emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* src/useradd.c: Log errors to syslog in grp_update() since

Browse Source 
changes have started to be reported to syslog.
	* src/userdel.c: Fix some result parameters sent to
	audit_logger().

	* NEWS: Following changes from a patch contributed by Steve Grubb
	<sgrubb@redhat.com>
	* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
	of AUDIT_USER_CHAUTHTOK.
	* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead 
	of AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
	AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
	AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Add missing logs to audit.
	* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
	AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
	* src/userdel.c: Add missing logs to audit.
This commit is contained in:
nekral-guest 2008-09-03 21:02:32 +00:00
parent ba98ffe152
commit f3c7ca59c5
6 changed files with 139 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
ChangeLog
View File

@ -1,3 +1,26 @@
2008-09-03 Nicolas François <nicolas.francois@centraliens.net>
* src/useradd.c: Log errors to syslog in grp_update() since
changes have started to be reported to syslog.
* src/userdel.c: Fix some result parameters sent to
audit_logger().
2008-09-02 Nicolas François <nicolas.francois@centraliens.net>
* NEWS: Following changes from a patch contributed by Steve Grubb
<sgrubb@redhat.com>
* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
of AUDIT_USER_CHAUTHTOK.
* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead
of AUDIT_USER_CHAUTHTOK.
* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
AUDIT_USER_CHAUTHTOK.
* src/useradd.c: Add missing logs to audit.
* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
* src/userdel.c: Add missing logs to audit.
2008-08-31 Nicolas François <nicolas.francois@centraliens.net>
* src/groupmems.c: Remove duplicated gr_open().

8
NEWS
View File

@ -11,6 +11,10 @@ shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED
* Added support for long options --add (-a), --delete (-d),
--remove-password (-r), --restrict (-R), --administrators (-A), and
--members (-M).
- groupadd
* audit logging improvements.
- groupdel
* audit logging improvements.
- groupmems
* Check if user exist before they are added to groups.
* Avoid segfault in case the specified group does not exist in /etc/group.
@ -27,6 +31,10 @@ shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED
* For compatibility with other passwd version, the --lock an --unlock
options do not lock or unlock the user account anymore. They only
lock or unlock the user's password.
- useradd
* audit logging improvements.
- userdel
* audit logging improvements.
- usermod
* Allow adding LDAP users (or any user not present in the local passwd
file) to local groups

20
src/groupadd.c
View File

@ -215,7 +215,7 @@ static void grp_update (void)
}
#endif /* SHADOWGRP */
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"adding group",
group_name, (unsigned int) group_id, 1);
#endif
@ -262,7 +262,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -281,7 +281,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -304,7 +304,7 @@ static void open_files (void)
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"locking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -315,7 +315,7 @@ static void open_files (void)
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"opening group file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -328,7 +328,7 @@ static void open_files (void)
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"locking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -340,7 +340,7 @@ static void open_files (void)
_("%s: cannot open %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"opening gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -360,7 +360,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -373,7 +373,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -384,7 +384,7 @@ static void fail_exit (int code)
#ifdef WITH_AUDIT
if (code != E_SUCCESS) {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_GROUP, Prog,
"adding group",
group_name, AUDIT_NO_ID, 0);
}

16
src/groupdel.c
View File

@ -99,7 +99,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -112,7 +112,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -122,7 +122,7 @@ static void fail_exit (int code)
#endif
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, AUDIT_NO_ID, 0);
#endif
@ -168,7 +168,7 @@ static void grp_update (void)
static void close_files (void)
{
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, (unsigned int) group_id, 1);
#endif
@ -183,7 +183,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -203,7 +203,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@ -374,7 +374,7 @@ int main (int argc, char **argv)
fprintf (stderr, _("%s: group '%s' does not exist\n"),
Prog, group_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, AUDIT_NO_ID, 0);
#endif
@ -396,7 +396,7 @@ int main (int argc, char **argv)
Prog, group_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, AUDIT_NO_ID, 0);
#endif

81
src/useradd.c
View File

@ -203,7 +203,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking shadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -215,7 +215,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking passwd file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -227,7 +227,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking group file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -240,7 +240,7 @@ static void fail_exit (int code)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking gshadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -250,7 +250,7 @@ static void fail_exit (int code)
#endif
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, AUDIT_NO_ID, 0);
#endif
@ -580,8 +580,8 @@ static int set_defaults (void)
return -1;
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing user defaults",
audit_logger (AUDIT_USYS_CONFIG, Prog,
"changing useradd defaults",
NULL, AUDIT_NO_ID, 1);
#endif
SYSLOG ((LOG_INFO,
@ -834,6 +834,12 @@ static void grp_update (void)
fprintf (stderr,
_("%s: Out of memory. Cannot update %s.\n"),
Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"adding user to group",
user_name, AUDIT_NO_ID, 0);
#endif
fail_exit (E_GRP_UPDATE); /* XXX */
}
@ -846,10 +852,16 @@ static void grp_update (void)
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, gr_dbname (), ngrp->gr_name);
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"adding user to group",
user_name, AUDIT_NO_ID, 0);
#endif
fail_exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding user to group",
user_name, AUDIT_NO_ID, 1);
#endif
@ -889,6 +901,12 @@ static void grp_update (void)
fprintf (stderr,
_("%s: Out of memory. Cannot update %s.\n"),
Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"adding user to shadow group",
user_name, AUDIT_NO_ID, 0);
#endif
fail_exit (E_GRP_UPDATE); /* XXX */
}
@ -901,10 +919,16 @@ static void grp_update (void)
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, sgr_dbname (), nsgrp->sg_name);
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"adding user to shadow group",
user_name, AUDIT_NO_ID, 0);
#endif
fail_exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding user to shadow group",
user_name, AUDIT_NO_ID, 1);
#endif
@ -1198,7 +1222,7 @@ static void process_flags (int argc, char **argv)
_("%s: invalid user name '%s'\n"),
Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, AUDIT_NO_ID, 0);
#endif
@ -1273,7 +1297,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking shadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -1285,7 +1309,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking passwd file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -1296,7 +1320,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking group file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -1309,7 +1333,7 @@ static void close_files (void)
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"unlocking gshadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@ -1453,6 +1477,11 @@ static void grp_add (void)
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, gr_dbname (), grp.gr_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
"adding group",
grp.gr_name, AUDIT_NO_ID, 0);
#endif
fail_exit (E_GRP_UPDATE);
}
#ifdef SHADOWGRP
@ -1463,10 +1492,20 @@ static void grp_add (void)
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, sgr_dbname (), sgrp.sg_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
"adding group",
grp.gr_name, AUDIT_NO_ID, 0);
#endif
fail_exit (E_GRP_UPDATE);
}
#endif /* SHADOWGRP */
SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_GROUP, Prog,
"adding group",
grp.gr_name, AUDIT_NO_ID, 1);
#endif
do_grp_update = true;
}
@ -1577,14 +1616,14 @@ static void usr_update (void)
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, spw_dbname (), spent.sp_namp);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding shadow password",
user_name, (unsigned int) user_id, 0);
#endif
fail_exit (E_PW_UPDATE);
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, (unsigned int) user_id, 1);
#endif
@ -1614,7 +1653,7 @@ static void create_home (void)
("%s: cannot create directory %s\n"),
Prog, user_home);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding home directory",
user_name, (unsigned int) user_id, 0);
#endif
@ -1625,7 +1664,7 @@ static void create_home (void)
0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
home_added = true;
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding home directory",
user_name, (unsigned int) user_id, 1);
#endif
@ -1772,7 +1811,7 @@ int main (int argc, char **argv)
if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, AUDIT_NO_ID, 0);
#endif
@ -1792,7 +1831,7 @@ int main (int argc, char **argv)
_("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding group",
user_name, AUDIT_NO_ID, 0);
#endif
@ -1826,7 +1865,7 @@ int main (int argc, char **argv)
_("%s: UID %lu is not unique\n"),
Prog, (unsigned long) user_id);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, (unsigned int) user_id, 0);
#endif

56
src/userdel.c
View File

@ -177,9 +177,9 @@ static void update_groups (void)
* Update the DBM group file with the new entry as well.
*/
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user from group",
user_name, (unsigned int) user_id, 0);
user_name, (unsigned int) user_id, 1);
#endif
SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
user_name, ngrp->gr_name));
@ -233,9 +233,9 @@ static void update_groups (void)
#endif
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
user_name, (unsigned int) user_id, 0);
grp->gr_name, AUDIT_NO_ID, 1);
#endif
SYSLOG ((LOG_INFO,
"removed group '%s' owned by '%s'\n",
@ -291,9 +291,9 @@ static void update_groups (void)
exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user from shadow group",
user_name, (unsigned int) user_id, 0);
user_name, (unsigned int) user_id, 1);
#endif
SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
user_name, nsgrp->sg_name));
@ -414,7 +414,7 @@ static void fail_exit (int code)
#endif
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user",
user_name, (unsigned int) user_id, 0);
#endif
@ -435,7 +435,7 @@ static void open_files (void)
_("%s: cannot lock %s; try again later.\n"),
Prog, pw_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"locking password file",
user_name, (unsigned int) user_id, 0);
#endif
@ -446,7 +446,7 @@ static void open_files (void)
fprintf (stderr,
_("%s: cannot open %s\n"), Prog, pw_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"opening password file",
user_name, (unsigned int) user_id, 0);
#endif
@ -458,7 +458,7 @@ static void open_files (void)
_("%s: cannot lock %s; try again later.\n"),
Prog, spw_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"locking shadow password file",
user_name, (unsigned int) user_id, 0);
#endif
@ -470,7 +470,7 @@ static void open_files (void)
_("%s: cannot open %s\n"),
Prog, spw_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"opening shadow password file",
user_name, (unsigned int) user_id, 0);
#endif
@ -482,7 +482,7 @@ static void open_files (void)
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"locking group file",
user_name, (unsigned int) user_id, 0);
#endif
@ -492,7 +492,7 @@ static void open_files (void)
if (gr_open (O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"opening group file",
user_name, (unsigned int) user_id, 0);
#endif
@ -505,7 +505,7 @@ static void open_files (void)
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"locking shadow group file",
user_name, (unsigned int) user_id, 0);
#endif
@ -516,7 +516,7 @@ static void open_files (void)
fprintf (stderr, _("%s: cannot open %s\n"),
Prog, sgr_dbname ());
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"opening shadow group file",
user_name, (unsigned int) user_id, 0);
#endif
@ -547,7 +547,7 @@ static void update_user (void)
fail_exit (E_PW_UPDATE);
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user entries",
user_name, (unsigned int) user_id, 1);
#endif
@ -589,7 +589,7 @@ static void user_busy (const char *name, uid_t uid)
_("%s: user %s is currently logged in\n"), Prog, name);
if (!fflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user logged in",
name, AUDIT_NO_ID, 0);
#endif
@ -697,7 +697,7 @@ static void remove_mailbox (void)
if (fflg) {
unlink (mailfile); /* always remove, ignore errors */
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
user_name, (unsigned int) user_id, 1);
#endif
@ -710,7 +710,7 @@ static void remove_mailbox (void)
Prog, mailfile, user_name);
SYSLOG ((LOG_ERR, "%s not owned by %s, not removed", mailfile, strerror (errno)));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
user_name, (unsigned int) user_id, 0);
#endif
@ -721,11 +721,16 @@ static void remove_mailbox (void)
if (unlink (mailfile) != 0) {
fprintf (stderr, _("%s: warning: can't remove %s: %s"), Prog, mailfile, strerror (errno));
SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
user_name, (unsigned int) user_id, 0);
#endif
/* continue */
}
#ifdef WITH_AUDIT
else {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
user_name, (unsigned int) user_id, 1);
}
@ -835,7 +840,7 @@ int main (int argc, char **argv)
fprintf (stderr, _("%s: user '%s' does not exist\n"),
Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user not found",
user_name, AUDIT_NO_ID, 0);
#endif
@ -924,14 +929,14 @@ int main (int argc, char **argv)
_("%s: error removing directory %s\n"),
Prog, user_home);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting home directory",
user_name, (unsigned int) user_id, 1);
user_name, (unsigned int) user_id, 0);
#endif
errors++;
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting home directory",
user_name, (unsigned int) user_id, 1);
#endif
@ -951,9 +956,8 @@ int main (int argc, char **argv)
(void) pam_end (pamh, PAM_SUCCESS);
#endif /* USE_PAM */
#ifdef WITH_AUDIT
/* FIXME: Is it really "deleting home directory"? */
if (0 != errors) {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
audit_logger (AUDIT_DEL_USER, Prog,
"deleting home directory",
user_name, AUDIT_NO_ID, 0);
}