Compare commits

...

7 Commits

Author SHA1 Message Date
Alejandro Colomar 7ceeec8d79 Release 4.14.7
Closes: <https://github.com/shadow-maint/shadow/issues/959>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-03-26 20:46:18 +01:00
Enrico Scholz aed99b13e0 lib/copydir.c: copy_entry(): Use temporary stat buffer
There are no guarantees that fstatat() does not clobber the stat
buffer on errors.

Use a temporary buffer so that the following code sees correct
attributes of the source entry.

Link: <https://github.com/shadow-maint/shadow/issues/973>
Signed-off-by: Enrico Scholz <enrico.scholz@sigma-chemnitz.de>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: 000619344d ("lib/copydir:copy_entry(): use temporary stat buffer")
Link: <https://github.com/shadow-maint/shadow/pull/974>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-03-22 00:19:06 +01:00
Antoine Roux 89d26e03db man/po/fr.po: Fix wrong french translation
32 characters were wrongly translated to 16 in french translation file.

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: 51a0d94a08 ("Fix wrong french translation")
Link: <https://github.com/shadow-maint/shadow/pull/975>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-03-22 00:10:24 +01:00
Skyler Ferrante f4293f9fbc lib/, src/: Add checks for fd omission
Adding function check_fds to new file fd.c. The function check_fds
should be called in every setuid/setgid program.

Co-developed-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: d2f2c1877a ("Adding checks for fd omission")
Link: <https://github.com/shadow-maint/shadow/pull/964>
Link: <https://inbox.sourceware.org/libc-alpha/ZeyujhVRsDTUNUtw@debian/T/>
[alx: It seems we shouldn't need this, as libc does it for us.  But it ]
[     shouldn't hurt either.  Let's be paranoic.                       ]
Cc: <Guillem Jover <guillem@hadrons.org>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Cc: Christian Brauner <christian@brauner.io>
Cc: Rich Felker <dalias@libc.org>
Cc: Andreas Schwab <schwab@linux-m68k.org>
Cc: Thorsten Glaser <tg@mirbsd.de>
Cc: NRK <nrk@disroot.org>
Cc: Florian Weimer <fweimer@redhat.com>
Cc: enh <enh@google.com>
Cc: Laurent Bercot <ska-dietlibc@skarnet.org>
Cc: Gabriel Ravier <gabravier@gmail.com>
Cc: Zack Weinberg <zack@owlfolio.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-03-13 23:19:51 +01:00
Alejandro Colomar 39192107a6 src/vipw.c: Use string literals to initialize 'Prog'
This avoids using argv[0], which is controlled by the user,
and might inject arbitrary text in stderr and the logs.

Link: <https://github.com/shadow-maint/shadow/issues/959>
Link: <https://github.com/shadow-maint/shadow/pull/960>
Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Karel Zak <kzak@redhat.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Cc: Christian Brauner <christian@brauner.io>
Cherry-picked-from: 89c4da43cb ("src/vipw.c: Use string literals to initialize 'Prog'")
Link: <https://github.com/shadow-maint/shadow/pull/962>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-03-08 17:42:18 +01:00
Alejandro Colomar 470d6be230 src/vipw.c: Reverse logic and variable name
Since we're checking for "vigr", it makes more sense to name the
variable accordingly.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
Cherry-picked-from: 0ab893a734 ("src/vipw.c: Reverse logic and variable name")
Link: <https://github.com/shadow-maint/shadow/pull/962>
[alx: This is needed by 89c4da43cb ("src/vipw.c: Use string literals to initialize 'Prog'")
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-03-08 17:42:09 +01:00
Skyler Ferrante a28371336e src/: Hardcode Prog to known value
Set Prog (program name) based on hardcoded value instead of argv[0].
This is to help prevent escape sequence injection.

Cherry-picked-from: e6c2e43937 ("Hardcoding Prog to known value")
Link: <https://github.com/shadow-maint/shadow/issues/959>
Link: <https://github.com/shadow-maint/shadow/pull/960>
Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Karel Zak <kzak@redhat.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Cc: Christian Brauner <christian@brauner.io>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-03-07 22:54:04 +01:00
44 changed files with 182 additions and 211 deletions
+1 -1
View File
@@ -4,7 +4,7 @@ m4_define([libsubid_abi_major], 4)
m4_define([libsubid_abi_minor], 0) m4_define([libsubid_abi_minor], 0)
m4_define([libsubid_abi_micro], 0) m4_define([libsubid_abi_micro], 0)
m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro]) m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
AC_INIT([shadow], [4.14.6], [pkg-shadow-devel@lists.alioth.debian.org], [], AC_INIT([shadow], [4.14.7], [pkg-shadow-devel@lists.alioth.debian.org], [],
[https://github.com/shadow-maint/shadow]) [https://github.com/shadow-maint/shadow])
AM_INIT_AUTOMAKE([1.11 foreign dist-xz]) AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
AC_CONFIG_MACRO_DIRS([m4]) AC_CONFIG_MACRO_DIRS([m4])
+1
View File
@@ -53,6 +53,7 @@ libshadow_la_SOURCES = \
faillog.h \ faillog.h \
failure.c \ failure.c \
failure.h \ failure.h \
fd.c \
fields.c \ fields.c \
find_new_gid.c \ find_new_gid.c \
find_new_uid.c \ find_new_uid.c \
+2 -1
View File
@@ -415,6 +415,7 @@ static int copy_entry (const struct path_info *src, const struct path_info *dst,
{ {
int err = 0; int err = 0;
struct stat sb; struct stat sb;
struct stat tmp_sb;
struct link_name *lp; struct link_name *lp;
struct timespec mt[2]; struct timespec mt[2];
@@ -436,7 +437,7 @@ static int copy_entry (const struct path_info *src, const struct path_info *dst,
* If the destination already exists do nothing. * If the destination already exists do nothing.
* This is after the copy_dir above to still iterate into subdirectories. * This is after the copy_dir above to still iterate into subdirectories.
*/ */
if (fstatat(dst->dirfd, dst->name, &sb, AT_SYMLINK_NOFOLLOW) != -1) { if (fstatat(dst->dirfd, dst->name, &tmp_sb, AT_SYMLINK_NOFOLLOW) != -1) {
return 0; return 0;
} }
+41
View File
@@ -0,0 +1,41 @@
// SPDX-FileCopyrightText: 2024, Skyler Ferrante <sjf5462@rit.edu>
// SPDX-License-Identifier: BSD-3-Clause
/**
* To protect against file descriptor omission attacks, we open the std file
* descriptors with /dev/null if they are not already open. Code is based on
* fix_fds from sudo.c.
*/
#include <fcntl.h>
#include <stdlib.h>
#include <unistd.h>
#include "prototypes.h"
static void check_fd(int fd);
void
check_fds(void)
{
/**
* Make sure stdin, stdout, stderr are open
* If they are closed, set them to /dev/null
*/
check_fd(STDIN_FILENO);
check_fd(STDOUT_FILENO);
check_fd(STDERR_FILENO);
}
static void
check_fd(int fd)
{
int devnull;
if (fcntl(fd, F_GETFL, 0) != -1)
return;
devnull = open("/dev/null", O_RDWR);
if (devnull != fd)
abort();
}
+3
View File
@@ -127,6 +127,9 @@ extern void initenv (void);
extern void set_env (int, char *const *); extern void set_env (int, char *const *);
extern void sanitize_env (void); extern void sanitize_env (void);
/* fd.c */
extern void check_fds (void);
/* fields.c */ /* fields.c */
extern void change_field (char *, size_t, const char *); extern void change_field (char *, size_t, const char *);
extern int valid_field (const char *, const char *); extern int valid_field (const char *, const char *);
+1 -1
View File
@@ -2610,7 +2610,7 @@ msgstr ""
#: useradd.8.xml:641(para) #: useradd.8.xml:641(para)
msgid "Usernames may only be up to 32 characters long." msgid "Usernames may only be up to 32 characters long."
msgstr "Les noms d'utilisateur sont limités à 16 caractères." msgstr "Les noms d'utilisateur sont limités à 32 caractères."
#: useradd.8.xml:30(term) login.defs.5.xml:30(term) #: useradd.8.xml:30(term) login.defs.5.xml:30(term)
msgid "<option>CREATE_HOME</option> (boolean)" msgid "<option>CREATE_HOME</option> (boolean)"
+6 -8
View File
@@ -41,7 +41,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "chage";
static bool static bool
dflg = false, /* set last password change date */ dflg = false, /* set last password change date */
@@ -511,7 +511,7 @@ static void check_perms (void)
exit (E_NOPERM); exit (E_NOPERM);
} }
retval = pam_start ("chage", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0); retval = pam_authenticate (pamh, 0);
@@ -762,14 +762,12 @@ int main (int argc, char **argv)
gid_t rgid; gid_t rgid;
const struct passwd *pw; const struct passwd *pw;
/* sanitize_env ();
* Get the program name so that error messages can use it. check_fds ();
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
sanitize_env ();
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);
@@ -780,7 +778,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif #endif
OPENLOG ("chage"); OPENLOG (Prog);
ruid = getuid (); ruid = getuid ();
rgid = getgid (); rgid = getgid ();
+1 -2
View File
@@ -18,14 +18,13 @@
#include "idmapping.h" #include "idmapping.h"
#include "shadowlog.h" #include "shadowlog.h"
const char *Prog; static const char Prog[] = "check_subid_range";
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
char *owner; char *owner;
unsigned long start, count; unsigned long start, count;
bool check_uids; bool check_uids;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
+8 -11
View File
@@ -36,7 +36,7 @@
/* /*
* Global variables. * Global variables.
*/ */
const char *Prog; static const char Prog[] = "chfn";
static char fullnm[BUFSIZ]; static char fullnm[BUFSIZ];
static char roomno[BUFSIZ]; static char roomno[BUFSIZ];
static char workph[BUFSIZ]; static char workph[BUFSIZ];
@@ -362,7 +362,7 @@ static void check_perms (const struct passwd *pw)
* check if the change is allowed by SELinux policy. * check if the change is allowed by SELinux policy.
*/ */
if ((pw->pw_uid != getuid ()) if ((pw->pw_uid != getuid ())
&& (check_selinux_permit ("chfn") != 0)) { && (check_selinux_permit (Prog) != 0)) {
fprintf (stderr, _("%s: Permission denied.\n"), Prog); fprintf (stderr, _("%s: Permission denied.\n"), Prog);
closelog (); closelog ();
exit (E_NOPERM); exit (E_NOPERM);
@@ -377,7 +377,7 @@ static void check_perms (const struct passwd *pw)
* --marekm * --marekm
*/ */
if (!amroot && getdef_bool ("CHFN_AUTH")) { if (!amroot && getdef_bool ("CHFN_AUTH")) {
passwd_check (pw->pw_name, pw->pw_passwd, "chfn"); passwd_check (pw->pw_name, pw->pw_passwd, Prog);
} }
#else /* !USE_PAM */ #else /* !USE_PAM */
@@ -389,7 +389,7 @@ static void check_perms (const struct passwd *pw)
exit (E_NOPERM); exit (E_NOPERM);
} }
retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0); retval = pam_authenticate (pamh, 0);
@@ -616,15 +616,12 @@ int main (int argc, char **argv)
char new_gecos[BUFSIZ]; /* buffer for new GECOS fields */ char new_gecos[BUFSIZ]; /* buffer for new GECOS fields */
char *user; char *user;
/* sanitize_env ();
* Get the program name. The program name is used as a check_fds ();
* prefix to most error messages.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
sanitize_env ();
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);
@@ -637,7 +634,7 @@ int main (int argc, char **argv)
*/ */
amroot = (getuid () == 0); amroot = (getuid () == 0);
OPENLOG ("chfn"); OPENLOG (Prog);
/* parse the command line options */ /* parse the command line options */
process_flags (argc, argv); process_flags (argc, argv);
+3 -4
View File
@@ -36,7 +36,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "chgpasswd";
static bool eflg = false; static bool eflg = false;
static bool md5flg = false; static bool md5flg = false;
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -303,7 +303,7 @@ static void check_perms (void)
exit (1); exit (1);
} }
retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0); retval = pam_authenticate (pamh, 0);
@@ -423,7 +423,6 @@ int main (int argc, char **argv)
int errors = 0; int errors = 0;
int line = 0; int line = 0;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -441,7 +440,7 @@ int main (int argc, char **argv)
process_flags (argc, argv); process_flags (argc, argv);
OPENLOG ("chgpasswd"); OPENLOG (Prog);
check_perms (); check_perms ();
+4 -5
View File
@@ -35,7 +35,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "chpasswd";
static bool eflg = false; static bool eflg = false;
static bool md5flg = false; static bool md5flg = false;
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT) #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -302,7 +302,7 @@ static void check_perms (void)
exit (1); exit (1);
} }
retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0); retval = pam_authenticate (pamh, 0);
@@ -450,7 +450,6 @@ int main (int argc, char **argv)
int errors = 0; int errors = 0;
int line = 0; int line = 0;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -476,7 +475,7 @@ int main (int argc, char **argv)
} }
#endif /* USE_PAM */ #endif /* USE_PAM */
OPENLOG ("chpasswd"); OPENLOG (Prog);
check_perms (); check_perms ();
@@ -546,7 +545,7 @@ int main (int argc, char **argv)
#ifdef USE_PAM #ifdef USE_PAM
if (use_pam) { if (use_pam) {
if (do_pam_passwd_non_interactive ("chpasswd", name, newpwd) != 0) { if (do_pam_passwd_non_interactive (Prog, name, newpwd) != 0) {
fprintf (stderr, fprintf (stderr,
_("%s: (line %d, user %s) password not changed\n"), _("%s: (line %d, user %s) password not changed\n"),
Prog, line, name); Prog, line, name);
+6 -10
View File
@@ -45,7 +45,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ static const char Prog[] = "chsh"; /* Program name */
static bool amroot; /* Real UID is root */ static bool amroot; /* Real UID is root */
static char loginsh[BUFSIZ]; /* Name of new login shell */ static char loginsh[BUFSIZ]; /* Name of new login shell */
/* command line options */ /* command line options */
@@ -320,7 +320,7 @@ static void check_perms (const struct passwd *pw)
* check if the change is allowed by SELinux policy. * check if the change is allowed by SELinux policy.
*/ */
if ((pw->pw_uid != getuid ()) if ((pw->pw_uid != getuid ())
&& (check_selinux_permit("chsh") != 0)) { && (check_selinux_permit(Prog) != 0)) {
SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name)); SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
fprintf (stderr, fprintf (stderr,
_("You may not change the shell for '%s'.\n"), _("You may not change the shell for '%s'.\n"),
@@ -337,7 +337,7 @@ static void check_perms (const struct passwd *pw)
* chfn/chsh. --marekm * chfn/chsh. --marekm
*/ */
if (!amroot && getdef_bool ("CHSH_AUTH")) { if (!amroot && getdef_bool ("CHSH_AUTH")) {
passwd_check (pw->pw_name, pw->pw_passwd, "chsh"); passwd_check (pw->pw_name, pw->pw_passwd, Prog);
} }
#else /* !USE_PAM */ #else /* !USE_PAM */
@@ -349,7 +349,7 @@ static void check_perms (const struct passwd *pw)
exit (E_NOPERM); exit (E_NOPERM);
} }
retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0); retval = pam_authenticate (pamh, 0);
@@ -473,12 +473,8 @@ int main (int argc, char **argv)
const struct passwd *pw; /* Password entry from /etc/passwd */ const struct passwd *pw; /* Password entry from /etc/passwd */
sanitize_env (); sanitize_env ();
check_fds ();
/*
* Get the program name. The program name is used as a prefix to
* most error messages.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -493,7 +489,7 @@ int main (int argc, char **argv)
*/ */
amroot = (getuid () == 0); amroot = (getuid () == 0);
OPENLOG ("chsh"); OPENLOG (Prog);
/* parse the command line options */ /* parse the command line options */
process_flags (argc, argv); process_flags (argc, argv);
+5 -5
View File
@@ -23,7 +23,7 @@
#include "shadowlog.h" #include "shadowlog.h"
/* Global variables */ /* Global variables */
const char *Prog; static const char Prog[] = "expiry";
static bool cflg = false; static bool cflg = false;
/* local function prototypes */ /* local function prototypes */
@@ -123,12 +123,12 @@ int main (int argc, char **argv)
struct passwd *pwd; struct passwd *pwd;
struct spwd *spwd; struct spwd *spwd;
Prog = Basename (argv[0]); sanitize_env ();
check_fds ();
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
sanitize_env ();
/* /*
* Start by disabling all of the keyboard signals. * Start by disabling all of the keyboard signals.
*/ */
@@ -145,7 +145,7 @@ int main (int argc, char **argv)
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);
OPENLOG ("expiry"); OPENLOG (Prog);
process_flags (argc, argv); process_flags (argc, argv);
+1 -6
View File
@@ -39,7 +39,7 @@ static void reset (void);
/* /*
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ static const char Prog[] = "faillog"; /* Program name */
static FILE *fail; /* failure file stream */ static FILE *fail; /* failure file stream */
static time_t seconds; /* that number of days in seconds */ static time_t seconds; /* that number of days in seconds */
static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */ static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
@@ -543,11 +543,6 @@ int main (int argc, char **argv)
short fail_max = 0; // initialize to silence compiler warning short fail_max = 0; // initialize to silence compiler warning
long days = 0; long days = 0;
/*
* Get the program name. The program name is used as a prefix to
* most error messages.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
+1 -2
View File
@@ -9,7 +9,7 @@
/* Test program for the subid freeing routine */ /* Test program for the subid freeing routine */
const char *Prog; static const char Prog[] = "free_subid_range";
static void usage(void) static void usage(void)
{ {
@@ -25,7 +25,6 @@ int main(int argc, char *argv[])
struct subordinate_range range; struct subordinate_range range;
bool group = false; // get subuids by default bool group = false; // get subuids by default
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
while ((c = getopt(argc, argv, "g")) != EOF) { while ((c = getopt(argc, argv, "g")) != EOF) {
+1 -2
View File
@@ -6,7 +6,7 @@
#include "prototypes.h" #include "prototypes.h"
#include "shadowlog.h" #include "shadowlog.h"
const char *Prog; static const char Prog[] = "get_subid_owners";
static void usage(void) static void usage(void)
{ {
@@ -21,7 +21,6 @@ int main(int argc, char *argv[])
int i, n; int i, n;
uid_t *uids; uid_t *uids;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
if (argc < 2) { if (argc < 2) {
+1 -2
View File
@@ -7,7 +7,7 @@
#include "prototypes.h" #include "prototypes.h"
#include "shadowlog.h" #include "shadowlog.h"
const char *Prog; static const char Prog[] = "getsubids";
static void usage(void) static void usage(void)
{ {
@@ -23,7 +23,6 @@ int main(int argc, char *argv[])
struct subid_range *ranges; struct subid_range *ranges;
const char *owner; const char *owner;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
if (argc < 2) if (argc < 2)
+4 -3
View File
@@ -37,7 +37,7 @@
* Global variables * Global variables
*/ */
/* The name of this command, as it is invoked */ /* The name of this command, as it is invoked */
const char *Prog; static const char Prog[] = "gpasswd";
#ifdef SHADOWGRP #ifdef SHADOWGRP
/* Indicate if shadow groups are enabled on the system /* Indicate if shadow groups are enabled on the system
@@ -956,6 +956,8 @@ int main (int argc, char **argv)
#endif #endif
sanitize_env (); sanitize_env ();
check_fds ();
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);
@@ -968,11 +970,10 @@ int main (int argc, char **argv)
* with this command. * with this command.
*/ */
bywho = getuid (); bywho = getuid ();
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
OPENLOG ("gpasswd"); OPENLOG (Prog);
setbuf (stdout, NULL); setbuf (stdout, NULL);
setbuf (stderr, NULL); setbuf (stderr, NULL);
+5 -9
View File
@@ -50,7 +50,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "groupadd";
static /*@null@*/char *group_name; static /*@null@*/char *group_name;
static gid_t group_id; static gid_t group_id;
@@ -542,7 +542,7 @@ static void check_perms (void)
exit (1); exit (1);
} }
retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0); retval = pam_authenticate (pamh, 0);
@@ -571,10 +571,6 @@ static void check_perms (void)
*/ */
int main (int argc, char **argv) int main (int argc, char **argv)
{ {
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -585,7 +581,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv); prefix = process_prefix_flag ("-P", argc, argv);
OPENLOG ("groupadd"); OPENLOG (Prog);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif #endif
@@ -605,7 +601,7 @@ int main (int argc, char **argv)
check_perms (); check_perms ();
if (run_parts ("/etc/shadow-maint/groupadd-pre.d", group_name, if (run_parts ("/etc/shadow-maint/groupadd-pre.d", group_name,
"groupadd")) { Prog)) {
exit(1); exit(1);
} }
@@ -628,7 +624,7 @@ int main (int argc, char **argv)
grp_update (); grp_update ();
close_files (); close_files ();
if (run_parts ("/etc/shadow-maint/groupadd-post.d", group_name, if (run_parts ("/etc/shadow-maint/groupadd-post.d", group_name,
"groupadd")) { Prog)) {
exit(1); exit(1);
} }
+5 -9
View File
@@ -36,7 +36,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "groupdel";
static char *group_name; static char *group_name;
static gid_t group_id = -1; static gid_t group_id = -1;
@@ -349,10 +349,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -363,7 +359,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv); prefix = process_prefix_flag ("-P", argc, argv);
OPENLOG ("groupdel"); OPENLOG (Prog);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif #endif
@@ -389,7 +385,7 @@ int main (int argc, char **argv)
exit (1); exit (1);
} }
retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
} }
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
@@ -463,7 +459,7 @@ int main (int argc, char **argv)
} }
if (run_parts ("/etc/shadow-maint/groupdel-pre.d", group_name, if (run_parts ("/etc/shadow-maint/groupdel-pre.d", group_name,
"groupdel")) { Prog)) {
exit(1); exit(1);
} }
@@ -478,7 +474,7 @@ int main (int argc, char **argv)
close_files (); close_files ();
if (run_parts ("/etc/shadow-maint/groupdel-post.d", group_name, if (run_parts ("/etc/shadow-maint/groupdel-post.d", group_name,
"groupdel")) { Prog)) {
exit(1); exit(1);
} }
+3 -7
View File
@@ -44,7 +44,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "groupmems";
static char *adduser = NULL; static char *adduser = NULL;
static char *deluser = NULL; static char *deluser = NULL;
@@ -443,7 +443,7 @@ static void check_perms (void)
fail_exit (1); fail_exit (1);
} }
retval = pam_start ("groupmems", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0); retval = pam_authenticate (pamh, 0);
@@ -573,10 +573,6 @@ int main (int argc, char **argv)
char *name; char *name;
const struct group *grp; const struct group *grp;
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -586,7 +582,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
OPENLOG ("groupmems"); OPENLOG (Prog);
#ifdef SHADOWGRP #ifdef SHADOWGRP
is_shadowgrp = sgr_file_present (); is_shadowgrp = sgr_file_present ();
+3 -7
View File
@@ -58,7 +58,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "groupmod";
#ifdef SHADOWGRP #ifdef SHADOWGRP
static bool is_shadow_grp; static bool is_shadow_grp;
@@ -750,10 +750,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -764,7 +760,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv); prefix = process_prefix_flag ("-P", argc, argv);
OPENLOG ("groupmod"); OPENLOG (Prog);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif #endif
@@ -790,7 +786,7 @@ int main (int argc, char **argv)
exit (E_PAM_USERNAME); exit (E_PAM_USERNAME);
} }
retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
} }
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
+1 -5
View File
@@ -23,7 +23,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "groups";
/* local function prototypes */ /* local function prototypes */
static void print_groups (const char *member); static void print_groups (const char *member);
@@ -97,10 +97,6 @@ int main (int argc, char **argv)
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);
/*
* Get the program name so that error messages can use it.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
+2 -6
View File
@@ -43,7 +43,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "grpck";
static const char *grp_file = GROUP_FILE; static const char *grp_file = GROUP_FILE;
static bool use_system_grp_file = true; static bool use_system_grp_file = true;
@@ -816,10 +816,6 @@ int main (int argc, char **argv)
int errors = 0; int errors = 0;
bool changed = false; bool changed = false;
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -829,7 +825,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
OPENLOG ("grpck"); OPENLOG (Prog);
/* Parse the command line arguments */ /* Parse the command line arguments */
process_flags (argc, argv); process_flags (argc, argv);
+2 -3
View File
@@ -36,7 +36,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "grpconv";
static bool gr_locked = false; static bool gr_locked = false;
static bool sgr_locked = false; static bool sgr_locked = false;
@@ -123,7 +123,6 @@ int main (int argc, char **argv)
const struct sgrp *sg; const struct sgrp *sg;
struct sgrp sgent; struct sgrp sgent;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -133,7 +132,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
OPENLOG ("grpconv"); OPENLOG (Prog);
process_flags (argc, argv); process_flags (argc, argv);
+2 -3
View File
@@ -36,7 +36,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "grpunconv";
static bool gr_locked = false; static bool gr_locked = false;
static bool sgr_locked = false; static bool sgr_locked = false;
@@ -122,7 +122,6 @@ int main (int argc, char **argv)
struct group grent; struct group grent;
const struct sgrp *sg; const struct sgrp *sg;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -132,7 +131,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
OPENLOG ("grpunconv"); OPENLOG (Prog);
process_flags (argc, argv); process_flags (argc, argv);
+1 -2
View File
@@ -39,7 +39,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ static const char Prog[] = "lastlog"; /* Program name */
static FILE *lastlogfile; /* lastlog file stream */ static FILE *lastlogfile; /* lastlog file stream */
static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */ static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
static bool has_umin = false; static bool has_umin = false;
@@ -290,7 +290,6 @@ int main (int argc, char **argv)
* Get the program name. The program name is used as a prefix to * Get the program name. The program name is used as a prefix to
* most error messages. * most error messages.
*/ */
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
+3 -4
View File
@@ -64,7 +64,7 @@ static pam_handle_t *pamh = NULL;
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "login";
static const char *hostname = ""; static const char *hostname = "";
static /*@null@*/ /*@only@*/char *username = NULL; static /*@null@*/ /*@only@*/char *username = NULL;
@@ -520,7 +520,6 @@ int main (int argc, char **argv)
initenv (); initenv ();
amroot = (getuid () == 0); amroot = (getuid () == 0);
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -587,7 +586,7 @@ int main (int argc, char **argv)
} }
#endif /* RLOGIN */ #endif /* RLOGIN */
OPENLOG ("login"); OPENLOG (Prog);
setup_tty (); setup_tty ();
@@ -673,7 +672,7 @@ int main (int argc, char **argv)
retries = getdef_unum ("LOGIN_RETRIES", RETRIES); retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
#ifdef USE_PAM #ifdef USE_PAM
retcode = pam_start ("login", username, &conv, &pamh); retcode = pam_start (Prog, username, &conv, &pamh);
if (retcode != PAM_SUCCESS) { if (retcode != PAM_SUCCESS) {
fprintf (stderr, fprintf (stderr,
_("login: PAM Failure, aborting: %s\n"), _("login: PAM Failure, aborting: %s\n"),
+2 -3
View File
@@ -22,7 +22,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "logoutd";
#ifndef DEFAULT_HUP_MESG #ifndef DEFAULT_HUP_MESG
#define DEFAULT_HUP_MESG _("login time exceeded\n\n") #define DEFAULT_HUP_MESG _("login time exceeded\n\n")
@@ -157,11 +157,10 @@ main(int argc, char **argv)
/* /*
* Start syslogging everything * Start syslogging everything
*/ */
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
OPENLOG ("logoutd"); OPENLOG (Prog);
/* /*
* Scan the utmp file once per minute looking for users that * Scan the utmp file once per minute looking for users that
+1 -2
View File
@@ -9,7 +9,7 @@
/* Test program for the subid creation routine */ /* Test program for the subid creation routine */
const char *Prog; static const char Prog[] = "new_subid_range";
static void usage(void) static void usage(void)
{ {
@@ -28,7 +28,6 @@ int main(int argc, char *argv[])
bool group = false; // get subuids by default bool group = false; // get subuids by default
bool ok; bool ok;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
while ((c = getopt(argc, argv, "gn")) != EOF) { while ((c = getopt(argc, argv, "gn")) != EOF) {
+1 -2
View File
@@ -23,7 +23,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "newgidmap";
static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups) static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups)
@@ -151,7 +151,6 @@ int main(int argc, char **argv)
struct passwd *pw; struct passwd *pw;
bool allow_setgroups = false; bool allow_setgroups = false;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
+4 -1
View File
@@ -28,7 +28,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char *Prog;
extern char **newenvp; extern char **newenvp;
@@ -390,6 +390,9 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif #endif
check_fds ();
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);
+1 -2
View File
@@ -23,7 +23,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "newuidmap";
static bool verify_range(struct passwd *pw, struct map_range *range) static bool verify_range(struct passwd *pw, struct map_range *range)
{ {
@@ -80,7 +80,6 @@ int main(int argc, char **argv)
struct stat st; struct stat st;
struct passwd *pw; struct passwd *pw;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
+1 -2
View File
@@ -54,7 +54,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "newusers";
static bool rflg = false; /* create a system account */ static bool rflg = false; /* create a system account */
#ifndef USE_PAM #ifndef USE_PAM
@@ -1056,7 +1056,6 @@ int main (int argc, char **argv)
unsigned int nusers = 0; unsigned int nusers = 0;
#endif /* USE_PAM */ #endif /* USE_PAM */
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
+4 -8
View File
@@ -45,7 +45,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; /* Program name */ static const char Prog[] = "passwd"; /* Program name */
static char *name; /* The name of user whose password is being changed */ static char *name; /* The name of user whose password is being changed */
static char *myname; /* The current user's name */ static char *myname; /* The current user's name */
@@ -730,12 +730,8 @@ int main (int argc, char **argv)
const struct spwd *sp; /* Shadow file entry for user */ const struct spwd *sp; /* Shadow file entry for user */
sanitize_env (); sanitize_env ();
check_fds ();
/*
* Get the program name. The program name is used as a prefix to
* most error messages.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -757,7 +753,7 @@ int main (int argc, char **argv)
*/ */
amroot = (getuid () == 0); amroot = (getuid () == 0);
OPENLOG ("passwd"); OPENLOG (Prog);
{ {
/* /*
@@ -976,7 +972,7 @@ int main (int argc, char **argv)
#ifdef WITH_SELINUX #ifdef WITH_SELINUX
/* only do this check when getuid()==0 because it's a pre-condition for /* only do this check when getuid()==0 because it's a pre-condition for
changing a password without entering the old one */ changing a password without entering the old one */
if (amroot && (check_selinux_permit ("passwd") != 0)) { if (amroot && (check_selinux_permit (Prog) != 0)) {
SYSLOG ((LOG_ALERT, SYSLOG ((LOG_ALERT,
"root is not authorized by SELinux to change the password of %s", "root is not authorized by SELinux to change the password of %s",
name)); name));
+2 -6
View File
@@ -47,7 +47,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "pwck";
static bool use_system_pw_file = true; static bool use_system_pw_file = true;
static bool use_system_spw_file = true; static bool use_system_spw_file = true;
@@ -833,10 +833,6 @@ int main (int argc, char **argv)
int errors = 0; int errors = 0;
bool changed = false; bool changed = false;
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -846,7 +842,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
OPENLOG ("pwck"); OPENLOG (Prog);
/* Parse the command line arguments */ /* Parse the command line arguments */
process_flags (argc, argv); process_flags (argc, argv);
+2 -3
View File
@@ -66,7 +66,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "pwconv";
static bool spw_locked = false; static bool spw_locked = false;
static bool pw_locked = false; static bool pw_locked = false;
@@ -153,7 +153,6 @@ int main (int argc, char **argv)
const struct spwd *sp; const struct spwd *sp;
struct spwd spent; struct spwd spent;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -163,7 +162,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
OPENLOG ("pwconv"); OPENLOG (Prog);
process_flags (argc, argv); process_flags (argc, argv);
+2 -3
View File
@@ -30,7 +30,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "pwunconv";
static bool spw_locked = false; static bool spw_locked = false;
static bool pw_locked = false; static bool pw_locked = false;
@@ -114,7 +114,6 @@ int main (int argc, char **argv)
struct passwd pwent; struct passwd pwent;
const struct spwd *spwd; const struct spwd *spwd;
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -124,7 +123,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
OPENLOG ("pwunconv"); OPENLOG (Prog);
process_flags (argc, argv); process_flags (argc, argv);
+5 -8
View File
@@ -61,7 +61,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "su";
static /*@observer@*/const char *caller_tty = NULL; /* Name of tty SU is run from */ static /*@observer@*/const char *caller_tty = NULL; /* Name of tty SU is run from */
static bool caller_is_root = false; static bool caller_is_root = false;
static uid_t caller_uid; static uid_t caller_uid;
@@ -730,11 +730,6 @@ static void save_caller_context (char **argv)
const char *password = NULL; const char *password = NULL;
#endif /* SU_ACCESS */ #endif /* SU_ACCESS */
#endif /* !USE_PAM */ #endif /* !USE_PAM */
/*
* Get the program name. The program name is used as a prefix to
* most error messages.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -1004,20 +999,22 @@ int main (int argc, char **argv)
int ret; int ret;
#endif /* USE_PAM */ #endif /* USE_PAM */
check_fds ();
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR); (void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE); (void) textdomain (PACKAGE);
save_caller_context (argv); save_caller_context (argv);
OPENLOG ("su"); OPENLOG (Prog);
process_flags (argc, argv); process_flags (argc, argv);
initenv (); initenv ();
#ifdef USE_PAM #ifdef USE_PAM
ret = pam_start ("su", name, &conv, &pamh); ret = pam_start (Prog, name, &conv, &pamh);
if (PAM_SUCCESS != ret) { if (PAM_SUCCESS != ret) {
SYSLOG ((LOG_ERR, "pam_start: error %d", ret); SYSLOG ((LOG_ERR, "pam_start: error %d", ret);
fprintf (stderr, fprintf (stderr,
+1 -2
View File
@@ -27,7 +27,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "sulogin";
static char pass[BUFSIZ]; static char pass[BUFSIZ];
@@ -63,7 +63,6 @@ static void catch_signals (unused int sig)
termio.c_lflag |= (ECHO | ECHOE | ECHOK | ICANON | ISIG); termio.c_lflag |= (ECHO | ECHOE | ECHOK | ICANON | ISIG);
tcsetattr (0, TCSANOW, &termio); tcsetattr (0, TCSANOW, &termio);
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
+3 -7
View File
@@ -82,7 +82,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "useradd";
/* /*
* These defaults are used if there is no defaults file. * These defaults are used if there is no defaults file.
@@ -2518,10 +2518,6 @@ int main (int argc, char **argv)
unsigned long subuid_count = 0; unsigned long subuid_count = 0;
unsigned long subgid_count = 0; unsigned long subgid_count = 0;
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -2533,7 +2529,7 @@ int main (int argc, char **argv)
prefix = process_prefix_flag("-P", argc, argv); prefix = process_prefix_flag("-P", argc, argv);
OPENLOG ("useradd"); OPENLOG (Prog);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif #endif
@@ -2585,7 +2581,7 @@ int main (int argc, char **argv)
fail_exit (1); fail_exit (1);
} }
retval = pam_start ("useradd", pampw?pampw->pw_name:"root", &conv, &pamh); retval = pam_start (Prog, pampw?pampw->pw_name:"root", &conv, &pamh);
} }
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
+3 -7
View File
@@ -70,7 +70,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "userdel";
static char *user_name; static char *user_name;
static uid_t user_id; static uid_t user_id;
@@ -969,10 +969,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
(void) setlocale (LC_ALL, ""); (void) setlocale (LC_ALL, "");
@@ -982,7 +978,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv); prefix = process_prefix_flag ("-P", argc, argv);
OPENLOG ("userdel"); OPENLOG (Prog);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif /* WITH_AUDIT */ #endif /* WITH_AUDIT */
@@ -1066,7 +1062,7 @@ int main (int argc, char **argv)
exit (E_PW_UPDATE); exit (E_PW_UPDATE);
} }
retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
} }
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
+3 -7
View File
@@ -86,7 +86,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char Prog[] = "usermod";
static char *user_name; static char *user_name;
static char *user_newname; static char *user_newname;
@@ -2153,10 +2153,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */ #endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */ #endif /* ACCT_TOOLS_SETUID */
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -2167,7 +2163,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv); prefix = process_prefix_flag ("-P", argc, argv);
OPENLOG ("usermod"); OPENLOG (Prog);
#ifdef WITH_AUDIT #ifdef WITH_AUDIT
audit_help_open (); audit_help_open ();
#endif #endif
@@ -2213,7 +2209,7 @@ int main (int argc, char **argv)
exit (1); exit (1);
} }
retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh); retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
} }
if (PAM_SUCCESS == retval) { if (PAM_SUCCESS == retval) {
+30 -30
View File
@@ -52,7 +52,7 @@
/* /*
* Global variables * Global variables
*/ */
const char *Prog; static const char *Prog;
static const char *filename, *fileeditname; static const char *filename, *fileeditname;
static bool filelocked = false; static bool filelocked = false;
@@ -469,10 +469,12 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void))
int main (int argc, char **argv) int main (int argc, char **argv)
{ {
bool editshadow = false; bool editshadow = false;
bool do_vipw; bool do_vigr;
Prog = Basename (argv[0]); do_vigr = (strcmp(Basename(argv[0]), "vigr") == 0);
Prog = do_vigr ? "vigr" : "vipw";
log_set_progname(Prog); log_set_progname(Prog);
log_set_logfd(stderr); log_set_logfd(stderr);
@@ -482,9 +484,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv); process_root_flag ("-R", argc, argv);
do_vipw = (strcmp (Prog, "vigr") != 0); OPENLOG(Prog);
OPENLOG (do_vipw ? "vipw" : "vigr");
{ {
/* /*
@@ -512,13 +512,13 @@ int main (int argc, char **argv)
long_options, NULL)) != -1) { long_options, NULL)) != -1) {
switch (c) { switch (c) {
case 'g': case 'g':
do_vipw = false; do_vigr = true;
break; break;
case 'h': case 'h':
usage (E_SUCCESS); usage (E_SUCCESS);
break; break;
case 'p': case 'p':
do_vipw = true; do_vigr = false;
break; break;
case 'q': case 'q':
quiet = true; quiet = true;
@@ -543,7 +543,27 @@ int main (int argc, char **argv)
} }
} }
if (do_vipw) { if (do_vigr) {
#ifdef SHADOWGRP
if (editshadow) {
vipwedit (sgr_dbname (), sgr_lock, sgr_unlock);
printf (MSG_WARN_EDIT_OTHER_FILE,
sgr_dbname (),
gr_dbname (),
"vigr");
} else {
#endif /* SHADOWGRP */
vipwedit (gr_dbname (), gr_lock, gr_unlock);
#ifdef SHADOWGRP
if (sgr_file_present ()) {
printf (MSG_WARN_EDIT_OTHER_FILE,
gr_dbname (),
sgr_dbname (),
"vigr -s");
}
}
#endif /* SHADOWGRP */
} else {
if (editshadow) { if (editshadow) {
#ifdef WITH_TCB #ifdef WITH_TCB
if (getdef_bool ("USE_TCB") && (NULL != user)) { if (getdef_bool ("USE_TCB") && (NULL != user)) {
@@ -570,26 +590,6 @@ int main (int argc, char **argv)
"vipw -s"); "vipw -s");
} }
} }
} else {
#ifdef SHADOWGRP
if (editshadow) {
vipwedit (sgr_dbname (), sgr_lock, sgr_unlock);
printf (MSG_WARN_EDIT_OTHER_FILE,
sgr_dbname (),
gr_dbname (),
"vigr");
} else {
#endif /* SHADOWGRP */
vipwedit (gr_dbname (), gr_lock, gr_unlock);
#ifdef SHADOWGRP
if (sgr_file_present ()) {
printf (MSG_WARN_EDIT_OTHER_FILE,
gr_dbname (),
sgr_dbname (),
"vigr -s");
}
}
#endif /* SHADOWGRP */
} }
nscd_flush_cache ("passwd"); nscd_flush_cache ("passwd");