2011-10-31 Nicolas François * src/pwck.c, man/pwck.8.xml: Add support for long options. * src/pwck.c, man/pwck.8.xml: Add -h/--help option * src/grpck.c, man/grpck.8.xml: Add support for long options. * src/grpck.c, man/grpck.8.xml: Add -h/--help option 2011-10-30 Nicolas François * src/expiry.c, man/expiry.1.xml: Add support for long options. * src/expiry.c, man/expiry.1.xml: Add -h/--help option 2011-10-30 Nicolas François * src/chfn.c, man/chfn.1.xml: Add support for long options. * src/chfn.c, man/chfn.1.xml: Add -u/--help option * NEWS, src/chfn.c, man/chfn.1.xml: Add --root option. 2011-10-30 Nicolas François * NEWS, src/vipw.c, man/vipw.8.xml: Add --root option. 2011-10-30 Nicolas François * NEWS, src/faillog.c, man/faillog.8.xml: Add --root option. * NEWS, src/lastlog.c, man/lastlog.8.xml: Likewise. * src/faillog.c: Add Prog variable, and prefix error messages with Prog rather than "faillog". * src/lastlog.c: Likewise. * src/lastlog.c: Split usage in smaller messages. 2011-10-30 Nicolas François * NEWS, src/chage.c, man/chage.1.xml: Add --root option. Open audit and syslog after the potential chroot. chage's usage split in smaller messages. 2011-10-30 Nicolas François * src/login.c: re-indent. * src/login.c: Fix support for sub-logins. 2011-10-30 Nicolas François * src/faillog.c, src/chage.c, src/newusers.c, src/su.c: The getopt index of long options is not used. 2011-10-29 Nicolas François * lib/prototypes.h, libmisc/Makefile.am, libmisc/root_flag.c, po/POTFILES.in: Add process_root_flag() to process the --root option and chroot so that the chroot config is used and changes are applied to the chroot. * NEWS, src/useradd.c, man/useradd.8.xml: Add --root option. Open audit after the potential chroot. * NEWS, src/userdel.c, man/userdel.8.xml: Add --root option. Open audit and syslog after the potential chroot. userdel's usage split in smaller messages. * NEWS, src/usermod.c, man/usermod.8.xml: Likewise * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open audit and syslog after the potential chroot. * src/groupadd.c: Check atexit failures. * src/groupadd.c: Return E_SUCCESS instead of exit'ing at the end of main(). * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open audit and syslog after the potential chroot. * src/groupmod.c: The getopt index of long options is not used. * src/groupdel.c: Add process_flags(). * src/groupdel.c, man/groupdel.8.xml: Add --help option. * NEWS, src/groupdel.c, man/groupdel.8.xml: Add --root option. Open audit and syslog after the potential chroot. * src/groupdel.c: Check atexit failures. * NEWS, src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c, man/pwconv.8.xml: Add --root option. * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c: Add --help option. * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c: Add process_flags() and usage(). * NEWS, src/chpasswd.c, man/chpasswd.8.xml, src/chgpasswd.c, man/chgpasswd.8.xml: Add --root option. * src/chpasswd.c, src/chgpasswd.c: The getopt index of long options is not used. * NEWS, src/passwd.c, man/passwd.1.xml: Add --root option. passwd's usage split in smaller messages. * src/passwd.c: Call sanitize_env() before setting the locales. * NEWS, src/groupmems.c, man/groupmems.8.xml: Add --root option. Open syslog after the potential chroot. * src/groupmems.c: The getopt index of long options is not used. * NEWS, src/chsh.c, man/chsh.1.xml: Add --root option. chsh's usage split in smaller messages. * src/chsh.c: The getopt index of long options is not used. * NEWS, src/gpasswd.c, man/gpasswd.1.xml: Add --root option. * src/gpasswd.c: The getopt index of long options is not used. 2011-10-22 Nicolas François * man/ja/Makefile.am, man/fr/Makefile.am, man/ru/Makefile.am, man/sv/Makefile.am, man/pl/Makefile.am, man/zh_CN/Makefile.am, man/it/Makefile.am, man/Makefile.am: Include man_nopam in EXTRA_DIST only when USE_PAM (they are already in man_MANS otherwise). 2011-10-22 Nicolas François * man/su.1.xml: Document that su -c does not providea controlling terminal. 2011-10-18 Nicolas François * src/newusers.c: Fix typo. * src/useradd.c: Likewise. * lib/nscd.c: Remove unused variable. * lib/prototypes.h, libmisc/cleanup.c, lib/spawn.c, src/chage.c: Add splint annotations. * src/sulogin.c (main): env is only used when USE_PAM is not set. 2011-10-15 Nicolas François * man/login.defs.d/LOGIN_STRING.xml: Fix typo. 2011-09-18 Nicolas François * lib/prototypes, libmisc/basename.c (Basename): Input is a constant string. * lib/prototypes.h, lib/spawn.h, lib/spawn.c, src/userdel.c, lib/nscd.c, lib/Makefile.am: Delete spawn.h. Move from spawn.h to prototypes.h. * src/userdel.c: Remove unused variables. * lib/nscd.c: Remove unused header files. * lib/nscd.c: Add the program name to error messages. * lib/nscd.c: Indicate when nscd does not terminate normally (signal). * lib/spawn.c: Updated header. * lib/spawn.c: Flush stdout and stderr to avoid inheriting from ongoing buffers. * lib/spawn.c: Avoid implicit conversion of pointer to boolean. * lib/spawn.c: Replace perror by a complete message. * lib/spawn.c: Continue to wait for the child if another child terminates. * lib/prototypes.h: The name field from cleanup_info_mod is a constant string. (username). 2011-09-18 Nicolas François * libmisc/cleanup.c: Spawn children should no trigger cleanup actions. Make sure only the parent (initial caller) perform the cleanup actions. 2011-09-18 Nicolas François * libmisc/salt.c (SHA_salt_rounds): It is statically ensured that the format fits in rounds_prefix. * libmisc/loginprompt.c: Likewise. 2011-09-18 Nicolas François * src/grpconv.c: Fail if not called correctly. * src/grpconv.c: At the end of main, the passwd and shadow files are locked. No need to check before unlocking. No need to set the lock as false neither since there cannot be anymore failures. 2011-09-18 Nicolas François * src/chage.c: EPOCH is not needed, it's converted to -1 by strtoday(). But we need to support "-1" specifically. * src/chage.c: Fix usage: LOGIN is mandatory. * src/chage.c: Display disabled expiry or last change as "-1" instead of 1969-12-31. 1969-12-31 is still supported as input from the user. * src/chage.c: Exit cleanly with fail_exit() (lock files were not removed). 2011-09-18 Nicolas François * src/useradd.c: Remove def_file. It was always set to USER_DEFAULTS_FILE. * src/useradd.c: Fix cut&paste issue causing bad warning when the useradd.default file contains an invalid INACTIVE= value. * src/useradd.c: Added missing end of line for rename errors. * src/useradd.c: Added -D synopsis to the usage message. * src/useradd.c: Do not scale_age(-1), just use -1. * src/useradd.c: Added FIXME to be fixed later. * src/useradd.c: Allow -e -1 when there is no shadow file. * src/useradd.c: Fail, but do not print the usage message when the -e argument is not valid. * src/useradd.c: No need to check for oflg since uflg is already checked. 2011-09-18 Nicolas François * src/su.c: Too much const were added on 2011-08-15. pw in save_caller_context() is allocated and freed. * src/su.c: Added missing #endif indication * src/su.c (save_caller_context): password only needed if SU_ACCESS and !USE_PAM. 2011-09-18 Nicolas François * src/usermod.c: date_to_str() is always called with negativ set to "never", remove this argument. * src/usermod.c: Added missing cast for gr_free argument. 2011-09-18 Nicolas François * src/pwconv.c: Fail if not called correctly. * src/pwconv.c: At the end of main, the passwd and shadow files are locked. No need to check before unlocking. 2011-09-18 Nicolas François * src/newusers.c: Initially set the passwd's password to '*' instead of 'x'. Only when it is confirmed that a shadow entry is (will be) added, set the passwd's password to 'x'. * src/newusers.c: An invalid line is an error. A failure needs to be reported. 2011-09-18 Nicolas François * src/gpasswd.c: Remove log_gpasswd_success_gshadow(). Writing in gshadowis the last sub-task. 2011-09-18 Nicolas François * src/chsh.c: No needto remove lines tarting with '#' from /etc/shells. This is already done by getusershell() and these shell would fail the access(X_OK) test. 2011-09-18 Nicolas François * man/generate_mans.mak: Fix the generation of translated man pages. xml2po removed the comment from empty headers and the config was no more inserted. 2011-09-18 Nicolas François * man/chage.1.xml: The LOGIN argument is not optional. * man/login.defs.d/QUOTAS_ENAB.xml: Document the dependency between /etc/limits and QUOTAS_ENAB. 2011-08-20 Nicolas François * po/POTFILES.in: Added lib/spawn.c. 2011-08-20 Jonathan Nieder * lib/Makefile.am: Added lib/spawn.c and lib/spawn.h. * lib/nscd.c, lib/spawn.c, lib/spawn.h: It is not possible to differentiate between an nscd failure, and a failure to execute due to no nscd with posix_spawn. Use our own run_command routine. * src/userdel.c: Use run_command() 2011-08-15 Nicolas François * src/groupmod.c: Ignore return value from snprintf. * src/groupmod.c: Add static qualifier to the cleanup structures. * src/groupmod.c: Check atexit failures. 2011-08-15 Nicolas François * src/usermod.c: Do not assign static to NULL. * src/usermod.c (date_to_str): buf needs to be unique (e.g. independent from negativ), and is an out buffer. * src/usermod.c: Ignore return value from snprintf, and force nul-termination of buffer. * src/usermod.c: Improve memory management. * src/usermod.c: An audit bloc was not reachable, moved above on success to move the home directory. * src/usermod.c: Ignore close() return value for the mailbox (opened read only). 2011-08-15 Nicolas François * src/su.c: Added const modifiers. * lib/prototypes: Synchronize splint annotations. 2011-08-14 Nicolas François * src/su.c: Add splint annotations. * src/su.c: Set caller_on_console as boolean. * src/su.c: Ignore return value from fputs (usage) / puts (prompt). * src/su.c: Improved memory management. 2011-08-14 Nicolas François * src/chgpasswd.c, src/chpasswd.c, src/newusers.c: Replace cflg by a test on crypt_method. 2011-08-14 Nicolas François * libmisc/chowndir.c: Add splint annotations. * src/chgpasswd.c: Likewise. * src/chpasswd.c: Likewise. * src/newusers.c: Likewise. * libmisc/salt.c, lib/prototypes.h (crypt_make_salt): Likewise. 2011-08-14 Nicolas François * lib/gshadow_.h: Fix typo in comment. 2011-08-14 Nicolas François * lib/prototypes.h, libmisc/getgr_nam_gid.c: getgr_nam_gid() returns an allocated structure. 2011-08-14 Nicolas François * src/su.c: Add annotations to indicate that su_failure() does not return. 2011-07-30 Nicolas François * lib/commonio.c: Display PID as unsigned long. 2011-07-30 Nicolas François * src/useradd.c: Remove unused Zflg. 2011-07-30 Nicolas François * src/chgpasswd.c: Fix typo sp -> sg. sg_namp -> sg_name * src/chgpasswd.c: Always update the group file when SHADOWGRP is not enabled. 2011-07-30 Nicolas François * src/newgrp.c: Fix typo in notreached annotation. 2011-07-30 Nicolas François * src/usermod.c: Add annotations to indicate that fail_exit() does not return. * src/usermod.c: Fix typo in notreached annotation. 2011-07-30 Nicolas François * libmisc/find_new_uid.c: free (used_uids) on return. * libmisc/find_new_gid.c: free (used_gids) on return. 2011-07-28 Nicolas François * lib/commonio.c: Fix NIS commit from 2011-07-14. 2011-07-28 Nicolas François * NEWS, src/chpasswd.c: Create a shadow entry if the password is set to 'x' in passwd and there are no entry in shadow for the user. * NEWS, src/chgpasswd.c: Create a gshadow entry if the password is set to 'x' in group and there are no entry in gshadow for the group. 2011-07-28 Nicolas François * src/pwunconv.c: Exit after printing usage when arguments or options are provided. * src/pwunconv.c: Re-indent. * src/pwunconv.c: Open the shadow file read only. * src/grpunconv.c: Exit after printing usage when arguments or options are provided. * src/grpunconv.c: Open the gshadow file read only. 2011-07-28 Nicolas François * src/chgpasswd.c: Fix typo. 2011-07-23 Nicolas François * NEWS, src/login.c: Do not log in utmp / utmpx / wtmp when PAM is enabled. This is already done by pam_lastlog. Note that pam_lastlog can only log the parent PID, not the PID of the process forked by login. 2011-07-23 Nicolas François * src/chpasswd.c: Add annotations to indicate that usage() does not return. * src/chpasswd.c: Reindent. * src/chpasswd.c: Remove dead code. No need to set crypt_method to NULL when it is already NULL. sflg is only set if crypt_method is not NULL. 2011-07-23 Nicolas François * src/lastlog.c: Add annotations to indicate that usage() does not return. 2011-07-23 Nicolas François * src/faillog.c: Add annotations to indicate that usage() does not return. * src/faillog.c: Fix message: this is faillog, not lastlog. * src/faillog.c: Check that there are no extra arguments after parsing the options. 2011-07-23 Nicolas François * src/chgpasswd.c: Add annotations to indicate that usage() does not return. * src/chgpasswd.c: Split usage in smaller parts. Those parts are already translated for chpasswd. Usage is now closer to chpasswd's. * src/chgpasswd.c: Remove dead code. No need to set crypt_method to NULL when it is already NULL. sflg is only set if crypt_method is not NULL. 2011-07-23 Nicolas François * src/expiry.c: Remove dead code. * src/expiry.c: Improve comments. 2011-07-23 Nicolas François * src/grpck.c: Added comments. * src/grpck.c: Avoid implicit conversion of pointer to boolean. * src/grpck.c: Remove dead code. argc cannot be lower than optind. Avoid checking twice in a row for NULL != list[i]. 2011-07-22 Nicolas François * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of invalid configuration. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated comments. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict on the loop stop conditions. Stop if we passed the limit, even if the limit itself was never noticed. 2011-07-14 Nicolas François * man/po/fr.po: Fix some spacing issues due to configuration variants. 2011-07-14 Nicolas François * src/passwd.c: Overflow when computing the number of days based on the scaling. Use of long long needed. 2011-07-14 Nicolas François * NEWS, lib/commonio.h, lib/commonio.c: Additional messages to indicate why locking failed. * NEWS, lib/commonio.c: Fix the sort algorithm in case of NIS. NIS entries were dropped. * lib/commonio.c: NIS entries can start by '+' or '-'. 2011-07-14 Nicolas François * NEWS, src/groupmod.c: When the gshadow file exists but there are no gshadow entries, an entry is created if the password is changed and group requires a shadow entry. 2011-07-14 Nicolas François * src/usermod.c: Fix typo in comment. * src/usermod.c (move_home): It is always an error to use -m if the new home directory already exist (independently from the existence of the old home directory did not exist) * src/usermod.c (process_flags): Report usage if no options are provided. Update the error message. * src/usermod.c (process_flags): Check option compatibility and dependency before options are discarded when no changes are requested. * src/usermod.c (process_flags): Check for oflg is not needed to check if changes are needed. * src/usermod.c: usage() does not return. Add annotations. * src/usermod.c (update_gshadow): is_member was computed twice. * src/usermod.c (update_group, update_gshadow): Reduce complexity and document checks. Some checks were always true/false within their call context. * NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file exists but there are no shadow entries, an entry has to be created if the password is changed and passwd requires a shadow entry, or if aging features are used (-e or -f). Document this and also that -e and -f require a shadow file. * man/usermod.8.xml: Document behavior of an empty EXPIRE_DATE. * man/usermod.8.xml: Document that the mail spool might have to be renamed (as for the homedir) * src/usermod.c (new_pwent): Document that pw_locate will not fail because getpwnam returned successfully. * src/usermod.c (process_flags): Do not display the usage in case of an invalid -f value (similar to -e). * src/usermod.c (process_flags): Indicate that the user name is invalid, instead of just a 'field'. 2011-07-08 Nicolas François * src/groupadd.c: Fix typo in comment. * src/userdel.c: Fix typo from 2011-06-04. Report failure on the mailfile instead of user_home. * lib/fields.c: Fixed typo from 2010-02-15. field insteadof cp ought to be checked. * src/vipw.c: Use Prog instead of progname. This is needed since Prog is used in the library. * configure.in: Fix typo. libcrack default is 'no'. * src/groupmod.c: Avoid implicit conversion of pointer to boolean. * src/groupmod.c: osgrp can be set only if pflg || nflg. No need to check for pflg || nflg again 2011-07-08 Nicolas François * man/*.xml, man/config.xml.in: Add source and version information. This reduce the amount of warnings during the manpages generation. 2011-06-25 Nicolas François * man/passwd.1.xml: Added reference to chpasswd(8). * man/po/ru.po: Add space between option and argument. 2011-06-16 Francisco Javier Cuadrado * po/es.po: Spanish translation 2011-06-16 Nicolas François * libmisc/isexpired.c: Added parenthesis. * libmisc/env.c: Added comments. * libmisc/env.c: Avoid implicit conversion of pointer to boolean. 2011-06-16 Nicolas François * src/su.c: environ is provided by . * src/su.c: Added function prototypes. * src/su.c: Rename shellstr parameter to shellname to avoid collision with static variable. * NEWS, src/su.c: Added support for PAM modules which change PAM_USER. 2011-06-13 Nicolas François * src/su.c (prepare_pam_close_session): Extract the creation of a child and listening for signal in the parent from run_shell(). prepare_pam_close_session() is now executed before the creation of the pam session and before the UID is changed. This allows to close the session as root. * src/su.c: Also drop the controlling terminal when PAM is not used. * src/su.c: Remove run_shell(). * src/su.c: After prepare_pam_close_session() there is no need to close the session in the child. Added pam_setcred to prepare_pam_close_session(). 2011-06-12 Nicolas François * src/su.c (save_caller_context): Extract from main() the code used to save the caller's context. * src/su.c: Split check_perms() in to a PAM (check_perms_pam) and a non-PAM (check_perms_nopam) version. * src/su.c: Cleanup check_perms_nopam(). * src/su.c: Merge environment setting blocks after the creation of the session. * src/su.c: Close the password databases together with syslog. * src/su.c: Extract command line processing from main(). * src/su.c: Extract export of environment from main(). 2011-06-10 Nicolas François * src/su.c: Group some of the environment processing blocks. The definition of shellstr, PATH and IFS is not influenced (getenv, getdef, restricted_shell) by and does not influence (addenv does not change environ) the authentication. And the authentication did not overwrite those definitions. This will ease an extraction from the big main() function. * src/su.c: Move definition of change_environment and shellstr after the switch to the final subsystem. The previous architecture forced to always change the environment (the shell starts with a '*' and was thus restricted, and change_environment could not be reset to false). * src/su.c: No need to change the user's shell in case of subsystem root. Update the comments. * src/su.c: Define shellstr before the environment so that restricted_shell is called only once. This will allow moving the environment definition after the switch to the new user. * src/su.c: Extract the authentication from the main function. * lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not use the pwent global variable to communicate between APIs of different files. Added boolean parameter su_to_root to check_su_auth(). * src/su.c (check_perms): Return the passwd entry of the finally authenticated user. Remove usage of the pwent variable. * src/su.c: The password of the caller is the one from the spwd structure only if the passwd's password is 'x'. * src/su.c: Cleanup local variables. 2011-06-10 Nicolas François * src/su.c: Updating pwent after expire() is not useful. Only the password information may have changed and they are not used anymore afterwards. * src/su.c: No need to call expire() if there are no shadow entry. No need to convert a passwd entry into an spwd entry in that case. 2011-06-12 Thomas Blein * man/po/fr.po: French manpages translation 2011-06-05 Nicolas François * NEWS, src/su.c: Do not forward the controlling terminal to commands executed with -c. This prevents tty hijacking which could lead to execution with the caller's privileges. This required to forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to the executed command. 2011-06-05 Nicolas François * NEWS, src/userdel.c: Do not remove a group with the same name as the user (usergroup) if this group isn't the user's primary group. 2011-06-04 Nicolas François * NEWS, src/userdel.c: Check the existence of the user's mail spool before trying to remove it. If it does not exist, a warning is issued, but no failure. 2011-06-03 Nicolas François * src/sulogin.c: Added Prog, needed because of the last xmalloc() change. 2011-06-03 Nicolas François * man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN Makefile. * man/Makefile.am: Build zh_CN pages. * man/generate_translations.mak: Add config.xml to CLEANFILES. * man/po/zh_CN.po: limits, groups, faillog, expiry should not be translated (command name, file name), also this broke the build system as they are used to derive manpage names. 2011-06-02 Peter Vrabec * src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry to be displayed. 2011-06-02 Nicolas François * libmisc/xmalloc.c: Harmonize message. 2011-06-02 Peter Vrabec * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing memory allocation check. 2011-06-02 Cal Peake * NEWS, libmisc/addgrps.c: Fix allocator loop. Continue to getgroups() when getgroups fails (-1) with errno==EINVAL. 2011-06-01 Simon Brandmair * man/newusers.8.xml, man/suauth.5.xml, man/suauth.5.xml, man/logoutd.8.xml, man/chgpasswd.8.xml, man/groups.1.xml, man/faillog.5.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml, man/login.defs.d/DEFAULT_HOME.xml, man/login.defs.d/LOGIN_RETRIES.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml, man/login.defs.d/PORTTIME_CHECKS_ENAB.xml, man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Fix typos * man/po/de.po: German translation of manpages completed 2011-05-23 Innocent De Marchi * po/ca.po: Catalan translation completed 2011-04-22 Miguel Figueiredo * po/pt.po: Portuguese translation completed 2011-04-22 Thomas Blein * po/fr.po: French translation completed 2011-04-16 Holger Wansing * po/de.po: German translation completed 2011-04-15 Fred Maranhão * po/pt_BR.po: Brazilian Portuguese translation completed 2011-04-10 Yuri Kozlov * po/ru.po: Russian translation completed 2011-04-07 Daniel Nylander * po/sv.po: Swedish translation completed 2011-04-07 Joe Dalton * po/da.po: Danish translation completed 2011-04-05 Timur Birsh * po/kk.po: Kazakh translation completed 2011-04-05 NAKANO Takeo * po/ja.po: Japanese translation completed 2011-03-30 YunQiang Su * man/po/zh_CN.po: convert Simplified Chinese translation of manpages to gettext * po/zh_CN.po: Simplified Chinese translation completed 2010-02-15 Nicolas François * man/ru/Makefile.am: Remove double inclusion of $(man_nopam) 2010-02-15 Nicolas François * libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in user_busy() rather than in src/userdel.c or src/usermod.c to provide more accurate failure cause (user is logged in or user still executes processes). 2010-02-15 Nicolas François * lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check entry validity before commits to databases. * libmisc/fields.c, libmisc/Makefile.am, lib/fields.c, lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to lib. * lib/fields.c: Fail if input pointer is NULL. 2010-02-13 Nicolas François * NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in gecos or shell. 2011-02-12 Nicolas François * autogen.sh: Restore original autoreconf (see 2010-08-29's change for autogen.sh) * configure.in, man/po/Makefile.in.in, man/po/Makefile.in: Makefile.in.in replaced by Makefile.in to avoid config.status issues when there are multiple po directories. * man/po/LINGUAS: Adapted to above change. * man/po/POTFILES.in, man/po/XMLFILES: POTFILES.in replaced by XMLFILES. * man/Makefile.am: generate_mans.deps shall be included by make, not automake. 2010-11-19 Nicolas François * NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login to hang when CONSOLE was configured with a colon separated list of TTYs. See http://bugs.gentoo.org/show_bug.cgi?id=324419 2010-09-05 Nicolas François Integrate review comments from Julien Cristau * libmisc/copydir.c: Missing parenthesis in comment. * libmisc/chowndir.c: Fixed memory leak on failed realloc(). * libmisc/chowndir.c: Make sure the buffer for the path is large enough. * libmisc/remove_tree.c: Remove check for NULL before free(). 2010-08-29 Nicolas François * man/po/fr.po: Fix 2 fuzzy strings. 2010-08-29 Nicolas François * NEWS, src/usermod.c: Accept options in any order (username not necessarily at the end) 2010-08-29 Nicolas François * autogen.sh: Expand autoreconf to avoid running autopoint. 2010-08-29 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-08-28 Brian M. Carlson * man/chsh.1.xml: Fix comma splice. 2010-08-28 Nicolas François * lib/protoypes.h, libmisc/copydir.c, src/useradd.c: selinux_file_context renamed set_selinux_file_context. * lib/protoypes.h, libmisc/copydir.c, src/useradd.c: Added reset_selinux_file_context. * src/useradd.c: Check the return value of set_selinux_file_context and reset_selinux_file_context. * libmisc/copydir.c: Check the return value of reset_selinux_file_context. 2010-08-28 Nicolas François * src/su.c: Fix handling of environment variables when the environment is not changed. In particular, this makes su behave as documented regarding PATH and IFS (i.e. they are reset) when -p is provided. 2010-08-28 Nicolas François * man/su.1.xml: Fix typo. 2010-08-22 Nicolas François * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c, src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c, src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c, src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c, src/grpunconv.c, src/chsh.c: Prog changed to a constant string. 2010-08-22 Nicolas François * libmisc/limits.c: Avoid implicit conversion of integer to boolean. * libmisc/basename.c: Avoid implicit conversion of pointer to boolean. * libmisc/basename.c, lib/prototypes.h (Basename): Return a constant string. * libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h, libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c, libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add splint annotations. * libmisc/chowndir.c: Avoid memory leak. * libmisc/chowndir.c: Do not check *printf/*puts return value. * libmisc/chowntty.c: Avoid implicit conversion between integer types. * libmisc/obscure.c: Return a bool when possible instead of int. * libmisc/shell.c: Do not check *printf/*puts return value. * libmisc/shell.c: Do not check execle return value. * libmisc/setupenv.c: Avoid implicit conversion between integer types. * libmisc/xmalloc.c: size should not be zero to avoid returning NULL pointers. * libmisc/hushed.c: Do not check *printf/*puts return value. * libmisc/system.c: Avoid implicit conversion of integer to boolean. safe_system last argument is a boolean. * libmisc/system.c: Check return value of dup2. * libmisc/system.c: Do not check *printf/*puts return value. * libmisc/system.c: Do not check execve return value. * libmisc/salt.c: Do not check *printf/*puts return value. * libmisc/loginprompt.c: Do not check gethostname return value. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check gr_rewind/pw_rewind return value. * libmisc/ttytype.c: Limit the number of parsed characters in the sscanf format. * libmisc/ttytype.c: Test if a type was really read. * libmisc/sub.c: Do not check *printf/*puts return value. * libmisc/sub.c: Avoid implicit conversion of integer to boolean. * src/userdel.c: Fix typo in comment. * src/userdel.c: Avoid implicit conversion of boolean to integer. * src/userdel.c: safe_system last argument is a boolean. * src/newusers.c: Avoid implicit conversion of boolean to integer. * src/newusers.c: Avoid implicit conversion of integer to boolean. * src/usermod.c: Add brackets. * src/usermod.c: Avoid implicit conversion of characters or integers to booleans. * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c: Avoid implicit conversion of integer to boolean. * src/su.c: Add brackets. * src/useradd.c: Avoid implicit conversion of characters or integers to booleans. 2010-08-22 Nicolas François * libmisc/obscure.c, lib/prototypes.h (obscure): Return a bool instead of an int. * libmisc/obscure.c, libmisc/tz.c, src/passwd.c, lib/encrypt.c, libmisc/copydir.c, lib/prototypes.h: Add splint annotations. * libmisc/tz.c: Fix some const issues. * libmisc/tz.c: Avoid multi-statements lines. * libmisc/tz.c: Add brackets. * libmisc/copydir.c: Do not check *printf/*puts return value. * libmisc/copydir.c: Fail if we cannot set or reset the SELinux fscreate context. * libmisc/copydir.c: Use xmalloc instead of malloc. * libmisc/copydir.c: Do not check lutimes return value * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c (iswheel): Return a bool instead of an int. * src/passwd.c: Remove insert_crypt_passwd(). Use xstrdup instead. * src/passwd.c: Return constant strings when sufficient. * src/passwd.c: Do not check *printf/*puts return value. * src/passwd.c: Avoid implicit conversion of character to boolean. * src/passwd.c: Do not check sleep return value. * src/sulogin.c: Do not check *printf/*puts return value. * lib/encrypt.c: Do not check fprintf return value. 2010-08-21 Nicolas François * src/passwd.c: Fix a const issue. * src/passwd.c: Avoid multi-statements lines. * src/sulogin.c: Fix a const issue. 2010-08-21 Nicolas François * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to copy the extended attributes (the SELinux context is hence reset) * src/usermod.c: Copy the extended attributes. * src/useradd.c: Only reset the SELinux context. 2010-08-21 Nicolas François * configure.in: Fixed typo. 2010-08-21 Nicolas François * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c, libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c, libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/obscure.c, libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c, lib/commonio.c, lib/commonio.h, libmisc/setugid.c, libmisc/setupenv.c: Fix some const issues. * libmisc/motd.c: Avoid multi-statements lines. * libmisc/motd.c: Support long MOTD_FILE. * libmisc/list.c, lib/prototypes.h: Revert previous change. dup_list and is_on_list are used with members as defined for the group structure, and thus even if the list is not modified, the list elements cannot be constant strings. * libmisc/system.c: Avoid C++ comments. * src/vipw.c: WITH_TCB cannot be tested inside a gettextized string. Split the Usage string. * lib/commonio.h: Re-indent. 2010-08-21 Nicolas François * libmisc/audit_help.c (audit_logger):pgname is not used. We let audit find out the name of the program. * libmisc/audit_help.c: Re-indent. 2010-08-20 Nicolas François * lib/groupio.c: Avoid implicit conversion from signed to unsigned. 2010-08-20 Nicolas François * lib/commonio.c: Make sure there are no NULL pointer dereference. 2010-08-20 Nicolas François * libmisc/remove_tree.c: Ignore snprintf return value. 2010-08-20 Nicolas François * lib/prototypes.h, libmisc/list.c: dup_list() and is_on_list() do not change the members of the list they receive. Added const qualifiers. 2010-08-20 Nicolas François * src/usermod.c: Re-indent. 2010-08-20 Nicolas François * lib/commonio.c: Avoid multi-statements lines. 2010-08-20 Nicolas François * man/po/fr.po: Fix a typo. 2010-06-24 Baurzhan Muftakhidinov * NEWS, po/kk.po: Updated Kazakh translation. 2010-04-12 Nicolas François * man/po/fr.po: Fix some typos. Minor updates: 886t70f187u. 2010-04-12 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-04-05 Nicolas François * man/newusers.8.xml, man/useradd.8.xml, man/groupadd.8.xml, man/login.defs.d/UMASK.xml, man/login.defs.d/CREATE_HOME.xml, man/login.defs.d/LOGIN_RETRIES.xml: Fix typos: choosen, overriden, bahavior. 2010-04-04 Nicolas François * man/usermod.8.xml: Document changes of ownerships. 2010-04-04 Nicolas François * man/vipw.8.xml: Fix formatting typo. * man/vipw.8.xml: Document the login.defs parameters only when tcb is enabled. 2010-04-04 Nicolas François * src/useradd.c: spool is a constant string. * src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false 2010-04-04 Nicolas François * src/usermod.c: move_home() is only called if mflg is set. * src/usermod.c: Fail is -m is provided but the old home directory is not a directory. * src/usermod.c: Use the previous improvement of copy_tree to provide better error diagnosis. * src/usermod.c: When rename() is used, also change the ownership. * src/usermod.c: Do not change the ownership of the root directory twice. * src/usermod.c: When -u is provided, only change the ownership of the home directory if it is a directory. * src/usermod.c: Also change ownerships when -g is used. 2010-04-04 Nicolas François * lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to copy_tree to detect when ownership shall be changed. * libmisc/copydir.c: Document the behavior when the IDs are set to -1. * lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter copy_root. * libmisc/copydir.c: error() and ctx can be static. * libmisc/copydir.c (copy_hardlink): Remove parameter src. 2010-04-04 Nicolas François * libmisc/chowndir.c: Dynamically allocate memory to support path longer than 1024 characters. * libmisc/chowndir.c: Fix typos in documentation. * libmisc/chowndir.c: Support and document the behavior when a old or new ID is set to -1. * libmisc/chowndir.c: Improved error detection when chown fails. * libmisc/chowndir.c: Harmonize error handling strategy when an error occurs: stop changing ownership as soon as an error was detected. 2010-04-03 Nicolas François * man/hu/passwd.5: Fix formatting typo. * man/id/login.1: Likewise. 2010-03-31 Nicolas François * man/vipw.8.xml: When TCB is enabled, vipw uses login.defs. 2010-03-31 Nicolas François * NEWS, libmisc/copydir.c: When a hardlink is detected, the original hardlink should not be removed. 2010-03-30 Nicolas François * po/POTFILES.in, libmisc/Makefile.am, lib/prototypes.h, libmisc/remove_tree.c, libmisc/copydir.c: Split remove_tree() outside of copydir.c to avoid linking against libacl or libattr. 2010-03-30 Nicolas François * src/su.c: shell's name must be -su when a su fakes a login. 2010-03-30 Nicolas François * NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml, man/usermod.8.xml, src/Makefile.am: Added support for ACLs and Extended Attributes. 2010-03-30 Nicolas François * libmisc/copydir.c: Document the sections closed by #endif 2010-03-27 Nicolas François * man/vipw.8.xml: Add section ENVIRONMENT. 2010-03-26 Nicolas François * etc/login.defs: Updated description of UMASK to indicate its usage by pam_umask. * man/login.defs.d/UMASK.xml: Likewise. 2010-03-25 Nicolas François * man/login.1.xml: login does not check for new mails in PAM enabled versions. This is done by pam_mail. 2010-03-25 Nicolas François * NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml: PAM enabled versions: restore the -e option to allow restoring passwords without knowing those passwords. Restore together the -m and -c options. 2010-03-23 Nicolas François * src/su.c, src/vipw.c, src/newgrp.c: When the child is interrupted, stop ourself with a SIGSTOP signal. 2010-03-23 Nicolas François * src/newgrp.c: Limit the scope of variable pid. * src/login_nopam.c: Limit the scope of variables end, lineno, i, str_len. * src/logoutd.c: Limit the scope of variable c. * src/vipw.c: Re-indent. * src/vipw.c: Close the file after the creation of the backup. * src/useradd.c (set_default): Close input file on failure. * src/useradd.c: Limit the scope of variables spool, file, fd, gr, gid, mode. * src/passwd.c: Limit the scope of variables last and ok. * src/chage.c: Fix typo (non breaking space). * src/login.c: Limit the scope of variables erasechar killchar, c, failed. * src/groups.c: Limit the scope of variable ngroups, pri_grp, i. * src/id.c: Limit the scope of variable i. 2010-03-22 Nicolas François * lib/utent.c (getutline): Remove getutline(). This function is no more used. * lib/groupmem.c: Limit the scope of variable i. * lib/shadow.c: Avoid implicit conversion of pointers and integers to booleans. * lib/shadow.c: Added brackets. * libmisc/limits.c: Limit the scope of variable tmpmask. * libmisc/copydir.c: Close opened file on failure. * libmisc/loginprompt.c: Limit the scope of variable envc. * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope of variable id. 2010-03-21 Nicolas François * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and the GID equivalents) 2010-03-20 Nicolas François * NEWS, configure.in: Next version will be 4.1.5. * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-03-20 Nicolas François * libmisc/limits.c: Re-indent to make pmccabe happy. 2010-03-20 Nicolas François * man/generate_translations.mak, man/generate_mans.mak: Fix distcheck. All manpages generation code shall be enclosed in ENABLE_REGENERATE_MAN conditions. 2010-03-20 Nicolas François * man/useradd.8.xml: Do not document the features which are not working. * man/useradd.8.xml: Fix typo: -u was meant instead of -o. * man/useradd.8.xml: Document that the default behavior depends on CREATE_HOME. 2010-03-20 Nicolas François * lib/groupio.c: Fix memory management insplit_groups(). 2010-03-20 Nicolas François * libmisc/strtoday.c: Empty dates indicate a disabled date, this is not an error. 2010-03-19 Nicolas François * src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos. * libmisc/limits.c: Removed unused variable. 2010-03-19 Nicolas François * lib/commonio.c: Stop sorting entries when we reach the first NIS line. 2010-03-18 Nicolas François * src/chsh.c: Even for root, warn if an invalid shell is specified. Alioth#311305 2010-03-18 Nicolas François * man/limits.5.xml: Document the selection of the limits when multiple lines match the user. 2010-03-18 Nicolas François * libmisc/limits.c: Re-indent. * libmisc/limits.c: Reformat the documentation. Avoid personal comments. * man/limits.5.xml: Document the new features. 2010-03-18 Thomas Orgis * NEWS, libmisc/limits.c: Fix parsing of limits. * NEWS, libmisc/limits.c: Add support for infinite limits. * NEWS, libmisc/limits.c: Add support for @group syntax. 2010-03-18 Nicolas François * lib/tcbfuncs.h: Re-indent. * lib/tcbfuncs.h: Explicitly indicate function taking a void parameter. 2010-03-18 Nicolas François * src/useradd.c: When exiting because of a failure, warn if an home directory created, but cannot be removed. 2010-03-18 Nicolas François * libmisc/chowndir.c: Re-indent. * libmisc/chowndir.c: Avoid assignment in comparisons. * libmisc/chowndir.c: Added brackets and parenthesis. 2010-03-18 Nicolas François * libmisc/strtoday.c: Add support for numerical dates, assuming they are already specified in number of days since Epoch. Return -2 in case of errors to support the specification of -1. * src/usermod.c, src/useradd.c: Adapt to the new error value of strtoday(). * src/chage.c: Remove isnum(). Adapt to the new error value of strtoday(). Support for numerical dates is moved to strtoday(). 2010-03-18 Nicolas François * man/po/fr.po: Harmonize name of parameters. 2010-03-18 Nicolas François * NEWS: Indicate which tools support TCB. 2010-03-18 Nicolas François * src/pwck.c: Unlock the password and shadow files when there is a failure to prepare the update in memory. 2010-03-18 Nicolas François * src/pwck.c: Only log to SYSLOG when acting on system files. 2010-03-18 Nicolas François * src/pwck.c: Document the sections closed by #endif * src/pwck.c, man/pwck.8.xml: No alternative shadow file can be given when USE_TCB is enabled. * src/pwck.c: Remove the -s option from the usage when USE_TCB is enabled. The option is still supported, but has no effect, as documented in the manpage. 2010-03-18 Nicolas François * src/pwck.c: Do not use pwd_file and spw_file. Always use the dbname() functions. 2010-03-18 Nicolas François * src/pwck.c: Re-indent. 2010-03-18 Nicolas François * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c, src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the SHADOWTCB_FAILURE return code instead of 0 or implicit conversion to booleans. 2010-03-18 Paweł Hajdan, Jr. * src/pwck.c: Add support for TCB. * src/pwck.c: Use spw_dbname() instead of spw_file since TCB changes from a file to another depending on the user. Also use pw_dbname() for consistency. 2010-03-17 Nicolas François * src/faillog.c: Re-indent. 2010-03-17 Nicolas François * lib/tcbfuncs.h: Added type shadowtcb_status. * lib/tcbfuncs.h, lib/tcbfuncs.c: Return a shadowtcb_status instead of an int. * lib/tcbfuncs.c: Do not return in OUT_OF_MEMORY. * lib/tcbfuncs.c: Only FreeBSD specify that the returned buffer is NULL in case of failure. The return value of asprintf shall be checked. * lib/tcbfuncs.c: Avoid implicit conversion of pointers or integers to booleans. * lib/tcbfuncs.c: Avoid assignments in comparisons. * lib/tcbfuncs.c: Do not free path before its last use. * lib/tcbfuncs.c: Include shadowio.h, needed for the spw_setdbname's prototype. * lib/tcbfuncs.c: Ignore fflush() return value. * lib/tcbfuncs.c: Avoid implicit signed to unsigned conversions. * lib/tcbfuncs.c: Avoid integer to char conversions. * lib/tcbfuncs.c: Include prototypes.h for the definition of Prog. * lib/tcbfuncs.c: Removed dead return. * lib/tcbfuncs.c: move_dir() and shadowtcb_move() need a non NULL stored_tcb_user. * lib/tcbfuncs.c: Avoid implicit int to mode_t conversion. * lib/tcbfuncs.c: Added brackets and parenthesis. * lib/tcbfuncs.c: Re-indent. 2010-03-17 Nicolas François * lib/commonio.c: Avoid implicit conversion of pointers to booleans. * lib/commonio.c: Ignore the return value of close when a failure is reported. 2010-03-16 Nicolas François * man/faillog.8.xml: Document the behavior in display mode of the -a option. * NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to the non-display mode. This changes the default behavior of the -l, -m, -r, -t options when -a is not specified (restrict to existing users). 2010-03-15 Nicolas François * man/chage.1.xml, man/login.defs.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml: Document the usage of the TCB_AUTH_GROUP, TCB_SYMLINKS, and USE_TCB configuration parameters. * man/pwconv.8.xml, man/pwck.8.xml: Document the behavior when USE_TCB is enabled. 2010-03-15 Nicolas François * po/POTFILES.in, lib/tcbfuncs.c: Add more strings for translation. * lib/tcbfuncs.c: Indicate the name of the program in error messages. Avoid perror. * src/useradd.c: Re-indent. * src/useradd.c: Add more strings for translation. Indicate the name of the program in error messages. * src/userdel.c: Re-indent. * src/userdel.c: Add more strings for translation. Indicate the name of the program in error messages. 2010-03-15 Nicolas François * src/usermod.c: user_newname and user_newid cannot be used to test if the username or ID is changed. lflg and uflg should be used instead. 2010-03-15 Nicolas François * src/userdel.c: Avoid perror. Give more verbose warnings. 2010-03-11 Nicolas François * man/Makefile.am: Indicate that man/generate_mans.deps is generated. 2010-03-11 Nicolas François * lib/commonio.c: Re-indent. * lib/commonio.c: Document the sections closed by #endif * lib/commonio.c: Added brackets. * lib/commonio.c: Avoid implicit conversion of integer to booleans. 2010-03-11 Nicolas François * src/userdel.c: Re-indent. * src/userdel.c: Added brackets. * src/userdel.c: Avoid implicit conversion of pointers to booleans. 2010-03-11 Nicolas François * lib/shadowio.c: Re-indent. * lib/shadowio.c: Added brackets and parenthesis. * lib/shadowio.c: Document the sections closed by #endif * lib/shadowio.c: Avoid negation of comparisons. * lib/shadowio.c: Avoid implicit conversion of integer to booleans and booleans to integers. 2010-03-11 Nicolas François * src/useradd.c: Re-indent. * src/useradd.c: Added brackets. * src/useradd.c: Avoid implicit conversion of integers to booleans. * src/useradd.c: Harmonize error messages. 2010-03-11 Nicolas François * src/vipw.c: Document the sections closed by #endif * src/vipw.c: Avoid implicit conversion of pointers or integers to booleans. * src/vipw.c: Added brackets and parenthesis. * src/vipw.c: Limit the definition of some variables and macros to the WITH_TCB scope. * src/vipw.c: Avoid assignment in comparisons. * src/vipw.c: Replace PASSWD_FILE (resp. GROUP_FILE and SGROUP_FILE) by pw_dbname () (resp. gr_dbname () and sgr_dbname ()). This is more consistent with the shadow file handling and may be useful to allow edition of another partition's files. 2010-03-11 Nicolas François * src/usermod.c: Re-indent. * src/usermod.c: Avoid implicit conversion of pointers to booleans. * src/usermod.c: Added parenthesis. 2010-03-11 Nicolas François * src/pwunconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-10 Nicolas François * src/userdel.c: Re-indent. * src/userdel.c: Avoid implicit conversion of pointers to booleans. * src/userdel.c: Document the sections closed by #endif 2010-03-10 Nicolas François * src/pwconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-10 Nicolas François * libmisc/copydir.c: Added parenthesis. 2010-02-14 Michael Bunk * NEWS, lib/gshadow.c: Fix parsing of gshadow entries. 2010-01-30 Paweł Hajdan, Jr. * NEWS: Add support for TCB. * lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to support TCB. * lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean parameter remove_root. * configure.in: Add conditional WITH_TCB. * src/userdel.c, src/usermod.c: Add support for TCB. Update call to remove_tree(). * src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled. * src/vipw.c: Add support for TCB. Update call to remove_tree(). * src/useradd.c: Add support for TCB. Open the shadow file outside of open_files(). * src/chage.c: Add support for TCB. * src/Makefile.am: Install passwd sgid shadow when TCB is enabled. * lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml, man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml, man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak, man/generate_mans.deps, man/Makefile.am: New configuration parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB. * lib/shadowio.c, lib/commonio.c: Add support for TCB. 2010-01-24 Nicolas François * libmisc/env.c: Fix sanitize_env() noslash support. This fixes Alioth#311740. 2010-01-24 Nicolas François * src/su.c: Do not sanitize the environment. This breaks --preserve-environment. This sanitation was disabled on Debian since quite some time with no reported issues, and sanitize_env() documentation agrees that it should be useless as all modern Unixes will handle setuid executables properly. This fixes Alioth#312287. 2010-01-24 Nicolas François * libmisc/setupenv.c: Fix typo from 2009-11-01. 2010-01-24 Paweł Hajdan, Jr. * configure.in: Add support for TCB in configure.in. Actual TCB support will follow. 2009-11-05 Nicolas François * NEWS, src/groupmod.c: Fixed groupmod when configured with --enable-account-tools-setuid. 2009-11-01 Nicolas François * NEWS, man/login.defs.d/ENV_SUPATH.xml, libmisc/setupenv.c: Harmonize other paths and documentation with previous change. 2009-11-01 Michel Hermier * src/su.c: Set the default ENV_SUPATH to /sbin:/bin:/usr/sbin:/usr/bin (i.e. PATH when no ENV_SUPATH is specified). 2009-10-15 Thorsten Kukuk * src/faillog.c, man/faillog.8.xml: Harmonize long option in code and documentation. Use --lock-secs instead of --lock-time. 2009-10-05 Miroslav Kure * po/cs.po: updated to 412t 2009-09-29 Clytie Siddall * po/vi.po: updated to 412t 2009-09-27 Miroslav Kure * po/cs.po: updated to 411t1f 2009-09-24 Christian Perrier * man/po/fr.po: Updated French translation to 835t99f165 2009-09-24 Clytie Siddall * po/vi.po: updated to 348t30f34u 2009-09-08 Nicolas François * lib/commonio.c: Avoid pre-decrement operator (--n). Add some comments. * libmisc/cleanup.c: Fix off by one in an assertion. 2009-09-08 Nicolas François * src/su.c: Fix indentation. * src/su.c: Add more messages for translation. * src/su.c: Ignore kill() return value when sending the TERM signal. If it fails, a KILL should be sent anyway. 2009-09-08 Nicolas François * NEWS, src/su.c: When su receives a signal, wait for the child to terminate (after sending a SIGTERM), and kill it only if it did not terminate by itself. No delay will be enforced if the child cooperates. See http://bugs.gentoo.org/282094 * NEWS, man/su.1.xml: Document su's exit values. 2009-09-08 Nicolas François * src/useradd.c: The default value for the CREATE_MAIL_SPOOL variable (i.e. if CREATE_MAIL_SPOOL= is specified without any values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL="). 2009-09-08 Nicolas François * src/useradd.c: Avoid redefinition of SHELL. Use DSHELL instead. For consistency, change HOME, INACT, EXPIRE, SKEL, and CREATE_MAIL_SPOOL to DHOME, DINACT, DEXPIRE, DSKEL, and DCREATE_MAIL_SPOOL. 2009-09-08 Nicolas François * src/newusers.c: Prefer #ifdef over #if. 2009-09-08 Nicolas François * configure.in: We do not use SETPGRP_VOID, and already assume that setpgrp has a void argument. Remove AC_FUNC_SETPGRP to ease cross compiling. 2009-09-07 Nicolas François * man/generate_translations.mak, man/generate_mans.mak, po/Makefile.in.in: Removing and restoring the config.xml file broke parallel builds. Build the manpages based on *.xml-config files instead of *.xml files. The *.xml do not include config.xml anymore, which permits to run xml2po without needing to remove config.xml. The config.xml is restored in the *.xml-config files. * man/groupadd.8.xml: Implementation of the above. * man/generate_mans.deps: Updated dependencies 2009-09-07 Steve Grubb * libmisc/limits.c: Fix the format to match the unsigned long variable in argument. * libmisc/utmp.c: Fix tests. tmptty is a variable stack. ut_host is an array of the ut structure. None of them can be NULL. 2009-09-07 Nicolas François * lib/shadowmem.c: Only copy the required fields of the struct spwd. (start with the primitive types) * lib/shadowmem.c: Avoid memzero() on a possibly NULL pointer. * lib/groupmem.c: Only copy the required fields of the struct group. (start with the primitive types) * lib/groupmem.c: Avoid memzero() on a possibly NULL pointer. * lib/groupmem.c: Free gr_mem in addition to its elements. * lib/sgroupio.c: The struct sgrp has no primitive types to be copied initially. * lib/sgroupio.c: Avoid memzero() on a possibly NULL pointer. * lib/sgroupio.c: Free sg_mem and sg_add in addition to their elements. * lib/pwmem.c: Only copy the required fields of the struct passwd. (start with the primitive types) 2009-09-07 Nicolas François * lib/sgroupio.h: Harmonize splint annotations of sgr_locate() prototype with the one used in its definition. 2009-09-07 Steve Grubb * libmisc/copydir.c, lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c: Fix some memory leaks. 2009-09-06 Nicolas François * src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: Use booleans for tests. * src/userdel.c, src/gpasswd.c, src/groupmems.c, src/usermod.c, src/groupmod.c, src/passwd.c: Use a break even after usage(). 2009-09-05 Nicolas François * src/gpasswd.c, src/groupmems.c: Split the groupmems and gpasswd Usage string. It was changed anyway to add the --help option. 2009-09-05 Mike Frysinger * NEWS, src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: If someone uses the -h/--help options, the usage should not go to stderr nor should the utility exit with non-zero status. All of the shadow utils do just this unfortunately, so convert them over to sanity. * man/groupmems.8.xml, man/gpasswd.1.xml: Added option -h/--help. 2009-09-05 Nicolas François * src/useradd.c: Fixed wrong format string. * lib/gshadow.c: Removed declaration of unused variable. 2009-08-30 Mike Frysinger * man/generate_mans.mak, man/generate_translations.mak: Provide an useful error message when --enable-man is not enabled and the translated manpages are not generated. 2009-08-21 Nicolas François * man/login.defs.d/ENCRYPT_METHOD.xml: Avoid using sub-lists. They break the groff formatting. 2009-07-24 Nicolas François * po/fr.po: Fix typos, based on reviews by the Debian French translation team. 2009-07-24 Nicolas François * NEWS, configure.in: Prepare for the next release 4.1.4.2. * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2009-07-23 Nicolas François * configure.in: Fixed definition of the SHELL configuration. 2009-07-23 Nicolas François * etc/login.defs: SYS_GID_MIN /SYS_UID_MIN changed from 100 to 101. GID 100 seems to be used statically. 2009-07-22 Nicolas François * libmisc/shell.c, src/su.c: Execute the scripts with "sh -" rather than "sh". 2009-07-22 Nicolas François * configure.in, libmisc/shell.c, libmisc/setupenv.c, src/newgrp.c, src/su.c: Let the system shell be configurable. 2009-07-20 Nicolas François * NEWS, src/su.c, libmisc/shell.c: Added support for shells being a shell script without a shebang. 2009-07-19 Jean-Louis Dupond * po/nl.po: Fix obvious mistake in Dutch translation. 2009-07-18 Peter Vrabec * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts. * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps. 2009-07-05 Piarres Beobide * po/eu.po: Updated Basque translation. 2009-06-20 Nicolas François * man/fi/Makefile.am: Stop distributing the Finnish translation of passwd.1 (outdated). 2009-06-20 Nicolas François * man/pwck.8.xml: The shadow file is optional. * man/pwck.8.xml: Updated description of the checks. Added description of the shadow checks. * man/pwck.8.xml: Updated description of the checks. 2009-06-12 Nicolas François * man/po/fr.po: Fixed typo (forunis) 2009-06-12 Nicolas François * lib/fputsx.c: Compare the result of fgets() with the provided buffer instead of NULL. 2009-06-12 Nicolas François * lib/gshadow.c: Removed limitation on the length of the gshadow lines. * lib/gshadow.c: Compare the result of fgetsx() with the provided buffer instead of NULL. 2009-06-11 Nicolas François * libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetgrnam.c, libmisc/xgetpwuid.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: Do not limit the size of the buffer to hold the group or user structure. It used to be limited to 16k, which caused issues with groups having many users. 2009-06-11 Nicolas François * src/su.c, man/su.1.xml: The default behavior (without -p or --login) is to copy most of the environment variables. Revert a previous change and update the documentation. 2009-06-06 Nicolas François * man/passwd.5.xml, man/shadow.5.xml: Document the passwd- and shadow- files. 2009-06-06 Nicolas François * NEWS, src/su.c: Preserve the DISPLAY and XAUTHORITY environment variables, even with --login. This was not the case before in the PAM version. 2009-06-06 Nicolas François * src/useradd.c, src/groupmod.c, src/groupadd.c, src/faillog.c: Fix typos. Take this opportunity to split the usage messages into smaller messages (one per option). * src/pwck.c: Fix typo. 2009-06-05 Petri Koistinen * man/passwd.1.xml: The short option for --mindays is -n, not -m. 2009-06-04 Mike Frysinger * .gitignore, man/.gitignore, src/.gitignore: Added .gitignore files. 2009-06-04 Nicolas François * man/su.1.xml: Use