2011-07-08 Nicolas François * man/*.xml, man/config.xml.in: Add source and version information. This reduce the amount of warnings during the manpages generation. 2011-06-25 Nicolas François * man/passwd.1.xml: Added reference to chpasswd(8). * man/po/ru.po: Add space between option and argument. 2011-06-16 Francisco Javier Cuadrado * po/es.po: Spanish translation 2011-06-16 Nicolas François * libmisc/isexpired.c: Added parenthesis. * libmisc/env.c: Added comments. * libmisc/env.c: Avoid implicit conversion of pointer to boolean. 2011-06-16 Nicolas François * src/su.c: environ is provided by . * src/su.c: Added function prototypes. * src/su.c: Rename shellstr parameter to shellname to avoid collision with static variable. * NEWS, src/su.c: Added support for PAM modules which change PAM_USER. 2011-06-13 Nicolas François * src/su.c (prepare_pam_close_session): Extract the creation of a child and listening for signal in the parent from run_shell(). prepare_pam_close_session() is now executed before the creation of the pam session and before the UID is changed. This allows to close the session as root. * src/su.c: Also drop the controlling terminal when PAM is not used. * src/su.c: Remove run_shell(). * src/su.c: After prepare_pam_close_session() there is no need to close the session in the child. Added pam_setcred to prepare_pam_close_session(). 2011-06-12 Nicolas François * src/su.c (save_caller_context): Extract from main() the code used to save the caller's context. * src/su.c: Split check_perms() in to a PAM (check_perms_pam) and a non-PAM (check_perms_nopam) version. * src/su.c: Cleanup check_perms_nopam(). * src/su.c: Merge environment setting blocks after the creation of the session. * src/su.c: Close the password databases together with syslog. * src/su.c: Extract command line processing from main(). * src/su.c: Extract export of environment from main(). 2011-06-10 Nicolas François * src/su.c: Group some of the environment processing blocks. The definition of shellstr, PATH and IFS is not influenced (getenv, getdef, restricted_shell) by and does not influence (addenv does not change environ) the authentication. And the authentication did not overwrite those definitions. This will ease an extraction from the big main() function. * src/su.c: Move definition of change_environment and shellstr after the switch to the final subsystem. The previous architecture forced to always change the environment (the shell starts with a '*' and was thus restricted, and change_environment could not be reset to false). * src/su.c: No need to change the user's shell in case of subsystem root. Update the comments. * src/su.c: Define shellstr before the environment so that restricted_shell is called only once. This will allow moving the environment definition after the switch to the new user. * src/su.c: Extract the authentication from the main function. * lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not use the pwent global variable to communicate between APIs of different files. Added boolean parameter su_to_root to check_su_auth(). * src/su.c (check_perms): Return the passwd entry of the finally authenticated user. Remove usage of the pwent variable. * src/su.c: The password of the caller is the one from the spwd structure only if the passwd's password is 'x'. * src/su.c: Cleanup local variables. 2011-06-10 Nicolas François * src/su.c: Updating pwent after expire() is not useful. Only the password information may have changed and they are not used anymore afterwards. * src/su.c: No need to call expire() if there are no shadow entry. No need to convert a passwd entry into an spwd entry in that case. 2011-06-12 Thomas Blein * man/po/fr.po: French manpages translation 2011-06-05 Nicolas François * NEWS, src/su.c: Do not forward the controlling terminal to commands executed with -c. This prevents tty hijacking which could lead to execution with the caller's privileges. This required to forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to the executed command. 2011-06-05 Nicolas François * NEWS, src/userdel.c: Do not remove a group with the same name as the user (usergroup) if this group isn't the user's primary group. 2011-06-04 Nicolas François * NEWS, src/userdel.c: Check the existence of the user's mail spool before trying to remove it. If it does not exist, a warning is issued, but no failure. 2011-06-03 Nicolas François * src/sulogin.c: Added Prog, needed because of the last xmalloc() change. 2011-06-03 Nicolas François * man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN Makefile. * man/Makefile.am: Build zh_CN pages. * man/generate_translations.mak: Add config.xml to CLEANFILES. * man/po/zh_CN.po: limits, groups, faillog, expiry should not be translated (command name, file name), also this broke the build system as they are used to derive manpage names. 2011-06-02 Peter Vrabec * src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry to be displayed. 2011-06-02 Nicolas François * libmisc/xmalloc.c: Harmonize message. 2011-06-02 Peter Vrabec * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing memory allocation check. 2011-06-02 Cal Peake * NEWS, libmisc/addgrps.c: Fix allocator loop. Continue to getgroups() when getgroups fails (-1) with errno==EINVAL. 2011-06-01 Simon Brandmair * man/newusers.8.xml, man/suauth.5.xml, man/suauth.5.xml, man/logoutd.8.xml, man/chgpasswd.8.xml, man/groups.1.xml, man/faillog.5.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml, man/login.defs.d/DEFAULT_HOME.xml, man/login.defs.d/LOGIN_RETRIES.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml, man/login.defs.d/PORTTIME_CHECKS_ENAB.xml, man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Fix typos * man/po/de.po: German translation of manpages completed 2011-05-23 Innocent De Marchi * po/ca.po: Catalan translation completed 2011-04-22 Miguel Figueiredo * po/pt.po: Portuguese translation completed 2011-04-22 Thomas Blein * po/fr.po: French translation completed 2011-04-16 Holger Wansing * po/de.po: German translation completed 2011-04-15 Fred Maranhão * po/pt_BR.po: Brazilian Portuguese translation completed 2011-04-10 Yuri Kozlov * po/ru.po: Russian translation completed 2011-04-07 Daniel Nylander * po/sv.po: Swedish translation completed 2011-04-07 Joe Dalton * po/da.po: Danish translation completed 2011-04-05 Timur Birsh * po/kk.po: Kazakh translation completed 2011-04-05 NAKANO Takeo * po/ja.po: Japanese translation completed 2011-03-30 YunQiang Su * man/po/zh_CN.po: convert Simplified Chinese translation of manpages to gettext * po/zh_CN.po: Simplified Chinese translation completed 2010-02-15 Nicolas François * man/ru/Makefile.am: Remove double inclusion of $(man_nopam) 2010-02-15 Nicolas François * libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in user_busy() rather than in src/userdel.c or src/usermod.c to provide more accurate failure cause (user is logged in or user still executes processes). 2010-02-15 Nicolas François * lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check entry validity before commits to databases. * libmisc/fields.c, libmisc/Makefile.am, lib/fields.c, lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to lib. * lib/fields.c: Fail if input pointer is NULL. 2010-02-13 Nicolas François * NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in gecos or shell. 2011-02-12 Nicolas François * autogen.sh: Restore original autoreconf (see 2010-08-29's change for autogen.sh) * configure.in, man/po/Makefile.in.in, man/po/Makefile.in: Makefile.in.in replaced by Makefile.in to avoid config.status issues when there are multiple po directories. * man/po/LINGUAS: Adapted to above change. * man/po/POTFILES.in, man/po/XMLFILES: POTFILES.in replaced by XMLFILES. * man/Makefile.am: generate_mans.deps shall be included by make, not automake. 2010-11-19 Nicolas François * NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login to hang when CONSOLE was configured with a colon separated list of TTYs. See http://bugs.gentoo.org/show_bug.cgi?id=324419 2010-09-05 Nicolas François Integrate review comments from Julien Cristau * libmisc/copydir.c: Missing parenthesis in comment. * libmisc/chowndir.c: Fixed memory leak on failed realloc(). * libmisc/chowndir.c: Make sure the buffer for the path is large enough. * libmisc/remove_tree.c: Remove check for NULL before free(). 2010-08-29 Nicolas François * man/po/fr.po: Fix 2 fuzzy strings. 2010-08-29 Nicolas François * NEWS, src/usermod.c: Accept options in any order (username not necessarily at the end) 2010-08-29 Nicolas François * autogen.sh: Expand autoreconf to avoid running autopoint. 2010-08-29 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-08-28 Brian M. Carlson * man/chsh.1.xml: Fix comma splice. 2010-08-28 Nicolas François * lib/protoypes.h, libmisc/copydir.c, src/useradd.c: selinux_file_context renamed set_selinux_file_context. * lib/protoypes.h, libmisc/copydir.c, src/useradd.c: Added reset_selinux_file_context. * src/useradd.c: Check the return value of set_selinux_file_context and reset_selinux_file_context. * libmisc/copydir.c: Check the return value of reset_selinux_file_context. 2010-08-28 Nicolas François * src/su.c: Fix handling of environment variables when the environment is not changed. In particular, this makes su behave as documented regarding PATH and IFS (i.e. they are reset) when -p is provided. 2010-08-28 Nicolas François * man/su.1.xml: Fix typo. 2010-08-22 Nicolas François * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c, src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c, src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c, src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c, src/grpunconv.c, src/chsh.c: Prog changed to a constant string. 2010-08-22 Nicolas François * libmisc/limits.c: Avoid implicit conversion of integer to boolean. * libmisc/basename.c: Avoid implicit conversion of pointer to boolean. * libmisc/basename.c, lib/prototypes.h (Basename): Return a constant string. * libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h, libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c, libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add splint annotations. * libmisc/chowndir.c: Avoid memory leak. * libmisc/chowndir.c: Do not check *printf/*puts return value. * libmisc/chowntty.c: Avoid implicit conversion between integer types. * libmisc/obscure.c: Return a bool when possible instead of int. * libmisc/shell.c: Do not check *printf/*puts return value. * libmisc/shell.c: Do not check execle return value. * libmisc/setupenv.c: Avoid implicit conversion between integer types. * libmisc/xmalloc.c: size should not be zero to avoid returning NULL pointers. * libmisc/hushed.c: Do not check *printf/*puts return value. * libmisc/system.c: Avoid implicit conversion of integer to boolean. safe_system last argument is a boolean. * libmisc/system.c: Check return value of dup2. * libmisc/system.c: Do not check *printf/*puts return value. * libmisc/system.c: Do not check execve return value. * libmisc/salt.c: Do not check *printf/*puts return value. * libmisc/loginprompt.c: Do not check gethostname return value. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check gr_rewind/pw_rewind return value. * libmisc/ttytype.c: Limit the number of parsed characters in the sscanf format. * libmisc/ttytype.c: Test if a type was really read. * libmisc/sub.c: Do not check *printf/*puts return value. * libmisc/sub.c: Avoid implicit conversion of integer to boolean. * src/userdel.c: Fix typo in comment. * src/userdel.c: Avoid implicit conversion of boolean to integer. * src/userdel.c: safe_system last argument is a boolean. * src/newusers.c: Avoid implicit conversion of boolean to integer. * src/newusers.c: Avoid implicit conversion of integer to boolean. * src/usermod.c: Add brackets. * src/usermod.c: Avoid implicit conversion of characters or integers to booleans. * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c: Avoid implicit conversion of integer to boolean. * src/su.c: Add brackets. * src/useradd.c: Avoid implicit conversion of characters or integers to booleans. 2010-08-22 Nicolas François * libmisc/obscure.c, lib/prototypes.h (obscure): Return a bool instead of an int. * libmisc/obscure.c, libmisc/tz.c, src/passwd.c, lib/encrypt.c, libmisc/copydir.c, lib/prototypes.h: Add splint annotations. * libmisc/tz.c: Fix some const issues. * libmisc/tz.c: Avoid multi-statements lines. * libmisc/tz.c: Add brackets. * libmisc/copydir.c: Do not check *printf/*puts return value. * libmisc/copydir.c: Fail if we cannot set or reset the SELinux fscreate context. * libmisc/copydir.c: Use xmalloc instead of malloc. * libmisc/copydir.c: Do not check lutimes return value * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c (iswheel): Return a bool instead of an int. * src/passwd.c: Remove insert_crypt_passwd(). Use xstrdup instead. * src/passwd.c: Return constant strings when sufficient. * src/passwd.c: Do not check *printf/*puts return value. * src/passwd.c: Avoid implicit conversion of character to boolean. * src/passwd.c: Do not check sleep return value. * src/sulogin.c: Do not check *printf/*puts return value. * lib/encrypt.c: Do not check fprintf return value. 2010-08-21 Nicolas François * src/passwd.c: Fix a const issue. * src/passwd.c: Avoid multi-statements lines. * src/sulogin.c: Fix a const issue. 2010-08-21 Nicolas François * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to copy the extended attributes (the SELinux context is hence reset) * src/usermod.c: Copy the extended attributes. * src/useradd.c: Only reset the SELinux context. 2010-08-21 Nicolas François * configure.in: Fixed typo. 2010-08-21 Nicolas François * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c, libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c, libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/obscure.c, libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c, lib/commonio.c, lib/commonio.h, libmisc/setugid.c, libmisc/setupenv.c: Fix some const issues. * libmisc/motd.c: Avoid multi-statements lines. * libmisc/motd.c: Support long MOTD_FILE. * libmisc/list.c, lib/prototypes.h: Revert previous change. dup_list and is_on_list are used with members as defined for the group structure, and thus even if the list is not modified, the list elements cannot be constant strings. * libmisc/system.c: Avoid C++ comments. * src/vipw.c: WITH_TCB cannot be tested inside a gettextized string. Split the Usage string. * lib/commonio.h: Re-indent. 2010-08-21 Nicolas François * libmisc/audit_help.c (audit_logger):pgname is not used. We let audit find out the name of the program. * libmisc/audit_help.c: Re-indent. 2010-08-20 Nicolas François * lib/groupio.c: Avoid implicit conversion from signed to unsigned. 2010-08-20 Nicolas François * lib/commonio.c: Make sure there are no NULL pointer dereference. 2010-08-20 Nicolas François * libmisc/remove_tree.c: Ignore snprintf return value. 2010-08-20 Nicolas François * lib/prototypes.h, libmisc/list.c: dup_list() and is_on_list() do not change the members of the list they receive. Added const qualifiers. 2010-08-20 Nicolas François * src/usermod.c: Re-indent. 2010-08-20 Nicolas François * lib/commonio.c: Avoid multi-statements lines. 2010-08-20 Nicolas François * man/po/fr.po: Fix a typo. 2010-06-24 Baurzhan Muftakhidinov * NEWS, po/kk.po: Updated Kazakh translation. 2010-04-12 Nicolas François * man/po/fr.po: Fix some typos. Minor updates: 886t70f187u. 2010-04-12 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-04-05 Nicolas François * man/newusers.8.xml, man/useradd.8.xml, man/groupadd.8.xml, man/login.defs.d/UMASK.xml, man/login.defs.d/CREATE_HOME.xml, man/login.defs.d/LOGIN_RETRIES.xml: Fix typos: choosen, overriden, bahavior. 2010-04-04 Nicolas François * man/usermod.8.xml: Document changes of ownerships. 2010-04-04 Nicolas François * man/vipw.8.xml: Fix formatting typo. * man/vipw.8.xml: Document the login.defs parameters only when tcb is enabled. 2010-04-04 Nicolas François * src/useradd.c: spool is a constant string. * src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false 2010-04-04 Nicolas François * src/usermod.c: move_home() is only called if mflg is set. * src/usermod.c: Fail is -m is provided but the old home directory is not a directory. * src/usermod.c: Use the previous improvement of copy_tree to provide better error diagnosis. * src/usermod.c: When rename() is used, also change the ownership. * src/usermod.c: Do not change the ownership of the root directory twice. * src/usermod.c: When -u is provided, only change the ownership of the home directory if it is a directory. * src/usermod.c: Also change ownerships when -g is used. 2010-04-04 Nicolas François * lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to copy_tree to detect when ownership shall be changed. * libmisc/copydir.c: Document the behavior when the IDs are set to -1. * lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter copy_root. * libmisc/copydir.c: error() and ctx can be static. * libmisc/copydir.c (copy_hardlink): Remove parameter src. 2010-04-04 Nicolas François * libmisc/chowndir.c: Dynamically allocate memory to support path longer than 1024 characters. * libmisc/chowndir.c: Fix typos in documentation. * libmisc/chowndir.c: Support and document the behavior when a old or new ID is set to -1. * libmisc/chowndir.c: Improved error detection when chown fails. * libmisc/chowndir.c: Harmonize error handling strategy when an error occurs: stop changing ownership as soon as an error was detected. 2010-04-03 Nicolas François * man/hu/passwd.5: Fix formatting typo. * man/id/login.1: Likewise. 2010-03-31 Nicolas François * man/vipw.8.xml: When TCB is enabled, vipw uses login.defs. 2010-03-31 Nicolas François * NEWS, libmisc/copydir.c: When a hardlink is detected, the original hardlink should not be removed. 2010-03-30 Nicolas François * po/POTFILES.in, libmisc/Makefile.am, lib/prototypes.h, libmisc/remove_tree.c, libmisc/copydir.c: Split remove_tree() outside of copydir.c to avoid linking against libacl or libattr. 2010-03-30 Nicolas François * src/su.c: shell's name must be -su when a su fakes a login. 2010-03-30 Nicolas François * NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml, man/usermod.8.xml, src/Makefile.am: Added support for ACLs and Extended Attributes. 2010-03-30 Nicolas François * libmisc/copydir.c: Document the sections closed by #endif 2010-03-27 Nicolas François * man/vipw.8.xml: Add section ENVIRONMENT. 2010-03-26 Nicolas François * etc/login.defs: Updated description of UMASK to indicate its usage by pam_umask. * man/login.defs.d/UMASK.xml: Likewise. 2010-03-25 Nicolas François * man/login.1.xml: login does not check for new mails in PAM enabled versions. This is done by pam_mail. 2010-03-25 Nicolas François * NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml: PAM enabled versions: restore the -e option to allow restoring passwords without knowing those passwords. Restore together the -m and -c options. 2010-03-23 Nicolas François * src/su.c, src/vipw.c, src/newgrp.c: When the child is interrupted, stop ourself with a SIGSTOP signal. 2010-03-23 Nicolas François * src/newgrp.c: Limit the scope of variable pid. * src/login_nopam.c: Limit the scope of variables end, lineno, i, str_len. * src/logoutd.c: Limit the scope of variable c. * src/vipw.c: Re-indent. * src/vipw.c: Close the file after the creation of the backup. * src/useradd.c (set_default): Close input file on failure. * src/useradd.c: Limit the scope of variables spool, file, fd, gr, gid, mode. * src/passwd.c: Limit the scope of variables last and ok. * src/chage.c: Fix typo (non breaking space). * src/login.c: Limit the scope of variables erasechar killchar, c, failed. * src/groups.c: Limit the scope of variable ngroups, pri_grp, i. * src/id.c: Limit the scope of variable i. 2010-03-22 Nicolas François * lib/utent.c (getutline): Remove getutline(). This function is no more used. * lib/groupmem.c: Limit the scope of variable i. * lib/shadow.c: Avoid implicit conversion of pointers and integers to booleans. * lib/shadow.c: Added brackets. * libmisc/limits.c: Limit the scope of variable tmpmask. * libmisc/copydir.c: Close opened file on failure. * libmisc/loginprompt.c: Limit the scope of variable envc. * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope of variable id. 2010-03-21 Nicolas François * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and the GID equivalents) 2010-03-20 Nicolas François * NEWS, configure.in: Next version will be 4.1.5. * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-03-20 Nicolas François * libmisc/limits.c: Re-indent to make pmccabe happy. 2010-03-20 Nicolas François * man/generate_translations.mak, man/generate_mans.mak: Fix distcheck. All manpages generation code shall be enclosed in ENABLE_REGENERATE_MAN conditions. 2010-03-20 Nicolas François * man/useradd.8.xml: Do not document the features which are not working. * man/useradd.8.xml: Fix typo: -u was meant instead of -o. * man/useradd.8.xml: Document that the default behavior depends on CREATE_HOME. 2010-03-20 Nicolas François * lib/groupio.c: Fix memory management insplit_groups(). 2010-03-20 Nicolas François * libmisc/strtoday.c: Empty dates indicate a disabled date, this is not an error. 2010-03-19 Nicolas François * src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos. * libmisc/limits.c: Removed unused variable. 2010-03-19 Nicolas François * lib/commonio.c: Stop sorting entries when we reach the first NIS line. 2010-03-18 Nicolas François * src/chsh.c: Even for root, warn if an invalid shell is specified. Alioth#311305 2010-03-18 Nicolas François * man/limits.5.xml: Document the selection of the limits when multiple lines match the user. 2010-03-18 Nicolas François * libmisc/limits.c: Re-indent. * libmisc/limits.c: Reformat the documentation. Avoid personal comments. * man/limits.5.xml: Document the new features. 2010-03-18 Thomas Orgis * NEWS, libmisc/limits.c: Fix parsing of limits. * NEWS, libmisc/limits.c: Add support for infinite limits. * NEWS, libmisc/limits.c: Add support for @group syntax. 2010-03-18 Nicolas François * lib/tcbfuncs.h: Re-indent. * lib/tcbfuncs.h: Explicitly indicate function taking a void parameter. 2010-03-18 Nicolas François * src/useradd.c: When exiting because of a failure, warn if an home directory created, but cannot be removed. 2010-03-18 Nicolas François * libmisc/chowndir.c: Re-indent. * libmisc/chowndir.c: Avoid assignment in comparisons. * libmisc/chowndir.c: Added brackets and parenthesis. 2010-03-18 Nicolas François * libmisc/strtoday.c: Add support for numerical dates, assuming they are already specified in number of days since Epoch. Return -2 in case of errors to support the specification of -1. * src/usermod.c, src/useradd.c: Adapt to the new error value of strtoday(). * src/chage.c: Remove isnum(). Adapt to the new error value of strtoday(). Support for numerical dates is moved to strtoday(). 2010-03-18 Nicolas François * man/po/fr.po: Harmonize name of parameters. 2010-03-18 Nicolas François * NEWS: Indicate which tools support TCB. 2010-03-18 Nicolas François * src/pwck.c: Unlock the password and shadow files when there is a failure to prepare the update in memory. 2010-03-18 Nicolas François * src/pwck.c: Only log to SYSLOG when acting on system files. 2010-03-18 Nicolas François * src/pwck.c: Document the sections closed by #endif * src/pwck.c, man/pwck.8.xml: No alternative shadow file can be given when USE_TCB is enabled. * src/pwck.c: Remove the -s option from the usage when USE_TCB is enabled. The option is still supported, but has no effect, as documented in the manpage. 2010-03-18 Nicolas François * src/pwck.c: Do not use pwd_file and spw_file. Always use the dbname() functions. 2010-03-18 Nicolas François * src/pwck.c: Re-indent. 2010-03-18 Nicolas François * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c, src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the SHADOWTCB_FAILURE return code instead of 0 or implicit conversion to booleans. 2010-03-18 Paweł Hajdan, Jr. * src/pwck.c: Add support for TCB. * src/pwck.c: Use spw_dbname() instead of spw_file since TCB changes from a file to another depending on the user. Also use pw_dbname() for consistency. 2010-03-17 Nicolas François * src/faillog.c: Re-indent. 2010-03-17 Nicolas François * lib/tcbfuncs.h: Added type shadowtcb_status. * lib/tcbfuncs.h, lib/tcbfuncs.c: Return a shadowtcb_status instead of an int. * lib/tcbfuncs.c: Do not return in OUT_OF_MEMORY. * lib/tcbfuncs.c: Only FreeBSD specify that the returned buffer is NULL in case of failure. The return value of asprintf shall be checked. * lib/tcbfuncs.c: Avoid implicit conversion of pointers or integers to booleans. * lib/tcbfuncs.c: Avoid assignments in comparisons. * lib/tcbfuncs.c: Do not free path before its last use. * lib/tcbfuncs.c: Include shadowio.h, needed for the spw_setdbname's prototype. * lib/tcbfuncs.c: Ignore fflush() return value. * lib/tcbfuncs.c: Avoid implicit signed to unsigned conversions. * lib/tcbfuncs.c: Avoid integer to char conversions. * lib/tcbfuncs.c: Include prototypes.h for the definition of Prog. * lib/tcbfuncs.c: Removed dead return. * lib/tcbfuncs.c: move_dir() and shadowtcb_move() need a non NULL stored_tcb_user. * lib/tcbfuncs.c: Avoid implicit int to mode_t conversion. * lib/tcbfuncs.c: Added brackets and parenthesis. * lib/tcbfuncs.c: Re-indent. 2010-03-17 Nicolas François * lib/commonio.c: Avoid implicit conversion of pointers to booleans. * lib/commonio.c: Ignore the return value of close when a failure is reported. 2010-03-16 Nicolas François * man/faillog.8.xml: Document the behavior in display mode of the -a option. * NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to the non-display mode. This changes the default behavior of the -l, -m, -r, -t options when -a is not specified (restrict to existing users). 2010-03-15 Nicolas François * man/chage.1.xml, man/login.defs.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml: Document the usage of the TCB_AUTH_GROUP, TCB_SYMLINKS, and USE_TCB configuration parameters. * man/pwconv.8.xml, man/pwck.8.xml: Document the behavior when USE_TCB is enabled. 2010-03-15 Nicolas François * po/POTFILES.in, lib/tcbfuncs.c: Add more strings for translation. * lib/tcbfuncs.c: Indicate the name of the program in error messages. Avoid perror. * src/useradd.c: Re-indent. * src/useradd.c: Add more strings for translation. Indicate the name of the program in error messages. * src/userdel.c: Re-indent. * src/userdel.c: Add more strings for translation. Indicate the name of the program in error messages. 2010-03-15 Nicolas François * src/usermod.c: user_newname and user_newid cannot be used to test if the username or ID is changed. lflg and uflg should be used instead. 2010-03-15 Nicolas François * src/userdel.c: Avoid perror. Give more verbose warnings. 2010-03-11 Nicolas François * man/Makefile.am: Indicate that man/generate_mans.deps is generated. 2010-03-11 Nicolas François * lib/commonio.c: Re-indent. * lib/commonio.c: Document the sections closed by #endif * lib/commonio.c: Added brackets. * lib/commonio.c: Avoid implicit conversion of integer to booleans. 2010-03-11 Nicolas François * src/userdel.c: Re-indent. * src/userdel.c: Added brackets. * src/userdel.c: Avoid implicit conversion of pointers to booleans. 2010-03-11 Nicolas François * lib/shadowio.c: Re-indent. * lib/shadowio.c: Added brackets and parenthesis. * lib/shadowio.c: Document the sections closed by #endif * lib/shadowio.c: Avoid negation of comparisons. * lib/shadowio.c: Avoid implicit conversion of integer to booleans and booleans to integers. 2010-03-11 Nicolas François * src/useradd.c: Re-indent. * src/useradd.c: Added brackets. * src/useradd.c: Avoid implicit conversion of integers to booleans. * src/useradd.c: Harmonize error messages. 2010-03-11 Nicolas François * src/vipw.c: Document the sections closed by #endif * src/vipw.c: Avoid implicit conversion of pointers or integers to booleans. * src/vipw.c: Added brackets and parenthesis. * src/vipw.c: Limit the definition of some variables and macros to the WITH_TCB scope. * src/vipw.c: Avoid assignment in comparisons. * src/vipw.c: Replace PASSWD_FILE (resp. GROUP_FILE and SGROUP_FILE) by pw_dbname () (resp. gr_dbname () and sgr_dbname ()). This is more consistent with the shadow file handling and may be useful to allow edition of another partition's files. 2010-03-11 Nicolas François * src/usermod.c: Re-indent. * src/usermod.c: Avoid implicit conversion of pointers to booleans. * src/usermod.c: Added parenthesis. 2010-03-11 Nicolas François * src/pwunconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-10 Nicolas François * src/userdel.c: Re-indent. * src/userdel.c: Avoid implicit conversion of pointers to booleans. * src/userdel.c: Document the sections closed by #endif 2010-03-10 Nicolas François * src/pwconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-10 Nicolas François * libmisc/copydir.c: Added parenthesis. 2010-02-14 Michael Bunk * NEWS, lib/gshadow.c: Fix parsing of gshadow entries. 2010-01-30 Paweł Hajdan, Jr. * NEWS: Add support for TCB. * lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to support TCB. * lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean parameter remove_root. * configure.in: Add conditional WITH_TCB. * src/userdel.c, src/usermod.c: Add support for TCB. Update call to remove_tree(). * src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled. * src/vipw.c: Add support for TCB. Update call to remove_tree(). * src/useradd.c: Add support for TCB. Open the shadow file outside of open_files(). * src/chage.c: Add support for TCB. * src/Makefile.am: Install passwd sgid shadow when TCB is enabled. * lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml, man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml, man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak, man/generate_mans.deps, man/Makefile.am: New configuration parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB. * lib/shadowio.c, lib/commonio.c: Add support for TCB. 2010-01-24 Nicolas François * libmisc/env.c: Fix sanitize_env() noslash support. This fixes Alioth#311740. 2010-01-24 Nicolas François * src/su.c: Do not sanitize the environment. This breaks --preserve-environment. This sanitation was disabled on Debian since quite some time with no reported issues, and sanitize_env() documentation agrees that it should be useless as all modern Unixes will handle setuid executables properly. This fixes Alioth#312287. 2010-01-24 Nicolas François * libmisc/setupenv.c: Fix typo from 2009-11-01. 2010-01-24 Paweł Hajdan, Jr. * configure.in: Add support for TCB in configure.in. Actual TCB support will follow. 2009-11-05 Nicolas François * NEWS, src/groupmod.c: Fixed groupmod when configured with --enable-account-tools-setuid. 2009-11-01 Nicolas François * NEWS, man/login.defs.d/ENV_SUPATH.xml, libmisc/setupenv.c: Harmonize other paths and documentation with previous change. 2009-11-01 Michel Hermier * src/su.c: Set the default ENV_SUPATH to /sbin:/bin:/usr/sbin:/usr/bin (i.e. PATH when no ENV_SUPATH is specified). 2009-10-15 Thorsten Kukuk * src/faillog.c, man/faillog.8.xml: Harmonize long option in code and documentation. Use --lock-secs instead of --lock-time. 2009-10-05 Miroslav Kure * po/cs.po: updated to 412t 2009-09-29 Clytie Siddall * po/vi.po: updated to 412t 2009-09-27 Miroslav Kure * po/cs.po: updated to 411t1f 2009-09-24 Christian Perrier * man/po/fr.po: Updated French translation to 835t99f165 2009-09-24 Clytie Siddall * po/vi.po: updated to 348t30f34u 2009-09-08 Nicolas François * lib/commonio.c: Avoid pre-decrement operator (--n). Add some comments. * libmisc/cleanup.c: Fix off by one in an assertion. 2009-09-08 Nicolas François * src/su.c: Fix indentation. * src/su.c: Add more messages for translation. * src/su.c: Ignore kill() return value when sending the TERM signal. If it fails, a KILL should be sent anyway. 2009-09-08 Nicolas François * NEWS, src/su.c: When su receives a signal, wait for the child to terminate (after sending a SIGTERM), and kill it only if it did not terminate by itself. No delay will be enforced if the child cooperates. See http://bugs.gentoo.org/282094 * NEWS, man/su.1.xml: Document su's exit values. 2009-09-08 Nicolas François * src/useradd.c: The default value for the CREATE_MAIL_SPOOL variable (i.e. if CREATE_MAIL_SPOOL= is specified without any values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL="). 2009-09-08 Nicolas François * src/useradd.c: Avoid redefinition of SHELL. Use DSHELL instead. For consistency, change HOME, INACT, EXPIRE, SKEL, and CREATE_MAIL_SPOOL to DHOME, DINACT, DEXPIRE, DSKEL, and DCREATE_MAIL_SPOOL. 2009-09-08 Nicolas François * src/newusers.c: Prefer #ifdef over #if. 2009-09-08 Nicolas François * configure.in: We do not use SETPGRP_VOID, and already assume that setpgrp has a void argument. Remove AC_FUNC_SETPGRP to ease cross compiling. 2009-09-07 Nicolas François * man/generate_translations.mak, man/generate_mans.mak, po/Makefile.in.in: Removing and restoring the config.xml file broke parallel builds. Build the manpages based on *.xml-config files instead of *.xml files. The *.xml do not include config.xml anymore, which permits to run xml2po without needing to remove config.xml. The config.xml is restored in the *.xml-config files. * man/groupadd.8.xml: Implementation of the above. * man/generate_mans.deps: Updated dependencies 2009-09-07 Steve Grubb * libmisc/limits.c: Fix the format to match the unsigned long variable in argument. * libmisc/utmp.c: Fix tests. tmptty is a variable stack. ut_host is an array of the ut structure. None of them can be NULL. 2009-09-07 Nicolas François * lib/shadowmem.c: Only copy the required fields of the struct spwd. (start with the primitive types) * lib/shadowmem.c: Avoid memzero() on a possibly NULL pointer. * lib/groupmem.c: Only copy the required fields of the struct group. (start with the primitive types) * lib/groupmem.c: Avoid memzero() on a possibly NULL pointer. * lib/groupmem.c: Free gr_mem in addition to its elements. * lib/sgroupio.c: The struct sgrp has no primitive types to be copied initially. * lib/sgroupio.c: Avoid memzero() on a possibly NULL pointer. * lib/sgroupio.c: Free sg_mem and sg_add in addition to their elements. * lib/pwmem.c: Only copy the required fields of the struct passwd. (start with the primitive types) 2009-09-07 Nicolas François * lib/sgroupio.h: Harmonize splint annotations of sgr_locate() prototype with the one used in its definition. 2009-09-07 Steve Grubb * libmisc/copydir.c, lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c: Fix some memory leaks. 2009-09-06 Nicolas François * src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: Use booleans for tests. * src/userdel.c, src/gpasswd.c, src/groupmems.c, src/usermod.c, src/groupmod.c, src/passwd.c: Use a break even after usage(). 2009-09-05 Nicolas François * src/gpasswd.c, src/groupmems.c: Split the groupmems and gpasswd Usage string. It was changed anyway to add the --help option. 2009-09-05 Mike Frysinger * NEWS, src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: If someone uses the -h/--help options, the usage should not go to stderr nor should the utility exit with non-zero status. All of the shadow utils do just this unfortunately, so convert them over to sanity. * man/groupmems.8.xml, man/gpasswd.1.xml: Added option -h/--help. 2009-09-05 Nicolas François * src/useradd.c: Fixed wrong format string. * lib/gshadow.c: Removed declaration of unused variable. 2009-08-30 Mike Frysinger * man/generate_mans.mak, man/generate_translations.mak: Provide an useful error message when --enable-man is not enabled and the translated manpages are not generated. 2009-08-21 Nicolas François * man/login.defs.d/ENCRYPT_METHOD.xml: Avoid using sub-lists. They break the groff formatting. 2009-07-24 Nicolas François * po/fr.po: Fix typos, based on reviews by the Debian French translation team. 2009-07-24 Nicolas François * NEWS, configure.in: Prepare for the next release 4.1.4.2. * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2009-07-23 Nicolas François * configure.in: Fixed definition of the SHELL configuration. 2009-07-23 Nicolas François * etc/login.defs: SYS_GID_MIN /SYS_UID_MIN changed from 100 to 101. GID 100 seems to be used statically. 2009-07-22 Nicolas François * libmisc/shell.c, src/su.c: Execute the scripts with "sh -" rather than "sh". 2009-07-22 Nicolas François * configure.in, libmisc/shell.c, libmisc/setupenv.c, src/newgrp.c, src/su.c: Let the system shell be configurable. 2009-07-20 Nicolas François * NEWS, src/su.c, libmisc/shell.c: Added support for shells being a shell script without a shebang. 2009-07-19 Jean-Louis Dupond * po/nl.po: Fix obvious mistake in Dutch translation. 2009-07-18 Peter Vrabec * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts. * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps. 2009-07-05 Piarres Beobide * po/eu.po: Updated Basque translation. 2009-06-20 Nicolas François * man/fi/Makefile.am: Stop distributing the Finnish translation of passwd.1 (outdated). 2009-06-20 Nicolas François * man/pwck.8.xml: The shadow file is optional. * man/pwck.8.xml: Updated description of the checks. Added description of the shadow checks. * man/pwck.8.xml: Updated description of the checks. 2009-06-12 Nicolas François * man/po/fr.po: Fixed typo (forunis) 2009-06-12 Nicolas François * lib/fputsx.c: Compare the result of fgets() with the provided buffer instead of NULL. 2009-06-12 Nicolas François * lib/gshadow.c: Removed limitation on the length of the gshadow lines. * lib/gshadow.c: Compare the result of fgetsx() with the provided buffer instead of NULL. 2009-06-11 Nicolas François * libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetgrnam.c, libmisc/xgetpwuid.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: Do not limit the size of the buffer to hold the group or user structure. It used to be limited to 16k, which caused issues with groups having many users. 2009-06-11 Nicolas François * src/su.c, man/su.1.xml: The default behavior (without -p or --login) is to copy most of the environment variables. Revert a previous change and update the documentation. 2009-06-06 Nicolas François * man/passwd.5.xml, man/shadow.5.xml: Document the passwd- and shadow- files. 2009-06-06 Nicolas François * NEWS, src/su.c: Preserve the DISPLAY and XAUTHORITY environment variables, even with --login. This was not the case before in the PAM version. 2009-06-06 Nicolas François * src/useradd.c, src/groupmod.c, src/groupadd.c, src/faillog.c: Fix typos. Take this opportunity to split the usage messages into smaller messages (one per option). * src/pwck.c: Fix typo. 2009-06-05 Petri Koistinen * man/passwd.1.xml: The short option for --mindays is -n, not -m. 2009-06-04 Mike Frysinger * .gitignore, man/.gitignore, src/.gitignore: Added .gitignore files. 2009-06-04 Nicolas François * man/su.1.xml: Use