* src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the SHADOWTCB_FAILURE return code instead of 0 or implicit conversion to booleans.
This commit is contained in:
parent
8228f99c36
commit
a996fac57b
@ -1,3 +1,10 @@
|
|||||||
|
2010-03-17 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
|
* src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
|
||||||
|
src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the
|
||||||
|
SHADOWTCB_FAILURE return code instead of 0 or implicit conversion
|
||||||
|
to booleans.
|
||||||
|
|
||||||
2010-03-18 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
|
2010-03-18 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
|
||||||
|
|
||||||
* src/pwck.c: Add support for TCB.
|
* src/pwck.c: Add support for TCB.
|
||||||
|
@ -132,14 +132,14 @@ int spw_lock (void)
|
|||||||
return commonio_lock (&shadow_db);
|
return commonio_lock (&shadow_db);
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
}
|
}
|
||||||
if (shadowtcb_drop_priv () == 0) {
|
if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (lckpwdf_tcb (shadow_db.filename) == 0) {
|
if (lckpwdf_tcb (shadow_db.filename) == 0) {
|
||||||
shadow_db.locked = 1;
|
shadow_db.locked = 1;
|
||||||
retval = 1;
|
retval = 1;
|
||||||
}
|
}
|
||||||
if (shadowtcb_gain_priv () == 0) {
|
if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return retval;
|
return retval;
|
||||||
@ -152,13 +152,13 @@ int spw_open (int mode)
|
|||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
bool use_tcb = getdef_bool ("USE_TCB");
|
bool use_tcb = getdef_bool ("USE_TCB");
|
||||||
|
|
||||||
if (use_tcb && (shadowtcb_drop_priv () == 0)) {
|
if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
retval = commonio_open (&shadow_db, mode);
|
retval = commonio_open (&shadow_db, mode);
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (use_tcb && (shadowtcb_gain_priv () == 0)) {
|
if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
@ -196,13 +196,13 @@ int spw_close (void)
|
|||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
bool use_tcb = getdef_bool ("USE_TCB");
|
bool use_tcb = getdef_bool ("USE_TCB");
|
||||||
|
|
||||||
if (use_tcb && (shadowtcb_drop_priv () == 0)) {
|
if (use_tcb && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
retval = commonio_close (&shadow_db);
|
retval = commonio_close (&shadow_db);
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (use_tcb && (shadowtcb_gain_priv () == 0)) {
|
if (use_tcb && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
@ -219,14 +219,14 @@ int spw_unlock (void)
|
|||||||
return commonio_unlock (&shadow_db);
|
return commonio_unlock (&shadow_db);
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
}
|
}
|
||||||
if (shadowtcb_drop_priv () == 0) {
|
if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (ulckpwdf_tcb () == 0) {
|
if (ulckpwdf_tcb () == 0) {
|
||||||
shadow_db.locked = 0;
|
shadow_db.locked = 0;
|
||||||
retval = 1;
|
retval = 1;
|
||||||
}
|
}
|
||||||
if (shadowtcb_gain_priv () == 0) {
|
if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
return retval;
|
return retval;
|
||||||
|
@ -857,13 +857,14 @@ int main (int argc, char **argv)
|
|||||||
|
|
||||||
STRFCPY (user_name, pw->pw_name);
|
STRFCPY (user_name, pw->pw_name);
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (!shadowtcb_set_user(pw->pw_name))
|
if (shadowtcb_set_user (pw->pw_name) == SHADOWTCB_FAILURE) {
|
||||||
fail_exit(E_NOPERM);
|
fail_exit (E_NOPERM);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
user_uid = pw->pw_uid;
|
user_uid = pw->pw_uid;
|
||||||
|
|
||||||
sp = spw_locate (argv[optind]);
|
sp = spw_locate (argv[optind]);
|
||||||
get_defaults(sp);
|
get_defaults (sp);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Print out the expiration fields if the user has requested the
|
* Print out the expiration fields if the user has requested the
|
||||||
|
@ -469,12 +469,12 @@ static void check_pw_file (int *errors, bool *changed)
|
|||||||
if (is_shadow) {
|
if (is_shadow) {
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (getdef_bool("USE_TCB")) {
|
if (getdef_bool("USE_TCB")) {
|
||||||
if (!shadowtcb_set_user (pwd->pw_name)) {
|
if (shadowtcb_set_user (pwd->pw_name) == SHADOWTCB_FAILURE) {
|
||||||
printf(_("no tcb directory for %s\n"), pwd->pw_name);
|
printf(_("no tcb directory for %s\n"), pwd->pw_name);
|
||||||
printf(_("create tcb directory for %s?"), pwd->pw_name);
|
printf(_("create tcb directory for %s?"), pwd->pw_name);
|
||||||
*errors += 1;
|
*errors += 1;
|
||||||
if (yes_or_no (read_only)) {
|
if (yes_or_no (read_only)) {
|
||||||
if (!shadowtcb_create(pwd->pw_name, pwd->pw_uid)) {
|
if (shadowtcb_create(pwd->pw_name, pwd->pw_uid) == SHADOWTCB_FAILURE) {
|
||||||
*errors += 1;
|
*errors += 1;
|
||||||
printf(_("failed to create tcb directory for %s\n"), pwd->pw_name);
|
printf(_("failed to create tcb directory for %s\n"), pwd->pw_name);
|
||||||
continue;
|
continue;
|
||||||
|
@ -2003,7 +2003,7 @@ int main (int argc, char **argv)
|
|||||||
|
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (getdef_bool ("USE_TCB")) {
|
if (getdef_bool ("USE_TCB")) {
|
||||||
if (shadowtcb_create (user_name, user_id) == 0) {
|
if (shadowtcb_create (user_name, user_id) == SHADOWTCB_FAILURE) {
|
||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: Failed to create tcb directory for %s\n"),
|
_("%s: Failed to create tcb directory for %s\n"),
|
||||||
Prog, user_name);
|
Prog, user_name);
|
||||||
|
@ -757,7 +757,7 @@ static int remove_tcbdir (const char *user_name, uid_t user_id)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
snprintf (buf, buflen, TCB_DIR "/%s", user_name);
|
snprintf (buf, buflen, TCB_DIR "/%s", user_name);
|
||||||
if (shadowtcb_drop_priv () == 0) {
|
if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
|
||||||
fprintf (stderr, _("%s: Cannot drop privileges: %s\n"),
|
fprintf (stderr, _("%s: Cannot drop privileges: %s\n"),
|
||||||
Prog, strerror (errno));
|
Prog, strerror (errno));
|
||||||
shadowtcb_gain_priv ();
|
shadowtcb_gain_priv ();
|
||||||
@ -776,7 +776,7 @@ static int remove_tcbdir (const char *user_name, uid_t user_id)
|
|||||||
}
|
}
|
||||||
shadowtcb_gain_priv ();
|
shadowtcb_gain_priv ();
|
||||||
free (buf);
|
free (buf);
|
||||||
if (shadowtcb_remove (user_name) == 0) {
|
if (shadowtcb_remove (user_name) == SHADOWTCB_FAILURE) {
|
||||||
fprintf (stderr, _("%s: Cannot remove tcb files for %s: %s\n"),
|
fprintf (stderr, _("%s: Cannot remove tcb files for %s: %s\n"),
|
||||||
Prog, user_name, strerror (errno));
|
Prog, user_name, strerror (errno));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@ -906,7 +906,7 @@ int main (int argc, char **argv)
|
|||||||
user_home = xstrdup (pwd->pw_dir);
|
user_home = xstrdup (pwd->pw_dir);
|
||||||
}
|
}
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (shadowtcb_set_user (user_name) == 0) {
|
if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) {
|
||||||
exit (E_NOTFOUND);
|
exit (E_NOTFOUND);
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
|
@ -1774,8 +1774,9 @@ int main (int argc, char **argv)
|
|||||||
#endif /* ACCT_TOOLS_SETUID */
|
#endif /* ACCT_TOOLS_SETUID */
|
||||||
|
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (!shadowtcb_set_user (user_name))
|
if (shadowtcb_set_user (user_name) == SHADOWTCB_FAILURE) {
|
||||||
exit (E_PW_UPDATE);
|
exit (E_PW_UPDATE);
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -1794,7 +1795,7 @@ int main (int argc, char **argv)
|
|||||||
|
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if ( (lflg || uflg)
|
if ( (lflg || uflg)
|
||||||
&& (!shadowtcb_move (user_newname, user_newid)) ) {
|
&& (shadowtcb_move (user_newname, user_newid) == SHADOWTCB_FAILURE) ) {
|
||||||
exit (E_PW_UPDATE);
|
exit (E_PW_UPDATE);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
15
src/vipw.c
15
src/vipw.c
@ -209,7 +209,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
|
|||||||
&& (errno != EEXIST)) {
|
&& (errno != EEXIST)) {
|
||||||
vipwexit (_("failed to create scratch directory"), errno, 1);
|
vipwexit (_("failed to create scratch directory"), errno, 1);
|
||||||
}
|
}
|
||||||
if (shadowtcb_drop_priv () == 0) {
|
if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
|
||||||
vipwexit (_("failed to drop privileges"), errno, 1);
|
vipwexit (_("failed to drop privileges"), errno, 1);
|
||||||
}
|
}
|
||||||
snprintf (fileedit, sizeof fileedit,
|
snprintf (fileedit, sizeof fileedit,
|
||||||
@ -245,7 +245,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
|
|||||||
}
|
}
|
||||||
#endif /* WITH_SELINUX */
|
#endif /* WITH_SELINUX */
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (tcb_mode && (shadowtcb_gain_priv () == 0)) {
|
if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE)) {
|
||||||
vipwexit (_("failed to gain privileges"), errno, 1);
|
vipwexit (_("failed to gain privileges"), errno, 1);
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
@ -254,7 +254,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
|
|||||||
}
|
}
|
||||||
filelocked = true;
|
filelocked = true;
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (tcb_mode && (shadowtcb_drop_priv () == 0)) {
|
if (tcb_mode && (shadowtcb_drop_priv () == SHADOWTCB_FAILURE)) {
|
||||||
vipwexit (_("failed to drop privileges"), errno, 1);
|
vipwexit (_("failed to drop privileges"), errno, 1);
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
@ -268,7 +268,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
|
|||||||
vipwexit (file, 1, 1);
|
vipwexit (file, 1, 1);
|
||||||
}
|
}
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (tcb_mode && (shadowtcb_gain_priv () == 0))
|
if (tcb_mode && (shadowtcb_gain_priv () == SHADOWTCB_FAILURE))
|
||||||
vipwexit (_("failed to gain privileges"), errno, 1);
|
vipwexit (_("failed to gain privileges"), errno, 1);
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
if (create_backup_file (f, fileedit, &st1) != 0) {
|
if (create_backup_file (f, fileedit, &st1) != 0) {
|
||||||
@ -354,7 +354,7 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
|
|||||||
if (unlink (fileedit) != 0) {
|
if (unlink (fileedit) != 0) {
|
||||||
vipwexit (_("failed to unlink scratch file"), errno, 1);
|
vipwexit (_("failed to unlink scratch file"), errno, 1);
|
||||||
}
|
}
|
||||||
if (shadowtcb_drop_priv () == 0) {
|
if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
|
||||||
vipwexit (_("failed to drop privileges"), errno, 1);
|
vipwexit (_("failed to drop privileges"), errno, 1);
|
||||||
}
|
}
|
||||||
if (stat (file, &st1) != 0) {
|
if (stat (file, &st1) != 0) {
|
||||||
@ -392,8 +392,9 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
|
|||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (tcb_mode) {
|
if (tcb_mode) {
|
||||||
free (to_rename);
|
free (to_rename);
|
||||||
if (shadowtcb_gain_priv () == 0)
|
if (shadowtcb_gain_priv () == SHADOWTCB_FAILURE) {
|
||||||
vipwexit (_("failed to gain privileges"), errno, 1);
|
vipwexit (_("failed to gain privileges"), errno, 1);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
|
|
||||||
@ -474,7 +475,7 @@ int main (int argc, char **argv)
|
|||||||
if (editshadow) {
|
if (editshadow) {
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
if (getdef_bool ("USE_TCB") && (NULL != user)) {
|
if (getdef_bool ("USE_TCB") && (NULL != user)) {
|
||||||
if (shadowtcb_set_user (user) == 0) {
|
if (shadowtcb_set_user (user) == SHADOWTCB_FAILURE) {
|
||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: failed to find tcb directory for %s\n"),
|
_("%s: failed to find tcb directory for %s\n"),
|
||||||
progname, user);
|
progname, user);
|
||||||
|
Loading…
Reference in New Issue
Block a user