* src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,

src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
	src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c,
	src/usermod.c: Provide the PAM error
	message instead of our own, and log error to syslog.
	* src/groupmems.c: Exit with exit rather than fail_exit in usage().
	* src/newusers.c: Check the number of arguments.
	* src/newusers.c: Do not create the home directory when it is not
	changed.
	* src/useradd.c: Set the group password to "!" rather "x" if there
	are no gshadow file.
This commit is contained in:
nekral-guest 2011-11-13 16:24:57 +00:00
parent 2ecea675ee
commit 57f9d5ae9c
14 changed files with 117 additions and 55 deletions

View File

@ -1,3 +1,17 @@
2011-11-12 Nicolas François <nicolas.francois@centraliens.net>
* src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c,
src/usermod.c: Provide the PAM error
message instead of our own, and log error to syslog.
* src/groupmems.c: Exit with exit rather than fail_exit in usage().
* src/newusers.c: Check the number of arguments.
* src/newusers.c: Do not create the home directory when it is not
changed.
* src/useradd.c: Set the group password to "!" rather "x" if there
are no gshadow file.
2011-11-11 Nicolas François <nicolas.francois@centraliens.net> 2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
* src/pwck.c: Removed pw_opened. * src/pwck.c: Removed pw_opened.

View File

@ -556,13 +556,16 @@ static void check_perms (void)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
fail_exit (E_NOPERM); fail_exit (E_NOPERM);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
} }

View File

@ -416,13 +416,16 @@ static void check_perms (const struct passwd *pw)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (E_NOPERM); exit (E_NOPERM);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
} }

View File

@ -286,13 +286,16 @@ static void check_perms (void)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (1); exit (1);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
} }

View File

@ -283,13 +283,16 @@ static void check_perms (void)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (1); exit (1);
} }
(void) pam_end (pamh, retval);
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
#endif /* USE_PAM */ #endif /* USE_PAM */
} }

View File

@ -325,13 +325,16 @@ static void check_perms (const struct passwd *pw)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (E_NOPERM); exit (E_NOPERM);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
} }

View File

@ -549,13 +549,16 @@ static void check_perms (void)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (1); exit (1);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
} }

View File

@ -407,13 +407,16 @@ int main (int argc, char **argv)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (1); exit (1);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */

View File

@ -379,7 +379,7 @@ static /*@noreturn@*/void usage (int status)
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
(void) fputs (_(" -p, --purge purge all members from the group\n"), usageout); (void) fputs (_(" -p, --purge purge all members from the group\n"), usageout);
(void) fputs (_(" -l, --list list the members of the group\n"), usageout); (void) fputs (_(" -l, --list list the members of the group\n"), usageout);
fail_exit (status); exit (status);
} }
/* /*
@ -471,13 +471,16 @@ static void check_perms (void)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
fail_exit (1); fail_exit (1);
} }
(void) pam_end (pamh, retval);
#endif #endif
} }
} }

View File

@ -784,13 +784,16 @@ int main (int argc, char **argv)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (1); exit (1);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */

View File

@ -584,6 +584,11 @@ static void process_flags (int argc, char **argv)
} }
} }
if ( (optind != argc)
&& (optind + 1 != argc)) {
usage (EXIT_FAILURE);
}
if (argv[optind] != NULL) { if (argv[optind] != NULL) {
if (freopen (argv[optind], "r", stdin) == NULL) { if (freopen (argv[optind], "r", stdin) == NULL) {
char buf[BUFSIZ]; char buf[BUFSIZ];
@ -668,13 +673,16 @@ static void check_perms (void)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
fail_exit (EXIT_FAILURE); fail_exit (EXIT_FAILURE);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
} }
@ -1006,7 +1014,7 @@ int main (int argc, char **argv)
newpw.pw_shell = fields[6]; newpw.pw_shell = fields[6];
} }
if ( ('\0' != newpw.pw_dir[0]) if ( ('\0' != fields[5][0])
&& (access (newpw.pw_dir, F_OK) != 0)) { && (access (newpw.pw_dir, F_OK) != 0)) {
/* FIXME: should check for directory */ /* FIXME: should check for directory */
mode_t msk = 0777 & ~getdef_num ("UMASK", mode_t msk = 0777 & ~getdef_num ("UMASK",

View File

@ -1519,7 +1519,11 @@ static void new_grent (struct group *grent)
{ {
memzero (grent, sizeof *grent); memzero (grent, sizeof *grent);
grent->gr_name = (char *) user_name; grent->gr_name = (char *) user_name;
grent->gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */ if (is_shadow_grp) {
grent->gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
} else {
grent->gr_passwd = "!"; /* XXX warning: const */
}
grent->gr_gid = user_gid; grent->gr_gid = user_gid;
grent->gr_mem = &empty_list; grent->gr_mem = &empty_list;
} }
@ -1929,13 +1933,16 @@ int main (int argc, char **argv)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
fail_exit (1); fail_exit (1);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */

View File

@ -923,13 +923,16 @@ int main (int argc, char **argv)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (E_PW_UPDATE); exit (E_PW_UPDATE);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */

View File

@ -1849,13 +1849,16 @@ int main (int argc, char **argv)
retval = pam_acct_mgmt (pamh, 0); retval = pam_acct_mgmt (pamh, 0);
} }
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
if (PAM_SUCCESS != retval) { if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); fprintf (stderr, _("%s: PAM: %s\n"),
Prog, pam_strerror (pamh, retval));
SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
if (NULL != pamh) {
(void) pam_end (pamh, retval);
}
exit (1); exit (1);
} }
(void) pam_end (pamh, retval);
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */