Release 4.14.1

The same thing, but this time, it's official. :) Link: <https://lists.sr.ht/~hallyn/shadow/%3Cphikwsgcwerp4anb4qpfkruwqqy4rqsmowv6pi23m5rqvhxw4i%40yuexyhynkim3%3E> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Release 4.14.1-alx
2023-09-25 17:55:14 +02:00 · 2023-09-18 14:50:02 +02:00 · 2023-09-10 14:13:01 +02:00 · 2023-09-10 14:12:54 +02:00 · 2023-08-15 21:38:30 -05:00 · 2023-08-14 11:51:36 -05:00
494 changed files with 10277 additions and 11361 deletions
@@ -9,9 +9,11 @@ packages:
  - gettext
  - gettext-dev
  - gettext-lang
  - libbsd-dev
  - libcap-dev
  - libtool
  - linux-pam-dev
  - pkgconf
  - sed
 sources:
  - https://github.com/shadow-maint/shadow
@@ -8,10 +8,12 @@ packages:
  - gettext
  - gettext-devel
  - git
  - libbsd-devel
  - libselinux-devel
  - libsemanage-devel
  - libtool
  - libxslt
  - pkgconf
 sources:
  - https://github.com/shadow-maint/shadow
 tasks:
@@ -3,11 +3,13 @@ packages:
  - automake
  - autopoint
  - xsltproc
  - libbsd-dev
  - libselinux1-dev
  - gettext
  - expect
  - byacc
  - libtool
  - pkgconf
 sources:
  - https://github.com/shadow-maint/shadow
 tasks:
@@ -3,11 +3,13 @@ packages:
  - automake
  - autopoint
  - xsltproc
  - libbsd-dev
  - libselinux1-dev
  - gettext
  - expect
  - byacc
  - libtool
  - pkgconf
 sources:
  - https://github.com/shadow-maint/shadow
 tasks:
@@ -0,0 +1,4 @@
 root = true
 [*.{c,h}]
 indent_style = tab
@@ -6,7 +6,7 @@ runs:
  - shell: bash
    run: |
      sudo apt-get update -y
-      sudo apt-get install -y ubuntu-dev-tools
+      sudo apt-get install -y ubuntu-dev-tools libbsd-dev
      sudo sed -Ei 's/^# deb-src /deb-src /' /etc/apt/sources.list
      sudo apt-get update -y
      sudo apt-get -y build-dep shadow
@@ -0,0 +1,108 @@
 name: CI
 on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]
  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: debug
      run: |
        id
        which bash
        whoami
        env
        ps -ef
        pwd
        cat /proc/self/uid_map
        cat /proc/self/status
        systemd-detect-virt
    - name: Install dependencies
      run: |
        sudo cat /etc/apt/sources.list
        sudo sed -i '/deb-src/d' /etc/apt/sources.list
        sudo sed -i '/^deb /p;s/ /-src /' /etc/apt/sources.list
        export DEBIAN_PRIORITY=critical
        export DEBIAN_FRONTEND=noninteractive
        # let's try to work around upgrade breakage in a pkg we don't care about
        sudo apt-mark hold grub-efi-amd64-bin grub-efi-amd64-signed
        sudo apt-get update
        sudo apt-get -y dist-upgrade
        sudo apt-get -y install ubuntu-dev-tools automake autopoint xsltproc gettext expect byacc libtool libbsd-dev pkgconf
        sudo apt-get -y build-dep shadow
    - name: configure
      run: |
        autoreconf -v -f --install
        ./autogen.sh --without-selinux --disable-man --with-yescrypt
    - run: make
    - run: make install DESTDIR=${HOME}/rootfs
    - run: sudo make install
    - name: run tests in shell with tty
      shell: 'script -q -e -c "bash {0}"'
      run: |
        set -e
        cd tests
        sudo ./run_some
        cat testsuite.log
  # Make sure that 'make dist' makes a usable tarball with no missing files
  dist-build:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout repository
      uses: actions/checkout@v3
    - name: Install dependencies
      run: |
        sudo cat /etc/apt/sources.list
        sudo sed -i '/deb-src/d' /etc/apt/sources.list
        sudo sed -i '/^deb /p;s/ /-src /' /etc/apt/sources.list
        export DEBIAN_PRIORITY=critical
        export DEBIAN_FRONTEND=noninteractive
        # let's try to work around upgrade breakage in a pkg we don't care about
        sudo apt-mark hold grub-efi-amd64-bin grub-efi-amd64-signed
        sudo apt-get update
        sudo apt-get -y dist-upgrade
        sudo apt-get -y install ubuntu-dev-tools automake autopoint xsltproc gettext expect byacc libtool libbsd-dev pkgconf
        sudo apt-get -y build-dep shadow
    - name: Test make dist
      run: |
        ./autogen.sh
        make dist
        f=shadow-*.tar.gz
        tar -zxf $f
        d=$(basename $f .tar.gz)
        cd $d
        ./configure
        make -j5
  container-build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        os: [alpine, debian, fedora]
    steps:
    - name: Checkout repository
      uses: actions/checkout@v3
    - name: Build container
      run: |
        docker buildx build -f ./share/containers/${{ matrix.os }}.dockerfile . --output build-out
    - name: Store artifacts
      uses: actions/upload-artifact@v3
      with:
        name: ${{ matrix.os }}-build
        path: |
          ./build-out/config.log
          ./build-out/config.h
        if-no-files-found: ignore
@@ -14,7 +14,7 @@ jobs:
      security-events: write
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
    - name: Install dependencies
      id: dependencies
@@ -32,19 +32,20 @@ jobs:
    - name: Build shadow-utils
      run: |
        PROCESSORS=$(/usr/bin/getconf _NPROCESSORS_ONLN)
-        make -j$PROCESSORS
+        make -kj$PROCESSORS || true
    - name: Check build errors
      run: make
    - name: Perform CodeQL Analysis
      uses: github/codeql-action/analyze@v2
  differential-shellcheck:
    if: github.event_name == 'pull_request'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      security-events: write
      pull-requests: write
    steps:
      - name: Checkout repository
@@ -47,5 +47,5 @@ Makefile.in
 /shadow.spec
 /shadow-*.tar.*
-/libmisc/getdate.c
+/lib/getdate.c
 /libsubid/subid.h
@@ -36,7 +36,7 @@ addons:
    notification_email: christian.brauner@ubuntu.com,serge@hallyn.com
    build_command_prepend: "./autogen.sh --without-selinux --disable-man"
-    build_command: "make -j4"
+    build_command: "make -kj4 || make"
    branch_pattern: master
 script:
@@ -3,6 +3,7 @@ reports and various comments. This list may be incomplete, I received
 a lot of mail...
 # Maintainers
 * Marek Michałkiewicz <marekm72@gmail.com> (1995-2000)
 * Tomasz Kłoczko <kloczek@pld.org.pl> (2000-2007)
 * Nicolas François <nicolas.francois@centraliens.net> (2007-2014)
 * Serge E. Hallyn <serge@hallyn.com> (2014-now)
@@ -9558,7 +9558,7 @@
 	* NEWS: release date corrected.
 	* NEWS, src/su.c:
-	fixed set enviroment too early when using PAM, so move it to !USE_PAM
+	fixed set environment too early when using PAM, so move it to !USE_PAM
 	(patch submitted by Mike Frysinger <vapier@gentoo.org>).
 2006-07-30  Tomasz Kłoczko  <kloczek@pld.org.pl>
@@ -10245,7 +10245,7 @@
 	* NEWS: cleanups.
 	* autogen.sh:
-	by default in development enviroment use CFLAGS="-O2 -Wall".
+	by default in development environment use CFLAGS="-O2 -Wall".
 	* src/chgpasswd.c (main): remove two unused variables (newgr and now).
@@ -11654,7 +11654,7 @@
 	in OPTIONS section). Describe -a and -k options.
 	* NEWS, src/su.c:
-	fixed twice copy enviroment which causes auth problems (bug was introduced in 4.0.12;
+	fixed twice copy environment which causes auth problems (bug was introduced in 4.0.12;
 	fix by Nicolas François <nicolas.francois@centraliens.net>).
 	* src/passwd.c, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/nn.po, po/pl.po, po/pt.po, po/pt_BR.po, po/ro.po, po/ru.po, po/sk.po, po/sq.po, po/sv.po, po/tl.po, po/tr.po, po/uk.po, po/vi.po, po/zh_CN.po, po/zh_TW.po, po/bs.po, po/ca.po, po/cs.po, po/da.po, po/de.po, po/el.po, po/es.po, po/eu.po, po/fi.po, po/fr.po, po/he.po, po/id.po, po/it.po:
@@ -12584,7 +12584,7 @@
 	http://bugs.debian.org/48002
 	* src/login.c, NEWS:
-	fixed loggin of username on succesful login (was using the normal username,
+	fixed loggin of username on successful login (was using the normal username,
 	when it should have used pam_user) http://bugs.debian.org/47819
 2005-06-02  Tomasz Kłoczko  <kloczek@pld.org.pl>
@@ -13029,7 +13029,7 @@
 	* man/pl/usermod.8: finish sync with english version.
 	* man/hu/login.1, man/pl/login.1, NEWS, man/Attic/login.1, man/de/login.1:
-	removed fragment about abilities pass enviroment variables in login prompt.
+	removed fragment about abilities pass environment variables in login prompt.
 	* man/Attic/gpasswd.1, man/Attic/newgrp.1:
 	fixes by Nicolas Nicolas François <nicolas.francois@centraliens.net> (not all
@@ -13508,7 +13508,7 @@
 	removed not used translations.
 	* NEWS, src/su.c:
-	fix adding of pam_env env variables to enviroment (Martin Schlemmer <azarah@nosferatu.za.org>).
+	fix adding of pam_env env variables to environment (Martin Schlemmer <azarah@nosferatu.za.org>).
 	* NEWS, configure.in:
 	fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables which was allways
@@ -13605,7 +13605,7 @@
 	* NEWS, src/su.c:
 	add pam_open_session() support. If builded without PAM support
-	propagate $DISPLAY and $XAUTHORITY enviroment variables.
+	propagate $DISPLAY and $XAUTHORITY environment variables.
 	Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
 2004-10-23  Tomasz Kłoczko  <kloczek@pld.org.pl>
@@ -2,7 +2,7 @@
 EXTRA_DIST = NEWS README TODO shadow.spec.in
-SUBDIRS = libmisc lib
+SUBDIRS = lib
 if ENABLE_SUBIDS
 SUBDIRS += libsubid
@@ -696,7 +696,7 @@ shadow-4.0.18 -> shadow-4.0.18.1					03-08-2006
 shadow-4.0.17 -> shadow-4.0.18						01-08-2006
 *** general:
- su: fixed set enviroment too early when using PAM, so move it to !USE_PAM
+- su: fixed set environment too early when using PAM, so move it to !USE_PAM
  (patch submitted by Mike Frysinger <vapier@gentoo.org>),
 - groupadd, groupmod, useradd, usermod: fixed UID/GID overflow (fixed
  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=198920)
@@ -855,7 +855,7 @@ shadow-4.0.14 -> shadow-4.0.15						13-03-2006
 - su: move exit() outside libmisc/shell.c::shell() for handle shell() errors
  on higher level (now is better visable where some programs exit with 126
  and 127 exit codes); added new shell() parameter (char *const envp[])
-  which allow fix preserving enviroment in su on using -p, (patch by
+  which allow fix preserving environment in su on using -p, (patch by
  Alexander Gattin <xrgtn@yandex.ru>),
 - su: added handle -c,--command option for GNU su compliance (merge
  437_su_-c_option Debian patch),
@@ -966,7 +966,7 @@ shadow-4.0.12 -> shadow-4.0.13						10-10-2005
  to example described in ident(1) man page (modern compilers like latest GCC
  removes not used functions by global optimization).
  So "ident /usr/bin/passwd" will show again some useable informations
- su: fixed twice copy enviroment which causes auth problems
+- su: fixed twice copy environment which causes auth problems
  (bug was introduced in 4.0.12; fix by Nicolas François <nicolas.francois@centraliens.net>),
 - chage: differentiate the different failure causes by the exit value
  This will permit to adduser Debian script to detect if chage failed because the
@@ -1133,7 +1133,7 @@ shadow-4.0.9 -> shadow-4.0.10						28-06-2005
  http://bugs.debian.org/53702
 - login: check for hushed login and pass PAM_SILENT if true,
  http://bugs.debian.org/48002
- login: fixed username on succesful login (was using the normal username,
+- login: fixed username on successful login (was using the normal username,
  when it should have used pam_user) http://bugs.debian.org/47819
 - remove using SHADOWPWD #define so now shadow is always built with shadow
  password support,
@@ -1212,7 +1212,7 @@ shadow-4.0.7 -> shadow-4.0.8						26-04-2005
  (without gshadow) doesn't permit to use newgrp,
 - newgrp(1): newgrp uses /bin/sh (not bash),
 - faillog(8): updated after rewritten faillog command for use getopt_long(),
- login(1): removed fragment about abilities pass enviroment variables in login prompt,
+- login(1): removed fragment about abilities pass environment variables in login prompt,
 - gshadow(5): new file (by Nicolas Nicolas François <nicolas.francois@centraliens.net>),
 - usermod(8): fixed #302388 Debian bug: added separated -o option description,
@@ -1242,7 +1242,7 @@ shadow-4.0.6 -> shadow-4.0.7						26-01-2005
 shadow-4.0.5 -> shadow-4.0.6						08-11-2004
- su: fixed adding of pam_env env variables to enviroment
+- su: fixed adding of pam_env env variables to environment
  (Martin Schlemmer <azarah@nosferatu.za.org>),
 - autoconf: fixed filling MAIL_SPOOL_DIR and MAIL_SPOOL_FILE variables
  which was always empty (Gregorio Guidi <g.guidi@sns.it>),
@@ -1275,7 +1275,7 @@ shadow-4.0.4.1 -> shadow-4.0.5						27-10-2004
  including symlinks placed into /etc/skel/public_html for example.
  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=66819
 - su: add pam_open_session() support. If built without PAM support
-  propagate $DISPLAY and $XAUTHORITY enviroment variables.
+  propagate $DISPLAY and $XAUTHORITY environment variables.
  Based on http://www.gentoo.org/cgi-bin/viewcvs.cgi/sys-apps/shadow/files/shadow-4.0.4.1-su-pam_open_session.patch?rev=1.1
 - applied 036_pam_access_with_preauth.patch Debian patch submited by Bjorn
  Torkelsson <Bjorn.Torkelsson@hpc2n.umu.se>: add support for PAM account
@@ -31,6 +31,11 @@ There are several ways to contact us:
  https://alioth-lists-archive.debian.net/pipermail/pkg-shadow-commits/),
  only used for historical purposes
 ## Contributions
 Contributions are welcome. Follow the
 [guidelines](doc/contributions/introduction.md) before posting any patches.
 ## Authors and maintainers
 Authors and maintainers are listed in [AUTHORS.md](
 https://github.com/shadow-maint/shadow/blob/master/AUTHORS.md).
@@ -9,3 +9,4 @@ At the moment only the latest release is supported.
 Security vulnerabilities may be reported to
 * Serge Hallyn <serge@hallyn.com> (B175CFA98F192AF2)
 * Christian Brauner <christian@brauner.io> (4880B8C9BD0E5106FC070F4F7B3C391EFEA93624)
 * Iker Pedrosa <ipedrosa@redhat.com> (4E80EF49C7987B6DE2F81F5005079C6C3A653E57)
@@ -10,13 +10,13 @@
 Check when RLOGIN is enabled if ruserok() exists
-Move selinux_file_context out of libmisc/copydir.c
+Move selinux_file_context out of lib/copydir.c
 Review hardcoded root account?
 review all call to strto
-libmisc/cleanup_user.c
+lib/cleanup_user.c
 	cleanup needed (cleanup_report_add_user* not used)
@@ -4,6 +4,7 @@ autoreconf -v -f --install || exit 1
 ./configure \
 	CFLAGS="-O2 -Wall" \
 	--enable-lastlog \
 	--enable-man \
 	--enable-maintainer-mode \
 	--enable-shared \
@@ -4,7 +4,7 @@ m4_define([libsubid_abi_major], 4)
 m4_define([libsubid_abi_minor], 0)
 m4_define([libsubid_abi_micro], 0)
 m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
-AC_INIT([shadow], [4.13], [pkg-shadow-devel@lists.alioth.debian.org], [],
+AC_INIT([shadow], [4.14.1], [pkg-shadow-devel@lists.alioth.debian.org], [],
 	[https://github.com/shadow-maint/shadow])
 AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
 AC_CONFIG_MACRO_DIRS([m4])
@@ -36,31 +36,25 @@ LT_INIT
 dnl Checks for libraries.
 dnl Checks for header files.
-AC_HEADER_STDBOOL
+AC_CHECK_HEADERS(crypt.h utmp.h \
-
+	termio.h sgtty.h sys/ioctl.h paths.h \
-AC_CHECK_HEADERS(crypt.h errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
+	sys/capability.h sys/random.h \
-	utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
+	gshadow.h lastlog.h rpc/key_prot.h acl/libacl.h \
 	utime.h ulimit.h sys/capability.h sys/random.h sys/resource.h \
 	gshadow.h lastlog.h locale.h rpc/key_prot.h netdb.h acl/libacl.h \
 	attr/libattr.h attr/error_context.h)
 dnl shadow now uses the libc's shadow implementation
 AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
-AC_CHECK_FUNCS(arc4random_buf l64a fchmod fchown fsync futimes \
+AC_CHECK_FUNCS(arc4random_buf futimes \
 	getentropy getrandom getspnam getusershell \
-	getutent initgroups lckpwdf lutimes \
+	initgroups lckpwdf lutimes mempcpy \
-	setgroups updwtmp updwtmpx innetgr getpwnam_r \
+	setgroups updwtmp updwtmpx innetgr \
-	getpwuid_r getgrnam_r getgrgid_r getspnam_r \
+	getspnam_r \
-	memset_s explicit_bzero)
+	rpmatch \
 	memset_explicit explicit_bzero stpecpy stpeprintf)
 AC_SYS_LARGEFILE
 dnl Checks for typedefs, structures, and compiler characteristics.
 AC_CHECK_MEMBERS([struct stat.st_atim])
 AC_CHECK_MEMBERS([struct stat.st_atimensec])
 AC_CHECK_MEMBERS([struct stat.st_mtim])
 AC_CHECK_MEMBERS([struct stat.st_mtimensec])
 AC_STRUCT_TM
 AC_CHECK_MEMBERS([struct utmp.ut_type,
                  struct utmp.ut_id,
@@ -74,37 +68,11 @@ AC_CHECK_MEMBERS([struct utmp.ut_type,
                  struct utmp.ut_xtime,
                  struct utmp.ut_tv],,,[[#include <utmp.h>]])
 AC_CHECK_MEMBERS([struct utmpx.ut_name,
                  struct utmpx.ut_host,
                  struct utmpx.ut_syslen,
                  struct utmpx.ut_addr,
                  struct utmpx.ut_addr_v6,
                  struct utmpx.ut_time,
                  struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
 if test "$ac_cv_header_lastlog_h" = "yes"; then
 	AC_CACHE_CHECK(for ll_host in struct lastlog,
 		ac_cv_struct_lastlog_ll_host,
 		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
 					[struct lastlog ll; char *cp = ll.ll_host;]
 				)],
 			[ac_cv_struct_lastlog_ll_host=yes],
 			[ac_cv_struct_lastlog_ll_host=no]
 		)
 	)
 	if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
 		AC_DEFINE(HAVE_LL_HOST, 1,
 			[Define if struct lastlog has ll_host])
 	fi
 fi
 dnl Checks for library functions.
 AC_TYPE_GETGROUPS
 AC_FUNC_UTIME_NULL
-AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
+AC_REPLACE_FUNCS(putgrent putpwent putspent)
 AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
 AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
 AC_CHECK_FUNC(setpgrp)
 AC_CHECK_FUNC(secure_getenv, [AC_DEFINE(HAS_SECURE_GETENV,
@@ -116,6 +84,10 @@ if test "$ac_cv_header_shadow_h" = "yes"; then
 		ac_cv_libc_shadowgrp,
 		AC_RUN_IFELSE([AC_LANG_SOURCE([
 				#include <shadow.h>
 				#ifdef HAVE_GSHADOW_H
 				#include <gshadow.h>
 				#endif
 				int
 				main()
 				{
 					struct sgrp *sg = sgetsgent("test:x::");
@@ -191,7 +163,7 @@ AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
 	[Path to passwd program.])
 dnl XXX - quick hack, should disappear before anyone notices :).
-AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().])
+dnl XXX - I just read the above message :).
 if test "$ac_cv_func_ruserok" = "yes"; then
 	AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
 	AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
@@ -226,17 +198,6 @@ AC_ARG_ENABLE(account-tools-setuid,
 	[enable_acct_tools_setuid="no"]
 )
 AC_ARG_ENABLE(utmpx,
 	[AS_HELP_STRING([--enable-utmpx],
 	                [enable loggin in utmpx / wtmpx @<:@default=no@:>@])],
 	[case "${enableval}" in
 	 yes) enable_utmpx="yes" ;;
 	  no) enable_utmpx="no" ;;
 	   *) AC_MSG_ERROR(bad value ${enableval} for --enable-utmpx) ;;
 	 esac],
 	[enable_utmpx="no"]
 )
 AC_ARG_ENABLE(subordinate-ids,
 	[AS_HELP_STRING([--enable-subordinate-ids],
 		[support subordinate ids @<:@default=yes@:>@])],
@@ -244,6 +205,20 @@ AC_ARG_ENABLE(subordinate-ids,
 	[enable_subids="maybe"]
 )
 AC_ARG_ENABLE(lastlog,
 	[AS_HELP_STRING([--enable-lastlog],
 		[enable lastlog @<:@default=no@:>@])],
 	[enable_lastlog="${enableval}"],
 	[enable_lastlog="no"]
 )
 AC_ARG_ENABLE(logind,
 	[AS_HELP_STRING([--enable-logind],
 		[enable logind @<:@default=yes@:>@])],
 	[enable_logind="${enableval}"],
 	[enable_logind="yes"]
 )
 AC_ARG_WITH(audit,
 	[AS_HELP_STRING([--with-audit], [use auditing support @<:@default=yes if found@:>@])],
 	[with_audit=$withval], [with_audit=maybe])
@@ -292,6 +267,9 @@ AC_ARG_WITH(group-name-max-length,
 AC_ARG_WITH(su,
 	[AS_HELP_STRING([--with-su], [build and install su program and man page @<:@default=yes@:>@])],
 	[with_su=$withval], [with_su=yes])
 AC_ARG_WITH(libbsd,
 	[AS_HELP_STRING([--with-libbsd], [use libbsd support @<:@default=yes if found@:>@])],
 	[with_libbsd=$withval], [with_libbsd=yes])
 if test "$with_group_name_max_length" = "no" ; then
 	with_group_name_max_length=0
@@ -336,12 +314,12 @@ dnl Check for some functions in libc first, only if not found check for
 dnl other libraries.  This should prevent linking libnsl if not really
 dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
 AC_SEARCH_LIBS(inet_ntoa, inet)
 AC_SEARCH_LIBS(socket, socket)
 AC_SEARCH_LIBS(gethostbyname, nsl)
 AC_CHECK_LIB([econf],[econf_readDirs],[LIBECONF="-leconf"],[LIBECONF=""])
 if test -n "$LIBECONF"; then
        AC_DEFINE_UNQUOTED([VENDORDIR], ["$enable_vendordir"],
 					[Directory for distribution provided configuration files])
 	ECONF_CPPFLAGS="-DUSE_ECONF=1"
 	AC_ARG_ENABLE([vendordir],
 		AS_HELP_STRING([--enable-vendordir=DIR], [Directory for distribution provided configuration files]),,[])
@@ -349,6 +327,9 @@ fi
 AC_SUBST(ECONF_CPPFLAGS)
 AC_SUBST(LIBECONF)
 AC_SUBST([VENDORDIR], [$enable_vendordir])
 if test "x$enable_vendordir" != x; then
 	AC_DEFINE(HAVE_VENDORDIR, 1, [Define to support vendor settings.])
 fi
 AM_CONDITIONAL([HAVE_VENDORDIR], [test "x$enable_vendordir" != x])
 if test "$enable_shadowgrp" = "yes"; then
@@ -393,6 +374,39 @@ if test "$enable_subids" != "no"; then
 fi
 AM_CONDITIONAL(ENABLE_SUBIDS, test "x$enable_subids" != "xno")
 if test "$enable_lastlog" = "yes" && test "$ac_cv_header_lastlog_h" = "yes"; then
 	AC_CACHE_CHECK(for ll_host in struct lastlog,
 		ac_cv_struct_lastlog_ll_host,
 		AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <lastlog.h>],
 					[struct lastlog ll; char *cp = ll.ll_host;]
 				)],
 			[ac_cv_struct_lastlog_ll_host=yes],
 			[ac_cv_struct_lastlog_ll_host=no]
 		)
 	)
 	if test "$ac_cv_struct_lastlog_ll_host" = "yes"; then
 		AC_DEFINE(HAVE_LL_HOST, 1,
 			[Define if struct lastlog has ll_host])
 		AC_DEFINE(ENABLE_LASTLOG, 1, [Define to support lastlog.])
 		enable_lastlog="yes"
 	else
 		AC_MSG_ERROR([Cannot enable support for lastlog on systems where the data structures aren't available])
 		enable_subids="no"
 	fi
 fi
 AM_CONDITIONAL(ENABLE_LASTLOG, test "x$enable_lastlog" != "xno")
 AC_SUBST(LIBSYSTEMD)
 if test "$enable_logind" = "yes"; then
 	AC_CHECK_LIB(systemd, sd_session_get_remote_host,
 		[enable_logind="yes"; [LIBSYSTEMD=-lsystemd];
 		AC_DEFINE(ENABLE_LOGIND, 1,
 			[Define to manage session support with logind.])],
 		[enable_logind="no"])
 fi
 AM_CONDITIONAL(ENABLE_LOGIND, test "x$enable_logind" != "xno")
 AC_SUBST(LIBCRYPT)
 AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
 	[AC_MSG_ERROR([crypt() not found])])
@@ -401,6 +415,29 @@ AC_SUBST(LIYESCRYPT)
 AC_CHECK_LIB(crypt, crypt, [LIYESCRYPT=-lcrypt],
 	[AC_MSG_ERROR([crypt() not found])])
 AC_SUBST(LIBBSD)
 if test "$with_libbsd" != "no"; then
 	AC_SEARCH_LIBS([readpassphrase], [bsd], [], [
 		AC_MSG_ERROR([readpassphrase() is missing, either from libc or libbsd])
 	])
 	AS_IF([test "$ac_cv_search_readpassphrase" = "-lbsd"], [
 		PKG_CHECK_MODULES([LIBBSD], [libbsd-overlay])
 	])
 	dnl Make sure either the libc or libbsd provide the header.
 	save_CFLAGS="$CFLAGS"
 	CFLAGS="$CFLAGS $LIBBSD_CFLAGS"
 	AC_CHECK_HEADERS([readpassphrase.h])
 	AS_IF([test "$ac_cv_header_readpassphrase_h" != "yes"], [
 		AC_MSG_ERROR([readpassphrase.h is missing])
 	])
 	CFLAGS="$save_CFLAGS"
 	AC_DEFINE(WITH_LIBBSD, 1, [Build shadow with libbsd support])
 else
 	AC_DEFINE(WITH_LIBBSD, 0, [Build shadow without libbsd support])
 	AC_CHECK_FUNC(strlcpy, [], [AC_MSG_ERROR([strlcpy is required from glibc >= 2.38 or libbsd])])
 fi
 AM_CONDITIONAL(WITH_LIBBSD, test x$with_libbsd = xyes)
 AC_SUBST(LIBACL)
 if test "$with_acl" != "no"; then
 	AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
@@ -682,14 +719,7 @@ if test "$with_skey" = "yes"; then
 	]])],[AC_DEFINE(SKEY_BSD_STYLE, 1, [Define to support newer BSD S/Key API])],[])
 fi
-if test "$enable_utmpx" = "yes"; then
+AC_CHECK_FUNC(fgetpwent_r, [AC_DEFINE(HAVE_FGETPWENT_R, 1, [Defined to 1 if you have the declaration of 'fgetpwent_r'])])
 	if test "$ac_cv_header_utmpx_h" != "yes"; then
 		AC_MSG_ERROR([The utmpx.h header file is required for utmpx support.])
 	fi
 	AC_DEFINE(USE_UTMPX,
 	          1,
 	          [Define if utmpx should be used])
 fi
 AC_DEFINE_UNQUOTED(SHELL, ["$SHELL"], [The default shell.])
@@ -723,7 +753,6 @@ AC_CONFIG_FILES([
 	man/uk/Makefile
 	man/zh_CN/Makefile
 	man/zh_TW/Makefile
 	libmisc/Makefile
 	lib/Makefile
 	libsubid/Makefile
 	libsubid/subid.h
@@ -731,6 +760,7 @@ AC_CONFIG_FILES([
 	contrib/Makefile
 	etc/Makefile
 	etc/pam.d/Makefile
 	etc/shadow-maint/Makefile
 	shadow.spec
 ])
 AC_OUTPUT
@@ -757,6 +787,9 @@ echo "	yescrypt passwords encryption:	$with_yescrypt"
 echo "	nscd support:			$with_nscd"
 echo "	sssd support:			$with_sssd"
 echo "	subordinate IDs support:	$enable_subids"
 echo "	enable lastlog:			$enable_lastlog"
 echo "	enable logind:			$enable_logind"
 echo "	use file caps:			$with_fcaps"
 echo "	install su:			$with_su"
 echo "	enabled vendor dir:             $enable_vendordir"
 echo
@@ -2,5 +2,5 @@
 # and also cooperate to make a distribution for `make dist'
 EXTRA_DIST = README adduser.c adduser.sh adduser2.sh \
- atudel groupmems.shar pwdauth.c shadow-anonftp.patch \
+ atudel groupmems.shar shadow-anonftp.patch \
 udbachk.tgz
@@ -60,7 +60,7 @@
 ** Added in the password date field, which should always reflect the last
 **     date the password was changed, for expiry purposes.  "passwd" always
 **     updates this field, so the adduser program should set it up right
-**     initially (or a user could keep thier initial password forever ;)
+**     initially (or a user could keep their initial password forever ;)
 **     The number is in days since Jan 1st, 1970.
 **
 **                       Have fun with it, and someone please make
@@ -489,7 +489,7 @@ safeget (char *buf, int maxlen)
  while ((c = getc (stdin)) != EOF && (c != '\n') && (++i < maxlen))
    {
      bad = (!isalnum (c) && (c != '_') && (c != ' '));
-      *(buf++) = (char) c;
+      *(buf++) = c;
    }
  *buf = '\0';
@@ -1,308 +0,0 @@
 /*
 * pwdauth.c - program to verify a given username/password pair.
 *
 * Run it with username in argv[1] (may be omitted - default is the
 * current user), and send it the password over a pipe on stdin.
 * Exit status: 0 - correct password, 1 - wrong password, >1 - other
 * errors.  For use with shadow passwords, this program should be
 * installed setuid root.
 *
 * This can be used, for example, by xlock - you don't have to install
 * this large and complex (== possibly insecure) program setuid root,
 * just modify it to run this simple program to do the authentication.
 *
 * Recent versions (xlockmore-3.9) are cleaner, and drop privileges as
 * soon as possible after getting the user's encrypted password.
 * Using this program probably doesn't make it more secure, and has one
 * disadvantage: since we don't get the encrypted user's password at
 * startup (but at the time the user is authenticated), it is not clear
 * how we should handle errors (like getpwnam() returning NULL).
 * - fail the authentication?  Problem: no way to unlock (other than kill
 *   the process from somewhere else) if the NIS server stops responding.
 * - succeed and unlock?  Problem: it's too easy to unlock by unplugging
 *   the box from the network and waiting until NIS times out...
 *
 * This program is Copyright (C) 1996 Marek Michalkiewicz
 * <marekm@i17linuxb.ists.pwr.wroc.pl>.
 *
 * It may be used and distributed freely for any purposes.  There is no
 * warranty - use at your own risk.  I am not liable for any damages etc.
 * If you improve it, please send me your changes.
 */
 static char rcsid[] = "$Id$";
 /*
 * Define USE_SYSLOG to use syslog() to log successful and failed
 * authentication.  This should be safe even if your system has
 * the infamous syslog buffer overrun security problem...
 */
 #define USE_SYSLOG
 /*
 * Define HAVE_GETSPNAM to get shadow passwords using getspnam().
 * Some systems don't have getspnam(), but getpwnam() returns
 * encrypted passwords only if running as root.
 *
 * According to the xlock source (not tested, except Linux) -
 * define: Linux, Solaris 2.x, SVR4, ...
 * undef: HP-UX with Secured Passwords, FreeBSD, NetBSD, QNX.
 * Known not supported (yet): Ultrix, OSF/1, SCO.
 */
 #define HAVE_GETSPNAM
 /*
 * Define HAVE_PW_ENCRYPT to use pw_encrypt() instead of crypt().
 * pw_encrypt() is like the standard crypt(), except that it may
 * support better password hashing algorithms.
 *
 * Define if linking with libshadow.a from the shadow password
 * suite (Linux, SunOS 4.x?).
 */
 #undef HAVE_PW_ENCRYPT
 /*
 * Define HAVE_AUTH_METHODS to support the shadow suite specific
 * extension: the encrypted password field contains a list of
 * administrator defined authentication methods, separated by
 * semicolons.  This program only supports the standard password
 * authentication method (a string that doesn't start with '@').
 */
 #undef HAVE_AUTH_METHODS
 /*
 * FAIL_DELAY - number of seconds to sleep before exiting if the
 * password was wrong, to slow down password guessing attempts.
 */
 #define FAIL_DELAY 2
 /* No user-serviceable parts below :-).  */
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <unistd.h>
 #include <pwd.h>
 #ifdef USE_SYSLOG
 #include <syslog.h>
 #ifndef LOG_AUTHPRIV
 #define LOG_AUTHPRIV LOG_AUTH
 #endif
 #endif
 #ifdef HAVE_GETSPNAM
 #include <shadow.h>
 #endif
 #ifdef HAVE_PW_ENCRYPT
 extern char *pw_encrypt();
 #define crypt pw_encrypt
 #endif
 /*
 * Read the password (one line) from fp.  We don't turn off echo
 * because we expect input from a pipe.
 */
 static char *
 get_line(fp)
 	FILE *fp;
 {
 	static char buf[128];
 	char *cp;
 	int ch;
 	cp = buf;
 	while ((ch = getc(fp)) != EOF && ch != '\0' && ch != '\n') {
 		if (cp >= buf + sizeof buf - 1)
 			break;
 		*cp++ = ch;
 	}
 	*cp = '\0';
 	return buf;
 }
 /*
 * Get the password file entry for the current user.  If the name
 * returned by getlogin() is correct (matches the current real uid),
 * return the entry for that user.  Otherwise, return the entry (if
 * any) matching the current real uid.  Return NULL on failure.
 */
 static struct passwd *
 get_my_pwent()
 {
 	uid_t uid = getuid();
 	char *name = getlogin();
 	if (name && *name) {
 		struct passwd *pw = getpwnam(name);
 		if (pw && pw->pw_uid == uid)
 			return pw;
 	}
 	return getpwuid(uid);
 }
 /*
 * Verify the password.  The system-dependent shadow support is here.
 */
 static int
 password_auth_ok(pw, pass)
 	const struct passwd *pw;
 	const char *pass;
 {
 	int result;
 	char *cp;
 #ifdef HAVE_AUTH_METHODS
 	char *buf;
 #endif
 #ifdef HAVE_GETSPNAM
 	struct spwd *sp;
 #endif
 	if (pw) {
 #ifdef HAVE_GETSPNAM
 		sp = getspnam(pw->pw_name);
 		if (sp)
 			cp = sp->sp_pwdp;
 		else
 #endif
 			cp = pw->pw_passwd;
 	} else
 		cp = "xx";
 #ifdef HAVE_AUTH_METHODS
 	buf = strdup(cp);  /* will be modified by strtok() */
 	if (!buf) {
 		fprintf(stderr, "Out of memory.\n");
 		exit(13);
 	}
 	cp = strtok(buf, ";");
 	while (cp && *cp == '@')
 		cp = strtok(NULL, ";");
 	/* fail if no password authentication for this user */
 	if (!cp)
 		cp = "xx";
 #endif
 	if (*pass || *cp)
 		result = (strcmp(crypt(pass, cp), cp) == 0);
 	else
 		result = 1;  /* user with no password */
 #ifdef HAVE_AUTH_METHODS
 	free(buf);
 #endif
 	return result;
 }
 /*
 * Main program.
 */
 int
 main(argc, argv)
 	int argc;
 	char **argv;
 {
 	struct passwd *pw;
 	char *pass, *name;
 	char myname[32];
 #ifdef USE_SYSLOG
 	openlog("pwdauth", LOG_PID | LOG_CONS, LOG_AUTHPRIV);
 #endif
 	pw = get_my_pwent();
 	if (!pw) {
 #ifdef USE_SYSLOG
 		syslog(LOG_ERR, "can't get login name for uid %d.\n",
 		       (int) getuid());
 #endif
 		fprintf(stderr, "Who are you?\n");
 		exit(2);
 	}
 	strncpy(myname, pw->pw_name, sizeof myname - 1);
 	myname[sizeof myname - 1] = '\0';
 	name = myname;
 	if (argc > 1) {
 		name = argv[1];
 		pw = getpwnam(name);
 	}
 	pass = get_line(stdin);
 	if (password_auth_ok(pw, pass)) {
 #ifdef USE_SYSLOG
 		syslog(pw->pw_uid ? LOG_INFO : LOG_NOTICE,
 		       "user `%s' entered correct password for `%.32s'.\n",
 		       myname, name);
 #endif
 		exit(0);
 	}
 #ifdef USE_SYSLOG
 	/* be careful not to overrun the syslog buffer */
 	syslog((!pw || pw->pw_uid) ? LOG_NOTICE : LOG_WARNING,
 	       "user `%s' entered incorrect password for `%.32s'.\n",
 	       myname, name);
 #endif
 #ifdef FAIL_DELAY
 	sleep(FAIL_DELAY);
 #endif
 	fprintf(stderr, "Wrong password.\n");
 	exit(1);
 }
 #if 0
 /*
 * You can use code similar to the following to run this program.
 * Return values: >=0 - program exit status (use the <sys/wait.h>
 * macros to get the exit code, it is shifted left by 8 bits),
 * -1 - check errno.
 */
 int
 verify_password(const char *username, const char *password)
 {
 	int pipe_fd[2];
 	int pid, wpid, status;
 	if (pipe(pipe_fd))
 		return -1;
 	if ((pid = fork()) == 0) {
 		char *arg[3];
 		char *env[1];
 		/* child */
 		close(pipe_fd[1]);
 		if (pipe_fd[0] != 0) {
 			if (dup2(pipe_fd[0], 0) != 0)
 				_exit(127);
 			close(pipe_fd[0]);
 		}
 		arg[0] = "/usr/bin/pwdauth";
 		arg[1] = username;
 		arg[2] = NULL;
 		env[0] = NULL;
 		execve(arg[0], arg, env);
 		_exit(127);
 	} else if (pid == -1) {
 		/* error */
 		close(pipe_fd[0]);
 		close(pipe_fd[1]);
 		return -1;
 	}
 	/* parent */
 	close(pipe_fd[0]);
 	write(pipe_fd[1], password, strlen(password));
 	write(pipe_fd[1], "\n", 1);
 	close(pipe_fd[1]);
 	while ((wpid = wait(&status)) != pid) {
 		if (wpid == -1)
 			return -1;
 	}
 	return status;
 }
 #endif
@@ -26,7 +26,6 @@ New ideas to add to this list are welcome, too.  --marekm
 - vipw: check password files for errors after editing
 - add "maximum time users allowed to stay logged in" limit option to logoutd
 - handle quotes in /etc/environment like the shell does (but sshd doesn't...)
 - better utmpx support (logoutd, ...)
 - better OPIE support (report number of logins left, etc.)
 - new option for /etc/suauth: don't load user's environment (force "su -")
  suggested by Ulisses Alonso Camaro
@@ -0,0 +1,73 @@
 # Build & install
 The following page explains how to build and install the shadow project.
 Additional information on how to do this in a container environment is provided
 at the end of the page.
 ## Local
 ### Dependency installation
 This projects depends on other software packages that need to be installed
 before building it. We recommend using the dependency installation commands
 provided by the distributions to install them. Some examples below.
 Debian:
 ```
 apt-get build-dep shadow
 ```
 Fedora:
 ```
 dnf builddep shadow-utils
 ```
 An alternative would be to take a look at the CI workflow [file](../../.github/workflows/runner.yml)
 and get the package names from there. This has the advantage that it
 also includes new dependencies needed for the development version
 which might have not been present in the last release.
 ### Configure
 The first step is to configure it. You can use the
 `autogen.sh` script provided by the project. Example:
 ```
 ./autogen.sh --without-selinux --enable-man --with-yescrypt
 ```
 ### Build
 The next step is to build the project:
 ```
 make -j4
 ```
 ### Install
 The last step is to install it. We recommend avoiding this step and using a
 disposable system like a VM or a container instead.
 ```
 make install
 ```
 ## Containers
 Alternatively, you can use any of the preconfigured container images builders
 to build and install shadow.
 You can either generate a single image by running the following command from
 the root folder of the project (i.e. Alpine):
 ```
 docker build -f share/containers/alpine.dockerfile . --output build-out/alpine
 ```
 Or generate all of the images with the `container-build.sh` script, as if you
 were running some of the CI checks locally:
 ```
 share/container-build.sh
 ```
@@ -0,0 +1,25 @@
 # Continuous Integration (CI)
 Shadow runs a CI workflow every time a pull-request (PR) is updated. This
 workflow contains several checks to assure the quality of the project, and
 only pull-requests with green results are merged.
 ## Build & install
 The project is built & installed on Ubuntu, Alpine, Debian and Fedora. The last
 three distributions are built & installed on containers, and the workflow can
 be triggered locally by following the instructions specified in the
 [Build & install](build_install.md#containers) page.
 ## System tests
 The project is tested on Ubuntu. For that purpose it is built & installed in
 this distribution in a VM. You can run this step locally by following the
 instructions provided in the [Tests](tests.md#system-tests) page.
 ## Static code analysis
 C and shell static code analysis is also executed. For that purpose
 [CodeQL](https://codeql.github.com/) and
 [Differential ShellCheck](https://github.com/marketplace/actions/differential-shellcheck)
 are used.
@@ -0,0 +1,12 @@
 # Coding style
 * For a general guidance refer to the
 [Linux kernel coding style](https://www.kernel.org/doc/html/latest/process/coding-style.html)
 * Patches that change the existing coding style are not welcome, as they make
 downstream porting harder for the distributions
 ## Indentation
 Tabs are preferred over spaces for indentation. Loading the `.editorconfig`
 file in your preferred IDE may help you configure it.
@@ -0,0 +1,77 @@
 # Introduction
 ## Git and Github
 We recommend you to get familiar with the
 [git](https://guides.github.com/introduction/git-handbook) and
 [Github](https://guides.github.com) workflows before posting any changes.
 ### Set up in a nut shell
 The following steps describe the process in a nut shell to provide you a basic
 template:
 * Create an account on [GitHub](https://github.com)
 * Fork the [shadow repository](https://github.com/shadow-maint/shadow)
 * Clone the shadow repository
 ```
 git clone https://github.com/shadow-maint/shadow.git
 ```
 * Add your fork as an extra remote
 ```
 git remote add $ghusername git@github.com:$ghusername/shadow.git
 ```
 * Setup your name contact e-mail that you want to use for the development
 ```
 git config user.name "John Smith"
 git config user.email "john.smith@home.com"
 ```
 **Note**: this will setup the user information only for this repository. You
 can also add `--global` switch to the `git config` command to setup these
 options globally and thus making them available in every git repository.
 * Create a working branch
 ```
 git checkout -b my-changes
 ```
 * Commit changes
 ```
 vim change-what-you-need
 git commit -s
 ```
 Check
 [the kernel patches guide](https://www.kernel.org/doc/html/v4.14/process/submitting-patches.html#describe-your-changes)
 to get an idea on how to write a good commit message.
 * Push your changes to your GitHub repository
 ```
 git push $ghusername my-changes --force
 ```
 * Open a Pull Request against shadow project by clicking on the link provided
 in the output of the previous step
 * Make sure that all Continuous Integration checks are green and wait review
 ## Internal guidelines
 Additionally, you should also check the following internal guidelines to
 understand the project's development model:
 * [Build & install](build_install.md)
 * [Coding style](coding_style.md)
 * [Tests](tests.md)
 * [Continuous Integration](CI.md)
 * [Releases](releases.md)
 * [License](license.md)
@@ -0,0 +1,10 @@
 # License
 All new source code committed to the shadow project is assumed to be made
 available under the [BSD-3-Clause](../../COPYING) license unless the submitter
 specifies another license at that time. The shadow maintainers reserve the
 right to refuse a submission if the license is deemed incompatible with the
 goals of the project.
 **Note**: old code may be made available under another license, check the
 license tag for each file to get additional information.
@@ -0,0 +1,7 @@
 # Releases
 The shadow project doesn't follow any specific timeline to release new software
 versions. Usually, they are released when a major milestone is finished.
 Released source code, alongside the release notes, are provided in the
 [release Github page](https://github.com/shadow-maint/shadow/releases).
@@ -0,0 +1,18 @@
 # Tests
 Currently, shadow only provides system tests.
 ## System tests
 These type of tests are written in shell. Unfortunately, the testing framework
 is tightly coupled to the Ubuntu distribution and it can only be run in this
 distribution. Besides, if anything fails during the execution the system can
 be left in an unstable state. Taking that into account you shouldn't run this
 workflow in your host machine, we recommend to use a disposable system like a
 VM or a container instead.
 You can execute system tests by running:
 ```
 cd tests && ./run_all`.
 ```
@@ -1,15 +0,0 @@
 <head>
 <title>shadow - Welcome</title>
 </head>
 <body>
 <h2> Welcome!</h2>
 <p> This is the shadow tool suite home page. </p>
 <p>
 You can find releases <a href="https://github.com/shadow-maint/shadow/releases">here</a>.
 </p>
 <p>
 Raise issues, request features, and report bugs <a href="https://github.com/shadow-maint/shadow/issues">here</a>.
 </p>
 </body>
@@ -20,4 +20,4 @@ EXTRA_DIST = \
 	$(sysconf_DATA) \
 	$(default_DATA)
-SUBDIRS = pam.d
+SUBDIRS = pam.d shadow-maint
@@ -0,0 +1,5 @@
 shadowmaint_files = \
 	groupdel-pre.d/01-kill_group_procs.sh \
 	userdel-pre.d/01-kill_user_procs.sh
 EXTRA_DIST = $(shadowmaint_files)
@@ -0,0 +1,26 @@
 #!/bin/sh
 PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 GROUPID=`awk -F: '$1 == "'"${SUBJECT}"'" { print $3 }' /etc/group`
 if [ "${GROUPID}" = "" ]; then
    exit 0
 fi
 for status in /proc/*/status; do
    # either this isn't a process or its already dead since expanding the list
    [ -f "$status" ] || continue
    tbuf=${status%/status}
    pid=${tbuf#/proc/}
    case "$pid" in
        "$$") continue;;
        [0-9]*) :;;
        *) continue
    esac
    grep -q '^Groups:.*\b'"${GROUPID}"'\b.*' "/proc/$pid/status" || continue
    kill -9 "$pid" || echo "cannot kill $pid" 1>&2
 done
@@ -4,14 +4,17 @@ PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
 # Check user exists, and if so, send sigkill to processes that the user owns
-RUNNING=`ps -eo user | grep -Fx "$SUBJECT" | wc -l`
+ps -eo user >/dev/null 2>&1
-
+if [ $? -eq 0 ]; then
-# if the user does not exist, RUNNING will be 0
+    RUNNING=`ps -eo user | grep -Fx "$SUBJECT" | wc -l`
-
+    # if the user does not exist, RUNNING will be 0
-if [ "${RUNNING}x" = "0x" ]; then
+    if [ "${RUNNING}x" = "0x" ]; then
-  exit 0
+        exit 0
    fi
 fi
 # If there is no ps -eo, traverse the process directly.
 ls -1 /proc | while IFS= read -r PROC; do
  echo "$PROC" | grep -E '^[0-9]+$' >/dev/null
  if [ $? -ne 0 ]; then
@@ -5,57 +5,117 @@ DEFS =
 noinst_LTLIBRARIES = libshadow.la
 if USE_PAM
 LIBCRYPT_PAM = $(LIBCRYPT)
 else
 LIBCRYPT_PAM =
 endif
 AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS)
 libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS)
 if HAVE_VENDORDIR
 libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
 endif
 libshadow_la_CPPFLAGS += -I$(top_srcdir)
 libshadow_la_CFLAGS = $(LIBBSD_CFLAGS) $(LIBCRYPT_PAM) $(LIBSYSTEMD)
 libshadow_la_SOURCES = \
 	addgrps.c \
 	age.c \
 	agetpass.c \
 	alloc.c \
 	alloc.h \
 	audit_help.c \
 	basename.c \
 	bit.c \
 	bit.h \
 	chkname.c \
 	chkname.h \
 	chowndir.c \
 	chowntty.c \
 	cleanup.c \
 	cleanup_group.c \
 	cleanup_user.c \
 	commonio.c \
 	commonio.h \
 	console.c \
 	copydir.c \
 	csrand.c \
 	date_to_str.c \
 	defines.h \
 	encrypt.c \
 	entry.c \
 	env.c \
 	exitcodes.h \
 	faillog.h \
 	failure.c \
 	failure.h \
 	fields.c \
 	find_new_gid.c \
 	find_new_uid.c \
 	find_new_sub_gids.c \
 	find_new_sub_uids.c \
 	fputsx.c \
 	getdef.c \
 	getdef.h \
 	get_gid.c \
 	getlong.c \
 	get_pid.c \
 	get_uid.c \
 	getdate.h \
 	getdate.y \
 	getdef.c \
 	getdef.h \
 	getlong.c \
 	getgr_nam_gid.c \
 	getrange.c \
 	gettime.c \
 	getulong.c \
 	groupio.c \
 	groupmem.c \
 	groupio.h \
 	gshadow.c \
 	hushed.c \
 	idmapping.h \
 	idmapping.c \
 	isexpired.c \
 	limits.c \
 	list.c \
 	lockpw.c \
 	loginprompt.c \
 	mail.c \
 	mempcpy.c \
 	mempcpy.h \
 	motd.c \
 	myname.c \
 	nss.c \
 	nscd.c \
 	nscd.h \
-	shadowlog.c \
+	obscure.c \
 	shadowlog.h \
 	shadowlog_internal.h \
 	sssd.c \
 	sssd.h \
 	pam_defs.h \
 	pam_pass.c \
 	pam_pass_non_interactive.c \
 	port.c \
 	port.h \
 	prefix_flag.c \
 	prototypes.h \
 	pwauth.c \
 	pwauth.h \
 	pwio.c \
 	pwio.h \
 	pwd_init.c \
 	pwd2spwd.c \
 	pwdcheck.c \
 	pwmem.c \
 	remove_tree.c \
 	rlogin.c \
 	root_flag.c \
 	run_part.h \
 	run_part.c \
-	subordinateio.h \
+	salt.c \
 	subordinateio.c \
 	selinux.c \
 	semanage.c \
 	setugid.c \
 	setupenv.c \
 	sgetgrent.c \
 	sgetpwent.c \
 	sgetspent.c \
@@ -64,14 +124,63 @@ libshadow_la_SOURCES = \
 	shadow.c \
 	shadowio.c \
 	shadowio.h \
 	shadowlog.c \
 	shadowlog.h \
 	shadowlog_internal.h \
 	shadowmem.c \
 	shell.c \
 	spawn.c \
-	utent.c
+	sssd.c \
 	sssd.h \
 	stpecpy.c \
 	stpecpy.h \
 	stpeprintf.c \
 	stpeprintf.h \
 	strtoday.c \
 	sub.c \
 	subordinateio.h \
 	subordinateio.c \
 	sulog.c \
 	ttytype.c \
 	tz.c \
 	ulimit.c \
 	user_busy.c \
 	valid.c \
 	write_full.c \
 	xgetpwnam.c \
 	xprefix_getpwnam.c \
 	xgetpwuid.c \
 	xgetgrnam.c \
 	xgetgrgid.c \
 	xgetspnam.c \
 	yesno.c
 if WITH_TCB
 libshadow_la_SOURCES += tcbfuncs.c tcbfuncs.h
 endif
 if WITH_BTRFS
 libshadow_la_SOURCES += btrfs.c
 endif
 if ENABLE_LASTLOG
 libshadow_la_SOURCES += log.c
 endif
 if ENABLE_LOGIND
 libshadow_la_SOURCES += logind.c
 else
 libshadow_la_SOURCES += utmp.c
 endif
 if !WITH_LIBBSD
 libshadow_la_SOURCES += \
 	freezero.h \
 	freezero.c \
 	readpassphrase.h \
 	readpassphrase.c
 endif
 # These files are unneeded for some reason, listed in
 # order of appearance:
 #
@@ -79,4 +188,5 @@ endif
 EXTRA_DIST = \
 	.indent.pro \
-	gshadow_.h
+	gshadow_.h \
 	xgetXXbyYY.c
@@ -17,6 +17,8 @@
 #include <stdio.h>
 #include <grp.h>
 #include <errno.h>
 #include "alloc.h"
 #include "shadowlog.h"
 #ident "$Id$"
@@ -29,7 +31,7 @@
 */
 int add_groups (const char *list)
 {
-	GETGROUPS_T *grouplist, *tmp;
+	GETGROUPS_T *grouplist;
 	size_t i;
 	int ngroups;
 	bool added;
@@ -46,7 +48,7 @@ int add_groups (const char *list)
 	i = 16;
 	for (;;) {
-		grouplist = (gid_t *) malloc (i * sizeof (GETGROUPS_T));
+		grouplist = MALLOC(i, GETGROUPS_T);
 		if (NULL == grouplist) {
 			return -1;
 		}
@@ -88,19 +90,17 @@ int add_groups (const char *list)
 			fputs (_("Warning: too many groups\n"), shadow_logfd);
 			break;
 		}
-		tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
+		grouplist = REALLOCF(grouplist, (size_t) ngroups + 1, GETGROUPS_T);
-		if (NULL == tmp) {
+		if (grouplist == NULL) {
 			free (grouplist);
 			return -1;
 		}
-		tmp[ngroups] = grp->gr_gid;
+		grouplist[ngroups] = grp->gr_gid;
 		ngroups++;
 		grouplist = tmp;
 		added = true;
 	}
 	if (added) {
-		ret = setgroups ((size_t)ngroups, grouplist);
+		ret = setgroups (ngroups, grouplist);
 		free (grouplist);
 		return ret;
 	}
@@ -109,6 +109,6 @@ int add_groups (const char *list)
 	return 0;
 }
 #else				/* HAVE_SETGROUPS && !USE_PAM */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* HAVE_SETGROUPS && !USE_PAM */
@@ -112,7 +112,7 @@ int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp)
 			_exit (126);
 		}
-		(void) execl (PASSWD_PROGRAM, PASSWD_PROGRAM, pw->pw_name, (char *) 0);
+		(void) execl (PASSWD_PROGRAM, PASSWD_PROGRAM, pw->pw_name, (char *) NULL);
 		err = errno;
 		perror ("Can't execute " PASSWD_PROGRAM);
 		_exit ((ENOENT == err) ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
@@ -139,7 +139,7 @@ int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp)
 void agecheck (/*@null@*/const struct spwd *sp)
 {
-	long now = (long) time ((time_t *) 0) / SCALE;
+	long now = time(NULL) / SCALE;
 	long remain;
 	if (NULL == sp) {
@@ -0,0 +1,134 @@
 /*
 * SPDX-FileCopyrightText:  2022, Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #include <config.h>
 #include <limits.h>
 #include <readpassphrase.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #ident "$Id$"
 #include "alloc.h"
 #include "prototypes.h"
 #if WITH_LIBBSD == 0
 #include "freezero.h"
 #endif /* WITH_LIBBSD */
 #if !defined(PASS_MAX)
 #define PASS_MAX  BUFSIZ - 1
 #endif
 /*
 * SYNOPSIS
 *	[[gnu::malloc(erase_pass)]]
 *	char *agetpass(const char *prompt);
 *
 *	void erase_pass(char *pass);
 *
 * ARGUMENTS
 *   agetpass()
 *	prompt	String to be printed before reading a password.
 *
 *   erase_pass()
 *	pass	password previously returned by agetpass().
 *
 * DESCRIPTION
 *   agetpass()
 *	This function is very similar to getpass(3).  It has several
 *	advantages compared to getpass(3):
 *
 *	- Instead of using a static buffer, agetpass() allocates memory
 *	  through malloc(3).  This makes the function thread-safe, and
 *	  also reduces the visibility of the buffer.
 *
 *	- agetpass() doesn't reallocate internally.  Some
 *	  implementations of getpass(3), such as glibc, do that, as a
 *	  consequence of calling getline(3).  That's a bug in glibc,
 *	  which allows leaking prefixes of passwords in freed memory.
 *
 *	- agetpass() doesn't overrun the output buffer.  If the input
 *	  password is too long, it simply fails.  Some implementations
 *	  of getpass(3), share the same bug that gets(3) has.
 *
 *	As soon as possible, the password obtained from agetpass() be
 *	erased by calling erase_pass(), to avoid possibly leaking the
 *	password.
 *
 *   erase_pass()
 *	This function first clears the password, by calling
 *	explicit_bzero(3) (or an equivalent call), and then frees the
 *	allocated memory by calling free(3).
 *
 *	NULL is a valid input pointer, and in such a case, this call is
 *	a no-op.
 *
 * RETURN VALUE
 *	agetpass() returns a newly allocated buffer containing the
 *	password on success.  On error, errno is set to indicate the
 *	error, and NULL is returned.
 *
 * ERRORS
 *   agetpass()
 *	This function may fail for any errors that malloc(3) or
 *	readpassphrase(3) may fail, and in addition it may fail for the
 *	following errors:
 *
 *	ENOBUFS
 *		The input password was longer than PASS_MAX.
 *
 * CAVEATS
 *	If a password is passed twice to erase_pass(), the behavior is
 *	undefined.
 */
 char *
 agetpass(const char *prompt)
 {
 	char    *pass;
 	size_t  len;
 	/*
 	 * Since we want to support passwords upto PASS_MAX, we need
 	 * PASS_MAX bytes for the password itself, and one more byte for
 	 * the terminating '\0'.  We also want to detect truncation, and
 	 * readpassphrase(3) doesn't detect it, so we need some trick.
 	 * Let's add one more byte, and if the password uses it, it
 	 * means the introduced password was longer than PASS_MAX.
 	 */
 	pass = MALLOC(PASS_MAX + 2, char);
 	if (pass == NULL)
 		return NULL;
 	if (readpassphrase(prompt, pass, PASS_MAX + 2, RPP_REQUIRE_TTY) == NULL)
 		goto fail;
 	len = strlen(pass);
 	if (len == PASS_MAX + 1) {
 		errno = ENOBUFS;
 		goto fail;
 	}
 	return pass;
 fail:
 	freezero(pass, PASS_MAX + 2);
 	return NULL;
 }
 void
 erase_pass(char *pass)
 {
 	freezero(pass, PASS_MAX + 2);
 }
@@ -3,6 +3,7 @@
 * SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
 * SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko
 * SPDX-FileCopyrightText: 2008       , Nicolas François
 * SPDX-FileCopyrightText: 2023       , Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@@ -20,27 +21,53 @@
 #ident "$Id$"
-#include <stdio.h>
+#include "alloc.h"
 #include <errno.h>
 #include <stddef.h>
 #include <stdio.h>
 #include "defines.h"
 #include "prototypes.h"
 #include "shadowlog.h"
 /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/void *xmalloc (size_t size)
 {
 	void *ptr;
-	ptr = malloc (size);
+extern inline void *xmalloc(size_t size);
-	if (NULL == ptr) {
+extern inline void *xmallocarray(size_t nmemb, size_t size);
-		(void) fprintf (log_get_logfd(),
+extern inline void *mallocarray(size_t nmemb, size_t size);
-		                _("%s: failed to allocate memory: %s\n"),
+extern inline void *reallocarrayf(void *p, size_t nmemb, size_t size);
-		                log_get_progname(), strerror (errno));
+extern inline char *xstrdup(const char *str);
-		exit (13);
+
-	}
+
-	return ptr;
+void *
 xcalloc(size_t nmemb, size_t size)
 {
 	void  *p;
 	p = calloc(nmemb, size);
 	if (p == NULL)
 		goto x;
 	return p;
 x:
 	fprintf(log_get_logfd(), _("%s: %s\n"),
 	        log_get_progname(), strerror(errno));
 	exit(13);
 }
-/*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *str)
+
 void *
 xreallocarray(void *p, size_t nmemb, size_t size)
 {
-	return strcpy (xmalloc (strlen (str) + 1), str);
+	p = reallocarrayf(p, nmemb, size);
 	if (p == NULL)
 		goto x;
 	return p;
 x:
 	fprintf(log_get_logfd(), _("%s: %s\n"),
 	        log_get_progname(), strerror(errno));
 	exit(13);
 }
@@ -0,0 +1,115 @@
 /*
 * SPDX-FileCopyrightText:  2023, Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #ifndef SHADOW_INCLUDE_LIB_MALLOC_H_
 #define SHADOW_INCLUDE_LIB_MALLOC_H_
 #include <config.h>
 #include <assert.h>
 #include <errno.h>
 #include <stddef.h>
 #include <stdint.h>
 #include <stdlib.h>
 #include "defines.h"
 #define CALLOC(n, type)   ((type *) calloc(n, sizeof(type)))
 #define XCALLOC(n, type)  ((type *) xcalloc(n, sizeof(type)))
 #define MALLOC(n, type)   ((type *) mallocarray(n, sizeof(type)))
 #define XMALLOC(n, type)  ((type *) xmallocarray(n, sizeof(type)))
 #define REALLOC(ptr, n, type)                                                 \
 ({                                                                            \
 	__auto_type  p_ = (ptr);                                              \
                                                                              \
 	static_assert(__builtin_types_compatible_p(typeof(p_), type *), "");  \
                                                                              \
 	(type *) reallocarray(p_, n, sizeof(type));                           \
 })
 #define REALLOCF(ptr, n, type)                                                \
 ({                                                                            \
 	__auto_type  p_ = (ptr);                                              \
                                                                              \
 	static_assert(__builtin_types_compatible_p(typeof(p_), type *), "");  \
                                                                              \
 	(type *) reallocarrayf(p_, n, sizeof(type));                          \
 })
 #define XREALLOC(ptr, n, type)                                                \
 ({                                                                            \
 	__auto_type  p_ = (ptr);                                              \
                                                                              \
 	static_assert(__builtin_types_compatible_p(typeof(p_), type *), "");  \
                                                                              \
 	(type *) xreallocarray(p_, n, sizeof(type));                          \
 })
 ATTR_MALLOC(free)
 inline void *xmalloc(size_t size);
 ATTR_MALLOC(free)
 inline void *xmallocarray(size_t nmemb, size_t size);
 ATTR_MALLOC(free)
 inline void *mallocarray(size_t nmemb, size_t size);
 ATTR_MALLOC(free)
 inline void *reallocarrayf(void *p, size_t nmemb, size_t size);
 ATTR_MALLOC(free)
 inline char *xstrdup(const char *str);
 ATTR_MALLOC(free)
 void *xcalloc(size_t nmemb, size_t size);
 ATTR_MALLOC(free)
 void *xreallocarray(void *p, size_t nmemb, size_t size);
 inline void *
 xmalloc(size_t size)
 {
 	return xmallocarray(1, size);
 }
 inline void *
 xmallocarray(size_t nmemb, size_t size)
 {
 	return xreallocarray(NULL, nmemb, size);
 }
 inline void *
 mallocarray(size_t nmemb, size_t size)
 {
 	return reallocarray(NULL, nmemb, size);
 }
 inline void *
 reallocarrayf(void *p, size_t nmemb, size_t size)
 {
 	void  *q;
 	q = reallocarray(p, nmemb, size);
 	/* realloc(p, 0) is equivalent to free(p);  avoid double free.  */
 	if (q == NULL && nmemb != 0 && size != 0)
 		free(p);
 	return q;
 }
 inline char *
 xstrdup(const char *str)
 {
 	return strcpy(XMALLOC(strlen(str) + 1, char), str);
 }
 #endif  // include guard
@@ -62,7 +62,7 @@ void audit_logger (int type, unused const char *pgname, const char *op,
 		return;
 	} else {
 		audit_log_acct_message (audit_fd, type, NULL, op, name, id,
-		                        NULL, NULL, NULL, (int) result);
+		                        NULL, NULL, NULL, result);
 	}
 }
@@ -77,11 +77,11 @@ void audit_logger_message (const char *message, shadow_audit_result result)
 		                        NULL, /* hostname */
 		                        NULL, /* addr */
 		                        NULL, /* tty */
-		                        (int) result);
+		                        result);
 	}
 }
 #else				/* WITH_AUDIT */
-extern int errno;	/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* WITH_AUDIT */
@@ -21,6 +21,10 @@
 #include "prototypes.h"
 /*@observer@*/const char *Basename (const char *str)
 {
 	if (str == NULL) {
 		abort ();
 	}
 	char *cp = strrchr (str, '/');
 	return (NULL != cp) ? cp + 1 : str;
@@ -0,0 +1,19 @@
 /*
 * SPDX-FileCopyrightText:  2022 - 2023, Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #include <config.h>
 #ident "$Id$"
 #include "bit.h"
 #include <limits.h>
 extern inline unsigned long bit_ceilul(unsigned long x);
 extern inline unsigned long bit_ceil_wrapul(unsigned long x);
 extern inline int leading_zerosul(unsigned long x);
@@ -0,0 +1,53 @@
 /*
 * SPDX-FileCopyrightText:  2022 - 2023, Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #ifndef SHADOW_INCLUDE_LIB_BIT_H_
 #define SHADOW_INCLUDE_LIB_BIT_H_
 #include <config.h>
 #include <limits.h>
 #ifndef ULONG_WIDTH
 #define ULONG_WIDTH (sizeof(unsigned long) * CHAR_BIT)
 #endif
 inline unsigned long bit_ceilul(unsigned long x);
 inline unsigned long bit_ceil_wrapul(unsigned long x);
 inline int leading_zerosul(unsigned long x);
 /* stdc_bit_ceilul(3) */
 inline unsigned long
 bit_ceilul(unsigned long x)
 {
 	return 1 + (ULONG_MAX >> leading_zerosul(x));
 }
 /* stdc_bit_ceilul(3), but wrap instead of having Undefined Behavior */
 inline unsigned long
 bit_ceil_wrapul(unsigned long x)
 {
 	if (x == 0)
 		return 0;
 	return bit_ceilul(x);
 }
 /* stdc_leading_zerosul(3) */
 inline int
 leading_zerosul(unsigned long x)
 {
 	return (x == 0) ? ULONG_WIDTH : __builtin_clzl(x);
 }
 #endif  // include guard
@@ -75,10 +75,9 @@ static bool is_valid_name (const char *name)
 bool is_valid_user_name (const char *name)
 {
 	/*
-	 * User names are limited by whatever utmp can
+	 * User names length are limited by the kernel
 	 * handle.
 	 */
-	if (strlen (name) > USER_NAME_MAX_LENGTH) {
+	if (strlen (name) > sysconf(_SC_LOGIN_NAME_MAX)) {
 		return false;
 	}
@@ -51,7 +51,7 @@ void chown_tty (const struct passwd *info)
 	 */
 	if (   (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
-	    || (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
+	    || (fchmod (STDIN_FILENO, getdef_num ("TTYPERM", 0600)) != 0)) {
 		int err = errno;
 		FILE *shadow_logfd = log_get_logfd();
@@ -22,7 +22,7 @@
 */
 void cleanup_report_add_group (void *group_name)
 {
-	const char *name = (const char *)group_name;
+	const char *name = group_name;
 	SYSLOG ((LOG_ERR, "failed to add group %s", name));
 #ifdef WITH_AUDIT
@@ -40,7 +40,7 @@ void cleanup_report_add_group (void *group_name)
 */
 void cleanup_report_del_group (void *group_name)
 {
-	const char *name = (const char *)group_name;
+	const char *name = group_name;
 	SYSLOG ((LOG_ERR, "failed to remove group %s", name));
 #ifdef WITH_AUDIT
@@ -95,7 +95,7 @@ void cleanup_report_mod_gshadow (void *cleanup_info)
 */
 void cleanup_report_add_group_group (void *group_name)
 {
-	const char *name = (const char *)group_name;
+	const char *name = group_name;
 	SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
 #ifdef WITH_AUDIT
@@ -115,7 +115,7 @@ void cleanup_report_add_group_group (void *group_name)
 */
 void cleanup_report_add_group_gshadow (void *group_name)
 {
-	const char *name = (const char *)group_name;
+	const char *name = group_name;
 	SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
 #ifdef WITH_AUDIT
@@ -136,7 +136,7 @@ void cleanup_report_add_group_gshadow (void *group_name)
 */
 void cleanup_report_del_group_group (void *group_name)
 {
-	const char *name = (const char *)group_name;
+	const char *name = group_name;
 	SYSLOG ((LOG_ERR,
 	         "failed to remove group %s from %s",
@@ -159,7 +159,7 @@ void cleanup_report_del_group_group (void *group_name)
 */
 void cleanup_report_del_group_gshadow (void *group_name)
 {
-	const char *name = (const char *)group_name;
+	const char *name = group_name;
 	SYSLOG ((LOG_ERR,
 	         "failed to remove group %s from %s",
@@ -16,13 +16,13 @@
 #include "shadowlog.h"
 /*
- * cleanup_report_add_user - Report failure to add an user to the system
+ * cleanup_report_add_user - Report failure to add a user to the system
 *
- * It should be registered when it is decided to add an user to the system.
+ * It should be registered when it is decided to add a user to the system.
 */
 void cleanup_report_add_user (void *user_name)
 {
-	const char *name = (const char *)user_name;
+	const char *name = user_name;
 	SYSLOG ((LOG_ERR, "failed to add user %s", name));
 #ifdef WITH_AUDIT
@@ -51,15 +51,15 @@ void cleanup_report_mod_passwd (void *cleanup_info)
 }
 /*
- * cleanup_report_add_user_passwd - Report failure to add an user to
+ * cleanup_report_add_user_passwd - Report failure to add a user to
 * /etc/passwd
 *
- * It should be registered when it is decided to add an user to the
+ * It should be registered when it is decided to add a user to the
 * /etc/passwd database.
 */
 void cleanup_report_add_user_passwd (void *user_name)
 {
-	const char *name = (const char *)user_name;
+	const char *name = user_name;
 	SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
 #ifdef WITH_AUDIT
@@ -71,15 +71,15 @@ void cleanup_report_add_user_passwd (void *user_name)
 }
 /*
- * cleanup_report_add_user_shadow - Report failure to add an user to
+ * cleanup_report_add_user_shadow - Report failure to add a user to
 * /etc/shadow
 *
- * It should be registered when it is decided to add an user to the
+ * It should be registered when it is decided to add a user to the
 * /etc/shadow database.
 */
 void cleanup_report_add_user_shadow (void *user_name)
 {
-	const char *name = (const char *)user_name;
+	const char *name = user_name;
 	SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
 #ifdef WITH_AUDIT
@@ -21,6 +21,8 @@
 #include <errno.h>
 #include <stdio.h>
 #include <signal.h>
 #include "alloc.h"
 #include "nscd.h"
 #include "sssd.h"
 #ifdef WITH_TCB
@@ -138,7 +140,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
 	pid = getpid ();
 	snprintf (buf, sizeof buf, "%lu", (unsigned long) pid);
 	len = (ssize_t) strlen (buf) + 1;
-	if (write (fd, buf, (size_t) len) != len) {
+	if (write_full (fd, buf, (size_t) len) != len) {
 		if (log) {
 			(void) fprintf (shadow_logfd,
 			                "%s: %s file write error: %s\n",
@@ -251,25 +253,13 @@ static /*@null@*/ /*@dependent@*/FILE *fopen_set_perms (
 		return NULL;
 	}
 #ifdef HAVE_FCHOWN
 	if (fchown (fileno (fp), sb->st_uid, sb->st_gid) != 0) {
 		goto fail;
 	}
 #else				/* !HAVE_FCHOWN */
 	if (chown (name, sb->st_mode) != 0) {
 		goto fail;
 	}
 #endif				/* !HAVE_FCHOWN */
 #ifdef HAVE_FCHMOD
 	if (fchmod (fileno (fp), sb->st_mode & 0664) != 0) {
 		goto fail;
 	}
-#else				/* !HAVE_FCHMOD */
+
 	if (chmod (name, sb->st_mode & 0664) != 0) {
 		goto fail;
 	}
 #endif				/* !HAVE_FCHMOD */
 	return fp;
      fail:
@@ -374,11 +364,11 @@ int commonio_lock_nowait (struct commonio_db *db, bool log)
 	}
 	file_len = strlen(db->filename) + 11;/* %lu max size */
 	lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */
-	file = (char*)malloc(file_len);
+	file = MALLOC(file_len, char);
 	if (file == NULL) {
 		goto cleanup_ENOMEM;
 	}
-	lock = (char*)malloc(lock_file_len);
+	lock = MALLOC(lock_file_len, char);
 	if (lock == NULL) {
 		goto cleanup_ENOMEM;
 	}
@@ -618,7 +608,7 @@ int commonio_open (struct commonio_db *db, int mode)
 	fd = open (db->filename,
 	             (db->readonly ? O_RDONLY : O_RDWR)
-	           | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW);
+	           | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW | O_CLOEXEC);
 	saved_errno = errno;
 	db->fp = NULL;
 	if (fd >= 0) {
@@ -649,22 +639,19 @@ int commonio_open (struct commonio_db *db, int mode)
 		return 0;
 	}
 	/* Do not inherit fd in spawned processes (e.g. nscd) */
 	fcntl (fileno (db->fp), F_SETFD, FD_CLOEXEC);
 	buflen = BUFLEN;
-	buf = (char *) malloc (buflen);
+	buf = MALLOC(buflen, char);
 	if (NULL == buf) {
 		goto cleanup_ENOMEM;
 	}
-	while (db->ops->fgets (buf, (int) buflen, db->fp) == buf) {
+	while (db->ops->fgets (buf, buflen, db->fp) == buf) {
 		while (   ((cp = strrchr (buf, '\n')) == NULL)
 		       && (feof (db->fp) == 0)) {
 			size_t len;
 			buflen += BUFLEN;
-			cp = (char *) realloc (buf, buflen);
+			cp = REALLOC(buf, buflen, char);
 			if (NULL == cp) {
 				goto cleanup_buf;
 			}
@@ -698,7 +685,7 @@ int commonio_open (struct commonio_db *db, int mode)
 			}
 		}
-		p = (struct commonio_entry *) malloc (sizeof *p);
+		p = MALLOC(1, struct commonio_entry);
 		if (NULL == p) {
 			goto cleanup_entry;
 		}
@@ -775,7 +762,7 @@ commonio_sort (struct commonio_db *db, int (*cmp) (const void *, const void *))
 		return 0;
 	}
-	entries = malloc (n * sizeof (struct commonio_entry *));
+	entries = MALLOC(n, struct commonio_entry *);
 	if (entries == NULL) {
 		return -1;
 	}
@@ -998,13 +985,11 @@ int commonio_close (struct commonio_db *db)
 	if (fflush (db->fp) != 0) {
 		errors++;
 	}
-#ifdef HAVE_FSYNC
+
 	if (fsync (fileno (db->fp)) != 0) {
 		errors++;
 	}
-#else				/* !HAVE_FSYNC */
+
 	sync ();
 #endif				/* !HAVE_FSYNC */
 	if (fclose (db->fp) != 0) {
 		errors++;
 	}
@@ -1096,7 +1081,7 @@ int commonio_update (struct commonio_db *db, const void *eptr)
 		return 1;
 	}
 	/* not found, new entry */
-	p = (struct commonio_entry *) malloc (sizeof *p);
+	p = MALLOC(1, struct commonio_entry);
 	if (NULL == p) {
 		db->ops->free (nentry);
 		errno = ENOMEM;
@@ -1133,7 +1118,7 @@ int commonio_append (struct commonio_db *db, const void *eptr)
 		return 0;
 	}
 	/* new entry */
-	p = (struct commonio_entry *) malloc (sizeof *p);
+	p = MALLOC(1, struct commonio_entry);
 	if (NULL == p) {
 		db->ops->free (nentry);
 		errno = ENOMEM;
@@ -1200,6 +1185,8 @@ int commonio_remove (struct commonio_db *db, const char *name)
 		db->ops->free (p->eptr);
 	}
 	free(p);
 	return 1;
 }
@@ -123,6 +123,7 @@ extern int commonio_setname (struct commonio_db *, const char *);
 extern bool commonio_present (const struct commonio_db *db);
 extern int commonio_lock (struct commonio_db *);
 extern int commonio_lock_nowait (struct commonio_db *, bool log);
 extern int do_fcntl_lock (const char *file, bool log, short type);
 extern int commonio_open (struct commonio_db *, int);
 extern /*@observer@*/ /*@null@*/const void *commonio_locate (struct commonio_db *, const char *);
 extern int commonio_update (struct commonio_db *, const void *);
@@ -44,8 +44,7 @@ static bool is_listed (const char *cfgin, const char *tty, bool def)
 	if (*cons != '/') {
 		char *pbuf;
-		strncpy (buf, cons, sizeof (buf));
+		strlcpy (buf, cons, sizeof (buf));
 		buf[sizeof (buf) - 1] = '\0';
 		pbuf = &buf[0];
 		while ((s = strtok (pbuf, ":")) != NULL) {
 			if (strcmp (s, tty) == 0) {
@@ -71,8 +70,9 @@ static bool is_listed (const char *cfgin, const char *tty, bool def)
 	 * See if this tty is listed in the console file.
 	 */
-	while (fgets (buf, (int) sizeof (buf), fp) != NULL) {
+	while (fgets (buf, sizeof (buf), fp) != NULL) {
-		buf[strlen (buf) - 1] = '\0';
+		/* Remove optional trailing '\n'. */
 		buf[strcspn (buf, "\n")] = '\0';
 		if (strcmp (buf, tty) == 0) {
 			(void) fclose (fp);
 			return true;
@@ -17,6 +17,8 @@
 #include <sys/time.h>
 #include <fcntl.h>
 #include <stdio.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #ifdef WITH_SELINUX
@@ -226,7 +228,7 @@ static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, c
 		return NULL;
 	}
-	lp = (struct link_name *) xmalloc (sizeof *lp);
+	lp = XMALLOC(1, struct link_name);
 	src_len = strlen (src_orig);
 	dst_len = strlen (dst_orig);
 	name_len = strlen (name);
@@ -234,7 +236,7 @@ static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, c
 	lp->ln_ino = sb->st_ino;
 	lp->ln_count = sb->st_nlink;
 	len = name_len - src_len + dst_len + 1;
-	lp->ln_name = (char *) xmalloc (len);
+	lp->ln_name = XMALLOC(len, char);
 	(void) snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len);
 	lp->ln_next = links;
 	links = lp;
@@ -324,8 +326,8 @@ static int copy_tree_impl (const struct path_info *src, const struct path_info *
 			src_len += strlen (src->full_path);
 			dst_len += strlen (dst->full_path);
-			src_name = (char *) malloc (src_len);
+			src_name = MALLOC(src_len, char);
-			dst_name = (char *) malloc (dst_len);
+			dst_name = MALLOC(dst_len, char);
 			if ((NULL == src_name) || (NULL == dst_name)) {
 				err = -1;
@@ -419,35 +421,25 @@ static int copy_entry (const struct path_info *src, const struct path_info *dst,
 	if (fstatat(src->dirfd, src->name, &sb, AT_SYMLINK_NOFOLLOW) == -1) {
 		/* If we cannot stat the file, do not care. */
 	} else {
 #ifdef HAVE_STRUCT_STAT_ST_ATIM
 		mt[0].tv_sec  = sb.st_atim.tv_sec;
 		mt[0].tv_nsec = sb.st_atim.tv_nsec;
 #else				/* !HAVE_STRUCT_STAT_ST_ATIM */
 		mt[0].tv_sec  = sb.st_atime;
 # ifdef HAVE_STRUCT_STAT_ST_ATIMENSEC
 		mt[0].tv_nsec = sb.st_atimensec;
 # else				/* !HAVE_STRUCT_STAT_ST_ATIMENSEC */
 		mt[0].tv_nsec = 0;
 # endif				/* !HAVE_STRUCT_STAT_ST_ATIMENSEC */
 #endif				/* !HAVE_STRUCT_STAT_ST_ATIM */
 #ifdef HAVE_STRUCT_STAT_ST_MTIM
 		mt[1].tv_sec  = sb.st_mtim.tv_sec;
 		mt[1].tv_nsec = sb.st_mtim.tv_nsec;
 #else				/* !HAVE_STRUCT_STAT_ST_MTIM */
 		mt[1].tv_sec  = sb.st_mtime;
 # ifdef HAVE_STRUCT_STAT_ST_MTIMENSEC
 		mt[1].tv_nsec = sb.st_mtimensec;
 # else				/* !HAVE_STRUCT_STAT_ST_MTIMENSEC */
 		mt[1].tv_nsec = 0;
 # endif				/* !HAVE_STRUCT_STAT_ST_MTIMENSEC */
 #endif				/* !HAVE_STRUCT_STAT_ST_MTIM */
 		if (S_ISDIR (sb.st_mode)) {
 			err = copy_dir (src, dst, reset_selinux, &sb, mt,
 			                old_uid, new_uid, old_gid, new_gid);
 		}
 		/*
 		 * If the destination already exists do nothing.
 		 * This is after the copy_dir above to still iterate into subdirectories.
 		 */
 		if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) {
 			return 0;
 		}
 		/*
 		 * Copy any symbolic links
 		 */
@@ -507,6 +499,7 @@ static int copy_dir (const struct path_info *src, const struct path_info *dst,
                     gid_t old_gid, gid_t new_gid)
 {
 	int err = 0;
 	struct stat dst_sb;
 	/*
 	 * Create a new target directory, make it owned by
@@ -518,6 +511,15 @@ static int copy_dir (const struct path_info *src, const struct path_info *dst,
 		return -1;
 	}
 #endif				/* WITH_SELINUX */
        /*
         * If the destination is already a directory, don't change it
         * but copy into it (recursively).
        */
        if (fstatat(dst->dirfd, dst->name, &dst_sb, AT_SYMLINK_NOFOLLOW) == 0 && S_ISDIR(dst_sb.st_mode)) {
            return (copy_tree_impl (src, dst, false, reset_selinux,
                           old_uid, new_uid, old_gid, new_gid) != 0);
        }
 	if (   (mkdirat (dst->dirfd, dst->name, 0700) != 0)
 	    || (chownat_if_needed (dst, statp,
 	                         old_uid, new_uid, old_gid, new_gid) != 0)
@@ -559,7 +561,7 @@ static /*@null@*/char *readlink_malloc (const char *filename)
 	while (true) {
 		ssize_t nchars;
-		char *buffer = (char *) malloc (size);
+		char *buffer = MALLOC(size, char);
 		if (NULL == buffer) {
 			return NULL;
 		}
@@ -624,7 +626,7 @@ static int copy_symlink (const struct path_info *src, const struct path_info *ds
 	 */
 	if (strncmp (oldlink, src_orig, strlen (src_orig)) == 0) {
 		size_t len = strlen (dst_orig) + strlen (oldlink) - strlen (src_orig) + 1;
-		char *dummy = (char *) xmalloc (len);
+		char *dummy = XMALLOC(len, char);
 		(void) snprintf (dummy, len, "%s%s",
 		                 dst_orig,
 		                 oldlink + strlen (src_orig));
@@ -738,42 +740,6 @@ static int copy_special (const struct path_info *src, const struct path_info *ds
 	return err;
 }
 /*
 * full_write - write entire buffer
 *
 * Write up to count bytes from the buffer starting at buf to the
 * file referred to by the file descriptor fd.
 * Retry in case of a short write.
 *
 * Returns the number of bytes written on success, -1 on error.
 */
 static ssize_t full_write(int fd, const void *buf, size_t count) {
 	ssize_t written = 0;
 	while (count > 0) {
 		ssize_t res;
 		res = write(fd, buf, count);
 		if (res < 0) {
 			if (errno == EINTR) {
 				continue;
 			}
 			return res;
 		}
 		if (res == 0) {
 			break;
 		}
 		written += res;
 		buf = (const unsigned char*)buf + res;
 		count -= (size_t)res;
 	}
 	return written;
 }
 /*
 * copy_file - copy a file
 *
@@ -850,7 +816,7 @@ static int copy_file (const struct path_info *src, const struct path_info *dst,
 			break;
 		}
-		if (full_write (ofd, buf, (size_t)cnt) < 0) {
+		if (write_full (ofd, buf, cnt) < 0) {
 			(void) close (ofd);
 			(void) close (ifd);
 			return -1;
@@ -0,0 +1,141 @@
 /*
 * SPDX-FileCopyrightText:  Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #include <config.h>
 #ident "$Id$"
 #include <limits.h>
 #include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
 #if HAVE_SYS_RANDOM_H
 #include <sys/random.h>
 #endif
 #include "bit.h"
 #include "defines.h"
 #include "prototypes.h"
 #include "shadowlog.h"
 static uint32_t csrand_uniform32(uint32_t n);
 static unsigned long csrand_uniform_slow(unsigned long n);
 /*
 * Return a uniformly-distributed CS random u_long value.
 */
 unsigned long
 csrand(void)
 {
 	FILE           *fp;
 	unsigned long  r;
 #ifdef HAVE_GETENTROPY
 	/* getentropy may exist but lack kernel support.  */
 	if (getentropy(&r, sizeof(r)) == 0)
 		return r;
 #endif
 #ifdef HAVE_GETRANDOM
 	/* Likewise getrandom.  */
 	if (getrandom(&r, sizeof(r), 0) == sizeof(r))
 		return r;
 #endif
 #ifdef HAVE_ARC4RANDOM_BUF
 	/* arc4random_buf can never fail.  */
 	arc4random_buf(&r, sizeof(r));
 	return r;
 #endif
 	/* Use /dev/urandom as a last resort.  */
 	fp = fopen("/dev/urandom", "r");
 	if (NULL == fp) {
 		goto fail;
 	}
 	if (fread(&r, sizeof(r), 1, fp) != 1) {
 		fclose(fp);
 		goto fail;
 	}
 	fclose(fp);
 	return r;
 fail:
 	fprintf(log_get_logfd(), _("Unable to obtain random bytes.\n"));
 	exit(1);
 }
 /*
 * Return a uniformly-distributed CS random value in the interval [0, n-1].
 */
 unsigned long
 csrand_uniform(unsigned long n)
 {
 	if (n == 0 || n > UINT32_MAX)
 		return csrand_uniform_slow(n);
 	return csrand_uniform32(n);
 }
 /*
 * Return a uniformly-distributed CS random value in the interval [min, max].
 */
 unsigned long
 csrand_interval(unsigned long min, unsigned long max)
 {
 	return csrand_uniform(max - min + 1) + min;
 }
 /*
 * Fast Random Integer Generation in an Interval
 * ACM Transactions on Modeling and Computer Simulation 29 (1), 2019
 * <https://arxiv.org/abs/1805.10941>
 */
 static uint32_t
 csrand_uniform32(uint32_t n)
 {
 	uint32_t  bound, rem;
 	uint64_t  r, mult;
 	if (n == 0)
 		return csrand();
 	bound = -n % n;  // analogous to `2^32 % n`, since `x % y == (x-y) % y`
 	do {
 		r = csrand();
 		mult = r * n;
 		rem = mult;  // analogous to `mult % 2^32`
 	} while (rem < bound);  // p = (2^32 % n) / 2^32;  W.C.: n=2^31+1, p=0.5
 	r = mult >> WIDTHOF(n);  // analogous to `mult / 2^32`
 	return r;
 }
 static unsigned long
 csrand_uniform_slow(unsigned long n)
 {
 	unsigned long  r, max, mask;
 	max = n - 1;
 	mask = bit_ceil_wrapul(n) - 1;
 	do {
 		r = csrand();
 		r &= mask;  // optimization
 	} while (r > max);  // p = ((mask+1) % n) / (mask+1);  W.C.: p=0.5
 	return r;
 }
@@ -33,14 +33,24 @@
 #include "prototypes.h"
-void date_to_str (size_t size, char buf[size], long date)
+void
 date_to_str(size_t size, char buf[size], long date)
 {
-	time_t t;
+	time_t           t;
 	const struct tm  *tm;
 	t = date;
-	if (date < 0)
+	if (date < 0) {
-		(void) strncpy (buf, "never", size);
+		(void) strlcpy(buf, "never", size);
-	else
+		return;
-		(void) strftime (buf, size, "%Y-%m-%d", gmtime (&t));
+	}
 	tm = gmtime(&t);
 	if (tm == NULL) {
 		(void) strlcpy(buf, "future", size);
 		return;
 	}
 	(void) strftime(buf, size, "%Y-%m-%d", tm);
 	buf[size - 1] = '\0';
 }
@@ -6,41 +6,8 @@
 #include "config.h"
-#if HAVE_STDBOOL_H
+#include <stdbool.h>
-# include <stdbool.h>
+#include <locale.h>
 #else
 # if ! HAVE__BOOL
 #  ifdef __cplusplus
 typedef bool _Bool;
 #  else
 typedef unsigned char _Bool;
 #  endif
 # endif
 # define bool _Bool
 # define false (0)
 # define true  (1)
 # define __bool_true_false_are_defined 1
 #endif
 /* Take care of NLS matters.  */
 #ifdef S_SPLINT_S
 extern char *setlocale(int categories, const char *locale);
 # define LC_ALL		(6)
 extern char * bindtextdomain (const char * domainname, const char * dirname);
 extern char * textdomain (const char * domainname);
 # define _(Text) Text
 # define ngettext(Msgid1, Msgid2, N) \
    ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
 #else
 #ifdef HAVE_LOCALE_H
 # include <locale.h>
 #else
 # undef setlocale
 # define setlocale(category, locale)	(NULL)
 # ifndef LC_ALL
 #  define LC_ALL	6
 # endif
 #endif
 #define gettext_noop(String) (String)
 /* #define gettext_def(String) "#define String" */
@@ -57,22 +24,17 @@ extern char * textdomain (const char * domainname);
 # define ngettext(Msgid1, Msgid2, N) \
    ((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
 #endif
 #endif
 #include <stdlib.h>
 #include <string.h>
-#if HAVE_ERRNO_H
+#include <errno.h>
 # include <errno.h>
 #endif
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/wait.h>
-#if HAVE_UNISTD_H
+#include <unistd.h>
 # include <unistd.h>
 #endif
 /*
 * crypt(3), crypt_gensalt(3), and their
@@ -85,17 +47,15 @@ extern char * textdomain (const char * domainname);
 #include <sys/time.h>
 #include <time.h>
-#ifdef HAVE_MEMSET_S
+#ifdef HAVE_MEMSET_EXPLICIT
-# define memzero(ptr, size) memset_s((ptr), 0, (size))
+# define memzero(ptr, size) memset_explicit((ptr), 0, (size))
 #elif defined HAVE_EXPLICIT_BZERO	/* !HAVE_MEMSET_S */
 # define memzero(ptr, size) explicit_bzero((ptr), (size))
 #else					/* !HAVE_MEMSET_S && HAVE_EXPLICIT_BZERO */
 static inline void memzero(void *ptr, size_t size)
 {
-	volatile unsigned char * volatile p = ptr;
+	ptr = memset(ptr, '\0', size);
-	while (size--) {
+	__asm__ __volatile__ ("" : : "r"(ptr) : "memory");
 		*p++ = '\0';
 	}
 }
 #endif					/* !HAVE_MEMSET_S && !HAVE_EXPLICIT_BZERO */
@@ -123,7 +83,6 @@ static inline void memzero(void *ptr, size_t size)
 #endif
 #endif
 #ifdef USE_SYSLOG
 #include <syslog.h>
 #ifndef LOG_WARN
@@ -170,14 +129,6 @@ static inline void memzero(void *ptr, size_t size)
 #define SYSLOG(x) syslog x
 #endif				/* !ENABLE_NLS */
 #else				/* !USE_SYSLOG */
 #define SYSLOG(x)		/* empty */
 #define openlog(a,b,c)		/* empty */
 #define closelog()		/* empty */
 #endif				/* !USE_SYSLOG */
 /* The default syslog settings can now be changed here,
   in just one place.  */
@@ -192,33 +143,10 @@ static inline void memzero(void *ptr, size_t size)
 #define OPENLOG(progname) openlog(progname, SYSLOG_OPTIONS, SYSLOG_FACILITY)
-#ifndef F_OK
+#include <termios.h>
-# define F_OK 0
+#define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio)
-# define X_OK 1
+#define GTTY(fd, termio) tcgetattr(fd, termio)
-# define W_OK 2
+#define TERMIO struct termios
 # define R_OK 4
 #endif
 #ifndef SEEK_SET
 # define SEEK_SET 0
 # define SEEK_CUR 1
 # define SEEK_END 2
 #endif
 #if HAVE_TERMIOS_H
 # include <termios.h>
 # define STTY(fd, termio) tcsetattr(fd, TCSANOW, termio)
 # define GTTY(fd, termio) tcgetattr(fd, termio)
 # define TERMIO struct termios
 # define USE_TERMIOS
 #else				/* assumed HAVE_TERMIO_H */
 # include <sys/ioctl.h>
 # include <termio.h>
 # define STTY(fd, termio) ioctl(fd, TCSETA, termio)
 # define GTTY(fd, termio) ioctl(fd, TCGETA, termio)
 # define TEMRIO struct termio
 # define USE_TERMIO
 #endif
 /*
 * Password aging constants
@@ -241,6 +169,10 @@ static inline void memzero(void *ptr, size_t size)
 #define SCALE DAY
 #endif
 #define WIDTHOF(x)   (sizeof(x) * CHAR_BIT)
 #define NITEMS(arr)  (sizeof((arr)) / sizeof((arr)[0]))
 #define STRLEN(s)    (NITEMS(s) - 1)
 /* Copy string pointed by B to array A with size checking.  It was originally
   in lmain.c but is _very_ useful elsewhere.  Some setuid root programs with
   very sloppy coding used to assume that BUFSIZ will always be enough...  */
@@ -267,18 +199,6 @@ static inline void memzero(void *ptr, size_t size)
 #endif
 #endif
 #ifndef NULL
 #define NULL ((void *) 0)
 #endif
 #ifdef sun			/* hacks for compiling on SunOS */
 # ifndef SOLARIS
 extern int fputs ();
 extern char *strdup ();
 extern char *strerror ();
 # endif
 #endif
 /*
 * string to use for the pw_passwd field in /etc/passwd when using
 * shadow passwords - most systems use "x" but there are a few
@@ -303,33 +223,24 @@ extern char *strerror ();
 /* To be used for verified unused parameters */
 #if defined(__GNUC__) && !defined(__STRICT_ANSI__)
-# define unused __attribute__((unused))
+# define unused    __attribute__((unused))
 # define NORETURN  __attribute__((__noreturn__))
 # define format_attr(type, index, check) __attribute__((format (type, index, check)))
 #else
 # define unused
 # define NORETURN
 # define format_attr(type, index, check)
 #endif
 /* Maximum length of usernames */
 #ifdef HAVE_UTMPX_H
 # include <utmpx.h>
 # define USER_NAME_MAX_LENGTH (sizeof (((struct utmpx *)NULL)->ut_user))
 #else
 # include <utmp.h>
 # ifdef HAVE_STRUCT_UTMP_UT_USER
 #  define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_user))
 # else
 #  ifdef HAVE_STRUCT_UTMP_UT_NAME
 #   define USER_NAME_MAX_LENGTH (sizeof (((struct utmp *)NULL)->ut_name))
 #  else
 #   define USER_NAME_MAX_LENGTH 32
 #  endif
 # endif
 #endif
 /* Maximum length of passwd entry */
 #define PASSWD_ENTRY_MAX_LENGTH 32768
 #if (__GNUC__ >= 11) && !defined(__clang__)
 # define ATTR_MALLOC(deallocator)  [[gnu::malloc(deallocator)]]
 #else
 # define ATTR_MALLOC(deallocator)
 #endif
 #ifdef HAVE_SECURE_GETENV
 #  define shadow_getenv(name) secure_getenv(name)
 # else
@@ -13,6 +13,8 @@
 #include <sys/types.h>
 #include <stdio.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include <pwd.h>
@@ -24,7 +26,7 @@ void pw_entry (const char *name, struct passwd *pwent)
 	struct spwd *spwd;
 	if (!(passwd = getpwnam (name))) { /* local, no need for xgetpwnam */
-		pwent->pw_name = (char *) 0;
+		pwent->pw_name = NULL;
 		return;
 	} else {
 		pwent->pw_name = xstrdup (passwd->pw_name);
@@ -15,6 +15,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "shadowlog.h"
@@ -26,7 +28,6 @@
 #define NEWENVP_STEP 16
 size_t newenvc = 0;
 /*@null@*/char **newenvp = NULL;
 extern char **environ;
 static const char *const forbid[] = {
 	"_RLD_=",
@@ -42,7 +43,7 @@ static const char *const forbid[] = {
 	"PATH=",
 	"SHELL=",
 	"SHLIB_PATH=",
-	(char *) 0
+	NULL
 };
 /* these are allowed, but with no slashes inside
@@ -51,7 +52,7 @@ static const char *const noslash[] = {
 	"LANG=",
 	"LANGUAGE=",
 	"LC_",			/* anything with the LC_ prefix */
-	(char *) 0
+	NULL
 };
 /*
@@ -59,7 +60,7 @@ static const char *const noslash[] = {
 */
 void initenv (void)
 {
-	newenvp = (char **) xmalloc (NEWENVP_STEP * sizeof (char *));
+	newenvp = XMALLOC(NEWENVP_STEP, char *);
 	*newenvp = NULL;
 }
@@ -73,7 +74,7 @@ void addenv (const char *string, /*@null@*/const char *value)
 	if (NULL != value) {
 		size_t len = strlen (string) + strlen (value) + 2;
 		int wlen;
-		newstring = xmalloc (len);
+		newstring = XMALLOC(len, char);
 		wlen = snprintf (newstring, len, "%s=%s", string, value);
 		assert (wlen == (int) len -1);
 	} else {
@@ -127,16 +128,16 @@ void addenv (const char *string, /*@null@*/const char *value)
 	 */
 	if ((newenvc & (NEWENVP_STEP - 1)) == 0) {
-		char **__newenvp;
+		bool  update_environ;
-		size_t newsize;
+		char  **__newenvp;
 		/*
 		 * If the resize operation succeeds we can
 		 * happily go on, else print a message.
 		 */
 		update_environ = (environ == newenvp);
-		newsize = (newenvc + NEWENVP_STEP) * sizeof (char *);
+		__newenvp = REALLOC(newenvp, newenvc + NEWENVP_STEP, char *);
 		__newenvp = (char **) realloc (newenvp, newsize);
 		if (NULL != __newenvp) {
 			/*
@@ -144,9 +145,8 @@ void addenv (const char *string, /*@null@*/const char *value)
 			 * environ so that it doesn't point to some
 			 * free memory area (realloc() could move it).
 			 */
-			if (environ == newenvp) {
+			if (update_environ)
 				environ = __newenvp;
 			}
 			newenvp = __newenvp;
 		} else {
 			(void) fputs (_("Environment overflow\n"), log_get_logfd());
@@ -16,8 +16,8 @@
 #include <unistd.h>
 #include "defines.h"
 #include "faillog.h"
 #include "getdef.h"
 #include "failure.h"
 #include "prototypes.h"
 #define	YEAR	(365L*DAY)
 /*
 * failure - make failure entry
@@ -53,7 +53,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
 	 */
 	if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
-	    || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+	    || (read (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
 		/* This is not necessarily a failure. The file is
 		 * initially zero length.
 		 *
@@ -86,7 +86,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
 	 */
 	if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
-	    || (write (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)
+	    || (write_full (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)
 	    || (close (fd) != 0)) {
 		SYSLOG ((LOG_WARN,
 		         "Can't write faillog entry for UID %lu in %s.",
@@ -163,7 +163,7 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
 	 */
 	if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
-	    || (read (fd, (char *) fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
+	    || (read (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)) {
 		(void) close (fd);
 		return 1;
 	}
@@ -185,7 +185,7 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
 		fail.fail_cnt = 0;
 		if (   (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
-		    || (write (fd, (const void *) &fail, sizeof fail) != (ssize_t) sizeof fail)
+		    || (write_full (fd, &fail, sizeof fail) != (ssize_t) sizeof fail)
 		    || (close (fd) != 0)) {
 			SYSLOG ((LOG_WARN,
 			         "Can't reset faillog entry for UID %lu in %s.",
@@ -234,62 +234,3 @@ void failprint (const struct faillog *fail)
 	               fail->fail_cnt, lasttime, fail->fail_line);
 	/*@=formatconst@*/
 }
 /*
 * failtmp - update the cumulative failure log
 *
 *	failtmp updates the (struct utmp) formatted failure log which
 *	maintains a record of all login failures.
 */
 void failtmp (const char *username,
 #ifdef USE_UTMPX
 		     const struct utmpx *failent
 #else				/* !USE_UTMPX */
 		     const struct utmp *failent
 #endif				/* !USE_UTMPX */
    )
 {
 	const char *ftmp;
 	int fd;
 	/*
 	 * Get the name of the failure file.  If no file has been defined
 	 * in login.defs, don't do this.
 	 */
 	ftmp = getdef_str ("FTMP_FILE");
 	if (NULL == ftmp) {
 		return;
 	}
 	/*
 	 * Open the file for append.  It must already exist for this
 	 * feature to be used.
 	 */
 	if (access (ftmp, F_OK) != 0) {
 		return;
 	}
 	fd = open (ftmp, O_WRONLY | O_APPEND);
 	if (-1 == fd) {
 		SYSLOG ((LOG_WARN,
 		         "Can't append failure of user %s to %s.",
 		         username, ftmp));
 		return;
 	}
 	/*
 	 * Append the new failure record and close the log file.
 	 */
 	if (   (write (fd, (const void *) failent, sizeof *failent) != (ssize_t) sizeof *failent)
 	    || (close (fd) != 0)) {
 		SYSLOG ((LOG_WARN,
 		         "Can't append failure of user %s to %s.",
 		         username, ftmp));
 		(void) close (fd);
 	}
 }
@@ -13,11 +13,6 @@
 #include "defines.h"
 #include "faillog.h"
 #ifdef USE_UTMPX
 #include <utmpx.h>
 #else					/* !USE_UTMPX */
 #include <utmp.h>
 #endif					/* !USE_UTMPX */
 /*
 * failure - make failure entry
@@ -45,17 +40,5 @@ extern int failcheck (uid_t uid, struct faillog *fl, bool failed);
 */
 extern void failprint (const struct faillog *);
 /*
 * failtmp - update the cumulative failure log
 *
 *	failtmp updates the (struct utmp) formatted failure log which
 *	maintains a record of all login failures.
 */
 #ifdef USE_UTMPX
 extern void failtmp (const char *username, const struct utmpx *);
 #else				/* !USE_UTMPX */
 extern void failtmp (const char *username, const struct utmp *);
 #endif				/* !USE_UTMPX */
 #endif
@@ -21,9 +21,9 @@
 *
 * The supplied field is scanned for non-printable and other illegal
 * characters.
- *  + -1 is returned if an illegal character is present.
+ *  + -1 is returned if an illegal or control character is present.
- *  +  1 is returned if no illegal characters are present, but the field
+ *  +  1 is returned if no illegal or control characters are present,
- *       contains a non-printable character.
+ *       but the field contains a non-printable character.
 *  +  0 is returned otherwise.
 */
 int valid_field (const char *field, const char *illegal)
@@ -37,20 +37,19 @@ int valid_field (const char *field, const char *illegal)
 	/* For each character of field, search if it appears in the list
 	 * of illegal characters. */
-	for (cp = field; '\0' != *cp; cp++) {
+	if (illegal && NULL != strpbrk (field, illegal)) {
-		if (strchr (illegal, *cp) != NULL) {
+		return -1;
 			err = -1;
 			break;
 		}
 	}
-	if (0 == err) {
+	/* Search if there are non-printable or control characters */
-		/* Search if there are some non-printable characters */
+	for (cp = field; '\0' != *cp; cp++) {
-		for (cp = field; '\0' != *cp; cp++) {
+		unsigned char c = *cp;
-			if (!isprint (*cp)) {
+		if (!isprint (c)) {
-				err = 1;
+			err = 1;
-				break;
+		}
-			}
+		if (iscntrl (c)) {
 			err = -1;
 			break;
 		}
 	}
@@ -74,7 +73,7 @@ void change_field (char *buf, size_t maxsize, const char *prompt)
 	printf ("\t%s [%s]: ", prompt, buf);
 	(void) fflush (stdout);
-	if (fgets (newf, (int) maxsize, stdin) != newf) {
+	if (fgets (newf, maxsize, stdin) != newf) {
 		return;
 	}
@@ -91,17 +90,16 @@ void change_field (char *buf, size_t maxsize, const char *prompt)
 		 * entering a space.  --marekm
 		 */
-		while (--cp >= newf && isspace (*cp));
+		while (newf < cp && isspace (cp[-1])) {
-		cp++;
+			cp--;
 		}
 		*cp = '\0';
 		cp = newf;
-		while (('\0' != *cp) && isspace (*cp)) {
+		while (isspace (*cp)) {
 			cp++;
 		}
-		strncpy (buf, cp, maxsize - 1);
+		strcpy (buf, cp);
 		buf[maxsize - 1] = '\0';
 	}
 }
@@ -12,6 +12,7 @@
 #include <stdio.h>
 #include <errno.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "groupio.h"
 #include "getdef.h"
@@ -40,15 +41,14 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
 		*preferred_min = (gid_t) 1;
 		/* Get the minimum ID range from login.defs or default to 101 */
-		*min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
+		*min_id = getdef_ulong ("SYS_GID_MIN", 101UL);
 		/*
 		 * If SYS_GID_MAX is unspecified, we should assume it to be one
 		 * less than the GID_MIN (which is reserved for non-system accounts)
 		 */
-		gid_def_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
+		gid_def_max = getdef_ulong ("GID_MIN", 1000UL) - 1;
-		*max_id = (gid_t) getdef_ulong ("SYS_GID_MAX",
+		*max_id = getdef_ulong ("SYS_GID_MAX", gid_def_max);
 				(unsigned long) gid_def_max);
 		/* Check that the ranges make sense */
 		if (*max_id < *min_id) {
@@ -71,8 +71,8 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
 		/* Non-system groups */
 		/* Get the values from login.defs or use reasonable defaults */
-		*min_id = (gid_t) getdef_ulong ("GID_MIN", 1000UL);
+		*min_id = getdef_ulong ("GID_MIN", 1000UL);
-		*max_id = (gid_t) getdef_ulong ("GID_MAX", 60000UL);
+		*max_id = getdef_ulong ("GID_MAX", 60000UL);
 		/*
 		 * The preferred minimum should match the standard ID minimum
@@ -99,6 +99,7 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
 *
 * On success, return 0
 * If the ID is in use, return EEXIST
 * If the ID might clash with -1, return EINVAL
 * If the ID is outside the range, return ERANGE
 * In other cases, return errno from getgrgid()
 */
@@ -112,6 +113,11 @@ static int check_gid (const gid_t gid,
 		return ERANGE;
 	}
 	/* Check for compatibility with 16b and 32b gid_t error codes */
 	if (gid == UINT16_MAX || gid == UINT32_MAX) {
 		return EINVAL;
 	}
 	/*
 	 * Check whether we already detected this GID
 	 * using the gr_next() loop
@@ -183,10 +189,10 @@ int find_new_gid (bool sys_group,
 			 * gr_locate_gid() found the GID in an as-yet uncommitted
 			 * entry. We'll proceed below and auto-set a GID.
 			 */
-		} else if (result == EEXIST || result == ERANGE) {
+		} else if (result == EEXIST || result == ERANGE || result == EINVAL) {
 			/*
 			 * Continue on below. At this time, we won't
-			 * treat these two cases differently.
+			 * treat these three cases differently.
 			 */
 		} else {
 			/*
@@ -226,14 +232,13 @@ int find_new_gid (bool sys_group,
 	 */
 	/* Create an array to hold all of the discovered GIDs */
-	used_gids = malloc (sizeof (bool) * (gid_max +1));
+	used_gids = CALLOC (gid_max + 1, bool);
 	if (NULL == used_gids) {
 		fprintf (log_get_logfd(),
 			 _("%s: failed to allocate memory: %s\n"),
 			 log_get_progname(), strerror (errno));
 		return -1;
 	}
 	memset (used_gids, false, sizeof (bool) * (gid_max + 1));
 	/* First look for the lowest and highest value in the local database */
 	(void) gr_rewind ();
@@ -297,8 +302,11 @@ int find_new_gid (bool sys_group,
 				*gid = id;
 				free (used_gids);
 				return 0;
-			} else if (result == EEXIST) {
+			} else if (result == EEXIST || result == EINVAL) {
-				/* This GID is in use, we'll continue to the next */
+				/*
 				 * This GID is in use or unusable, we'll
 				 * continue to the next.
 				 */
 			} else {
 				/*
 				 * An unexpected error occurred.
@@ -340,8 +348,11 @@ int find_new_gid (bool sys_group,
 					*gid = id;
 					free (used_gids);
 					return 0;
-				} else if (result == EEXIST) {
+				} else if (result == EEXIST || result == EINVAL) {
-					/* This GID is in use, we'll continue to the next */
+					/*
 					 * This GID is in use or unusable, we'll
 					 * continue to the next.
 					 */
 				} else {
 					/*
 					 * An unexpected error occurred.
@@ -400,8 +411,11 @@ int find_new_gid (bool sys_group,
 				*gid = id;
 				free (used_gids);
 				return 0;
-			} else if (result == EEXIST) {
+			} else if (result == EEXIST || result == EINVAL) {
-				/* This GID is in use, we'll continue to the next */
+				/*
 				 * This GID is in use or unusable, we'll
 				 * continue to the next.
 				 */
 			} else {
 				/*
 				 * An unexpected error occurred.
@@ -443,8 +457,11 @@ int find_new_gid (bool sys_group,
 					*gid = id;
 					free (used_gids);
 					return 0;
-				} else if (result == EEXIST) {
+				} else if (result == EEXIST || result == EINVAL) {
-					/* This GID is in use, we'll continue to the next */
+					/*
 					 * This GID is in use or unusable, we'll
 					 * continue to the next.
 					 */
 				} else {
 					/*
 					 * An unexpected error occurred.
@@ -59,6 +59,6 @@ int find_new_sub_gids (gid_t *range_start, unsigned long *range_count)
 	return 0;
 }
 #else				/* !ENABLE_SUBIDS */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* !ENABLE_SUBIDS */
@@ -59,6 +59,6 @@ int find_new_sub_uids (uid_t *range_start, unsigned long *range_count)
 	return 0;
 }
 #else				/* !ENABLE_SUBIDS */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* !ENABLE_SUBIDS */
@@ -12,6 +12,7 @@
 #include <stdio.h>
 #include <errno.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "pwio.h"
 #include "getdef.h"
@@ -40,15 +41,14 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
 		*preferred_min = (uid_t) 1;
 		/* Get the minimum ID range from login.defs or default to 101 */
-		*min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
+		*min_id = getdef_ulong ("SYS_UID_MIN", 101UL);
 		/*
 		 * If SYS_UID_MAX is unspecified, we should assume it to be one
 		 * less than the UID_MIN (which is reserved for non-system accounts)
 		 */
-		uid_def_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
+		uid_def_max = getdef_ulong ("UID_MIN", 1000UL) - 1;
-		*max_id = (uid_t) getdef_ulong ("SYS_UID_MAX",
+		*max_id = getdef_ulong ("SYS_UID_MAX", uid_def_max);
 				(unsigned long) uid_def_max);
 		/* Check that the ranges make sense */
 		if (*max_id < *min_id) {
@@ -71,8 +71,8 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
 		/* Non-system users */
 		/* Get the values from login.defs or use reasonable defaults */
-		*min_id = (uid_t) getdef_ulong ("UID_MIN", 1000UL);
+		*min_id = getdef_ulong ("UID_MIN", 1000UL);
-		*max_id = (uid_t) getdef_ulong ("UID_MAX", 60000UL);
+		*max_id = getdef_ulong ("UID_MAX", 60000UL);
 		/*
 		 * The preferred minimum should match the standard ID minimum
@@ -99,6 +99,7 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
 *
 * On success, return 0
 * If the ID is in use, return EEXIST
 * If the ID might clash with -1, return EINVAL
 * If the ID is outside the range, return ERANGE
 * In other cases, return errno from getpwuid()
 */
@@ -112,6 +113,11 @@ static int check_uid(const uid_t uid,
 		return ERANGE;
 	}
 	/* Check for compatibility with 16b and 32b uid_t error codes */
 	if (uid == UINT16_MAX || uid == UINT32_MAX) {
 		return EINVAL;
 	}
 	/*
 	 * Check whether we already detected this UID
 	 * using the pw_next() loop
@@ -183,10 +189,10 @@ int find_new_uid(bool sys_user,
 			 * pw_locate_uid() found the UID in an as-yet uncommitted
 			 * entry. We'll proceed below and auto-set an UID.
 			 */
-		} else if (result == EEXIST || result == ERANGE) {
+		} else if (result == EEXIST || result == ERANGE || result == EINVAL) {
 			/*
 			 * Continue on below. At this time, we won't
-			 * treat these two cases differently.
+			 * treat these three cases differently.
 			 */
 		} else {
 			/*
@@ -226,7 +232,7 @@ int find_new_uid(bool sys_user,
 	 */
 	/* Create an array to hold all of the discovered UIDs */
-	used_uids = malloc (sizeof (bool) * (uid_max +1));
+	used_uids = MALLOC(uid_max + 1, bool);
 	if (NULL == used_uids) {
 		fprintf (log_get_logfd(),
 			 _("%s: failed to allocate memory: %s\n"),
@@ -297,8 +303,11 @@ int find_new_uid(bool sys_user,
 				*uid = id;
 				free (used_uids);
 				return 0;
-			} else if (result == EEXIST) {
+			} else if (result == EEXIST || result == EINVAL) {
-				/* This UID is in use, we'll continue to the next */
+				/*
 				 * This GID is in use or unusable, we'll
 				 * continue to the next.
 				 */
 			} else {
 				/*
 				 * An unexpected error occurred.
@@ -340,8 +349,11 @@ int find_new_uid(bool sys_user,
 					*uid = id;
 					free (used_uids);
 					return 0;
-				} else if (result == EEXIST) {
+				} else if (result == EEXIST || result == EINVAL) {
-					/* This UID is in use, we'll continue to the next */
+					/*
 					 * This GID is in use or unusable, we'll
 					 * continue to the next.
 					 */
 				} else {
 					/*
 					 * An unexpected error occurred.
@@ -400,8 +412,11 @@ int find_new_uid(bool sys_user,
 				*uid = id;
 				free (used_uids);
 				return 0;
-			} else if (result == EEXIST) {
+			} else if (result == EEXIST || result == EINVAL) {
-				/* This UID is in use, we'll continue to the next */
+				/*
 				 * This GID is in use or unusable, we'll
 				 * continue to the next.
 				 */
 			} else {
 				/*
 				 * An unexpected error occurred.
@@ -443,8 +458,11 @@ int find_new_uid(bool sys_user,
 					*uid = id;
 					free (used_uids);
 					return 0;
-				} else if (result == EEXIST) {
+				} else if (result == EEXIST || result == EINVAL) {
-					/* This UID is in use, we'll continue to the next */
+					/*
 					 * This GID is in use or unusable, we'll
 					 * continue to the next.
 					 */
 				} else {
 					/*
 					 * An unexpected error occurred.
@@ -0,0 +1,30 @@
 /*	$OpenBSD: malloc.c,v 1.267 2020/11/23 15:42:11 otto Exp $	*/
 /*
 * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek <otto@drijf.net>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */
 #include <stdlib.h>
 #include <string.h>
 void
 freezero(void *ptr, size_t sz)
 {
 	/* This is legal. */
 	if (ptr == NULL)
 		return;
 	explicit_bzero(ptr, sz);
 	free(ptr);
 }
@@ -0,0 +1,34 @@
 /*
 * Copyright © 2005 Aurelien Jarno
 * Copyright © 2006 Robert Millan
 * Copyright © 2008-2011 Guillem Jover <guillem@hadrons.org>
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. The name of the author may not be used to endorse or promote products
 *    derived from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
 * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
 * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
 * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 #ifndef LIBBSD_FREEZERO_H
 #define LIBBSD_FREEZERO_H
 void freezero(void *ptr, size_t size);
 #endif
@@ -25,7 +25,7 @@ int get_gid (const char *gidstr, gid_t *gid)
 		return 0;
 	}
-	*gid = (gid_t)val;
+	*gid = val;
 	return 1;
 }
@@ -10,6 +10,9 @@
 #include "prototypes.h"
 #include "defines.h"
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 int get_pid (const char *pidstr, pid_t *pid)
 {
@@ -21,11 +24,79 @@ int get_pid (const char *pidstr, pid_t *pid)
 	if (   ('\0' == *pidstr)
 	    || ('\0' != *endptr)
 	    || (ERANGE == errno)
 	    || (val < 1)
 	    || (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
 		return 0;
 	}
-	*pid = (pid_t)val;
+	*pid = val;
 	return 1;
 }
 /*
 * If use passed in fd:4 as an argument, then return the
 * value '4', the fd to use.
 * On error, return -1.
 */
 int get_pidfd_from_fd(const char *pidfdstr)
 {
 	long long int val;
 	char *endptr;
 	struct stat st;
 	dev_t proc_st_dev, proc_st_rdev;
 	errno = 0;
 	val = strtoll (pidfdstr, &endptr, 10);
 	if (   ('\0' == *pidfdstr)
 	    || ('\0' != *endptr)
 	    || (ERANGE == errno)
 	    || (val < 0)
 	    || (/*@+longintegral@*/val != (int)val)/*@=longintegral@*/) {
 		return -1;
 	}
 	if (stat("/proc/self/uid_map", &st) < 0) {
 		return -1;
 	}
 	proc_st_dev = st.st_dev;
 	proc_st_rdev = st.st_rdev;
 	if (fstat(val, &st) < 0) {
 		return -1;
 	}
 	if (st.st_dev != proc_st_dev || st.st_rdev != proc_st_rdev) {
 		return -1;
 	}
 	return (int)val;
 }
 int open_pidfd(const char *pidstr)
 {
 	int proc_dir_fd;
 	int written;
 	char proc_dir_name[32];
 	pid_t target;
 	if (get_pid(pidstr, &target) == 0)
 		return -ENOENT;
 	/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
 	written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
 		target);
 	if ((written <= 0) || ((size_t)written >= sizeof(proc_dir_name))) {
 		fprintf(stderr, "snprintf of proc path failed for %u: %s\n",
 			target, strerror(errno));
 		return -EINVAL;
 	}
 	proc_dir_fd = open(proc_dir_name, O_DIRECTORY);
 	if (proc_dir_fd < 0) {
 		fprintf(stderr, _("Could not open proc directory for target %u: %s\n"),
 			target, strerror(errno));
 		return -EINVAL;
 	}
 	return proc_dir_fd;
 }
@@ -25,7 +25,7 @@ int get_uid (const char *uidstr, uid_t *uid)
 		return 0;
 	}
-	*uid = (uid_t)val;
+	*uid = val;
 	return 1;
 }
@@ -12,9 +12,6 @@
 #ifdef HAVE_CONFIG_H
 # include <config.h>
 # ifdef FORCE_ALLOCA_H
 #  include <alloca.h>
 # endif
 #endif
 /* Since the code of getdate.y is not included in the Emacs executable
@@ -13,6 +13,7 @@
 #include "prototypes.h"
 #include "defines.h"
 #include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <ctype.h>
@@ -20,8 +21,11 @@
 #ifdef USE_ECONF
 #include <libeconf.h>
 #endif
 #include "alloc.h"
 #include "getdef.h"
 #include "shadowlog_internal.h"
 /*
 * A configuration item definition.
 */
@@ -132,10 +136,8 @@ static struct itemdef def_table[] = {
 #ifndef USE_PAM
 	PAMDEFS
 #endif
 #ifdef USE_SYSLOG
 	{"SYSLOG_SG_ENAB", NULL},
 	{"SYSLOG_SU_ENAB", NULL},
 #endif
 #ifdef WITH_TCB
 	{"TCB_AUTH_GROUP", NULL},
 	{"TCB_SYMLINKS", NULL},
@@ -193,7 +195,7 @@ static void def_load (void);
 	}
 	d = def_find (item);
-	return ((NULL == d)? (const char *) NULL : d->value);
+	return (NULL == d) ? NULL : d->value;
 }
@@ -251,7 +253,7 @@ int getdef_num (const char *item, int dflt)
 		return dflt;
 	}
-	return (int) val;
+	return val;
 }
@@ -286,7 +288,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
 		return dflt;
 	}
-	return (unsigned int) val;
+	return val;
 }
@@ -430,7 +432,7 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
 	SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
 out:
-	return (struct itemdef *) NULL;
+	return NULL;
 }
 /*
@@ -446,14 +448,14 @@ void setdef_config_file (const char* file)
 	char* cp;
 	len = strlen(file) + strlen(sysconfdir) + 2;
-	cp = malloc(len);
+	cp = MALLOC(len, char);
 	if (cp == NULL)
 		exit (13);
 	snprintf(cp, len, "%s/%s", file, sysconfdir);
 	sysconfdir = cp;
 #ifdef VENDORDIR
 	len = strlen(file) + strlen(vendordir) + 2;
-	cp = malloc(len);
+	cp = MALLOC(len, char);
 	if (cp == NULL)
 		exit (13);
 	snprintf(cp, len, "%s/%s", file, vendordir);
@@ -470,18 +472,13 @@ void setdef_config_file (const char* file)
 * Loads the user-configured options from the default configuration file
 */
 #ifdef USE_ECONF
 static void def_load (void)
 {
 #ifdef USE_ECONF
 	econf_file *defs_file = NULL;
 	econf_err error;
 	char **keys;
 	size_t key_number;
 #else
 	int i;
 	FILE *fp;
 	char buf[1024], *name, *value, *s;
 #endif
 	/*
 	 * Set the initialized flag.
@@ -489,8 +486,6 @@ static void def_load (void)
 	 */
 	def_loaded = true;
 #ifdef USE_ECONF
 	error = econf_readDirs (&defs_file, vendordir, sysconfdir, "login", "defs", " \t", "#");
 	if (error) {
 		if (error == ECONF_NOFILE)
@@ -510,7 +505,12 @@ static void def_load (void)
 	for (size_t i = 0; i < key_number; i++) {
 		char *value;
-		econf_getStringValue(defs_file, NULL, keys[i], &value);
+		error = econf_getStringValue(defs_file, NULL, keys[i], &value);
 		if (error) {
 			SYSLOG ((LOG_CRIT, "failed reading key %zu from econf [%s]",
 				i, econf_errString(error)));
 			exit (EXIT_FAILURE);
 		}
 		/*
 		 * Store the value in def_table.
@@ -520,11 +520,26 @@ static void def_load (void)
 		 * syslog. The tools will just use their default values.
 		 */
 		(void)putdef_str (keys[i], value);
 		free(value);
 	}
 	econf_free (keys);
 	econf_free (defs_file);
-#else
+}
 #else /* USE_ECONF */
 static void def_load (void)
 {
 	int i;
 	FILE *fp;
 	char buf[1024], *name, *value, *s;
 	/*
 	 * Set the initialized flag.
 	 * (do it early to prevent recursion in putdef_str())
 	 */
 	def_loaded = true;
 	/*
 	 * Open the configuration definitions file.
 	 */
@@ -542,12 +557,12 @@ static void def_load (void)
 	/*
 	 * Go through all of the lines in the file.
 	 */
-	while (fgets (buf, (int) sizeof (buf), fp) != NULL) {
+	while (fgets (buf, sizeof (buf), fp) != NULL) {
 		/*
 		 * Trim trailing whitespace.
 		 */
-		for (i = (int) strlen (buf) - 1; i >= 0; --i) {
+		for (i = (ptrdiff_t) strlen (buf) - 1; i >= 0; --i) {
 			if (!isspace (buf[i])) {
 				break;
 			}
@@ -588,8 +603,8 @@ static void def_load (void)
 	}
 	(void) fclose (fp);
 #endif
 }
 #endif /* USE_ECONF */
 #ifdef CKDEFS
@@ -36,7 +36,7 @@ extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *gr
 	    && ('\0' == *endptr)
 	    && (ERANGE != errno)
 	    && (/*@+longintegral@*/gid == (gid_t)gid)/*@=longintegral@*/) {
-		return xgetgrgid ((gid_t) gid);
+		return xgetgrgid (gid);
 	}
 	return xgetgrnam (grname);
 }
@@ -22,7 +22,7 @@
 * Epoch, 1970-01-01 00:00:00 +0000 (UTC), except that if the SOURCE_DATE_EPOCH
 * environment variable is exported it will use that instead.
 */
-/*@observer@*/time_t gettime ()
+/*@observer@*/time_t gettime (void)
 {
 	char *endptr;
 	char *source_date_epoch;
@@ -55,13 +55,13 @@
 		fprintf (shadow_logfd,
 			 _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"),
 			 ULONG_MAX, epoch);
-	} else if (epoch > fallback) {
+	} else if ((time_t)epoch > fallback) {
 		fprintf (shadow_logfd,
 			 _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"),
 			 fallback, epoch);
 	} else {
 		/* Valid */
-		return (time_t)epoch;
+		return epoch;
 	}
 	return fallback;
@@ -15,6 +15,7 @@
 #include <assert.h>
 #include <stdio.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "commonio.h"
@@ -50,7 +51,7 @@ static const char *group_getname (const void *ent)
 static void *group_parse (const char *line)
 {
-	return (void *) sgetgrent (line);
+	return sgetgrent (line);
 }
 static int group_put (const void *ent, FILE * file)
@@ -159,7 +160,7 @@ int gr_open (int mode)
 int gr_update (const struct group *gr)
 {
-	return commonio_update (&group_db, (const void *) gr);
+	return commonio_update (&group_db, gr);
 }
 int gr_remove (const char *name)
@@ -247,8 +248,8 @@ static int group_open_hook (void)
 	for (gr1 = group_db.head; NULL != gr1; gr1 = gr1->next) {
 		for (gr2 = gr1->next; NULL != gr2; gr2 = gr2->next) {
-			struct group *g1 = (struct group *)gr1->eptr;
+			struct group *g1 = gr1->eptr;
-			struct group *g2 = (struct group *)gr2->eptr;
+			struct group *g2 = gr2->eptr;
 			if (NULL != g1 &&
 			    NULL != g2 &&
 			    0 == strcmp (g1->gr_name, g2->gr_name) &&
@@ -302,8 +303,8 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 		return NULL;
 	}
-	gptr1 = (struct group *)gr1->eptr;
+	gptr1 = gr1->eptr;
-	gptr2 = (struct group *)gr2->eptr;
+	gptr2 = gr2->eptr;
 	if (NULL == gptr2 || NULL == gptr1) {
 		errno = EINVAL;
 		return NULL;
@@ -311,9 +312,8 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 	/* Concatenate the 2 lines */
 	new_line_len = strlen (gr1->line) + strlen (gr2->line) +1;
-	new_line = (char *)malloc (new_line_len + 1);
+	new_line = MALLOC(new_line_len + 1, char);
 	if (NULL == new_line) {
 		errno = ENOMEM;
 		return NULL;
 	}
 	snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
@@ -333,10 +333,9 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
 			members++;
 		}
 	}
-	new_members = (char **)calloc ( (members+1), sizeof(char*) );
+	new_members = CALLOC (members + 1, char *);
 	if (NULL == new_members) {
 		free (new_line);
 		errno = ENOMEM;
 		return NULL;
 	}
 	for (i=0; NULL != gptr1->gr_mem[i]; i++) {
@@ -377,7 +376,7 @@ static int split_groups (unsigned int max_members)
 	struct commonio_entry *gr;
 	for (gr = group_db.head; NULL != gr; gr = gr->next) {
-		struct group *gptr = (struct group *)gr->eptr;
+		struct group *gptr = gr->eptr;
 		struct commonio_entry *new;
 		struct group *new_gptr;
 		unsigned int members = 0;
@@ -395,9 +394,8 @@ static int split_groups (unsigned int max_members)
 			continue;
 		}
-		new = (struct commonio_entry *) malloc (sizeof *new);
+		new = MALLOC(1, struct commonio_entry);
 		if (NULL == new) {
 			errno = ENOMEM;
 			return 0;
 		}
 		new->eptr = group_dup(gr->eptr);
@@ -406,7 +404,7 @@ static int split_groups (unsigned int max_members)
 			errno = ENOMEM;
 			return 0;
 		}
-		new_gptr = (struct group *)new->eptr;
+		new_gptr = new->eptr;
 		new->line = NULL;
 		new->changed = true;
@@ -12,6 +12,7 @@
 #ident "$Id$"
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "groupio.h"
@@ -21,7 +22,7 @@
 	struct group *gr;
 	int i;
-	gr = (struct group *) malloc (sizeof *gr);
+	gr = MALLOC(1, struct group);
 	if (NULL == gr) {
 		return NULL;
 	}
@@ -46,7 +47,7 @@
 	for (i = 0; grent->gr_mem[i]; i++);
 	/*@-mustfreeonly@*/
-	gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
+	gr->gr_mem = MALLOC(i + 1, char *);
 	/*@=mustfreeonly@*/
 	if (NULL == gr->gr_mem) {
 		gr_free(gr);
@@ -86,33 +87,3 @@ void gr_free (/*@out@*/ /*@only@*/struct group *grent)
 	gr_free_members(grent);
 	free (grent);
 }
 bool gr_append_member(struct group *grp, char *member)
 {
 	int i;
 	if (NULL == grp->gr_mem || grp->gr_mem[0] == NULL) {
 		grp->gr_mem = (char **)malloc(2 * sizeof(char *));
 		if (!grp->gr_mem) {
 			return false;
 		}
 		grp->gr_mem[0] = strdup(member);
 		if (!grp->gr_mem[0]) {
 			return false;
 		}
 		grp->gr_mem[1] = NULL;
 		return true;
 	}
 	for (i = 0; grp->gr_mem[i]; i++) ;
 	grp->gr_mem = realloc(grp->gr_mem, (i + 2) * sizeof(char *));
 	if (NULL == grp->gr_mem) {
 		return false;
 	}
 	grp->gr_mem[i] = strdup(member);
 	if (NULL == grp->gr_mem[i]) {
 		return false;
 	}
 	grp->gr_mem[i + 1] = NULL;
 	return true;
 }
@@ -15,8 +15,12 @@
 #ident "$Id$"
 #include <stdio.h>
 #include <string.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 static /*@null@*/FILE *shadow;
 static /*@null@*//*@only@*/char **members = NULL;
 static size_t nmembers = 0;
@@ -62,7 +66,7 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
 	while (s != NULL && *s != '\0') {
 		size = (nelem + 1) * sizeof (ptr);
-		ptr = realloc (*list, size);
+		ptr = REALLOC(*list, size, char *);
 		if (NULL != ptr) {
 			ptr[nelem] = s;
 			nelem++;
@@ -76,7 +80,7 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
 		}
 	}
 	size = (nelem + 1) * sizeof (ptr);
-	ptr = realloc (*list, size);
+	ptr = REALLOC(*list, size, char *);
 	if (NULL != ptr) {
 		ptr[nelem] = NULL;
 		*list = ptr;
@@ -102,7 +106,7 @@ void endsgent (void)
 		(void) fclose (shadow);
 	}
-	shadow = (FILE *) 0;
+	shadow = NULL;
 }
 /*@observer@*//*@null@*/struct sgrp *sgetsgent (const char *string)
@@ -116,7 +120,7 @@ void endsgent (void)
 	size_t len = strlen (string) + 1;
 	if (len > sgrbuflen) {
-		char *buf = (char *) realloc (sgrbuf, sizeof (char) * len);
+		char *buf = REALLOC(sgrbuf, len, char);
 		if (NULL == buf) {
 			return NULL;
 		}
@@ -124,8 +128,7 @@ void endsgent (void)
 		sgrbuflen = len;
 	}
-	strncpy (sgrbuf, string, len);
+	strcpy (sgrbuf, string);
 	sgrbuf[len-1] = '\0';
 	cp = strrchr (sgrbuf, '\n');
 	if (NULL != cp) {
@@ -195,7 +198,7 @@ void endsgent (void)
 	char *cp;
 	if (0 == buflen) {
-		buf = (char *) malloc (BUFSIZ);
+		buf = MALLOC(BUFSIZ, char);
 		if (NULL == buf) {
 			return NULL;
 		}
@@ -207,16 +210,16 @@ void endsgent (void)
 	}
 #ifdef	USE_NIS
-	while (fgetsx (buf, (int) buflen, fp) == buf)
+	while (fgetsx (buf, buflen, fp) == buf)
 #else
-	if (fgetsx (buf, (int) buflen, fp) == buf)
+	if (fgetsx (buf, buflen, fp) == buf)
 #endif
 	{
 		while (   ((cp = strrchr (buf, '\n')) == NULL)
 		       && (feof (fp) == 0)) {
 			size_t len;
-			cp = (char *) realloc (buf, buflen*2);
+			cp = REALLOC(buf, buflen * 2, char);
 			if (NULL == cp) {
 				return NULL;
 			}
@@ -399,7 +402,7 @@ void endsgent (void)
 		nis_disabled = true;
 	}
 #endif
-	while ((sgrp = getsgent ()) != (struct sgrp *) 0) {
+	while ((sgrp = getsgent ()) != NULL) {
 		if (strcmp (name, sgrp->sg_name) == 0) {
 			break;
 		}
@@ -437,7 +440,7 @@ int putsgent (const struct sgrp *sgrp, FILE * fp)
 		size += strlen (sgrp->sg_mem[i]) + 1;
 	}
-	buf = malloc (size);
+	buf = MALLOC(size, char);
 	if (NULL == buf) {
 		return -1;
 	}
@@ -502,5 +505,5 @@ int putsgent (const struct sgrp *sgrp, FILE * fp)
 	return 0;
 }
 #else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/*} SHADOWGRP */
@@ -66,7 +66,7 @@ bool hushed (const char *username)
 	if (NULL == fp) {
 		return false;
 	}
-	for (found = false; !found && (fgets (buf, (int) sizeof buf, fp) == buf);) {
+	for (found = false; !found && (fgets (buf, sizeof buf, fp) == buf);) {
 		buf[strcspn (buf, "\n")] = '\0';
 		found = (strcmp (buf, pw->pw_shell) == 0) ||
 		        (strcmp (buf, pw->pw_name) == 0);
@@ -11,7 +11,10 @@
 #include <limits.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "stpeprintf.h"
 #include "idmapping.h"
 #if HAVE_SYS_CAPABILITY_H
 #include <sys/prctl.h>
@@ -43,7 +46,7 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
 		return NULL;
 	}
-	mappings = calloc(ranges, sizeof(*mappings));
+	mappings = CALLOC(ranges, struct map_range);
 	if (!mappings) {
 		fprintf(log_get_logfd(), _( "%s: Memory allocation failure\n"),
 			log_get_progname());
@@ -99,7 +102,7 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
 *  8bytes --> 21 ascii estimated -> 18446744073709551616 (20 real)
 * 16bytes --> 39 ascii estimated -> 340282366920938463463374607431768211456 (39 real)
 */
-#define ULONG_DIGITS ((((sizeof(unsigned long) * CHAR_BIT) + 9)/10)*3)
+#define ULONG_DIGITS (((WIDTHOF(unsigned long) + 9)/10)*3)
 #if HAVE_SYS_CAPABILITY_H
 static inline bool maps_lower_root(int cap, int ranges, const struct map_range *mappings)
@@ -141,7 +144,7 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings
 	int idx;
 	const struct map_range *mapping;
 	size_t bufsize;
-	char *buf, *pos;
+	char *buf, *pos, *end;
 	int fd;
 #if HAVE_SYS_CAPABILITY_H
@@ -188,22 +191,21 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings
 #endif
 	bufsize = ranges * ((ULONG_DIGITS + 1) * 3);
-	pos = buf = xmalloc(bufsize);
+	pos = buf = XMALLOC(bufsize, char);
 	end = buf + bufsize;
 	/* Build the mapping command */
 	mapping = mappings;
 	for (idx = 0; idx < ranges; idx++, mapping++) {
 		/* Append this range to the string that will be written */
-		int written = snprintf(pos, bufsize - (pos - buf),
+		pos = stpeprintf(pos, end, "%lu %lu %lu\n",
-			"%lu %lu %lu\n",
+		                 mapping->upper,
-			mapping->upper,
+		                 mapping->lower,
-			mapping->lower,
+		                 mapping->count);
-			mapping->count);
+	}
-		if ((written <= 0) || (written >= (bufsize - (pos - buf)))) {
+	if (pos == end || pos == NULL) {
-			fprintf(log_get_logfd(), _("%s: snprintf failed!\n"), log_get_progname());
+		fprintf(log_get_logfd(), _("%s: stpeprintf failed!\n"), log_get_progname());
-			exit(EXIT_FAILURE);
+		exit(EXIT_FAILURE);
 		}
 		pos += written;
 	}
 	/* Write the mapping to the mapping file */
@@ -213,7 +215,7 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings
 			log_get_progname(), map_file, strerror(errno));
 		exit(EXIT_FAILURE);
 	}
-	if (write(fd, buf, pos - buf) != (pos - buf)) {
+	if (write_full(fd, buf, pos - buf) != (pos - buf)) {
 		fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
 			log_get_progname(), map_file, strerror(errno));
 		exit(EXIT_FAILURE);
@@ -40,7 +40,7 @@ int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
 {
 	long now;
-	now = (long) time ((time_t *) 0) / SCALE;
+	now = time(NULL) / SCALE;
 	if (NULL == sp) {
 		return 0;
@@ -28,11 +28,7 @@
 #include <pwd.h>
 #include "getdef.h"
 #include "shadowlog.h"
 #ifdef HAVE_SYS_RESOURCE_H
 #include <sys/resource.h>
 #define LIMITS
 #endif
 #ifdef LIMITS
 #ifndef LIMITS_FILE
 #define LIMITS_FILE "/etc/limits"
 #endif
@@ -72,7 +68,7 @@ static int setrlimit_value (unsigned int resource,
 			return 0;
 		}
 		longlimit *= multiplier;
-		limit = (rlim_t)longlimit;
+		limit = longlimit;
 		if (longlimit != limit)
 		{
 			/* FIXME: Again, silent error handling...
@@ -99,7 +95,7 @@ static int set_prio (const char *value)
 	    || (prio != (int) prio)) {
 		return 0;
 	}
-	if (setpriority (PRIO_PROCESS, 0, (int) prio) != 0) {
+	if (setpriority (PRIO_PROCESS, 0, prio) != 0) {
 		return LOGIN_ERROR_RLIMIT;
 	}
 	return 0;
@@ -115,7 +111,7 @@ static int set_umask (const char *value)
 		return 0;
 	}
-	(void) umask ((mode_t) mask);
+	(void) umask (mask);
 	return 0;
 }
@@ -123,11 +119,6 @@ static int set_umask (const char *value)
 /* Counts the number of user logins and check against the limit */
 static int check_logins (const char *name, const char *maxlogins)
 {
 #ifdef USE_UTMPX
 	struct utmpx *ut;
 #else				/* !USE_UTMPX */
 	struct utmp *ut;
 #endif				/* !USE_UTMPX */
 	unsigned long limit, count;
 	if (getulong (maxlogins, &limit) == 0) {
@@ -139,38 +130,8 @@ static int check_logins (const char *name, const char *maxlogins)
 		return LOGIN_ERROR_LOGIN;
 	}
-	count = 0;
+	count = active_sessions_count(name, limit);
-#ifdef USE_UTMPX
+
 	setutxent ();
 	while ((ut = getutxent ()))
 #else				/* !USE_UTMPX */
 	setutent ();
 	while ((ut = getutent ()))
 #endif				/* !USE_UTMPX */
 	{
 		if (USER_PROCESS != ut->ut_type) {
 			continue;
 		}
 		if ('\0' == ut->ut_user[0]) {
 			continue;
 		}
 		if (strncmp (name, ut->ut_user, sizeof (ut->ut_user)) != 0) {
 			continue;
 		}
 		count++;
 		if (count > limit) {
 			break;
 		}
 	}
 #ifdef USE_UTMPX
 	endutxent ();
 #else				/* !USE_UTMPX */
 	endutent ();
 #endif				/* !USE_UTMPX */
 	/*
 	 * This is called after setutmp(), so the number of logins counted
 	 * includes the user who is currently trying to log in.
 	 */
 	if (count > limit) {
 		SYSLOG ((LOG_WARN,
 		         "Too many logins (max %lu) for %s\n",
@@ -243,34 +204,26 @@ static int do_user_limits (const char *buf, const char *name)
 	while ('\0' != *pp) {
 		switch (*pp++) {
 #ifdef RLIMIT_AS
 		case 'a':
 		case 'A':
 			/* RLIMIT_AS - max address space (KB) */
 			retval |= setrlimit_value (RLIMIT_AS, pp, 1024);
 			break;
 #endif
 #ifdef RLIMIT_CORE
 		case 'c':
 		case 'C':
 			/* RLIMIT_CORE - max core file size (KB) */
 			retval |= setrlimit_value (RLIMIT_CORE, pp, 1024);
 			break;
 #endif
 #ifdef RLIMIT_DATA
 		case 'd':
 		case 'D':
 			/* RLIMIT_DATA - max data size (KB) */
 			retval |= setrlimit_value (RLIMIT_DATA, pp, 1024);
 			break;
 #endif
 #ifdef RLIMIT_FSIZE
 		case 'f':
 		case 'F':
 			/* RLIMIT_FSIZE - Maximum filesize (KB) */
 			retval |= setrlimit_value (RLIMIT_FSIZE, pp, 1024);
 			break;
 #endif
 #ifdef RLIMIT_NICE
 		case 'i':
 		case 'I':
@@ -294,13 +247,11 @@ static int do_user_limits (const char *buf, const char *name)
 			retval |= setrlimit_value (RLIMIT_MEMLOCK, pp, 1024);
 			break;
 #endif
 #ifdef RLIMIT_NOFILE
 		case 'n':
 		case 'N':
 			/* RLIMIT_NOFILE - max number of open files */
 			retval |= setrlimit_value (RLIMIT_NOFILE, pp, 1);
 			break;
 #endif
 #ifdef RLIMIT_RTPRIO
 		case 'o':
 		case 'O':
@@ -319,20 +270,16 @@ static int do_user_limits (const char *buf, const char *name)
 			retval |= setrlimit_value (RLIMIT_RSS, pp, 1024);
 			break;
 #endif
 #ifdef RLIMIT_STACK
 		case 's':
 		case 'S':
 			/* RLIMIT_STACK - max stack size (KB) */
 			retval |= setrlimit_value (RLIMIT_STACK, pp, 1024);
 			break;
 #endif
 #ifdef RLIMIT_CPU
 		case 't':
 		case 'T':
 			/* RLIMIT_CPU - max CPU time (MIN) */
 			retval |= setrlimit_value (RLIMIT_CPU, pp, 60);
 			break;
 #endif
 #ifdef RLIMIT_NPROC
 		case 'u':
 		case 'U':
@@ -479,7 +426,6 @@ static int setup_user_limits (const char *uname)
 	}
 	return do_user_limits (limits, uname);
 }
 #endif				/* LIMITS */
 static void setup_usergroups (const struct passwd *info)
@@ -523,7 +469,6 @@ void setup_limits (const struct passwd *info)
 	 */
 	if (getdef_bool ("QUOTAS_ENAB")) {
 #ifdef LIMITS
 		if (info->pw_uid != 0) {
 			if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) {
 				(void) fputs (_("Too many logins.\n"), log_get_logfd());
@@ -531,7 +476,6 @@ void setup_limits (const struct passwd *info)
 				exit (EXIT_FAILURE);
 			}
 		}
 #endif
 		for (cp = info->pw_gecos; cp != NULL; cp = strchr (cp, ',')) {
 			if (',' == *cp) {
 				cp++;
@@ -542,7 +486,7 @@ void setup_limits (const struct passwd *info)
 				if (   (getlong (cp + 4, &inc) == 1)
 				    && (inc >= -20) && (inc <= 20)) {
 					errno = 0;
-					if (   (nice ((int) inc) != -1)
+					if (   (nice (inc) != -1)
 					    || (0 != errno)) {
 						continue;
 					}
@@ -559,7 +503,7 @@ void setup_limits (const struct passwd *info)
 				long int blocks;
 				if (   (getlong (cp + 7, &blocks) == 0)
 				    || (blocks != (int) blocks)
-				    || (set_filesize_limit ((int) blocks) != 0)) {
+				    || (set_filesize_limit (blocks) != 0)) {
 					SYSLOG ((LOG_WARN,
 					         "Can't set the ulimit for user %s",
 					         info->pw_name));
@@ -574,7 +518,7 @@ void setup_limits (const struct passwd *info)
 					         "Can't set umask value for user %s",
 					         info->pw_name));
 				} else {
-					(void) umask ((mode_t) mask);
+					(void) umask (mask);
 				}
 				continue;
@@ -584,6 +528,6 @@ void setup_limits (const struct passwd *info)
 }
 #else				/* !USE_PAM */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* !USE_PAM */
@@ -11,6 +11,8 @@
 #ident "$Id$"
 #include <assert.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 /*
@@ -33,7 +35,7 @@
 	 * pointer if it is present.
 	 */
-	for (i = 0; list[i] != (char *) 0; i++) {
+	for (i = 0; list[i] != NULL; i++) {
 		if (strcmp (list[i], member) == 0) {
 			return list;
 		}
@@ -44,7 +46,7 @@
 	 * old entries, and the new entries as well.
 	 */
-	tmp = (char **) xmalloc ((i + 2) * sizeof member);
+	tmp = XMALLOC(i + 2, char *);
 	/*
 	 * Copy the original list to the new list, then append the
@@ -52,12 +54,12 @@
 	 * is returned to the invoker.
 	 */
-	for (i = 0; list[i] != (char *) 0; i++) {
+	for (i = 0; list[i] != NULL; i++) {
 		tmp[i] = list[i];
 	}
 	tmp[i] = xstrdup (member);
-	tmp[i+1] = (char *) 0;
+	tmp[i+1] = NULL;
 	return tmp;
 }
@@ -83,7 +85,7 @@
 	 * pointer if it is not present.
 	 */
-	for (i = j = 0; list[i] != (char *) 0; i++) {
+	for (i = j = 0; list[i] != NULL; i++) {
 		if (strcmp (list[i], member) != 0) {
 			j++;
 		}
@@ -98,7 +100,7 @@
 	 * old entries.
 	 */
-	tmp = (char **) xmalloc ((j + 1) * sizeof member);
+	tmp = XMALLOC(j + 1, char *);
 	/*
 	 * Copy the original list except the deleted members to the
@@ -106,14 +108,14 @@
 	 * is returned to the invoker.
 	 */
-	for (i = j = 0; list[i] != (char *) 0; i++) {
+	for (i = j = 0; list[i] != NULL; i++) {
 		if (strcmp (list[i], member) != 0) {
 			tmp[j] = list[i];
 			j++;
 		}
 	}
-	tmp[j] = (char *) 0;
+	tmp[j] = NULL;
 	return tmp;
 }
@@ -133,7 +135,7 @@
 	for (i = 0; NULL != list[i]; i++);
-	tmp = (char **) xmalloc ((i + 1) * sizeof (char *));
+	tmp = XMALLOC(i + 1, char *);
 	i = 0;
 	while (NULL != *list) {
@@ -142,7 +144,7 @@
 		list++;
 	}
-	tmp[i] = (char *) 0;
+	tmp[i] = NULL;
 	return tmp;
 }
@@ -210,14 +212,14 @@ bool is_on_list (char *const *list, const char *member)
 	 * Allocate the array we're going to store the pointers into.
 	 */
-	array = (char **) xmalloc (sizeof (char *) * i);
+	array = XMALLOC(i, char *);
 	/*
 	 * Empty list is special - 0 members, not 1 empty member.  --marekm
 	 */
 	if ('\0' == *members) {
-		*array = (char *) 0;
+		*array = NULL;
 		free (members);
 		return array;
 	}
@@ -235,7 +237,7 @@ bool is_on_list (char *const *list, const char *member)
 			cp2++;
 			cp = cp2;
 		} else {
-			array[i + 1] = (char *) 0;
+			array[i + 1] = NULL;
 			break;
 		}
 	}
@@ -81,5 +81,5 @@ int ulckpwdf (void)
 	return (pw_unlock () && spw_unlock ())? 0 : -1;
 }
 #else
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif
@@ -67,7 +67,7 @@ void dolastlog (
 	 * the way we read the old one in.
 	 */
-	if (read (fd, (void *) &newlog, sizeof newlog) != (ssize_t) sizeof newlog) {
+	if (read (fd, &newlog, sizeof newlog) != (ssize_t) sizeof newlog) {
 		memzero (&newlog, sizeof newlog);
 	}
 	if (NULL != ll) {
@@ -82,7 +82,7 @@ void dolastlog (
 	strncpy (newlog.ll_host, host, sizeof (newlog.ll_host) - 1);
 #endif
 	if (   (lseek (fd, offset, SEEK_SET) != offset)
-	    || (write (fd, (const void *) &newlog, sizeof newlog) != (ssize_t) sizeof newlog)
+	    || (write_full (fd, &newlog, sizeof newlog) != (ssize_t) sizeof newlog)
 	    || (close (fd) != 0)) {
 		SYSLOG ((LOG_WARN,
 		         "Can't write lastlog entry for UID %lu in %s.",
@@ -0,0 +1,51 @@
 /*
 * SPDX-FileCopyrightText:  2023, Iker Pedrosa <ipedrosa@redhat.com>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #include <config.h>
 #ident "$Id$"
 #include "defines.h"
 #include "prototypes.h"
 #include <systemd/sd-login.h>
 int get_session_host (char **out)
 {
    char *host = NULL;
    char *session = NULL;
    int ret;
    ret = sd_pid_get_session (getpid(), &session);
    if (ret < 0) {
        return ret;
    }
    ret = sd_session_get_remote_host (session, &host);
    if (ret < 0) {
        goto done;
    }
    *out = host;
 done:
    free (session);
    return ret;
 }
 unsigned long active_sessions_count(const char *name, unsigned long unused)
 {
    struct passwd *pw;
    unsigned long count = 0;
    pw = prefix_getpwnam(name);
    if (pw == NULL) {
        return 0;
    }
    count = sd_uid_get_sessions(pw->pw_uid, 0, NULL);
    return count;
 }
@@ -14,14 +14,15 @@
 #include <assert.h>
 #include <stdio.h>
 #include <signal.h>
-#include <ctype.h>
+
 #include "alloc.h"
 #include "prototypes.h"
 #include "defines.h"
 #include "getdef.h"
 static void login_exit (unused int sig)
 {
-	exit (EXIT_FAILURE);
+	_exit (EXIT_FAILURE);
 }
 /*
@@ -31,7 +32,7 @@ static void login_exit (unused int sig)
 * is set in login.defs, this file is displayed before the prompt.
 */
-void login_prompt (const char *prompt, char *name, int namesize)
+void login_prompt (char *name, int namesize)
 {
 	char buf[1024];
@@ -40,45 +41,38 @@ void login_prompt (const char *prompt, char *name, int namesize)
 	char *cp;
 	int i;
 	FILE *fp;
 	const char *fname = getdef_str ("ISSUE_FILE");
 	sighandler_t sigquit;
 #ifdef	SIGTSTP
 	sighandler_t sigtstp;
 #endif
 	/*
 	 * There is a small chance that a QUIT character will be part of
 	 * some random noise during a prompt.  Deal with this by exiting
-	 * instead of core dumping.  If SIGTSTP is defined, do the same
+	 * instead of core dumping.  Do the same thing for SIGTSTP.
 	 * thing for that signal.
 	 */
 	sigquit = signal (SIGQUIT, login_exit);
 #ifdef	SIGTSTP
 	sigtstp = signal (SIGTSTP, login_exit);
 #endif
 	/*
 	 * See if the user has configured the issue file to
 	 * be displayed and display it before the prompt.
 	 */
-	if (NULL != prompt) {
+	if (NULL != fname) {
-		const char *fname = getdef_str ("ISSUE_FILE");
+		fp = fopen (fname, "r");
-		if (NULL != fname) {
+		if (NULL != fp) {
-			fp = fopen (fname, "r");
+			while ((i = getc (fp)) != EOF) {
-			if (NULL != fp) {
+				(void) putc (i, stdout);
 				while ((i = getc (fp)) != EOF) {
 					(void) putc (i, stdout);
 				}
 				(void) fclose (fp);
 			}
 			(void) fclose (fp);
 		}
 		(void) gethostname (buf, sizeof buf);
 		printf (prompt, buf);
 		(void) fflush (stdout);
 	}
 	(void) gethostname (buf, sizeof buf);
 	printf (_("\n%s login: "), buf);
 	(void) fflush (stdout);
 	/*
 	 * Read the user's response.  The trailing newline will be
@@ -86,7 +80,7 @@ void login_prompt (const char *prompt, char *name, int namesize)
 	 */
 	memzero (buf, sizeof buf);
-	if (fgets (buf, (int) sizeof buf, stdin) != buf) {
+	if (fgets (buf, sizeof buf, stdin) != buf) {
 		exit (EXIT_FAILURE);
 	}
@@ -98,58 +92,20 @@ void login_prompt (const char *prompt, char *name, int namesize)
 	/*
 	 * Skip leading whitespace.  This makes "  username" work right.
-	 * Then copy the rest (up to the end or the first "non-graphic"
+	 * Then copy the rest (up to the end) into the username.
 	 * character into the username.
 	 */
 	for (cp = buf; *cp == ' ' || *cp == '\t'; cp++);
-	for (i = 0; i < namesize - 1 && isgraph (*cp); name[i++] = *cp++);
+	for (i = 0; i < namesize - 1 && *cp != '\0'; name[i++] = *cp++);
 	while (isgraph (*cp)) {
 		cp++;
 	}
 	if ('\0' != *cp) {
 		cp++;
 	}
 	name[i] = '\0';
 	/*
 	 * This is a disaster, at best.  The user may have entered extra
 	 * environmental variables at the prompt.  There are several ways
 	 * to do this, and I just take the easy way out.
 	 */
 	if ('\0' != *cp) {	/* process new variables */
 		char *nvar;
 		int count = 1;
 		int envc;
 		for (envc = 0; envc < MAX_ENV; envc++) {
 			nvar = strtok ((0 != envc) ? (char *) 0 : cp, " \t,");
 			if (NULL == nvar) {
 				break;
 			}
 			if (strchr (nvar, '=') != NULL) {
 				envp[envc] = nvar;
 			} else {
 				size_t len = strlen (nvar) + 32;
 				envp[envc] = xmalloc (len);
 				(void) snprintf (envp[envc], len,
 				                 "L%d=%s", count++, nvar);
 			}
 		}
 		set_env (envc, envp);
 	}
 	/*
 	 * Set the SIGQUIT handler back to its original value
 	 */
 	(void) signal (SIGQUIT, sigquit);
 #ifdef	SIGTSTP
 	(void) signal (SIGTSTP, sigtstp);
 #endif
 }
@@ -15,6 +15,7 @@
 #include <stdio.h>
 #include <string.h>
 #include "alloc.h"
 #include "getdef.h"
 #ident "$Id$"
@@ -38,7 +39,7 @@ void mailcheck (void)
 		size_t len = strlen (mailbox) + 5;
 		int wlen;
-		newmail = xmalloc (len);
+		newmail = XMALLOC(len, char);
 		wlen = snprintf (newmail, len, "%s/new", mailbox);
 		assert (wlen == (int) len - 1);
@@ -0,0 +1,23 @@
 /*
 * SPDX-FileCopyrightText:  2023, Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #include <config.h>
 #if !defined(HAVE_MEMPCPY)
 #ident "$Id$"
 #include "mempcpy.h"
 #include <stddef.h>
 extern inline void *mempcpy(void *restrict dst, const void *restrict src,
    size_t n);
 #endif
@@ -0,0 +1,31 @@
 /*
 * SPDX-FileCopyrightText:  2023, Alejandro Colomar <alx@kernel.org>
 *
 * SPDX-License-Identifier:  BSD-3-Clause
 */
 #ifndef SHADOW_INCLUDE_LIB_MEMPCPY_H_
 #define SHADOW_INCLUDE_LIB_MEMPCPY_H_
 #include <config.h>
 #if !defined(HAVE_MEMPCPY)
 #include <stddef.h>
 #include <string.h>
 inline void *mempcpy(void *restrict dst, const void *restrict src, size_t n);
 inline void *
 mempcpy(void *restrict dst, const void *restrict src, size_t n)
 {
 	return memcpy(dst, src, n) + n;
 }
 #endif  // !HAVE_MEMPCPY
 #endif  // include guard
@@ -12,9 +12,11 @@
 #ident "$Id$"
 #include <stdio.h>
-#include "prototypes.h"
+
 #include "alloc.h"
 #include "defines.h"
 #include "getdef.h"
 #include "prototypes.h"
 /*
 * motd -- output the /etc/motd file
 *
@@ -53,6 +53,6 @@ int nscd_flush_cache (const char *service)
 	return 0;
 }
 #else				/* USE_NSCD */
-extern int errno;		/* warning: ANSI C forbids an empty source file */
+extern int ISO_C_forbids_an_empty_translation_unit;
 #endif				/* USE_NSCD */
@@ -6,6 +6,8 @@
 #include <strings.h>
 #include <ctype.h>
 #include <stdatomic.h>
 #include "alloc.h"
 #include "prototypes.h"
 #include "../libsubid/subid.h"
 #include "shadowlog_internal.h"
@@ -44,6 +46,8 @@ void nss_init(const char *nsswitch_path) {
 	char *line = NULL, *p, *token, *saveptr;
 	size_t len = 0;
 	FILE *shadow_logfd = log_get_logfd();
 	char libname[65];
 	void *h;
 	if (atomic_flag_test_and_set(&nss_init_started)) {
 		// Another thread has started nss_init, wait for it to complete
@@ -59,82 +63,78 @@ void nss_init(const char *nsswitch_path) {
 	//   subid:	files
 	nssfp = fopen(nsswitch_path, "r");
 	if (!nssfp) {
 		if (errno != ENOENT)
 			fprintf(shadow_logfd, "Failed opening %s: %m\n", nsswitch_path);
 		atomic_store(&nss_init_completed, true);
 		return;
 	}
-	while ((getline(&line, &len, nssfp)) != -1) {
+	p = NULL;
-		if (line[0] == '\0' || line[0] == '#')
+	while (getline(&line, &len, nssfp) != -1) {
 		if (line[0] == '#')
 			continue;
 		if (strlen(line) < 8)
 			continue;
 		if (strncasecmp(line, "subid:", 6) != 0)
 			continue;
 		p = &line[6];
-		while ((*p) && isspace(*p))
+		while (isspace(*p))
 			p++;
-		if (!*p)
+		if (*p != '\0')
-			continue;
+			break;
-		for (token = strtok_r(p, " \n\t", &saveptr);
+		p = NULL;
-		     token;
+	}
-		     token = strtok_r(NULL, " \n\t", &saveptr)) {
+	if (p == NULL) {
-			char libname[65];
+		goto null_subid;
-			void *h;
+	}
-			if (strcmp(token, "files") == 0) {
+	token = strtok_r(p, " \n\t", &saveptr);
-				subid_nss = NULL;
+	if (token == NULL) {
 				goto done;
 			}
 			if (strlen(token) > 50) {
 				fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
 				fprintf(shadow_logfd, "Using files\n");
 				subid_nss = NULL;
 				goto done;
 			}
 			snprintf(libname, 64,  "libsubid_%s.so", token);
 			h = dlopen(libname, RTLD_LAZY);
 			if (!h) {
 				fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
 				fprintf(shadow_logfd, "Using files\n");
 				subid_nss = NULL;
 				goto done;
 			}
 			subid_nss = malloc(sizeof(*subid_nss));
 			if (!subid_nss) {
 				dlclose(h);
 				goto done;
 			}
 			subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
 			if (!subid_nss->has_range) {
 				fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
 				dlclose(h);
 				free(subid_nss);
 				subid_nss = NULL;
 				goto done;
 			}
 			subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
 			if (!subid_nss->list_owner_ranges) {
 				fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
 				dlclose(h);
 				free(subid_nss);
 				subid_nss = NULL;
 				goto done;
 			}
 			subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
 			if (!subid_nss->find_subid_owners) {
 				fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
 				dlclose(h);
 				free(subid_nss);
 				subid_nss = NULL;
 				goto done;
 			}
 			subid_nss->handle = h;
 			goto done;
 		}
 		fprintf(shadow_logfd, "No usable subid NSS module found, using files\n");
 		// subid_nss has to be null here, but to ease reviews:
-		free(subid_nss);
+		goto null_subid;
 		subid_nss = NULL;
 		goto done;
 	}
 	if (strcmp(token, "files") == 0) {
 		goto null_subid;
 	}
 	if (strlen(token) > 50) {
 		fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
 		fprintf(shadow_logfd, "Using files\n");
 		goto null_subid;
 	}
 	snprintf(libname, 64,  "libsubid_%s.so", token);
 	h = dlopen(libname, RTLD_LAZY);
 	if (!h) {
 		fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
 		fprintf(shadow_logfd, "Using files\n");
 		goto null_subid;
 	}
 	subid_nss = MALLOC(1, struct subid_nss_ops);
 	if (!subid_nss) {
 		goto close_lib;
 	}
 	subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
 	if (!subid_nss->has_range) {
 		fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
 		goto close_lib;
 	}
 	subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
 	if (!subid_nss->list_owner_ranges) {
 		fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
 		goto close_lib;
 	}
 	subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
 	if (!subid_nss->find_subid_owners) {
 		fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
 		goto close_lib;
 	}
 	subid_nss->handle = h;
 	goto done;
 close_lib:
 	dlclose(h);
 	free(subid_nss);
 null_subid:
 	subid_nss = NULL;
 done:
 	atomic_store(&nss_init_completed, true);
--- a/Show More
+++ b/Show More