configure.ac: release 4.3.1

Signed-off-by: Serge Hallyn <serge@hallyn.com>

configure.ac

@@ -1,6 +1,6 @@
 dnl Process this file with autoconf to produce a configure script.
 AC_INIT
-AM_INIT_AUTOMAKE(shadow, 4.3)
+AM_INIT_AUTOMAKE(shadow, 4.3.1)
 AC_CONFIG_HEADERS([config.h])
 
 dnl Some hacks...

lib/getulong.c

@@ -44,22 +44,19 @@
  */
 int getulong (const char *numstr, /*@out@*/unsigned long int *result)
 {
-	long long int val;
+	unsigned long int val;
 	char *endptr;
 
 	errno = 0;
-	val = strtoll (numstr, &endptr, 0);
+	val = strtoul (numstr, &endptr, 0);
 	if (    ('\0' == *numstr)
 	     || ('\0' != *endptr)
 	     || (ERANGE == errno)
-	     /*@+ignoresigns@*/
-	     || (val != (unsigned long int)val)
-	     /*@=ignoresigns@*/
 	   ) {
 		return 0;
 	}
 
-	*result = (unsigned long int)val;
+	*result = val;
 	return 1;
 }
 

libmisc/idmapping.c

@@ -83,6 +83,27 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
 			free(mappings);
 			return NULL;
 		}
+		if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) {
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+		if (mapping->upper > UINT_MAX ||
+			mapping->lower > UINT_MAX ||
+			mapping->count > UINT_MAX)  {
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+		if (mapping->lower + mapping->count > UINT_MAX ||
+				mapping->upper + mapping->count > UINT_MAX) {
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
+		if (mapping->lower + mapping->count < mapping->lower ||
+				mapping->upper + mapping->count < mapping->upper) {
+			/* this one really shouldn't be possible given previous checks */
+			fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+			exit(EXIT_FAILURE);
+		}
 	}
 	return mappings;
 }

man/chgpasswd.8.xml

@@ -92,7 +92,7 @@
     <para>
       The default encryption algorithm can be defined for the system with
       the <option>ENCRYPT_METHOD</option> variable of <filename>/etc/login.defs</filename>,
-      and can be overwiten with the <option>-e</option>,
+      and can be overwritten with the <option>-e</option>,
       <option>-m</option>, or <option>-c</option> options.
     </para>
     <para>

man/chpasswd.8.xml

@@ -98,7 +98,7 @@
       The default encryption algorithm can be defined for the system with
       the <option>ENCRYPT_METHOD</option> or
       <option>MD5_CRYPT_ENAB</option> variables of
-      <filename>/etc/login.defs</filename>, and can be overwitten with the
+      <filename>/etc/login.defs</filename>, and can be overwritten with the
       <option>-e</option>, <option>-m</option>, or <option>-c</option>
       options.
     </para>
@@ -112,7 +112,7 @@
       <phrase condition="pam">Except when PAM is used to encrypt the
       passwords,</phrase> <command>chpasswd</command> first updates all the
       passwords in memory, and then commits all the changes to disk if no
-      errors occured for any user.
+      errors occurred for any user.
     </para>
     <para condition="pam">
       When PAM is used to encrypt the passwords (and update the passwords in

man/groupmems.8.xml

@@ -106,7 +106,7 @@
       <varlistentry>
 	<term><option>-a</option>, <option>--add</option>&nbsp;<replaceable>user_name</replaceable></term>
 	<listitem>
-	  <para>Add an user to the group membership list.</para>
+	  <para>Add a user to the group membership list.</para>
 	  <para condition="gshadow">
 	    If the <filename>/etc/gshadow</filename> file exist, and the
 	    group has no entry in the <filename>/etc/gshadow</filename>

man/gshadow.5.xml

@@ -95,7 +95,7 @@
 	    group (but group members do not need the password).
 	  </para>
 	  <para>
-	    The password is used when an user who is not a member of the
+	    The password is used when a user who is not a member of the
 	    group wants to gain the permissions of this group (see
 	    <citerefentry><refentrytitle>newgrp</refentrytitle>
 	    <manvolnum>1</manvolnum></citerefentry>).
@@ -105,7 +105,7 @@
 	    can gain the group permissions.
 	  </para>
 	  <para>
-	    A password field which starts with a exclamation mark means
+	    A password field which starts with an exclamation mark means
 	    that the password is locked.  The remaining characters on the
 	    line represent the password field before the password was
 	    locked.

man/lastlog.8.xml

@@ -109,7 +109,7 @@
 	</term>
 	<listitem>
 	  <para>
-	    Clear lastlog record of an user. This option can be used only together
+	    Clear lastlog record of a user. This option can be used only together
 	    with <option>-u</option> (<option>--user</option>)).
 	  </para>
 	</listitem>
@@ -140,7 +140,7 @@
 	</term>
 	<listitem>
 	  <para>
-	    Set lastlog record of an user to the current time. This option can be
+	    Set lastlog record of a user to the current time. This option can be
 	    used only together with <option>-u</option> (<option>--user</option>)).
 	  </para>
 	</listitem>

man/limits.5.xml

@@ -108,7 +108,7 @@
       <listitem><para>A: max address space (KB)</para></listitem>
       <listitem><para>C: max core file size (KB)</para></listitem>
       <listitem><para>D: max data size (KB)</para></listitem>
-      <listitem><para>F: maximum filesize (KB)</para></listitem>
+      <listitem><para>F: maximum file size (KB)</para></listitem>
       <listitem><para>K: file creation mask, set by
 	<citerefentry>
 	  <refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum>
@@ -145,7 +145,7 @@
     <para>
       Be aware that after <emphasis remap='I'>username</emphasis> the rest
       of the line is considered a limit string, thus comments are not
-      allowed. A invalid limits string will be rejected (not considered) by
+      allowed. An invalid limits string will be rejected (not considered) by
       the <command>login</command> program.
     </para>
 
@@ -163,12 +163,12 @@
     </para>
 
     <para>
-      If more than one line with limits for an user exist, only the first line for
+      If more than one line with limits for a user exist, only the first line for
       this user will be considered.
     </para>
 
     <para>
-      If no lines are specified for an user, the last
+      If no lines are specified for a user, the last
       <replaceable>@group</replaceable> line matching a group whose the
       user is a member of will be considered, or the last line with
       default limits if no groups contain the user.

man/newgidmap.1.xml

@@ -80,7 +80,7 @@
   <refsect1 id='description'>
     <title>DESCRIPTION</title>
     <para>
-      The <command>newgidmap</command> sets <filename>/proc/[pid]/gid_map</filename> based on it's
+      The <command>newgidmap</command> sets <filename>/proc/[pid]/gid_map</filename> based on its
       command line arguments and the gids allowed in <filename>/etc/subgid</filename>.
       Note that the root user is not exempted from the requirement for a valid
       <filename>/etc/subgid</filename> entry.
@@ -93,7 +93,7 @@
 	  <term>gid</term>
 	  <listitem>
 	    <para>
-	      Begining of the range of GIDs inside the user namespace.
+	      Beginning of the range of GIDs inside the user namespace.
 	    </para>
 	  </listitem>
 	</varlistentry>
@@ -101,7 +101,7 @@
 	  <term>lowergid</term>
 	  <listitem>
 	    <para>
-	      Begining of the range of GIDs outside the user namespace.
+	      Beginning of the range of GIDs outside the user namespace.
 	    </para>
 	  </listitem>
 	</varlistentry>
@@ -145,7 +145,7 @@
       <varlistentry>
 	<term><filename>/etc/subgid</filename></term>
 	<listitem>
-	  <para>List of users subordinate group IDs.</para>
+	  <para>List of user's subordinate group IDs.</para>
 	</listitem>
       </varlistentry>
       <varlistentry>

man/newuidmap.1.xml

@@ -80,7 +80,7 @@
   <refsect1 id='description'>
     <title>DESCRIPTION</title>
     <para>
-      The <command>newuidmap</command> sets <filename>/proc/[pid]/uid_map</filename> based on it's
+      The <command>newuidmap</command> sets <filename>/proc/[pid]/uid_map</filename> based on its
       command line arguments and the uids allowed in <filename>/etc/subuid</filename>.
       Note that the root user is not exempted from the requirement for a valid
       <filename>/etc/subuid</filename> entry.
@@ -93,7 +93,7 @@
 	  <term>uid</term>
 	  <listitem>
 	    <para>
-	      Begining of the range of UIDs inside the user namespace.
+	      Beginning of the range of UIDs inside the user namespace.
 	    </para>
 	  </listitem>
 	</varlistentry>
@@ -101,7 +101,7 @@
 	  <term>loweruid</term>
 	  <listitem>
 	    <para>
-	      Begining of the range of UIDs outside the user namespace.
+	      Beginning of the range of UIDs outside the user namespace.
 	    </para>
 	  </listitem>
 	</varlistentry>
@@ -144,7 +144,7 @@
       <varlistentry>
 	<term><filename>/etc/subuid</filename></term>
 	<listitem>
-	  <para>List of users subordinate user IDs.</para>
+	  <para>List of user's subordinate user IDs.</para>
 	</listitem>
       </varlistentry>
       <varlistentry>

man/newusers.8.xml

@@ -115,7 +115,7 @@
 	  </para>
 	  <para>
 	    It can be the name of a new user or the name of an existing
-	    user (or an user created before by
+	    user (or a user created before by
 	    <command>newusers</command>).  In case of an existing user,
 	    the user's information will be changed, otherwise a new user
 	    will be created.
@@ -142,7 +142,7 @@
 	    This field is used to define the UID of the user.
 	  </para>
 	  <para>
-	    If the field is empty, an new (unused) UID will be defined
+	    If the field is empty, a new (unused) UID will be defined
 	    automatically by <command>newusers</command>.
 	  </para>
 	  <para>
@@ -151,7 +151,7 @@
 	  </para>
 	  <para>
 	    If this field contains the name of an existing user (or the
-	    name of an user created before by
+	    name of a user created before by
 	    <command>newusers</command>), the UID of the specified user
 	    will be used.
 	  </para>

man/nologin.8.xml

@@ -89,7 +89,7 @@
   <refsect1 id='history'>
     <title>HISTORY</title>
     <para>
-      The <command>nologin</command> command appearred in BSD 4.4.
+      The <command>nologin</command> command appeared in BSD 4.4.
     </para>
   </refsect1>
 </refentry>

man/passwd.1.xml

@@ -164,7 +164,7 @@
       </para>
 
       <para>
-	You can find advices on how to choose a strong password on
+	You can find advice on how to choose a strong password on
 	http://en.wikipedia.org/wiki/Password_strength
       </para>
     </refsect2>

man/pwck.8.xml

@@ -243,7 +243,7 @@
     <para condition="tcb">
       Note that when <option>USE_TCB</option> is enabled, you cannot
       specify an alternative <replaceable>shadow</replaceable> file. In
-      future releases, this paramater could be replaced by an alternate
+      future releases, this parameter could be replaced by an alternate
       TCB directory.
     </para>
   </refsect1>

man/shadow.5.xml

@@ -115,7 +115,7 @@
 	    any access at all if the password field is empty.
 	  </para>
 	  <para>
-	    A password field which starts with a exclamation mark means
+	    A password field which starts with an exclamation mark means
 	    that the password is locked.  The remaining characters on the
 	    line represent the password field before the password was
 	    locked.
@@ -133,7 +133,7 @@
 	  </para>
 	  <para>
 	    The value 0 has a special meaning, which is that the user
-	    should change her pasword the next time she will log in the
+	    should change her password the next time she will log in the
 	    system.
 	  </para>
 	  <para>
@@ -228,7 +228,7 @@
 	  </para>
 	  <para>
 	    Note that an account expiration differs from a password
-	    expiration.  In case of an acount expiration, the user shall
+	    expiration.  In case of an account expiration, the user shall
 	    not be allowed to login.  In case of a password expiration,
 	    the user is not allowed to login using her password.
 	  </para>

man/su.1.xml

@@ -157,7 +157,7 @@
 	  </para>
 	  <para>
 	    The executed command will have no controlling terminal. This
-	    option cannot be used to execute interractive programs which
+	    option cannot be used to execute interactive programs which
 	    need a controlling TTY.
 	    <!-- This avoids TTY hijacking when su is used to lower
 	         privileges -->
@@ -191,7 +191,7 @@
 	  <para>The shell that will be invoked.</para>
 	  <para>
 	    The invoked shell is chosen from (highest priority first):
-	    <!--This should be an orderedlist, but lists inside another
+	    <!--This should be an ordered list, but lists inside another
 	        list does not work well with current docbook.
 	        - nekral - 2009.06.03 -->
 	    <variablelist>

man/suauth.5.xml

@@ -81,7 +81,7 @@
 
     <!-- .RS -->
     <literallayout remap='.nf'>
-      1) the user su is targetting
+      1) the user su is targeting
     </literallayout>
     <!-- .fi -->
     <para>
@@ -106,13 +106,13 @@
 
     <para>
       from-id is formatted the same as to-id except the extra word
-      <emphasis>GROUP</emphasis> is recognised. <emphasis>ALL EXCEPT
+      <emphasis>GROUP</emphasis> is recognized. <emphasis>ALL EXCEPT
       GROUP</emphasis> is perfectly valid too. Following
       <emphasis>GROUP</emphasis> appears one or more group names, delimited
       by ",". It is not sufficient to have primary group id of the relevant
       group, an entry in
       <citerefentry><refentrytitle>/etc/group</refentrytitle>
-      <manvolnum>5</manvolnum></citerefentry> is neccessary.
+      <manvolnum>5</manvolnum></citerefentry> is necessary.
     </para>
 
     <para> 

man/useradd.8.xml

@@ -307,7 +307,7 @@
 	  </para>
 	    Example: <option>-K</option>&nbsp;<replaceable>PASS_MAX_DAYS</replaceable>=<replaceable>-1</replaceable>
 	    can be used when creating system account to turn off password
-	    ageing, even though system account has no password at all.
+	    aging, even though system account has no password at all.
 	    Multiple <option>-K</option> options can be specified, e.g.:
 	    <option>-K</option>&nbsp;<replaceable>UID_MIN</replaceable>=<replaceable>100</replaceable>&nbsp;
 	    <option>-K</option>&nbsp;<replaceable>UID_MAX</replaceable>=<replaceable>499</replaceable>
@@ -326,7 +326,7 @@
 	  </para>
 	  <para>
 	    By default, the user's entries in the lastlog and faillog
-	    databases are resetted to avoid reusing the entry from a previously
+	    databases are reset to avoid reusing the entry from a previously
 	    deleted user.
 	  </para>
 	</listitem>
@@ -351,7 +351,7 @@
       </varlistentry>
       <varlistentry>
 	<term>
-	  <option>-M</option>
+	 <option>-M</option>, <option>--no-create-home</option>
 	</term>
 	<listitem>
 	  <para>
@@ -433,7 +433,7 @@
 	  </para>
 	  <para>
 	    Note that <command>useradd</command> will not create a home
-	    directory for such an user, regardless of the default setting
+	    directory for such a user, regardless of the default setting
 	    in <filename>/etc/login.defs</filename>
 	    (<option>CREATE_HOME</option>). You have to specify the
 	    <option>-m</option> options if you want a home directory for a

man/usermod.8.xml

@@ -481,8 +481,7 @@
       not executing any processes when this command is being executed if the
       user's numerical user ID, the user's name, or the user's home
       directory is being changed. <command>usermod</command> checks this
-      on Linux, but only check if the user is logged in according to utmp
-      on other architectures.
+      on Linux. On other platforms it only uses utmp to check if the user is logged in.
     </para>
     <para>
       You must change the owner of any <command>crontab</command> files or

src/expiry.c

@@ -58,7 +58,7 @@ static void process_flags (int argc, char **argv);
  */
 static RETSIGTYPE catch_signals (unused int sig)
 {
-	exit (10);
+	_exit (10);
 }
 
 /*

src/gpasswd.c

@@ -169,9 +169,8 @@ static RETSIGTYPE catch_signals (int killed)
 	}
 
 	if (0 != killed) {
-		(void) putchar ('\n');
-		(void) fflush (stdout);
-		exit (killed);
+		(void) write (STDOUT_FILENO, "\n", 1);
+		_exit (killed);
 	}
 }
 

src/login.c

@@ -103,7 +103,7 @@ static bool hflg = false;
 static bool preauth_flag = false;
 
 static bool amroot;
-static unsigned int timeout;
+static char tmsg[256];
 
 /*
  * External identifiers.
@@ -416,8 +416,8 @@ static void init_env (void)
 
 static RETSIGTYPE alarm_handler (unused int sig)
 {
-	fprintf (stderr, _("\nLogin timed out after %u seconds.\n"), timeout);
-	exit (0);
+	write (STDERR_FILENO, tmsg, strlen (tmsg));
+	_exit (0);
 }
 
 #ifdef USE_PAM
@@ -532,6 +532,7 @@ int main (int argc, char **argv)
 	bool is_console;
 #endif
 	int err;
+	unsigned int timeout;
 	const char *cp;
 	const char *tmp;
 	char fromhost[512];
@@ -698,8 +699,10 @@ int main (int argc, char **argv)
 
       top:
 	/* only allow ALARM sec. for login */
-	(void) signal (SIGALRM, alarm_handler);
 	timeout = getdef_unum ("LOGIN_TIMEOUT", ALARM);
+	snprintf (tmsg, sizeof tmsg,
+	          _("\nLogin timed out after %u seconds.\n"), timeout);
+	(void) signal (SIGALRM, alarm_handler);
 	if (timeout > 0) {
 		(void) alarm (timeout);
 	}

src/newgidmap.c

@@ -56,7 +56,7 @@ static bool verify_range(struct passwd *pw, struct map_range *range)
 	if (have_sub_gids(pw->pw_name, range->lower, range->count))
 		return true;
 
-	/* Allow a process to map it's own gid */
+	/* Allow a process to map its own gid */
 	if ((range->count == 1) && (pw->pw_gid == range->lower))
 		return true;
 
@@ -113,7 +113,7 @@ int main(int argc, char **argv)
 	if (argc < 2)
 		usage();
 
-	/* Find the process that needs it's user namespace
+	/* Find the process that needs its user namespace
 	 * gid mapping set.
 	 */
 	target_str = argv[1];

src/newuidmap.c

@@ -56,7 +56,7 @@ static bool verify_range(struct passwd *pw, struct map_range *range)
 	if (have_sub_uids(pw->pw_name, range->lower, range->count))
 		return true;
 
-	/* Allow a process to map it's own uid */
+	/* Allow a process to map its own uid */
 	if ((range->count == 1) && (pw->pw_uid == range->lower))
 		return true;
 
@@ -113,7 +113,7 @@ int main(int argc, char **argv)
 	if (argc < 2)
 		usage();
 
-	/* Find the process that needs it's user namespace
+	/* Find the process that needs its user namespace
 	 * uid mapping set.
 	 */
 	target_str = argv[1];

src/su.c

@@ -105,6 +105,8 @@ static char caller_name[BUFSIZ];
 static bool change_environment = true;
 
 #ifdef USE_PAM
+static char kill_msg[256];
+static char wait_msg[256];
 static pam_handle_t *pamh = NULL;
 static int caught = 0;
 /* PID of the child, in case it needs to be killed */
@@ -161,8 +163,7 @@ static RETSIGTYPE die (int killed)
 	}
 
 	if (killed != 0) {
-		closelog ();
-		exit (128+killed);
+		_exit (128+killed);
 	}
 }
 
@@ -182,12 +183,11 @@ static RETSIGTYPE kill_child (int unused(s))
 {
 	if (0 != pid_child) {
 		(void) kill (-pid_child, SIGKILL);
-		(void) fputs (_(" ...killed.\n"), stderr);
+		(void) write (STDERR_FILENO, kill_msg, strlen (kill_msg));
 	} else {
-		(void) fputs (_(" ...waiting for child to terminate.\n"),
-		              stderr);
+		(void) write (STDERR_FILENO, wait_msg, strlen (wait_msg));
 	}
-	exit (255);
+	_exit (255);
 }
 #endif				/* USE_PAM */
 
@@ -373,6 +373,9 @@ static void prepare_pam_close_session (void)
 		              stderr);
 		(void) kill (-pid_child, caught);
 
+		snprintf (kill_msg, _(" ...killed.\n"));
+		snprintf (wait_msg, _(" ...waiting for child to terminate.\n"));
+
 		(void) signal (SIGALRM, kill_child);
 		(void) alarm (2);
 
@@ -422,7 +425,7 @@ static void check_perms_pam (const struct passwd *pw)
 	int ret;
 	ret = pam_authenticate (pamh, 0);
 	if (PAM_SUCCESS != ret) {
-		SYSLOG ((LOG_ERR, "pam_authenticate: %s",
+		SYSLOG (((pw->pw_uid != 0)? LOG_NOTICE : LOG_WARN, "pam_authenticate: %s",
 		         pam_strerror (pamh, ret)));
 		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
 		(void) pam_end (pamh, ret);
@@ -585,7 +588,7 @@ static /*@only@*/struct passwd * check_perms (void)
 	if (NULL == pw) {
 		(void) fprintf (stderr,
 		                _("No passwd entry for user '%s'\n"), name);
-		SYSLOG ((LOG_ERR, "No passwd entry for user '%s'", name));
+		SYSLOG ((LOG_NOTICE, "No passwd entry for user '%s'", name));
 		su_failure (caller_tty, true);
 	}
 
@@ -615,7 +618,7 @@ static /*@only@*/struct passwd * check_perms (void)
 			(void) fprintf (stderr,
 			                _("No passwd entry for user '%s'\n"),
 			                name);
-			SYSLOG ((LOG_ERR,
+			SYSLOG ((LOG_NOTICE,
 			         "No passwd entry for user '%s'", name));
 			su_failure (caller_tty, true);
 		}

src/sulogin.c

@@ -70,7 +70,7 @@ static RETSIGTYPE catch_signals (int);
 
 static RETSIGTYPE catch_signals (unused int sig)
 {
-	exit (1);
+	_exit (1);
 }
 
 /*