emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
a8a921184f
shadow/src
History
Christian Göttsche cbd2472b7c migrate to new SELinux api 
Using hard-coded access vector ids is deprecated and can lead to issues with custom SELinux policies.
Switch to `selinux_check_access()`.

Also use the libselinux log callback and log if available to audit.
This makes it easier for users to catch SELinux denials.

Drop legacy shortcut logic for passwd, which avoided a SELinux check if uid 0 changes a password of a user which username equals the current SELinux user identifier.
Nowadays usernames rarely match SELinux user identifiers and the benefit of skipping a SELinux check is negligible.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
2019-10-22 14:56:31 +02:00
..
.gitignore Ignore generated newgidmap and newuidmap 2013-08-11 14:48:39 +02:00
.indent.pro [svn-upgrade] Integrating new upstream version, shadow (4.0.8) 2007-10-07 11:46:07 +00:00
chage.c migrate to new SELinux api 2019-10-22 14:56:31 +02:00
chfn.c migrate to new SELinux api 2019-10-22 14:56:31 +02:00
chgpasswd.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
chpasswd.c Fix chpasswd long line handling 2019-04-10 07:56:59 +10:00
chsh.c migrate to new SELinux api 2019-10-22 14:56:31 +02:00
expiry.c Fixed signal races in shadow tools. 2016-07-02 18:11:09 +02:00
faillog.c * src/faillog.c: The fail_max field is a short, use a short also 2011-11-19 21:44:34 +00:00
gpasswd.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
groupadd.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
groupdel.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
groupmems.c spelling: remove 2017-10-22 21:12:29 +00:00
groupmod.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
groups.c * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c, 2010-08-22 19:36:09 +00:00
grpck.c Do not flush nscd and sssd cache in read-only mode 2019-02-27 17:40:04 +01:00
grpconv.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
grpunconv.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
id.c * src/newgrp.c: Limit the scope of variable pid. 2010-03-23 11:26:34 +00:00
lastlog.c login.defs: Add LASTLOG_UID_MAX variable to limit lastlog to small uids. 2018-12-10 13:25:56 -06:00
login_nopam.c * src/newgrp.c: Limit the scope of variable pid. 2010-03-23 11:26:34 +00:00
login.c login.defs: Add LASTLOG_UID_MAX variable to limit lastlog to small uids. 2018-12-10 13:25:56 -06:00
logoutd.c * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c, 2010-08-22 19:36:09 +00:00
Makefile.am migrate to new SELinux api 2019-10-22 14:56:31 +02:00
newgidmap.c remove unused variables 2019-10-12 20:03:32 -05:00
newgrp.c spelling: logout 2017-10-22 20:28:57 +00:00
newuidmap.c remove unused variables 2019-10-12 20:03:32 -05:00
newusers.c chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards 2019-10-04 18:40:41 -05:00
nologin.c Log UID in nologin 2018-08-13 16:46:04 +08:00
passwd.c migrate to new SELinux api 2019-10-22 14:56:31 +02:00
pwck.c Merge pull request #177 from edneville/conflicts_between_system_users_useradd_and_pwck 2019-10-05 22:08:08 -05:00
pwconv.c Make the sp_lstchg shadow field reproducible (re. #71) 2019-03-31 16:00:01 +01:00
pwunconv.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00
su.c su.c: run pam_getenvlist() after setup_env 2018-06-25 16:00:21 +02:00
suauth.c spelling: unrecognized 2017-10-22 21:30:30 +00:00
sulogin.c Fixed signal races in shadow tools. 2016-07-02 18:11:09 +02:00
useradd.c Merge pull request #176 from edneville/force_bad_name 2019-10-04 16:41:39 -07:00
userdel.c compile warnings: Zflg unused when !selinux 2019-10-12 20:03:51 -05:00
usermod.c chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards 2019-10-04 18:40:41 -05:00
vipw.c Flush sssd caches in addition to nscd caches 2018-09-13 14:20:02 +02:00