nekral-guest
317939e821
* src/su.c: After prepare_pam_close_session() there is no need to
...
close the session in the child. Added pam_setcred to
prepare_pam_close_session().
2011-06-13 18:27:46 +00:00
nekral-guest
1340beed16
* src/su.c: Also drop the controlling terminal when PAM is not
...
used.
* src/su.c: Remove run_shell().
2011-06-13 18:27:40 +00:00
nekral-guest
e9045e9f55
* src/su.c (prepare_pam_close_session): Extract the creation of a
...
child and listening for signal in the parent from run_shell().
prepare_pam_close_session() is now executed before the creation of
the pam session and before the UID is changed. This allows to
close the session as root.
2011-06-13 18:27:34 +00:00
nekral-guest
69371ba2c2
* src/su.c: Extract export of environment from main().
2011-06-13 18:27:28 +00:00
nekral-guest
dbe0b96404
* src/su.c: Extract command line processing from main().
2011-06-13 18:27:23 +00:00
nekral-guest
43e65fdd46
* src/su.c: Close the password databases together with syslog.
2011-06-13 18:27:17 +00:00
nekral-guest
5d6f4f8ea4
* src/su.c: Merge environment setting blocks after the creation of
...
the session.
2011-06-13 18:27:12 +00:00
nekral-guest
b63c830547
* src/su.c: Cleanup check_perms_nopam().
2011-06-13 18:27:06 +00:00
nekral-guest
927c2f06a3
* src/su.c: Split check_perms() in to a PAM (check_perms_pam) and
...
a non-PAM (check_perms_nopam) version.
2011-06-13 18:26:58 +00:00
nekral-guest
40a16a1b04
Compile fixes & cleanups.
2011-06-13 18:26:52 +00:00
nekral-guest
6be3ac560b
* src/su.c (save_caller_context): Extract from main() the code
...
used to save the caller's context.
2011-06-13 18:26:47 +00:00
nekral-guest
b661b913b5
* src/su.c: Cleanup local variables.
2011-06-13 18:26:36 +00:00
nekral-guest
b273c4d19f
Cleanup comments.
2011-06-13 18:26:31 +00:00
nekral-guest
7ebfb5c90f
* lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not
...
use the pwent global variable to communicate between APIs of
different files. Added boolean parameter su_to_root to
check_su_auth().
* src/su.c (check_perms): Return the passwd entry of the finally
authenticated user. Remove usage of the pwent variable.
* src/su.c: The password of the caller is the one from the
spwd structure only if the passwd's password is 'x'.
2011-06-13 18:26:26 +00:00
nekral-guest
3abd71c526
* src/su.c: Extract the authentication from the main function.
2011-06-13 18:26:16 +00:00
nekral-guest
dc90c77285
* src/su.c: Define shellstr before the environment so that
...
restricted_shell is called only once. This will allow moving the
environment definition after the switch to the new user.
2011-06-13 18:26:10 +00:00
nekral-guest
2f71935616
* src/su.c: Move definition of change_environment and shellstr
...
after the switch to the final subsystem. The previous architecture
forced to always change the environment (the shell starts with a
'*' and was thus restricted, and change_environment could not be
reset to false).
2011-06-13 18:25:57 +00:00
nekral-guest
941e94f1d2
* src/su.c: No need to change the user's shell in case of
...
subsystem root. Update the comments.
2011-06-13 18:25:51 +00:00
nekral-guest
4be8077a56
* src/su.c: Group some of the environment processing blocks. The
...
definition of shellstr, PATH and IFS is not influenced (getenv,
getdef, restricted_shell) by and does not influence (addenv does
not change environ) the authentication. And the authentication
does not overwrite those definitions. This will ease an extraction
from the big main() function.
2011-06-13 18:25:45 +00:00
nekral-guest
aef33a89c2
* src/su.c: No need to call expire() if there are no shadow entry.
...
No need to convert a passwd entry into an spwd entry in that case.
2011-06-13 18:25:40 +00:00
nekral-guest
1ddde00b1d
* src/su.c: Updating pwent after expire() is not useful. Only the
...
password information may have changed and they are not used
anymore afterwards.
2011-06-13 18:25:34 +00:00
bubulle
f66bd259cf
French manpages translation
2011-06-12 19:55:58 +00:00
nekral-guest
ea34d36d62
Document the updated translations.
2011-06-05 14:56:11 +00:00
nekral-guest
b5403415f7
* NEWS, src/su.c: Do not forward the controlling terminal to
...
commands executed with -c. This prevents tty hijacking which could
lead to execution with the caller's privileges. This required to
forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to
the executed command.
2011-06-05 14:41:15 +00:00
nekral-guest
a8ca723277
* NEWS, src/userdel.c: Do not remove a group with the same name as
...
the user (usergroup) if this group isn't the user's primary group.
2011-06-05 12:23:59 +00:00
nekral-guest
14f44bd9c9
* NEWS, src/userdel.c: Check the existence of the user's mail
...
spool before trying to remove it. If it does not exist, a warning
is issued, but no failure.
2011-06-04 22:38:57 +00:00
nekral-guest
c9281b5bb9
Harmonize message.
2011-06-03 21:09:27 +00:00
nekral-guest
ce737cf543
* src/sulogin.c: Added Prog, needed because of the last xmalloc()
...
change.
2011-06-03 21:08:56 +00:00
nekral-guest
e8723c375f
* man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN
...
Makefile.
* man/Makefile.am: Build zh_CN pages.
* man/generate_translations.mak: Add config.xml to CLEANFILES.
* man/po/zh_CN.po: limits, groups, faillog, expiry should not be
translated (command name, file name), also this broke the build
system as they are used to derive manpage names.
2011-06-03 21:07:58 +00:00
nekral-guest
6b14946d81
* man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN
...
Makefile.
* man/Makefile.am: Build zh_CN pages.
* man/generate_translations.mak: Add config.xml to CLEANFILES.
* man/po/zh_CN.po: limits, groups, faillog, expiry should not be
translated (command name, file name), also this broke the build
system as they are used to derive manpage names.
2011-06-03 21:06:23 +00:00
nekral-guest
597bb764f1
* src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry
...
to be displayed.
2011-06-02 20:26:30 +00:00
nekral-guest
f406d16b7b
* libmisc/xmalloc.c: Harmonize message.
2011-06-02 18:41:05 +00:00
nekral-guest
58baa7aa61
* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing
...
memory allocation check.
2011-06-02 18:40:06 +00:00
nekral-guest
f140c3a0e5
* NEWS, libmisc/addgrps.c: Fix allocator loop. Continue to
...
getgroups() when getgroups fails (-1) with errno==EINVAL.
2011-06-02 15:36:29 +00:00
bubulle
99d0164837
German translation of manpages completed
2011-06-01 12:19:25 +00:00
bubulle
143f479869
Fix typos in manpages
...
Catalan translation updated
2011-06-01 11:58:04 +00:00
bubulle
7864e1edf5
French and Portuguese translation updates
2011-04-25 10:06:23 +00:00
bubulle
ed6107c8c5
German translation completed
2011-04-16 07:31:49 +00:00
bubulle
d4d8ab87ac
Brazilian Portuguese translation completed
2011-04-15 06:21:10 +00:00
bubulle
af89454645
Russian translation completed
2011-04-10 15:50:13 +00:00
bubulle
e10346124f
Updated Swedish and Danish translations
2011-04-07 17:45:33 +00:00
bubulle
0d3d7722c1
Fixed file
2011-04-06 04:14:12 +00:00
bubulle
72ba55b056
Kazakh and Japanese translation updates
2011-04-05 18:06:32 +00:00
bubulle
82cfc819a8
Simplified Chinese translation completed
2011-03-30 17:51:50 +00:00
bubulle
699edaab3b
Convert zh_CN translation of manpages to gettext
2011-03-30 17:50:19 +00:00
nekral-guest
a342b207b2
* man/ru/Makefile.am: Remove double inclusion of $(man_nopam)
2011-02-19 16:17:26 +00:00
nekral-guest
ee163bed33
* libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in
...
user_busy() rather than in src/userdel.c or src/usermod.c to
provide more accurate failure cause (user is logged in or user
still executes processes).
2011-02-16 20:46:27 +00:00
nekral-guest
f4b544786c
Added missing Changelog entry for lib/fields.c:
...
* lib/fields.c: Fail if input pointer is NULL.
2011-02-16 20:33:16 +00:00
nekral-guest
d7fa77f03b
* lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check
...
entry validity before commits to databases.
* libmisc/fields.c, libmisc/Makefile.am, lib/fields.c,
lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to
lib.
2011-02-16 20:32:16 +00:00
nekral-guest
a9b8e7aaa3
Adapt ignore list to previous commits.
2011-02-16 20:27:25 +00:00