55 +00:00
nekral-guest
b082ebead2 * NEWS, src/useradd.c: Fix the handling of the --defaults option
(it required an argument, but should behave as -D)
* NEWS, man/useradd.8.xml: Document the --defaults option, which
  was already described in the useradd's Usage information.
2008-01-12 21:09:46 +00:00
nekral-guest
93177a5615 Assume optarg and optind are declared in <getopt.h>. 2008-01-06 12:52:23 +00:00
nekral-guest
ff49a02023 Fix find_new_gid() prototype. Add a void parameter. 2008-01-05 17:23:46 +00:00
nekral-guest
d0de685c7a Avoid ?: construct without the middle term. 2008-01-01 14:34:07 +00:00
nekral-guest
3935d32676 Mention RedHat's patches for previous commits.
Merge RedHat's patch shadow-4.0.18.1-findNewUidOnce.patch:
	* src/useradd.c (usr_update): Do not call find_new_uid(). The UID was
	already either specified or found by another call to find_new_uid().
	* src/useradd.c (find_new_uid): Always start with uid_min (find_new_uid()
	is never called when user_id was already specified).
	* src/useradd.c (find_new_uid): Fix the comments (find_new_uid() is not
	called when the UID is specified (uflg)).
	* src/useradd.c (main): Only call find_new_uid() if (!oflg) and (!uflg).
	If uflg is set (but not oflg), check the UID uniqueness.
	* src/useradd.c (find_new_uid): Don't check the uid and user name
	uniqueness in find_new_uid(). The user name uniqueness is already checked
	during the parameter validation. UID uniqueness is also checked (see
	above).
	* src/useradd.c (find_new_uid): Don't check uflg in find_new_uid().
	* src/useradd.c (find_new_uid): Make sure that find_new_uid() is not
	called when uflg is set (assert).

Cleanups in find_new_gid:
	* src/useradd.c (find_new_gid): Check that gflg is not set (assert).
	* src/useradd.c (find_new_gid): Do not check the group name uniqueness
	(already checked in main).
	* src/useradd.c (find_new_gid): Avoid a "continue" in the loop.
	* src/useradd.c (find_new_gid): Remove irrelevant comments.
	* src/useradd.c (find_new_gid): Fix the function definition's comment.
2007-12-26 13:18:27 +00:00
nekral-guest
c57e8983ff Add option -l to avoid adding the user to the lastlog and faillog databases
Fix the release numbers for the current NEWS entries.
2007-12-26 10:15:20 +00:00
nekral-guest
20dfe6ba98 NO_GETPWENT is no more supported. Remove associated chunks of code. 2007-12-26 09:28:02 +00:00
nekral-guest
6831c45533 Do not use tabulations in Usage strings. 2007-11-24 22:41:24 +00:00
nekral-guest
9adfc136b6 * lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
  libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
  Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
  xgetgrgid(), and xgetspnam(). They allocate memory for the
  returned structure and are more robust to successive calls. They
  are implemented with the libc's getxxyyy_r() functions if
  available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
  libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
  libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
  src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
  src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
  src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
  src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
  src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
  src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
  usage of one of the getpwnam(), getpwuid(), getgrnam(),
  getgrgid(), and getspnam() functions. It was noticed on
  http://bugs.debian.org/341230 that chfn and chsh use a passwd
  structure after calling a pam function, which result in using
  information from the passwd structure requested by pam, not the
  original one. It is much easier to use the new xget... functions
  to avoid these issues. I've checked which call to the original
  get... functions could be left (reducing the scope of the
  structure if possible), and I've left comments to ease future
  reviews (e.g. /* local, no need for xgetpwnam */).
  Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
  lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
  functions (used by the xget... functions) from the <xx>io.c files
  to the new <xx>mem.c files. This avoid linking some utils against
  the SELinux library.
2007-11-18 23:15:26 +00:00
nekral-guest
311f4baa27 Do not document the behavior compared to old versions. 2007-11-17 23:11:02 +00:00
nekral-guest
e39a941413 Allow the -b option even without the -D option. 2007-11-17 15:07:59 +00:00
nekral-guest
9afe59af3e Inform the user if out of memory while updating a group database. 2007-11-16 23:39:42 +00:00
nekral-guest
b370e1502e It is no more needed to check that the user's groups are specified only
once in the group file. This is checked by gr_update().
2007-11-16 23:05:24 +00:00
nekral-guest
690f7aee2e Indentation fix. 2007-11-16 10:50:38 +00:00
nekral-guest
b2120265fd Added the subversion svn:keywords property (Id) for proper identification. 2007-11-10 23:46:11 +00:00
nekral-guest
6a051e1544 Allow non numerical group identifier to be specified with useradd's -g
option. Applied Debian patch 397_non_numerical_identifier. Thanks also to
Greg Schafer <gschafer@zip.com.au>.
2007-11-10 15:51:38 +00:00
nekral-guest
79bf2081fe Commit the last version from the PLD CVS repository.
(last changelog entry: 2007-02-01)
This also adds the files which were present in the CVS repository, but not
present in the shadow archives.
2007-10-07 14:36:51 +00:00
nekral-guest
5e20c4359f [svn-upgrade] Integrating new upstream version, shadow (4.0.18) 2007-10-07 11:47:57 +00:00
nekral-guest
8a78a8d68c [svn-upgrade] Integrating new upstream version, shadow (4.0.17) 2007-10-07 11:47:45 +00:00
nekral-guest
0fa9083026 [svn-upgrade] Integrating new upstream version, shadow (4.0.16) 2007-10-07 11:47:33 +00:00
nekral-guest
591830e43b [svn-upgrade] Integrating new upstream version, shadow (4.0.15) 2007-10-07 11:47:22 +00:00
nekral-guest
24178ad677 [svn-upgrade] Integrating new upstream version, shadow (4.0.14) 2007-10-07 11:47:11 +00:00
nekral-guest
8451bed8b0 [svn-upgrade] Integrating new upstream version, shadow (4.0.13) 2007-10-07 11:47:01 +00:00
nekral-guest
e89f3546f2 [svn-upgrade] Integrating new upstream version, shadow (4.0.12) 2007-10-07 11:46:52 +00:00
nekral-guest
b48129fcbb [svn-upgrade] Integrating new upstream version, shadow (4.0.11) 2007-10-07 11:46:34 +00:00
nekral-guest
8c50e06102 [svn-upgrade] Integrating new upstream version, shadow (4.0.10) 2007-10-07 11:46:25 +00:00
nekral-guest
8e167d28af [svn-upgrade] Integrating new upstream version, shadow (4.0.8) 2007-10-07 11:46:07 +00:00
nekral-guest
164b557066 [svn-upgrade] Integrating new upstream version, shadow (4.0.6) 2007-10-07 11:45:49 +00:00
nekral-guest
b0e078d9c8 [svn-upgrade] Integrating new upstream version, shadow (4.0.5) 2007-10-07 11:45:40 +00:00
nekral-guest
effd479bff [svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00
nekral-guest
37dc61340b [svn-upgrade] Integrating new upstream version, shadow (4.0.2) 2007-10-07 11:45:07 +00:00
nekral-guest
9db6abfa42 [svn-upgrade] Integrating new upstream version, shadow (4.0.1) 2007-10-07 11:44:59 +00:00
nekral-guest
3bc4996775 [svn-upgrade] Integrating new upstream version, shadow (4.0.0) 2007-10-07 11:44:51 +00:00
nekral-guest
4e3fe42600 [svn-upgrade] Integrating new upstream version, shadow (20001012) 2007-10-07 11:44:38 +00:00
nekral-guest
d6e9891ad7 [svn-upgrade] Integrating new upstream version, shadow (20000902) 2007-10-07 11:44:32 +00:00
nekral-guest
be1f391d2a [svn-upgrade] Integrating new upstream version, shadow (20000826) 2007-10-07 11:44:26 +00:00
nekral-guest
5cd76a407a [svn-upgrade] Integrating new upstream version, shadow (20000902) 2007-10-07 11:44:20 +00:00
nekral-guest
efd7efa9f1 [svn-upgrade] Integrating new upstream version, shadow (20000826) 2007-10-07 11:44:14 +00:00
nekral-guest
45c6603cc8 [svn-upgrade] Integrating new upstream version, shadow (19990709) 2007-10-07 11:44:02 +00:00