Re-indent.
This commit is contained in:
parent
2a2b2b3aa4
commit
f43a4659c6
@ -408,10 +408,11 @@ static void check_perms (const struct group *gr)
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadowgrp) {
|
||||
/*
|
||||
* The policy here for changing a group is that 1) you must be root
|
||||
* or 2). you must be listed as an administrative member.
|
||||
* Administrative members can do anything to a group that the root
|
||||
* user can.
|
||||
* The policy here for changing a group is that
|
||||
* 1) you must be root or
|
||||
* 2) you must be listed as an administrative member.
|
||||
* Administrative members can do anything to a group that
|
||||
* the root user can.
|
||||
*/
|
||||
if (!amroot && !is_on_list (sg->sg_adm, myname)) {
|
||||
#ifdef WITH_AUDIT
|
||||
@ -425,16 +426,18 @@ static void check_perms (const struct group *gr)
|
||||
{
|
||||
#ifdef FIRST_MEMBER_IS_ADMIN
|
||||
/*
|
||||
* The policy here for changing a group is that 1) you must be root
|
||||
* or 2) you must be the first listed member of the group. The
|
||||
* first listed member of a group can do anything to that group that
|
||||
* the root user can. The rationale for this hack is that the FIRST
|
||||
* user is probably the most important user in this entire group.
|
||||
*/
|
||||
/*
|
||||
* This feature enabled by default could be a security problem when
|
||||
* installed on existing systems where the first group member might
|
||||
* be just a normal user. --marekm
|
||||
* The policy here for changing a group is that
|
||||
* 1) you must be root or
|
||||
* 2) you must be the first listed member of the group.
|
||||
* The first listed member of a group can do anything to
|
||||
* that group that the root user can. The rationale for
|
||||
* this hack is that the FIRST user is probably the most
|
||||
* important user in this entire group.
|
||||
*
|
||||
* This feature enabled by default could be a security
|
||||
* problem when installed on existing systems where the
|
||||
* first group member might be just a normal user.
|
||||
* --marekm
|
||||
*/
|
||||
if (!amroot) {
|
||||
if (gr->gr_mem[0] == (char *) 0) {
|
||||
@ -551,7 +554,8 @@ static void get_group (struct group *gr)
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadowgrp) {
|
||||
if (sgr_open (O_RDONLY) == 0) {
|
||||
fprintf (stderr, _("%s: can't open shadow file\n"), Prog);
|
||||
fprintf (stderr,
|
||||
_("%s: can't open shadow file\n"), Prog);
|
||||
SYSLOG ((LOG_WARN, "cannot open /etc/gshadow"));
|
||||
#ifdef WITH_AUDIT
|
||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
||||
@ -587,7 +591,8 @@ static void get_group (struct group *gr)
|
||||
|
||||
}
|
||||
if (sgr_close () == 0) {
|
||||
fprintf (stderr, _("%s: can't close shadow file\n"), Prog);
|
||||
fprintf (stderr,
|
||||
_("%s: can't close shadow file\n"), Prog);
|
||||
SYSLOG ((LOG_WARN, "cannot close /etc/gshadow"));
|
||||
#ifdef WITH_AUDIT
|
||||
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
|
||||
|
Loading…
Reference in New Issue
Block a user