Commit Graph

236 Commits

Author SHA1 Message Date
nekral-guest
f4f6300499 * NEWS, src/su.c: Preserve the DISPLAY and XAUTHORITY environment
variables, even with --login. This was not the case before in the
	PAM version.
2009-06-05 22:19:38 +00:00
nekral-guest
2e239f44cf * NEWS: New placeholder for the next release. 2009-05-25 19:26:31 +00:00
nekral-guest
91d5c24f58 * NEWS: Prepare the next release.
* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
	* po/*.po, man/po/*.po: Updated PO files.
	* man/passwd.1.xml: passwd -u does not reset the expiry field.
2009-05-22 13:50:45 +00:00
nekral-guest
2e075ad91b * NEWS, src/newgrp.c: Return the exit status of the child. Thanks
to Lionel Elie Mamane.
2009-05-22 11:08:46 +00:00
nekral-guest
604c7d72d9 * NEWS, src/userdel.c: Report errors to remove the user's mailbox.
* NEWS, src/userdel.c: When USERGROUPS_ENAB is enabled, remove the
	user's group when the user was the only member. This is still not
	complete, as the user could have been specified twice in the
	members.
	* NEWS, src/userdel.c: Do not fail when -r is used and the home
	directory does not exist.
2009-05-22 10:41:10 +00:00
nekral-guest
b9ecd1cf42 * NEWS, src/usermod.c: Check if the user is busy when the user's
UID, name or home directory is changed.
2009-05-18 18:37:16 +00:00
nekral-guest
4a4549c49b * src/userdel.c, libmisc/user_busy.c, libmisc/Makefile.am,
lib/prototypes.h: Move user_busy() to libmisc/user_busy.c.
	* NEWS, libmisc/user_busy.c: On Linux, do not check if an user is
	logged in with utmp, but check if the user is running some
	processes. If not on Linux, continue to search for an utmp record,
	but make sure the process recorded in the utmp entry is still
	running.
2009-05-18 18:32:17 +00:00
nekral-guest
589a773f7e Document the changes in 4.1.4.1:
- login
  * Fix failures with empty usernames on non PAM versions.
  * Fix CONSOLE (securetty) support on non PAM versions.
2009-05-16 18:27:13 +00:00
nekral-guest
a9b8fdc3c9 * src/userdel.c, man/login.defs.d/USERDEL_CMD.xml: Move the
USERDEL_CMD script example from the source code to the
	documentation.
2009-05-12 19:23:46 +00:00
nekral-guest
63e6dc6b11 * NEWS, configure.in: New release will be 4.1.4.
* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
	* po/*.po, man/po/*.po: Updated PO files.
2009-05-10 20:02:21 +00:00
nekral-guest
fe0a5b6ee3 Added Changelog and NEWS entry for the French and Japanese translations. 2009-05-10 17:10:44 +00:00
nekral-guest
a01499179f * src/pwck.c: Warn if an user has an entry in passwd and shadow,
and the password field in passwd is not 'x'.
	* src/grpck.c: Warn if a group has an entry in group and gshadow,
	and the password field in group is not 'x'.
2009-05-09 21:20:54 +00:00
nekral-guest
1737e6e0ec Added notes about updated translations. 2009-05-09 13:16:17 +00:00
nekral-guest
7f9e196903 * NEWS, src/newusers.c, src/Makefile.am: Added support for
changing the passwords with PAM.
	* src/newusers.c: Split the usage string in smaller parts to
	allow enabling single parts.
	* man/newusers.8.xml: Indicate the options and configuration
	variables valid for PAM and non-PAM versions.
	* man/newusers.8.xml: Added pointer to /etc/pam.d/chpasswd.
2009-05-09 13:15:57 +00:00
nekral-guest
8bcb2c1e71 Sort entries alphabetically. 2009-05-09 13:15:51 +00:00
nekral-guest
69fe59a632 * NEWS, configure.in: Fix build failure on non-PAM enabled system
when --without-pam is not specified.
2009-05-03 22:46:26 +00:00
nekral-guest
d7d0b06a41 * NEWS, src/chpasswd.c: Added support for changing the passwords
with PAM.
	* src/chpasswd.c: Split the usage string in smaller parts to
	allows enabling single parts.
	* src/chpasswd.c: Do not set a global lock on the password files.
	This is done by PAM each time a password is updated.
2009-04-28 21:45:38 +00:00
nekral-guest
13b74243a6 * NEWS, configure.in: Added configure option --enable-utmpx,
disabled by default. This defines USE_UTMPX, which should be used
	instead of HAVE_UTMPX_H.
2009-04-27 20:03:48 +00:00
nekral-guest
f9bd143012 * NEWS, po/pt.po: Updated Portuguese translation. 2009-04-25 11:06:35 +00:00
nekral-guest
fcfa81283e * NEWS, configure.in: Enable --enable-account-tools-setuid by
default for PAM builds, as it used to be before the introduction
	of this option.
2009-04-21 22:22:08 +00:00
nekral-guest
9efd6a53d2 * NEWS, src/lastlog.c: Fix regression causing empty reports. 2009-04-20 14:04:48 +00:00
nekral-guest
bf66861e3f * po/ko.po: Updated Korean translation. 2009-04-19 16:26:17 +00:00
nekral-guest
131e95ffaf * NEWS, src/login.c: Also check if the authentication token of the
user has to be updated in case the user was already authenticated.
2009-04-19 16:22:17 +00:00
nekral-guest
5298ac3dd9 * NEWS, src/login.c: Do not trust the current utmp entry's ut_line
to set PAM_TTY.
2009-04-17 20:40:26 +00:00
nekral-guest
e312f007b8 Fix NEWS entry. 2009-04-15 21:31:09 +00:00
nekral-guest
239bb04b18 Fixed nb.po format and added info about the update. 2009-04-15 21:29:00 +00:00
nekral-guest
4d2bee2e23 * NEWS, src/userdel.c: Fixed SE Linux support. semanage should be
called at the end.
	* src/useradd.c: Always call selinux_update_mapping() (i.e.
	semanage), not only when -Z is used.
2009-04-15 21:14:08 +00:00
nekral-guest
a24058d660 * NEWS, srclib/getlong.c: Fix parsing of octal numbers.
* NEWS, src/login.c: Fix segfault when no user is provided on the
	command line.
2009-04-15 17:50:17 +00:00
nekral-guest
5fa86c2b42 * NEW, src/vipw.c: SE Linux: Set the default context to the
context of the file being edited. This ensures that the backup
	file inherit from the file's context.
2009-04-15 17:42:27 +00:00
nekral-guest
b4a3ab4082 Added release date. 2009-04-12 02:45:11 +00:00
nekral-guest
08a212ccae * src/login.c: Restore the echoctl, echoke, onclr flags to the
terminal termio flags. Reset echoprt, noflsh, tostop. This
	behavior seems to have change by mistake in earlier releases
	(4.0.8, for no obvious reason).
2009-04-12 00:17:36 +00:00
nekral-guest
5a56996eef * man/es/Makefile.am: Disable the distribution of Spanish
manpages. They are outdated. Please contact
	pkg-shadow-devel@lists.alioth.debian.org if you wish to provide
	updates.
2009-04-11 18:57:14 +00:00
nekral-guest
ca1bb50c24 * libmisc/find_new_gid.c, libmisc/find_new_uid.c: For system
accounts, return the first unused ID, starting from the max value.
	This could be useful later to increase the static IDs range.
2009-04-11 16:00:45 +00:00
nekral-guest
8d136297c4 * NEWS, src/useradd.c, man/useradd.8.xml: add -Z option to map
SELinux user for user's login.
	* NEWS, src/usermod.c, man/usermod.8.xml: Likewise.
	* libmisc/system.c, libmisc/Makefile.am, lib/prototypes.h: Added
	safe_system(). Used to run semanage.
	* lib/prototypes.h, libmisc/copydir.c: Make a
	selinux_file_context() an extern function.
	* libmisc/copydir.c: Reset SELinux to create files with default
	contexts at the end of copy_tree().
	* NEWS, src/userdel.c: Delete the SELinux user mapping for user's
	login.
2009-04-11 15:34:10 +00:00
nekral-guest
9372111aaa * NEWS, src/userdel.c: Make sure the user exists in the shadow
database before calling spw_remove().
	* NEWS, src/userdel.c: When the user's group is removed, make sure
	the group is in the gshadow database before calling sgr_remove().
	* src/userdel.c: Improve warning's wording.
2009-03-15 21:29:16 +00:00
nekral-guest
730fc8fc33 * src/faillog.c: Added support for the specification of a range of
users with -u.
	* src/faillog.c: Do not call print_one() for users which do not
	exist.
	* src/faillog.c: Make sure the user's entry is not outside the
	faillog file and initialize the faillog structure in that case.
	* src/faillog.c: Move print_one() closer to print().
	* src/faillog.c: reset(), setmax(), set_locktime() can also change
	entries of user which do not exist.
	* src/faillog.c: reset(), setmax() and set_locktime() shall not
	create entries for users which have no entries if the value has to
	be set to 0.
	* src/faillog.c: reset(), setmax() and set_locktime(): better
	handling of users whose entry is outside the faillog file.
	* src/faillog.c: Improved option handling. Options can now be
	specified in any order.
	* src/faillog.c: Improved warnings when options are not
	compatible or when the faillog cannot be open with the right mode.
	* src/faillog.c: Only fstat the faillog file once.
	* man/faillog.8.xml: Improved documentation.
2009-03-13 22:49:20 +00:00
nekral-guest
c9121d025f * NEWS, src/grpck.c, src/pwck.c: Issue a warning if an ID is set
to -1.
2009-03-08 20:28:55 +00:00
nekral-guest
b46fd9a2b4 * NEWS, po/LINGUAS, po/kk.po: Added Kazakh translation. Thanks to
Timur Birsh <taem@linukz.org>.
2009-03-03 20:53:20 +00:00
nekral-guest
f2d6449374 * NEWS, src/gpasswd.c: Only report success to audit and syslog
when the changes are committed to the system. Do not log failure
	for on-memory changes to audit or syslog. Make sure failures and
	inconsistencies will be reported in case of unexpected failures
	(e.g. malloc failures). Only specify an audit message if it is not
	implicitly implied by the type argument. Removed fail_exit
	(replaced by atexit(do_cleanups)). Log failures in case of
	permission denied.
2009-01-26 22:03:37 +00:00
nekral-guest
d8c9236a18 * NEWS, src/su.c: Preserve COLORTERM in addition to TERM when su
is called with the -l option.
2009-01-06 20:13:31 +00:00
nekral-guest
5b8ff14caf * libmisc/audit_help.c: Added audit_logger_message() to log
messages not related to an account.
	* lib/prototypes.h, libmisc/cleanup.c, libmisc/cleanup_group.c,
	libmisc/cleanup_user.c, libmisc/Makefile.am: Added stack of
	cleanup functions to be executed on exit.
	* NEWS, src/groupadd.c, src/groupdel.c, src/groupmod.c: Only
	report success to audit and syslog when the changes are committed
	to the system. Do not log failure for on-memory changes to audit
	or syslog. Make sure failures and inconsistencies will be reported
	in case of unexpected failures (e.g. malloc failures). Only
	specify an audit message if it is not implicitly implied by the
	type argument. Removed fail_exit (replaced by atexit(do_cleanups)).
2008-12-22 21:52:43 +00:00
nekral-guest
a438c2f184 * NEWS, src/gpasswd.c: Added support usernames with arbitrary
length.
2008-12-15 21:54:53 +00:00
nekral-guest
c28c443d8f * NEWS, configure.in, libmisc/chkname.c: make group max length a
configure option.  The configure behavior encoded is:
	<no option> -> default of 16 (like today);
	--with-group-name-max-length -> default of 16;
	--without-group-name-max-length -> no max length;
	--with-group-name-max-length=n > max is set to n.
2008-11-30 01:29:40 +00:00
nekral-guest
a324a7f13f * NEWS, libmisc/chowntty.c, libmisc/utmp.c: is_my_tty() moved from
utmp.c to chowntty.c. checkutmp() now only uses an existing utmp
	entry if the pid matches and ut_line matches with the current tty.
	This fixes a possible DOS when entries can be forged in the utmp
	file.
	* libmisc/chowntty.c, src/login.c, lib/prototypes.h: Remove the
	tty argument from chown_tty. chown_tty always changes stdin and
	does not need this argument anymore.
2008-11-22 23:56:11 +00:00
nekral-guest
eb4097180b * NEWS, libmisc/chowntty.c: Fix a race condition that could lead to
gaining ownership or changing mode of arbitrary files.
2008-11-22 23:22:16 +00:00
nekral-guest
b18d46e68d * NEWS, etc/login.defs: New CREATE_HOME variable to tell useradd
to create a home directory for new users.
	* src/useradd.c, man/useradd.8.xml: New -M/--no-create-home option
	and CREATE_HOME usage. System accounts are not impacted by
	CREATE_HOME.
	* man/useradd.8.xml: Indicate that a new group is created by
	default.
	* src/useradd.c: Removed TODO item (moved to the TODO file).
2008-09-13 11:55:41 +00:00
nekral-guest
8c060833c8 From RedHat's patch shadow-4.1.2-sysAccountDownhill.patch
Thanks to Peter Vrabec.
	* NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Build an
	index of used IDs to avoid a database request for each id in the
	allowed range (when the highest allowed ID is already used).
	This speedups the addition of users or groups when the highest
	allowed ID is already used. The additional memory usage of the
	tools should be acceptable when UID_MAX/SYS_UID_MAX are set to a
	reasonable number.
2008-09-13 11:54:49 +00:00
nekral-guest
8b3029e430 * NEWS: Added configure --enable-account-tools-setuid (default) /
--disable-account-tools-setuid options. This permits to disable
	the PAM authentication of the caller for chage, chgpasswd,
	chpasswd, groupadd, groupdel, groupmod, newusers, useradd,
	userdel, and usermod.  This authentication is not necessary when
	these tools are not installed setuid root.
2008-09-06 21:42:26 +00:00
nekral-guest
7e17182e4c * NEWS, src/groupmems.c, man/groupmems.8.xml: Document the long
options.
2008-09-04 20:20:20 +00:00
nekral-guest
f3c7ca59c5 * src/useradd.c: Log errors to syslog in grp_update() since
changes have started to be reported to syslog.
	* src/userdel.c: Fix some result parameters sent to
	audit_logger().

	* NEWS: Following changes from a patch contributed by Steve Grubb
	<sgrubb@redhat.com>
	* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
	of AUDIT_USER_CHAUTHTOK.
	* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead 
	of AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
	AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
	AUDIT_USER_CHAUTHTOK.
	* src/useradd.c: Add missing logs to audit.
	* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
	AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
	* src/userdel.c: Add missing logs to audit.
2008-09-03 21:02:32 +00:00
nekral-guest
87b56b19fb * NEWS, src/groupmems.c, man/groupmems.8.xml: Added support for
shadow groups.
	* src/groupmems.c: Use fail_exit() instead of exit().
2008-08-31 17:29:34 +00:00
nekral-guest
76ea48bb64 * NEWS: Added support for uclibc.
* configure.in, libmisc/copydir.c: futimes() and lutimes() are not
	standard. Check if they are implemented before using them. Do not
	set the time of links if lutimes() does not exist, and use
	utimes() as a replacement for futimes().
2008-08-30 18:29:55 +00:00
nekral-guest
0c7df2f9a0 * src/groupmems.c: When removing an user, check if deluser is on
the list, not adduser. This fixes a segmentation fault for every
	call of groupmems -d.
	* libmisc/list.c: Add assertions to help identifying these issues.
	* libmisc/list.c: Avoid implicit conversion of pointers to
	booleans.
2008-08-30 18:29:08 +00:00
nekral-guest
77f81fa0b6 * NEWS, src/groupmems.c: Use the "groupmems" PAM service name
instead of "groupmod".
2008-08-30 18:28:45 +00:00
nekral-guest
cfeacc4d67 * NEWS, src/gpasswd.c: Use getopt_long instead of getopt. Added
support for long options --add (-a), --delete (-d),
	--remove-password (-r), --restrict (-R), --administrators (-A),
	and --members (-M)
	* man/gpasswd.1.xml: Document the new long options.
	* src/gpasswd.c: The sgrp structure is only used if SHADOWGRP is
	defined.
2008-08-22 02:28:15 +00:00
nekral-guest
130553a578 Sort the NEWS entry alphabetically (per program name). 2008-08-22 02:18:48 +00:00
nekral-guest
1355d5d3eb * NEWS, src/passwd.c: For compatibility with other passwd version,
the --lock an --unlock options do not lock or unlock the user
	account anymore.  They only lock or unlock the user's password.
	* man/passwd.1.xml: Document above change. Document how an account
	can be locked and what a password lock means.
2008-08-22 02:16:21 +00:00
nekral-guest
e3e99974f8 * NEWS, src/groupmems.c: Added syslog support.
* src/groupmems.c: members() renamed display_members() to
	avoid name clash with its members argument.
	* src/groupmems.c: Report failure to unlock to syslog.
	* src/groupmems.c: Harmonize error messages.
	* src/groupmems.c: Report failures to write the new group file to
	syslog (gr_close() failure).
	* src/groupmems.c: Don't use fail_exit for non-failure exit.
2008-08-09 23:28:30 +00:00
nekral-guest
d5c6257ac2 * NEWS, src/groupmems.c: Allow everybody to list the users of a group.
This information is publicly available in /etc/group.
	* NEWS, src/groupmems.c: Open /etc/group read only for the -l option.
2008-07-27 02:33:37 +00:00
nekral-guest
b684ea837d 2008-07-26 Nicolas François <nicolas.francois@centraliens.net>
* src/groupmems.c: Added Prog global variable to indicate the name
	of the program in error messages.

2008-07-22  Lukáš Kuklínek  <lkukline@redhat.com>

	* NEWS, src/groupmems.c: Check if the user added to group actually
	exist. RedHat bug #455603
	* NEWS, src/groupmems.c: Check if the group exists in the group
	local database (/etc/group). RedHat bug #456088
2008-07-26 16:11:49 +00:00
nekral-guest
276e406c0f * README, NEWS, configure.in, lib/pam_defs.h, src/login.c: Add
support for OpenPAM.
2008-07-21 21:14:06 +00:00
nekral-guest
21c692d23f Re-inject the changes from 4.1.2.1. 2008-07-11 22:20:43 +00:00
nekral-guest
5b194e290c Fix typo. 2008-07-11 22:04:02 +00:00
nekral-guest
22fb4fe019 * src/usermod.c: Do not call usr_update() if it will have no
effects. This avoid checking if the user exists in the local passwd
	file if not necessary, and thus allow to add LDAP users to local
	groups. (The user is already checked against the system
	configuration with getpwnam()). Thanks to Dan Kopecek.
2008-07-11 21:50:05 +00:00
nekral-guest
2a267ca05f * NEWS, src/newusers.c: Implement the -r, --system option.
* src/newusers.c: Use a bool when possible instead of int
	integers.
	* src/newusers.c: Avoid implicit conversion of pointers / integers
	/ chars to booleans.
	* src/newusers.c: Ignore the return value of pam_end() before
	exiting.
	* src/newusers.c: Ignore return value of setlocale(),
	bindtextdomain(), and textdomain().
	* src/newusers.c: Avoid multi-statements lines.
	* src/newusers.c: Add brackets and parenthesis.
2008-06-09 19:36:08 +00:00
nekral-guest
b5b636b8b7 Prepare the 4.1.2 release
* NEWS: set the release date.
	* man/po/*.po, po/*.po: Updated PO files.
2008-05-24 23:03:24 +00:00
nekral-guest
a917ba4fb9 *** security:
- generation of SHA encrypted passwords (chpasswd, gpasswd, newusers,
  chgpasswd; and also passwd if configured without PAM support).
  The number of rounds and number of salt bytes was fixed to their lower
  allowed values (resp. configurable and 8), hence voiding some of the
  advantages of this encryption method. Dictionary attacks with
  precomputed tables were easier than expected, but still harder than with
  the MD5 (or DES) methods.

	* NEWS, libmisc/salt.c (SHA_salt_size): Seed the RNG, and fix a
	overflow. These caused the SHA salt size to always be 8 bytes,
	instead of being in the 8-16 range. Thanks to Peter Vrabec
	pvrabec@redhat.com for noticing.
	* NEWS, libmisc/salt.c (SHA_salt_rounds): Seed the RNG with
	seedRNG instead of srand, and fix the same overflow. This caused
	the number of rounds to always be the smallest one.
2008-05-20 13:34:06 +00:00
nekral-guest
9c69fe73b1 Tag the section which require --enable-shadowgrp or --with-sha-crypt
accordingly.
2008-05-19 22:18:14 +00:00
nekral-guest
a071d72e48 Document the -k, --skel option, and update the -m, --create-home documentation. 2008-05-19 21:32:19 +00:00
nekral-guest
461d69522f * NEWS, man/groupadd.8.xml: Document the -r, --system option.
* NEWS, man/newusers.8.xml: Document the -r, --system option.
	* NEWS, man/newusers.8.xml: Document the -c, --crypt-method and
	-s, --sha-rounds options.
2008-05-19 20:53:12 +00:00
nekral-guest
300f7416c4 Document the -r, --system option. 2008-05-19 19:43:24 +00:00
nekral-guest
fb4271bdf9 Import Debian patch 434_login_stop_checking_args_after--
* NEWS, src/login.c (check_flags): Stop checking the arguments
	after --. The later options will be sent to the shell, and do not
	need to be checked.
2008-05-18 14:54:35 +00:00
nekral-guest
6a17c2b27f * src/vipw.c, src/su.c, src/newgrp.c: Harmonize the children's
SIGSTOP handling. Raise the signal which stopped the child instead
	of always SIGSTOP.

	Import Debian patch 406_vipw_resume_properly.
	Thanks to Dean Gaudet.
	* NEWS, src/vipw.c: Resume properly after ^Z.
2008-05-18 13:41:56 +00:00
nekral-guest
8a8072a563 If the SULOG_FILE does not exist when an su session is logged, make sure
the file is created with group root, instead of using the group of the
caller.
2008-04-27 00:27:59 +00:00
nekral-guest
4196525702 Allow non-US-ASCII characters in the GECOS fields ("name", "room number",
and "other info" fields).
2008-04-27 00:24:49 +00:00
nekral-guest
4d7d6a1a9f Fix build failure when configured with audit support. Thanks to Mike
Frysinger for reporting it.
2008-04-16 22:04:46 +00:00
nekral-guest
8e82ae234e Also fix the detection of the pam and selinux features:
Fail if the feature is requested but the library (or
header file) could not be found. If nothing is specified, enable
the feature only if we can find the library (or header file).
2008-04-16 21:18:20 +00:00
nekral-guest
70bf7cca33 Fix the detection of the audit library and header file. 2008-04-16 20:09:03 +00:00
nekral-guest
f89cf0cf20 * NEWS, etc/pam.d/Makefile.am: Add chfn, chsh, and userdel to
$(pamd_files). Remove the duplicate useradd. And sort
  alphabetically. Thanks to Mark Rosenstand  <mark@borkware.net>.
* NEWS: Prepare next release, 4.1.2.
2008-04-04 18:50:22 +00:00
nekral-guest
1de80f9457 * NEWS, configure.in: Prepare release 4.1.1
* NEWS: Fix the release date of 4.1.0. Was in 2007, not 2008.
2008-04-02 21:55:27 +00:00
nekral-guest
f7a256fc19 * src/passwd.c, NEWS: Make SE Linux tests more strict, when the
real UID is 0 SE Linux checks will be performed. Thanks to
 Russell Coker  <russell@coker.com.au>
* TODO: Added entries regarding SE Linux.
2008-03-26 22:00:50 +00:00
nekral-guest
a8a614c515 * NEWS, src/groupmod.c: Make sure the passwd, group, and gshadow
files are unlocked on exit. Unlock locked files in fail_exit().
  Prefer fail_exit() over exit().
* NEWS, src/groupmod.c: When the GID of a group is changed, update
  also the GID of the passwd entries of the users whose primary
  group is the group being modified.
2008-03-08 23:01:49 +00:00
nekral-guest
b1a0769d3d * lib/commonio.c (commonio_remove): Fail when the name to be
removed is used by different entries (like commonio_update does).
* NEWS: This fix the behavior of groupdel when the system is not
  configured to support split group but different group entries
  have the name of the group to be deleted.
2008-03-08 22:52:44 +00:00
nekral-guest
1b808e62df Make sure the passwd, group, shadow, and gshadow files are unlocked on
exit. Unlock locked files in fail_exit(). Prefer fail_exit() over exit().
2008-03-08 22:44:53 +00:00
nekral-guest
5af8a5d74d * NEWS, src/groupdel.c: Make sure the group, and gshadow files are
unlocked on exit. Add function fail_exit(). Use fail_exit()
	instead of exit().
	* src/groupdel.c: Fail immediately instead of increasing errors.
	Better handling of error cases, like locked group or gshadow file.
2008-03-08 21:13:54 +00:00
nekral-guest
d1290c0d5d Make sure the passwd, group, shadow, and gshadow files are unlocked on
exit. Add function fail_exit(). Use fail_exit() instead of exit().
2008-03-08 21:04:31 +00:00
nekral-guest
bded00fd11 Make sure the group and gshadow files are unlocked on exit. Add function fail_exit(). 2008-03-08 20:54:54 +00:00
nekral-guest
a2242f6f1b Do not rewrite the group and gshadow file in case of error. 2008-03-08 16:23:22 +00:00
nekral-guest
d44f1dfeca Do not raise an error if the group does not exist in the gshadow file. 2008-03-08 16:17:07 +00:00
nekral-guest
6ea65c8992 Only reset the entries of existing users with faillog -r (not all numeric
IDs starting from 0). Thanks to Peter Vrabec.
2008-03-05 00:10:25 +00:00
nekral-guest
528346cb3b When a password is moved to the gshadow file, use "x" instead of "x"
to indicate that the password is shadowed (consistency with grpconv).
2008-02-26 20:09:56 +00:00
nekral-guest
2a2b2b3aa4 * NEWS: Fix failures when the gshadow file is not present. Thanks
to Christian Henz (http://bugs.debian.org/467488)
 * src/gpasswd.c (get_group): Do not fail if gshadow is not present. Just use
   the group file and set the grent structure
 * src/gpasswd.c (check_perms): The permissions should be checked
   using both the gshadow and group file. Add a <struct group *>
   parameter, and check if the gshadow file exists (is_shadowgrp).
 * src/gpasswd.c (main): Do not use sgent.sg_mem or sgent.sg_adm if
   the gshadow file is not present (sgent is not initialized in that
   case). The fields of sgent can be set, but not used.
2008-02-26 19:09:10 +00:00
nekral-guest
93e2f66a60 * NEWS, src/useradd.c, man/useradd.8.xml: Added options
-user-group (-U, Uflg) and --no-user-group (-N, Nflg) to replace
  nflg.
* man/login.defs.d/USERGROUPS_ENAB.xml: useradd now also uses
  USERGROUPS_ENAB.
2008-02-25 21:03:46 +00:00
nekral-guest
c81db0b178 Fix alphabetical order. 2008-02-19 21:05:44 +00:00
nekral-guest
bb824221a4 This entry was for login, not su:
* If started as init, start a new session.
2008-02-19 21:04:55 +00:00
nekral-guest
18c914f086 Added new option -r, --system for system accounts in useradd, groupadd,
and newusers.
2008-02-19 21:01:38 +00:00
nekral-guest
ed52b88b92 Fix buffer overflow when adding an user to a group. Thanks to Peter Vrabec. 2008-02-18 21:36:03 +00:00
nekral-guest
280fcebae8 Change the default HOME directory in /etc/default/useradd according FHS
(/home instead of /home/users).  This fixes Alioth's bug #310559.
Thanks to Dale E. Edmons.
2008-02-17 15:29:41 +00:00
nekral-guest
a8bc585e33 Use the correct AUDIT_CHGRP_ID event instead of
AUDIT_USER_START, when changing the user space group ID with
newgrp or sg. Thanks to sgrubb@redhat.com for the patch.
2008-02-14 18:35:51 +00:00
nekral-guest
a5f949165a Fix the handling of -a when a user is being renamed (with -l). The new
name of the user was used for the new supplementary groups, but not in the
existing ones.
2008-02-10 20:25:39 +00:00