Commit Graph

2265 Commits

Author SHA1 Message Date
142d788c81 update changelog
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-01-23 14:37:42 -06:00
33c6a170a5 Merge pull request #212 from t8m/in-subuid-mapping
Do not mistake a regular user process for a namespaced one
2020-01-23 09:15:04 -06:00
fd4405b763 Do not mistake a regular user process for a namespaced one
In case there is a regular user with a process running on a system
with uid falling into a namespaced uid range of another user.
The user with the colliding namespaced uid range will not be
allowed to be deleted without forcing the action with -f.

The user_busy() is adjusted to check whether the suspected process
is really a namespaced process in a different namespace.
2020-01-21 09:16:10 +01:00
dfceca8427 Merge pull request #210 from t8m/shell-check
Make the check for non-executable shell only a warning.
2020-01-20 07:04:51 -08:00
54c1660969 Merge pull request #211 from Frans-Spiesschaert/master
updated po file for Dutch
2020-01-20 06:57:13 -08:00
eebcacfae8 po/nl.po
updated Dutch translation for shadow version 4.8 (pot file from 2019-12-01).
I updated the translation for Debian
and on request of the Debian package maintainer Bálint Réczey I am creating this pull request
2020-01-17 13:19:09 -08:00
4ed08824e5 Make the check for non-executable shell only a warning.
Although it is a good idea to check for an inadvertent typo
in the shell name it is possible that the shell might not be present
on the system yet when the user is added.
2020-01-16 12:59:29 +01:00
3e942adb21 Merge pull request #209 from Duncaen/home-mode
add new HOME_MODE login.defs(5) option
2020-01-12 09:39:13 -06:00
085d04c3dd add new HOME_MODE login.defs(5) option
This option can be used to set a separate mode for useradd(8) and
newusers(8) to create the home directories with.
If this option is not set, the current behavior of using UMASK
or the default umask is preserved.

There are many distributions that set UMASK to 077 by default just
to create home directories not readable by others and use things like
/etc/profile, bashrc or sudo configuration files to set a less
restrictive
umask. This has always resulted in bug reports because it is hard
to follow as users tend to change files like bashrc and are not about
setting the umask to counteract the umask set in /etc/login.defs.

A recent change in sudo has also resulted in many bug reports about
this. sudo now tries to respect the umask set by pam modules and on
systems where pam does not set a umask, the login.defs UMASK value is
used.
2020-01-12 16:18:32 +01:00
ed4a0157c4 silence more compiler warnings
And don't reuse the cp variable for two different purposes.

Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-01-12 08:20:50 -06:00
93f1f35123 Revert "add new HOME_MODE login.defs(5) option"
Missing file

This reverts commit a847899b52.
2020-01-12 07:56:19 -06:00
9f7f3b013e silence compiler warnings
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-01-12 07:31:26 -06:00
5a6ddf3b57 man: add missing author entries
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-01-12 07:24:04 -06:00
0512c187c8 Merge pull request #204 from edneville/198_user_add_tty_logging
Adding tty logging to the useradd command
2020-01-12 07:19:18 -06:00
ed
f32d4a359b Adding tty logging to the useradd command
This commit adds a from= field to the end of the useradd log entry.
Casting user_name to tallylog_reset to silence a compiler warning.

Changelog: Fixing tabs
Changelog: Changing function prototype to const char* to match user_name declaration.
2020-01-12 07:08:05 -06:00
401d0743af Merge pull request #208 from Duncaen/umask-home
add new UMASK_HOME login.defs option
2020-01-11 16:20:13 -06:00
a847899b52 add new HOME_MODE login.defs(5) option
This option can be used to set a separate mode for useradd(8) and
newusers(8) to create the home directories with.
If this option is not set, the current behavior of using UMASK
or the default umask is preserved.

There are many distributions that set UMASK to 077 by default just
to create home directories not readable by others and use things like
/etc/profile, bashrc or sudo configuration files to set a less
restrictive
umask. This has always resulted in bug reports because it is hard
to follow as users tend to change files like bashrc and are not about
setting the umask to counteract the umask set in /etc/login.defs.

A recent change in sudo has also resulted in many bug reports about
this. sudo now tries to respect the umask set by pam modules and on
systems where pam does not set a umask, the login.defs UMASK value is
used.
2020-01-11 22:27:39 +01:00
88c1a6d98d Update README to point to new alioth list urls
Closes #195.

Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2020-01-11 14:50:55 -06:00
ef095ceef1 Merge pull request #206 from edneville/123_log_ssh_original_command_in_nologin
Adding logging of SSH_ORIGINAL_COMMAND to nologin.
2020-01-11 14:47:57 -06:00
ed
4c9ec2f5a4 Adding logging of SSH_ORIGINAL_COMMAND to nologin.
If SSH_ORIGINAL_COMMAND is set, it will be added to the syslog entry.

Closes #123.

Changelog: (SEH squashed commit): Fixing indentation
Changelog: (SEH) break up long line
2020-01-11 14:46:52 -06:00
d7add53f06 add changelog entry about account-tools-setuid
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2019-12-20 00:14:13 -06:00
2aa7427e2b Merge pull request #205 from Blub/2019-12-19/bail-on-error-in-for-loops
Makefile: bail out on error in for-loops
2019-12-20 00:08:32 -06:00
1ec36eabb2 Merge pull request #199 from falconindy/master
Don't auto-enable ACCT_TOOLS_SETUID if PAM is detected
2019-12-20 00:07:23 -06:00
bd3c39f1c8 Merge pull request #201 from michaelweiser/groupmems-man
man: Don't suggest making groupmems user-writeable
2019-12-19 14:49:45 -06:00
258944e331 Makefile: bail out on error in for-loops
`make` runs each line in a shell and bails out on error,
however, the shell is not started with `-e`, so commands in
`for` loops can fail without the error actually causing
`make` to bail out with a failure status.

For instance, the following make snippet will end
successfully, printing 'SUCCESS', despite the first `chmod`
failing:

    all:
        touch a b
        for i in a-missing-file a b; do \
            chmod 666 $$i; \
        done
        @echo SUCCESS

To prevent wrong paths in install scripts from remaining
unnoticed, let's activate `set -e` in the `for` loop
subshells.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2019-12-19 18:54:30 +01:00
51d65f37e5 Merge pull request #203 from Rushi98/master
Deduplicate usermod manual (fixes #202)
2019-12-18 11:46:20 +01:00
0f332f48bc Deduplicate usermod manual (fixes #202)
Changelog:
1) modified:   man/usermod.8.xml
   Removed duplicate "badnames" options entry.
2019-12-18 11:20:40 +05:30
a73d4aee75 man: Don't suggest making groupmems user-writeable
Suggesting mode 2770 is dangerous because it makes the binary writeable
by all members of the owning group which is supposed to be normal
end-users. Suggest 2710 instead as is usual for s[ug]id binaries,
allowing execution but neither reading nor writing.

Signed-off-by: Michael Weiser <michael.weiser@gmx.de>
2019-12-17 21:27:46 +01:00
7f53048875 Merge pull request #200 from jubalh/sel1
selinux: include stdio
2019-12-17 13:43:56 +01:00
b1a5cda91e selinux: include stdio
We use fprintf(), stderr etc, so we should include stdio.h.
2019-12-17 13:40:47 +01:00
66b7bc0dcf Don't auto-enable ACCT_TOOLS_SETUID if PAM is detected
Here's a sad story:

* 70971457 is merged into shadow, allowing newgidmap/newuidmap to be
installed with file caps rather than setuid.
* https://bugs.archlinux.org/task/63248 is filed to take advantage of
this.
* The arch maintainer of the 'shadow' package notices that this doesn't
work, and submits a pull request to fix this in shadow.
* edf7547ad5 is merged, fixing the post install hooks.

The problem here is that distros have been building shadow with PAM for
O(years), but the install hooks have silently failed due to the
combination of the directory mismatch (suidubins vs suidsbins) and later
success with setuid'ing newgidmap/newuidmap.

With the install hooks fixed, those of us (Arch[1] and Gentoo[2] so far)
who never built shadow explicitly with --enable-account-tools-setuid are
now getting setuid account tools, and don't have PAM configuration
suitable for use with setuid account management tools.

It's entirely unclear to me why you'd want this, but I assume there's
some reason out there for it existing. Regardless, setuid binaries are
dangerous and shouldn't be enabled by default without good reason.

[1] https://bugs.archlinux.org/task/64836
[2] https://bugs.gentoo.org/702252
2019-12-16 14:22:32 -05:00
eaaac67d4f Merge pull request #197 from chutz/revert-bindir-sbindir-change
Revert "Honor --sbindir and --bindir for binary installation"
2019-12-01 20:28:21 -06:00
3cc3948d71 Revert "Honor --sbindir and --bindir for binary installation"
This reverts commit e293aa9cfc.

See https://github.com/shadow-maint/shadow/issues/196

Some distros still care about `/bin` vs `/usr/bin`. This commit makes
it so all binaries are always installed to `/bin`/`/sbin`. The only way to
restore the previous behaviour of installing some binaries to
`/usr/bin`/`/usr/sbin` is to revert the patch.
2019-12-01 13:59:52 -08:00
08096ed24a Merge pull request #194 from jubalh/contr
Add myself to contributors
2019-12-01 11:46:13 -06:00
92a678c250 Add myself to contributors 2019-12-01 18:37:38 +01:00
81de782d1e Release 4.8
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2019-12-01 11:36:13 -06:00
d83eccdded fix type in po/POTFILES.in
Signed-off-by: Serge Hallyn <shallyn@cisco.com>
2019-12-01 11:36:13 -06:00
681b66b13c Merge pull request #179 from seitokaichou/master
WIP: Initial bcrypt support
2019-12-01 11:02:23 -06:00
2958bd050b Initial bcrypt support 2019-12-01 11:00:57 -06:00
38f493aff2 Merge pull request #192 from Polynomial-C/optional_su
build: Make build/installation of su and its support files optional
2019-12-01 10:51:21 -06:00
19bac44dde build: Make build/installation of su and its support files optional
Enabled by default
This is necessary because coreutils and util-linux can also provide su

Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
2019-11-19 11:28:45 +01:00
b49712ed32 Merge pull request #191 from topimiettinen/sync-passwd-5-and-shadow-5
man: sync and reorder password field descriptions
2019-11-16 15:06:03 +01:00
cdbe1310cc man: sync and reorder password field descriptions
Synchronize how passwd(5) and shadow(5) describe the password field.
Reorder the descriptions more logically.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
2019-11-16 15:35:08 +02:00
b462f5335f Merge pull request #190 from jubalh/fixtypo
Fix typo in access of shell command
2019-11-12 07:12:06 -06:00
115a4e89e2 Fix typo in access of shell command
Fix typo in 88fa0651bf.
For some reason my git push -f seems not to have worked.
2019-11-12 08:38:08 +01:00
9d935d9be1 Merge pull request #189 from hallyn/2019-11-11/vpiw
Fix vipw not resuming correctly when suspended
2019-11-11 20:22:49 -06:00
7eca1112fb Fix vipw not resuming correctly when suspended
Closes #185

If vipw is suspended (e.g. via control-Z) and then resumed, it often gets
immediately suspended. This is easier to reproduce on a multi-core system.

root@buster:~# /usr/sbin/vipw

[1]+  Stopped                 /usr/sbin/vipw
root@buster:~# fg
/usr/sbin/vipw

[1]+  Stopped                 /usr/sbin/vipw

root@buster:~# fg
[vipw resumes on the second fg]

The problem is that vipw forks a child process and calls waitpid() with the
WUNTRACED flag. When the child process (running the editor) is suspended, the
parent sends itself SIGSTOP to suspend the main vipw process. However, because
the main vipw is in the same process group as the editor which received the ^Z,
the kernel already sent the main vipw SIGTSTP.

If the main vipw receives SIGTSTP before the child, it will be suspended and
then, once resumed, will proceed to suspend itself again.

To fix this, run the child process in its own process group as the foreground
process group. That way, control-Z will only affect the child process and the
parent can use the existing logic to suspend the parent.
2019-11-11 20:19:57 -06:00
fe2a266c50 Merge pull request #188 from rbalint/pot
Allow translation of new strings by adding new files to POTFILES.in
2019-11-11 18:12:36 -06:00
e97df9b1ec Merge pull request #187 from jubalh/useradd-s
useradd: check for valid shell argument
2019-11-11 18:10:56 -06:00
d048459d36 [i18n] Allow translation of new strings by adding new files to POTFILES.in 2019-11-11 16:44:04 +01:00