emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

[svn-upgrade] Integrating new upstream version, shadow (4.0.0)

Browse Source
This commit is contained in:
nekral-guest
2007-10-07 11:44:51 +00:00
parent 8fee8c57ae
commit 3bc4996775
260 changed files with 36835 additions and 18839 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
src/Makefile.am
View File

@@ -1,18 +1,14 @@
AUTOMAKE_OPTIONS = 1.0 foreign
EXTRA_DOST = .indent.pro
# Watch out; note the difference between prefix & exec_prefix.
# Normally configure sets exec_prefix to root when prefix is /usr.
bindir = ${exec_prefix}/bin
sbindir = ${exec_prefix}/sbin
ubindir = ${prefix}/bin
usbindir = ${prefix}/sbin
localedir = $(datadir)/locale
noinst_HEADERS = patchlevel.h
DEFS = -D_HAVE_CONFIG_H -DLOCALEDIR=\"$(datadir)/locale\"
DEFS = -DLOCALEDIR=\"$(localedir)\" -I. -I$(srcdir) -I.. @DEFS@
INCLUDES = -I${top_srcdir} \
-I${top_srcdir}/lib \
-I$(top_srcdir)/libmisc
# XXX why are login and su in /bin anyway (other than for
# historical reasons)?
@@ -25,23 +21,38 @@ DEFS = -DLOCALEDIR=\"$(localedir)\" -I. -I$(srcdir) -I.. @DEFS@
# and installation would be much simpler (just two directories,
# $prefix/bin and $prefix/sbin, no install-data hacks...)
bin_PROGRAMS = login su
bin_PROGRAMS = groups login su
ubin_PROGRAMS = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
usbin_PROGRAMS = chpasswd dpasswd groupadd groupdel groupmod \
logoutd mkpasswd newusers useradd userdel usermod grpck \
pwck vipw grpconv grpunconv pwconv pwunconv
EXTRA_DIST = shadowconfig.sh
noinst_PROGRAMS = id sulogin
# id and groups are from gnu, sulogin from sysvinit,
# also suid programs are installed by hand.
# XXX installation by hand breaks libtool shared lib support
# (the wrapper scripts get installed instead of binaries),
# so we now chmod the programs by hand after normal installation.
suidbins = su
suidubins = chage chfn chsh expiry gpasswd newgrp passwd
LDADD = $(top_builddir)/libmisc/libmisc.la \
$(top_builddir)/lib/libshadow.la
chpasswd_LDADD = $(LDADD) $(LIBPAM)
chage_LDADD = $(LDADD) $(LIBPAM)
chfn_LDADD = $(LDADD) $(LIBPAM)
chsh_LDADD = $(LDADD) $(LIBPAM)
groupadd_LDADD = $(LDADD) $(LIBPAM)
groupdel_LDADD = $(LDADD) $(LIBPAM)
groupmod_LDADD = $(LDADD) $(LIBPAM)
login_LDADD = $(LDADD) $(LIBPAM)
newusers_LDADD = $(LDADD) $(LIBPAM)
passwd_LDADD = $(LDADD) $(LIBPAM) $(LIBCRACK)
su_LDADD = $(LDADD) $(LIBPAM)
useradd_LDADD = $(LDADD) $(LIBPAM)
userdel_LDADD = $(LDADD) $(LIBPAM)
usermod_LDADD = $(LDADD) $(LIBPAM)
install-exec-hook:
for i in $(suidbins); do \
chmod 4755 $(DESTDIR)$(bindir)/$$i; \
@@ -53,43 +64,3 @@ install-data-hook:
done
rm -f $(DESTDIR)$(ubindir)/sg
ln -s newgrp $(DESTDIR)$(ubindir)/sg
noinst_PROGRAMS = groups id sulogin
#install-exec-local:
# $(mkinstalldirs) $(bindir)
# for i in $(suidbins); do \
# $(INSTALL) -m 4755 $$i $(bindir); \
# done
# $(mkinstalldirs) $(ubindir)
# for i in $(suidubins); do \
# $(INSTALL) -m 4755 $$i $(ubindir); \
# done
# rm -f $(bindir)/sg
# ln -s $(ubindir)/newgrp $(bindir)/sg
#
#noinst_PROGRAMS = id groups \
# su \
# chage chfn chsh expiry gpasswd newgrp passwd \
# sulogin
shlibs = ../lib/libshadow.la
# With glibc2, almost all programs need libcrypt for some reason,
# even those that don't actually use crypt().
LDADD = ${shlibs} ../libmisc/libmisc.a ../lib/libshadow.a @INTLLIBS@ @LIBCRYPT@ @LIBTCFS@ @LIBSKEY@ @LIBMD@
INCLUDES = -I${top_srcdir}/lib -I$(top_srcdir)/libmisc
chfn_LDADD = $(LDADD) @LIBPAM@
chsh_LDADD = $(LDADD) @LIBPAM@
login_LDADD = $(LDADD) @LIBPAM@
passwd_LDADD = $(LDADD) @LIBCRACK@ @LIBPAM@
su_LDADD = $(LDADD) @LIBPAM@
chage_LDADD = $(LDADD) @LIBPAM@
chpasswd_LDADD = $(LDADD) @LIBPAM@
groupadd_LDADD = $(LDADD) @LIBPAM@
groupdel_LDADD = $(LDADD) @LIBPAM@
groupmod_LDADD = $(LDADD) @LIBPAM@
newusers_LDADD = $(LDADD) @LIBPAM@
useradd_LDADD = $(LDADD) @LIBPAM@
userdel_LDADD = $(LDADD) @LIBPAM@
usermod_LDADD = $(LDADD) @LIBPAM@

1188
src/Makefile.in
View File

File diff suppressed because it is too large Load Diff

15
src/chpasswd.c
View File

@@ -25,25 +25,12 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* chpasswd - update passwords in batch
*
* chpasswd reads standard input for a list of colon separated
* user names and new passwords. the appropriate password
* files are updated to reflect the changes. because the
* changes are made in a batch fashion, the user must run
* the mkpasswd command after this command terminates since
* no password updates occur until the very end.
*
* 1997/07/29: Modified to take "-e" argument which specifies that
* the passwords have already been encrypted.
* -- Jay Soffian <jay@lw.net>
*/
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: chpasswd.c,v 1.12 2000/10/09 19:02:20 kloczek Exp $")
RCSID(PKG_VER "$Id: chpasswd.c,v 1.13 2001/01/25 10:36:07 kloczek Exp $")
#include <stdio.h>
#include "prototypes.h"

11
src/groups.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: groups.c,v 1.6 2000/08/26 18:27:18 marekm Exp $")
RCSID(PKG_VER "$Id: groups.c,v 1.7 2001/09/01 04:19:16 kloczek Exp $")
#include <stdio.h>
#include <pwd.h>
@@ -89,9 +89,10 @@ print_groups(const char *member)
int
main(int argc, char **argv)
{
long sys_ngroups;
#ifdef HAVE_GETGROUPS
int ngroups;
GETGROUPS_T groups[NGROUPS_MAX];
GETGROUPS_T *groups;
int pri_grp;
int i;
struct group *gr;
@@ -100,6 +101,10 @@ main(int argc, char **argv)
char *getlogin();
#endif
sys_ngroups=sysconf(_SC_NGROUPS_MAX);
#ifdef HAVE_GETGROUPS
groups=malloc(sys_ngroups*sizeof(GETGROUPS_T));
#endif
setlocale(LC_ALL, "");
bindtextdomain(PACKAGE, LOCALEDIR);
textdomain(PACKAGE);
@@ -118,7 +123,7 @@ main(int argc, char **argv)
* currently set for this process.
*/
ngroups = getgroups(NGROUPS_MAX, groups);
ngroups = getgroups(sys_ngroups, groups);
if (ngroups < 0) {
perror("getgroups");
exit(1);

28
src/grpck.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: grpck.c,v 1.14 2000/09/02 18:40:44 marekm Exp $")
RCSID(PKG_VER "$Id: grpck.c,v 1.16 2001/08/18 09:28:16 malekith Exp $")
#include <stdio.h>
#include <fcntl.h>
@@ -95,9 +95,9 @@ static void
usage(void)
{
#ifdef SHADOWGRP
fprintf(stderr, _("Usage: %s [ -r ] [ group [ gshadow ] ]\n"), Prog);
fprintf(stderr, _("Usage: %s [ -sr ] [ group [ gshadow ] ]\n"), Prog);
#else
fprintf(stderr, _("Usage: %s [ -r ] [ group ]\n"), Prog);
fprintf(stderr, _("Usage: %s [ -sr ] [ group ]\n"), Prog);
#endif
exit(E_USAGE);
}
@@ -161,6 +161,7 @@ main(int argc, char **argv)
int i;
struct commonio_entry *gre, *tgre;
struct group *grp;
int sort_mode = 0;
#ifdef SHADOWGRP
struct commonio_entry *sge, *tsge;
struct sgrp *sgr;
@@ -183,7 +184,7 @@ main(int argc, char **argv)
* Parse the command line arguments
*/
while ((arg = getopt(argc, argv, "qr")) != EOF) {
while ((arg = getopt(argc, argv, "qrs")) != EOF) {
switch (arg) {
case 'q':
/* quiet - ignored for now */
@@ -191,11 +192,20 @@ main(int argc, char **argv)
case 'r':
read_only = 1;
break;
case 's':
sort_mode = 1;
break;
default:
usage();
}
}
if (sort_mode && read_only) {
fprintf(stderr, _("%s: -s and -r are incompatibile\n"),
Prog);
exit(E_USAGE);
}
/*
* Make certain we have the right number of arguments
*/
@@ -270,6 +280,15 @@ main(int argc, char **argv)
}
#endif
if (sort_mode) {
gr_sort();
#ifdef SHADOWGRP
if (is_shadow)
sgr_sort();
#endif
goto write_and_bye;
}
/*
* Loop through the entire group file.
*/
@@ -606,6 +625,7 @@ shadow_done:
*/
if (deleted) {
write_and_bye:
if (!gr_close()) {
fprintf(stderr, _("%s: cannot update file %s\n"),
Prog, grp_file);

16
src/id.c
View File

@@ -38,7 +38,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: id.c,v 1.6 2000/08/26 18:27:18 marekm Exp $")
RCSID(PKG_VER "$Id: id.c,v 1.7 2001/09/01 04:19:16 kloczek Exp $")
#include <sys/types.h>
#include <stdio.h>
@@ -67,6 +67,7 @@ main(int argc, char **argv)
uid_t ruid, euid;
gid_t rgid, egid;
int i;
long sys_ngroups;
/*
* This block of declarations is particularly strained because of several
* different ways of doing concurrent groups. Old BSD systems used int
@@ -75,7 +76,7 @@ main(int argc, char **argv)
* usually about 16 or 32. Others use bigger values.
*/
#ifdef HAVE_GETGROUPS
GETGROUPS_T groups[NGROUPS_MAX];
GETGROUPS_T *groups;
int ngroups;
int aflg = 0;
#endif
@@ -86,7 +87,15 @@ main(int argc, char **argv)
bindtextdomain(PACKAGE, LOCALEDIR);
textdomain(PACKAGE);
/*
* Dynamically get the maximum number of groups from system, instead
* of using the symbolic constant NGROUPS_MAX. This ensures that the
* group limit is not hard coded into the binary, so it will still
* work if the system library is recompiled.
*/
sys_ngroups=sysconf(_SC_NGROUPS_MAX);
#ifdef HAVE_GETGROUPS
groups=malloc(sys_ngroups*sizeof(GETGROUPS_T));
/*
* See if the -a flag has been given to print out the
* concurrent group set.
@@ -152,7 +161,7 @@ main(int argc, char **argv)
* names.
*/
if (aflg && (ngroups = getgroups (NGROUPS_MAX, groups)) != -1) {
if (aflg && (ngroups = getgroups (sys_ngroups, groups)) != -1) {
/*
* Start off the group message. It will be of the format
@@ -175,6 +184,7 @@ main(int argc, char **argv)
printf("%d", (int) groups[i]);
}
}
free(groups);
#endif
/*

21
src/lastlog.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: lastlog.c,v 1.6 2000/08/26 18:27:18 marekm Exp $")
RCSID(PKG_VER "$Id: lastlog.c,v 1.9 2000/11/29 12:50:09 kloczek Exp $")
#include <sys/types.h>
#include <sys/stat.h>
@@ -64,6 +64,15 @@ static struct lastlog lastlog; /* scratch structure to play with ... */
static struct stat statbuf; /* fstat buffer for file size */
static struct passwd *pwent;
#include <getopt.h>
static struct option const longopts[] =
{
{"user", required_argument, 0, 'u'},
{"time", required_argument, 0, 't'},
{"help", no_argument, 0, 'h'},
{0, 0, 0, 0}
};
extern char *optarg;
#define NOW (time ((time_t *) 0))
@@ -85,7 +94,7 @@ main(int argc, char **argv)
perror (LASTLOG_FILE);
exit (1);
}
while ((c = getopt (argc, argv, "u:t:")) != EOF) {
while ((c = getopt_long (argc, argv, "u:t:h", longopts, NULL)) != -1) {
switch (c) {
case 'u':
pwent = getpwnam (optarg);
@@ -103,6 +112,14 @@ main(int argc, char **argv)
seconds = days * DAY;
tflg++;
break;
case 'h':
fprintf(stdout, _("Usage: %s [<-u|--login> login-name] [<-t|--time> days] [<-h|--help>]\n"),
argv[0]);
exit(0);
default:
fprintf(stdout, _("Usage: %s [<-u|--login> login-name] [<-t|--time> days] [<-h|--help>]\n"),
argv[0]);
exit(1);
}
}
print ();

22
src/login.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: login.c,v 1.18 2000/09/02 18:40:44 marekm Exp $")
RCSID(PKG_VER "$Id: login.c,v 1.21 2001/06/28 20:47:06 kloczek Exp $")
#include "prototypes.h"
#include "defines.h"
@@ -89,8 +89,8 @@ static const struct pam_conv conv = {
static pam_handle_t *pamh = NULL;
#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
fprintf(stderr,"\n%s\n",PAM_STRERROR(pamh, retcode)); \
syslog(LOG_ERR,"%s",PAM_STRERROR(pamh, retcode)); \
fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
pam_end(pamh, retcode); exit(1); \
}
#define PAM_END { retcode = pam_close_session(pamh,0); \
@@ -146,7 +146,10 @@ extern int optind;
extern char *optarg;
extern char **environ;
#ifndef USE_PAM
extern int login_access(const char *, const char *);
#endif
extern void login_fbtab(const char *, uid_t, gid_t);
#ifndef ALARM
@@ -708,9 +711,9 @@ top:
retcode = pam_start("login", username, &conv, &pamh);
if(retcode != PAM_SUCCESS) {
fprintf(stderr,"login: PAM Failure, aborting: %s\n",
PAM_STRERROR(pamh, retcode));
pam_strerror(pamh, retcode));
syslog(LOG_ERR,"Couldn't initialize PAM: %s",
PAM_STRERROR(pamh, retcode));
pam_strerror(pamh, retcode));
exit(99);
}
/* hostname & tty are either set to NULL or their correct values,
@@ -726,7 +729,7 @@ top:
#endif
/* if fflg == 1, then the user has already been authenticated */
if (!fflg || (getuid() != 0)) {
int failcount;
int failcount = 0;
char hostn[256];
char login_prompt[256]; /* That's one hell of a prompt :) */
@@ -763,7 +766,7 @@ top:
pam_get_item(pamh, PAM_USER, (const void **) &pam_user);
syslog(LOG_NOTICE,"FAILED LOGIN %d FROM %s FOR %s, %s",
failcount, hostname, pam_user,
PAM_STRERROR(pamh, retcode));
pam_strerror(pamh, retcode));
#ifdef HAVE_PAM_FAIL_DELAY
pam_fail_delay(pamh, 1000000*delay);
#endif
@@ -779,12 +782,12 @@ top:
syslog(LOG_NOTICE,
"TOO MANY LOGIN TRIES (%d) FROM %s FOR %s, %s",
failcount, hostname, pam_user,
PAM_STRERROR(pamh, retcode));
pam_strerror(pamh, retcode));
else
syslog(LOG_NOTICE,
"FAILED LOGIN SESSION FROM %s FOR %s, %s",
hostname, pam_user,
PAM_STRERROR(pamh, retcode));
pam_strerror(pamh, retcode));
fprintf(stderr, "\nLogin incorrect\n");
pam_end(pamh, retcode);
@@ -1059,6 +1062,7 @@ auth_ok:
setutmp(username, tty, hostname); /* make entry in utmp & wtmp files */
#endif
if (pwent.pw_shell[0] == '*') { /* subsystem root */
pwent.pw_shell++; /* skip the '*' */
subsystem (&pwent); /* figure out what to execute */
subroot++; /* say i was here again */
endpwent (); /* close all of the file which were */

4
src/logoutd.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: logoutd.c,v 1.16 2000/09/02 18:40:44 marekm Exp $")
RCSID(PKG_VER "$Id: logoutd.c,v 1.17 2001/08/06 06:23:26 kloczek Exp $")
#include <sys/types.h>
#include <sys/stat.h>
@@ -279,7 +279,7 @@ main(int argc, char **argv)
close (tty_fd);
#endif /* BSD || SUN || SUN4 */
strncpy(user, ut->ut_line, sizeof(user) - 1);
strncpy(user, ut->ut_user, sizeof(user) - 1);
user[sizeof(user) - 1] = '\0';
SYSLOG((LOG_NOTICE, "logged off user `%s' on `%s'\n",

4
src/newgrp.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: newgrp.c,v 1.16 2000/09/02 18:40:44 marekm Exp $")
RCSID(PKG_VER "$Id: newgrp.c,v 1.17 2001/09/01 04:19:16 kloczek Exp $")
#include <stdio.h>
#include <errno.h>
@@ -360,7 +360,7 @@ main(int argc, char **argv)
break;
}
if (i == ngroups) {
if (ngroups >= NGROUPS_MAX) {
if (ngroups >= sysconf(_SC_NGROUPS_MAX)) {
fprintf (stderr, _("too many groups\n"));
} else {
grouplist[ngroups++] = gid;

58
src/patchlevel.h
View File

@@ -1,58 +0,0 @@
/*
* Copyright 1991 - 1995, Julianne Frances Haugh
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of Julianne F. Haugh nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY JULIE HAUGH AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL JULIE HAUGH OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* Revision History
* 11/25/91 3.1.1 patchlevel 14
* Added "login.defs" to Makefile
* 12/02/91 3.1.2 patchlevel 15
* Bugs found by users
* 12/28/91 3.1.3 patchlevel 16
* Changes for SunOS 4.1.1
* 02/08/92 3.1.4 patchlevel 17
* Changes for SVR4, plus bug fixes
* 04/03/92 3.2.1 patchlevel 18
* Minor bug fixes, new baseline
* 07/07/92 3.2.2 patchlevel 20
* Added administrator defined authentication
* 11/04/92 3.2.3 patchlevel 21
* Bug fixes for SVR4
* 07/23/93 3.3.0 patchlevel 23
* New baseline release
* 08/23/93 3.3.1 patchlevel 24
* Bug fixes for SunOS 4.1.1
* 08/27/93 3.3.2 patchlevel 25
* Initial NIS support changes
* 12/03/95 3.3.3 patchlevel 26
* This is the Linux beta baseline. Marek will
* change the name some other day. -- jfh
* $Id: patchlevel.h,v 1.2 1997/05/01 23:07:16 marekm Exp $
*/
#define RELEASE 3
#define PATCHLEVEL 26
#define VERSION "3.3.3"

28
src/pwck.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: pwck.c,v 1.15 2000/09/02 18:40:44 marekm Exp $")
RCSID(PKG_VER "$Id: pwck.c,v 1.16 2001/08/14 21:10:58 malekith Exp $")
#include <stdio.h>
#include <fcntl.h>
@@ -95,9 +95,9 @@ static void
usage(void)
{
#ifdef SHADOWPWD
fprintf(stderr, _("Usage: %s [ -qr ] [ passwd [ shadow ] ]\n"), Prog);
fprintf(stderr, _("Usage: %s [ -sqr ] [ passwd [ shadow ] ]\n"), Prog);
#else
fprintf(stderr, _("Usage: %s [ -qr ] [ passwd ]\n"), Prog);
fprintf(stderr, _("Usage: %s [ -sqr ] [ passwd ]\n"), Prog);
#endif
exit(E_USAGE);
}
@@ -142,6 +142,7 @@ main(int argc, char **argv)
int deleted = 0;
struct commonio_entry *pfe, *tpfe;
struct passwd *pwd;
int sort_mode = 0;
#ifdef SHADOWPWD
struct commonio_entry *spe, *tspe;
struct spwd *spw;
@@ -164,7 +165,7 @@ main(int argc, char **argv)
* Parse the command line arguments
*/
while ((arg = getopt(argc, argv, "eqr")) != EOF) {
while ((arg = getopt(argc, argv, "eqrs")) != EOF) {
switch (arg) {
case 'e': /* added for Debian shadow-961025-2 compatibility */
case 'q':
@@ -173,11 +174,20 @@ main(int argc, char **argv)
case 'r':
read_only = 1;
break;
case 's':
sort_mode = 1;
break;
default:
usage();
}
}
if (sort_mode && read_only) {
fprintf(stderr, _("%s: -s and -r are incompatibile\n"),
Prog);
exit(E_USAGE);
}
/*
* Make certain we have the right number of arguments
*/
@@ -256,6 +266,15 @@ main(int argc, char **argv)
}
#endif
if (sort_mode) {
pw_sort();
#ifdef SHADOWPWD
if (is_shadow)
spw_sort();
#endif
goto write_and_bye;
}
/*
* Loop through the entire password file.
*/
@@ -568,6 +587,7 @@ shadow_done:
*/
if (deleted) {
write_and_bye:
if (!pw_close()) {
fprintf(stderr, _("%s: cannot update file %s\n"),
Prog, pwd_file);

11
src/pwunconv.c
View File

@@ -25,21 +25,12 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* pwunconv - restore old password file from shadow password file.
*
* Pwunconv copies the password file information from the shadow
* password file, merging entries from an optional existing shadow
* file.
*
* Modifed by Guy Maor <maor@debian.org> to acquire necessary locks
* and modify the files in place.
*/
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: pwunconv.c,v 1.9 2000/08/26 18:27:18 marekm Exp $")
RCSID(PKG_VER "$Id: pwunconv.c,v 1.10 2001/01/25 10:36:07 kloczek Exp $")
#include "defines.h"
#include <sys/types.h>

67
src/shadowconfig.sh
View File

@@ -1,67 +0,0 @@
#!/bin/bash
# turn shadow passwords on or off on a Debian system
set -e
permfix () {
[ -f $1 ] || return 0
chown root:shadow $1
chmod 2755 $1
}
export -f permfix
shadowon () {
bash<<- EOF
set -e
permfix /usr/X11R6/bin/xlock
permfix /usr/X11R6/bin/xtrlock
permfix /bin/vlock
pwck -q
grpck
pwconv
grpconv
cd /etc
chown root:root passwd group
chmod 644 passwd group
chown root:shadow shadow gshadow
chmod 640 shadow gshadow
EOF
}
shadowoff () {
bash<<- EOF
set -e
pwck -q
grpck
pwunconv
grpunconv
cd /etc
# sometimes the passwd perms get munged
chown root:root passwd group
chmod 644 passwd group
EOF
}
case "$1" in
"on")
if shadowon ; then
echo Shadow passwords are now on.
else
echo Please correct the error and rerun \`$0 on\'
exit 1
fi
;;
"off")
if shadowoff ; then
echo Shadow passwords are now off.
else
echo Please correct the error and rerun \`$0 off\'
exit 1
fi
;;
*)
echo Usage: $0 on \| off
;;
esac

39
src/su.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: su.c,v 1.15 2000/09/02 18:40:44 marekm Exp $")
RCSID(PKG_VER "$Id: su.c,v 1.18 2001/06/28 20:47:06 kloczek Exp $")
#include <sys/types.h>
#include <stdio.h>
@@ -302,9 +302,8 @@ main(int argc, char **argv)
#endif
oldpass = xstrdup(pw->pw_passwd);
#endif /* SU_ACCESS */
#endif /* !USE_PAM */
#ifdef USE_PAM
#else /* USE_PAM */
ret = pam_start("su", name, &conv, &pamh);
if (ret != PAM_SUCCESS) {
SYSLOG((LOG_ERR, "pam_start: error %d\n", ret);
@@ -316,8 +315,8 @@ main(int argc, char **argv)
if (ret == PAM_SUCCESS)
ret = pam_set_item(pamh, PAM_RUSER, (const void *) oldname);
if (ret != PAM_SUCCESS) {
SYSLOG((LOG_ERR, "pam_set_item: %s\n", PAM_STRERROR(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, PAM_STRERROR(pamh, ret));
SYSLOG((LOG_ERR, "pam_set_item: %s\n", pam_strerror(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, pam_strerror(pamh, ret));
pam_end(pamh, ret);
exit(1);
}
@@ -394,20 +393,6 @@ top:
/*
* Set the default shell.
*/
#if 0
/*
* XXX - GNU and *BSD versions of su support the -m option.
* Need to add some option parsing code.
*/
if (mflg) {
if (!amroot && !check_shell(pwent.pw_shell)) {
fprintf(stderr, _("%s: permission denied (shell).\n"), Prog);
exit(1);
}
if ((cp = getenv("SHELL")))
pwent.pw_shell = cp;
}
#endif
if (pwent.pw_shell[0] == '\0')
pwent.pw_shell = "/bin/sh"; /* XXX warning: const */
@@ -416,8 +401,8 @@ top:
ret = pam_authenticate(pamh, 0);
if (ret != PAM_SUCCESS) {
SYSLOG((LOG_ERR, "pam_authenticate: %s\n",
PAM_STRERROR(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, PAM_STRERROR(pamh, ret));
pam_strerror(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, pam_strerror(pamh, ret));
pam_end(pamh, ret);
su_failure(tty);
}
@@ -425,11 +410,11 @@ top:
ret = pam_acct_mgmt(pamh, 0);
if (ret != PAM_SUCCESS) {
if (amroot) {
fprintf(stderr, _("%s: %s\n(Ignored)\n"), Prog, PAM_STRERROR(pamh, ret));
fprintf(stderr, _("%s: %s\n(Ignored)\n"), Prog, pam_strerror(pamh, ret));
} else {
SYSLOG((LOG_ERR, "pam_acct_mgmt: %s\n",
PAM_STRERROR(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, PAM_STRERROR(pamh, ret));
pam_strerror(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, pam_strerror(pamh, ret));
pam_end(pamh, ret);
su_failure(tty);
}
@@ -500,6 +485,7 @@ top:
}
#endif /* !USE_PAM */
signal(SIGINT, SIG_DFL);
cp = getdef_str((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
#if 0
addenv(cp ? cp : "PATH=/bin:/usr/bin", NULL);
@@ -520,6 +506,7 @@ top:
addenv("IFS= \t\n", NULL); /* ... instead, set a safe IFS */
if (pwent.pw_shell[0] == '*') { /* subsystem root required */
pwent.pw_shell++; /* skip the '*' */
subsystem (&pwent); /* figure out what to execute */
endpwent ();
#ifdef SHADOWPWD
@@ -550,8 +537,8 @@ top:
and much more, depending on the configured modules */
ret = pam_setcred(pamh, PAM_ESTABLISH_CRED);
if (ret != PAM_SUCCESS) {
SYSLOG((LOG_ERR, "pam_setcred: %s\n", PAM_STRERROR(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, PAM_STRERROR(pamh, ret));
SYSLOG((LOG_ERR, "pam_setcred: %s\n", pam_strerror(pamh, ret)));
fprintf(stderr, "%s: %s\n", Prog, pam_strerror(pamh, ret));
pam_end(pamh, ret);
exit(1);
}

30
src/useradd.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: useradd.c,v 1.21 2000/10/09 20:03:12 kloczek Exp $")
RCSID(PKG_VER "$Id: useradd.c,v 1.26 2001/09/01 04:19:16 kloczek Exp $")
#include "prototypes.h"
#include "defines.h"
@@ -106,7 +106,8 @@ static int is_shadow_pwd;
#ifdef SHADOWGRP
static int is_shadow_grp;
#endif
static char *user_groups[NGROUPS_MAX+1]; /* NULL-terminated list */
static char **user_groups; /* NULL-terminated list */
static long sys_ngroups;
static int do_grp_update = 0; /* group files need to be updated */
static char *Prog;
@@ -124,7 +125,8 @@ static int
kflg = 0, /* specify a directory to fill new user directory */
fflg = 0, /* days until account with expired password is locked */
eflg = 0, /* days since 1970-01-01 when account is locked */
Dflg = 0; /* set/show new user default values */
Dflg = 0, /* set/show new user default values */
nflg = 0; /* create a group having the same name as the user */
#ifdef AUTH_METHODS
static int Aflg = 0; /* specify authentication method for user */
@@ -457,6 +459,7 @@ set_defaults(void)
char buf[1024];
static char new_file[] = NEW_USER_FILE;
char *cp;
int ofd;
int out_group = 0;
int out_home = 0;
int out_inactive = 0;
@@ -471,9 +474,18 @@ set_defaults(void)
* Create a temporary file to copy the new output to.
*/
mktemp (new_file);
if (!(ofp = fopen (new_file, "w"))) {
#ifdef HAVE_MKSTEMP
if ((ofd = mkstemp (new_file)) == -1) {
#else
if ((ofd = mktemp (new_file)) == -1) {
#endif
fprintf(stderr, _("%s: cannot create new defaults file\n"),
Prog);
return -1;
}
if (!(ofp = fdopen(ofd, "w"))) {
fprintf(stderr, _("%s: cannot open new defaults file\n"),
Prog);
return -1;
}
@@ -671,7 +683,7 @@ get_groups(char *list)
}
#endif
if (ngroups == NGROUPS_MAX) {
if (ngroups == sys_ngroups) {
fprintf(stderr,
_("%s: too many groups specified (max %d).\n"),
Prog, ngroups);
@@ -1671,6 +1683,8 @@ main(int argc, char **argv)
* Get my name so that I can use it to report errors.
*/
sys_ngroups=sysconf(_SC_NGROUPS_MAX);
user_groups=malloc((1+sys_ngroups)*sizeof(char *));
Prog = Basename(argv[0]);
setlocale(LC_ALL, "");
@@ -1686,7 +1700,7 @@ main(int argc, char **argv)
}
if (retval == PAM_SUCCESS) {
retval = pam_start("shadow", pampw->pw_name, &conv, &pamh);
retval = pam_start("useradd", pampw->pw_name, &conv, &pamh);
}
if (retval == PAM_SUCCESS) {
@@ -1765,7 +1779,7 @@ main(int argc, char **argv)
* to that group, use useradd -g username username.
* --bero
*/
if (! (nflg || gflg)) {
if (!gflg) {
if (getgrnam(user_name)) {
fprintf(stderr, _("%s: group %s exists - if you want to add this user to that group, use -g.\n"), Prog, user_name);
exit(E_NAME_IN_USE);

9
src/usermod.c
View File

@@ -30,7 +30,7 @@
#include <config.h>
#include "rcsid.h"
RCSID(PKG_VER "$Id: usermod.c,v 1.21 2000/10/09 19:02:20 kloczek Exp $")
RCSID(PKG_VER "$Id: usermod.c,v 1.22 2001/09/01 04:19:16 kloczek Exp $")
#include <sys/types.h>
#include <sys/stat.h>
@@ -95,7 +95,8 @@ static char *user_shell;
static long user_expire;
static long user_inactive;
#endif
static char *user_groups[NGROUPS_MAX+1]; /* NULL-terminated list */
static long sys_ngroups;
static char **user_groups; /* NULL-terminated list */
static char *Prog;
@@ -283,7 +284,7 @@ get_groups(char *list)
}
#endif
if (ngroups == NGROUPS_MAX) {
if (ngroups == sys_ngroups) {
fprintf(stderr,
_("%s: too many groups specified (max %d).\n"),
Prog, ngroups);
@@ -1645,6 +1646,8 @@ main(int argc, char **argv)
int retval;
#endif
sys_ngroups=sysconf(_SC_NGROUPS_MAX);
user_groups=malloc((1+sys_ngroups)*sizeof(char *));
/*
* Get my name so that I can use it to report errors.
*/