Add support for systems with no innetgr(). On those systems, username
with an @ will be treated like any other username (i.e. lookup in the local database for an user with an @). Thanks to Mike Frysinger for the patch.
This commit is contained in:
parent
690f7aee2e
commit
e0edb7db17
@ -1,3 +1,12 @@
|
|||||||
|
2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
|
* configure.in: Check if the netdb.h header file and the innetgr
|
||||||
|
function exist.
|
||||||
|
* src/login_nopam.c, NEWS: Add support for systems with no
|
||||||
|
innetgr(). On those systems, username with an @ will be treated
|
||||||
|
like any other username (i.e. lookup in the local database for an
|
||||||
|
user with an @). Thanks to Mike Frysinger for the patch.
|
||||||
|
|
||||||
2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
|
2007-11-16 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
* src/useradd.c: Indentation fix.
|
* src/useradd.c: Indentation fix.
|
||||||
|
4
NEWS
4
NEWS
@ -15,6 +15,10 @@ shadow-4.0.18.1 -> shadow-4.0.18.2 UNRELEASED
|
|||||||
- newgrp.c: Declare the child and pid variable at the beginning of a block.
|
- newgrp.c: Declare the child and pid variable at the beginning of a block.
|
||||||
This fixes a compilation issue with gcc 2.95. The intent is the same as
|
This fixes a compilation issue with gcc 2.95. The intent is the same as
|
||||||
Gentoo's patch shadow-4.0.12-gcc2.patch.
|
Gentoo's patch shadow-4.0.12-gcc2.patch.
|
||||||
|
- login_nopam: Add support for systems with no innetgr(). On those
|
||||||
|
systems, username with an @ will be treated like any other username
|
||||||
|
(i.e. lookup in the local database for an user with an @). Thanks to
|
||||||
|
Mike Frysinger for the patch.
|
||||||
|
|
||||||
shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007
|
shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007
|
||||||
|
|
||||||
|
@ -32,11 +32,11 @@ AC_HEADER_SYS_WAIT
|
|||||||
AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
|
AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
|
||||||
utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
|
utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
|
||||||
utime.h ulimit.h sys/resource.h gshadow.h shadow.h lastlog.h \
|
utime.h ulimit.h sys/resource.h gshadow.h shadow.h lastlog.h \
|
||||||
locale.h rpc/key_prot.h)
|
locale.h rpc/key_prot.h netdb.h)
|
||||||
|
|
||||||
AC_CHECK_FUNCS(a64l fchmod fchown fsync getgroups gethostname getspnam \
|
AC_CHECK_FUNCS(a64l fchmod fchown fsync getgroups gethostname getspnam \
|
||||||
gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
|
gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
|
||||||
memcpy memset setgroups sigaction strchr updwtmp updwtmpx)
|
memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr)
|
||||||
AC_SYS_LARGEFILE
|
AC_SYS_LARGEFILE
|
||||||
|
|
||||||
dnl Checks for typedefs, structures, and compiler characteristics.
|
dnl Checks for typedefs, structures, and compiler characteristics.
|
||||||
|
@ -37,7 +37,9 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <syslog.h>
|
#include <syslog.h>
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
|
#ifdef HAVE_NETDB_H
|
||||||
#include <netdb.h>
|
#include <netdb.h>
|
||||||
|
#endif
|
||||||
#include <grp.h>
|
#include <grp.h>
|
||||||
#ifdef PRIMARY_GROUP_MATCH
|
#ifdef PRIMARY_GROUP_MATCH
|
||||||
#include <pwd.h>
|
#include <pwd.h>
|
||||||
@ -49,8 +51,6 @@
|
|||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
#include <netinet/in.h>
|
#include <netinet/in.h>
|
||||||
#include <arpa/inet.h> /* for inet_ntoa() */
|
#include <arpa/inet.h> /* for inet_ntoa() */
|
||||||
extern struct group *getgrnam ();
|
|
||||||
extern int innetgr ();
|
|
||||||
|
|
||||||
#if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64)
|
#if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64)
|
||||||
#undef MAXHOSTNAMELEN
|
#undef MAXHOSTNAMELEN
|
||||||
@ -178,6 +178,7 @@ static char *myhostname (void)
|
|||||||
return (name);
|
return (name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#if HAVE_INNETGR
|
||||||
/* netgroup_match - match group against machine or user */
|
/* netgroup_match - match group against machine or user */
|
||||||
static int
|
static int
|
||||||
netgroup_match (const char *group, const char *machine, const char *user)
|
netgroup_match (const char *group, const char *machine, const char *user)
|
||||||
@ -193,6 +194,7 @@ netgroup_match (const char *group, const char *machine, const char *user)
|
|||||||
|
|
||||||
return innetgr (group, machine, user, mydomain);
|
return innetgr (group, machine, user, mydomain);
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
/* user_match - match a username against one token */
|
/* user_match - match a username against one token */
|
||||||
static int user_match (const char *tok, const char *string)
|
static int user_match (const char *tok, const char *string)
|
||||||
@ -214,8 +216,10 @@ static int user_match (const char *tok, const char *string)
|
|||||||
*at = 0;
|
*at = 0;
|
||||||
return (user_match (tok, string)
|
return (user_match (tok, string)
|
||||||
&& from_match (at + 1, myhostname ()));
|
&& from_match (at + 1, myhostname ()));
|
||||||
|
#if HAVE_INNETGR
|
||||||
} else if (tok[0] == '@') { /* netgroup */
|
} else if (tok[0] == '@') { /* netgroup */
|
||||||
return (netgroup_match (tok + 1, (char *) 0, string));
|
return (netgroup_match (tok + 1, (char *) 0, string));
|
||||||
|
#endif
|
||||||
} else if (string_match (tok, string)) { /* ALL or exact match */
|
} else if (string_match (tok, string)) { /* ALL or exact match */
|
||||||
return (YES);
|
return (YES);
|
||||||
} else if ((group = getgrnam (tok))) { /* try group membership */
|
} else if ((group = getgrnam (tok))) { /* try group membership */
|
||||||
@ -271,9 +275,12 @@ static int from_match (const char *tok, const char *string)
|
|||||||
* contain a "." character. If the token is a network number, return YES
|
* contain a "." character. If the token is a network number, return YES
|
||||||
* if it matches the head of the string.
|
* if it matches the head of the string.
|
||||||
*/
|
*/
|
||||||
|
#if HAVE_INNETGR
|
||||||
if (tok[0] == '@') { /* netgroup */
|
if (tok[0] == '@') { /* netgroup */
|
||||||
return (netgroup_match (tok + 1, string, (char *) 0));
|
return (netgroup_match (tok + 1, string, (char *) 0));
|
||||||
} else if (string_match (tok, string)) { /* ALL or exact match */
|
} else
|
||||||
|
#endif
|
||||||
|
if (string_match (tok, string)) { /* ALL or exact match */
|
||||||
return (YES);
|
return (YES);
|
||||||
} else if (tok[0] == '.') { /* domain: match last fields */
|
} else if (tok[0] == '.') { /* domain: match last fields */
|
||||||
if ((str_len = strlen (string)) > (tok_len = strlen (tok))
|
if ((str_len = strlen (string)) > (tok_len = strlen (tok))
|
||||||
|
Loading…
Reference in New Issue
Block a user