Merge pull request #335 from hallyn/2021-05-08/stderr

[WIP] libsubid: don't print error messages on stderr by default
This commit is contained in:
Serge Hallyn 2021-05-16 21:44:22 -05:00 committed by GitHub
commit f9831a4a1a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
75 changed files with 311 additions and 191 deletions

View File

@ -144,7 +144,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600); fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
if (-1 == fd) { if (-1 == fd) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: %s: %s\n", "%s: %s: %s\n",
Prog, file, strerror (errno)); Prog, file, strerror (errno));
} }
@ -156,7 +156,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
len = (ssize_t) strlen (buf) + 1; len = (ssize_t) strlen (buf) + 1;
if (write (fd, buf, (size_t) len) != len) { if (write (fd, buf, (size_t) len) != len) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: %s file write error: %s\n", "%s: %s file write error: %s\n",
Prog, file, strerror (errno)); Prog, file, strerror (errno));
} }
@ -166,7 +166,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
} }
if (fdatasync (fd) == -1) { if (fdatasync (fd) == -1) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: %s file sync error: %s\n", "%s: %s file sync error: %s\n",
Prog, file, strerror (errno)); Prog, file, strerror (errno));
} }
@ -179,7 +179,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
if (link (file, lock) == 0) { if (link (file, lock) == 0) {
retval = check_link_count (file); retval = check_link_count (file);
if ((0==retval) && log) { if ((0==retval) && log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: %s: lock file already used\n", "%s: %s: lock file already used\n",
Prog, file); Prog, file);
} }
@ -190,7 +190,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
fd = open (lock, O_RDWR); fd = open (lock, O_RDWR);
if (-1 == fd) { if (-1 == fd) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: %s: %s\n", "%s: %s: %s\n",
Prog, lock, strerror (errno)); Prog, lock, strerror (errno));
} }
@ -202,7 +202,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
close (fd); close (fd);
if (len <= 0) { if (len <= 0) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: existing lock file %s without a PID\n", "%s: existing lock file %s without a PID\n",
Prog, lock); Prog, lock);
} }
@ -213,7 +213,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
buf[len] = '\0'; buf[len] = '\0';
if (get_pid (buf, &pid) == 0) { if (get_pid (buf, &pid) == 0) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: existing lock file %s with an invalid PID '%s'\n", "%s: existing lock file %s with an invalid PID '%s'\n",
Prog, lock, buf); Prog, lock, buf);
} }
@ -223,7 +223,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
} }
if (kill (pid, 0) == 0) { if (kill (pid, 0) == 0) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: lock %s already used by PID %lu\n", "%s: lock %s already used by PID %lu\n",
Prog, lock, (unsigned long) pid); Prog, lock, (unsigned long) pid);
} }
@ -233,7 +233,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
} }
if (unlink (lock) != 0) { if (unlink (lock) != 0) {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: cannot get lock %s: %s\n", "%s: cannot get lock %s: %s\n",
Prog, lock, strerror (errno)); Prog, lock, strerror (errno));
} }
@ -245,13 +245,13 @@ static int do_lock_file (const char *file, const char *lock, bool log)
if (link (file, lock) == 0) { if (link (file, lock) == 0) {
retval = check_link_count (file); retval = check_link_count (file);
if ((0==retval) && log) { if ((0==retval) && log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: %s: lock file already used\n", "%s: %s: lock file already used\n",
Prog, file); Prog, file);
} }
} else { } else {
if (log) { if (log) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: cannot get lock %s: %s\n", "%s: cannot get lock %s: %s\n",
Prog, lock, strerror (errno)); Prog, lock, strerror (errno));
} }
@ -442,7 +442,7 @@ int commonio_lock (struct commonio_db *db)
if (0 == lock_count) { if (0 == lock_count) {
if (lckpwdf () == -1) { if (lckpwdf () == -1) {
if (geteuid () != 0) { if (geteuid () != 0) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
"%s: Permission denied.\n", "%s: Permission denied.\n",
Prog); Prog);
} }
@ -478,7 +478,7 @@ int commonio_lock (struct commonio_db *db)
} }
/* no unnecessary retries on "permission denied" errors */ /* no unnecessary retries on "permission denied" errors */
if (geteuid () != 0) { if (geteuid () != 0) {
(void) fprintf (stderr, "%s: Permission denied.\n", (void) fprintf (shadow_logfd, "%s: Permission denied.\n",
Prog); Prog);
return 0; return 0;
} }
@ -1109,7 +1109,7 @@ int commonio_update (struct commonio_db *db, const void *eptr)
p = find_entry_by_name (db, db->ops->getname (eptr)); p = find_entry_by_name (db, db->ops->getname (eptr));
if (NULL != p) { if (NULL != p) {
if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) { if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) {
fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename); fprintf (shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename);
db->ops->free (nentry); db->ops->free (nentry);
return 0; return 0;
} }
@ -1214,7 +1214,7 @@ int commonio_remove (struct commonio_db *db, const char *name)
return 0; return 0;
} }
if (next_entry_by_name (db, p->next, name) != NULL) { if (next_entry_by_name (db, p->next, name) != NULL) {
fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename); fprintf (shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
return 0; return 0;
} }

View File

@ -84,7 +84,7 @@
method = &nummethod[0]; method = &nummethod[0];
} }
} }
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("crypt method not supported by libcrypt? (%s)\n"), _("crypt method not supported by libcrypt? (%s)\n"),
method); method);
exit (EXIT_FAILURE); exit (EXIT_FAILURE);

View File

@ -267,7 +267,7 @@ int getdef_num (const char *item, int dflt)
if ( (getlong (d->value, &val) == 0) if ( (getlong (d->value, &val) == 0)
|| (val > INT_MAX) || (val > INT_MAX)
|| (val < INT_MIN)) { || (val < INT_MIN)) {
fprintf (stderr, fprintf (shadow_logfd,
_("configuration error - cannot parse %s value: '%s'"), _("configuration error - cannot parse %s value: '%s'"),
item, d->value); item, d->value);
return dflt; return dflt;
@ -302,7 +302,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
if ( (getlong (d->value, &val) == 0) if ( (getlong (d->value, &val) == 0)
|| (val < 0) || (val < 0)
|| (val > INT_MAX)) { || (val > INT_MAX)) {
fprintf (stderr, fprintf (shadow_logfd,
_("configuration error - cannot parse %s value: '%s'"), _("configuration error - cannot parse %s value: '%s'"),
item, d->value); item, d->value);
return dflt; return dflt;
@ -335,7 +335,7 @@ long getdef_long (const char *item, long dflt)
} }
if (getlong (d->value, &val) == 0) { if (getlong (d->value, &val) == 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("configuration error - cannot parse %s value: '%s'"), _("configuration error - cannot parse %s value: '%s'"),
item, d->value); item, d->value);
return dflt; return dflt;
@ -368,7 +368,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
if (getulong (d->value, &val) == 0) { if (getulong (d->value, &val) == 0) {
/* FIXME: we should have a getulong */ /* FIXME: we should have a getulong */
fprintf (stderr, fprintf (shadow_logfd,
_("configuration error - cannot parse %s value: '%s'"), _("configuration error - cannot parse %s value: '%s'"),
item, d->value); item, d->value);
return dflt; return dflt;
@ -406,7 +406,7 @@ int putdef_str (const char *name, const char *value)
cp = strdup (value); cp = strdup (value);
if (NULL == cp) { if (NULL == cp) {
(void) fputs (_("Could not allocate space for config info.\n"), (void) fputs (_("Could not allocate space for config info.\n"),
stderr); shadow_logfd);
SYSLOG ((LOG_ERR, "could not allocate space for config info")); SYSLOG ((LOG_ERR, "could not allocate space for config info"));
return -1; return -1;
} }
@ -450,7 +450,7 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
goto out; goto out;
} }
} }
fprintf (stderr, fprintf (shadow_logfd,
_("configuration error - unknown item '%s' (notify administrator)\n"), _("configuration error - unknown item '%s' (notify administrator)\n"),
name); name);
SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name)); SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));

View File

@ -25,13 +25,13 @@ int nscd_flush_cache (const char *service)
if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) { if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
/* run_command writes its own more detailed message. */ /* run_command writes its own more detailed message. */
(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog); (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
return -1; return -1;
} }
code = WEXITSTATUS (status); code = WEXITSTATUS (status);
if (!WIFEXITED (status)) { if (!WIFEXITED (status)) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: nscd did not terminate normally (signal %d)\n"), _("%s: nscd did not terminate normally (signal %d)\n"),
Prog, WTERMSIG (status)); Prog, WTERMSIG (status));
return -1; return -1;
@ -43,9 +43,9 @@ int nscd_flush_cache (const char *service)
/* nscd is installed, but it isn't active. */ /* nscd is installed, but it isn't active. */
return 0; return 0;
} else if (code != 0) { } else if (code != 0) {
(void) fprintf (stderr, _("%s: nscd exited with status %d\n"), (void) fprintf (shadow_logfd, _("%s: nscd exited with status %d\n"),
Prog, code); Prog, code);
(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog); (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
return -1; return -1;
} }

View File

@ -56,7 +56,7 @@ void nss_init(char *nsswitch_path) {
// subid: files // subid: files
nssfp = fopen(nsswitch_path, "r"); nssfp = fopen(nsswitch_path, "r");
if (!nssfp) { if (!nssfp) {
fprintf(stderr, "Failed opening %s: %m", nsswitch_path); fprintf(shadow_logfd, "Failed opening %s: %m", nsswitch_path);
atomic_store(&nss_init_completed, true); atomic_store(&nss_init_completed, true);
return; return;
} }
@ -82,16 +82,16 @@ void nss_init(char *nsswitch_path) {
goto done; goto done;
} }
if (strlen(token) > 50) { if (strlen(token) > 50) {
fprintf(stderr, "Subid NSS module name too long (longer than 50 characters): %s\n", token); fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
fprintf(stderr, "Using files\n"); fprintf(shadow_logfd, "Using files\n");
subid_nss = NULL; subid_nss = NULL;
goto done; goto done;
} }
snprintf(libname, 64, "libsubid_%s.so", token); snprintf(libname, 64, "libsubid_%s.so", token);
h = dlopen(libname, RTLD_LAZY); h = dlopen(libname, RTLD_LAZY);
if (!h) { if (!h) {
fprintf(stderr, "Error opening %s: %s\n", libname, dlerror()); fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
fprintf(stderr, "Using files\n"); fprintf(shadow_logfd, "Using files\n");
subid_nss = NULL; subid_nss = NULL;
goto done; goto done;
} }
@ -102,7 +102,7 @@ void nss_init(char *nsswitch_path) {
} }
subid_nss->has_range = dlsym(h, "shadow_subid_has_range"); subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
if (!subid_nss->has_range) { if (!subid_nss->has_range) {
fprintf(stderr, "%s did not provide @has_range@\n", libname); fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
dlclose(h); dlclose(h);
free(subid_nss); free(subid_nss);
subid_nss = NULL; subid_nss = NULL;
@ -110,7 +110,7 @@ void nss_init(char *nsswitch_path) {
} }
subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges"); subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
if (!subid_nss->list_owner_ranges) { if (!subid_nss->list_owner_ranges) {
fprintf(stderr, "%s did not provide @list_owner_ranges@\n", libname); fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
dlclose(h); dlclose(h);
free(subid_nss); free(subid_nss);
subid_nss = NULL; subid_nss = NULL;
@ -118,7 +118,7 @@ void nss_init(char *nsswitch_path) {
} }
subid_nss->has_any_range = dlsym(h, "shadow_subid_has_any_range"); subid_nss->has_any_range = dlsym(h, "shadow_subid_has_any_range");
if (!subid_nss->has_any_range) { if (!subid_nss->has_any_range) {
fprintf(stderr, "%s did not provide @has_any_range@\n", libname); fprintf(shadow_logfd, "%s did not provide @has_any_range@\n", libname);
dlclose(h); dlclose(h);
free(subid_nss); free(subid_nss);
subid_nss = NULL; subid_nss = NULL;
@ -126,7 +126,7 @@ void nss_init(char *nsswitch_path) {
} }
subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners"); subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
if (!subid_nss->find_subid_owners) { if (!subid_nss->find_subid_owners) {
fprintf(stderr, "%s did not provide @find_subid_owners@\n", libname); fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
dlclose(h); dlclose(h);
free(subid_nss); free(subid_nss);
subid_nss = NULL; subid_nss = NULL;
@ -135,7 +135,7 @@ void nss_init(char *nsswitch_path) {
subid_nss->handle = h; subid_nss->handle = h;
goto done; goto done;
} }
fprintf(stderr, "No usable subid NSS module found, using files\n"); fprintf(shadow_logfd, "No usable subid NSS module found, using files\n");
// subid_nss has to be null here, but to ease reviews: // subid_nss has to be null here, but to ease reviews:
free(subid_nss); free(subid_nss);
subid_nss = NULL; subid_nss = NULL;

View File

@ -59,7 +59,8 @@
#include "defines.h" #include "defines.h"
#include "commonio.h" #include "commonio.h"
extern /*@observer@*/ const char *Prog; extern /*@observer@*/ const char *Prog; /* Program name showed in error messages */
extern FILE *shadow_logfd; /* file descripter to which error messages are printed */
/* addgrps.c */ /* addgrps.c */
#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM) #if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)

View File

@ -7,6 +7,7 @@
#include <sys/types.h> #include <sys/types.h>
#include <sys/wait.h> #include <sys/wait.h>
#include <unistd.h> #include <unistd.h>
#include <lib/prototypes.h>
int run_part (char *script_path, char *name, char *action) int run_part (char *script_path, char *name, char *action)
{ {
@ -83,7 +84,7 @@ int run_parts (char *directory, char *name, char *action)
free (s); free (s);
if (execute_result!=0) { if (execute_result!=0) {
fprintf (stderr, fprintf (shadow_logfd,
"%s: did not exit cleanly.\n", "%s: did not exit cleanly.\n",
namelist[n]->d_name); namelist[n]->d_name);
for (; n<scanlist; n++) { for (; n<scanlist; n++) {

View File

@ -154,7 +154,7 @@ static int selinux_log_cb (int type, const char *fmt, ...) {
&& (errno != EAFNOSUPPORT)) { && (errno != EAFNOSUPPORT)) {
(void) fputs (_("Cannot open audit interface.\n"), (void) fputs (_("Cannot open audit interface.\n"),
stderr); shadow_logfd);
SYSLOG ((LOG_WARN, "Cannot open audit interface.")); SYSLOG ((LOG_WARN, "Cannot open audit interface."));
} }
} }
@ -207,7 +207,7 @@ int check_selinux_permit (const char *perm_name)
selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) selinux_log_cb); selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) selinux_log_cb);
if (getprevcon_raw (&user_context_raw) != 0) { if (getprevcon_raw (&user_context_raw) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: can not get previous SELinux process context: %s\n"), _("%s: can not get previous SELinux process context: %s\n"),
Prog, strerror (errno)); Prog, strerror (errno));
SYSLOG ((LOG_WARN, SYSLOG ((LOG_WARN,

View File

@ -69,7 +69,7 @@ static void semanage_error_callback (unused void *varg,
switch (semanage_msg_get_level (handle)) { switch (semanage_msg_get_level (handle)) {
case SEMANAGE_MSG_ERR: case SEMANAGE_MSG_ERR:
case SEMANAGE_MSG_WARN: case SEMANAGE_MSG_WARN:
fprintf (stderr, _("[libsemanage]: %s\n"), message); fprintf (shadow_logfd, _("[libsemanage]: %s\n"), message);
break; break;
case SEMANAGE_MSG_INFO: case SEMANAGE_MSG_INFO:
/* nop */ /* nop */
@ -87,7 +87,7 @@ static semanage_handle_t *semanage_init (void)
handle = semanage_handle_create (); handle = semanage_handle_create ();
if (NULL == handle) { if (NULL == handle) {
fprintf (stderr, fprintf (shadow_logfd,
_("Cannot create SELinux management handle\n")); _("Cannot create SELinux management handle\n"));
return NULL; return NULL;
} }
@ -96,26 +96,26 @@ static semanage_handle_t *semanage_init (void)
ret = semanage_is_managed (handle); ret = semanage_is_managed (handle);
if (ret != 1) { if (ret != 1) {
fprintf (stderr, _("SELinux policy not managed\n")); fprintf (shadow_logfd, _("SELinux policy not managed\n"));
goto fail; goto fail;
} }
ret = semanage_access_check (handle); ret = semanage_access_check (handle);
if (ret < SEMANAGE_CAN_READ) { if (ret < SEMANAGE_CAN_READ) {
fprintf (stderr, _("Cannot read SELinux policy store\n")); fprintf (shadow_logfd, _("Cannot read SELinux policy store\n"));
goto fail; goto fail;
} }
ret = semanage_connect (handle); ret = semanage_connect (handle);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Cannot establish SELinux management connection\n")); _("Cannot establish SELinux management connection\n"));
goto fail; goto fail;
} }
ret = semanage_begin_transaction (handle); ret = semanage_begin_transaction (handle);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, _("Cannot begin SELinux transaction\n")); fprintf (shadow_logfd, _("Cannot begin SELinux transaction\n"));
goto fail; goto fail;
} }
@ -137,7 +137,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
semanage_seuser_query (handle, key, &seuser); semanage_seuser_query (handle, key, &seuser);
if (NULL == seuser) { if (NULL == seuser) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not query seuser for %s\n"), login_name); _("Could not query seuser for %s\n"), login_name);
ret = 1; ret = 1;
goto done; goto done;
@ -145,7 +145,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE); ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not set serange for %s\n"), login_name); _("Could not set serange for %s\n"), login_name);
ret = 1; ret = 1;
goto done; goto done;
@ -153,7 +153,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
ret = semanage_seuser_set_sename (handle, seuser, seuser_name); ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not set sename for %s\n"), _("Could not set sename for %s\n"),
login_name); login_name);
ret = 1; ret = 1;
@ -162,7 +162,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
ret = semanage_seuser_modify_local (handle, key, seuser); ret = semanage_seuser_modify_local (handle, key, seuser);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not modify login mapping for %s\n"), _("Could not modify login mapping for %s\n"),
login_name); login_name);
ret = 1; ret = 1;
@ -186,7 +186,7 @@ static int semanage_user_add (semanage_handle_t *handle,
ret = semanage_seuser_create (handle, &seuser); ret = semanage_seuser_create (handle, &seuser);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Cannot create SELinux login mapping for %s\n"), _("Cannot create SELinux login mapping for %s\n"),
login_name); login_name);
ret = 1; ret = 1;
@ -195,14 +195,14 @@ static int semanage_user_add (semanage_handle_t *handle,
ret = semanage_seuser_set_name (handle, seuser, login_name); ret = semanage_seuser_set_name (handle, seuser, login_name);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, _("Could not set name for %s\n"), login_name); fprintf (shadow_logfd, _("Could not set name for %s\n"), login_name);
ret = 1; ret = 1;
goto done; goto done;
} }
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE); ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not set serange for %s\n"), _("Could not set serange for %s\n"),
login_name); login_name);
ret = 1; ret = 1;
@ -211,7 +211,7 @@ static int semanage_user_add (semanage_handle_t *handle,
ret = semanage_seuser_set_sename (handle, seuser, seuser_name); ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not set SELinux user for %s\n"), _("Could not set SELinux user for %s\n"),
login_name); login_name);
ret = 1; ret = 1;
@ -220,7 +220,7 @@ static int semanage_user_add (semanage_handle_t *handle,
ret = semanage_seuser_modify_local (handle, key, seuser); ret = semanage_seuser_modify_local (handle, key, seuser);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not add login mapping for %s\n"), _("Could not add login mapping for %s\n"),
login_name); login_name);
ret = 1; ret = 1;
@ -248,21 +248,21 @@ int set_seuser (const char *login_name, const char *seuser_name)
handle = semanage_init (); handle = semanage_init ();
if (NULL == handle) { if (NULL == handle) {
fprintf (stderr, _("Cannot init SELinux management\n")); fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
ret = semanage_seuser_key_create (handle, login_name, &key); ret = semanage_seuser_key_create (handle, login_name, &key);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, _("Cannot create SELinux user key\n")); fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
ret = semanage_seuser_exists (handle, key, &seuser_exists); ret = semanage_seuser_exists (handle, key, &seuser_exists);
if (ret < 0) { if (ret < 0) {
fprintf (stderr, _("Cannot verify the SELinux user\n")); fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
@ -270,7 +270,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
if (0 != seuser_exists) { if (0 != seuser_exists) {
ret = semanage_user_mod (handle, key, login_name, seuser_name); ret = semanage_user_mod (handle, key, login_name, seuser_name);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Cannot modify SELinux user mapping\n")); _("Cannot modify SELinux user mapping\n"));
ret = 1; ret = 1;
goto done; goto done;
@ -278,7 +278,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
} else { } else {
ret = semanage_user_add (handle, key, login_name, seuser_name); ret = semanage_user_add (handle, key, login_name, seuser_name);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Cannot add SELinux user mapping\n")); _("Cannot add SELinux user mapping\n"));
ret = 1; ret = 1;
goto done; goto done;
@ -287,7 +287,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
ret = semanage_commit (handle); ret = semanage_commit (handle);
if (ret < 0) { if (ret < 0) {
fprintf (stderr, _("Cannot commit SELinux transaction\n")); fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
@ -310,27 +310,27 @@ int del_seuser (const char *login_name)
handle = semanage_init (); handle = semanage_init ();
if (NULL == handle) { if (NULL == handle) {
fprintf (stderr, _("Cannot init SELinux management\n")); fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
ret = semanage_seuser_key_create (handle, login_name, &key); ret = semanage_seuser_key_create (handle, login_name, &key);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, _("Cannot create SELinux user key\n")); fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
ret = semanage_seuser_exists (handle, key, &exists); ret = semanage_seuser_exists (handle, key, &exists);
if (ret < 0) { if (ret < 0) {
fprintf (stderr, _("Cannot verify the SELinux user\n")); fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
if (0 == exists) { if (0 == exists) {
fprintf (stderr, fprintf (shadow_logfd,
_("Login mapping for %s is not defined, OK if default mapping was used\n"), _("Login mapping for %s is not defined, OK if default mapping was used\n"),
login_name); login_name);
ret = 0; /* probably default mapping */ ret = 0; /* probably default mapping */
@ -339,13 +339,13 @@ int del_seuser (const char *login_name)
ret = semanage_seuser_exists_local (handle, key, &exists); ret = semanage_seuser_exists_local (handle, key, &exists);
if (ret < 0) { if (ret < 0) {
fprintf (stderr, _("Cannot verify the SELinux user\n")); fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
ret = 1; ret = 1;
goto done; goto done;
} }
if (0 == exists) { if (0 == exists) {
fprintf (stderr, fprintf (shadow_logfd,
_("Login mapping for %s is defined in policy, cannot be deleted\n"), _("Login mapping for %s is defined in policy, cannot be deleted\n"),
login_name); login_name);
ret = 0; /* Login mapping defined in policy can't be deleted */ ret = 0; /* Login mapping defined in policy can't be deleted */
@ -354,7 +354,7 @@ int del_seuser (const char *login_name)
ret = semanage_seuser_del_local (handle, key); ret = semanage_seuser_del_local (handle, key);
if (ret != 0) { if (ret != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("Could not delete login mapping for %s"), _("Could not delete login mapping for %s"),
login_name); login_name);
ret = 1; ret = 1;
@ -363,7 +363,7 @@ int del_seuser (const char *login_name)
ret = semanage_commit (handle); ret = semanage_commit (handle);
if (ret < 0) { if (ret < 0) {
fprintf (stderr, _("Cannot commit SELinux transaction\n")); fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
ret = 1; ret = 1;
goto done; goto done;
} }

View File

@ -48,7 +48,7 @@ int run_command (const char *cmd, const char *argv[],
} }
(void) fflush (stdout); (void) fflush (stdout);
(void) fflush (stderr); (void) fflush (shadow_logfd);
pid = fork (); pid = fork ();
if (0 == pid) { if (0 == pid) {
@ -57,11 +57,11 @@ int run_command (const char *cmd, const char *argv[],
if (ENOENT == errno) { if (ENOENT == errno) {
exit (E_CMD_NOTFOUND); exit (E_CMD_NOTFOUND);
} }
fprintf (stderr, "%s: cannot execute %s: %s\n", fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
Prog, cmd, strerror (errno)); Prog, cmd, strerror (errno));
exit (E_CMD_NOEXEC); exit (E_CMD_NOEXEC);
} else if ((pid_t)-1 == pid) { } else if ((pid_t)-1 == pid) {
fprintf (stderr, "%s: cannot execute %s: %s\n", fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
Prog, cmd, strerror (errno)); Prog, cmd, strerror (errno));
return -1; return -1;
} }
@ -74,7 +74,7 @@ int run_command (const char *cmd, const char *argv[],
|| ((pid_t)-1 != wpid && wpid != pid)); || ((pid_t)-1 != wpid && wpid != pid));
if ((pid_t)-1 == wpid) { if ((pid_t)-1 == wpid) {
fprintf (stderr, "%s: waitpid (status: %d): %s\n", fprintf (shadow_logfd, "%s: waitpid (status: %d): %s\n",
Prog, *status, strerror (errno)); Prog, *status, strerror (errno));
return -1; return -1;
} }

View File

@ -72,8 +72,8 @@ shadowtcb_status shadowtcb_gain_priv (void)
* to exit soon. * to exit soon.
*/ */
#define OUT_OF_MEMORY do { \ #define OUT_OF_MEMORY do { \
fprintf (stderr, _("%s: out of memory\n"), Prog); \ fprintf (shadow_logfd, _("%s: out of memory\n"), Prog); \
(void) fflush (stderr); \ (void) fflush (shadow_logfd); \
} while (false) } while (false)
/* Returns user's tcb directory path relative to TCB_DIR. */ /* Returns user's tcb directory path relative to TCB_DIR. */
@ -116,7 +116,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
return NULL; return NULL;
} }
if (lstat (path, &st) != 0) { if (lstat (path, &st) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot stat %s: %s\n"), _("%s: Cannot stat %s: %s\n"),
Prog, path, strerror (errno)); Prog, path, strerror (errno));
free (path); free (path);
@ -132,7 +132,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
return rval; return rval;
} }
if (!S_ISLNK (st.st_mode)) { if (!S_ISLNK (st.st_mode)) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: %s is neither a directory, nor a symlink.\n"), _("%s: %s is neither a directory, nor a symlink.\n"),
Prog, path); Prog, path);
free (path); free (path);
@ -140,7 +140,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
} }
ret = readlink (path, link, sizeof (link) - 1); ret = readlink (path, link, sizeof (link) - 1);
if (-1 == ret) { if (-1 == ret) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot read symbolic link %s: %s\n"), _("%s: Cannot read symbolic link %s: %s\n"),
Prog, path, strerror (errno)); Prog, path, strerror (errno));
free (path); free (path);
@ -149,7 +149,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
free (path); free (path);
if ((size_t)ret >= sizeof(link) - 1) { if ((size_t)ret >= sizeof(link) - 1) {
link[sizeof(link) - 1] = '\0'; link[sizeof(link) - 1] = '\0';
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Suspiciously long symlink: %s\n"), _("%s: Suspiciously long symlink: %s\n"),
Prog, link); Prog, link);
return NULL; return NULL;
@ -207,7 +207,7 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
} }
ptr = path; ptr = path;
if (stat (TCB_DIR, &st) != 0) { if (stat (TCB_DIR, &st) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot stat %s: %s\n"), _("%s: Cannot stat %s: %s\n"),
Prog, TCB_DIR, strerror (errno)); Prog, TCB_DIR, strerror (errno));
goto out_free_path; goto out_free_path;
@ -219,19 +219,19 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
return SHADOWTCB_FAILURE; return SHADOWTCB_FAILURE;
} }
if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) { if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot create directory %s: %s\n"), _("%s: Cannot create directory %s: %s\n"),
Prog, dir, strerror (errno)); Prog, dir, strerror (errno));
goto out_free_dir; goto out_free_dir;
} }
if (chown (dir, 0, st.st_gid) != 0) { if (chown (dir, 0, st.st_gid) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change owner of %s: %s\n"), _("%s: Cannot change owner of %s: %s\n"),
Prog, dir, strerror (errno)); Prog, dir, strerror (errno));
goto out_free_dir; goto out_free_dir;
} }
if (chmod (dir, 0711) != 0) { if (chmod (dir, 0711) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change mode of %s: %s\n"), _("%s: Cannot change mode of %s: %s\n"),
Prog, dir, strerror (errno)); Prog, dir, strerror (errno));
goto out_free_dir; goto out_free_dir;
@ -261,7 +261,7 @@ static shadowtcb_status unlink_suffs (const char *user)
return SHADOWTCB_FAILURE; return SHADOWTCB_FAILURE;
} }
if ((unlink (tmp) != 0) && (errno != ENOENT)) { if ((unlink (tmp) != 0) && (errno != ENOENT)) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: unlink: %s: %s\n"), _("%s: unlink: %s: %s\n"),
Prog, tmp, strerror (errno)); Prog, tmp, strerror (errno));
free (tmp); free (tmp);
@ -286,7 +286,7 @@ static shadowtcb_status rmdir_leading (char *path)
} }
if (rmdir (dir) != 0) { if (rmdir (dir) != 0) {
if (errno != ENOTEMPTY) { if (errno != ENOTEMPTY) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot remove directory %s: %s\n"), _("%s: Cannot remove directory %s: %s\n"),
Prog, dir, strerror (errno)); Prog, dir, strerror (errno));
ret = SHADOWTCB_FAILURE; ret = SHADOWTCB_FAILURE;
@ -315,7 +315,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
goto out_free_nomem; goto out_free_nomem;
} }
if (stat (olddir, &oldmode) != 0) { if (stat (olddir, &oldmode) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot stat %s: %s\n"), _("%s: Cannot stat %s: %s\n"),
Prog, olddir, strerror (errno)); Prog, olddir, strerror (errno));
goto out_free; goto out_free;
@ -342,7 +342,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
goto out_free; goto out_free;
} }
if (rename (real_old_dir, real_new_dir) != 0) { if (rename (real_old_dir, real_new_dir) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot rename %s to %s: %s\n"), _("%s: Cannot rename %s to %s: %s\n"),
Prog, real_old_dir, real_new_dir, strerror (errno)); Prog, real_old_dir, real_new_dir, strerror (errno));
goto out_free; goto out_free;
@ -351,7 +351,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
goto out_free; goto out_free;
} }
if ((unlink (olddir) != 0) && (errno != ENOENT)) { if ((unlink (olddir) != 0) && (errno != ENOENT)) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot remove %s: %s\n"), _("%s: Cannot remove %s: %s\n"),
Prog, olddir, strerror (errno)); Prog, olddir, strerror (errno));
goto out_free; goto out_free;
@ -365,7 +365,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
} }
if ( (strcmp (real_new_dir, newdir) != 0) if ( (strcmp (real_new_dir, newdir) != 0)
&& (symlink (real_new_dir_rel, newdir) != 0)) { && (symlink (real_new_dir_rel, newdir) != 0)) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot create symbolic link %s: %s\n"), _("%s: Cannot create symbolic link %s: %s\n"),
Prog, real_new_dir_rel, strerror (errno)); Prog, real_new_dir_rel, strerror (errno));
goto out_free; goto out_free;
@ -464,37 +464,37 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
return SHADOWTCB_FAILURE; return SHADOWTCB_FAILURE;
} }
if (stat (tcbdir, &dirmode) != 0) { if (stat (tcbdir, &dirmode) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot stat %s: %s\n"), _("%s: Cannot stat %s: %s\n"),
Prog, tcbdir, strerror (errno)); Prog, tcbdir, strerror (errno));
goto out_free; goto out_free;
} }
if (chown (tcbdir, 0, 0) != 0) { if (chown (tcbdir, 0, 0) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change owners of %s: %s\n"), _("%s: Cannot change owners of %s: %s\n"),
Prog, tcbdir, strerror (errno)); Prog, tcbdir, strerror (errno));
goto out_free; goto out_free;
} }
if (chmod (tcbdir, 0700) != 0) { if (chmod (tcbdir, 0700) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change mode of %s: %s\n"), _("%s: Cannot change mode of %s: %s\n"),
Prog, tcbdir, strerror (errno)); Prog, tcbdir, strerror (errno));
goto out_free; goto out_free;
} }
if (lstat (shadow, &filemode) != 0) { if (lstat (shadow, &filemode) != 0) {
if (errno != ENOENT) { if (errno != ENOENT) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot lstat %s: %s\n"), _("%s: Cannot lstat %s: %s\n"),
Prog, shadow, strerror (errno)); Prog, shadow, strerror (errno));
goto out_free; goto out_free;
} }
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Warning, user %s has no tcb shadow file.\n"), _("%s: Warning, user %s has no tcb shadow file.\n"),
Prog, user_newname); Prog, user_newname);
} else { } else {
if (!S_ISREG (filemode.st_mode) || if (!S_ISREG (filemode.st_mode) ||
filemode.st_nlink != 1) { filemode.st_nlink != 1) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Emergency: %s's tcb shadow is not a " _("%s: Emergency: %s's tcb shadow is not a "
"regular file with st_nlink=1.\n" "regular file with st_nlink=1.\n"
"The account is left locked.\n"), "The account is left locked.\n"),
@ -502,13 +502,13 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
goto out_free; goto out_free;
} }
if (chown (shadow, user_newid, filemode.st_gid) != 0) { if (chown (shadow, user_newid, filemode.st_gid) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change owner of %s: %s\n"), _("%s: Cannot change owner of %s: %s\n"),
Prog, shadow, strerror (errno)); Prog, shadow, strerror (errno));
goto out_free; goto out_free;
} }
if (chmod (shadow, filemode.st_mode & 07777) != 0) { if (chmod (shadow, filemode.st_mode & 07777) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change mode of %s: %s\n"), _("%s: Cannot change mode of %s: %s\n"),
Prog, shadow, strerror (errno)); Prog, shadow, strerror (errno));
goto out_free; goto out_free;
@ -518,7 +518,7 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
goto out_free; goto out_free;
} }
if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) { if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change owner of %s: %s\n"), _("%s: Cannot change owner of %s: %s\n"),
Prog, tcbdir, strerror (errno)); Prog, tcbdir, strerror (errno));
goto out_free; goto out_free;
@ -543,7 +543,7 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
return SHADOWTCB_SUCCESS; return SHADOWTCB_SUCCESS;
} }
if (stat (TCB_DIR, &tcbdir_stat) != 0) { if (stat (TCB_DIR, &tcbdir_stat) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot stat %s: %s\n"), _("%s: Cannot stat %s: %s\n"),
Prog, TCB_DIR, strerror (errno)); Prog, TCB_DIR, strerror (errno));
return SHADOWTCB_FAILURE; return SHADOWTCB_FAILURE;
@ -563,39 +563,39 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
return SHADOWTCB_FAILURE; return SHADOWTCB_FAILURE;
} }
if (mkdir (dir, 0700) != 0) { if (mkdir (dir, 0700) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: mkdir: %s: %s\n"), _("%s: mkdir: %s: %s\n"),
Prog, dir, strerror (errno)); Prog, dir, strerror (errno));
goto out_free; goto out_free;
} }
fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600); fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
if (fd < 0) { if (fd < 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot open %s: %s\n"), _("%s: Cannot open %s: %s\n"),
Prog, shadow, strerror (errno)); Prog, shadow, strerror (errno));
goto out_free; goto out_free;
} }
close (fd); close (fd);
if (chown (shadow, 0, authgid) != 0) { if (chown (shadow, 0, authgid) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change owner of %s: %s\n"), _("%s: Cannot change owner of %s: %s\n"),
Prog, shadow, strerror (errno)); Prog, shadow, strerror (errno));
goto out_free; goto out_free;
} }
if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) { if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change mode of %s: %s\n"), _("%s: Cannot change mode of %s: %s\n"),
Prog, shadow, strerror (errno)); Prog, shadow, strerror (errno));
goto out_free; goto out_free;
} }
if (chown (dir, 0, authgid) != 0) { if (chown (dir, 0, authgid) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change owner of %s: %s\n"), _("%s: Cannot change owner of %s: %s\n"),
Prog, dir, strerror (errno)); Prog, dir, strerror (errno));
goto out_free; goto out_free;
} }
if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) { if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Cannot change mode of %s: %s\n"), _("%s: Cannot change mode of %s: %s\n"),
Prog, dir, strerror (errno)); Prog, dir, strerror (errno));
goto out_free; goto out_free;

View File

@ -93,7 +93,7 @@ int add_groups (const char *list)
grp = getgrnam (token); /* local, no need for xgetgrnam */ grp = getgrnam (token); /* local, no need for xgetgrnam */
if (NULL == grp) { if (NULL == grp) {
fprintf (stderr, _("Warning: unknown group %s\n"), fprintf (shadow_logfd, _("Warning: unknown group %s\n"),
token); token);
continue; continue;
} }
@ -105,7 +105,7 @@ int add_groups (const char *list)
} }
if (ngroups >= sysconf (_SC_NGROUPS_MAX)) { if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
fputs (_("Warning: too many groups\n"), stderr); fputs (_("Warning: too many groups\n"), shadow_logfd);
break; break;
} }
tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T)); tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));

View File

@ -59,7 +59,7 @@ void audit_help_open (void)
return; return;
} }
(void) fputs (_("Cannot open audit interface - aborting.\n"), (void) fputs (_("Cannot open audit interface - aborting.\n"),
stderr); shadow_logfd);
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
} }
} }

View File

@ -75,7 +75,7 @@ void chown_tty (const struct passwd *info)
|| (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) { || (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
int err = errno; int err = errno;
fprintf (stderr, fprintf (shadow_logfd,
_("Unable to change owner or mode of tty stdin: %s"), _("Unable to change owner or mode of tty stdin: %s"),
strerror (err)); strerror (err));
SYSLOG ((LOG_WARN, SYSLOG ((LOG_WARN,

View File

@ -203,7 +203,7 @@ void cleanup_report_del_group_gshadow (void *group_name)
void cleanup_unlock_group (unused void *arg) void cleanup_unlock_group (unused void *arg)
{ {
if (gr_unlock () == 0) { if (gr_unlock () == 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: failed to unlock %s\n"), _("%s: failed to unlock %s\n"),
Prog, gr_dbname ()); Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ())); SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
@ -223,7 +223,7 @@ void cleanup_unlock_group (unused void *arg)
void cleanup_unlock_gshadow (unused void *arg) void cleanup_unlock_gshadow (unused void *arg)
{ {
if (sgr_unlock () == 0) { if (sgr_unlock () == 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: failed to unlock %s\n"), _("%s: failed to unlock %s\n"),
Prog, sgr_dbname ()); Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ())); SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));

View File

@ -120,7 +120,7 @@ void cleanup_report_add_user_shadow (void *user_name)
void cleanup_unlock_passwd (unused void *arg) void cleanup_unlock_passwd (unused void *arg)
{ {
if (pw_unlock () == 0) { if (pw_unlock () == 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: failed to unlock %s\n"), _("%s: failed to unlock %s\n"),
Prog, pw_dbname ()); Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ())); SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
@ -139,7 +139,7 @@ void cleanup_unlock_passwd (unused void *arg)
void cleanup_unlock_shadow (unused void *arg) void cleanup_unlock_shadow (unused void *arg)
{ {
if (spw_unlock () == 0) { if (spw_unlock () == 0) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: failed to unlock %s\n"), _("%s: failed to unlock %s\n"),
Prog, spw_dbname ()); Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ())); SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));

View File

@ -125,11 +125,11 @@ static void error_acl (struct error_context *ctx, const char *fmt, ...)
} }
va_start (ap, fmt); va_start (ap, fmt);
(void) fprintf (stderr, _("%s: "), Prog); (void) fprintf (shadow_logfd, _("%s: "), Prog);
if (vfprintf (stderr, fmt, ap) != 0) { if (vfprintf (shadow_logfd, fmt, ap) != 0) {
(void) fputs (_(": "), stderr); (void) fputs (_(": "), shadow_logfd);
} }
(void) fprintf (stderr, "%s\n", strerror (errno)); (void) fprintf (shadow_logfd, "%s\n", strerror (errno));
va_end (ap); va_end (ap);
} }
@ -248,7 +248,7 @@ int copy_tree (const char *src_root, const char *dst_root,
} }
if (!S_ISDIR (sb.st_mode)) { if (!S_ISDIR (sb.st_mode)) {
fprintf (stderr, fprintf (shadow_logfd,
"%s: %s is not a directory", "%s: %s is not a directory",
Prog, src_root); Prog, src_root);
return -1; return -1;

View File

@ -171,7 +171,7 @@ void addenv (const char *string, /*@null@*/const char *value)
} }
newenvp = __newenvp; newenvp = __newenvp;
} else { } else {
(void) fputs (_("Environment overflow\n"), stderr); (void) fputs (_("Environment overflow\n"), shadow_logfd);
newenvc--; newenvc--;
free (newenvp[newenvc]); free (newenvp[newenvc]);
} }

View File

@ -74,7 +74,7 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
/* Check that the ranges make sense */ /* Check that the ranges make sense */
if (*max_id < *min_id) { if (*max_id < *min_id) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: Invalid configuration: SYS_GID_MIN (%lu), " _("%s: Invalid configuration: SYS_GID_MIN (%lu), "
"GID_MIN (%lu), SYS_GID_MAX (%lu)\n"), "GID_MIN (%lu), SYS_GID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id, Prog, (unsigned long) *min_id,
@ -97,7 +97,7 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
/* Check that the ranges make sense */ /* Check that the ranges make sense */
if (*max_id < *min_id) { if (*max_id < *min_id) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: Invalid configuration: GID_MIN (%lu), " _("%s: Invalid configuration: GID_MIN (%lu), "
"GID_MAX (%lu)\n"), "GID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id, Prog, (unsigned long) *min_id,
@ -213,7 +213,7 @@ int find_new_gid (bool sys_group,
* more likely to want to stop and address the * more likely to want to stop and address the
* issue. * issue.
*/ */
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Encountered error attempting to use " _("%s: Encountered error attempting to use "
"preferred GID: %s\n"), "preferred GID: %s\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -243,7 +243,7 @@ int find_new_gid (bool sys_group,
/* Create an array to hold all of the discovered GIDs */ /* Create an array to hold all of the discovered GIDs */
used_gids = malloc (sizeof (bool) * (gid_max +1)); used_gids = malloc (sizeof (bool) * (gid_max +1));
if (NULL == used_gids) { if (NULL == used_gids) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: failed to allocate memory: %s\n"), _("%s: failed to allocate memory: %s\n"),
Prog, strerror (errno)); Prog, strerror (errno));
return -1; return -1;
@ -323,7 +323,7 @@ int find_new_gid (bool sys_group,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique system GID (%s). " _("%s: Can't get unique system GID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -366,7 +366,7 @@ int find_new_gid (bool sys_group,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique system GID (%s). " _("%s: Can't get unique system GID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -426,7 +426,7 @@ int find_new_gid (bool sys_group,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique GID (%s). " _("%s: Can't get unique GID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -469,7 +469,7 @@ int find_new_gid (bool sys_group,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique GID (%s). " _("%s: Can't get unique GID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -488,7 +488,7 @@ int find_new_gid (bool sys_group,
} }
/* The code reached here and found no available IDs in the range */ /* The code reached here and found no available IDs in the range */
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique GID (no more available GIDs)\n"), _("%s: Can't get unique GID (no more available GIDs)\n"),
Prog); Prog);
SYSLOG ((LOG_WARN, "no more available GIDs on the system")); SYSLOG ((LOG_WARN, "no more available GIDs on the system"));

View File

@ -60,7 +60,7 @@ int find_new_sub_gids (gid_t *range_start, unsigned long *range_count)
count = getdef_ulong ("SUB_GID_COUNT", 65536); count = getdef_ulong ("SUB_GID_COUNT", 65536);
if (min > max || count >= max || (min + count - 1) > max) { if (min > max || count >= max || (min + count - 1) > max) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: Invalid configuration: SUB_GID_MIN (%lu)," _("%s: Invalid configuration: SUB_GID_MIN (%lu),"
" SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"), " SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"),
Prog, min, max, count); Prog, min, max, count);
@ -69,7 +69,7 @@ int find_new_sub_gids (gid_t *range_start, unsigned long *range_count)
start = sub_gid_find_free_range(min, max, count); start = sub_gid_find_free_range(min, max, count);
if (start == (gid_t)-1) { if (start == (gid_t)-1) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique subordinate GID range\n"), _("%s: Can't get unique subordinate GID range\n"),
Prog); Prog);
SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system")); SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system"));

View File

@ -60,7 +60,7 @@ int find_new_sub_uids (uid_t *range_start, unsigned long *range_count)
count = getdef_ulong ("SUB_UID_COUNT", 65536); count = getdef_ulong ("SUB_UID_COUNT", 65536);
if (min > max || count >= max || (min + count - 1) > max) { if (min > max || count >= max || (min + count - 1) > max) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: Invalid configuration: SUB_UID_MIN (%lu)," _("%s: Invalid configuration: SUB_UID_MIN (%lu),"
" SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"), " SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"),
Prog, min, max, count); Prog, min, max, count);
@ -69,7 +69,7 @@ int find_new_sub_uids (uid_t *range_start, unsigned long *range_count)
start = sub_uid_find_free_range(min, max, count); start = sub_uid_find_free_range(min, max, count);
if (start == (uid_t)-1) { if (start == (uid_t)-1) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique subordinate UID range\n"), _("%s: Can't get unique subordinate UID range\n"),
Prog); Prog);
SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system")); SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system"));

View File

@ -74,7 +74,7 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
/* Check that the ranges make sense */ /* Check that the ranges make sense */
if (*max_id < *min_id) { if (*max_id < *min_id) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: Invalid configuration: SYS_UID_MIN (%lu), " _("%s: Invalid configuration: SYS_UID_MIN (%lu), "
"UID_MIN (%lu), SYS_UID_MAX (%lu)\n"), "UID_MIN (%lu), SYS_UID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id, Prog, (unsigned long) *min_id,
@ -97,7 +97,7 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
/* Check that the ranges make sense */ /* Check that the ranges make sense */
if (*max_id < *min_id) { if (*max_id < *min_id) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: Invalid configuration: UID_MIN (%lu), " _("%s: Invalid configuration: UID_MIN (%lu), "
"UID_MAX (%lu)\n"), "UID_MAX (%lu)\n"),
Prog, (unsigned long) *min_id, Prog, (unsigned long) *min_id,
@ -213,7 +213,7 @@ int find_new_uid(bool sys_user,
* more likely to want to stop and address the * more likely to want to stop and address the
* issue. * issue.
*/ */
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Encountered error attempting to use " _("%s: Encountered error attempting to use "
"preferred UID: %s\n"), "preferred UID: %s\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -243,7 +243,7 @@ int find_new_uid(bool sys_user,
/* Create an array to hold all of the discovered UIDs */ /* Create an array to hold all of the discovered UIDs */
used_uids = malloc (sizeof (bool) * (uid_max +1)); used_uids = malloc (sizeof (bool) * (uid_max +1));
if (NULL == used_uids) { if (NULL == used_uids) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: failed to allocate memory: %s\n"), _("%s: failed to allocate memory: %s\n"),
Prog, strerror (errno)); Prog, strerror (errno));
return -1; return -1;
@ -323,7 +323,7 @@ int find_new_uid(bool sys_user,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique system UID (%s). " _("%s: Can't get unique system UID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -366,7 +366,7 @@ int find_new_uid(bool sys_user,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique system UID (%s). " _("%s: Can't get unique system UID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -426,7 +426,7 @@ int find_new_uid(bool sys_user,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique UID (%s). " _("%s: Can't get unique UID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -469,7 +469,7 @@ int find_new_uid(bool sys_user,
* *
*/ */
if (!nospam) { if (!nospam) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique UID (%s). " _("%s: Can't get unique UID (%s). "
"Suppressing additional messages.\n"), "Suppressing additional messages.\n"),
Prog, strerror (result)); Prog, strerror (result));
@ -488,7 +488,7 @@ int find_new_uid(bool sys_user,
} }
/* The code reached here and found no available IDs in the range */ /* The code reached here and found no available IDs in the range */
fprintf (stderr, fprintf (shadow_logfd,
_("%s: Can't get unique UID (no more available UIDs)\n"), _("%s: Can't get unique UID (no more available UIDs)\n"),
Prog); Prog);
SYSLOG ((LOG_WARN, "no more available UIDs on the system")); SYSLOG ((LOG_WARN, "no more available UIDs on the system"));

View File

@ -61,23 +61,23 @@
epoch = strtoull (source_date_epoch, &endptr, 10); epoch = strtoull (source_date_epoch, &endptr, 10);
if ((errno == ERANGE && (epoch == ULLONG_MAX || epoch == 0)) if ((errno == ERANGE && (epoch == ULLONG_MAX || epoch == 0))
|| (errno != 0 && epoch == 0)) { || (errno != 0 && epoch == 0)) {
fprintf (stderr, fprintf (shadow_logfd,
_("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n"), _("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n"),
strerror(errno)); strerror(errno));
} else if (endptr == source_date_epoch) { } else if (endptr == source_date_epoch) {
fprintf (stderr, fprintf (shadow_logfd,
_("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n"), _("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n"),
endptr); endptr);
} else if (*endptr != '\0') { } else if (*endptr != '\0') {
fprintf (stderr, fprintf (shadow_logfd,
_("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n"), _("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n"),
endptr); endptr);
} else if (epoch > ULONG_MAX) { } else if (epoch > ULONG_MAX) {
fprintf (stderr, fprintf (shadow_logfd,
_("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"), _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"),
ULONG_MAX, epoch); ULONG_MAX, epoch);
} else if (epoch > fallback) { } else if (epoch > fallback) {
fprintf (stderr, fprintf (shadow_logfd,
_("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"), _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"),
fallback, epoch); fallback, epoch);
} else { } else {

View File

@ -47,19 +47,19 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
int idx, argidx; int idx, argidx;
if (ranges < 0 || argc < 0) { if (ranges < 0 || argc < 0) {
fprintf(stderr, "%s: error calculating number of arguments\n", Prog); fprintf(shadow_logfd, "%s: error calculating number of arguments\n", Prog);
return NULL; return NULL;
} }
if (ranges != ((argc + 2) / 3)) { if (ranges != ((argc + 2) / 3)) {
fprintf(stderr, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc); fprintf(shadow_logfd, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
return NULL; return NULL;
} }
if ((ranges * 3) > argc) { if ((ranges * 3) > argc) {
fprintf(stderr, "ranges: %u argc: %d\n", fprintf(shadow_logfd, "ranges: %u argc: %d\n",
ranges, argc); ranges, argc);
fprintf(stderr, fprintf(shadow_logfd,
_( "%s: Not enough arguments to form %u mappings\n"), _( "%s: Not enough arguments to form %u mappings\n"),
Prog, ranges); Prog, ranges);
return NULL; return NULL;
@ -67,7 +67,7 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
mappings = calloc(ranges, sizeof(*mappings)); mappings = calloc(ranges, sizeof(*mappings));
if (!mappings) { if (!mappings) {
fprintf(stderr, _( "%s: Memory allocation failure\n"), fprintf(shadow_logfd, _( "%s: Memory allocation failure\n"),
Prog); Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
@ -88,24 +88,24 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
return NULL; return NULL;
} }
if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) { if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) {
fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (mapping->upper > UINT_MAX || if (mapping->upper > UINT_MAX ||
mapping->lower > UINT_MAX || mapping->lower > UINT_MAX ||
mapping->count > UINT_MAX) { mapping->count > UINT_MAX) {
fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (mapping->lower + mapping->count > UINT_MAX || if (mapping->lower + mapping->count > UINT_MAX ||
mapping->upper + mapping->count > UINT_MAX) { mapping->upper + mapping->count > UINT_MAX) {
fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (mapping->lower + mapping->count < mapping->lower || if (mapping->lower + mapping->count < mapping->lower ||
mapping->upper + mapping->count < mapping->upper) { mapping->upper + mapping->count < mapping->upper) {
/* this one really shouldn't be possible given previous checks */ /* this one really shouldn't be possible given previous checks */
fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog); fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
} }
@ -176,19 +176,19 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
} else if (strcmp(map_file, "gid_map") == 0) { } else if (strcmp(map_file, "gid_map") == 0) {
cap = CAP_SETGID; cap = CAP_SETGID;
} else { } else {
fprintf(stderr, _("%s: Invalid map file %s specified\n"), Prog, map_file); fprintf(shadow_logfd, _("%s: Invalid map file %s specified\n"), Prog, map_file);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
/* Align setuid- and fscaps-based new{g,u}idmap behavior. */ /* Align setuid- and fscaps-based new{g,u}idmap behavior. */
if (geteuid() == 0 && geteuid() != ruid) { if (geteuid() == 0 && geteuid() != ruid) {
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) { if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) {
fprintf(stderr, _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), Prog); fprintf(shadow_logfd, _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (seteuid(ruid) < 0) { if (seteuid(ruid) < 0) {
fprintf(stderr, _("%s: Could not seteuid to %d\n"), Prog, ruid); fprintf(shadow_logfd, _("%s: Could not seteuid to %d\n"), Prog, ruid);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
} }
@ -204,7 +204,7 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
data[0].effective |= CAP_TO_MASK(CAP_SETFCAP); data[0].effective |= CAP_TO_MASK(CAP_SETFCAP);
data[0].permitted = data[0].effective; data[0].permitted = data[0].effective;
if (capset(&hdr, data) < 0) { if (capset(&hdr, data) < 0) {
fprintf(stderr, _("%s: Could not set caps\n"), Prog); fprintf(shadow_logfd, _("%s: Could not set caps\n"), Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
#endif #endif
@ -222,7 +222,7 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
mapping->lower, mapping->lower,
mapping->count); mapping->count);
if ((written <= 0) || (written >= (bufsize - (pos - buf)))) { if ((written <= 0) || (written >= (bufsize - (pos - buf)))) {
fprintf(stderr, _("%s: snprintf failed!\n"), Prog); fprintf(shadow_logfd, _("%s: snprintf failed!\n"), Prog);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
pos += written; pos += written;
@ -231,12 +231,12 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
/* Write the mapping to the mapping file */ /* Write the mapping to the mapping file */
fd = openat(proc_dir_fd, map_file, O_WRONLY); fd = openat(proc_dir_fd, map_file, O_WRONLY);
if (fd < 0) { if (fd < 0) {
fprintf(stderr, _("%s: open of %s failed: %s\n"), fprintf(shadow_logfd, _("%s: open of %s failed: %s\n"),
Prog, map_file, strerror(errno)); Prog, map_file, strerror(errno));
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
if (write(fd, buf, pos - buf) != (pos - buf)) { if (write(fd, buf, pos - buf) != (pos - buf)) {
fprintf(stderr, _("%s: write to %s failed: %s\n"), fprintf(shadow_logfd, _("%s: write to %s failed: %s\n"),
Prog, map_file, strerror(errno)); Prog, map_file, strerror(errno));
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }

View File

@ -548,7 +548,7 @@ void setup_limits (const struct passwd *info)
#ifdef LIMITS #ifdef LIMITS
if (info->pw_uid != 0) { if (info->pw_uid != 0) {
if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) { if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) {
(void) fputs (_("Too many logins.\n"), stderr); (void) fputs (_("Too many logins.\n"), shadow_logfd);
(void) sleep (2); /* XXX: Should be FAIL_DELAY */ (void) sleep (2); /* XXX: Should be FAIL_DELAY */
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
} }

View File

@ -59,20 +59,20 @@ void do_pam_passwd (const char *user, bool silent, bool change_expired)
ret = pam_start ("passwd", user, &conv, &pamh); ret = pam_start ("passwd", user, &conv, &pamh);
if (ret != PAM_SUCCESS) { if (ret != PAM_SUCCESS) {
fprintf (stderr, fprintf (shadow_logfd,
_("passwd: pam_start() failed, error %d\n"), ret); _("passwd: pam_start() failed, error %d\n"), ret);
exit (10); /* XXX */ exit (10); /* XXX */
} }
ret = pam_chauthtok (pamh, flags); ret = pam_chauthtok (pamh, flags);
if (ret != PAM_SUCCESS) { if (ret != PAM_SUCCESS) {
fprintf (stderr, _("passwd: %s\n"), pam_strerror (pamh, ret)); fprintf (shadow_logfd, _("passwd: %s\n"), pam_strerror (pamh, ret));
fputs (_("passwd: password unchanged\n"), stderr); fputs (_("passwd: password unchanged\n"), shadow_logfd);
pam_end (pamh, ret); pam_end (pamh, ret);
exit (10); /* XXX */ exit (10); /* XXX */
} }
fputs (_("passwd: password updated successfully\n"), stderr); fputs (_("passwd: password updated successfully\n"), shadow_logfd);
(void) pam_end (pamh, PAM_SUCCESS); (void) pam_end (pamh, PAM_SUCCESS);
} }
#else /* !USE_PAM */ #else /* !USE_PAM */

View File

@ -76,7 +76,7 @@ static int ni_conv (int num_msg,
switch (msg[count]->msg_style) { switch (msg[count]->msg_style) {
case PAM_PROMPT_ECHO_ON: case PAM_PROMPT_ECHO_ON:
fprintf (stderr, fprintf (shadow_logfd,
_("%s: PAM modules requesting echoing are not supported.\n"), _("%s: PAM modules requesting echoing are not supported.\n"),
Prog); Prog);
goto failed_conversation; goto failed_conversation;
@ -88,7 +88,7 @@ static int ni_conv (int num_msg,
break; break;
case PAM_ERROR_MSG: case PAM_ERROR_MSG:
if ( (NULL == msg[count]->msg) if ( (NULL == msg[count]->msg)
|| (fprintf (stderr, "%s\n", msg[count]->msg) <0)) { || (fprintf (shadow_logfd, "%s\n", msg[count]->msg) <0)) {
goto failed_conversation; goto failed_conversation;
} }
responses[count].resp = NULL; responses[count].resp = NULL;
@ -101,7 +101,7 @@ static int ni_conv (int num_msg,
responses[count].resp = NULL; responses[count].resp = NULL;
break; break;
default: default:
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: conversation type %d not supported.\n"), _("%s: conversation type %d not supported.\n"),
Prog, msg[count]->msg_style); Prog, msg[count]->msg_style);
goto failed_conversation; goto failed_conversation;
@ -143,7 +143,7 @@ int do_pam_passwd_non_interactive (const char *pam_service,
ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh); ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
if (ret != PAM_SUCCESS) { if (ret != PAM_SUCCESS) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: (user %s) pam_start failure %d\n"), _("%s: (user %s) pam_start failure %d\n"),
Prog, username, ret); Prog, username, ret);
return 1; return 1;
@ -152,7 +152,7 @@ int do_pam_passwd_non_interactive (const char *pam_service,
non_interactive_password = password; non_interactive_password = password;
ret = pam_chauthtok (pamh, 0); ret = pam_chauthtok (pamh, 0);
if (ret != PAM_SUCCESS) { if (ret != PAM_SUCCESS) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: (user %s) pam_chauthtok() failed, error:\n" _("%s: (user %s) pam_chauthtok() failed, error:\n"
"%s\n"), "%s\n"),
Prog, username, pam_strerror (pamh, ret)); Prog, username, pam_strerror (pamh, ret));

View File

@ -83,7 +83,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
&& (val = argv[i] + 9)) && (val = argv[i] + 9))
|| (strcmp (argv[i], short_opt) == 0)) { || (strcmp (argv[i], short_opt) == 0)) {
if (NULL != prefix) { if (NULL != prefix) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: multiple --prefix options\n"), _("%s: multiple --prefix options\n"),
Prog); Prog);
exit (E_BAD_ARG); exit (E_BAD_ARG);
@ -92,7 +92,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
if (val) { if (val) {
prefix = val; prefix = val;
} else if (i + 1 == argc) { } else if (i + 1 == argc) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: option '%s' requires an argument\n"), _("%s: option '%s' requires an argument\n"),
Prog, argv[i]); Prog, argv[i]);
exit (E_BAD_ARG); exit (E_BAD_ARG);

View File

@ -51,7 +51,7 @@ void passwd_check (const char *user, const char *passwd, unused const char *prog
if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) { if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
SYSLOG ((LOG_WARN, "incorrect password for `%s'", user)); SYSLOG ((LOG_WARN, "incorrect password for `%s'", user));
(void) sleep (1); (void) sleep (1);
fprintf (stderr, _("Incorrect password for %s.\n"), user); fprintf (shadow_logfd, _("Incorrect password for %s.\n"), user);
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
} }
} }

View File

@ -65,7 +65,7 @@ extern void process_root_flag (const char* short_opt, int argc, char **argv)
&& (val = argv[i] + 7)) && (val = argv[i] + 7))
|| (strcmp (argv[i], short_opt) == 0)) { || (strcmp (argv[i], short_opt) == 0)) {
if (NULL != newroot) { if (NULL != newroot) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: multiple --root options\n"), _("%s: multiple --root options\n"),
Prog); Prog);
exit (E_BAD_ARG); exit (E_BAD_ARG);
@ -74,7 +74,7 @@ extern void process_root_flag (const char* short_opt, int argc, char **argv)
if (val) { if (val) {
newroot = val; newroot = val;
} else if (i + 1 == argc) { } else if (i + 1 == argc) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: option '%s' requires an argument\n"), _("%s: option '%s' requires an argument\n"),
Prog, argv[i]); Prog, argv[i]);
exit (E_BAD_ARG); exit (E_BAD_ARG);
@ -94,34 +94,34 @@ static void change_root (const char* newroot)
/* Drop privileges */ /* Drop privileges */
if ( (setregid (getgid (), getgid ()) != 0) if ( (setregid (getgid (), getgid ()) != 0)
|| (setreuid (getuid (), getuid ()) != 0)) { || (setreuid (getuid (), getuid ()) != 0)) {
fprintf (stderr, _("%s: failed to drop privileges (%s)\n"), fprintf (shadow_logfd, _("%s: failed to drop privileges (%s)\n"),
Prog, strerror (errno)); Prog, strerror (errno));
exit (EXIT_FAILURE); exit (EXIT_FAILURE);
} }
if ('/' != newroot[0]) { if ('/' != newroot[0]) {
fprintf (stderr, fprintf (shadow_logfd,
_("%s: invalid chroot path '%s'\n"), _("%s: invalid chroot path '%s'\n"),
Prog, newroot); Prog, newroot);
exit (E_BAD_ARG); exit (E_BAD_ARG);
} }
if (access (newroot, F_OK) != 0) { if (access (newroot, F_OK) != 0) {
fprintf(stderr, fprintf(shadow_logfd,
_("%s: cannot access chroot directory %s: %s\n"), _("%s: cannot access chroot directory %s: %s\n"),
Prog, newroot, strerror (errno)); Prog, newroot, strerror (errno));
exit (E_BAD_ARG); exit (E_BAD_ARG);
} }
if (chdir (newroot) != 0) { if (chdir (newroot) != 0) {
fprintf(stderr, fprintf(shadow_logfd,
_("%s: cannot chdir to chroot directory %s: %s\n"), _("%s: cannot chdir to chroot directory %s: %s\n"),
Prog, newroot, strerror (errno)); Prog, newroot, strerror (errno));
exit (E_BAD_ARG); exit (E_BAD_ARG);
} }
if (chroot (newroot) != 0) { if (chroot (newroot) != 0) {
fprintf(stderr, fprintf(shadow_logfd,
_("%s: unable to chroot to directory %s: %s\n"), _("%s: unable to chroot to directory %s: %s\n"),
Prog, newroot, strerror (errno)); Prog, newroot, strerror (errno));
exit (E_BAD_ARG); exit (E_BAD_ARG);

View File

@ -426,7 +426,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
salt_len = (size_t) shadow_random (8, 16); salt_len = (size_t) shadow_random (8, 16);
#endif /* USE_SHA_CRYPT */ #endif /* USE_SHA_CRYPT */
} else if (0 != strcmp (method, "DES")) { } else if (0 != strcmp (method, "DES")) {
fprintf (stderr, fprintf (shadow_logfd,
_("Invalid ENCRYPT_METHOD value: '%s'.\n" _("Invalid ENCRYPT_METHOD value: '%s'.\n"
"Defaulting to DES.\n"), "Defaulting to DES.\n"),
method); method);

View File

@ -219,7 +219,7 @@ void setup_env (struct passwd *info)
static char temp_pw_dir[] = "/"; static char temp_pw_dir[] = "/";
if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) { if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) {
fprintf (stderr, _("Unable to cd to '%s'\n"), fprintf (shadow_logfd, _("Unable to cd to '%s'\n"),
info->pw_dir); info->pw_dir);
SYSLOG ((LOG_WARN, SYSLOG ((LOG_WARN,
"unable to cd to `%s' for user `%s'\n", "unable to cd to `%s' for user `%s'\n",

View File

@ -96,7 +96,7 @@ static int user_busy_utmp (const char *name)
continue; continue;
} }
fprintf (stderr, fprintf (shadow_logfd,
_("%s: user %s is currently logged in\n"), _("%s: user %s is currently logged in\n"),
Prog, name); Prog, name);
return 1; return 1;
@ -249,7 +249,7 @@ static int user_busy_processes (const char *name, uid_t uid)
#ifdef ENABLE_SUBIDS #ifdef ENABLE_SUBIDS
sub_uid_close(); sub_uid_close();
#endif #endif
fprintf (stderr, fprintf (shadow_logfd,
_("%s: user %s is currently used by process %d\n"), _("%s: user %s is currently used by process %d\n"),
Prog, name, pid); Prog, name, pid);
return 1; return 1;
@ -272,7 +272,7 @@ static int user_busy_processes (const char *name, uid_t uid)
#ifdef ENABLE_SUBIDS #ifdef ENABLE_SUBIDS
sub_uid_close(); sub_uid_close();
#endif #endif
fprintf (stderr, fprintf (shadow_logfd,
_("%s: user %s is currently used by process %d\n"), _("%s: user %s is currently used by process %d\n"),
Prog, name, pid); Prog, name, pid);
return 1; return 1;

View File

@ -74,7 +74,7 @@
result = malloc(sizeof(LOOKUP_TYPE)); result = malloc(sizeof(LOOKUP_TYPE));
if (NULL == result) { if (NULL == result) {
fprintf (stderr, _("%s: out of memory\n"), fprintf (shadow_logfd, _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME)); "x" STRINGIZE(FUNCTION_NAME));
exit (13); exit (13);
} }
@ -84,7 +84,7 @@
LOOKUP_TYPE *resbuf = NULL; LOOKUP_TYPE *resbuf = NULL;
buffer = (char *)realloc (buffer, length); buffer = (char *)realloc (buffer, length);
if (NULL == buffer) { if (NULL == buffer) {
fprintf (stderr, _("%s: out of memory\n"), fprintf (shadow_logfd, _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME)); "x" STRINGIZE(FUNCTION_NAME));
exit (13); exit (13);
} }
@ -132,7 +132,7 @@
if (result) { if (result) {
result = DUP_FUNCTION(result); result = DUP_FUNCTION(result);
if (NULL == result) { if (NULL == result) {
fprintf (stderr, _("%s: out of memory\n"), fprintf (shadow_logfd, _("%s: out of memory\n"),
"x" STRINGIZE(FUNCTION_NAME)); "x" STRINGIZE(FUNCTION_NAME));
exit (13); exit (13);
} }

View File

@ -54,7 +54,7 @@
ptr = (char *) malloc (size); ptr = (char *) malloc (size);
if (NULL == ptr) { if (NULL == ptr) {
(void) fprintf (stderr, (void) fprintf (shadow_logfd,
_("%s: failed to allocate memory: %s\n"), _("%s: failed to allocate memory: %s\n"),
Prog, strerror (errno)); Prog, strerror (errno));
exit (13); exit (13);

View File

@ -32,12 +32,39 @@
#include <stdio.h> #include <stdio.h>
#include <errno.h> #include <errno.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h>
#include <pwd.h> #include <pwd.h>
#include <stdbool.h> #include <stdbool.h>
#include "subordinateio.h" #include "subordinateio.h"
#include "idmapping.h" #include "idmapping.h"
#include "subid.h" #include "subid.h"
const char *Prog = "(libsubid)";
extern FILE * shadow_logfd;
bool libsubid_init(const char *progname, FILE * logfd)
{
if (progname) {
progname = strdup(progname);
if (progname)
Prog = progname;
else
fprintf(stderr, "Out of memory");
}
if (logfd) {
shadow_logfd = logfd;
return true;
}
shadow_logfd = fopen("/dev/null", "w");
if (!shadow_logfd) {
fprintf(stderr, "ERROR opening /dev/null for error messages. Using stderr.");
shadow_logfd = stderr;
return false;
}
return true;
}
static static
int get_subid_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges) int get_subid_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges)
{ {

View File

@ -21,6 +21,22 @@ enum subid_status {
SUBID_STATUS_ERROR = 3, SUBID_STATUS_ERROR = 3,
}; };
/*
* libsubid_init: initialize libsubid
*
* @progname: Name to display as program. If NULL, then "(libsubid)" will be
* shown in error messages.
* @logfd: Open file pointer to pass error messages to. If NULL, then
* /dev/null will be opened and messages will be sent there. The
* default if libsubid_init() is not called is stderr (2).
*
* This function does not need to be called. If not called, then the defaults
* will be used.
*
* Returns false if an error occurred.
*/
bool libsubid_init(const char *progname, FILE *logfd);
/* /*
* get_subuid_ranges: return a list of UID ranges for a user * get_subuid_ranges: return a list of UID ranges for a user
* *

View File

@ -62,6 +62,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool static bool
dflg = false, /* set last password change date */ dflg = false, /* set last password change date */
@ -814,6 +815,7 @@ int main (int argc, char **argv)
* Get the program name so that error messages can use it. * Get the program name so that error messages can use it.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
sanitize_env (); sanitize_env ();
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");

View File

@ -18,6 +18,7 @@
#include "idmapping.h" #include "idmapping.h"
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
@ -25,6 +26,7 @@ int main(int argc, char **argv)
unsigned long start, count; unsigned long start, count;
bool check_uids; bool check_uids;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
if (argc != 5) if (argc != 5)
exit(1); exit(1);

View File

@ -57,6 +57,7 @@
* Global variables. * Global variables.
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static char fullnm[BUFSIZ]; static char fullnm[BUFSIZ];
static char roomno[BUFSIZ]; static char roomno[BUFSIZ];
static char workph[BUFSIZ]; static char workph[BUFSIZ];
@ -639,6 +640,7 @@ int main (int argc, char **argv)
* prefix to most error messages. * prefix to most error messages.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
sanitize_env (); sanitize_env ();
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");

View File

@ -59,6 +59,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool eflg = false; static bool eflg = false;
static bool md5flg = false; static bool md5flg = false;
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@ -437,6 +438,7 @@ int main (int argc, char **argv)
int line = 0; int line = 0;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -56,6 +56,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool eflg = false; static bool eflg = false;
static bool md5flg = false; static bool md5flg = false;
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@ -429,6 +430,7 @@ int main (int argc, char **argv)
int line = 0; int line = 0;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -59,6 +59,7 @@
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ const char *Prog; /* Program name */
FILE *shadow_logfd = NULL;
static bool amroot; /* Real UID is root */ static bool amroot; /* Real UID is root */
static char loginsh[BUFSIZ]; /* Name of new login shell */ static char loginsh[BUFSIZ]; /* Name of new login shell */
/* command line options */ /* command line options */
@ -441,6 +442,7 @@ int main (int argc, char **argv)
* most error messages. * most error messages.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -46,6 +46,7 @@
/* Global variables */ /* Global variables */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool cflg = false; static bool cflg = false;
/* local function prototypes */ /* local function prototypes */
@ -144,6 +145,7 @@ int main (int argc, char **argv)
struct spwd *spwd; struct spwd *spwd;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
sanitize_env (); sanitize_env ();

View File

@ -62,6 +62,7 @@ static void reset (void);
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ const char *Prog; /* Program name */
FILE *shadow_logfd = NULL;
static FILE *fail; /* failure file stream */ static FILE *fail; /* failure file stream */
static time_t seconds; /* that number of days in seconds */ static time_t seconds; /* that number of days in seconds */
static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */ static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
@ -573,6 +574,7 @@ int main (int argc, char **argv)
* most error messages. * most error messages.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -7,6 +7,7 @@
/* Test program for the subid freeing routine */ /* Test program for the subid freeing routine */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
void usage(void) void usage(void)
{ {
@ -23,6 +24,7 @@ int main(int argc, char *argv[])
bool group = false; // get subuids by default bool group = false; // get subuids by default
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
while ((c = getopt(argc, argv, "g")) != EOF) { while ((c = getopt(argc, argv, "g")) != EOF) {
switch(c) { switch(c) {
case 'g': group = true; break; case 'g': group = true; break;

View File

@ -4,6 +4,7 @@
#include "prototypes.h" #include "prototypes.h"
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
void usage(void) void usage(void)
{ {
@ -19,6 +20,7 @@ int main(int argc, char *argv[])
uid_t *uids; uid_t *uids;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
if (argc < 2) { if (argc < 2) {
usage(); usage();
} }

View File

@ -58,6 +58,7 @@
*/ */
/* The name of this command, as it is invoked */ /* The name of this command, as it is invoked */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
#ifdef SHADOWGRP #ifdef SHADOWGRP
/* Indicate if shadow groups are enabled on the system /* Indicate if shadow groups are enabled on the system
@ -988,6 +989,7 @@ int main (int argc, char **argv)
*/ */
bywho = getuid (); bywho = getuid ();
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
OPENLOG ("gpasswd"); OPENLOG ("gpasswd");
setbuf (stdout, NULL); setbuf (stdout, NULL);

View File

@ -72,6 +72,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static /*@null@*/char *group_name; static /*@null@*/char *group_name;
static gid_t group_id; static gid_t group_id;
@ -598,6 +599,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -58,6 +58,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static char *group_name; static char *group_name;
static gid_t group_id = -1; static gid_t group_id = -1;
@ -376,6 +377,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -65,6 +65,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static char *adduser = NULL; static char *adduser = NULL;
static char *deluser = NULL; static char *deluser = NULL;
@ -595,6 +596,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -76,6 +76,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
#ifdef SHADOWGRP #ifdef SHADOWGRP
static bool is_shadow_grp; static bool is_shadow_grp;
@ -792,6 +793,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -43,6 +43,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
/* local function prototypes */ /* local function prototypes */
static void print_groups (const char *member); static void print_groups (const char *member);
@ -126,6 +127,7 @@ int main (int argc, char **argv)
* Get the program name so that error messages can use it. * Get the program name so that error messages can use it.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
if (argc == 1) { if (argc == 1) {

View File

@ -66,6 +66,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static const char *grp_file = GROUP_FILE; static const char *grp_file = GROUP_FILE;
static bool use_system_grp_file = true; static bool use_system_grp_file = true;
@ -840,6 +841,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -59,6 +59,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool gr_locked = false; static bool gr_locked = false;
static bool sgr_locked = false; static bool sgr_locked = false;
@ -146,6 +147,7 @@ int main (int argc, char **argv)
struct sgrp sgent; struct sgrp sgent;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -59,6 +59,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool gr_locked = false; static bool gr_locked = false;
static bool sgr_locked = false; static bool sgr_locked = false;
@ -145,6 +146,7 @@ int main (int argc, char **argv)
const struct sgrp *sg; const struct sgrp *sg;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -62,6 +62,7 @@
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ const char *Prog; /* Program name */
FILE *shadow_logfd = NULL;
static FILE *lastlogfile; /* lastlog file stream */ static FILE *lastlogfile; /* lastlog file stream */
static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */ static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
static bool has_umin = false; static bool has_umin = false;
@ -317,6 +318,7 @@ int main (int argc, char **argv)
* most error messages. * most error messages.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -4,6 +4,7 @@
#include "prototypes.h" #include "prototypes.h"
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
void usage(void) void usage(void)
{ {
@ -19,6 +20,7 @@ int main(int argc, char *argv[])
struct subordinate_range **ranges; struct subordinate_range **ranges;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
if (argc < 2) { if (argc < 2) {
usage(); usage();
} }

View File

@ -83,6 +83,7 @@ static pam_handle_t *pamh = NULL;
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static const char *hostname = ""; static const char *hostname = "";
static /*@null@*/ /*@only@*/char *username = NULL; static /*@null@*/ /*@only@*/char *username = NULL;
@ -577,6 +578,7 @@ int main (int argc, char **argv)
amroot = (getuid () == 0); amroot = (getuid () == 0);
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
if (geteuid() != 0) { if (geteuid() != 0) {
fprintf (stderr, _("%s: Cannot possibly work without effective root\n"), Prog); fprintf (stderr, _("%s: Cannot possibly work without effective root\n"), Prog);

View File

@ -44,6 +44,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
#ifndef DEFAULT_HUP_MESG #ifndef DEFAULT_HUP_MESG
#define DEFAULT_HUP_MESG _("login time exceeded\n\n") #define DEFAULT_HUP_MESG _("login time exceeded\n\n")
@ -187,6 +188,7 @@ int main (int argc, char **argv)
* Start syslogging everything * Start syslogging everything
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
OPENLOG ("logoutd"); OPENLOG ("logoutd");

View File

@ -7,6 +7,7 @@
/* Test program for the subid creation routine */ /* Test program for the subid creation routine */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
void usage(void) void usage(void)
{ {
@ -26,6 +27,7 @@ int main(int argc, char *argv[])
bool ok; bool ok;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
while ((c = getopt(argc, argv, "gn")) != EOF) { while ((c = getopt(argc, argv, "gn")) != EOF) {
switch(c) { switch(c) {
case 'n': makenew = true; break; case 'n': makenew = true; break;

View File

@ -46,6 +46,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups) static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups)
@ -176,6 +177,7 @@ int main(int argc, char **argv)
bool allow_setgroups = false; bool allow_setgroups = false;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
/* /*
* The valid syntax are * The valid syntax are

View File

@ -49,6 +49,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
extern char **newenvp; extern char **newenvp;
extern char **environ; extern char **environ;
@ -443,6 +444,7 @@ int main (int argc, char **argv)
* don't need to re-exec anything. -- JWP * don't need to re-exec anything. -- JWP
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
is_newgrp = (strcmp (Prog, "newgrp") == 0); is_newgrp = (strcmp (Prog, "newgrp") == 0);
OPENLOG (is_newgrp ? "newgrp" : "sg"); OPENLOG (is_newgrp ? "newgrp" : "sg");
argc--; argc--;

View File

@ -46,6 +46,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool verify_range(struct passwd *pw, struct map_range *range) static bool verify_range(struct passwd *pw, struct map_range *range)
{ {
@ -106,6 +107,7 @@ int main(int argc, char **argv)
int written; int written;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
/* /*
* The valid syntax are * The valid syntax are

View File

@ -75,6 +75,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool rflg = false; /* create a system account */ static bool rflg = false; /* create a system account */
#ifndef USE_PAM #ifndef USE_PAM
@ -1052,6 +1053,7 @@ int main (int argc, char **argv)
#endif /* USE_PAM */ #endif /* USE_PAM */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -66,6 +66,7 @@
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ const char *Prog; /* Program name */
FILE *shadow_logfd = NULL;
static char *name; /* The name of user whose password is being changed */ static char *name; /* The name of user whose password is being changed */
static char *myname; /* The current user's name */ static char *myname; /* The current user's name */
@ -752,6 +753,7 @@ int main (int argc, char **argv)
* most error messages. * most error messages.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -70,6 +70,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool use_system_pw_file = true; static bool use_system_pw_file = true;
static bool use_system_spw_file = true; static bool use_system_spw_file = true;

View File

@ -89,6 +89,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool spw_locked = false; static bool spw_locked = false;
static bool pw_locked = false; static bool pw_locked = false;
@ -176,6 +177,7 @@ int main (int argc, char **argv)
struct spwd spent; struct spwd spent;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -53,6 +53,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static bool spw_locked = false; static bool spw_locked = false;
static bool pw_locked = false; static bool pw_locked = false;
@ -137,6 +138,7 @@ int main (int argc, char **argv)
const struct spwd *spwd; const struct spwd *spwd;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -82,6 +82,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static /*@observer@*/const char *caller_tty = NULL; /* Name of tty SU is run from */ static /*@observer@*/const char *caller_tty = NULL; /* Name of tty SU is run from */
static bool caller_is_root = false; static bool caller_is_root = false;
static uid_t caller_uid; static uid_t caller_uid;
@ -716,6 +717,7 @@ static void save_caller_context (char **argv)
* most error messages. * most error messages.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
caller_uid = getuid (); caller_uid = getuid ();
caller_is_root = (caller_uid == 0); caller_is_root = (caller_uid == 0);

View File

@ -50,6 +50,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static char name[BUFSIZ]; static char name[BUFSIZ];
static char pass[BUFSIZ]; static char pass[BUFSIZ];
@ -106,6 +107,7 @@ static RETSIGTYPE catch_signals (unused int sig)
#endif #endif
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);

View File

@ -96,6 +96,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
/* /*
* These defaults are used if there is no defaults file. * These defaults are used if there is no defaults file.
@ -2391,6 +2392,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -91,6 +91,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static char *user_name; static char *user_name;
static uid_t user_id; static uid_t user_id;
@ -1015,6 +1016,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);

View File

@ -105,6 +105,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static char *user_name; static char *user_name;
static char *user_newname; static char *user_newname;
@ -2200,6 +2201,7 @@ int main (int argc, char **argv)
* Get my name so that I can use it to report errors. * Get my name so that I can use it to report errors.
*/ */
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);

View File

@ -63,6 +63,7 @@
* Global variables * Global variables
*/ */
const char *Prog; const char *Prog;
FILE *shadow_logfd = NULL;
static const char *filename, *fileeditname; static const char *filename, *fileeditname;
static bool filelocked = false; static bool filelocked = false;
@ -481,6 +482,7 @@ int main (int argc, char **argv)
bool do_vipw; bool do_vipw;
Prog = Basename (argv[0]); Prog = Basename (argv[0]);
shadow_logfd = stderr;
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);