From 508b968cb1862a42ed7e2d4e4f9fa90af30f517f Mon Sep 17 00:00:00 2001
From: ikerexxe <ipedrosa@redhat.com>
Date: Mon, 10 Aug 2020 11:44:00 +0200
Subject: [PATCH] useradd: check return value from chmod and log it

covscan was complaining abot calling chmod and ignoring the return
value:
Error: CHECKED_RETURN (CWE-252):
shadow-4.6/src/useradd.c:2084: check_return: Calling
"chmod(prefix_user_home, mode)" without checking return value. This
library function may fail and return an error code.
2082|   		mode_t mode = getdef_num ("HOME_MODE",
2083|   		                          0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
2084|-> 		chmod (prefix_user_home, mode);
2085|   		home_added = true;
2086|   #ifdef WITH_AUDIT
---
 src/useradd.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/useradd.c b/src/useradd.c
index 1b516c25..3544acd0 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -2247,7 +2247,10 @@ static void create_home (void)
 		(void) chown (prefix_user_home, user_id, user_gid);
 		mode_t mode = getdef_num ("HOME_MODE",
 		                          0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
-		chmod (prefix_user_home, mode);
+		if (chmod (prefix_user_home, mode)) {
+			fprintf (stderr, _("%s: warning: chown on '%s' failed: %m\n"),
+			                 Prog, path);
+		}
 		home_added = true;
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_ADD_USER, Prog,