* src/login.c: "dereferencing type-punned pointer will break
strict-aliasing rules", add a variable indirection: ptr_pam_user.
* lib/commonio.c: do not initialize the sb stat structure.
* lib/pwio.c, lib/shadowio.c, lib/sgroupio.c, lib/groupio.c:
initialize the security context if WITH_SELINUX.
* lib/nscd.c: The service argument is not const (used in the exec*
parameters). This matches with the prototype definition.
* src/groupmems.c: Avoid ++i when i is also used in the same line.
* src/newusers.c: i is positive every time it is compared. Add
cast to unsigned int.
* src/nologin.c: Use a main() prototype with no arguments.
* libmisc/getdate.y: Initialize the type and value fields of the
terminating entry for each TABLE.
* libmisc/tz.c: Use "TZ=CST6CDT" as the default timezone.
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
xgetgrgid(), and xgetspnam(). They allocate memory for the
returned structure and are more robust to successive calls. They
are implemented with the libc's getxxyyy_r() functions if
available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
usage of one of the getpwnam(), getpwuid(), getgrnam(),
getgrgid(), and getspnam() functions. It was noticed on
http://bugs.debian.org/341230 that chfn and chsh use a passwd
structure after calling a pam function, which result in using
information from the passwd structure requested by pam, not the
original one. It is much easier to use the new xget... functions
to avoid these issues. I've checked which call to the original
get... functions could be left (reducing the scope of the
structure if possible), and I've left comments to ease future
reviews (e.g. /* local, no need for xgetpwnam */).
Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
functions (used by the xget... functions) from the <xx>io.c files
to the new <xx>mem.c files. This avoid linking some utils against
the SELinux library.
cleanup(2) by spw_unlock and remove the calls to cleanup(1).
* src/chage.c: Remove variable pwrw. It is always set to 0. The
password database is always read only.
generated translated manpages (if ENABLE_REGENERATE_MAN).
* man/Makefile.am: Removed rules for all the generated translated
manpages.
* man/sv/Makefile.am, man/de/Makefile.am, man/fr/Makefile.am,
man/pl/Makefile.am, man/ru/Makefile.am, man/it/Makefile.am:
Include generate_translations.mak to handle the generated
translations (XML and roff files).
* man/Makefile.am: Translated XML files moved from the CLEANFILES
variable of man/Makefile.am to the various languages Makefiles.
* man/useradd.8.xml: Indicate that the NIS caveats is also valid
for any external database as LDAP.
* man/groupadd.8.xml: Likewise.
* man/groupadd.8.xml: Reorder and reformat the caveats bullets.
* NEWS: Applied Debian patch 409_man_generate_from_PO to
automatically generate the translated manpages from the POs.
* man/Makefile.am: Replace the individual rules for the generation
of the manpages (from XML) by a generic Makefile rule an
dependencies for the linked manpages.
glibc socket to flush the nscd tables. This comes from the RedHat
patch shadow-4.0.16-nscd.c.
* lib/commonio.c: Forbid inheritance of the passwd and group files
to the spawed processes (like nscd). This comes from the RedHat
patch shadow-4.0.17-notInheritFd.patch.
* lib/nscd.h: Update header.
