VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

New upstream version 4.15.1

Browse Source
This commit is contained in:
Chris Hofstaedtler
2024-06-13 03:08:44 +02:00
parent 3987cc7880
commit f7f4fd7c05
759 changed files with 53132 additions and 39788 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/usermod.c
+142 -153
View File
@@ -17,7 +17,9 @@
#include <fcntl.h>
#include <getopt.h>
#include <grp.h>
#ifdef ENABLE_LASTLOG
#include <lastlog.h>
#endif /* ENABLE_LASTLOG */
#include <pwd.h>
#ifdef ACCT_TOOLS_SETUID
#ifdef USE_PAM
@@ -25,14 +27,18 @@
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
#include <stdio.h>
#include <strings.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <time.h>
#include "alloc.h"
#include "chkname.h"
#include "defines.h"
#include "faillog.h"
#include "getdef.h"
#include "groupio.h"
#include "memzero.h"
#include "nscd.h"
#include "sssd.h"
#include "prototypes.h"
@@ -52,6 +58,9 @@
#include "tcbfuncs.h"
#endif
#include "shadowlog.h"
#include "string/sprintf.h"
#include "time/day_to_str.h"
/*
* exit status values
@@ -82,7 +91,7 @@
/*
* Global variables
*/
const char *Prog;
static const char Prog[] = "usermod";
static char *user_name;
static char *user_newname;
@@ -98,6 +107,7 @@ static char *user_newhome;
static char *user_shell;
#ifdef WITH_SELINUX
static const char *user_selinux = "";
static const char *user_selinux_range = NULL;
#endif /* WITH_SELINUX */
static char *user_newshell;
static long user_expire;
@@ -163,10 +173,10 @@ static bool sub_gid_locked = false;
/* local function prototypes */
static int get_groups (char *);
static /*@noreturn@*/void usage (int status);
NORETURN static void usage (int status);
static void new_pwent (struct passwd *);
static void new_spent (struct spwd *);
static /*@noreturn@*/void fail_exit (int);
NORETURN static void fail_exit (int);
static void update_group (void);
#ifdef SHADOWGRP
@@ -179,7 +189,9 @@ static void close_files (void);
static void open_files (void);
static void usr_update (void);
static void move_home (void);
#ifdef ENABLE_LASTLOG
static void update_lastlog (void);
#endif /* ENABLE_LASTLOG */
static void update_faillog (void);
#ifndef NO_MOVE_MAILBOX
@@ -198,14 +210,14 @@ extern int allow_bad_names;
static int get_groups (char *list)
{
char *cp;
const struct group *grp;
struct group *grp;
int errors = 0;
int ngroups = 0;
/*
* Initialize the list to be empty
*/
user_groups[0] = (char *) 0;
user_groups[0] = NULL;
if ('\0' == *list) {
return 0;
@@ -251,25 +263,11 @@ static int get_groups (char *list)
continue;
}
#ifdef USE_NIS
/*
* Don't add this group if they are an NIS group. Tell the
* user to go to the server for this group.
*/
if (__isgrNIS ()) {
fprintf (stderr,
_("%s: group '%s' is a NIS group.\n"),
Prog, grp->gr_name);
gr_free ((struct group *)grp);
continue;
}
#endif
if (ngroups == sys_ngroups) {
fprintf (stderr,
_("%s: too many groups specified (max %d).\n"),
Prog, ngroups);
gr_free ((struct group *)grp);
gr_free (grp);
break;
}
@@ -277,10 +275,10 @@ static int get_groups (char *list)
* Add the group name to the user's list of groups.
*/
user_groups[ngroups++] = xstrdup (grp->gr_name);
gr_free ((struct group *)grp);
gr_free (grp);
} while (NULL != list);
user_groups[ngroups] = (char *) 0;
user_groups[ngroups] = NULL;
/*
* Any errors in finding group names are fatal
@@ -307,21 +305,28 @@ static struct ulong_range getulong_range(const char *str)
errno = 0;
first = strtoll(str, &pos, 10);
if (('\0' == *str) || ('-' != *pos ) || (ERANGE == errno) ||
(first != (unsigned long int)first))
if (('\0' == *str) || ('-' != *pos ) || (0 != errno) ||
(first != (unsigned long)first))
goto out;
errno = 0;
last = strtoll(pos + 1, &pos, 10);
if (('\0' != *pos ) || (ERANGE == errno) ||
(last != (unsigned long int)last))
if (('\0' != *pos ) || (0 != errno) ||
(last != (unsigned long)last))
goto out;
if (first > last)
goto out;
result.first = (unsigned long int)first;
result.last = (unsigned long int)last;
/*
* uid_t in linux is an unsigned int, anything over this is an invalid
* range will be later refused anyway by get_map_ranges().
*/
if (first > UINT_MAX || last > UINT_MAX)
goto out;
result.first = (unsigned long)first;
result.last = (unsigned long)last;
out:
return result;
}
@@ -342,7 +347,7 @@ static int prepend_range(const char *str, struct ulong_range_list_entry **head)
if (range.first > range.last)
return 0;
entry = malloc(sizeof(*entry));
entry = MALLOC(1, struct ulong_range_list_entry);
if (!entry) {
fprintf (stderr,
_("%s: failed to allocate memory: %s\n"),
@@ -359,7 +364,9 @@ static int prepend_range(const char *str, struct ulong_range_list_entry **head)
/*
* usage - display usage message and exit
*/
static /*@noreturn@*/void usage (int status)
NORETURN
static void
usage (int status)
{
FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
(void) fprintf (usageout,
@@ -401,6 +408,7 @@ static /*@noreturn@*/void usage (int status)
#endif /* ENABLE_SUBIDS */
#ifdef WITH_SELINUX
(void) fputs (_(" -Z, --selinux-user SEUSER new SELinux user mapping for the user account\n"), usageout);
(void) fputs (_(" --selinux-range SERANGE new SELinux MLS range for the user account\n"), usageout);
#endif /* WITH_SELINUX */
(void) fputs ("\n", usageout);
exit (status);
@@ -413,20 +421,17 @@ static /*@noreturn@*/void usage (int status)
static char *new_pw_passwd (char *pw_pass)
{
if (Lflg && ('!' != pw_pass[0])) {
char *buf = xmalloc (strlen (pw_pass) + 2);
char *buf = XMALLOC(strlen(pw_pass) + 2, char);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"updating passwd",
user_newname, (unsigned int) user_newid, 0);
"updating passwd", user_newname, user_newid, 0);
#endif
SYSLOG ((LOG_INFO, "lock user '%s' password", user_newname));
strcpy (buf, "!");
strcat (buf, pw_pass);
pw_pass = buf;
} else if (Uflg && pw_pass[0] == '!') {
char *s;
if (pw_pass[1] == '\0') {
fprintf (stderr,
_("%s: unlocking the user's password would result in a passwordless account.\n"
@@ -437,20 +442,14 @@ static char *new_pw_passwd (char *pw_pass)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"updating password",
user_newname, (unsigned int) user_newid, 0);
"updating password", user_newname, user_newid, 0);
#endif
SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
s = pw_pass;
while ('\0' != *s) {
*s = *(s + 1);
s++;
}
memmove(pw_pass, pw_pass + 1, strlen(pw_pass));
} else if (pflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing password",
user_newname, (unsigned int) user_newid, 1);
"changing password", user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO, "change user '%s' password", user_newname));
pw_pass = xstrdup (user_pass);
@@ -479,8 +478,7 @@ static void new_pwent (struct passwd *pwent)
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing name",
user_newname, (unsigned int) user_newid, 1);
"changing name", user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user name '%s' to '%s'",
@@ -500,8 +498,7 @@ static void new_pwent (struct passwd *pwent)
if (uflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing uid",
user_newname, (unsigned int) user_newid, 1);
"changing uid", user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' UID from '%d' to '%d'",
@@ -512,7 +509,7 @@ static void new_pwent (struct passwd *pwent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing primary group",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' GID from '%d' to '%d'",
@@ -522,8 +519,7 @@ static void new_pwent (struct passwd *pwent)
if (cflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing comment",
user_newname, (unsigned int) user_newid, 1);
"changing comment", user_newname, user_newid, 1);
#endif
pwent->pw_gecos = user_newcomment;
}
@@ -532,7 +528,7 @@ static void new_pwent (struct passwd *pwent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing home directory",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' home from '%s' to '%s'",
@@ -549,7 +545,7 @@ static void new_pwent (struct passwd *pwent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing user shell",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' shell from '%s' to '%s'",
@@ -580,7 +576,7 @@ static void new_spent (struct spwd *spent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing inactive days",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' inactive from '%ld' to '%ld'",
@@ -590,12 +586,13 @@ static void new_spent (struct spwd *spent)
if (eflg) {
/* log dates rather than numbers of days. */
char new_exp[16], old_exp[16];
date_to_str (sizeof(new_exp), new_exp, user_newexpire * DAY);
date_to_str (sizeof(old_exp), old_exp, user_expire * DAY);
DAY_TO_STR(new_exp, user_newexpire);
DAY_TO_STR(old_exp, user_expire);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing expiration date",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' expiration from '%s' to '%s'",
@@ -615,7 +612,7 @@ static void new_spent (struct spwd *spent)
spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
if (pflg) {
spent->sp_lstchg = (long) gettime () / SCALE;
spent->sp_lstchg = gettime () / DAY;
if (0 == spent->sp_lstchg) {
/* Better disable aging than requiring a password
* change. */
@@ -627,7 +624,9 @@ static void new_spent (struct spwd *spent)
/*
* fail_exit - exit with an error code after unlocking files
*/
static /*@noreturn@*/void fail_exit (int code)
NORETURN
static void
fail_exit (int code)
{
if (gr_locked) {
if (gr_unlock () == 0) {
@@ -967,7 +966,6 @@ static void grp_update (void)
*/
static void process_flags (int argc, char **argv)
{
const struct group *grp;
struct stat st;
bool anyflag = false;
@@ -978,6 +976,7 @@ static void process_flags (int argc, char **argv)
int c;
static struct option long_options[] = {
{"append", no_argument, NULL, 'a'},
{"badname", no_argument, NULL, 'b'},
{"badnames", no_argument, NULL, 'b'},
{"comment", required_argument, NULL, 'c'},
{"home", required_argument, NULL, 'd'},
@@ -1000,11 +999,12 @@ static void process_flags (int argc, char **argv)
#ifdef ENABLE_SUBIDS
{"add-subuids", required_argument, NULL, 'v'},
{"del-subuids", required_argument, NULL, 'V'},
{"add-subgids", required_argument, NULL, 'w'},
{"del-subgids", required_argument, NULL, 'W'},
{"add-subgids", required_argument, NULL, 'w'},
{"del-subgids", required_argument, NULL, 'W'},
#endif /* ENABLE_SUBIDS */
#ifdef WITH_SELINUX
{"selinux-user", required_argument, NULL, 'Z'},
{"selinux-user", required_argument, NULL, 'Z'},
{"selinux-range", required_argument, NULL, 202},
#endif /* WITH_SELINUX */
{NULL, 0, NULL, '\0'}
};
@@ -1058,11 +1058,10 @@ static void process_flags (int argc, char **argv)
Prog, optarg);
exit (E_BAD_ARG);
}
user_newexpire *= DAY / SCALE;
eflg = true;
break;
case 'f':
if ( (getlong (optarg, &user_newinactive) == 0)
if ( (getlong(optarg, &user_newinactive) == -1)
|| (user_newinactive < -1)) {
fprintf (stderr,
_("%s: invalid numeric argument '%s'\n"),
@@ -1072,7 +1071,10 @@ static void process_flags (int argc, char **argv)
fflg = true;
break;
case 'g':
grp = getgr_nam_gid (optarg);
{
struct group *grp;
grp = prefix_getgr_nam_gid (optarg);
if (NULL == grp) {
fprintf (stderr,
_("%s: group '%s' does not exist\n"),
@@ -1083,6 +1085,7 @@ static void process_flags (int argc, char **argv)
gflg = true;
gr_free (grp);
break;
}
case 'G':
if (get_groups (optarg) != 0) {
exit (E_NOTFOUND);
@@ -1146,7 +1149,7 @@ static void process_flags (int argc, char **argv)
sflg = true;
break;
case 'u':
if ( (get_uid (optarg, &user_newid) ==0)
if ( (get_uid(optarg, &user_newid) == -1)
|| (user_newid == (uid_t)-1)) {
fprintf (stderr,
_("%s: invalid user ID '%s'\n"),
@@ -1214,6 +1217,9 @@ static void process_flags (int argc, char **argv)
exit (E_BAD_ARG);
}
break;
case 202:
user_selinux_range = optarg;
break;
#endif /* WITH_SELINUX */
default:
usage (E_USAGE);
@@ -1258,46 +1264,16 @@ static void process_flags (int argc, char **argv)
user_newgid = user_gid;
}
if (prefix[0]) {
size_t len = strlen(prefix) + strlen(user_home) + 2;
int wlen;
prefix_user_home = xmalloc(len);
wlen = snprintf(prefix_user_home, len, "%s/%s", prefix, user_home);
assert (wlen == (int) len -1);
xasprintf(&prefix_user_home, "%s/%s", prefix, user_home);
if (user_newhome) {
len = strlen(prefix) + strlen(user_newhome) + 2;
prefix_user_newhome = xmalloc(len);
wlen = snprintf(prefix_user_newhome, len, "%s/%s", prefix, user_newhome);
assert (wlen == (int) len -1);
xasprintf(&prefix_user_newhome, "%s/%s",
prefix, user_newhome);
}
}
else {
} else {
prefix_user_home = user_home;
prefix_user_newhome = user_newhome;
}
#ifdef USE_NIS
/*
* Now make sure it isn't an NIS user.
*/
if (__ispwNIS ()) {
char *nis_domain;
char *nis_master;
fprintf (stderr,
_("%s: user %s is a NIS user\n"),
Prog, user_name);
if ( !yp_get_default_domain (&nis_domain)
&& !yp_master (nis_domain, "passwd.byname", &nis_master)) {
fprintf (stderr,
_("%s: %s is the NIS master\n"),
Prog, nis_master);
}
exit (E_NOTFOUND);
}
#endif
{
const struct spwd *spwd = NULL;
/* local, no need for xgetspnam */
@@ -1354,6 +1330,15 @@ static void process_flags (int argc, char **argv)
usage (E_USAGE);
}
#ifdef WITH_SELINUX
if (user_selinux_range && !Zflg) {
fprintf (stderr,
_("%s: %s flag is only allowed with the %s flag\n"),
Prog, "--selinux-range", "--selinux-user");
usage (E_USAGE);
}
#endif /* WITH_SELINUX */
if (user_newid == user_id) {
uflg = false;
oflg = false;
@@ -1723,7 +1708,7 @@ static void usr_update (void)
* a shadowed password
* + aging information is requested
*/
memset (&spent, 0, sizeof spent);
bzero(&spent, sizeof spent);
spent.sp_namp = user_name;
/* The user explicitly asked for a shadow feature.
@@ -1732,7 +1717,7 @@ static void usr_update (void)
spent.sp_pwdp = xstrdup (pwent.pw_passwd);
pwent.pw_passwd = xstrdup (SHADOW_PASSWD_STRING);
spent.sp_lstchg = (long) gettime () / SCALE;
spent.sp_lstchg = gettime () / DAY;
if (0 == spent.sp_lstchg) {
/* Better disable aging than
* requiring a password change */
@@ -1819,7 +1804,7 @@ static void move_home (void)
if (uflg || gflg) {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing home directory owner",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
}
#endif
@@ -1838,8 +1823,7 @@ static void move_home (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"moving home directory",
user_newname, (unsigned int) user_newid,
1);
user_newname, user_newid, 1);
#endif
return;
} else {
@@ -1869,7 +1853,7 @@ static void move_home (void)
Prog,
"moving home directory",
user_newname,
(unsigned int) user_newid,
user_newid,
1);
#endif
return;
@@ -1897,6 +1881,7 @@ static void move_home (void)
* left alone in case the UID was shared. It doesn't hurt anything
* to just leave it be.
*/
#ifdef ENABLE_LASTLOG
static void update_lastlog (void)
{
struct lastlog ll;
@@ -1909,7 +1894,7 @@ static void update_lastlog (void)
return;
}
max_uid = (uid_t) getdef_ulong ("LASTLOG_UID_MAX", 0xFFFFFFFFUL);
max_uid = getdef_ulong ("LASTLOG_UID_MAX", 0xFFFFFFFFUL);
if (user_newid > max_uid) {
/* do not touch lastlog for large uids */
return;
@@ -1928,7 +1913,7 @@ static void update_lastlog (void)
&& (read (fd, &ll, sizeof ll) == (ssize_t) sizeof ll)) {
/* Copy the old entry to its new location */
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
|| (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
|| (write_full(fd, &ll, sizeof ll) == -1)
|| (fsync (fd) != 0)) {
fprintf (stderr,
_("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
@@ -1944,7 +1929,7 @@ static void update_lastlog (void)
/* Reset the new uid's lastlog entry */
memzero (&ll, sizeof (ll));
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
|| (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
|| (write_full(fd, &ll, sizeof ll) == -1)
|| (fsync (fd) != 0)) {
fprintf (stderr,
_("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
@@ -1953,8 +1938,13 @@ static void update_lastlog (void)
}
}
(void) close (fd);
if (close (fd) != 0 && errno != EINTR) {
fprintf (stderr,
_("%s: failed to copy the lastlog entry of user %ju to user %ju: %s\n"),
Prog, (uintmax_t) user_id, (uintmax_t) user_newid, strerror (errno));
}
}
#endif /* ENABLE_LASTLOG */
/*
* update_faillog - update the faillog file
@@ -1984,10 +1974,10 @@ static void update_faillog (void)
}
if ( (lseek (fd, off_uid, SEEK_SET) == off_uid)
&& (read (fd, (char *) &fl, sizeof fl) == (ssize_t) sizeof fl)) {
&& (read (fd, &fl, sizeof fl) == (ssize_t) sizeof fl)) {
/* Copy the old entry to its new location */
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
|| (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)
|| (write_full(fd, &fl, sizeof fl) == -1)
|| (fsync (fd) != 0)) {
fprintf (stderr,
_("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
@@ -2003,7 +1993,8 @@ static void update_faillog (void)
/* Reset the new uid's faillog entry */
memzero (&fl, sizeof (fl));
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
|| (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)) {
|| (write_full(fd, &fl, sizeof fl) == -1))
{
fprintf (stderr,
_("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
@@ -2011,7 +2002,11 @@ static void update_faillog (void)
}
}
(void) close (fd);
if (close (fd) != 0 && errno != EINTR) {
fprintf (stderr,
_("%s: failed to copy the faillog entry of user %ju to user %ju: %s\n"),
Prog, (uintmax_t) user_id, (uintmax_t) user_newid, strerror (errno));
}
}
#ifndef NO_MOVE_MAILBOX
@@ -2024,12 +2019,10 @@ static void update_faillog (void)
*/
static void move_mailbox (void)
{
const char *maildir;
char* mailfile;
char* newmailfile;
int fd;
struct stat st;
size_t len;
int fd;
char *mailfile;
const char *maildir;
struct stat st;
maildir = getdef_str ("MAIL_DIR");
#ifdef MAIL_SPOOL_DIR
@@ -2040,8 +2033,6 @@ static void move_mailbox (void)
if (NULL == maildir) {
return;
}
len = strlen (prefix) + strlen (maildir) + strlen (user_name) + 2;
mailfile = alloca (len);
/*
* O_NONBLOCK is to make sure open won't hang on mandatory locks.
@@ -2050,14 +2041,10 @@ static void move_mailbox (void)
* between stat and chown). --marekm
*/
if (prefix[0]) {
(void) snprintf (mailfile, len, "%s/%s/%s",
prefix, maildir, user_name);
xasprintf(&mailfile, "%s/%s/%s", prefix, maildir, user_name);
} else {
xasprintf(&mailfile, "%s/%s", maildir, user_name);
}
else {
(void) snprintf (mailfile, len, "%s/%s",
maildir, user_name);
}
mailfile[len-1] = '\0';
fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0);
if (fd < 0) {
@@ -2065,11 +2052,13 @@ static void move_mailbox (void)
if (errno != ENOENT) {
perror (mailfile);
}
free(mailfile);
return;
}
if (fstat (fd, &st) < 0) {
perror ("fstat");
(void) close (fd);
free(mailfile);
return;
}
if (st.st_uid != user_id) {
@@ -2077,6 +2066,7 @@ static void move_mailbox (void)
fprintf (stderr, _("%s: warning: %s not owned by %s\n"),
Prog, mailfile, user_name);
(void) close (fd);
free(mailfile);
return;
}
if (uflg) {
@@ -2087,7 +2077,7 @@ static void move_mailbox (void)
else {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing mail file owner",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
}
#endif
}
@@ -2095,17 +2085,14 @@ static void move_mailbox (void)
(void) close (fd);
if (lflg) {
len = strlen (prefix) + strlen (maildir) + strlen (user_newname) + 2;
newmailfile = alloca(len);
char *newmailfile;
if (prefix[0]) {
(void) snprintf (newmailfile, len, "%s/%s/%s",
prefix, maildir, user_newname);
xasprintf(&newmailfile, "%s/%s/%s",
prefix, maildir, user_newname);
} else {
xasprintf(&newmailfile, "%s/%s", maildir, user_newname);
}
else {
(void) snprintf (newmailfile, len, "%s/%s",
maildir, user_newname);
}
newmailfile[len - 1] = '\0';
if ( (link (mailfile, newmailfile) != 0)
|| (unlink (mailfile) != 0)) {
perror (_("failed to rename mailbox"));
@@ -2114,10 +2101,14 @@ static void move_mailbox (void)
else {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing mail file name",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
}
free(newmailfile);
#endif
}
free(mailfile);
}
#endif
@@ -2133,10 +2124,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -2147,14 +2134,14 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
OPENLOG ("usermod");
OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif
sys_ngroups = sysconf (_SC_NGROUPS_MAX);
user_groups = (char **) malloc (sizeof (char *) * (1 + sys_ngroups));
user_groups[0] = (char *) 0;
user_groups = XMALLOC(sys_ngroups + 1, char *);
user_groups[0] = NULL;
is_shadow_pwd = spw_file_present ();
#ifdef SHADOWGRP
@@ -2193,7 +2180,7 @@ int main (int argc, char **argv)
exit (1);
}
retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
@@ -2305,14 +2292,14 @@ int main (int argc, char **argv)
#ifdef WITH_SELINUX
if (Zflg) {
if ('\0' != *user_selinux) {
if (set_seuser (user_name, user_selinux) != 0) {
if (set_seuser (user_name, user_selinux, user_selinux_range) != 0) {
fprintf (stderr,
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
Prog, user_name, user_selinux);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"modifying User mapping ",
user_name, (unsigned int) user_id,
user_name, user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE);
@@ -2325,7 +2312,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"removing SELinux user mapping",
user_name, (unsigned int) user_id,
user_name, user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE);
@@ -2345,7 +2332,9 @@ int main (int argc, char **argv)
#endif /* NO_MOVE_MAILBOX */
if (uflg) {
#ifdef ENABLE_LASTLOG
update_lastlog ();
#endif /* ENABLE_LASTLOG */
update_faillog ();
}
@@ -2367,7 +2356,7 @@ int main (int argc, char **argv)
if (uflg || gflg) {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing home directory owner",
user_newname, (unsigned int) user_newid, 1);
user_newname, user_newid, 1);
}
#endif
if (chown_tree (dflg ? prefix_user_newhome : prefix_user_home,