Commit Graph

2351 Commits

Author SHA1 Message Date
Serge Hallyn
99b5feadd9 update translations 2016-09-18 18:23:49 -05:00
Tomas Mraz
507f96cdeb Fix regression in useradd not loading defaults properly.
The get_defaults() has to be called before processing the flags.

Signed-off-by: Tomáš Mráz <tmraz@fedoraproject.org>
2016-08-25 11:20:34 +02:00
Serge Hallyn
6fbc11ce21 configure.ac: release 4.3.1
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2016-08-14 23:00:59 -05:00
Serge Hallyn
ff2baed5db idmapping: add more checks for overflow
At this point they are redundant but should be safe.  Thanks to
Sebastian Krahmer for the first check.
2016-08-14 21:48:50 -05:00
Serge Hallyn
94da3dc5c8 also check upper for wrap 2016-08-14 21:48:45 -05:00
Serge Hallyn
9df58a7545 Merge pull request #30 from jwilk/spelling
man: Fix typos
2016-08-05 11:59:45 -05:00
Serge Hallyn
5b017af90d Merge pull request #29 from hemio-ev/lower-su-syslog-priority
Reduces syslog priority of common usage events
2016-08-05 11:59:15 -05:00
Jakub Wilk
a7a7a1fdea man: Fix typos 2016-08-05 18:50:51 +02:00
Serge Hallyn
ca0ccaba27 Merge pull request #24 from stoeckmann/typos
Fixed typos in new{g,u}idmap tools.
2016-08-04 23:39:25 -05:00
Serge Hallyn
8f1836bad9 Merge pull request #25 from stoeckmann/sigrace
Fixed signal races in shadow tools.
2016-08-04 23:38:24 -05:00
Michael Herold
61fc90b268 Reduces syslog priority of common usage events
- Log INFO instead of ERR on `su missing-user`
- Log NOTICE/WARN instead of ERR on pam_authenticate failure (wrong password for example)
2016-08-04 22:17:31 +02:00
Sebastian Krahmer
1d5a926cc2 Simplify getulong
Use strtoul to read an unsigned long, rather than reading
a signed long long and casting it.

https://bugzilla.suse.com/show_bug.cgi?id=979282
2016-08-03 11:51:07 -05:00
Serge Hallyn
7f5a14817d get_map_ranges: check for overflow
The kernel accepts u32 values, so make sure that userspace
is not passing large values.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
2016-07-31 12:56:48 -05:00
Serge Hallyn
9bf01bf010 Merge pull request #26 from jubalh/master
Fix sentence in usermod manual
2016-07-19 08:02:31 -05:00
Michael Vetter
358bd9b359 Fix sentence in usermod manual
Should have been: '[...] but only checkS [...]'.
So there was a missing 's'. Architectures isn't the right word either.
I decided to write the whole sentence new.
2016-07-18 15:21:08 +02:00
Tobias Stoeckmann
dd50014055 Fixed signal races in shadow tools.
Some of the supplied tools use functions which are not signal-safe.

Most of the times it's exit() vs. _exit().

In other times it's how the standard output or standard error is
handled. FILE-related functions shall be avoided, therefore I replaced
them with write().

Also there is no need to call closelog(). At worst, it allows to
trigger a deadlock by issuing different signal types at bad timings.
But as these fixes are about race conditions, expect bad timings in
general for these bugs to be triggered. :)
2016-07-02 18:11:09 +02:00
Tobias Stoeckmann
a84b0cafdd Fixed typos in new{g,u}idmap tools.
Fixed small typos in manual pages and code comments.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2016-07-02 16:39:18 +02:00
Serge Hallyn
a4dee3d1ad Merge pull request #16 from sebras/master
man: Fix a number of typos for various commands.
2016-05-20 14:05:56 -05:00
Serge Hallyn
340729bbe8 Merge pull request #19 from brauner/manfix
add long option --no-create-home to -M
2016-05-05 16:18:15 -05:00
Christian Brauner
4518826376 add long option --no-create-home to -M
Let's get rid of all the downstream fixes floating around.

Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
2016-05-05 12:00:07 +02:00
W. Trevor King
c07397695a */Makefile.am: Replace INCLUDES with AM_CPPFLAGS
Catch up with Automake's [1], which was part of v1.6b, cut 2002-07-28
[2].  Avoids:

  $ autoreconf -v -f --install
  ...
  libmisc/Makefile.am:4: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
  ...
  src/Makefile.am:10: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
  ...

Consolidating with the earlier AM_CPPFLAGS avoids:

  $ autoreconf -v -f --install
  src/Makefile.am:72: warning: AM_CPPFLAGS multiply defined in condition TRUE ...
  src/Makefile.am:10: ... 'AM_CPPFLAGS' previously defined here
  autoreconf-2.69: Leaving directory `.'

[1]: http://git.savannah.gnu.org/cgit/automake.git/commit/?id=1415d22f6203206bc393fc4ea233123ba579222d
     Summary: automake.in (generate_makefile): Suggest using AM_CPPFLAGS instead of INCLUDES
     Date: 2002-07-09
[2]: http://git.savannah.gnu.org/cgit/automake.git/tag/?id=Release-1-6b
2016-04-29 17:30:18 -07:00
Sebastian Rasmussen
aa38e0da9a man: Fix a number of typos for various commands. 2016-04-28 15:56:28 +02:00
Serge Hallyn
ef45bb2496 configure.ac: release 4.3
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-03-16 17:11:36 -07:00
Serge Hallyn
edec2d057d Merge pull request #13 from t8m/master
Add ability to clear or set lastlog record for user via lastlog command
2016-03-05 00:07:24 -08:00
Tomas Mraz
66897b6f6d Add ability to clear or set lastlog record for user via lastlog command
This functionality is useful because there is now a feature
of Linux-PAM's pam_lastlog module to block expired users (users
which did not login recently enough) from login. This commit
complements it so the sysadmin is able to unblock such expired user.

Signed-off-by: Tomáš Mráz <tmraz@fedoraproject.org>
2016-03-03 15:37:01 +01:00
Serge Hallyn
af064545bf useradd: respect -r flag when allocating subuids
We intend to not create subuids for system users. However we are
checking for command line flags after we check whether -r flag
was set, so it was never found to be true.  Fix that.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2016-02-18 09:20:43 -08:00
Serge Hallyn
9ab9e6f331 Merge pull request #12 from stgraber/master
Tweak uid/gid map default configuration
2016-02-15 15:27:20 -08:00
Stéphane Graber
65c2617140
Tweak uid/gid map default configuration
- Use an allocation of 65536 uids and gids to allow for POSIX-compliant
   user owned namespaces.
 - Don't allocate a uid/gid map to system users.
   Unfortunately checking for --system isn't quite enough as some
   distribution wrappers always call useradd without --system and take care
   of choosing a uid and gid themselves, so also check whether the
   requested uid/gid is in the user range.

This is taken from a patch I wrote for Ubuntu a couple years ago and
which somehow didn't make it upstream.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
2016-02-15 18:11:10 -05:00
Serge Hallyn
24468e4525 Merge pull request #11 from taizo/typo_in_japanese_usage_desc
typo in japanese usage description of useradd.
2016-01-11 17:20:57 -08:00
Taizo Ito
df11d701e1 typo in japanese usage description of useradd. 2016-01-04 13:27:31 +09:00
Bastian Blank
d2fa8c5d4b Fix user busy errors at userdel
From: Bastian Blank <bastian.blank@credativ.de>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-11-17 10:53:55 -06:00
Serge Hallyn
e01bad7d3c Merge pull request #4 from xnox/master
Make shadow more robust in hostile environments
2015-11-12 23:07:29 -06:00
Serge Hallyn
4c4896f0d5 Merge pull request #9 from shadow-maint/idmapleak
Idmapleak
2015-11-12 23:03:09 -06:00
Serge Hallyn
5fadb341c3 Merge pull request #8 from shadow-maint/newgrpleak
Fix a resource leak in syslog_sg
2015-11-12 23:02:13 -06:00
Serge Hallyn
29ee91ae7d Merge pull request #6 from stoeckmann/master
Clear passwords on __gr_dup/__pw_dup errors and fix memory leak
2015-08-09 19:57:38 -05:00
Serge Hallyn
5533eb40d1 Merge pull request #5 from vapier/master
misc autoool fixes
2015-08-09 19:51:54 -05:00
Serge Hallyn
533d2bab3d get_map_ranges: initialize argidx to 0 at top of loop
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-08-06 00:34:25 -05:00
Serge Hallyn
f68f813073 Fix a resource leak in syslog_sg
Reported at https://alioth.debian.org/tracker/?func=detail&atid=411478&aid=315135&group_id=30580
by Alejandro Joya (afjoyacr-guest)

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-08-06 00:25:01 -05:00
Serge Hallyn
7edb32e75f Fix a resource leak in libmis/idmapping.c
Reported at https://alioth.debian.org/tracker/?func=detail&atid=411478&aid=315136&group_id=30580
by Alejandro Joya.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-08-06 00:10:13 -05:00
Serge Hallyn
acf11efe54 Merge pull request #7 from shadow-maint/2015-07-20/vflg
Don't limit subuid/subgid support to local users
2015-07-23 10:11:46 -05:00
Serge Hallyn
a887847ca2 Don't limit subuid/subgid support to local users
The current implementation of subuid/subgid support in usermod requires the
user to be a local user present in /etc/passwd.  There doesn't seem to be a
good reason for this; subuids should work equally well for users whose
records are in other NSS databases.

Bug-Ubuntu: https://bugs.launchpad.net/bugs/1475749

Author: Steve Langasek <steve.langasek@ubuntu.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-07-20 12:14:26 -05:00
Tobias Stoeckmann
c17f5ec460 Free memory on error path
When multiple entries with the same name are encountered, nentry is
not properly freed, which results in a memory leak.
2015-07-12 14:30:32 +02:00
Tobias Stoeckmann
df5dafe049 Clear passwords on __gr_dup/__pw_dup errors.
The functions __gr_dup and __pw_dup do not explicitly zero the
memory which hold the passwords after free. The gr_free and pw_free
functions do this explicitly.

To guarantee same behaviour, it's possible to call these *_free
functions directly from __*_dup, because the memory is initialized
with zeros at the beginning. Calling free(NULL) has no negative
effect and can be considered safe these days.
2015-07-11 13:00:13 +02:00
Jesse W. Hathaway
3c32fd4a29 Allow deleting the group even if it is the primary group of a user
This is helpful when using configuration management tools such as
Puppet, where you are managing the groups in a central location and you
don't need this safeguard.

Signed-off-by: "Jesse W. Hathaway" <jesse@mbuki-mvuki.org>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-06-16 14:18:44 -05:00
Serge Hallyn
ecb6f0c3e3 newgidmap manpage: remove wrongly added extra pid arg
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-06-04 23:45:58 -05:00
Mike Frysinger
169e14c7ac ignore the compile file
Newer autotools installs this file.
2015-04-30 02:46:08 -04:00
Mike Frysinger
316fa38dbc rename configure.in
Newer autotools complains when the file is named configure.in.
2015-04-30 02:43:30 -04:00
Hank Leininger
884895ae25 Expand the error message when newuidmap / newgidmap do not like the user/group ownership of their target process.
Currently the error is just:

newuidmap: Target [pid] is owned by a different user

With this patch it will be like:

newuidmap: Target [pid] is owned by a different user: uid:0 pw_uid:0 st_uid:0, gid:0 pw_gid:0 st_gid:99

Why is this useful?  Well, in my case...

The grsecurity kernel-hardening patch includes an option to make parts
of /proc unreadable, such as /proc/pid/ dirs for processes not owned by
the current uid.  This comes with an option to make /proc/pid/
directories readable by a specific gid; sysadmins and the like are then
put into that group so they can see a full 'ps'.

This means that the check in new[ug]idmap fails, as in the above quoted
error - /proc/[targetpid] is owned by root, but the group is 99 so that
users in group 99 can see the process.

Some Googling finds dozens of people hitting this problem, but not
*knowing* that they have hit this problem, because the errors and
circumstances are non-obvious.

Some graceful way of handling this and not failing, will be next ;)  But
in the meantime it'd be nice to have new[ug]idmap emit a more useful
error, so that it's easier to troubleshoot.

Thanks!

Signed-off-by: Hank Leininger <hlein@korelogic.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2015-04-06 08:23:36 -05:00
Serge Hallyn
464456fa31 Merge pull request #3 from vapier/master
man: useradd(8): fix typo in German translation
2015-03-16 17:08:55 +00:00
Dimitri John Ledkov
bab349b46e
Create dbs with correct permissions. 2015-02-27 17:01:31 +00:00