* src/useradd.c: Log errors to syslog in grp_update() since
changes have started to be reported to syslog. * src/userdel.c: Fix some result parameters sent to audit_logger(). * NEWS: Following changes from a patch contributed by Steve Grubb <sgrubb@redhat.com> * src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead of AUDIT_USER_CHAUTHTOK. * src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK. * src/useradd.c: Log to audit with type AUDIT_ADD_USER / AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of AUDIT_USER_CHAUTHTOK. * src/useradd.c: Add missing logs to audit. * src/userdel.c: Log to audit with type AUDIT_DEL_USER / AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK. * src/userdel.c: Add missing logs to audit.
This commit is contained in:
nekral-guest
parent
ba98ffe152
commit
f3c7ca59c5
23
ChangeLog
23
ChangeLog
@ -1,3 +1,26 @@
|
|||||||
|
2008-09-03 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
|
* src/useradd.c: Log errors to syslog in grp_update() since
|
||||||
|
changes have started to be reported to syslog.
|
||||||
|
* src/userdel.c: Fix some result parameters sent to
|
||||||
|
audit_logger().
|
||||||
|
|
||||||
|
2008-09-02 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
|
* NEWS: Following changes from a patch contributed by Steve Grubb
|
||||||
|
<sgrubb@redhat.com>
|
||||||
|
* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
|
||||||
|
of AUDIT_USER_CHAUTHTOK.
|
||||||
|
* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead
|
||||||
|
of AUDIT_USER_CHAUTHTOK.
|
||||||
|
* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
|
||||||
|
AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
|
||||||
|
AUDIT_USER_CHAUTHTOK.
|
||||||
|
* src/useradd.c: Add missing logs to audit.
|
||||||
|
* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
|
||||||
|
AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
|
||||||
|
* src/userdel.c: Add missing logs to audit.
|
||||||
|
|
||||||
2008-08-31 Nicolas François <nicolas.francois@centraliens.net>
|
2008-08-31 Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
|
||||||
* src/groupmems.c: Remove duplicated gr_open().
|
* src/groupmems.c: Remove duplicated gr_open().
|
||||||
|
|||||||
8
NEWS
8
NEWS
@ -11,6 +11,10 @@ shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED
|
|||||||
* Added support for long options --add (-a), --delete (-d),
|
* Added support for long options --add (-a), --delete (-d),
|
||||||
--remove-password (-r), --restrict (-R), --administrators (-A), and
|
--remove-password (-r), --restrict (-R), --administrators (-A), and
|
||||||
--members (-M).
|
--members (-M).
|
||||||
|
- groupadd
|
||||||
|
* audit logging improvements.
|
||||||
|
- groupdel
|
||||||
|
* audit logging improvements.
|
||||||
- groupmems
|
- groupmems
|
||||||
* Check if user exist before they are added to groups.
|
* Check if user exist before they are added to groups.
|
||||||
* Avoid segfault in case the specified group does not exist in /etc/group.
|
* Avoid segfault in case the specified group does not exist in /etc/group.
|
||||||
@ -27,6 +31,10 @@ shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED
|
|||||||
* For compatibility with other passwd version, the --lock an --unlock
|
* For compatibility with other passwd version, the --lock an --unlock
|
||||||
options do not lock or unlock the user account anymore. They only
|
options do not lock or unlock the user account anymore. They only
|
||||||
lock or unlock the user's password.
|
lock or unlock the user's password.
|
||||||
|
- useradd
|
||||||
|
* audit logging improvements.
|
||||||
|
- userdel
|
||||||
|
* audit logging improvements.
|
||||||
- usermod
|
- usermod
|
||||||
* Allow adding LDAP users (or any user not present in the local passwd
|
* Allow adding LDAP users (or any user not present in the local passwd
|
||||||
file) to local groups
|
file) to local groups
|
||||||
|
|||||||
@ -215,7 +215,7 @@ static void grp_update (void)
|
|||||||
}
|
}
|
||||||
#endif /* SHADOWGRP */
|
#endif /* SHADOWGRP */
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"adding group",
|
"adding group",
|
||||||
group_name, (unsigned int) group_id, 1);
|
group_name, (unsigned int) group_id, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -262,7 +262,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"unlocking group file",
|
"unlocking group file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -281,7 +281,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"unlocking gshadow file",
|
"unlocking gshadow file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -304,7 +304,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot lock %s; try again later.\n"),
|
_("%s: cannot lock %s; try again later.\n"),
|
||||||
Prog, gr_dbname ());
|
Prog, gr_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"locking group file",
|
"locking group file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -315,7 +315,7 @@ static void open_files (void)
|
|||||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||||
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
|
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"opening group file",
|
"opening group file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -328,7 +328,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot lock %s; try again later.\n"),
|
_("%s: cannot lock %s; try again later.\n"),
|
||||||
Prog, sgr_dbname ());
|
Prog, sgr_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"locking gshadow file",
|
"locking gshadow file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -340,7 +340,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot open %s\n"), Prog, sgr_dbname ());
|
_("%s: cannot open %s\n"), Prog, sgr_dbname ());
|
||||||
SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
|
SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"opening gshadow file",
|
"opening gshadow file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -360,7 +360,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"unlocking group file",
|
"unlocking group file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -373,7 +373,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"unlocking gshadow file",
|
"unlocking gshadow file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -384,7 +384,7 @@ static void fail_exit (int code)
|
|||||||
|
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
if (code != E_SUCCESS) {
|
if (code != E_SUCCESS) {
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
"adding group",
|
"adding group",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -99,7 +99,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"unlocking group file",
|
"unlocking group file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -112,7 +112,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"unlocking gshadow file",
|
"unlocking gshadow file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -122,7 +122,7 @@ static void fail_exit (int code)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"deleting group",
|
"deleting group",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -168,7 +168,7 @@ static void grp_update (void)
|
|||||||
static void close_files (void)
|
static void close_files (void)
|
||||||
{
|
{
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"deleting group",
|
"deleting group",
|
||||||
group_name, (unsigned int) group_id, 1);
|
group_name, (unsigned int) group_id, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -183,7 +183,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"unlocking group file",
|
"unlocking group file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -203,7 +203,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"unlocking gshadow file",
|
"unlocking gshadow file",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -374,7 +374,7 @@ int main (int argc, char **argv)
|
|||||||
fprintf (stderr, _("%s: group '%s' does not exist\n"),
|
fprintf (stderr, _("%s: group '%s' does not exist\n"),
|
||||||
Prog, group_name);
|
Prog, group_name);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"deleting group",
|
"deleting group",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -396,7 +396,7 @@ int main (int argc, char **argv)
|
|||||||
Prog, group_name);
|
Prog, group_name);
|
||||||
|
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"deleting group",
|
"deleting group",
|
||||||
group_name, AUDIT_NO_ID, 0);
|
group_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -203,7 +203,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking shadow file",
|
"unlocking shadow file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -215,7 +215,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking passwd file",
|
"unlocking passwd file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -227,7 +227,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking group file",
|
"unlocking group file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -240,7 +240,7 @@ static void fail_exit (int code)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking gshadow file",
|
"unlocking gshadow file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -250,7 +250,7 @@ static void fail_exit (int code)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding user",
|
"adding user",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -580,8 +580,8 @@ static int set_defaults (void)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_USYS_CONFIG, Prog,
|
||||||
"changing user defaults",
|
"changing useradd defaults",
|
||||||
NULL, AUDIT_NO_ID, 1);
|
NULL, AUDIT_NO_ID, 1);
|
||||||
#endif
|
#endif
|
||||||
SYSLOG ((LOG_INFO,
|
SYSLOG ((LOG_INFO,
|
||||||
@ -834,6 +834,12 @@ static void grp_update (void)
|
|||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: Out of memory. Cannot update %s.\n"),
|
_("%s: Out of memory. Cannot update %s.\n"),
|
||||||
Prog, gr_dbname ());
|
Prog, gr_dbname ());
|
||||||
|
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
|
"adding user to group",
|
||||||
|
user_name, AUDIT_NO_ID, 0);
|
||||||
|
#endif
|
||||||
fail_exit (E_GRP_UPDATE); /* XXX */
|
fail_exit (E_GRP_UPDATE); /* XXX */
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -846,10 +852,16 @@ static void grp_update (void)
|
|||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: failed to prepare the new %s entry '%s'\n"),
|
_("%s: failed to prepare the new %s entry '%s'\n"),
|
||||||
Prog, gr_dbname (), ngrp->gr_name);
|
Prog, gr_dbname (), ngrp->gr_name);
|
||||||
|
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
|
"adding user to group",
|
||||||
|
user_name, AUDIT_NO_ID, 0);
|
||||||
|
#endif
|
||||||
fail_exit (E_GRP_UPDATE);
|
fail_exit (E_GRP_UPDATE);
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding user to group",
|
"adding user to group",
|
||||||
user_name, AUDIT_NO_ID, 1);
|
user_name, AUDIT_NO_ID, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -889,6 +901,12 @@ static void grp_update (void)
|
|||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: Out of memory. Cannot update %s.\n"),
|
_("%s: Out of memory. Cannot update %s.\n"),
|
||||||
Prog, sgr_dbname ());
|
Prog, sgr_dbname ());
|
||||||
|
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
|
"adding user to shadow group",
|
||||||
|
user_name, AUDIT_NO_ID, 0);
|
||||||
|
#endif
|
||||||
fail_exit (E_GRP_UPDATE); /* XXX */
|
fail_exit (E_GRP_UPDATE); /* XXX */
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -901,10 +919,16 @@ static void grp_update (void)
|
|||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: failed to prepare the new %s entry '%s'\n"),
|
_("%s: failed to prepare the new %s entry '%s'\n"),
|
||||||
Prog, sgr_dbname (), nsgrp->sg_name);
|
Prog, sgr_dbname (), nsgrp->sg_name);
|
||||||
|
SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
|
"adding user to shadow group",
|
||||||
|
user_name, AUDIT_NO_ID, 0);
|
||||||
|
#endif
|
||||||
fail_exit (E_GRP_UPDATE);
|
fail_exit (E_GRP_UPDATE);
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding user to shadow group",
|
"adding user to shadow group",
|
||||||
user_name, AUDIT_NO_ID, 1);
|
user_name, AUDIT_NO_ID, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -1198,7 +1222,7 @@ static void process_flags (int argc, char **argv)
|
|||||||
_("%s: invalid user name '%s'\n"),
|
_("%s: invalid user name '%s'\n"),
|
||||||
Prog, user_name);
|
Prog, user_name);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding user",
|
"adding user",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1273,7 +1297,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking shadow file",
|
"unlocking shadow file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1285,7 +1309,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking passwd file",
|
"unlocking passwd file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1296,7 +1320,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking group file",
|
"unlocking group file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1309,7 +1333,7 @@ static void close_files (void)
|
|||||||
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"unlocking gshadow file",
|
"unlocking gshadow file",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1453,6 +1477,11 @@ static void grp_add (void)
|
|||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: failed to prepare the new %s entry '%s'\n"),
|
_("%s: failed to prepare the new %s entry '%s'\n"),
|
||||||
Prog, gr_dbname (), grp.gr_name);
|
Prog, gr_dbname (), grp.gr_name);
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
|
"adding group",
|
||||||
|
grp.gr_name, AUDIT_NO_ID, 0);
|
||||||
|
#endif
|
||||||
fail_exit (E_GRP_UPDATE);
|
fail_exit (E_GRP_UPDATE);
|
||||||
}
|
}
|
||||||
#ifdef SHADOWGRP
|
#ifdef SHADOWGRP
|
||||||
@ -1463,10 +1492,20 @@ static void grp_add (void)
|
|||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: failed to prepare the new %s entry '%s'\n"),
|
_("%s: failed to prepare the new %s entry '%s'\n"),
|
||||||
Prog, sgr_dbname (), sgrp.sg_name);
|
Prog, sgr_dbname (), sgrp.sg_name);
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
|
"adding group",
|
||||||
|
grp.gr_name, AUDIT_NO_ID, 0);
|
||||||
|
#endif
|
||||||
fail_exit (E_GRP_UPDATE);
|
fail_exit (E_GRP_UPDATE);
|
||||||
}
|
}
|
||||||
#endif /* SHADOWGRP */
|
#endif /* SHADOWGRP */
|
||||||
SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
|
SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_ADD_GROUP, Prog,
|
||||||
|
"adding group",
|
||||||
|
grp.gr_name, AUDIT_NO_ID, 1);
|
||||||
|
#endif
|
||||||
do_grp_update = true;
|
do_grp_update = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1577,14 +1616,14 @@ static void usr_update (void)
|
|||||||
_("%s: failed to prepare the new %s entry '%s'\n"),
|
_("%s: failed to prepare the new %s entry '%s'\n"),
|
||||||
Prog, spw_dbname (), spent.sp_namp);
|
Prog, spw_dbname (), spent.sp_namp);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding shadow password",
|
"adding shadow password",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
fail_exit (E_PW_UPDATE);
|
fail_exit (E_PW_UPDATE);
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding user",
|
"adding user",
|
||||||
user_name, (unsigned int) user_id, 1);
|
user_name, (unsigned int) user_id, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -1614,7 +1653,7 @@ static void create_home (void)
|
|||||||
("%s: cannot create directory %s\n"),
|
("%s: cannot create directory %s\n"),
|
||||||
Prog, user_home);
|
Prog, user_home);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding home directory",
|
"adding home directory",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1625,7 +1664,7 @@ static void create_home (void)
|
|||||||
0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
|
0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
|
||||||
home_added = true;
|
home_added = true;
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding home directory",
|
"adding home directory",
|
||||||
user_name, (unsigned int) user_id, 1);
|
user_name, (unsigned int) user_id, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -1772,7 +1811,7 @@ int main (int argc, char **argv)
|
|||||||
if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
|
if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
|
||||||
fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
|
fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding user",
|
"adding user",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1792,7 +1831,7 @@ int main (int argc, char **argv)
|
|||||||
_("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
|
_("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
|
||||||
Prog, user_name);
|
Prog, user_name);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding group",
|
"adding group",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -1826,7 +1865,7 @@ int main (int argc, char **argv)
|
|||||||
_("%s: UID %lu is not unique\n"),
|
_("%s: UID %lu is not unique\n"),
|
||||||
Prog, (unsigned long) user_id);
|
Prog, (unsigned long) user_id);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_ADD_USER, Prog,
|
||||||
"adding user",
|
"adding user",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -177,9 +177,9 @@ static void update_groups (void)
|
|||||||
* Update the DBM group file with the new entry as well.
|
* Update the DBM group file with the new entry as well.
|
||||||
*/
|
*/
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting user from group",
|
"deleting user from group",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 1);
|
||||||
#endif
|
#endif
|
||||||
SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
|
SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
|
||||||
user_name, ngrp->gr_name));
|
user_name, ngrp->gr_name));
|
||||||
@ -233,9 +233,9 @@ static void update_groups (void)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_GROUP, Prog,
|
||||||
"deleting group",
|
"deleting group",
|
||||||
user_name, (unsigned int) user_id, 0);
|
grp->gr_name, AUDIT_NO_ID, 1);
|
||||||
#endif
|
#endif
|
||||||
SYSLOG ((LOG_INFO,
|
SYSLOG ((LOG_INFO,
|
||||||
"removed group '%s' owned by '%s'\n",
|
"removed group '%s' owned by '%s'\n",
|
||||||
@ -291,9 +291,9 @@ static void update_groups (void)
|
|||||||
exit (E_GRP_UPDATE);
|
exit (E_GRP_UPDATE);
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting user from shadow group",
|
"deleting user from shadow group",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 1);
|
||||||
#endif
|
#endif
|
||||||
SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
|
SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
|
||||||
user_name, nsgrp->sg_name));
|
user_name, nsgrp->sg_name));
|
||||||
@ -414,7 +414,7 @@ static void fail_exit (int code)
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting user",
|
"deleting user",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -435,7 +435,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot lock %s; try again later.\n"),
|
_("%s: cannot lock %s; try again later.\n"),
|
||||||
Prog, pw_dbname ());
|
Prog, pw_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"locking password file",
|
"locking password file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -446,7 +446,7 @@ static void open_files (void)
|
|||||||
fprintf (stderr,
|
fprintf (stderr,
|
||||||
_("%s: cannot open %s\n"), Prog, pw_dbname ());
|
_("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"opening password file",
|
"opening password file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -458,7 +458,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot lock %s; try again later.\n"),
|
_("%s: cannot lock %s; try again later.\n"),
|
||||||
Prog, spw_dbname ());
|
Prog, spw_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"locking shadow password file",
|
"locking shadow password file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -470,7 +470,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot open %s\n"),
|
_("%s: cannot open %s\n"),
|
||||||
Prog, spw_dbname ());
|
Prog, spw_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"opening shadow password file",
|
"opening shadow password file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -482,7 +482,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot lock %s; try again later.\n"),
|
_("%s: cannot lock %s; try again later.\n"),
|
||||||
Prog, gr_dbname ());
|
Prog, gr_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"locking group file",
|
"locking group file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -492,7 +492,7 @@ static void open_files (void)
|
|||||||
if (gr_open (O_RDWR) == 0) {
|
if (gr_open (O_RDWR) == 0) {
|
||||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"opening group file",
|
"opening group file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -505,7 +505,7 @@ static void open_files (void)
|
|||||||
_("%s: cannot lock %s; try again later.\n"),
|
_("%s: cannot lock %s; try again later.\n"),
|
||||||
Prog, sgr_dbname ());
|
Prog, sgr_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"locking shadow group file",
|
"locking shadow group file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -516,7 +516,7 @@ static void open_files (void)
|
|||||||
fprintf (stderr, _("%s: cannot open %s\n"),
|
fprintf (stderr, _("%s: cannot open %s\n"),
|
||||||
Prog, sgr_dbname ());
|
Prog, sgr_dbname ());
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"opening shadow group file",
|
"opening shadow group file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -547,7 +547,7 @@ static void update_user (void)
|
|||||||
fail_exit (E_PW_UPDATE);
|
fail_exit (E_PW_UPDATE);
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting user entries",
|
"deleting user entries",
|
||||||
user_name, (unsigned int) user_id, 1);
|
user_name, (unsigned int) user_id, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -589,7 +589,7 @@ static void user_busy (const char *name, uid_t uid)
|
|||||||
_("%s: user %s is currently logged in\n"), Prog, name);
|
_("%s: user %s is currently logged in\n"), Prog, name);
|
||||||
if (!fflg) {
|
if (!fflg) {
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting user logged in",
|
"deleting user logged in",
|
||||||
name, AUDIT_NO_ID, 0);
|
name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -697,7 +697,7 @@ static void remove_mailbox (void)
|
|||||||
if (fflg) {
|
if (fflg) {
|
||||||
unlink (mailfile); /* always remove, ignore errors */
|
unlink (mailfile); /* always remove, ignore errors */
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting mail file",
|
"deleting mail file",
|
||||||
user_name, (unsigned int) user_id, 1);
|
user_name, (unsigned int) user_id, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -710,7 +710,7 @@ static void remove_mailbox (void)
|
|||||||
Prog, mailfile, user_name);
|
Prog, mailfile, user_name);
|
||||||
SYSLOG ((LOG_ERR, "%s not owned by %s, not removed", mailfile, strerror (errno)));
|
SYSLOG ((LOG_ERR, "%s not owned by %s, not removed", mailfile, strerror (errno)));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting mail file",
|
"deleting mail file",
|
||||||
user_name, (unsigned int) user_id, 0);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -721,11 +721,16 @@ static void remove_mailbox (void)
|
|||||||
if (unlink (mailfile) != 0) {
|
if (unlink (mailfile) != 0) {
|
||||||
fprintf (stderr, _("%s: warning: can't remove %s: %s"), Prog, mailfile, strerror (errno));
|
fprintf (stderr, _("%s: warning: can't remove %s: %s"), Prog, mailfile, strerror (errno));
|
||||||
SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
|
SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
|
||||||
|
#ifdef WITH_AUDIT
|
||||||
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
|
"deleting mail file",
|
||||||
|
user_name, (unsigned int) user_id, 0);
|
||||||
|
#endif
|
||||||
/* continue */
|
/* continue */
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
else {
|
else {
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting mail file",
|
"deleting mail file",
|
||||||
user_name, (unsigned int) user_id, 1);
|
user_name, (unsigned int) user_id, 1);
|
||||||
}
|
}
|
||||||
@ -835,7 +840,7 @@ int main (int argc, char **argv)
|
|||||||
fprintf (stderr, _("%s: user '%s' does not exist\n"),
|
fprintf (stderr, _("%s: user '%s' does not exist\n"),
|
||||||
Prog, user_name);
|
Prog, user_name);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting user not found",
|
"deleting user not found",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
#endif
|
#endif
|
||||||
@ -924,14 +929,14 @@ int main (int argc, char **argv)
|
|||||||
_("%s: error removing directory %s\n"),
|
_("%s: error removing directory %s\n"),
|
||||||
Prog, user_home);
|
Prog, user_home);
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting home directory",
|
"deleting home directory",
|
||||||
user_name, (unsigned int) user_id, 1);
|
user_name, (unsigned int) user_id, 0);
|
||||||
#endif
|
#endif
|
||||||
errors++;
|
errors++;
|
||||||
}
|
}
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting home directory",
|
"deleting home directory",
|
||||||
user_name, (unsigned int) user_id, 1);
|
user_name, (unsigned int) user_id, 1);
|
||||||
#endif
|
#endif
|
||||||
@ -951,9 +956,8 @@ int main (int argc, char **argv)
|
|||||||
(void) pam_end (pamh, PAM_SUCCESS);
|
(void) pam_end (pamh, PAM_SUCCESS);
|
||||||
#endif /* USE_PAM */
|
#endif /* USE_PAM */
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
/* FIXME: Is it really "deleting home directory"? */
|
|
||||||
if (0 != errors) {
|
if (0 != errors) {
|
||||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
audit_logger (AUDIT_DEL_USER, Prog,
|
||||||
"deleting home directory",
|
"deleting home directory",
|
||||||
user_name, AUDIT_NO_ID, 0);
|
user_name, AUDIT_NO_ID, 0);
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user