From 5df1f2f683922c9750cba417f225fc874510017a Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sat, 13 Sep 2008 18:03:50 +0000
Subject: [PATCH] 	* libmisc/setugid.c, src/login_nopam.c, src/suauth.c, 
 lib/getdef.c: Replace the %m format string by strerror(). This 	avoids
 errno to be reset between the system call error and the 	report
 function.

---
 ChangeLog         |  7 +++++++
 lib/getdef.c      | 11 +++++++----
 libmisc/setugid.c | 16 ++++++++++------
 src/login_nopam.c |  3 ++-
 src/suauth.c      |  8 +++++---
 5 files changed, 31 insertions(+), 14 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 65dc8edc..802ce37d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2008-09-13  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* libmisc/setugid.c, src/login_nopam.c, src/suauth.c,
+	lib/getdef.c: Replace the %m format string by strerror(). This
+	avoids errno to be reset between the system call error and the
+	report function.
+
 2008-09-13  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* lib/commonio.c: Ignore the return value of umask() when the mask
diff --git a/lib/getdef.c b/lib/getdef.c
index db1645a9..6f4ab706 100644
--- a/lib/getdef.c
+++ b/lib/getdef.c
@@ -39,6 +39,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <ctype.h>
+#include <errno.h>
 #include "getdef.h"
 /*
  * A configuration item definition.
@@ -377,8 +378,9 @@ static void def_load (void)
 	 */
 	fp = fopen (def_fname, "r");
 	if (NULL == fp) {
-		SYSLOG ((LOG_CRIT, "cannot open login definitions %s [%m]",
-			 def_fname));
+		int err = errno;
+		SYSLOG ((LOG_CRIT, "cannot open login definitions %s [%s]",
+		         def_fname, strerror (err)));
 		exit (1);
 	}
 
@@ -426,8 +428,9 @@ static void def_load (void)
 	}
 
 	if (ferror (fp) != 0) {
-		SYSLOG ((LOG_CRIT, "cannot read login definitions %s [%m]",
-			 def_fname));
+		int err = errno;
+		SYSLOG ((LOG_CRIT, "cannot read login definitions %s [%s]",
+		         def_fname, strerror (err)));
 		exit (1);
 	}
 
diff --git a/libmisc/setugid.c b/libmisc/setugid.c
index bfbde967..be0d7163 100644
--- a/libmisc/setugid.c
+++ b/libmisc/setugid.c
@@ -40,6 +40,7 @@
 
 #include <stdio.h>
 #include <grp.h>
+#include <errno.h>
 #include "prototypes.h"
 #include "defines.h"
 #include <pwd.h>
@@ -56,9 +57,10 @@ int setup_groups (const struct passwd *info)
 	 * file.
 	 */
 	if (setgid (info->pw_gid) == -1) {
+		int err = errno;
 		perror ("setgid");
-		SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %m\n",
-			 info->pw_gid, info->pw_name));
+		SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %s\n",
+		         info->pw_gid, info->pw_name, strerror (err)));
 		closelog ();
 		return -1;
 	}
@@ -68,9 +70,10 @@ int setup_groups (const struct passwd *info)
 	 * the group set from the /etc/group file.
 	 */
 	if (initgroups (info->pw_name, info->pw_gid) == -1) {
+		int err = errno;
 		perror ("initgroups");
-		SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %m\n",
-			 info->pw_name));
+		SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %s\n",
+		         info->pw_name, strerror (err)));
 		closelog ();
 		return -1;
 	}
@@ -84,9 +87,10 @@ int change_uid (const struct passwd *info)
 	 * Set the real UID to the UID value in the password file.
 	 */
 	if (setuid (info->pw_uid) != 0) {
+		int err = errno;
 		perror ("setuid");
-		SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %m\n",
-			 (int) info->pw_uid, info->pw_name));
+		SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %s\n",
+		         (int) info->pw_uid, info->pw_name, strerror (err)));
 		closelog ();
 		return -1;
 	}
diff --git a/src/login_nopam.c b/src/login_nopam.c
index 0a954534..d66087c5 100644
--- a/src/login_nopam.c
+++ b/src/login_nopam.c
@@ -133,7 +133,8 @@ int login_access (const char *user, const char *from)
 		}
 		(void) fclose (fp);
 	} else if (errno != ENOENT) {
-		SYSLOG ((LOG_ERR, "cannot open %s: %m", TABLE));
+		int err = errno;
+		SYSLOG ((LOG_ERR, "cannot open %s: %s", TABLE, strerror (err)));
 	}
 	return (!match || (line[0] == '+'))?1:0;
 }
diff --git a/src/suauth.c b/src/suauth.c
index 26f64aab..a2c6735a 100644
--- a/src/suauth.c
+++ b/src/suauth.c
@@ -76,17 +76,19 @@ int check_su_auth (const char *actual_id, const char *wanted_id)
 	char *action;
 
 	if (!(authfile_fd = fopen (SUAUTHFILE, "r"))) {
+		int err = errno;
 		/*
 		 * If the file doesn't exist - default to the standard su
 		 * behaviour (no access control).  If open fails for some
 		 * other reason - maybe someone is trying to fool us with
 		 * file descriptors limit etc., so deny access.  --marekm
 		 */
-		if (errno == ENOENT)
+		if (ENOENT == err) {
 			return NOACTION;
+		}
 		SYSLOG ((LOG_ERR,
-			 "could not open/read config file '%s': %m\n",
-			 SUAUTHFILE));
+		         "could not open/read config file '%s': %s\n",
+		         SUAUTHFILE, strerror (err)));
 		return DENY;
 	}