emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

Make shadow_logfd and Prog not extern

Browse Source 
Closes #444
Closes #465

Signed-off-by: Serge Hallyn <serge@hallyn.com>
This commit is contained in:
Serge Hallyn
2021-11-28 17:37:53 -06:00
parent b8c67c320c
commit 79157cbad8
79 changed files with 371 additions and 217 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
libmisc/addgrps.c
View File

@@ -40,6 +40,7 @@
#include <stdio.h>
#include <grp.h>
#include <errno.h>
#include "shadowlog.h"
#ident "$Id$"
@@ -58,6 +59,7 @@ int add_groups (const char *list)
char *token;
char buf[1024];
int ret;
FILE *shadow_logfd = log_get_logfd();
if (strlen (list) >= sizeof (buf)) {
errno = EINVAL;

3
libmisc/audit_help.c
View File

@@ -45,6 +45,7 @@
#include <errno.h>
#include <stdio.h>
#include "prototypes.h"
#include "shadowlog.h"
int audit_fd;
void audit_help_open (void)
@@ -59,7 +60,7 @@ void audit_help_open (void)
return;
}
(void) fputs (_("Cannot open audit interface - aborting.\n"),
shadow_logfd);
log_get_logfd());
exit (EXIT_FAILURE);
}
}

2
libmisc/chowntty.c
View File

@@ -43,6 +43,7 @@
#include "defines.h"
#include <pwd.h>
#include "getdef.h"
#include "shadowlog.h"
/*
* chown_tty() sets the login tty to be owned by the new user ID
@@ -75,6 +76,7 @@ void chown_tty (const struct passwd *info)
if ( (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
|| (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
int err = errno;
FILE *shadow_logfd = log_get_logfd();
fprintf (shadow_logfd,
_("Unable to change owner or mode of tty stdin: %s"),

25
libmisc/cleanup_group.c
View File

@@ -36,6 +36,7 @@
#include "groupio.h"
#include "sgroupio.h"
#include "prototypes.h"
#include "shadowlog.h"
/*
* cleanup_report_add_group - Report failure to add a group to the system
@@ -48,7 +49,7 @@ void cleanup_report_add_group (void *group_name)
SYSLOG ((LOG_ERR, "failed to add group %s", name));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
"",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -66,7 +67,7 @@ void cleanup_report_del_group (void *group_name)
SYSLOG ((LOG_ERR, "failed to remove group %s", name));
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_GROUP, Prog,
audit_logger (AUDIT_DEL_GROUP, log_get_progname(),
"",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -83,7 +84,7 @@ void cleanup_report_mod_group (void *cleanup_info)
gr_dbname (),
info->action));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_ACCT, Prog,
audit_logger (AUDIT_USER_ACCT, log_get_progname(),
info->audit_msg,
info->name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -101,7 +102,7 @@ void cleanup_report_mod_gshadow (void *cleanup_info)
sgr_dbname (),
info->action));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_ACCT, Prog,
audit_logger (AUDIT_USER_ACCT, log_get_progname(),
info->audit_msg,
info->name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -121,7 +122,7 @@ void cleanup_report_add_group_group (void *group_name)
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
"adding group to /etc/group",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -141,7 +142,7 @@ void cleanup_report_add_group_gshadow (void *group_name)
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
"adding group to /etc/gshadow",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -164,7 +165,7 @@ void cleanup_report_del_group_group (void *group_name)
"failed to remove group %s from %s",
name, gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
"removing group from /etc/group",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -187,7 +188,7 @@ void cleanup_report_del_group_gshadow (void *group_name)
"failed to remove group %s from %s",
name, sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
"removing group from /etc/gshadow",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -203,9 +204,9 @@ void cleanup_report_del_group_gshadow (void *group_name)
void cleanup_unlock_group (unused void *arg)
{
if (gr_unlock () == 0) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: failed to unlock %s\n"),
Prog, gr_dbname ());
log_get_progname(), gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger_message ("unlocking group file",
@@ -223,9 +224,9 @@ void cleanup_unlock_group (unused void *arg)
void cleanup_unlock_gshadow (unused void *arg)
{
if (sgr_unlock () == 0) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: failed to unlock %s\n"),
Prog, sgr_dbname ());
log_get_progname(), sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger_message ("unlocking gshadow file",

17
libmisc/cleanup_user.c
View File

@@ -36,6 +36,7 @@
#include "pwio.h"
#include "shadowio.h"
#include "prototypes.h"
#include "shadowlog.h"
/*
* cleanup_report_add_user - Report failure to add an user to the system
@@ -48,7 +49,7 @@ void cleanup_report_add_user (void *user_name)
SYSLOG ((LOG_ERR, "failed to add user %s", name));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
audit_logger (AUDIT_ADD_USER, log_get_progname(),
"",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -65,7 +66,7 @@ void cleanup_report_mod_passwd (void *cleanup_info)
pw_dbname (),
info->action));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_ACCT, Prog,
audit_logger (AUDIT_USER_ACCT, log_get_progname(),
info->audit_msg,
info->name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -85,7 +86,7 @@ void cleanup_report_add_user_passwd (void *user_name)
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
audit_logger (AUDIT_ADD_USER, log_get_progname(),
"adding user to /etc/passwd",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -105,7 +106,7 @@ void cleanup_report_add_user_shadow (void *user_name)
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
audit_logger (AUDIT_ADD_USER, log_get_progname(),
"adding user to /etc/shadow",
name, AUDIT_NO_ID,
SHADOW_AUDIT_FAILURE);
@@ -120,9 +121,9 @@ void cleanup_report_add_user_shadow (void *user_name)
void cleanup_unlock_passwd (unused void *arg)
{
if (pw_unlock () == 0) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: failed to unlock %s\n"),
Prog, pw_dbname ());
log_get_progname(), pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
audit_logger_message ("unlocking passwd file",
@@ -139,9 +140,9 @@ void cleanup_unlock_passwd (unused void *arg)
void cleanup_unlock_shadow (unused void *arg)
{
if (spw_unlock () == 0) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: failed to unlock %s\n"),
Prog, spw_dbname ());
log_get_progname(), spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
audit_logger_message ("unlocking shadow file",

8
libmisc/copydir.c
View File

@@ -55,6 +55,7 @@
#ifdef WITH_ATTR
#include <attr/libattr.h>
#endif /* WITH_ATTR */
#include "shadowlog.h"
static /*@null@*/const char *src_orig;
@@ -116,6 +117,7 @@ static int fchown_if_needed (int fdst, const struct stat *statp,
static void error_acl (struct error_context *ctx, const char *fmt, ...)
{
va_list ap;
FILE *shadow_logfd = log_get_logfd();
/* ignore the case when destination does not support ACLs
* or extended attributes */
@@ -125,7 +127,7 @@ static void error_acl (struct error_context *ctx, const char *fmt, ...)
}
va_start (ap, fmt);
(void) fprintf (shadow_logfd, _("%s: "), Prog);
(void) fprintf (shadow_logfd, _("%s: "), log_get_progname());
if (vfprintf (shadow_logfd, fmt, ap) != 0) {
(void) fputs (_(": "), shadow_logfd);
}
@@ -248,9 +250,9 @@ int copy_tree (const char *src_root, const char *dst_root,
}
if (!S_ISDIR (sb.st_mode)) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
"%s: %s is not a directory",
Prog, src_root);
log_get_progname(), src_root);
return -1;
}

3
libmisc/env.c
View File

@@ -40,6 +40,7 @@
#include <string.h>
#include "prototypes.h"
#include "defines.h"
#include "shadowlog.h"
/*
* NEWENVP_STEP must be a power of two. This is the number
* of (char *) pointers to allocate at a time, to avoid using
@@ -171,7 +172,7 @@ void addenv (const char *string, /*@null@*/const char *value)
}
newenvp = __newenvp;
} else {
(void) fputs (_("Environment overflow\n"), shadow_logfd);
(void) fputs (_("Environment overflow\n"), log_get_logfd());
newenvc--;
free (newenvp[newenvc]);
}

37
libmisc/find_new_gid.c
View File

@@ -38,6 +38,7 @@
#include "prototypes.h"
#include "groupio.h"
#include "getdef.h"
#include "shadowlog.h"
/*
* get_ranges - Get the minimum and maximum ID ranges for the search
@@ -74,10 +75,10 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
/* Check that the ranges make sense */
if (*max_id < *min_id) {
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: Invalid configuration: SYS_GID_MIN (%lu), "
"GID_MIN (%lu), SYS_GID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id,
log_get_progname(), (unsigned long) *min_id,
getdef_ulong ("GID_MIN", 1000UL),
(unsigned long) *max_id);
return EINVAL;
@@ -97,10 +98,10 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
/* Check that the ranges make sense */
if (*max_id < *min_id) {
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: Invalid configuration: GID_MIN (%lu), "
"GID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id,
log_get_progname(), (unsigned long) *min_id,
(unsigned long) *max_id);
return EINVAL;
}
@@ -213,10 +214,10 @@ int find_new_gid (bool sys_group,
* more likely to want to stop and address the
* issue.
*/
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Encountered error attempting to use "
"preferred GID: %s\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
return -1;
}
}
@@ -243,9 +244,9 @@ int find_new_gid (bool sys_group,
/* Create an array to hold all of the discovered GIDs */
used_gids = malloc (sizeof (bool) * (gid_max +1));
if (NULL == used_gids) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: failed to allocate memory: %s\n"),
Prog, strerror (errno));
log_get_progname(), strerror (errno));
return -1;
}
memset (used_gids, false, sizeof (bool) * (gid_max + 1));
@@ -323,10 +324,10 @@ int find_new_gid (bool sys_group,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique system GID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG ((LOG_ERR,
"Error checking available GIDs: %s",
strerror (result)));
@@ -366,10 +367,10 @@ int find_new_gid (bool sys_group,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique system GID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG ((LOG_ERR,
"Error checking available GIDs: %s",
strerror (result)));
@@ -426,10 +427,10 @@ int find_new_gid (bool sys_group,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique GID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG ((LOG_ERR,
"Error checking available GIDs: %s",
strerror (result)));
@@ -469,10 +470,10 @@ int find_new_gid (bool sys_group,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique GID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG ((LOG_ERR,
"Error checking available GIDs: %s",
strerror (result)));
@@ -488,9 +489,9 @@ int find_new_gid (bool sys_group,
}
/* The code reached here and found no available IDs in the range */
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique GID (no more available GIDs)\n"),
Prog);
log_get_progname());
SYSLOG ((LOG_WARN, "no more available GIDs on the system"));
free (used_gids);
return -1;

9
libmisc/find_new_sub_gids.c
View File

@@ -37,6 +37,7 @@
#include "prototypes.h"
#include "subordinateio.h"
#include "getdef.h"
#include "shadowlog.h"
/*
* find_new_sub_gids - Find a new unused range of GIDs.
@@ -60,18 +61,18 @@ int find_new_sub_gids (gid_t *range_start, unsigned long *range_count)
count = getdef_ulong ("SUB_GID_COUNT", 65536);
if (min > max || count >= max || (min + count - 1) > max) {
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: Invalid configuration: SUB_GID_MIN (%lu),"
" SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"),
Prog, min, max, count);
log_get_progname(), min, max, count);
return -1;
}
start = sub_gid_find_free_range(min, max, count);
if (start == (gid_t)-1) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique subordinate GID range\n"),
Prog);
log_get_progname());
SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system"));
return -1;
}

9
libmisc/find_new_sub_uids.c
View File

@@ -37,6 +37,7 @@
#include "prototypes.h"
#include "subordinateio.h"
#include "getdef.h"
#include "shadowlog.h"
/*
* find_new_sub_uids - Find a new unused range of UIDs.
@@ -60,18 +61,18 @@ int find_new_sub_uids (uid_t *range_start, unsigned long *range_count)
count = getdef_ulong ("SUB_UID_COUNT", 65536);
if (min > max || count >= max || (min + count - 1) > max) {
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: Invalid configuration: SUB_UID_MIN (%lu),"
" SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"),
Prog, min, max, count);
log_get_progname(), min, max, count);
return -1;
}
start = sub_uid_find_free_range(min, max, count);
if (start == (uid_t)-1) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique subordinate UID range\n"),
Prog);
log_get_progname());
SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system"));
return -1;
}

37
libmisc/find_new_uid.c
View File

@@ -38,6 +38,7 @@
#include "prototypes.h"
#include "pwio.h"
#include "getdef.h"
#include "shadowlog.h"
/*
* get_ranges - Get the minimum and maximum ID ranges for the search
@@ -74,10 +75,10 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
/* Check that the ranges make sense */
if (*max_id < *min_id) {
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: Invalid configuration: SYS_UID_MIN (%lu), "
"UID_MIN (%lu), SYS_UID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id,
log_get_progname(), (unsigned long) *min_id,
getdef_ulong ("UID_MIN", 1000UL),
(unsigned long) *max_id);
return EINVAL;
@@ -97,10 +98,10 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
/* Check that the ranges make sense */
if (*max_id < *min_id) {
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: Invalid configuration: UID_MIN (%lu), "
"UID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id,
log_get_progname(), (unsigned long) *min_id,
(unsigned long) *max_id);
return EINVAL;
}
@@ -213,10 +214,10 @@ int find_new_uid(bool sys_user,
* more likely to want to stop and address the
* issue.
*/
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Encountered error attempting to use "
"preferred UID: %s\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
return -1;
}
}
@@ -243,9 +244,9 @@ int find_new_uid(bool sys_user,
/* Create an array to hold all of the discovered UIDs */
used_uids = malloc (sizeof (bool) * (uid_max +1));
if (NULL == used_uids) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: failed to allocate memory: %s\n"),
Prog, strerror (errno));
log_get_progname(), strerror (errno));
return -1;
}
memset (used_uids, false, sizeof (bool) * (uid_max + 1));
@@ -323,10 +324,10 @@ int find_new_uid(bool sys_user,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique system UID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG ((LOG_ERR,
"Error checking available UIDs: %s",
strerror (result)));
@@ -366,10 +367,10 @@ int find_new_uid(bool sys_user,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique system UID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG((LOG_ERR,
"Error checking available UIDs: %s",
strerror (result)));
@@ -426,10 +427,10 @@ int find_new_uid(bool sys_user,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique UID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG ((LOG_ERR,
"Error checking available UIDs: %s",
strerror (result)));
@@ -469,10 +470,10 @@ int find_new_uid(bool sys_user,
*
*/
if (!nospam) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique UID (%s). "
"Suppressing additional messages.\n"),
Prog, strerror (result));
log_get_progname(), strerror (result));
SYSLOG ((LOG_ERR,
"Error checking available UIDs: %s",
strerror (result)));
@@ -488,9 +489,9 @@ int find_new_uid(bool sys_user,
}
/* The code reached here and found no available IDs in the range */
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: Can't get unique UID (no more available UIDs)\n"),
Prog);
log_get_progname());
SYSLOG ((LOG_WARN, "no more available UIDs on the system"));
free (used_uids);
return -1;

2
libmisc/gettime.c
View File

@@ -36,6 +36,7 @@
#include <stdio.h>
#include "defines.h"
#include "prototypes.h"
#include "shadowlog.h"
/*
* gettime() returns the time as the number of seconds since the Epoch
@@ -50,6 +51,7 @@
char *source_date_epoch;
time_t fallback;
unsigned long long epoch;
FILE *shadow_logfd = log_get_logfd();
fallback = time (NULL);
source_date_epoch = shadow_getenv ("SOURCE_DATE_EPOCH");

41
libmisc/idmapping.c
View File

@@ -40,6 +40,7 @@
#include <sys/prctl.h>
#include <sys/capability.h>
#endif
#include "shadowlog.h"
struct map_range *get_map_ranges(int ranges, int argc, char **argv)
{
@@ -47,28 +48,28 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
int idx, argidx;
if (ranges < 0 || argc < 0) {
fprintf(shadow_logfd, "%s: error calculating number of arguments\n", Prog);
fprintf(log_get_logfd(), "%s: error calculating number of arguments\n", log_get_progname());
return NULL;
}
if (ranges != ((argc + 2) / 3)) {
fprintf(shadow_logfd, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
fprintf(log_get_logfd(), "%s: ranges: %u is wrong for argc: %d\n", log_get_progname(), ranges, argc);
return NULL;
}
if ((ranges * 3) > argc) {
fprintf(shadow_logfd, "ranges: %u argc: %d\n",
fprintf(log_get_logfd(), "ranges: %u argc: %d\n",
ranges, argc);
fprintf(shadow_logfd,
fprintf(log_get_logfd(),
_( "%s: Not enough arguments to form %u mappings\n"),
Prog, ranges);
log_get_progname(), ranges);
return NULL;
}
mappings = calloc(ranges, sizeof(*mappings));
if (!mappings) {
fprintf(shadow_logfd, _( "%s: Memory allocation failure\n"),
Prog);
fprintf(log_get_logfd(), _( "%s: Memory allocation failure\n"),
log_get_progname());
exit(EXIT_FAILURE);
}
@@ -88,24 +89,24 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
return NULL;
}
if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) {
fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
exit(EXIT_FAILURE);
}
if (mapping->upper > UINT_MAX ||
mapping->lower > UINT_MAX ||
mapping->count > UINT_MAX) {
fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
exit(EXIT_FAILURE);
}
if (mapping->lower + mapping->count > UINT_MAX ||
mapping->upper + mapping->count > UINT_MAX) {
fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
exit(EXIT_FAILURE);
}
if (mapping->lower + mapping->count < mapping->lower ||
mapping->upper + mapping->count < mapping->upper) {
/* this one really shouldn't be possible given previous checks */
fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
fprintf(log_get_logfd(), _( "%s: subuid overflow detected.\n"), log_get_progname());
exit(EXIT_FAILURE);
}
}
@@ -176,19 +177,19 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
} else if (strcmp(map_file, "gid_map") == 0) {
cap = CAP_SETGID;
} else {
fprintf(shadow_logfd, _("%s: Invalid map file %s specified\n"), Prog, map_file);
fprintf(log_get_logfd(), _("%s: Invalid map file %s specified\n"), log_get_progname(), map_file);
exit(EXIT_FAILURE);
}
/* Align setuid- and fscaps-based new{g,u}idmap behavior. */
if (geteuid() == 0 && geteuid() != ruid) {
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) {
fprintf(shadow_logfd, _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), Prog);
fprintf(log_get_logfd(), _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), log_get_progname());
exit(EXIT_FAILURE);
}
if (seteuid(ruid) < 0) {
fprintf(shadow_logfd, _("%s: Could not seteuid to %d\n"), Prog, ruid);
fprintf(log_get_logfd(), _("%s: Could not seteuid to %d\n"), log_get_progname(), ruid);
exit(EXIT_FAILURE);
}
}
@@ -204,7 +205,7 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
data[0].effective |= CAP_TO_MASK(CAP_SETFCAP);
data[0].permitted = data[0].effective;
if (capset(&hdr, data) < 0) {
fprintf(shadow_logfd, _("%s: Could not set caps\n"), Prog);
fprintf(log_get_logfd(), _("%s: Could not set caps\n"), log_get_progname());
exit(EXIT_FAILURE);
}
#endif
@@ -222,7 +223,7 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
mapping->lower,
mapping->count);
if ((written <= 0) || (written >= (bufsize - (pos - buf)))) {
fprintf(shadow_logfd, _("%s: snprintf failed!\n"), Prog);
fprintf(log_get_logfd(), _("%s: snprintf failed!\n"), log_get_progname());
exit(EXIT_FAILURE);
}
pos += written;
@@ -231,13 +232,13 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
/* Write the mapping to the mapping file */
fd = openat(proc_dir_fd, map_file, O_WRONLY);
if (fd < 0) {
fprintf(shadow_logfd, _("%s: open of %s failed: %s\n"),
Prog, map_file, strerror(errno));
fprintf(log_get_logfd(), _("%s: open of %s failed: %s\n"),
log_get_progname(), map_file, strerror(errno));
exit(EXIT_FAILURE);
}
if (write(fd, buf, pos - buf) != (pos - buf)) {
fprintf(shadow_logfd, _("%s: write to %s failed: %s\n"),
Prog, map_file, strerror(errno));
fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
log_get_progname(), map_file, strerror(errno));
exit(EXIT_FAILURE);
}
close(fd);

3
libmisc/limits.c
View File

@@ -50,6 +50,7 @@
#include "defines.h"
#include <pwd.h>
#include "getdef.h"
#include "shadowlog.h"
#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#define LIMITS
@@ -548,7 +549,7 @@ void setup_limits (const struct passwd *info)
#ifdef LIMITS
if (info->pw_uid != 0) {
if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) {
(void) fputs (_("Too many logins.\n"), shadow_logfd);
(void) fputs (_("Too many logins.\n"), log_get_logfd());
(void) sleep (2); /* XXX: Should be FAIL_DELAY */
exit (EXIT_FAILURE);
}

2
libmisc/pam_pass.c
View File

@@ -46,11 +46,13 @@
#include "defines.h"
#include "pam_defs.h"
#include "prototypes.h"
#include "shadowlog.h"
void do_pam_passwd (const char *user, bool silent, bool change_expired)
{
pam_handle_t *pamh = NULL;
int flags = 0, ret;
FILE *shadow_logfd = log_get_logfd();
if (silent)
flags |= PAM_SILENT;

19
libmisc/pam_pass_non_interactive.c
View File

@@ -38,6 +38,7 @@
#include <stdlib.h>
#include <security/pam_appl.h>
#include "prototypes.h"
#include "shadowlog.h"
/*@null@*/ /*@only@*/static const char *non_interactive_password = NULL;
static int ni_conv (int num_msg,
@@ -76,9 +77,9 @@ static int ni_conv (int num_msg,
switch (msg[count]->msg_style) {
case PAM_PROMPT_ECHO_ON:
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: PAM modules requesting echoing are not supported.\n"),
Prog);
log_get_progname());
goto failed_conversation;
case PAM_PROMPT_ECHO_OFF:
responses[count].resp = strdup (non_interactive_password);
@@ -88,7 +89,7 @@ static int ni_conv (int num_msg,
break;
case PAM_ERROR_MSG:
if ( (NULL == msg[count]->msg)
|| (fprintf (shadow_logfd, "%s\n", msg[count]->msg) <0)) {
|| (fprintf (log_get_logfd(), "%s\n", msg[count]->msg) <0)) {
goto failed_conversation;
}
responses[count].resp = NULL;
@@ -101,9 +102,9 @@ static int ni_conv (int num_msg,
responses[count].resp = NULL;
break;
default:
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: conversation type %d not supported.\n"),
Prog, msg[count]->msg_style);
log_get_progname(), msg[count]->msg_style);
goto failed_conversation;
}
}
@@ -143,19 +144,19 @@ int do_pam_passwd_non_interactive (const char *pam_service,
ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
if (ret != PAM_SUCCESS) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: (user %s) pam_start failure %d\n"),
Prog, username, ret);
log_get_progname(), username, ret);
return 1;
}
non_interactive_password = password;
ret = pam_chauthtok (pamh, 0);
if (ret != PAM_SUCCESS) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: (user %s) pam_chauthtok() failed, error:\n"
"%s\n"),
Prog, username, pam_strerror (pamh, ret));
log_get_progname(), username, pam_strerror (pamh, ret));
}
(void) pam_end (pamh, PAM_SUCCESS);

13
libmisc/prefix_flag.c
View File

@@ -48,6 +48,7 @@
#include "subordinateio.h"
#endif /* ENABLE_SUBIDS */
#include "getdef.h"
#include "shadowlog.h"
static char *passwd_db_file = NULL;
static char *spw_db_file = NULL;
@@ -83,18 +84,18 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
&& (val = argv[i] + 9))
|| (strcmp (argv[i], short_opt) == 0)) {
if (NULL != prefix) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: multiple --prefix options\n"),
Prog);
log_get_progname());
exit (E_BAD_ARG);
}
if (val) {
prefix = val;
} else if (i + 1 == argc) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: option '%s' requires an argument\n"),
Prog, argv[i]);
log_get_progname(), argv[i]);
exit (E_BAD_ARG);
} else {
prefix = argv[++ i];
@@ -110,9 +111,9 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
/* should we prevent symbolic link from being used as a prefix? */
if ( prefix[0] != '/') {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: prefix must be an absolute path\n"),
Prog);
log_get_progname());
exit (E_BAD_ARG);
}
size_t len;

3
libmisc/pwdcheck.c
View File

@@ -39,6 +39,7 @@
#include "prototypes.h"
#include "defines.h"
#include "pwauth.h"
#include "shadowlog.h"
void passwd_check (const char *user, const char *passwd, unused const char *progname)
{
@@ -51,7 +52,7 @@ void passwd_check (const char *user, const char *passwd, unused const char *prog
if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
SYSLOG ((LOG_WARN, "incorrect password for `%s'", user));
(void) sleep (1);
fprintf (shadow_logfd, _("Incorrect password for %s.\n"), user);
fprintf (log_get_logfd(), _("Incorrect password for %s.\n"), user);
exit (EXIT_FAILURE);
}
}

29
libmisc/root_flag.c
View File

@@ -38,6 +38,7 @@
#include "prototypes.h"
/*@-exitarg@*/
#include "exitcodes.h"
#include "shadowlog.h"
static void change_root (const char* newroot);
@@ -65,18 +66,18 @@ extern void process_root_flag (const char* short_opt, int argc, char **argv)
&& (val = argv[i] + 7))
|| (strcmp (argv[i], short_opt) == 0)) {
if (NULL != newroot) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: multiple --root options\n"),
Prog);
log_get_progname());
exit (E_BAD_ARG);
}
if (val) {
newroot = val;
} else if (i + 1 == argc) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: option '%s' requires an argument\n"),
Prog, argv[i]);
log_get_progname(), argv[i]);
exit (E_BAD_ARG);
} else {
newroot = argv[++ i];
@@ -94,36 +95,36 @@ static void change_root (const char* newroot)
/* Drop privileges */
if ( (setregid (getgid (), getgid ()) != 0)
|| (setreuid (getuid (), getuid ()) != 0)) {
fprintf (shadow_logfd, _("%s: failed to drop privileges (%s)\n"),
Prog, strerror (errno));
fprintf (log_get_logfd(), _("%s: failed to drop privileges (%s)\n"),
log_get_progname(), strerror (errno));
exit (EXIT_FAILURE);
}
if ('/' != newroot[0]) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: invalid chroot path '%s'\n"),
Prog, newroot);
log_get_progname(), newroot);
exit (E_BAD_ARG);
}
if (access (newroot, F_OK) != 0) {
fprintf(shadow_logfd,
fprintf(log_get_logfd(),
_("%s: cannot access chroot directory %s: %s\n"),
Prog, newroot, strerror (errno));
log_get_progname(), newroot, strerror (errno));
exit (E_BAD_ARG);
}
if (chdir (newroot) != 0) {
fprintf(shadow_logfd,
fprintf(log_get_logfd(),
_("%s: cannot chdir to chroot directory %s: %s\n"),
Prog, newroot, strerror (errno));
log_get_progname(), newroot, strerror (errno));
exit (E_BAD_ARG);
}
if (chroot (newroot) != 0) {
fprintf(shadow_logfd,
fprintf(log_get_logfd(),
_("%s: unable to chroot to directory %s: %s\n"),
Prog, newroot, strerror (errno));
log_get_progname(), newroot, strerror (errno));
exit (E_BAD_ARG);
}
}

7
libmisc/salt.c
View File

@@ -21,6 +21,7 @@
#include "prototypes.h"
#include "defines.h"
#include "getdef.h"
#include "shadowlog.h"
#if (defined CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY && \
CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY)
@@ -178,7 +179,7 @@ static long read_random_bytes (void)
#endif
fail:
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("Unable to obtain random bytes.\n"));
exit (1);
@@ -506,7 +507,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
SHA_salt_rounds_to_buf (result, rounds);
#endif /* USE_SHA_CRYPT */
} else if (0 != strcmp (method, "DES")) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("Invalid ENCRYPT_METHOD value: '%s'.\n"
"Defaulting to DES.\n"),
method);
@@ -532,7 +533,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
/* Should not happen, but... */
if (NULL == retval) {
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("Unable to generate a salt from setting "
"\"%s\", check your settings in "
"ENCRYPT_METHOD and the corresponding "

3
libmisc/setupenv.c
View File

@@ -47,6 +47,7 @@
#include "defines.h"
#include <pwd.h>
#include "getdef.h"
#include "shadowlog.h"
#ifndef USE_PAM
static void
@@ -219,7 +220,7 @@ void setup_env (struct passwd *info)
static char temp_pw_dir[] = "/";
if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) {
fprintf (shadow_logfd, _("Unable to cd to '%s'\n"),
fprintf (log_get_logfd(), _("Unable to cd to '%s'\n"),
info->pw_dir);
SYSLOG ((LOG_WARN,
"unable to cd to `%s' for user `%s'\n",

13
libmisc/user_busy.c
View File

@@ -45,6 +45,7 @@
#ifdef ENABLE_SUBIDS
#include "subordinateio.h"
#endif /* ENABLE_SUBIDS */
#include "shadowlog.h"
#ifdef __linux__
static int check_status (const char *name, const char *sname, uid_t uid);
@@ -96,9 +97,9 @@ static int user_busy_utmp (const char *name)
continue;
}
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: user %s is currently logged in\n"),
Prog, name);
log_get_progname(), name);
return 1;
}
@@ -249,9 +250,9 @@ static int user_busy_processes (const char *name, uid_t uid)
#ifdef ENABLE_SUBIDS
sub_uid_close();
#endif
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: user %s is currently used by process %d\n"),
Prog, name, pid);
log_get_progname(), name, pid);
return 1;
}
@@ -273,9 +274,9 @@ static int user_busy_processes (const char *name, uid_t uid)
#ifdef ENABLE_SUBIDS
sub_uid_close();
#endif
fprintf (shadow_logfd,
fprintf (log_get_logfd(),
_("%s: user %s is currently used by process %d\n"),
Prog, name, pid);
log_get_progname(), name, pid);
return 1;
}
}

7
libmisc/xgetXXbyYY.c
View File

@@ -54,6 +54,7 @@
#include <stdio.h>
#include <errno.h>
#include "prototypes.h"
#include "shadowlog.h"
#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME)
#define XPREFIX(name) XPREFIX1 (name)
@@ -74,7 +75,7 @@
result = malloc(sizeof(LOOKUP_TYPE));
if (NULL == result) {
fprintf (shadow_logfd, _("%s: out of memory\n"),
fprintf (log_get_logfd(), _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME));
exit (13);
}
@@ -84,7 +85,7 @@
LOOKUP_TYPE *resbuf = NULL;
buffer = (char *)realloc (buffer, length);
if (NULL == buffer) {
fprintf (shadow_logfd, _("%s: out of memory\n"),
fprintf (log_get_logfd(), _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME));
exit (13);
}
@@ -132,7 +133,7 @@
if (result) {
result = DUP_FUNCTION(result);
if (NULL == result) {
fprintf (shadow_logfd, _("%s: out of memory\n"),
fprintf (log_get_logfd(), _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME));
exit (13);
}

5
libmisc/xmalloc.c
View File

@@ -47,6 +47,7 @@
#include <errno.h>
#include "defines.h"
#include "prototypes.h"
#include "shadowlog.h"
/*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
{
@@ -54,9 +55,9 @@
ptr = (char *) malloc (size);
if (NULL == ptr) {
(void) fprintf (shadow_logfd,
(void) fprintf (log_get_logfd(),
_("%s: failed to allocate memory: %s\n"),
Prog, strerror (errno));
log_get_progname(), strerror (errno));
exit (13);
}
return ptr;