Commit Graph

1550 Commits

Author SHA1 Message Date
nekral-guest
1c2f4f0428 No functional changes were introduced by the previous pwck and grpck
changes, except for the following bug fix: no syslog logging if a passwd
or group file was specified on the command line without a shadowed
database file, even if the system shadowed database was changed).
2008-01-01 16:36:06 +00:00
nekral-guest
6ac97a708c Fix typos in comments (gshadow/shadow). 2008-01-01 16:25:57 +00:00
nekral-guest
3ad9a439d5 Split also check_pw_file() and check_spw_file() out of main(). 2008-01-01 15:49:33 +00:00
nekral-guest
ef2c12e560 Also split open_files and close_files out of main().
New global variables use_system_pw_file and use_system_spw_file
2008-01-01 15:29:47 +00:00
nekral-guest
6912ac253a Split process_flags() out of main(). New global variables is_shadow,
sort_mode.
2008-01-01 15:07:41 +00:00
nekral-guest
a3501dfd95 De-comment code (duplicate the entry when the _R function is not present on the system). 2008-01-01 14:48:04 +00:00
nekral-guest
09a95ed70a * src/lastlog.c: Remove statbuf, not used.
* src/lastlog.c: Fix types, cast umin and umax to uid_t.
* src/lastlog.c: (option -u) user needs to be a signed long, not
  uid_t (to accept rangees like -<uid>
2008-01-01 14:38:47 +00:00
nekral-guest
d0de685c7a Avoid ?: construct without the middle term. 2008-01-01 14:34:07 +00:00
nekral-guest
b681e50ff2 * libmisc/copydir.c, src/usermod.c, lib/prototypes.h: The uid and
gid parameters can be set to -1 to indicate that the original
  owners must be kept. Change the types from uid_t/gid_t to a
  long int (signed).
* libmisc/copydir.c: Change the copy_entry(), copy_dir(),
  copy_symlink(), copy_special(), and copy_file() prototypes
  accordingly.
* lib/prototypes.h: Add the parameters' name for the
  libmisc/copydir.c functions.
2008-01-01 14:31:00 +00:00
nekral-guest
bb8af02978 Avoid empty file when WITH_AUDIT is not set. 2008-01-01 14:20:36 +00:00
nekral-guest
bca732693b * libmisc/limits.c, libmisc/obscure.c, src/login_nopam.c,
lib/pwauth.c: Avoid empty file when USE_PAM is set.
* src/login_nopam.c: Fix warnings: resolve_hostname takes and
  returns a constant string.
2008-01-01 14:18:55 +00:00
nekral-guest
0aaddfaf29 I forgot to mention compare_members_lists(). 2008-01-01 14:09:47 +00:00
nekral-guest
3d82d5e452 Split check_members() out of check_grp_file() and check_sgr_file(). 2008-01-01 13:50:06 +00:00
nekral-guest
612820cb9a Split check_grp_file() and check_sgr_file() out of main(). 2008-01-01 13:48:49 +00:00
nekral-guest
f6f6eeda8e Split process_flags(), open_files(), and close_files() out of main(). New
global variables is_shadow, sort_mode, use_system_grp_file, and
use_system_sgr_file.
2008-01-01 13:13:47 +00:00
nekral-guest
83b9a376a2 If remove-potcdate.sin does not exist, use the one from teh po directory
(it is not installed automatically by autopoint.
2007-12-31 20:16:46 +00:00
nekral-guest
b9a00ea0ee Fix the type of the bitfields in the commonio_entry and commonio_db
structures to unsigned int (instead of int).
2007-12-31 20:12:48 +00:00
nekral-guest
4c9686df0c Avoid assignments in comparisons. 2007-12-31 15:30:29 +00:00
nekral-guest
ce4e74c1b9 Avoid implicit brackets. 2007-12-31 15:27:23 +00:00
nekral-guest
ca035a53a0 Also split update_shell() out of main(). 2007-12-31 15:06:22 +00:00
nekral-guest
f031095d9f * Split also check_perms() out of main().
* Before pam_end(), the return value of the previous
  pam API was already checked. No need to validate it again.
2007-12-31 14:54:46 +00:00
nekral-guest
7ed7e14dee Split process_flags() out of main(). 2007-12-31 14:52:52 +00:00
nekral-guest
ce3c44b0f7 Avoid assignments in comparisons. 2007-12-31 14:25:06 +00:00
nekral-guest
c086f6c931 Avoid implicit conversions to booleans. 2007-12-31 14:15:29 +00:00
nekral-guest
ca468cb988 Document may_change_field(). 2007-12-31 14:03:14 +00:00
nekral-guest
3d04ff4037 Avoid implicit brackets. 2007-12-31 13:48:48 +00:00
nekral-guest
7279ff37f3 * New function: process_flags() split out of main().
The flags variables are now global.
* New functions: check_perms(), update_gecos(),
  get_old_fields(), and check_fields() split out of main().
* Before pam_end(), the return value of the previous
  pam API was already checked. No need to validate it again.
2007-12-31 13:43:04 +00:00
nekral-guest
d0b984528a * src/newusers.c: Compilation fix for PAM support (pamh needs to be
global since the function split).
* src/chpasswd.c: Likewise.
* src/chgpasswd.c: Likewise.
* src/chpasswd.c: Avoid implicit conversions to booleans.
2007-12-31 04:57:54 +00:00
nekral-guest
f09b1404eb Rewrote to match the previous commit message. 2007-12-31 04:31:28 +00:00
nekral-guest
db38d0b104 * src/chage.c: Fix typo: s/maximim/maximum/
* src/chage.c: New function: fail_exit(). Change most of the exit()
	to a fail_exit, which makes sure the files are unlocked (new global
	variables: pw_locked, spw_locked), the PAM transaction is ended, and
	the failure is logged to libaudit (use a global user_name and user_uid
	for logging).
	* src/chage.c: Compilation fix for PAM support (pamh needs to be
	global since the function split).
	* src/chage.c: Document process_flags(), check_flags(), check_perms(),
	open_files(), and close_files().
	* src/chage.c: Split update_age() and get_defaults() out of main()
	* src/chage.c: Drop the privileges just after opening the files.
	* src/chage.c: Do not log to audit only if the user has an entry in
	the shadow file.
	* NEWS, src/chage.c (open_files): Also open the password file for
	writing. This fix chage when the user only has a password entry (and
	no shadow entries).
	* src/chage.c (get_defaults): Use default values that don't change the
	behavior of the account for the fields that are not specified when the
	user has no shadow entry.
2007-12-31 04:29:30 +00:00
nekral-guest
3b7497b063 * Compilation fix for PAM support (pamh needs to be
global since the function split).
* End the PAM transaction in fail_exit().
* Document check_flags().
2007-12-30 21:48:55 +00:00
nekral-guest
d1bee8b593 Compilation fix for non-gshadow support. 2007-12-30 21:39:57 +00:00
nekral-guest
623010396c Added support for gshadow. 2007-12-29 17:26:28 +00:00
nekral-guest
098173e1df Do not add the new user to the group's members, because the group is already
the primary group of the new user.
2007-12-29 17:05:13 +00:00
nekral-guest
67b9c423fe Avoid variables with the name of a type. 2007-12-29 14:52:35 +00:00
nekral-guest
b040f047fd Avoid assignments in comparisons. 2007-12-29 14:48:33 +00:00
nekral-guest
8c4efbb8ce Avoid implicit brackets and re-indent. 2007-12-29 14:34:39 +00:00
nekral-guest
9923513271 Before pam_end(), the return value of the previous
pam API was already checked. No need to validate it again.
2007-12-29 14:17:06 +00:00
nekral-guest
60a422b284 newusers cleanups
main() split in new functions: process_flags(), check_flags(), check_perms(),
open_files(), and close_files().
2007-12-29 14:11:54 +00:00
nekral-guest
3c890a55d8 Avoid assignments in comparisons. 2007-12-29 11:34:31 +00:00
nekral-guest
a7cbfedc85 * Avoid implicit brackets.
* Avoid implicit conversion to booleans.
2007-12-29 11:06:35 +00:00
nekral-guest
2d771a97b7 Remove dead code. It was probably put here to add more
information to the audit_logger.
2007-12-29 10:50:03 +00:00
nekral-guest
6ca79a36b0 Avoid using a variable with the same name as a type. 2007-12-29 10:47:04 +00:00
nekral-guest
388dcee3e4 chage cleanups
* src/chage.c: Before pam_end(), the return value of the previous
	pam API was already checked. No need to validate it again.
	* src/chage.c: main() split in new functions: process_flags(),
	check_flags(), check_perms(), open_files(), and close_files().
2007-12-29 10:42:25 +00:00
nekral-guest
8563319b8b * src/chgpasswd.c: Avoid assignments in comparisons.
* src/chgpasswd.c: Avoid implicit brackets.
	* src/chgpasswd.c: Fix comments to match chgpasswd (group instead of
	user's passwords are changed).

	Fix the previous ChangeLog entries regarding chgpasswd.
2007-12-28 23:14:59 +00:00
nekral-guest
28cd038c35 Same changes as for chpasswd:
* src/chpasswd.c: main() split in process_flags(), check_flags(),
	check_perms(), open_files(), and close_files().
2007-12-28 22:54:35 +00:00
nekral-guest
8dc959ea1f Avoid implicit brackets. 2007-12-28 22:34:14 +00:00
nekral-guest
908e2cbcc7 Avoid assignments in comparisons. 2007-12-28 22:24:02 +00:00
nekral-guest
b9eec1ea49 Other new functions: open_files(), close_files().
This force flushing the password database after the password file is unlocked.
2007-12-28 22:18:55 +00:00
nekral-guest
566b357f99 New functions: process_flags(), check_flags(),
check_perms(). Split out of main().
2007-12-28 22:05:51 +00:00
nekral-guest
dc1dccd9e2 Before pam_end(), the return value of the previous
pam API was already checked. No need to validate it again.
2007-12-28 21:29:06 +00:00
nekral-guest
8dc4ca297c New function check_flags(). Split the validation of
options and arguments out of process_flags.
2007-12-28 21:04:04 +00:00
nekral-guest
605a338216 (main, check_perms): New function check_perms().
Split the validation of the user's permissions out of main()
2007-12-28 20:46:24 +00:00
nekral-guest
6d09b4ce4d (main): Before pam_end(), the return value of the previous pam API was already
checked. No need to validate it again.
2007-12-28 20:40:59 +00:00
nekral-guest
ffa34c5afd (process_flags): prefer fail_exit to exit. This avoid
an explicit call to audit_logger().
2007-12-28 19:15:14 +00:00
nekral-guest
b4f6b853f8 * process_args renamed process_flags
* Add the options checks in process_flags (group_name, group ID uniqueness)
 * Add the parameters' names in the prototypes.
2007-12-28 11:22:27 +00:00
nekral-guest
cc1f6c10be Split the processing of options out of main(). 2007-12-28 10:41:22 +00:00
nekral-guest
08e09354b2 find_new_gid is never called when an
GID is specified with -g. Simplify find_new_gid accordingly.
2007-12-28 10:30:39 +00:00
nekral-guest
0b6b9fe090 typo cleared/clearer 2007-12-28 10:20:02 +00:00
nekral-guest
83b546beef (find_new_gid): If oflg is set, gflg is also set.
Use (!gflg), which is cleared than (!gflg || !oflg).
2007-12-28 10:19:21 +00:00
nekral-guest
b4071939e0 A group with the specified name cannot exist at that time in find_new_gid.
Remove the check.
2007-12-28 10:15:42 +00:00
nekral-guest
0a4424ef00 Avoid implict brackets. 2007-12-28 10:12:09 +00:00
nekral-guest
18a654d13b When compiled without AUDIT support, if the return code was E_SUCCESS,
fail_exit() wouldn't have exited. Fix the scope of #idef WITH_AUDIT.
2007-12-28 09:39:22 +00:00
nekral-guest
6987e6f12a Avoid implicit conversions to booleans. 2007-12-28 00:03:26 +00:00
nekral-guest
7f5a4e15c6 Avoid implicit brackets. 2007-12-27 23:40:00 +00:00
nekral-guest
6bc43fea06 Document selinux_file_context. 2007-12-27 23:32:47 +00:00
nekral-guest
cc4b37f65c Avoid assignment in comparisons. 2007-12-27 23:30:36 +00:00
nekral-guest
dfb6416a5b libmisc/copydir.c cleanup
* libmisc/copydir.c: Split copy_tree() in more maintainable functions:
	copy_entry(), copy_dir(), copy_symlink(), copy_hardlink(),
	copy_special(), and copy_file().
	* libmisc/copydir.c: -1 is used to indicate an error, directly set err
	to -1, instead of incrementing it, and checking if not nul at the
	end.
2007-12-27 23:23:51 +00:00
nekral-guest
bfa8ef3e75 Avoid implicit conversions to booleans. 2007-12-27 21:56:45 +00:00
nekral-guest
b58df6280d Avoid assignment in comparisons. 2007-12-27 21:43:29 +00:00
nekral-guest
a77eb6b49d Avoid implicit brackets. 2007-12-27 21:28:50 +00:00
nekral-guest
c919701466 Simplify gpasswd's main():
Also split check_flags() out of main().
2007-12-27 21:19:57 +00:00
nekral-guest
c81bf3e06f Simplify gpasswd's main():
Split also get_group() and change_passwd() out of main().
2007-12-27 21:04:22 +00:00
nekral-guest
586181bf71 Simplify gpasswd's main():
New function: check_perms(). Split out of main() to simplify main().
2007-12-27 19:08:31 +00:00
nekral-guest
55d581d041 Simplify gpasswd's main():
New functions: open_files(), close_files(), update_group(). Split out
	from main() to simplify this (too) big function.
2007-12-27 18:52:40 +00:00
nekral-guest
f429f3e38d Simplify gpasswd's main():
New function: process_flags(). Split the processing of options out of main().
2007-12-27 18:27:57 +00:00
nekral-guest
7b05484494 gpasswd cleanup
* src/gpasswd.c: Add argument name to the internal function
	prototypes.
	* src/gpasswd.c: Document global variables.
2007-12-27 17:36:08 +00:00
nekral-guest
5714adb090 Recommend editing the shadowed (resp. regular) file if the regular (resp.
shadowed) file was edited.
2007-12-26 23:43:55 +00:00
nekral-guest
ac7693ef7b End of the previous changelog entry... 2007-12-26 23:17:27 +00:00
nekral-guest
5cbc86b7d9 Merge Debian's patch 451_login_PATH
* NEWS, libmisc/setupenv.c: Export PATH according to ENV_PATH and
	ENV_SUPATH, as for su. This impacts login.
	* man/login.1.xml: PATH and SUPATH are now used both when PAM support
	is disabled and enabled.
2007-12-26 23:15:43 +00:00
nekral-guest
b44a6c316d If started as init, login and sulogin need to start a new session. 2007-12-26 22:36:54 +00:00
nekral-guest
f5461ff01e Merge Debian's patch 408_passwd_check_arguments
* NEWS, src/passwd.c: Make sure that no more than one username
	argument was provided.
2007-12-26 22:17:13 +00:00
nekral-guest
3a48f0954c Merge Debian's patch 412_lastlog_-u_numerical_range
* NEWS, src/lastlog.c, man/lastlog.8.xml: Accept numerical user, or
  ranges with the -u option.
* TODO: The same change should be done on faillog.
2007-12-26 21:54:04 +00:00
nekral-guest
fd970ab62c Merge Debian's patch 466_fflush-prompt
* libmisc/Makefile.am, lib/prototypes.h, libmisc/yesno.c, src/grpck.c,
	src/pwck.c: move yes_or_no() from grpck/pwck to a separate
	libmisc/yesno.c (with a read_only argument).
	* libmisc/fields.c, libmisc/yesno.c: Make sure stdout is flushed before
	reading the user's answer.
2007-12-26 16:50:38 +00:00
nekral-guest
e663c696c2 su's arguments are now reordered. If needed, use -- to separate su's
options from the shell's options.
2007-12-26 15:10:48 +00:00
nekral-guest
65d0682647 Merge RedHat's patch shadow-4.0.18.1-mtime.patch:
* NEWS: Document that usermod will now preserve user's file modification
    and access time.
    * libmisc/copydir.c: Preserve the access and modification time of copied
    files. This is important for usermod. This will also impact useradd, for
    the skeleton files, but this is not important.
    * libmisc/copydir.c: Stop and return an error if a file could not be
    closed after during a copy.
2007-12-26 13:54:23 +00:00
nekral-guest
3935d32676 Mention RedHat's patches for previous commits.
Merge RedHat's patch shadow-4.0.18.1-findNewUidOnce.patch:
	* src/useradd.c (usr_update): Do not call find_new_uid(). The UID was
	already either specified or found by another call to find_new_uid().
	* src/useradd.c (find_new_uid): Always start with uid_min (find_new_uid()
	is never called when user_id was already specified).
	* src/useradd.c (find_new_uid): Fix the comments (find_new_uid() is not
	called when the UID is specified (uflg)).
	* src/useradd.c (main): Only call find_new_uid() if (!oflg) and (!uflg).
	If uflg is set (but not oflg), check the UID uniqueness.
	* src/useradd.c (find_new_uid): Don't check the uid and user name
	uniqueness in find_new_uid(). The user name uniqueness is already checked
	during the parameter validation. UID uniqueness is also checked (see
	above).
	* src/useradd.c (find_new_uid): Don't check uflg in find_new_uid().
	* src/useradd.c (find_new_uid): Make sure that find_new_uid() is not
	called when uflg is set (assert).

Cleanups in find_new_gid:
	* src/useradd.c (find_new_gid): Check that gflg is not set (assert).
	* src/useradd.c (find_new_gid): Do not check the group name uniqueness
	(already checked in main).
	* src/useradd.c (find_new_gid): Avoid a "continue" in the loop.
	* src/useradd.c (find_new_gid): Remove irrelevant comments.
	* src/useradd.c (find_new_gid): Fix the function definition's comment.
2007-12-26 13:18:27 +00:00
nekral-guest
c57e8983ff Add option -l to avoid adding the user to the lastlog and faillog databases
Fix the release numbers for the current NEWS entries.
2007-12-26 10:15:20 +00:00
nekral-guest
20dfe6ba98 NO_GETPWENT is no more supported. Remove associated chunks of code. 2007-12-26 09:28:02 +00:00
nekral-guest
60c167838f Document the long options (--force, --gid, --key, --non-unique). 2007-12-26 09:22:49 +00:00
nekral-guest
d6ee05ef93 Do not install the shadow library per default.
lib_LTLIBRARIES changed to noinst_LTLIBRARIES.
2007-12-26 09:18:45 +00:00
nekral-guest
34ed03d978 * NEWS, configure.in: Prepare the 4.1.0 release.
* NEWS, src/chgpasswd.c: Use chgpasswd PAM policy file instead of
  chpasswd's one.
* NEWS: The login.defs variables are documented.
2007-12-09 22:54:53 +00:00
nekral-guest
15989f16f7 * man/pwconv.8.xml: Fix typos.
* man/chpasswd.8.xml, man/chgpasswd.8.xml: Document the NONE crypt
  method.
* man/login.defs.d/MAIL_DIR.xml: Add comment regarding useradd not
  using MAIL_FILE.
* man/login.defs.d/ERASECHAR.xml, man/login.defs.d/KILLCHAR.xml,
  man/login.defs.d/CONSOLE_GROUPS.xml, man/login.defs.d/ENV_HZ.xml,
  man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml:
  These variables are also used by some tools when compiled with PAM
  support.
* man/login.defs.d/ENV_HZ.xml: Add note that it is only used by
  sulogin when compiled with PAM support.
* man/login.defs.d/ENV_SUPATH.xml: Typos: ENV_PATH -> ENV_SUPATH,
  and mention sbin in the path.
* man/login.defs.d/LOGIN_STRING.xml: Fix typo: confition ->
  condition.
* man/sg.1.xml: Add CONFIGURATION section (SYSLOG_SG_ENAB).
* man/su.1.xml: ENV_HZ, LOGIN_STRING, MAIL_DIR, USERGROUPS_ENAB
  are only used when su is compiled without PAM support.
* man/login.defs.5.xml: Added variables: OBSCURE_CHECKS_ENAB
  PASS_ALWAYS_WARN PASS_CHANGE_TRIES SULOG_FILE SU_NAME
  SU_WHEEL_ONLY SYSLOG_SG_ENAB SYSLOG_SU_ENAB.
* man/login.defs.5.xml: ENVIRON_FILE is only used when compiled
  without PAM support.
* man/login.defs.5.xml: sulogin uses variables even when compiled
  with PAM support.
* man/login.1.xml: ENV_HZ ENV_PATH ENV_SUPATH MAIL_DIR UMASK are
  only used when login is not compiled with PAM support.
2007-12-09 14:50:14 +00:00
nekral-guest
9ac8c65e37 Make sure is_console is only defined when USE_PAM is not defined. 2007-12-08 23:27:35 +00:00
nekral-guest
462794685f Fix time () prototype. 2007-12-08 23:25:52 +00:00
nekral-guest
8c4d98edc1 * man/login.defs.d/CONSOLE_GROUPS.xml,
man/login.defs.d/CONSOLE.xml, man/login.defs.d/DEFAULT_HOME.xml,
  man/login.defs.d/ENV_HZ.xml, man/login.defs.d/ENVIRON_FILE.xml,
  man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml,
  man/login.defs.d/ENV_TZ.xml, man/login.defs.d/ERASECHAR.xml,
  man/login.defs.d/FAIL_DELAY.xml,
  man/login.defs.d/FAILLOG_ENAB.xml,
  man/login.defs.d/FAKE_SHELL.xml, man/login.defs.d/FTMP_FILE.xml,
  man/login.defs.d/HUSHLOGIN_FILE.xml,
  man/login.defs.d/ISSUE_FILE.xml, man/login.defs.d/KILLCHAR.xml,
  man/login.defs.d/LASTLOG_ENAB.xml, man/login.defs.d/LOGIN_RETRIES.xml,
  man/login.defs.d/LOGIN_TIMEOUT.xml, man/login.defs.d/LOG_OK_LOGINS.xml,
  man/login.defs.d/LOG_UNKFAIL_ENAB.xml,
  man/login.defs.d/MAIL_CHECK_ENAB.xml, man/login.defs.d/MOTD_FILE.xml,
  man/login.defs.d/NOLOGINS_FILE.xml,
  man/login.defs.d/OBSCURE_CHECKS_ENAB.xml,
  man/login.defs.d/PASS_ALWAYS_WARN.xml,
  man/login.defs.d/PASS_CHANGE_TRIES.xml,
  man/login.defs.d/PASS_MAX_LEN.xml,
  man/login.defs.d/PORTTIME_CHECKS_ENAB.xml,
  man/login.defs.d/QUOTAS_ENAB.xml, man/login.defs.d/SULOG_FILE.xml,
  man/login.defs.d/SU_NAME.xml, man/login.defs.d/SU_WHEEL_ONLY.xml,
  man/login.defs.d/SYSLOG_SG_ENAB.xml,
  man/login.defs.d/SYSLOG_SU_ENAB.xml,
  man/login.defs.d/TTYGROUP.xml, man/login.defs.d/TTYTYPE_FILE.xml,
  man/login.defs.d/ULIMIT.xml, man/login.defs.d/USERGROUPS_ENAB.xml:
  New documentation of login.defs variables.
* man/login.defs.d/MAIL_DIR.xml: Updated. It now contains the
  MAIL_FILE documentation.
* man/login.defs.d/LOGIN_STRING.xml: Updated. Mentions %s.
* man/pwconv.8.xml, man/groupmems.8.xml, man/groupdel.8.xml,
  man/useradd.8.xml, man/pwck.8.xml, man/groupadd.8.xml,
  man/sulogin.8.xml, man/newgrp.1.xml, man/usermod.8.xml,
  man/su.1.xml, man/vipw.8.xml, man/passwd.1.xml,
  man/groupmod.8.xml, man/login.1.xml, man/userdel.8.xml,
  man/grpck.8.xml: Added CONFIGURATION section.
* man/generate_mans.mak: The generations of manpages depends on
  the variables from the Makefiles. Add the dependency on Makefile.
* man/login.defs.5.xml: New login.defs variable documented.
* man/Makefile.am: Added XML variable documentation to the
  distributed files.
2007-12-08 23:24:40 +00:00
nekral-guest
6c6a220b2e Fix the newgrp section in the gshadow.5 manpage.
Thanks to Andre Majorel <aym-naibed@teaser.fr>.
2007-12-05 21:31:21 +00:00
nekral-guest
5a00c2a03e Added the login.defs variables description to the man's EXTRA_DIST. 2007-11-27 19:42:23 +00:00
nekral-guest
0f7f0ea467 * man/chfn.1.xml: Uses CHFN_AUTH, CHFN_RESTRICT, LOGIN_STRING.
* man/chgpasswd.8.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
  MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS (SHA_CRYPT_MAX_ROUNDS).
* man/chpasswd.8.xml: Switch to using entities for ENCRYPT_METHOD,
  MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS (SHA_CRYPT_MAX_ROUNDS).
* man/chsh.1.xml: Uses CHSH_AUTH, LOGIN_STRING.
* man/expiry.1.xml: Does not use any login.defs parameter.
* man/gpasswd.1.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
  MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS.
* man/login.defs.5.xml: Added CHSH_AUTH.
* man/login.defs.5.xml: Cross reference -> cross references.
* man/login.defs.5.xml: chfn only uses CHFN_AUTH when no_pam.
* man/login.defs.5.xml: chsh uses CHSH_AUTH, not CHFN_AUTH.
* man/login.defs.d/CHSH_AUTH.xml: Added.
* man/login.defs.5.xml: chsh uses parameters only when no_pam.
* man/login.defs.5.xml: expiry does not use CONSOLE_GROUPS, even
  if linked in the binary.
* man/newusers.8.xml: Uses ENCRYPT_METHOD, MAX_MEMBERS_PER_GROUP,
  MD5_CRYPT_ENAB, PASS_MAX_DAYS, PASS_MIN_DAYS, PASS_WARN_AGE,
  SHA_CRYPT_MIN_ROUNDS, UMASK.
2007-11-26 23:27:56 +00:00
nekral-guest
7fd329721a The previous commit to man/login.defs.5.xml also describeb the usage of
variables by each tools when compiled without PAM support.
2007-11-26 22:14:45 +00:00
nekral-guest
4183905c3a Add --expand-all-entities to the call to xml2po to avoid translating the
external entities separately.
2007-11-26 22:13:16 +00:00
nekral-guest
b75fe4940b Put each variable description in an external entities. This will permit to
reference them in the various utils manpages.
2007-11-26 22:11:23 +00:00
nekral-guest
cb041d775f Do not generate gmo files. 2007-11-26 22:04:20 +00:00
nekral-guest
a428137884 End of the PO unfuzzyfication (after tabulation removal in Usage strings) 2007-11-26 22:00:57 +00:00
nekral-guest
8ed5ead77b * man/po/LINGUAS: Added missing LINGUAS.
* man/po/de.po, man/po/fr.po, man/po/it.po, man/po/pl.po,
  man/po/ru.po, man/po/sv.po: Updated.
2007-11-25 21:28:26 +00:00
nekral-guest
543b693547 * configure.in, man/po/Makefile.in.in, man/po/Makevars,
man/po/POTFILES.in, man/Makefile.am: Generate the PO files for the
  manpages in the man/po directory (instead of man/<lang>). Use a
  Makefile.in.in based on gettext's one. This ensure that the PO are
  generated before being used in the <lang> directories.
* man/generate_mans.mak, man/generate_translations.mak,
  man/Makefile.am: New makefile for the generation of manpages from
  XML (generate_mans.mak). This avoid duplicate chunks in
  generate_translations.mak and Makefile.am
* man/de/de.po, man/fr/fr.po, man/it/it.po, man/pl/pl.po,
  man/ru/ru.po, man/sv/sv.po: Moved to...
* man/po/de.po, man/po/fr.po, man/po/it.po, man/po/pl.po,
  man/po/ru.po, man/po/sv.po: ... here.
2007-11-25 21:02:32 +00:00
nekral-guest
971c43c0e5 Unfuzzy other Usage strings translations.
Note: km.po and ne.po contain translated options.
2007-11-25 20:21:53 +00:00
nekral-guest
6831c45533 Do not use tabulations in Usage strings. 2007-11-24 22:41:24 +00:00
nekral-guest
0e400eae56 Run "make update-po" in the po directory. 2007-11-24 14:02:10 +00:00
nekral-guest
4d606cc690 * configure.in: New configure option: --with-sha-crypt enabled by
default. Keeping the feature enabled is safe. Disabling it permits
  to disable the references to the SHA256 and SHA512 password
  encryption algorithms from the usage help and manuals (in addition
  to the support for these algorithms in the code).
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
  src/chpasswd.c, src/chgpasswd.c, src/passwd.c: ENCRYPT_METHOD is
  always supported in login.defs. Remove the ENCRYPTMETHOD_SELECT
  preprocessor condition.
* libmisc/obscure.c, libmisc/salt.c, src/newusers.c,
  src/chpasswd.c, src/chgpasswd.c, src/passwd.c: Disable SHA256 and
  SHA512 if USE_SHA_CRYPT is not defined (this corresponds to a
  subset of the ENCRYPTMETHOD_SELECT sections).
2007-11-24 13:08:08 +00:00
nekral-guest
ee5c48d51c If we requested a non DES encryption, make sure crypt returned a encrypted
password longer than 13 chars. This protects against the GNU crypt() which
does not return NULL if the algorithm is not supported, and return a DES
encrypted password.
2007-11-24 00:37:37 +00:00
nekral-guest
6ffc0f820a Add missing #include "getdef.h" 2007-11-24 00:28:25 +00:00
nekral-guest
afbf2094a8 * Provide the crypt method to all the
crypt_make_salt invocations.
* Tag the ENCRYPTMETHOD_SELECT dependent code
  accordingly.
2007-11-24 00:26:31 +00:00
nekral-guest
2e782e3d7d * libmisc/salt.c: Make sure method is not NULL, defaulting to DES.
Thanks to Dan Kopecek <dkopecek@redhat.com>.
* src/chpasswd.c, src/chgpasswd.c: Do not use DES by default, but
  the system default define in /Etc/login.defs. Thanks to Dan
  Kopecek <dkopecek@redhat.com>.
* NEWS, man/chpasswd.8.xml, man/chgpasswd.8.xml: Do not mention
  DES as the default algorithm.
* src/chpasswd.c, src/chgpasswd.c: Tag the ENCRYPTMETHOD_SELECT
  dependent code accordingly.
2007-11-24 00:16:41 +00:00
nekral-guest
a99bec34a9 Make sure method is not NULL, defaulting to DES. Thanks to Dan Kopecek <dkopecek@redhat.com>. 2007-11-23 23:57:47 +00:00
nekral-guest
963bfaf521 * Move the srandom call to gensalt.
* Replace the test on salt_size by an assert.
2007-11-23 21:04:43 +00:00
nekral-guest
43b10b311a Applied patch shadow-utils-4.0.18.2-salt.patch. Thanks to Dan Kopecek <dkopecek@redhat.com> 2007-11-23 20:51:43 +00:00
nekral-guest
1cc6fd0d16 News options -c/--crypt-method -s/--sha-rounds to newusers.
Document also new login.defs variables.
2007-11-23 20:24:42 +00:00
nekral-guest
acba134aae Added prototype for getlong. 2007-11-23 20:11:00 +00:00
nekral-guest
add1c18b2e * src/chpasswd.c: Added crypt method: NONE.
* src/chpasswd.c: Added --sha-rounds to the usage().
* libmisc/Makefile.am, libmisc/getlong.c, src/chgpasswd.c,
  src/chpasswd.c: New getlong function. Replace chpasswd's and
  chgpasswd's getnumber.
2007-11-23 20:09:57 +00:00
nekral-guest
d8d8f70b0e Removed unused variable 'member'. 2007-11-23 20:00:03 +00:00
nekral-guest
f0ccf72107 Document the variables used by chpasswd. The definitions are copied from
login.defs. I should try to use a less error prone process for this.
2007-11-23 19:58:10 +00:00
nekral-guest
d316ba1b87 * Use <replaceable> for the values set by
users. (was sometimes <emphasis remap='I'>)
* Use <option> vor the variable names. This
  makes the manpage much more readable.
* (ENCRYPT_METHOD, MD5_CRYPT_ENAB,
  SHA_CRYPT_MIN_ROUNDS, SHA_CRYPT_MAX_ROUNDS): Mention that command
  line option may supersede the system setting.
* Document the variables used by chpasswd
  and chgpasswd.
2007-11-23 19:55:47 +00:00
nekral-guest
ba1e26e25f svn propset svn:keywords Id 2007-11-23 19:44:57 +00:00
nekral-guest
e15fbb905c * NEWS, lib/getdef.c, man/login.defs.5.xml: New login.defs
variable: MAX_MEMBERS_PER_GROUP. Used for the split groups support.
* lib/commonio.c, lib/commonio.h: Add an open_hook and close_hook
  operation. They are called after the database is actually opened
  and parse, or before it is closed.
* lib/groupio.c: Add an open_hook to merge split groups, and an
  close group to split groups if MAX_MEMBERS_PER_GROUP is set.
  This fixes gpasswd and chgpasswd when split groups are used.
* lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: No open or close
  hooks for these databases. (unsure about what should be the gshadow
  behavior for split groups)
2007-11-23 00:07:59 +00:00
nekral-guest
a0488ccac2 * NEWS, src/gpasswd.c: Read the group and shadow groups using
gr_locate and sgr_locate. gpasswd write in the file database. Thus
  it should read information from the file database, not using
  getgrnam. The change to sgr_locate is just for consistency. This
  requires opening the group databases (read only) using
  gr_open/sgr_open.
* NEWS: Indicate that manpages should be re-generated if configure
  option are changed, due to conditions.
2007-11-22 21:55:12 +00:00
nekral-guest
b2c58c81ed * configure.in: SHADOWGRP added to AM_CONDITIONAL for the
generation of manpages.
* man/generate_translations.mak: Added pam/no_pam condition (like
  in man/Makefile.am).
* man/Makefile.am, man/generate_translations.mak: Added
  gshadow/no_gshadow condition.
* man/gpasswd.1.xml: Use the gshadow/no_gshadow condition to
  change the manpage depending on the shadow group support.
2007-11-22 21:36:38 +00:00
nekral-guest
3dbf1efbc3 Updated to 757t. Thanks to Yuri Kozlov <kozlov.y@gmail.com>. 2007-11-22 00:15:25 +00:00
nekral-guest
08dadcb2b7 Updated to 399t. Thanks to Yuri Kozlov <kozlov.y@gmail.com>. 2007-11-22 00:06:50 +00:00
nekral-guest
f171d63b5b Add support for conditionally including paragraphs. (e.g. to support the
documentation of PAM and !PAM features).

I hate docbook!
2007-11-22 00:01:58 +00:00
nekral-guest
a34110320f * man/newusers.8.xml: Added /etc/gshadow, /etc/group, /etc/shadow,
and /etc/passwd to section FILES.
* man/newusers.8.xml: Mentions that PAM is not used to set the
  passwords.
* man/chpasswd.8.xml: Added section FILES (/etc/passwd,
  /etc/shadow, /etc/login.defs).
* man/chpasswd.8.xml: Use the same paragraph as in newusers.8.xml
  to indicate that PAM is not used.
* man/chgpasswd.8.xml: Added section FILES (/etc/group,
  /etc/gshadow, /etc/login.defs).
2007-11-21 22:12:14 +00:00
nekral-guest
46ae2113b6 * Try harder to get the GID equal to the UID.
This was not the case when the GID is not specified, and a GID
  exist with an ID higher than the all the UIDs.
* Typo in comment: contrained -> constrained.
2007-11-21 21:27:44 +00:00
nekral-guest
fd0b22cb55 If the shadow group file is not present, do not try to locate the group
entry from /etc/gshadow, and set the password in /etc/group.
2007-11-20 20:59:42 +00:00
nekral-guest
9aa40bb96d * libmisc/obscure.c, libmisc/salt.c, src/passwd.c: Match DES, MD5,
SHA256, and SHA512 exactly (not only the first 3/6 chars).
* libmisc/salt.c (SHA_salt_rounds): Set rounds to the specified
  prefered_rounds value, if specified.
* src/gpasswd.c, libmisc/salt.c: Fix compilation warnings (use
  size_t for lengths).
* src/chpasswd.c, src/chgpasswd.c: Add missing parenthesis.
2007-11-20 20:00:16 +00:00
nekral-guest
1d4b67c773 Ignore the generated manpages. Add *.[1358] to the svn:ignore property. 2007-11-20 19:15:34 +00:00
nekral-guest
a30c0a8192 The -c, -e, and -m options are exclusives. 2007-11-20 13:09:55 +00:00
nekral-guest
6e3ad7a275 * man/chpasswd.8.xml, man/chgpasswd.8.xml: Document how the
encryption algorithm is chosen for the passwords. Document the new
  -c and -s options. Add a reference to login.defs(5).
* man/login.defs.5.xml: Document the ENCRYPT_METHOD,
  MD5_CRYPT_ENAB, SHA_CRYPT_MIN_ROUNDS, and SHA_CRYPT_MAX_ROUNDS
  variables.
* etc/login.defs: Indicate that MD5_CRYPT_ENAB is deprecated.
  Document the relationship with PAM for MD5_CRYPT_ENAB and
  ENCRYPT_METHOD.
2007-11-20 12:59:20 +00:00
nekral-guest
5cb462d767 Increase the size of crypt_passwd from 128 to 256 to avoid overflow in
case of SHA512 (161 should be sufficient).
2007-11-20 12:18:36 +00:00
nekral-guest
90de228897 passwd also use crypt_make_salt(). 2007-11-20 09:51:36 +00:00
nekral-guest
0b695f5a76 * lib/prototypes.h, libmisc/salt.c: Add parameters to
crypt_make_salt to force the crypt method and number of rounds.
* libmisc/salt.c: Add parameter to SHA_salt_rounds to force the
  number of rounds.
* libmisc/salt.c, lib/getdef.c: ENCRYPT_METHOD and MD5_CRYPT_ENAB
  are needed also when USE_PAM (e.g. for chpasswd).
* src/newusers.c, src/gpasswd.c: Use the new crypt_make_salt prototype.
* src/chpasswd.c, src/chgpasswd.c: Add option -c, --crypt-method
  and -s, --sha-rounds to specify the crypt method and number of
  rounds in case of one of the SHA methods. The new prototype of
  crypt_make_salt simplifies the handling of -m, --md5.
2007-11-20 09:33:52 +00:00
nekral-guest
e406b7fe4a * libmisc/salt.c: The salt has a random size (between 8 and 16
bytes).
* lib/getdef.c, etc/login.defs: Add definitions for
  SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS.
* libmisc/salt.c: Use SHA_CRYPT_MIN_ROUNDS and SHA_CRYPT_MAX_ROUNDS
  to add a random number of rounds if needed.
2007-11-20 00:05:54 +00:00
nekral-guest
c214b26ee6 * libmisc/salt.c (MAGNUM): Terminate the array with nul (the array
is then used with strcat).
* libmisc/salt.c (crypt_make_salt): Initialize result[0] to nul at
  the beginning (was not initialized when USE_PAM).
* libmisc/salt.c (crypt_make_salt): Check that ENCRYPT_METHOD is a
  valid crypt method.
2007-11-19 22:34:48 +00:00
nekral-guest
b8d8d0de00 Add support for SHA256 and SHA512 encrypt methods. Apply RedHat's patch
shadow-4.0.18.1-sha256.patch. Thanks to Peter Vrabec. Hardly no changes
except re-indent and changes related to recent modifications (max_salt_len
in crypt_make_salt). Changes in lib/defines.h not applied (definition of
ENCRYPTMETHOD_SELECT). I will add a configure check or flag.
2007-11-19 22:14:19 +00:00
nekral-guest
cfc3378a0b All the manpages in de, fr, it, pl are auto-generated. 2007-11-19 20:33:39 +00:00
nekral-guest
39e5c0a1ab Fix some compilation warnings:
* src/login.c: "dereferencing type-punned pointer will break
   strict-aliasing rules", add a variable indirection: ptr_pam_user.
 * lib/commonio.c: do not initialize the sb stat structure.
 * lib/pwio.c, lib/shadowio.c, lib/sgroupio.c, lib/groupio.c:
   initialize the security context if WITH_SELINUX.
 * lib/nscd.c: The service argument is not const (used in the exec*
   parameters). This matches with the prototype definition.
 * src/groupmems.c: Avoid ++i when i is also used in the same line.
 * src/newusers.c: i is positive every time it is compared. Add
   cast to unsigned int.
 * src/nologin.c: Use a main() prototype with no arguments.
 * libmisc/getdate.y: Initialize the type and value fields of the
   terminating entry for each TABLE.
 * libmisc/tz.c: Use "TZ=CST6CDT" as the default timezone.
2007-11-19 20:25:36 +00:00
nekral-guest
d16cc1ea89 Add a NEWS entry to indicate the review of the usage of getpwnam(),
getpwuid(), getgrnam(), getgrgid(), and getspnam().
2007-11-19 01:19:45 +00:00
nekral-guest
6a0a7171d2 * man/pl/Makefile.am: Add getspnam.3 to EXTRA_DIST since it is
generated with shadow.3.
* man/generate_translations.mak: Clean all the manpages, based on
  $(EXTRA_DIST), not $(man_MANS).
2007-11-19 01:16:42 +00:00
nekral-guest
398c993e67 Additional removed translated manpages: man/pl/shadow.3 man/pl/sulogin.8 man/pl/id.1 man/ru/sulogin.8 man/ru/id.1 man/it/id.1 2007-11-19 01:13:44 +00:00
nekral-guest
221856ccc2 Remove generated translated manpages. They are still distributed with the shadow tarballs. 2007-11-18 23:58:27 +00:00
nekral-guest
9cf3af04f7 Remove chgpassw.8 since the real manpage should be named chgpasswd.8. 2007-11-18 23:43:58 +00:00
nekral-guest
03118ffb9b Remove file. The vigr man page is generated from the vipw XML file. 2007-11-18 23:21:49 +00:00
nekral-guest
dcedc12f36 Add forgotten files in the previous ChangeLog entry. 2007-11-18 23:20:02 +00:00
nekral-guest
9adfc136b6 * lib/prototypes.h, configure.in, libmisc/Makefile.am,
libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
  libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
  Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
  xgetgrgid(), and xgetspnam(). They allocate memory for the
  returned structure and are more robust to successive calls. They
  are implemented with the libc's getxxyyy_r() functions if
  available.
* libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
  libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
  libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
  src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
  src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
  src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
  src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
  src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
  src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
  usage of one of the getpwnam(), getpwuid(), getgrnam(),
  getgrgid(), and getspnam() functions. It was noticed on
  http://bugs.debian.org/341230 that chfn and chsh use a passwd
  structure after calling a pam function, which result in using
  information from the passwd structure requested by pam, not the
  original one. It is much easier to use the new xget... functions
  to avoid these issues. I've checked which call to the original
  get... functions could be left (reducing the scope of the
  structure if possible), and I've left comments to ease future
  reviews (e.g. /* local, no need for xgetpwnam */).
  Note: the getpwent/getgrent calls should probably be checked also.
* src/groupdel.c, src/expiry.c: Fix typos in comments.
* src/groupmod.c: Re-indent.
* libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
  lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
  functions (used by the xget... functions) from the <xx>io.c files
  to the new <xx>mem.c files. This avoid linking some utils against
  the SELinux library.
2007-11-18 23:15:26 +00:00
nekral-guest
69525890db Fix typo introduced while fixing http://bugs.debian.org/451521 (compile fix). 2007-11-18 22:52:56 +00:00
nekral-guest
ce579ac6d2 Fix typo: EXTRA_DOST -> EXTRA_DIST. 2007-11-18 01:21:43 +00:00
nekral-guest
cd1089e6f0 Fix a typo in a comment. 2007-11-18 01:20:10 +00:00
nekral-guest
311f4baa27 Do not document the behavior compared to old versions. 2007-11-17 23:11:02 +00:00
nekral-guest
7b50ff67f9 Do not mention the patch names in the NEWS entries. They are mentioned in
the ChangeLog.
2007-11-17 22:21:50 +00:00
nekral-guest
a8aa7028f4 Add NEWS entries for the previous changes. 2007-11-17 22:17:42 +00:00
nekral-guest
722941eae1 Document the differences between locking an account and locking a password. 2007-11-17 22:07:47 +00:00
nekral-guest
0743a7236d Same fixes as applied to usermod: refuse to unlock an account when it
would result in a passwordless account.
2007-11-17 22:05:31 +00:00
nekral-guest
85463e754d Refuse to unlock an account when it would result in a passwordless
account.  Based on Openwall's patch shadow-4.0.4.1-owl-usermod-unlock.diff
2007-11-17 22:02:22 +00:00
nekral-guest
5e438aa46c Make sure that the prefix is the name of a directory (not only the
beginning of a directory).
Openwall patch shadow-4.0.4.1-owl-userdel-path_prefix.diff.
2007-11-17 21:24:06 +00:00
nekral-guest
1f4488f963 * src/newgrp.c: Do not give an indication that the group has no
password.
* src/newgrp.c: Do not only bail on syslog if the password is not
  valid. Also give an indication to the user on stderr.
2007-11-17 21:03:33 +00:00
nekral-guest
225b096838 Remove a comment which states that an user shall provide a password to
switch to her group.
2007-11-17 20:41:49 +00:00
nekral-guest
8e568ef697 Last parts of the Openwall patch shadow-4.0.4.1-owl-chage-drop-priv.diff:
* src/chage.c: Make chage -l also drop the saved GID.
 * src/chage.c: Prefer setregid/setreuid to setgid/setuid.
2007-11-17 20:28:32 +00:00
nekral-guest
24cfb1c158 * src/chage.c: Remove cleanup(). pw_lock is never called. Replace
cleanup(2) by spw_unlock and remove the calls to cleanup(1).
* src/chage.c: Remove variable pwrw. It is always set to 0. The
  password database is always read only.
2007-11-17 20:09:54 +00:00
nekral-guest
cbb2911b7f * man/generate_translations.mak: Generic rules for all the
generated translated manpages (if ENABLE_REGENERATE_MAN).
* man/Makefile.am: Removed rules for all the generated translated
  manpages.
* man/sv/Makefile.am, man/de/Makefile.am, man/fr/Makefile.am,
  man/pl/Makefile.am, man/ru/Makefile.am, man/it/Makefile.am:
  Include generate_translations.mak to handle the generated
  translations (XML and roff files).
* man/Makefile.am: Translated XML files moved from the CLEANFILES
  variable of man/Makefile.am to the various languages Makefiles.
2007-11-17 18:45:22 +00:00
nekral-guest
a9f2f60c68 Fixes from Openwall patch shadow-4.0.4.1-alt-man.diff:
* man/useradd.8.xml: Indicate that the NIS caveats is also valid
   for any external database as LDAP.
 * man/groupadd.8.xml: Likewise.
 * man/groupadd.8.xml: Reorder and reformat the caveats bullets.
2007-11-17 18:13:17 +00:00
nekral-guest
77bfba3017 Document that chpasswd does not use PAM to update the passwords. This fixes
http://bugs.debian.org/396726.  Debian patch 411_chpasswd_document_no_pam.
2007-11-17 17:31:54 +00:00
nekral-guest
7eed43550c Provide URLs for the Debian bugs. 2007-11-17 17:24:23 +00:00
nekral-guest
0fd1ed4517 Avoid terminating the PAM library in the forked child. This is done later
in the parent after closing the PAM session.
This fixes http://bugs.debian.org/412061.
Debian patch 405_su_no_pam_end_before_exec.
2007-11-17 17:19:44 +00:00
nekral-guest
7503c8a029 Mention sg in the newgrp manpage. Debian patch 410_newgrp_man_mention_sg. 2007-11-17 17:03:01 +00:00
nekral-guest
be972d7db3 Fix typo: the warndays option was called warning. This is now warndays,
as documented in the manpage and usage.  Debian patch 417_passwd_warndays.
2007-11-17 16:57:37 +00:00
nekral-guest
fb6cb07a60 Remove the preprocessor check SHADOWPWD. The variable is no more defined
(and always assumed).  Debian patch 493_pwck_no_SHADOWPWD.
2007-11-17 16:50:26 +00:00
nekral-guest
5bcc89ffe7 Add NEWS entries for the last 2 changes. 2007-11-17 16:43:00 +00:00
nekral-guest
e47ee90033 -l/-u options: edit the shadow account expiry field *in addition* to
editing the password field.  Debian patch 494_passwd_lock.
2007-11-17 16:40:39 +00:00
nekral-guest
5d2ca8b240 Do not request a password when a user uses newgrp to switch to her primary
group.  Debian patch 497_newgrp_primary_group.
2007-11-17 16:19:00 +00:00
nekral-guest
90ef765c2e Log an error if the password entry could not be
found (respect LOG_UNKFAIL_ENAB to avoid logging a password). This
fixes the Debian bug http://bugs.debian.org/451521
2007-11-17 16:05:54 +00:00
nekral-guest
ca875647b9 -b documenation: Use the same notation for the -d argument as in the -d documentation. 2007-11-17 15:27:12 +00:00
nekral-guest
e39a941413 Allow the -b option even without the -D option. 2007-11-17 15:07:59 +00:00
nekral-guest
87b5ce3036 Use the same error message for the below errors.
(option working ONLY if another is specified).
2007-11-17 14:49:39 +00:00
nekral-guest
af045a0733 Make usermod -o and -u work independently of the argument order. 2007-11-17 14:40:54 +00:00
nekral-guest
488184394e Validate that two of the -L, -p, and -U options are not used at the same
time after the parsing of options. -U used to be allowed after -p or -L,
but not before.
2007-11-17 14:33:26 +00:00
nekral-guest
71392cdc8f Make usermod -d and -m work independant of the argument order. Thanks to
Justin Pryzby <jpryzby+d@quoininc.com> for the patch. This fixes Debian's
bug #451518.
2007-11-17 14:21:05 +00:00
nekral-guest
4aafb131ca * NEWS, lib/nscd.c: Execute nscd -i instead of using the private
glibc socket to flush the nscd tables. This comes from the RedHat
  patch shadow-4.0.16-nscd.c.
* lib/commonio.c: Forbid inheritance of the passwd and group files
  to the spawed processes (like nscd). This comes from the RedHat
  patch shadow-4.0.17-notInheritFd.patch.
* lib/nscd.h: Update header.
2007-11-17 14:04:05 +00:00
nekral-guest
24e742d202 * src/usermod.c (fail_exit): Add static variables pw_locked,
spw_locked, gr_locked, and sgr_locked to indicate which files must
  be unlocked.
* src/usermod.c (open_files, close_files): Open and close the
  group files as well as the passwd files. This permit to check if
  the group files modification are allowed before writing the passwd
  files.
* src/usermod.c (grp_update, update_gshadow, update_group): Do not
  return a status code, but call fail_exit() in case of error. The
  group files are no more opened and closed in update_gshadow() and
  update_group().
* src/usermod.c (main): move the call to grp_update between
  open_files and close_files.
* src/usermod.c: Differentiate failure to add a group entry and
  failure to add a shadow group entry.
2007-11-17 11:42:47 +00:00
nekral-guest
326074388c Differentiate failure to update a group entry and failure to update a shadow group entry. 2007-11-17 11:31:06 +00:00
nekral-guest
9afe59af3e Inform the user if out of memory while updating a group database. 2007-11-16 23:39:42 +00:00
nekral-guest
7ecdf9b71f Update the group database before flushing the nscd caches. 2007-11-16 23:29:41 +00:00
nekral-guest
0325483ee4 Abort if an error is found while updating the user or group database. No
changes will be written in the databases.
2007-11-16 23:26:56 +00:00
nekral-guest
b370e1502e It is no more needed to check that the user's groups are specified only
once in the group file. This is checked by gr_update().
2007-11-16 23:05:24 +00:00
nekral-guest
07c2610170 * lib/commonio.c (next_entry_by_name): New function.
* NEWS, lib/commonio.c (commonio_update): When an entry is updated, make
   sure that there are no other entry with the same name. This fixes
   an infinite loop in userdel and usermod when an (erroneous) group 
   file contains two entries with the same name.
   (https://bugzilla.redhat.com/show_bug.cgi?id=240915)
2007-11-16 22:59:14 +00:00
nekral-guest
c2ebdc4b5d Fix date entry. 2007-11-16 22:33:59 +00:00
nekral-guest
449f17385a * libmisc/salt.c: Make sure the salt string is terminated at the
right place (either 8th, or 11th position).
 * NEWS, src/chgpasswd.c, src/chpasswd.c: The protocol + salt does
   not need 15 chars. No need for a temporary buffer.
   This change the fix committed on 2007-11-10. The salt provided to
   pw_encrypt could have been too long.
2007-11-16 19:02:00 +00:00
nekral-guest
e163c5fe9c Fix typo: missing / in <placeholder-1/>. This caused the gpasswd title to be incomplete in the French manpage. 2007-11-16 14:10:29 +00:00
nekral-guest
f55e00dc4e Add support for uClibc with no l64a(). 2007-11-16 12:36:21 +00:00
nekral-guest
e0edb7db17 Add support for systems with no innetgr(). On those systems, username
with an @ will be treated like any other username (i.e. lookup in the
local database for an user with an @). Thanks to Mike Frysinger for the
patch.
2007-11-16 11:32:42 +00:00
nekral-guest
690f7aee2e Indentation fix. 2007-11-16 10:50:38 +00:00
nekral-guest
8d527f156d Declare the child and pid variable at the beginning of a block. This
fixes a compilation issue with gcc 2.95. The intent is the same as
Gentoo's patch shadow-4.0.12-gcc2.patch.
2007-11-14 13:46:15 +00:00
nekral-guest
15f43716c1 Add a variable to set the suid permissions. This should simplify Gentoo's
patch shadow-4.0.11.1-perms.patch.
2007-11-14 13:32:25 +00:00
nekral-guest
b2120265fd Added the subversion svn:keywords property (Id) for proper identification. 2007-11-10 23:46:11 +00:00
nekral-guest
fb3b2ddbff Restore the ignore patterns from the previous repository. 2007-11-10 23:34:37 +00:00
nekral-guest
0f09d5378a Update the PO files. 2007-11-10 22:36:37 +00:00
nekral-guest
f9de15fdcf Don't ask for a password if there are no group passwords. Just directly
give up. This comes from the Fedora's patch shadow-4.0.13-newgrpPwd.patch,
and seems to be the only part with an effect.
2007-11-10 18:54:40 +00:00
nekral-guest
1bdb92706e Fix chpasswd and chgpasswd stack overflow. Based on Fedora's shadow-4.0.18.1-overflow.patch. 2007-11-10 18:48:23 +00:00
nekral-guest
6a051e1544 Allow non numerical group identifier to be specified with useradd's -g
option. Applied Debian patch 397_non_numerical_identifier. Thanks also to
Greg Schafer <gschafer@zip.com.au>.
2007-11-10 15:51:38 +00:00
nekral-guest
8609e24880 Update the version number to 4.0.18.2 and the gettext version to 0.16. 2007-10-27 23:22:11 +00:00
nekral-guest
a8856cbfbd Remove a plural form. nplurals=1 for japanese. Moreover, msgstr[0] was identical to msgstr[1]. 2007-10-27 23:18:08 +00:00
nekral-guest
16285e6768 Add support for 2 new resource limits. Thanks to Justin Bronder for the
patch. This was reported in the Debian bug #442334.
This only impact shadow when it is not compiled with PAM support.
2007-10-27 19:45:21 +00:00
nekral-guest
93acdeb8ff Document all gpasswd.1 options separately. This clarify the gpasswd.1
manpages (reported in debian bug #445480).
2007-10-27 14:00:31 +00:00
bubulle
3ada732dc0 Mention the GNU origin of some parts from su. Debian patch 438 2007-10-27 13:50:40 +00:00
bubulle
e942010304 Fix spelling error. Debian patch 433 2007-10-27 13:45:14 +00:00
bubulle
4e796db54f Merge Debian patch 416_man-fr_newgrp (yet another French fry^W fix) 2007-10-27 13:13:24 +00:00
nekral-guest
5e8dbee79a Update contact information. 2007-10-27 13:11:28 +00:00
bubulle
84b79dd20d Merge Debian patch 402: clarify usermod "-a" help 2007-10-27 13:01:19 +00:00
bubulle
4750ec187b Merged in Debian patch 203 (german man pages translation) 2007-10-27 12:57:25 +00:00
bubulle
c8933a922b Merge in Debian patch 202: switch Italian man pages to gettext 2007-10-27 12:53:06 +00:00
bubulle
6487e675b2 Mention 102 in the "fix sorry" changelog entry 2007-10-27 12:49:56 +00:00
bubulle
30d15b861f Merged patch 201: fix translation error in French man pages 2007-10-27 12:49:12 +00:00
bubulle
d059ef6780 No longer apologize to users 2007-10-27 12:46:30 +00:00
nekral-guest
f0a3e8b09e Updated Chinese translation (zh_CN: 385t11f4t). 2007-10-27 12:35:57 +00:00
nekral-guest
3d67951f15 Updated Finish translation.
Thanks to Tommi Vainikainen <thv+debian@iki.fi>.
2007-10-27 12:08:44 +00:00
nekral-guest
e3f303fdb5 If compiled without PAM support, enforce the limits from /etc/limits when
one of the -, -l, or --login options is set, even if called by root.
Thanks to Justin Bronder.
2007-10-12 22:36:26 +00:00
nekral-guest
756b6812a6 Convert the Changelog and NEWS to UTF-8. 2007-10-07 14:57:03 +00:00
nekral-guest
79bf2081fe Commit the last version from the PLD CVS repository.
(last changelog entry: 2007-02-01)
This also adds the files which were present in the CVS repository, but not
present in the shadow archives.
2007-10-07 14:36:51 +00:00
nekral-guest
c187b2be78 [svn-upgrade] Integrating new upstream version, shadow (4.0.18.1) 2007-10-07 11:48:07 +00:00
nekral-guest
5e20c4359f [svn-upgrade] Integrating new upstream version, shadow (4.0.18) 2007-10-07 11:47:57 +00:00
nekral-guest
8a78a8d68c [svn-upgrade] Integrating new upstream version, shadow (4.0.17) 2007-10-07 11:47:45 +00:00
nekral-guest
0fa9083026 [svn-upgrade] Integrating new upstream version, shadow (4.0.16) 2007-10-07 11:47:33 +00:00
nekral-guest
591830e43b [svn-upgrade] Integrating new upstream version, shadow (4.0.15) 2007-10-07 11:47:22 +00:00
nekral-guest
24178ad677 [svn-upgrade] Integrating new upstream version, shadow (4.0.14) 2007-10-07 11:47:11 +00:00
nekral-guest
8451bed8b0 [svn-upgrade] Integrating new upstream version, shadow (4.0.13) 2007-10-07 11:47:01 +00:00
nekral-guest
e89f3546f2 [svn-upgrade] Integrating new upstream version, shadow (4.0.12) 2007-10-07 11:46:52 +00:00
nekral-guest
1de90a599c [svn-upgrade] Integrating new upstream version, shadow (4.0.11.1) 2007-10-07 11:46:43 +00:00
nekral-guest
b48129fcbb [svn-upgrade] Integrating new upstream version, shadow (4.0.11) 2007-10-07 11:46:34 +00:00
nekral-guest
8c50e06102 [svn-upgrade] Integrating new upstream version, shadow (4.0.10) 2007-10-07 11:46:25 +00:00
nekral-guest
7c47e0fde3 [svn-upgrade] Integrating new upstream version, shadow (4.0.9) 2007-10-07 11:46:16 +00:00
nekral-guest
8e167d28af [svn-upgrade] Integrating new upstream version, shadow (4.0.8) 2007-10-07 11:46:07 +00:00
nekral-guest
0ee095abd8 [svn-upgrade] Integrating new upstream version, shadow (4.0.7) 2007-10-07 11:45:58 +00:00
nekral-guest
164b557066 [svn-upgrade] Integrating new upstream version, shadow (4.0.6) 2007-10-07 11:45:49 +00:00
nekral-guest
b0e078d9c8 [svn-upgrade] Integrating new upstream version, shadow (4.0.5) 2007-10-07 11:45:40 +00:00
nekral-guest
e637799f9b [svn-upgrade] Integrating new upstream version, shadow (4.0.4.1) 2007-10-07 11:45:31 +00:00
nekral-guest
effd479bff [svn-upgrade] Integrating new upstream version, shadow (4.0.4) 2007-10-07 11:45:23 +00:00
nekral-guest
4903ce068e [svn-upgrade] Integrating new upstream version, shadow (4.0.3) 2007-10-07 11:45:14 +00:00
nekral-guest
37dc61340b [svn-upgrade] Integrating new upstream version, shadow (4.0.2) 2007-10-07 11:45:07 +00:00
nekral-guest
9db6abfa42 [svn-upgrade] Integrating new upstream version, shadow (4.0.1) 2007-10-07 11:44:59 +00:00
nekral-guest
3bc4996775 [svn-upgrade] Integrating new upstream version, shadow (4.0.0) 2007-10-07 11:44:51 +00:00
nekral-guest
8fee8c57ae [svn-upgrade] Integrating new upstream version, shadow (20001016) 2007-10-07 11:44:44 +00:00
nekral-guest
4e3fe42600 [svn-upgrade] Integrating new upstream version, shadow (20001012) 2007-10-07 11:44:38 +00:00