Commit Graph

1504 Commits

Author SHA1 Message Date
Nicolas François
9951b1f569 Fail in case arguments are provided after options.
* src/vipw.c: Fail in case arguments are provided after options.
	Debian#677812
2013-08-13 23:13:09 +02:00
Nicolas François
0094abea6e Fix count for ranges truncated in remove_range().
* lib/subordinateio.c: Fix count for ranges truncated in
	remove_range().
2013-08-13 22:29:16 +02:00
Nicolas François
8781aff637 Terminate the child before closing the PAM session.
* src/su.c: Terminate the child (if needed) before closing the PAM
	session. This is probably more correct, and avoid reporting
	termination from signals possibly sent by PAM modules (e.g. former
	versions of pam_systemd). Debian#670132
2013-08-13 19:48:53 +02:00
Nicolas François
a5e3dbb0e3 Reset caught variable when signal is handled by su.
* src/su.c: When a SIGTSTP is caught, reset caught to 0. There is
	no need to kill the child in such case after su is resumed. This
	remove the "Session terminated, terminating shell...
	...terminated." messages in such case.
2013-08-13 19:42:50 +02:00
Nicolas François
29bd7e1929 Document checks performed by newgidmap/newuidmap
* man/newgidmap.1.xml: Document the checks performed before
	setting the mapping in /proc.
	* man/newuidmap.1.xml: Likewise.
2013-08-13 19:38:41 +02:00
Nicolas François
e1a4b6e57b Document the semantic of ranges.
* libmisc/idmapping.h: Document what the upper and lower fields
	are in struct map_range.
	* man/newgidmap.1.xml: Document when the gid, gidlower and count
	argument are.
	* man/newuidmap.1.xml: Likewise for uid, uidlower and count.
2013-08-13 19:28:07 +02:00
Nicolas François
5884ba907c (shadow_random): Use long instead of size_t.
* libmisc/salt.c (shadow_random): Use long instead of size_t.
	Compatibility with size_t is easier to check since it's used for
	smaller numbers (salt size).
2013-08-13 19:16:24 +02:00
Nicolas François
64fe2f7db6 Add splint annotations.
* lib/groupmem.c: Add splint annotations. The added memset makes
	splint think data was allocated.
	* lib/pwmem.c: Likewise.
	* lib/sgroupio.c: Likewise.
	* lib/shadowmem.c: Likewise.
2013-08-13 19:13:45 +02:00
Nicolas François
3bdf723bab Improve documentation.
* man/login.defs.d/SUB_GID_COUNT.xml: Document that the behavior
	of useradd and newusers depends on the existence of /etc/subgid.
	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise for /etc/subuid.
2013-08-13 00:21:02 +02:00
Nicolas François
9126425a21 Improve error reporting.
* src/useradd.c: Change message in case of find_new_sub_uids /
	find_new_sub_gids failure. This complements the messages already
	provided by these APIs.
2013-08-13 00:13:12 +02:00
Nicolas François
bfbd83239e Fix handling of boundaries.
* lib/subordinateio.c: Fix handling of boundaries.
	* libmisc/find_new_sub_uids.c: Likewise.
	* libmisc/find_new_sub_gids.c: Likewise.
2013-08-13 00:11:24 +02:00
Nicolas François
d9d1bb4acb Fix removal of ranges.
* lib/subordinateio.c: Fix removal of ranges. The database needs
	to be marked as changed or commonio_close will discard any change.
2013-08-12 23:57:32 +02:00
Nicolas François
5d3a785c55 Manpages improvement for subordinate IDs.
* man/newusers.8.xml: Include documentation of SUB_GID_MIN,
	SUB_GID_MAX, SUB_GID_COUNT, SUB_UID_MIN, SUB_UID_MAX,
	SUB_UID_COUNT.
	* man/useradd.8.xml: Likewise.
	* man/usermod.8.xml: Likewise.
	* man/newusers.8.xml: Document usage of /etc/subgid /etc/subuid.
	* man/useradd.8.xml: Likewise.
	* man/userdel.8.xml: Likewise.
	* man/usermod.8.xml: Likewise.
	* man/newusers.8.xml: Add references to subgid(5) and subuid(5).
	* man/useradd.8.xml: Likewise.
	* man/userdel.8.xml: Likewise.
	* man/subgid.5.xml: Sort references alphabetically.
	* man/subuid.5.xml: Likewise.
	* man/subgid.5.xml: Add references to newusers(8), useradd(8),
	userdel(8), usermod(8), user_namespaces(7).
	* man/subuid.5.xml: Likewise.
2013-08-11 16:09:59 +02:00
Nicolas François
eeab0bebfa Sort references alphabetically.
* man/newgidmap.1.xml: Sort references alphabetically.
	* man/newuidmap.1.xml: Likewise.
2013-08-11 15:48:57 +02:00
Nicolas François
d611d54ed4 Allow disabling of subordinate IDs.
* configure.in: Add configure options --enable-subordinate-ids /
	--disable-subordinate-ids. Enabled by default.
	* lib/prototypes.h: Include <config.h> before using its macros.
	* lib/commonio.h, lib/commonio.c: Define commonio_append only when
	ENABLE_SUBIDS is defined.
	* lib/prototypes.h, libmisc/find_new_sub_gids.c,
	libmisc/find_new_sub_uids.c: Likewise.
	* lib/subordinateio.h, lib/subordinateio.c: Likewise.
	* libmisc/user_busy.c: Only check if subordinate IDs are in use if
	ENABLE_SUBIDS is defined.
	* src/Makefile.am: Create newgidmap and newuidmap only if
	ENABLE_SUBIDS is defined.
	* src/newusers.c: Check for ENABLE_SUBIDS to enable support for
	subordinate IDs.
	* src/useradd.c: Likewise.
	* src/userdel.c: Likewise.
	* src/usermod.c: Likewise.
	* man/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1,
	man5/subgid.5, and man5/subuid.5 only if ENABLE_SUBIDS is defined.
	* man/fr/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1,
	man5/subgid.5, and man5/subuid.5 (not translated yet).
	* man/generate_mans.mak: Add xsltproc conditionals
	subids/no_subids.
	* man/login.defs.d/SUB_GID_COUNT.xml: Add dependency on subids
	condition.
	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
	* man/usermod.8.xml: Document options for subordinate IDs and
	reference subgid(5) / subuid(5) depending on the subids condition.
2013-08-11 15:46:59 +02:00
Nicolas François
14ebc92d8c Remove unused variable.
* libmisc/salt.c: Remove unused variable.
2013-08-10 00:11:52 +02:00
Nicolas François
45986f8dc8 Fix for Alioth#314271 (musl libc)
* libmisc/utmp.c: Add include files needed for getaddrinfo().
	See Alioth#314271
2013-08-07 02:18:43 +02:00
Mike Frysinger
561ba96ec7 check for ruserok existence
rlogin support is old school code, so newer C libraries drop support for
ruserok (like uClibc, optionally).  But shadow doesn't build with that,
so have it check for ruserok to optionally enable rlogin.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
2013-08-07 01:44:24 +02:00
Nicolas François
cfad7327a5 Editorial changes to usermod(8)
* man/usermod.8.xml: Fix typos and wording.
	* man/usermod.8.xml: Add references to subgid(5) and subuid(5).
2013-08-07 01:36:10 +02:00
Nicolas François
316bc6b3f4 Fix wording: secondary -> subordinate.
* libmisc/find_new_sub_gids.c: Fix wording: secondary ->
	subordinate.
	* libmisc/find_new_sub_uids.c: Likewise.
2013-08-07 01:01:33 +02:00
Nicolas François
ac53650da5 Remove duplicate check.
* libmisc/find_new_sub_gids.c: Remove duplicate check (duplicate
	at least in its intent).
2013-08-06 23:59:09 +02:00
Nicolas François
94c52130be Fix typos.
* src/usermod.c: Fix typos.
2013-08-06 22:29:40 +02:00
Nicolas François
ee2b88b7b1 I find it clearer with the words in that order.
* man/subgid.5.xml: Reorder words.
	* man/subuid.5.xml: Likewise.
2013-08-06 22:25:08 +02:00
Nicolas François
1955170a14 Fix typos.
* man/subgid.5.xml: Fix typos.
	* man/subuid.5.xml: Likewise.
	* man/subgid.5.xml: Fix copy-paste errors from subuid.5.xml.
2013-08-06 22:22:57 +02:00
Nicolas François
9fdd176e45 Remove copy-pasted NOTE.
* man/newgidmap.1.xml: Remove copy-pasted NOTE.
	* man/newuidmap.1.xml: Likewise.
2013-08-06 21:01:53 +02:00
Nicolas François
bae65562ef Remove unused variables.
* lib/subordinateio.c: Remove unused variables.
2013-08-06 20:59:52 +02:00
Nicolas François
95d1e146b2 Fix typos.
* man/login.defs.d/SUB_GID_COUNT.xml: Fix typo.
	* man/login.defs.d/SUB_UID_COUNT.xml: Likewise.
	* man/login.defs.d/SUB_UID_COUNT.xml: Fix copy-paste issue from
	SUB_GID_COUNT.
	* man/newgidmap.1.xml: Fix Typo.
	* src/useradd.c: Fix typos.
	* lib/subordinateio.c: Fix typos.
2013-08-06 20:59:13 +02:00
Nicolas François
fcb7222b1a Fix Debian bug #675824
* lib/groupmem.c (__gr_dup): Support libc which define other
	fields in struct group.
	* lib/pwmem.c: Likewise for struct passwd.
	* lib/shadowmem.c: Likewise for struct spwd.
	* lib/sgroupio.c: Apply same logic, even if this structure is
	defined internally.
2013-08-06 16:33:27 +02:00
Nicolas François
5d491ef9da Revert b10cba0e0a
The length of the concatenated 2 lines was correct.
2013-08-05 23:16:00 +02:00
Nicolas François
60fc4bbf57 Debian bug 677275 - random() max value
* libmisc/salt.c: random() max value is 2^31-1 (same as RAND_MAX
	on GNU). As it is not clear whether on some systems the max value
	can exceed this number and whether some systems have max values
	which would be lower, we take this into account when defining the
	salt size and number of rounds for SHA encrypted passwords. Higher
	values are favored.
2013-08-05 14:19:23 +02:00
Nicolas François
7903a1b767 Fix su/1 documentation of -
* man/su.1.xml: With getopt, '-' does not need to be the last
	option, but it is recommended for portability.
	Closes https://bugs.launchpad.net/bugs/1100775
2013-08-04 23:45:31 +02:00
Nicolas François
4dbca60435 Add NEWS entries. 2013-08-04 23:29:06 +02:00
Nicolas François
08489a4e22 Fix translations (--home became --home-dir)
* man/po/da.po: Fix translation (--home became --home-dir).
	* man/po/de.po: Likewise.
	* man/po/fr.po: Likewise.
	* man/po/pl.po: Likewise.
	* man/po/ru.po: Likewise.
	* man/po/sv.po: Likewise.
2013-08-04 15:52:00 +02:00
Nicolas François
0d66002c95 Do not allocate more than necessary
Review b10cba0e0a and 7a16f4582d:
	* lib/groupio.c (merge_group_entries): Do not allocate more than
	necessary (sizeof char* instead of char).
	Thanks for Tomáš Mráz (alioth#313962)
	* lib/groupio.c (merge_group_entries): Document that new_members
	is correctly NULL terminated. (alioth:#313940)

Align previous ChangeLog entries.
2013-08-04 15:36:13 +02:00
Nicolas François
e8ab31d009 Review 52a38d5509
* Changelog: Update documentation of 2013-07-28  mancha entry.
	* lib/prototypes.h, lib/encrypt.c: Update splint marker,
	pw_encrypt can return NULL.
	* lib/encrypt.c: Fix outdated statement on GNU crypt.
	* src/chgpasswd.c: Improve diagnostic to user when pw_encrypt
	fails and use fail_exit() instead of exit().
	* src/chpasswd.c: Likewise.
	* src/newusers.c: Likewise.
	* src/passwd.c: Likewise when new password is encrypted.
	* src/newgrp.c: Improve diagnostic to user and syslog when
	pw_encrypt fails.  Do not apply 1s penalty as this is not an
	invalid password issue.
	* src/passwd.c: Likewise when password is checked.
2013-08-04 00:27:53 +02:00
Nicolas François
ee1952424d Fix memory leak.
* libmisc/setupenv.c: Free pw_dir and pw_shell before reallocating
	them.
2013-08-02 20:28:24 +02:00
Nicolas François
b6c1a8579e Fix segfaults
* libmisc/setupenv.c: xstrdup the static char* temp_pw_dir /
	temp_pw_shell. That way we can continue to use pw_free() without
	segving. Thanks to Serge Hallyn for the patch.
2013-08-02 20:24:20 +02:00
Yuri Kozlov
64ddc26bbf Completed Russian translation 2013-08-01 21:24:46 +02:00
Michael Scherer
4e65be1211 use chdir() before calling chroot() 2013-07-29 11:05:16 +02:00
bubulle
9be164101d Replace "--home" by "--home-dir" in useradd(8) manpage (and
translations)
2013-07-29 10:58:50 +02:00
Ville Skyttä
48b2c4bff4 Syntax fix in Japanese manpage 2013-07-29 10:18:41 +02:00
Brad Hubbard
7a16f4582d fix uninitialised memory in merge_group_entries causes segfault in useradd by
changing a call to malloc to a call to calloc
2013-07-29 10:13:12 +02:00
Brad Hubbard
b10cba0e0a add newline char when two lines are concatenated 2013-07-29 10:05:52 +02:00
bubulle
d3b95d1d26 Mention Alioth bug fixes 2013-07-29 10:01:23 +02:00
Guido Trentalancia
04b950b824 fix typographic errors and use a better format 2013-07-28 19:04:50 +02:00
Simon Brandmair
4145b98314 German manpages translation update 2013-07-28 18:57:18 +02:00
mancha
52a38d5509 crypt() in glibc/eglibc 2.17 now fails if passed
a salt that violates specs. On Linux, crypt() also fails with
DES/MD5 salts in FIPS140 mode. Rather than exit() on NULL returns
we send them back to the caller for appropriate handling.
2013-07-28 18:41:11 +02:00
bubulle
a6769c050b FIx date in changelog 2013-07-28 18:39:10 +02:00
Colin Watson
d172cccd07 Kill the child process group, rather than just the immediate child;
this is needed now that su no longer starts a controlling terminal
when not running an interactive shell (closes: Debian#713979)
2013-07-28 14:38:12 +02:00
bubulle
945eb8f50b if using the static char* for pw_dir, strdup it so pw_free() can be used. (Closes: Debian#691459) 2013-07-28 14:16:09 +02:00