lib/pwio.c, lib/pwio.h, lib/shadowio.c, lib/shadowio.h: Added
splint annotations. The *_locate() and *_next() functions
currently return an observer. As the structure are often modified
by the caller, it could maybe be changed to exposed later. (and
non-const).
default to 32.
* libmisc/chkname.c: Use USER_NAME_MAX_LENGTH.
* src/login.c: Use USER_NAME_MAX_LENGTH instead of the default 32.
username also needs to be bigger than USER_NAME_MAX_LENGTH because
it has to be nul-terminated.
of global utent/utxent variables. Only reuse the ut_id and maybe
the ut_host fields from utmp.
* lib/prototypes.h, libmisc/utmp.c: Removed checkutmp(),
setutmp(), setutmpx().
* lib/prototypes.h, libmisc/utmp.c: Added get_current_utmp(),
prepare_utmp(), prepare_utmpx(), setutmp(), setutmpx().
* libmisc/utmp.c (is_my_tty): Only compare the name of the utmp
line with ttyname(). (No stat of the two terminals to compare the
devices).
* libmisc/utmp.c: Use getaddrinfo() to get the address of the
host.
* configure.in: Check for getaddrinfo().
* configure.in: Use AC_CHECK_MEMBERS to check for the existence of
fields in the utmp/utmpx structures.
* configure.in: Reject systems with utmpx support but no ut_id
field in utmp. This could be fixed later if needed.
* src/login.c: Use the new utmp functions. This also simplifies
the failtmp() handling.
* src/login.c: passwd_free() renamed to pw_free() and
shadow_free() renamed to spw_free()
* lib/shadowio.c: Use spw_free() for shadow_free().
* lib/groupmem.c: Added gr_free().
* lib/groupio.c: Use gr_free() for group_free().
* lib/pwmem.c: Include define.h before prototypes.h
* lib/pwmem.c: Added pw_free().
* lib/pwio.c: Use pw_free() for passwd_free().
* lib/sgroupio.c: Added sgr_free().
* lib/sgroupio.c: Use sgr_free() for gshadow_free().
* lib/prototypes.h: Added gr_free(), pw_free(), sgr_free(),
spw_free().
SELinux user for user's login.
* NEWS, src/usermod.c, man/usermod.8.xml: Likewise.
* libmisc/system.c, libmisc/Makefile.am, lib/prototypes.h: Added
safe_system(). Used to run semanage.
* lib/prototypes.h, libmisc/copydir.c: Make a
selinux_file_context() an extern function.
* libmisc/copydir.c: Reset SELinux to create files with default
contexts at the end of copy_tree().
* NEWS, src/userdel.c: Delete the SELinux user mapping for user's
login.
ifndef USE_PAM.
* lib/prototypes.h: Remove the declaration of add_cons_grps(). The
function does not exist.
* libmisc/age.c (setup_uid_gid): is_console is never set ifndef
USE_PAM. Change the prototype of setup_uid_gid() when USE_PAM is
not defined. This permits to remove add_groups from PAM builds.
setup_uid_gid is already subject to HAVE_INITGROUPS.
* libmisc/pwd2spwd.c (pwd_to_spwd): pwd_to_spwd() is not used in
PAM builds.
messages not related to an account.
* lib/prototypes.h, libmisc/cleanup.c, libmisc/cleanup_group.c,
libmisc/cleanup_user.c, libmisc/Makefile.am: Added stack of
cleanup functions to be executed on exit.
* NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c: Only
report success to audit and syslog when the changes are committed
to the system. Do not log failure for on-memory changes to audit
or syslog. Make sure failures and inconsistencies will be reported
in case of unexpected failures (e.g. malloc failures). Only
specify an audit message if it is not implicitly implied by the
type argument. Removed fail_exit (replaced by atexit(do_cleanups)).
undefining some configuration macros when the file is included
multiple times.
* libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrgid.c, libmisc/xgetgrnam.c, libmisc/xgetspnam.c:
Include <config.h> from teh compiled C file, not the included
getXXbyYY.c.
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/grpconv.c,
src/groups.c, src/grpunconv.c, src/chsh.c: Prog is now global (not
static to the file) so that it can be used by the helper functions
of libmisc.
* lib/prototypes.h: Added extern char *Prog.
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Indicate the
program name with the warning.
shadow_audit_result for the result argument of audit_logger().
This permits stronger type checking and a better readability of
the results (SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS constants).
* src/groupadd.c, src/groupdel.c, src/useradd.c, src/userdel.c:
Use the SHADOW_AUDIT_FAILURE/SHADOW_AUDIT_SUCCESS results instead
of 0 or 1 in audit_logger().
Include <sys/types.h> before <pwd.h> and <grp.h>. It is necessary
for the definition of uid_t and gid_t.
* lib/pwmem.c: do not include <pwd.h>, "pwio.h" is sufficient
here.
lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
Added *_dbname() functions to retrieve the name of the databases.
* lib/groupio.c, lib/groupio.h, lib/pwio.c, lib/pwio.h,
lib/sgroupio.c, lib/sgroupio.h, lib/shadowio.c, lib/shadowio.h:
*_name() functions renamed *setname().
* src/grpck.c, src/pwck.c: Likewise.
* lib/groupio.h, lib/pwio.h, lib/sgroupio.h, lib/shadowio.h: Added
the name of the arguments to the prototypes.
* src/chage, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
src/chsh.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c,
src/groupmod.c, src/grpck.c, src/grpconv.c, src/grpunconv.c,
src/newusers.c, src/passwd.c, src/pwck.c, src/pwconv.c,
src/pwunconv.c, src/useradd.c, src/userdel.c, src/usermod.c:
Harmonize the erro & syslog messages in case of failure of the
*_lock(), *_open(), *_close(), *_unlock(), *_remove() functions.
* src/chgpasswd.c, src/chpasswd.c, src/usermod.c: Avoid
capitalized messages.
* src/chpasswd.c, src/useradd.c, src/usermod.c: Harmonize messages
in case of inexistent entries.
* src/usermod.c: Harmonize messages in case of already existing
entries.
* src/newusers.c, src/useradd.c: Simplify PAM error handling.
* src/useradd.c: Report failures to unlock files (stderr, syslog,
and audit). But do not fail (continue).
* src/useradd.c (open_files): Do not report to syslog & audit
failures to lock or open the databases. This might be harmless,
and the logs were not already informed that a change was
requested.
* src/usermod.c: It's not the account which is unlocked, but its
password.