New upstream version 4.12.2+dfsg1
This commit is contained in:
+15
-12
@@ -1,7 +1,7 @@
|
||||
# Makefile.in generated by automake 1.16.1 from Makefile.am.
|
||||
# Makefile.in generated by automake 1.16.5 from Makefile.am.
|
||||
# @configure_input@
|
||||
|
||||
# Copyright (C) 1994-2018 Free Software Foundation, Inc.
|
||||
# Copyright (C) 1994-2021 Free Software Foundation, Inc.
|
||||
|
||||
# This Makefile.in is free software; the Free Software Foundation
|
||||
# gives unlimited permission to copy and/or distribute it,
|
||||
@@ -117,13 +117,14 @@ noinst_PROGRAMS = id$(EXEEXT) sulogin$(EXEEXT) $(am__EXEEXT_3)
|
||||
subdir = src
|
||||
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
|
||||
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
|
||||
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/lib-ld.m4 \
|
||||
$(top_srcdir)/m4/lib-link.m4 $(top_srcdir)/m4/lib-prefix.m4 \
|
||||
$(top_srcdir)/m4/libtool.m4 $(top_srcdir)/m4/ltoptions.m4 \
|
||||
$(top_srcdir)/m4/ltsugar.m4 $(top_srcdir)/m4/ltversion.m4 \
|
||||
$(top_srcdir)/m4/lt~obsolete.m4 $(top_srcdir)/m4/nls.m4 \
|
||||
$(top_srcdir)/m4/po.m4 $(top_srcdir)/m4/progtest.m4 \
|
||||
$(top_srcdir)/acinclude.m4 $(top_srcdir)/configure.ac
|
||||
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/intlmacosx.m4 \
|
||||
$(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \
|
||||
$(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libtool.m4 \
|
||||
$(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \
|
||||
$(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \
|
||||
$(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \
|
||||
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \
|
||||
$(top_srcdir)/configure.ac
|
||||
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
|
||||
$(ACLOCAL_M4)
|
||||
DIST_COMMON = $(srcdir)/Makefile.am $(am__DIST_COMMON)
|
||||
@@ -464,8 +465,6 @@ am__define_uniq_tagged_files = \
|
||||
unique=`for i in $$list; do \
|
||||
if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
|
||||
done | $(am__uniquify_input)`
|
||||
ETAGS = etags
|
||||
CTAGS = ctags
|
||||
am__DIST_COMMON = $(srcdir)/Makefile.in $(top_srcdir)/depcomp
|
||||
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
|
||||
ACLOCAL = @ACLOCAL@
|
||||
@@ -481,6 +480,8 @@ CCDEPMODE = @CCDEPMODE@
|
||||
CFLAGS = @CFLAGS@
|
||||
CPP = @CPP@
|
||||
CPPFLAGS = @CPPFLAGS@
|
||||
CSCOPE = @CSCOPE@
|
||||
CTAGS = @CTAGS@
|
||||
CYGPATH_W = @CYGPATH_W@
|
||||
DEFS = @DEFS@
|
||||
DEPDIR = @DEPDIR@
|
||||
@@ -492,8 +493,10 @@ ECHO_N = @ECHO_N@
|
||||
ECHO_T = @ECHO_T@
|
||||
ECONF_CPPFLAGS = @ECONF_CPPFLAGS@
|
||||
EGREP = @EGREP@
|
||||
ETAGS = @ETAGS@
|
||||
EXEEXT = @EXEEXT@
|
||||
FGREP = @FGREP@
|
||||
GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
|
||||
GMSGFMT = @GMSGFMT@
|
||||
GMSGFMT_015 = @GMSGFMT_015@
|
||||
GREP = @GREP@
|
||||
@@ -567,6 +570,7 @@ VENDORDIR = @VENDORDIR@
|
||||
VERSION = @VERSION@
|
||||
XGETTEXT = @XGETTEXT@
|
||||
XGETTEXT_015 = @XGETTEXT_015@
|
||||
XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
|
||||
XMLCATALOG = @XMLCATALOG@
|
||||
XML_CATALOG_FILE = @XML_CATALOG_FILE@
|
||||
XSLTPROC = @XSLTPROC@
|
||||
@@ -1363,7 +1367,6 @@ cscopelist-am: $(am__tagged_files)
|
||||
|
||||
distclean-tags:
|
||||
-rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags
|
||||
|
||||
distdir: $(BUILT_SOURCES)
|
||||
$(MAKE) $(AM_MAKEFLAGS) distdir-am
|
||||
|
||||
|
||||
+1
-9
@@ -223,20 +223,12 @@ static void print_date (time_t date)
|
||||
{
|
||||
struct tm *tp;
|
||||
char buf[80];
|
||||
char format[80];
|
||||
|
||||
if (iflg) {
|
||||
(void) snprintf (format, 80, "%%Y-%%m-%%d");
|
||||
}
|
||||
else {
|
||||
(void) snprintf (format, 80, "%%b %%d, %%Y");
|
||||
}
|
||||
|
||||
tp = gmtime (&date);
|
||||
if (NULL == tp) {
|
||||
(void) printf ("time_t: %lu\n", (unsigned long)date);
|
||||
} else {
|
||||
(void) strftime (buf, sizeof buf, format, tp);
|
||||
(void) strftime (buf, sizeof buf, iflg ? "%%Y-%%m-%%d" : "%%b %%d, %%Y", tp);
|
||||
(void) puts (buf);
|
||||
}
|
||||
}
|
||||
|
||||
+53
-44
@@ -30,6 +30,8 @@
|
||||
#include "exitcodes.h"
|
||||
#include "shadowlog.h"
|
||||
|
||||
#define IS_CRYPT_METHOD(str) ((crypt_method != NULL && strcmp(crypt_method, str) == 0) ? true : false)
|
||||
|
||||
/*
|
||||
* Global variables
|
||||
*/
|
||||
@@ -179,20 +181,20 @@ static void process_flags (int argc, char **argv)
|
||||
sflg = true;
|
||||
bad_s = 0;
|
||||
#if defined(USE_SHA_CRYPT)
|
||||
if ( ( ((0 == strcmp (crypt_method, "SHA256")) || (0 == strcmp (crypt_method, "SHA512")))
|
||||
&& (0 == getlong(optarg, &sha_rounds)))) {
|
||||
if ((IS_CRYPT_METHOD("SHA256") || IS_CRYPT_METHOD("SHA512"))
|
||||
&& (0 == getlong(optarg, &sha_rounds))) {
|
||||
bad_s = 1;
|
||||
}
|
||||
#endif /* USE_SHA_CRYPT */
|
||||
#if defined(USE_BCRYPT)
|
||||
if (( (0 == strcmp (crypt_method, "BCRYPT"))
|
||||
&& (0 == getlong(optarg, &bcrypt_rounds)))) {
|
||||
if (IS_CRYPT_METHOD("BCRYPT")
|
||||
&& (0 == getlong(optarg, &bcrypt_rounds))) {
|
||||
bad_s = 1;
|
||||
}
|
||||
#endif /* USE_BCRYPT */
|
||||
#if defined(USE_YESCRYPT)
|
||||
if (( (0 == strcmp (crypt_method, "YESCRYPT"))
|
||||
&& (0 == getlong(optarg, &yescrypt_cost)))) {
|
||||
if (IS_CRYPT_METHOD("YESCRYPT")
|
||||
&& (0 == getlong(optarg, &yescrypt_cost))) {
|
||||
bad_s = 1;
|
||||
}
|
||||
#endif /* USE_YESCRYPT */
|
||||
@@ -240,18 +242,18 @@ static void check_flags (void)
|
||||
}
|
||||
|
||||
if (cflg) {
|
||||
if ( (0 != strcmp (crypt_method, "DES"))
|
||||
&& (0 != strcmp (crypt_method, "MD5"))
|
||||
&& (0 != strcmp (crypt_method, "NONE"))
|
||||
if ((!IS_CRYPT_METHOD("DES"))
|
||||
&&(!IS_CRYPT_METHOD("MD5"))
|
||||
&&(!IS_CRYPT_METHOD("NONE"))
|
||||
#ifdef USE_SHA_CRYPT
|
||||
&& (0 != strcmp (crypt_method, "SHA256"))
|
||||
&& (0 != strcmp (crypt_method, "SHA512"))
|
||||
&&(!IS_CRYPT_METHOD("SHA256"))
|
||||
&&(!IS_CRYPT_METHOD("SHA512"))
|
||||
#endif /* USE_SHA_CRYPT */
|
||||
#ifdef USE_BCRYPT
|
||||
&& (0 != strcmp (crypt_method, "BCRYPT"))
|
||||
&&(!IS_CRYPT_METHOD("BCRYPT"))
|
||||
#endif /* USE_BCRYPT */
|
||||
#ifdef USE_YESCRYPT
|
||||
&& (0 != strcmp (crypt_method, "YESCRYPT"))
|
||||
&&(!IS_CRYPT_METHOD("YESCRYPT"))
|
||||
#endif /* USE_YESCRYPT */
|
||||
) {
|
||||
fprintf (stderr,
|
||||
@@ -392,12 +394,46 @@ static void close_files (void)
|
||||
pw_locked = false;
|
||||
}
|
||||
|
||||
static const char *get_salt(void)
|
||||
{
|
||||
void *arg = NULL;
|
||||
|
||||
if (eflg || IS_CRYPT_METHOD("NONE")) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (md5flg) {
|
||||
crypt_method = "MD5";
|
||||
}
|
||||
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
|
||||
if (sflg) {
|
||||
#if defined(USE_SHA_CRYPT)
|
||||
if (IS_CRYPT_METHOD("SHA256") || IS_CRYPT_METHOD("SHA512")) {
|
||||
arg = &sha_rounds;
|
||||
}
|
||||
#endif /* USE_SHA_CRYPT */
|
||||
#if defined(USE_BCRYPT)
|
||||
if (IS_CRYPT_METHOD("BCRYPT")) {
|
||||
arg = &bcrypt_rounds;
|
||||
}
|
||||
#endif /* USE_BCRYPT */
|
||||
#if defined(USE_YESCRYPT)
|
||||
if (IS_CRYPT_METHOD("YESCRYPT")) {
|
||||
arg = &yescrypt_cost;
|
||||
}
|
||||
#endif /* USE_YESCRYPT */
|
||||
}
|
||||
#endif
|
||||
return crypt_make_salt (crypt_method, arg);
|
||||
}
|
||||
|
||||
int main (int argc, char **argv)
|
||||
{
|
||||
char buf[BUFSIZ];
|
||||
char *name;
|
||||
char *newpwd;
|
||||
char *cp;
|
||||
const char *salt;
|
||||
|
||||
#ifdef USE_PAM
|
||||
bool use_pam = true;
|
||||
@@ -414,10 +450,11 @@ int main (int argc, char **argv)
|
||||
(void) bindtextdomain (PACKAGE, LOCALEDIR);
|
||||
(void) textdomain (PACKAGE);
|
||||
|
||||
process_root_flag ("-R", argc, argv);
|
||||
|
||||
process_flags (argc, argv);
|
||||
|
||||
salt = get_salt();
|
||||
process_root_flag ("-R", argc, argv);
|
||||
|
||||
#ifdef USE_PAM
|
||||
if (md5flg || eflg || cflg) {
|
||||
use_pam = false;
|
||||
@@ -508,35 +545,7 @@ int main (int argc, char **argv)
|
||||
const struct passwd *pw;
|
||||
struct passwd newpw;
|
||||
|
||||
if ( !eflg
|
||||
&& ( (NULL == crypt_method)
|
||||
|| (0 != strcmp (crypt_method, "NONE")))) {
|
||||
void *arg = NULL;
|
||||
const char *salt;
|
||||
if (md5flg) {
|
||||
crypt_method = "MD5";
|
||||
}
|
||||
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
|
||||
if (sflg) {
|
||||
#if defined(USE_SHA_CRYPT)
|
||||
if ( (0 == strcmp (crypt_method, "SHA256"))
|
||||
|| (0 == strcmp (crypt_method, "SHA512"))) {
|
||||
arg = &sha_rounds;
|
||||
}
|
||||
#endif /* USE_SHA_CRYPT */
|
||||
#if defined(USE_BCRYPT)
|
||||
if (0 == strcmp (crypt_method, "BCRYPT")) {
|
||||
arg = &bcrypt_rounds;
|
||||
}
|
||||
#endif /* USE_BCRYPT */
|
||||
#if defined(USE_YESCRYPT)
|
||||
if (0 == strcmp (crypt_method, "YESCRYPT")) {
|
||||
arg = &yescrypt_cost;
|
||||
}
|
||||
#endif /* USE_YESCRYPT */
|
||||
}
|
||||
#endif
|
||||
salt = crypt_make_salt (crypt_method, arg);
|
||||
if (salt) {
|
||||
cp = pw_encrypt (newpwd, salt);
|
||||
if (NULL == cp) {
|
||||
fprintf (stderr,
|
||||
|
||||
+2
-2
@@ -27,14 +27,14 @@ const char *Prog;
|
||||
static bool cflg = false;
|
||||
|
||||
/* local function prototypes */
|
||||
static RETSIGTYPE catch_signals (unused int sig);
|
||||
static void catch_signals (unused int sig);
|
||||
static /*@noreturn@*/void usage (int status);
|
||||
static void process_flags (int argc, char **argv);
|
||||
|
||||
/*
|
||||
* catch_signals - signal catcher
|
||||
*/
|
||||
static RETSIGTYPE catch_signals (unused int sig)
|
||||
static void catch_signals (unused int sig)
|
||||
{
|
||||
_exit (10);
|
||||
}
|
||||
|
||||
+2
-2
@@ -537,9 +537,9 @@ static void set_locktime (long locktime)
|
||||
|
||||
int main (int argc, char **argv)
|
||||
{
|
||||
long fail_locktime;
|
||||
long fail_locktime = 0;
|
||||
short fail_max = 0; // initialize to silence compiler warning
|
||||
long days;
|
||||
long days = 0;
|
||||
|
||||
/*
|
||||
* Get the program name. The program name is used as a prefix to
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
|
||||
const char *Prog;
|
||||
|
||||
void usage(void)
|
||||
static void usage(void)
|
||||
{
|
||||
fprintf(stderr, "Usage: %s [-g] user start count\n", Prog);
|
||||
fprintf(stderr, " Release a user's subuid (or with -g, subgid) range\n");
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
|
||||
const char *Prog;
|
||||
|
||||
void usage(void)
|
||||
static void usage(void)
|
||||
{
|
||||
fprintf(stderr, "Usage: [-g] %s subuid\n", Prog);
|
||||
fprintf(stderr, " list uids who own the given subuid\n");
|
||||
|
||||
+1
-1
@@ -9,7 +9,7 @@
|
||||
|
||||
const char *Prog;
|
||||
|
||||
void usage(void)
|
||||
static void usage(void)
|
||||
{
|
||||
fprintf(stderr, "Usage: %s [-g] user\n", Prog);
|
||||
fprintf(stderr, " list subuid ranges for user\n");
|
||||
|
||||
+2
-2
@@ -74,7 +74,7 @@ static uid_t bywho;
|
||||
|
||||
/* local function prototypes */
|
||||
static void usage (int status);
|
||||
static RETSIGTYPE catch_signals (int killed);
|
||||
static void catch_signals (int killed);
|
||||
static bool is_valid_user_list (const char *users);
|
||||
static void process_flags (int argc, char **argv);
|
||||
static void check_flags (int argc, int opt_index);
|
||||
@@ -137,7 +137,7 @@ static void usage (int status)
|
||||
* calls catch_signals() with a signal number, the terminal modes are
|
||||
* then reset.
|
||||
*/
|
||||
static RETSIGTYPE catch_signals (int killed)
|
||||
static void catch_signals (int killed)
|
||||
{
|
||||
static TERMIO sgtty;
|
||||
|
||||
|
||||
+4
-4
@@ -455,7 +455,7 @@ static void check_grp_file (int *errors, bool *changed)
|
||||
struct commonio_entry *gre, *tgre;
|
||||
struct group *grp;
|
||||
#ifdef SHADOWGRP
|
||||
struct sgrp *sgr;
|
||||
const struct sgrp *sgr;
|
||||
#endif
|
||||
|
||||
/*
|
||||
@@ -596,7 +596,7 @@ static void check_grp_file (int *errors, bool *changed)
|
||||
*/
|
||||
|
||||
if (is_shadow) {
|
||||
sgr = (struct sgrp *) sgr_locate (grp->gr_name);
|
||||
sgr = sgr_locate (grp->gr_name);
|
||||
if (sgr == NULL) {
|
||||
printf (_("no matching group file entry in %s\n"),
|
||||
sgr_file);
|
||||
@@ -663,7 +663,7 @@ static void check_grp_file (int *errors, bool *changed)
|
||||
*/
|
||||
static void check_sgr_file (int *errors, bool *changed)
|
||||
{
|
||||
struct group *grp;
|
||||
const struct group *grp;
|
||||
struct commonio_entry *sge, *tsge;
|
||||
struct sgrp *sgr;
|
||||
|
||||
@@ -758,7 +758,7 @@ static void check_sgr_file (int *errors, bool *changed)
|
||||
/*
|
||||
* Make sure this entry exists in the /etc/group file.
|
||||
*/
|
||||
grp = (struct group *) gr_locate (sgr->sg_name);
|
||||
grp = gr_locate (sgr->sg_name);
|
||||
if (grp == NULL) {
|
||||
printf (_("no matching group file entry in %s\n"),
|
||||
grp_file);
|
||||
|
||||
+10
-11
@@ -88,7 +88,16 @@ static void print_one (/*@null@*/const struct passwd *pw)
|
||||
char ptime[80];
|
||||
|
||||
#ifdef HAVE_LL_HOST
|
||||
int maxIPv6Addrlen;
|
||||
/*
|
||||
* ll_host is in minimized form, thus the maximum IPv6 address possible is
|
||||
* 8*4+7 = 39 characters.
|
||||
* RFC 4291 2.5.6 states that for LL-addresses fe80+only the interface ID is set,
|
||||
* thus having a maximum size of 25+1+IFNAMSIZ.
|
||||
* POSIX says IFNAMSIZ should be 16 characters long including the null byte, thus
|
||||
* 25+1+IFNAMSIZ >= 42 > 39
|
||||
*/
|
||||
/* Link-Local address + % + Interfacename */
|
||||
const int maxIPv6Addrlen = 25+1+IFNAMSIZ;
|
||||
#endif
|
||||
|
||||
if (NULL == pw) {
|
||||
@@ -132,16 +141,6 @@ static void print_one (/*@null@*/const struct passwd *pw)
|
||||
/* Print the header only once */
|
||||
if (!once) {
|
||||
#ifdef HAVE_LL_HOST
|
||||
/*
|
||||
* ll_host is in minimized form, thus the maximum IPv6 address possible is
|
||||
* 8*4+7 = 39 characters.
|
||||
* RFC 4291 2.5.6 states that for LL-addresses fe80+only the interface ID is set,
|
||||
* thus having a maximum size of 25+1+IFNAMSIZ.
|
||||
* POSIX says IFNAMSIZ should be 16 characters long including the null byte, thus
|
||||
* 25+1+IFNAMSIZ >= 42 > 39
|
||||
*/
|
||||
/* Link-Local address + % + Interfacename */
|
||||
maxIPv6Addrlen = 25+1+IFNAMSIZ;
|
||||
printf (_("Username Port From%*sLatest\n"), maxIPv6Addrlen-3, " ");
|
||||
#else
|
||||
puts (_("Username Port Latest"));
|
||||
|
||||
+2
-2
@@ -124,7 +124,7 @@ static void get_pam_user (char **ptr_pam_user);
|
||||
#endif
|
||||
|
||||
static void init_env (void);
|
||||
static RETSIGTYPE alarm_handler (int);
|
||||
static void alarm_handler (int);
|
||||
|
||||
/*
|
||||
* usage - print login command usage and exit
|
||||
@@ -397,7 +397,7 @@ static void init_env (void)
|
||||
}
|
||||
|
||||
|
||||
static RETSIGTYPE alarm_handler (unused int sig)
|
||||
static void alarm_handler (unused int sig)
|
||||
{
|
||||
write (STDERR_FILENO, tmsg, strlen (tmsg));
|
||||
_exit (0);
|
||||
|
||||
+1
-1
@@ -228,7 +228,7 @@ int main (int argc, char **argv)
|
||||
tty_name[0] = '\0';
|
||||
}
|
||||
|
||||
strcat (tty_name, ut->ut_line);
|
||||
strncat (tty_name, ut->ut_line, UT_LINESIZE);
|
||||
#ifndef O_NOCTTY
|
||||
#define O_NOCTTY 0
|
||||
#endif
|
||||
|
||||
@@ -11,7 +11,7 @@
|
||||
|
||||
const char *Prog;
|
||||
|
||||
void usage(void)
|
||||
static void usage(void)
|
||||
{
|
||||
fprintf(stderr, "Usage: %s [-g] [-n] user count\n", Prog);
|
||||
fprintf(stderr, " Find a subuid (or with -g, subgid) range for user\n");
|
||||
|
||||
+3
-2
@@ -73,10 +73,11 @@ static void usage(void)
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
void write_setgroups(int proc_dir_fd, bool allow_setgroups)
|
||||
static void write_setgroups(int proc_dir_fd, bool allow_setgroups)
|
||||
{
|
||||
int setgroups_fd;
|
||||
char *policy, policy_buffer[4096];
|
||||
const char *policy;
|
||||
char policy_buffer[4096];
|
||||
|
||||
/*
|
||||
* Default is "deny", and any "allow" will out-rank a "deny". We don't
|
||||
|
||||
+2
-2
@@ -379,7 +379,7 @@ int main (int argc, char **argv)
|
||||
int err = 0;
|
||||
gid_t gid;
|
||||
char *cp;
|
||||
char *progbase;
|
||||
const char *progbase;
|
||||
const char *name, *prog;
|
||||
char *group = NULL;
|
||||
char *command = NULL;
|
||||
@@ -787,7 +787,7 @@ int main (int argc, char **argv)
|
||||
* Now I try to find the basename of the login shell. This will
|
||||
* become argv[0] of the spawned command.
|
||||
*/
|
||||
progbase = (char *) Basename ((char *) prog);
|
||||
progbase = Basename (prog);
|
||||
|
||||
/*
|
||||
* Switch back to her home directory if i am doing login
|
||||
|
||||
+1
-1
@@ -62,7 +62,7 @@ static void verify_ranges(struct passwd *pw, int ranges,
|
||||
}
|
||||
}
|
||||
|
||||
void usage(void)
|
||||
static void usage(void)
|
||||
{
|
||||
fprintf(stderr, _("usage: %s <pid> <uid> <loweruid> <count> [ <uid> <loweruid> <count> ] ... \n"), Prog);
|
||||
exit(EXIT_FAILURE);
|
||||
|
||||
+7
-3
@@ -116,7 +116,7 @@ static void usage (int status)
|
||||
"\n"
|
||||
"Options:\n"),
|
||||
Prog);
|
||||
(void) fputs (_(" -b, --badnames allow bad names\n"), usageout);
|
||||
(void) fputs (_(" -b, --badname allow bad names\n"), usageout);
|
||||
#ifndef USE_PAM
|
||||
(void) fprintf (usageout,
|
||||
_(" -c, --crypt-method METHOD the crypt method (one of %s)\n"),
|
||||
@@ -383,7 +383,7 @@ static int add_user (const char *name, uid_t uid, gid_t gid)
|
||||
/* Check if this is a valid user name */
|
||||
if (!is_valid_user_name (name)) {
|
||||
fprintf (stderr,
|
||||
_("%s: invalid user name '%s'\n"),
|
||||
_("%s: invalid user name '%s': use --badname to ignore\n"),
|
||||
Prog, name);
|
||||
return -1;
|
||||
}
|
||||
@@ -464,7 +464,9 @@ static int add_passwd (struct passwd *pwd, const char *password)
|
||||
{
|
||||
const struct spwd *sp;
|
||||
struct spwd spent;
|
||||
#ifndef USE_PAM
|
||||
char *cp;
|
||||
#endif /* !USE_PAM */
|
||||
|
||||
#ifndef USE_PAM
|
||||
void *crypt_arg = NULL;
|
||||
@@ -607,11 +609,13 @@ static int add_passwd (struct passwd *pwd, const char *password)
|
||||
static void process_flags (int argc, char **argv)
|
||||
{
|
||||
int c;
|
||||
#ifndef USE_PAM
|
||||
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
|
||||
int bad_s;
|
||||
#endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */
|
||||
#endif /* !USE_PAM */
|
||||
static struct option long_options[] = {
|
||||
{"badnames", no_argument, NULL, 'b'},
|
||||
{"badname", no_argument, NULL, 'b'},
|
||||
#ifndef USE_PAM
|
||||
{"crypt-method", required_argument, NULL, 'c'},
|
||||
#endif /* !USE_PAM */
|
||||
|
||||
@@ -289,6 +289,7 @@ static int new_password (const struct passwd *pw)
|
||||
cp = getpass (_("New password: "));
|
||||
if (NULL == cp) {
|
||||
memzero (orig, sizeof orig);
|
||||
memzero (pass, sizeof pass);
|
||||
return -1;
|
||||
}
|
||||
if (warned && (strcmp (pass, cp) != 0)) {
|
||||
@@ -316,6 +317,7 @@ static int new_password (const struct passwd *pw)
|
||||
cp = getpass (_("Re-enter new password: "));
|
||||
if (NULL == cp) {
|
||||
memzero (orig, sizeof orig);
|
||||
memzero (pass, sizeof pass);
|
||||
return -1;
|
||||
}
|
||||
if (strcmp (cp, pass) != 0) {
|
||||
|
||||
+8
-7
@@ -128,7 +128,7 @@ static /*@noreturn@*/void usage (int status)
|
||||
"Options:\n"),
|
||||
Prog);
|
||||
}
|
||||
(void) fputs (_(" -b, --badnames allow bad names\n"), usageout);
|
||||
(void) fputs (_(" -b, --badname allow bad names\n"), usageout);
|
||||
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
|
||||
(void) fputs (_(" -q, --quiet report errors only\n"), usageout);
|
||||
(void) fputs (_(" -r, --read-only display errors and warnings\n"
|
||||
@@ -153,7 +153,7 @@ static void process_flags (int argc, char **argv)
|
||||
{
|
||||
int c;
|
||||
static struct option long_options[] = {
|
||||
{"badnames", no_argument, NULL, 'b'},
|
||||
{"badname", no_argument, NULL, 'b'},
|
||||
{"help", no_argument, NULL, 'h'},
|
||||
{"quiet", no_argument, NULL, 'q'},
|
||||
{"read-only", no_argument, NULL, 'r'},
|
||||
@@ -366,7 +366,7 @@ static void check_pw_file (int *errors, bool *changed)
|
||||
{
|
||||
struct commonio_entry *pfe, *tpfe;
|
||||
struct passwd *pwd;
|
||||
struct spwd *spw;
|
||||
const struct spwd *spw;
|
||||
uid_t min_sys_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
|
||||
uid_t max_sys_id = (uid_t) getdef_ulong ("SYS_UID_MAX", 999UL);
|
||||
|
||||
@@ -470,7 +470,8 @@ static void check_pw_file (int *errors, bool *changed)
|
||||
*/
|
||||
|
||||
if (!is_valid_user_name (pwd->pw_name)) {
|
||||
printf (_("invalid user name '%s'\n"), pwd->pw_name);
|
||||
printf (_("invalid user name '%s': use --badname to ignore\n"),
|
||||
pwd->pw_name);
|
||||
*errors += 1;
|
||||
}
|
||||
|
||||
@@ -498,9 +499,9 @@ static void check_pw_file (int *errors, bool *changed)
|
||||
}
|
||||
|
||||
/*
|
||||
* If uid is system and has a home directory, then check
|
||||
* If uid is not system and has a home directory, then check
|
||||
*/
|
||||
if (!(pwd->pw_uid >= min_sys_id && pwd->pw_uid <= max_sys_id && pwd->pw_dir && pwd->pw_dir[0])) {
|
||||
if (!(pwd->pw_uid >= min_sys_id && pwd->pw_uid <= max_sys_id ) && pwd->pw_dir && pwd->pw_dir[0]) {
|
||||
/*
|
||||
* Make sure the home directory exists
|
||||
*/
|
||||
@@ -584,7 +585,7 @@ static void check_pw_file (int *errors, bool *changed)
|
||||
spw_opened = true;
|
||||
}
|
||||
#endif /* WITH_TCB */
|
||||
spw = (struct spwd *) spw_locate (pwd->pw_name);
|
||||
spw = spw_locate (pwd->pw_name);
|
||||
if (NULL == spw) {
|
||||
printf (_("no matching password file entry in %s\n"),
|
||||
spw_dbname ());
|
||||
|
||||
@@ -104,10 +104,10 @@ static void execve_shell (const char *shellname,
|
||||
char *args[],
|
||||
char *const envp[]);
|
||||
#ifdef USE_PAM
|
||||
static RETSIGTYPE kill_child (int unused(s));
|
||||
static void kill_child (int unused(s));
|
||||
static void prepare_pam_close_session (void);
|
||||
#else /* !USE_PAM */
|
||||
static RETSIGTYPE die (int);
|
||||
static void die (int);
|
||||
static bool iswheel (const char *);
|
||||
#endif /* !USE_PAM */
|
||||
static bool restricted_shell (const char *shellname);
|
||||
@@ -130,7 +130,7 @@ static void set_environment (struct passwd *pw);
|
||||
* with die() as the signal handler. If signal later calls die() with a
|
||||
* signal number, the terminal modes are then reset.
|
||||
*/
|
||||
static RETSIGTYPE die (int killed)
|
||||
static void die (int killed)
|
||||
{
|
||||
static TERMIO sgtty;
|
||||
|
||||
@@ -157,7 +157,7 @@ static bool iswheel (const char *username)
|
||||
return is_on_list (grp->gr_mem, username);
|
||||
}
|
||||
#else /* USE_PAM */
|
||||
static RETSIGTYPE kill_child (int unused(s))
|
||||
static void kill_child (int unused(s))
|
||||
{
|
||||
if (0 != pid_child) {
|
||||
(void) kill (-pid_child, SIGKILL);
|
||||
@@ -494,7 +494,7 @@ static void check_perms_nopam (const struct passwd *pw)
|
||||
{
|
||||
/*@observer@*/const struct spwd *spwd = NULL;
|
||||
/*@observer@*/const char *password = pw->pw_passwd;
|
||||
RETSIGTYPE (*oldsig) (int);
|
||||
sighandler_t oldsig;
|
||||
|
||||
if (caller_is_root) {
|
||||
return;
|
||||
|
||||
+2
-2
@@ -44,9 +44,9 @@ extern char **environ;
|
||||
#endif
|
||||
|
||||
/* local function prototypes */
|
||||
static RETSIGTYPE catch_signals (int);
|
||||
static void catch_signals (int);
|
||||
|
||||
static RETSIGTYPE catch_signals (unused int sig)
|
||||
static void catch_signals (unused int sig)
|
||||
{
|
||||
_exit (1);
|
||||
}
|
||||
|
||||
+32
-15
@@ -139,6 +139,9 @@ static bool
|
||||
Dflg = false, /* set/show new user default values */
|
||||
eflg = false, /* days since 1970-01-01 when account is locked */
|
||||
fflg = false, /* days until account with expired password is locked */
|
||||
#ifdef ENABLE_SUBIDS
|
||||
Fflg = false, /* update /etc/subuid and /etc/subgid even if -r option is given */
|
||||
#endif
|
||||
gflg = false, /* primary group ID for new account */
|
||||
Gflg = false, /* secondary group set for new account */
|
||||
kflg = false, /* specify a directory to fill new user directory */
|
||||
@@ -169,7 +172,7 @@ static bool home_added = false;
|
||||
#define E_BAD_ARG 3 /* invalid argument to option */
|
||||
#define E_UID_IN_USE 4 /* UID already in use (and no -o) */
|
||||
#define E_NOTFOUND 6 /* specified group doesn't exist */
|
||||
#define E_NAME_IN_USE 9 /* username already in use */
|
||||
#define E_NAME_IN_USE 9 /* username or group name already in use */
|
||||
#define E_GRP_UPDATE 10 /* can't update group file */
|
||||
#define E_HOMEDIR 12 /* can't create home directory */
|
||||
#define E_MAILBOXFILE 13 /* can't create mailbox file */
|
||||
@@ -899,7 +902,7 @@ static void usage (int status)
|
||||
"\n"
|
||||
"Options:\n"),
|
||||
Prog, Prog, Prog);
|
||||
(void) fputs (_(" --badnames do not check for bad names\n"), usageout);
|
||||
(void) fputs (_(" --badname do not check for bad names\n"), usageout);
|
||||
(void) fputs (_(" -b, --base-dir BASE_DIR base directory for the home directory of the\n"
|
||||
" new account\n"), usageout);
|
||||
#ifdef WITH_BTRFS
|
||||
@@ -910,6 +913,9 @@ static void usage (int status)
|
||||
(void) fputs (_(" -D, --defaults print or change default useradd configuration\n"), usageout);
|
||||
(void) fputs (_(" -e, --expiredate EXPIRE_DATE expiration date of the new account\n"), usageout);
|
||||
(void) fputs (_(" -f, --inactive INACTIVE password inactivity period of the new account\n"), usageout);
|
||||
#ifdef ENABLE_SUBIDS
|
||||
(void) fputs (_(" -F, --add-subids-for-system add entries to sub[ud]id even when adding a system user\n"), usageout);
|
||||
#endif
|
||||
(void) fputs (_(" -g, --gid GROUP name or ID of the primary group of the new\n"
|
||||
" account\n"), usageout);
|
||||
(void) fputs (_(" -G, --groups GROUPS list of supplementary groups of the new\n"
|
||||
@@ -1189,12 +1195,15 @@ static void process_flags (int argc, char **argv)
|
||||
#ifdef WITH_BTRFS
|
||||
{"btrfs-subvolume-home", no_argument, NULL, 200},
|
||||
#endif
|
||||
{"badnames", no_argument, NULL, 201},
|
||||
{"badname", no_argument, NULL, 201},
|
||||
{"comment", required_argument, NULL, 'c'},
|
||||
{"home-dir", required_argument, NULL, 'd'},
|
||||
{"defaults", no_argument, NULL, 'D'},
|
||||
{"expiredate", required_argument, NULL, 'e'},
|
||||
{"inactive", required_argument, NULL, 'f'},
|
||||
#ifdef ENABLE_SUBIDS
|
||||
{"add-subids-for-system", no_argument,NULL, 'F'},
|
||||
#endif
|
||||
{"gid", required_argument, NULL, 'g'},
|
||||
{"groups", required_argument, NULL, 'G'},
|
||||
{"help", no_argument, NULL, 'h'},
|
||||
@@ -1218,11 +1227,14 @@ static void process_flags (int argc, char **argv)
|
||||
{NULL, 0, NULL, '\0'}
|
||||
};
|
||||
while ((c = getopt_long (argc, argv,
|
||||
"b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U"
|
||||
#ifdef WITH_SELINUX
|
||||
"b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:UZ:",
|
||||
#else /* !WITH_SELINUX */
|
||||
"b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U",
|
||||
#endif /* !WITH_SELINUX */
|
||||
"Z:"
|
||||
#endif /* WITH_SELINUX */
|
||||
#ifdef ENABLE_SUBIDS
|
||||
"F"
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
"",
|
||||
long_options, NULL)) != -1) {
|
||||
switch (c) {
|
||||
case 'b':
|
||||
@@ -1317,6 +1329,11 @@ static void process_flags (int argc, char **argv)
|
||||
}
|
||||
fflg = true;
|
||||
break;
|
||||
#ifdef ENABLE_SUBIDS
|
||||
case 'F':
|
||||
Fflg = true;
|
||||
break;
|
||||
#endif
|
||||
case 'g':
|
||||
grp = prefix_getgr_nam_gid (optarg);
|
||||
if (NULL == grp) {
|
||||
@@ -2409,11 +2426,9 @@ static void check_uid_range(int rflg, uid_t user_id)
|
||||
uid_t uid_min ;
|
||||
uid_t uid_max ;
|
||||
if (rflg) {
|
||||
uid_min = (uid_t)getdef_ulong("SYS_UID_MIN",101UL);
|
||||
uid_max = (uid_t)getdef_ulong("SYS_UID_MAX",getdef_ulong("UID_MIN",1000UL)-1);
|
||||
if (uid_min <= uid_max) {
|
||||
if (user_id < uid_min || user_id >uid_max)
|
||||
fprintf(stderr, _("%s warning: %s's uid %d outside of the SYS_UID_MIN %d and SYS_UID_MAX %d range.\n"), Prog, user_name, user_id, uid_min, uid_max);
|
||||
if (user_id > uid_max) {
|
||||
fprintf(stderr, _("%s warning: %s's uid %d is greater than SYS_UID_MAX %d\n"), Prog, user_name, user_id, uid_max);
|
||||
}
|
||||
}else{
|
||||
uid_min = (uid_t)getdef_ulong("UID_MIN", 1000UL);
|
||||
@@ -2486,13 +2501,15 @@ int main (int argc, char **argv)
|
||||
uid_max = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
|
||||
subuid_count = getdef_ulong ("SUB_UID_COUNT", 65536);
|
||||
subgid_count = getdef_ulong ("SUB_GID_COUNT", 65536);
|
||||
is_sub_uid = subuid_count > 0 && sub_uid_file_present () && !rflg &&
|
||||
is_sub_uid = subuid_count > 0 && sub_uid_file_present () &&
|
||||
(!rflg || Fflg) &&
|
||||
(!user_id || (user_id <= uid_max && user_id >= uid_min));
|
||||
is_sub_gid = subgid_count > 0 && sub_gid_file_present () && !rflg &&
|
||||
is_sub_gid = subgid_count > 0 && sub_gid_file_present () &&
|
||||
(!rflg || Fflg) &&
|
||||
(!user_id || (user_id <= uid_max && user_id >= uid_min));
|
||||
#endif /* ENABLE_SUBIDS */
|
||||
|
||||
if (run_parts ("/etc/shadow-maint/useradd-pre.d", (char*)user_name,
|
||||
if (run_parts ("/etc/shadow-maint/useradd-pre.d", user_name,
|
||||
"useradd")) {
|
||||
exit(1);
|
||||
}
|
||||
@@ -2715,7 +2732,7 @@ int main (int argc, char **argv)
|
||||
create_mail ();
|
||||
}
|
||||
|
||||
if (run_parts ("/etc/shadow-maint/useradd-post.d", (char*)user_name,
|
||||
if (run_parts ("/etc/shadow-maint/useradd-post.d", user_name,
|
||||
"useradd")) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
+10
-10
@@ -67,7 +67,7 @@
|
||||
/* #define E_BAD_PWFILE 5 passwd file contains errors */
|
||||
#define E_NOTFOUND 6 /* specified user/group doesn't exist */
|
||||
#define E_USER_BUSY 8 /* user to modify is logged in */
|
||||
#define E_NAME_IN_USE 9 /* username already in use */
|
||||
#define E_NAME_IN_USE 9 /* username or group name already in use */
|
||||
#define E_GRP_UPDATE 10 /* can't update group file */
|
||||
/* #define E_NOSPACE 11 insufficient space to move home dir */
|
||||
#define E_HOMEDIR 12 /* unable to complete home dir move */
|
||||
@@ -367,7 +367,10 @@ static /*@noreturn@*/void usage (int status)
|
||||
"\n"
|
||||
"Options:\n"),
|
||||
Prog);
|
||||
(void) fputs (_(" -b, --badnames allow bad names\n"), usageout);
|
||||
(void) fputs (_(" -a, --append append the user to the supplemental GROUPS\n"
|
||||
" mentioned by the -G option without removing\n"
|
||||
" the user from other groups\n"), usageout);
|
||||
(void) fputs (_(" -b, --badname allow bad names\n"), usageout);
|
||||
(void) fputs (_(" -c, --comment COMMENT new value of the GECOS field\n"), usageout);
|
||||
(void) fputs (_(" -d, --home HOME_DIR new home directory for the user account\n"), usageout);
|
||||
(void) fputs (_(" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"), usageout);
|
||||
@@ -375,12 +378,6 @@ static /*@noreturn@*/void usage (int status)
|
||||
" to INACTIVE\n"), usageout);
|
||||
(void) fputs (_(" -g, --gid GROUP force use GROUP as new primary group\n"), usageout);
|
||||
(void) fputs (_(" -G, --groups GROUPS new list of supplementary GROUPS\n"), usageout);
|
||||
(void) fputs (_(" -a, --append append the user to the supplemental GROUPS\n"
|
||||
" mentioned by the -G option without removing\n"
|
||||
" the user from other groups\n"), usageout);
|
||||
(void) fputs (_(" -r, --remove remove the user from only the supplemental GROUPS\n"
|
||||
" mentioned by the -G option without removing\n"
|
||||
" the user from other groups\n"), usageout);
|
||||
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
|
||||
(void) fputs (_(" -l, --login NEW_LOGIN new value of the login name\n"), usageout);
|
||||
(void) fputs (_(" -L, --lock lock the user account\n"), usageout);
|
||||
@@ -388,8 +385,11 @@ static /*@noreturn@*/void usage (int status)
|
||||
" new location (use only with -d)\n"), usageout);
|
||||
(void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout);
|
||||
(void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout);
|
||||
(void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
|
||||
(void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout);
|
||||
(void) fputs (_(" -r, --remove remove the user from only the supplemental GROUPS\n"
|
||||
" mentioned by the -G option without removing\n"
|
||||
" the user from other groups\n"), usageout);
|
||||
(void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
|
||||
(void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout);
|
||||
(void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout);
|
||||
(void) fputs (_(" -U, --unlock unlock the user account\n"), usageout);
|
||||
@@ -1095,7 +1095,7 @@ static void process_flags (int argc, char **argv)
|
||||
case 'l':
|
||||
if (!is_valid_user_name (optarg)) {
|
||||
fprintf (stderr,
|
||||
_("%s: invalid user name '%s'\n"),
|
||||
_("%s: invalid user name '%s': use --badname to ignore\n"),
|
||||
Prog, optarg);
|
||||
exit (E_BAD_ARG);
|
||||
}
|
||||
|
||||
@@ -293,7 +293,6 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
|
||||
/* use the system() call to invoke the editor so that it accepts
|
||||
command line args in the EDITOR and VISUAL environment vars */
|
||||
char *buf;
|
||||
int status;
|
||||
|
||||
/* Wait for parent to make us the foreground pgrp. */
|
||||
if (orig_pgrp != -1) {
|
||||
|
||||
Reference in New Issue
Block a user