followed by rmdir to remove the directory itself, delete also the
root directory in remove_tree.
* src/userdel.c, src/usermod.c: Do not call rmdir after
remove_tree.
with post increments (x++), use of integers as booleans, and
explicitly mark blocks with brackets.
* libmisc/copydir.c: Likewise.
* libmisc/fields.c: Add comments.
* libmisc/copydir.c: Mark function whose return value is not
checked as such.
* libmisc/copydir.c (remove_tree): Make sure unlink is successful
when removing files.
* libmisc/audit_help.c: Include prototypes.h to get the prototype
of audit_help_open.
* libmisc/salt.c: Use booleans instead of negating integers.
* src/passwd.c: Declare the check_selinux_access prototype and
avoid name clashes (change_user -> changed_user; change_uid ->
changed_uid; access -> requested_access)
- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
chgpasswd; and also passwd if configured without PAM support).
The number of rounds and number of salt bytes was fixed to their lower
allowed values (resp. configurable and 8), hence voiding some of the
advantages of this encryption method. Dictionary attacks with
precomputed tables were easier than expected, but still harder than with
the MD5 (or DES) methods.
* NEWS, libmisc/salt.c (SHA_salt_size): Seed the RNG, and fix a
overflow. These caused the SHA salt size to always be 8 bytes,
instead of being in the 8-16 range. Thanks to Peter Vrabec
pvrabec@redhat.com for noticing.
* NEWS, libmisc/salt.c (SHA_salt_rounds): Seed the RNG with
seedRNG instead of srand, and fix the same overflow. This caused
the number of rounds to always be the smallest one.
* libmisc/pam_pass.c: Be more verbose and indicate that the
password was not changed when pam_chauthtok fails (in addition to
the PAM error, which may not be comprehensible for the users).
SIGSTOP handling. Raise the signal which stopped the child instead
of always SIGSTOP.
Import Debian patch 406_vipw_resume_properly.
Thanks to Dean Gaudet.
* NEWS, src/vipw.c: Resume properly after ^Z.
Files with no license use the default 3-clauses BSD license. The copyright
were mostly not recorded; they were updated according to the Changelog.
"Julianne Frances Haugh and contributors" changed to "copyright holders
and contributors".
endpwend() sequences (ditto for getgrent(), getspent(), and
getsgent()). The only real (minor) issue was in login, which kept
the passwd file open.
* libmisc/entry.c: Remove unneeded setspent() and endspent() (only
getspnam is called in the middle).
* libmisc/find_new_ids.c: Make sure to close the password and
group files with endpwent() and endgrent().
* libmisc/pwdcheck.c: Remove unneeded endspent() (only getspnam()
is called before).
* src/lastlog.c, src/passwd.c, src/groupmod.c, src/faillog.c,
src/groups.c: Make sure to close
the password file with endpwent().
* src/login.c: Remove unneeded setpwent() (only xgetpwnam is
called before).
* src/login.c, src/newgrp.c: Fix typos in comments.
Fail if the feature is requested but the library (or
header file) could not be found. If nothing is specified, enable
the feature only if we can find the library (or header file).
$(pamd_files). Remove the duplicate useradd. And sort
alphabetically. Thanks to Mark Rosenstand <mark@borkware.net>.
* NEWS: Prepare next release, 4.1.2.
files are unlocked on exit. Unlock locked files in fail_exit().
Prefer fail_exit() over exit().
* NEWS, src/groupmod.c: When the GID of a group is changed, update
also the GID of the passwd entries of the users whose primary
group is the group being modified.
removed is used by different entries (like commonio_update does).
* NEWS: This fix the behavior of groupdel when the system is not
configured to support split group but different group entries
have the name of the group to be deleted.
unlocked on exit. Add function fail_exit(). Use fail_exit()
instead of exit().
* src/groupdel.c: Fail immediately instead of increasing errors.
Better handling of error cases, like locked group or gshadow file.
to Christian Henz (http://bugs.debian.org/467488)
* src/gpasswd.c (get_group): Do not fail if gshadow is not present. Just use
the group file and set the grent structure
* src/gpasswd.c (check_perms): The permissions should be checked
using both the gshadow and group file. Add a <struct group *>
parameter, and check if the gshadow file exists (is_shadowgrp).
* src/gpasswd.c (main): Do not use sgent.sg_mem or sgent.sg_adm if
the gshadow file is not present (sgent is not initialized in that
case). The fields of sgent can be set, but not used.
Document new variables.
* man/newusers.8.xml, man/login.defs.5.xml,
man/login.defs.d/GID_MAX.xml, man/login.defs.d/UID_MAX.xml:
newusers uses now the GID_MAX, GID_MIN, UID_MAX, UID_MIN,
SYS_GID_MAX, SYS_GID_MIN, SYS_UID_MAX, and SYS_UID_MIN variables.
* man/groupadd.8.xml, man/login.defs.5.xml: groupadd uses now the
SYS_GID_MAX, and SYS_GID_MIN variables.
* man/login.defs.5.xml: useradd uses now the SYS_GID_MAX,
SYS_GID_MIN, SYS_UID_MAX, and SYS_UID_MIN variables.
* src/newusers.c: The user's ID must be found before the group ID
to mimic useradd's behavior choices of UID and GID.
* src/newusers.c: Reuse the generic find_new_uid() and
find_new_gid() functions. This permits to respect the
UID_MIN/UID_MAX and GID_MIN/GID_MAX variables, should
* src/newusers.c: Check if the user or group exist using the
external databases (with the libc getpwnam/getgrnam functions).
Refuse to update an user which exist in an external database but
does not exist in the local database.
* src/newusers.c: Check the usernames and groupnames with
check_user_name() and check_group_name()
* src/newusers.c: Use isdigit() for readability.
* src/newusers.c: Check if numerical IDs are valid (no remaining
chars).
* NEWS, src/newusers.c: Fix the support for the NONE crypt method.
* src/newusers.c: Fix shadow group support (the list of admins was
not defined; it is now set to an empty list).
microseconds to avoid having the same salt for different passwords
generated in the same second. This permits to avoid using the same salt
for different passwords in newusers.
find_new_uid() and find_new_gid(). They work the same way as the functions
with the same name of useradd or groupadd, except that they check in the
local database to make sure an ID was not reserved in an uncommitted
change (this is needed to be used in newusers), they report a status
instead of calling exit(), and they can receive a preferred ID. They
should later support system IDs. This should be a little bit slower, but
not too much (if the database is not open the checks against the local
database will exit immediately, and if it is already open, all the checks
will be done regarding the data in memory).