VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,152 Commits 10 Branches 149 Tags
25fd8eb4042fa59d6fcce19fc5288df03d8018ea
Commit Graph

3152 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tobias Stoeckmann
25fd8eb404 lib/defines.h: Remove ITI_AGING 
ITI_AGING is not set through any build environment. If it would be set,
then timings in /etc/shadow would not fit anymore.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Cherry-picked-from: ab260fcd1f ("lib/defines.h: Remove ITI_AGING")
Link: <https://github.com/shadow-maint/shadow/pull/873>
Link: <https://github.com/shadow-maint/shadow/pull/876>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
[alx: This is a pre-requisite for 674409e226 ("lib/: Saturate addition to avoid overflow")]
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-02-14 04:06:51 +01:00
Alejandro Colomar
24605a1b62 Release 4.14.5 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
4.14.5 		2024-02-13 18:59:37 +01:00
Alejandro Colomar
9f3d42b14d etc/pam.d/Makefile.am: Fix typo 
The commit we're fixing mentions that it wanted to move 'chpasswd', but
it removed 'ch_g_passwd' from 'pamd_acct_tools_files' and added
'chpasswd' to 'pamd_files'.  It seems it removed the wrong thing by
accident.

Fixes: 341d80c2c7 ("Makefile: move chpasswd and newusers to pamd target")
Link: <https://github.com/shadow-maint/shadow/pull/928#discussion_r1487687347>
Link: <https://github.com/shadow-maint/shadow/issues/926#issuecomment-1941324761>
Reported-by: Dominique Leuenberger <dleuenberger@suse.com>
Reported-by: Michael Vetter <jubalh@iodoru.org>
Cc: David Runge <dvzrv@archlinux.org>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Tested-by: Michael Vetter <jubalh@iodoru.org>
Reviewed-by: Michael Vetter <jubalh@iodoru.org>
Reviewed-by: loqs <https://github.com/loqs>
Co-developed-by: Dominique Leuenberger <dleuenberger@suse.com>
Signed-off-by: Dominique Leuenberger <dleuenberger@suse.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: 7eb10e6298 ("etc/pam.d/Makefile.am: Fix typo")
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-02-13 18:47:39 +01:00
Alejandro Colomar
f0f7fc60f2 Release 4.14.4 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
4.14.4 		2024-02-11 23:46:58 +01:00
Tobias Stoeckmann
bc0151d4d3 lib/chkname.c: Take NUL byte into account 
The _SC_LOGIN_NAME_MAX value includes space for the NUL byte.  The
length of name must smaller than this value to be valid.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Cherry-picked-from: 403a2e3771 ("lib/chkname.c: Take NUL byte into account")
Link: <https://github.com/shadow-maint/shadow/pull/935>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-02-05 00:46:30 +01:00
Alejandro Colomar
4b775cbff9 lib/chkname.c: Use tmp variable to avoid a -Wsign-compare warning 
I used size_t because:

sysconf(3) can return -1 if the value is not supported, but then it can
only mean that there's no limit.  Having no limit is the same as having
a limit of SIZE_MAX (to which -1 is converted).

Signed-off-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: 6be85b0baf ("lib/chkname.c: Use tmp variable to avoid a -Wsign-compare warning")
[alx: This is to cherry-pick the next commit without conflict]
Link: <https://github.com/shadow-maint/shadow/pull/801>
Link: <https://github.com/shadow-maint/shadow/pull/935>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-02-05 00:40:18 +01:00
loqs
bc2cc1106d Makefile: Move chpasswd and newusers to pamd target 
Install pam configs for chpasswd and newusers when using:

	$ ./configure --with-libpam --disable-account-tools-setuid

Closes: <https://github.com/shadow-maint/shadow/issues/810>
Link: <https://github.com/shadow-maint/shadow/pull/928>
Tested-by: David Runge <dvzrv@archlinux.org>
Cherry-picked-from: 341d80c2c7 ("Makefile: move chpasswd and newusers to pamd target")
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-01-30 22:14:53 +01:00
Pablo Saavedra
f630203ed8 lib/logind.c: active_sessions_count(): Fix build error 'parameter name omitted' 
Add the omitted parameter name.

Closes: <https://github.com/shadow-maint/shadow/issues/918>
Link: <https://github.com/shadow-maint/shadow/pull/919>
Signed-off-by: Pablo Saavedra <psaavedra@igalia.com>
Cherry-picked-from: da84d0ede7 ("Fix Build error 'parameter name omitted' in logind")
Cc: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-01-30 17:34:04 +01:00
Sam James
7540b05197 Link correctly with libdl 
This fixes build with glibc-2.33 (newer glibc merged libdl and libpthread
into libc):
```
libtool: link: x86_64-pc-linux-gnu-gcc -isystem /usr/include/bsd -DLIBBSD_OVERLAY -O2 -pipe -Wl,-O1 -o login login.o login_nopam.o  -Wl,--as-needed ../lib/.libs/libshadow.a -lcrypt -lsystemd -lpam -lpam_misc -lbsd
/usr/lib/gcc/x86_64-pc-linux-gnu/13/../../../../x86_64-pc-linux-gnu/bin/ld: ../lib/.libs/libshadow.a(libshadow_la-nss.o): undefined reference to symbol 'dlclose@@GLIBC_2.2.5'
/usr/lib/gcc/x86_64-pc-linux-gnu/13/../../../../x86_64-pc-linux-gnu/bin/ld: /lib64/libdl.so.2: error adding symbols: DSO missing from command line
collect2: error: ld returned 1 exit status
```

In Debian, the needed macro from libtool seems to be in libltdl-dev.

Signed-off-by: Sam James <sam@gentoo.org>
Cc: Iker Pedrosa <ikerpedrosam@gmail.com>
Cherry-picked-from: 0f4e59fd00 ("Link correctly with libdl")
Link: <https://github.com/shadow-maint/shadow/pull/917>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-01-26 13:32:08 +01:00
Alejandro Colomar
eae0b02796 Release 4.14.3 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
4.14.3 		2024-01-16 00:01:06 +01:00
Samanta Navarro
1c6a1206bd lib/sgetgrent.c: fix null pointer dereference 
If reallocation fails in function list, then reset the size to 0 again.
Without the reset, the next call assumes that `members` points to
a memory location with reserved space.

Also use size_t instead of int for size to prevent signed integer
overflows. The length of group lines is not limited.

Fixes 45c0003e53 (4.14 release series)

Proof of Concept:

-  Prepare a group file (one long group line and a shorter one, both with a list of users)

	$ echo -n "root:x:0:" > /tmp/uwu
	$ yes , | tr -d '\n' | dd of=/tmp/uwu bs=10 count=3145728 seek=1 conv=notrunc iflag=fullblock
	$ echo -e "\nbin:x:1:," >> /tmp/uwu

-  Run grpck with tight memory constraints

	$ ulimit -d 102400
	$ grpck /tmp/uwu
	Segmentation fault (core dumped)

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
Cherry-picked-from: a9e07c0feb ("lib/sgetgrent.c: fix null pointer dereference")
Link: <https://github.com/shadow-maint/shadow/pull/904>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2024-01-16 00:00:43 +01:00
Alejandro Colomar
22656c36a2 Release 4.14.2 
Link: <https://github.com/shadow-maint/shadow/pull/824>
Reviewed-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
4.14.2 		2023-10-30 00:14:15 +01:00
Michael Vetter
11071522a2 man: document --prefix option in chage, chpasswd and passwd 
Support for `--prefix` was added in
https://github.com/shadow-maint/shadow/pull/714 and is available since
shadow 4.14.0.

Close https://github.com/shadow-maint/shadow/issues/822

Cherry-picked-from: 01f6258df7 ("man: document --prefix option in chage, chpasswd and passwd")
Link: <https://github.com/shadow-maint/shadow/pull/823>
Suggested-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-10-30 00:00:28 +01:00
Johannes Segitz
909036d714 useradd: Set proper SELinux labels for def_usrtemplate 
Fixes: 74c17c716 ("Add support for skeleton files from /usr/etc/skel")

Signed-off-by: Johannes Segitz <jsegitz@suse.com>
Cherry-picked-from: 48aa12af31
Link: <https://github.com/shadow-maint/shadow/pull/812>
Reviewed-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-10-30 00:00:24 +01:00
Iker Pedrosa
de50b39475 utmp: call prepare_utmp() even if utent is NULL 
update_utmp() should also return 0 when success.

Fixes: 1f368e1c18 ("utmp: update
`update_utmp()")
Resolves: https://github.com/shadow-maint/shadow/issues/805

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Cherry-picked-from: 5178f8c5af
Link: <https://github.com/shadow-maint/shadow/issues/805>
Link: <https://github.com/shadow-maint/shadow/pull/808>
Reviewed-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-10-30 00:00:19 +01:00
Christian Göttsche
b5c99ec30e lib/btrfs: avoid NULL-dereference 
btrfs.c:42:13: warning: use of NULL 'cmd' where non-null expected [CWE-476] [-Wanalyzer-null-argument]

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: 54ab542887
Link: <https://github.com/shadow-maint/shadow/pull/770>
Reviewed-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-10-30 00:00:15 +01:00
Heiko Becker
58b96645c9 Replace __{BEGIN,END}_DECLS with #ifdef __cplusplus 
Fixes the build with musl libc.

Cherry-picked-from: 890f911e17
Link: <https://github.com/shadow-maint/shadow/pull/789>
Reviewed-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-10-30 00:00:10 +01:00
Alejandro Colomar
817f3283d1 Release 4.14.1 
The same thing, but this time, it's official.  :)

Link: <https://lists.sr.ht/~hallyn/shadow/%3Cphikwsgcwerp4anb4qpfkruwqqy4rqsmowv6pi23m5rqvhxw4i%40yuexyhynkim3%3E>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
4.14.1 		2023-09-25 17:55:14 +02:00
Alejandro Colomar
0e0bcacf3c Release 4.14.1-alx 
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-18 14:50:02 +02:00
Alejandro Colomar
0004cc46dd lib: Merge libmisc into libshadow 
The separation was unnecessary, and caused build problems.  Let's go
wild and obliterate the library.  The files are moved to libshadow.

Scripted change:

$ find libmisc/ -type f \
| grep '\.[chy]$' \
| xargs mv -t lib;

Plus updating the Makefile and other references.  While at it, I've
sorted the sources lists.

Link: <https://github.com/shadow-maint/shadow/pull/792>
Reported-by: David Seifert <soap@gentoo.org>
Cc: Sam James <sam@gentoo.org>
Cc: Christian Bricart <christian@bricart.de>
Cc: Michael Vetter <jubalh@iodoru.org>
Cc: Robert Förster <Dessa@gmake.de>
[ soap tested the Gentoo package ]
Tested-by: David Seifert <soap@gentoo.org>
Acked-by: David Seifert <soap@gentoo.org>
Acked-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Iker Pedrosa <ipedrosa@redhat.com>
Acked-by: <lslebodn@fedoraproject.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-10 14:13:01 +02:00
Alejandro Colomar
1c330177f0 lib, libmisc: Move source files to lib (where their headers were) 
Scripted change:

$ find lib/ -type f \
| grep '\.h$' \
| sed 's,lib/,libmisc/,' \
| sed 's,\.h$,.c,' \
| xargs find 2>/dev/null \
| xargs mv -t lib/;

Plus updating the Makefiles.

Closes: <https://github.com/shadow-maint/shadow/issues/791>
Closes: <https://bugs.gentoo.org/912446>
Link: <https://github.com/shadow-maint/shadow/issues/763#issuecomment-1664383425>
Link: <https://github.com/shadow-maint/shadow/pull/776>
Link: <d0518cc250>
Reported-by: Christian Bricart <christian@bricart.de>
Reported-by: Robert Marmorstein <robert@marmorstein.org>
Cc: Sam James <sam@gentoo.org>
[ jubalh tested the openSUSE package ]
Tested-by: Michael Vetter <jubalh@iodoru.org>
Acked-by: Michael Vetter <jubalh@iodoru.org>
[ Robert F. tested the Gentoo package ]
Tested-by: Robert Förster <Dessa@gmake.de>
Cc: David Seifert <soap@gentoo.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-10 14:12:54 +02:00
Serge Hallyn
014536f5d5 release 4.14.0 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0 		2023-08-15 21:38:30 -05:00
Serge Hallyn
ca0f828e7a pre-release 4.14.0-rc5 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc5 		2023-08-14 11:51:36 -05:00
Serge Hallyn
ebad5f840a configure.ac: check for strlcpy 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-14 09:08:35 -05:00
Michael Vetter
ae2a4507ed Remove intree website 
AFAIK these files were not used in a while.
On 2023-04-27 we also archived the GitHub pages based repo:
https://github.com/shadow-maint/shadow-www

In 1654f42194 we mention the regular repo URL as our home page.

Also see:
https://github.com/shadow-maint/shadow/issues/114
 2023-08-14 07:06:51 -05:00
Serge Hallyn
c1924dc5a1 4.14.0-rc4 pre-release 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc4 		2023-08-12 23:17:52 -05:00
Serge Hallyn
ee3e6112d3 Releases: add etc/shadow-maint to distfiles 
Closes #784

Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-12 23:16:56 -05:00
Serge Hallyn
2492fc00d4 4.14.0-rc3 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc3 		2023-08-10 09:33:07 -05:00
Iker Pedrosa
776bbd0ccb libmisc: include freezero 
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
0e0a310acf libmisc: add freezero source code 
If shadow is built without libbsd support, then freezero() needs to be
provided from the project.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
7d5eeb2135 libmisc: add readpassphrase source code 
If shadow is built without libbsd support, then readpassphrase() needs
to be provided from the project.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
c408c4ad3d configure: add with-libbsd option 
It enables the build with libbsd support. By default it is enabled.

Resolves: https://github.com/shadow-maint/shadow/issues/779

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
6ddd10482b man: include shadow-man.xsl in tarball 
This will help generate man pages from tarball.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-09 21:33:21 -05:00
Iker Pedrosa
8e17459fa1 man: include its.rules in tarball 
This will help generate the man pages from tarball.

Resolves: https://github.com/shadow-maint/shadow/issues/781

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-09 21:33:21 -05:00
Iker Pedrosa
c89b326350 autogen: enable lastlog build 
Add "--enable-lastlog" to include lastlog man pages in tarball.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-07 09:42:11 -05:00
Christian Göttsche
969549fdf0 Add wrapper for write(2) 
write(2) may not write the complete given buffer.  Add a wrapper to
avoid short writes.
 2023-08-04 17:15:42 -05:00
Serge Hallyn
d63f3a0c0a tag 4.14.0-rc2 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc2 		2023-08-04 16:24:54 -05:00
Michael Vetter
d0518cc250 Add new files to libmisc_la_SOURCES 
Resolves https://github.com/shadow-maint/shadow/issues/763
 2023-08-04 15:39:55 -05:00
Serge Hallyn
4107c49ecd Add a make dist CI test 
Add a CI test to check that make dist builds a usable tarball.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-04 14:15:49 -05:00
Serge Hallyn
95296dfd67 4.14.0-rc1 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc1 		2023-08-03 11:28:59 -05:00
Serge Hallyn
cf5596fc79 remove xmalloc.c from POTFILES.in 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-03 11:28:54 -05:00
Iker Pedrosa
f2155fadf1 logoutd: add missing <utmp.h> include 
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
02e3e04205 CI: compile old utmp interface in Fedora 
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
50affc546f src: add SELINUX library 
With the recent changes both login and su compilation fail because there
are some missing dependencies from SELINUX library. Thus, add LIBSELINUX
to su and login for those cases where the library is used.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
78c09e3afe libmisc: conditionally compile utmp.c and logind.c 
Depending on the configuration option selected.

Resolves: https://github.com/shadow-maint/shadow/issues/674

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
3b7cc05387 lib: replace USER_NAME_MAX_LENGTH macro 
Replace it by `sysconf(_SC_LOGIN_NAME_MAX)`, which is the maximum
username length supported by the kernel.

Resolves: https://github.com/shadow-maint/shadow/issues/674

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
fb8f44d73f libmisc: call active_sessions_count() 
Replace the utmp dependent code with the call to
`active_sessions_count()`.

Resolves: https://github.com/shadow-maint/shadow/issues/674

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
ede0665a5a libmisc: implement active_sessions_count() 
Implement `active_sessions_count()` in `utmp.c` and `logind.c`.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
1f368e1c18 utmp: update update_utmp() 
Remove `utmp` structure as an argument and include its logic inside the
function. This will help remove any reference to utmp from login.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
6b7108e347 utmp: move update_utmp 
The functionality from this function is related to utmp. Restrict access
to `setutmp()` to the same file.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00