From f3c7ca59c581580319975c83a4d015acca69b155 Mon Sep 17 00:00:00 2001 From: nekral-guest Date: Wed, 3 Sep 2008 21:02:32 +0000 Subject: [PATCH] * src/useradd.c: Log errors to syslog in grp_update() since changes have started to be reported to syslog. * src/userdel.c: Fix some result parameters sent to audit_logger(). * NEWS: Following changes from a patch contributed by Steve Grubb * src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead of AUDIT_USER_CHAUTHTOK. * src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK. * src/useradd.c: Log to audit with type AUDIT_ADD_USER / AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of AUDIT_USER_CHAUTHTOK. * src/useradd.c: Add missing logs to audit. * src/userdel.c: Log to audit with type AUDIT_DEL_USER / AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK. * src/userdel.c: Add missing logs to audit. --- ChangeLog | 23 ++++++++++++++ NEWS | 8 +++++ src/groupadd.c | 20 ++++++------- src/groupdel.c | 16 +++++----- src/useradd.c | 81 +++++++++++++++++++++++++++++++++++++------------- src/userdel.c | 56 ++++++++++++++++++---------------- 6 files changed, 139 insertions(+), 65 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0b1af85b..4fa3df44 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,26 @@ +2008-09-03 Nicolas François + + * src/useradd.c: Log errors to syslog in grp_update() since + changes have started to be reported to syslog. + * src/userdel.c: Fix some result parameters sent to + audit_logger(). + +2008-09-02 Nicolas François + + * NEWS: Following changes from a patch contributed by Steve Grubb + + * src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead + of AUDIT_USER_CHAUTHTOK. + * src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead + of AUDIT_USER_CHAUTHTOK. + * src/useradd.c: Log to audit with type AUDIT_ADD_USER / + AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of + AUDIT_USER_CHAUTHTOK. + * src/useradd.c: Add missing logs to audit. + * src/userdel.c: Log to audit with type AUDIT_DEL_USER / + AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK. + * src/userdel.c: Add missing logs to audit. + 2008-08-31 Nicolas François * src/groupmems.c: Remove duplicated gr_open(). diff --git a/NEWS b/NEWS index 92f5e37b..02f90d1e 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,10 @@ shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED * Added support for long options --add (-a), --delete (-d), --remove-password (-r), --restrict (-R), --administrators (-A), and --members (-M). +- groupadd + * audit logging improvements. +- groupdel + * audit logging improvements. - groupmems * Check if user exist before they are added to groups. * Avoid segfault in case the specified group does not exist in /etc/group. @@ -27,6 +31,10 @@ shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED * For compatibility with other passwd version, the --lock an --unlock options do not lock or unlock the user account anymore. They only lock or unlock the user's password. +- useradd + * audit logging improvements. +- userdel + * audit logging improvements. - usermod * Allow adding LDAP users (or any user not present in the local passwd file) to local groups diff --git a/src/groupadd.c b/src/groupadd.c index 69fc2b90..cfe83d0d 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -215,7 +215,7 @@ static void grp_update (void) } #endif /* SHADOWGRP */ #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "adding group", group_name, (unsigned int) group_id, 1); #endif @@ -262,7 +262,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "unlocking group file", group_name, AUDIT_NO_ID, 0); #endif @@ -281,7 +281,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "unlocking gshadow file", group_name, AUDIT_NO_ID, 0); #endif @@ -304,7 +304,7 @@ static void open_files (void) _("%s: cannot lock %s; try again later.\n"), Prog, gr_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "locking group file", group_name, AUDIT_NO_ID, 0); #endif @@ -315,7 +315,7 @@ static void open_files (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "opening group file", group_name, AUDIT_NO_ID, 0); #endif @@ -328,7 +328,7 @@ static void open_files (void) _("%s: cannot lock %s; try again later.\n"), Prog, sgr_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "locking gshadow file", group_name, AUDIT_NO_ID, 0); #endif @@ -340,7 +340,7 @@ static void open_files (void) _("%s: cannot open %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "opening gshadow file", group_name, AUDIT_NO_ID, 0); #endif @@ -360,7 +360,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "unlocking group file", group_name, AUDIT_NO_ID, 0); #endif @@ -373,7 +373,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "unlocking gshadow file", group_name, AUDIT_NO_ID, 0); #endif @@ -384,7 +384,7 @@ static void fail_exit (int code) #ifdef WITH_AUDIT if (code != E_SUCCESS) { - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_GROUP, Prog, "adding group", group_name, AUDIT_NO_ID, 0); } diff --git a/src/groupdel.c b/src/groupdel.c index 90649eb9..221b9e86 100644 --- a/src/groupdel.c +++ b/src/groupdel.c @@ -99,7 +99,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "unlocking group file", group_name, AUDIT_NO_ID, 0); #endif @@ -112,7 +112,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "unlocking gshadow file", group_name, AUDIT_NO_ID, 0); #endif @@ -122,7 +122,7 @@ static void fail_exit (int code) #endif #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "deleting group", group_name, AUDIT_NO_ID, 0); #endif @@ -168,7 +168,7 @@ static void grp_update (void) static void close_files (void) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "deleting group", group_name, (unsigned int) group_id, 1); #endif @@ -183,7 +183,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "unlocking group file", group_name, AUDIT_NO_ID, 0); #endif @@ -203,7 +203,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "unlocking gshadow file", group_name, AUDIT_NO_ID, 0); #endif @@ -374,7 +374,7 @@ int main (int argc, char **argv) fprintf (stderr, _("%s: group '%s' does not exist\n"), Prog, group_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "deleting group", group_name, AUDIT_NO_ID, 0); #endif @@ -396,7 +396,7 @@ int main (int argc, char **argv) Prog, group_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "deleting group", group_name, AUDIT_NO_ID, 0); #endif diff --git a/src/useradd.c b/src/useradd.c index 28d293cf..12efbca8 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -203,7 +203,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking shadow file", user_name, AUDIT_NO_ID, 0); #endif @@ -215,7 +215,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking passwd file", user_name, AUDIT_NO_ID, 0); #endif @@ -227,7 +227,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking group file", user_name, AUDIT_NO_ID, 0); #endif @@ -240,7 +240,7 @@ static void fail_exit (int code) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking gshadow file", user_name, AUDIT_NO_ID, 0); #endif @@ -250,7 +250,7 @@ static void fail_exit (int code) #endif #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding user", user_name, AUDIT_NO_ID, 0); #endif @@ -580,8 +580,8 @@ static int set_defaults (void) return -1; } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, - "changing user defaults", + audit_logger (AUDIT_USYS_CONFIG, Prog, + "changing useradd defaults", NULL, AUDIT_NO_ID, 1); #endif SYSLOG ((LOG_INFO, @@ -834,6 +834,12 @@ static void grp_update (void) fprintf (stderr, _("%s: Out of memory. Cannot update %s.\n"), Prog, gr_dbname ()); + SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "adding user to group", + user_name, AUDIT_NO_ID, 0); +#endif fail_exit (E_GRP_UPDATE); /* XXX */ } @@ -846,10 +852,16 @@ static void grp_update (void) fprintf (stderr, _("%s: failed to prepare the new %s entry '%s'\n"), Prog, gr_dbname (), ngrp->gr_name); + SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "adding user to group", + user_name, AUDIT_NO_ID, 0); +#endif fail_exit (E_GRP_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding user to group", user_name, AUDIT_NO_ID, 1); #endif @@ -889,6 +901,12 @@ static void grp_update (void) fprintf (stderr, _("%s: Out of memory. Cannot update %s.\n"), Prog, sgr_dbname ()); + SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "adding user to shadow group", + user_name, AUDIT_NO_ID, 0); +#endif fail_exit (E_GRP_UPDATE); /* XXX */ } @@ -901,10 +919,16 @@ static void grp_update (void) fprintf (stderr, _("%s: failed to prepare the new %s entry '%s'\n"), Prog, sgr_dbname (), nsgrp->sg_name); + SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "adding user to shadow group", + user_name, AUDIT_NO_ID, 0); +#endif fail_exit (E_GRP_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding user to shadow group", user_name, AUDIT_NO_ID, 1); #endif @@ -1198,7 +1222,7 @@ static void process_flags (int argc, char **argv) _("%s: invalid user name '%s'\n"), Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding user", user_name, AUDIT_NO_ID, 0); #endif @@ -1273,7 +1297,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking shadow file", user_name, AUDIT_NO_ID, 0); #endif @@ -1285,7 +1309,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking passwd file", user_name, AUDIT_NO_ID, 0); #endif @@ -1296,7 +1320,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking group file", user_name, AUDIT_NO_ID, 0); #endif @@ -1309,7 +1333,7 @@ static void close_files (void) fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ()); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "unlocking gshadow file", user_name, AUDIT_NO_ID, 0); #endif @@ -1453,6 +1477,11 @@ static void grp_add (void) fprintf (stderr, _("%s: failed to prepare the new %s entry '%s'\n"), Prog, gr_dbname (), grp.gr_name); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, Prog, + "adding group", + grp.gr_name, AUDIT_NO_ID, 0); +#endif fail_exit (E_GRP_UPDATE); } #ifdef SHADOWGRP @@ -1463,10 +1492,20 @@ static void grp_add (void) fprintf (stderr, _("%s: failed to prepare the new %s entry '%s'\n"), Prog, sgr_dbname (), sgrp.sg_name); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, Prog, + "adding group", + grp.gr_name, AUDIT_NO_ID, 0); +#endif fail_exit (E_GRP_UPDATE); } #endif /* SHADOWGRP */ SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid)); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_GROUP, Prog, + "adding group", + grp.gr_name, AUDIT_NO_ID, 1); +#endif do_grp_update = true; } @@ -1577,14 +1616,14 @@ static void usr_update (void) _("%s: failed to prepare the new %s entry '%s'\n"), Prog, spw_dbname (), spent.sp_namp); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding shadow password", user_name, (unsigned int) user_id, 0); #endif fail_exit (E_PW_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding user", user_name, (unsigned int) user_id, 1); #endif @@ -1614,7 +1653,7 @@ static void create_home (void) ("%s: cannot create directory %s\n"), Prog, user_home); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding home directory", user_name, (unsigned int) user_id, 0); #endif @@ -1625,7 +1664,7 @@ static void create_home (void) 0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK)); home_added = true; #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding home directory", user_name, (unsigned int) user_id, 1); #endif @@ -1772,7 +1811,7 @@ int main (int argc, char **argv) if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */ fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding user", user_name, AUDIT_NO_ID, 0); #endif @@ -1792,7 +1831,7 @@ int main (int argc, char **argv) _("%s: group %s exists - if you want to add this user to that group, use -g.\n"), Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding group", user_name, AUDIT_NO_ID, 0); #endif @@ -1826,7 +1865,7 @@ int main (int argc, char **argv) _("%s: UID %lu is not unique\n"), Prog, (unsigned long) user_id); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_ADD_USER, Prog, "adding user", user_name, (unsigned int) user_id, 0); #endif diff --git a/src/userdel.c b/src/userdel.c index 9608fadf..d7fa1408 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -177,9 +177,9 @@ static void update_groups (void) * Update the DBM group file with the new entry as well. */ #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting user from group", - user_name, (unsigned int) user_id, 0); + user_name, (unsigned int) user_id, 1); #endif SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n", user_name, ngrp->gr_name)); @@ -233,9 +233,9 @@ static void update_groups (void) #endif #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_GROUP, Prog, "deleting group", - user_name, (unsigned int) user_id, 0); + grp->gr_name, AUDIT_NO_ID, 1); #endif SYSLOG ((LOG_INFO, "removed group '%s' owned by '%s'\n", @@ -291,9 +291,9 @@ static void update_groups (void) exit (E_GRP_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting user from shadow group", - user_name, (unsigned int) user_id, 0); + user_name, (unsigned int) user_id, 1); #endif SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n", user_name, nsgrp->sg_name)); @@ -414,7 +414,7 @@ static void fail_exit (int code) #endif #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting user", user_name, (unsigned int) user_id, 0); #endif @@ -435,7 +435,7 @@ static void open_files (void) _("%s: cannot lock %s; try again later.\n"), Prog, pw_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "locking password file", user_name, (unsigned int) user_id, 0); #endif @@ -446,7 +446,7 @@ static void open_files (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "opening password file", user_name, (unsigned int) user_id, 0); #endif @@ -458,7 +458,7 @@ static void open_files (void) _("%s: cannot lock %s; try again later.\n"), Prog, spw_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "locking shadow password file", user_name, (unsigned int) user_id, 0); #endif @@ -470,7 +470,7 @@ static void open_files (void) _("%s: cannot open %s\n"), Prog, spw_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "opening shadow password file", user_name, (unsigned int) user_id, 0); #endif @@ -482,7 +482,7 @@ static void open_files (void) _("%s: cannot lock %s; try again later.\n"), Prog, gr_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "locking group file", user_name, (unsigned int) user_id, 0); #endif @@ -492,7 +492,7 @@ static void open_files (void) if (gr_open (O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "opening group file", user_name, (unsigned int) user_id, 0); #endif @@ -505,7 +505,7 @@ static void open_files (void) _("%s: cannot lock %s; try again later.\n"), Prog, sgr_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "locking shadow group file", user_name, (unsigned int) user_id, 0); #endif @@ -516,7 +516,7 @@ static void open_files (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "opening shadow group file", user_name, (unsigned int) user_id, 0); #endif @@ -547,7 +547,7 @@ static void update_user (void) fail_exit (E_PW_UPDATE); } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting user entries", user_name, (unsigned int) user_id, 1); #endif @@ -589,7 +589,7 @@ static void user_busy (const char *name, uid_t uid) _("%s: user %s is currently logged in\n"), Prog, name); if (!fflg) { #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting user logged in", name, AUDIT_NO_ID, 0); #endif @@ -697,7 +697,7 @@ static void remove_mailbox (void) if (fflg) { unlink (mailfile); /* always remove, ignore errors */ #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting mail file", user_name, (unsigned int) user_id, 1); #endif @@ -710,7 +710,7 @@ static void remove_mailbox (void) Prog, mailfile, user_name); SYSLOG ((LOG_ERR, "%s not owned by %s, not removed", mailfile, strerror (errno))); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting mail file", user_name, (unsigned int) user_id, 0); #endif @@ -721,11 +721,16 @@ static void remove_mailbox (void) if (unlink (mailfile) != 0) { fprintf (stderr, _("%s: warning: can't remove %s: %s"), Prog, mailfile, strerror (errno)); SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno))); +#ifdef WITH_AUDIT + audit_logger (AUDIT_DEL_USER, Prog, + "deleting mail file", + user_name, (unsigned int) user_id, 0); +#endif /* continue */ } #ifdef WITH_AUDIT else { - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting mail file", user_name, (unsigned int) user_id, 1); } @@ -835,7 +840,7 @@ int main (int argc, char **argv) fprintf (stderr, _("%s: user '%s' does not exist\n"), Prog, user_name); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting user not found", user_name, AUDIT_NO_ID, 0); #endif @@ -924,14 +929,14 @@ int main (int argc, char **argv) _("%s: error removing directory %s\n"), Prog, user_home); #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting home directory", - user_name, (unsigned int) user_id, 1); + user_name, (unsigned int) user_id, 0); #endif errors++; } #ifdef WITH_AUDIT - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting home directory", user_name, (unsigned int) user_id, 1); #endif @@ -951,9 +956,8 @@ int main (int argc, char **argv) (void) pam_end (pamh, PAM_SUCCESS); #endif /* USE_PAM */ #ifdef WITH_AUDIT -/* FIXME: Is it really "deleting home directory"? */ if (0 != errors) { - audit_logger (AUDIT_USER_CHAUTHTOK, Prog, + audit_logger (AUDIT_DEL_USER, Prog, "deleting home directory", user_name, AUDIT_NO_ID, 0); }