Use the lckpwdf() again if prefix is not set
The implementation of prefix option dropped the use of lckpwdf(). However that is incorrect as other tools manipulating the shadow passwords such as PAM use lckpwdf() and do not know anything about the shadow's own locking mechanism. This reverts the implementation to use lckpwdf() if prefix option is not used.
This commit is contained in:
Tomas Mraz
@@ -364,6 +364,7 @@ static void free_linked_list (struct commonio_db *db)
|
||||
int commonio_setname (struct commonio_db *db, const char *name)
|
||||
{
|
||||
snprintf (db->filename, sizeof (db->filename), "%s", name);
|
||||
db->setname = true;
|
||||
return 1;
|
||||
}
|
||||
|
||||
@@ -414,38 +415,40 @@ cleanup_ENOMEM:
|
||||
|
||||
int commonio_lock (struct commonio_db *db)
|
||||
{
|
||||
/*#ifdef HAVE_LCKPWDF*/ /* not compatible with prefix option*/
|
||||
#if 0
|
||||
/*
|
||||
* only if the system libc has a real lckpwdf() - the one from
|
||||
* lockpw.c calls us and would cause infinite recursion!
|
||||
*/
|
||||
|
||||
/*
|
||||
* Call lckpwdf() on the first lock.
|
||||
* If it succeeds, call *_lock() only once
|
||||
* (no retries, it should always succeed).
|
||||
*/
|
||||
if (0 == lock_count) {
|
||||
if (lckpwdf () == -1) {
|
||||
if (geteuid () != 0) {
|
||||
(void) fprintf (stderr,
|
||||
"%s: Permission denied.\n",
|
||||
Prog);
|
||||
}
|
||||
return 0; /* failure */
|
||||
}
|
||||
}
|
||||
|
||||
if (commonio_lock_nowait (db, true) != 0) {
|
||||
return 1; /* success */
|
||||
}
|
||||
|
||||
ulckpwdf ();
|
||||
return 0; /* failure */
|
||||
#else /* !HAVE_LCKPWDF */
|
||||
int i;
|
||||
|
||||
#ifdef HAVE_LCKPWDF
|
||||
/*
|
||||
* Only if the system libc has a real lckpwdf() - the one from
|
||||
* lockpw.c calls us and would cause infinite recursion!
|
||||
* It is also not used with the prefix option.
|
||||
*/
|
||||
if (!db->setname) {
|
||||
/*
|
||||
* Call lckpwdf() on the first lock.
|
||||
* If it succeeds, call *_lock() only once
|
||||
* (no retries, it should always succeed).
|
||||
*/
|
||||
if (0 == lock_count) {
|
||||
if (lckpwdf () == -1) {
|
||||
if (geteuid () != 0) {
|
||||
(void) fprintf (stderr,
|
||||
"%s: Permission denied.\n",
|
||||
Prog);
|
||||
}
|
||||
return 0; /* failure */
|
||||
}
|
||||
}
|
||||
|
||||
if (commonio_lock_nowait (db, true) != 0) {
|
||||
return 1; /* success */
|
||||
}
|
||||
|
||||
ulckpwdf ();
|
||||
return 0; /* failure */
|
||||
}
|
||||
#endif /* !HAVE_LCKPWDF */
|
||||
|
||||
/*
|
||||
* lckpwdf() not used - do it the old way.
|
||||
*/
|
||||
@@ -471,7 +474,6 @@ int commonio_lock (struct commonio_db *db)
|
||||
}
|
||||
}
|
||||
return 0; /* failure */
|
||||
#endif /* !HAVE_LCKPWDF */
|
||||
}
|
||||
|
||||
static void dec_lock_count (void)
|
||||
|
||||
Reference in New Issue
Block a user