Compare commits
369 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| cde08e422d | |||
| 2df2c35bad | |||
| 9b7d786b6f | |||
| ca046af5d9 | |||
| df59088641 | |||
| b620b5d0d1 | |||
| 29dbcfbabd | |||
| 0217516349 | |||
| 18f113cc46 | |||
| 10429edc14 | |||
| 8acec35d1d | |||
| 69f74dbf8a | |||
| 4e2453fa9f | |||
| d0fef040ed | |||
| 71e28359d1 | |||
| f3a1e1cf09 | |||
| fb49de61b7 | |||
| 895dfd77d2 | |||
| 9dddcd29f1 | |||
| a6eb312f60 | |||
| 99df9d746e | |||
| 27e467a61a | |||
| d8e6a8b99b | |||
| adf37cccd0 | |||
| da77a82ecb | |||
| 68d42a8fbe | |||
| 71a3238b79 | |||
| 61964aa06b | |||
| 81bc78ec5c | |||
| b089a63ab3 | |||
| 151f14ad69 | |||
| 1ee066ae1e | |||
| e7d1508e07 | |||
| a74c4b6ae1 | |||
| 701fe4cf1a | |||
| 37ae8827a0 | |||
| f8fc6371f6 | |||
| 4c16416ebc | |||
| 0066743c49 | |||
| 29f135777e | |||
| 34f431f607 | |||
| 040ba6a853 | |||
| b0498564b2 | |||
| 26c9dd3715 | |||
| 18ecf3987e | |||
| 9b3889696b | |||
| 03c31bef87 | |||
| 98aefe8772 | |||
| f40bd94856 | |||
| 7af7361fd6 | |||
| bbb2735cc0 | |||
| d7ab811a36 | |||
| 62a4daa2cd | |||
| 8d8062c770 | |||
| 38a0b0a610 | |||
| 6bf5d6d4f3 | |||
| dbd3527c03 | |||
| dbf3b1ad51 | |||
| b8f17f9c29 | |||
| 2e01b9d7d2 | |||
| 5f5b21fd5c | |||
| f7fe4c5978 | |||
| f39ac101ff | |||
| b085c3f612 | |||
| 27e236ca79 | |||
| dc12e87fe7 | |||
| 4827da0a2f | |||
| 0460dac019 | |||
| b3affb29cf | |||
| 0b3d017276 | |||
| e08db2de4c | |||
| 55c107617e | |||
| 673ff74fd4 | |||
| ead55e9ba8 | |||
| 000619344d | |||
| 51a0d94a08 | |||
| e44a9e631d | |||
| 2b67dc7765 | |||
| fce1d88479 | |||
| 46fd68c37e | |||
| fb01e07e83 | |||
| 08ae38e394 | |||
| 34b113baba | |||
| 93151689c0 | |||
| ae17e0291d | |||
| 03677d9acf | |||
| 5f8f19f267 | |||
| bed18501b1 | |||
| 8fcf6cccff | |||
| 8fee869e9a | |||
| 82e28ad534 | |||
| 19edb06fd2 | |||
| be05c62bd7 | |||
| 88760598f0 | |||
| efd169e010 | |||
| da440b536c | |||
| 33825ab57d | |||
| ae3d71fb94 | |||
| 4959cd10ae | |||
| a3cae72faa | |||
| 26deef6945 | |||
| d2f2c1877a | |||
| b76fc2947f | |||
| ffb3992467 | |||
| ba43b49a52 | |||
| 89c4da43cb | |||
| 0ab893a734 | |||
| e6c2e43937 | |||
| d13844408c | |||
| e59a39663d | |||
| a14936cf2e | |||
| 959343fe79 | |||
| 1af6b68cbe | |||
| 2806b827d8 | |||
| 7e94a2f484 | |||
| e5815acf37 | |||
| f4ea04b728 | |||
| 5ff6edf9f2 | |||
| 544709fad3 | |||
| 8d1f0bcf99 | |||
| 64bcb54fa9 | |||
| 4d139ca466 | |||
| e15aa5a8a6 | |||
| dfb4d8fdf9 | |||
| 0259f84583 | |||
| d72d99a810 | |||
| f22ca217cd | |||
| ad307ee42a | |||
| 15882a5f90 | |||
| 51cd6aec02 | |||
| 6551709e96 | |||
| 714b6a53d5 | |||
| 1175932c0c | |||
| 674409e226 | |||
| 20100e4b22 | |||
| 7eb10e6298 | |||
| 3e59e9613e | |||
| 95ea61009d | |||
| 6a1f45d932 | |||
| 403a2e3771 | |||
| 37b02a5f88 | |||
| cae6cea0e8 | |||
| f078412398 | |||
| cb42ee620e | |||
| f98e43ee11 | |||
| f2b240595b | |||
| f632515581 | |||
| 40355150c4 | |||
| 34ff8edb63 | |||
| 49001ca846 | |||
| 3fff9d7621 | |||
| 341d80c2c7 | |||
| cd9b4de327 | |||
| 5d5d212764 | |||
| da84d0ede7 | |||
| 1a377e318f | |||
| 6fb7fe11f2 | |||
| 0f4e59fd00 | |||
| 6fcc0f6756 | |||
| d74ffd3c29 | |||
| d452d1b812 | |||
| 5a5cd85bd2 | |||
| 3e0cdc87b7 | |||
| e9fc8fc7ef | |||
| 4ef08548cc | |||
| 9c5e433a3a | |||
| 9340efbb0d | |||
| 0138819b2a | |||
| f14670ee1a | |||
| 4a2646f676 | |||
| 4d835c7ea4 | |||
| 08ae7af111 | |||
| 4edda5d8ba | |||
| d2c28a402a | |||
| 1faf4d6469 | |||
| 5214710432 | |||
| 8679878c8b | |||
| 2e56af1902 | |||
| 2e5fc4c90b | |||
| 1356b14a00 | |||
| effdb14786 | |||
| 6bec1cf37c | |||
| 76e7de3fbb | |||
| 561448443f | |||
| 9ca6b71e76 | |||
| f1b9f8d829 | |||
| 7c1576cfb6 | |||
| a070b84f2e | |||
| 9ac5b2fc5a | |||
| a9e07c0feb | |||
| 4c0c7c52f1 | |||
| 18c428a6c9 | |||
| 470baeabbd | |||
| ea253cb275 | |||
| c595ea7e87 | |||
| 2a9b6d80e7 | |||
| 2d581cb337 | |||
| 173231a8ff | |||
| 89e5a32966 | |||
| 1a383194ff | |||
| 2d188a9987 | |||
| 3b5ba41d3e | |||
| ecc3508877 | |||
| 11091949be | |||
| f89ba6822d | |||
| 97ddb0d80c | |||
| 0ee79295f6 | |||
| ca6425e54e | |||
| b80c55946a | |||
| 8b8793920e | |||
| ddbd3a36c1 | |||
| cf9cc6963c | |||
| 8c6634d9bc | |||
| ce4c4d4ad5 | |||
| 9c39b13194 | |||
| d2e7edcd00 | |||
| ce3a4ac7a3 | |||
| cdb2490ab6 | |||
| 92b889b671 | |||
| 6178f5a3df | |||
| 7f20bb88ad | |||
| 0d7cb003b7 | |||
| 95a8de2a0a | |||
| 76bbce3564 | |||
| ce0fc161b4 | |||
| ab260fcd1f | |||
| ef95bb7ed1 | |||
| 9858133cc6 | |||
| 93a5c47c2c | |||
| a61cf0068b | |||
| 1c464d9a2d | |||
| f6701d3efa | |||
| ad1e0e9f96 | |||
| 62772039b7 | |||
| 0c1ca49be3 | |||
| 9035f90510 | |||
| ccc055d9d9 | |||
| 1fcf807949 | |||
| d2aa177c50 | |||
| 82484117b3 | |||
| 5ba6cd8545 | |||
| 5e0c61cce3 | |||
| 9b798b584a | |||
| 00e4e0c735 | |||
| 97e9d60133 | |||
| 6be85b0baf | |||
| 028e3e2764 | |||
| fc8389331e | |||
| 72060a2b2b | |||
| dbb37b1b31 | |||
| d1ad64b40f | |||
| 4f16458b6c | |||
| 44b8f7b3ef | |||
| 5abe0811b8 | |||
| 0d2fa501ec | |||
| 218235e9dd | |||
| 4b89ac41cb | |||
| 721b9096eb | |||
| a5cddf243a | |||
| fe62fc48bf | |||
| ce30dfe255 | |||
| 225530b7e1 | |||
| 07ab1af55c | |||
| 81f0e6a30f | |||
| 09957c6d27 | |||
| 8a1a097afa | |||
| 751f8e055b | |||
| 45f34ee8c1 | |||
| 43b4e5a6c4 | |||
| 1c50a44db6 | |||
| bbf1d9a800 | |||
| 2eceb4381c | |||
| 3c5a563654 | |||
| ff8e4ede1e | |||
| f9fb855889 | |||
| 090c019ada | |||
| 6adaa40135 | |||
| 0f27931155 | |||
| 6879f46327 | |||
| dad103bdb9 | |||
| ee3a79c695 | |||
| a9e642d444 | |||
| 5c86700fd7 | |||
| b11129827a | |||
| 01f6258df7 | |||
| 2fa907a522 | |||
| fa68441bc4 | |||
| d73f480ddc | |||
| b3652d8a32 | |||
| a6d795bac5 | |||
| d5e1c1e475 | |||
| ad3b31a59e | |||
| c5e5fee606 | |||
| 2a558bd8cb | |||
| 83c8a2d3fa | |||
| 7c93e1cdce | |||
| 088fe2618f | |||
| 2e45fff44b | |||
| 0d50e1e15f | |||
| fe299017b1 | |||
| a0546212c0 | |||
| c883786f4f | |||
| bc35dfe4ec | |||
| 2cfa1743d3 | |||
| 3a43d72e42 | |||
| b91b3793a9 | |||
| d702e08097 | |||
| 52d2198252 | |||
| fbcd8b536a | |||
| 13a7713384 | |||
| 48aa12af31 | |||
| 4f49e3fd3e | |||
| 0fc697a4b1 | |||
| 015448b049 | |||
| 163c424999 | |||
| 247a869ccd | |||
| 5178f8c5af | |||
| bef4da47be | |||
| c1fd94d7d5 | |||
| 9b0f8ddc30 | |||
| 7c45a6e8ba | |||
| 158866bfdc | |||
| adbdd086a2 | |||
| 2b393114c7 | |||
| 8893c51480 | |||
| 9514a841bc | |||
| 3bf8d68f10 | |||
| e7a292ed4f | |||
| 624bacfbd8 | |||
| 24367027d6 | |||
| 370652ba05 | |||
| 3029883888 | |||
| 7bfcf1724c | |||
| fcc25a03cd | |||
| 6dacb154e5 | |||
| 3e0913f119 | |||
| 2ffc1a76f5 | |||
| 8e33195c8e | |||
| 5579b40e35 | |||
| 33abc8bcd9 | |||
| b1b5c46668 | |||
| 983a844633 | |||
| 02b1471d5b | |||
| 6a576391d6 | |||
| ec1cc096e8 | |||
| f3ee47fe3f | |||
| 64ab401239 | |||
| e299942189 | |||
| 49ea7327d9 | |||
| c3a8d02b9f | |||
| 10f31a97e2 | |||
| 328958ca01 | |||
| 246edc0481 | |||
| 2daa6cc65d | |||
| fca2fd65c0 | |||
| 6b11077f09 | |||
| 093fb605f9 | |||
| c34c2606cf | |||
| f76c31f50e | |||
| e0d3ba6934 | |||
| 54ab542887 | |||
| a08021eb0e | |||
| 931e7c0c2f | |||
| 15f4421f10 | |||
| 856ffcfa5e | |||
| 35edae5892 | |||
| 1aaa4ec5ba | |||
| f45498a6c2 | |||
| 890f911e17 |
@@ -1,34 +0,0 @@
|
|||||||
image: alpine/latest
|
|
||||||
# apk add --update alpine-sdk
|
|
||||||
packages:
|
|
||||||
- cmd:setcap
|
|
||||||
- autoconf
|
|
||||||
- automake
|
|
||||||
- byacc
|
|
||||||
- expect
|
|
||||||
- gettext
|
|
||||||
- gettext-dev
|
|
||||||
- gettext-lang
|
|
||||||
- libbsd-dev
|
|
||||||
- libcap-dev
|
|
||||||
- libtool
|
|
||||||
- linux-pam-dev
|
|
||||||
- pkgconf
|
|
||||||
- sed
|
|
||||||
sources:
|
|
||||||
- https://github.com/shadow-maint/shadow
|
|
||||||
tasks:
|
|
||||||
- build: |
|
|
||||||
cd shadow
|
|
||||||
./autogen.sh --without-selinux --disable-man --disable-nls
|
|
||||||
grep ENABLE_ config.status
|
|
||||||
- tasks: |
|
|
||||||
cd shadow
|
|
||||||
cat /proc/self/uid_map
|
|
||||||
cat /proc/self/status
|
|
||||||
make
|
|
||||||
make DESTDIR=/tmp/shadow-inst install
|
|
||||||
sudo make install
|
|
||||||
#TODO - fix up the tests. Let's merge what's here now as it
|
|
||||||
#at least tests build.
|
|
||||||
#(cd tests; sudo ./run_some || { cat testsuite.log; false; })
|
|
||||||
@@ -1,33 +0,0 @@
|
|||||||
image: fedora/latest
|
|
||||||
packages:
|
|
||||||
- autoconf
|
|
||||||
- automake
|
|
||||||
- byacc
|
|
||||||
- expect
|
|
||||||
- findutils
|
|
||||||
- gettext
|
|
||||||
- gettext-devel
|
|
||||||
- git
|
|
||||||
- libbsd-devel
|
|
||||||
- libselinux-devel
|
|
||||||
- libsemanage-devel
|
|
||||||
- libtool
|
|
||||||
- libxslt
|
|
||||||
- pkgconf
|
|
||||||
sources:
|
|
||||||
- https://github.com/shadow-maint/shadow
|
|
||||||
tasks:
|
|
||||||
- build: |
|
|
||||||
cd shadow
|
|
||||||
./autogen.sh --with-selinux --enable-man
|
|
||||||
grep ENABLE_ config.status
|
|
||||||
- tasks: |
|
|
||||||
cd shadow
|
|
||||||
cat /proc/self/uid_map
|
|
||||||
cat /proc/self/status
|
|
||||||
make
|
|
||||||
make DESTDIR=/tmp/shadow-inst install
|
|
||||||
sudo make install
|
|
||||||
#TODO - fix up the tests. Let's merge what's here now as it
|
|
||||||
#at least tests build.
|
|
||||||
#(cd tests; sudo ./run_some || { cat testsuite.log; false; })
|
|
||||||
@@ -1,28 +0,0 @@
|
|||||||
image: ubuntu/focal
|
|
||||||
packages:
|
|
||||||
- automake
|
|
||||||
- autopoint
|
|
||||||
- xsltproc
|
|
||||||
- libbsd-dev
|
|
||||||
- libselinux1-dev
|
|
||||||
- gettext
|
|
||||||
- expect
|
|
||||||
- byacc
|
|
||||||
- libtool
|
|
||||||
- pkgconf
|
|
||||||
sources:
|
|
||||||
- https://github.com/shadow-maint/shadow
|
|
||||||
tasks:
|
|
||||||
- build: |
|
|
||||||
cd shadow
|
|
||||||
./autogen.sh --without-selinux --disable-man
|
|
||||||
grep ENABLE_ config.status
|
|
||||||
- tasks: |
|
|
||||||
cd shadow
|
|
||||||
cat /proc/self/uid_map
|
|
||||||
cat /proc/self/status
|
|
||||||
systemd-detect-virt
|
|
||||||
make
|
|
||||||
make DESTDIR=/tmp/shadow-inst install
|
|
||||||
sudo make install
|
|
||||||
(cd tests; sudo ./run_some || { cat testsuite.log; false; })
|
|
||||||
@@ -1,28 +0,0 @@
|
|||||||
image: ubuntu/22.04
|
|
||||||
packages:
|
|
||||||
- automake
|
|
||||||
- autopoint
|
|
||||||
- xsltproc
|
|
||||||
- libbsd-dev
|
|
||||||
- libselinux1-dev
|
|
||||||
- gettext
|
|
||||||
- expect
|
|
||||||
- byacc
|
|
||||||
- libtool
|
|
||||||
- pkgconf
|
|
||||||
sources:
|
|
||||||
- https://github.com/shadow-maint/shadow
|
|
||||||
tasks:
|
|
||||||
- build: |
|
|
||||||
cd shadow
|
|
||||||
./autogen.sh --without-selinux --enable-man
|
|
||||||
grep ENABLE_ config.status
|
|
||||||
- tasks: |
|
|
||||||
cat /proc/self/uid_map
|
|
||||||
cat /proc/self/status
|
|
||||||
systemd-detect-virt
|
|
||||||
cd shadow
|
|
||||||
make
|
|
||||||
make DESTDIR=/tmp/shadow-inst install
|
|
||||||
sudo make install
|
|
||||||
(cd tests; sudo ./run_some || { cat testsuite.log; false; })
|
|
||||||
@@ -35,7 +35,7 @@ jobs:
|
|||||||
sudo apt-mark hold grub-efi-amd64-bin grub-efi-amd64-signed
|
sudo apt-mark hold grub-efi-amd64-bin grub-efi-amd64-signed
|
||||||
sudo apt-get update
|
sudo apt-get update
|
||||||
sudo apt-get -y dist-upgrade
|
sudo apt-get -y dist-upgrade
|
||||||
sudo apt-get -y install ubuntu-dev-tools automake autopoint xsltproc gettext expect byacc libtool libbsd-dev pkgconf
|
sudo apt-get -y install ubuntu-dev-tools automake autopoint xsltproc gettext expect byacc libtool libbsd-dev pkgconf libcmocka-dev
|
||||||
sudo apt-get -y build-dep shadow
|
sudo apt-get -y build-dep shadow
|
||||||
- name: configure
|
- name: configure
|
||||||
run: |
|
run: |
|
||||||
@@ -49,8 +49,9 @@ jobs:
|
|||||||
run: |
|
run: |
|
||||||
set -e
|
set -e
|
||||||
cd tests
|
cd tests
|
||||||
|
trap 'cat testsuite.log' ERR
|
||||||
sudo ./run_some
|
sudo ./run_some
|
||||||
cat testsuite.log
|
trap - ERR
|
||||||
|
|
||||||
# Make sure that 'make dist' makes a usable tarball with no missing files
|
# Make sure that 'make dist' makes a usable tarball with no missing files
|
||||||
dist-build:
|
dist-build:
|
||||||
@@ -83,6 +84,7 @@ jobs:
|
|||||||
cd $d
|
cd $d
|
||||||
./configure
|
./configure
|
||||||
make -j5
|
make -j5
|
||||||
|
make check
|
||||||
|
|
||||||
container-build:
|
container-build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
|||||||
@@ -32,10 +32,7 @@ jobs:
|
|||||||
- name: Build shadow-utils
|
- name: Build shadow-utils
|
||||||
run: |
|
run: |
|
||||||
PROCESSORS=$(/usr/bin/getconf _NPROCESSORS_ONLN)
|
PROCESSORS=$(/usr/bin/getconf _NPROCESSORS_ONLN)
|
||||||
make -kj$PROCESSORS || true
|
make -Orecurse -j$PROCESSORS
|
||||||
|
|
||||||
- name: Check build errors
|
|
||||||
run: make
|
|
||||||
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@v2
|
uses: github/codeql-action/analyze@v2
|
||||||
|
|||||||
+6
-1
@@ -3,9 +3,11 @@ lib*.a
|
|||||||
*.o
|
*.o
|
||||||
*.lo
|
*.lo
|
||||||
*.la
|
*.la
|
||||||
|
*.mo
|
||||||
*.gmo
|
*.gmo
|
||||||
.deps
|
.deps
|
||||||
.libs
|
.libs
|
||||||
|
.dirstamp
|
||||||
|
|
||||||
*.patch
|
*.patch
|
||||||
*.rej
|
*.rej
|
||||||
@@ -14,6 +16,8 @@ lib*.a
|
|||||||
Makefile
|
Makefile
|
||||||
Makefile.in
|
Makefile.in
|
||||||
|
|
||||||
|
test-driver
|
||||||
|
|
||||||
/ABOUT-NLS
|
/ABOUT-NLS
|
||||||
/aclocal.m4
|
/aclocal.m4
|
||||||
/autom4te.cache
|
/autom4te.cache
|
||||||
@@ -34,6 +38,7 @@ Makefile.in
|
|||||||
/m4
|
/m4
|
||||||
/missing
|
/missing
|
||||||
/stamp-h1
|
/stamp-h1
|
||||||
|
/test-driver
|
||||||
/ylwrap
|
/ylwrap
|
||||||
|
|
||||||
/po/*.header
|
/po/*.header
|
||||||
@@ -47,5 +52,5 @@ Makefile.in
|
|||||||
|
|
||||||
/shadow.spec
|
/shadow.spec
|
||||||
/shadow-*.tar.*
|
/shadow-*.tar.*
|
||||||
/libmisc/getdate.c
|
/lib/getdate.c
|
||||||
/libsubid/subid.h
|
/libsubid/subid.h
|
||||||
|
|||||||
-52
@@ -1,52 +0,0 @@
|
|||||||
dist: bionic
|
|
||||||
sudo: false
|
|
||||||
|
|
||||||
language: c
|
|
||||||
|
|
||||||
compiler:
|
|
||||||
- gcc
|
|
||||||
- clang
|
|
||||||
|
|
||||||
arch:
|
|
||||||
- amd64
|
|
||||||
- arm64
|
|
||||||
- ppc64le
|
|
||||||
- s390x
|
|
||||||
|
|
||||||
before_install:
|
|
||||||
- sudo apt-get update -qq
|
|
||||||
- sudo apt-get -y install -qq automake autopoint xsltproc libselinux1-dev gettext expect
|
|
||||||
- sudo apt-get -y install -qq byacc libtool
|
|
||||||
script:
|
|
||||||
- ./autogen.sh --without-selinux --disable-man
|
|
||||||
- grep ENABLE_ config.status
|
|
||||||
- make
|
|
||||||
|
|
||||||
env:
|
|
||||||
global:
|
|
||||||
- secure: "G47VYFrtzqalrVjixTqBG9Qsa8EZRcaqsh1k6fq5JgEyHmMQActpvTUDs9FXf1MEqiY5XX3VDVfBsZgKPHgmHsMzD1bX11xpnpGByB8g7gr8I3u2ZkCREqgi77a5l3LeBh+seWiambe/DYOgvPCNa6pCynLgR9advqtgKhpCruU="
|
|
||||||
|
|
||||||
addons:
|
|
||||||
coverity_scan:
|
|
||||||
|
|
||||||
project:
|
|
||||||
name: "shadow-maint/shadow"
|
|
||||||
description: "Upstream shadow utils tree"
|
|
||||||
|
|
||||||
notification_email: christian.brauner@ubuntu.com,serge@hallyn.com
|
|
||||||
|
|
||||||
build_command_prepend: "./autogen.sh --without-selinux --disable-man"
|
|
||||||
build_command: "make -kj4 || make"
|
|
||||||
branch_pattern: master
|
|
||||||
|
|
||||||
script:
|
|
||||||
- cat /proc/self/uid_map
|
|
||||||
- cat /proc/self/status
|
|
||||||
- systemd-detect-virt
|
|
||||||
- ./autogen.sh --without-selinux --disable-man
|
|
||||||
- grep ENABLE_ config.status
|
|
||||||
- make
|
|
||||||
- sudo make install
|
|
||||||
- (cd tests; sudo ./run_some; cat testsuite.log)
|
|
||||||
|
|
||||||
# vim:et:ts=2:sw=2
|
|
||||||
@@ -9,6 +9,14 @@ a lot of mail...
|
|||||||
* Serge E. Hallyn <serge@hallyn.com> (2014-now)
|
* Serge E. Hallyn <serge@hallyn.com> (2014-now)
|
||||||
* Christian Brauner <christian@brauner.io> (2019-now)
|
* Christian Brauner <christian@brauner.io> (2019-now)
|
||||||
* Iker Pedrosa <ipedrosa@redhat.com> (2022-now)
|
* Iker Pedrosa <ipedrosa@redhat.com> (2022-now)
|
||||||
|
* Alejandro Colomar <alx@kernel.org> (2023-now) (4.14 stable)
|
||||||
|
|
||||||
|
To verify signatures on releases, use the following keys under keys/ :
|
||||||
|
|
||||||
|
* Serge Hallyn: keys/66D0387DB85D320F8408166DB175CFA98F192AF2.asc
|
||||||
|
* Christian Brauner: keys/4880B8C9BD0E5106FC070F4F7B3C391EFEA93624.asc
|
||||||
|
* Iker Pedrosa: keys/4E80EF49C7987B6DE2F81F5005079C6C3A653E57.asc
|
||||||
|
* Alejandro Colomar: keys/A9348594CE31283A826FBDD8D57633D441E25BB5.asc
|
||||||
|
|
||||||
# Authors and contributors
|
# Authors and contributors
|
||||||
* Adam Rudnicki <adam@v-lo.krakow.pl>
|
* Adam Rudnicki <adam@v-lo.krakow.pl>
|
||||||
|
|||||||
+6
-3
@@ -1,15 +1,18 @@
|
|||||||
## Process this file with automake to produce Makefile.in
|
## Process this file with automake to produce Makefile.in
|
||||||
|
|
||||||
EXTRA_DIST = NEWS README TODO shadow.spec.in
|
EXTRA_DIST = NEWS README
|
||||||
|
|
||||||
SUBDIRS = libmisc lib
|
SUBDIRS = lib
|
||||||
|
|
||||||
if ENABLE_SUBIDS
|
if ENABLE_SUBIDS
|
||||||
SUBDIRS += libsubid
|
SUBDIRS += libsubid
|
||||||
endif
|
endif
|
||||||
|
|
||||||
SUBDIRS += src po contrib doc etc
|
SUBDIRS += src po contrib doc etc tests/unit
|
||||||
|
|
||||||
if ENABLE_REGENERATE_MAN
|
if ENABLE_REGENERATE_MAN
|
||||||
SUBDIRS += man
|
SUBDIRS += man
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
CLEANFILES = man/8.out man/po/remove-potcdate.* man/*/login.defs.d man/*/*.mo
|
||||||
|
EXTRA_DIST = tests/
|
||||||
|
|||||||
@@ -17,6 +17,12 @@ are used for managing group accounts.
|
|||||||
* [Issue tracker](https://github.com/shadow-maint/shadow/issues)
|
* [Issue tracker](https://github.com/shadow-maint/shadow/issues)
|
||||||
* [Releases](https://github.com/shadow-maint/shadow/releases)
|
* [Releases](https://github.com/shadow-maint/shadow/releases)
|
||||||
|
|
||||||
|
## Code
|
||||||
|
|
||||||
|
The main development branch is at [https://github.com/shadow-maint/shadow.git](https://github.com/shadow-maint/shadow)
|
||||||
|
|
||||||
|
See [STABLE.md](https://github.com/shadow-maint/shadow/blob/master/STABLE.md) for a list of supported stable branches.
|
||||||
|
|
||||||
## Contacts
|
## Contacts
|
||||||
There are several ways to contact us:
|
There are several ways to contact us:
|
||||||
* [the general discussion mailing list](
|
* [the general discussion mailing list](
|
||||||
|
|||||||
@@ -0,0 +1,11 @@
|
|||||||
|
# Supported stable branches
|
||||||
|
|
||||||
|
The following stable branches are kindly maintained by trusted volunteers:
|
||||||
|
|
||||||
|
- 4.15.x
|
||||||
|
- git
|
||||||
|
- [main](https://www.alejandro-colomar.es/src/alx/shadow/stable/shadow.git/log/?h=4.15.x)
|
||||||
|
- [mirror](https://github.com/shadow-maint/shadow/tree/4.15.x)
|
||||||
|
- tarballs
|
||||||
|
- [main](https://www.alejandro-colomar.es/share/dist/shadow/4/4.15/)
|
||||||
|
- [mirror](https://github.com/shadow-maint/shadow/releases/)
|
||||||
@@ -1,127 +0,0 @@
|
|||||||
* Create a common usage function that'd take the array of
|
|
||||||
long options and an array of descriptions and output that so things would
|
|
||||||
be standardized across the utils.
|
|
||||||
Usage strings should be normalized and split first.
|
|
||||||
Investigate optparse.
|
|
||||||
|
|
||||||
|
|
||||||
/etc/default/useradd
|
|
||||||
* GROUP=1000 should accept a group name.
|
|
||||||
|
|
||||||
Check when RLOGIN is enabled if ruserok() exists
|
|
||||||
|
|
||||||
Move selinux_file_context out of libmisc/copydir.c
|
|
||||||
|
|
||||||
Review hardcoded root account?
|
|
||||||
|
|
||||||
review all call to strto
|
|
||||||
|
|
||||||
libmisc/cleanup_user.c
|
|
||||||
cleanup needed (cleanup_report_add_user* not used)
|
|
||||||
|
|
||||||
|
|
||||||
libxcrypt support
|
|
||||||
* http://wiki.linuxfromscratch.org/patches/browser/trunk/shadow/shadow-4.0.18.1-owl_blowfish-1.patch
|
|
||||||
|
|
||||||
implement getlong, getulong.
|
|
||||||
avoid atoi, atol, atoul, strtol, strtoul, ...
|
|
||||||
|
|
||||||
manpages: comment the RLOGIN parts
|
|
||||||
|
|
||||||
Replace build_list (in lib/gshadow.c) and list (in lib/sgetgrent.c) by
|
|
||||||
comma_to_list()
|
|
||||||
|
|
||||||
Revert the modified files if all files could not be changed.
|
|
||||||
* or warn and indicate which files were modified and which were not.
|
|
||||||
* check the order the files are modified.
|
|
||||||
|
|
||||||
report nscd_flush_cache failures?
|
|
||||||
call nscd from the programs or from lib (commonio?)
|
|
||||||
|
|
||||||
PAM: check if a non-interactive conversation function could be used to set
|
|
||||||
the password in chpasswd and newusers
|
|
||||||
|
|
||||||
WITH_SELINUX
|
|
||||||
- review all tools to check that the strategies are consistent
|
|
||||||
|
|
||||||
chage, chfn, chsh: same change needed as in passwd.
|
|
||||||
- probably need moving check_selinux_access to a separate file.
|
|
||||||
|
|
||||||
testsuite
|
|
||||||
- newgrp
|
|
||||||
- test with unknown user's GID
|
|
||||||
|
|
||||||
newusers
|
|
||||||
- add logging to SYSLOG & AUDIT
|
|
||||||
- use CREATE_HOME
|
|
||||||
- Add a -Z option (see useradd / usermod)
|
|
||||||
|
|
||||||
Document when/where option appeared, document whether an option is standard
|
|
||||||
or not.
|
|
||||||
|
|
||||||
Check all the expiry semantics
|
|
||||||
|
|
||||||
ALL:
|
|
||||||
- move base passwd/shadow/group/gshadow operation to module for allow write
|
|
||||||
different backend modules for db, NIS, LDAP and others. Default backend it
|
|
||||||
will be goot if will be chosen depending on /etc/nsswitch.conf and allow
|
|
||||||
override this by -r <repository> options (where the <repository> can be
|
|
||||||
file, db, nis nisplus, ldap .. like on /etc/nsswitch.conf in service column).
|
|
||||||
passwd have old piece of code with handling -r option and it will be good
|
|
||||||
finish this and propagate on other shadow tools for allow operate on other
|
|
||||||
user databases by well known tools.
|
|
||||||
- Protect against signals. Register do_cleanups in a signal handler.
|
|
||||||
|
|
||||||
- login.defs
|
|
||||||
- generate depending on configuration
|
|
||||||
|
|
||||||
- useradd:
|
|
||||||
- add handle create user mail spool in maildir format.
|
|
||||||
- Add support for -k in -D mode
|
|
||||||
- Add support for -K in -D mode
|
|
||||||
- Add option to create or not the mail spool (and set the default in -D
|
|
||||||
mode)
|
|
||||||
- Change -l to reset the entry if an entry was already there
|
|
||||||
- set the mask in mkdir?
|
|
||||||
|
|
||||||
- userdel:
|
|
||||||
- add backup option for the removal of user resources,
|
|
||||||
- user_busy: check that the user is not running any processes.
|
|
||||||
- missing "deleting group" FAILED
|
|
||||||
- home dir removed, but userdel may fail and may leave the user
|
|
||||||
=> warning needed
|
|
||||||
|
|
||||||
- usermod
|
|
||||||
- add an option equivalent to useradd's -l (only when uid is changed)
|
|
||||||
- the mode of new home directories should be set according to the
|
|
||||||
original mode. Does copy_tree does this?
|
|
||||||
- user renamed, order is not kept in /etc/group (see
|
|
||||||
47_usermod-l_no_shadow_file). This is a problem when the first user is
|
|
||||||
considered as the admin.
|
|
||||||
- see mail "user ID change" on April, 15
|
|
||||||
+ fix call to chown (combination of -m and -u/-g)
|
|
||||||
+ add tests
|
|
||||||
|
|
||||||
- passwd:
|
|
||||||
- check combination of options (e.g. -u/-l)
|
|
||||||
- when -u refuse to unlock because it would create an empty password, it
|
|
||||||
should not display "Password changed."
|
|
||||||
exit instead?
|
|
||||||
|
|
||||||
- newgrp: check the USE_PAM section.
|
|
||||||
|
|
||||||
- pwck
|
|
||||||
- Add check to move passwd passwords to shadow if there is a shadow
|
|
||||||
entry (with a password).
|
|
||||||
- Add check to move passwd passwords to shadow if there is a shadow
|
|
||||||
file.
|
|
||||||
- Support an alternative /etc/tcb directory as second parameter.
|
|
||||||
- add options -g / -G to specify alternative group / gshadow files
|
|
||||||
|
|
||||||
- su
|
|
||||||
- add a login.defs configuration parameter to add variables to keep in
|
|
||||||
the environment with "su -l" (TERM/TERMCOLOR/...)
|
|
||||||
|
|
||||||
- vipw
|
|
||||||
- set ACLs and XATTRs on the temporary file (and backups?)
|
|
||||||
- vipw + selinux -> use lib/selinux.c
|
|
||||||
+14
-3
@@ -1,9 +1,20 @@
|
|||||||
#! /bin/sh
|
#! /bin/sh
|
||||||
|
|
||||||
autoreconf -v -f --install || exit 1
|
autoreconf -v -f --install "$(dirname "$0")" || exit 1
|
||||||
|
|
||||||
./configure \
|
CFLAGS="-O2"
|
||||||
CFLAGS="-O2 -Wall" \
|
CFLAGS="$CFLAGS -Wall"
|
||||||
|
CFLAGS="$CFLAGS -Wextra"
|
||||||
|
CFLAGS="$CFLAGS -Werror=implicit-function-declaration"
|
||||||
|
CFLAGS="$CFLAGS -Werror=implicit-int"
|
||||||
|
CFLAGS="$CFLAGS -Werror=incompatible-pointer-types"
|
||||||
|
CFLAGS="$CFLAGS -Werror=int-conversion"
|
||||||
|
CFLAGS="$CFLAGS -Wno-expansion-to-defined"
|
||||||
|
CFLAGS="$CFLAGS -Wno-unknown-attributes"
|
||||||
|
CFLAGS="$CFLAGS -Wno-unknown-warning-option"
|
||||||
|
|
||||||
|
"$(dirname "$0")"/configure \
|
||||||
|
CFLAGS="$CFLAGS" \
|
||||||
--enable-lastlog \
|
--enable-lastlog \
|
||||||
--enable-man \
|
--enable-man \
|
||||||
--enable-maintainer-mode \
|
--enable-maintainer-mode \
|
||||||
|
|||||||
+19
-41
@@ -1,12 +1,12 @@
|
|||||||
dnl Process this file with autoconf to produce a configure script.
|
dnl Process this file with autoconf to produce a configure script.
|
||||||
AC_PREREQ([2.69])
|
AC_PREREQ([2.69])
|
||||||
m4_define([libsubid_abi_major], 4)
|
m4_define([libsubid_abi_major], 5)
|
||||||
m4_define([libsubid_abi_minor], 0)
|
m4_define([libsubid_abi_minor], 0)
|
||||||
m4_define([libsubid_abi_micro], 0)
|
m4_define([libsubid_abi_micro], 0)
|
||||||
m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
|
m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
|
||||||
AC_INIT([shadow], [4.14.0], [pkg-shadow-devel@lists.alioth.debian.org], [],
|
AC_INIT([shadow], [4.16.0], [pkg-shadow-devel@lists.alioth.debian.org], [],
|
||||||
[https://github.com/shadow-maint/shadow])
|
[https://github.com/shadow-maint/shadow])
|
||||||
AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
|
AM_INIT_AUTOMAKE([1.11 foreign dist-xz subdir-objects tar-pax])
|
||||||
AC_CONFIG_MACRO_DIRS([m4])
|
AC_CONFIG_MACRO_DIRS([m4])
|
||||||
AM_SILENT_RULES([yes])
|
AM_SILENT_RULES([yes])
|
||||||
AC_CONFIG_HEADERS([config.h])
|
AC_CONFIG_HEADERS([config.h])
|
||||||
@@ -32,6 +32,7 @@ AC_PROG_CC
|
|||||||
AC_PROG_LN_S
|
AC_PROG_LN_S
|
||||||
AC_PROG_YACC
|
AC_PROG_YACC
|
||||||
LT_INIT
|
LT_INIT
|
||||||
|
LT_LIB_DLLOAD
|
||||||
|
|
||||||
dnl Checks for libraries.
|
dnl Checks for libraries.
|
||||||
|
|
||||||
@@ -47,8 +48,8 @@ AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
|
|||||||
|
|
||||||
AC_CHECK_FUNCS(arc4random_buf futimes \
|
AC_CHECK_FUNCS(arc4random_buf futimes \
|
||||||
getentropy getrandom getspnam getusershell \
|
getentropy getrandom getspnam getusershell \
|
||||||
initgroups lckpwdf lutimes mempcpy \
|
initgroups lckpwdf lutimes \
|
||||||
setgroups updwtmp updwtmpx innetgr \
|
setgroups updwtmpx innetgr \
|
||||||
getspnam_r \
|
getspnam_r \
|
||||||
rpmatch \
|
rpmatch \
|
||||||
memset_explicit explicit_bzero stpecpy stpeprintf)
|
memset_explicit explicit_bzero stpecpy stpeprintf)
|
||||||
@@ -56,17 +57,13 @@ AC_SYS_LARGEFILE
|
|||||||
|
|
||||||
dnl Checks for typedefs, structures, and compiler characteristics.
|
dnl Checks for typedefs, structures, and compiler characteristics.
|
||||||
|
|
||||||
AC_CHECK_MEMBERS([struct utmp.ut_type,
|
AC_CHECK_MEMBERS([struct utmpx.ut_name,
|
||||||
struct utmp.ut_id,
|
struct utmpx.ut_host,
|
||||||
struct utmp.ut_name,
|
struct utmpx.ut_syslen,
|
||||||
struct utmp.ut_user,
|
struct utmpx.ut_addr,
|
||||||
struct utmp.ut_host,
|
struct utmpx.ut_addr_v6,
|
||||||
struct utmp.ut_syslen,
|
struct utmpx.ut_time,
|
||||||
struct utmp.ut_addr,
|
struct utmpx.ut_xtime],,,[[#include <utmpx.h>]])
|
||||||
struct utmp.ut_addr_v6,
|
|
||||||
struct utmp.ut_time,
|
|
||||||
struct utmp.ut_xtime,
|
|
||||||
struct utmp.ut_tv],,,[[#include <utmp.h>]])
|
|
||||||
|
|
||||||
dnl Checks for library functions.
|
dnl Checks for library functions.
|
||||||
AC_TYPE_GETGROUPS
|
AC_TYPE_GETGROUPS
|
||||||
@@ -162,13 +159,6 @@ fi])
|
|||||||
AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
|
AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd",
|
||||||
[Path to passwd program.])
|
[Path to passwd program.])
|
||||||
|
|
||||||
dnl XXX - quick hack, should disappear before anyone notices :).
|
|
||||||
dnl XXX - I just read the above message :).
|
|
||||||
if test "$ac_cv_func_ruserok" = "yes"; then
|
|
||||||
AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.])
|
|
||||||
AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).])
|
|
||||||
fi
|
|
||||||
|
|
||||||
AC_ARG_ENABLE(shadowgrp,
|
AC_ARG_ENABLE(shadowgrp,
|
||||||
[AS_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
|
[AS_HELP_STRING([--enable-shadowgrp], [enable shadow group support @<:@default=yes@:>@])],
|
||||||
[case "${enableval}" in
|
[case "${enableval}" in
|
||||||
@@ -243,9 +233,6 @@ AC_ARG_WITH(skey,
|
|||||||
AC_ARG_WITH(tcb,
|
AC_ARG_WITH(tcb,
|
||||||
[AS_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
|
[AS_HELP_STRING([--with-tcb], [use tcb support (incomplete) @<:@default=yes if found@:>@])],
|
||||||
[with_tcb=$withval], [with_tcb=maybe])
|
[with_tcb=$withval], [with_tcb=maybe])
|
||||||
AC_ARG_WITH(libcrack,
|
|
||||||
[AS_HELP_STRING([--with-libcrack], [use libcrack @<:@default=no@:>@])],
|
|
||||||
[with_libcrack=$withval], [with_libcrack=no])
|
|
||||||
AC_ARG_WITH(sha-crypt,
|
AC_ARG_WITH(sha-crypt,
|
||||||
[AS_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
|
[AS_HELP_STRING([--with-sha-crypt], [allow the SHA256 and SHA512 password encryption algorithms @<:@default=yes@:>@])],
|
||||||
[with_sha_crypt=$withval], [with_sha_crypt=yes])
|
[with_sha_crypt=$withval], [with_sha_crypt=yes])
|
||||||
@@ -280,6 +267,7 @@ AC_DEFINE_UNQUOTED(GROUP_NAME_MAX_LENGTH, $with_group_name_max_length, [max grou
|
|||||||
AC_SUBST(GROUP_NAME_MAX_LENGTH)
|
AC_SUBST(GROUP_NAME_MAX_LENGTH)
|
||||||
GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
|
GROUP_NAME_MAX_LENGTH="$with_group_name_max_length"
|
||||||
|
|
||||||
|
|
||||||
AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
|
AM_CONDITIONAL(USE_SHA_CRYPT, test "x$with_sha_crypt" = "xyes")
|
||||||
if test "$with_sha_crypt" = "yes"; then
|
if test "$with_sha_crypt" = "yes"; then
|
||||||
AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
|
AC_DEFINE(USE_SHA_CRYPT, 1, [Define to allow the SHA256 and SHA512 password encryption algorithms])
|
||||||
@@ -316,6 +304,10 @@ dnl needed (Linux glibc, Irix), but still link it if needed (Solaris).
|
|||||||
|
|
||||||
AC_SEARCH_LIBS(gethostbyname, nsl)
|
AC_SEARCH_LIBS(gethostbyname, nsl)
|
||||||
|
|
||||||
|
PKG_CHECK_MODULES([CMOCKA], [cmocka], [have_cmocka="yes"],
|
||||||
|
[AC_MSG_WARN([libcmocka not found, cmocka tests will not be built])])
|
||||||
|
AM_CONDITIONAL([HAVE_CMOCKA], [test x$have_cmocka = xyes])
|
||||||
|
|
||||||
AC_CHECK_LIB([econf],[econf_readDirs],[LIBECONF="-leconf"],[LIBECONF=""])
|
AC_CHECK_LIB([econf],[econf_readDirs],[LIBECONF="-leconf"],[LIBECONF=""])
|
||||||
if test -n "$LIBECONF"; then
|
if test -n "$LIBECONF"; then
|
||||||
AC_DEFINE_UNQUOTED([VENDORDIR], ["$enable_vendordir"],
|
AC_DEFINE_UNQUOTED([VENDORDIR], ["$enable_vendordir"],
|
||||||
@@ -434,7 +426,6 @@ if test "$with_libbsd" != "no"; then
|
|||||||
AC_DEFINE(WITH_LIBBSD, 1, [Build shadow with libbsd support])
|
AC_DEFINE(WITH_LIBBSD, 1, [Build shadow with libbsd support])
|
||||||
else
|
else
|
||||||
AC_DEFINE(WITH_LIBBSD, 0, [Build shadow without libbsd support])
|
AC_DEFINE(WITH_LIBBSD, 0, [Build shadow without libbsd support])
|
||||||
AC_CHECK_FUNC(strlcpy, [], [AC_MSG_ERROR([strlcpy is required from glibc >= 2.38 or libbsd])])
|
|
||||||
fi
|
fi
|
||||||
AM_CONDITIONAL(WITH_LIBBSD, test x$with_libbsd = xyes)
|
AM_CONDITIONAL(WITH_LIBBSD, test x$with_libbsd = xyes)
|
||||||
|
|
||||||
@@ -522,17 +513,6 @@ if test "$with_audit" != "no"; then
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
AC_SUBST(LIBCRACK)
|
|
||||||
if test "$with_libcrack" = "yes"; then
|
|
||||||
echo "checking cracklib flavour, don't be surprised by the results"
|
|
||||||
AC_CHECK_LIB(crack, FascistCheck,
|
|
||||||
[LIBCRACK=-lcrack AC_DEFINE(HAVE_LIBCRACK, 1, [Defined if you have libcrack.])])
|
|
||||||
AC_CHECK_LIB(crack, FascistHistory,
|
|
||||||
AC_DEFINE(HAVE_LIBCRACK_HIST, 1, [Defined if you have the ts&szs cracklib.]))
|
|
||||||
AC_CHECK_LIB(crack, FascistHistoryPw,
|
|
||||||
AC_DEFINE(HAVE_LIBCRACK_PW, 1, [Defined if it includes *Pw functions.]))
|
|
||||||
fi
|
|
||||||
|
|
||||||
if test "$with_btrfs" != "no"; then
|
if test "$with_btrfs" != "no"; then
|
||||||
AC_CHECK_HEADERS([sys/statfs.h linux/magic.h linux/btrfs_tree.h], \
|
AC_CHECK_HEADERS([sys/statfs.h linux/magic.h linux/btrfs_tree.h], \
|
||||||
[btrfs_headers="yes"], [btrfs_headers="no"])
|
[btrfs_headers="yes"], [btrfs_headers="no"])
|
||||||
@@ -753,7 +733,6 @@ AC_CONFIG_FILES([
|
|||||||
man/uk/Makefile
|
man/uk/Makefile
|
||||||
man/zh_CN/Makefile
|
man/zh_CN/Makefile
|
||||||
man/zh_TW/Makefile
|
man/zh_TW/Makefile
|
||||||
libmisc/Makefile
|
|
||||||
lib/Makefile
|
lib/Makefile
|
||||||
libsubid/Makefile
|
libsubid/Makefile
|
||||||
libsubid/subid.h
|
libsubid/subid.h
|
||||||
@@ -762,7 +741,7 @@ AC_CONFIG_FILES([
|
|||||||
etc/Makefile
|
etc/Makefile
|
||||||
etc/pam.d/Makefile
|
etc/pam.d/Makefile
|
||||||
etc/shadow-maint/Makefile
|
etc/shadow-maint/Makefile
|
||||||
shadow.spec
|
tests/unit/Makefile
|
||||||
])
|
])
|
||||||
AC_OUTPUT
|
AC_OUTPUT
|
||||||
|
|
||||||
@@ -770,7 +749,6 @@ echo
|
|||||||
echo "shadow will be compiled with the following features:"
|
echo "shadow will be compiled with the following features:"
|
||||||
echo
|
echo
|
||||||
echo " auditing support: $with_audit"
|
echo " auditing support: $with_audit"
|
||||||
echo " CrackLib support: $with_libcrack"
|
|
||||||
echo " PAM support: $with_libpam"
|
echo " PAM support: $with_libpam"
|
||||||
if test "$with_libpam" = "yes"; then
|
if test "$with_libpam" = "yes"; then
|
||||||
echo " suid account management tools: $enable_acct_tools_setuid"
|
echo " suid account management tools: $enable_acct_tools_setuid"
|
||||||
|
|||||||
+1
-3
@@ -1,6 +1,4 @@
|
|||||||
# This is a dummy Makefile.am to get automake work flawlessly,
|
# This is a dummy Makefile.am to get automake work flawlessly,
|
||||||
# and also cooperate to make a distribution for `make dist'
|
# and also cooperate to make a distribution for `make dist'
|
||||||
|
|
||||||
EXTRA_DIST = README adduser.c adduser.sh adduser2.sh \
|
EXTRA_DIST = README adduser.c adduser.sh adduser2.sh
|
||||||
atudel groupmems.shar shadow-anonftp.patch \
|
|
||||||
udbachk.tgz
|
|
||||||
|
|||||||
@@ -2,9 +2,6 @@ People keep sending various adduser programs and scripts... They are
|
|||||||
all in this directory. I haven't tested them, use at your own risk.
|
all in this directory. I haven't tested them, use at your own risk.
|
||||||
Anyway, the best one I've seen so far is adduser-3.x from Debian.
|
Anyway, the best one I've seen so far is adduser-3.x from Debian.
|
||||||
|
|
||||||
atudel is a perl script to remove at jobs owned by the specified user
|
|
||||||
(atrm in at-2.9 for Linux can't do that).
|
|
||||||
|
|
||||||
udbachk.tgz is a passwd/group/shadow file integrity checker.
|
udbachk.tgz is a passwd/group/shadow file integrity checker.
|
||||||
|
|
||||||
--marekm
|
--marekm
|
||||||
|
|||||||
@@ -1,58 +0,0 @@
|
|||||||
#!/usr/bin/perl
|
|
||||||
#
|
|
||||||
# SPDX-FileCopyrightText: 1996 Brian R. Gaeke
|
|
||||||
# SPDX-License-Identifier: BSD-4-Clause
|
|
||||||
#
|
|
||||||
# Additionally:
|
|
||||||
#
|
|
||||||
# This software is provided without support and without any obligation
|
|
||||||
# on the part of Brian R. Gaeke to assist in its use, correction,
|
|
||||||
# modification or enhancement.
|
|
||||||
#
|
|
||||||
#######################################################################
|
|
||||||
#
|
|
||||||
# this is atudel, version 2, by Brian R. Gaeke <brg@dgate.org>
|
|
||||||
#
|
|
||||||
|
|
||||||
require "getopts.pl";
|
|
||||||
&Getopts('v');
|
|
||||||
$username = shift(@ARGV);
|
|
||||||
&usage unless $username;
|
|
||||||
|
|
||||||
sub usage
|
|
||||||
{
|
|
||||||
print STDERR "atudel - remove all at jobs owned by a user\n";
|
|
||||||
print STDERR "usage: $0 [-v] username\n";
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
# odd. unless getpwnam($uname) doesn't seem to work for $uname eq "root" on
|
|
||||||
# my linux system. but this does.
|
|
||||||
die "user $username does not exist; stopping"
|
|
||||||
unless defined(getpwnam($username));
|
|
||||||
|
|
||||||
print "searching for at jobs owned by user $username ..." if $opt_v;
|
|
||||||
|
|
||||||
chdir "/var/spool/atjobs" ||
|
|
||||||
die "can't chdir to /var/spool/atjobs: $!\nstopping";
|
|
||||||
opendir(DIR,".") || die "can't opendir(/var/spool/atjobs): $!\nstopping";
|
|
||||||
@files = grep(!/^\./,grep(-f,readdir(DIR)));
|
|
||||||
closedir DIR;
|
|
||||||
|
|
||||||
foreach $x (@files)
|
|
||||||
{
|
|
||||||
$owner = (getpwuid((stat($x))[4]))[0];
|
|
||||||
push(@nuke_bait,$x) if $owner eq $username;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (@nuke_bait)
|
|
||||||
{
|
|
||||||
print "removed jobIDs: @{nuke_bait}.\n" if $opt_v;
|
|
||||||
unlink @nuke_bait;
|
|
||||||
}
|
|
||||||
elsif ($opt_v)
|
|
||||||
{
|
|
||||||
print "\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
exit 0;
|
|
||||||
@@ -1,465 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
# This is a shell archive (produced by GNU sharutils 4.2.1).
|
|
||||||
# To extract the files from this archive, save it to some FILE, remove
|
|
||||||
# everything before the `!/bin/sh' line above, then type `sh FILE'.
|
|
||||||
#
|
|
||||||
# Made on 2000-05-25 14:41 CDT by <gk4@gnu.austin.ibm.com>.
|
|
||||||
# Source directory was `/home/gk4/src/groupmem'.
|
|
||||||
#
|
|
||||||
# Existing files will *not* be overwritten unless `-c' is specified.
|
|
||||||
#
|
|
||||||
# This shar contains:
|
|
||||||
# length mode name
|
|
||||||
# ------ ---------- ------------------------------------------
|
|
||||||
# 1960 -rw-r--r-- Makefile
|
|
||||||
# 6348 -rw-r--r-- groupmems.c
|
|
||||||
# 3372 -rw------- groupmems.8
|
|
||||||
#
|
|
||||||
save_IFS="${IFS}"
|
|
||||||
IFS="${IFS}:"
|
|
||||||
gettext_dir=FAILED
|
|
||||||
locale_dir=FAILED
|
|
||||||
first_param="$1"
|
|
||||||
for dir in $PATH
|
|
||||||
do
|
|
||||||
if test "$gettext_dir" = FAILED && test -f $dir/gettext \
|
|
||||||
&& ($dir/gettext --version >/dev/null 2>&1)
|
|
||||||
then
|
|
||||||
set `$dir/gettext --version 2>&1`
|
|
||||||
if test "$3" = GNU
|
|
||||||
then
|
|
||||||
gettext_dir=$dir
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
if test "$locale_dir" = FAILED && test -f $dir/shar \
|
|
||||||
&& ($dir/shar --print-text-domain-dir >/dev/null 2>&1)
|
|
||||||
then
|
|
||||||
locale_dir=`$dir/shar --print-text-domain-dir`
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
IFS="$save_IFS"
|
|
||||||
if test "$locale_dir" = FAILED || test "$gettext_dir" = FAILED
|
|
||||||
then
|
|
||||||
echo=echo
|
|
||||||
else
|
|
||||||
TEXTDOMAINDIR=$locale_dir
|
|
||||||
export TEXTDOMAINDIR
|
|
||||||
TEXTDOMAIN=sharutils
|
|
||||||
export TEXTDOMAIN
|
|
||||||
echo="$gettext_dir/gettext -s"
|
|
||||||
fi
|
|
||||||
if touch -am -t 200112312359.59 $$.touch >/dev/null 2>&1 && test ! -f 200112312359.59 -a -f $$.touch; then
|
|
||||||
shar_touch='touch -am -t $1$2$3$4$5$6.$7 "$8"'
|
|
||||||
elif touch -am 123123592001.59 $$.touch >/dev/null 2>&1 && test ! -f 123123592001.59 -a ! -f 123123592001.5 -a -f $$.touch; then
|
|
||||||
shar_touch='touch -am $3$4$5$6$1$2.$7 "$8"'
|
|
||||||
elif touch -am 1231235901 $$.touch >/dev/null 2>&1 && test ! -f 1231235901 -a -f $$.touch; then
|
|
||||||
shar_touch='touch -am $3$4$5$6$2 "$8"'
|
|
||||||
else
|
|
||||||
shar_touch=:
|
|
||||||
echo
|
|
||||||
$echo 'WARNING: not restoring timestamps. Consider getting and'
|
|
||||||
$echo "installing GNU \`touch', distributed in GNU File Utilities..."
|
|
||||||
echo
|
|
||||||
fi
|
|
||||||
rm -f 200112312359.59 123123592001.59 123123592001.5 1231235901 $$.touch
|
|
||||||
#
|
|
||||||
if mkdir _sh10937; then
|
|
||||||
$echo 'x -' 'creating lock directory'
|
|
||||||
else
|
|
||||||
$echo 'failed to create lock directory'
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
# ============= Makefile ==============
|
|
||||||
if test -f 'Makefile' && test "$first_param" != -c; then
|
|
||||||
$echo 'x -' SKIPPING 'Makefile' '(file already exists)'
|
|
||||||
else
|
|
||||||
$echo 'x -' extracting 'Makefile' '(text)'
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'Makefile' &&
|
|
||||||
/*
|
|
||||||
# SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
|
|
||||||
# SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
|
|
||||||
# SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
#
|
|
||||||
X
|
|
||||||
all: groupmems
|
|
||||||
X
|
|
||||||
groupmems: groupmems.c
|
|
||||||
X cc -g -o groupmems groupmems.c -L. -lshadow
|
|
||||||
X
|
|
||||||
install: groupmems
|
|
||||||
X -/usr/sbin/groupadd groups
|
|
||||||
X install -o root -g groups -m 4770 groupmems /usr/bin
|
|
||||||
X
|
|
||||||
install.man: groupmems.8
|
|
||||||
X install -o root -g root -m 644 groupmems.8 /usr/man/man8
|
|
||||||
X
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 00 05 25 14 40 28 'Makefile'; eval "$shar_touch") &&
|
|
||||||
chmod 0644 'Makefile' ||
|
|
||||||
$echo 'restore of' 'Makefile' 'failed'
|
|
||||||
if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
|
|
||||||
&& ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
|
|
||||||
md5sum -c << SHAR_EOF >/dev/null 2>&1 \
|
|
||||||
|| $echo 'Makefile:' 'MD5 check failed'
|
|
||||||
b46cf7ef8d59149093c011ced3f3103c Makefile
|
|
||||||
SHAR_EOF
|
|
||||||
else
|
|
||||||
shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'Makefile'`"
|
|
||||||
test 1960 -eq "$shar_count" ||
|
|
||||||
$echo 'Makefile:' 'original size' '1960,' 'current size' "$shar_count!"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= groupmems.c ==============
|
|
||||||
if test -f 'groupmems.c' && test "$first_param" != -c; then
|
|
||||||
$echo 'x -' SKIPPING 'groupmems.c' '(file already exists)'
|
|
||||||
else
|
|
||||||
$echo 'x -' extracting 'groupmems.c' '(text)'
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'groupmems.c' &&
|
|
||||||
/*
|
|
||||||
X * SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
|
|
||||||
X * SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
|
|
||||||
X * SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
X */
|
|
||||||
/*
|
|
||||||
**
|
|
||||||
** Utility "groupmem" adds and deletes members from a user's group.
|
|
||||||
**
|
|
||||||
** Setup (as "root"):
|
|
||||||
**
|
|
||||||
** groupadd -r groups
|
|
||||||
** chmod 2770 groupmems
|
|
||||||
** chown root.groups groupmems
|
|
||||||
** groupmems -g groups -a gk4
|
|
||||||
**
|
|
||||||
** Usage (as "gk4"):
|
|
||||||
**
|
|
||||||
** groupmems -a olive
|
|
||||||
** groupmems -a jordan
|
|
||||||
** groupmems -a meghan
|
|
||||||
** groupmems -a morgan
|
|
||||||
** groupmems -a jake
|
|
||||||
** groupmems -l
|
|
||||||
** groupmems -d jake
|
|
||||||
** groupmems -l
|
|
||||||
*/
|
|
||||||
X
|
|
||||||
#include <stdio.h>
|
|
||||||
#include <pwd.h>
|
|
||||||
#include <grp.h>
|
|
||||||
#include <sys/types.h>
|
|
||||||
#include <sys/stat.h>
|
|
||||||
#include <fcntl.h>
|
|
||||||
#include "defines.h"
|
|
||||||
#include "groupio.h"
|
|
||||||
X
|
|
||||||
/* Exit Status Values */
|
|
||||||
X
|
|
||||||
#define EXIT_SUCCESS 0 /* success */
|
|
||||||
#define EXIT_USAGE 1 /* invalid command syntax */
|
|
||||||
#define EXIT_GROUP_FILE 2 /* group file access problems */
|
|
||||||
#define EXIT_NOT_ROOT 3 /* not superuser */
|
|
||||||
#define EXIT_NOT_EROOT 4 /* not effective superuser */
|
|
||||||
#define EXIT_NOT_PRIMARY 5 /* not primary owner of group */
|
|
||||||
#define EXIT_NOT_MEMBER 6 /* member of group does not exist */
|
|
||||||
#define EXIT_MEMBER_EXISTS 7 /* member of group already exists */
|
|
||||||
X
|
|
||||||
#define TRUE 1
|
|
||||||
#define FALSE 0
|
|
||||||
X
|
|
||||||
/* Globals */
|
|
||||||
X
|
|
||||||
extern int optind;
|
|
||||||
extern char *optarg;
|
|
||||||
static char *adduser = NULL;
|
|
||||||
static char *deluser = NULL;
|
|
||||||
static char *thisgroup = NULL;
|
|
||||||
static int purge = FALSE;
|
|
||||||
static int list = FALSE;
|
|
||||||
static int exclusive = 0;
|
|
||||||
X
|
|
||||||
static int isroot(void) {
|
|
||||||
X return getuid() ? FALSE : TRUE;
|
|
||||||
}
|
|
||||||
X
|
|
||||||
static int isgroup(void) {
|
|
||||||
X gid_t g = getgid();
|
|
||||||
X struct group *grp = getgrgid(g);
|
|
||||||
X
|
|
||||||
X return TRUE;
|
|
||||||
}
|
|
||||||
X
|
|
||||||
static char *whoami(void) {
|
|
||||||
X struct group *grp = getgrgid(getgid());
|
|
||||||
X struct passwd *usr = getpwuid(getuid());
|
|
||||||
X
|
|
||||||
X if (0 == strcmp(usr->pw_name, grp->gr_name)) {
|
|
||||||
X return (char *)strdup(usr->pw_name);
|
|
||||||
X } else {
|
|
||||||
X return NULL;
|
|
||||||
X }
|
|
||||||
}
|
|
||||||
X
|
|
||||||
static void
|
|
||||||
addtogroup(char *user, char **members) {
|
|
||||||
X int i;
|
|
||||||
X char **pmembers;
|
|
||||||
X
|
|
||||||
X for (i = 0; NULL != members[i]; i++ ) {
|
|
||||||
X if (0 == strcmp(user, members[i])) {
|
|
||||||
X fprintf(stderr, "Member already exists\n");
|
|
||||||
X exit(EXIT_MEMBER_EXISTS);
|
|
||||||
X }
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X if (0 == i) {
|
|
||||||
X pmembers = (char **)calloc(2, sizeof(char *));
|
|
||||||
X } else {
|
|
||||||
X pmembers = (char **)realloc(members, sizeof(char *)*(i+1));
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X *members = *pmembers;
|
|
||||||
X members[i] = user;
|
|
||||||
X members[i+1] = NULL;
|
|
||||||
}
|
|
||||||
X
|
|
||||||
static void
|
|
||||||
rmfromgroup(char *user, char **members) {
|
|
||||||
X int i;
|
|
||||||
X int found = FALSE;
|
|
||||||
X
|
|
||||||
X i = 0;
|
|
||||||
X while (!found && NULL != members[i]) {
|
|
||||||
X if (0 == strcmp(user, members[i])) {
|
|
||||||
X found = TRUE;
|
|
||||||
X } else {
|
|
||||||
X i++;
|
|
||||||
X }
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X while (found && NULL != members[i]) {
|
|
||||||
X members[i] = members[++i];
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X if (!found) {
|
|
||||||
X fprintf(stderr, "Member to remove could not be found\n");
|
|
||||||
X exit(EXIT_NOT_MEMBER);
|
|
||||||
X }
|
|
||||||
}
|
|
||||||
X
|
|
||||||
static void
|
|
||||||
nomembers(char **members) {
|
|
||||||
X int i;
|
|
||||||
X
|
|
||||||
X for (i = 0; NULL != members[i]; i++ ) {
|
|
||||||
X members[i] = NULL;
|
|
||||||
X }
|
|
||||||
}
|
|
||||||
X
|
|
||||||
static void
|
|
||||||
members(char **members) {
|
|
||||||
X int i;
|
|
||||||
X
|
|
||||||
X for (i = 0; NULL != members[i]; i++ ) {
|
|
||||||
X printf("%s ", members[i]);
|
|
||||||
X
|
|
||||||
X if (NULL == members[i+1]) {
|
|
||||||
X printf("\n");
|
|
||||||
X } else {
|
|
||||||
X printf(" ");
|
|
||||||
X }
|
|
||||||
X }
|
|
||||||
}
|
|
||||||
X
|
|
||||||
static void usage(void) {
|
|
||||||
X fprintf(stderr, "usage: groupmems -a username | -d username | -D | -l [-g groupname]\n");
|
|
||||||
X exit(EXIT_USAGE);
|
|
||||||
}
|
|
||||||
X
|
|
||||||
main(int argc, char **argv) {
|
|
||||||
X int arg, i;
|
|
||||||
X char *name;
|
|
||||||
X struct group *grp;
|
|
||||||
X
|
|
||||||
X while ((arg = getopt(argc, argv, "a:d:g:Dl")) != EOF) {
|
|
||||||
X switch (arg) {
|
|
||||||
X case 'a':
|
|
||||||
X adduser = strdup(optarg);
|
|
||||||
X ++exclusive;
|
|
||||||
X break;
|
|
||||||
X case 'd':
|
|
||||||
X deluser = strdup(optarg);
|
|
||||||
X ++exclusive;
|
|
||||||
X break;
|
|
||||||
X case 'g':
|
|
||||||
X thisgroup = strdup(optarg);
|
|
||||||
X break;
|
|
||||||
X case 'D':
|
|
||||||
X purge = TRUE;
|
|
||||||
X ++exclusive;
|
|
||||||
X break;
|
|
||||||
X case 'l':
|
|
||||||
X list = TRUE;
|
|
||||||
X ++exclusive;
|
|
||||||
X break;
|
|
||||||
X default:
|
|
||||||
X usage();
|
|
||||||
X }
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X if (exclusive > 1 || optind < argc) {
|
|
||||||
X usage();
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X if (!isroot() && NULL != thisgroup) {
|
|
||||||
X fprintf(stderr, "Only root can add members to different groups\n");
|
|
||||||
X exit(EXIT_NOT_ROOT);
|
|
||||||
X } else if (isroot() && NULL != thisgroup) {
|
|
||||||
X name = thisgroup;
|
|
||||||
X } else if (!isgroup()) {
|
|
||||||
X fprintf(stderr, "Group access is required\n");
|
|
||||||
X exit(EXIT_NOT_EROOT);
|
|
||||||
X } else if (NULL == (name = whoami())) {
|
|
||||||
X fprintf(stderr, "Not primary owner of current group\n");
|
|
||||||
X exit(EXIT_NOT_PRIMARY);
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X if (!gr_lock()) {
|
|
||||||
X fprintf(stderr, "Unable to lock group file\n");
|
|
||||||
X exit(EXIT_GROUP_FILE);
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X if (!gr_open(O_RDWR)) {
|
|
||||||
X fprintf(stderr, "Unable to open group file\n");
|
|
||||||
X exit(EXIT_GROUP_FILE);
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X grp = (struct group *)gr_locate(name);
|
|
||||||
X
|
|
||||||
X if (NULL != adduser) {
|
|
||||||
X addtogroup(adduser, grp->gr_mem);
|
|
||||||
X gr_update(grp);
|
|
||||||
X } else if (NULL != deluser) {
|
|
||||||
X rmfromgroup(deluser, grp->gr_mem);
|
|
||||||
X gr_update(grp);
|
|
||||||
X } else if (purge) {
|
|
||||||
X nomembers(grp->gr_mem);
|
|
||||||
X gr_update(grp);
|
|
||||||
X } else if (list) {
|
|
||||||
X members(grp->gr_mem);
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X if (!gr_close()) {
|
|
||||||
X fprintf(stderr, "Cannot close group file\n");
|
|
||||||
X exit(EXIT_GROUP_FILE);
|
|
||||||
X }
|
|
||||||
X
|
|
||||||
X gr_unlock();
|
|
||||||
X
|
|
||||||
X exit(EXIT_SUCCESS);
|
|
||||||
}
|
|
||||||
X
|
|
||||||
/* EOF */
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 00 05 25 14 36 38 'groupmems.c'; eval "$shar_touch") &&
|
|
||||||
chmod 0644 'groupmems.c' ||
|
|
||||||
$echo 'restore of' 'groupmems.c' 'failed'
|
|
||||||
if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
|
|
||||||
&& ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
|
|
||||||
md5sum -c << SHAR_EOF >/dev/null 2>&1 \
|
|
||||||
|| $echo 'groupmems.c:' 'MD5 check failed'
|
|
||||||
f0dd68f8d762d89d24d3ce1f4141f981 groupmems.c
|
|
||||||
SHAR_EOF
|
|
||||||
else
|
|
||||||
shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'groupmems.c'`"
|
|
||||||
test 6348 -eq "$shar_count" ||
|
|
||||||
$echo 'groupmems.c:' 'original size' '6348,' 'current size' "$shar_count!"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
# ============= groupmems.8 ==============
|
|
||||||
if test -f 'groupmems.8' && test "$first_param" != -c; then
|
|
||||||
$echo 'x -' SKIPPING 'groupmems.8' '(file already exists)'
|
|
||||||
else
|
|
||||||
$echo 'x -' extracting 'groupmems.8' '(text)'
|
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'groupmems.8' &&
|
|
||||||
X.\"
|
|
||||||
X.\" SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
|
|
||||||
X.\" SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
|
|
||||||
X.\" SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
X.\"
|
|
||||||
X.\" $Id$
|
|
||||||
X.\"
|
|
||||||
X.TH GROUPMEMS 8
|
|
||||||
X.SH NAME
|
|
||||||
groupmems \- Administer members of a user's primary group
|
|
||||||
X.SH SYNOPSIS
|
|
||||||
X.B groupmems
|
|
||||||
\fB-a\fI user_name \fR |
|
|
||||||
\fB-d\fI user_name \fR |
|
|
||||||
\fB-l\fR |
|
|
||||||
\fB-D\fR |
|
|
||||||
[\fB-g\fI group_name \fR]
|
|
||||||
X.SH DESCRIPTION
|
|
||||||
The \fBgroupmems\fR utility allows a user to administer their own
|
|
||||||
group membership list without the requirement of superuser privileges.
|
|
||||||
The \fBgroupmems\fR utility is for systems that configure its users to
|
|
||||||
be in their own name sake primary group (i.e., guest / guest).
|
|
||||||
X.P
|
|
||||||
Only the superuser, as administrator, can use \fBgroupmems\fR to alter
|
|
||||||
the memberships of other groups.
|
|
||||||
X.IP "\fB-a \fIuser_name\fR"
|
|
||||||
Add a new user to the group membership list.
|
|
||||||
X.IP "\fB-d \fIuser_name\fR"
|
|
||||||
Delete a user from the group membership list.
|
|
||||||
X.IP "\fB-l\fR"
|
|
||||||
List the group membership list.
|
|
||||||
X.IP "\fB-D\fR"
|
|
||||||
Delete all users from the group membership list.
|
|
||||||
X.IP "\fB-g \fIgroup_name\fR"
|
|
||||||
The superuser can specify which group membership list to modify.
|
|
||||||
X.SH SETUP
|
|
||||||
The \fBgroupmems\fR executable should be in mode \fB2770\fR as user \fBroot\fR
|
|
||||||
and in group \fBgroups\fR. The system administrator can add users to
|
|
||||||
group groups to allow or disallow them using the \fBgroupmems\fR utility
|
|
||||||
to manager their own group membership list.
|
|
||||||
X.P
|
|
||||||
X $ groupadd -r groups
|
|
||||||
X.br
|
|
||||||
X $ chmod 2770 groupmems
|
|
||||||
X.br
|
|
||||||
X $ chown root.groups groupmems
|
|
||||||
X.br
|
|
||||||
X $ groupmems -g groups -a gk4
|
|
||||||
X.SH FILES
|
|
||||||
/etc/group
|
|
||||||
X.br
|
|
||||||
/etc/gshadow
|
|
||||||
X.SH SEE ALSO
|
|
||||||
X.BR chfn (1),
|
|
||||||
X.BR chsh (1),
|
|
||||||
X.BR useradd (8),
|
|
||||||
X.BR userdel (8),
|
|
||||||
X.BR usermod (8),
|
|
||||||
X.BR passwd (1),
|
|
||||||
X.BR groupadd (8),
|
|
||||||
X.BR groupdel (8)
|
|
||||||
X.SH AUTHOR
|
|
||||||
George Kraft IV (gk4@us.ibm.com)
|
|
||||||
X.\" EOF
|
|
||||||
SHAR_EOF
|
|
||||||
(set 20 00 05 25 14 38 23 'groupmems.8'; eval "$shar_touch") &&
|
|
||||||
chmod 0600 'groupmems.8' ||
|
|
||||||
$echo 'restore of' 'groupmems.8' 'failed'
|
|
||||||
if ( md5sum --help 2>&1 | grep 'sage: md5sum \[' ) >/dev/null 2>&1 \
|
|
||||||
&& ( md5sum --version 2>&1 | grep -v 'textutils 1.12' ) >/dev/null; then
|
|
||||||
md5sum -c << SHAR_EOF >/dev/null 2>&1 \
|
|
||||||
|| $echo 'groupmems.8:' 'MD5 check failed'
|
|
||||||
181e6cd3a3c9d3df320197fa2cde2b4a groupmems.8
|
|
||||||
SHAR_EOF
|
|
||||||
else
|
|
||||||
shar_count="`LC_ALL= LC_CTYPE= LANG= wc -c < 'groupmems.8'`"
|
|
||||||
test 3372 -eq "$shar_count" ||
|
|
||||||
$echo 'groupmems.8:' 'original size' '3372,' 'current size' "$shar_count!"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
rm -fr _sh10937
|
|
||||||
exit 0
|
|
||||||
@@ -1,147 +0,0 @@
|
|||||||
Hello Marek,
|
|
||||||
|
|
||||||
I have created a diffile against the 980403 release that adds
|
|
||||||
functionality to newusers for automatic handling of users with only
|
|
||||||
anonymous ftp login (using the guestgroup feature in ftpaccess, which
|
|
||||||
means that the users home directory looks like '/home/user/./'). It also
|
|
||||||
adds a commandline argument to specify an initial directory structure
|
|
||||||
for such users, with a tarball normally containing the bin,lib,etc
|
|
||||||
directories used in the chrooted environment.
|
|
||||||
|
|
||||||
I am using it to automatically create chunks of users with only ftp
|
|
||||||
access for a webserver.
|
|
||||||
|
|
||||||
I have tried to follow your coding standards and I believe it is bug
|
|
||||||
free but.. well, who knows. :) It's not much code however.
|
|
||||||
|
|
||||||
I hope you find it useful. Do what you like with it, feel free to ask if
|
|
||||||
anything is unclear.
|
|
||||||
|
|
||||||
Best rgds,
|
|
||||||
Calle Karlsson
|
|
||||||
ckn@kash.se
|
|
||||||
|
|
||||||
diff -uNr shadow-980403.orig/src/newusers.c shadow-980403/src/newusers.c
|
|
||||||
--- shadow-980403.orig/src/newusers.c Fri Jan 30 00:22:43 1998
|
|
||||||
+++ shadow-980403/src/newusers.c Fri Apr 17 16:55:33 1998
|
|
||||||
@@ -76,11 +76,35 @@
|
|
||||||
static void
|
|
||||||
usage(void)
|
|
||||||
{
|
|
||||||
- fprintf(stderr, "Usage: %s [ input ]\n", Prog);
|
|
||||||
+ fprintf (stderr, "Usage: %s [-p prototype tarfile] [ input ]\n", Prog);
|
|
||||||
+ fprintf (stderr, "The prototype tarfile is only used for users\n");
|
|
||||||
+ fprintf (stderr, "marked as anonymous ftp users. It must be a full pathname.\n");
|
|
||||||
exit(1);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
+ * createuserdir - create a directory and chmod it
|
|
||||||
+ */
|
|
||||||
+
|
|
||||||
+static int
|
|
||||||
+createuserdir (char * dir, int uid, int gid, int line)
|
|
||||||
+{
|
|
||||||
+ if (mkdir (dir, 0777 & ~getdef_num("UMASK", 077))) {
|
|
||||||
+ fprintf (stderr, "%s: line %d: mkdir %s failed\n",
|
|
||||||
+ Prog, line, dir);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (chown (dir, uid, gid)) {
|
|
||||||
+ fprintf (stderr, "%s: line %d: chown %s failed\n",
|
|
||||||
+ Prog, line, dir);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ return 0;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+/*
|
|
||||||
* add_group - create a new group or add a user to an existing group
|
|
||||||
*/
|
|
||||||
|
|
||||||
@@ -328,6 +352,8 @@
|
|
||||||
main(int argc, char **argv)
|
|
||||||
{
|
|
||||||
char buf[BUFSIZ];
|
|
||||||
+ char anonproto[BUFSIZ];
|
|
||||||
+ int flag;
|
|
||||||
char *fields[8];
|
|
||||||
int nfields;
|
|
||||||
char *cp;
|
|
||||||
@@ -340,12 +366,23 @@
|
|
||||||
|
|
||||||
Prog = Basename(argv[0]);
|
|
||||||
|
|
||||||
- if (argc > 1 && argv[1][0] == '-')
|
|
||||||
- usage ();
|
|
||||||
+ * anonproto = '\0';
|
|
||||||
+
|
|
||||||
+ while ((flag = getopt (argc, argv, "p:h")) != EOF) {
|
|
||||||
+ switch (flag) {
|
|
||||||
+ case 'p':
|
|
||||||
+ STRFCPY(anonproto, optarg);
|
|
||||||
+ break;
|
|
||||||
+ case 'h':
|
|
||||||
+ default:
|
|
||||||
+ usage ();
|
|
||||||
+ break;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
|
|
||||||
- if (argc == 2) {
|
|
||||||
- if (! freopen (argv[1], "r", stdin)) {
|
|
||||||
- snprintf(buf, sizeof buf, "%s: %s", Prog, argv[1]);
|
|
||||||
+ if (optind < argc) {
|
|
||||||
+ if (! freopen (argv[optind], "r", stdin)) {
|
|
||||||
+ snprintf(buf, sizeof buf, "%s: %s", Prog, argv[optind]);
|
|
||||||
perror (buf);
|
|
||||||
exit (1);
|
|
||||||
}
|
|
||||||
@@ -499,15 +536,36 @@
|
|
||||||
if (fields[6][0])
|
|
||||||
newpw.pw_shell = fields[6];
|
|
||||||
|
|
||||||
- if (newpw.pw_dir[0] && access(newpw.pw_dir, F_OK)) {
|
|
||||||
- if (mkdir (newpw.pw_dir,
|
|
||||||
- 0777 & ~getdef_num("UMASK", 077)))
|
|
||||||
- fprintf (stderr, "%s: line %d: mkdir failed\n",
|
|
||||||
- Prog, line);
|
|
||||||
- else if (chown (newpw.pw_dir,
|
|
||||||
- newpw.pw_uid, newpw.pw_gid))
|
|
||||||
- fprintf (stderr, "%s: line %d: chown failed\n",
|
|
||||||
- Prog, line);
|
|
||||||
+ if (newpw.pw_dir[0]) {
|
|
||||||
+ char * userdir = strdup (newpw.pw_dir);
|
|
||||||
+ char * anonpart;
|
|
||||||
+ int rc;
|
|
||||||
+
|
|
||||||
+ if ((anonpart = strstr (userdir, "/./"))) {
|
|
||||||
+ * anonpart = '\0';
|
|
||||||
+ anonpart += 2;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (access(userdir, F_OK))
|
|
||||||
+ rc = createuserdir (userdir, newpw.pw_uid, newpw.pw_gid, line);
|
|
||||||
+ else
|
|
||||||
+ rc = 0;
|
|
||||||
+
|
|
||||||
+ if (rc == 0 && anonpart) {
|
|
||||||
+ if (* anonproto) {
|
|
||||||
+ char cmdbuf [BUFSIZ];
|
|
||||||
+ snprintf(cmdbuf, sizeof cmdbuf,
|
|
||||||
+ "cd %s; tar xf %s",
|
|
||||||
+ userdir, anonproto);
|
|
||||||
+ system (cmdbuf);
|
|
||||||
+ }
|
|
||||||
+ if (strlen (anonpart) > 1) {
|
|
||||||
+ strcat (userdir, anonpart);
|
|
||||||
+ if (access (userdir, F_OK))
|
|
||||||
+ createuserdir (userdir, newpw.pw_uid, newpw.pw_gid, line);
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ free (userdir);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
Binary file not shown.
+1
-2
@@ -1,5 +1,4 @@
|
|||||||
# This is a dummy Makefile.am to get automake work flawlessly,
|
# This is a dummy Makefile.am to get automake work flawlessly,
|
||||||
# and also cooperate to make a distribution for `make dist'
|
# and also cooperate to make a distribution for `make dist'
|
||||||
|
|
||||||
EXTRA_DIST = HOWTO README.limits \
|
EXTRA_DIST = HOWTO README.limits
|
||||||
README.platforms WISHLIST console.c.spec.txt cracklib26.diff
|
|
||||||
|
|||||||
@@ -1,33 +0,0 @@
|
|||||||
# $Id$
|
|
||||||
#
|
|
||||||
# This is the current (still incomplete) list of platforms this
|
|
||||||
# package has been verified to work on. Additions (preferably
|
|
||||||
# in the format as described below) are welcome. Thanks!
|
|
||||||
#
|
|
||||||
# V: last version reported to work
|
|
||||||
# H: host type
|
|
||||||
# L: Linux libc version
|
|
||||||
# D: Linux distribution, or other OS name and version
|
|
||||||
# C: changes (if any)
|
|
||||||
# R: reported by
|
|
||||||
|
|
||||||
V: 980529
|
|
||||||
H: sparc-unknown-linux-gnu
|
|
||||||
L: glibc-2.0.7
|
|
||||||
D: Ultrapenguin-1.0.9
|
|
||||||
C: had to explicitly disable desrpc.
|
|
||||||
R: Bjorn Christianson <bjorn@cascade.psychology.mcmaster.ca>
|
|
||||||
|
|
||||||
V: 980724
|
|
||||||
H: i486-pc-linux-gnulibc1
|
|
||||||
L: libc-5.4.33
|
|
||||||
D: Debian-1.3.1.r6
|
|
||||||
C: none (use dpkg-buildpackage)
|
|
||||||
R: Marek Michalkiewicz <marekm@linux.org.pl>
|
|
||||||
|
|
||||||
V: current
|
|
||||||
H: i686-pc-linux-gnu
|
|
||||||
L: glibc-2.0.7.19981211
|
|
||||||
D: Debian-2.1
|
|
||||||
C: none (use dpkg-buildpackage)
|
|
||||||
R: Marek Michalkiewicz <marekm@linux.org.pl>
|
|
||||||
@@ -1,38 +0,0 @@
|
|||||||
$Id$
|
|
||||||
|
|
||||||
This is my wishlist for the shadow suite, in no particular order. Feel
|
|
||||||
free to do anything from this list and mail me the diffs :-).
|
|
||||||
|
|
||||||
Patches in diff -u format, against the latest version (sometimes in the
|
|
||||||
"beta" directory) are preferred and make my job easier. Please, no
|
|
||||||
MIME, base64, quoted-printable, or HTML. For very big patches, or if
|
|
||||||
your mailer can corrupt them, please use gzip and uuencode. Thanks!
|
|
||||||
|
|
||||||
New ideas to add to this list are welcome, too. --marekm
|
|
||||||
|
|
||||||
- fix all the bugs, of course
|
|
||||||
- implement "su only" accounts (no logins, only su from other account)
|
|
||||||
- rewrite getdef.c to be more general? (no hardcoded names)
|
|
||||||
- patch for rlogind/telnetd to create utmp entry and fill in ut_addr
|
|
||||||
- option to specify encrypted password in passwd (for yppasswdd, so it
|
|
||||||
doesn't need to know about shadow/non-shadow); should probably use a pipe
|
|
||||||
(less insecure than command line arguments)
|
|
||||||
- add support for changing NIS passwords
|
|
||||||
- add option to check passwords by piping them to external programs
|
|
||||||
- add functionality of the contrib/rpasswd.c wrapper to passwd
|
|
||||||
- option to generate pronounceable passwords (like on SCO), external program?
|
|
||||||
- poppassd (remote password change for eudora etc.)
|
|
||||||
- add support for passwd/shadow db files (glibc)
|
|
||||||
- vipw: check password files for errors after editing
|
|
||||||
- add "maximum time users allowed to stay logged in" limit option to logoutd
|
|
||||||
- handle quotes in /etc/environment like the shell does (but sshd doesn't...)
|
|
||||||
- better OPIE support (report number of logins left, etc.)
|
|
||||||
- new option for /etc/suauth: don't load user's environment (force "su -")
|
|
||||||
suggested by Ulisses Alonso Camaro
|
|
||||||
- find out why recent releases won't compile on Solaris
|
|
||||||
- newusers should be able to copy /etc/skel to the new home directory
|
|
||||||
(like useradd)
|
|
||||||
- add directories where other packages can add hooks for package-specific
|
|
||||||
per-user configuration, to be executed with run-parts. Some hooks should
|
|
||||||
be executed at package install time for existing users, likewise for
|
|
||||||
package removal and possibly modification. (Debian Bug#36019)
|
|
||||||
@@ -1,36 +0,0 @@
|
|||||||
$Id$
|
|
||||||
|
|
||||||
Specification for console.c source file --
|
|
||||||
|
|
||||||
input values --
|
|
||||||
tty -- character pointer to device name with leading "/dev/"
|
|
||||||
removed.
|
|
||||||
|
|
||||||
return values --
|
|
||||||
0 -- false
|
|
||||||
1 -- true
|
|
||||||
|
|
||||||
int console (char * tty)
|
|
||||||
if "CONSOLE" string value is not present in login.defs
|
|
||||||
return true
|
|
||||||
|
|
||||||
if the first character of "CONSOLE" string value is not "/"
|
|
||||||
treat the string as a ":" delimited list of device
|
|
||||||
names and search for the value of tty in that
|
|
||||||
tokenized list.
|
|
||||||
|
|
||||||
if a match is found
|
|
||||||
return true
|
|
||||||
|
|
||||||
return false
|
|
||||||
|
|
||||||
if the file named by "CONSOLE" cannot be opened
|
|
||||||
return true
|
|
||||||
|
|
||||||
scan the file looking for a match between the input line
|
|
||||||
and the value of tty
|
|
||||||
|
|
||||||
if a match is found
|
|
||||||
return true
|
|
||||||
|
|
||||||
return false
|
|
||||||
@@ -1,6 +1,22 @@
|
|||||||
# Tests
|
# Tests
|
||||||
|
|
||||||
Currently, shadow only provides system tests.
|
Currently, shadow provides unit and system tests.
|
||||||
|
|
||||||
|
## Unit tests
|
||||||
|
|
||||||
|
Unit testing is provided by the [cmocka](https://cmocka.org/) framework. It's
|
||||||
|
recommended to read the
|
||||||
|
[basics](https://cmocka.org/talks/cmocka_unit_testing_and_mocking.pdf) and
|
||||||
|
[API](https://api.cmocka.org/) before writing any test case.
|
||||||
|
|
||||||
|
In addition, you can check [test_logind.c](../../tests/unit/test_logind.c) to
|
||||||
|
get a general idea on how to implement unit tests for shadow using cmocka.
|
||||||
|
|
||||||
|
You can execute unit tests by running:
|
||||||
|
|
||||||
|
```
|
||||||
|
make check
|
||||||
|
```
|
||||||
|
|
||||||
## System tests
|
## System tests
|
||||||
|
|
||||||
|
|||||||
@@ -1,340 +0,0 @@
|
|||||||
diff -ur orig/cracklib26_small/cracklib/fascist.c cracklib26_small/cracklib/fascist.c
|
|
||||||
--- orig/cracklib26_small/cracklib/fascist.c Mon Dec 15 02:56:55 1997
|
|
||||||
+++ cracklib26_small/cracklib/fascist.c Sat Apr 4 22:14:45 1998
|
|
||||||
@@ -12,6 +12,7 @@
|
|
||||||
#include <ctype.h>
|
|
||||||
#include <sys/types.h>
|
|
||||||
#include <pwd.h>
|
|
||||||
+#include <string.h>
|
|
||||||
|
|
||||||
#define ISSKIP(x) (isspace(x) || ispunct(x))
|
|
||||||
|
|
||||||
@@ -460,28 +461,27 @@
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
-FascistGecos(password, uid)
|
|
||||||
+FascistGecosPw(password, pwd)
|
|
||||||
char *password;
|
|
||||||
- int uid;
|
|
||||||
+ struct passwd *pwd;
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
int j;
|
|
||||||
int wc;
|
|
||||||
char *ptr;
|
|
||||||
- struct passwd *pwp;
|
|
||||||
char gbuffer[STRINGSIZE];
|
|
||||||
char tbuffer[STRINGSIZE];
|
|
||||||
char *uwords[STRINGSIZE];
|
|
||||||
char longbuffer[STRINGSIZE * 2];
|
|
||||||
|
|
||||||
- if (!(pwp = getpwuid(uid)))
|
|
||||||
+ if (!pwd)
|
|
||||||
{
|
|
||||||
return ("you are not registered in the password file");
|
|
||||||
}
|
|
||||||
|
|
||||||
/* lets get really paranoid and assume a dangerously long gecos entry */
|
|
||||||
|
|
||||||
- strncpy(tbuffer, pwp->pw_name, STRINGSIZE);
|
|
||||||
+ strncpy(tbuffer, pwd->pw_name, STRINGSIZE);
|
|
||||||
tbuffer[STRINGSIZE-1] = '\0';
|
|
||||||
if (GTry(tbuffer, password))
|
|
||||||
{
|
|
||||||
@@ -490,12 +490,13 @@
|
|
||||||
|
|
||||||
/* it never used to be that you got passwd strings > 1024 chars, but now... */
|
|
||||||
|
|
||||||
- strncpy(tbuffer, pwp->pw_gecos, STRINGSIZE);
|
|
||||||
+ strncpy(tbuffer, pwd->pw_gecos, STRINGSIZE);
|
|
||||||
tbuffer[STRINGSIZE-1] = '\0';
|
|
||||||
strcpy(gbuffer, Lowercase(tbuffer));
|
|
||||||
|
|
||||||
wc = 0;
|
|
||||||
ptr = gbuffer;
|
|
||||||
+ uwords[0] = (char *) 0;
|
|
||||||
|
|
||||||
while (*ptr)
|
|
||||||
{
|
|
||||||
@@ -530,6 +531,8 @@
|
|
||||||
*(ptr++) = '\0';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+ if (!uwords[0])
|
|
||||||
+ return ((char *) 0); /* empty gecos */
|
|
||||||
#ifdef DEBUG
|
|
||||||
for (i = 0; uwords[i]; i++)
|
|
||||||
{
|
|
||||||
@@ -586,9 +589,10 @@
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
-FascistLook(pwp, instring)
|
|
||||||
+FascistLookPw(pwp, instring, pwd)
|
|
||||||
PWDICT *pwp;
|
|
||||||
char *instring;
|
|
||||||
+ struct passwd *pwd;
|
|
||||||
{
|
|
||||||
int i;
|
|
||||||
char *ptr;
|
|
||||||
@@ -667,7 +671,7 @@
|
|
||||||
return ("it looks like a National Insurance number.");
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (ptr = FascistGecos(password, getuid()))
|
|
||||||
+ if (ptr = FascistGecosPw(password, pwd ? pwd : getpwuid(getuid())))
|
|
||||||
{
|
|
||||||
return (ptr);
|
|
||||||
}
|
|
||||||
@@ -715,9 +719,10 @@
|
|
||||||
}
|
|
||||||
|
|
||||||
char *
|
|
||||||
-FascistCheck(password, path)
|
|
||||||
+FascistCheckPw(password, path, pwd)
|
|
||||||
char *password;
|
|
||||||
char *path;
|
|
||||||
+ struct passwd *pwd;
|
|
||||||
{
|
|
||||||
static char lastpath[STRINGSIZE];
|
|
||||||
static PWDICT *pwp;
|
|
||||||
@@ -750,5 +755,29 @@
|
|
||||||
strncpy(lastpath, path, STRINGSIZE);
|
|
||||||
}
|
|
||||||
|
|
||||||
- return (FascistLook(pwp, pwtrunced));
|
|
||||||
+ return (FascistLookPw(pwp, pwtrunced, pwd));
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+char *
|
|
||||||
+FascistGecos(password, uid)
|
|
||||||
+ char *password;
|
|
||||||
+ int uid;
|
|
||||||
+{
|
|
||||||
+ return (FascistGecosPw(password, getpwuid(uid)));
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+char *
|
|
||||||
+FascistLook(pwp, instring)
|
|
||||||
+ PWDICT *pwp;
|
|
||||||
+ char *instring;
|
|
||||||
+{
|
|
||||||
+ return (FascistLookPw(pwp, instring, (char *) 0));
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+char *
|
|
||||||
+FascistCheck(password, path)
|
|
||||||
+ char *password;
|
|
||||||
+ char *path;
|
|
||||||
+{
|
|
||||||
+ return (FascistCheckPw(password, path, (char *) 0));
|
|
||||||
}
|
|
||||||
diff -ur orig/cracklib26_small/cracklib/packer.h cracklib26_small/cracklib/packer.h
|
|
||||||
--- orig/cracklib26_small/cracklib/packer.h Mon Dec 15 00:09:30 1997
|
|
||||||
+++ cracklib26_small/cracklib/packer.h Sat Jan 10 22:13:46 1998
|
|
||||||
@@ -34,6 +34,7 @@
|
|
||||||
FILE *dfp;
|
|
||||||
FILE *wfp;
|
|
||||||
|
|
||||||
+ int canfree;
|
|
||||||
int32 flags;
|
|
||||||
#define PFOR_WRITE 0x0001
|
|
||||||
#define PFOR_FLUSH 0x0002
|
|
||||||
diff -ur orig/cracklib26_small/cracklib/packlib.c cracklib26_small/cracklib/packlib.c
|
|
||||||
--- orig/cracklib26_small/cracklib/packlib.c Fri Jul 9 22:22:58 1993
|
|
||||||
+++ cracklib26_small/cracklib/packlib.c Sat Jan 10 22:28:49 1998
|
|
||||||
@@ -16,7 +16,7 @@
|
|
||||||
char *mode;
|
|
||||||
{
|
|
||||||
int32 i;
|
|
||||||
- static PWDICT pdesc;
|
|
||||||
+ PWDICT *pdesc;
|
|
||||||
char iname[STRINGSIZE];
|
|
||||||
char dname[STRINGSIZE];
|
|
||||||
char wname[STRINGSIZE];
|
|
||||||
@@ -25,92 +25,94 @@
|
|
||||||
FILE *ifp;
|
|
||||||
FILE *wfp;
|
|
||||||
|
|
||||||
- if (pdesc.header.pih_magic == PIH_MAGIC)
|
|
||||||
- {
|
|
||||||
- fprintf(stderr, "%s: another dictionary already open\n", prefix);
|
|
||||||
+ if ((pdesc = (PWDICT *) malloc(sizeof(PWDICT))) == 0)
|
|
||||||
return ((PWDICT *) 0);
|
|
||||||
- }
|
|
||||||
|
|
||||||
- memset(&pdesc, '\0', sizeof(pdesc));
|
|
||||||
+ memset(pdesc, '\0', sizeof(*pdesc));
|
|
||||||
|
|
||||||
sprintf(iname, "%s.pwi", prefix);
|
|
||||||
sprintf(dname, "%s.pwd", prefix);
|
|
||||||
sprintf(wname, "%s.hwm", prefix);
|
|
||||||
|
|
||||||
- if (!(pdesc.dfp = fopen(dname, mode)))
|
|
||||||
+ if (!(pdesc->dfp = fopen(dname, mode)))
|
|
||||||
{
|
|
||||||
perror(dname);
|
|
||||||
+ free(pdesc);
|
|
||||||
return ((PWDICT *) 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (!(pdesc.ifp = fopen(iname, mode)))
|
|
||||||
+ if (!(pdesc->ifp = fopen(iname, mode)))
|
|
||||||
{
|
|
||||||
- fclose(pdesc.dfp);
|
|
||||||
+ fclose(pdesc->dfp);
|
|
||||||
perror(iname);
|
|
||||||
+ free(pdesc);
|
|
||||||
return ((PWDICT *) 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (pdesc.wfp = fopen(wname, mode))
|
|
||||||
+ if (pdesc->wfp = fopen(wname, mode))
|
|
||||||
{
|
|
||||||
- pdesc.flags |= PFOR_USEHWMS;
|
|
||||||
+ pdesc->flags |= PFOR_USEHWMS;
|
|
||||||
}
|
|
||||||
|
|
||||||
- ifp = pdesc.ifp;
|
|
||||||
- dfp = pdesc.dfp;
|
|
||||||
- wfp = pdesc.wfp;
|
|
||||||
+ ifp = pdesc->ifp;
|
|
||||||
+ dfp = pdesc->dfp;
|
|
||||||
+ wfp = pdesc->wfp;
|
|
||||||
|
|
||||||
if (mode[0] == 'w')
|
|
||||||
{
|
|
||||||
- pdesc.flags |= PFOR_WRITE;
|
|
||||||
- pdesc.header.pih_magic = PIH_MAGIC;
|
|
||||||
- pdesc.header.pih_blocklen = NUMWORDS;
|
|
||||||
- pdesc.header.pih_numwords = 0;
|
|
||||||
+ pdesc->flags |= PFOR_WRITE;
|
|
||||||
+ pdesc->header.pih_magic = PIH_MAGIC;
|
|
||||||
+ pdesc->header.pih_blocklen = NUMWORDS;
|
|
||||||
+ pdesc->header.pih_numwords = 0;
|
|
||||||
|
|
||||||
- fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp);
|
|
||||||
+ fwrite((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp);
|
|
||||||
} else
|
|
||||||
{
|
|
||||||
- pdesc.flags &= ~PFOR_WRITE;
|
|
||||||
+ pdesc->flags &= ~PFOR_WRITE;
|
|
||||||
|
|
||||||
- if (!fread((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp))
|
|
||||||
+ if (!fread((char *) &pdesc->header, sizeof(pdesc->header), 1, ifp))
|
|
||||||
{
|
|
||||||
fprintf(stderr, "%s: error reading header\n", prefix);
|
|
||||||
|
|
||||||
- pdesc.header.pih_magic = 0;
|
|
||||||
+ pdesc->header.pih_magic = 0;
|
|
||||||
fclose(ifp);
|
|
||||||
fclose(dfp);
|
|
||||||
+ free(pdesc);
|
|
||||||
return ((PWDICT *) 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (pdesc.header.pih_magic != PIH_MAGIC)
|
|
||||||
+ if (pdesc->header.pih_magic != PIH_MAGIC)
|
|
||||||
{
|
|
||||||
fprintf(stderr, "%s: magic mismatch\n", prefix);
|
|
||||||
|
|
||||||
- pdesc.header.pih_magic = 0;
|
|
||||||
+ pdesc->header.pih_magic = 0;
|
|
||||||
fclose(ifp);
|
|
||||||
fclose(dfp);
|
|
||||||
+ free(pdesc);
|
|
||||||
return ((PWDICT *) 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (pdesc.header.pih_blocklen != NUMWORDS)
|
|
||||||
+ if (pdesc->header.pih_blocklen != NUMWORDS)
|
|
||||||
{
|
|
||||||
fprintf(stderr, "%s: size mismatch\n", prefix);
|
|
||||||
|
|
||||||
- pdesc.header.pih_magic = 0;
|
|
||||||
+ pdesc->header.pih_magic = 0;
|
|
||||||
fclose(ifp);
|
|
||||||
fclose(dfp);
|
|
||||||
+ free(pdesc);
|
|
||||||
return ((PWDICT *) 0);
|
|
||||||
}
|
|
||||||
|
|
||||||
- if (pdesc.flags & PFOR_USEHWMS)
|
|
||||||
+ if (pdesc->flags & PFOR_USEHWMS)
|
|
||||||
{
|
|
||||||
- if (fread(pdesc.hwms, 1, sizeof(pdesc.hwms), wfp) != sizeof(pdesc.hwms))
|
|
||||||
+ if (fread(pdesc->hwms, 1, sizeof(pdesc->hwms), wfp) != sizeof(pdesc->hwms))
|
|
||||||
{
|
|
||||||
- pdesc.flags &= ~PFOR_USEHWMS;
|
|
||||||
+ pdesc->flags &= ~PFOR_USEHWMS;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
-
|
|
||||||
- return (&pdesc);
|
|
||||||
+ pdesc->canfree = 1;
|
|
||||||
+ return (pdesc);
|
|
||||||
}
|
|
||||||
|
|
||||||
int
|
|
||||||
@@ -159,8 +161,13 @@
|
|
||||||
|
|
||||||
fclose(pwp->ifp);
|
|
||||||
fclose(pwp->dfp);
|
|
||||||
+ if (pwp->wfp)
|
|
||||||
+ fclose(pwp->wfp);
|
|
||||||
|
|
||||||
- pwp->header.pih_magic = 0;
|
|
||||||
+ if (pwp->canfree)
|
|
||||||
+ free(pwp);
|
|
||||||
+ else
|
|
||||||
+ pwp->header.pih_magic = 0;
|
|
||||||
|
|
||||||
return (0);
|
|
||||||
}
|
|
||||||
@@ -307,6 +314,11 @@
|
|
||||||
register char *this;
|
|
||||||
int idx;
|
|
||||||
|
|
||||||
+/*
|
|
||||||
+ * comment in npasswd-2.0beta4 says this:
|
|
||||||
+ * This does not work under all circumstances, so don't bother
|
|
||||||
+ */
|
|
||||||
+#if 0
|
|
||||||
if (pwp->flags & PFOR_USEHWMS)
|
|
||||||
{
|
|
||||||
idx = string[0] & 0xff;
|
|
||||||
@@ -317,6 +329,10 @@
|
|
||||||
lwm = 0;
|
|
||||||
hwm = PW_WORDS(pwp) - 1;
|
|
||||||
}
|
|
||||||
+#else
|
|
||||||
+ lwm = 0;
|
|
||||||
+ hwm = PW_WORDS(pwp);
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
#ifdef DEBUG
|
|
||||||
printf("---- %lu, %lu ----\n", lwm, hwm);
|
|
||||||
diff -ur orig/cracklib26_small/util/mkdict cracklib26_small/util/mkdict
|
|
||||||
--- orig/cracklib26_small/util/mkdict Fri Jul 9 22:23:03 1993
|
|
||||||
+++ cracklib26_small/util/mkdict Sat Apr 4 22:31:45 1998
|
|
||||||
@@ -14,9 +14,16 @@
|
|
||||||
SORT="sort"
|
|
||||||
###SORT="sort -T /tmp"
|
|
||||||
|
|
||||||
-cat $* |
|
|
||||||
+### Use zcat to read compressed (as well as uncompressed) dictionaries.
|
|
||||||
+### Compressed dictionaries can save quite a lot of disk space.
|
|
||||||
+
|
|
||||||
+CAT="gzip -cdf"
|
|
||||||
+###CAT="zcat"
|
|
||||||
+###CAT="cat"
|
|
||||||
+
|
|
||||||
+$CAT $* |
|
|
||||||
tr '[A-Z]' '[a-z]' |
|
|
||||||
- tr -cd '[\012a-z0-9]' |
|
|
||||||
+ tr -cd '\012[a-z][0-9]' |
|
|
||||||
$SORT |
|
|
||||||
uniq |
|
|
||||||
grep -v '^#' |
|
|
||||||
@@ -227,11 +227,6 @@ PASS_WARN_AGE 7
|
|||||||
#
|
#
|
||||||
SU_WHEEL_ONLY no
|
SU_WHEEL_ONLY no
|
||||||
|
|
||||||
#
|
|
||||||
# If compiled with cracklib support, sets the path to the dictionaries
|
|
||||||
#
|
|
||||||
CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Min/max values for automatic uid selection in useradd(8)
|
# Min/max values for automatic uid selection in useradd(8)
|
||||||
#
|
#
|
||||||
|
|||||||
@@ -2,20 +2,20 @@
|
|||||||
# and also cooperate to make a distribution for `make dist'
|
# and also cooperate to make a distribution for `make dist'
|
||||||
|
|
||||||
pamd_files = \
|
pamd_files = \
|
||||||
|
chpasswd \
|
||||||
chfn \
|
chfn \
|
||||||
chsh \
|
chsh \
|
||||||
groupmems \
|
groupmems \
|
||||||
login \
|
login \
|
||||||
|
newusers \
|
||||||
passwd
|
passwd
|
||||||
|
|
||||||
pamd_acct_tools_files = \
|
pamd_acct_tools_files = \
|
||||||
chage \
|
chage \
|
||||||
chgpasswd \
|
chgpasswd \
|
||||||
chpasswd \
|
|
||||||
groupadd \
|
groupadd \
|
||||||
groupdel \
|
groupdel \
|
||||||
groupmod \
|
groupmod \
|
||||||
newusers \
|
|
||||||
useradd \
|
useradd \
|
||||||
userdel \
|
userdel \
|
||||||
usermod
|
usermod
|
||||||
|
|||||||
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,58 @@
|
|||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mQINBGG8mOoBEADeiVXeiQGVydXf6J/VpVjh9L2Q8drC8esi0zrMGO07TExJ+A/u
|
||||||
|
h1wLDfArQWhkoKqoSpbEynYyXubuZ1VIDtV61Vjglm28uCVuWPBk1AoQLe6erENk
|
||||||
|
d/b6IFJ0+OwFqqN0/0erqzTMaAM7rhE+3t4Uuqi2D259UVZRRXkld4AMztkYVxK2
|
||||||
|
dPQOhddZSN+didG/pVDP3q5t9bLpOYd8DL3reIgoFsvfKbmbTFU+ymT1Pgdd+Fvr
|
||||||
|
g1Xs7lL8l8P0u9lrm7YSaJkk0mqUooE05oc/yeXWJKun8EqQRyMQmkL/nLzlFx8r
|
||||||
|
Kjlq1fMiOKDFYzDAGyac7XDGGIYeNPBrSxu5XVgRfywgoAZzEI4cR0ZvMpO7cG0q
|
||||||
|
+DWZ0mFvAxZ5kE3gNgTb2YM59PaS86Wu0E+4WAbu/60mcv/llRAd7JLcvQcJjK0R
|
||||||
|
/BgPIujfkAeU06TzqVKeb9+DJ5jlzRkthROO/K9RPJMwDANRfkmHZoSQXuAOWKP2
|
||||||
|
KC8uh7N/Xy0NKP7xnffXeI0494Xg4uCjRROw3H7ZZnAiyRYM+d0cYFRF4Q7n9hy6
|
||||||
|
Umwb6yrFxhP4gRCN+HbE2Q5Ot4OsaU9KrczmXGbjbm88o5UDmHTGAssdmEWG/IFP
|
||||||
|
s5tJi/TwhXVBLxQWCDfHKl3/LCb2Xd0IWQs9W/8vMaZxYl0x6nuSOE1rFwARAQAB
|
||||||
|
tCJJa2VyIFBlZHJvc2EgPGlwZWRyb3NhQHJlZGhhdC5jb20+iQJSBBMBCAA8FiEE
|
||||||
|
ToDvSceYe23i+B9QBQecbDplPlcFAmG8mOoCGwMFCwkIBwIDIgIBBhUKCQgLAgQW
|
||||||
|
AgMBAh4HAheAAAoJEAUHnGw6ZT5XfGYP/2jIKN2QtK0+lNltlwPEjKODRxIhnlGa
|
||||||
|
nx3vmFkcQg66VoxV16FhAtuXuNMfRXZLDj+ky0aYxdpI/dGBjssFWsFum9HAXwjW
|
||||||
|
F3V71tPlneYJR+EoCwX08qUDhouODT1jl7j0ZoF2YOoZZ32K6DZ5/Zjw1/WBh7Dm
|
||||||
|
dUig9hQMME+2A6fUD6oRRGMDaz7a5Ce+iqCkTqcbqwZ+YkebHozprm58NH8dUIrf
|
||||||
|
Fn9kCLAqNRjGs4oQTBjBWEl4EC+ysCGR9Y4UWDhvkQbfgqxyKtht/fiCTEwYSS2t
|
||||||
|
w9JOxTCINuI49anIjljGTrFmKvNz1XgGUiU8Y42ZIvppVviTHEPYHQ6ECbgE9vKG
|
||||||
|
4r1Qvg3FLos0yqcuwOn/w1DtIxvC/3/tNlh/ZtCWdfM4ZRtxu4J1qqHnjsRcDbPs
|
||||||
|
FvJf5gQNZ3vVqaH84E+N8GwTt4iXH9c5s8j77hRq7RjJwCy4t//yq3Ot38vz1IiH
|
||||||
|
4w2DJynSVhZ75c6/UcDCdU9bcWfDfbvyRfTEqsDZ9M36M82r+L4Mzuj+Q9zCpuaR
|
||||||
|
TafPZuB02Yt97nIk06VxxehffJjjRTplt8oMlILkyX3rlhMnnQlTysdTL3rEG/Xa
|
||||||
|
h05rPuLLSRwo8KrCIXrVbXK9YSzqYJ6EdUmOpvbiQIv8SmWmVyIPs7ZtgefM+BWW
|
||||||
|
WcrXeHNy9I+FiQEzBBABCgAdFiEEZtA4fbhdMg+ECBZtsXXPqY8ZKvIFAmU61cQA
|
||||||
|
CgkQsXXPqY8ZKvI01Qf8CXnTPsmeIf546qUGnXiVbdwxR8Mk3DDQZ5aKHmCO3Ksq
|
||||||
|
ly5T0JoyJCycR873zbeo4Hp9xRftioJvFHo95l/9aW7bMSCH6bJlGZm4+7ZXszc8
|
||||||
|
Cq75YCkO9+e63xTFbmb+56TMoILwyBgRzpwHTdkHpvZf/mZonsvOkhqM4OU/Vq8C
|
||||||
|
TeQluNypr/d1oPidR/b8WPMbseaGOmhN3EogUyOFasbn3JCtETYTp0FeVJvrVvnN
|
||||||
|
ih7lQq2Kt4z6WsG+wf25sIoMqC//g579wDX74J1pfIiOKWMHEeUF0mKJOI2z8+gD
|
||||||
|
WRk7ZSPT3zFdhU1FLRNbiTT7bWEj5qaJlELhHs1m2bkCDQRhvJjqARAApG8OF2WU
|
||||||
|
Qp5JWei313GjoZLIBwywGRtGdjcZVRb46uDyw6+N1NMi005MroWkyTC5A3cUr+Iu
|
||||||
|
QYAzox6sIWhaue8CLh+sSpS0eaf+tJgQkb81y8vDBTG4Fh3FmKub5DGZmgzVhzLS
|
||||||
|
gfFCtgnNp5BujVijwNmHSI2aNqVrcr1GFuOefmphvG44uyPHdw5MovUML2AUmkiQ
|
||||||
|
F445grST81RwpoNLHIBNsZWd0HQU81CXB3ZiVzuVoDmpcMtK6lqg3ni9Hf7O2nUo
|
||||||
|
Jj6rW2GlczFkKepd7/J5BiIjVopAQzO/TDQAq3gXw549qxwBnvjx6iw8MhWj0VQO
|
||||||
|
Be0uKDVa3rE07yj1UF23q7KoNYChr694nB8ZTVk8Ve1lamNDSAJJZwk1dmtb8aA8
|
||||||
|
f9b8dPwKdR+XE9lkdfiYeM8imZslx3KJH8ZnybJ+EN15tIAGqxpHEllrXfBxvUiB
|
||||||
|
Gs3JIQy81H5bpcHUTjhFQegMmr95Hz/y5YrrbMb4reUg8k4DULAcbU0MKCJaaHe3
|
||||||
|
tM5kRWrH1BM8CBwDI8jZ1bpn9d6xtFG6T0FRGiY7u/F7wzBHwoLZ5nfWJnZoQPNg
|
||||||
|
5GePRy5uBl3dk6A5ejL96HP/ry9DtdKpR44sju4X94MxvdBXgDQjgq0rnjyuhFLx
|
||||||
|
piH2u7H4xlfaB2J4P16ucxUUqRd9bVXsT80AEQEAAYkCNgQYAQgAIBYhBE6A70nH
|
||||||
|
mHtt4vgfUAUHnGw6ZT5XBQJhvJjqAhsMAAoJEAUHnGw6ZT5XQHUP/jjL2xAqupWw
|
||||||
|
LROWvFVwX8M5ALt3mm61/j2RhSj3CPyv7c/A0tOlAM7PmFH8KG3VZT3iBSYsPi/X
|
||||||
|
j20S0r5/yaPzgqRQCdfE1KWDF0/NRs+FVP9syGYL5etgdOgQIsIplQuB2wudYpxJ
|
||||||
|
xj/tXCcFpVlirobXPjKRye40buiopQsh0RAzUox1UAXBuphqA8Z+u3vyfQovreRM
|
||||||
|
b808GqWRuqfQtieSdyOdCHQMJ87YOrr5VusGtXycG80Wxuj5m+VGyLevmXPEbcV4
|
||||||
|
7nIqY+pOqYP852nzEilKujBkEPAc+kWUV3uwYWy4nLu3xFvSySBoBnT+ztE2ysxz
|
||||||
|
gBNNyrTL/ihfCrK/uUdBnHWr/Wf834FQGQm2g2yHMan5XsLCJUu5P4MiOY6Fekah
|
||||||
|
4jXSkOmMZJ0ZK444qP5J6zscZcLJ3ANdHPeW8U6Ey81UtgSdoF0RFniTFbvtT+3v
|
||||||
|
rdCEQZUr2N87fFMp4ygMipZgtXNrI810QROLxJCFE+ZCn28T4yZzciVV7f1vRm5Q
|
||||||
|
+VUD2tFeQbJJqUsMqos4umU2pNosQyE2W5mMhjlZQi0+ZajjiEZs+plVZ1JSEvgZ
|
||||||
|
3r+yagFOArK8ZyCzsL9u4ZFhomQNUKskSK01zbjWv4/mSdxS7U+citNKFsDuhq9P
|
||||||
|
wc44x8aaET0FtmmJmRfxzQSEkczkR4AM
|
||||||
|
=K+Fs
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
||||||
@@ -0,0 +1,185 @@
|
|||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mQENBE+oKZQBCACz5WylGAr+eitZjuSigzR+y30W3E+gkU0DSNlBB3WlorOtmzMX
|
||||||
|
9F2d+z+ozJuez4NPqwfQ5y2ExKSbL8i1rwYmExZIzTDpm1Q6N3hG+vLbxwbrbsKT
|
||||||
|
qW9rPiXriU5yRwuvVJl4NOU6T/Pau3/VD8iFN7U4mVpNFVPlB8vCvDJ+07Z0xIH9
|
||||||
|
MXe8uaERG3v2EL7Mv8L5w05XEeuTT/CJiw6NdzwjZc1FymVoFjntetl8HaJ+5JCB
|
||||||
|
2ylAbnw/wZJHORgsLxZhOL6/zrJRG8GvjgB+1l8izgl4n0DOqjyyoQIZJ+mfuHR0
|
||||||
|
6wDqwvP5F9RZqCh8Md4hYujop5a0BKfAzLfdABEBAAG0IFNlcmdlIEhhbGx5biA8
|
||||||
|
c2VyZ2VoQGtlcm5lbC5vcmc+iQFOBBMBCgA4FiEEZtA4fbhdMg+ECBZtsXXPqY8Z
|
||||||
|
KvIFAl2r0d0CGwMFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQsXXPqY8ZKvIM
|
||||||
|
nAgAiTpLlXuzyD4C+9I/yCA9N/BqK43jnMfJOl/Ky56vgJ/WbrFJLuO3wubMlRLD
|
||||||
|
3jurC6SK2g0TpygyoX2MjwZVT60Sq3ZcgIh71yyWHhtZ29NuUiKsKnajb9IlP+AM
|
||||||
|
1V0g9py41YdDUmAuC/5crqyK+8u1CVrB/is7Eym598gIl9nyGvaZrzgjG1cRCjzf
|
||||||
|
ZU8pRG+VPMr5Xla8rDKBZl+LcusV90eAUa0E/KVFS5N1dQ6HKckYXPSBN3DKHZy+
|
||||||
|
qKa1k7Dq0CnkTjQmjaMu3j5sdOXg4QUfhCHeLDFAtadNdP04I6g5KZRvC44XdQ1A
|
||||||
|
bxFMLyObhCsq/QxSh/nYrKsw0okCMwQQAQgAHRYhBFthJl4sTzRNQx3P6R5EEKQC
|
||||||
|
S8bwBQJfcizvAAoJEB5EEKQCS8bwYiEP/Ax0AQmfXibQixFkH8At4dsSOtL9kyzn
|
||||||
|
SJfDg7+q47BtjCKDrx+ecX22ilfjBNymoZo/N6JYDbOh7Z6nHC10IrguGIxM/Ynp
|
||||||
|
R5axA+5VVuEvc1x9SDyBw9MZcC9QkF10AmISzvgJ2OPJlH7uCPrBvrsjy7WuPn/6
|
||||||
|
l91tUGem/iThccog1IxNHLDWmCUI09hD+txTNyf4vJvkGP7Omqwy+DwFyWdWtDYm
|
||||||
|
Mg/mRkUnU38gZ0UqPlYIUVujZjGy9MQGwtfFtfEAfp0EXruw1KLchsLa0PIaWc+R
|
||||||
|
qkmlk5L+GMq0qAdJMUmeHZZx3jKYQFeo/PI++3fJg1kD0ncwx0sQ4SaKZoiU8oB7
|
||||||
|
mT3jYwrz+2cJsnS07fhDu7tLq3mqNzJSux5cgJvlCM1N01lQcuFyl9PaCNha/z1Q
|
||||||
|
piFdtA4MM4a2QcUPEcfh532/thfnM4NP3IEm0EXSGs51Xh7NNILx7YRZ3V4xfqvg
|
||||||
|
EaPs6+2vsEP6SsZ+icwaklzKh/I1Jni3CZFtsiBO1hCRO6yIKlvQCq6wtZa7QMZa
|
||||||
|
65fvESoLM/dRZRMNqgUp1KFhMndpenQJDAKG7w9SdKDkXx7WGrBUDVBbm8tN13Fo
|
||||||
|
WPmbMmmNPreMQ2LEXN9HentYVxZXcW3q7KnSCuWGc0lxM9jDwE6W/Zm84dsLAdlP
|
||||||
|
JdoeKv4fnhoZiQEzBBMBCgAdFiEEDnKQYQ0vbcTWXqkhmjFOxfRwoKwFAl9yMrYA
|
||||||
|
CgkQmjFOxfRwoKwSfgf7B+OaMOtQksO88589TB3mP4tMg4fFSmayenLHRRpslgyH
|
||||||
|
f2Vnwq0/8qhR4KYapQ3vICy14KhCChWsPV1U0H44eR0R7FVHoW2xt/QCtFsxoBvP
|
||||||
|
zNcLFbc5CUN+7Ff4ybvwSRYNBwYktiXRQOHeeli/i534+kNkQo9zYsn2ej7diaLg
|
||||||
|
8x35UV93BmmWb7aJVj1nrZ5Nj7BzBiakkWlAj9qb7xeS7lcwvgcOP8qEpPh1FRgL
|
||||||
|
eR+2WjueArNTNS5w3X945EHWi6mtzKLiHMC8T0k/9WmmPiKe+LWudRrZazFhairt
|
||||||
|
18dlMtm5aLU75iDufblQnaAMGfNlkwpCw8jwwox+c4kCMwQQAQgAHRYhBHEAqt+u
|
||||||
|
bm6UDS4K1lXkWlroynyKBQJfcmGfAAoJEFXkWlroynyKg0wP/2weLgYIzUvBs7WA
|
||||||
|
pU3a/JuSRSoQ5iyUk4TN8UD2pXR4f5G/vDIkxEMLsFjQVJSOZyrsJlS6s32Oc4Ku
|
||||||
|
vrVFrjFSqkuLbA06fUxihXozdH7hfqSVl1nZIftCo1Y47PmRNyW59mqhi3OkeXJZ
|
||||||
|
hkMLL/g57Hv9rlKPi8ujb3SjSltaK0TFjT4IdrQVNgit3zw8ic+roS28rHwmXmy7
|
||||||
|
MXgVwFY0d4Tg5SX3KgjuiGK+fhbv59LBpM2uUwSQ2Q0IbyLuUkVK3LBmQmISR2lT
|
||||||
|
0hNsV8Xr6dL/EF8+e9O8pxwI03i56hktCXrBiwbgDiYxJcaPyb7Nw2KNY2xtIebQ
|
||||||
|
xMgdY02PLiAJVNYiZPLr1Ro4p0kIChbjdPapzoVaoBpMBWm6lKVIMH0UnnzsduPg
|
||||||
|
pZ+YBBYSwUkFmfe6cFf+Jg4jSNIoFThEzum5Jzw1gra1Wu96KrvnESBfuEUPXQcB
|
||||||
|
fCQ6KNVrdOY/SMPHt9MAPaovES+bXNS8/k7/y5Xtzv39l6M6o8xChEbYHINGJgWx
|
||||||
|
hTtGi+NVQyD6Q2paDPnt3hHXQfrDq/8r5zQZ0+NO3ay+DZTyH54F13YGlYeT+PWM
|
||||||
|
gbh1UOfZADP/kXpTMvALsMTPZrvHf3/1RrPIa9aRL8C3T6a6ixz0n+MVX4XoYWR1
|
||||||
|
NcB7TxK1foFwnkbWxPvfpA5aCZ10tCxTZXJnZSBIYWxseW4gKGtlcm5lbC5vcmcp
|
||||||
|
IDxzZXJnZUBoYWxseW4uY29tPokBOAQTAQIAIgUCT6gplAIbAwYLCQgHAwIGFQgC
|
||||||
|
CQoLBBYCAwECHgECF4AACgkQsXXPqY8ZKvJh8QgAm+I4djDNeOcdauxtBDvmsmrb
|
||||||
|
BDg2UzkVGWOyS58Je0jP8NSkopPdqobfLvLC0TCXh4+h8mYtsLQ7ltkX1uWBJIJX
|
||||||
|
TbPMZ15SiwAmzG6ZgdWL0JEdayIBo0xfyCJ/294+rP+Jj9xo9LjDiAFckry8vC/F
|
||||||
|
OgjgJkPAiUyQyi///cdDm/k4p96psDWuewYjvi9TD1m39KqC53Pltjrnr3c6p5FF
|
||||||
|
ZTq04fzOjgeQV7Dbph2HzSoCfVHsAueTrzPB9ePy93JH1/Tl0SpuD/i2FlZyNYL8
|
||||||
|
WudA6NxPAq7kOdQIT3ftrUw/O3i3UUJhQeupws3327Ma44Pjaj39L4kBrYdaF4kC
|
||||||
|
HAQQAQIABgUCT6ixnAAKCRCJcvTf3G3AJjknD/9zVnKUb5DnZLmplTCdAAFTMu2I
|
||||||
|
+ZfDyp9otlLOid4AVco7UjwtYA9+qkBi62QC9qcNoImuiSrwZEhCb4hepcTZU5sb
|
||||||
|
fBZ/DFIm3y3sAxroCTiCEUH5LS5xRBjphtuM9iq1++i4X96OLgXVbC3XPajxmv3x
|
||||||
|
V3rtcKHA9Yb6KmSDL+pkD+1qg3jYZqpXykgg5C4U8ypnlPyuBAY0yUxRRqF3rHmx
|
||||||
|
F+ro31mReqmAIAUd0PgwKFrEp1GpJdGyeJriL+8yznttihvRy7OookTFc5HKZ6qE
|
||||||
|
GjTl4pDz28FQoL7QIDePoRTQTcfcaA2sFvW+4Pvo6PrE4mtL4nXVidznrsU4sjJw
|
||||||
|
h8U09XJQ/7cvNmQ4Wt5XaS5BgLRkSKp7otGnp56NHbaL+zo9L7p50j2p688Imlb5
|
||||||
|
FTqQBHY6pZfMHL3QPk3eUXcakJz3uyS4DlTVmlXhpfHloL1sY9n39iqKwpb8ItVJ
|
||||||
|
kxb6f8eqAJk1H3CoABEMSLGQQz3DAn0lqGIGzzm9H90uhyiCcPq21zwN2pXhoHfP
|
||||||
|
d0BBb45u+EryJ5JfUFEpeRw3QFHUFrdyY8e/INYnctUOaChFsjvd5Vv/A7OXEzkl
|
||||||
|
p4yCD7Yo/2d6e2m3bvSKkU/t7DwysqwwkWx1eVPQN4eR/LxddZ9cIF/9C0f3epP/
|
||||||
|
MGpK2dfHD0yxte1OfokCHAQQAQIABgUCT6iu+wAKCRBP++TpLv3qcrq6D/9+RLUF
|
||||||
|
HyDgrnhjwBZlN47nh363cpQwuFFrIWi1SCnRrkvYtHYA7QVnPw/Wa/6FKO4gAJ4z
|
||||||
|
KJg4RByw8+Ehk7LyhWqAaqs2fQExLHBtmS2rSj2j2ztKKNq7oEHfTHXIrFGqYoBG
|
||||||
|
BS98uVdIrjtsfuWhpyFojQcLCmAGoZMCtJJWdROR5KZDbCk7fZrjq6W/xYxQm8I8
|
||||||
|
ywmQyYoq9yOdqb+8aP871/a5TDxnbOAuObxCko+uG7fKm8FxvDGkAFC0TnX6cyww
|
||||||
|
jmIcsIVYjZGfD5lpp4S6y6pWZ17s773SSJF3xiQ04HbBv38HtfZPZPofioz2DAx+
|
||||||
|
fZS5ilZCBf1bZpIUJLBaKonnxa3S8Elxnia2wjAMSY7mDs1TSilkkwQyrELqKIQB
|
||||||
|
fyQtKeti8qSWxjhkBaHEQwD5qZr5B1a57AbgLDFjaa4lst1fcgHbBPY/5jkqh1dE
|
||||||
|
OkZJACt5YGaHOucqeKZbYWUBDtbdd0UMl8CX0TrzcUg5SYEVFKFQbdYh/fs0cKKA
|
||||||
|
AxtQ53QEU8+XcX6UM8UHJJASui7o56+2IJECCKm7r8Uqi8E93GJUDsbij1Gd+Rl2
|
||||||
|
rjBWa4P/hhUYG38tZUhng95olgu4/x1BfHihrHKd8LLnb3zgYtRl5Z2ANDcUYnye
|
||||||
|
4gbkeIK0bPaoZ+7ioibzfjaLt//NFp36iNfKfIkCHAQQAQIABgUCT6ivNgAKCRB1
|
||||||
|
gM7ry4iwi2KjEACa/zVC3Qm2zNgKu4lO/ELFNZHjKeoY+lsELb3TAyO7Kd32zgYZ
|
||||||
|
a/QEfq9GTGffQgu8W1jNhvhFVq3OhFWsC4zl1znjGGINYWx2UiIGvu4Yh7LHItQu
|
||||||
|
B/xPqL2rlyFEi751Mc7HYQXv+BIXU5y6NnjyAzuv0h0LQzcmaJKL6WkJUtxBy0Ux
|
||||||
|
A7l3aT+2tpEaU6lkMXsBLppc9HqGXfNld5wR2CHqwIGFlu+SSgmADK4AZMQ11SnU
|
||||||
|
RLBzAW+Rz4u94JZevTPQx3sWJNlONef6SVZ6B49YZ7IbUZMVDQZZwSQUWrjgKMv2
|
||||||
|
QjW4jitGfqxnwU3egzRASbpIVoXsthkAGLyQAwcyq/K/sumwOJBA+nh3h+HLJ88K
|
||||||
|
oYHqhYsnlJdRLo4lbXIvXnhgtnWT2i1tYiD7st7f15zn1Bu4edhItXK7un7In3Nq
|
||||||
|
RHOjwCbOJOlMfOsdDxE75RffbDHIHRuNhSRa1tQzvs5HricPpw+HC86sKwhqyYa1
|
||||||
|
zvpFyLN4dn4mqANvmEAKL+s1KH9vZcGpihJJwATRgVL9wQrTE7CcwmTpWRVFsHtQ
|
||||||
|
LjUCVLN9UdFq1vKJfgScKpB2PdLt3PP480lcSlpTD5ngeTopDyezpF1bEzMdVXRE
|
||||||
|
mFN/2UvSpqQJIKVcteeneWu+jGiMGb/sS8DMRhEsx9cWJgSkiTiAIcQklYkCHAQQ
|
||||||
|
AQIABgUCT62IbgAKCRB6I+Rm1KK4HkJbD/95poXt7poScmgTrp0T1Tssnc4bbLAV
|
||||||
|
zuQspbmR7aPodnnbp4U6a4bIwb+NwxHxb43ttJh1LpVYxV9xzNNwSih9K/ggkCjz
|
||||||
|
H9tTelclkjYql0zEkfJBoIKy1r6csEdzDMMTuOPYNTtDTU/Ax4ERwBTF/X8GjnS5
|
||||||
|
SQ3gnBmpxrxXwC2+9NRzEPCNw+MUPgoAJpwSqrmoNVd2I39MzKo19LAZKJ45vQY5
|
||||||
|
hfeuPnn+RpcnRtjcwFUqakr2mzipFdFQGZTtjbYYEapRXSy8jvvp0k5cCreU+cxR
|
||||||
|
T9nVfySHXBF4ySHqpIoqko3+QtqPLI++C5wugoYiJL/bVB058MxzxWm6KKGgjcAe
|
||||||
|
62qQsTNXoPErp/Z6J3TGdxwuIcJjEVRKkNaFRb/rSBYw1L/qdW3qEVBB22l16lfa
|
||||||
|
1Pdd3IhpQHVGQnKdebCu+BAW+egF8SULgLnBPZKj6rhI9z9gOgHyzXJGzPoIk9+/
|
||||||
|
O/D23w9pUmumOP5s6LGcTFGkumG3TjJat/SjUQC7mlEDO/rOzJ31mLdmgXtvpSct
|
||||||
|
3BRUZsPjqcw3eYTMJql2PkpHM+Mrljtm48z8394vB5Fv6MrRDppwXSBMSyxoZ1Cg
|
||||||
|
sx7AKWPBWeVMQO5fxblBmKfyOd4ee4UdVsL9qjosfkf22/meyg1M/yUH9qbHffMN
|
||||||
|
kAmrW5h2LYxqiYkCMwQQAQgAHRYhBFthJl4sTzRNQx3P6R5EEKQCS8bwBQJfciz2
|
||||||
|
AAoJEB5EEKQCS8bwe6sP/0BFyE1KWVcJjR4iH3QKzrxzoQunSbLUGrb9i+TrwQD1
|
||||||
|
VETGu8KzcZ+BSod/mYaYq39r5NHczrPgmlkHgZ/qTu9ufvBdSPiTbpTU8enoiZvG
|
||||||
|
2PZyjF626MWzeljzn5wKjxZo/4+sRd9dzZTl6xG4N5crctcriWllO3zDmrsnNQBT
|
||||||
|
E4AXmCnOCgbuFhA8NCun/NyXsYrTu5nKXictwR8VhyH/HdML7VRqe3SsLIfbyB6/
|
||||||
|
M+8H7/CYzBCokZEgFmFwC0gxt4rbP5KkBxZUPJLISpGcYO7tXMuXq/vRrsHFlUnB
|
||||||
|
d5MW8mKF12cnky9YFIeW0bXxMPcy8tdPnDI+LSGgt55RzDDvWheoQsCkPf4nqp3Z
|
||||||
|
uLL5XahXvREsDZUya03fXyOoiHqskqdu9KjoKiJMW0ZKYtSZ/UvMb5J6fbw9xR6Y
|
||||||
|
G+fLINZuee6sP+2Hk4n8rZLg2mdxKh/nclXE0yFy2O+jLAiz3mMvzVxHKUCegAn5
|
||||||
|
N/l3ecutmWrOdjMN8Dn21iwgWxCGeuXUkswKyOmWnV3hVNjlKHq2x9q6abrk6Wx2
|
||||||
|
duJorBbtAKjeLaSmXr85BS4ljzV0I8g4P/qmC+6uFNI166vzeLlbaGcNeNJaDtuC
|
||||||
|
Z9ut9YD8bH3IEviczW3nz7IREbZV0t2771alqUomZbFS46kyMEs6MQ6IRQybD36M
|
||||||
|
iQEzBBMBCgAdFiEEDnKQYQ0vbcTWXqkhmjFOxfRwoKwFAl9yMrYACgkQmjFOxfRw
|
||||||
|
oKzxmAgAsZkOt2eAk3b0z/seDMEqs8MVaT9Tt1nWkN2Jj2j7ns9dFLKOhbiBshke
|
||||||
|
86rApWVxMZWT9io8qJZj6V9uNMc9g6ujaEISzzYuI+mlwm2Myfg+62b3aE8C+m87
|
||||||
|
jLcUk57BB7Fsv0VZZJGz/dxpCUyGbvNqIHXx4irwhnN6GMBnbHrUQQb3erGeaq0/
|
||||||
|
EM9umQ3oyi734EYmRKXkCBMon5YsEt3pJyZZLe4S2zxPUQZ0Qh87DJib4giGFOgw
|
||||||
|
sKY36VI+clHh3aZ5XAoGR8FF95cP/vb3x7cClMydLogO0LS8gy7bBQpxJwahH201
|
||||||
|
M2NnJJtA4g+gzgbjh+PqLy3zW/cK6okCMwQQAQgAHRYhBHEAqt+ubm6UDS4K1lXk
|
||||||
|
WlroynyKBQJfcmGjAAoJEFXkWlroynyKIfwP/0MCTmvNrsVMxf9N6RP1bpeN8/ZJ
|
||||||
|
I3l4CKVGM2U1cDapALYqgXwptaCbJWw+xw96fxlHN3QlDbd9sp9R0IWma4qZ61B8
|
||||||
|
XXNr2UgbvIoQ+KKhbrtSQqyU4kYTSpOXMofvrkA54G+sWbGqRivjRUJU1kC0UamU
|
||||||
|
LRy5DkPULumYh04eDfJkFxEJQWztV0zoJc75Ed9ESGrd6kMzj4FQeUjK4yr+sN/P
|
||||||
|
eLDU9yCgVYMQCgO1BM353SK/Iw+1YbugjmxP33l+6PpLvSSwfDMVWT6L4M3TUK0Q
|
||||||
|
aWPJThrXxQMLs85tVbTKxjBnlPhlXYJgFRAl6pAToMaCsawg/zcDPeSdW/1koxtL
|
||||||
|
3IlL1YXWxt67waD+qxKMCJdUmqF33fa962LAYNGsjCOngBYVK6jNUCSzRvAIoDBz
|
||||||
|
XJBqdsAsWRaLfp/lffEycYbcX8NRkTRxWTVJgh5qwzyLQyoJdJa+879WZ9SzDdhi
|
||||||
|
vw+K57M7Di90ycjsP+6iSTKTXwcC9KSZ+Z50IqTT42ZMc5wHepK2ce90PjAnLM0P
|
||||||
|
j57LzMCjNylC74rjmuf5ooZ1F9Qz6YR7mnM8wBiiKjSAOkLviZ71+ZUBSompLQ27
|
||||||
|
+r/2RMn4BMRFxkAePeA3mA/K19jXQpHSo9GAasHZifQcPW701dEStN+QdDY+KeTe
|
||||||
|
AF6v87OszaOUiefauQENBE+oKZQBCADc9sYSnWAj3y6QE9sGNDUFaKpAFUsprpQ8
|
||||||
|
LeA05nh3RUxYDd75qc0ewtGR1+SlgpehKQfSXVQT254jM5lJanNDPYffk9k9lMwg
|
||||||
|
SVoTP2QaszfDgir7WKKQuj3dBwnmYHdIY2mq+eaAh/1cCU//ggdaATo4ENQhKTAI
|
||||||
|
iuviGKBpYX/zHAlPIvyFjERsBmq0woQKvDGsoQEObx1zu1GaTWeTSIEnHyRhajMQ
|
||||||
|
rKUAxSCh9Th2Vj6xOhvx9TK6li+ecxYuuBVP0Xllg1GdoQBC8KWITDOrU18suj1v
|
||||||
|
EGK4YOzQQPxANs6I81SvVddd2bh71cyAjhHr1kugw3PWQvLe4yHHABEBAAGJAR8E
|
||||||
|
GAECAAkFAk+oKZQCGwwACgkQsXXPqY8ZKvJrVAgAi7CVXJt8mZiN+yzwiZVlzrkR
|
||||||
|
QduB2cgvGZD6Hm3MJc1aVA3Gh0tJcLo+SdutCOzKSmPRSsnWT19EKxpDMrc9j97P
|
||||||
|
i9SDrGyUOx7Bz8gKjTI6BcfPNAhAyIr5Gr9SDyTx6tUduSmmErrvjYWP1/Jz7spI
|
||||||
|
nN2wQd5ZVRSvS/rNZGh1NU31oeWlbpkU0JpGbZkMXv4JIy+1caH5zzrcRMC9JFxf
|
||||||
|
m/bYdaq+jHhMufnSy0Qa3QgJkKvzxzvlIG9BaUmuNeR+XoA9ISEMQzAYXqxJQSL2
|
||||||
|
8Er9IVaNgtz5mqCMf8vuDTPGpkYyqGnOjtQNF695wiA7CAr3/WTeiEl6kKsBFrkB
|
||||||
|
DQRdq+CmAQgA6Tx0yBi7hDuFTjrUQL8y3EiLBIPyLuWLNQHxLPEU+fJaCS8bYWKT
|
||||||
|
mVSIMmYSy0t0Kbd2lqmIm53NxOCX0BujjGCir5VspEI+TTTXskTZs1JsXdObGFoc
|
||||||
|
AeIG+FT9T6RHP6UOdQTVKaHMZ3XKfWQK+Yb0yZaOJA+Qb28vHd3joMGeoc7rCfUA
|
||||||
|
V4qIq7IKzWKC+1ParP7b6LNj23J36zY73n7UINCyWpDwhA0/TRwVMmWOyTd2ZldB
|
||||||
|
vpKTHFM0b4T/a8x1RmFRtvtQgVQ6YV6Rm8Zkwh/2w0wkYJUg36/IwyETUwDXuIkb
|
||||||
|
G0AVWp4w3jAD34wDjPm52R6B1vGdbEu2DQARAQABiQJsBBgBCgAgFiEEZtA4fbhd
|
||||||
|
Mg+ECBZtsXXPqY8ZKvIFAl2r4KYCGwIBQAkQsXXPqY8ZKvLAdCAEGQEKAB0WIQSp
|
||||||
|
vT/xcHK223gPz5Q1cNoXJwrOJAUCXavgpgAKCRA1cNoXJwrOJPZ8B/4+BLTyb1SK
|
||||||
|
Sz0tYCn0GlqJWfRJfH9diFMmZGvvxSsIeiBmy0ARPaFoupbAwijI6mJ7lW63GLZZ
|
||||||
|
dC3OwnUEdX0sH80/ecVP8/1qxlfMW0EFFCwPDFbmKLbSGQcobXQzb5AaILSyx+LX
|
||||||
|
ONAUpto6nG+i7k+L7MFC5PVFDrk1CsVhAjjN3ItueeJfYRmkOKksUl4azzzUdC3t
|
||||||
|
GPBJS0CNdb0z+lBAOn8lYSOnoPdHjKzT9jhwluUJyLmszxSf9pW9dgYGoSmx12Ef
|
||||||
|
3EamTQlNa0YB/DVrSi9G/f0PW7Aby5dNCJQNMYaWWVeHOkuRwkG1PxV6iCIAZkL3
|
||||||
|
2ls1bkFTxxsXI4cH/1D8cGYiqaPkxi9BkJD/9x/0B/2Bz6jZgDj8qDalJ/0YpmLN
|
||||||
|
3cnw07Tk7phKxeoiwGvaUgaPDiSWQTsbJF38pUxA7GsVj28Vx1LFC6SWcVR6Ifvd
|
||||||
|
EU/eex3PD4xGvgdylub0XR8KcHppTWCp/vh7/pCK/p3amrsPPLPHtkKbwFEtPYdl
|
||||||
|
sV5hDoax04hiBbNZeq6uT/ryuUTUPsWj0or2Wass7Cuvt7PWk4scDyk8OFmHEjkP
|
||||||
|
dmEOwtS7HdxoJR8V0/9WlomKMY1zUdi3yaThTVBvpmVp9NhvvkX13rW/z8z8cBNn
|
||||||
|
kqlP2CvRoaR/Cm3MLCUEnzKlxEj0C5RQMJMBcga5AQ0EXavhYgEIAMd+iVOTx6FC
|
||||||
|
3Ghv2PASeXsnxtb9Af+aBjNf0m8WKTLgIS9xQbxgNJctG6AEptkBfAStRLIA5qOa
|
||||||
|
0iYIpkJynEPbonJ12qvtlJ6b6g1h3AThYXQBjTQ89X+rlFzVGQsieqanjI+fiSNb
|
||||||
|
DarOLQUbeJOrkfFukr34o5xloKENL/kwu1lDG/Y2GMxZRLe1aVJUXQg4FiEiaE+L
|
||||||
|
NFbrUHxdNR2PE4XuJHetneHEiT/zXpvEF4MCisjJTGAHEC43rl7OqHU/GDdcW0ud
|
||||||
|
yf9v33LCFWTRLlgKKHVyUrHVhVzbB2z1+xnxxh/bQXjgttIP3Zqn8LXiLnUNU5+e
|
||||||
|
jJiuAwdwcn8AEQEAAYkBNgQYAQoAIBYhBGbQOH24XTIPhAgWbbF1z6mPGSryBQJd
|
||||||
|
q+FiAhsMAAoJELF1z6mPGSry9/UH/0vOoYu6b57UxsJNR5dCMhsPYV7FFIX9uj5X
|
||||||
|
IDo/bQt2RTMa2PuKMbcDGINsDqHXqOFpZq5WDHhq0cEoIqhlkgj1uC77LLGw7mWy
|
||||||
|
iaMbITQDlRzP9c9Qj3NkGNKW6FTwR7LPh43kgXygO1StVADIdHapiw9hI52rF8Fr
|
||||||
|
NYy4oNRXhUcDPfn03akuIbF75saCHaYO/xoQeEqE+0qV82V/FT5tISMygkzgq+9z
|
||||||
|
UhiA4XQjxiVhSK2cAi0iUTXZecyEueLk6zZ9vkD8JZagSirTFgxtLrnhVpUBJMOg
|
||||||
|
ffv5jmO/Sun4s+3JbAdicmsFqw90hWmGNwa0F5HZ20rEVAwkdt25AQ0EXavhqwEI
|
||||||
|
AMKECc/f8f0/CenKkz3wXGEtlG46YLjtTt2tWYXdt9Z04ihVaYePanFtvuujyO3I
|
||||||
|
3jUQNv2foU1CtOuVyfZqX+TXqs0BUPXWwTCkMOyc/fEQ5u0BFJjWYtmr2sZY4Ag1
|
||||||
|
juJsmzI7g3cnMLL9LbjpbHRruFIT5rnv9NwG7PURn1XnCt9tdZ/d0h7vEaNkD37j
|
||||||
|
67rjy8UElVVcwVGhsCR8CkqwZ6ZwpQxE9wyq/Txb+v8qEJcohc5SWbYl70AtzHOb
|
||||||
|
okkW6cvRjNz+BcEpnPfu10lbPO/8a16B96VDdjDGPj2shfNsFLaT8MtFfDAdjZRG
|
||||||
|
lrfv3Wp4qFRlSUGrjInvOLMAEQEAAYkBNgQYAQoAIBYhBGbQOH24XTIPhAgWbbF1
|
||||||
|
z6mPGSryBQJdq+GrAhsgAAoJELF1z6mPGSryW4wH/3Xk9x+WUxeJNtm+5hOfe/KB
|
||||||
|
sXQUbBz+JHGFjd9YQw98jUvPNN1RfgtKf31b+FDKbk/cu+9bNLSfhKDz2AEREVio
|
||||||
|
gKRcVjJDy9XmmWQd1oo+M4GHNYhpIt5ZK1d3CROIiqisLQsih64/gl9gboMcsUuH
|
||||||
|
Rkc3hVKUb2umCZPG37hUdAvOmOMS7/0KCGS5pXnfsX+zegSKjps12siExYXiRpkx
|
||||||
|
bF9MW7er6/6ukvHLx4jHpgiZ5Sjt/9OqUiAOgUSQfhpAUJlaLxe9E3nj+ABs7LV+
|
||||||
|
FOjtI64skqgqbYo5VXobFSJhqFTog1+KmMznfsdKaOZQuZh3v3TtGUzkxoMUHPc=
|
||||||
|
=xU87
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
||||||
@@ -0,0 +1,147 @@
|
|||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
|
||||||
|
mQINBGI/tA8BEACYC5fPDOMDrT8SxNlsB9fRj9YAZt7okGtbCIlVuSPs81YMkeJm
|
||||||
|
BxtPPnps5Vw2whZS13zaoyPykMg6k+komDWctWQKIF0VgpVYtIuezq4q8kMNmKLc
|
||||||
|
MnHiZRKRh8dOqlK6jHcUlF8rBgQhk+RUBUPOqFEYeTveoZ9qqVmWhOVce5uUX01k
|
||||||
|
iU2SjoGAGkNDBqmOkhhVUSQg/AVcc4web6Gu184VUbOXx7J5MPpRmXE610fAUeeJ
|
||||||
|
1VzyB8U/hgPLrbZX3jQMJbcCSM+Qdxdr/gsptfx1XIm4NsvKXTUOpWg1DQFiQYTJ
|
||||||
|
FN6Kz0NKN6MV/3AqbKGtWDqKhFt3u3a7T+uUP/qzi9jma+DruQuzQztI6xnthZCb
|
||||||
|
RjFkQ/iUUtuGgmpOB14HrgwNaRjKWddzab+A7BL971Q3fFqDsvrntD+koYVUgTfq
|
||||||
|
ErcQo9ZdGRAUL5icyyDg4cC6xgjdmYfnX1s4Rlo3cXJXTZpIOx5AvZV6HYNNm9pu
|
||||||
|
EoPm5gjNtk4F+FENNjkB3c2ntFr2prpoxaN9ceNd8a1tkWAgh6ueFVA/tkd1hy+2
|
||||||
|
bP7e5+Nk9NjsWLvnL2slep1cX38DU9hx91t21+x/8hCxN4gqtvDJY/eqUZ2d0uAR
|
||||||
|
KhPEDZ8GzchxVtX9bGx1HSAVcdnkSzKIGFOJi3ivYqUEihXd5WQE57UovQARAQAB
|
||||||
|
tCJBbGVqYW5kcm8gQ29sb21hciA8YWx4QGtlcm5lbC5vcmc+iQJOBBMBCgA4FiEE
|
||||||
|
qTSFlM4xKDqCb73Y1XYz1EHiW7UFAmNDAAYCGwEFCwkIBwIGFQoJCAsCBBYCAwEC
|
||||||
|
HgECF4AACgkQ1XYz1EHiW7Vm4g/+NDfrYWHAHSMBkQnTZdhrOFCR1tJsWTLABwe1
|
||||||
|
fMLBW7djLZMZweDMU76UBrucAEsarKkIHyhqpBES5EXwmlvKSnEhzPjXZ+PoHmM0
|
||||||
|
M8Lq7QFZ5IEbrhuJbvpfTCa0gleHKIVYCCeaf2AUpgwX1XMkG2mmRdvUDQ2M8NMH
|
||||||
|
ljM/OZ+6tBGpw7zvx1kYsSfBerlHxmLXlRxHrr9nWi7zXa+HrHZQAhopuufIb1we
|
||||||
|
8lI/gdfywq7s/e5Xelk4dnr/pEFx56G1vh0bc+zU36+C9gX5IXOJv2WrTmOfG3Am
|
||||||
|
gaJgWZapJQlPFEByk+2oJf5UOgPRhdX7qLR8mVnQ4EHM1sr9B6UGwcySZpVwag9n
|
||||||
|
51WhjgdqYoSPt9dpPSNfNavLJDR+paM0aEHi3/t3mGJSyOPM4E6ejrYk7791fOJF
|
||||||
|
0J3VhKr9KR1rMxQpE1kMs7qO1uUJvnF+opzrueMELffwTfDDyvY1bV/ZNou/MPi4
|
||||||
|
EbUJyZDvsq2shaKj/NB4nzYJIoGbUzUrz008buTagf+WZ+uTDIdOJbaVPcUUjtzr
|
||||||
|
21KifSWxcokNhqSIrsCLzCJkbiKEK7nUoOvl9q3Wl9L5CWAOflr5499iyGqxlJ+E
|
||||||
|
7xzerWy1ZqgQHJ3Zp0wVMgHTKvPsmDvwaXBvEZkrUQ4PnInWTNJ2yiNxJU/we7Xx
|
||||||
|
kxo4Qk2JATMEEAEKAB0WIQRm0Dh9uF0yD4QIFm2xdc+pjxkq8gUCZTrVZwAKCRCx
|
||||||
|
dc+pjxkq8s7uB/4yKEi2S+So2YHaIstBo0+9Uxcuqy1NUHuDRFTiNhocph+exjbn
|
||||||
|
t09TK1NM9Sc3ErwnUoItLp2rW7D81TMXNnUsIfdusKkVkxC5xs4oLTpoIb+uBzDR
|
||||||
|
O4KYebALpcPz2Y5I/jI9kiXYxd/pXUeyBQDN3zKwpM6Y8eax0h+EUh904ZGO4BRB
|
||||||
|
tl0V1rnQ3AybSIi2dUVn2e8MGEW7hddMc1B85Bf7jCYuesR1FXMcHMs2v/S4kRH1
|
||||||
|
179xFi6wxrNwBYY+YRwbX0OjSENls6I9vGC6+UoPaCHDS3MOcNuD77otYLK1Up46
|
||||||
|
6G/KfcDLQsWsgPEdION3cE0+JCa3Kz9jn05DtDFBbGVqYW5kcm8gQ29sb21hciBB
|
||||||
|
bmRyZXMgPGFseC5tYW5wYWdlc0BnbWFpbC5jb20+iQJOBBMBCgA4FiEEqTSFlM4x
|
||||||
|
KDqCb73Y1XYz1EHiW7UFAmI/tA8CGwEFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA
|
||||||
|
CgkQ1XYz1EHiW7U3bA//e10l6Nw6m3mgFoY63ik8DvbD4fZ+/bUuQmTJ3uOI7wuz
|
||||||
|
gjRnhWKvzBspNGgz3Hzdu3TuGEiVzXfNrdiubwvOVufrW50RDfjkzcvG+lOF8aXk
|
||||||
|
IRz+46+cXkLdGk5FB9xKPtJs1KuH0ocTDHIeBbg7zHKIZDkLOizCsrzaNI1wDN5x
|
||||||
|
OpyXkYqQYxuXfCipcfXapkuWXnvRQGGsopEhae+2khiL1hXo00t2A2jfwD6LTdUo
|
||||||
|
XhFh7RkWNc72z2xiiSjMv5PDtG9EyYBhntEcxZj2kEgnP2ZaRto5OQa557KQg06t
|
||||||
|
SP9s3KYHcHEd/9yLsNlQJTlOPMO0LH2XnL2MPvM5a7CZQfzTVOrNWM3k4t+46ON2
|
||||||
|
qoMsOBO4nr9fH9eFtmULiEGN+oVJn+M+PYQJYlnKKu0mS+rbHZnkD42FiW9ZcXbP
|
||||||
|
LPohB9T1LBjm1lJI8tYiHyfoFwnvBLimSjxmO0VsGKEgZYglVV34Jg9l0I2vYt6Y
|
||||||
|
0Yieku7GI2Z7oDcBWlW3qbRxPDS+CWN3kSaWXRos1ufM038Yb1PwI4wzIaqrIVvG
|
||||||
|
UmwCESNOXhsc8JPNqhqvnFFcbAXlPO4vQ26jThedHGMpbWFVSfajwMTvubAbVuq6
|
||||||
|
vssZCwK405aSESbK10ohSRagKexZAqVMeusb1fC4AFTCng9qPgHvJgk5mCX4gmmJ
|
||||||
|
AjMEEwEIAB0WIQTlIllbUu2k5r/My16FYZkROjXOXgUCYpTOnQAKCRCFYZkROjXO
|
||||||
|
XhBrD/wPSTPIlpcHO0MLKeF/hjOYyf48YRvbwZ9Ys1wbjfFX9bL/s3S/zli80dma
|
||||||
|
EGXJALcml1WA+LmpTDri3otG70Em5vTdoocnqwgnlXjiKbB4UzDLtwln7wHinQK0
|
||||||
|
UaE5R33p8qNZRR9Ydg3C8EFEriZ0/AZkFUE+/Le8+yeGU/Dg//GOt84OzB/GKh+p
|
||||||
|
SLwA+bJL9xv7ipGI6kOEzKTYceyqj8+KA0VE+rnLeqIdBsH+fp8iCZ2g0Aobv1IW
|
||||||
|
wPvMcYfNYAoza99hfi5NFTmST/gZcE6Jb+U3/KBsCUEWfV6zhGlMcTHEgoCUBoMS
|
||||||
|
KWY6nHC/NPSMi2Q3I4l89CCsVcJqABxlY8wrK9axdvv7zPYIpn4JRvGr3HQa5Y5d
|
||||||
|
2HhQyHtRhElVXe/3DGiErLkzKJORxbn0miyC/F6WOUMnLQEWqUHqd0VspqavQ3PS
|
||||||
|
OjIKShtlXiLX51q8BED+wOhpuafhFcq8NAAUXLBQDHdViVvH6+sazRNUl+vbujod
|
||||||
|
eMv7tLtnhpXiwCryb+MPW1alwVcLbnU3xhXazvPRUpG5MtPmir6B++4WtC3El8J/
|
||||||
|
szPeGY6MZUyxgEzxAGGIOycS9fB4Gw8cxWpmWwwOF31icb6w5ZIrTD/4Q7DaZ/fy
|
||||||
|
qjgS4duDfHur8ajN0FpkHc0LpkUfLl3rOpGxXh9EkAqtNk6kfIkBMwQQAQoAHRYh
|
||||||
|
BGbQOH24XTIPhAgWbbF1z6mPGSryBQJlOtVoAAoJELF1z6mPGSryH7IH/A7PoxLI
|
||||||
|
Dc1rgbLaGbn1Qrt5AU5IFUVHZh5fW06rDHzEYJjk57f+FNJgz8VfGQ61zk14k1+b
|
||||||
|
eboVTUSW2xZuSBQSRsSVOcj05vJHUpdMK0w1l5W5tbOR9nfn1c5qnQ6lhmFNrlJ6
|
||||||
|
BEN5IU0swN3s3p7bRl0v0Axx0dZFF41ERDcQ1waqc0Sbp+s4dgdyXhvmu19Vtw6i
|
||||||
|
WoMjPhMWCnP0DDjGOKA6ogWRlQcO2DuWGpGqmic5eH4VUheXS7orIATslU9VCvbz
|
||||||
|
GmHrHmqTUj2pAkbvbYDycwK0/O317QHXecv5ErtKOdjtzrULlsFzDEt/b3y6bz5/
|
||||||
|
YTka4L8CBNzGkye5Ag0EYj+7OQEQAJLWRpWSI3JRdHZEMSKSdnENBThIM8xtIWcy
|
||||||
|
Hx8y1k+x77mNFx1gCOuMmWw0nR5Ck0im1Z606AmsgQ7tKCEmt4GYfnHeWviIH+Db
|
||||||
|
CJBjUWrJBp5mWFDPkT9T8yj5VanTyHF3nWb03q5kRyMju9396eZMPrw68hsrm67d
|
||||||
|
p9iBWye0qKTXndpFyLOXcpPPZryfprjwgw+cGB23V36RB/is50TjBzlR88Hx2EPv
|
||||||
|
n4p7sNnI3SWwMmc+kEqKQEHoOOlBAJP2kxriN3BBSMw6unKakvH76Wxxi+Touue7
|
||||||
|
dotUy81AqP+BStNu2S5E16XAfIW5ihVoX1rng8d2kTb25aCZ+5Kve0YZxN7YHsIv
|
||||||
|
rMibCgqzpR3Naw/PyTS/ZXK9srkk5sGPNEA1TVN1NmXqi3cceOzt9c0eVQqRrtPU
|
||||||
|
aOe2yY+WGjLpMJmC4j8ExMZE6qq8n+0LC6uO04HftGJ1Mqu/VxL9Ou6MPhQsWyKE
|
||||||
|
jZUFgVti2zYtyXjTwjNKVnYBbokBNihR9LOKrpSsRGxLcKVVzh/X5lDdt1ZCNU52
|
||||||
|
q30ZRl4EnTiEkW12tDvU2vOQRfzbaAV0VOArQ3XJk+9+Nz40T2wBdYsVPijoQw7m
|
||||||
|
gwVFeYg+gV6sh8i+q3ImL6h0MJoNs7XRZk3sGqVdddlb9sKar28q87M07TMPHPdm
|
||||||
|
Oyn4Hn2PABEBAAGJAjwEGAEKACYWIQSpNIWUzjEoOoJvvdjVdjPUQeJbtQUCYj+7
|
||||||
|
OQIbDAUJAeEzgAAKCRDVdjPUQeJbtZgLD/0f+BOvEbe6FCP99Hk7okW/Qv2cehGm
|
||||||
|
VSCQcBtnMCgfRpFOLxkdj1NX9ub8pvdn8sEj/Tmr1sg3larTfAK+FOAmw/y/X9iY
|
||||||
|
GTE16xxYMVPeLssCjsYSxC/MpYGlPPZemn9QcpwZ92FP5i0MjBwDE7NLmon4wHnX
|
||||||
|
jSatPF1j921XcUcsI/66gH+digPWPwufZgn8eL5mLtq9o28AglVjrC+bIFsk4chi
|
||||||
|
rjb9QO/pNCWCZbCfGq6PbEtH47HL6MsWow19rtDKv3U24xVoiUG3U9pljIIjh8aR
|
||||||
|
gxrLfTR+fiW2GRlf033iRQyAFvz8N4JLSreNCD9resub48lAhxBJ9hOqX569V5mO
|
||||||
|
hDmnuYT2CUDVGycPfEXaTz2N5eBWOPTN9dr+naYQI9pAZjL+5m8i6yGaE7B8OUPv
|
||||||
|
ooPN1YvyNbuLU72aJhZ9qaNzDt/kC9BU6s8D44k8lJkjuKzIuRGYiyReSE0mhEhV
|
||||||
|
zRkG+FAU7l2ICl2OLKVnmKUgdqkRIa5F4F6w1hCQcCASVuKaTyOIUYXnxlesB00c
|
||||||
|
RduDaIlT8+AAWk0BZL2W6ck0/g09Ai/LRzMBe06t8BUOEa/NiwUv31sYM3smE4Gc
|
||||||
|
F11BWGKjOzl8CSlY5YAtgfjhMIF3HUcQeMuWrHf/w/cFXg9KX4lpPjoZov2BfVph
|
||||||
|
YJq1nryud52VB7kCDQRiP7d1ARAAq/ZXcWpJDXSqfz3PPn0c50f/m9vQn0FozhL9
|
||||||
|
p4wcoUGuQlNfIzE+gyDqJL9r1O8cGjSb4gaLmilgCHuYsmtwVh4UaZOntlp0k/19
|
||||||
|
2cZpvDYwWQDFZdSV0v7wxA4VLu+sv2fNmHB2Yudn0V0a948M2v4xhcoy8HptOBvw
|
||||||
|
q0vrVB4lnd3G3odPS5UP8ze3DvKDqGGVsqF9BjbV21KL8rLHVLdUTg60lXXvvHnO
|
||||||
|
wEJvH4O5kbdxwl4Y8K3S8b6lUYBt8GAkd058y/qxroWMWkxJm3Izy6yqkn2WrbJl
|
||||||
|
Yq9SSdgp/DvTbOUTrKp7pWGtH6E6OCw8IKkfNrnpfJhGmREIeAe6G/Jr6jyygR20
|
||||||
|
F1XkU8bqi3cnd1v9sruZyFIu5AOgiJuZnSvDE+goh6mGMUA99x0zeDrRaq39028o
|
||||||
|
wRucJcwg9pkqxgedhWIK5H0oilwTsYqqBaPvkqStcErhzWtoHtYZCHZRPMBDwwQ0
|
||||||
|
kaj7WvLfGWszT7nObUeoNAfyVEyGuq/Gw5OTYDY/I6xqrzL01pfrcXEObmKOTpb3
|
||||||
|
YsB8tv2MxA4VnG9ZbNH2kEB59gmBa+kvQHfXTrDCWdhNvSuL/2qRpxhIy6qql1ny
|
||||||
|
MTwatNW2WNaUCPH8vjyZKfCB2X0Nka5lBWkjrnyzoEBO3MPI/0sZUnWxawWQO3DH
|
||||||
|
xizy09EAEQEAAYkEbAQYAQoAIBYhBKk0hZTOMSg6gm+92NV2M9RB4lu1BQJiP7d1
|
||||||
|
AhsCAkAJENV2M9RB4lu1wXQgBBkBCgAdFiEE6jqH8KTroDDkXfJAnowa+77/2zIF
|
||||||
|
AmI/t3UACgkQnowa+77/2zJKtw/+PGO4y3yAeY2PXc1QpopG7nsTgG9GA0mUEtz7
|
||||||
|
ehpz68iJtYC2kbdI8PB1lSPNGzEb0yryew+/pHOhgiyvdDI8TAXZS/wXwRY/Izbl
|
||||||
|
XmjXyO3U26J9JK4uemzCNwHfxu468kXJz60WaP58xinDA1sVd7YGZGpodKR2Fo0r
|
||||||
|
bbdH6/Ldql8yu+Fztz51NUZBmNUAJTGvPRSV1Mlvr3hacgCVjVvc2FWrYzyj8jC6
|
||||||
|
/CO7fSi474iQQVsBNn214L0+fCKoagAyrfmCXV5TYg9TJ2WgW2wQjuzJ/mhvsgCQ
|
||||||
|
SSj6po6DdXTl8tRbbjaxx502CB8qEQ/yEdQ7RMJSGB5YWfvLstq1zzAPyPIUgsRY
|
||||||
|
DBCWmPCM3z+PbD78BTHxoJxBZO45kwHMz+68Eng7r0Z1kM7SarvT0Kd1pnpP3mu1
|
||||||
|
lfd6wZiOlYqZfD+vZtws0BK57iGVLrbIz9AWolPoRDaF7mZpVdDLZzYsdI9vLEyH
|
||||||
|
uPb7W+VE1USYyMMCNQQxrTOFJIo/bTZA5J7a05KQRNzBZPUmIvGgDffZAQjZpMEX
|
||||||
|
WNKKcDYRhScARMMnL+yO3e7P2O/WUrmQa4wepweYFPl4dbQ3UGccxy3LZ2dnAIxP
|
||||||
|
AXFNsK4GYIVokWe2JSNG6M15ev1SWgFYWVO3+nm5JV0mBScE6wsGpvFW3IKIrpDL
|
||||||
|
Hb/N9TZpDw/+LI0iX6KnROJBhx1/0vzf0PC4n5Xn2Iry11/1rRskYLrmB/vGA6hm
|
||||||
|
ghnKPCCppUQ4WjBNWnIYzKfzvNPAdq8aIKbC1rtPABeDyfe8NNUX4wa/GgOar2V5
|
||||||
|
wnwJ5qUc0Iw64yLjTpXvN+HV7zgADboEdtnQW47+zEbTqV59cIcgBCSMAXgICnvq
|
||||||
|
dc8FskDb9hqvvQtCENsOLibKHYzYumMxZ075tx7pZza+LC/sf4vtuIrs9Bn9imxo
|
||||||
|
kdhbQsiiHpNDdjQIT6rqCOy9BxD9hSodznhB9GgnRXGX/w8NfX46hETmiYVb0oE7
|
||||||
|
1yFYd3ZweHu6pWLDEjUMagnCkA+A+/ZIxazsoMklPusTKb1ELzoheOjKz8fCrX4r
|
||||||
|
j07hI4tGNBfas9bub6sHpbIOb6aGtdofaknV/7lim0aqkMeYBxES6E10+2jCmLg1
|
||||||
|
N1ADMRBBDml5zrVjZa95+B+8zK2d6r5E0UZhoh/IhpEhZ8Nljt66/35XyEACS0lB
|
||||||
|
+ZU5keI/1wTbThkgFimkVNzeXF9sx3EuWMZGgcd7uBMPg6pwTS+qGs6XtYmiKMbM
|
||||||
|
gvDDhcqFh5r/4r7+xW6ZFhR4Dfkdp3pyDIh7h0Hf+tv0Qj1RKBpmi/lwn0qZrLWM
|
||||||
|
/aYXo0Vuy2nAbeATAle4Iag+r2AkdEAaBDadFeZisl0Oj0djrGERRhu5Ag0EY9v+
|
||||||
|
KgEQAMOFV6nHZR7Jwg6nAseVPpxwzjLMhKhuxfJor7fXKL15BlBqCyN2ZRlP+RKE
|
||||||
|
cEAfdbhyTFPcycLpkOLS7LM4TgfwjQUg2eF0wnBHo/nYUKLp0SHW2Pg3F5+HVXcf
|
||||||
|
5mAhT1W+zrVHuvJur8omotihtvPEG455MzQNttnGj0DQ8ujbCBofFeVgygmuyZNG
|
||||||
|
bYvrU3Yvr4ZBY5O/m64eSKs2oX7pP7lQ1gVFU9zojUcsLaLkwXX099yYUMkakjLc
|
||||||
|
uoI5JGMsV9EA+a+RCFa7a4K3umgVsN3cuuKVbPZ8VQYVQh+Iej8EXlxQeJH44MPN
|
||||||
|
kNfw5Bf2TLB/Gzz7b4yNTWM/kzGi3FEF+31pVu2G0El0sBeJlEjGIHTmfAkzUIyp
|
||||||
|
qZ6VYR2Li+u3Btunr//k+Dq3E9dN4/yJy4qSr2FAtx8BTG6tj//Xnan/OXfzZdSj
|
||||||
|
HQcid6lVRTLl44ia9Ln9SqHO53z95qpD1BxHY7B50J6TVmTwa+cbPIjbRpoJbZyR
|
||||||
|
No2nFxarbyejPboKzGrqCrObDTIar3/88mYi1pHGfG1ounBpfyQ9UUuulYhRZlXo
|
||||||
|
OcaVYLKVALAAwmS53kwgFuOgydhLKvdmnyFUs/wFLVYy1CcmSDgWlc2NiV0fbOf3
|
||||||
|
jyQHeE+NnINSna3bItHT2DDsD40AaYrnrQOHQlni+arnJ0gFABEBAAGJAjwEGAEK
|
||||||
|
ACYWIQSpNIWUzjEoOoJvvdjVdjPUQeJbtQUCY9v+KgIbDAUJAeEzgAAKCRDVdjPU
|
||||||
|
QeJbteydD/9yzfrnjkeKuBuSjpywOfrtcvOHdCyNemeN4gJtjcgFgjZL4xo90akA
|
||||||
|
/GcBZnJLpX9OZobyznMMRIvGgJxHLCuGH7Bo4EEQySAoT52Qn7LApBVY308hHDIC
|
||||||
|
OLK/IQY26flCy+Czpx7uAS41o3lnOPHbVUO6nHrVcO7vWQAX0QT8VQYGPCHcb9al
|
||||||
|
TkBNdz9rD822CrBc/tph+eeFZzDuuM6gm3nMYFeDURXE3jVGg4Jeg+8zZTZoeI+n
|
||||||
|
O7Co6BM2CFYswKTOMTLTgbMi+Hxl0XDbXp7gQ3P9fz3h3Q4ahhpWXbNUZkyyZvoA
|
||||||
|
s1YqOM+RFzyTCowFQR2qTDTJeE4k2suoDBukCTMJIFZkthdvMMY/Ss7ZHZwvtmFi
|
||||||
|
XVg3jNOy3tt9V9oZ0UBPw3qTeDKLh6HzgdyN1mPrEkdilIpPVnHi/iAiL1IrAjZN
|
||||||
|
xr11YOoWFyLpDfGUeEn9wK0T6Xj6HwytL2XliBremZLFWPQNxkHNHDGoKoAkytIF
|
||||||
|
MXg5P7Tx/Mcs/1b0WTxmghpc3kkNYIksIDV19RQ35xjnZ/6yYf2qA5dT80wY8mXG
|
||||||
|
debPR0jwOod+kzIAq0gmopFo25PJjiYSIU28XJciPSS7tgHirvsz+NRotABBBpIR
|
||||||
|
SmfXBunBhuwLkrImdzqjrrMpv2Ss9brlxqNYiSYJGdsoqt6MeyhzGQ==
|
||||||
|
=2CmL
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
||||||
+145
-14
@@ -5,58 +5,128 @@ DEFS =
|
|||||||
|
|
||||||
noinst_LTLIBRARIES = libshadow.la
|
noinst_LTLIBRARIES = libshadow.la
|
||||||
|
|
||||||
|
if USE_PAM
|
||||||
|
LIBCRYPT_PAM = $(LIBCRYPT)
|
||||||
|
else
|
||||||
|
LIBCRYPT_PAM =
|
||||||
|
endif
|
||||||
|
|
||||||
|
AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS)
|
||||||
|
|
||||||
libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS)
|
libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS)
|
||||||
if HAVE_VENDORDIR
|
if HAVE_VENDORDIR
|
||||||
libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
|
libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
|
||||||
endif
|
endif
|
||||||
|
|
||||||
libshadow_la_CPPFLAGS += -I$(top_srcdir)
|
libshadow_la_CPPFLAGS += -I$(top_srcdir)
|
||||||
libshadow_la_CFLAGS = $(LIBBSD_CFLAGS)
|
libshadow_la_CFLAGS = $(LIBBSD_CFLAGS) $(LIBCRYPT_PAM) $(LIBSYSTEMD)
|
||||||
|
libshadow_la_LIBADD = $(LIBADD_DLOPEN)
|
||||||
|
|
||||||
libshadow_la_SOURCES = \
|
libshadow_la_SOURCES = \
|
||||||
|
addgrps.c \
|
||||||
|
adds.c \
|
||||||
|
adds.h \
|
||||||
|
age.c \
|
||||||
|
agetpass.c \
|
||||||
|
agetpass.h \
|
||||||
|
alloc.c \
|
||||||
|
alloc.h \
|
||||||
|
atoi/a2i.c \
|
||||||
|
atoi/a2i.h \
|
||||||
|
atoi/str2i.c \
|
||||||
|
atoi/str2i.h \
|
||||||
|
atoi/strtoi.c \
|
||||||
|
atoi/strtoi.h \
|
||||||
|
atoi/strtou_noneg.c \
|
||||||
|
atoi/strtou_noneg.h \
|
||||||
|
attr.h \
|
||||||
|
audit_help.c \
|
||||||
|
basename.c \
|
||||||
|
bit.c \
|
||||||
|
bit.h \
|
||||||
|
cast.h \
|
||||||
|
chkname.c \
|
||||||
|
chkname.h \
|
||||||
|
chowndir.c \
|
||||||
|
chowntty.c \
|
||||||
|
cleanup.c \
|
||||||
|
cleanup_group.c \
|
||||||
|
cleanup_user.c \
|
||||||
commonio.c \
|
commonio.c \
|
||||||
commonio.h \
|
commonio.h \
|
||||||
|
console.c \
|
||||||
|
copydir.c \
|
||||||
|
csrand.c \
|
||||||
defines.h \
|
defines.h \
|
||||||
encrypt.c \
|
encrypt.c \
|
||||||
|
env.c \
|
||||||
exitcodes.h \
|
exitcodes.h \
|
||||||
faillog.h \
|
faillog.h \
|
||||||
|
failure.c \
|
||||||
|
failure.h \
|
||||||
|
fd.c \
|
||||||
fields.c \
|
fields.c \
|
||||||
|
find_new_gid.c \
|
||||||
|
find_new_uid.c \
|
||||||
|
find_new_sub_gids.c \
|
||||||
|
find_new_sub_uids.c \
|
||||||
fputsx.c \
|
fputsx.c \
|
||||||
getdef.c \
|
|
||||||
getdef.h \
|
|
||||||
get_gid.c \
|
get_gid.c \
|
||||||
getlong.c \
|
|
||||||
get_pid.c \
|
get_pid.c \
|
||||||
get_uid.c \
|
get_uid.c \
|
||||||
getulong.c \
|
getdate.h \
|
||||||
|
getdate.y \
|
||||||
|
getdef.c \
|
||||||
|
getdef.h \
|
||||||
|
getgr_nam_gid.c \
|
||||||
|
getrange.c \
|
||||||
|
gettime.c \
|
||||||
groupio.c \
|
groupio.c \
|
||||||
groupmem.c \
|
groupmem.c \
|
||||||
groupio.h \
|
groupio.h \
|
||||||
gshadow.c \
|
gshadow.c \
|
||||||
|
hushed.c \
|
||||||
|
idmapping.h \
|
||||||
|
idmapping.c \
|
||||||
|
isexpired.c \
|
||||||
|
limits.c \
|
||||||
|
list.c \
|
||||||
lockpw.c \
|
lockpw.c \
|
||||||
|
loginprompt.c \
|
||||||
|
mail.c \
|
||||||
|
memzero.c \
|
||||||
|
memzero.h \
|
||||||
|
motd.c \
|
||||||
|
must_be.h \
|
||||||
|
myname.c \
|
||||||
nss.c \
|
nss.c \
|
||||||
nscd.c \
|
nscd.c \
|
||||||
nscd.h \
|
nscd.h \
|
||||||
shadowlog.c \
|
obscure.c \
|
||||||
shadowlog.h \
|
|
||||||
shadowlog_internal.h \
|
|
||||||
sssd.c \
|
|
||||||
sssd.h \
|
|
||||||
pam_defs.h \
|
pam_defs.h \
|
||||||
|
pam_pass.c \
|
||||||
|
pam_pass_non_interactive.c \
|
||||||
port.c \
|
port.c \
|
||||||
port.h \
|
port.h \
|
||||||
|
prefix_flag.c \
|
||||||
prototypes.h \
|
prototypes.h \
|
||||||
pwauth.c \
|
pwauth.c \
|
||||||
pwauth.h \
|
pwauth.h \
|
||||||
pwio.c \
|
pwio.c \
|
||||||
pwio.h \
|
pwio.h \
|
||||||
|
pwd_init.c \
|
||||||
|
pwd2spwd.c \
|
||||||
|
pwdcheck.c \
|
||||||
pwmem.c \
|
pwmem.c \
|
||||||
|
remove_tree.c \
|
||||||
|
root_flag.c \
|
||||||
run_part.h \
|
run_part.h \
|
||||||
run_part.c \
|
run_part.c \
|
||||||
subordinateio.h \
|
salt.c \
|
||||||
subordinateio.c \
|
|
||||||
selinux.c \
|
selinux.c \
|
||||||
semanage.c \
|
semanage.c \
|
||||||
|
setugid.c \
|
||||||
|
setupenv.c \
|
||||||
sgetgrent.c \
|
sgetgrent.c \
|
||||||
sgetpwent.c \
|
sgetpwent.c \
|
||||||
sgetspent.c \
|
sgetspent.c \
|
||||||
@@ -65,14 +135,74 @@ libshadow_la_SOURCES = \
|
|||||||
shadow.c \
|
shadow.c \
|
||||||
shadowio.c \
|
shadowio.c \
|
||||||
shadowio.h \
|
shadowio.h \
|
||||||
|
shadowlog.c \
|
||||||
|
shadowlog.h \
|
||||||
|
shadowlog_internal.h \
|
||||||
shadowmem.c \
|
shadowmem.c \
|
||||||
|
shell.c \
|
||||||
|
sizeof.h \
|
||||||
spawn.c \
|
spawn.c \
|
||||||
write_full.c
|
sssd.c \
|
||||||
|
sssd.h \
|
||||||
|
string/sprintf.c \
|
||||||
|
string/sprintf.h \
|
||||||
|
string/stpecpy.c \
|
||||||
|
string/stpecpy.h \
|
||||||
|
string/stpeprintf.c \
|
||||||
|
string/stpeprintf.h \
|
||||||
|
string/strftime.c \
|
||||||
|
string/strftime.h \
|
||||||
|
string/strncpy.h \
|
||||||
|
string/strtcpy.c \
|
||||||
|
string/strtcpy.h \
|
||||||
|
string/zustr2stp.h \
|
||||||
|
strtoday.c \
|
||||||
|
sub.c \
|
||||||
|
subordinateio.h \
|
||||||
|
subordinateio.c \
|
||||||
|
sulog.c \
|
||||||
|
time/day_to_str.c \
|
||||||
|
time/day_to_str.h \
|
||||||
|
ttytype.c \
|
||||||
|
tz.c \
|
||||||
|
ulimit.c \
|
||||||
|
user_busy.c \
|
||||||
|
valid.c \
|
||||||
|
write_full.c \
|
||||||
|
xgetpwnam.c \
|
||||||
|
xprefix_getpwnam.c \
|
||||||
|
xgetpwuid.c \
|
||||||
|
xgetgrnam.c \
|
||||||
|
xgetgrgid.c \
|
||||||
|
xgetspnam.c \
|
||||||
|
yesno.c
|
||||||
|
|
||||||
if WITH_TCB
|
if WITH_TCB
|
||||||
libshadow_la_SOURCES += tcbfuncs.c tcbfuncs.h
|
libshadow_la_SOURCES += tcbfuncs.c tcbfuncs.h
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
if WITH_BTRFS
|
||||||
|
libshadow_la_SOURCES += btrfs.c
|
||||||
|
endif
|
||||||
|
|
||||||
|
if ENABLE_LASTLOG
|
||||||
|
libshadow_la_SOURCES += log.c
|
||||||
|
endif
|
||||||
|
|
||||||
|
if ENABLE_LOGIND
|
||||||
|
libshadow_la_SOURCES += logind.c
|
||||||
|
else
|
||||||
|
libshadow_la_SOURCES += utmp.c
|
||||||
|
endif
|
||||||
|
|
||||||
|
if !WITH_LIBBSD
|
||||||
|
libshadow_la_SOURCES += \
|
||||||
|
freezero.h \
|
||||||
|
freezero.c \
|
||||||
|
readpassphrase.h \
|
||||||
|
readpassphrase.c
|
||||||
|
endif
|
||||||
|
|
||||||
# These files are unneeded for some reason, listed in
|
# These files are unneeded for some reason, listed in
|
||||||
# order of appearance:
|
# order of appearance:
|
||||||
#
|
#
|
||||||
@@ -80,4 +210,5 @@ endif
|
|||||||
|
|
||||||
EXTRA_DIST = \
|
EXTRA_DIST = \
|
||||||
.indent.pro \
|
.indent.pro \
|
||||||
gshadow_.h
|
gshadow_.h \
|
||||||
|
xgetXXbyYY.c
|
||||||
|
|||||||
+15
@@ -0,0 +1,15 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "adds.h"
|
||||||
|
|
||||||
|
#include <stddef.h>
|
||||||
|
|
||||||
|
|
||||||
|
extern inline long addsl2(long a, long b);
|
||||||
|
extern inline long addslN(size_t n, long addend[n]);
|
||||||
|
|
||||||
|
extern inline int cmpl(const void *p1, const void *p2);
|
||||||
+86
@@ -0,0 +1,86 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef SHADOW_INCLUDE_LIB_ADDS_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_ADDS_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
#include <limits.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
#include "sizeof.h"
|
||||||
|
|
||||||
|
|
||||||
|
#define addsl(a, b, ...) \
|
||||||
|
({ \
|
||||||
|
long addend_[] = {a, b, __VA_ARGS__}; \
|
||||||
|
\
|
||||||
|
addslN(NITEMS(addend_), addend_); \
|
||||||
|
})
|
||||||
|
|
||||||
|
|
||||||
|
inline long addsl2(long a, long b);
|
||||||
|
inline long addslN(size_t n, long addend[n]);
|
||||||
|
|
||||||
|
inline int cmpl(const void *p1, const void *p2);
|
||||||
|
|
||||||
|
|
||||||
|
inline long
|
||||||
|
addsl2(long a, long b)
|
||||||
|
{
|
||||||
|
if (a > 0 && b > LONG_MAX - a) {
|
||||||
|
errno = EOVERFLOW;
|
||||||
|
return LONG_MAX;
|
||||||
|
}
|
||||||
|
if (a < 0 && b < LONG_MIN - a) {
|
||||||
|
errno = EOVERFLOW;
|
||||||
|
return LONG_MIN;
|
||||||
|
}
|
||||||
|
return a + b;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline long
|
||||||
|
addslN(size_t n, long addend[n])
|
||||||
|
{
|
||||||
|
int e;
|
||||||
|
|
||||||
|
if (n == 0) {
|
||||||
|
errno = EDOM;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
e = errno;
|
||||||
|
while (n > 1) {
|
||||||
|
qsort(addend, n, sizeof(addend[0]), cmpl);
|
||||||
|
|
||||||
|
errno = 0;
|
||||||
|
addend[0] = addsl2(addend[0], addend[--n]);
|
||||||
|
if (errno == EOVERFLOW)
|
||||||
|
return addend[0];
|
||||||
|
}
|
||||||
|
errno = e;
|
||||||
|
return addend[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
cmpl(const void *p1, const void *p2)
|
||||||
|
{
|
||||||
|
const long *l1 = p1;
|
||||||
|
const long *l2 = p2;
|
||||||
|
|
||||||
|
if (*l1 < *l2)
|
||||||
|
return -1;
|
||||||
|
if (*l1 > *l2)
|
||||||
|
return +1;
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
@@ -13,12 +13,15 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include "prototypes.h"
|
|
||||||
#include "defines.h"
|
|
||||||
#include "exitcodes.h"
|
|
||||||
#include <pwd.h>
|
#include <pwd.h>
|
||||||
#include <grp.h>
|
#include <grp.h>
|
||||||
|
|
||||||
|
#include "adds.h"
|
||||||
|
#include "defines.h"
|
||||||
|
#include "exitcodes.h"
|
||||||
|
#include "prototypes.h"
|
||||||
|
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
#ifndef PASSWD_PROGRAM
|
#ifndef PASSWD_PROGRAM
|
||||||
@@ -139,7 +142,7 @@ int expire (const struct passwd *pw, /*@null@*/const struct spwd *sp)
|
|||||||
|
|
||||||
void agecheck (/*@null@*/const struct spwd *sp)
|
void agecheck (/*@null@*/const struct spwd *sp)
|
||||||
{
|
{
|
||||||
long now = time(NULL) / SCALE;
|
long now = time(NULL) / DAY;
|
||||||
long remain;
|
long remain;
|
||||||
|
|
||||||
if (NULL == sp) {
|
if (NULL == sp) {
|
||||||
@@ -162,9 +165,9 @@ void agecheck (/*@null@*/const struct spwd *sp)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
remain = sp->sp_lstchg + sp->sp_max - now;
|
remain = addsl(sp->sp_lstchg, sp->sp_max, -now);
|
||||||
|
|
||||||
if (remain <= sp->sp_warn) {
|
if (remain <= sp->sp_warn) {
|
||||||
remain /= DAY / SCALE;
|
|
||||||
if (remain > 1) {
|
if (remain > 1) {
|
||||||
(void) printf (_("Your password will expire in %ld days.\n"),
|
(void) printf (_("Your password will expire in %ld days.\n"),
|
||||||
remain);
|
remain);
|
||||||
@@ -7,31 +7,27 @@
|
|||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "agetpass.h"
|
||||||
|
|
||||||
#include <limits.h>
|
#include <limits.h>
|
||||||
#include <readpassphrase.h>
|
#include <readpassphrase.h>
|
||||||
#include <stdio.h>
|
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
#include "prototypes.h"
|
|
||||||
|
|
||||||
#if WITH_LIBBSD == 0
|
#if WITH_LIBBSD == 0
|
||||||
#include "freezero.h"
|
#include "freezero.h"
|
||||||
#endif /* WITH_LIBBSD */
|
#endif /* WITH_LIBBSD */
|
||||||
|
|
||||||
|
|
||||||
#if !defined(PASS_MAX)
|
|
||||||
#define PASS_MAX BUFSIZ - 1
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* SYNOPSIS
|
* SYNOPSIS
|
||||||
* [[gnu::malloc(erase_pass)]]
|
* [[gnu::malloc(erase_pass)]]
|
||||||
* char *agetpass(const char *prompt);
|
* char *agetpass(const char *prompt);
|
||||||
|
* char *agetpass_stdin();
|
||||||
*
|
*
|
||||||
* void erase_pass(char *pass);
|
* void erase_pass(char *pass);
|
||||||
*
|
*
|
||||||
@@ -64,6 +60,10 @@
|
|||||||
* erased by calling erase_pass(), to avoid possibly leaking the
|
* erased by calling erase_pass(), to avoid possibly leaking the
|
||||||
* password.
|
* password.
|
||||||
*
|
*
|
||||||
|
* agetpass_stdin()
|
||||||
|
* This function is the same as previous one (agetpass). Just the
|
||||||
|
* password is read from stdin and terminal is not required.
|
||||||
|
*
|
||||||
* erase_pass()
|
* erase_pass()
|
||||||
* This function first clears the password, by calling
|
* This function first clears the password, by calling
|
||||||
* explicit_bzero(3) (or an equivalent call), and then frees the
|
* explicit_bzero(3) (or an equivalent call), and then frees the
|
||||||
@@ -92,8 +92,8 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
char *
|
static char *
|
||||||
agetpass(const char *prompt)
|
agetpass_internal(const char *prompt, int flags)
|
||||||
{
|
{
|
||||||
char *pass;
|
char *pass;
|
||||||
size_t len;
|
size_t len;
|
||||||
@@ -110,7 +110,7 @@ agetpass(const char *prompt)
|
|||||||
if (pass == NULL)
|
if (pass == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (readpassphrase(prompt, pass, PASS_MAX + 2, RPP_REQUIRE_TTY) == NULL)
|
if (readpassphrase(prompt, pass, PASS_MAX + 2, flags) == NULL)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
len = strlen(pass);
|
len = strlen(pass);
|
||||||
@@ -126,6 +126,17 @@ fail:
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
char *
|
||||||
|
agetpass(const char *prompt)
|
||||||
|
{
|
||||||
|
return agetpass_internal(prompt, RPP_REQUIRE_TTY);
|
||||||
|
}
|
||||||
|
|
||||||
|
char *
|
||||||
|
agetpass_stdin()
|
||||||
|
{
|
||||||
|
return agetpass_internal(NULL, RPP_STDIN);
|
||||||
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
erase_pass(char *pass)
|
erase_pass(char *pass)
|
||||||
@@ -0,0 +1,23 @@
|
|||||||
|
/*
|
||||||
|
* SPDX-FileCopyrightText: 2022-2023, Alejandro Colomar <alx@kernel.org>
|
||||||
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef SHADOW_INCLUDE_LIB_AGETPASS_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_AGETPASS_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
|
#include "defines.h"
|
||||||
|
|
||||||
|
|
||||||
|
void erase_pass(char *pass);
|
||||||
|
ATTR_MALLOC(erase_pass)
|
||||||
|
char *agetpass(const char *prompt);
|
||||||
|
char *agetpass_stdin();
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
+12
-26
@@ -1,8 +1,5 @@
|
|||||||
/*
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
* SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org>
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
*
|
|
||||||
* SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
|
||||||
#ifndef SHADOW_INCLUDE_LIB_MALLOC_H_
|
#ifndef SHADOW_INCLUDE_LIB_MALLOC_H_
|
||||||
@@ -17,6 +14,7 @@
|
|||||||
#include <stdint.h>
|
#include <stdint.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
|
|
||||||
|
|
||||||
@@ -26,31 +24,19 @@
|
|||||||
#define XMALLOC(n, type) ((type *) xmallocarray(n, sizeof(type)))
|
#define XMALLOC(n, type) ((type *) xmallocarray(n, sizeof(type)))
|
||||||
|
|
||||||
#define REALLOC(ptr, n, type) \
|
#define REALLOC(ptr, n, type) \
|
||||||
({ \
|
( \
|
||||||
__auto_type p_ = (ptr); \
|
_Generic(ptr, type *: (type *) reallocarray(ptr, n, sizeof(type))) \
|
||||||
\
|
)
|
||||||
static_assert(__builtin_types_compatible_p(typeof(p_), type *), ""); \
|
|
||||||
\
|
|
||||||
(type *) reallocarray(p_, n, sizeof(type)); \
|
|
||||||
})
|
|
||||||
|
|
||||||
#define REALLOCF(ptr, n, type) \
|
#define REALLOCF(ptr, n, type) \
|
||||||
({ \
|
( \
|
||||||
__auto_type p_ = (ptr); \
|
_Generic(ptr, type *: (type *) reallocarrayf(ptr, n, sizeof(type))) \
|
||||||
\
|
)
|
||||||
static_assert(__builtin_types_compatible_p(typeof(p_), type *), ""); \
|
|
||||||
\
|
|
||||||
(type *) reallocarrayf(p_, n, sizeof(type)); \
|
|
||||||
})
|
|
||||||
|
|
||||||
#define XREALLOC(ptr, n, type) \
|
#define XREALLOC(ptr, n, type) \
|
||||||
({ \
|
( \
|
||||||
__auto_type p_ = (ptr); \
|
_Generic(ptr, type *: (type *) xreallocarray(ptr, n, sizeof(type))) \
|
||||||
\
|
)
|
||||||
static_assert(__builtin_types_compatible_p(typeof(p_), type *), ""); \
|
|
||||||
\
|
|
||||||
(type *) xreallocarray(p_, n, sizeof(type)); \
|
|
||||||
})
|
|
||||||
|
|
||||||
|
|
||||||
ATTR_MALLOC(free)
|
ATTR_MALLOC(free)
|
||||||
|
|||||||
@@ -0,0 +1,46 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "atoi/a2i.h"
|
||||||
|
|
||||||
|
|
||||||
|
extern inline int a2sh_c(short *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, short min, short max);
|
||||||
|
extern inline int a2si_c(int *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, int min, int max);
|
||||||
|
extern inline int a2sl_c(long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, long min, long max);
|
||||||
|
extern inline int a2sll_c(long long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, long long min, long long max);
|
||||||
|
extern inline int a2uh_c(unsigned short *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned short min,
|
||||||
|
unsigned short max);
|
||||||
|
extern inline int a2ui_c(unsigned int *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned int min, unsigned int max);
|
||||||
|
extern inline int a2ul_c(unsigned long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned long min, unsigned long max);
|
||||||
|
extern inline int a2ull_c(unsigned long long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned long long min,
|
||||||
|
unsigned long long max);
|
||||||
|
|
||||||
|
|
||||||
|
extern inline int a2sh_nc(short *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, short min, short max);
|
||||||
|
extern inline int a2si_nc(int *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, int min, int max);
|
||||||
|
extern inline int a2sl_nc(long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, long min, long max);
|
||||||
|
extern inline int a2sll_nc(long long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, long long min, long long max);
|
||||||
|
extern inline int a2uh_nc(unsigned short *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned short min, unsigned short max);
|
||||||
|
extern inline int a2ui_nc(unsigned int *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned int min, unsigned int max);
|
||||||
|
extern inline int a2ul_nc(unsigned long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned long min, unsigned long max);
|
||||||
|
extern inline int a2ull_nc(unsigned long long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned long long min,
|
||||||
|
unsigned long long max);
|
||||||
+386
@@ -0,0 +1,386 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef SHADOW_INCLUDE_LIB_ATOI_A2I_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_ATOI_A2I_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
|
||||||
|
#include "atoi/strtoi.h"
|
||||||
|
#include "atoi/strtou_noneg.h"
|
||||||
|
#include "attr.h"
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* See the manual of these macros in liba2i's documentation:
|
||||||
|
* <http://www.alejandro-colomar.es/share/dist/liba2i/git/HEAD/liba2i-HEAD.pdf>
|
||||||
|
*/
|
||||||
|
|
||||||
|
|
||||||
|
#define a2i(TYPE, n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic((void (*)(TYPE, typeof(s))) 0, \
|
||||||
|
void (*)(short, const char *): a2sh_c, \
|
||||||
|
void (*)(short, const void *): a2sh_c, \
|
||||||
|
void (*)(short, char *): a2sh_nc, \
|
||||||
|
void (*)(short, void *): a2sh_nc, \
|
||||||
|
void (*)(int, const char *): a2si_c, \
|
||||||
|
void (*)(int, const void *): a2si_c, \
|
||||||
|
void (*)(int, char *): a2si_nc, \
|
||||||
|
void (*)(int, void *): a2si_nc, \
|
||||||
|
void (*)(long, const char *): a2sl_c, \
|
||||||
|
void (*)(long, const void *): a2sl_c, \
|
||||||
|
void (*)(long, char *): a2sl_nc, \
|
||||||
|
void (*)(long, void *): a2sl_nc, \
|
||||||
|
void (*)(long long, const char *): a2sll_c, \
|
||||||
|
void (*)(long long, const void *): a2sll_c, \
|
||||||
|
void (*)(long long, char *): a2sll_nc, \
|
||||||
|
void (*)(long long, void *): a2sll_nc, \
|
||||||
|
void (*)(unsigned short, const char *): a2uh_c, \
|
||||||
|
void (*)(unsigned short, const void *): a2uh_c, \
|
||||||
|
void (*)(unsigned short, char *): a2uh_nc, \
|
||||||
|
void (*)(unsigned short, void *): a2uh_nc, \
|
||||||
|
void (*)(unsigned int, const char *): a2ui_c, \
|
||||||
|
void (*)(unsigned int, const void *): a2ui_c, \
|
||||||
|
void (*)(unsigned int, char *): a2ui_nc, \
|
||||||
|
void (*)(unsigned int, void *): a2ui_nc, \
|
||||||
|
void (*)(unsigned long, const char *): a2ul_c, \
|
||||||
|
void (*)(unsigned long, const void *): a2ul_c, \
|
||||||
|
void (*)(unsigned long, char *): a2ul_nc, \
|
||||||
|
void (*)(unsigned long, void *): a2ul_nc, \
|
||||||
|
void (*)(unsigned long long, const char *): a2ull_c, \
|
||||||
|
void (*)(unsigned long long, const void *): a2ull_c, \
|
||||||
|
void (*)(unsigned long long, char *): a2ull_nc, \
|
||||||
|
void (*)(unsigned long long, void *): a2ull_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
#define a2sh(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2sh_c, \
|
||||||
|
const void *: a2sh_c, \
|
||||||
|
char *: a2sh_nc, \
|
||||||
|
void *: a2sh_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
#define a2si(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2si_c, \
|
||||||
|
const void *: a2si_c, \
|
||||||
|
char *: a2si_nc, \
|
||||||
|
void *: a2si_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
#define a2sl(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2sl_c, \
|
||||||
|
const void *: a2sl_c, \
|
||||||
|
char *: a2sl_nc, \
|
||||||
|
void *: a2sl_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
#define a2sll(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2sll_c, \
|
||||||
|
const void *: a2sll_c, \
|
||||||
|
char *: a2sll_nc, \
|
||||||
|
void *: a2sll_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
#define a2uh(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2uh_c, \
|
||||||
|
const void *: a2uh_c, \
|
||||||
|
char *: a2uh_nc, \
|
||||||
|
void *: a2uh_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
#define a2ui(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2ui_c, \
|
||||||
|
const void *: a2ui_c, \
|
||||||
|
char *: a2ui_nc, \
|
||||||
|
void *: a2ui_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
#define a2ul(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2ul_c, \
|
||||||
|
const void *: a2ul_c, \
|
||||||
|
char *: a2ul_nc, \
|
||||||
|
void *: a2ul_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
#define a2ull(n, s, ...) \
|
||||||
|
( \
|
||||||
|
_Generic(s, \
|
||||||
|
const char *: a2ull_c, \
|
||||||
|
const void *: a2ull_c, \
|
||||||
|
char *: a2ull_nc, \
|
||||||
|
void *: a2ull_nc \
|
||||||
|
)(n, s, __VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2sh_c(short *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, short min, short max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2si_c(int *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, int min, int max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2sl_c(long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, long min, long max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2sll_c(long long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, long long min, long long max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2uh_c(unsigned short *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned short min,
|
||||||
|
unsigned short max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2ui_c(unsigned int *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned int min, unsigned int max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2ul_c(unsigned long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned long min, unsigned long max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2ull_c(unsigned long long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned long long min,
|
||||||
|
unsigned long long max);
|
||||||
|
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2sh_nc(short *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, short min, short max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2si_nc(int *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, int min, int max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2sl_nc(long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, long min, long max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2sll_nc(long long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, long long min, long long max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2uh_nc(unsigned short *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned short min, unsigned short max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2ui_nc(unsigned int *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned int min, unsigned int max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2ul_nc(unsigned long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned long min, unsigned long max);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1) ATTR_ACCESS(write_only, 3)
|
||||||
|
inline int a2ull_nc(unsigned long long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned long long min,
|
||||||
|
unsigned long long max);
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2sh_c(short *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, short min, short max)
|
||||||
|
{
|
||||||
|
return a2sh(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2si_c(int *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, int min, int max)
|
||||||
|
{
|
||||||
|
return a2si(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2sl_c(long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, long min, long max)
|
||||||
|
{
|
||||||
|
return a2sl(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2sll_c(long long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, long long min, long long max)
|
||||||
|
{
|
||||||
|
return a2sll(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2uh_c(unsigned short *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned short min,
|
||||||
|
unsigned short max)
|
||||||
|
{
|
||||||
|
return a2uh(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2ui_c(unsigned int *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned int min, unsigned int max)
|
||||||
|
{
|
||||||
|
return a2ui(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2ul_c(unsigned long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned long min, unsigned long max)
|
||||||
|
{
|
||||||
|
return a2ul(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2ull_c(unsigned long long *restrict n, const char *s,
|
||||||
|
const char **restrict endp, int base, unsigned long long min,
|
||||||
|
unsigned long long max)
|
||||||
|
{
|
||||||
|
return a2ull(n, (char *) s, (char **) endp, base, min, max);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2sh_nc(short *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, short min, short max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtoi_(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2si_nc(int *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, int min, int max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtoi_(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2sl_nc(long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, long min, long max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtoi_(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2sll_nc(long long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, long long min, long long max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtoi_(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2uh_nc(unsigned short *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned short min,
|
||||||
|
unsigned short max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtou_noneg(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2ui_nc(unsigned int *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned int min, unsigned int max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtou_noneg(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2ul_nc(unsigned long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned long min, unsigned long max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtou_noneg(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
a2ull_nc(unsigned long long *restrict n, char *s,
|
||||||
|
char **restrict endp, int base, unsigned long long min,
|
||||||
|
unsigned long long max)
|
||||||
|
{
|
||||||
|
int status;
|
||||||
|
|
||||||
|
*n = strtou_noneg(s, endp, base, min, max, &status);
|
||||||
|
if (status != 0) {
|
||||||
|
errno = status;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
@@ -0,0 +1,18 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2007-2009, Nicolas François
|
||||||
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "atoi/str2i.h"
|
||||||
|
|
||||||
|
|
||||||
|
extern inline int str2sh(short *restrict n, const char *restrict s);
|
||||||
|
extern inline int str2si(int *restrict n, const char *restrict s);
|
||||||
|
extern inline int str2sl(long *restrict n, const char *restrict s);
|
||||||
|
extern inline int str2sll(long long *restrict n, const char *restrict s);
|
||||||
|
extern inline int str2uh(unsigned short *restrict n, const char *restrict s);
|
||||||
|
extern inline int str2ui(unsigned int *restrict n, const char *restrict s);
|
||||||
|
extern inline int str2ul(unsigned long *restrict n, const char *restrict s);
|
||||||
|
extern inline int str2ull(unsigned long long *restrict n, const char *restrict s);
|
||||||
@@ -0,0 +1,108 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2007-2009, Nicolas François
|
||||||
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef SHADOW_INCLUDE_LIB_ATOI_STR2I_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_ATOI_STR2I_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include <limits.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
|
||||||
|
#include "atoi/a2i.h"
|
||||||
|
#include "attr.h"
|
||||||
|
|
||||||
|
|
||||||
|
#define str2i(TYPE, ...) \
|
||||||
|
( \
|
||||||
|
_Generic((TYPE) 0, \
|
||||||
|
short: str2sh, \
|
||||||
|
int: str2si, \
|
||||||
|
long: str2sl, \
|
||||||
|
long long: str2sll, \
|
||||||
|
unsigned short: str2uh, \
|
||||||
|
unsigned int: str2ui, \
|
||||||
|
unsigned long: str2ul, \
|
||||||
|
unsigned long long: str2ull \
|
||||||
|
)(__VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2sh(short *restrict n, const char *restrict s);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2si(int *restrict n, const char *restrict s);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2sl(long *restrict n, const char *restrict s);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2sll(long long *restrict n, const char *restrict s);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2uh(unsigned short *restrict n, const char *restrict s);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2ui(unsigned int *restrict n, const char *restrict s);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2ul(unsigned long *restrict n, const char *restrict s);
|
||||||
|
ATTR_STRING(2) ATTR_ACCESS(write_only, 1)
|
||||||
|
inline int str2ull(unsigned long long *restrict n, const char *restrict s);
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2sh(short *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2sh(n, s, NULL, 0, SHRT_MIN, SHRT_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2si(int *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2si(n, s, NULL, 0, INT_MIN, INT_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2sl(long *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2sl(n, s, NULL, 0, LONG_MIN, LONG_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2sll(long long *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2sll(n, s, NULL, 0, LLONG_MIN, LLONG_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2uh(unsigned short *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2uh(n, s, NULL, 0, 0, USHRT_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2ui(unsigned int *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2ui(n, s, NULL, 0, 0, UINT_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2ul(unsigned long *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2ul(n, s, NULL, 0, 0, ULONG_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline int
|
||||||
|
str2ull(unsigned long long *restrict n, const char *restrict s)
|
||||||
|
{
|
||||||
|
return a2ull(n, s, NULL, 0, 0, ULLONG_MAX);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
@@ -0,0 +1,15 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "atoi/strtoi.h"
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
|
||||||
|
extern inline intmax_t strtoi_(const char *s, char **restrict endp, int base,
|
||||||
|
intmax_t min, intmax_t max, int *restrict status);
|
||||||
|
extern inline uintmax_t strtou_(const char *s, char **restrict endp, int base,
|
||||||
|
uintmax_t min, uintmax_t max, int *restrict status);
|
||||||
@@ -0,0 +1,96 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef SHADOW_INCLUDE_LIB_ATOI_STRTOI_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_ATOI_STRTOI_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
#include <inttypes.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
#include <stdint.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <sys/param.h>
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
|
|
||||||
|
|
||||||
|
#define strtoNmax(TYPE, ...) \
|
||||||
|
( \
|
||||||
|
_Generic((TYPE) 0, \
|
||||||
|
intmax_t: strtoimax, \
|
||||||
|
uintmax_t: strtoumax \
|
||||||
|
)(__VA_ARGS__) \
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
#define strtoN(s, endp, base, min, max, status, TYPE) \
|
||||||
|
({ \
|
||||||
|
const char *s_ = s; \
|
||||||
|
char **endp_ = endp; \
|
||||||
|
int base_ = base; \
|
||||||
|
TYPE min_ = min; \
|
||||||
|
TYPE max_ = max; \
|
||||||
|
int *status_ = status; \
|
||||||
|
\
|
||||||
|
int e_, st_; \
|
||||||
|
char *end_; \
|
||||||
|
TYPE n_; \
|
||||||
|
\
|
||||||
|
if (endp_ == NULL) \
|
||||||
|
endp_ = &end_; \
|
||||||
|
if (status_ == NULL) \
|
||||||
|
status_ = &st_; \
|
||||||
|
\
|
||||||
|
if (base_ != 0 && (base_ < 0 || base_ > 36)) { \
|
||||||
|
*status_ = EINVAL; \
|
||||||
|
n_ = 0; \
|
||||||
|
\
|
||||||
|
} else { \
|
||||||
|
e_ = errno; \
|
||||||
|
errno = 0; \
|
||||||
|
n_ = strtoNmax(TYPE, s_, endp_, base_); \
|
||||||
|
\
|
||||||
|
if (*endp_ == s_) \
|
||||||
|
*status_ = ECANCELED; \
|
||||||
|
else if (errno == ERANGE || n_ < min_ || n_ > max_) \
|
||||||
|
*status_ = ERANGE; \
|
||||||
|
else if (**endp_ != '\0') \
|
||||||
|
*status_ = ENOTSUP; \
|
||||||
|
else \
|
||||||
|
*status_ = 0; \
|
||||||
|
\
|
||||||
|
errno = e_; \
|
||||||
|
} \
|
||||||
|
MAX(min_, MIN(max_, n_)); \
|
||||||
|
})
|
||||||
|
|
||||||
|
|
||||||
|
ATTR_STRING(1) ATTR_ACCESS(write_only, 2) ATTR_ACCESS(write_only, 6)
|
||||||
|
inline intmax_t strtoi_(const char *s, char **restrict endp, int base,
|
||||||
|
intmax_t min, intmax_t max, int *restrict status);
|
||||||
|
ATTR_STRING(1) ATTR_ACCESS(write_only, 2) ATTR_ACCESS(write_only, 6)
|
||||||
|
inline uintmax_t strtou_(const char *s, char **restrict endp, int base,
|
||||||
|
uintmax_t min, uintmax_t max, int *restrict status);
|
||||||
|
|
||||||
|
|
||||||
|
inline intmax_t
|
||||||
|
strtoi_(const char *s, char **restrict endp, int base,
|
||||||
|
intmax_t min, intmax_t max, int *restrict status)
|
||||||
|
{
|
||||||
|
return strtoN(s, endp, base, min, max, status, intmax_t);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
inline uintmax_t
|
||||||
|
strtou_(const char *s, char **restrict endp, int base,
|
||||||
|
uintmax_t min, uintmax_t max, int *restrict status)
|
||||||
|
{
|
||||||
|
return strtoN(s, endp, base, min, max, status, uintmax_t);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
@@ -0,0 +1,13 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include "atoi/strtou_noneg.h"
|
||||||
|
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
|
||||||
|
extern inline uintmax_t strtou_noneg(const char *s, char **restrict endp,
|
||||||
|
int base, uintmax_t min, uintmax_t max, int *restrict status);
|
||||||
@@ -0,0 +1,39 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2023, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef SHADOW_INCLUDE_LIB_ATOI_STRTOU_NONEG_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_ATOI_STRTOU_NONEG_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
#include <stdint.h>
|
||||||
|
|
||||||
|
#include "atoi/strtoi.h"
|
||||||
|
#include "attr.h"
|
||||||
|
|
||||||
|
|
||||||
|
ATTR_STRING(1) ATTR_ACCESS(write_only, 2) ATTR_ACCESS(write_only, 6)
|
||||||
|
inline uintmax_t strtou_noneg(const char *s, char **restrict endp,
|
||||||
|
int base, uintmax_t min, uintmax_t max, int *restrict status);
|
||||||
|
|
||||||
|
|
||||||
|
inline uintmax_t
|
||||||
|
strtou_noneg(const char *s, char **restrict endp, int base,
|
||||||
|
uintmax_t min, uintmax_t max, int *restrict status)
|
||||||
|
{
|
||||||
|
int st;
|
||||||
|
|
||||||
|
if (status == NULL)
|
||||||
|
status = &st;
|
||||||
|
if (strtoi_(s, endp, base, 0, 1, status) == 0 && *status == ERANGE)
|
||||||
|
return min;
|
||||||
|
|
||||||
|
return strtou_(s, endp, base, min, max, status);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
+33
@@ -0,0 +1,33 @@
|
|||||||
|
#ifndef SHADOW_INCLUDE_LIB_ATTR_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_ATTR_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include "config.h"
|
||||||
|
|
||||||
|
|
||||||
|
#if defined(__GNUC__)
|
||||||
|
# define MAYBE_UNUSED __attribute__((unused))
|
||||||
|
# define NORETURN __attribute__((__noreturn__))
|
||||||
|
# define format_attr(type, fmt, va) __attribute__((format(type, fmt, va)))
|
||||||
|
# define ATTR_ACCESS(...) __attribute__((access(__VA_ARGS__)))
|
||||||
|
#else
|
||||||
|
# define MAYBE_UNUSED
|
||||||
|
# define NORETURN
|
||||||
|
# define format_attr(type, fmt, va)
|
||||||
|
# define ATTR_ACCESS(...)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if (__GNUC__ >= 11) && !defined(__clang__)
|
||||||
|
# define ATTR_MALLOC(deallocator) [[gnu::malloc(deallocator)]]
|
||||||
|
#else
|
||||||
|
# define ATTR_MALLOC(deallocator)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if (__GNUC__ >= 14)
|
||||||
|
# define ATTR_STRING(...) [[gnu::null_terminated_string_arg(__VA_ARGS__)]]
|
||||||
|
#else
|
||||||
|
# define ATTR_STRING(...)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
@@ -21,6 +21,8 @@
|
|||||||
#include <libaudit.h>
|
#include <libaudit.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "shadowlog.h"
|
#include "shadowlog.h"
|
||||||
int audit_fd;
|
int audit_fd;
|
||||||
@@ -54,7 +56,7 @@ void audit_help_open (void)
|
|||||||
* id - uid or gid that the operation is being performed on. This is used
|
* id - uid or gid that the operation is being performed on. This is used
|
||||||
* only when user is NULL.
|
* only when user is NULL.
|
||||||
*/
|
*/
|
||||||
void audit_logger (int type, unused const char *pgname, const char *op,
|
void audit_logger (int type, MAYBE_UNUSED const char *pgname, const char *op,
|
||||||
const char *name, unsigned int id,
|
const char *name, unsigned int id,
|
||||||
shadow_audit_result result)
|
shadow_audit_result result)
|
||||||
{
|
{
|
||||||
@@ -39,7 +39,7 @@ static int run_btrfs_subvolume_cmd(const char *subcmd, const char *arg1, const c
|
|||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
if (access(cmd, X_OK)) {
|
if (!cmd || access(cmd, X_OK)) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
+15
@@ -0,0 +1,15 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#ifndef SHADOW_INCLUDE_LIB_CAST_H_
|
||||||
|
#define SHADOW_INCLUDE_LIB_CAST_H_
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
|
||||||
|
#define const_cast(T, p) _Generic(p, const T: (T) (p))
|
||||||
|
|
||||||
|
|
||||||
|
#endif // include guard
|
||||||
@@ -1,11 +1,10 @@
|
|||||||
/*
|
// SPDX-FileCopyrightText: 1990-1994, Julianne Frances Haugh
|
||||||
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
// SPDX-FileCopyrightText: 1996-2000, Marek Michałkiewicz
|
||||||
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
// SPDX-FileCopyrightText: 2001-2005, Tomasz Kłoczko
|
||||||
* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
|
// SPDX-FileCopyrightText: 2005-2008, Nicolas François
|
||||||
* SPDX-FileCopyrightText: 2005 - 2008, Nicolas François
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
*
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
* SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* is_valid_user_name(), is_valid_group_name() - check the new user/group
|
* is_valid_user_name(), is_valid_group_name() - check the new user/group
|
||||||
@@ -15,16 +14,39 @@
|
|||||||
* false - bad name
|
* false - bad name
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <limits.h>
|
||||||
|
#include <stdbool.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "chkname.h"
|
#include "chkname.h"
|
||||||
|
|
||||||
|
|
||||||
int allow_bad_names = false;
|
int allow_bad_names = false;
|
||||||
|
|
||||||
|
|
||||||
|
size_t
|
||||||
|
login_name_max_size(void)
|
||||||
|
{
|
||||||
|
long conf;
|
||||||
|
|
||||||
|
errno = 0;
|
||||||
|
conf = sysconf(_SC_LOGIN_NAME_MAX);
|
||||||
|
if (conf == -1 && errno != 0)
|
||||||
|
return LOGIN_NAME_MAX;
|
||||||
|
|
||||||
|
return conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static bool is_valid_name (const char *name)
|
static bool is_valid_name (const char *name)
|
||||||
{
|
{
|
||||||
if (allow_bad_names) {
|
if (allow_bad_names) {
|
||||||
@@ -32,8 +54,8 @@ static bool is_valid_name (const char *name)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* User/group names must match gnu e-regex:
|
* User/group names must match BRE regex:
|
||||||
* [a-zA-Z0-9_.][a-zA-Z0-9_.-]{0,30}[a-zA-Z0-9_.$-]?
|
* [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\?
|
||||||
*
|
*
|
||||||
* as a non-POSIX, extension, allow "$" as the last char for
|
* as a non-POSIX, extension, allow "$" as the last char for
|
||||||
* sake of Samba 3.x "add machine script"
|
* sake of Samba 3.x "add machine script"
|
||||||
@@ -72,18 +94,17 @@ static bool is_valid_name (const char *name)
|
|||||||
return !numeric;
|
return !numeric;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool is_valid_user_name (const char *name)
|
|
||||||
{
|
|
||||||
/*
|
|
||||||
* User names length are limited by the kernel
|
|
||||||
*/
|
|
||||||
if (strlen (name) > sysconf(_SC_LOGIN_NAME_MAX)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return is_valid_name (name);
|
bool
|
||||||
|
is_valid_user_name(const char *name)
|
||||||
|
{
|
||||||
|
if (strlen(name) >= login_name_max_size())
|
||||||
|
return false;
|
||||||
|
|
||||||
|
return is_valid_name(name);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
bool is_valid_group_name (const char *name)
|
bool is_valid_group_name (const char *name)
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
@@ -97,4 +118,3 @@ bool is_valid_group_name (const char *name)
|
|||||||
|
|
||||||
return is_valid_name (name);
|
return is_valid_name (name);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -11,6 +11,7 @@
|
|||||||
#ifndef _CHKNAME_H_
|
#ifndef _CHKNAME_H_
|
||||||
#define _CHKNAME_H_
|
#define _CHKNAME_H_
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* is_valid_user_name(), is_valid_group_name() - check the new user/group
|
* is_valid_user_name(), is_valid_group_name() - check the new user/group
|
||||||
* name for validity;
|
* name for validity;
|
||||||
@@ -19,8 +20,14 @@
|
|||||||
* false - bad name
|
* false - bad name
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "defines.h"
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#include <stdbool.h>
|
||||||
|
#include <stddef.h>
|
||||||
|
|
||||||
|
|
||||||
|
extern size_t login_name_max_size(void);
|
||||||
extern bool is_valid_user_name (const char *name);
|
extern bool is_valid_user_name (const char *name);
|
||||||
extern bool is_valid_group_name (const char *name);
|
extern bool is_valid_group_name (const char *name);
|
||||||
|
|
||||||
@@ -9,6 +9,7 @@
|
|||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "groupio.h"
|
#include "groupio.h"
|
||||||
#include "sgroupio.h"
|
#include "sgroupio.h"
|
||||||
@@ -178,7 +179,7 @@ void cleanup_report_del_group_gshadow (void *group_name)
|
|||||||
*
|
*
|
||||||
* It should be registered after the group file is successfully locked.
|
* It should be registered after the group file is successfully locked.
|
||||||
*/
|
*/
|
||||||
void cleanup_unlock_group (unused void *arg)
|
void cleanup_unlock_group (MAYBE_UNUSED void *arg)
|
||||||
{
|
{
|
||||||
if (gr_unlock () == 0) {
|
if (gr_unlock () == 0) {
|
||||||
fprintf (log_get_logfd(),
|
fprintf (log_get_logfd(),
|
||||||
@@ -198,7 +199,7 @@ void cleanup_unlock_group (unused void *arg)
|
|||||||
*
|
*
|
||||||
* It should be registered after the gshadow file is successfully locked.
|
* It should be registered after the gshadow file is successfully locked.
|
||||||
*/
|
*/
|
||||||
void cleanup_unlock_gshadow (unused void *arg)
|
void cleanup_unlock_gshadow (MAYBE_UNUSED void *arg)
|
||||||
{
|
{
|
||||||
if (sgr_unlock () == 0) {
|
if (sgr_unlock () == 0) {
|
||||||
fprintf (log_get_logfd(),
|
fprintf (log_get_logfd(),
|
||||||
@@ -9,6 +9,7 @@
|
|||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "pwio.h"
|
#include "pwio.h"
|
||||||
#include "shadowio.h"
|
#include "shadowio.h"
|
||||||
@@ -95,7 +96,7 @@ void cleanup_report_add_user_shadow (void *user_name)
|
|||||||
*
|
*
|
||||||
* It should be registered after the passwd database is successfully locked.
|
* It should be registered after the passwd database is successfully locked.
|
||||||
*/
|
*/
|
||||||
void cleanup_unlock_passwd (unused void *arg)
|
void cleanup_unlock_passwd (MAYBE_UNUSED void *arg)
|
||||||
{
|
{
|
||||||
if (pw_unlock () == 0) {
|
if (pw_unlock () == 0) {
|
||||||
fprintf (log_get_logfd(),
|
fprintf (log_get_logfd(),
|
||||||
@@ -114,7 +115,7 @@ void cleanup_unlock_passwd (unused void *arg)
|
|||||||
*
|
*
|
||||||
* It should be registered after the shadow database is successfully locked.
|
* It should be registered after the shadow database is successfully locked.
|
||||||
*/
|
*/
|
||||||
void cleanup_unlock_shadow (unused void *arg)
|
void cleanup_unlock_shadow (MAYBE_UNUSED void *arg)
|
||||||
{
|
{
|
||||||
if (spw_unlock () == 0) {
|
if (spw_unlock () == 0) {
|
||||||
fprintf (log_get_logfd(),
|
fprintf (log_get_logfd(),
|
||||||
+39
-39
@@ -23,6 +23,7 @@
|
|||||||
#include <signal.h>
|
#include <signal.h>
|
||||||
|
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
|
#include "memzero.h"
|
||||||
#include "nscd.h"
|
#include "nscd.h"
|
||||||
#include "sssd.h"
|
#include "sssd.h"
|
||||||
#ifdef WITH_TCB
|
#ifdef WITH_TCB
|
||||||
@@ -31,6 +32,8 @@
|
|||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "commonio.h"
|
#include "commonio.h"
|
||||||
#include "shadowlog_internal.h"
|
#include "shadowlog_internal.h"
|
||||||
|
#include "string/sprintf.h"
|
||||||
|
|
||||||
|
|
||||||
/* local function prototypes */
|
/* local function prototypes */
|
||||||
static int lrename (const char *, const char *);
|
static int lrename (const char *, const char *);
|
||||||
@@ -108,9 +111,9 @@ static int check_link_count (const char *file, bool log)
|
|||||||
|
|
||||||
if (sb.st_nlink != 2) {
|
if (sb.st_nlink != 2) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (shadow_logfd,
|
fprintf(shadow_logfd,
|
||||||
"%s: %s: lock file already used (nlink: %u)\n",
|
"%s: %s: lock file already used (nlink: %ju)\n",
|
||||||
shadow_progname, file, sb.st_nlink);
|
shadow_progname, file, (uintmax_t) sb.st_nlink);
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -121,11 +124,11 @@ static int check_link_count (const char *file, bool log)
|
|||||||
|
|
||||||
static int do_lock_file (const char *file, const char *lock, bool log)
|
static int do_lock_file (const char *file, const char *lock, bool log)
|
||||||
{
|
{
|
||||||
int fd;
|
int fd;
|
||||||
pid_t pid;
|
int retval;
|
||||||
ssize_t len;
|
char buf[32];
|
||||||
int retval;
|
pid_t pid;
|
||||||
char buf[32];
|
ssize_t len;
|
||||||
|
|
||||||
fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
|
fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
|
||||||
if (-1 == fd) {
|
if (-1 == fd) {
|
||||||
@@ -138,9 +141,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
}
|
}
|
||||||
|
|
||||||
pid = getpid ();
|
pid = getpid ();
|
||||||
snprintf (buf, sizeof buf, "%lu", (unsigned long) pid);
|
SNPRINTF(buf, "%lu", (unsigned long) pid);
|
||||||
len = (ssize_t) strlen (buf) + 1;
|
len = (ssize_t) strlen (buf) + 1;
|
||||||
if (write_full (fd, buf, (size_t) len) != len) {
|
if (write_full(fd, buf, len) == -1) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (shadow_logfd,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: %s file write error: %s\n",
|
"%s: %s file write error: %s\n",
|
||||||
@@ -192,7 +195,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
buf[len] = '\0';
|
buf[len] = '\0';
|
||||||
if (get_pid (buf, &pid) == 0) {
|
if (get_pid(buf, &pid) == -1) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (shadow_logfd,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: existing lock file %s with an invalid PID '%s'\n",
|
"%s: existing lock file %s with an invalid PID '%s'\n",
|
||||||
@@ -339,7 +342,7 @@ static void free_linked_list (struct commonio_db *db)
|
|||||||
|
|
||||||
int commonio_setname (struct commonio_db *db, const char *name)
|
int commonio_setname (struct commonio_db *db, const char *name)
|
||||||
{
|
{
|
||||||
snprintf (db->filename, sizeof (db->filename), "%s", name);
|
SNPRINTF(db->filename, "%s", name);
|
||||||
db->setname = true;
|
db->setname = true;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
@@ -353,33 +356,25 @@ bool commonio_present (const struct commonio_db *db)
|
|||||||
|
|
||||||
int commonio_lock_nowait (struct commonio_db *db, bool log)
|
int commonio_lock_nowait (struct commonio_db *db, bool log)
|
||||||
{
|
{
|
||||||
char* file = NULL;
|
int err = 0;
|
||||||
char* lock = NULL;
|
char *file = NULL;
|
||||||
size_t lock_file_len;
|
char *lock = NULL;
|
||||||
size_t file_len;
|
|
||||||
int err = 0;
|
|
||||||
|
|
||||||
if (db->locked) {
|
if (db->locked) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
file_len = strlen(db->filename) + 11;/* %lu max size */
|
|
||||||
lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */
|
if (asprintf(&file, "%s.%ju", db->filename, (uintmax_t) getpid()) == -1)
|
||||||
file = MALLOC(file_len, char);
|
|
||||||
if (file == NULL) {
|
|
||||||
goto cleanup_ENOMEM;
|
goto cleanup_ENOMEM;
|
||||||
}
|
if (asprintf(&lock, "%s.lock", db->filename) == -1)
|
||||||
lock = MALLOC(lock_file_len, char);
|
|
||||||
if (lock == NULL) {
|
|
||||||
goto cleanup_ENOMEM;
|
goto cleanup_ENOMEM;
|
||||||
}
|
|
||||||
snprintf (file, file_len, "%s.%lu",
|
|
||||||
db->filename, (unsigned long) getpid ());
|
|
||||||
snprintf (lock, lock_file_len, "%s.lock", db->filename);
|
|
||||||
if (do_lock_file (file, lock, log) != 0) {
|
if (do_lock_file (file, lock, log) != 0) {
|
||||||
db->locked = true;
|
db->locked = true;
|
||||||
lock_count++;
|
lock_count++;
|
||||||
err = 1;
|
err = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
cleanup_ENOMEM:
|
cleanup_ENOMEM:
|
||||||
free(file);
|
free(file);
|
||||||
free(lock);
|
free(lock);
|
||||||
@@ -473,7 +468,7 @@ static void dec_lock_count (void)
|
|||||||
|
|
||||||
int commonio_unlock (struct commonio_db *db)
|
int commonio_unlock (struct commonio_db *db)
|
||||||
{
|
{
|
||||||
char lock[1024];
|
char lock[1029];
|
||||||
|
|
||||||
if (db->isopen) {
|
if (db->isopen) {
|
||||||
db->readonly = true;
|
db->readonly = true;
|
||||||
@@ -490,7 +485,7 @@ int commonio_unlock (struct commonio_db *db)
|
|||||||
* then call ulckpwdf() (if used) on last unlock.
|
* then call ulckpwdf() (if used) on last unlock.
|
||||||
*/
|
*/
|
||||||
db->locked = false;
|
db->locked = false;
|
||||||
snprintf (lock, sizeof lock, "%s.lock", db->filename);
|
SNPRINTF(lock, "%s.lock", db->filename);
|
||||||
unlink (lock);
|
unlink (lock);
|
||||||
dec_lock_count ();
|
dec_lock_count ();
|
||||||
return 1;
|
return 1;
|
||||||
@@ -646,7 +641,7 @@ int commonio_open (struct commonio_db *db, int mode)
|
|||||||
}
|
}
|
||||||
|
|
||||||
while (db->ops->fgets (buf, buflen, db->fp) == buf) {
|
while (db->ops->fgets (buf, buflen, db->fp) == buf) {
|
||||||
while ( ((cp = strrchr (buf, '\n')) == NULL)
|
while ( (strrchr (buf, '\n') == NULL)
|
||||||
&& (feof (db->fp) == 0)) {
|
&& (feof (db->fp) == 0)) {
|
||||||
size_t len;
|
size_t len;
|
||||||
|
|
||||||
@@ -899,9 +894,9 @@ static int write_all (const struct commonio_db *db)
|
|||||||
|
|
||||||
int commonio_close (struct commonio_db *db)
|
int commonio_close (struct commonio_db *db)
|
||||||
{
|
{
|
||||||
char buf[1024];
|
int errors = 0;
|
||||||
int errors = 0;
|
char buf[1024];
|
||||||
struct stat sb;
|
struct stat sb;
|
||||||
|
|
||||||
if (!db->isopen) {
|
if (!db->isopen) {
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
@@ -932,7 +927,11 @@ int commonio_close (struct commonio_db *db)
|
|||||||
/*
|
/*
|
||||||
* Create backup file.
|
* Create backup file.
|
||||||
*/
|
*/
|
||||||
snprintf (buf, sizeof buf, "%s-", db->filename);
|
if (SNPRINTF(buf, "%s-", db->filename) == -1) {
|
||||||
|
(void) fclose (db->fp);
|
||||||
|
db->fp = NULL;
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
|
if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
|
||||||
@@ -947,15 +946,15 @@ int commonio_close (struct commonio_db *db)
|
|||||||
errors++;
|
errors++;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
db->fp = NULL;
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (reset_selinux_file_context () != 0) {
|
if (reset_selinux_file_context () != 0) {
|
||||||
errors++;
|
errors++;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
if (errors != 0) {
|
if (errors != 0)
|
||||||
db->fp = NULL;
|
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
|
||||||
} else {
|
} else {
|
||||||
/*
|
/*
|
||||||
* Default permissions for new [g]shadow files.
|
* Default permissions for new [g]shadow files.
|
||||||
@@ -965,7 +964,8 @@ int commonio_close (struct commonio_db *db)
|
|||||||
sb.st_gid = db->st_gid;
|
sb.st_gid = db->st_gid;
|
||||||
}
|
}
|
||||||
|
|
||||||
snprintf (buf, sizeof buf, "%s+", db->filename);
|
if (SNPRINTF(buf, "%s+", db->filename) == -1)
|
||||||
|
goto fail;
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
|
if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
|
||||||
|
|||||||
+7
-2
@@ -11,8 +11,11 @@
|
|||||||
#ifndef COMMONIO_H
|
#ifndef COMMONIO_H
|
||||||
#define COMMONIO_H
|
#define COMMONIO_H
|
||||||
|
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
#include "defines.h" /* bool */
|
#include "defines.h" /* bool */
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Linked list entry.
|
* Linked list entry.
|
||||||
*/
|
*/
|
||||||
@@ -37,7 +40,7 @@ struct commonio_ops {
|
|||||||
/*
|
/*
|
||||||
* free() the object including any strings pointed by it.
|
* free() the object including any strings pointed by it.
|
||||||
*/
|
*/
|
||||||
void (*free) (/*@out@*/ /*@only@*/void *);
|
void (*free)(/*@only@*/void *);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Return the name of the object (for example, pw_name
|
* Return the name of the object (for example, pw_name
|
||||||
@@ -61,7 +64,9 @@ struct commonio_ops {
|
|||||||
* fgets and fputs (can be replaced by versions that
|
* fgets and fputs (can be replaced by versions that
|
||||||
* understand line continuation conventions).
|
* understand line continuation conventions).
|
||||||
*/
|
*/
|
||||||
/*@null@*/char *(*fgets) (/*@returned@*/ /*@out@*/char *s, int n, FILE *stream);
|
ATTR_ACCESS(write_only, 1, 2)
|
||||||
|
/*@null@*/char *(*fgets)(/*@returned@*/char *restrict s, int n,
|
||||||
|
FILE *restrict stream);
|
||||||
int (*fputs) (const char *, FILE *);
|
int (*fputs) (const char *, FILE *);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -13,6 +13,7 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include "getdef.h"
|
#include "getdef.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
#include "string/strtcpy.h"
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
@@ -44,7 +45,7 @@ static bool is_listed (const char *cfgin, const char *tty, bool def)
|
|||||||
|
|
||||||
if (*cons != '/') {
|
if (*cons != '/') {
|
||||||
char *pbuf;
|
char *pbuf;
|
||||||
strlcpy (buf, cons, sizeof (buf));
|
STRTCPY(buf, cons);
|
||||||
pbuf = &buf[0];
|
pbuf = &buf[0];
|
||||||
while ((s = strtok (pbuf, ":")) != NULL) {
|
while ((s = strtok (pbuf, ":")) != NULL) {
|
||||||
if (strcmp (s, tty) == 0) {
|
if (strcmp (s, tty) == 0) {
|
||||||
+130
-139
@@ -19,6 +19,7 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
|
#include "attr.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
@@ -35,6 +36,7 @@
|
|||||||
#include <attr/libattr.h>
|
#include <attr/libattr.h>
|
||||||
#endif /* WITH_ATTR */
|
#endif /* WITH_ATTR */
|
||||||
#include "shadowlog.h"
|
#include "shadowlog.h"
|
||||||
|
#include "string/sprintf.h"
|
||||||
|
|
||||||
|
|
||||||
static /*@null@*/const char *src_orig;
|
static /*@null@*/const char *src_orig;
|
||||||
@@ -66,12 +68,12 @@ static int copy_dir (const struct path_info *src, const struct path_info *dst,
|
|||||||
gid_t old_gid, gid_t new_gid);
|
gid_t old_gid, gid_t new_gid);
|
||||||
static /*@null@*/char *readlink_malloc (const char *filename);
|
static /*@null@*/char *readlink_malloc (const char *filename);
|
||||||
static int copy_symlink (const struct path_info *src, const struct path_info *dst,
|
static int copy_symlink (const struct path_info *src, const struct path_info *dst,
|
||||||
unused bool reset_selinux,
|
MAYBE_UNUSED bool reset_selinux,
|
||||||
const struct stat *statp, const struct timespec mt[],
|
const struct stat *statp, const struct timespec mt[],
|
||||||
uid_t old_uid, uid_t new_uid,
|
uid_t old_uid, uid_t new_uid,
|
||||||
gid_t old_gid, gid_t new_gid);
|
gid_t old_gid, gid_t new_gid);
|
||||||
static int copy_hardlink (const struct path_info *dst,
|
static int copy_hardlink (const struct path_info *dst,
|
||||||
unused bool reset_selinux,
|
MAYBE_UNUSED bool reset_selinux,
|
||||||
struct link_name *lp);
|
struct link_name *lp);
|
||||||
static int copy_special (const struct path_info *src, const struct path_info *dst,
|
static int copy_special (const struct path_info *src, const struct path_info *dst,
|
||||||
bool reset_selinux,
|
bool reset_selinux,
|
||||||
@@ -95,7 +97,7 @@ static int fchown_if_needed (int fdst, const struct stat *statp,
|
|||||||
* error_acl - format the error messages for the ACL and EQ libraries.
|
* error_acl - format the error messages for the ACL and EQ libraries.
|
||||||
*/
|
*/
|
||||||
format_attr(printf, 2, 3)
|
format_attr(printf, 2, 3)
|
||||||
static void error_acl (unused struct error_context *ctx, const char *fmt, ...)
|
static void error_acl (MAYBE_UNUSED struct error_context *ctx, const char *fmt, ...)
|
||||||
{
|
{
|
||||||
va_list ap;
|
va_list ap;
|
||||||
FILE *shadow_logfd = log_get_logfd();
|
FILE *shadow_logfd = log_get_logfd();
|
||||||
@@ -208,11 +210,7 @@ static void remove_link (/*@only@*/struct link_name *ln)
|
|||||||
|
|
||||||
static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, const struct stat *sb)
|
static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, const struct stat *sb)
|
||||||
{
|
{
|
||||||
struct link_name *lp;
|
struct link_name *lp;
|
||||||
size_t src_len;
|
|
||||||
size_t dst_len;
|
|
||||||
size_t name_len;
|
|
||||||
size_t len;
|
|
||||||
|
|
||||||
/* copy_tree () must be the entry point */
|
/* copy_tree () must be the entry point */
|
||||||
assert (NULL != src_orig);
|
assert (NULL != src_orig);
|
||||||
@@ -229,15 +227,10 @@ static /*@exposed@*/ /*@null@*/struct link_name *check_link (const char *name, c
|
|||||||
}
|
}
|
||||||
|
|
||||||
lp = XMALLOC(1, struct link_name);
|
lp = XMALLOC(1, struct link_name);
|
||||||
src_len = strlen (src_orig);
|
|
||||||
dst_len = strlen (dst_orig);
|
|
||||||
name_len = strlen (name);
|
|
||||||
lp->ln_dev = sb->st_dev;
|
lp->ln_dev = sb->st_dev;
|
||||||
lp->ln_ino = sb->st_ino;
|
lp->ln_ino = sb->st_ino;
|
||||||
lp->ln_count = sb->st_nlink;
|
lp->ln_count = sb->st_nlink;
|
||||||
len = name_len - src_len + dst_len + 1;
|
xasprintf(&lp->ln_name, "%s%s", dst_orig, name + strlen(src_orig));
|
||||||
lp->ln_name = XMALLOC(len, char);
|
|
||||||
(void) snprintf (lp->ln_name, len, "%s%s", dst_orig, name + src_len);
|
|
||||||
lp->ln_next = links;
|
lp->ln_next = links;
|
||||||
links = lp;
|
links = lp;
|
||||||
|
|
||||||
@@ -314,51 +307,43 @@ static int copy_tree_impl (const struct path_info *src, const struct path_info *
|
|||||||
set_orig = true;
|
set_orig = true;
|
||||||
}
|
}
|
||||||
while ((0 == err) && (ent = readdir (dir)) != NULL) {
|
while ((0 == err) && (ent = readdir (dir)) != NULL) {
|
||||||
|
char *src_name = NULL;
|
||||||
|
char *dst_name;
|
||||||
|
struct path_info src_entry, dst_entry;
|
||||||
/*
|
/*
|
||||||
* Skip the "." and ".." entries
|
* Skip the "." and ".." entries
|
||||||
*/
|
*/
|
||||||
if ((strcmp (ent->d_name, ".") != 0) &&
|
if (strcmp(ent->d_name, ".") == 0 ||
|
||||||
(strcmp (ent->d_name, "..") != 0)) {
|
strcmp(ent->d_name, "..") == 0)
|
||||||
char *src_name;
|
{
|
||||||
char *dst_name;
|
continue;
|
||||||
size_t src_len = strlen (ent->d_name) + 2;
|
|
||||||
size_t dst_len = strlen (ent->d_name) + 2;
|
|
||||||
src_len += strlen (src->full_path);
|
|
||||||
dst_len += strlen (dst->full_path);
|
|
||||||
|
|
||||||
src_name = MALLOC(src_len, char);
|
|
||||||
dst_name = MALLOC(dst_len, char);
|
|
||||||
|
|
||||||
if ((NULL == src_name) || (NULL == dst_name)) {
|
|
||||||
err = -1;
|
|
||||||
} else {
|
|
||||||
/*
|
|
||||||
* Build the filename for both the source and
|
|
||||||
* the destination files.
|
|
||||||
*/
|
|
||||||
struct path_info src_entry, dst_entry;
|
|
||||||
|
|
||||||
(void) snprintf (src_name, src_len, "%s/%s",
|
|
||||||
src->full_path, ent->d_name);
|
|
||||||
(void) snprintf (dst_name, dst_len, "%s/%s",
|
|
||||||
dst->full_path, ent->d_name);
|
|
||||||
|
|
||||||
src_entry.full_path = src_name;
|
|
||||||
src_entry.dirfd = dirfd(dir);
|
|
||||||
src_entry.name = ent->d_name;
|
|
||||||
|
|
||||||
dst_entry.full_path = dst_name;
|
|
||||||
dst_entry.dirfd = dst_fd;
|
|
||||||
dst_entry.name = ent->d_name;
|
|
||||||
|
|
||||||
err = copy_entry (&src_entry, &dst_entry,
|
|
||||||
reset_selinux,
|
|
||||||
old_uid, new_uid,
|
|
||||||
old_gid, new_gid);
|
|
||||||
}
|
|
||||||
free (src_name);
|
|
||||||
free (dst_name);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (asprintf(&src_name, "%s/%s", src->full_path, ent->d_name) == -1)
|
||||||
|
{
|
||||||
|
err = -1;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (asprintf(&dst_name, "%s/%s", dst->full_path, ent->d_name) == -1)
|
||||||
|
{
|
||||||
|
err = -1;
|
||||||
|
goto skip;
|
||||||
|
}
|
||||||
|
|
||||||
|
src_entry.full_path = src_name;
|
||||||
|
src_entry.dirfd = dirfd(dir);
|
||||||
|
src_entry.name = ent->d_name;
|
||||||
|
|
||||||
|
dst_entry.full_path = dst_name;
|
||||||
|
dst_entry.dirfd = dst_fd;
|
||||||
|
dst_entry.name = ent->d_name;
|
||||||
|
|
||||||
|
err = copy_entry(&src_entry, &dst_entry, reset_selinux,
|
||||||
|
old_uid, new_uid, old_gid, new_gid);
|
||||||
|
|
||||||
|
free(dst_name);
|
||||||
|
skip:
|
||||||
|
free(src_name);
|
||||||
}
|
}
|
||||||
(void) closedir (dir);
|
(void) closedir (dir);
|
||||||
(void) close (dst_fd);
|
(void) close (dst_fd);
|
||||||
@@ -415,68 +400,70 @@ static int copy_entry (const struct path_info *src, const struct path_info *dst,
|
|||||||
{
|
{
|
||||||
int err = 0;
|
int err = 0;
|
||||||
struct stat sb;
|
struct stat sb;
|
||||||
|
struct stat tmp_sb;
|
||||||
struct link_name *lp;
|
struct link_name *lp;
|
||||||
struct timespec mt[2];
|
struct timespec mt[2];
|
||||||
|
|
||||||
if (fstatat(src->dirfd, src->name, &sb, AT_SYMLINK_NOFOLLOW) == -1) {
|
if (fstatat(src->dirfd, src->name, &sb, AT_SYMLINK_NOFOLLOW) == -1) {
|
||||||
/* If we cannot stat the file, do not care. */
|
/* If we cannot stat the file, do not care. */
|
||||||
} else {
|
return 0;
|
||||||
mt[0].tv_sec = sb.st_atim.tv_sec;
|
}
|
||||||
mt[0].tv_nsec = sb.st_atim.tv_nsec;
|
|
||||||
|
|
||||||
mt[1].tv_sec = sb.st_mtim.tv_sec;
|
mt[0].tv_sec = sb.st_atim.tv_sec;
|
||||||
mt[1].tv_nsec = sb.st_mtim.tv_nsec;
|
mt[0].tv_nsec = sb.st_atim.tv_nsec;
|
||||||
|
|
||||||
if (S_ISDIR (sb.st_mode)) {
|
mt[1].tv_sec = sb.st_mtim.tv_sec;
|
||||||
err = copy_dir (src, dst, reset_selinux, &sb, mt,
|
mt[1].tv_nsec = sb.st_mtim.tv_nsec;
|
||||||
old_uid, new_uid, old_gid, new_gid);
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
if (S_ISDIR (sb.st_mode)) {
|
||||||
* If the destination already exists do nothing.
|
err = copy_dir (src, dst, reset_selinux, &sb, mt,
|
||||||
* This is after the copy_dir above to still iterate into subdirectories.
|
old_uid, new_uid, old_gid, new_gid);
|
||||||
*/
|
}
|
||||||
if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) {
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copy any symbolic links
|
* If the destination already exists do nothing.
|
||||||
*/
|
* This is after the copy_dir above to still iterate into subdirectories.
|
||||||
|
*/
|
||||||
|
if (fstatat(dst->dirfd, dst->name, &tmp_sb, AT_SYMLINK_NOFOLLOW) != -1) {
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
||||||
else if (S_ISLNK (sb.st_mode)) {
|
/*
|
||||||
err = copy_symlink (src, dst, reset_selinux, &sb, mt,
|
* Copy any symbolic links
|
||||||
old_uid, new_uid, old_gid, new_gid);
|
*/
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
else if (S_ISLNK (sb.st_mode)) {
|
||||||
* See if this is a previously copied link
|
err = copy_symlink (src, dst, reset_selinux, &sb, mt,
|
||||||
*/
|
old_uid, new_uid, old_gid, new_gid);
|
||||||
|
}
|
||||||
|
|
||||||
else if ((lp = check_link (src->full_path, &sb)) != NULL) {
|
/*
|
||||||
err = copy_hardlink (dst, reset_selinux, lp);
|
* See if this is a previously copied link
|
||||||
}
|
*/
|
||||||
|
|
||||||
/*
|
else if ((lp = check_link (src->full_path, &sb)) != NULL) {
|
||||||
* Deal with FIFOs and special files. The user really
|
err = copy_hardlink (dst, reset_selinux, lp);
|
||||||
* shouldn't have any of these, but it seems like it
|
}
|
||||||
* would be nice to copy everything ...
|
|
||||||
*/
|
|
||||||
|
|
||||||
else if (!S_ISREG (sb.st_mode)) {
|
/*
|
||||||
err = copy_special (src, dst, reset_selinux, &sb, mt,
|
* Deal with FIFOs and special files. The user really
|
||||||
old_uid, new_uid, old_gid, new_gid);
|
* shouldn't have any of these, but it seems like it
|
||||||
}
|
* would be nice to copy everything ...
|
||||||
|
*/
|
||||||
|
|
||||||
/*
|
else if (!S_ISREG (sb.st_mode)) {
|
||||||
* Create the new file and copy the contents. The new
|
err = copy_special (src, dst, reset_selinux, &sb, mt,
|
||||||
* file will be owned by the provided UID and GID values.
|
old_uid, new_uid, old_gid, new_gid);
|
||||||
*/
|
}
|
||||||
|
|
||||||
else {
|
/*
|
||||||
err = copy_file (src, dst, reset_selinux, &sb, mt,
|
* Create the new file and copy the contents. The new
|
||||||
old_uid, new_uid, old_gid, new_gid);
|
* file will be owned by the provided UID and GID values.
|
||||||
}
|
*/
|
||||||
|
|
||||||
|
else {
|
||||||
|
err = copy_file (src, dst, reset_selinux, &sb, mt,
|
||||||
|
old_uid, new_uid, old_gid, new_gid);
|
||||||
}
|
}
|
||||||
|
|
||||||
return err;
|
return err;
|
||||||
@@ -596,7 +583,7 @@ static /*@null@*/char *readlink_malloc (const char *filename)
|
|||||||
* Return 0 on success, -1 on error.
|
* Return 0 on success, -1 on error.
|
||||||
*/
|
*/
|
||||||
static int copy_symlink (const struct path_info *src, const struct path_info *dst,
|
static int copy_symlink (const struct path_info *src, const struct path_info *dst,
|
||||||
unused bool reset_selinux,
|
MAYBE_UNUSED bool reset_selinux,
|
||||||
const struct stat *statp, const struct timespec mt[],
|
const struct stat *statp, const struct timespec mt[],
|
||||||
uid_t old_uid, uid_t new_uid,
|
uid_t old_uid, uid_t new_uid,
|
||||||
gid_t old_gid, gid_t new_gid)
|
gid_t old_gid, gid_t new_gid)
|
||||||
@@ -624,13 +611,11 @@ static int copy_symlink (const struct path_info *src, const struct path_info *ds
|
|||||||
* create a link to the corresponding entry in the dst_orig
|
* create a link to the corresponding entry in the dst_orig
|
||||||
* directory.
|
* directory.
|
||||||
*/
|
*/
|
||||||
if (strncmp (oldlink, src_orig, strlen (src_orig)) == 0) {
|
if (strncmp(oldlink, src_orig, strlen(src_orig)) == 0) {
|
||||||
size_t len = strlen (dst_orig) + strlen (oldlink) - strlen (src_orig) + 1;
|
char *dummy;
|
||||||
char *dummy = XMALLOC(len, char);
|
|
||||||
(void) snprintf (dummy, len, "%s%s",
|
xasprintf(&dummy, "%s%s", dst_orig, oldlink + strlen(src_orig));
|
||||||
dst_orig,
|
free(oldlink);
|
||||||
oldlink + strlen (src_orig));
|
|
||||||
free (oldlink);
|
|
||||||
oldlink = dummy;
|
oldlink = dummy;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -670,7 +655,7 @@ static int copy_symlink (const struct path_info *src, const struct path_info *ds
|
|||||||
* Return 0 on success, -1 on error.
|
* Return 0 on success, -1 on error.
|
||||||
*/
|
*/
|
||||||
static int copy_hardlink (const struct path_info *dst,
|
static int copy_hardlink (const struct path_info *dst,
|
||||||
unused bool reset_selinux,
|
MAYBE_UNUSED bool reset_selinux,
|
||||||
struct link_name *lp)
|
struct link_name *lp)
|
||||||
{
|
{
|
||||||
/* FIXME: selinux, ACL, Extended Attributes needed? */
|
/* FIXME: selinux, ACL, Extended Attributes needed? */
|
||||||
@@ -689,6 +674,7 @@ static int copy_hardlink (const struct path_info *dst,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* copy_special - copy a special file
|
* copy_special - copy a special file
|
||||||
*
|
*
|
||||||
@@ -699,29 +685,33 @@ static int copy_hardlink (const struct path_info *dst,
|
|||||||
*
|
*
|
||||||
* Return 0 on success, -1 on error.
|
* Return 0 on success, -1 on error.
|
||||||
*/
|
*/
|
||||||
static int copy_special (const struct path_info *src, const struct path_info *dst,
|
static int
|
||||||
bool reset_selinux,
|
copy_special(const struct path_info *src, const struct path_info *dst,
|
||||||
const struct stat *statp, const struct timespec mt[],
|
bool reset_selinux,
|
||||||
uid_t old_uid, uid_t new_uid,
|
const struct stat *statp, const struct timespec mt[],
|
||||||
gid_t old_gid, gid_t new_gid)
|
uid_t old_uid, uid_t new_uid,
|
||||||
|
gid_t old_gid, gid_t new_gid)
|
||||||
{
|
{
|
||||||
int err = 0;
|
#if defined(WITH_SELINUX)
|
||||||
|
if (set_selinux_file_context(dst->full_path, statp->st_mode & S_IFMT) != 0)
|
||||||
#ifdef WITH_SELINUX
|
|
||||||
if (set_selinux_file_context (dst->full_path, statp->st_mode & S_IFMT) != 0) {
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
#endif
|
||||||
#endif /* WITH_SELINUX */
|
|
||||||
|
|
||||||
if ( (mknodat (dst->dirfd, dst->name, statp->st_mode & ~07777U, statp->st_rdev) != 0)
|
if (mknodat(dst->dirfd, dst->name, statp->st_mode & ~07777U, statp->st_rdev) == -1)
|
||||||
|| (chownat_if_needed (dst, statp,
|
return -1;
|
||||||
old_uid, new_uid, old_gid, new_gid) != 0)
|
|
||||||
|| (fchmodat (dst->dirfd, dst->name, statp->st_mode & 07777, AT_SYMLINK_NOFOLLOW) != 0)
|
if (chownat_if_needed(dst, statp, old_uid, new_uid, old_gid, new_gid) == -1)
|
||||||
#ifdef WITH_ACL
|
return -1;
|
||||||
|| ( (perm_copy_path (src, dst, &ctx) != 0)
|
|
||||||
&& (errno != 0))
|
if (fchmodat(dst->dirfd, dst->name, statp->st_mode & 07777, AT_SYMLINK_NOFOLLOW) == -1)
|
||||||
#endif /* WITH_ACL */
|
return -1;
|
||||||
#ifdef WITH_ATTR
|
|
||||||
|
#if defined(WITH_ACL)
|
||||||
|
if (perm_copy_path(src, dst, &ctx) == -1 && errno != 0)
|
||||||
|
return -1;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(WITH_ATTR)
|
||||||
/*
|
/*
|
||||||
* If the third parameter is NULL, all extended attributes
|
* If the third parameter is NULL, all extended attributes
|
||||||
* except those that define Access Control Lists are copied.
|
* except those that define Access Control Lists are copied.
|
||||||
@@ -729,15 +719,16 @@ static int copy_special (const struct path_info *src, const struct path_info *ds
|
|||||||
* file systems with and without ACL support needs some
|
* file systems with and without ACL support needs some
|
||||||
* additional logic so that no unexpected permissions result.
|
* additional logic so that no unexpected permissions result.
|
||||||
*/
|
*/
|
||||||
|| ( !reset_selinux
|
if (!reset_selinux) {
|
||||||
&& (attr_copy_path (src, dst, NULL, &ctx) != 0)
|
if (attr_copy_path(src, dst, NULL, &ctx) == -1 && errno != 0)
|
||||||
&& (errno != 0))
|
return -1;
|
||||||
#endif /* WITH_ATTR */
|
|
||||||
|| (utimensat (dst->dirfd, dst->name, mt, AT_SYMLINK_NOFOLLOW) != 0)) {
|
|
||||||
err = -1;
|
|
||||||
}
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
return err;
|
if (utimensat(dst->dirfd, dst->name, mt, AT_SYMLINK_NOFOLLOW) == -1)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -816,7 +807,7 @@ static int copy_file (const struct path_info *src, const struct path_info *dst,
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (write_full (ofd, buf, cnt) < 0) {
|
if (write_full(ofd, buf, cnt) == -1) {
|
||||||
(void) close (ofd);
|
(void) close (ofd);
|
||||||
(void) close (ifd);
|
(void) close (ifd);
|
||||||
return -1;
|
return -1;
|
||||||
@@ -824,7 +815,7 @@ static int copy_file (const struct path_info *src, const struct path_info *dst,
|
|||||||
}
|
}
|
||||||
|
|
||||||
(void) close (ifd);
|
(void) close (ifd);
|
||||||
if (close (ofd) != 0) {
|
if (close (ofd) != 0 && errno != EINTR) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -20,6 +20,7 @@
|
|||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "shadowlog.h"
|
#include "shadowlog.h"
|
||||||
|
#include "sizeof.h"
|
||||||
|
|
||||||
|
|
||||||
static uint32_t csrand_uniform32(uint32_t n);
|
static uint32_t csrand_uniform32(uint32_t n);
|
||||||
+22
-56
@@ -25,6 +25,7 @@
|
|||||||
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
|
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
@@ -47,20 +48,6 @@
|
|||||||
#include <sys/time.h>
|
#include <sys/time.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
|
|
||||||
#ifdef HAVE_MEMSET_EXPLICIT
|
|
||||||
# define memzero(ptr, size) memset_explicit((ptr), 0, (size))
|
|
||||||
#elif defined HAVE_EXPLICIT_BZERO /* !HAVE_MEMSET_S */
|
|
||||||
# define memzero(ptr, size) explicit_bzero((ptr), (size))
|
|
||||||
#else /* !HAVE_MEMSET_S && HAVE_EXPLICIT_BZERO */
|
|
||||||
static inline void memzero(void *ptr, size_t size)
|
|
||||||
{
|
|
||||||
ptr = memset(ptr, '\0', size);
|
|
||||||
__asm__ __volatile__ ("" : : "r"(ptr) : "memory");
|
|
||||||
}
|
|
||||||
#endif /* !HAVE_MEMSET_S && !HAVE_EXPLICIT_BZERO */
|
|
||||||
|
|
||||||
#define strzero(s) memzero(s, strlen(s)) /* warning: evaluates twice */
|
|
||||||
|
|
||||||
#include <dirent.h>
|
#include <dirent.h>
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -153,34 +140,15 @@ static inline void memzero(void *ptr, size_t size)
|
|||||||
*
|
*
|
||||||
* DAY - seconds / day
|
* DAY - seconds / day
|
||||||
* WEEK - seconds / week
|
* WEEK - seconds / week
|
||||||
* SCALE - seconds / aging unit
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* Solaris defines this in shadow.h */
|
/* Solaris defines this in shadow.h */
|
||||||
#ifndef DAY
|
#ifndef DAY
|
||||||
#define DAY (24L*3600L)
|
#define DAY ((time_t) 24 * 3600)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define WEEK (7*DAY)
|
#define WEEK (7*DAY)
|
||||||
|
|
||||||
#ifdef ITI_AGING
|
|
||||||
#define SCALE 1
|
|
||||||
#else
|
|
||||||
#define SCALE DAY
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#define WIDTHOF(x) (sizeof(x) * CHAR_BIT)
|
|
||||||
#define NITEMS(arr) (sizeof((arr)) / sizeof((arr)[0]))
|
|
||||||
#define STRLEN(s) (NITEMS(s) - 1)
|
|
||||||
|
|
||||||
/* Copy string pointed by B to array A with size checking. It was originally
|
|
||||||
in lmain.c but is _very_ useful elsewhere. Some setuid root programs with
|
|
||||||
very sloppy coding used to assume that BUFSIZ will always be enough... */
|
|
||||||
|
|
||||||
/* danger - side effects */
|
|
||||||
#define STRFCPY(A,B) \
|
|
||||||
(strncpy((A), (B), sizeof(A) - 1), (A)[sizeof(A) - 1] = '\0')
|
|
||||||
|
|
||||||
#ifndef PASSWD_FILE
|
#ifndef PASSWD_FILE
|
||||||
#define PASSWD_FILE "/etc/passwd"
|
#define PASSWD_FILE "/etc/passwd"
|
||||||
#endif
|
#endif
|
||||||
@@ -193,6 +161,14 @@ static inline void memzero(void *ptr, size_t size)
|
|||||||
#define SHADOW_FILE "/etc/shadow"
|
#define SHADOW_FILE "/etc/shadow"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifndef SUBUID_FILE
|
||||||
|
#define SUBUID_FILE "/etc/subuid"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#ifndef SUBGID_FILE
|
||||||
|
#define SUBGID_FILE "/etc/subgid"
|
||||||
|
#endif
|
||||||
|
|
||||||
#ifdef SHADOWGRP
|
#ifdef SHADOWGRP
|
||||||
#ifndef SGROUP_FILE
|
#ifndef SGROUP_FILE
|
||||||
#define SGROUP_FILE "/etc/gshadow"
|
#define SGROUP_FILE "/etc/gshadow"
|
||||||
@@ -208,43 +184,33 @@ static inline void memzero(void *ptr, size_t size)
|
|||||||
#define SHADOW_PASSWD_STRING "x"
|
#define SHADOW_PASSWD_STRING "x"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define SHADOW_SP_FLAG_UNSET ((unsigned long int)-1)
|
#define SHADOW_SP_FLAG_UNSET ((unsigned long)-1)
|
||||||
|
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
#ifdef __u8 /* in case we use pam < 0.80 */
|
/* in case we use pam < 0.80 */
|
||||||
#undef __u8
|
#undef __u8
|
||||||
#endif
|
|
||||||
#ifdef __u32
|
|
||||||
#undef __u32
|
#undef __u32
|
||||||
#endif
|
|
||||||
|
|
||||||
#include <libaudit.h>
|
#include <libaudit.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* To be used for verified unused parameters */
|
|
||||||
#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
|
|
||||||
# define unused __attribute__((unused))
|
|
||||||
# define NORETURN __attribute__((__noreturn__))
|
|
||||||
# define format_attr(type, index, check) __attribute__((format (type, index, check)))
|
|
||||||
#else
|
|
||||||
# define unused
|
|
||||||
# define NORETURN
|
|
||||||
# define format_attr(type, index, check)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/* Maximum length of passwd entry */
|
/* Maximum length of passwd entry */
|
||||||
#define PASSWD_ENTRY_MAX_LENGTH 32768
|
#define PASSWD_ENTRY_MAX_LENGTH 32768
|
||||||
|
|
||||||
#if (__GNUC__ >= 11) && !defined(__clang__)
|
|
||||||
# define ATTR_MALLOC(deallocator) [[gnu::malloc(deallocator)]]
|
|
||||||
#else
|
|
||||||
# define ATTR_MALLOC(deallocator)
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef HAVE_SECURE_GETENV
|
#ifdef HAVE_SECURE_GETENV
|
||||||
# define shadow_getenv(name) secure_getenv(name)
|
# define shadow_getenv(name) secure_getenv(name)
|
||||||
# else
|
# else
|
||||||
# define shadow_getenv(name) getenv(name)
|
# define shadow_getenv(name) getenv(name)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Maximum password length
|
||||||
|
*
|
||||||
|
* Consider that there is also limit in PAM (PAM_MAX_RESP_SIZE)
|
||||||
|
* currently set to 512.
|
||||||
|
*/
|
||||||
|
#if !defined(PASS_MAX)
|
||||||
|
#define PASS_MAX BUFSIZ - 1
|
||||||
|
#endif
|
||||||
|
|
||||||
#endif /* _DEFINES_H_ */
|
#endif /* _DEFINES_H_ */
|
||||||
|
|||||||
+21
-38
@@ -20,6 +20,9 @@
|
|||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "shadowlog.h"
|
#include "shadowlog.h"
|
||||||
|
#include "string/sprintf.h"
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* NEWENVP_STEP must be a power of two. This is the number
|
* NEWENVP_STEP must be a power of two. This is the number
|
||||||
* of (char *) pointers to allocate at a time, to avoid using
|
* of (char *) pointers to allocate at a time, to avoid using
|
||||||
@@ -67,16 +70,11 @@ void initenv (void)
|
|||||||
|
|
||||||
void addenv (const char *string, /*@null@*/const char *value)
|
void addenv (const char *string, /*@null@*/const char *value)
|
||||||
{
|
{
|
||||||
char *cp, *newstring;
|
char *cp, *newstring;
|
||||||
size_t i;
|
size_t i, n;
|
||||||
size_t n;
|
|
||||||
|
|
||||||
if (NULL != value) {
|
if (NULL != value) {
|
||||||
size_t len = strlen (string) + strlen (value) + 2;
|
xasprintf(&newstring, "%s=%s", string, value);
|
||||||
int wlen;
|
|
||||||
newstring = XMALLOC(len, char);
|
|
||||||
wlen = snprintf (newstring, len, "%s=%s", string, value);
|
|
||||||
assert (wlen == (int) len -1);
|
|
||||||
} else {
|
} else {
|
||||||
newstring = xstrdup (string);
|
newstring = xstrdup (string);
|
||||||
}
|
}
|
||||||
@@ -88,7 +86,7 @@ void addenv (const char *string, /*@null@*/const char *value)
|
|||||||
|
|
||||||
cp = strchr (newstring, '=');
|
cp = strchr (newstring, '=');
|
||||||
if (NULL == cp) {
|
if (NULL == cp) {
|
||||||
free (newstring);
|
free(newstring);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -105,7 +103,7 @@ void addenv (const char *string, /*@null@*/const char *value)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (i < newenvc) {
|
if (i < newenvc) {
|
||||||
free (newenvp[i]);
|
free(newenvp[i]);
|
||||||
newenvp[i] = newstring;
|
newenvp[i] = newstring;
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -129,30 +127,18 @@ void addenv (const char *string, /*@null@*/const char *value)
|
|||||||
|
|
||||||
if ((newenvc & (NEWENVP_STEP - 1)) == 0) {
|
if ((newenvc & (NEWENVP_STEP - 1)) == 0) {
|
||||||
bool update_environ;
|
bool update_environ;
|
||||||
char **__newenvp;
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If the resize operation succeeds we can
|
|
||||||
* happily go on, else print a message.
|
|
||||||
*/
|
|
||||||
update_environ = (environ == newenvp);
|
update_environ = (environ == newenvp);
|
||||||
|
|
||||||
__newenvp = REALLOC(newenvp, newenvc + NEWENVP_STEP, char *);
|
newenvp = XREALLOC(newenvp, newenvc + NEWENVP_STEP, char *);
|
||||||
|
|
||||||
if (NULL != __newenvp) {
|
/*
|
||||||
/*
|
* If this is our current environment, update
|
||||||
* If this is our current environment, update
|
* environ so that it doesn't point to some
|
||||||
* environ so that it doesn't point to some
|
* free memory area (realloc() could move it).
|
||||||
* free memory area (realloc() could move it).
|
*/
|
||||||
*/
|
if (update_environ)
|
||||||
if (update_environ)
|
environ = newenvp;
|
||||||
environ = __newenvp;
|
|
||||||
newenvp = __newenvp;
|
|
||||||
} else {
|
|
||||||
(void) fputs (_("Environment overflow\n"), log_get_logfd());
|
|
||||||
newenvc--;
|
|
||||||
free (newenvp[newenvc]);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -168,9 +154,9 @@ void addenv (const char *string, /*@null@*/const char *value)
|
|||||||
*/
|
*/
|
||||||
void set_env (int argc, char *const *argv)
|
void set_env (int argc, char *const *argv)
|
||||||
{
|
{
|
||||||
int noname = 1;
|
int noname = 1;
|
||||||
char variable[1024];
|
char variable[1024];
|
||||||
char *cp;
|
char *cp;
|
||||||
|
|
||||||
for (; argc > 0; argc--, argv++) {
|
for (; argc > 0; argc--, argv++) {
|
||||||
if (strlen (*argv) >= sizeof variable) {
|
if (strlen (*argv) >= sizeof variable) {
|
||||||
@@ -179,9 +165,7 @@ void set_env (int argc, char *const *argv)
|
|||||||
|
|
||||||
cp = strchr (*argv, '=');
|
cp = strchr (*argv, '=');
|
||||||
if (NULL == cp) {
|
if (NULL == cp) {
|
||||||
int wlen;
|
assert(SNPRINTF(variable, "L%d", noname) != -1);
|
||||||
wlen = snprintf (variable, sizeof variable, "L%d", noname);
|
|
||||||
assert (wlen < (int) sizeof(variable));
|
|
||||||
noname++;
|
noname++;
|
||||||
addenv (variable, *argv);
|
addenv (variable, *argv);
|
||||||
} else {
|
} else {
|
||||||
@@ -194,8 +178,7 @@ void set_env (int argc, char *const *argv)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (NULL != *p) {
|
if (NULL != *p) {
|
||||||
strncpy (variable, *argv, (size_t)(cp - *argv));
|
stpcpy(mempcpy(variable, *argv, (size_t)(cp - *argv)), "");
|
||||||
variable[cp - *argv] = '\0';
|
|
||||||
printf (_("You may not change $%s\n"),
|
printf (_("You may not change $%s\n"),
|
||||||
variable);
|
variable);
|
||||||
continue;
|
continue;
|
||||||
@@ -14,10 +14,16 @@
|
|||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
|
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "faillog.h"
|
#include "faillog.h"
|
||||||
#include "failure.h"
|
#include "failure.h"
|
||||||
|
#include "memzero.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
#include "string/strftime.h"
|
||||||
|
#include "string/strtcpy.h"
|
||||||
|
|
||||||
|
|
||||||
#define YEAR (365L*DAY)
|
#define YEAR (365L*DAY)
|
||||||
/*
|
/*
|
||||||
* failure - make failure entry
|
* failure - make failure entry
|
||||||
@@ -41,7 +47,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
|
|||||||
fd = open (FAILLOG_FILE, O_RDWR);
|
fd = open (FAILLOG_FILE, O_RDWR);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
SYSLOG ((LOG_WARN,
|
SYSLOG ((LOG_WARN,
|
||||||
"Can't write faillog entry for UID %lu in %s.",
|
"Can't write faillog entry for UID %lu in %s: %m",
|
||||||
(unsigned long) uid, FAILLOG_FILE));
|
(unsigned long) uid, FAILLOG_FILE));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
@@ -75,7 +81,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
|
|||||||
fl->fail_cnt++;
|
fl->fail_cnt++;
|
||||||
}
|
}
|
||||||
|
|
||||||
strncpy (fl->fail_line, tty, sizeof (fl->fail_line) - 1);
|
STRTCPY(fl->fail_line, tty);
|
||||||
(void) time (&fl->fail_time);
|
(void) time (&fl->fail_time);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -86,13 +92,26 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
|
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
|
||||||
|| (write_full (fd, fl, sizeof *fl) != (ssize_t) sizeof *fl)
|
|| (write_full(fd, fl, sizeof *fl) == -1)) {
|
||||||
|| (close (fd) != 0)) {
|
goto err_write;
|
||||||
SYSLOG ((LOG_WARN,
|
|
||||||
"Can't write faillog entry for UID %lu in %s.",
|
|
||||||
(unsigned long) uid, FAILLOG_FILE));
|
|
||||||
(void) close (fd);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (close (fd) != 0 && errno != EINTR) {
|
||||||
|
goto err_close;
|
||||||
|
}
|
||||||
|
|
||||||
|
return;
|
||||||
|
|
||||||
|
err_write:
|
||||||
|
{
|
||||||
|
int saved_errno = errno;
|
||||||
|
(void) close (fd);
|
||||||
|
errno = saved_errno;
|
||||||
|
}
|
||||||
|
err_close:
|
||||||
|
SYSLOG ((LOG_WARN,
|
||||||
|
"Can't write faillog entry for UID %lu to %s: %m",
|
||||||
|
(unsigned long) uid, FAILLOG_FILE));
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool too_many_failures (const struct faillog *fl)
|
static bool too_many_failures (const struct faillog *fl)
|
||||||
@@ -144,7 +163,7 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
|
|||||||
fd = open (FAILLOG_FILE, failed?O_RDONLY:O_RDWR);
|
fd = open (FAILLOG_FILE, failed?O_RDONLY:O_RDWR);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
SYSLOG ((LOG_WARN,
|
SYSLOG ((LOG_WARN,
|
||||||
"Can't open the faillog file (%s) to check UID %lu. "
|
"Can't open the faillog file (%s) to check UID %lu: %m; "
|
||||||
"User access authorized.",
|
"User access authorized.",
|
||||||
FAILLOG_FILE, (unsigned long) uid));
|
FAILLOG_FILE, (unsigned long) uid));
|
||||||
return 1;
|
return 1;
|
||||||
@@ -185,18 +204,30 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
|
|||||||
fail.fail_cnt = 0;
|
fail.fail_cnt = 0;
|
||||||
|
|
||||||
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
|
if ( (lseek (fd, offset_uid, SEEK_SET) != offset_uid)
|
||||||
|| (write_full (fd, &fail, sizeof fail) != (ssize_t) sizeof fail)
|
|| (write_full(fd, &fail, sizeof fail) == -1)) {
|
||||||
|| (close (fd) != 0)) {
|
goto err_write;
|
||||||
SYSLOG ((LOG_WARN,
|
}
|
||||||
"Can't reset faillog entry for UID %lu in %s.",
|
|
||||||
(unsigned long) uid, FAILLOG_FILE));
|
if (close (fd) != 0 && errno != EINTR) {
|
||||||
(void) close (fd);
|
goto err_close;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
(void) close (fd);
|
(void) close (fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
|
err_write:
|
||||||
|
{
|
||||||
|
int saved_errno = errno;
|
||||||
|
(void) close (fd);
|
||||||
|
errno = saved_errno;
|
||||||
|
}
|
||||||
|
err_close:
|
||||||
|
SYSLOG ((LOG_WARN,
|
||||||
|
"Can't reset faillog entry for UID %lu in %s: %m",
|
||||||
|
(unsigned long) uid, FAILLOG_FILE));
|
||||||
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -223,7 +254,7 @@ void failprint (const struct faillog *fail)
|
|||||||
/*
|
/*
|
||||||
* Print all information we have.
|
* Print all information we have.
|
||||||
*/
|
*/
|
||||||
(void) strftime (lasttimeb, sizeof lasttimeb, "%c", tp);
|
STRFTIME(lasttimeb, "%c", tp);
|
||||||
|
|
||||||
/*@-formatconst@*/
|
/*@-formatconst@*/
|
||||||
(void) printf (ngettext ("%d failure since last login.\n"
|
(void) printf (ngettext ("%d failure since last login.\n"
|
||||||
@@ -0,0 +1,41 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2024, Skyler Ferrante <sjf5462@rit.edu>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
/**
|
||||||
|
* To protect against file descriptor omission attacks, we open the std file
|
||||||
|
* descriptors with /dev/null if they are not already open. Code is based on
|
||||||
|
* fix_fds from sudo.c.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <fcntl.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
#include "prototypes.h"
|
||||||
|
|
||||||
|
static void check_fd(int fd);
|
||||||
|
|
||||||
|
void
|
||||||
|
check_fds(void)
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Make sure stdin, stdout, stderr are open
|
||||||
|
* If they are closed, set them to /dev/null
|
||||||
|
*/
|
||||||
|
check_fd(STDIN_FILENO);
|
||||||
|
check_fd(STDOUT_FILENO);
|
||||||
|
check_fd(STDERR_FILENO);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void
|
||||||
|
check_fd(int fd)
|
||||||
|
{
|
||||||
|
int devnull;
|
||||||
|
|
||||||
|
if (fcntl(fd, F_GETFL, 0) != -1)
|
||||||
|
return;
|
||||||
|
|
||||||
|
devnull = open("/dev/null", O_RDWR);
|
||||||
|
if (devnull != fd)
|
||||||
|
abort();
|
||||||
|
}
|
||||||
@@ -232,14 +232,13 @@ int find_new_uid(bool sys_user,
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/* Create an array to hold all of the discovered UIDs */
|
/* Create an array to hold all of the discovered UIDs */
|
||||||
used_uids = MALLOC(uid_max + 1, bool);
|
used_uids = CALLOC(uid_max + 1, bool);
|
||||||
if (NULL == used_uids) {
|
if (NULL == used_uids) {
|
||||||
fprintf (log_get_logfd(),
|
fprintf (log_get_logfd(),
|
||||||
_("%s: failed to allocate memory: %s\n"),
|
_("%s: failed to allocate memory: %s\n"),
|
||||||
log_get_progname(), strerror (errno));
|
log_get_progname(), strerror (errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
memset (used_uids, false, sizeof (bool) * (uid_max + 1));
|
|
||||||
|
|
||||||
/* First look for the lowest and highest value in the local database */
|
/* First look for the lowest and highest value in the local database */
|
||||||
(void) pw_rewind ();
|
(void) pw_rewind ();
|
||||||
+2
-1
@@ -16,7 +16,8 @@
|
|||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
|
|
||||||
/*@null@*/char *fgetsx (/*@returned@*/ /*@out@*/char *buf, int cnt, FILE * f)
|
/*@null@*/char *
|
||||||
|
fgetsx(/*@returned@*/char *restrict buf, int cnt, FILE *restrict f)
|
||||||
{
|
{
|
||||||
char *cp = buf;
|
char *cp = buf;
|
||||||
char *ep;
|
char *ep;
|
||||||
|
|||||||
+11
-8
@@ -4,6 +4,7 @@
|
|||||||
* SPDX-License-Identifier: BSD-3-Clause
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
@@ -11,21 +12,23 @@
|
|||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
|
|
||||||
int get_gid (const char *gidstr, gid_t *gid)
|
|
||||||
|
int
|
||||||
|
get_gid(const char *gidstr, gid_t *gid)
|
||||||
{
|
{
|
||||||
long long int val;
|
char *end;
|
||||||
char *endptr;
|
long long val;
|
||||||
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
val = strtoll (gidstr, &endptr, 10);
|
val = strtoll(gidstr, &end, 10);
|
||||||
if ( ('\0' == *gidstr)
|
if ( ('\0' == *gidstr)
|
||||||
|| ('\0' != *endptr)
|
|| ('\0' != *end)
|
||||||
|| (ERANGE == errno)
|
|| (0 != errno)
|
||||||
|| (/*@+longintegral@*/val != (gid_t)val)/*@=longintegral@*/) {
|
|| (/*@+longintegral@*/val != (gid_t)val)/*@=longintegral@*/) {
|
||||||
return 0;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
*gid = val;
|
*gid = val;
|
||||||
return 1;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+23
-22
@@ -14,23 +14,27 @@
|
|||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
|
|
||||||
int get_pid (const char *pidstr, pid_t *pid)
|
#include "string/sprintf.h"
|
||||||
|
|
||||||
|
|
||||||
|
int
|
||||||
|
get_pid(const char *pidstr, pid_t *pid)
|
||||||
{
|
{
|
||||||
long long int val;
|
char *end;
|
||||||
char *endptr;
|
long long val;
|
||||||
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
val = strtoll (pidstr, &endptr, 10);
|
val = strtoll(pidstr, &end, 10);
|
||||||
if ( ('\0' == *pidstr)
|
if ( ('\0' == *pidstr)
|
||||||
|| ('\0' != *endptr)
|
|| ('\0' != *end)
|
||||||
|| (ERANGE == errno)
|
|| (0 != errno)
|
||||||
|| (val < 1)
|
|| (val < 1)
|
||||||
|| (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
|
|| (/*@+longintegral@*/val != (pid_t)val)/*@=longintegral@*/) {
|
||||||
return 0;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
*pid = val;
|
*pid = val;
|
||||||
return 1;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -40,16 +44,16 @@ int get_pid (const char *pidstr, pid_t *pid)
|
|||||||
*/
|
*/
|
||||||
int get_pidfd_from_fd(const char *pidfdstr)
|
int get_pidfd_from_fd(const char *pidfdstr)
|
||||||
{
|
{
|
||||||
long long int val;
|
char *end;
|
||||||
char *endptr;
|
long long val;
|
||||||
struct stat st;
|
struct stat st;
|
||||||
dev_t proc_st_dev, proc_st_rdev;
|
dev_t proc_st_dev, proc_st_rdev;
|
||||||
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
val = strtoll (pidfdstr, &endptr, 10);
|
val = strtoll(pidfdstr, &end, 10);
|
||||||
if ( ('\0' == *pidfdstr)
|
if ( ('\0' == *pidfdstr)
|
||||||
|| ('\0' != *endptr)
|
|| ('\0' != *end)
|
||||||
|| (ERANGE == errno)
|
|| (0 != errno)
|
||||||
|| (val < 0)
|
|| (val < 0)
|
||||||
|| (/*@+longintegral@*/val != (int)val)/*@=longintegral@*/) {
|
|| (/*@+longintegral@*/val != (int)val)/*@=longintegral@*/) {
|
||||||
return -1;
|
return -1;
|
||||||
@@ -75,18 +79,15 @@ int get_pidfd_from_fd(const char *pidfdstr)
|
|||||||
|
|
||||||
int open_pidfd(const char *pidstr)
|
int open_pidfd(const char *pidstr)
|
||||||
{
|
{
|
||||||
int proc_dir_fd;
|
int proc_dir_fd;
|
||||||
int written;
|
char proc_dir_name[32];
|
||||||
char proc_dir_name[32];
|
pid_t target;
|
||||||
pid_t target;
|
|
||||||
|
|
||||||
if (get_pid(pidstr, &target) == 0)
|
if (get_pid(pidstr, &target) == -1)
|
||||||
return -ENOENT;
|
return -ENOENT;
|
||||||
|
|
||||||
/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
|
/* max string length is 6 + 10 + 1 + 1 = 18, allocate 32 bytes */
|
||||||
written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/",
|
if (SNPRINTF(proc_dir_name, "/proc/%u/", target) == -1) {
|
||||||
target);
|
|
||||||
if ((written <= 0) || ((size_t)written >= sizeof(proc_dir_name))) {
|
|
||||||
fprintf(stderr, "snprintf of proc path failed for %u: %s\n",
|
fprintf(stderr, "snprintf of proc path failed for %u: %s\n",
|
||||||
target, strerror(errno));
|
target, strerror(errno));
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|||||||
+11
-8
@@ -4,6 +4,7 @@
|
|||||||
* SPDX-License-Identifier: BSD-3-Clause
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
@@ -11,21 +12,23 @@
|
|||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
|
|
||||||
int get_uid (const char *uidstr, uid_t *uid)
|
|
||||||
|
int
|
||||||
|
get_uid(const char *uidstr, uid_t *uid)
|
||||||
{
|
{
|
||||||
long long int val;
|
char *end;
|
||||||
char *endptr;
|
long long val;
|
||||||
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
val = strtoll (uidstr, &endptr, 10);
|
val = strtoll(uidstr, &end, 10);
|
||||||
if ( ('\0' == *uidstr)
|
if ( ('\0' == *uidstr)
|
||||||
|| ('\0' != *endptr)
|
|| ('\0' != *end)
|
||||||
|| (ERANGE == errno)
|
|| (0 != errno)
|
||||||
|| (/*@+longintegral@*/val != (uid_t)val)/*@=longintegral@*/) {
|
|| (/*@+longintegral@*/val != (uid_t)val)/*@=longintegral@*/) {
|
||||||
return 0;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
*uid = val;
|
*uid = val;
|
||||||
return 1;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -28,6 +28,7 @@
|
|||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
|
|
||||||
|
#include "attr.h"
|
||||||
#include "getdate.h"
|
#include "getdate.h"
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
@@ -318,7 +319,7 @@ relunit : tUNUMBER tYEAR_UNIT {
|
|||||||
yyRelYear += $1 * $2;
|
yyRelYear += $1 * $2;
|
||||||
}
|
}
|
||||||
| tYEAR_UNIT {
|
| tYEAR_UNIT {
|
||||||
yyRelYear++;
|
yyRelYear += $1;
|
||||||
}
|
}
|
||||||
| tUNUMBER tMONTH_UNIT {
|
| tUNUMBER tMONTH_UNIT {
|
||||||
yyRelMonth += $1 * $2;
|
yyRelMonth += $1 * $2;
|
||||||
@@ -327,7 +328,7 @@ relunit : tUNUMBER tYEAR_UNIT {
|
|||||||
yyRelMonth += $1 * $2;
|
yyRelMonth += $1 * $2;
|
||||||
}
|
}
|
||||||
| tMONTH_UNIT {
|
| tMONTH_UNIT {
|
||||||
yyRelMonth++;
|
yyRelMonth += $1;
|
||||||
}
|
}
|
||||||
| tUNUMBER tDAY_UNIT {
|
| tUNUMBER tDAY_UNIT {
|
||||||
yyRelDay += $1 * $2;
|
yyRelDay += $1 * $2;
|
||||||
@@ -336,7 +337,7 @@ relunit : tUNUMBER tYEAR_UNIT {
|
|||||||
yyRelDay += $1 * $2;
|
yyRelDay += $1 * $2;
|
||||||
}
|
}
|
||||||
| tDAY_UNIT {
|
| tDAY_UNIT {
|
||||||
yyRelDay++;
|
yyRelDay += $1;
|
||||||
}
|
}
|
||||||
| tUNUMBER tHOUR_UNIT {
|
| tUNUMBER tHOUR_UNIT {
|
||||||
yyRelHour += $1 * $2;
|
yyRelHour += $1 * $2;
|
||||||
@@ -345,7 +346,7 @@ relunit : tUNUMBER tYEAR_UNIT {
|
|||||||
yyRelHour += $1 * $2;
|
yyRelHour += $1 * $2;
|
||||||
}
|
}
|
||||||
| tHOUR_UNIT {
|
| tHOUR_UNIT {
|
||||||
yyRelHour++;
|
yyRelHour += $1;
|
||||||
}
|
}
|
||||||
| tUNUMBER tMINUTE_UNIT {
|
| tUNUMBER tMINUTE_UNIT {
|
||||||
yyRelMinutes += $1 * $2;
|
yyRelMinutes += $1 * $2;
|
||||||
@@ -354,7 +355,7 @@ relunit : tUNUMBER tYEAR_UNIT {
|
|||||||
yyRelMinutes += $1 * $2;
|
yyRelMinutes += $1 * $2;
|
||||||
}
|
}
|
||||||
| tMINUTE_UNIT {
|
| tMINUTE_UNIT {
|
||||||
yyRelMinutes++;
|
yyRelMinutes += $1;
|
||||||
}
|
}
|
||||||
| tUNUMBER tSEC_UNIT {
|
| tUNUMBER tSEC_UNIT {
|
||||||
yyRelSeconds += $1 * $2;
|
yyRelSeconds += $1 * $2;
|
||||||
@@ -363,7 +364,7 @@ relunit : tUNUMBER tYEAR_UNIT {
|
|||||||
yyRelSeconds += $1 * $2;
|
yyRelSeconds += $1 * $2;
|
||||||
}
|
}
|
||||||
| tSEC_UNIT {
|
| tSEC_UNIT {
|
||||||
yyRelSeconds++;
|
yyRelSeconds += $1;
|
||||||
}
|
}
|
||||||
;
|
;
|
||||||
|
|
||||||
@@ -569,7 +570,7 @@ static TABLE const MilitaryTable[] = {
|
|||||||
|
|
||||||
|
|
||||||
|
|
||||||
static int yyerror (unused const char *s)
|
static int yyerror (MAYBE_UNUSED const char *s)
|
||||||
{
|
{
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -922,11 +923,8 @@ time_t get_date (const char *p, const time_t *now)
|
|||||||
|
|
||||||
#if defined (TEST)
|
#if defined (TEST)
|
||||||
|
|
||||||
/* ARGSUSED */
|
|
||||||
int
|
int
|
||||||
main (ac, av)
|
main(void)
|
||||||
int ac;
|
|
||||||
char *av[];
|
|
||||||
{
|
{
|
||||||
char buff[MAX_BUFF_LEN + 1];
|
char buff[MAX_BUFF_LEN + 1];
|
||||||
time_t d;
|
time_t d;
|
||||||
+30
-34
@@ -23,8 +23,11 @@
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
|
#include "atoi/str2i.h"
|
||||||
#include "getdef.h"
|
#include "getdef.h"
|
||||||
#include "shadowlog_internal.h"
|
#include "shadowlog_internal.h"
|
||||||
|
#include "string/sprintf.h"
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* A configuration item definition.
|
* A configuration item definition.
|
||||||
@@ -37,7 +40,6 @@ struct itemdef {
|
|||||||
#define PAMDEFS \
|
#define PAMDEFS \
|
||||||
{"CHFN_AUTH", NULL}, \
|
{"CHFN_AUTH", NULL}, \
|
||||||
{"CHSH_AUTH", NULL}, \
|
{"CHSH_AUTH", NULL}, \
|
||||||
{"CRACKLIB_DICTPATH", NULL}, \
|
|
||||||
{"ENV_HZ", NULL}, \
|
{"ENV_HZ", NULL}, \
|
||||||
{"ENVIRON_FILE", NULL}, \
|
{"ENVIRON_FILE", NULL}, \
|
||||||
{"ENV_TZ", NULL}, \
|
{"ENV_TZ", NULL}, \
|
||||||
@@ -175,7 +177,7 @@ static const char* def_fname = LOGINDEFS; /* login config defs file */
|
|||||||
static bool def_loaded = false; /* are defs already loaded? */
|
static bool def_loaded = false; /* are defs already loaded? */
|
||||||
|
|
||||||
/* local function prototypes */
|
/* local function prototypes */
|
||||||
static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *);
|
static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *, const char *);
|
||||||
static void def_load (void);
|
static void def_load (void);
|
||||||
|
|
||||||
|
|
||||||
@@ -194,7 +196,7 @@ static void def_load (void);
|
|||||||
def_load ();
|
def_load ();
|
||||||
}
|
}
|
||||||
|
|
||||||
d = def_find (item);
|
d = def_find (item, NULL);
|
||||||
return (NULL == d) ? NULL : d->value;
|
return (NULL == d) ? NULL : d->value;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -213,7 +215,7 @@ bool getdef_bool (const char *item)
|
|||||||
def_load ();
|
def_load ();
|
||||||
}
|
}
|
||||||
|
|
||||||
d = def_find (item);
|
d = def_find (item, NULL);
|
||||||
if ((NULL == d) || (NULL == d->value)) {
|
if ((NULL == d) || (NULL == d->value)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@@ -239,14 +241,14 @@ int getdef_num (const char *item, int dflt)
|
|||||||
def_load ();
|
def_load ();
|
||||||
}
|
}
|
||||||
|
|
||||||
d = def_find (item);
|
d = def_find (item, NULL);
|
||||||
if ((NULL == d) || (NULL == d->value)) {
|
if ((NULL == d) || (NULL == d->value)) {
|
||||||
return dflt;
|
return dflt;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( (getlong (d->value, &val) == 0)
|
if ( (str2sl(&val, d->value) == -1)
|
||||||
|| (val > INT_MAX)
|
|| (val > INT_MAX)
|
||||||
|| (val < INT_MIN)) {
|
|| (val < -1)) {
|
||||||
fprintf (shadow_logfd,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - cannot parse %s value: '%s'"),
|
_("configuration error - cannot parse %s value: '%s'"),
|
||||||
item, d->value);
|
item, d->value);
|
||||||
@@ -274,12 +276,12 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
|
|||||||
def_load ();
|
def_load ();
|
||||||
}
|
}
|
||||||
|
|
||||||
d = def_find (item);
|
d = def_find (item, NULL);
|
||||||
if ((NULL == d) || (NULL == d->value)) {
|
if ((NULL == d) || (NULL == d->value)) {
|
||||||
return dflt;
|
return dflt;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( (getlong (d->value, &val) == 0)
|
if ( (str2sl(&val, d->value) == -1)
|
||||||
|| (val < 0)
|
|| (val < 0)
|
||||||
|| (val > INT_MAX)) {
|
|| (val > INT_MAX)) {
|
||||||
fprintf (shadow_logfd,
|
fprintf (shadow_logfd,
|
||||||
@@ -309,12 +311,12 @@ long getdef_long (const char *item, long dflt)
|
|||||||
def_load ();
|
def_load ();
|
||||||
}
|
}
|
||||||
|
|
||||||
d = def_find (item);
|
d = def_find (item, NULL);
|
||||||
if ((NULL == d) || (NULL == d->value)) {
|
if ((NULL == d) || (NULL == d->value)) {
|
||||||
return dflt;
|
return dflt;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (getlong (d->value, &val) == 0) {
|
if (str2sl(&val, d->value) == -1 || val < -1) {
|
||||||
fprintf (shadow_logfd,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - cannot parse %s value: '%s'"),
|
_("configuration error - cannot parse %s value: '%s'"),
|
||||||
item, d->value);
|
item, d->value);
|
||||||
@@ -341,12 +343,12 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
|
|||||||
def_load ();
|
def_load ();
|
||||||
}
|
}
|
||||||
|
|
||||||
d = def_find (item);
|
d = def_find (item, NULL);
|
||||||
if ((NULL == d) || (NULL == d->value)) {
|
if ((NULL == d) || (NULL == d->value)) {
|
||||||
return dflt;
|
return dflt;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (getulong (d->value, &val) == 0) {
|
if (str2ul(&val, d->value) == -1) {
|
||||||
fprintf (shadow_logfd,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - cannot parse %s value: '%s'"),
|
_("configuration error - cannot parse %s value: '%s'"),
|
||||||
item, d->value);
|
item, d->value);
|
||||||
@@ -361,7 +363,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
|
|||||||
* (also used when loading the initial defaults)
|
* (also used when loading the initial defaults)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
int putdef_str (const char *name, const char *value)
|
int putdef_str (const char *name, const char *value, const char *srcfile)
|
||||||
{
|
{
|
||||||
struct itemdef *d;
|
struct itemdef *d;
|
||||||
char *cp;
|
char *cp;
|
||||||
@@ -374,10 +376,9 @@ int putdef_str (const char *name, const char *value)
|
|||||||
* Locate the slot to save the value. If this parameter
|
* Locate the slot to save the value. If this parameter
|
||||||
* is unknown then "def_find" will print an err message.
|
* is unknown then "def_find" will print an err message.
|
||||||
*/
|
*/
|
||||||
d = def_find (name);
|
d = def_find (name, srcfile);
|
||||||
if (NULL == d) {
|
if (NULL == d)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Save off the value.
|
* Save off the value.
|
||||||
@@ -401,9 +402,12 @@ int putdef_str (const char *name, const char *value)
|
|||||||
*
|
*
|
||||||
* Search through a table of configurable items to locate the
|
* Search through a table of configurable items to locate the
|
||||||
* specified configuration option.
|
* specified configuration option.
|
||||||
|
*
|
||||||
|
* If srcfile is not NULL, and the item is not found, then report an error saying
|
||||||
|
* the unknown item was used in this file.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
|
static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name, const char *srcfile)
|
||||||
{
|
{
|
||||||
struct itemdef *ptr;
|
struct itemdef *ptr;
|
||||||
|
|
||||||
@@ -429,7 +433,8 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
|
|||||||
fprintf (shadow_logfd,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - unknown item '%s' (notify administrator)\n"),
|
_("configuration error - unknown item '%s' (notify administrator)\n"),
|
||||||
name);
|
name);
|
||||||
SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
|
if (srcfile != NULL)
|
||||||
|
SYSLOG ((LOG_CRIT, "shadow: unknown configuration item '%s' in '%s'", name, srcfile));
|
||||||
|
|
||||||
out:
|
out:
|
||||||
return NULL;
|
return NULL;
|
||||||
@@ -444,21 +449,12 @@ out:
|
|||||||
void setdef_config_file (const char* file)
|
void setdef_config_file (const char* file)
|
||||||
{
|
{
|
||||||
#ifdef USE_ECONF
|
#ifdef USE_ECONF
|
||||||
size_t len;
|
char *cp;
|
||||||
char* cp;
|
|
||||||
|
|
||||||
len = strlen(file) + strlen(sysconfdir) + 2;
|
xasprintf(&cp, "%s/%s", file, sysconfdir);
|
||||||
cp = MALLOC(len, char);
|
|
||||||
if (cp == NULL)
|
|
||||||
exit (13);
|
|
||||||
snprintf(cp, len, "%s/%s", file, sysconfdir);
|
|
||||||
sysconfdir = cp;
|
sysconfdir = cp;
|
||||||
#ifdef VENDORDIR
|
#ifdef VENDORDIR
|
||||||
len = strlen(file) + strlen(vendordir) + 2;
|
xasprintf(&cp, "%s/%s", file, vendordir);
|
||||||
cp = MALLOC(len, char);
|
|
||||||
if (cp == NULL)
|
|
||||||
exit (13);
|
|
||||||
snprintf(cp, len, "%s/%s", file, vendordir);
|
|
||||||
vendordir = cp;
|
vendordir = cp;
|
||||||
#endif
|
#endif
|
||||||
#else
|
#else
|
||||||
@@ -519,7 +515,7 @@ static void def_load (void)
|
|||||||
* The error was already reported to the user and to
|
* The error was already reported to the user and to
|
||||||
* syslog. The tools will just use their default values.
|
* syslog. The tools will just use their default values.
|
||||||
*/
|
*/
|
||||||
(void)putdef_str (keys[i], value);
|
(void)putdef_str (keys[i], value, econf_getPath(defs_file));
|
||||||
|
|
||||||
free(value);
|
free(value);
|
||||||
}
|
}
|
||||||
@@ -592,7 +588,7 @@ static void def_load (void)
|
|||||||
* The error was already reported to the user and to
|
* The error was already reported to the user and to
|
||||||
* syslog. The tools will just use their default values.
|
* syslog. The tools will just use their default values.
|
||||||
*/
|
*/
|
||||||
(void)putdef_str (name, value);
|
(void)putdef_str (name, value, def_fname);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ferror (fp) != 0) {
|
if (ferror (fp) != 0) {
|
||||||
@@ -617,7 +613,7 @@ int main (int argc, char **argv)
|
|||||||
def_load ();
|
def_load ();
|
||||||
|
|
||||||
for (i = 0; i < NUMDEFS; ++i) {
|
for (i = 0; i < NUMDEFS; ++i) {
|
||||||
d = def_find (def_table[i].name);
|
d = def_find (def_table[i].name, NULL);
|
||||||
if (NULL == d) {
|
if (NULL == d) {
|
||||||
printf ("error - lookup '%s' failed\n",
|
printf ("error - lookup '%s' failed\n",
|
||||||
def_table[i].name);
|
def_table[i].name);
|
||||||
|
|||||||
+1
-1
@@ -16,7 +16,7 @@ extern int getdef_num (const char *, int);
|
|||||||
extern unsigned long getdef_ulong (const char *, unsigned long);
|
extern unsigned long getdef_ulong (const char *, unsigned long);
|
||||||
extern unsigned int getdef_unum (const char *, unsigned int);
|
extern unsigned int getdef_unum (const char *, unsigned int);
|
||||||
extern /*@observer@*/ /*@null@*/const char *getdef_str (const char *);
|
extern /*@observer@*/ /*@null@*/const char *getdef_str (const char *);
|
||||||
extern int putdef_str (const char *, const char *);
|
extern int putdef_str (const char *, const char *, const char *);
|
||||||
extern void setdef_config_file (const char* file);
|
extern void setdef_config_file (const char* file);
|
||||||
|
|
||||||
/* default UMASK value if not specified in /etc/login.defs */
|
/* default UMASK value if not specified in /etc/login.defs */
|
||||||
|
|||||||
@@ -23,18 +23,18 @@
|
|||||||
*/
|
*/
|
||||||
extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname)
|
extern /*@only@*//*@null@*/struct group *getgr_nam_gid (/*@null@*/const char *grname)
|
||||||
{
|
{
|
||||||
long long int gid;
|
char *end;
|
||||||
char *endptr;
|
long long gid;
|
||||||
|
|
||||||
if (NULL == grname) {
|
if (NULL == grname) {
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
errno = 0;
|
errno = 0;
|
||||||
gid = strtoll (grname, &endptr, 10);
|
gid = strtoll(grname, &end, 10);
|
||||||
if ( ('\0' != *grname)
|
if ( ('\0' != *grname)
|
||||||
&& ('\0' == *endptr)
|
&& ('\0' == *end)
|
||||||
&& (ERANGE != errno)
|
&& (0 == errno)
|
||||||
&& (/*@+longintegral@*/gid == (gid_t)gid)/*@=longintegral@*/) {
|
&& (/*@+longintegral@*/gid == (gid_t)gid)/*@=longintegral@*/) {
|
||||||
return xgetgrgid (gid);
|
return xgetgrgid (gid);
|
||||||
}
|
}
|
||||||
@@ -1,36 +0,0 @@
|
|||||||
/*
|
|
||||||
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
|
||||||
*
|
|
||||||
* SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include <config.h>
|
|
||||||
|
|
||||||
#ident "$Id$"
|
|
||||||
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <errno.h>
|
|
||||||
#include "prototypes.h"
|
|
||||||
|
|
||||||
/*
|
|
||||||
* getlong - extract a long integer provided by the numstr string in *result
|
|
||||||
*
|
|
||||||
* It supports decimal, hexadecimal or octal representations.
|
|
||||||
*
|
|
||||||
* Returns 0 on failure, 1 on success.
|
|
||||||
*/
|
|
||||||
int getlong (const char *numstr, /*@out@*/long int *result)
|
|
||||||
{
|
|
||||||
long val;
|
|
||||||
char *endptr;
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
val = strtol (numstr, &endptr, 0);
|
|
||||||
if (('\0' == *numstr) || ('\0' != *endptr) || (ERANGE == errno)) {
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
*result = val;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -0,0 +1,71 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2008, Nicolas François
|
||||||
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#ident "$Id: $"
|
||||||
|
|
||||||
|
#include <ctype.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
|
||||||
|
#include "atoi/a2i.h"
|
||||||
|
#include "defines.h"
|
||||||
|
#include "prototypes.h"
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Parse a range and indicate if the range is valid.
|
||||||
|
* Valid ranges are in the form:
|
||||||
|
* <long> -> min=max=long has_min has_max
|
||||||
|
* -<long> -> max=long !has_min has_max
|
||||||
|
* <long>- -> min=long has_min !has_max
|
||||||
|
* <long1>-<long2> -> min=long1 max=long2 has_min has_max
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
getrange(const char *range,
|
||||||
|
unsigned long *min, bool *has_min,
|
||||||
|
unsigned long *max, bool *has_max)
|
||||||
|
{
|
||||||
|
const char *end;
|
||||||
|
|
||||||
|
if (NULL == range)
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
*min = 0;
|
||||||
|
*has_min = false;
|
||||||
|
*has_max = false;
|
||||||
|
|
||||||
|
if ('-' == range[0]) {
|
||||||
|
end = range + 1;
|
||||||
|
goto parse_max;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (a2ul(min, range, &end, 10, 0, ULONG_MAX) == -1 && errno != ENOTSUP)
|
||||||
|
return -1;
|
||||||
|
*has_min = true;
|
||||||
|
|
||||||
|
switch (*end++) {
|
||||||
|
case '\0':
|
||||||
|
*has_max = true;
|
||||||
|
*max = *min;
|
||||||
|
return 0; /* <long> */
|
||||||
|
|
||||||
|
case '-':
|
||||||
|
if ('\0' == *end)
|
||||||
|
return 0; /* <long>- */
|
||||||
|
parse_max:
|
||||||
|
if (!isdigit((unsigned char) *end))
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
if (a2ul(max, end, NULL, 10, *min, ULONG_MAX) == -1)
|
||||||
|
return -1;
|
||||||
|
*has_max = true;
|
||||||
|
|
||||||
|
return 0; /* <long>-<long>, or -<long> */
|
||||||
|
|
||||||
|
default:
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -0,0 +1,47 @@
|
|||||||
|
// SPDX-FileCopyrightText: 2017, Chris Lamb
|
||||||
|
// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar <alx@kernel.org>
|
||||||
|
// SPDX-License-Identifier: BSD-3-Clause
|
||||||
|
|
||||||
|
|
||||||
|
#include <config.h>
|
||||||
|
|
||||||
|
#ident "$Id$"
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
|
#include <limits.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
|
||||||
|
#include "atoi/a2i.h"
|
||||||
|
#include "defines.h"
|
||||||
|
#include "prototypes.h"
|
||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* gettime() returns the time as the number of seconds since the Epoch
|
||||||
|
*
|
||||||
|
* Like time(), gettime() returns the time as the number of seconds since the
|
||||||
|
* Epoch, 1970-01-01 00:00:00 +0000 (UTC), except that if the SOURCE_DATE_EPOCH
|
||||||
|
* environment variable is exported it will use that instead.
|
||||||
|
*/
|
||||||
|
/*@observer@*/time_t
|
||||||
|
gettime(void)
|
||||||
|
{
|
||||||
|
char *source_date_epoch;
|
||||||
|
FILE *shadow_logfd = log_get_logfd();
|
||||||
|
time_t fallback, epoch;
|
||||||
|
|
||||||
|
fallback = time (NULL);
|
||||||
|
source_date_epoch = shadow_getenv ("SOURCE_DATE_EPOCH");
|
||||||
|
|
||||||
|
if (!source_date_epoch)
|
||||||
|
return fallback;
|
||||||
|
|
||||||
|
if (a2i(time_t, &epoch, source_date_epoch, NULL, 10, 0, fallback) == -1) {
|
||||||
|
fprintf(shadow_logfd,
|
||||||
|
_("Environment variable $SOURCE_DATE_EPOCH: a2i(\"%s\"): %s"),
|
||||||
|
source_date_epoch, strerror(errno));
|
||||||
|
return fallback;
|
||||||
|
}
|
||||||
|
return epoch;
|
||||||
|
}
|
||||||
@@ -1,39 +0,0 @@
|
|||||||
/*
|
|
||||||
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
|
||||||
*
|
|
||||||
* SPDX-License-Identifier: BSD-3-Clause
|
|
||||||
*/
|
|
||||||
|
|
||||||
#include <config.h>
|
|
||||||
|
|
||||||
#ident "$Id: getlong.c 2763 2009-04-23 09:57:03Z nekral-guest $"
|
|
||||||
|
|
||||||
#include <stdlib.h>
|
|
||||||
#include <errno.h>
|
|
||||||
#include "prototypes.h"
|
|
||||||
|
|
||||||
/*
|
|
||||||
* getulong - extract an unsigned long integer provided by the numstr string in *result
|
|
||||||
*
|
|
||||||
* It supports decimal, hexadecimal or octal representations.
|
|
||||||
*
|
|
||||||
* Returns 0 on failure, 1 on success.
|
|
||||||
*/
|
|
||||||
int getulong (const char *numstr, /*@out@*/unsigned long int *result)
|
|
||||||
{
|
|
||||||
unsigned long int val;
|
|
||||||
char *endptr;
|
|
||||||
|
|
||||||
errno = 0;
|
|
||||||
val = strtoul (numstr, &endptr, 0);
|
|
||||||
if ( ('\0' == *numstr)
|
|
||||||
|| ('\0' != *endptr)
|
|
||||||
|| (ERANGE == errno)
|
|
||||||
) {
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
*result = val;
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
+24
-17
@@ -22,6 +22,7 @@
|
|||||||
#include "getdef.h"
|
#include "getdef.h"
|
||||||
#include "groupio.h"
|
#include "groupio.h"
|
||||||
|
|
||||||
|
|
||||||
static /*@null@*/struct commonio_entry *merge_group_entries (
|
static /*@null@*/struct commonio_entry *merge_group_entries (
|
||||||
/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
|
/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
|
||||||
/*@null@*/struct commonio_entry *gr2);
|
/*@null@*/struct commonio_entry *gr2);
|
||||||
@@ -35,7 +36,8 @@ static /*@null@*/ /*@only@*/void *group_dup (const void *ent)
|
|||||||
return __gr_dup (gr);
|
return __gr_dup (gr);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void group_free (/*@out@*/ /*@only@*/void *ent)
|
static void
|
||||||
|
group_free(/*@only@*/void *ent)
|
||||||
{
|
{
|
||||||
struct group *gr = ent;
|
struct group *gr = ent;
|
||||||
|
|
||||||
@@ -210,17 +212,25 @@ void __gr_del_entry (const struct commonio_entry *ent)
|
|||||||
|
|
||||||
static int gr_cmp (const void *p1, const void *p2)
|
static int gr_cmp (const void *p1, const void *p2)
|
||||||
{
|
{
|
||||||
|
const struct commonio_entry *const *ce1;
|
||||||
|
const struct commonio_entry *const *ce2;
|
||||||
|
const struct group *g1, *g2;
|
||||||
gid_t u1, u2;
|
gid_t u1, u2;
|
||||||
|
|
||||||
if ((*(struct commonio_entry **) p1)->eptr == NULL) {
|
ce1 = p1;
|
||||||
|
g1 = (*ce1)->eptr;
|
||||||
|
if (g1 == NULL) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
if ((*(struct commonio_entry **) p2)->eptr == NULL) {
|
|
||||||
|
ce2 = p2;
|
||||||
|
g2 = (*ce2)->eptr;
|
||||||
|
if (g2 == NULL) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
u1 = ((struct group *) (*(struct commonio_entry **) p1)->eptr)->gr_gid;
|
u1 = g1->gr_gid;
|
||||||
u2 = ((struct group *) (*(struct commonio_entry **) p2)->eptr)->gr_gid;
|
u2 = g2->gr_gid;
|
||||||
|
|
||||||
if (u1 < u2) {
|
if (u1 < u2) {
|
||||||
return -1;
|
return -1;
|
||||||
@@ -292,12 +302,13 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
|
|||||||
/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
|
/*@null@*/ /*@returned@*/struct commonio_entry *gr1,
|
||||||
/*@null@*/struct commonio_entry *gr2)
|
/*@null@*/struct commonio_entry *gr2)
|
||||||
{
|
{
|
||||||
struct group *gptr1;
|
char *new_line;
|
||||||
struct group *gptr2;
|
char **new_members;
|
||||||
char **new_members;
|
size_t i;
|
||||||
size_t members = 0;
|
size_t members = 0;
|
||||||
char *new_line;
|
struct group *gptr1;
|
||||||
size_t new_line_len, i;
|
struct group *gptr2;
|
||||||
|
|
||||||
if (NULL == gr2 || NULL == gr1) {
|
if (NULL == gr2 || NULL == gr1) {
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
return NULL;
|
return NULL;
|
||||||
@@ -311,12 +322,8 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Concatenate the 2 lines */
|
/* Concatenate the 2 lines */
|
||||||
new_line_len = strlen (gr1->line) + strlen (gr2->line) +1;
|
if (asprintf(&new_line, "%s\n%s", gr1->line, gr2->line) == -1)
|
||||||
new_line = MALLOC(new_line_len + 1, char);
|
|
||||||
if (NULL == new_line) {
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
|
||||||
snprintf(new_line, new_line_len + 1, "%s\n%s", gr1->line, gr2->line);
|
|
||||||
|
|
||||||
/* Concatenate the 2 list of members */
|
/* Concatenate the 2 list of members */
|
||||||
for (i=0; NULL != gptr1->gr_mem[i]; i++);
|
for (i=0; NULL != gptr1->gr_mem[i]; i++);
|
||||||
@@ -335,7 +342,7 @@ static /*@null@*/struct commonio_entry *merge_group_entries (
|
|||||||
}
|
}
|
||||||
new_members = CALLOC (members + 1, char *);
|
new_members = CALLOC (members + 1, char *);
|
||||||
if (NULL == new_members) {
|
if (NULL == new_members) {
|
||||||
free (new_line);
|
free(new_line);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
for (i=0; NULL != gptr1->gr_mem[i]; i++) {
|
for (i=0; NULL != gptr1->gr_mem[i]; i++) {
|
||||||
|
|||||||
+4
-3
@@ -13,6 +13,7 @@
|
|||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
|
#include "memzero.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "groupio.h"
|
#include "groupio.h"
|
||||||
@@ -22,12 +23,11 @@
|
|||||||
struct group *gr;
|
struct group *gr;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
gr = MALLOC(1, struct group);
|
gr = CALLOC(1, struct group);
|
||||||
if (NULL == gr) {
|
if (NULL == gr) {
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
/* The libc might define other fields. They won't be copied. */
|
/* The libc might define other fields. They won't be copied. */
|
||||||
memset (gr, 0, sizeof *gr);
|
|
||||||
gr->gr_gid = grent->gr_gid;
|
gr->gr_gid = grent->gr_gid;
|
||||||
/*@-mustfreeonly@*/
|
/*@-mustfreeonly@*/
|
||||||
gr->gr_name = strdup (grent->gr_name);
|
gr->gr_name = strdup (grent->gr_name);
|
||||||
@@ -77,7 +77,8 @@ void gr_free_members (struct group *grent)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
void gr_free (/*@out@*/ /*@only@*/struct group *grent)
|
void
|
||||||
|
gr_free(/*@only@*/struct group *grent)
|
||||||
{
|
{
|
||||||
free (grent->gr_name);
|
free (grent->gr_name);
|
||||||
if (NULL != grent->gr_passwd) {
|
if (NULL != grent->gr_passwd) {
|
||||||
|
|||||||
+5
-201
@@ -30,34 +30,6 @@ static struct sgrp sgroup;
|
|||||||
|
|
||||||
#define FIELDS 4
|
#define FIELDS 4
|
||||||
|
|
||||||
#ifdef USE_NIS
|
|
||||||
static bool nis_used;
|
|
||||||
static bool nis_ignore;
|
|
||||||
static enum { native, start, middle, native2 } nis_state;
|
|
||||||
static bool nis_bound;
|
|
||||||
static char *nis_domain;
|
|
||||||
static char *nis_key;
|
|
||||||
static int nis_keylen;
|
|
||||||
static char *nis_val;
|
|
||||||
static int nis_vallen;
|
|
||||||
|
|
||||||
#define IS_NISCHAR(c) ((c)=='+')
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#ifdef USE_NIS
|
|
||||||
/*
|
|
||||||
* bind_nis - bind to NIS server
|
|
||||||
*/
|
|
||||||
|
|
||||||
static int bind_nis (void)
|
|
||||||
{
|
|
||||||
if (yp_get_default_domain (&nis_domain))
|
|
||||||
return -1;
|
|
||||||
|
|
||||||
nis_bound = true;
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
|
static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
|
||||||
{
|
{
|
||||||
@@ -68,15 +40,10 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
|
|||||||
size = (nelem + 1) * sizeof (ptr);
|
size = (nelem + 1) * sizeof (ptr);
|
||||||
ptr = REALLOC(*list, size, char *);
|
ptr = REALLOC(*list, size, char *);
|
||||||
if (NULL != ptr) {
|
if (NULL != ptr) {
|
||||||
ptr[nelem] = s;
|
ptr[nelem] = strsep(&s, ",");
|
||||||
nelem++;
|
nelem++;
|
||||||
*list = ptr;
|
*list = ptr;
|
||||||
*nlist = nelem;
|
*nlist = nelem;
|
||||||
s = strchr (s, ',');
|
|
||||||
if (NULL != s) {
|
|
||||||
*s = '\0';
|
|
||||||
s++;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
size = (nelem + 1) * sizeof (ptr);
|
size = (nelem + 1) * sizeof (ptr);
|
||||||
@@ -90,9 +57,6 @@ static /*@null@*/char **build_list (char *s, char **list[], size_t * nlist)
|
|||||||
|
|
||||||
void setsgent (void)
|
void setsgent (void)
|
||||||
{
|
{
|
||||||
#ifdef USE_NIS
|
|
||||||
nis_state = native;
|
|
||||||
#endif
|
|
||||||
if (NULL != shadow) {
|
if (NULL != shadow) {
|
||||||
rewind (shadow);
|
rewind (shadow);
|
||||||
} else {
|
} else {
|
||||||
@@ -140,30 +104,16 @@ void endsgent (void)
|
|||||||
* all 4 of them and save the starting addresses in fields[].
|
* all 4 of them and save the starting addresses in fields[].
|
||||||
*/
|
*/
|
||||||
|
|
||||||
for (cp = sgrbuf, i = 0; (i < FIELDS) && (NULL != cp); i++) {
|
for (cp = sgrbuf, i = 0; (i < FIELDS) && (NULL != cp); i++)
|
||||||
fields[i] = cp;
|
fields[i] = strsep(&cp, ":");
|
||||||
cp = strchr (cp, ':');
|
|
||||||
if (NULL != cp) {
|
|
||||||
*cp++ = '\0';
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If there was an extra field somehow, or perhaps not enough,
|
* If there was an extra field somehow, or perhaps not enough,
|
||||||
* the line is invalid.
|
* the line is invalid.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if ((NULL != cp) || (i != FIELDS)) {
|
if (NULL != cp || i != FIELDS)
|
||||||
#ifdef USE_NIS
|
|
||||||
if (!IS_NISCHAR (fields[0][0])) {
|
|
||||||
return 0;
|
|
||||||
} else {
|
|
||||||
nis_used = true;
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
return 0;
|
return 0;
|
||||||
#endif
|
|
||||||
}
|
|
||||||
|
|
||||||
sgroup.sg_name = fields[0];
|
sgroup.sg_name = fields[0];
|
||||||
sgroup.sg_passwd = fields[1];
|
sgroup.sg_passwd = fields[1];
|
||||||
@@ -209,12 +159,7 @@ void endsgent (void)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef USE_NIS
|
if (fgetsx(buf, buflen, fp) == buf) {
|
||||||
while (fgetsx (buf, buflen, fp) == buf)
|
|
||||||
#else
|
|
||||||
if (fgetsx (buf, buflen, fp) == buf)
|
|
||||||
#endif
|
|
||||||
{
|
|
||||||
while ( ((cp = strrchr (buf, '\n')) == NULL)
|
while ( ((cp = strrchr (buf, '\n')) == NULL)
|
||||||
&& (feof (fp) == 0)) {
|
&& (feof (fp) == 0)) {
|
||||||
size_t len;
|
size_t len;
|
||||||
@@ -237,11 +182,6 @@ void endsgent (void)
|
|||||||
if (NULL != cp) {
|
if (NULL != cp) {
|
||||||
*cp = '\0';
|
*cp = '\0';
|
||||||
}
|
}
|
||||||
#ifdef USE_NIS
|
|
||||||
if (nis_ignore && IS_NISCHAR (buf[0])) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
return (sgetsgent (buf));
|
return (sgetsgent (buf));
|
||||||
}
|
}
|
||||||
return NULL;
|
return NULL;
|
||||||
@@ -253,96 +193,10 @@ void endsgent (void)
|
|||||||
|
|
||||||
/*@observer@*//*@null@*/struct sgrp *getsgent (void)
|
/*@observer@*//*@null@*/struct sgrp *getsgent (void)
|
||||||
{
|
{
|
||||||
#ifdef USE_NIS
|
|
||||||
bool nis_1_group = false;
|
|
||||||
struct sgrp *val;
|
|
||||||
#endif
|
|
||||||
if (NULL == shadow) {
|
if (NULL == shadow) {
|
||||||
setsgent ();
|
setsgent ();
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef USE_NIS
|
|
||||||
again:
|
|
||||||
/*
|
|
||||||
* See if we are reading from the local file.
|
|
||||||
*/
|
|
||||||
|
|
||||||
if (nis_state == native || nis_state == native2) {
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Get the next entry from the shadow group file. Return
|
|
||||||
* NULL right away if there is none.
|
|
||||||
*/
|
|
||||||
|
|
||||||
val = fgetsgent (shadow);
|
|
||||||
if (NULL == val) {
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If this entry began with a NIS escape character, we have
|
|
||||||
* to see if this is just a single group, or if the entire
|
|
||||||
* map is being asked for.
|
|
||||||
*/
|
|
||||||
|
|
||||||
if (IS_NISCHAR (val->sg_name[0])) {
|
|
||||||
if ('\0' != val->sg_name[1]) {
|
|
||||||
nis_1_group = true;
|
|
||||||
} else {
|
|
||||||
nis_state = start;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If this isn't a NIS group and this isn't an escape to go
|
|
||||||
* use a NIS map, it must be a regular local group.
|
|
||||||
*/
|
|
||||||
|
|
||||||
if (!nis_1_group && (nis_state != start)) {
|
|
||||||
return val;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* If this is an escape to use an NIS map, switch over to
|
|
||||||
* that bunch of code.
|
|
||||||
*/
|
|
||||||
|
|
||||||
if (nis_state == start) {
|
|
||||||
goto again;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
|
||||||
* NEEDSWORK. Here we substitute pieces-parts of this entry.
|
|
||||||
*/
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
} else {
|
|
||||||
if (!nis_bound) {
|
|
||||||
if (bind_nis ()) {
|
|
||||||
nis_state = native2;
|
|
||||||
goto again;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if (nis_state == start) {
|
|
||||||
if (yp_first (nis_domain, "gshadow.byname", &nis_key,
|
|
||||||
&nis_keylen, &nis_val, &nis_vallen)) {
|
|
||||||
nis_state = native2;
|
|
||||||
goto again;
|
|
||||||
}
|
|
||||||
nis_state = middle;
|
|
||||||
} else if (nis_state == middle) {
|
|
||||||
if (yp_next (nis_domain, "gshadow.byname", nis_key,
|
|
||||||
nis_keylen, &nis_key, &nis_keylen,
|
|
||||||
&nis_val, &nis_vallen)) {
|
|
||||||
nis_state = native2;
|
|
||||||
goto again;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return sgetsgent (nis_val);
|
|
||||||
}
|
|
||||||
#else
|
|
||||||
return (fgetsgent (shadow));
|
return (fgetsgent (shadow));
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -353,63 +207,13 @@ void endsgent (void)
|
|||||||
{
|
{
|
||||||
struct sgrp *sgrp;
|
struct sgrp *sgrp;
|
||||||
|
|
||||||
#ifdef USE_NIS
|
|
||||||
static char save_name[16];
|
|
||||||
int nis_disabled = 0;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
setsgent ();
|
setsgent ();
|
||||||
|
|
||||||
#ifdef USE_NIS
|
|
||||||
if (nis_used) {
|
|
||||||
again:
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Search the gshadow.byname map for this group.
|
|
||||||
*/
|
|
||||||
|
|
||||||
if (!nis_bound) {
|
|
||||||
bind_nis ();
|
|
||||||
}
|
|
||||||
|
|
||||||
if (nis_bound) {
|
|
||||||
char *cp;
|
|
||||||
|
|
||||||
if (yp_match (nis_domain, "gshadow.byname", name,
|
|
||||||
strlen (name), &nis_val,
|
|
||||||
&nis_vallen) == 0) {
|
|
||||||
cp = strchr (nis_val, '\n');
|
|
||||||
if (NULL != cp) {
|
|
||||||
*cp = '\0';
|
|
||||||
}
|
|
||||||
|
|
||||||
nis_state = middle;
|
|
||||||
sgrp = sgetsgent (nis_val);
|
|
||||||
if (NULL != sgrp) {
|
|
||||||
strcpy (save_name, sgrp->sg_name);
|
|
||||||
nis_key = save_name;
|
|
||||||
nis_keylen = strlen (save_name);
|
|
||||||
}
|
|
||||||
return sgrp;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
nis_state = native2;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
#ifdef USE_NIS
|
|
||||||
if (nis_used) {
|
|
||||||
nis_ignore = true;
|
|
||||||
nis_disabled = true;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
while ((sgrp = getsgent ()) != NULL) {
|
while ((sgrp = getsgent ()) != NULL) {
|
||||||
if (strcmp (name, sgrp->sg_name) == 0) {
|
if (strcmp (name, sgrp->sg_name) == 0) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#ifdef USE_NIS
|
|
||||||
nis_ignore = false;
|
|
||||||
#endif
|
|
||||||
return sgrp;
|
return sgrp;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -18,6 +18,9 @@
|
|||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "getdef.h"
|
#include "getdef.h"
|
||||||
|
#include "string/sprintf.h"
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* hushed - determine if a user receives login messages
|
* hushed - determine if a user receives login messages
|
||||||
*
|
*
|
||||||
@@ -26,11 +29,11 @@
|
|||||||
*/
|
*/
|
||||||
bool hushed (const char *username)
|
bool hushed (const char *username)
|
||||||
{
|
{
|
||||||
struct passwd *pw;
|
bool found;
|
||||||
const char *hushfile;
|
char buf[BUFSIZ];
|
||||||
char buf[BUFSIZ];
|
FILE *fp;
|
||||||
bool found;
|
const char *hushfile;
|
||||||
FILE *fp;
|
struct passwd *pw;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Get the name of the file to use. If this option is not
|
* Get the name of the file to use. If this option is not
|
||||||
@@ -53,7 +56,7 @@ bool hushed (const char *username)
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
if (hushfile[0] != '/') {
|
if (hushfile[0] != '/') {
|
||||||
(void) snprintf (buf, sizeof (buf), "%s/%s", pw->pw_dir, hushfile);
|
SNPRINTF(buf, "%s/%s", pw->pw_dir, hushfile);
|
||||||
return (access (buf, F_OK) == 0);
|
return (access (buf, F_OK) == 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -11,16 +11,20 @@
|
|||||||
#include <limits.h>
|
#include <limits.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
|
#include <strings.h>
|
||||||
|
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
|
#include "atoi/str2i.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "stpeprintf.h"
|
#include "string/stpeprintf.h"
|
||||||
#include "idmapping.h"
|
#include "idmapping.h"
|
||||||
#if HAVE_SYS_CAPABILITY_H
|
#if HAVE_SYS_CAPABILITY_H
|
||||||
#include <sys/prctl.h>
|
#include <sys/prctl.h>
|
||||||
#include <sys/capability.h>
|
#include <sys/capability.h>
|
||||||
#endif
|
#endif
|
||||||
#include "shadowlog.h"
|
#include "shadowlog.h"
|
||||||
|
#include "sizeof.h"
|
||||||
|
|
||||||
|
|
||||||
struct map_range *get_map_ranges(int ranges, int argc, char **argv)
|
struct map_range *get_map_ranges(int ranges, int argc, char **argv)
|
||||||
{
|
{
|
||||||
@@ -32,20 +36,11 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ranges != ((argc + 2) / 3)) {
|
if (ranges * 3 != argc) {
|
||||||
fprintf(log_get_logfd(), "%s: ranges: %u is wrong for argc: %d\n", log_get_progname(), ranges, argc);
|
fprintf(log_get_logfd(), "%s: ranges: %u is wrong for argc: %d\n", log_get_progname(), ranges, argc);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((ranges * 3) > argc) {
|
|
||||||
fprintf(log_get_logfd(), "ranges: %u argc: %d\n",
|
|
||||||
ranges, argc);
|
|
||||||
fprintf(log_get_logfd(),
|
|
||||||
_( "%s: Not enough arguments to form %u mappings\n"),
|
|
||||||
log_get_progname(), ranges);
|
|
||||||
return NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
mappings = CALLOC(ranges, struct map_range);
|
mappings = CALLOC(ranges, struct map_range);
|
||||||
if (!mappings) {
|
if (!mappings) {
|
||||||
fprintf(log_get_logfd(), _( "%s: Memory allocation failure\n"),
|
fprintf(log_get_logfd(), _( "%s: Memory allocation failure\n"),
|
||||||
@@ -56,15 +51,15 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
|
|||||||
/* Gather up the ranges from the command line */
|
/* Gather up the ranges from the command line */
|
||||||
mapping = mappings;
|
mapping = mappings;
|
||||||
for (idx = 0, argidx = 0; idx < ranges; idx++, argidx += 3, mapping++) {
|
for (idx = 0, argidx = 0; idx < ranges; idx++, argidx += 3, mapping++) {
|
||||||
if (!getulong(argv[argidx + 0], &mapping->upper)) {
|
if (str2ul(&mapping->upper, argv[argidx + 0]) == -1) {
|
||||||
free(mappings);
|
free(mappings);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (!getulong(argv[argidx + 1], &mapping->lower)) {
|
if (str2ul(&mapping->lower, argv[argidx + 1]) == -1) {
|
||||||
free(mappings);
|
free(mappings);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (!getulong(argv[argidx + 2], &mapping->count)) {
|
if (str2ul(&mapping->count, argv[argidx + 2]) == -1) {
|
||||||
free(mappings);
|
free(mappings);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@@ -175,7 +170,7 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Lockdown new{g,u}idmap by dropping all unneeded capabilities. */
|
/* Lockdown new{g,u}idmap by dropping all unneeded capabilities. */
|
||||||
memset(data, 0, sizeof(data));
|
bzero(data, sizeof(data));
|
||||||
data[0].effective = CAP_TO_MASK(cap);
|
data[0].effective = CAP_TO_MASK(cap);
|
||||||
/*
|
/*
|
||||||
* When uid 0 from the ancestor userns is supposed to be mapped into
|
* When uid 0 from the ancestor userns is supposed to be mapped into
|
||||||
@@ -190,7 +185,7 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
bufsize = ranges * ((ULONG_DIGITS + 1) * 3);
|
bufsize = (ULONG_DIGITS + 1) * 3 * ranges + 1;
|
||||||
pos = buf = XMALLOC(bufsize, char);
|
pos = buf = XMALLOC(bufsize, char);
|
||||||
end = buf + bufsize;
|
end = buf + bufsize;
|
||||||
|
|
||||||
@@ -215,11 +210,15 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings
|
|||||||
log_get_progname(), map_file, strerror(errno));
|
log_get_progname(), map_file, strerror(errno));
|
||||||
exit(EXIT_FAILURE);
|
exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
if (write_full(fd, buf, pos - buf) != (pos - buf)) {
|
if (write_full(fd, buf, pos - buf) == -1) {
|
||||||
fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
|
fprintf(log_get_logfd(), _("%s: write to %s failed: %s\n"),
|
||||||
log_get_progname(), map_file, strerror(errno));
|
log_get_progname(), map_file, strerror(errno));
|
||||||
exit(EXIT_FAILURE);
|
exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
close(fd);
|
if (close(fd) != 0 && errno != EINTR) {
|
||||||
|
fprintf(log_get_logfd(), _("%s: closing %s failed: %s\n"),
|
||||||
|
log_get_progname(), map_file, strerror(errno));
|
||||||
|
exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
free(buf);
|
free(buf);
|
||||||
}
|
}
|
||||||
@@ -15,11 +15,13 @@
|
|||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include "prototypes.h"
|
|
||||||
#include "defines.h"
|
|
||||||
#include <pwd.h>
|
#include <pwd.h>
|
||||||
#include <time.h>
|
#include <time.h>
|
||||||
|
|
||||||
|
#include "adds.h"
|
||||||
|
#include "defines.h"
|
||||||
|
#include "prototypes.h"
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
|
|
||||||
@@ -38,9 +40,9 @@
|
|||||||
*/
|
*/
|
||||||
int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
|
int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
|
||||||
{
|
{
|
||||||
long now;
|
long now;
|
||||||
|
|
||||||
now = time(NULL) / SCALE;
|
now = time(NULL) / DAY;
|
||||||
|
|
||||||
if (NULL == sp) {
|
if (NULL == sp) {
|
||||||
return 0;
|
return 0;
|
||||||
@@ -72,7 +74,8 @@ int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
|
|||||||
if ( (sp->sp_lstchg > 0)
|
if ( (sp->sp_lstchg > 0)
|
||||||
&& (sp->sp_max >= 0)
|
&& (sp->sp_max >= 0)
|
||||||
&& (sp->sp_inact >= 0)
|
&& (sp->sp_inact >= 0)
|
||||||
&& (now >= (sp->sp_lstchg + sp->sp_max + sp->sp_inact))) {
|
&& (now >= addsl(sp->sp_lstchg, sp->sp_max, sp->sp_inact)))
|
||||||
|
{
|
||||||
return 2;
|
return 2;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -84,7 +87,7 @@ int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
|
|||||||
|
|
||||||
if ( (-1 == sp->sp_lstchg)
|
if ( (-1 == sp->sp_lstchg)
|
||||||
|| (-1 == sp->sp_max)
|
|| (-1 == sp->sp_max)
|
||||||
|| (sp->sp_max >= ((10000L * DAY) / SCALE))) {
|
|| (sp->sp_max >= 10000)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -94,9 +97,9 @@ int isexpired (const struct passwd *pw, /*@null@*/const struct spwd *sp)
|
|||||||
* the password has expired.
|
* the password has expired.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (now >= (sp->sp_lstchg + sp->sp_max)) {
|
if (now >= addsl(sp->sp_lstchg, sp->sp_max))
|
||||||
return 1;
|
return 1;
|
||||||
}
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -29,6 +29,11 @@
|
|||||||
#include "getdef.h"
|
#include "getdef.h"
|
||||||
#include "shadowlog.h"
|
#include "shadowlog.h"
|
||||||
#include <sys/resource.h>
|
#include <sys/resource.h>
|
||||||
|
|
||||||
|
#include "atoi/str2i.h"
|
||||||
|
#include "memzero.h"
|
||||||
|
|
||||||
|
|
||||||
#ifndef LIMITS_FILE
|
#ifndef LIMITS_FILE
|
||||||
#define LIMITS_FILE "/etc/limits"
|
#define LIMITS_FILE "/etc/limits"
|
||||||
#endif
|
#endif
|
||||||
@@ -44,8 +49,10 @@ static int setrlimit_value (unsigned int resource,
|
|||||||
const char *value,
|
const char *value,
|
||||||
unsigned int multiplier)
|
unsigned int multiplier)
|
||||||
{
|
{
|
||||||
struct rlimit rlim;
|
char *end;
|
||||||
rlim_t limit;
|
long l;
|
||||||
|
rlim_t limit;
|
||||||
|
struct rlimit rlim;
|
||||||
|
|
||||||
/* The "-" is special, not belonging to a strange negative limit.
|
/* The "-" is special, not belonging to a strange negative limit.
|
||||||
* It is infinity, in a controlled way.
|
* It is infinity, in a controlled way.
|
||||||
@@ -54,23 +61,18 @@ static int setrlimit_value (unsigned int resource,
|
|||||||
limit = RLIM_INFINITY;
|
limit = RLIM_INFINITY;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
/* We cannot use getlong here because it fails when there
|
/* We cannot use str2sl() here because it fails when there
|
||||||
* is more to the value than just this number!
|
* is more to the value than just this number!
|
||||||
* Also, we are limited to base 10 here (hex numbers will not
|
* Also, we are limited to base 10 here (hex numbers will not
|
||||||
* work with the limit string parser as is anyway)
|
* work with the limit string parser as is anyway)
|
||||||
*/
|
*/
|
||||||
char *endptr;
|
errno = 0;
|
||||||
long longlimit = strtol (value, &endptr, 10);
|
l = strtol(value, &end, 10);
|
||||||
if ((0 == longlimit) && (value == endptr)) {
|
|
||||||
/* No argument at all. No-op.
|
if (value == end || errno != 0)
|
||||||
* FIXME: We could instead throw an error, though.
|
return 0; // FIXME: We could instead throw an error, though.
|
||||||
*/
|
|
||||||
return 0;
|
if (__builtin_mul_overflow(l, multiplier, &limit)) {
|
||||||
}
|
|
||||||
longlimit *= multiplier;
|
|
||||||
limit = longlimit;
|
|
||||||
if (longlimit != limit)
|
|
||||||
{
|
|
||||||
/* FIXME: Again, silent error handling...
|
/* FIXME: Again, silent error handling...
|
||||||
* Wouldn't screaming make more sense?
|
* Wouldn't screaming make more sense?
|
||||||
*/
|
*/
|
||||||
@@ -91,7 +93,7 @@ static int set_prio (const char *value)
|
|||||||
{
|
{
|
||||||
long prio;
|
long prio;
|
||||||
|
|
||||||
if ( (getlong (value, &prio) == 0)
|
if ( (str2sl(&prio, value) == -1)
|
||||||
|| (prio != (int) prio)) {
|
|| (prio != (int) prio)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -104,9 +106,9 @@ static int set_prio (const char *value)
|
|||||||
|
|
||||||
static int set_umask (const char *value)
|
static int set_umask (const char *value)
|
||||||
{
|
{
|
||||||
unsigned long int mask;
|
unsigned long mask;
|
||||||
|
|
||||||
if ( (getulong (value, &mask) == 0)
|
if ( (str2ul(&mask, value) == -1)
|
||||||
|| (mask != (mode_t) mask)) {
|
|| (mask != (mode_t) mask)) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -121,7 +123,7 @@ static int check_logins (const char *name, const char *maxlogins)
|
|||||||
{
|
{
|
||||||
unsigned long limit, count;
|
unsigned long limit, count;
|
||||||
|
|
||||||
if (getulong (maxlogins, &limit) == 0) {
|
if (str2ul(&limit, maxlogins) == -1) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -356,11 +358,11 @@ static int setup_user_limits (const char *uname)
|
|||||||
char tempbuf[1024];
|
char tempbuf[1024];
|
||||||
|
|
||||||
/* init things */
|
/* init things */
|
||||||
memzero (buf, sizeof (buf));
|
MEMZERO(buf);
|
||||||
memzero (name, sizeof (name));
|
MEMZERO(name);
|
||||||
memzero (limits, sizeof (limits));
|
MEMZERO(limits);
|
||||||
memzero (deflimits, sizeof (deflimits));
|
MEMZERO(deflimits);
|
||||||
memzero (tempbuf, sizeof (tempbuf));
|
MEMZERO(tempbuf);
|
||||||
|
|
||||||
/* start the checks */
|
/* start the checks */
|
||||||
fil = fopen (LIMITS_FILE, "r");
|
fil = fopen (LIMITS_FILE, "r");
|
||||||
@@ -377,7 +379,7 @@ static int setup_user_limits (const char *uname)
|
|||||||
if (('#' == buf[0]) || ('\n' == buf[0])) {
|
if (('#' == buf[0]) || ('\n' == buf[0])) {
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
memzero (tempbuf, sizeof (tempbuf));
|
MEMZERO(tempbuf);
|
||||||
/* a valid line should have a username, then spaces,
|
/* a valid line should have a username, then spaces,
|
||||||
* then limits
|
* then limits
|
||||||
* we allow the format:
|
* we allow the format:
|
||||||
@@ -482,8 +484,9 @@ void setup_limits (const struct passwd *info)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (strncmp (cp, "pri=", 4) == 0) {
|
if (strncmp (cp, "pri=", 4) == 0) {
|
||||||
long int inc;
|
long inc;
|
||||||
if ( (getlong (cp + 4, &inc) == 1)
|
|
||||||
|
if ( (str2sl(&inc, cp + 4) == 0)
|
||||||
&& (inc >= -20) && (inc <= 20)) {
|
&& (inc >= -20) && (inc <= 20)) {
|
||||||
errno = 0;
|
errno = 0;
|
||||||
if ( (nice (inc) != -1)
|
if ( (nice (inc) != -1)
|
||||||
@@ -500,8 +503,8 @@ void setup_limits (const struct passwd *info)
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strncmp (cp, "ulimit=", 7) == 0) {
|
if (strncmp (cp, "ulimit=", 7) == 0) {
|
||||||
long int blocks;
|
long blocks;
|
||||||
if ( (getlong (cp + 7, &blocks) == 0)
|
if ( (str2sl(&blocks, cp + 7) == -1)
|
||||||
|| (blocks != (int) blocks)
|
|| (blocks != (int) blocks)
|
||||||
|| (set_filesize_limit (blocks) != 0)) {
|
|| (set_filesize_limit (blocks) != 0)) {
|
||||||
SYSLOG ((LOG_WARN,
|
SYSLOG ((LOG_WARN,
|
||||||
@@ -511,8 +514,9 @@ void setup_limits (const struct passwd *info)
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (strncmp (cp, "umask=", 6) == 0) {
|
if (strncmp (cp, "umask=", 6) == 0) {
|
||||||
unsigned long int mask;
|
unsigned long mask;
|
||||||
if ( (getulong (cp + 6, &mask) == 0)
|
|
||||||
|
if ( (str2ul(&mask, cp + 6) == -1)
|
||||||
|| (mask != (mode_t) mask)) {
|
|| (mask != (mode_t) mask)) {
|
||||||
SYSLOG ((LOG_WARN,
|
SYSLOG ((LOG_WARN,
|
||||||
"Can't set umask value for user %s",
|
"Can't set umask value for user %s",
|
||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user