Merge upstream 4.3
This commit is contained in:
+5
-1
@@ -52,10 +52,13 @@ usbin_PROGRAMS = \
|
||||
noinst_PROGRAMS = id sulogin
|
||||
|
||||
suidbins = su
|
||||
suidubins = chage chfn chsh expiry gpasswd newgrp passwd newuidmap newgidmap
|
||||
suidubins = chage chfn chsh expiry gpasswd newgrp passwd
|
||||
if ACCT_TOOLS_SETUID
|
||||
suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod
|
||||
endif
|
||||
if ENABLE_SUBIDS
|
||||
suidubins += newgidmap newuidmap
|
||||
endif
|
||||
|
||||
if WITH_TCB
|
||||
suidubins -= passwd
|
||||
@@ -95,6 +98,7 @@ groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
|
||||
grpck_LDADD = $(LDADD) $(LIBSELINUX)
|
||||
grpconv_LDADD = $(LDADD) $(LIBSELINUX)
|
||||
grpunconv_LDADD = $(LDADD) $(LIBSELINUX)
|
||||
lastlog_LDADD = $(LDADD) $(LIBAUDIT)
|
||||
login_SOURCES = \
|
||||
login.c \
|
||||
login_nopam.c
|
||||
|
||||
+1251
File diff suppressed because it is too large
Load Diff
+2
-2
@@ -592,7 +592,7 @@ static void open_files (bool readonly)
|
||||
}
|
||||
pw_locked = true;
|
||||
}
|
||||
if (pw_open (readonly ? O_RDONLY: O_RDWR) == 0) {
|
||||
if (pw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
|
||||
fail_exit (E_NOPERM);
|
||||
@@ -613,7 +613,7 @@ static void open_files (bool readonly)
|
||||
}
|
||||
spw_locked = true;
|
||||
}
|
||||
if (spw_open (readonly ? O_RDONLY: O_RDWR) == 0) {
|
||||
if (spw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, spw_dbname ());
|
||||
SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ()));
|
||||
|
||||
+1
-1
@@ -463,7 +463,7 @@ static void update_gecos (const char *user, char *gecos)
|
||||
fail_exit (E_NOPERM);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
fail_exit (E_NOPERM);
|
||||
|
||||
+2
-2
@@ -316,7 +316,7 @@ static void open_files (void)
|
||||
fail_exit (1);
|
||||
}
|
||||
gr_locked = true;
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
fail_exit (1);
|
||||
@@ -332,7 +332,7 @@ static void open_files (void)
|
||||
fail_exit (1);
|
||||
}
|
||||
sgr_locked = true;
|
||||
if (sgr_open (O_RDWR) == 0) {
|
||||
if (sgr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
fail_exit (1);
|
||||
|
||||
+2
-2
@@ -313,7 +313,7 @@ static void open_files (void)
|
||||
fail_exit (1);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
fail_exit (1);
|
||||
@@ -328,7 +328,7 @@ static void open_files (void)
|
||||
fail_exit (1);
|
||||
}
|
||||
spw_locked = true;
|
||||
if (spw_open (O_RDWR) == 0) {
|
||||
if (spw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, spw_dbname ());
|
||||
|
||||
+1
-1
@@ -373,7 +373,7 @@ static void update_shell (const char *user, char *newshell)
|
||||
fail_exit (1);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ()));
|
||||
fail_exit (1);
|
||||
|
||||
+2
-2
@@ -370,7 +370,7 @@ static void open_files (void)
|
||||
|
||||
add_cleanup (log_gpasswd_failure_system, NULL);
|
||||
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, gr_dbname ());
|
||||
@@ -380,7 +380,7 @@ static void open_files (void)
|
||||
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadowgrp) {
|
||||
if (sgr_open (O_RDWR) == 0) {
|
||||
if (sgr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
|
||||
+2
-2
@@ -346,7 +346,7 @@ static void open_files (void)
|
||||
add_cleanup (cleanup_report_add_group, group_name);
|
||||
|
||||
/* And now open the databases */
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
|
||||
exit (E_GRP_UPDATE);
|
||||
@@ -354,7 +354,7 @@ static void open_files (void)
|
||||
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadow_grp) {
|
||||
if (sgr_open (O_RDWR) == 0) {
|
||||
if (sgr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
|
||||
+11
-4
@@ -60,6 +60,7 @@ const char *Prog;
|
||||
|
||||
static char *group_name;
|
||||
static gid_t group_id = -1;
|
||||
static bool check_group_busy = true;
|
||||
|
||||
#ifdef SHADOWGRP
|
||||
static bool is_shadow_grp;
|
||||
@@ -96,6 +97,7 @@ static /*@noreturn@*/void usage (int status)
|
||||
Prog);
|
||||
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
|
||||
(void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
|
||||
(void) fputs (_(" -f, --force delete group even if it is the primary group of a user\n"), usageout);
|
||||
(void) fputs ("\n", usageout);
|
||||
exit (status);
|
||||
}
|
||||
@@ -246,7 +248,7 @@ static void open_files (void)
|
||||
add_cleanup (cleanup_report_del_group, group_name);
|
||||
|
||||
/* An now open the databases */
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, gr_dbname ());
|
||||
@@ -255,7 +257,7 @@ static void open_files (void)
|
||||
}
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadow_grp) {
|
||||
if (sgr_open (O_RDWR) == 0) {
|
||||
if (sgr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
@@ -321,7 +323,7 @@ static void process_flags (int argc, char **argv)
|
||||
{NULL, 0, NULL, '\0'}
|
||||
};
|
||||
|
||||
while ((c = getopt_long (argc, argv, "hR:",
|
||||
while ((c = getopt_long (argc, argv, "hfR:",
|
||||
long_options, NULL)) != -1) {
|
||||
switch (c) {
|
||||
case 'h':
|
||||
@@ -329,6 +331,9 @@ static void process_flags (int argc, char **argv)
|
||||
/*@notreached@*/break;
|
||||
case 'R': /* no-op, handled in process_root_flag () */
|
||||
break;
|
||||
case 'f':
|
||||
check_group_busy = false;
|
||||
break;
|
||||
default:
|
||||
usage (E_USAGE);
|
||||
}
|
||||
@@ -465,7 +470,9 @@ int main (int argc, char **argv)
|
||||
/*
|
||||
* Make sure this isn't the primary group of anyone.
|
||||
*/
|
||||
group_busy (group_id);
|
||||
if (check_group_busy) {
|
||||
group_busy (group_id);
|
||||
}
|
||||
|
||||
/*
|
||||
* Do the hard stuff - open the files, delete the group entries,
|
||||
|
||||
+2
-2
@@ -536,14 +536,14 @@ static void open_files (void)
|
||||
#endif
|
||||
}
|
||||
|
||||
if (gr_open (list ? O_RDONLY : O_RDWR) == 0) {
|
||||
if (gr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
fail_exit (EXIT_GROUP_FILE);
|
||||
}
|
||||
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadowgrp) {
|
||||
if (sgr_open (list ? O_RDONLY : O_RDWR) == 0) {
|
||||
if (sgr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
|
||||
fail_exit (EXIT_GROUP_FILE);
|
||||
}
|
||||
|
||||
+3
-3
@@ -663,7 +663,7 @@ static void lock_files (void)
|
||||
*/
|
||||
static void open_files (void)
|
||||
{
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
|
||||
exit (E_GRP_UPDATE);
|
||||
@@ -672,7 +672,7 @@ static void open_files (void)
|
||||
#ifdef SHADOWGRP
|
||||
if ( is_shadow_grp
|
||||
&& (pflg || nflg)) {
|
||||
if (sgr_open (O_RDWR) == 0) {
|
||||
if (sgr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
@@ -683,7 +683,7 @@ static void open_files (void)
|
||||
#endif /* SHADOWGRP */
|
||||
|
||||
if (gflg) {
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, pw_dbname ());
|
||||
|
||||
+2
-2
@@ -299,7 +299,7 @@ static void open_files (void)
|
||||
* Open the files. Use O_RDONLY if we are in read_only mode,
|
||||
* O_RDWR otherwise.
|
||||
*/
|
||||
if (gr_open (read_only ? O_RDONLY : O_RDWR) == 0) {
|
||||
if (gr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog,
|
||||
grp_file);
|
||||
if (use_system_grp_file) {
|
||||
@@ -308,7 +308,7 @@ static void open_files (void)
|
||||
fail_exit (E_CANT_OPEN);
|
||||
}
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_RDWR) == 0)) {
|
||||
if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0)) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog,
|
||||
sgr_file);
|
||||
if (use_system_sgr_file) {
|
||||
|
||||
+1
-1
@@ -163,7 +163,7 @@ int main (int argc, char **argv)
|
||||
fail_exit (5);
|
||||
}
|
||||
gr_locked = true;
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
fail_exit (1);
|
||||
}
|
||||
|
||||
+1
-1
@@ -166,7 +166,7 @@ int main (int argc, char **argv)
|
||||
fail_exit (5);
|
||||
}
|
||||
gr_locked = true;
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
fail_exit (1);
|
||||
|
||||
+112
-3
@@ -71,6 +71,8 @@ static struct stat statbuf; /* fstat buffer for file size */
|
||||
static bool uflg = false; /* print only an user of range of users */
|
||||
static bool tflg = false; /* print is restricted to most recent days */
|
||||
static bool bflg = false; /* print excludes most recent days */
|
||||
static bool Cflg = false; /* clear record for user */
|
||||
static bool Sflg = false; /* set record for user */
|
||||
|
||||
#define NOW (time ((time_t *) 0))
|
||||
|
||||
@@ -83,8 +85,10 @@ static /*@noreturn@*/void usage (int status)
|
||||
"Options:\n"),
|
||||
Prog);
|
||||
(void) fputs (_(" -b, --before DAYS print only lastlog records older than DAYS\n"), usageout);
|
||||
(void) fputs (_(" -C, --clear clear lastlog record of an user (usable only with -u)\n"), usageout);
|
||||
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
|
||||
(void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
|
||||
(void) fputs (_(" -S, --set set lastlog record to current time (usable only with -u)\n"), usageout);
|
||||
(void) fputs (_(" -t, --time DAYS print only lastlog records more recent than DAYS\n"), usageout);
|
||||
(void) fputs (_(" -u, --user LOGIN print lastlog record of the specified LOGIN\n"), usageout);
|
||||
(void) fputs ("\n", usageout);
|
||||
@@ -194,6 +198,80 @@ static void print (void)
|
||||
}
|
||||
}
|
||||
|
||||
static void update_one (/*@null@*/const struct passwd *pw)
|
||||
{
|
||||
off_t offset;
|
||||
struct lastlog ll;
|
||||
int err;
|
||||
|
||||
if (NULL == pw) {
|
||||
return;
|
||||
}
|
||||
|
||||
offset = (off_t) pw->pw_uid * sizeof (ll);
|
||||
/* fseeko errors are not really relevant for us. */
|
||||
err = fseeko (lastlogfile, offset, SEEK_SET);
|
||||
assert (0 == err);
|
||||
|
||||
memzero (&ll, sizeof (ll));
|
||||
|
||||
if (Sflg) {
|
||||
ll.ll_time = NOW;
|
||||
#ifdef HAVE_LL_HOST
|
||||
strcpy (ll.ll_host, "localhost");
|
||||
#endif
|
||||
strcpy (ll.ll_line, "lastlog");
|
||||
#ifdef WITH_AUDIT
|
||||
audit_logger (AUDIT_ACCT_UNLOCK, Prog,
|
||||
"clearing-lastlog",
|
||||
pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
|
||||
#endif
|
||||
}
|
||||
#ifdef WITH_AUDIT
|
||||
else {
|
||||
audit_logger (AUDIT_ACCT_UNLOCK, Prog,
|
||||
"refreshing-lastlog",
|
||||
pw->pw_name, (unsigned int) pw->pw_uid, SHADOW_AUDIT_SUCCESS);
|
||||
}
|
||||
#endif
|
||||
|
||||
if (fwrite (&ll, sizeof(ll), 1, lastlogfile) != 1) {
|
||||
fprintf (stderr,
|
||||
_("%s: Failed to update the entry for UID %lu\n"),
|
||||
Prog, (unsigned long int)pw->pw_uid);
|
||||
exit (EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
|
||||
static void update (void)
|
||||
{
|
||||
const struct passwd *pwent;
|
||||
|
||||
if (!uflg) /* safety measure */
|
||||
return;
|
||||
|
||||
if (has_umin && has_umax && (umin == umax)) {
|
||||
update_one (getpwuid ((uid_t)umin));
|
||||
} else {
|
||||
setpwent ();
|
||||
while ( (pwent = getpwent ()) != NULL ) {
|
||||
if ((has_umin && (pwent->pw_uid < (uid_t)umin))
|
||||
|| (has_umax && (pwent->pw_uid > (uid_t)umax))) {
|
||||
continue;
|
||||
}
|
||||
update_one (pwent);
|
||||
}
|
||||
endpwent ();
|
||||
}
|
||||
|
||||
if (fflush (lastlogfile) != 0 || fsync (fileno (lastlogfile)) != 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: Failed to update the lastlog file\n"),
|
||||
Prog);
|
||||
exit (EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
|
||||
int main (int argc, char **argv)
|
||||
{
|
||||
/*
|
||||
@@ -208,18 +286,24 @@ int main (int argc, char **argv)
|
||||
|
||||
process_root_flag ("-R", argc, argv);
|
||||
|
||||
#ifdef WITH_AUDIT
|
||||
audit_help_open ();
|
||||
#endif
|
||||
|
||||
{
|
||||
int c;
|
||||
static struct option const longopts[] = {
|
||||
{"before", required_argument, NULL, 'b'},
|
||||
{"clear", no_argument, NULL, 'C'},
|
||||
{"help", no_argument, NULL, 'h'},
|
||||
{"root", required_argument, NULL, 'R'},
|
||||
{"set", no_argument, NULL, 'S'},
|
||||
{"time", required_argument, NULL, 't'},
|
||||
{"user", required_argument, NULL, 'u'},
|
||||
{NULL, 0, NULL, '\0'}
|
||||
};
|
||||
|
||||
while ((c = getopt_long (argc, argv, "b:hR:t:u:", longopts,
|
||||
while ((c = getopt_long (argc, argv, "b:ChR:St:u:", longopts,
|
||||
NULL)) != -1) {
|
||||
switch (c) {
|
||||
case 'b':
|
||||
@@ -235,11 +319,21 @@ int main (int argc, char **argv)
|
||||
bflg = true;
|
||||
break;
|
||||
}
|
||||
case 'C':
|
||||
{
|
||||
Cflg = true;
|
||||
break;
|
||||
}
|
||||
case 'h':
|
||||
usage (EXIT_SUCCESS);
|
||||
/*@notreached@*/break;
|
||||
case 'R': /* no-op, handled in process_root_flag () */
|
||||
break;
|
||||
case 'S':
|
||||
{
|
||||
Sflg = true;
|
||||
break;
|
||||
}
|
||||
case 't':
|
||||
{
|
||||
unsigned long days;
|
||||
@@ -294,9 +388,21 @@ int main (int argc, char **argv)
|
||||
Prog, argv[optind]);
|
||||
usage (EXIT_FAILURE);
|
||||
}
|
||||
if (Cflg && Sflg) {
|
||||
fprintf (stderr,
|
||||
_("%s: Option -C cannot be used together with option -S\n"),
|
||||
Prog);
|
||||
usage (EXIT_FAILURE);
|
||||
}
|
||||
if ((Cflg || Sflg) && !uflg) {
|
||||
fprintf (stderr,
|
||||
_("%s: Options -C and -S require option -u to specify the user\n"),
|
||||
Prog);
|
||||
usage (EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
|
||||
lastlogfile = fopen (LASTLOG_FILE, "r");
|
||||
lastlogfile = fopen (LASTLOG_FILE, (Cflg || Sflg)?"r+":"r");
|
||||
if (NULL == lastlogfile) {
|
||||
perror (LASTLOG_FILE);
|
||||
exit (EXIT_FAILURE);
|
||||
@@ -310,7 +416,10 @@ int main (int argc, char **argv)
|
||||
exit (EXIT_FAILURE);
|
||||
}
|
||||
|
||||
print ();
|
||||
if (Cflg || Sflg)
|
||||
update ();
|
||||
else
|
||||
print ();
|
||||
|
||||
(void) fclose (lastlogfile);
|
||||
|
||||
|
||||
+6
-3
@@ -94,7 +94,7 @@ static void usage(void)
|
||||
*/
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
char proc_dir_name[PATH_MAX];
|
||||
char proc_dir_name[32];
|
||||
char *target_str;
|
||||
pid_t target, parent;
|
||||
int proc_dir_fd;
|
||||
@@ -120,6 +120,7 @@ int main(int argc, char **argv)
|
||||
if (!get_pid(target_str, &target))
|
||||
usage();
|
||||
|
||||
/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
|
||||
written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
|
||||
target);
|
||||
if ((written <= 0) || (written >= sizeof(proc_dir_name))) {
|
||||
@@ -160,8 +161,10 @@ int main(int argc, char **argv)
|
||||
(getgid() != pw->pw_gid) ||
|
||||
(pw->pw_uid != st.st_uid) ||
|
||||
(pw->pw_gid != st.st_gid)) {
|
||||
fprintf(stderr, _( "%s: Target %u is owned by a different user\n" ),
|
||||
Prog, target);
|
||||
fprintf(stderr, _( "%s: Target %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ),
|
||||
Prog, target,
|
||||
(unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid,
|
||||
(unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid);
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
||||
|
||||
+7
-2
@@ -255,12 +255,15 @@ static void syslog_sg (const char *name, const char *group)
|
||||
{
|
||||
const char *loginname = getlogin ();
|
||||
const char *tty = ttyname (0);
|
||||
char *free_login = NULL, *free_tty = NULL;
|
||||
|
||||
if (loginname != NULL) {
|
||||
loginname = xstrdup (loginname);
|
||||
free_login = xstrdup (loginname);
|
||||
loginname = free_login;
|
||||
}
|
||||
if (tty != NULL) {
|
||||
tty = xstrdup (tty);
|
||||
free_tty = xstrdup (tty);
|
||||
tty = free_tty;
|
||||
}
|
||||
|
||||
if (loginname == NULL) {
|
||||
@@ -372,6 +375,8 @@ static void syslog_sg (const char *name, const char *group)
|
||||
(void) signal (SIGTTOU, SIG_DFL);
|
||||
}
|
||||
#endif /* USE_PAM */
|
||||
free(free_login);
|
||||
free(free_tty);
|
||||
}
|
||||
#endif /* USE_SYSLOG */
|
||||
|
||||
|
||||
+6
-3
@@ -94,7 +94,7 @@ void usage(void)
|
||||
*/
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
char proc_dir_name[PATH_MAX];
|
||||
char proc_dir_name[32];
|
||||
char *target_str;
|
||||
pid_t target, parent;
|
||||
int proc_dir_fd;
|
||||
@@ -120,6 +120,7 @@ int main(int argc, char **argv)
|
||||
if (!get_pid(target_str, &target))
|
||||
usage();
|
||||
|
||||
/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
|
||||
written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
|
||||
target);
|
||||
if ((written <= 0) || (written >= sizeof(proc_dir_name))) {
|
||||
@@ -160,8 +161,10 @@ int main(int argc, char **argv)
|
||||
(getgid() != pw->pw_gid) ||
|
||||
(pw->pw_uid != st.st_uid) ||
|
||||
(pw->pw_gid != st.st_gid)) {
|
||||
fprintf(stderr, _( "%s: Target %u is owned by a different user\n" ),
|
||||
Prog, target);
|
||||
fprintf(stderr, _( "%s: Target process %u is owned by a different user: uid:%lu pw_uid:%lu st_uid:%lu, gid:%lu pw_gid:%lu st_gid:%lu\n" ),
|
||||
Prog, target,
|
||||
(unsigned long int)getuid(), (unsigned long int)pw->pw_uid, (unsigned long int)st.st_uid,
|
||||
(unsigned long int)getgid(), (unsigned long int)pw->pw_gid, (unsigned long int)st.st_gid);
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
||||
|
||||
+8
-8
@@ -805,27 +805,27 @@ static void open_files (void)
|
||||
}
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
fail_exit (EXIT_FAILURE);
|
||||
}
|
||||
if (is_shadow && (spw_open (O_RDWR) == 0)) {
|
||||
if (is_shadow && (spw_open (O_CREAT | O_RDWR) == 0)) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ());
|
||||
fail_exit (EXIT_FAILURE);
|
||||
}
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
fail_exit (EXIT_FAILURE);
|
||||
}
|
||||
#ifdef SHADOWGRP
|
||||
if (is_shadow_grp && (sgr_open (O_RDWR) == 0)) {
|
||||
if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ());
|
||||
fail_exit (EXIT_FAILURE);
|
||||
}
|
||||
#endif
|
||||
#ifdef ENABLE_SUBIDS
|
||||
if (is_sub_uid) {
|
||||
if (sub_uid_open (O_RDWR) == 0) {
|
||||
if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sub_uid_dbname ());
|
||||
@@ -833,7 +833,7 @@ static void open_files (void)
|
||||
}
|
||||
}
|
||||
if (is_sub_gid) {
|
||||
if (sub_gid_open (O_RDWR) == 0) {
|
||||
if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sub_gid_dbname ());
|
||||
@@ -988,8 +988,8 @@ int main (int argc, char **argv)
|
||||
is_shadow_grp = sgr_file_present ();
|
||||
#endif
|
||||
#ifdef ENABLE_SUBIDS
|
||||
is_sub_uid = sub_uid_file_present () && !rflg;
|
||||
is_sub_gid = sub_gid_file_present () && !rflg;
|
||||
is_sub_uid = sub_uid_file_present ();
|
||||
is_sub_gid = sub_gid_file_present ();
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
|
||||
open_files ();
|
||||
|
||||
+2
-2
@@ -573,7 +573,7 @@ static void update_noshadow (void)
|
||||
exit (E_PWDBUSY);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
(void) fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, pw_dbname ());
|
||||
@@ -627,7 +627,7 @@ static void update_shadow (void)
|
||||
exit (E_PWDBUSY);
|
||||
}
|
||||
spw_locked = true;
|
||||
if (spw_open (O_RDWR) == 0) {
|
||||
if (spw_open (O_CREAT | O_RDWR) == 0) {
|
||||
(void) fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, spw_dbname ());
|
||||
|
||||
+3
-3
@@ -281,7 +281,7 @@ static void open_files (void)
|
||||
* Open the files. Use O_RDONLY if we are in read_only mode, O_RDWR
|
||||
* otherwise.
|
||||
*/
|
||||
if (pw_open (read_only ? O_RDONLY : O_RDWR) == 0) {
|
||||
if (pw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"),
|
||||
Prog, pw_dbname ());
|
||||
if (use_system_pw_file) {
|
||||
@@ -290,7 +290,7 @@ static void open_files (void)
|
||||
fail_exit (E_CANTOPEN);
|
||||
}
|
||||
if (is_shadow && !use_tcb) {
|
||||
if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) {
|
||||
if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"),
|
||||
Prog, spw_dbname ());
|
||||
if (use_system_spw_file) {
|
||||
@@ -566,7 +566,7 @@ static void check_pw_file (int *errors, bool *changed)
|
||||
continue;
|
||||
}
|
||||
spw_locked = true;
|
||||
if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) {
|
||||
if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, spw_dbname ());
|
||||
|
||||
+3
-2
@@ -200,7 +200,7 @@ int main (int argc, char **argv)
|
||||
fail_exit (E_PWDBUSY);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
fail_exit (E_MISSING);
|
||||
@@ -305,7 +305,8 @@ int main (int argc, char **argv)
|
||||
}
|
||||
|
||||
/* /etc/passwd- (backup file) */
|
||||
if (chmod (PASSWD_FILE "-", 0600) != 0) {
|
||||
errno = 0;
|
||||
if ((chmod (PASSWD_FILE "-", 0600) != 0) && (errno != ENOENT)) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to change the mode of %s to 0600\n"),
|
||||
Prog, PASSWD_FILE "-");
|
||||
|
||||
+1
-1
@@ -166,7 +166,7 @@ int main (int argc, char **argv)
|
||||
fail_exit (5);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, pw_dbname ());
|
||||
|
||||
+11
-9
@@ -1537,7 +1537,7 @@ static void open_files (void)
|
||||
exit (E_PW_UPDATE);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
fail_exit (E_PW_UPDATE);
|
||||
}
|
||||
@@ -1554,7 +1554,7 @@ static void open_files (void)
|
||||
fail_exit (E_GRP_UPDATE);
|
||||
}
|
||||
gr_locked = true;
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
fail_exit (E_GRP_UPDATE);
|
||||
}
|
||||
@@ -1567,7 +1567,7 @@ static void open_files (void)
|
||||
fail_exit (E_GRP_UPDATE);
|
||||
}
|
||||
sgr_locked = true;
|
||||
if (sgr_open (O_RDWR) == 0) {
|
||||
if (sgr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
@@ -1584,7 +1584,7 @@ static void open_files (void)
|
||||
fail_exit (E_SUB_UID_UPDATE);
|
||||
}
|
||||
sub_uid_locked = true;
|
||||
if (sub_uid_open (O_RDWR) == 0) {
|
||||
if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sub_uid_dbname ());
|
||||
@@ -1599,7 +1599,7 @@ static void open_files (void)
|
||||
fail_exit (E_SUB_GID_UPDATE);
|
||||
}
|
||||
sub_gid_locked = true;
|
||||
if (sub_gid_open (O_RDWR) == 0) {
|
||||
if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sub_gid_dbname ());
|
||||
@@ -1621,7 +1621,7 @@ static void open_shadow (void)
|
||||
fail_exit (E_PW_UPDATE);
|
||||
}
|
||||
spw_locked = true;
|
||||
if (spw_open (O_RDWR) == 0) {
|
||||
if (spw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, spw_dbname ());
|
||||
@@ -1993,9 +1993,10 @@ int main (int argc, char **argv)
|
||||
#endif /* USE_PAM */
|
||||
#endif /* ACCT_TOOLS_SETUID */
|
||||
|
||||
/* Needed for userns check */
|
||||
#ifdef ENABLE_SUBIDS
|
||||
uid_t uid_min = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
|
||||
uid_t uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Get my name so that I can use it to report errors.
|
||||
@@ -2025,6 +2026,9 @@ int main (int argc, char **argv)
|
||||
#ifdef SHADOWGRP
|
||||
is_shadow_grp = sgr_file_present ();
|
||||
#endif
|
||||
|
||||
process_flags (argc, argv);
|
||||
|
||||
#ifdef ENABLE_SUBIDS
|
||||
is_sub_uid = sub_uid_file_present () && !rflg &&
|
||||
(!user_id || (user_id <= uid_max && user_id >= uid_min));
|
||||
@@ -2034,8 +2038,6 @@ int main (int argc, char **argv)
|
||||
|
||||
get_defaults ();
|
||||
|
||||
process_flags (argc, argv);
|
||||
|
||||
#ifdef ACCT_TOOLS_SETUID
|
||||
#ifdef USE_PAM
|
||||
{
|
||||
|
||||
+6
-6
@@ -565,7 +565,7 @@ static void open_files (void)
|
||||
fail_exit (E_PW_UPDATE);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, pw_dbname ());
|
||||
#ifdef WITH_AUDIT
|
||||
@@ -590,7 +590,7 @@ static void open_files (void)
|
||||
fail_exit (E_PW_UPDATE);
|
||||
}
|
||||
spw_locked = true;
|
||||
if (spw_open (O_RDWR) == 0) {
|
||||
if (spw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, spw_dbname ());
|
||||
@@ -616,7 +616,7 @@ static void open_files (void)
|
||||
fail_exit (E_GRP_UPDATE);
|
||||
}
|
||||
gr_locked = true;
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
|
||||
#ifdef WITH_AUDIT
|
||||
audit_logger (AUDIT_DEL_USER, Prog,
|
||||
@@ -641,7 +641,7 @@ static void open_files (void)
|
||||
fail_exit (E_GRP_UPDATE);
|
||||
}
|
||||
sgr_locked= true;
|
||||
if (sgr_open (O_RDWR) == 0) {
|
||||
if (sgr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr, _("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
#ifdef WITH_AUDIT
|
||||
@@ -669,7 +669,7 @@ static void open_files (void)
|
||||
fail_exit (E_SUB_UID_UPDATE);
|
||||
}
|
||||
sub_uid_locked = true;
|
||||
if (sub_uid_open (O_RDWR) == 0) {
|
||||
if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, sub_uid_dbname ());
|
||||
#ifdef WITH_AUDIT
|
||||
@@ -695,7 +695,7 @@ static void open_files (void)
|
||||
fail_exit (E_SUB_GID_UPDATE);
|
||||
}
|
||||
sub_gid_locked = true;
|
||||
if (sub_gid_open (O_RDWR) == 0) {
|
||||
if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"), Prog, sub_gid_dbname ());
|
||||
#ifdef WITH_AUDIT
|
||||
|
||||
+63
-65
@@ -1361,6 +1361,7 @@ static void process_flags (int argc, char **argv)
|
||||
exit (E_UID_IN_USE);
|
||||
}
|
||||
|
||||
#ifdef ENABLE_SUBIDS
|
||||
if ( (vflg || Vflg)
|
||||
&& !is_sub_uid) {
|
||||
fprintf (stderr,
|
||||
@@ -1376,6 +1377,7 @@ static void process_flags (int argc, char **argv)
|
||||
Prog, sub_gid_dbname (), "-w", "-W");
|
||||
exit (E_USAGE);
|
||||
}
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1530,7 +1532,7 @@ static void open_files (void)
|
||||
fail_exit (E_PW_UPDATE);
|
||||
}
|
||||
pw_locked = true;
|
||||
if (pw_open (O_RDWR) == 0) {
|
||||
if (pw_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, pw_dbname ());
|
||||
@@ -1543,7 +1545,7 @@ static void open_files (void)
|
||||
fail_exit (E_PW_UPDATE);
|
||||
}
|
||||
spw_locked = true;
|
||||
if (is_shadow_pwd && (spw_open (O_RDWR) == 0)) {
|
||||
if (is_shadow_pwd && (spw_open (O_CREAT | O_RDWR) == 0)) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, spw_dbname ());
|
||||
@@ -1562,7 +1564,7 @@ static void open_files (void)
|
||||
fail_exit (E_GRP_UPDATE);
|
||||
}
|
||||
gr_locked = true;
|
||||
if (gr_open (O_RDWR) == 0) {
|
||||
if (gr_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, gr_dbname ());
|
||||
@@ -1576,7 +1578,7 @@ static void open_files (void)
|
||||
fail_exit (E_GRP_UPDATE);
|
||||
}
|
||||
sgr_locked = true;
|
||||
if (is_shadow_grp && (sgr_open (O_RDWR) == 0)) {
|
||||
if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sgr_dbname ());
|
||||
@@ -1593,7 +1595,7 @@ static void open_files (void)
|
||||
fail_exit (E_SUB_UID_UPDATE);
|
||||
}
|
||||
sub_uid_locked = true;
|
||||
if (sub_uid_open (O_RDWR) == 0) {
|
||||
if (sub_uid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sub_uid_dbname ());
|
||||
@@ -1608,7 +1610,7 @@ static void open_files (void)
|
||||
fail_exit (E_SUB_GID_UPDATE);
|
||||
}
|
||||
sub_gid_locked = true;
|
||||
if (sub_gid_open (O_RDWR) == 0) {
|
||||
if (sub_gid_open (O_CREAT | O_RDWR) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: cannot open %s\n"),
|
||||
Prog, sub_gid_dbname ());
|
||||
@@ -1717,60 +1719,6 @@ static void usr_update (void)
|
||||
fail_exit (E_PW_UPDATE);
|
||||
}
|
||||
}
|
||||
#ifdef ENABLE_SUBIDS
|
||||
if (Vflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = del_sub_uids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_uid_remove(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to remove uid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_uid_dbname ());
|
||||
fail_exit (E_SUB_UID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (vflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = add_sub_uids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_uid_add(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to add uid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_uid_dbname ());
|
||||
fail_exit (E_SUB_UID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (Wflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = del_sub_gids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_gid_remove(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to remove gid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_gid_dbname ());
|
||||
fail_exit (E_SUB_GID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (wflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = add_sub_gids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_gid_add(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to add gid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_gid_dbname ());
|
||||
fail_exit (E_SUB_GID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -2174,16 +2122,66 @@ int main (int argc, char **argv)
|
||||
*/
|
||||
open_files ();
|
||||
if ( cflg || dflg || eflg || fflg || gflg || Lflg || lflg || pflg
|
||||
|| sflg || uflg || Uflg
|
||||
#ifdef ENABLE_SUBIDS
|
||||
|| vflg || Vflg || wflg || Wflg
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
) {
|
||||
|| sflg || uflg || Uflg) {
|
||||
usr_update ();
|
||||
}
|
||||
if (Gflg || lflg) {
|
||||
grp_update ();
|
||||
}
|
||||
#ifdef ENABLE_SUBIDS
|
||||
if (Vflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = del_sub_uids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_uid_remove(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to remove uid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_uid_dbname ());
|
||||
fail_exit (E_SUB_UID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (vflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = add_sub_uids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_uid_add(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to add uid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_uid_dbname ());
|
||||
fail_exit (E_SUB_UID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (Wflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = del_sub_gids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_gid_remove(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to remove gid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_gid_dbname ());
|
||||
fail_exit (E_SUB_GID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
if (wflg) {
|
||||
struct ulong_range_list_entry *ptr;
|
||||
for (ptr = add_sub_gids; ptr != NULL; ptr = ptr->next) {
|
||||
unsigned long count = ptr->range.last - ptr->range.first + 1;
|
||||
if (sub_gid_add(user_name, ptr->range.first, count) == 0) {
|
||||
fprintf (stderr,
|
||||
_("%s: failed to add gid range %lu-%lu from '%s'\n"),
|
||||
Prog, ptr->range.first, ptr->range.last,
|
||||
sub_gid_dbname ());
|
||||
fail_exit (E_SUB_GID_UPDATE);
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
close_files ();
|
||||
|
||||
#ifdef WITH_TCB
|
||||
|
||||
Reference in New Issue
Block a user