emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* lib/prototypes.h, configure.in, libmisc/Makefile.am,

Browse Source 
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
  libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
  Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
  xgetgrgid(), and xgetspnam(). They allocate memory for the
  returned structure and are more robust to successive calls. They
  are implemented with the libc's getxxyyy_r() functions if
  available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
  libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
  libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
  src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
  src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
  src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
  src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
  src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
  src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
  usage of one of the getpwnam(), getpwuid(), getgrnam(),
  getgrgid(), and getspnam() functions. It was noticed on
  http://bugs.debian.org/341230 that chfn and chsh use a passwd
  structure after calling a pam function, which result in using
  information from the passwd structure requested by pam, not the
  original one. It is much easier to use the new xget... functions
  to avoid these issues. I've checked which call to the original
  get... functions could be left (reducing the scope of the
  structure if possible), and I've left comments to ease future
  reviews (e.g. /* local, no need for xgetpwnam */).
  Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
  lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
  functions (used by the xget... functions) from the <xx>io.c files
  to the new <xx>mem.c files. This avoid linking some utils against
  the SELinux library.
This commit is contained in:
nekral-guest 2007-11-18 23:15:26 +00:00
parent ea63711c2c
commit 9adfc136b6
49 changed files with 721 additions and 261 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
ChangeLog
View File

@ -1,3 +1,48 @@
2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
* lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
* man/pl/pl.po: Fix typo: chgpassw -> chgpasswd.
* man/pl/Makefile.am: Fix typo: chgpassw -> chgpasswd.
* man/de/de.po: groups shall not be translated (for command,
refname, or refentrytitle).
2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: Fix typo introduced while fixing

3
configure.in
View File

@ -36,7 +36,8 @@ AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
AC_CHECK_FUNCS(l64a fchmod fchown fsync getgroups gethostname getspnam \
gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr)
memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r)
AC_SYS_LARGEFILE
dnl Checks for typedefs, structures, and compiler characteristics.

26
lib/groupio.c
View File

@ -10,32 +10,6 @@
extern int putgrent (const struct group *, FILE *);
extern struct group *sgetgrent (const char *);
struct group *__gr_dup (const struct group *grent)
{
struct group *gr;
int i;
if (!(gr = (struct group *) malloc (sizeof *gr)))
return NULL;
*gr = *grent;
if (!(gr->gr_name = strdup (grent->gr_name)))
return NULL;
if (!(gr->gr_passwd = strdup (grent->gr_passwd)))
return NULL;
for (i = 0; grent->gr_mem[i]; i++);
gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
if (!gr->gr_mem)
return NULL;
for (i = 0; grent->gr_mem[i]; i++) {
gr->gr_mem[i] = strdup (grent->gr_mem[i]);
if (!gr->gr_mem[i])
return NULL;
}
gr->gr_mem[i] = NULL;
return gr;
}
static void *group_dup (const void *ent)
{
const struct group *gr = ent;

35
lib/groupmem.c Normal file
View File

@ -0,0 +1,35 @@
#include <config.h>
#ident "$Id: groupio.c 1342 2007-11-10 23:46:11Z nekral-guest $"
#include "prototypes.h"
#include "defines.h"
#include "groupio.h"
struct group *__gr_dup (const struct group *grent)
{
struct group *gr;
int i;
if (!(gr = (struct group *) malloc (sizeof *gr)))
return NULL;
*gr = *grent;
if (!(gr->gr_name = strdup (grent->gr_name)))
return NULL;
if (!(gr->gr_passwd = strdup (grent->gr_passwd)))
return NULL;
for (i = 0; grent->gr_mem[i]; i++);
gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
if (!gr->gr_mem)
return NULL;
for (i = 0; grent->gr_mem[i]; i++) {
gr->gr_mem[i] = strdup (grent->gr_mem[i]);
if (!gr->gr_mem[i])
return NULL;
}
gr->gr_mem[i] = NULL;
return gr;
}

12
lib/prototypes.h
View File

@ -23,6 +23,7 @@
#endif
#include <pwd.h>
#include <grp.h>
#include "shadowio.h"
#include "defines.h"
@ -179,4 +180,15 @@ extern int valid (const char *, const struct passwd *);
extern char *xmalloc (size_t);
extern char *xstrdup (const char *);
/* xgetpwnam.c */
extern struct passwd *xgetpwnam (const char *);
/* xgetpwuid.c */
extern struct passwd *xgetpwuid (uid_t);
/* xgetgrnam.c */
extern struct group *xgetgrnam (const char *);
/* xgetgrgid.c */
extern struct group *xgetgrgid (gid_t);
/* xgetspnam.c */
extern struct spwd *xgetspnam(const char *);
#endif /* _PROTOTYPES_H */

20
lib/pwio.c
View File

@ -12,26 +12,6 @@
extern struct passwd *sgetpwent (const char *);
extern int putpwent (const struct passwd *, FILE *);
struct passwd *__pw_dup (const struct passwd *pwent)
{
struct passwd *pw;
if (!(pw = (struct passwd *) malloc (sizeof *pw)))
return NULL;
*pw = *pwent;
if (!(pw->pw_name = strdup (pwent->pw_name)))
return NULL;
if (!(pw->pw_passwd = strdup (pwent->pw_passwd)))
return NULL;
if (!(pw->pw_gecos = strdup (pwent->pw_gecos)))
return NULL;
if (!(pw->pw_dir = strdup (pwent->pw_dir)))
return NULL;
if (!(pw->pw_shell = strdup (pwent->pw_shell)))
return NULL;
return pw;
}
static void *passwd_dup (const void *ent)
{
const struct passwd *pw = ent;

31
lib/pwmem.c Normal file
View File

@ -0,0 +1,31 @@
#include <config.h>
#ident "$Id: pwio.c 1342 2007-11-10 23:46:11Z nekral-guest $"
#include "prototypes.h"
#include "defines.h"
#include <pwd.h>
#include <stdio.h>
#include "pwio.h"
struct passwd *__pw_dup (const struct passwd *pwent)
{
struct passwd *pw;
if (!(pw = (struct passwd *) malloc (sizeof *pw)))
return NULL;
*pw = *pwent;
if (!(pw->pw_name = strdup (pwent->pw_name)))
return NULL;
if (!(pw->pw_passwd = strdup (pwent->pw_passwd)))
return NULL;
if (!(pw->pw_gecos = strdup (pwent->pw_gecos)))
return NULL;
if (!(pw->pw_dir = strdup (pwent->pw_dir)))
return NULL;
if (!(pw->pw_shell = strdup (pwent->pw_shell)))
return NULL;
return pw;
}

13
lib/shadowio.c
View File

@ -11,19 +11,6 @@
#include <stdio.h>
#include "commonio.h"
#include "shadowio.h"
struct spwd *__spw_dup (const struct spwd *spent)
{
struct spwd *sp;
if (!(sp = (struct spwd *) malloc (sizeof *sp)))
return NULL;
*sp = *spent;
if (!(sp->sp_namp = strdup (spent->sp_namp)))
return NULL;
if (!(sp->sp_pwdp = strdup (spent->sp_pwdp)))
return NULL;
return sp;
}
static void *shadow_dup (const void *ent)
{

27
lib/shadowmem.c Normal file
View File

@ -0,0 +1,27 @@
#include <config.h>
#ident "$Id: shadowio.c 1342 2007-11-10 23:46:11Z nekral-guest $"
#include "prototypes.h"
#include "defines.h"
#ifdef HAVE_SHADOW_H
# include <shadow.h>
#endif
#include <stdio.h>
#include "shadowio.h"
struct spwd *__spw_dup (const struct spwd *spent)
{
struct spwd *sp;
if (!(sp = (struct spwd *) malloc (sizeof *sp)))
return NULL;
*sp = *spent;
if (!(sp->sp_namp = strdup (spent->sp_namp)))
return NULL;
if (!(sp->sp_pwdp = strdup (spent->sp_pwdp)))
return NULL;
return sp;
}

7
libmisc/Makefile.am
View File

@ -1,5 +1,5 @@
EXTRA_DIST = .indent.pro
EXTRA_DIST = .indent.pro xgetXXbyYY.c
INCLUDES = -I$(top_srcdir)/lib
@ -49,4 +49,9 @@ libmisc_a_SOURCES = \
ulimit.c \
utmp.c \
valid.c \
xgetpwnam.c \
xgetpwuid.c \
xgetgrnam.c \
xgetgrgid.c \
xgetspnam.c \
xmalloc.c

4
libmisc/addgrps.c
View File

@ -21,7 +21,6 @@ int add_groups (const char *list)
{
GETGROUPS_T *grouplist, *tmp;
int i, ngroups, added;
struct group *grp;
char *token;
char buf[1024];
@ -50,8 +49,9 @@ int add_groups (const char *list)
added = 0;
for (token = strtok (buf, SEP); token; token = strtok (NULL, SEP)) {
struct group *grp;
grp = getgrnam (token);
grp = getgrnam (token); /* local, no need for xgetgrnam */
if (!grp) {
fprintf (stderr, _("Warning: unknown group %s\n"),
token);

2
libmisc/chowntty.c
View File

@ -77,7 +77,7 @@ void chown_tty (const char *tty, const struct passwd *info)
gid = info->pw_gid;
else if (group[0] >= '0' && group[0] <= '9')
gid = atoi (group);
else if ((grent = getgrnam (group)))
else if ((grent = getgrnam (group))) /* local, no need for xgetgrnam */
gid = grent->gr_gid;
else
gid = info->pw_gid;

3
libmisc/entry.c
View File

@ -43,7 +43,7 @@ void pw_entry (const char *name, struct passwd *pwent)
struct spwd *spwd;
if (!(passwd = getpwnam (name))) {
if (!(passwd = getpwnam (name))) { /* local, no need for xgetpwnam */
pwent->pw_name = (char *) 0;
return;
} else {
@ -55,6 +55,7 @@ void pw_entry (const char *name, struct passwd *pwent)
pwent->pw_shell = xstrdup (passwd->pw_shell);
#if !defined(AUTOSHADOW)
setspent ();
/* local, no need for xgetspnam */
if ((spwd = getspnam (name))) {
pwent->pw_passwd = xstrdup (spwd->sp_pwdp);
endspent ();

1
libmisc/limits.c
View File

@ -377,6 +377,7 @@ static void setup_usergroups (const struct passwd *info)
* (examples: 022 -> 002, 077 -> 007).
*/
if (info->pw_uid != 0 && info->pw_uid == info->pw_gid) {
/* local, no need for xgetgrgid */
grp = getgrgid (info->pw_gid);
if (grp && (strcmp (info->pw_name, grp->gr_name) == 0)) {
oldmask = umask (0777);

5
libmisc/myname.c
View File

@ -31,8 +31,9 @@ struct passwd *get_my_pwent (void)
* XXX - when running from su, will return the current user (not
* the original user, like getlogin() does). Does this matter?
*/
if (cp && *cp && (pw = getpwnam (cp)) && pw->pw_uid == ruid)
if (cp && *cp && (pw = xgetpwnam (cp)) && pw->pw_uid == ruid)
return pw;
return getpwuid (ruid);
return xgetpwuid (ruid);
}

2
libmisc/pwdcheck.c
View File

@ -46,7 +46,7 @@ void passwd_check (const char *user, const char *passwd, const char *progname)
struct spwd *sp;
if ((sp = getspnam (user)))
if ((sp = getspnam (user))) /* !USE_PAM, no need for xgetspnam */
passwd = sp->sp_pwdp;
endspent ();
if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {

2
libmisc/rlogin.c
View File

@ -162,7 +162,7 @@ do_rlogin (const char *remote_host, char *name, int namelen, char *term,
#endif
STTY (0, &termio);
if (!(pwd = getpwnam (name)))
if (!(pwd = getpwnam (name))) /* local, no need for xgetpwnam */
return 0;
/*

109
libmisc/xgetXXbyYY.c Normal file
View File

@ -0,0 +1,109 @@
/*
* According to the Linux-PAM documentation:
*
* 4.1. Care about standard library calls
*
* In general, writers of authorization-granting applications should
* assume that each module is likely to call any or all 'libc' functions.
* For 'libc' functions that return pointers to static/dynamically
* allocated structures (ie. the library allocates the memory and the
* user is not expected to 'free()' it) any module call to this function
* is likely to corrupt a pointer previously obtained by the application.
* The application programmer should either re-call such a 'libc'
* function after a call to the Linux-PAM library, or copy the structure
* contents to some safe area of memory before passing control to the
* Linux-PAM library.
*
* Two important function classes that fall into this category are
* getpwnam(3) and syslog(3).
*
* This file provide wrapper to the getpwnam or getpwnam_r functions.
*/
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include "config.h"
#include "prototypes.h"
#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME)
#define XPREFIX(name) XPREFIX1 (name)
#define XPREFIX1(name) x##name
#define REENTRANT_NAME APPEND_R (FUNCTION_NAME)
#define APPEND_R(name) APPEND_R1 (name)
#define APPEND_R1(name) name##_r
#define STRINGIZE(name) STRINGIZE1 (name)
#define STRINGIZE1(name) #name
LOOKUP_TYPE *XFUNCTION_NAME (ARG_TYPE ARG_NAME)
{
#if HAVE_FUNCTION_R
LOOKUP_TYPE *result=NULL;
char *buffer=NULL;
/* we have to start with something */
size_t length = 0x100;
result = malloc(sizeof(LOOKUP_TYPE));
if (NULL == result) {
fprintf (stderr, _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME));
exit (13);
}
do {
int status;
LOOKUP_TYPE *resbuf = NULL;
buffer = (char *)realloc (buffer, length);
if (NULL == buffer) {
fprintf (stderr, _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME));
exit (13);
}
errno = 0;
status = REENTRANT_NAME(ARG_NAME, result, buffer,
length, &resbuf);
if (!status && (resbuf == result)) {
/* Build a result structure that can be freed by
* the shadow *_free functions. */
LOOKUP_TYPE *ret_result = DUP_FUNCTION(result);
free(buffer);
free(result);
return ret_result;
}
if (ERANGE != errno) {
free (buffer);
free (result);
return NULL;
}
length *= 4;
} while (length < MAX_LENGTH);
free(buffer);
free(result);
return NULL;
#else /* !HAVE_FUNCTION_R */
/* No reentrant function.
* Duplicate the structure to avoid other call to overwrite it.
*
* We should also restore the initial structure. But that would be
* overkill.
*/
LOOKUP_TYPE *result = FUNCTION_NAME(ARG_NAME);
if (result) {
// result = DUP_FUNCTION(result);
if (NULL == result) {
fprintf (stderr, _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME));
exit (13);
}
}
return result;
#endif
}

34
libmisc/xgetgrgid.c Normal file
View File

@ -0,0 +1,34 @@
/*
* According to the Linux-PAM documentation:
*
* 4.1. Care about standard library calls
*
* In general, writers of authorization-granting applications should
* assume that each module is likely to call any or all 'libc' functions.
* For 'libc' functions that return pointers to static/dynamically
* allocated structures (ie. the library allocates the memory and the
* user is not expected to 'free()' it) any module call to this function
* is likely to corrupt a pointer previously obtained by the application.
* The application programmer should either re-call such a 'libc'
* function after a call to the Linux-PAM library, or copy the structure
* contents to some safe area of memory before passing control to the
* Linux-PAM library.
*
* Two important function classes that fall into this category are
* getpwnam(3) and syslog(3).
*
* This file provide wrapper to the getpwnam or getpwnam_r functions.
*/
#include "groupio.h"
#define LOOKUP_TYPE struct group
#define FUNCTION_NAME getgrgid
#define ARG_TYPE gid_t
#define ARG_NAME gid
#define DUP_FUNCTION __gr_dup
#define MAX_LENGTH 0x8000
#define HAVE_FUNCTION_R (defined HAVE_GETGRGID_R)
#include "xgetXXbyYY.c"

34
libmisc/xgetgrnam.c Normal file
View File

@ -0,0 +1,34 @@
/*
* According to the Linux-PAM documentation:
*
* 4.1. Care about standard library calls
*
* In general, writers of authorization-granting applications should
* assume that each module is likely to call any or all 'libc' functions.
* For 'libc' functions that return pointers to static/dynamically
* allocated structures (ie. the library allocates the memory and the
* user is not expected to 'free()' it) any module call to this function
* is likely to corrupt a pointer previously obtained by the application.
* The application programmer should either re-call such a 'libc'
* function after a call to the Linux-PAM library, or copy the structure
* contents to some safe area of memory before passing control to the
* Linux-PAM library.
*
* Two important function classes that fall into this category are
* getpwnam(3) and syslog(3).
*
* This file provide wrapper to the getpwnam or getpwnam_r functions.
*/
#include "groupio.h"
#define LOOKUP_TYPE struct group
#define FUNCTION_NAME getgrnam
#define ARG_TYPE const char *
#define ARG_NAME name
#define DUP_FUNCTION __gr_dup
#define MAX_LENGTH 0x8000
#define HAVE_FUNCTION_R (defined HAVE_GETGRNAM_R)
#include "xgetXXbyYY.c"

34
libmisc/xgetpwnam.c Normal file
View File

@ -0,0 +1,34 @@
/*
* According to the Linux-PAM documentation:
*
* 4.1. Care about standard library calls
*
* In general, writers of authorization-granting applications should
* assume that each module is likely to call any or all 'libc' functions.
* For 'libc' functions that return pointers to static/dynamically
* allocated structures (ie. the library allocates the memory and the
* user is not expected to 'free()' it) any module call to this function
* is likely to corrupt a pointer previously obtained by the application.
* The application programmer should either re-call such a 'libc'
* function after a call to the Linux-PAM library, or copy the structure
* contents to some safe area of memory before passing control to the
* Linux-PAM library.
*
* Two important function classes that fall into this category are
* getpwnam(3) and syslog(3).
*
* This file provide wrapper to the getpwnam or getpwnam_r functions.
*/
#include "pwio.h"
#define LOOKUP_TYPE struct passwd
#define FUNCTION_NAME getpwnam
#define ARG_TYPE const char *
#define ARG_NAME name
#define DUP_FUNCTION __pw_dup
#define MAX_LENGTH 0x8000
#define HAVE_FUNCTION_R (defined HAVE_GETPWNAM_R)
#include "xgetXXbyYY.c"

34
libmisc/xgetpwuid.c Normal file
View File

@ -0,0 +1,34 @@
/*
* According to the Linux-PAM documentation:
*
* 4.1. Care about standard library calls
*
* In general, writers of authorization-granting applications should
* assume that each module is likely to call any or all 'libc' functions.
* For 'libc' functions that return pointers to static/dynamically
* allocated structures (ie. the library allocates the memory and the
* user is not expected to 'free()' it) any module call to this function
* is likely to corrupt a pointer previously obtained by the application.
* The application programmer should either re-call such a 'libc'
* function after a call to the Linux-PAM library, or copy the structure
* contents to some safe area of memory before passing control to the
* Linux-PAM library.
*
* Two important function classes that fall into this category are
* getpwnam(3) and syslog(3).
*
* This file provide wrapper to the getpwnam or getpwnam_r functions.
*/
#include "pwio.h"
#define LOOKUP_TYPE struct passwd
#define FUNCTION_NAME getpwuid
#define ARG_TYPE uid_t
#define ARG_NAME uid
#define DUP_FUNCTION __pw_dup
#define MAX_LENGTH 0x8000
#define HAVE_FUNCTION_R (defined HAVE_GETPWUID_R)
#include "xgetXXbyYY.c"

32
libmisc/xgetspnam.c Normal file
View File

@ -0,0 +1,32 @@
/*
* According to the Linux-PAM documentation:
*
* 4.1. Care about standard library calls
*
* In general, writers of authorization-granting applications should
* assume that each module is likely to call any or all 'libc' functions.
* For 'libc' functions that return pointers to static/dynamically
* allocated structures (ie. the library allocates the memory and the
* user is not expected to 'free()' it) any module call to this function
* is likely to corrupt a pointer previously obtained by the application.
* The application programmer should either re-call such a 'libc'
* function after a call to the Linux-PAM library, or copy the structure
* contents to some safe area of memory before passing control to the
* Linux-PAM library.
*
* Two important function classes that fall into this category are
* getpwnam(3) and syslog(3).
*
* This file provide wrapper to the getpwnam or getpwnam_r functions.
*/
#define LOOKUP_TYPE struct spwd
#define FUNCTION_NAME getspnam
#define ARG_TYPE const char *
#define ARG_NAME name
#define DUP_FUNCTION __spw_dup
#define MAX_LENGTH 0x8000
#define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R)
#include "xgetXXbyYY.c"

17
src/chage.c
View File

@ -330,7 +330,6 @@ int main (int argc, char **argv)
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -454,13 +453,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("chage", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {

19
src/chfn.c
View File

@ -229,7 +229,6 @@ int main (int argc, char **argv)
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -317,7 +316,7 @@ int main (int argc, char **argv)
*/
if (optind < argc) {
user = argv[optind];
pw = getpwnam (user);
pw = xgetpwnam (user);
if (!pw) {
fprintf (stderr, _("%s: unknown user %s\n"), Prog,
user);
@ -394,13 +393,17 @@ int main (int argc, char **argv)
#else /* !USE_PAM */
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("chfn", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {

17
src/chgpasswd.c
View File

@ -95,7 +95,6 @@ int main (int argc, char **argv)
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
#ifndef SHADOWGRP
@ -144,13 +143,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("chpasswd", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {

17
src/chpasswd.c
View File

@ -92,7 +92,6 @@ int main (int argc, char **argv)
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -138,13 +137,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("chpasswd", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {

19
src/chsh.c
View File

@ -182,7 +182,6 @@ int main (int argc, char **argv)
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -248,7 +247,7 @@ int main (int argc, char **argv)
*/
if (optind < argc) {
user = argv[optind];
pw = getpwnam (user);
pw = xgetpwnam (user);
if (!pw) {
fprintf (stderr,
_("%s: unknown user %s\n"), Prog, user);
@ -341,13 +340,17 @@ int main (int argc, char **argv)
#else /* !USE_PAM */
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("chsh", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {

4
src/expiry.c
View File

@ -61,7 +61,7 @@ static void usage (void)
/*
* expiry - check and enforce password expiration policy
*
* expiry checks (-c) the current password expiraction and forces (-f)
* expiry checks (-c) the current password expiration and forces (-f)
* changes when required. It is callable as a normal user command.
*/
int main (int argc, char **argv)
@ -101,7 +101,7 @@ int main (int argc, char **argv)
fprintf (stderr, _("%s: unknown user\n"), Prog);
exit (10);
}
spwd = getspnam (pwd->pw_name);
spwd = getspnam (pwd->pw_name); /* !USE_PAM, No need for xgetspnam */
/*
* If checking accounts, use agecheck() function.

7
src/faillog.c
View File

@ -93,7 +93,7 @@ static void print_one (const struct faillog *fl, uid_t uid)
("Login Failures Maximum Latest On\n"));
once++;
}
pwent = getpwuid (uid);
pwent = getpwuid (uid); /* local, no need for xgetpwuid */
time (&now);
tm = localtime (&fl->fail_time);
#ifdef HAVE_STRFTIME
@ -291,7 +291,6 @@ static void set_locktime (long locktime)
int main (int argc, char **argv)
{
int anyflag = 0;
struct passwd *pwent;
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
@ -350,9 +349,12 @@ int main (int argc, char **argv)
tflg++;
break;
case 'u':
{
struct passwd *pwent;
if (aflg)
usage ();
/* local, no need for xgetpwnam */
pwent = getpwnam (optarg);
if (!pwent) {
fprintf (stderr,
@ -363,6 +365,7 @@ int main (int argc, char **argv)
uflg++;
user = pwent->pw_uid;
break;
}
default:
usage ();
}

5
src/gpasswd.c
View File

@ -140,7 +140,7 @@ static int check_list (const char *users)
* This user must exist.
*/
if (!getpwnam (username)) {
if (!getpwnam (username)) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: unknown user %s\n"),
Prog, username);
errors++;
@ -217,6 +217,7 @@ int main (int argc, char **argv)
switch (flag) {
case 'a': /* add a user */
user = optarg;
/* local, no need for xgetpwnam */
if (!getpwnam (user)) {
fprintf (stderr,
_("%s: unknown user %s\n"), Prog,
@ -320,7 +321,7 @@ int main (int argc, char **argv)
if (!(group = argv[optind]))
usage ();
if (!(gr = getgrnam (group))) {
if (!(gr = getgrnam (group))) { /* dup, no need for xgetgrnam */
fprintf (stderr, _("unknown group: %s\n"), group);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "group lookup", group,

20
src/groupadd.c
View File

@ -259,6 +259,7 @@ static void find_new_gid (void)
if (!grp)
break;
#else
/* local, no need for xgetgrgid */
if (!getgrgid (group_id))
break;
#endif
@ -395,7 +396,6 @@ int main (int argc, char **argv)
{
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -490,13 +490,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupadd", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {
@ -526,7 +530,7 @@ int main (int argc, char **argv)
/*
* Start with a quick check to see if the group exists.
*/
if (getgrnam (group_name)) {
if (getgrnam (group_name)) { /* local, no need for xgetgrnam */
if (fflg) {
exit (E_SUCCESS);
}

50
src/groupdel.c
View File

@ -188,7 +188,7 @@ static void group_busy (gid_t gid)
endpwent ();
/*
* If pwd isn't NULL, it stopped becaues the gid's matched.
* If pwd isn't NULL, it stopped because the gid's matched.
*/
if (pwd == (struct passwd *) 0)
@ -213,11 +213,8 @@ static void group_busy (gid_t gid)
int main (int argc, char **argv)
{
struct group *grp;
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -245,13 +242,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupdel", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {
@ -278,20 +279,25 @@ int main (int argc, char **argv)
is_shadow_grp = sgr_file_present ();
#endif
/*
* Start with a quick check to see if the group exists.
*/
if (!(grp = getgrnam (group_name))) {
fprintf (stderr, _("%s: group %s does not exist\n"),
Prog, group_name);
{
struct group *grp;
/*
* Start with a quick check to see if the group exists.
*/
/* local, no need for xgetgrnam */
if (!(grp = getgrnam (group_name))) {
fprintf (stderr, _("%s: group %s does not exist\n"),
Prog, group_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting group",
group_name, -1, 0);
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"deleting group",
group_name, -1, 0);
#endif
exit (E_NOTFOUND);
}
exit (E_NOTFOUND);
}
group_id = grp->gr_gid; /* LAUS */
group_id = grp->gr_gid; /* LAUS */
}
#ifdef USE_NIS
/*
@ -321,7 +327,7 @@ int main (int argc, char **argv)
* Now check to insure that this isn't the primary group of
* anyone.
*/
group_busy (grp->gr_gid);
group_busy (group_id);
/*
* Do the hard stuff - open the files, delete the group entries,

21
src/groupmems.c
View File

@ -76,14 +76,16 @@ static int isroot (void)
static int isgroup (void)
{
gid_t g = getgid ();
struct group *grp = getgrgid (g);
struct group *grp = getgrgid (g); /* local, no need for xgetgrgid */
return TRUE;
}
static char *whoami (void)
{
/* local, no need for xgetgrgid */
struct group *grp = getgrgid (getgid ());
/* local, no need for xgetpwuid */
struct passwd *usr = getpwuid (getuid ());
if (0 == strcmp (usr->pw_name, grp->gr_name)) {
@ -173,7 +175,6 @@ int main (int argc, char **argv)
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -239,13 +240,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupmod", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {

50
src/groupmod.c
View File

@ -73,7 +73,7 @@ static gid_t group_newid;
static char *Prog;
static int
oflg = 0, /* permit non-unique group ID to be specified with -g */
oflg = 0, /* permit non-unique group ID to be specified with -g */
gflg = 0, /* new ID value for the group */
nflg = 0; /* a new name has been specified for the group */
@ -257,7 +257,7 @@ static void check_new_gid (void)
return;
}
if (oflg || !getgrgid (group_newid))
if (oflg || !getgrgid (group_newid)) /* local, no need for xgetgrgid */
return;
/*
@ -292,6 +292,7 @@ static void check_new_name (void)
/*
* If the entry is found, too bad.
*/
/* local, no need for xgetgrnam */
if (getgrnam (group_newname)) {
fprintf (stderr,
_("%s: %s is not a unique name\n"), Prog,
@ -457,11 +458,8 @@ static void open_files (void)
*/
int main (int argc, char **argv)
{
struct group *grp;
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -485,13 +483,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("groupmod", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {
@ -517,19 +519,23 @@ int main (int argc, char **argv)
#ifdef SHADOWGRP
is_shadow_grp = sgr_file_present ();
#endif
/*
* Start with a quick check to see if the group exists.
*/
if (!(grp = getgrnam (group_name))) {
fprintf (stderr, _("%s: group %s does not exist\n"),
Prog, group_name);
{
struct group *grp;
/*
* Start with a quick check to see if the group exists.
*/
/* local, no need for xgetgrnam */
if (!(grp = getgrnam (group_name))) {
fprintf (stderr, _("%s: group %s does not exist\n"),
Prog, group_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifying group",
group_name, -1, 0);
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"modifying group", group_name, -1, 0);
#endif
exit (E_NOTFOUND);
} else
group_id = grp->gr_gid;
exit (E_NOTFOUND);
} else
group_id = grp->gr_gid;
}
#ifdef WITH_AUDIT
/* Set new name/id to original if not specified on command line */

7
src/groups.c
View File

@ -59,6 +59,7 @@ static void print_groups (const char *member)
setgrent ();
/* local, no need for xgetpwnam */
if ((pwd = getpwnam (member)) == 0) {
fprintf (stderr, _("%s: unknown user %s\n"), Prog, member);
exit (1);
@ -73,6 +74,7 @@ static void print_groups (const char *member)
flag = 1;
}
}
/* local, no need for xgetgrgid */
if (!flag && (grp = getgrgid (pwd->pw_gid))) {
if (groups++)
putchar (' ');
@ -95,7 +97,6 @@ int main (int argc, char **argv)
GETGROUPS_T *groups;
int pri_grp;
int i;
struct group *gr;
#else
char *logname;
char *getlogin ();
@ -150,6 +151,8 @@ int main (int argc, char **argv)
* values.
*/
if (pri_grp != -1) {
struct group *gr;
/* local, no need for xgetgrgid */
if ((gr = getgrgid (pri_grp)))
printf ("%s", gr->gr_name);
else
@ -157,9 +160,11 @@ int main (int argc, char **argv)
}
for (i = 0; i < ngroups; i++) {
struct group *gr;
if (i || pri_grp != -1)
putchar (' ');
/* local, no need for xgetgrgid */
if ((gr = getgrgid (groups[i])))
printf ("%s", gr->gr_name);
else

3
src/grpck.c
View File

@ -377,6 +377,7 @@ int main (int argc, char **argv)
* Make sure each member exists
*/
for (i = 0; grp->gr_mem[i]; i++) {
/* local, no need for xgetpwnam */
if (getpwnam (grp->gr_mem[i]))
continue;
/*
@ -597,6 +598,7 @@ int main (int argc, char **argv)
* Make sure each administrator exists
*/
for (i = 0; sgr->sg_adm[i]; i++) {
/* local, no need for xgetpwnam */
if (getpwnam (sgr->sg_adm[i]))
continue;
/*
@ -626,6 +628,7 @@ int main (int argc, char **argv)
* Make sure each member exists
*/
for (i = 0; sgr->sg_mem[i]; i++) {
/* local, no need for xgetpwnam */
if (getpwnam (sgr->sg_mem[i]))
continue;

9
src/id.c
View File

@ -118,13 +118,13 @@ static void usage (void)
* does not exist, just give the numerical value.
*/
pw = getpwuid (ruid);
pw = getpwuid (ruid); /* local, no need for xgetpwuid */
if (pw)
printf ("UID=%u(%s)", ruid, pw->pw_name);
else
printf ("UID=%u", ruid);
gr = getgrgid (rgid);
gr = getgrgid (rgid);; /* local, no need for xgetgrgid */
if (gr)
printf (" GID=%u(%s)", rgid, gr->gr_name);
else
@ -136,14 +136,14 @@ static void usage (void)
*/
if (ruid != euid) {
pw = getpwuid (euid);
pw = getpwuid (euid); /* local, no need for xgetpwuid */
if (pw)
printf (" EUID=%u(%s)", euid, pw->pw_name);
else
printf (" EUID=%u", euid);
}
if (rgid != egid) {
gr = getgrgid (egid);
gr = getgrgid (egid); /* local, no need for xgetgrgid */
if (gr)
printf (" EGID=%u(%s)", egid, gr->gr_name);
else
@ -169,6 +169,7 @@ static void usage (void)
if (i)
putchar (',');
/* local, no need for xgetgrgid */
gr = getgrgid (groups[i]);
if (gr)
printf ("%u(%s)", groups[i], gr->gr_name);

2
src/lastlog.c
View File

@ -199,7 +199,7 @@ int main (int argc, char **argv)
bflg++;
break;
case 'u':
pwent = getpwnam (optarg);
pwent = xgetpwnam (optarg);
if (!pwent) {
fprintf (stderr,
_("Unknown User: %s\n"),

2
src/login_nopam.c
View File

@ -222,6 +222,7 @@ static int user_match (const char *tok, const char *string)
#endif
} else if (string_match (tok, string)) { /* ALL or exact match */
return (YES);
/* local, no need for xgetgrnam */
} else if ((group = getgrnam (tok))) { /* try group membership */
for (i = 0; group->gr_mem[i]; i++)
if (strcasecmp (string, group->gr_mem[i]) == 0)
@ -235,6 +236,7 @@ static int user_match (const char *tok, const char *string)
* XXX - disabled by default for now. Need to verify that
* getpwnam() doesn't have some nasty side effects. --marekm
*/
/* local, no need for xgetpwnam */
if ((userinf = getpwnam (string)))
if (userinf->pw_gid == group->gr_gid)
return (YES);

9
src/newgrp.c
View File

@ -240,7 +240,7 @@ int main (int argc, char **argv)
* Perhaps in the past, but the default behavior now depends on the
* group entry, so it had better exist. -- JWP
*/
if (!(grp = getgrgid (pwd->pw_gid))) {
if (!(grp = xgetgrgid (pwd->pw_gid))) {
fprintf (stderr, _("unknown GID: %lu\n"),
(unsigned long) pwd->pw_gid);
SYSLOG ((LOG_CRIT, "unknown GID: %lu",
@ -319,7 +319,7 @@ int main (int argc, char **argv)
* including the user's name in the member list of the user's login
* group. -- JWP
*/
if (!(grp = getgrnam (group))) {
if (!(grp = getgrnam (group))) { /* local, no need for xgetgrnam */
fprintf (stderr, _("unknown group: %s\n"), group);
goto failure;
}
@ -338,7 +338,7 @@ int main (int argc, char **argv)
*
* Re-read the group entry for further processing.
*/
grp = getgrnam (group);
grp = xgetgrnam (group);
}
#ifdef SHADOWGRP
if ((sgrp = getsgnam (group))) {
@ -364,7 +364,7 @@ int main (int argc, char **argv)
* password, and the group has a password, she needs to give the
* group password.
*/
if ((spwd = getspnam (name)))
if ((spwd = xgetspnam (name)))
pwd->pw_passwd = spwd->sp_pwdp;
if (pwd->pw_passwd[0] == '\0' && grp->gr_passwd[0])
@ -480,6 +480,7 @@ int main (int argc, char **argv)
}
} while ((pid == child && WIFSTOPPED (cst)) ||
(pid != child && errno == EINTR));
/* local, no need for xgetgrgid */
SYSLOG ((LOG_INFO,
"user `%s' (login `%s' on %s) returned to group `%s'",
name, loginname, tty,

17
src/newusers.c
View File

@ -289,7 +289,6 @@ int main (int argc, char **argv)
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -305,13 +304,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("newusers", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {

6
src/passwd.c
View File

@ -399,7 +399,7 @@ static void print_status (const struct passwd *pw)
{
struct spwd *sp;
sp = getspnam (pw->pw_name);
sp = getspnam (pw->pw_name); /* local, no need for xgetspnam */
if (sp) {
printf ("%s %s %s %ld %ld %ld %ld\n",
pw->pw_name,
@ -803,7 +803,7 @@ int main (int argc, char **argv)
exit (E_NOPERM);
}
pw = getpwnam (name);
pw = xgetpwnam (name);
if (!pw) {
fprintf (stderr, _("%s: unknown user %s\n"), Prog, name);
exit (E_NOPERM);
@ -843,7 +843,7 @@ int main (int argc, char **argv)
/*
* The user name is valid, so let's get the shadow file entry.
*/
sp = getspnam (name);
sp = getspnam (name); /* !USE_PAM, no need for xgetspnam */
if (!sp)
sp = pwd_to_spwd (pw);

1
src/pwck.c
View File

@ -331,6 +331,7 @@ int main (int argc, char **argv)
/*
* Make sure the primary group exists
*/
/* local, no need for xgetgrgid */
if (!quiet && !getgrgid (pwd->pw_gid)) {
/*

10
src/su.c
View File

@ -125,7 +125,7 @@ static int iswheel (const char *username)
{
struct group *grp;
grp = getgrnam ("wheel");;
grp = getgrnam ("wheel"); /* !USE_PAM, no need for xgetgrnam */
if (!grp || !grp->gr_mem)
return 0;
return is_on_list (grp->gr_mem, username);
@ -472,7 +472,7 @@ int main (int argc, char **argv)
* Sort out the password of user calling su, in case needed later
* -- chris
*/
if ((spwd = getspnam (oldname)))
if ((spwd = getspnam (oldname))) /* !USE_PAM, no need for xgetspnam */
pw->pw_passwd = spwd->sp_pwdp;
oldpass = xstrdup (pw->pw_passwd);
#endif /* SU_ACCESS */
@ -507,7 +507,7 @@ int main (int argc, char **argv)
* The password file entries for the user is gotten and the account
* validated.
*/
if (!(pw = getpwnam (name))) {
if (!(pw = xgetpwnam (name))) {
(void) fprintf (stderr, _("Unknown id: %s\n"), name);
closelog ();
exit (1);
@ -515,7 +515,7 @@ int main (int argc, char **argv)
#ifndef USE_PAM
spwd = NULL;
if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0
&& (spwd = getspnam (name)))
&& (spwd = getspnam (name))) /* !USE_PAM, no need for xgetspnam */
pw->pw_passwd = spwd->sp_pwdp;
#endif /* !USE_PAM */
pwent = *pw;
@ -696,8 +696,10 @@ int main (int argc, char **argv)
spwd = pwd_to_spwd (&pwent);
if (expire (&pwent, spwd)) {
/* !USE_PAM, no need for xgetpwnam */
struct passwd *pwd = getpwnam (name);
/* !USE_PAM, no need for xgetspnam */
spwd = getspnam (name);
if (pwd)
pwent = *pwd;

2
src/suauth.c
View File

@ -201,7 +201,7 @@ int isgrp (const char *name, const char *group)
{
struct group *grp;
grp = getgrnam (group);
grp = getgrnam (group); /* local, no need for xgetgrnam */
if (!grp || !grp->gr_mem)
return 0;

40
src/useradd.c
View File

@ -205,8 +205,8 @@ static struct group *getgr_nam_gid (const char *grname)
gid = strtol (grname, &errptr, 10);
if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && gid >= 0)
return getgrgid (gid);
return getgrnam (grname);
return xgetgrgid (gid);
return xgetgrnam (grname);
}
static long get_number (const char *numstr)
@ -252,7 +252,6 @@ static void get_defaults (void)
FILE *fp;
char buf[1024];
char *cp, *ep;
const struct group *grp;
/*
* Open the defaults file for reading.
@ -279,9 +278,11 @@ static void get_defaults (void)
*/
if (MATCH (buf, DGROUP)) {
unsigned int val = (unsigned int) strtoul (cp, &ep, 10);
const struct group *grp;
if (*cp != '\0' && *ep == '\0') { /* valid number */
if (*cp != '\0' && *ep == '\0') { /* valid number */
def_group = val;
/* local, no need for xgetgrgid */
if ((grp = getgrgid (def_group))) {
def_gname = xstrdup (grp->gr_name);
} else {
@ -289,6 +290,7 @@ static void get_defaults (void)
_("%s: unknown GID %s\n"),
Prog, cp);
}
/* local, no need for xgetgrnam */
} else if ((grp = getgrnam (cp))) {
def_group = grp->gr_gid;
def_gname = xstrdup (cp);
@ -837,7 +839,7 @@ static void find_new_uid (void)
#ifdef NO_GETPWENT
pw_rewind ();
while ((pwd = pw_next ())) {
#else /* using getpwent() we can check against NIS users etc. */
#else /* using getpwent() we can check against NIS users etc. */
setpwent ();
while ((pwd = getpwent ())) {
#endif
@ -881,6 +883,7 @@ static void find_new_uid (void)
if (!pwd)
break;
#else
/* local, no need for xgetpwuid */
if (!getpwuid (user_id))
break;
#endif
@ -940,7 +943,7 @@ static void find_new_gid ()
#ifndef NO_GETGRENT /* glibc does have this, so ... */
/* A quick test gets here: if the UID is available
* as a GID, go ahead and use it */
if (!getgrgid (user_id)) {
if (!getgrgid (user_id)) { /* local, no need for xgetgrgid */
user_gid = user_id;
return;
}
@ -953,6 +956,7 @@ static void find_new_gid ()
if (!grp)
break;
#else
/* local, no need for xgetgrgid */
if (!getgrgid (user_gid))
break;
#endif
@ -1497,6 +1501,7 @@ static void usr_update (void)
* no user with this UID exists yet (entries for shared UIDs
* are left unchanged). --marekm
*/
/* local, no need for xgetpwuid */
if (!getpwuid (user_id)) {
faillog_reset (user_id);
lastlog_reset (user_id);
@ -1596,7 +1601,7 @@ static void create_mail (void)
return;
}
gr = getgrnam ("mail");
gr = getgrnam ("mail"); /* local, no need for xgetgrnam */
if (!gr) {
fprintf (stderr,
_
@ -1622,7 +1627,6 @@ int main (int argc, char **argv)
{
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -1661,13 +1665,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("useradd", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("useradd", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {
@ -1705,7 +1713,7 @@ int main (int argc, char **argv)
/*
* Start with a quick check to see if the user exists.
*/
if (getpwnam (user_name)) {
if (getpwnam (user_name)) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: user %s exists\n"), Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user",
@ -1721,7 +1729,7 @@ int main (int argc, char **argv)
* --bero
*/
if (!gflg) {
if (getgrnam (user_name)) {
if (getgrnam (user_name)) { /* local, no need for xgetgrnam */
fprintf (stderr,
_
("%s: group %s exists - if you want to add this user to that group, use -g.\n"),

43
src/userdel.c
View File

@ -179,7 +179,7 @@ static void update_groups (void)
* now if they have a group with the same name as their
* user name, with no members, we delete it.
*/
grp = getgrnam (user_name);
grp = xgetgrnam (user_name);
if (grp && getdef_bool ("USERGROUPS_ENAB")
&& (grp->gr_mem[0] == NULL)) {
@ -608,12 +608,10 @@ static void remove_mailbox (void)
*/
int main (int argc, char **argv)
{
struct passwd *pwd;
int errors = 0;
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -663,13 +661,19 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS)
retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("userdel", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {
retval = pam_authenticate (pamh, 0);
@ -698,14 +702,20 @@ int main (int argc, char **argv)
* Start with a quick check to see if the user exists.
*/
user_name = argv[argc - 1];
if (!(pwd = getpwnam (user_name))) {
fprintf (stderr, _("%s: user %s does not exist\n"),
Prog, user_name);
{
struct passwd *pwd;
/* local, no need for xgetpwnam */
if (!(pwd = getpwnam (user_name))) {
fprintf (stderr, _("%s: user %s does not exist\n"),
Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"deleting user not found", user_name, -1, 0);
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"deleting user not found", user_name, -1, 0);
#endif
exit (E_NOTFOUND);
exit (E_NOTFOUND);
}
user_id = pwd->pw_uid;
user_home = xstrdup (pwd->pw_dir);
}
#ifdef USE_NIS
@ -727,8 +737,6 @@ int main (int argc, char **argv)
exit (E_NOTFOUND);
}
#endif
user_id = pwd->pw_uid;
user_home = xstrdup (pwd->pw_dir);
/*
* Check to make certain the user isn't logged in.
*/
@ -755,6 +763,7 @@ int main (int argc, char **argv)
#ifdef EXTRA_CHECK_HOME_DIR
/* This may be slow, the above should be good enough. */
if (rflg && !fflg) {
struct passwd *pwd;
/*
* For safety, refuse to remove the home directory if it
* would result in removing some other user's home

70
src/usermod.c
View File

@ -174,8 +174,8 @@ static struct group *getgr_nam_gid (const char *grname)
val = strtol (grname, &errptr, 10);
if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && val >= 0)
return getgrgid (val);
return getgrnam (grname);
return xgetgrgid (val);
return xgetgrnam (grname);
}
/*
@ -805,26 +805,28 @@ static uid_t get_id (const char *uidstr)
static void process_flags (int argc, char **argv)
{
const struct group *grp;
const struct passwd *pwd;
const struct spwd *spwd = NULL;
int anyflag = 0;
if (argc == 1 || argv[argc - 1][0] == '-')
usage ();
if (!(pwd = getpwnam (argv[argc - 1]))) {
fprintf (stderr, _("%s: user %s does not exist\n"),
Prog, argv[argc - 1]);
exit (E_NOTFOUND);
}
{
const struct passwd *pwd;
/* local, no need for xgetpwnam */
if (!(pwd = getpwnam (argv[argc - 1]))) {
fprintf (stderr, _("%s: user %s does not exist\n"),
Prog, argv[argc - 1]);
exit (E_NOTFOUND);
}
user_name = argv[argc - 1];
user_id = pwd->pw_uid;
user_gid = pwd->pw_gid;
user_comment = xstrdup (pwd->pw_gecos);
user_home = xstrdup (pwd->pw_dir);
user_shell = xstrdup (pwd->pw_shell);
user_name = argv[argc - 1];
user_id = pwd->pw_uid;
user_gid = pwd->pw_gid;
user_comment = xstrdup (pwd->pw_gecos);
user_home = xstrdup (pwd->pw_dir);
user_shell = xstrdup (pwd->pw_shell);
}
#ifdef WITH_AUDIT
user_newname = user_name;
user_newid = user_id;
@ -854,13 +856,17 @@ static void process_flags (int argc, char **argv)
}
#endif
if (is_shadow_pwd && (spwd = getspnam (user_name))) {
user_expire = spwd->sp_expire;
user_inactive = spwd->sp_inact;
{
const struct spwd *spwd = NULL;
/* local, no need for xgetspnam */
if (is_shadow_pwd && (spwd = getspnam (user_name))) {
user_expire = spwd->sp_expire;
user_inactive = spwd->sp_inact;
#ifdef WITH_AUDIT
user_newexpire = user_expire;
user_newinactive = user_inactive;
user_newexpire = user_expire;
user_newinactive = user_inactive;
#endif
}
}
{
@ -923,7 +929,7 @@ static void process_flags (int argc, char **argv)
#ifdef WITH_AUDIT
user_newexpire = strtoday (optarg);
if (user_newexpire == -1) {
#else
#else /* } */
user_expire = strtoday (optarg);
if (user_expire == -1) {
#endif
@ -1082,11 +1088,13 @@ static void process_flags (int argc, char **argv)
if (uflg && user_id == user_newid)
uflg = oflg = 0;
/* local, no need for xgetpwnam */
if (lflg && getpwnam (user_newname)) {
fprintf (stderr, _("%s: user %s exists\n"), Prog, user_newname);
exit (E_NAME_IN_USE);
}
/* local, no need for xgetpwuid */
if (uflg && !oflg && getpwuid (user_newid)) {
fprintf (stderr, _("%s: uid %lu is not unique\n"),
Prog, (unsigned long) user_newid);
@ -1211,9 +1219,6 @@ static void open_files (void)
}
#endif
}
}
/*
@ -1492,7 +1497,6 @@ int main (int argc, char **argv)
{
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
@ -1525,13 +1529,17 @@ int main (int argc, char **argv)
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
{
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS) {
retval = pam_start ("usermod", pampw->pw_name,
&conv, &pamh);
}
}
if (retval == PAM_SUCCESS) {