emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
shadow/src
History
Christian Göttsche cbd2472b7c migrate to new SELinux api 
Using hard-coded access vector ids is deprecated and can lead to issues with custom SELinux policies.
Switch to `selinux_check_access()`.

Also use the libselinux log callback and log if available to audit.
This makes it easier for users to catch SELinux denials.

Drop legacy shortcut logic for passwd, which avoided a SELinux check if uid 0 changes a password of a user which username equals the current SELinux user identifier.
Nowadays usernames rarely match SELinux user identifiers and the benefit of skipping a SELinux check is negligible.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
2019-10-22 14:56:31 +02:00
..
.gitignore
Ignore generated newgidmap and newuidmap
2013-08-11 14:48:39 +02:00
.indent.pro
chage.c
migrate to new SELinux api
2019-10-22 14:56:31 +02:00
chfn.c
migrate to new SELinux api
2019-10-22 14:56:31 +02:00
chgpasswd.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
chpasswd.c
Fix chpasswd long line handling
2019-04-10 07:56:59 +10:00
chsh.c
migrate to new SELinux api
2019-10-22 14:56:31 +02:00
expiry.c
Fixed signal races in shadow tools.
2016-07-02 18:11:09 +02:00
faillog.c
* src/faillog.c: The fail_max field is a short, use a short also
2011-11-19 21:44:34 +00:00
gpasswd.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
groupadd.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
groupdel.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
groupmems.c
spelling: remove
2017-10-22 21:12:29 +00:00
groupmod.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
groups.c
* src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
2010-08-22 19:36:09 +00:00
grpck.c
Do not flush nscd and sssd cache in read-only mode
2019-02-27 17:40:04 +01:00
grpconv.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
grpunconv.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
id.c
* src/newgrp.c: Limit the scope of variable pid.
2010-03-23 11:26:34 +00:00
lastlog.c
login.defs: Add LASTLOG_UID_MAX variable to limit lastlog to small uids.
2018-12-10 13:25:56 -06:00
login_nopam.c
* src/newgrp.c: Limit the scope of variable pid.
2010-03-23 11:26:34 +00:00
login.c
login.defs: Add LASTLOG_UID_MAX variable to limit lastlog to small uids.
2018-12-10 13:25:56 -06:00
logoutd.c
* src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c,
2010-08-22 19:36:09 +00:00
Makefile.am
migrate to new SELinux api
2019-10-22 14:56:31 +02:00
newgidmap.c
remove unused variables
2019-10-12 20:03:32 -05:00
newgrp.c
spelling: logout
2017-10-22 20:28:57 +00:00
newuidmap.c
remove unused variables
2019-10-12 20:03:32 -05:00
newusers.c
chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards
2019-10-04 18:40:41 -05:00
nologin.c
Log UID in nologin
2018-08-13 16:46:04 +08:00
passwd.c
migrate to new SELinux api
2019-10-22 14:56:31 +02:00
pwck.c
Merge pull request #177 from edneville/conflicts_between_system_users_useradd_and_pwck
2019-10-05 22:08:08 -05:00
pwconv.c
Make the sp_lstchg shadow field reproducible (re. #71)
2019-03-31 16:00:01 +01:00
pwunconv.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00
su.c
su.c: run pam_getenvlist() after setup_env
2018-06-25 16:00:21 +02:00
suauth.c
spelling: unrecognized
2017-10-22 21:30:30 +00:00
sulogin.c
Fixed signal races in shadow tools.
2016-07-02 18:11:09 +02:00
useradd.c
Merge pull request #176 from edneville/force_bad_name
2019-10-04 16:41:39 -07:00
userdel.c
compile warnings: Zflg unused when !selinux
2019-10-12 20:03:51 -05:00
usermod.c
chkname.c, pwck.c, useradd.c, usermod.c, newusers.c: Allow names that do not conform to standards
2019-10-04 18:40:41 -05:00
vipw.c
Flush sssd caches in addition to nscd caches
2018-09-13 14:20:02 +02:00