VesperOS/shadow
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,149 Commits 10 Branches 149 Tags
328958ca0168e3ce29509efeb190961d3affcc8f
Commit Graph

3149 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alejandro Colomar
328958ca01 sizeof.h: Move sizeof()-related macros to their own header 
Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-01 09:39:23 +02:00
Alejandro Colomar
246edc0481 memzero.h: Remove no-op assignment 
memset(3) returns the input pointer.  The assignment was effectively a
no-op, and just confused the code.

Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-01 09:39:23 +02:00
Alejandro Colomar
2daa6cc65d memzero.[ch]: Define memzero() and strzero() as inline functions 
There's no need to have these as macros, so use functions, which are a
lot safer: there's no need to worry about multiple evaluation of args,
and there's also more type safety.  Compiler warnings are also simpler,
as they don't dump all the nested macros.

Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-01 09:39:23 +02:00
Alejandro Colomar
fca2fd65c0 memzero.h: Remove outdated comments 
These comments were wrong.  Remove them instead of fixing them, since
now that we have this small header file, it's much easier to follow the
preprocessor conditionals.

Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-01 09:39:23 +02:00
Alejandro Colomar
6b11077f09 memzero.h: Move memzero() and strzero() to their own header 
Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-09-01 09:39:23 +02:00
Alejandro Colomar
093fb605f9 lib: Merge libmisc into libshadow 
The separation was unnecessary, and caused build problems.  Let's go
wild and obliterate the library.  The files are moved to libshadow.

Scripted change:

$ find libmisc/ -type f \
| grep '\.[chy]$' \
| xargs mv -t lib;

Plus updating the Makefile and other references.  While at it, I've
sorted the sources lists.

Link: <https://github.com/shadow-maint/shadow/pull/792>
Reported-by: David Seifert <soap@gentoo.org>
Cc: Sam James <sam@gentoo.org>
Cc: Christian Bricart <christian@bricart.de>
Cc: Michael Vetter <jubalh@iodoru.org>
Cc: Robert Förster <Dessa@gmake.de>
[ soap tested the Gentoo package ]
Tested-by: David Seifert <soap@gentoo.org>
Acked-by: David Seifert <soap@gentoo.org>
Acked-by: Serge Hallyn <serge@hallyn.com>
Acked-by: Iker Pedrosa <ipedrosa@redhat.com>
Acked-by: <lslebodn@fedoraproject.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-08-31 08:55:26 +02:00
Alejandro Colomar
c34c2606cf lib, libmisc: Move source files to lib (where their headers were) 
Scripted change:

$ find lib/ -type f \
| grep '\.h$' \
| sed 's,lib/,libmisc/,' \
| sed 's,\.h$,.c,' \
| xargs find 2>/dev/null \
| xargs mv -t lib/;

Plus updating the Makefiles.

Closes: <https://github.com/shadow-maint/shadow/issues/791>
Closes: <https://bugs.gentoo.org/912446>
Link: <https://github.com/shadow-maint/shadow/issues/763#issuecomment-1664383425>
Link: <https://github.com/shadow-maint/shadow/pull/776>
Link: <d0518cc250>
Reported-by: Christian Bricart <christian@bricart.de>
Reported-by: Robert Marmorstein <robert@marmorstein.org>
Cc: Sam James <sam@gentoo.org>
[ jubalh tested the openSUSE package ]
Tested-by: Michael Vetter <jubalh@iodoru.org>
Acked-by: Michael Vetter <jubalh@iodoru.org>
[ Robert F. tested the Gentoo package ]
Tested-by: Robert Förster <Dessa@gmake.de>
Cc: David Seifert <soap@gentoo.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-08-30 17:22:38 +02:00
Christian Göttsche
f76c31f50e Avoid usage of sprintf 
sprintf(3) does not take the destination buffer into account. Although
the destination in these case is large enough, sprintf(3) indicates a
code smell.

Use snprintf(3).
 2023-08-21 16:04:09 -05:00
Christian Göttsche
e0d3ba6934 commonio: check for path truncations 
Bail out if the paths generated for the backup and replacement database
are truncated.
 2023-08-21 15:56:44 -05:00
Christian Göttsche
54ab542887 lib/btrfs: avoid NULL-dereference 
btrfs.c:42:13: warning: use of NULL 'cmd' where non-null expected [CWE-476] [-Wanalyzer-null-argument]

Reviewed-by: Alejandro Colomar <alx@kernel.org>
 2023-08-21 14:05:34 -05:00
Christian Göttsche
a08021eb0e lib/commonio: drop dead store 
commonio.c:522:15: warning: Although the value stored to 'cp' is used in the enclosing expression, the value is never actually read from 'cp' [deadcode.DeadStores]

Reviewed-by: Alejandro Colomar <alx@kernel.org>
 2023-08-21 14:05:27 -05:00
Christian Göttsche
931e7c0c2f login: use strlcpy to always NUL terminate 
login.c:728:25: warning: ‘strncpy’ specified bound 256 equals destination size [-Wstringop-truncation]

Reviewed-by: Alejandro Colomar <alx@kernel.org>
 2023-08-21 14:05:18 -05:00
Christian Göttsche
15f4421f10 lib: avoid dropping const qualifier during cast 
subordinateio.c:360:20: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      360 |         range1 = (*(struct commonio_entry **) p1)->eptr;
          |                    ^
    subordinateio.c:364:20: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      364 |         range2 = (*(struct commonio_entry **) p2)->eptr;
          |                    ^

    groupio.c:215:15: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      215 |         if ((*(struct commonio_entry **) p1)->eptr == NULL) {
          |               ^
    groupio.c:218:15: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      218 |         if ((*(struct commonio_entry **) p2)->eptr == NULL) {
          |               ^
    groupio.c:222:34: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      222 |         u1 = ((struct group *) (*(struct commonio_entry **) p1)->eptr)->gr_gid;
          |                                  ^
    groupio.c:223:34: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      223 |         u2 = ((struct group *) (*(struct commonio_entry **) p2)->eptr)->gr_gid;
          |                                  ^

    pwio.c:187:15: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      187 |         if ((*(struct commonio_entry **) p1)->eptr == NULL)
          |               ^
    pwio.c:189:15: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      189 |         if ((*(struct commonio_entry **) p2)->eptr == NULL)
          |               ^
    pwio.c:192:35: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      192 |         u1 = ((struct passwd *) (*(struct commonio_entry **) p1)->eptr)->pw_uid;
          |                                   ^
    pwio.c:193:35: warning: cast discards 'const' qualifier from pointer target type [-Wcast-qual]
      193 |         u2 = ((struct passwd *) (*(struct commonio_entry **) p2)->eptr)->pw_uid;
          |                                   ^

Reviewed-by: Alejandro Colomar <alx@kernel.org>
 2023-08-21 13:54:27 -05:00
Christian Göttsche
856ffcfa5e Drop unnecessary cast to same type 2023-08-21 11:43:30 +02:00
Christian Göttsche
35edae5892 Declare usage and failure handler noreturn 
Assist static analyzers in understanding final code paths.
 2023-08-21 11:43:18 +02:00
Christian Göttsche
1aaa4ec5ba lib/tcbfuncs: operate on file descriptor rather than path 2023-08-21 11:29:17 +02:00
Alejandro Colomar
f45498a6c2 libmisc/write_full.c: Improve write_full() 
Documentation:

-  Correct the comment documenting the function:

   write_full() doesn't write "up to" count bytes (which is write(2)'s
   behavior, and exactly what this function is designed to avoid), but
   rather exactly count bytes (on success).

-  While fixing the documentation, take the time to add a man-page-like
   comment as in other APIs.  Especially, since we'll have to document
   a few other changes from this patch, such as the modified return
   values.

-  Partial writes are still possible on error.  It's the caller's
   responsibility to handle that possibility.

API:

-  In write(2), it's useful to know how many bytes were transferred,
   since it can have short writes.  In this API, since it either writes
   it all or fails, that value is useless, and callers only want to know
   if it succeeded or not.  Thus, just return 0 or -1.

Implementation:

-  Use `== -1` instead of `< 0` to check for write(2) syscall errors.
   This is wisdom from Michael Kerrisk.  This convention is useful
   because it more explicitly tells maintainers that the only value
   which can lead to that path is -1.  Otherwise, a maintainer of the
   code might be confused to think that other negative values are
   possible.  Keep it simple.

-  The path under `if (res == 0)` was unreachable, since the loop
   condition `while (count > 0)` precludes that possibility.  Remove the
   dead code.

-  Use a temporary variable of type `const char *` to avoid a cast.

-  Rename `res`, which just holds the result from write(2), to `w`,
   which more clearly shows that it's just a very-short-lived variable
   (by it's one-letter name), and also relates itself more to write(2).
   I find it more readable.

-  Move the definition of `w` to the top of the function.  Now that the
   function is significantly shorter, the lifetime of the variable is
   clearer, and I find it more readable this way.

Use:

-  Also use `== -1` to check errors.

Cc: Christian Göttsche <cgzones@googlemail.com>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
 2023-08-18 20:35:15 -05:00
Heiko Becker
890f911e17 Replace __{BEGIN,END}_DECLS with #ifdef __cplusplus 
Fixes the build with musl libc.
 2023-08-18 18:04:11 -05:00
Serge Hallyn
014536f5d5 release 4.14.0 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0 		2023-08-15 21:38:30 -05:00
Serge Hallyn
ca0f828e7a pre-release 4.14.0-rc5 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc5 		2023-08-14 11:51:36 -05:00
Serge Hallyn
ebad5f840a configure.ac: check for strlcpy 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-14 09:08:35 -05:00
Michael Vetter
ae2a4507ed Remove intree website 
AFAIK these files were not used in a while.
On 2023-04-27 we also archived the GitHub pages based repo:
https://github.com/shadow-maint/shadow-www

In 1654f42194 we mention the regular repo URL as our home page.

Also see:
https://github.com/shadow-maint/shadow/issues/114
 2023-08-14 07:06:51 -05:00
Serge Hallyn
c1924dc5a1 4.14.0-rc4 pre-release 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc4 		2023-08-12 23:17:52 -05:00
Serge Hallyn
ee3e6112d3 Releases: add etc/shadow-maint to distfiles 
Closes #784

Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-12 23:16:56 -05:00
Serge Hallyn
2492fc00d4 4.14.0-rc3 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc3 		2023-08-10 09:33:07 -05:00
Iker Pedrosa
776bbd0ccb libmisc: include freezero 
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
0e0a310acf libmisc: add freezero source code 
If shadow is built without libbsd support, then freezero() needs to be
provided from the project.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
7d5eeb2135 libmisc: add readpassphrase source code 
If shadow is built without libbsd support, then readpassphrase() needs
to be provided from the project.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
c408c4ad3d configure: add with-libbsd option 
It enables the build with libbsd support. By default it is enabled.

Resolves: https://github.com/shadow-maint/shadow/issues/779

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-10 09:29:17 -05:00
Iker Pedrosa
6ddd10482b man: include shadow-man.xsl in tarball 
This will help generate man pages from tarball.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-09 21:33:21 -05:00
Iker Pedrosa
8e17459fa1 man: include its.rules in tarball 
This will help generate the man pages from tarball.

Resolves: https://github.com/shadow-maint/shadow/issues/781

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-09 21:33:21 -05:00
Iker Pedrosa
c89b326350 autogen: enable lastlog build 
Add "--enable-lastlog" to include lastlog man pages in tarball.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-07 09:42:11 -05:00
Christian Göttsche
969549fdf0 Add wrapper for write(2) 
write(2) may not write the complete given buffer.  Add a wrapper to
avoid short writes.
 2023-08-04 17:15:42 -05:00
Serge Hallyn
d63f3a0c0a tag 4.14.0-rc2 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc2 		2023-08-04 16:24:54 -05:00
Michael Vetter
d0518cc250 Add new files to libmisc_la_SOURCES 
Resolves https://github.com/shadow-maint/shadow/issues/763
 2023-08-04 15:39:55 -05:00
Serge Hallyn
4107c49ecd Add a make dist CI test 
Add a CI test to check that make dist builds a usable tarball.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-04 14:15:49 -05:00
Serge Hallyn
95296dfd67 4.14.0-rc1 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
4.14.0-rc1 		2023-08-03 11:28:59 -05:00
Serge Hallyn
cf5596fc79 remove xmalloc.c from POTFILES.in 
Signed-off-by: Serge Hallyn <serge@hallyn.com>
 2023-08-03 11:28:54 -05:00
Iker Pedrosa
f2155fadf1 logoutd: add missing <utmp.h> include 
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
02e3e04205 CI: compile old utmp interface in Fedora 
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
50affc546f src: add SELINUX library 
With the recent changes both login and su compilation fail because there
are some missing dependencies from SELINUX library. Thus, add LIBSELINUX
to su and login for those cases where the library is used.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
78c09e3afe libmisc: conditionally compile utmp.c and logind.c 
Depending on the configuration option selected.

Resolves: https://github.com/shadow-maint/shadow/issues/674

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
3b7cc05387 lib: replace USER_NAME_MAX_LENGTH macro 
Replace it by `sysconf(_SC_LOGIN_NAME_MAX)`, which is the maximum
username length supported by the kernel.

Resolves: https://github.com/shadow-maint/shadow/issues/674

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
fb8f44d73f libmisc: call active_sessions_count() 
Replace the utmp dependent code with the call to
`active_sessions_count()`.

Resolves: https://github.com/shadow-maint/shadow/issues/674

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
ede0665a5a libmisc: implement active_sessions_count() 
Implement `active_sessions_count()` in `utmp.c` and `logind.c`.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
1f368e1c18 utmp: update update_utmp() 
Remove `utmp` structure as an argument and include its logic inside the
function. This will help remove any reference to utmp from login.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
6b7108e347 utmp: move update_utmp 
The functionality from this function is related to utmp. Restrict access
to `setutmp()` to the same file.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
b6ca83ea4c utmp: move failtmp() 
The functionality from this function is related to btmp.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
f40bdfa66a libmisc: implement get_session_host() 
Implement `get_session_host()` in `utmp.c` and `logind.c`.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00
Iker Pedrosa
fb35ad15ae configure: new option enable-logind 
Create new configuration option `enable-logind` to select which session
support functionality to build, logind or utmp. By default the option is
logind.

Resolves: https://github.com/shadow-maint/shadow/issues/674

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
 2023-08-02 10:13:28 -05:00