Commit Graph

877 Commits

Author SHA1 Message Date
nekral-guest
2b5ba27ff8 * src/grpconv.c: Fail if not called correctly.
* src/grpconv.c: At the end of main, the passwd and shadow files
	are locked. No need to check before unlocking. No need to set the
	lock as false neither since there cannot be anymore failures.
2011-09-18 20:26:27 +00:00
nekral-guest
fa96d1bb78 * src/chage.c: EPOCH is not needed, it's converted to -1 by
strtoday(). But we need to support "-1" specifically.
	* src/chage.c: Fix usage: LOGIN is mandatory.
	* src/chage.c: Display disabled expiry or last change as "-1"
	instead of 1969-12-31. 1969-12-31 is still supported as input from
	the user.
	* src/chage.c: Exit cleanly with fail_exit() (lock files were not
	removed).
2011-09-18 20:24:36 +00:00
nekral-guest
23afb3fd07 * src/useradd.c: Remove def_file. It was always set to
USER_DEFAULTS_FILE.
	* src/useradd.c: Fix cut&paste issue causing bad warning when
	the useradd.default file contains an invalid INACTIVE= value.
	* src/useradd.c: Added missing end of line for rename errors.
	* src/useradd.c: Added -D synopsis to the usage message.
	* src/useradd.c: Do not scale_age(-1), just use -1.
	* src/useradd.c: Added FIXME to be fixed later.
	* src/useradd.c: Allow -e -1 when there is no shadow file.
	* src/useradd.c: Fail, but do not print the usage message when the
	-e argument is not valid.
	* src/useradd.c: No need to check for oflg since uflg is
	already checked.
2011-09-18 18:00:06 +00:00
nekral-guest
6f05b866bc * src/su.c: Too much const were added on 2011-08-15. pw in
save_caller_context() is allocated and freed.
	* src/su.c: Added missing #endif indication
	* src/su.c save_caller_context(): password only needed if
	SU_ACCESS and !USE_PAM.
2011-09-18 17:47:03 +00:00
nekral-guest
603d949ed5 * src/usermod.c: date_to_str() is always called with negativ set
to "never", remove this argument.
	* src/usermod.c: Added missing cast for gr_free argument.
2011-09-18 17:34:21 +00:00
nekral-guest
4ce849a5ed * src/pwconv.c: Fail if not called correctly.
* src/pwconv.c: At the end of main, the passwd and shadow files
	are locked. No need to check before unlocking.
2011-09-18 17:32:04 +00:00
nekral-guest
7b0116c5b4 * src/newusers.c: Initially set the passwd's password to '*'
instead of 'x'. Only when it is confirmed that a shadow entry is
	(will be) added, set the passwd's password to 'x'.
	* src/newusers.c: An invalid line is an error. A failure needs to
	be reported.
2011-09-18 17:29:52 +00:00
nekral-guest
a52a8d8a5d * src/gpasswd.c: Remove log_gpasswd_success_gshadow(). Writing in
gshadowis the last sub-task.
2011-09-18 17:27:18 +00:00
nekral-guest
75936bf9f7 * src/chsh.c: No needto remove lines tarting with '#' from
/etc/shells. This is already done by getusershell() and these
	shell would fail the access(X_OK) test.
2011-09-18 17:24:15 +00:00
nekral-guest
fc0057ff35 2011-08-20 Jonathan Nieder <jrnieder@gmail.com>
* lib/Makefile.am: Added lib/spawn.c and lib/spawn.h.
	* lib/nscd.c, lib/spawn.c, lib/spawn.h: It is not possible to
	differentiate between an nscd failure, and a failure to execute
	due to no nscd with posix_spawn. Use our own run_command routine.
	* src/userdel.c: Use run_command()
2011-08-20 13:33:38 +00:00
nekral-guest
ec309dcac8 re-indent. 2011-08-15 14:40:42 +00:00
nekral-guest
ee0e0f9943 * src/groupmod.c: Check atexit failures. 2011-08-15 14:38:49 +00:00
nekral-guest
7f842bdf4f * src/groupmod.c: Ignore return value from snprintf.
* src/groupmod.c: Add static qualifier to the cleanup structures.
2011-08-15 14:22:33 +00:00
nekral-guest
7c96d6cbcc * src/usermod.c: Do not assign static to NULL.
* src/usermod.c (date_to_str): buf needs to be unique (e.g.
	independent from negativ), and is an out buffer.
	* src/usermod.c: Ignore return value from snprintf, and force
	nul-termination of buffer.
	* src/usermod.c: Improve memory management.
	* src/usermod.c: An audit bloc was not reachable, moved above on
	success to move the home directory.
	* src/usermod.c: Ignore close() return value for the mailbox
	(opened read only).
2011-08-15 09:56:43 +00:00
nekral-guest
5eb9ed0aaf * src/su.c: Added const modifiers.
* lib/prototypes: Synchronize splint annotations.
2011-08-15 09:25:58 +00:00
nekral-guest
94c1763f71 * src/su.c: Add splint annotations.
* src/su.c: Set caller_on_console as boolean.
	* src/su.c: Ignore retunr value from fputs (usage) / puts (prompt).
	* src/su.c: Improved memory management.
2011-08-14 21:44:46 +00:00
nekral-guest
1304a3106b * src/chgpasswd.c, src/chpasswd.c, src/newusers.c: Replace cflg by
a test on crypt_method.
2011-08-14 14:44:35 +00:00
nekral-guest
a9c38f4902 * src/chgpasswd.c: Add splint annotations.
* src/chpasswd.c: Likewise.
	* src/newusers.c: Likewise.
	* libmisc/salt.c, lib/prototypes.h (crypt_make_salt): Likewise.
2011-08-14 14:37:17 +00:00
nekral-guest
745bcb5406 * src/su.c: Add annotations to indicate that su_failure() does
not return.
2011-08-14 13:15:20 +00:00
nekral-guest
905e14ee83 * src/useradd.c: Remove unused Zflg. 2011-07-30 01:47:52 +00:00
nekral-guest
f8d47df43b * src/chgpasswd.c: Fix typo sp -> sg. sg_namp -> sg_name
* src/chgpasswd.c: Always update the group file when SHADOWGRP is
	not enabled.
2011-07-30 01:46:23 +00:00
nekral-guest
934bfa5969 * src/newgrp.c: Fix typo in notreached annotation. 2011-07-30 01:41:56 +00:00
nekral-guest
00d1ab6454 * src/usermod.c: Add annotations to indicate that fail_exit() does
not return.
	* src/usermod.c: Fix typo in notreached annotation.
2011-07-30 01:41:03 +00:00
nekral-guest
75fa697526 * NEWS, src/chpasswd.c: Create a shadow entry if the password is
set to 'x' in passwd and there are no entry in shadow for the
	user.
	* NEWS, src/chgpasswd.c: Create a gshadow entry if the password is 
	set to 'x' in group and there are no entry in gshadow for the 
	group.
2011-07-28 15:17:28 +00:00
nekral-guest
771a3624f5 * src/pwunconv.c: Exit after printing usage when arguments or
options are provided.
	* src/pwunconv.c: Re-indent.
	* src/pwunconv.c: Open the shadow file read only.
	* src/grpunconv.c: Exit after printing usage when arguments or
	options are provided.
	* src/grpunconv.c: Open the gshadow file read only.
2011-07-28 14:40:56 +00:00
nekral-guest
7fed07f1e9 * src/chgpasswd.c: Fix typo. 2011-07-28 14:36:24 +00:00
nekral-guest
2aefca0f2e * NEWS, src/login.c: Do not log in utmp / utmpx / wtmp when PAM is
enabled. This is already done by pam_lastlog.
2011-07-23 11:03:50 +00:00
nekral-guest
7e8aa5429a * src/chpasswd.c: Add annotations to indicate that usage() does
not return.
	* src/chpasswd.c: Reindent.
	* src/chpasswd.c: Remove dead code. No need to set crypt_method
	to NULL when it is already NULL. sflg is only set if crypt_method
	is not NULL.
2011-07-23 08:14:15 +00:00
nekral-guest
2be8650d2c * src/lastlog.c: Add annotations to indicate that usage() does not
return.
2011-07-23 08:10:27 +00:00
nekral-guest
495125415b * src/faillog.c: Add annotations to indicate that usage() does not
return.
	* src/faillog.c: Fix message: this is faillog, not lastlog.
	* src/faillog.c: Check that there are no extra arguments after
	parsing the options.
2011-07-22 23:59:57 +00:00
nekral-guest
1def4ef49d * src/chgpasswd.c: Add annotations to indicate that usage() does
not return.
	* src/chgpasswd.c: Split usage in smaller parts. Those parts are
	already translated for chpasswd. Usage is now closer to
	chpasswd's.
	* src/chgpasswd.c: Remove dead code. No need to set crypt_method
	to NULL when it is already NULL. sflg is only set if crypt_method
	is not NULL.
2011-07-22 23:52:08 +00:00
nekral-guest
bb67476209 * src/expiry.c: Remove dead code.
* src/expiry.c: Improve comments.
2011-07-22 22:39:30 +00:00
nekral-guest
e8373305b4 * src/grpck.c: Added comments.
* src/grpck.c: Avoid implicit conversion of pointer to boolean.
	* src/grpck.c: Remove dead code. argc cannot be lower than optind.
	Avoid checking twice in a row for NULL != list[i].
2011-07-22 22:07:23 +00:00
nekral-guest
8bce7fc016 * src/passwd.c: Overflow when computing the number of days based
on the scaling. Use of long long needed.
2011-07-14 14:03:19 +00:00
nekral-guest
a7fee9db00 * NEWS, src/groupmod.c: When the gshadow file exists but there are
no gshadow entries, an entry is created if the password is changed
	and group requires a shadow entry.
2011-07-14 13:30:05 +00:00
nekral-guest
d4e630b8cc * src/usermod.c (process_flags): Indicate that the user name is
invalid, instead of just a 'field'.
2011-07-14 13:29:59 +00:00
nekral-guest
82b92af086 * src/usermod.c (process_flags): Do not display the usage in case
of an invalid -f value (similar to -e).
2011-07-14 13:29:54 +00:00
nekral-guest
c23e851074 * src/usermod.c (new_pwent): Document that pw_locate will not fail
because getpwnam returned successfully.
2011-07-14 13:29:48 +00:00
nekral-guest
2c6782b501 * NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file
exists but there are no shadow entries, an entry has to be created
	if the password is changed and passwd requires a shadow entry, or
	if aging features are used (-e or -f). Document this and also that
	-e and -f require a shadow file.
2011-07-14 13:29:37 +00:00
nekral-guest
c2f5088067 * src/usermod.c (update_group, update_gshadow): Reduce complexity
and document checks. Some checks were always true/false within
	their call context.
2011-07-14 13:29:32 +00:00
nekral-guest
8195a2b5d8 * src/usermod.c (update_gshadow): is_member was computed twice. 2011-07-14 13:29:27 +00:00
nekral-guest
2798e35d86 * src/usermod.c: usage() does not return. Add annotations. 2011-07-14 13:29:22 +00:00
nekral-guest
d1753cc25d * src/usermod.c (process_flags): Check for oflg is not needed to
check if changes are needed.
2011-07-14 13:29:16 +00:00
nekral-guest
a5ded26850 * src/usermod.c (process_flags): Report usage if no options are
provided. Update the error message.
	* src/usermod.c (process_flags): Check option compatibility and
	dependency before options are discarded when no changes are
	requested.
2011-07-14 13:29:10 +00:00
nekral-guest
d51420bb01 * src/usermod.c (move_home): It is always an error to use -m if
the new home directory already exist (independently from the
	existence of the old home directory did not exist)
2011-07-14 13:29:05 +00:00
nekral-guest
aec025dbf6 * src/usermod.c: Fix typo in comment. 2011-07-14 13:28:59 +00:00
nekral-guest
95257d63a1 * src/groupmod.c: Avoid implicit conversion of pointer to boolean.
* src/groupmod.c: osgrp can be set only if pflg || nflg. No need
	to check for pflg || nflg again
2011-07-08 19:58:40 +00:00
nekral-guest
13873a8799 * lib/fields.c: Fixed typo from 2010-02-15. field insteadof cp
ought to be checked.
	* src/vipw.c: Use Prog instead of progname. This is needed since
	Prog is used in the library.
2011-07-08 19:56:18 +00:00
nekral-guest
cc6eaf9584 Fix typo in comment. 2011-07-08 19:51:32 +00:00
nekral-guest
1a164919f1 Fixed typo. user_home -> mailfile. 2011-07-08 19:50:42 +00:00
nekral-guest
907025eb40 * src/su.c: environ is provided by <unistd.h>.
* src/su.c: Added function prototypes.
	* src/su.c: Rename shellstr parameter to shellname to avoid
	collision with static variable.
	* NEWS, src/su.c: Added support for PAM modules which change
	PAM_USER.
2011-06-16 21:21:29 +00:00
nekral-guest
66d71aafb7 Cleanup. 2011-06-13 18:27:51 +00:00
nekral-guest
317939e821 * src/su.c: After prepare_pam_close_session() there is no need to
close the session in the child. Added pam_setcred to
	prepare_pam_close_session().
2011-06-13 18:27:46 +00:00
nekral-guest
1340beed16 * src/su.c: Also drop the controlling terminal when PAM is not
used.
	* src/su.c: Remove run_shell().
2011-06-13 18:27:40 +00:00
nekral-guest
e9045e9f55 * src/su.c (prepare_pam_close_session): Extract the creation of a
child and listening for signal in the parent from run_shell().
	prepare_pam_close_session() is now executed before the creation of
	the pam session and before the UID is changed. This allows to
	close the session as root.
2011-06-13 18:27:34 +00:00
nekral-guest
69371ba2c2 * src/su.c: Extract export of environment from main(). 2011-06-13 18:27:28 +00:00
nekral-guest
dbe0b96404 * src/su.c: Extract command line processing from main(). 2011-06-13 18:27:23 +00:00
nekral-guest
43e65fdd46 * src/su.c: Close the password databases together with syslog. 2011-06-13 18:27:17 +00:00
nekral-guest
5d6f4f8ea4 * src/su.c: Merge environment setting blocks after the creation of
the session.
2011-06-13 18:27:12 +00:00
nekral-guest
b63c830547 * src/su.c: Cleanup check_perms_nopam(). 2011-06-13 18:27:06 +00:00
nekral-guest
927c2f06a3 * src/su.c: Split check_perms() in to a PAM (check_perms_pam) and
a non-PAM (check_perms_nopam) version.
2011-06-13 18:26:58 +00:00
nekral-guest
40a16a1b04 Compile fixes & cleanups. 2011-06-13 18:26:52 +00:00
nekral-guest
6be3ac560b * src/su.c (save_caller_context): Extract from main() the code
used to save the caller's context.
2011-06-13 18:26:47 +00:00
nekral-guest
b661b913b5 * src/su.c: Cleanup local variables. 2011-06-13 18:26:36 +00:00
nekral-guest
b273c4d19f Cleanup comments. 2011-06-13 18:26:31 +00:00
nekral-guest
7ebfb5c90f * lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not
use the pwent global variable to communicate between APIs of
	different files. Added boolean parameter su_to_root to
	check_su_auth().
	* src/su.c (check_perms): Return the passwd entry of the finally
	authenticated user. Remove usage of the pwent variable.
	* src/su.c: The password of the caller is the one from the
	spwd structure only if the passwd's password is 'x'.
2011-06-13 18:26:26 +00:00
nekral-guest
3abd71c526 * src/su.c: Extract the authentication from the main function. 2011-06-13 18:26:16 +00:00
nekral-guest
dc90c77285 * src/su.c: Define shellstr before the environment so that
restricted_shell is called only once. This will allow moving the
	environment definition after the switch to the new user.
2011-06-13 18:26:10 +00:00
nekral-guest
2f71935616 * src/su.c: Move definition of change_environment and shellstr
after the switch to the final subsystem. The previous architecture
	forced to always change the environment (the shell starts with a
	'*' and was thus restricted, and change_environment could not be
	reset to false).
2011-06-13 18:25:57 +00:00
nekral-guest
941e94f1d2 * src/su.c: No need to change the user's shell in case of
subsystem root. Update the comments.
2011-06-13 18:25:51 +00:00
nekral-guest
4be8077a56 * src/su.c: Group some of the environment processing blocks. The
definition of shellstr, PATH and IFS is not influenced (getenv,
	getdef, restricted_shell) by and does not influence (addenv does
	not change environ) the authentication. And the authentication
	does not overwrite those definitions. This will ease an extraction
	from the big main() function.
2011-06-13 18:25:45 +00:00
nekral-guest
aef33a89c2 * src/su.c: No need to call expire() if there are no shadow entry.
No need to convert a passwd entry into an spwd entry in that case.
2011-06-13 18:25:40 +00:00
nekral-guest
1ddde00b1d * src/su.c: Updating pwent after expire() is not useful. Only the
password information may have changed and they are not used
	anymore afterwards.
2011-06-13 18:25:34 +00:00
nekral-guest
b5403415f7 * NEWS, src/su.c: Do not forward the controlling terminal to
commands executed with -c. This prevents tty hijacking which could
	lead to execution with the caller's privileges. This required to
	forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to
	the executed command.
2011-06-05 14:41:15 +00:00
nekral-guest
a8ca723277 * NEWS, src/userdel.c: Do not remove a group with the same name as
the user (usergroup) if this group isn't the user's primary group.
2011-06-05 12:23:59 +00:00
nekral-guest
14f44bd9c9 * NEWS, src/userdel.c: Check the existence of the user's mail
spool before trying to remove it. If it does not exist, a warning
	is issued, but no failure.
2011-06-04 22:38:57 +00:00
nekral-guest
ce737cf543 * src/sulogin.c: Added Prog, needed because of the last xmalloc()
change.
2011-06-03 21:08:56 +00:00
nekral-guest
597bb764f1 * src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry
to be displayed.
2011-06-02 20:26:30 +00:00
nekral-guest
ee163bed33 * libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in
user_busy() rather than in src/userdel.c or src/usermod.c to
	provide more accurate failure cause (user is logged in or user
	still executes processes).
2011-02-16 20:46:27 +00:00
nekral-guest
0419fc4f5f * NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in
gecos or shell.
2011-02-16 00:18:45 +00:00
nekral-guest
229f243ca0 * NEWS, src/usermod.c: Accept options in any order (username not
necessarily at the end)
2010-08-29 19:02:41 +00:00
nekral-guest
1d336d3a1e * lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
selinux_file_context renamed set_selinux_file_context.
	* lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
	Added reset_selinux_file_context.
	* src/useradd.c: Check the return value of
	set_selinux_file_context and reset_selinux_file_context.
	* libmisc/copydir.c: Check the return value of
	reset_selinux_file_context.
2010-08-28 19:58:00 +00:00
nekral-guest
991ce97170 * src/su.c: Fix handling of environment variables when
the environment is not changed. In particular, this makes su
	behave as documented regarding PATH and IFS (i.e. they are reset)
	when -p is provided.
2010-08-28 19:55:31 +00:00
nekral-guest
ab9427420e * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c,
	src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c,
	src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c,
	src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c,
	src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c,
	src/grpunconv.c, src/chsh.c: Prog changed to a constant string.
2010-08-22 19:36:09 +00:00
nekral-guest
07e462f01f * libmisc/limits.c: Avoid implicit conversion of integer to
boolean.
	* libmisc/basename.c: Avoid implicit conversion of pointer to
	boolean.
	* libmisc/basename.c, lib/prototypes.h (Basename): Return a
	constant string.
	* libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h,
	libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c,
	libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add
	splint annotations.
	* libmisc/chowndir.c: Avoid memory leak.
	* libmisc/chowndir.c: Do not check *printf/*puts return value.
	* libmisc/chowntty.c: Avoid implicit conversion between integer
	types.
	* libmisc/obscure.c: Return a bool when possible instead of int.
	* libmisc/shell.c: Do not check *printf/*puts return value.
	* libmisc/shell.c: Do not check execle return value.
	* libmisc/setupenv.c: Avoid implicit conversion between integer
	types.
	* libmisc/xmalloc.c: size should not be zero to avoid returning
	NULL pointers.
	* libmisc/hushed.c: Do not check *printf/*puts return value.
	* libmisc/system.c: Avoid implicit conversion of integer to
	boolean. safe_system last argument is a boolean.
	* libmisc/system.c: Check return value of dup2.
	* libmisc/system.c: Do not check *printf/*puts return value.
	* libmisc/system.c: Do not check execve return value. 
	* libmisc/salt.c: Do not check *printf/*puts return value.
	* libmisc/loginprompt.c: Do not check gethostname return value.
	* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check
	gr_rewind/pw_rewind return value.
	* libmisc/ttytype.c: Limit the number of parsed characters in the
	sscanf format.
	* libmisc/ttytype.c: Test if a type was really read.
	* libmisc/sub.c: Do not check *printf/*puts return value.
	* libmisc/sub.c: Avoid implicit conversion of integer to boolean.
	* src/userdel.c: Fix typo in comment.
	* src/userdel.c: Avoid implicit conversion of boolean to integer.
	* src/userdel.c: safe_system last argument is a boolean.
	* src/newusers.c: Avoid implicit conversion of boolean to integer.
	* src/newusers.c: Avoid implicit conversion of integer to boolean.
	* src/usermod.c: Add brackets.
	* src/usermod.c: Avoid implicit conversion of characters or
	integers to booleans.
	* src/vipw.c: Avoid implicit conversion of integer to boolean.
	* src/su.c: Avoid implicit conversion of integer to boolean.
	* src/su.c: Add brackets.
	* src/useradd.c: Avoid implicit conversion of characters or
	integers to booleans.
2010-08-22 19:13:53 +00:00
nekral-guest
7eb6a4b3a4 Updated copyrights. 2010-08-22 13:04:54 +00:00
nekral-guest
471a2df3a6 * libmisc/obscure.c, lib/prototypes.h (obscure): Return a bool
instead of an int.
	* libmisc/obscure.c, libmisc/tz.c, src/passwd.c, lib/encrypt.c,
	libmisc/copydir.c, lib/prototypes.h: Add splint annotations.
	* libmisc/tz.c: Fix some const issues.
	* libmisc/tz.c: Avoid multi-statements lines.
	* libmisc/tz.c: Add brackets.
	* libmisc/copydir.c: Do not check *printf/*puts return value.
	* libmisc/copydir.c: Fail if we cannot set or reset the SELinux
	fscreate context.
	* libmisc/copydir.c: Use xmalloc instead of malloc.
	* libmisc/copydir.c: Do not check lutimes return value
	* src/vipw.c: Avoid implicit conversion of integer to boolean.
	* src/su.c (iswheel): Return a bool instead of an int.
	* src/passwd.c: Remove insert_crypt_passwd(). Use xstrdup instead.
	* src/passwd.c: Return constant strings when sufficient.
	* src/passwd.c: Do not check *printf/*puts return value.
	* src/passwd.c: Avoid implicit conversion of character to boolean.
	* src/passwd.c: Do not check sleep return value.
	* src/sulogin.c: Do not check *printf/*puts return value.
	* lib/encrypt.c: Do not check fprintf return value.
2010-08-22 12:49:07 +00:00
nekral-guest
7e398a169b * src/sulogin.c: Fix a const issue. 2010-08-21 20:37:23 +00:00
nekral-guest
7bb81f6c3e * src/passwd.c: Fix a const issue.
* src/passwd.c: Avoid multi-statements lines.
2010-08-21 19:55:46 +00:00
nekral-guest
791ebc58dd * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to
copy the extended attributes (the SELinux context is hence reset)
	* src/usermod.c: Copy the extended attributes.
	* src/useradd.c: Only reset the SELinux context.
2010-08-21 17:31:45 +00:00
nekral-guest
f7a00a2334 * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c,
libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c,
	libmisc/loginprompt.c, libmisc/ttytype.c,
	libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c,
	lib/commonio.c, lib/commonio.h: Fix some const issues.
	* libmisc/motd.c: Avoid multi-statements lines.
	* libmisc/motd.c: Support long MOTD_FILE.
	* libmisc/list.c, lib/prototypes.h: Revert previous change.
	dup_list and is_on_list are used with members as defined for the
	group structure, and thus even if the list is not modified, the
	list elements cannot be constant strings.
	* libmisc/system.c: Avoid C++ comments.
	* src/vipw.c: WITH_TCB cannot be tested inside a gettextized
	string. Split the Usage string.
	* lib/commonio.h: Re-indent.
2010-08-21 15:32:53 +00:00
nekral-guest
fad23b25a1 * src/usermod.c: Re-indent. 2010-08-20 18:24:33 +00:00
nekral-guest
16362e289b 2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
* src/useradd.c: spool is a constant string.
	* src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false 

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* src/usermod.c: move_home() is only called if mflg is set.
	* src/usermod.c: Fail is -m is provided but the old home directory
	is not a directory.
	* src/usermod.c: Use the previous improvement of copy_tree to
	provide better error diagnosis.
	* src/usermod.c: When rename() is used, also change the ownership.
	* src/usermod.c: Do not change the ownership of the root directory
	twice.
	* src/usermod.c: When -u is provided, only change the ownership of
	the home directory if it is a directory.
	* src/usermod.c: Also change ownerships when -g is used.

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to
	copy_tree to detect when ownership shall be changed.
	* libmisc/copydir.c: Document the behavior when the IDs are set to
	-1.
	* lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter
	copy_root.
	* libmisc/copydir.c: error() and ctx can be static.
	* libmisc/copydir.c (copy_hardlink): Remove parameter src.

2010-04-04  Nicolas François  <nicolas.francois@centraliens.net>

	* libmisc/chowndir.c: Dynamically allocate memory to support
	path longer than 1024 characters.
	* libmisc/chowndir.c: Fix typos in documentation.
	* libmisc/chowndir.c: Support and document the behavior when a old
	or new ID is set to -1.
	* libmisc/chowndir.c: Improved error detection when chown fails.
	* libmisc/chowndir.c: Harmonize error handling strategy when an
	error occurs: stop changing ownership as soon as an error was
	detected.
2010-04-04 20:55:46 +00:00
nekral-guest
427b60f288 * src/su.c: shell's name must be -su when a su fakes a login. 2010-03-30 21:32:36 +00:00
nekral-guest
902aad57af * NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml,
man/usermod.8.xml, src/Makefile.am: Added support for ACLs and
	Extended Attributes.
2010-03-30 21:01:27 +00:00
nekral-guest
97961b8bee * NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml:
PAM enabled versions: restore the -e option to allow restoring
	passwords without knowing those passwords. Restore together the -m
	and -c options.
2010-03-25 20:35:59 +00:00
nekral-guest
fcd5b38caf * src/su.c, src/vipw.c, src/newgrp.c: When the child is
interrupted, stop ourself with a SIGSTOP signal.
2010-03-23 13:05:06 +00:00
nekral-guest
052e9105f7 * src/newgrp.c: Limit the scope of variable pid.
* src/login_nopam.c: Limit the scope of variables end, lineno, i,
	str_len.
	* src/logoutd.c: Limit the scope of variable c.
	* src/vipw.c: Re-indent.
	* src/vipw.c: Close the file after the creation of the backup.
	* src/useradd.c (set_default): Close input file on failure.
	* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
	gid, mode.
	* src/passwd.c: Limit the scope of variables last and ok.
	* src/chage.c: Fix typo (non breaking space).
	* src/login.c: Limit the scope of variables erasechar killchar, c,
	failed.
	* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
	* src/id.c: Limit the scope of variable i.
2010-03-23 11:26:34 +00:00
nekral-guest
68b6e6d2be * src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos. 2010-03-19 11:01:32 +00:00
nekral-guest
5e38d92a95 * src/chsh.c: Even for root, warn if an invalid shell is
specified.
2010-03-18 23:21:00 +00:00
nekral-guest
8e2010a26c * src/useradd.c: When exiting because of a failure, warn if an
home directory created, but cannot be removed.
2010-03-18 18:57:03 +00:00
nekral-guest
0cbbdb32c4 * libmisc/strtoday.c: Add support for numerical dates, assuming
they are already specified in number of days since Epoch. Return
	-2 in case of errors to support the specification of -1.
	* src/usermod.c, src/useradd.c: Adapt to the new error value of
	strtoday().
	* src/chage.c:  Remove isnum(). Adapt to the new error value of
	strtoday(). Support for numerical dates is moved to strtoday().
2010-03-18 11:53:49 +00:00
nekral-guest
27f67dcad0 * src/pwck.c: Unlock the password and shadow files when there is a
failure to prepare the update in memory.
2010-03-18 10:52:52 +00:00
nekral-guest
6a1dea6602 * src/pwck.c: Only log to SYSLOG when acting on system files. 2010-03-18 10:35:11 +00:00
nekral-guest
657271eb04 * src/pwck.c: Remove the -s option from the usage when USE_TCB is
enabled. The option is still supported, but has no effect, as
	documented in the manpage.
2010-03-18 10:25:08 +00:00
nekral-guest
2db82460b1 * src/pwck.c: Document the sections closed by #endif
* src/pwck.c, man/pwck.8.xml: No alternative shadow file can be
	given when USE_TCB is enabled.
2010-03-18 10:23:51 +00:00
nekral-guest
07c6e99725 * src/pwck.c: Do not use pwd_file and spw_file. Always use the
dbname() functions.
2010-03-18 09:46:15 +00:00
nekral-guest
f77e9d0d80 * src/pwck.c: Re-indent. 2010-03-18 09:33:55 +00:00
nekral-guest
a996fac57b * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the
	SHADOWTCB_FAILURE return code instead of 0 or implicit conversion
	to booleans.
2010-03-18 09:21:27 +00:00
nekral-guest
8228f99c36 2010-03-18 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
* src/pwck.c: Add support for TCB.
	* src/pwck.c: Use spw_dbname() instead of spw_file since TCB
	changes from a file to another depending on the user. Also use
	pw_dbname() for consistency.
2010-03-18 09:01:04 +00:00
nekral-guest
41b5cc2d20 * src/faillog.c: Re-indent. 2010-03-18 00:07:00 +00:00
nekral-guest
a013f8519b Updated copyright dates. 2010-03-16 19:15:34 +00:00
nekral-guest
c0e7dcd2fd * man/faillog.8.xml: Document the behavior in display mode of the
-a option.
	* NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to
	the non-display mode. This changes the default behavior of the -l,
	-m, -r, -t options when -a is not specified (restrict to existing
	users).
2010-03-16 19:15:22 +00:00
nekral-guest
c5fc8dd75d * po/POTFILES.in, lib/tcbfuncs.c: Add more strings for
translation.
	* lib/tcbfuncs.c: Indicate the name of the program in error
	messages. Avoid perror.
	* src/useradd.c: Re-indent.
	* src/useradd.c: Add more strings for translation. Indicate the
	name of the program in error messages.
	* src/userdel.c: Re-indent.
	* src/userdel.c: Add more strings for translation. Indicate the
	name of the program in error messages.
2010-03-16 19:14:54 +00:00
nekral-guest
ad694905be * src/usermod.c: user_newname and user_newid cannot be used to
test if the username or ID is changed. lflg and uflg should be
	used instead.
2010-03-16 19:14:37 +00:00
nekral-guest
6c4e2931ef * src/userdel.c: Avoid perror. Give more verbose warnings. 2010-03-16 19:13:53 +00:00
nekral-guest
33d3e28a7f * src/userdel.c: Re-indent.
* src/userdel.c: Added brackets.
	* src/userdel.c: Avoid implicit conversion of pointers to
	booleans.
2010-03-11 22:04:06 +00:00
nekral-guest
ad6730687f * src/useradd.c: Re-indent.
* src/useradd.c: Added brackets.
	* src/useradd.c: Avoid implicit conversion of integers to
	booleans.
	* src/useradd.c: Harmonize error messages.
2010-03-11 22:03:45 +00:00
nekral-guest
e7d57e1a77 * src/vipw.c: Document the sections closed by #endif
* src/vipw.c: Avoid implicit conversion of pointers or integers to
	booleans.
	* src/vipw.c: Added brackets and parenthesis.
	* src/vipw.c: Limit the definition of some variables and macros to
	the WITH_TCB scope.
	* src/vipw.c: Avoid assignment in comparisons.
	* src/vipw.c: Replace PASSWD_FILE (resp. GROUP_FILE and
	SGROUP_FILE) by pw_dbname () (resp. gr_dbname () and sgr_dbname ()).
	This is more consistent with the shadow file handling and may be
	useful to allow edition of another partition's files.
2010-03-11 22:03:37 +00:00
nekral-guest
f9b8a95b92 * src/usermod.c: Re-indent.
* src/usermod.c: Avoid implicit conversion of pointers to
	booleans.
	* src/usermod.c: Added parenthesis.
2010-03-11 22:03:11 +00:00
nekral-guest
5cd1d6e287 * src/pwunconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-11 22:02:54 +00:00
nekral-guest
59910c45d5 * src/userdel.c: Re-indent.
* src/userdel.c: Avoid implicit conversion of pointers to
	booleans.
	* src/userdel.c: Document the sections closed by #endif
2010-03-11 22:01:59 +00:00
nekral-guest
a8b11f5c18 * src/pwconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-11 22:01:15 +00:00
nekral-guest
391a384715 2010-01-30 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
* NEWS: Add support for TCB.
	* lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to
	support TCB.
	* lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean
	parameter remove_root.
	* configure.in: Add conditional WITH_TCB.
	* src/userdel.c, src/usermod.c: Add support for TCB. Update call to
	remove_tree().
	* src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled.
	* src/vipw.c: Add support for TCB. Update call to remove_tree().
	* src/useradd.c: Add support for TCB. Open the shadow file outside
	of open_files().
	* src/chage.c: Add support for TCB.
	* src/Makefile.am: Install passwd sgid shadow when TCB is enabled.
	* lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml,
	man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml,
	man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak,
	man/generate_mans.deps, man/Makefile.am: New configuration
	parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB.
	* lib/shadowio.c, lib/commonio.c: Add support for TCB.
2010-03-04 18:11:13 +00:00
nekral-guest
291b28ac52 * src/su.c: Do not sanitize the environment. This breaks
--preserve-environment. This sanitation was disabled on Debian
	since quite some time with no reported issues, and sanitize_env()
	documentation agrees that it should be useless as all modern
	Unixes will handle setuid executables properly. This Fixes
	Alioth#312287.
2010-01-24 17:13:40 +00:00
nekral-guest
289913e5ff * NEWS, src/groupmod.c: Fixed groupmod when configured with
--enable-account-tools-setuid.
2009-11-05 22:03:36 +00:00
nekral-guest
248d5fd870 2009-11-01 Michel Hermier <michel.hermier@gmail.com>
* src/su.c: Set the default ENV_SUPATH to
	/sbin:/bin:/usr/sbin:/usr/bin (i.e. PATH when no ENV_SUPATH is
	specified).
2009-11-01 16:57:59 +00:00
nekral-guest
7fa666b909 2009-10-15 Thorsten Kukuk <kukuk@suse.de>
* src/faillog.c, man/faillog.8.xml: Harmonize long option in code
	and documentation. Use --lock-secs instead of --lock-time.
2009-10-17 20:40:53 +00:00
nekral-guest
2be243c143 pid_child and kill_child are only used when USE_PAM. 2009-09-08 21:33:14 +00:00
nekral-guest
a845c67c60 * src/su.c: Fix indentation.
* src/su.c: Add more messages for translation.
	* src/su.c: Ignore kill() return value when sending the TERM
	signal. If it fails, a KILL should be sent anyway.
2009-09-08 20:46:43 +00:00
nekral-guest
756700ddf3 * NEWS, src/su.c: When su receives a signal, wait for the child to
terminate (after sending a SIGTERM), and kill it only if it did
	not terminate by itself. No delay will be enforced if the child
	cooperates. See http://bugs.gentoo.org/282094
	* NEWS, man/su.1.xml: Document su's exit values.
2009-09-08 20:39:15 +00:00
nekral-guest
da18e77e9a * src/useradd.c: The default value for the CREATE_MAIL_SPOOL
variable (i.e. if CREATE_MAIL_SPOOL= is specified without any
	values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL=").
2009-09-08 13:16:58 +00:00
nekral-guest
38e7ec3316 * src/useradd.c: Avoid redefinition of SHELL. Use DSHELL instead.
For consistency, change HOME, INACT, EXPIRE, SKEL, and
	CREATE_MAIL_SPOOL to DHOME, DINACT, DEXPIRE, DSKEL, and
	DCREATE_MAIL_SPOOL.
2009-09-08 13:11:03 +00:00
nekral-guest
ee792a8fa1 * src/newusers.c: Prefer #ifdef over #if. 2009-09-08 13:06:57 +00:00
nekral-guest
8806b07bd2 * src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c,
src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c,
	src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c,
	src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: Use
	booleans for tests.
	* src/userdel.c, src/gpasswd.c, src/groupmems.c, src/usermod.c,
	src/groupmod.c, src/passwd.c: Use a break even after usage().
2009-09-05 22:31:29 +00:00
nekral-guest
32e2ef34a3 * src/gpasswd.c, src/groupmems.c: Split the groupmems and gpasswd
Usage string. It was changed anyway to add the --help option.
2009-09-05 20:25:40 +00:00
nekral-guest
91b60a955c * NEWS, src/userdel.c, src/lastlog.c, src/gpasswd.c,
src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c,
	src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c,
	src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c,
	src/faillog.c, src/chsh.c: If someone uses the -h/--help options,
	the usage should not go to stderr nor should the utility exit with
	non-zero status. All of the shadow utils do just this
	unfortunately, so convert them over to sanity.
	* man/groupmems.8.xml, man/gpasswd.1.xml: Added option -h/--help.
2009-09-04 23:02:33 +00:00
nekral-guest
3d10e75117 * src/useradd.c: Fixed wrong format string.
* lib/gshadow.c: Removed declaration of unused variable.
2009-09-04 22:09:58 +00:00
nekral-guest
24cfe44b07 * libmisc/shell.c, src/su.c: Execute the scripts with "sh -"
rather than "sh".
2009-07-22 13:35:57 +00:00
nekral-guest
db38a728d1 * configure.in, libmisc/shell.c, libmisc/setupenv.c, src/newgrp.c,
src/su.c: Let the system shell be configurable.
2009-07-22 13:30:06 +00:00
nekral-guest
4ad827768e * NEWS, src/su.c, libmisc/shell.c: Added support for shells being a
shell script without a shebang.
2009-07-20 14:00:50 +00:00
nekral-guest
7d5d9c1841 * src/su.c, man/su.1.xml: The default behavior (without -p or
--login) is to copy most of the environment variables. Revert a
	previous change and update the documentation.
2009-06-11 20:01:21 +00:00
nekral-guest
f4f6300499 * NEWS, src/su.c: Preserve the DISPLAY and XAUTHORITY environment
variables, even with --login. This was not the case before in the
	PAM version.
2009-06-05 22:19:38 +00:00
nekral-guest
d6f18c207e * src/useradd.c, src/groupmod.c, src/groupadd.c, src/faillog.c:
Fix typos. Take this opportunity to split the usage messages into
	smaller messages (one per option).
	* src/pwck.c: Fix typo.
2009-06-05 22:16:56 +00:00
nekral-guest
0762426c4d * .gitignore, man/.gitignore, src/.gitignore: Added .gitignore
files.
2009-06-04 20:08:11 +00:00
nekral-guest
a6418fb0df * src/vipw.c: Make sure opened files are closed. 2009-05-25 19:51:23 +00:00
nekral-guest
e9a8ffbb51 re-indent. 2009-05-22 13:32:26 +00:00
nekral-guest
f596cd113c * NEWS, src/newgrp.c: Return the exit status of the child. Thanks
to Lionel Elie Mamane.
2009-05-22 11:10:02 +00:00
nekral-guest
fd55bd5d4a * src/usermod.c: Added warnings for absolute symlinks which could
be broken by rename().
2009-05-22 10:42:51 +00:00
nekral-guest
604c7d72d9 * NEWS, src/userdel.c: Report errors to remove the user's mailbox.
* NEWS, src/userdel.c: When USERGROUPS_ENAB is enabled, remove the
	user's group when the user was the only member. This is still not
	complete, as the user could have been specified twice in the
	members.
	* NEWS, src/userdel.c: Do not fail when -r is used and the home
	directory does not exist.
2009-05-22 10:41:10 +00:00