Compare commits
408 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| eccf1c569c | |||
| 7ad96661ef | |||
| 8736e4a37e | |||
| e8a2cfa7dc | |||
| f06a1d8b00 | |||
| b4472167c2 | |||
| d22f1c18cc | |||
| dcca8653a5 | |||
| 5575995541 | |||
| 6f266a30ff | |||
| e668c7e725 | |||
| 9e5a852ee0 | |||
| 80b52a597f | |||
| d355cb2b16 | |||
| 4ce27b5e60 | |||
| 62449968fa | |||
| b7e12ec04e | |||
| 047bfc47c6 | |||
| 913e16ce20 | |||
| 3e602b58a2 | |||
| 6b341b1e90 | |||
| e751bc67eb | |||
| 92bd73c657 | |||
| 2b0bdef6f9 | |||
| 9750fd6819 | |||
| e1b1d187f4 | |||
| 7052a0a2dd | |||
| 962c820fba | |||
| 363eab25f0 | |||
| 4758641b1d | |||
| f5a7404c7a | |||
| 618bafc238 | |||
| 355ad6a9e0 | |||
| d59a090933 | |||
| 0e6fe5e728 | |||
| f93cf255d4 | |||
| 6761cf2d7e | |||
| 79157cbad8 | |||
| b8c67c320c | |||
| e0d66b4be1 | |||
| 868d7b34ea | |||
| 30e62bc3bd | |||
| a630fba34b | |||
| 92cb9d7785 | |||
| 0f31dc5c2c | |||
| 2a6164cc4a | |||
| 53763ae6ee | |||
| a850520981 | |||
| c0e4ccd032 | |||
| f2e8294bdb | |||
| e2f1fcca0e | |||
| aaaaf21b6f | |||
| 9a9c9231db | |||
| 292f59f43d | |||
| 585b6f00f5 | |||
| abb879fd4f | |||
| f7c2a54212 | |||
| c628caf174 | |||
| 6938bab429 | |||
| 0c9f641408 | |||
| 19f08785f0 | |||
| 535f54076c | |||
| 445e97ba7c | |||
| d12d300c98 | |||
| 32f641b207 | |||
| 9724147344 | |||
| dce030ffb8 | |||
| 1654f42194 | |||
| 3ff3cd9c78 | |||
| 3a0160beb0 | |||
| d594243fbb | |||
| 02916e9cb2 | |||
| 1fdaf69376 | |||
| 2fa4234fc7 | |||
| 3b6ccf642c | |||
| 126fbe57bc | |||
| 6c3d4ebf6e | |||
| eb366c255c | |||
| 6c4545544f | |||
| d8e54618fe | |||
| adf7378d73 | |||
| 624d57c08c | |||
| 06eb4e4d76 | |||
| 497e90751b | |||
| a757b458ff | |||
| 387da46d73 | |||
| b17a17c93d | |||
| 1ff0b37134 | |||
| 63a96706b1 | |||
| a97399dd0a | |||
| f2476d3ce8 | |||
| fc832e4648 | |||
| 7d02af944f | |||
| 82b5983301 | |||
| 234af5cf67 | |||
| 09c752f00f | |||
| 5b4082d007 | |||
| cdc8c1e25b | |||
| 4bec156db1 | |||
| 33f85e93a1 | |||
| 6be18d45e1 | |||
| 7e2b522a15 | |||
| d7e2bd6fe1 | |||
| 4ad2697cc4 | |||
| 5bb28a0a7f | |||
| 4b85dc66d4 | |||
| 049f9a7f6b | |||
| 117bc66c6f | |||
| 26bbee8c86 | |||
| ab9fad7943 | |||
| 7903557988 | |||
| 0e0101043b | |||
| fb582ce72f | |||
| 679a29da7e | |||
| d7c9550b7f | |||
| e385338ee8 | |||
| 2b6312b337 | |||
| ecfcaed0b5 | |||
| f20c688a18 | |||
| 7687ae4dbd | |||
| 4624e9fca1 | |||
| 009e09fd58 | |||
| a5bf83d2e7 | |||
| 4bcbe13689 | |||
| 049b08481a | |||
| 02b200c9aa | |||
| 234e8fa7b1 | |||
| c4539fc4f9 | |||
| 9dd720a285 | |||
| 1c1e0b0c68 | |||
| adb83f7796 | |||
| 28a02dc83e | |||
| e318bb9b06 | |||
| 05388f748d | |||
| e481437ab9 | |||
| 6becc82e26 | |||
| c6847011e8 | |||
| 065aae682c | |||
| 33c33a32a2 | |||
| cd551ef728 | |||
| fa986b1d73 | |||
| 4616fe71e7 | |||
| 537b8cd90b | |||
| d4b6d1549b | |||
| f4a84efb46 | |||
| 6f9124b7f7 | |||
| 496fc2919d | |||
| 905eb76cec | |||
| 0c821fcf0c | |||
| 93086e9aa7 | |||
| c3cf23b00c | |||
| ffd35d8902 | |||
| c7b4f317f9 | |||
| 9b58a623f4 | |||
| 1a20189b83 | |||
| bd102eaa35 | |||
| ea04eb301d | |||
| c93897a8d7 | |||
| c82ed0c15e | |||
| 9eb191edc4 | |||
| e65cc6aebc | |||
| b3b1f5d4a4 | |||
| bc8257cf73 | |||
| dbf230e4cf | |||
| 2f0d14eb21 | |||
| d4535015a0 | |||
| 14b108728a | |||
| dbfad7d1c9 | |||
| 738d92a4bd | |||
| 7a3bb4d0ea | |||
| a026ea6bbf | |||
| 5939e066db | |||
| af9984bff1 | |||
| 0faec51bf0 | |||
| 5d0d784197 | |||
| 1aed7ae945 | |||
| 68ebbf9360 | |||
| 83db204477 | |||
| 456bdb78f8 | |||
| 8281c82e32 | |||
| a6154b8572 | |||
| 9d37173b24 | |||
| bd920ab36a | |||
| 1d767fb779 | |||
| 8eb6f8ace4 | |||
| 0871122443 | |||
| d5b15f8633 | |||
| ec1951c181 | |||
| 9d169ffc41 | |||
| 0fe42f571c | |||
| b0e86b959f | |||
| ea7af4e154 | |||
| 3d670ba7ed | |||
| 2f1f45d64f | |||
| 663824ef4c | |||
| c6cab4a7ba | |||
| e34f49c196 | |||
| 322db32971 | |||
| f9831a4a1a | |||
| 2b22a6909d | |||
| ca1d912e6b | |||
| 3ac8d97825 | |||
| e9e8e3270f | |||
| 91d4ab622b | |||
| b8cbc2c113 | |||
| dfe95bd08b | |||
| eb1d2de0e9 | |||
| 5f7649fb37 | |||
| e367d111e5 | |||
| 95fd179683 | |||
| c0aa8a876e | |||
| 6e4b2fe25d | |||
| e6416fd81b | |||
| 186b1b7ac1 | |||
| 38c079366d | |||
| 77e39de1e6 | |||
| 2c542f6c65 | |||
| b30e9614c3 | |||
| cc7ea6e8e5 | |||
| fa90ac11c8 | |||
| 716f3f99ce | |||
| 0f4347d148 | |||
| 8492dee663 | |||
| 514c1328b6 | |||
| 7cfe134090 | |||
| df6ec1d169 | |||
| b865e14f25 | |||
| 697901a328 | |||
| 9f1a43996c | |||
| 7273c25cc2 | |||
| c0818ab01d | |||
| f4cbf38ad7 | |||
| 0409c91a7f | |||
| 4faf42b31b | |||
| 786e44f6dd | |||
| bc22009031 | |||
| 4ea269d23e | |||
| f28660f5dd | |||
| 246d5c1c25 | |||
| c464ec5570 | |||
| b628850a09 | |||
| fe159b7668 | |||
| 325bf584ce | |||
| 5cd04d03f9 | |||
| ae169c4046 | |||
| 0dffc7c612 | |||
| 5d53e0bf07 | |||
| b5fb1b38ee | |||
| c917ed7b76 | |||
| 08f5577018 | |||
| 1021195bfe | |||
| a8361e7410 | |||
| 7384865775 | |||
| fd9d79a1a3 | |||
| c44b71cec2 | |||
| bbf4b79bc4 | |||
| abb5c99114 | |||
| 88128000c9 | |||
| 599cc003da | |||
| e7938d5a30 | |||
| bd32c1c8fc | |||
| fb0f702cbf | |||
| a04287cf24 | |||
| 569bd1d54f | |||
| 2df8c0728d | |||
| bd4dc81a82 | |||
| f8642a1986 | |||
| e24700fd5d | |||
| 18c5c6139d | |||
| af0f55a625 | |||
| 3f09f7b6fb | |||
| dfd19fc35b | |||
| 0407fa8813 | |||
| e84df9e163 | |||
| 46ad1856ac | |||
| 87257a49a1 | |||
| 9d3546c695 | |||
| 287a9041a1 | |||
| 22bfaf9e26 | |||
| 2748b4230a | |||
| 6bd08f7d18 | |||
| 00f01dd416 | |||
| 01a8df79b3 | |||
| 9a10373ddb | |||
| b065fa4741 | |||
| 3f35983656 | |||
| c32743808d | |||
| ec98f190c1 | |||
| cf8101aaae | |||
| 4047d1fe8e | |||
| 6f38f43fdd | |||
| dc732e7734 | |||
| 291c6fcc87 | |||
| 94d40b4521 | |||
| 3c9836a298 | |||
| a271076041 | |||
| e8c44a4c12 | |||
| d041eec354 | |||
| b215e9d02c | |||
| 994a3b463c | |||
| 508b968cb1 | |||
| 6afa2aaf9d | |||
| 342c934a35 | |||
| 49930bd3a6 | |||
| 7ea342579e | |||
| 875d2d49c1 | |||
| 83aa88466d | |||
| 607f1dd549 | |||
| 6baeb25038 | |||
| 32cfa176f2 | |||
| b01bd3b139 | |||
| 0a7888b1fa | |||
| 43a917cce5 | |||
| 089cf55e2c | |||
| 316a153abb | |||
| 6e6494680d | |||
| 6155e91f4e | |||
| 967bfb0376 | |||
| 9cb21c2bdf | |||
| 5cb839d977 | |||
| b128222477 | |||
| fc95155aa4 | |||
| 320707fcb0 | |||
| 4086aed1ed | |||
| 096dad6305 | |||
| 4772689d27 | |||
| 1566921dd8 | |||
| 04062cda11 | |||
| c040058fe3 | |||
| c56fe7117b | |||
| e2f74c347b | |||
| f929bfd90b | |||
| c889ebc2c9 | |||
| a3a1cf6536 | |||
| 7e0e931519 | |||
| 97a76bd9e6 | |||
| 69332884b1 | |||
| 992c1723af | |||
| 8eee5d03fd | |||
| 77be9c35c7 | |||
| f7ae4d48f4 | |||
| 1d8487d851 | |||
| 52aba825af | |||
| 25b1a8d591 | |||
| 5de28353d4 | |||
| 7b36b160f7 | |||
| 00e629c0ba | |||
| 942f1945bb | |||
| 69301dfa24 | |||
| 8762f465d4 | |||
| 140510de9d | |||
| 125a5dc309 | |||
| e78be3df43 | |||
| d60b59b156 | |||
| 6543c600d8 | |||
| 5070132ee6 | |||
| 143b97193d | |||
| 2a991a3ce9 | |||
| 3f2bbcfa91 | |||
| 8a2e3d500c | |||
| c48011d19c | |||
| ebe6def4b7 | |||
| a8533719ed | |||
| c667083c81 | |||
| e5bb71b2fd | |||
| b2753b146a | |||
| 724442c3af | |||
| b6aaaba35e | |||
| fa6c58a773 | |||
| 8a1e92aff1 | |||
| 12ce42be44 | |||
| 915cc6bb9c | |||
| 2cc7da6058 | |||
| 142d788c81 | |||
| 33c6a170a5 | |||
| fd4405b763 | |||
| dfceca8427 | |||
| 54c1660969 | |||
| eebcacfae8 | |||
| 4ed08824e5 | |||
| 3e942adb21 | |||
| 085d04c3dd | |||
| ed4a0157c4 | |||
| 93f1f35123 | |||
| 9f7f3b013e | |||
| 5a6ddf3b57 | |||
| 0512c187c8 | |||
| f32d4a359b | |||
| 401d0743af | |||
| a847899b52 | |||
| 88c1a6d98d | |||
| ef095ceef1 | |||
| 4c9ec2f5a4 | |||
| d7add53f06 | |||
| 2aa7427e2b | |||
| 1ec36eabb2 | |||
| bd3c39f1c8 | |||
| 258944e331 | |||
| 51d65f37e5 | |||
| 0f332f48bc | |||
| a73d4aee75 | |||
| 7f53048875 | |||
| b1a5cda91e | |||
| 66b7bc0dcf | |||
| eaaac67d4f | |||
| 3cc3948d71 | |||
| 08096ed24a | |||
| 92a678c250 |
@@ -0,0 +1,32 @@
|
|||||||
|
image: alpine/latest
|
||||||
|
# apk add --update alpine-sdk
|
||||||
|
packages:
|
||||||
|
- cmd:setcap
|
||||||
|
- autoconf
|
||||||
|
- automake
|
||||||
|
- byacc
|
||||||
|
- expect
|
||||||
|
- gettext
|
||||||
|
- gettext-dev
|
||||||
|
- gettext-lang
|
||||||
|
- libcap-dev
|
||||||
|
- libtool
|
||||||
|
- linux-pam-dev
|
||||||
|
- sed
|
||||||
|
sources:
|
||||||
|
- https://github.com/shadow-maint/shadow
|
||||||
|
tasks:
|
||||||
|
- build: |
|
||||||
|
cd shadow
|
||||||
|
./autogen.sh --without-selinux --disable-man --disable-nls
|
||||||
|
grep ENABLE_ config.status
|
||||||
|
- tasks: |
|
||||||
|
cd shadow
|
||||||
|
cat /proc/self/uid_map
|
||||||
|
cat /proc/self/status
|
||||||
|
make
|
||||||
|
make DESTDIR=/tmp/shadow-inst install
|
||||||
|
sudo make install
|
||||||
|
#TODO - fix up the tests. Let's merge what's here now as it
|
||||||
|
#at least tests build.
|
||||||
|
#(cd tests; sudo ./run_some || { cat testsuite.log; false; })
|
||||||
@@ -0,0 +1,26 @@
|
|||||||
|
image: ubuntu/focal
|
||||||
|
packages:
|
||||||
|
- automake
|
||||||
|
- autopoint
|
||||||
|
- xsltproc
|
||||||
|
- libselinux1-dev
|
||||||
|
- gettext
|
||||||
|
- expect
|
||||||
|
- byacc
|
||||||
|
- libtool
|
||||||
|
sources:
|
||||||
|
- https://github.com/shadow-maint/shadow
|
||||||
|
tasks:
|
||||||
|
- build: |
|
||||||
|
cd shadow
|
||||||
|
./autogen.sh --without-selinux --disable-man
|
||||||
|
grep ENABLE_ config.status
|
||||||
|
- tasks: |
|
||||||
|
cd shadow
|
||||||
|
cat /proc/self/uid_map
|
||||||
|
cat /proc/self/status
|
||||||
|
systemd-detect-virt
|
||||||
|
make
|
||||||
|
make DESTDIR=/tmp/shadow-inst install
|
||||||
|
sudo make install
|
||||||
|
(cd tests; sudo ./run_some || { cat testsuite.log; false; })
|
||||||
@@ -0,0 +1,26 @@
|
|||||||
|
image: ubuntu/21.10
|
||||||
|
packages:
|
||||||
|
- automake
|
||||||
|
- autopoint
|
||||||
|
- xsltproc
|
||||||
|
- libselinux1-dev
|
||||||
|
- gettext
|
||||||
|
- expect
|
||||||
|
- byacc
|
||||||
|
- libtool
|
||||||
|
sources:
|
||||||
|
- https://github.com/shadow-maint/shadow
|
||||||
|
tasks:
|
||||||
|
- build: |
|
||||||
|
cd shadow
|
||||||
|
./autogen.sh --without-selinux --enable-man
|
||||||
|
grep ENABLE_ config.status
|
||||||
|
- tasks: |
|
||||||
|
cat /proc/self/uid_map
|
||||||
|
cat /proc/self/status
|
||||||
|
systemd-detect-virt
|
||||||
|
cd shadow
|
||||||
|
make
|
||||||
|
make DESTDIR=/tmp/shadow-inst install
|
||||||
|
sudo make install
|
||||||
|
(cd tests; sudo ./run_some || { cat testsuite.log; false; })
|
||||||
@@ -48,3 +48,4 @@ Makefile.in
|
|||||||
/shadow.spec
|
/shadow.spec
|
||||||
/shadow-*.tar.*
|
/shadow-*.tar.*
|
||||||
/libmisc/getdate.c
|
/libmisc/getdate.c
|
||||||
|
/libsubid/subid.h
|
||||||
|
|||||||
+39
-7
@@ -1,20 +1,52 @@
|
|||||||
|
dist: bionic
|
||||||
sudo: false
|
sudo: false
|
||||||
|
|
||||||
language: c
|
language: c
|
||||||
|
|
||||||
compiler:
|
compiler:
|
||||||
- gcc
|
- gcc
|
||||||
- clang
|
- clang
|
||||||
|
|
||||||
addons:
|
arch:
|
||||||
apt:
|
- amd64
|
||||||
packages:
|
- arm64
|
||||||
- autopoint
|
- ppc64le
|
||||||
- xsltproc
|
- s390x
|
||||||
|
|
||||||
|
before_install:
|
||||||
|
- sudo apt-get update -qq
|
||||||
|
- sudo apt-get -y install -qq automake autopoint xsltproc libselinux1-dev gettext expect
|
||||||
|
- sudo apt-get -y install -qq byacc libtool
|
||||||
script:
|
script:
|
||||||
- ./autogen.sh --without-selinux --disable-man
|
- ./autogen.sh --without-selinux --disable-man
|
||||||
- grep ENABLE_ config.status
|
- grep ENABLE_ config.status
|
||||||
- make
|
- make
|
||||||
|
|
||||||
|
env:
|
||||||
|
global:
|
||||||
|
- secure: "G47VYFrtzqalrVjixTqBG9Qsa8EZRcaqsh1k6fq5JgEyHmMQActpvTUDs9FXf1MEqiY5XX3VDVfBsZgKPHgmHsMzD1bX11xpnpGByB8g7gr8I3u2ZkCREqgi77a5l3LeBh+seWiambe/DYOgvPCNa6pCynLgR9advqtgKhpCruU="
|
||||||
|
|
||||||
|
addons:
|
||||||
|
coverity_scan:
|
||||||
|
|
||||||
|
project:
|
||||||
|
name: "shadow-maint/shadow"
|
||||||
|
description: "Upstream shadow utils tree"
|
||||||
|
|
||||||
|
notification_email: christian.brauner@ubuntu.com,serge@hallyn.com
|
||||||
|
|
||||||
|
build_command_prepend: "./autogen.sh --without-selinux --disable-man"
|
||||||
|
build_command: "make -j4"
|
||||||
|
branch_pattern: master
|
||||||
|
|
||||||
|
script:
|
||||||
|
- cat /proc/self/uid_map
|
||||||
|
- cat /proc/self/status
|
||||||
|
- systemd-detect-virt
|
||||||
|
- ./autogen.sh --without-selinux --disable-man
|
||||||
|
- grep ENABLE_ config.status
|
||||||
|
- make
|
||||||
|
- sudo make install
|
||||||
|
- (cd tests; sudo ./run_some; cat testsuite.log)
|
||||||
|
|
||||||
# vim:et:ts=2:sw=2
|
# vim:et:ts=2:sw=2
|
||||||
|
|||||||
+89
@@ -0,0 +1,89 @@
|
|||||||
|
Thanks to at least the following people for sending patches, bug
|
||||||
|
reports and various comments. This list may be incomplete, I received
|
||||||
|
a lot of mail...
|
||||||
|
|
||||||
|
# Maintainers
|
||||||
|
Tomasz Kłoczko <kloczek@pld.org.pl> (2000-2007)
|
||||||
|
Nicolas François <nicolas.francois@centraliens.net> (2007-2014)
|
||||||
|
Serge E. Hallyn <serge@hallyn.com> (2014-now)
|
||||||
|
Christian Brauner <christian@brauner.io> (2019-now)
|
||||||
|
|
||||||
|
# Authors and contributors
|
||||||
|
Adam Rudnicki <adam@v-lo.krakow.pl>
|
||||||
|
Alan Curry <pacman@tardis.mars.net>
|
||||||
|
Aleksa Sarai <cyphar@cyphar.com>
|
||||||
|
Alexander O. Yuriev <alex@bach.cis.temple.edu>
|
||||||
|
Algis Rudys <arudys@rice.edu>
|
||||||
|
Andreas Jaeger <aj@arthur.rhein-neckar.de>
|
||||||
|
Andy Zaugg <andy.zaugg@gmail.com>
|
||||||
|
Aniello Del Sorbo <anidel@edu-gw.dia.unisa.it>
|
||||||
|
Anton Gluck <gluc@midway.uchicago.edu>
|
||||||
|
Arkadiusz Miskiewicz <misiek@pld.org.pl>
|
||||||
|
Ben Collins <bcollins@debian.org>
|
||||||
|
Brian R. Gaeke <brg@dgate.org>
|
||||||
|
Calle Karlsson <ckn@kash.se>
|
||||||
|
Chip Rosenthal <chip@unicom.com>
|
||||||
|
Chris Evans <lady0110@sable.ox.ac.uk>
|
||||||
|
Chris Lamb <chris@chris-lamb.co.uk>
|
||||||
|
Cristian Gafton <gafton@sorosis.ro>
|
||||||
|
Dan Walsh <dwalsh@redhat.com>
|
||||||
|
Darcy Boese <possum@chardonnay.niagara.com>
|
||||||
|
Dave Hagewood <admin@arrowweb.com>
|
||||||
|
David A. Holland <dholland@hcs.harvard.edu>
|
||||||
|
David Frey <David.Frey@lugs.ch>
|
||||||
|
Ed Carp <ecarp@netcom.com>
|
||||||
|
Ed Neville <ed@s5h.net>
|
||||||
|
Eric W. Biederman" <ebiederm@xmission.com>
|
||||||
|
Floody <flood@evcom.net>
|
||||||
|
Frank Denis <j@4u.net>
|
||||||
|
George Kraft IV <gk4@us.ibm.com>
|
||||||
|
Greg Mortensen <loki@world.std.com>
|
||||||
|
Guido van Rooij
|
||||||
|
Guy Maor <maor@debian.org>
|
||||||
|
Hrvoje Dogan <hdogan@bjesomar.srce.hr>
|
||||||
|
Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Jakub Hrozek <jhrozek@redhat.com>
|
||||||
|
Janos Farkas <chexum@bankinf.banki.hu>
|
||||||
|
Jason Franklin <jason.franklin@quoininc.com>
|
||||||
|
Jay Soffian <jay@lw.net>
|
||||||
|
Jesse Thilo <Jesse.Thilo@pobox.com>
|
||||||
|
Joey Hess <joey@kite.ml.org>
|
||||||
|
John Adelsberger <jja@umr.edu>
|
||||||
|
Jonathan Hankins <jhankins@mailserv.homewood.k12.al.us>
|
||||||
|
Jon Lewis <jlewis@lewis.org>
|
||||||
|
Joshua Cowan <jcowan@hermit.reslife.okstate.edu>
|
||||||
|
Judd Bourgeois <shagboy@bluesky.net>
|
||||||
|
Juergen Heinzl <unicorn@noris.net>
|
||||||
|
Juha Virtanen <jiivee@iki.fi>
|
||||||
|
Julian Pidancet <julian.pidancet@gmail.com>
|
||||||
|
Julianne Frances Haugh <julie78787@gmail.com>
|
||||||
|
Leonard N. Zubkoff <lnz@dandelion.com>
|
||||||
|
Luca Berra <bluca@www.polimi.it>
|
||||||
|
Lukáš Kuklínek <lkukline@redhat.com>
|
||||||
|
Lutz Schwalowsky <schwalow@mineralogie.uni-hamburg.de>
|
||||||
|
Marc Ewing <marc@redhat.com>
|
||||||
|
Martin Bene <mb@sime.com>
|
||||||
|
Martin Mares <mj@gts.cz>
|
||||||
|
Michael Meskes <meskes@topsystem.de>
|
||||||
|
Michael Talbot-Wilson <mike@calypso.bns.com.au>
|
||||||
|
Michael Vetter <jubalh@iodoru.org>
|
||||||
|
Mike Frysinger <vapier@gentoo.org>
|
||||||
|
Mike Pakovic <mpakovic@users.southeast.net>
|
||||||
|
Nicolas François <nicolas.francois@centraliens.net>
|
||||||
|
Nikos Mavroyanopoulos <nmav@i-net.paiko.gr>
|
||||||
|
Pavel Machek <pavel@bug.ucw.cz>
|
||||||
|
Peter Vrabec <pvrabec@redhat.com>
|
||||||
|
Phillip Street
|
||||||
|
Rafał Maszkowski <rzm@icm.edu.pl>
|
||||||
|
Rani Chouha <ranibey@smartec.com>
|
||||||
|
Sami Kerola <kerolasa@rocketmail.com>
|
||||||
|
Scott Garman <scott.a.garman@intel.com>
|
||||||
|
Sebastian Rick Rijkers <srrijkers@gmail.com>
|
||||||
|
Seraphim Mellos <mellos@ceid.upatras.gr>
|
||||||
|
Shane Watts <shane@nexus.mlckew.edu.au>
|
||||||
|
Steve M. Robbins <steve@nyongwa.montreal.qc.ca>
|
||||||
|
Thorsten Kukuk <kukuk@suse.de>
|
||||||
|
Tim Hockin <thockin@eagle.ais.net>
|
||||||
|
Timo Karjalainen <timok@iki.fi>
|
||||||
|
Ulisses Alonso Camaro <ulisses@pusa.eleinf.uv.es>
|
||||||
|
Werner Fink <werner@suse.de>
|
||||||
@@ -1,118 +1,41 @@
|
|||||||
NOTE:
|
SPDX-License-Identifier: BSD-3-Clause
|
||||||
This license has been obsoleted by the change to the BSD-style copyright.
|
|
||||||
You may continue to use this license if you wish, but you are under no
|
|
||||||
obligation to do so.
|
|
||||||
|
|
||||||
(*
|
All files under this project either
|
||||||
This document is freely plagiarised from the 'Artistic Licence',
|
|
||||||
distributed as part of the Perl v4.0 kit by Larry Wall, which is
|
|
||||||
available from most major archive sites. I stole it from CrackLib.
|
|
||||||
|
|
||||||
$Id$
|
1. fall under the BSD 3 clause license (by default).
|
||||||
*)
|
|
||||||
|
|
||||||
This documents purpose is to state the conditions under which this
|
2. carry an SPDX header declaring what license applies.
|
||||||
Package (See definition below) viz: "Shadow", the Shadow Password Suite
|
|
||||||
which is held by Julianne Frances Haugh, may be copied, such that the
|
|
||||||
copyright holder maintains some semblance of artistic control over the
|
|
||||||
development of the package, while giving the users of the package the
|
|
||||||
right to use and distribute the Package in a more-or-less customary
|
|
||||||
fashion, plus the right to make reasonable modifications.
|
|
||||||
|
|
||||||
So there.
|
or
|
||||||
|
|
||||||
***************************************************************************
|
3. list a full custom license
|
||||||
|
|
||||||
Definitions:
|
This software is originally
|
||||||
|
|
||||||
|
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
||||||
|
|
||||||
A "Package" refers to the collection of files distributed by the
|
* All rights reserved.
|
||||||
Copyright Holder, and derivatives of that collection of files created
|
*
|
||||||
through textual modification, or segments thereof.
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
"Standard Version" refers to such a Package if it has not been modified,
|
* are met:
|
||||||
or has been modified in accordance with the wishes of the Copyright
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
Holder.
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
"Copyright Holder" is whoever is named in the copyright or copyrights
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
for the package.
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. The name of the copyright holders or contributors may not be used to
|
||||||
"You" is you, if you're thinking about copying or distributing this
|
* endorse or promote products derived from this software without
|
||||||
Package.
|
* specific prior written permission.
|
||||||
|
*
|
||||||
"Reasonable copying fee" is whatever you can justify on the basis of
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||||
media cost, duplication charges, time of people involved, and so on.
|
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||||
(You will not be required to justify it to the Copyright Holder, but
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||||
only to the computing community at large as a market that must bear the
|
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||||
fee.)
|
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||||
"Freely Available" means that no fee is charged for the item itself,
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||||
though there may be fees involved in handling the item. It also means
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||||
that recipients of the item may redistribute it under the same
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||||
conditions they received it.
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||||
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
|
||||||
1. You may make and give away verbatim copies of the source form of the
|
|
||||||
Standard Version of this Package without restriction, provided that you
|
|
||||||
duplicate all of the original copyright notices and associated
|
|
||||||
disclaimers.
|
|
||||||
|
|
||||||
2. You may apply bug fixes, portability fixes and other modifications
|
|
||||||
derived from the Public Domain or from the Copyright Holder. A Package
|
|
||||||
modified in such a way shall still be considered the Standard Version.
|
|
||||||
|
|
||||||
3. You may otherwise modify your copy of this Package in any way,
|
|
||||||
provided that you insert a prominent notice in each changed file stating
|
|
||||||
how and when AND WHY you changed that file, and provided that you do at
|
|
||||||
least ONE of the following:
|
|
||||||
|
|
||||||
a) place your modifications in the Public Domain or otherwise make them
|
|
||||||
Freely Available, such as by posting said modifications to Usenet or an
|
|
||||||
equivalent medium, or placing the modifications on a major archive site
|
|
||||||
such as uunet.uu.net, or by allowing the Copyright Holder to include
|
|
||||||
your modifications in the Standard Version of the Package.
|
|
||||||
|
|
||||||
b) use the modified Package only within your corporation or organization.
|
|
||||||
|
|
||||||
c) rename any non-standard executables so the names do not conflict with
|
|
||||||
standard executables, which must also be provided, and provide separate
|
|
||||||
documentation for each non-standard executable that clearly documents
|
|
||||||
how it differs from the Standard Version.
|
|
||||||
|
|
||||||
d) make other distribution arrangements with the Copyright Holder.
|
|
||||||
|
|
||||||
4. You may distribute the programs of this Package in object code or
|
|
||||||
executable form, provided that you do at least ONE of the following:
|
|
||||||
|
|
||||||
a) distribute a Standard Version of the executables and library files,
|
|
||||||
together with instructions (in the manual page or equivalent) on where
|
|
||||||
to get the Standard Version.
|
|
||||||
|
|
||||||
b) accompany the distribution with the machine-readable source of the
|
|
||||||
Package with your modifications.
|
|
||||||
|
|
||||||
c) accompany any non-standard executables with their corresponding
|
|
||||||
Standard Version executables, giving the non-standard executables
|
|
||||||
non-standard names, and clearly documenting the differences in manual
|
|
||||||
pages (or equivalent), together with instructions on where to get the
|
|
||||||
Standard Version.
|
|
||||||
|
|
||||||
d) make other distribution arrangements with the Copyright Holder.
|
|
||||||
|
|
||||||
5. You may charge a reasonable copying fee for any distribution of this
|
|
||||||
Package. You may charge any fee you choose for support of this Package.
|
|
||||||
YOU MAY NOT CHARGE A FEE FOR THIS PACKAGE ITSELF. However, you may
|
|
||||||
distribute this Package in aggregate with other (possibly commercial)
|
|
||||||
programs as part of a larger (possibly commercial) software distribution
|
|
||||||
provided that YOU DO NOT ADVERTISE this package as a product of your
|
|
||||||
own.
|
|
||||||
|
|
||||||
6. The name of the Copyright Holder may not be used to endorse or
|
|
||||||
promote products derived from this software without specific prior
|
|
||||||
written permission.
|
|
||||||
|
|
||||||
7. THIS PACKAGE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED
|
|
||||||
WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
|
|
||||||
MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
||||||
|
|
||||||
The End
|
|
||||||
|
|||||||
@@ -1,3 +1,106 @@
|
|||||||
|
2022-01-02 Serge Hallyn <serge@hallyn.com>
|
||||||
|
|
||||||
|
* build: include lib/shadowlog_internal.h in dist tarballs (Sam James)
|
||||||
|
|
||||||
|
2022-01-02 Serge Hallyn <serge@hallyn.com>
|
||||||
|
|
||||||
|
* Handle possible TOCTTOU issues in usermod/userdel (edneville)
|
||||||
|
* (CVE-2013-4235)
|
||||||
|
* Use O_NOFOLLOW when copying file
|
||||||
|
* Kill all user tasks in userdel
|
||||||
|
* Fix useradd -D segfault (Xi Ruoyao)
|
||||||
|
* Clean up obsolete libc feature-check ifdefs (Alejandro Colomar)
|
||||||
|
* Fix -fno-common build breaks due to duplicate Prog declarations
|
||||||
|
(Adam Sampson)
|
||||||
|
* Have single date_to_str definition (Alejandro Colomar)
|
||||||
|
* Fix libsubid SONAME version (Sam James)
|
||||||
|
|
||||||
|
2021-12-19 Serge Hallyn <serge@hallyn.com>
|
||||||
|
|
||||||
|
Note: From this release forward, su from this package should be
|
||||||
|
considered deprecated. Please replace any users of it with su from
|
||||||
|
util-linux. Please open an issue if there is a problem with that.
|
||||||
|
We intend to remove it in an upcoming release.
|
||||||
|
|
||||||
|
* libsubid fixes (Xi Ruoyao, Serge Hallyn, Iker Pedrosa, Mike Gilbert,
|
||||||
|
GalaxyMaster, and Luís Ferreira)
|
||||||
|
* Rename the test program list_subid_ranges to getsubids, write
|
||||||
|
a manpage, so distros can ship it. (Iker Pedrosa)
|
||||||
|
* Add libeconf dep for new*idmap (Iker Pedrosa)
|
||||||
|
* Allow all group types with usermod -G (Iker Pedrosa)
|
||||||
|
* Avoid useradd generating empty subid range (Iker Pedrosa)
|
||||||
|
* Handle NULL pw_passwd (Jaroslav Jindrak)
|
||||||
|
* Fix default value SHA_get_salt_rounds (Mike Gilbert)
|
||||||
|
* Use https where possible in README (Paul Menzel)
|
||||||
|
* Update content and format of README (Iker Pedrosa)
|
||||||
|
* Translation updates (Balint Reczey, Frans Spiesschaert)
|
||||||
|
* Switch from xml2po to itstool in 'make dist' (Serge Hallyn)
|
||||||
|
* Fix double frees (Michael Vetter)
|
||||||
|
* Add LOG_INIT configurable to useradd (Andy Zaugg)
|
||||||
|
* Add CREATE_MAIL_SPOOL documentation (Andy Zaugg)
|
||||||
|
* Create a security.md
|
||||||
|
* Fix su never being SIGKILLd when trapping TERM (Ruihan li)
|
||||||
|
* Fix wrong SELinux labels in several possible cases (Iker Pedrosa)
|
||||||
|
* Fix missing chmod in chadowtb_move (GalaxyMaster)
|
||||||
|
* Handle malformed hushlogins entries (Tobias Stoeckmann)
|
||||||
|
* Fix groupdel segv when passwd does not exist (François Rigault)
|
||||||
|
* Fix covscan-found newgrp segfault (Iker Pedrosa)
|
||||||
|
* Remove trailing slash on hoedir (Ed Neville)
|
||||||
|
* Fix passwd -l message - it does not change expirey (Ed Neville)
|
||||||
|
* Fix SIGCHLD handling bugs in su and vipw (Tobias Stoeckmann)
|
||||||
|
* Remove special case for "" in usermod (Alejandro Colomar)
|
||||||
|
* Implement usermod -rG to remove a specific group
|
||||||
|
(Andy Zaugg)
|
||||||
|
* call pam_end() after fork in child path for su and login
|
||||||
|
(Björn Fischer)
|
||||||
|
* useradd: In absence of /etc/passwd, assume 0 == root
|
||||||
|
(Ludwig Nussel)
|
||||||
|
* lib: check NULL before freeing data (Iker Pedrosa)
|
||||||
|
* Fix pwck segfault (Iker Pedrosa)
|
||||||
|
|
||||||
|
2021-07-22 Serge Hallyn <serge@hallyn.com>
|
||||||
|
|
||||||
|
* Updated translations (Björn Esser, Juergen Hoetzel)
|
||||||
|
* Major salt updates (Björn Esser)
|
||||||
|
* Various coverity and cleanup fixes (Iker Pedrosa)
|
||||||
|
* Consistently use 0 to disable PASS_MIN_DAYS in man (tzccinct)
|
||||||
|
* Implement NSS support for subids and a libsubid (Serge Hallyn)
|
||||||
|
* setfcap: retain setfcap when mapping uid 0 (Christian Brauner)
|
||||||
|
* login.defs: include HMAC_CRYPTO_ALGO key (Iker Pedrosa)
|
||||||
|
* selinux fixes (Christian Göttsche)
|
||||||
|
* Fix path prefix path handling (Lucas Servén Marín)
|
||||||
|
* Manpage updates (tzccinct, Sevan Janiyan, Iker Pedrosa, Geert Ijewski,
|
||||||
|
谭九鼎, Jamin W. Collins, towerpark, andydna, Frans Spiesschaert)
|
||||||
|
* Treat an empty passwd field as invalid (Haelwenn Monnier)
|
||||||
|
* newxidmap: allow running under alternative gid (Martijn de Gouw)
|
||||||
|
* usermod: check that shell is executable (Geert Ijewski)
|
||||||
|
* Add yescript support (Rodolphe Bréard)
|
||||||
|
* useradd memleak fixes (whzhe)
|
||||||
|
* useradd: use built-in settings by default (Ludwig Nussel)
|
||||||
|
* getdefs: add foreign (non-shadow-utils) items (Karel Zak)
|
||||||
|
* buffer overflow fixes (Tobias Stoeckmann)
|
||||||
|
* Adding run-parts style for pre and post useradd/del (ed@s5h.net)
|
||||||
|
|
||||||
|
2020-01-23 Serge Hallyn <serge@hallyn.com>
|
||||||
|
|
||||||
|
* selinux: inclue stdio (Michael Vetter)
|
||||||
|
* man: don't suggest making groupmems user-writeable (Michael Weiser)
|
||||||
|
* Makefile: bail out on error in for loops (Wolfgang Bumiller)
|
||||||
|
* Adding logging of SSH_ORIGINAL_COMMAND to nologin. (ed@s5h.net)
|
||||||
|
* add new HOME_MODE login.defs option (Duncan Overbruck)
|
||||||
|
* Add tty logging to useradd (ed@s5h.net)
|
||||||
|
* Useradd: make non-executable shell check only a warning (Tomas Mraz)
|
||||||
|
* Update Dutch translation (Frans-Spiesschaert)
|
||||||
|
* user_busy: Do not mistake a regular user process for a namespaced one (Tomas Mraz)
|
||||||
|
* Revert "Honor --sbindir and --bindir for binary installation" Patrick McLean)
|
||||||
|
|
||||||
|
2019-12-20 Dave Reisner <dreisner@archlinux.org>
|
||||||
|
|
||||||
|
* Do not auto-enable acct_tools_setuid just because
|
||||||
|
pam is enabled. NOTE - any distros which are relying
|
||||||
|
on this behavior will need to switch to configure
|
||||||
|
--enable-account-tools-setuid
|
||||||
|
|
||||||
2019-12-01 Serge Hallyn <serge@hallyn.com>
|
2019-12-01 Serge Hallyn <serge@hallyn.com>
|
||||||
|
|
||||||
* Release 4.8
|
* Release 4.8
|
||||||
|
|||||||
+11
-2
@@ -2,5 +2,14 @@
|
|||||||
|
|
||||||
EXTRA_DIST = NEWS README TODO shadow.spec.in
|
EXTRA_DIST = NEWS README TODO shadow.spec.in
|
||||||
|
|
||||||
SUBDIRS = po man libmisc lib src \
|
SUBDIRS = libmisc lib
|
||||||
contrib doc etc
|
|
||||||
|
if ENABLE_SUBIDS
|
||||||
|
SUBDIRS += libsubid
|
||||||
|
endif
|
||||||
|
|
||||||
|
SUBDIRS += src po contrib doc etc
|
||||||
|
|
||||||
|
if ENABLE_REGENERATE_MAN
|
||||||
|
SUBDIRS += man
|
||||||
|
endif
|
||||||
|
|||||||
@@ -1,121 +0,0 @@
|
|||||||
Shadow SITES
|
|
||||||
============
|
|
||||||
|
|
||||||
Homepage
|
|
||||||
http://github.com/shadow-maint/shadow
|
|
||||||
|
|
||||||
Issue tracker
|
|
||||||
http://github.com/shadow-maint/shadow/issues
|
|
||||||
|
|
||||||
Releases
|
|
||||||
https://github.com/shadow-maint/shadow/releases
|
|
||||||
|
|
||||||
Mailing lists
|
|
||||||
for general discuss: pkg-shadow-devel@lists.alioth.debian.org
|
|
||||||
commit list: pkg-shadow-commits@lists.alioth.debian.org
|
|
||||||
|
|
||||||
Mailing lists subscription
|
|
||||||
http://lists.alioth.debian.org/mailman/listinfo/pkg-shadow-devel
|
|
||||||
http://lists.alioth.debian.org/mailman/listinfo/pkg-shadow-commits
|
|
||||||
|
|
||||||
Mailing lists archives:
|
|
||||||
http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/
|
|
||||||
http://lists.alioth.debian.org/pipermail/pkg-shadow-commits/
|
|
||||||
|
|
||||||
S/Key support:
|
|
||||||
Shadow can be built with S/Key support using the S/Key package from:
|
|
||||||
|
|
||||||
http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libskey/
|
|
||||||
or
|
|
||||||
http://gentoo.osuosl.org/distfiles/skey-1.1.5.tar.bz2
|
|
||||||
|
|
||||||
Authors and contributors
|
|
||||||
========================
|
|
||||||
|
|
||||||
Thanks to at least the following people for sending patches, bug
|
|
||||||
reports and various comments. This list may be incomplete, I received
|
|
||||||
a lot of mail...
|
|
||||||
|
|
||||||
|
|
||||||
Adam Rudnicki <adam@v-lo.krakow.pl>
|
|
||||||
Alan Curry <pacman@tardis.mars.net>
|
|
||||||
Aleksa Sarai <cyphar@cyphar.com>
|
|
||||||
Alexander O. Yuriev <alex@bach.cis.temple.edu>
|
|
||||||
Algis Rudys <arudys@rice.edu>
|
|
||||||
Andreas Jaeger <aj@arthur.rhein-neckar.de>
|
|
||||||
Aniello Del Sorbo <anidel@edu-gw.dia.unisa.it>
|
|
||||||
Anton Gluck <gluc@midway.uchicago.edu>
|
|
||||||
Arkadiusz Miskiewicz <misiek@pld.org.pl>
|
|
||||||
Ben Collins <bcollins@debian.org>
|
|
||||||
Brian R. Gaeke <brg@dgate.org>
|
|
||||||
Calle Karlsson <ckn@kash.se>
|
|
||||||
Chip Rosenthal <chip@unicom.com>
|
|
||||||
Chris Evans <lady0110@sable.ox.ac.uk>
|
|
||||||
Chris Lamb <chris@chris-lamb.co.uk>
|
|
||||||
Cristian Gafton <gafton@sorosis.ro>
|
|
||||||
Dan Walsh <dwalsh@redhat.com>
|
|
||||||
Darcy Boese <possum@chardonnay.niagara.com>
|
|
||||||
Dave Hagewood <admin@arrowweb.com>
|
|
||||||
David A. Holland <dholland@hcs.harvard.edu>
|
|
||||||
David Frey <David.Frey@lugs.ch>
|
|
||||||
Ed Carp <ecarp@netcom.com>
|
|
||||||
Eric W. Biederman" <ebiederm@xmission.com>
|
|
||||||
Floody <flood@evcom.net>
|
|
||||||
Frank Denis <j@4u.net>
|
|
||||||
George Kraft IV <gk4@us.ibm.com>
|
|
||||||
Greg Mortensen <loki@world.std.com>
|
|
||||||
Guido van Rooij
|
|
||||||
Guy Maor <maor@debian.org>
|
|
||||||
Hrvoje Dogan <hdogan@bjesomar.srce.hr>
|
|
||||||
Jakub Hrozek <jhrozek@redhat.com>
|
|
||||||
Janos Farkas <chexum@bankinf.banki.hu>
|
|
||||||
Jay Soffian <jay@lw.net>
|
|
||||||
Jesse Thilo <Jesse.Thilo@pobox.com>
|
|
||||||
Joey Hess <joey@kite.ml.org>
|
|
||||||
John Adelsberger <jja@umr.edu>
|
|
||||||
Jonathan Hankins <jhankins@mailserv.homewood.k12.al.us>
|
|
||||||
Jon Lewis <jlewis@lewis.org>
|
|
||||||
Joshua Cowan <jcowan@hermit.reslife.okstate.edu>
|
|
||||||
Judd Bourgeois <shagboy@bluesky.net>
|
|
||||||
Juergen Heinzl <unicorn@noris.net>
|
|
||||||
Juha Virtanen <jiivee@iki.fi>
|
|
||||||
Julian Pidancet <julian.pidancet@gmail.com>
|
|
||||||
Julianne Frances Haugh <jockgrrl@ix.netcom.com>
|
|
||||||
Leonard N. Zubkoff <lnz@dandelion.com>
|
|
||||||
Luca Berra <bluca@www.polimi.it>
|
|
||||||
Lukáš Kuklínek <lkukline@redhat.com>
|
|
||||||
Lutz Schwalowsky <schwalow@mineralogie.uni-hamburg.de>
|
|
||||||
Marc Ewing <marc@redhat.com>
|
|
||||||
Martin Bene <mb@sime.com>
|
|
||||||
Martin Mares <mj@gts.cz>
|
|
||||||
Michael Meskes <meskes@topsystem.de>
|
|
||||||
Michael Talbot-Wilson <mike@calypso.bns.com.au>
|
|
||||||
Mike Frysinger <vapier@gentoo.org>
|
|
||||||
Mike Pakovic <mpakovic@users.southeast.net>
|
|
||||||
Nicolas François <nicolas.francois@centraliens.net>
|
|
||||||
Nikos Mavroyanopoulos <nmav@i-net.paiko.gr>
|
|
||||||
Pavel Machek <pavel@bug.ucw.cz>
|
|
||||||
Peter Vrabec <pvrabec@redhat.com>
|
|
||||||
Phillip Street
|
|
||||||
Rafał Maszkowski <rzm@icm.edu.pl>
|
|
||||||
Rani Chouha <ranibey@smartec.com>
|
|
||||||
Sami Kerola <kerolasa@rocketmail.com>
|
|
||||||
Scott Garman <scott.a.garman@intel.com>
|
|
||||||
Sebastian Rick Rijkers <srrijkers@gmail.com>
|
|
||||||
Seraphim Mellos <mellos@ceid.upatras.gr>
|
|
||||||
Shane Watts <shane@nexus.mlckew.edu.au>
|
|
||||||
Steve M. Robbins <steve@nyongwa.montreal.qc.ca>
|
|
||||||
Thorsten Kukuk <kukuk@suse.de>
|
|
||||||
Tim Hockin <thockin@eagle.ais.net>
|
|
||||||
Timo Karjalainen <timok@iki.fi>
|
|
||||||
Ulisses Alonso Camaro <ulisses@pusa.eleinf.uv.es>
|
|
||||||
Werner Fink <werner@suse.de>
|
|
||||||
|
|
||||||
Maintainers
|
|
||||||
===========
|
|
||||||
|
|
||||||
Tomasz Kłoczko <kloczek@pld.org.pl> (2000-2007)
|
|
||||||
Nicolas François <nicolas.francois@centraliens.net> (2007-2014)
|
|
||||||
Serge E. Hallyn <serge@hallyn.com> (2014-now)
|
|
||||||
Christian Brauner <christian@brauner.io> (2019-now)
|
|
||||||
|
|
||||||
@@ -0,0 +1,36 @@
|
|||||||
|
# shadow-utils
|
||||||
|
|
||||||
|
## Introduction
|
||||||
|
The shadow-utils package includes the necessary programs for
|
||||||
|
converting UNIX password files to the shadow password format, plus
|
||||||
|
programs for managing user and group accounts. The pwconv command
|
||||||
|
converts passwords to the shadow password format. The pwunconv command
|
||||||
|
unconverts shadow passwords and generates a passwd file (a standard
|
||||||
|
UNIX password file). The pwck command checks the integrity of password
|
||||||
|
and shadow files. The lastlog command prints out the last login times
|
||||||
|
for all users. The useradd, userdel, and usermod commands are used for
|
||||||
|
managing user accounts. The groupadd, groupdel, and groupmod commands
|
||||||
|
are used for managing group accounts.
|
||||||
|
|
||||||
|
## Sites
|
||||||
|
* [Homepage](https://github.com/shadow-maint/shadow)
|
||||||
|
* [Issue tracker](https://github.com/shadow-maint/shadow/issues)
|
||||||
|
* [Releases](https://github.com/shadow-maint/shadow/releases)
|
||||||
|
|
||||||
|
## Contacts
|
||||||
|
There are several ways to contact us:
|
||||||
|
* [the general discussion mailing list](
|
||||||
|
https://alioth-lists.debian.net/mailman/listinfo/pkg-shadow-devel)
|
||||||
|
* the #shadow IRC channel on libera.chat:
|
||||||
|
* irc://irc.libera.chat/shadow
|
||||||
|
|
||||||
|
### Mailing archives
|
||||||
|
* [the general discussion mailing list archive](
|
||||||
|
https://alioth-lists.debian.net/pipermail/pkg-shadow-devel/)
|
||||||
|
* [the commit mailing list archive](
|
||||||
|
https://alioth-lists-archive.debian.net/pipermail/pkg-shadow-commits/),
|
||||||
|
only used for historical purposes
|
||||||
|
|
||||||
|
## Authors and maintainers
|
||||||
|
Authors and maintainers are listed in [AUTHORS.md](
|
||||||
|
https://github.com/shadow-maint/shadow/blob/master/AUTHORS.md).
|
||||||
+11
@@ -0,0 +1,11 @@
|
|||||||
|
# Security Policy
|
||||||
|
|
||||||
|
## Supported Versions
|
||||||
|
|
||||||
|
At the moment only the latest release is supported.
|
||||||
|
|
||||||
|
## Reporting a Vulnerability
|
||||||
|
|
||||||
|
Security vulnerabilities may be reported to
|
||||||
|
* Serge Hallyn <serge@hallyn.com> (B175CFA98F192AF2)
|
||||||
|
* Christian Brauner <christian@brauner.io> (4880B8C9BD0E5106FC070F4F7B3C391EFEA93624)
|
||||||
+1
-1
@@ -6,7 +6,7 @@ autoreconf -v -f --install || exit 1
|
|||||||
CFLAGS="-O2 -Wall" \
|
CFLAGS="-O2 -Wall" \
|
||||||
--enable-man \
|
--enable-man \
|
||||||
--enable-maintainer-mode \
|
--enable-maintainer-mode \
|
||||||
--disable-shared \
|
--enable-shared \
|
||||||
--without-libpam \
|
--without-libpam \
|
||||||
--with-selinux \
|
--with-selinux \
|
||||||
"$@"
|
"$@"
|
||||||
|
|||||||
+40
-15
@@ -1,19 +1,29 @@
|
|||||||
dnl Process this file with autoconf to produce a configure script.
|
dnl Process this file with autoconf to produce a configure script.
|
||||||
AC_PREREQ([2.64])
|
AC_PREREQ([2.69])
|
||||||
AC_INIT([shadow], [4.8], [pkg-shadow-devel@lists.alioth.debian.org], [],
|
m4_define([libsubid_abi_major], 4)
|
||||||
|
m4_define([libsubid_abi_minor], 0)
|
||||||
|
m4_define([libsubid_abi_micro], 0)
|
||||||
|
m4_define([libsubid_abi], [libsubid_abi_major.libsubid_abi_minor.libsubid_abi_micro])
|
||||||
|
AC_INIT([shadow], [4.11.1], [pkg-shadow-devel@lists.alioth.debian.org], [],
|
||||||
[https://github.com/shadow-maint/shadow])
|
[https://github.com/shadow-maint/shadow])
|
||||||
AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
|
AM_INIT_AUTOMAKE([1.11 foreign dist-xz])
|
||||||
|
AC_CONFIG_MACRO_DIRS([m4])
|
||||||
AM_SILENT_RULES([yes])
|
AM_SILENT_RULES([yes])
|
||||||
AC_CONFIG_HEADERS([config.h])
|
AC_CONFIG_HEADERS([config.h])
|
||||||
|
|
||||||
|
AC_SUBST([LIBSUBID_ABI_MAJOR], [libsubid_abi_major])
|
||||||
|
AC_SUBST([LIBSUBID_ABI_MINOR], [libsubid_abi_minor])
|
||||||
|
AC_SUBST([LIBSUBID_ABI_MICRO], [libsubid_abi_micro])
|
||||||
|
AC_SUBST([LIBSUBID_ABI], [libsubid_abi])
|
||||||
|
|
||||||
dnl Some hacks...
|
dnl Some hacks...
|
||||||
test "$prefix" = "NONE" && prefix="/usr"
|
test "$prefix" = "NONE" && prefix="/usr"
|
||||||
test "$prefix" = "/usr" && exec_prefix=""
|
test "$prefix" = "/usr" && exec_prefix=""
|
||||||
|
|
||||||
AC_GNU_SOURCE
|
AC_GNU_SOURCE
|
||||||
|
|
||||||
AM_DISABLE_SHARED
|
|
||||||
AM_ENABLE_STATIC
|
AM_ENABLE_STATIC
|
||||||
|
AM_ENABLE_SHARED
|
||||||
|
|
||||||
AM_MAINTAINER_MODE
|
AM_MAINTAINER_MODE
|
||||||
|
|
||||||
@@ -32,20 +42,21 @@ AC_HEADER_STDC
|
|||||||
AC_HEADER_SYS_WAIT
|
AC_HEADER_SYS_WAIT
|
||||||
AC_HEADER_STDBOOL
|
AC_HEADER_STDBOOL
|
||||||
|
|
||||||
AC_CHECK_HEADERS(errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
|
AC_CHECK_HEADERS(crypt.h errno.h fcntl.h limits.h unistd.h sys/time.h utmp.h \
|
||||||
utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
|
utmpx.h termios.h termio.h sgtty.h sys/ioctl.h syslog.h paths.h \
|
||||||
utime.h ulimit.h sys/capability.h sys/resource.h gshadow.h lastlog.h \
|
utime.h ulimit.h sys/capability.h sys/random.h sys/resource.h \
|
||||||
locale.h rpc/key_prot.h netdb.h acl/libacl.h attr/libattr.h \
|
gshadow.h lastlog.h locale.h rpc/key_prot.h netdb.h acl/libacl.h \
|
||||||
attr/error_context.h)
|
attr/libattr.h attr/error_context.h)
|
||||||
|
|
||||||
dnl shadow now uses the libc's shadow implementation
|
dnl shadow now uses the libc's shadow implementation
|
||||||
AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
|
AC_CHECK_HEADER([shadow.h],,[AC_MSG_ERROR([You need a libc with shadow.h])])
|
||||||
|
|
||||||
AC_CHECK_FUNCS(l64a fchmod fchown fsync futimes getgroups gethostname getspnam \
|
AC_CHECK_FUNCS(arc4random_buf l64a fchmod fchown fsync futimes \
|
||||||
gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
|
gethostname getentropy getrandom getspnam gettimeofday getusershell \
|
||||||
lutimes memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
|
getutent initgroups lchown lckpwdf lstat lutimes \
|
||||||
getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo \
|
setgroups sigaction strchr updwtmp updwtmpx innetgr getpwnam_r \
|
||||||
ruserok)
|
getpwuid_r getgrnam_r getgrgid_r getspnam_r getaddrinfo ruserok \
|
||||||
|
dlopen)
|
||||||
AC_SYS_LARGEFILE
|
AC_SYS_LARGEFILE
|
||||||
|
|
||||||
dnl Checks for typedefs, structures, and compiler characteristics.
|
dnl Checks for typedefs, structures, and compiler characteristics.
|
||||||
@@ -104,7 +115,6 @@ dnl Checks for library functions.
|
|||||||
AC_TYPE_GETGROUPS
|
AC_TYPE_GETGROUPS
|
||||||
AC_TYPE_SIGNAL
|
AC_TYPE_SIGNAL
|
||||||
AC_FUNC_UTIME_NULL
|
AC_FUNC_UTIME_NULL
|
||||||
AC_FUNC_STRFTIME
|
|
||||||
AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
|
AC_REPLACE_FUNCS(mkdir putgrent putpwent putspent rename rmdir)
|
||||||
AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
|
AC_REPLACE_FUNCS(sgetgrent sgetpwent sgetspent)
|
||||||
AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
|
AC_REPLACE_FUNCS(snprintf strcasecmp strdup strerror strstr)
|
||||||
@@ -226,7 +236,7 @@ AC_ARG_ENABLE(account-tools-setuid,
|
|||||||
*) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
|
*) AC_MSG_ERROR(bad value ${enableval} for --enable-account-tools-setuid)
|
||||||
;;
|
;;
|
||||||
esac],
|
esac],
|
||||||
[enable_acct_tools_setuid="maybe"]
|
[enable_acct_tools_setuid="no"]
|
||||||
)
|
)
|
||||||
|
|
||||||
AC_ARG_ENABLE(utmpx,
|
AC_ARG_ENABLE(utmpx,
|
||||||
@@ -280,6 +290,9 @@ AC_ARG_WITH(sha-crypt,
|
|||||||
AC_ARG_WITH(bcrypt,
|
AC_ARG_WITH(bcrypt,
|
||||||
[AC_HELP_STRING([--with-bcrypt], [allow the bcrypt password encryption algorithm @<:@default=no@:>@])],
|
[AC_HELP_STRING([--with-bcrypt], [allow the bcrypt password encryption algorithm @<:@default=no@:>@])],
|
||||||
[with_bcrypt=$withval], [with_bcrypt=no])
|
[with_bcrypt=$withval], [with_bcrypt=no])
|
||||||
|
AC_ARG_WITH(yescrypt,
|
||||||
|
[AC_HELP_STRING([--with-yescrypt], [allow the yescrypt password encryption algorithm @<:@default=no@:>@])],
|
||||||
|
[with_yescrypt=$withval], [with_yescrypt=no])
|
||||||
AC_ARG_WITH(nscd,
|
AC_ARG_WITH(nscd,
|
||||||
[AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
|
[AC_HELP_STRING([--with-nscd], [enable support for nscd @<:@default=yes@:>@])],
|
||||||
[with_nscd=$withval], [with_nscd=yes])
|
[with_nscd=$withval], [with_nscd=yes])
|
||||||
@@ -312,6 +325,11 @@ if test "$with_bcrypt" = "yes"; then
|
|||||||
AC_DEFINE(USE_BCRYPT, 1, [Define to allow the bcrypt password encryption algorithm])
|
AC_DEFINE(USE_BCRYPT, 1, [Define to allow the bcrypt password encryption algorithm])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
AM_CONDITIONAL(USE_YESCRYPT, test "x$with_yescrypt" = "xyes")
|
||||||
|
if test "$with_yescrypt" = "yes"; then
|
||||||
|
AC_DEFINE(USE_YESCRYPT, 1, [Define to allow the yescrypt password encryption algorithm])
|
||||||
|
fi
|
||||||
|
|
||||||
if test "$with_nscd" = "yes"; then
|
if test "$with_nscd" = "yes"; then
|
||||||
AC_CHECK_FUNC(posix_spawn,
|
AC_CHECK_FUNC(posix_spawn,
|
||||||
[AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
|
[AC_DEFINE(USE_NSCD, 1, [Define to support flushing of nscd caches])],
|
||||||
@@ -324,7 +342,7 @@ if test "$with_sssd" = "yes"; then
|
|||||||
[AC_MSG_ERROR([posix_spawn is needed for sssd support])])
|
[AC_MSG_ERROR([posix_spawn is needed for sssd support])])
|
||||||
fi
|
fi
|
||||||
|
|
||||||
AS_IF([test "$with_su" != "no"], AC_DEFINE(WITH_SU, 1, [Build with su])])
|
AS_IF([test "$with_su" != "no"], AC_DEFINE(WITH_SU, 1, [Build with su]))
|
||||||
AM_CONDITIONAL([WITH_SU], [test "x$with_su" != "xno"])
|
AM_CONDITIONAL([WITH_SU], [test "x$with_su" != "xno"])
|
||||||
|
|
||||||
dnl Check for some functions in libc first, only if not found check for
|
dnl Check for some functions in libc first, only if not found check for
|
||||||
@@ -392,6 +410,10 @@ AC_SUBST(LIBCRYPT)
|
|||||||
AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
|
AC_CHECK_LIB(crypt, crypt, [LIBCRYPT=-lcrypt],
|
||||||
[AC_MSG_ERROR([crypt() not found])])
|
[AC_MSG_ERROR([crypt() not found])])
|
||||||
|
|
||||||
|
AC_SUBST(LIYESCRYPT)
|
||||||
|
AC_CHECK_LIB(crypt, crypt, [LIYESCRYPT=-lcrypt],
|
||||||
|
[AC_MSG_ERROR([crypt() not found])])
|
||||||
|
|
||||||
AC_SUBST(LIBACL)
|
AC_SUBST(LIBACL)
|
||||||
if test "$with_acl" != "no"; then
|
if test "$with_acl" != "no"; then
|
||||||
AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
|
AC_CHECK_HEADERS(acl/libacl.h attr/error_context.h, [acl_header="yes"], [acl_header="no"])
|
||||||
@@ -715,6 +737,8 @@ AC_CONFIG_FILES([
|
|||||||
man/zh_TW/Makefile
|
man/zh_TW/Makefile
|
||||||
libmisc/Makefile
|
libmisc/Makefile
|
||||||
lib/Makefile
|
lib/Makefile
|
||||||
|
libsubid/Makefile
|
||||||
|
libsubid/subid.h
|
||||||
src/Makefile
|
src/Makefile
|
||||||
contrib/Makefile
|
contrib/Makefile
|
||||||
etc/Makefile
|
etc/Makefile
|
||||||
@@ -741,6 +765,7 @@ echo " shadow group support: $enable_shadowgrp"
|
|||||||
echo " S/Key support: $with_skey"
|
echo " S/Key support: $with_skey"
|
||||||
echo " SHA passwords encryption: $with_sha_crypt"
|
echo " SHA passwords encryption: $with_sha_crypt"
|
||||||
echo " bcrypt passwords encryption: $with_bcrypt"
|
echo " bcrypt passwords encryption: $with_bcrypt"
|
||||||
|
echo " yescrypt passwords encryption: $with_yescrypt"
|
||||||
echo " nscd support: $with_nscd"
|
echo " nscd support: $with_nscd"
|
||||||
echo " sssd support: $with_sssd"
|
echo " sssd support: $with_sssd"
|
||||||
echo " subordinate IDs support: $enable_subids"
|
echo " subordinate IDs support: $enable_subids"
|
||||||
|
|||||||
+2
-29
@@ -1,34 +1,7 @@
|
|||||||
#!/usr/bin/perl
|
#!/usr/bin/perl
|
||||||
#
|
#
|
||||||
# Copyright (c) 1996 Brian R. Gaeke
|
# SPDX-FileCopyrightText: 1996 Brian R. Gaeke
|
||||||
# All rights reserved.
|
# SPDX-License-Identifier: BSD-4-Clause
|
||||||
#
|
|
||||||
# Redistribution and use in source and binary forms, with or without
|
|
||||||
# modification, are permitted provided that the following conditions
|
|
||||||
# are met:
|
|
||||||
# 1. Redistributions of source code must retain the above copyright
|
|
||||||
# notice, this list of conditions and the following disclaimer.
|
|
||||||
# 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
# notice, this list of conditions and the following disclaimer in the
|
|
||||||
# documentation and/or other materials provided with the distribution.
|
|
||||||
# 3. All advertising materials mentioning features or use of this software
|
|
||||||
# must display the following acknowledgement:
|
|
||||||
# This product includes software developed by Brian R. Gaeke.
|
|
||||||
# 4. The name of the author, Brian R. Gaeke, may not be used to endorse
|
|
||||||
# or promote products derived from this software without specific
|
|
||||||
# prior written permission.
|
|
||||||
#
|
|
||||||
# THIS SOFTWARE IS PROVIDED BY BRIAN R. GAEKE ``AS IS'' AND ANY EXPRESS
|
|
||||||
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
||||||
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
||||||
# DISCLAIMED. IN NO EVENT SHALL BRIAN R. GAEKE BE LIABLE FOR ANY DIRECT,
|
|
||||||
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
||||||
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
||||||
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
||||||
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
|
||||||
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
||||||
# POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
#
|
#
|
||||||
# Additionally:
|
# Additionally:
|
||||||
#
|
#
|
||||||
|
|||||||
+9
-90
@@ -76,36 +76,9 @@ else
|
|||||||
$echo 'x -' extracting 'Makefile' '(text)'
|
$echo 'x -' extracting 'Makefile' '(text)'
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'Makefile' &&
|
sed 's/^X//' << 'SHAR_EOF' > 'Makefile' &&
|
||||||
/*
|
/*
|
||||||
# Copyright 2000, International Business Machines, Inc.
|
# SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
|
||||||
# All rights reserved.
|
# SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
|
||||||
#
|
# SPDX-License-Identifier: BSD-3-Clause
|
||||||
# original author: George Kraft IV, gk4@us.ibm.com
|
|
||||||
#
|
|
||||||
# Redistribution and use in source and binary forms, with or without
|
|
||||||
# modification, are permitted provided that the following conditions
|
|
||||||
# are met:
|
|
||||||
#
|
|
||||||
# 1. Redistributions of source code must retain the above copyright
|
|
||||||
# notice, this list of conditions and the following disclaimer.
|
|
||||||
# 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
# notice, this list of conditions and the following disclaimer in the
|
|
||||||
# documentation and/or other materials provided with the distribution.
|
|
||||||
# 3. Neither the name of International Business Machines, Inc., nor the
|
|
||||||
# names of its contributors may be used to endorse or promote products
|
|
||||||
# derived from this software without specific prior written permission.
|
|
||||||
#
|
|
||||||
# THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
|
|
||||||
# CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
|
|
||||||
# BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
||||||
# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
|
|
||||||
# INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
|
|
||||||
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
# SUCH DAMAGE.
|
|
||||||
#
|
#
|
||||||
X
|
X
|
||||||
all: groupmems
|
all: groupmems
|
||||||
@@ -143,36 +116,9 @@ else
|
|||||||
$echo 'x -' extracting 'groupmems.c' '(text)'
|
$echo 'x -' extracting 'groupmems.c' '(text)'
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'groupmems.c' &&
|
sed 's/^X//' << 'SHAR_EOF' > 'groupmems.c' &&
|
||||||
/*
|
/*
|
||||||
X * Copyright 2000, International Business Machines, Inc.
|
X * SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
|
||||||
X * All rights reserved.
|
X * SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
|
||||||
X *
|
X * SPDX-License-Identifier: BSD-3-Clause
|
||||||
X * original author: George Kraft IV, gk4@us.ibm.com
|
|
||||||
X *
|
|
||||||
X * Redistribution and use in source and binary forms, with or without
|
|
||||||
X * modification, are permitted provided that the following conditions
|
|
||||||
X * are met:
|
|
||||||
X *
|
|
||||||
X * 1. Redistributions of source code must retain the above copyright
|
|
||||||
X * notice, this list of conditions and the following disclaimer.
|
|
||||||
X * 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
X * notice, this list of conditions and the following disclaimer in the
|
|
||||||
X * documentation and/or other materials provided with the distribution.
|
|
||||||
X * 3. Neither the name of International Business Machines, Inc., nor the
|
|
||||||
X * names of its contributors may be used to endorse or promote products
|
|
||||||
X * derived from this software without specific prior written permission.
|
|
||||||
X *
|
|
||||||
X * THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
|
|
||||||
X * CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
|
|
||||||
X * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
||||||
X * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
|
|
||||||
X * INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
|
|
||||||
X * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
X * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
X * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
X * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
X * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
X * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
X * SUCH DAMAGE.
|
|
||||||
X */
|
X */
|
||||||
/*
|
/*
|
||||||
**
|
**
|
||||||
@@ -436,36 +382,9 @@ else
|
|||||||
$echo 'x -' extracting 'groupmems.8' '(text)'
|
$echo 'x -' extracting 'groupmems.8' '(text)'
|
||||||
sed 's/^X//' << 'SHAR_EOF' > 'groupmems.8' &&
|
sed 's/^X//' << 'SHAR_EOF' > 'groupmems.8' &&
|
||||||
X.\"
|
X.\"
|
||||||
X.\" Copyright 2000, International Business Machines, Inc.
|
X.\" SPDX-FileCopyrightText: 2000, International Business Machines, Inc.
|
||||||
X.\" All rights reserved.
|
X.\" SPDX-FileCopyrightText: 2000, George Kraft IV, gk4@us.ibm.com
|
||||||
X.\"
|
X.\" SPDX-License-Identifier: BSD-3-Clause
|
||||||
X.\" original author: George Kraft IV, gk4@us.ibm.com
|
|
||||||
X.\"
|
|
||||||
X.\" Redistribution and use in source and binary forms, with or without
|
|
||||||
X.\" modification, are permitted provided that the following conditions
|
|
||||||
X.\" are met:
|
|
||||||
X.\"
|
|
||||||
X.\" 1. Redistributions of source code must retain the above copyright
|
|
||||||
X.\" notice, this list of conditions and the following disclaimer.
|
|
||||||
X.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
X.\" notice, this list of conditions and the following disclaimer in the
|
|
||||||
X.\" documentation and/or other materials provided with the distribution.
|
|
||||||
X.\" 3. Neither the name of International Business Machines, Inc., nor the
|
|
||||||
X.\" names of its contributors may be used to endorse or promote products
|
|
||||||
X.\" derived from this software without specific prior written permission.
|
|
||||||
X.\"
|
|
||||||
X.\" THIS SOFTWARE IS PROVIDED BY INTERNATIONAL BUSINESS MACHINES, INC. AND
|
|
||||||
X.\" CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING,
|
|
||||||
X.\" BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
||||||
X.\" FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
|
|
||||||
X.\" INTERNATIONAL BUSINESS MACHINES, INC. OR CONTRIBUTORS BE LIABLE
|
|
||||||
X.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
||||||
X.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
||||||
X.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
||||||
X.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
||||||
X.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
||||||
X.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
||||||
X.\" SUCH DAMAGE.
|
|
||||||
X.\"
|
X.\"
|
||||||
X.\" $Id$
|
X.\" $Id$
|
||||||
X.\"
|
X.\"
|
||||||
|
|||||||
@@ -1311,7 +1311,7 @@
|
|||||||
|
|
||||||
This means that fred's password is valid, it was last changed on
|
This means that fred's password is valid, it was last changed on
|
||||||
03/04/96, it can be changed at any time, it expires after 60 days,
|
03/04/96, it can be changed at any time, it expires after 60 days,
|
||||||
fred will not be warned, and and the account won't be disabled when
|
fred will not be warned, and the account won't be disabled when
|
||||||
the password expires.
|
the password expires.
|
||||||
|
|
||||||
This simply means that if fred logs in after the password expires, he
|
This simply means that if fred logs in after the password expires, he
|
||||||
@@ -1487,7 +1487,7 @@
|
|||||||
|
|
||||||
If a user logs into a line that is listed in /etc/dialups, and his
|
If a user logs into a line that is listed in /etc/dialups, and his
|
||||||
shell is listed in the file /etc/d_passwd he will be allowed access
|
shell is listed in the file /etc/d_passwd he will be allowed access
|
||||||
only by suppling the correct password.
|
only by supplying the correct password.
|
||||||
|
|
||||||
Another useful purpose for using dial-up passwords might be to setup a
|
Another useful purpose for using dial-up passwords might be to setup a
|
||||||
line that only allows a certain type of connect (perhaps a PPP or UUCP
|
line that only allows a certain type of connect (perhaps a PPP or UUCP
|
||||||
|
|||||||
@@ -63,4 +63,3 @@ To completely disable limits for a user, a single dash (-) will do.
|
|||||||
Also, please note that all limit settings are set PER LOGIN. They are
|
Also, please note that all limit settings are set PER LOGIN. They are
|
||||||
not global, nor are they permanent. Perhaps global limits will come, but
|
not global, nor are they permanent. Perhaps global limits will come, but
|
||||||
for now this will have to do ;)
|
for now this will have to do ;)
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,4 @@
|
|||||||
|
# S/Key support
|
||||||
|
shadow-utils can be built with S/Key support using the S/Key package from:
|
||||||
|
* http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libskey/ or
|
||||||
|
* https://gentoo.osuosl.org/distfiles/skey-1.1.5.tar.bz2
|
||||||
@@ -37,4 +37,3 @@ New ideas to add to this list are welcome, too. --marekm
|
|||||||
per-user configuration, to be executed with run-parts. Some hooks should
|
per-user configuration, to be executed with run-parts. Some hooks should
|
||||||
be executed at package install time for existing users, likewise for
|
be executed at package install time for existing users, likewise for
|
||||||
package removal and possibly modification. (Debian Bug#36019)
|
package removal and possibly modification. (Debian Bug#36019)
|
||||||
|
|
||||||
|
|||||||
+1
-1
@@ -1,4 +1,4 @@
|
|||||||
<HEAD>
|
<head>
|
||||||
<title>shadow - Welcome</title>
|
<title>shadow - Welcome</title>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
|
|||||||
+1
-2
@@ -4,8 +4,7 @@
|
|||||||
sysconf_DATA = login.defs
|
sysconf_DATA = login.defs
|
||||||
|
|
||||||
defaultdir = $(sysconfdir)/default
|
defaultdir = $(sysconfdir)/default
|
||||||
default_DATA = \
|
default_DATA =
|
||||||
useradd
|
|
||||||
|
|
||||||
nonpam_files = \
|
nonpam_files = \
|
||||||
limits \
|
limits \
|
||||||
|
|||||||
+55
-2
@@ -195,12 +195,17 @@ KILLCHAR 025
|
|||||||
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
# Default initial "umask" value used by login(1) on non-PAM enabled systems.
|
||||||
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
# Default "umask" value for pam_umask(8) on PAM enabled systems.
|
||||||
# UMASK is also used by useradd(8) and newusers(8) to set the mode for new
|
# UMASK is also used by useradd(8) and newusers(8) to set the mode for new
|
||||||
# home directories.
|
# home directories if HOME_MODE is not set.
|
||||||
# 022 is the default value, but 027, or even 077, could be considered
|
# 022 is the default value, but 027, or even 077, could be considered
|
||||||
# for increased privacy. There is no One True Answer here: each sysadmin
|
# for increased privacy. There is no One True Answer here: each sysadmin
|
||||||
# must make up their mind.
|
# must make up their mind.
|
||||||
UMASK 022
|
UMASK 022
|
||||||
|
|
||||||
|
# HOME_MODE is used by useradd(8) and newusers(8) to set the mode for new
|
||||||
|
# home directories.
|
||||||
|
# If HOME_MODE is not set, the value of UMASK is used to create the mode.
|
||||||
|
#HOME_MODE 0700
|
||||||
|
|
||||||
#
|
#
|
||||||
# Password aging controls:
|
# Password aging controls:
|
||||||
#
|
#
|
||||||
@@ -321,7 +326,9 @@ CHFN_RESTRICT rwh
|
|||||||
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
|
# If set to SHA256, SHA256-based algorithm will be used for encrypting password
|
||||||
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
|
# If set to SHA512, SHA512-based algorithm will be used for encrypting password
|
||||||
# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
|
# If set to BCRYPT, BCRYPT-based algorithm will be used for encrypting password
|
||||||
|
# If set to YESCRYPT, YESCRYPT-based algorithm will be used for encrypting password
|
||||||
# If set to DES, DES-based algorithm will be used for encrypting password (default)
|
# If set to DES, DES-based algorithm will be used for encrypting password (default)
|
||||||
|
# MD5 and DES should not be used for new hashes, see crypt(5) for recommendations.
|
||||||
# Overrides the MD5_CRYPT_ENAB option
|
# Overrides the MD5_CRYPT_ENAB option
|
||||||
#
|
#
|
||||||
# Note: If you use PAM, it is recommended to use a value consistent with
|
# Note: If you use PAM, it is recommended to use a value consistent with
|
||||||
@@ -337,7 +344,8 @@ CHFN_RESTRICT rwh
|
|||||||
# However, more CPU resources will be needed to authenticate users if
|
# However, more CPU resources will be needed to authenticate users if
|
||||||
# this value is increased.
|
# this value is increased.
|
||||||
#
|
#
|
||||||
# If not specified, the libc will choose the default number of rounds (5000).
|
# If not specified, the libc will choose the default number of rounds (5000),
|
||||||
|
# which is orders of magnitude too low for modern hardware.
|
||||||
# The values must be within the 1000-999999999 range.
|
# The values must be within the 1000-999999999 range.
|
||||||
# If only one of the MIN or MAX values is set, then this value will be used.
|
# If only one of the MIN or MAX values is set, then this value will be used.
|
||||||
# If MIN > MAX, the highest value will be used.
|
# If MIN > MAX, the highest value will be used.
|
||||||
@@ -360,6 +368,19 @@ CHFN_RESTRICT rwh
|
|||||||
#BCRYPT_MIN_ROUNDS 13
|
#BCRYPT_MIN_ROUNDS 13
|
||||||
#BCRYPT_MAX_ROUNDS 13
|
#BCRYPT_MAX_ROUNDS 13
|
||||||
|
|
||||||
|
#
|
||||||
|
# Only works if ENCRYPT_METHOD is set to YESCRYPT.
|
||||||
|
#
|
||||||
|
# Define the YESCRYPT cost factor.
|
||||||
|
# With a higher cost factor, it is more difficult to brute-force the password.
|
||||||
|
# However, more CPU time and more memory will be needed to authenticate users
|
||||||
|
# if this value is increased.
|
||||||
|
#
|
||||||
|
# If not specified, a cost factor of 5 will be used.
|
||||||
|
# The value must be within the 1-11 range.
|
||||||
|
#
|
||||||
|
#YESCRYPT_COST_FACTOR 5
|
||||||
|
|
||||||
#
|
#
|
||||||
# List of groups to add to the user's supplementary group set
|
# List of groups to add to the user's supplementary group set
|
||||||
# when logging in from the console (as determined by the CONSOLE
|
# when logging in from the console (as determined by the CONSOLE
|
||||||
@@ -377,6 +398,14 @@ CHFN_RESTRICT rwh
|
|||||||
#
|
#
|
||||||
DEFAULT_HOME yes
|
DEFAULT_HOME yes
|
||||||
|
|
||||||
|
#
|
||||||
|
# The pwck(8) utility emits a warning for any system account with a home
|
||||||
|
# directory that does not exist. Some system accounts intentionally do
|
||||||
|
# not have a home directory. Such accounts may have this string as
|
||||||
|
# their home directory in /etc/passwd to avoid a spurious warning.
|
||||||
|
#
|
||||||
|
NONEXISTENT /nonexistent
|
||||||
|
|
||||||
#
|
#
|
||||||
# If this file exists and is readable, login environment will be
|
# If this file exists and is readable, login environment will be
|
||||||
# read from it. Every line should be in the form name=value.
|
# read from it. Every line should be in the form name=value.
|
||||||
@@ -423,3 +452,27 @@ USERGROUPS_ENAB yes
|
|||||||
# missing.
|
# missing.
|
||||||
#
|
#
|
||||||
#FORCE_SHADOW yes
|
#FORCE_SHADOW yes
|
||||||
|
|
||||||
|
#
|
||||||
|
# Allow newuidmap and newgidmap when running under an alternative
|
||||||
|
# primary group.
|
||||||
|
#
|
||||||
|
#GRANT_AUX_GROUP_SUBIDS yes
|
||||||
|
|
||||||
|
#
|
||||||
|
# Prevents an empty password field to be interpreted as "no authentication
|
||||||
|
# required".
|
||||||
|
# Set to "yes" to prevent for all accounts
|
||||||
|
# Set to "superuser" to prevent for UID 0 / root (default)
|
||||||
|
# Set to "no" to not prevent for any account (dangerous, historical default)
|
||||||
|
PREVENT_NO_AUTH superuser
|
||||||
|
|
||||||
|
#
|
||||||
|
# Select the HMAC cryptography algorithm.
|
||||||
|
# Used in pam_timestamp module to calculate the keyed-hash message
|
||||||
|
# authentication code.
|
||||||
|
#
|
||||||
|
# Note: It is recommended to check hmac(3) to see the possible algorithms
|
||||||
|
# that are available in your system.
|
||||||
|
#
|
||||||
|
#HMAC_CRYPTO_ALGO SHA512
|
||||||
|
|||||||
+28
@@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||||
|
|
||||||
|
# Check user exists, and if so, send sigkill to processes that the user owns
|
||||||
|
|
||||||
|
RUNNING=`ps -eo user | grep -Fx "$SUBJECT" | wc -l`
|
||||||
|
|
||||||
|
# if the user does not exist, RUNNING will be 0
|
||||||
|
|
||||||
|
if [ "${RUNNING}x" = "0x" ]; then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
ls -1 /proc | while IFS= read -r PROC; do
|
||||||
|
echo "$PROC" | grep -E '^[0-9]+$' >/dev/null
|
||||||
|
if [ $? -ne 0 ]; then
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
if [ -d "/proc/${PROC}" ]; then
|
||||||
|
USR=`stat -c "%U" /proc/${PROC}`
|
||||||
|
if [ "${USR}" = "${SUBJECT}" ]; then
|
||||||
|
echo "Killing ${SUBJECT} owned ${PROC}"
|
||||||
|
kill -9 "${PROC}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
@@ -1,8 +0,0 @@
|
|||||||
# useradd defaults file
|
|
||||||
GROUP=1000
|
|
||||||
HOME=/home
|
|
||||||
INACTIVE=-1
|
|
||||||
EXPIRE=
|
|
||||||
SHELL=/bin/bash
|
|
||||||
SKEL=/etc/skel
|
|
||||||
CREATE_MAIL_SPOOL=yes
|
|
||||||
+8
-1
@@ -5,12 +5,13 @@ DEFS =
|
|||||||
|
|
||||||
noinst_LTLIBRARIES = libshadow.la
|
noinst_LTLIBRARIES = libshadow.la
|
||||||
|
|
||||||
libshadow_la_LDFLAGS = -version-info 0:0:0
|
|
||||||
libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS)
|
libshadow_la_CPPFLAGS = $(ECONF_CPPFLAGS)
|
||||||
if HAVE_VENDORDIR
|
if HAVE_VENDORDIR
|
||||||
libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
|
libshadow_la_CPPFLAGS += -DVENDORDIR=\"$(VENDORDIR)\"
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
libshadow_la_CPPFLAGS += -I$(top_srcdir)
|
||||||
|
|
||||||
libshadow_la_SOURCES = \
|
libshadow_la_SOURCES = \
|
||||||
commonio.c \
|
commonio.c \
|
||||||
commonio.h \
|
commonio.h \
|
||||||
@@ -32,8 +33,12 @@ libshadow_la_SOURCES = \
|
|||||||
groupio.h \
|
groupio.h \
|
||||||
gshadow.c \
|
gshadow.c \
|
||||||
lockpw.c \
|
lockpw.c \
|
||||||
|
nss.c \
|
||||||
nscd.c \
|
nscd.c \
|
||||||
nscd.h \
|
nscd.h \
|
||||||
|
shadowlog.c \
|
||||||
|
shadowlog.h \
|
||||||
|
shadowlog_internal.h \
|
||||||
sssd.c \
|
sssd.c \
|
||||||
sssd.h \
|
sssd.h \
|
||||||
pam_defs.h \
|
pam_defs.h \
|
||||||
@@ -45,6 +50,8 @@ libshadow_la_SOURCES = \
|
|||||||
pwio.c \
|
pwio.c \
|
||||||
pwio.h \
|
pwio.h \
|
||||||
pwmem.c \
|
pwmem.c \
|
||||||
|
run_part.h \
|
||||||
|
run_part.c \
|
||||||
subordinateio.h \
|
subordinateio.h \
|
||||||
subordinateio.c \
|
subordinateio.c \
|
||||||
selinux.c \
|
selinux.c \
|
||||||
|
|||||||
+55
-63
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2001, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2001, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2011, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2011, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -51,6 +28,7 @@
|
|||||||
#endif /* WITH_TCB */
|
#endif /* WITH_TCB */
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "commonio.h"
|
#include "commonio.h"
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
/* local function prototypes */
|
/* local function prototypes */
|
||||||
static int lrename (const char *, const char *);
|
static int lrename (const char *, const char *);
|
||||||
@@ -144,9 +122,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
|
fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
|
||||||
if (-1 == fd) {
|
if (-1 == fd) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: %s: %s\n",
|
"%s: %s: %s\n",
|
||||||
Prog, file, strerror (errno));
|
shadow_progname, file, strerror (errno));
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -156,9 +134,19 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
len = (ssize_t) strlen (buf) + 1;
|
len = (ssize_t) strlen (buf) + 1;
|
||||||
if (write (fd, buf, (size_t) len) != len) {
|
if (write (fd, buf, (size_t) len) != len) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: %s: %s\n",
|
"%s: %s file write error: %s\n",
|
||||||
Prog, file, strerror (errno));
|
shadow_progname, file, strerror (errno));
|
||||||
|
}
|
||||||
|
(void) close (fd);
|
||||||
|
unlink (file);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (fdatasync (fd) == -1) {
|
||||||
|
if (log) {
|
||||||
|
(void) fprintf (shadow_logfd,
|
||||||
|
"%s: %s file sync error: %s\n",
|
||||||
|
shadow_progname, file, strerror (errno));
|
||||||
}
|
}
|
||||||
(void) close (fd);
|
(void) close (fd);
|
||||||
unlink (file);
|
unlink (file);
|
||||||
@@ -169,9 +157,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
if (link (file, lock) == 0) {
|
if (link (file, lock) == 0) {
|
||||||
retval = check_link_count (file);
|
retval = check_link_count (file);
|
||||||
if ((0==retval) && log) {
|
if ((0==retval) && log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: %s: lock file already used\n",
|
"%s: %s: lock file already used\n",
|
||||||
Prog, file);
|
shadow_progname, file);
|
||||||
}
|
}
|
||||||
unlink (file);
|
unlink (file);
|
||||||
return retval;
|
return retval;
|
||||||
@@ -180,9 +168,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
fd = open (lock, O_RDWR);
|
fd = open (lock, O_RDWR);
|
||||||
if (-1 == fd) {
|
if (-1 == fd) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: %s: %s\n",
|
"%s: %s: %s\n",
|
||||||
Prog, lock, strerror (errno));
|
shadow_progname, lock, strerror (errno));
|
||||||
}
|
}
|
||||||
unlink (file);
|
unlink (file);
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
@@ -192,9 +180,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
close (fd);
|
close (fd);
|
||||||
if (len <= 0) {
|
if (len <= 0) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: existing lock file %s without a PID\n",
|
"%s: existing lock file %s without a PID\n",
|
||||||
Prog, lock);
|
shadow_progname, lock);
|
||||||
}
|
}
|
||||||
unlink (file);
|
unlink (file);
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
@@ -203,9 +191,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
buf[len] = '\0';
|
buf[len] = '\0';
|
||||||
if (get_pid (buf, &pid) == 0) {
|
if (get_pid (buf, &pid) == 0) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: existing lock file %s with an invalid PID '%s'\n",
|
"%s: existing lock file %s with an invalid PID '%s'\n",
|
||||||
Prog, lock, buf);
|
shadow_progname, lock, buf);
|
||||||
}
|
}
|
||||||
unlink (file);
|
unlink (file);
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
@@ -213,9 +201,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
}
|
}
|
||||||
if (kill (pid, 0) == 0) {
|
if (kill (pid, 0) == 0) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: lock %s already used by PID %lu\n",
|
"%s: lock %s already used by PID %lu\n",
|
||||||
Prog, lock, (unsigned long) pid);
|
shadow_progname, lock, (unsigned long) pid);
|
||||||
}
|
}
|
||||||
unlink (file);
|
unlink (file);
|
||||||
errno = EEXIST;
|
errno = EEXIST;
|
||||||
@@ -223,9 +211,9 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
}
|
}
|
||||||
if (unlink (lock) != 0) {
|
if (unlink (lock) != 0) {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: cannot get lock %s: %s\n",
|
"%s: cannot get lock %s: %s\n",
|
||||||
Prog, lock, strerror (errno));
|
shadow_progname, lock, strerror (errno));
|
||||||
}
|
}
|
||||||
unlink (file);
|
unlink (file);
|
||||||
return 0;
|
return 0;
|
||||||
@@ -235,15 +223,15 @@ static int do_lock_file (const char *file, const char *lock, bool log)
|
|||||||
if (link (file, lock) == 0) {
|
if (link (file, lock) == 0) {
|
||||||
retval = check_link_count (file);
|
retval = check_link_count (file);
|
||||||
if ((0==retval) && log) {
|
if ((0==retval) && log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: %s: lock file already used\n",
|
"%s: %s: lock file already used\n",
|
||||||
Prog, file);
|
shadow_progname, file);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (log) {
|
if (log) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: cannot get lock %s: %s\n",
|
"%s: cannot get lock %s: %s\n",
|
||||||
Prog, lock, strerror (errno));
|
shadow_progname, lock, strerror (errno));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -326,8 +314,12 @@ static int create_backup (const char *backup, FILE * fp)
|
|||||||
/* FIXME: unlink the backup file? */
|
/* FIXME: unlink the backup file? */
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
if ( (fsync (fileno (bkfp)) != 0)
|
if (fsync (fileno (bkfp)) != 0) {
|
||||||
|| (fclose (bkfp) != 0)) {
|
(void) fclose (bkfp);
|
||||||
|
/* FIXME: unlink the backup file? */
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
if (fclose (bkfp) != 0) {
|
||||||
/* FIXME: unlink the backup file? */
|
/* FIXME: unlink the backup file? */
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -389,11 +381,11 @@ int commonio_lock_nowait (struct commonio_db *db, bool log)
|
|||||||
file_len = strlen(db->filename) + 11;/* %lu max size */
|
file_len = strlen(db->filename) + 11;/* %lu max size */
|
||||||
lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */
|
lock_file_len = strlen(db->filename) + 6; /* sizeof ".lock" */
|
||||||
file = (char*)malloc(file_len);
|
file = (char*)malloc(file_len);
|
||||||
if(file == NULL) {
|
if (file == NULL) {
|
||||||
goto cleanup_ENOMEM;
|
goto cleanup_ENOMEM;
|
||||||
}
|
}
|
||||||
lock = (char*)malloc(lock_file_len);
|
lock = (char*)malloc(lock_file_len);
|
||||||
if(lock == NULL) {
|
if (lock == NULL) {
|
||||||
goto cleanup_ENOMEM;
|
goto cleanup_ENOMEM;
|
||||||
}
|
}
|
||||||
snprintf (file, file_len, "%s.%lu",
|
snprintf (file, file_len, "%s.%lu",
|
||||||
@@ -405,9 +397,9 @@ int commonio_lock_nowait (struct commonio_db *db, bool log)
|
|||||||
err = 1;
|
err = 1;
|
||||||
}
|
}
|
||||||
cleanup_ENOMEM:
|
cleanup_ENOMEM:
|
||||||
if(file)
|
if (file)
|
||||||
free(file);
|
free(file);
|
||||||
if(lock)
|
if (lock)
|
||||||
free(lock);
|
free(lock);
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
@@ -432,9 +424,9 @@ int commonio_lock (struct commonio_db *db)
|
|||||||
if (0 == lock_count) {
|
if (0 == lock_count) {
|
||||||
if (lckpwdf () == -1) {
|
if (lckpwdf () == -1) {
|
||||||
if (geteuid () != 0) {
|
if (geteuid () != 0) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
"%s: Permission denied.\n",
|
"%s: Permission denied.\n",
|
||||||
Prog);
|
shadow_progname);
|
||||||
}
|
}
|
||||||
return 0; /* failure */
|
return 0; /* failure */
|
||||||
}
|
}
|
||||||
@@ -468,8 +460,8 @@ int commonio_lock (struct commonio_db *db)
|
|||||||
}
|
}
|
||||||
/* no unnecessary retries on "permission denied" errors */
|
/* no unnecessary retries on "permission denied" errors */
|
||||||
if (geteuid () != 0) {
|
if (geteuid () != 0) {
|
||||||
(void) fprintf (stderr, "%s: Permission denied.\n",
|
(void) fprintf (shadow_logfd, "%s: Permission denied.\n",
|
||||||
Prog);
|
shadow_progname);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -964,7 +956,7 @@ int commonio_close (struct commonio_db *db)
|
|||||||
snprintf (buf, sizeof buf, "%s-", db->filename);
|
snprintf (buf, sizeof buf, "%s-", db->filename);
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (buf) != 0) {
|
if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
|
||||||
errors++;
|
errors++;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@@ -997,7 +989,7 @@ int commonio_close (struct commonio_db *db)
|
|||||||
snprintf (buf, sizeof buf, "%s+", db->filename);
|
snprintf (buf, sizeof buf, "%s+", db->filename);
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (buf) != 0) {
|
if (set_selinux_file_context (db->filename, S_IFREG) != 0) {
|
||||||
errors++;
|
errors++;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@@ -1099,7 +1091,7 @@ int commonio_update (struct commonio_db *db, const void *eptr)
|
|||||||
p = find_entry_by_name (db, db->ops->getname (eptr));
|
p = find_entry_by_name (db, db->ops->getname (eptr));
|
||||||
if (NULL != p) {
|
if (NULL != p) {
|
||||||
if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) {
|
if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) {
|
||||||
fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename);
|
fprintf (shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename);
|
||||||
db->ops->free (nentry);
|
db->ops->free (nentry);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -1204,7 +1196,7 @@ int commonio_remove (struct commonio_db *db, const char *name)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (next_entry_by_name (db, p->next, name) != NULL) {
|
if (next_entry_by_name (db, p->next, name) != NULL) {
|
||||||
fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
|
fprintf (shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+6
-33
@@ -1,43 +1,16 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2010, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id$ */
|
/* $Id$ */
|
||||||
#ifndef COMMONIO_H
|
#ifndef COMMONIO_H
|
||||||
#define COMMONIO_H
|
#define COMMONIO_H
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
|
||||||
#include <selinux/selinux.h>
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#include "defines.h" /* bool */
|
#include "defines.h" /* bool */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -121,7 +94,7 @@ struct commonio_db {
|
|||||||
/*@dependent@*/ /*@null@*/FILE *fp;
|
/*@dependent@*/ /*@null@*/FILE *fp;
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
/*@null@*/security_context_t scontext;
|
/*@null@*/char *scontext;
|
||||||
#endif
|
#endif
|
||||||
/*
|
/*
|
||||||
* Default permissions and owner for newly created data file.
|
* Default permissions and owner for newly created data file.
|
||||||
|
|||||||
+11
-9
@@ -4,6 +4,8 @@
|
|||||||
#ifndef _DEFINES_H_
|
#ifndef _DEFINES_H_
|
||||||
#define _DEFINES_H_
|
#define _DEFINES_H_
|
||||||
|
|
||||||
|
#include "config.h"
|
||||||
|
|
||||||
#if HAVE_STDBOOL_H
|
#if HAVE_STDBOOL_H
|
||||||
# include <stdbool.h>
|
# include <stdbool.h>
|
||||||
#else
|
#else
|
||||||
@@ -68,10 +70,6 @@ extern char * textdomain (const char * domainname);
|
|||||||
# define strrchr rindex
|
# define strrchr rindex
|
||||||
# endif
|
# endif
|
||||||
char *strchr (), *strrchr (), *strtok ();
|
char *strchr (), *strrchr (), *strtok ();
|
||||||
|
|
||||||
# ifndef HAVE_MEMCPY
|
|
||||||
# define memcpy(d, s, n) bcopy((s), (d), (n))
|
|
||||||
# endif
|
|
||||||
#endif /* not STDC_HEADERS */
|
#endif /* not STDC_HEADERS */
|
||||||
|
|
||||||
#if HAVE_ERRNO_H
|
#if HAVE_ERRNO_H
|
||||||
@@ -94,6 +92,14 @@ char *strchr (), *strrchr (), *strtok ();
|
|||||||
# include <unistd.h>
|
# include <unistd.h>
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* crypt(3), crypt_gensalt(3), and their
|
||||||
|
* feature test macros may be defined in here.
|
||||||
|
*/
|
||||||
|
#if HAVE_CRYPT_H
|
||||||
|
# include <crypt.h>
|
||||||
|
#endif
|
||||||
|
|
||||||
#if TIME_WITH_SYS_TIME
|
#if TIME_WITH_SYS_TIME
|
||||||
# include <sys/time.h>
|
# include <sys/time.h>
|
||||||
# include <time.h>
|
# include <time.h>
|
||||||
@@ -105,11 +111,7 @@ char *strchr (), *strrchr (), *strtok ();
|
|||||||
# endif
|
# endif
|
||||||
#endif /* not TIME_WITH_SYS_TIME */
|
#endif /* not TIME_WITH_SYS_TIME */
|
||||||
|
|
||||||
#ifdef HAVE_MEMSET
|
#define memzero(ptr, size) memset((void *)(ptr), 0, (size))
|
||||||
# define memzero(ptr, size) memset((void *)(ptr), 0, (size))
|
|
||||||
#else
|
|
||||||
# define memzero(ptr, size) bzero((char *)(ptr), (size))
|
|
||||||
#endif
|
|
||||||
#define strzero(s) memzero(s, strlen(s)) /* warning: evaluates twice */
|
#define strzero(s) memzero(s, strlen(s)) /* warning: evaluates twice */
|
||||||
|
|
||||||
#ifdef HAVE_DIRENT_H /* DIR_SYSV */
|
#ifdef HAVE_DIRENT_H /* DIR_SYSV */
|
||||||
|
|||||||
+10
-29
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1993, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1993, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2010, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -39,6 +16,7 @@
|
|||||||
|
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
/*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt)
|
/*@exposed@*//*@null@*/char *pw_encrypt (const char *clear, const char *salt)
|
||||||
{
|
{
|
||||||
@@ -74,6 +52,9 @@
|
|||||||
case '6':
|
case '6':
|
||||||
method = "SHA512";
|
method = "SHA512";
|
||||||
break;
|
break;
|
||||||
|
case 'y':
|
||||||
|
method = "YESCRYPT";
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
{
|
{
|
||||||
static char nummethod[4] = "$x$";
|
static char nummethod[4] = "$x$";
|
||||||
@@ -81,7 +62,7 @@
|
|||||||
method = &nummethod[0];
|
method = &nummethod[0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
_("crypt method not supported by libcrypt? (%s)\n"),
|
_("crypt method not supported by libcrypt? (%s)\n"),
|
||||||
method);
|
method);
|
||||||
exit (EXIT_FAILURE);
|
exit (EXIT_FAILURE);
|
||||||
|
|||||||
+2
-25
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 - 2006, Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id$ */
|
/* $Id$ */
|
||||||
|
|||||||
+6
-29
@@ -1,32 +1,9 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1997, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -45,8 +22,8 @@
|
|||||||
struct faillog {
|
struct faillog {
|
||||||
short fail_cnt; /* failures since last success */
|
short fail_cnt; /* failures since last success */
|
||||||
short fail_max; /* failures before turning account off */
|
short fail_max; /* failures before turning account off */
|
||||||
char fail_line[12]; /* last failure occured here */
|
char fail_line[12]; /* last failure occurred here */
|
||||||
time_t fail_time; /* last failure occured then */
|
time_t fail_time; /* last failure occurred then */
|
||||||
/*
|
/*
|
||||||
* If nonzero, the account will be re-enabled if there are no
|
* If nonzero, the account will be re-enabled if there are no
|
||||||
* failures for fail_locktime seconds since last failure.
|
* failures for fail_locktime seconds since last failure.
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 , Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 , Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1997, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 , Nicolas François
|
* SPDX-FileCopyrightText: 2007 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1999, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+2
-25
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2009 , Nicolas François
|
* SPDX-FileCopyrightText: 2009 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+2
-25
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2009 , Nicolas François
|
* SPDX-FileCopyrightText: 2009 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+2
-25
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2009 , Nicolas François
|
* SPDX-FileCopyrightText: 2009 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+31
-35
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1991 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2002 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2002 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2008, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2008, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -44,6 +21,7 @@
|
|||||||
#include <libeconf.h>
|
#include <libeconf.h>
|
||||||
#endif
|
#endif
|
||||||
#include "getdef.h"
|
#include "getdef.h"
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
/*
|
/*
|
||||||
* A configuration item definition.
|
* A configuration item definition.
|
||||||
*/
|
*/
|
||||||
@@ -61,6 +39,7 @@ struct itemdef {
|
|||||||
{"ENV_TZ", NULL}, \
|
{"ENV_TZ", NULL}, \
|
||||||
{"FAILLOG_ENAB", NULL}, \
|
{"FAILLOG_ENAB", NULL}, \
|
||||||
{"FTMP_FILE", NULL}, \
|
{"FTMP_FILE", NULL}, \
|
||||||
|
{"HMAC_CRYPTO_ALGO", NULL}, \
|
||||||
{"ISSUE_FILE", NULL}, \
|
{"ISSUE_FILE", NULL}, \
|
||||||
{"LASTLOG_ENAB", NULL}, \
|
{"LASTLOG_ENAB", NULL}, \
|
||||||
{"LOGIN_STRING", NULL}, \
|
{"LOGIN_STRING", NULL}, \
|
||||||
@@ -77,6 +56,16 @@ struct itemdef {
|
|||||||
{"SU_WHEEL_ONLY", NULL}, \
|
{"SU_WHEEL_ONLY", NULL}, \
|
||||||
{"ULIMIT", NULL},
|
{"ULIMIT", NULL},
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Items used in other tools (util-linux, etc.)
|
||||||
|
*/
|
||||||
|
#define FOREIGNDEFS \
|
||||||
|
{"ALWAYS_SET_PATH", NULL}, \
|
||||||
|
{"ENV_ROOTPATH", NULL}, \
|
||||||
|
{"LOGIN_KEEP_USERNAME", NULL}, \
|
||||||
|
{"LOGIN_PLAIN_PROMPT", NULL}, \
|
||||||
|
{"MOTD_FIRSTONLY", NULL}, \
|
||||||
|
|
||||||
|
|
||||||
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
#define NUMDEFS (sizeof(def_table)/sizeof(def_table[0]))
|
||||||
static struct itemdef def_table[] = {
|
static struct itemdef def_table[] = {
|
||||||
@@ -93,6 +82,7 @@ static struct itemdef def_table[] = {
|
|||||||
{"FAKE_SHELL", NULL},
|
{"FAKE_SHELL", NULL},
|
||||||
{"GID_MAX", NULL},
|
{"GID_MAX", NULL},
|
||||||
{"GID_MIN", NULL},
|
{"GID_MIN", NULL},
|
||||||
|
{"HOME_MODE", NULL},
|
||||||
{"HUSHLOGIN_FILE", NULL},
|
{"HUSHLOGIN_FILE", NULL},
|
||||||
{"KILLCHAR", NULL},
|
{"KILLCHAR", NULL},
|
||||||
{"LASTLOG_UID_MAX", NULL},
|
{"LASTLOG_UID_MAX", NULL},
|
||||||
@@ -104,6 +94,7 @@ static struct itemdef def_table[] = {
|
|||||||
{"MAIL_FILE", NULL},
|
{"MAIL_FILE", NULL},
|
||||||
{"MAX_MEMBERS_PER_GROUP", NULL},
|
{"MAX_MEMBERS_PER_GROUP", NULL},
|
||||||
{"MD5_CRYPT_ENAB", NULL},
|
{"MD5_CRYPT_ENAB", NULL},
|
||||||
|
{"NONEXISTENT", NULL},
|
||||||
{"PASS_MAX_DAYS", NULL},
|
{"PASS_MAX_DAYS", NULL},
|
||||||
{"PASS_MIN_DAYS", NULL},
|
{"PASS_MIN_DAYS", NULL},
|
||||||
{"PASS_WARN_AGE", NULL},
|
{"PASS_WARN_AGE", NULL},
|
||||||
@@ -114,6 +105,9 @@ static struct itemdef def_table[] = {
|
|||||||
#ifdef USE_BCRYPT
|
#ifdef USE_BCRYPT
|
||||||
{"BCRYPT_MAX_ROUNDS", NULL},
|
{"BCRYPT_MAX_ROUNDS", NULL},
|
||||||
{"BCRYPT_MIN_ROUNDS", NULL},
|
{"BCRYPT_MIN_ROUNDS", NULL},
|
||||||
|
#endif
|
||||||
|
#ifdef USE_YESCRYPT
|
||||||
|
{"YESCRYPT_COST_FACTOR", NULL},
|
||||||
#endif
|
#endif
|
||||||
{"SUB_GID_COUNT", NULL},
|
{"SUB_GID_COUNT", NULL},
|
||||||
{"SUB_GID_MAX", NULL},
|
{"SUB_GID_MAX", NULL},
|
||||||
@@ -148,6 +142,8 @@ static struct itemdef def_table[] = {
|
|||||||
{"USE_TCB", NULL},
|
{"USE_TCB", NULL},
|
||||||
#endif
|
#endif
|
||||||
{"FORCE_SHADOW", NULL},
|
{"FORCE_SHADOW", NULL},
|
||||||
|
{"GRANT_AUX_GROUP_SUBIDS", NULL},
|
||||||
|
{"PREVENT_NO_AUTH", NULL},
|
||||||
{NULL, NULL}
|
{NULL, NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -156,6 +152,7 @@ static struct itemdef knowndef_table[] = {
|
|||||||
#ifdef USE_PAM
|
#ifdef USE_PAM
|
||||||
PAMDEFS
|
PAMDEFS
|
||||||
#endif
|
#endif
|
||||||
|
FOREIGNDEFS
|
||||||
{NULL, NULL}
|
{NULL, NULL}
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -248,7 +245,7 @@ int getdef_num (const char *item, int dflt)
|
|||||||
if ( (getlong (d->value, &val) == 0)
|
if ( (getlong (d->value, &val) == 0)
|
||||||
|| (val > INT_MAX)
|
|| (val > INT_MAX)
|
||||||
|| (val < INT_MIN)) {
|
|| (val < INT_MIN)) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - cannot parse %s value: '%s'"),
|
_("configuration error - cannot parse %s value: '%s'"),
|
||||||
item, d->value);
|
item, d->value);
|
||||||
return dflt;
|
return dflt;
|
||||||
@@ -283,7 +280,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
|
|||||||
if ( (getlong (d->value, &val) == 0)
|
if ( (getlong (d->value, &val) == 0)
|
||||||
|| (val < 0)
|
|| (val < 0)
|
||||||
|| (val > INT_MAX)) {
|
|| (val > INT_MAX)) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - cannot parse %s value: '%s'"),
|
_("configuration error - cannot parse %s value: '%s'"),
|
||||||
item, d->value);
|
item, d->value);
|
||||||
return dflt;
|
return dflt;
|
||||||
@@ -316,7 +313,7 @@ long getdef_long (const char *item, long dflt)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (getlong (d->value, &val) == 0) {
|
if (getlong (d->value, &val) == 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - cannot parse %s value: '%s'"),
|
_("configuration error - cannot parse %s value: '%s'"),
|
||||||
item, d->value);
|
item, d->value);
|
||||||
return dflt;
|
return dflt;
|
||||||
@@ -349,7 +346,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
|
|||||||
|
|
||||||
if (getulong (d->value, &val) == 0) {
|
if (getulong (d->value, &val) == 0) {
|
||||||
/* FIXME: we should have a getulong */
|
/* FIXME: we should have a getulong */
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - cannot parse %s value: '%s'"),
|
_("configuration error - cannot parse %s value: '%s'"),
|
||||||
item, d->value);
|
item, d->value);
|
||||||
return dflt;
|
return dflt;
|
||||||
@@ -387,7 +384,7 @@ int putdef_str (const char *name, const char *value)
|
|||||||
cp = strdup (value);
|
cp = strdup (value);
|
||||||
if (NULL == cp) {
|
if (NULL == cp) {
|
||||||
(void) fputs (_("Could not allocate space for config info.\n"),
|
(void) fputs (_("Could not allocate space for config info.\n"),
|
||||||
stderr);
|
shadow_logfd);
|
||||||
SYSLOG ((LOG_ERR, "could not allocate space for config info"));
|
SYSLOG ((LOG_ERR, "could not allocate space for config info"));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -412,7 +409,6 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
|
|||||||
{
|
{
|
||||||
struct itemdef *ptr;
|
struct itemdef *ptr;
|
||||||
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Search into the table.
|
* Search into the table.
|
||||||
*/
|
*/
|
||||||
@@ -432,7 +428,7 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("configuration error - unknown item '%s' (notify administrator)\n"),
|
_("configuration error - unknown item '%s' (notify administrator)\n"),
|
||||||
name);
|
name);
|
||||||
SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
|
SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1991 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2002 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2002 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
#ifndef _GETDEF_H
|
#ifndef _GETDEF_H
|
||||||
#define _GETDEF_H
|
#define _GETDEF_H
|
||||||
|
|||||||
+2
-25
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2007 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+2
-25
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2007 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2010, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id$ */
|
/* $Id$ */
|
||||||
|
|||||||
+48
-36
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2013, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -87,6 +64,18 @@
|
|||||||
return gr;
|
return gr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void gr_free_members (struct group *grent)
|
||||||
|
{
|
||||||
|
if (NULL != grent->gr_mem) {
|
||||||
|
size_t i;
|
||||||
|
for (i = 0; NULL != grent->gr_mem[i]; i++) {
|
||||||
|
free (grent->gr_mem[i]);
|
||||||
|
}
|
||||||
|
free (grent->gr_mem);
|
||||||
|
grent->gr_mem = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
void gr_free (/*@out@*/ /*@only@*/struct group *grent)
|
void gr_free (/*@out@*/ /*@only@*/struct group *grent)
|
||||||
{
|
{
|
||||||
free (grent->gr_name);
|
free (grent->gr_name);
|
||||||
@@ -94,13 +83,36 @@ void gr_free (/*@out@*/ /*@only@*/struct group *grent)
|
|||||||
memzero (grent->gr_passwd, strlen (grent->gr_passwd));
|
memzero (grent->gr_passwd, strlen (grent->gr_passwd));
|
||||||
free (grent->gr_passwd);
|
free (grent->gr_passwd);
|
||||||
}
|
}
|
||||||
if (NULL != grent->gr_mem) {
|
gr_free_members(grent);
|
||||||
size_t i;
|
|
||||||
for (i = 0; NULL != grent->gr_mem[i]; i++) {
|
|
||||||
free (grent->gr_mem[i]);
|
|
||||||
}
|
|
||||||
free (grent->gr_mem);
|
|
||||||
}
|
|
||||||
free (grent);
|
free (grent);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool gr_append_member(struct group *grp, char *member)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (NULL == grp->gr_mem || grp->gr_mem[0] == NULL) {
|
||||||
|
grp->gr_mem = (char **)malloc(2 * sizeof(char *));
|
||||||
|
if (!grp->gr_mem) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
grp->gr_mem[0] = strdup(member);
|
||||||
|
if (!grp->gr_mem[0]) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
grp->gr_mem[1] = NULL;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = 0; grp->gr_mem[i]; i++) ;
|
||||||
|
grp->gr_mem = realloc(grp->gr_mem, (i + 2) * sizeof(char *));
|
||||||
|
if (NULL == grp->gr_mem) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
grp->gr_mem[i] = strdup(member);
|
||||||
|
if (NULL == grp->gr_mem[i]) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
grp->gr_mem[i + 1] = NULL;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2008 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+4
-27
@@ -1,32 +1,9 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1988 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1988 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1997, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
+4
-27
@@ -1,32 +1,9 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1992 , Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1992 , Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+7
-6
@@ -10,6 +10,7 @@
|
|||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "nscd.h"
|
#include "nscd.h"
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
#define MSG_NSCD_FLUSH_CACHE_FAILED "%s: Failed to flush the nscd cache.\n"
|
#define MSG_NSCD_FLUSH_CACHE_FAILED "%s: Failed to flush the nscd cache.\n"
|
||||||
|
|
||||||
@@ -25,15 +26,15 @@ int nscd_flush_cache (const char *service)
|
|||||||
|
|
||||||
if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
|
if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
|
||||||
/* run_command writes its own more detailed message. */
|
/* run_command writes its own more detailed message. */
|
||||||
(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
|
(void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
code = WEXITSTATUS (status);
|
code = WEXITSTATUS (status);
|
||||||
if (!WIFEXITED (status)) {
|
if (!WIFEXITED (status)) {
|
||||||
(void) fprintf (stderr,
|
(void) fprintf (shadow_logfd,
|
||||||
_("%s: nscd did not terminate normally (signal %d)\n"),
|
_("%s: nscd did not terminate normally (signal %d)\n"),
|
||||||
Prog, WTERMSIG (status));
|
shadow_progname, WTERMSIG (status));
|
||||||
return -1;
|
return -1;
|
||||||
} else if (code == E_CMD_NOTFOUND) {
|
} else if (code == E_CMD_NOTFOUND) {
|
||||||
/* nscd is not installed, or it is installed but uses an
|
/* nscd is not installed, or it is installed but uses an
|
||||||
@@ -43,9 +44,9 @@ int nscd_flush_cache (const char *service)
|
|||||||
/* nscd is installed, but it isn't active. */
|
/* nscd is installed, but it isn't active. */
|
||||||
return 0;
|
return 0;
|
||||||
} else if (code != 0) {
|
} else if (code != 0) {
|
||||||
(void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
|
(void) fprintf (shadow_logfd, _("%s: nscd exited with status %d\n"),
|
||||||
Prog, code);
|
shadow_progname, code);
|
||||||
(void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
|
(void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -0,0 +1,150 @@
|
|||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <dlfcn.h>
|
||||||
|
#include <stdbool.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <strings.h>
|
||||||
|
#include <ctype.h>
|
||||||
|
#include <stdatomic.h>
|
||||||
|
#include "prototypes.h"
|
||||||
|
#include "../libsubid/subid.h"
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
|
#define NSSWITCH "/etc/nsswitch.conf"
|
||||||
|
|
||||||
|
// NSS plugin handling for subids
|
||||||
|
// If nsswitch has a line like
|
||||||
|
// subid: sssd
|
||||||
|
// then sssd will be consulted for subids. Unlike normal NSS dbs,
|
||||||
|
// only one db is supported at a time. That's open to debate, but
|
||||||
|
// the subids are a pretty limited resource, and local files seem
|
||||||
|
// bound to step on any other allocations leading to insecure
|
||||||
|
// conditions.
|
||||||
|
static atomic_flag nss_init_started;
|
||||||
|
static atomic_bool nss_init_completed;
|
||||||
|
|
||||||
|
static struct subid_nss_ops *subid_nss;
|
||||||
|
|
||||||
|
bool nss_is_initialized() {
|
||||||
|
return atomic_load(&nss_init_completed);
|
||||||
|
}
|
||||||
|
|
||||||
|
void nss_exit() {
|
||||||
|
if (nss_is_initialized() && subid_nss) {
|
||||||
|
dlclose(subid_nss->handle);
|
||||||
|
free(subid_nss);
|
||||||
|
subid_nss = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// nsswitch_path is an argument only to support testing.
|
||||||
|
void nss_init(char *nsswitch_path) {
|
||||||
|
FILE *nssfp = NULL;
|
||||||
|
char *line = NULL, *p, *token, *saveptr;
|
||||||
|
size_t len = 0;
|
||||||
|
|
||||||
|
if (atomic_flag_test_and_set(&nss_init_started)) {
|
||||||
|
// Another thread has started nss_init, wait for it to complete
|
||||||
|
while (!atomic_load(&nss_init_completed))
|
||||||
|
usleep(100);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!nsswitch_path)
|
||||||
|
nsswitch_path = NSSWITCH;
|
||||||
|
|
||||||
|
// read nsswitch.conf to check for a line like:
|
||||||
|
// subid: files
|
||||||
|
nssfp = fopen(nsswitch_path, "r");
|
||||||
|
if (!nssfp) {
|
||||||
|
fprintf(shadow_logfd, "Failed opening %s: %m", nsswitch_path);
|
||||||
|
atomic_store(&nss_init_completed, true);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
while ((getline(&line, &len, nssfp)) != -1) {
|
||||||
|
if (line[0] == '\0' || line[0] == '#')
|
||||||
|
continue;
|
||||||
|
if (strlen(line) < 8)
|
||||||
|
continue;
|
||||||
|
if (strncasecmp(line, "subid:", 6) != 0)
|
||||||
|
continue;
|
||||||
|
p = &line[6];
|
||||||
|
while ((*p) && isspace(*p))
|
||||||
|
p++;
|
||||||
|
if (!*p)
|
||||||
|
continue;
|
||||||
|
for (token = strtok_r(p, " \n\t", &saveptr);
|
||||||
|
token;
|
||||||
|
token = strtok_r(NULL, " \n\t", &saveptr)) {
|
||||||
|
char libname[65];
|
||||||
|
void *h;
|
||||||
|
if (strcmp(token, "files") == 0) {
|
||||||
|
subid_nss = NULL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
if (strlen(token) > 50) {
|
||||||
|
fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
|
||||||
|
fprintf(shadow_logfd, "Using files\n");
|
||||||
|
subid_nss = NULL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
snprintf(libname, 64, "libsubid_%s.so", token);
|
||||||
|
h = dlopen(libname, RTLD_LAZY);
|
||||||
|
if (!h) {
|
||||||
|
fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
|
||||||
|
fprintf(shadow_logfd, "Using files\n");
|
||||||
|
subid_nss = NULL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
subid_nss = malloc(sizeof(*subid_nss));
|
||||||
|
if (!subid_nss) {
|
||||||
|
dlclose(h);
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
|
||||||
|
if (!subid_nss->has_range) {
|
||||||
|
fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
|
||||||
|
dlclose(h);
|
||||||
|
free(subid_nss);
|
||||||
|
subid_nss = NULL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
|
||||||
|
if (!subid_nss->list_owner_ranges) {
|
||||||
|
fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
|
||||||
|
dlclose(h);
|
||||||
|
free(subid_nss);
|
||||||
|
subid_nss = NULL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
|
||||||
|
if (!subid_nss->find_subid_owners) {
|
||||||
|
fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
|
||||||
|
dlclose(h);
|
||||||
|
free(subid_nss);
|
||||||
|
subid_nss = NULL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
subid_nss->handle = h;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
fprintf(shadow_logfd, "No usable subid NSS module found, using files\n");
|
||||||
|
// subid_nss has to be null here, but to ease reviews:
|
||||||
|
free(subid_nss);
|
||||||
|
subid_nss = NULL;
|
||||||
|
goto done;
|
||||||
|
}
|
||||||
|
|
||||||
|
done:
|
||||||
|
atomic_store(&nss_init_completed, true);
|
||||||
|
free(line);
|
||||||
|
if (nssfp) {
|
||||||
|
atexit(nss_exit);
|
||||||
|
fclose(nssfp);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
struct subid_nss_ops *get_subid_nss_handle() {
|
||||||
|
nss_init(NULL);
|
||||||
|
return subid_nss;
|
||||||
|
}
|
||||||
+3
-26
@@ -1,31 +1,8 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1999 , Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1999 , Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1997, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+4
-27
@@ -1,32 +1,9 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1991, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1991, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1997, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
+71
-35
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2010, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -59,8 +36,6 @@
|
|||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include "commonio.h"
|
#include "commonio.h"
|
||||||
|
|
||||||
extern /*@observer@*/ const char *Prog;
|
|
||||||
|
|
||||||
/* addgrps.c */
|
/* addgrps.c */
|
||||||
#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
|
#if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
|
||||||
extern int add_groups (const char *);
|
extern int add_groups (const char *);
|
||||||
@@ -133,6 +108,9 @@ extern int copy_tree (const char *src_root, const char *dst_root,
|
|||||||
uid_t old_uid, uid_t new_uid,
|
uid_t old_uid, uid_t new_uid,
|
||||||
gid_t old_gid, gid_t new_gid);
|
gid_t old_gid, gid_t new_gid);
|
||||||
|
|
||||||
|
/* date_to_str.c */
|
||||||
|
extern void date_to_str (size_t size, char buf[size], long date);
|
||||||
|
|
||||||
/* encrypt.c */
|
/* encrypt.c */
|
||||||
extern /*@exposed@*//*@null@*/char *pw_encrypt (const char *, const char *);
|
extern /*@exposed@*//*@null@*/char *pw_encrypt (const char *, const char *);
|
||||||
|
|
||||||
@@ -161,12 +139,10 @@ extern int find_new_uid (bool sys_user,
|
|||||||
|
|
||||||
#ifdef ENABLE_SUBIDS
|
#ifdef ENABLE_SUBIDS
|
||||||
/* find_new_sub_gids.c */
|
/* find_new_sub_gids.c */
|
||||||
extern int find_new_sub_gids (const char *owner,
|
extern int find_new_sub_gids (gid_t *range_start, unsigned long *range_count);
|
||||||
gid_t *range_start, unsigned long *range_count);
|
|
||||||
|
|
||||||
/* find_new_sub_uids.c */
|
/* find_new_sub_uids.c */
|
||||||
extern int find_new_sub_uids (const char *owner,
|
extern int find_new_sub_uids (uid_t *range_start, unsigned long *range_count);
|
||||||
uid_t *range_start, unsigned long *range_count);
|
|
||||||
#endif /* ENABLE_SUBIDS */
|
#endif /* ENABLE_SUBIDS */
|
||||||
|
|
||||||
|
|
||||||
@@ -208,7 +184,9 @@ extern void __gr_set_changed (void);
|
|||||||
|
|
||||||
/* groupmem.c */
|
/* groupmem.c */
|
||||||
extern /*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent);
|
extern /*@null@*/ /*@only@*/struct group *__gr_dup (const struct group *grent);
|
||||||
|
extern void gr_free_members (struct group *grent);
|
||||||
extern void gr_free (/*@out@*/ /*@only@*/struct group *grent);
|
extern void gr_free (/*@out@*/ /*@only@*/struct group *grent);
|
||||||
|
extern bool gr_append_member (struct group *grp, char *member);
|
||||||
|
|
||||||
/* hushed.c */
|
/* hushed.c */
|
||||||
extern bool hushed (const char *username);
|
extern bool hushed (const char *username);
|
||||||
@@ -262,6 +240,62 @@ extern void motd (void);
|
|||||||
/* myname.c */
|
/* myname.c */
|
||||||
extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void);
|
extern /*@null@*//*@only@*/struct passwd *get_my_pwent (void);
|
||||||
|
|
||||||
|
/* nss.c */
|
||||||
|
#include <libsubid/subid.h>
|
||||||
|
extern void nss_init(char *nsswitch_path);
|
||||||
|
extern bool nss_is_initialized();
|
||||||
|
|
||||||
|
struct subid_nss_ops {
|
||||||
|
/*
|
||||||
|
* nss_has_range: does a user own a given subid range
|
||||||
|
*
|
||||||
|
* @owner: username
|
||||||
|
* @start: first subid in queried range
|
||||||
|
* @count: number of subids in queried range
|
||||||
|
* @idtype: subuid or subgid
|
||||||
|
* @result: true if @owner has been allocated the subid range.
|
||||||
|
*
|
||||||
|
* returns success if the module was able to determine an answer (true or false),
|
||||||
|
* else an error status.
|
||||||
|
*/
|
||||||
|
enum subid_status (*has_range)(const char *owner, unsigned long start, unsigned long count, enum subid_type idtype, bool *result);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* nss_list_owner_ranges: list the subid ranges delegated to a user.
|
||||||
|
*
|
||||||
|
* @owner - string representing username being queried
|
||||||
|
* @id_type - subuid or subgid
|
||||||
|
* @ranges - pointer to an array of struct subid_range, or NULL. The
|
||||||
|
* returned array must be freed by the caller.
|
||||||
|
* @count - pointer to an integer into which the number of returned ranges
|
||||||
|
* is written.
|
||||||
|
|
||||||
|
* returns success if the module was able to determine an answer,
|
||||||
|
* else an error status.
|
||||||
|
*/
|
||||||
|
enum subid_status (*list_owner_ranges)(const char *owner, enum subid_type id_type, struct subid_range **ranges, int *count);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* nss_find_subid_owners: find uids who own a given subuid or subgid.
|
||||||
|
*
|
||||||
|
* @id - the delegated id (subuid or subgid) being queried
|
||||||
|
* @id_type - subuid or subgid
|
||||||
|
* @uids - pointer to an array of uids which will be allocated by
|
||||||
|
* nss_find_subid_owners()
|
||||||
|
* @count - number of uids found
|
||||||
|
*
|
||||||
|
* returns success if the module was able to determine an answer,
|
||||||
|
* else an error status.
|
||||||
|
*/
|
||||||
|
enum subid_status (*find_subid_owners)(unsigned long id, enum subid_type id_type, uid_t **uids, int *count);
|
||||||
|
|
||||||
|
/* The dlsym handle to close */
|
||||||
|
void *handle;
|
||||||
|
};
|
||||||
|
|
||||||
|
extern struct subid_nss_ops *get_subid_nss_handle();
|
||||||
|
|
||||||
|
|
||||||
/* pam_pass_non_interactive.c */
|
/* pam_pass_non_interactive.c */
|
||||||
#ifdef USE_PAM
|
#ifdef USE_PAM
|
||||||
extern int do_pam_passwd_non_interactive (const char *pam_service,
|
extern int do_pam_passwd_non_interactive (const char *pam_service,
|
||||||
@@ -334,7 +368,8 @@ extern /*@observer@*/const char *crypt_make_salt (/*@null@*//*@observer@*/const
|
|||||||
|
|
||||||
/* selinux.c */
|
/* selinux.c */
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
extern int set_selinux_file_context (const char *dst_name);
|
extern int set_selinux_file_context (const char *dst_name, mode_t mode);
|
||||||
|
extern void reset_selinux_handle (void);
|
||||||
extern int reset_selinux_file_context (void);
|
extern int reset_selinux_file_context (void);
|
||||||
extern int check_selinux_permit (const char *perm_name);
|
extern int check_selinux_permit (const char *perm_name);
|
||||||
#endif
|
#endif
|
||||||
@@ -448,6 +483,7 @@ extern bool valid (const char *, const struct passwd *);
|
|||||||
extern /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
|
extern /*@maynotreturn@*/ /*@only@*//*@out@*//*@notnull@*/char *xmalloc (size_t size)
|
||||||
/*@ensures MaxSet(result) == (size - 1); @*/;
|
/*@ensures MaxSet(result) == (size - 1); @*/;
|
||||||
extern /*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *);
|
extern /*@maynotreturn@*/ /*@only@*//*@notnull@*/char *xstrdup (const char *);
|
||||||
|
extern void xfree(void *ap);
|
||||||
|
|
||||||
/* xgetpwnam.c */
|
/* xgetpwnam.c */
|
||||||
extern /*@null@*/ /*@only@*/struct passwd *xgetpwnam (const char *);
|
extern /*@null@*/ /*@only@*/struct passwd *xgetpwnam (const char *);
|
||||||
|
|||||||
+6
-29
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1992 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1992 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2008 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -127,7 +104,7 @@ int pw_auth (const char *cipher,
|
|||||||
#ifdef SKEY
|
#ifdef SKEY
|
||||||
/*
|
/*
|
||||||
* If the user has an S/KEY entry show them the pertinent info
|
* If the user has an S/KEY entry show them the pertinent info
|
||||||
* and then we can try validating the created cyphertext and the SKEY.
|
* and then we can try validating the created ciphertext and the SKEY.
|
||||||
* If there is no SKEY information we default to not using SKEY.
|
* If there is no SKEY information we default to not using SKEY.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1992 - 1993, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1992 - 1993, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1997, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2009 , Nicolas François
|
* SPDX-FileCopyrightText: 2009 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Michał Moskal
|
* SPDX-FileCopyrightText: 2005 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id$ */
|
/* $Id$ */
|
||||||
|
|||||||
+16
-37
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2013, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -93,14 +70,16 @@
|
|||||||
|
|
||||||
void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent)
|
void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent)
|
||||||
{
|
{
|
||||||
free (pwent->pw_name);
|
if (pwent != NULL) {
|
||||||
if (pwent->pw_passwd) {
|
free (pwent->pw_name);
|
||||||
memzero (pwent->pw_passwd, strlen (pwent->pw_passwd));
|
if (pwent->pw_passwd) {
|
||||||
free (pwent->pw_passwd);
|
memzero (pwent->pw_passwd, strlen (pwent->pw_passwd));
|
||||||
|
free (pwent->pw_passwd);
|
||||||
|
}
|
||||||
|
free (pwent->pw_gecos);
|
||||||
|
free (pwent->pw_dir);
|
||||||
|
free (pwent->pw_shell);
|
||||||
|
free (pwent);
|
||||||
}
|
}
|
||||||
free (pwent->pw_gecos);
|
|
||||||
free (pwent->pw_dir);
|
|
||||||
free (pwent->pw_shell);
|
|
||||||
free (pwent);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+103
@@ -0,0 +1,103 @@
|
|||||||
|
#include <dirent.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
|
#include <string.h>
|
||||||
|
#include <sys/stat.h>
|
||||||
|
#include <sys/types.h>
|
||||||
|
#include <sys/wait.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <lib/prototypes.h>
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
|
int run_part (char *script_path, char *name, char *action)
|
||||||
|
{
|
||||||
|
int pid;
|
||||||
|
int wait_status;
|
||||||
|
int pid_status;
|
||||||
|
char *args[] = { script_path, NULL };
|
||||||
|
|
||||||
|
pid=fork();
|
||||||
|
if (pid==-1) {
|
||||||
|
perror ("Could not fork");
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
if (pid==0) {
|
||||||
|
setenv ("ACTION",action,1);
|
||||||
|
setenv ("SUBJECT",name,1);
|
||||||
|
execv (script_path,args);
|
||||||
|
perror ("execv");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
pid_status = wait (&wait_status);
|
||||||
|
if (pid_status == pid) {
|
||||||
|
return (wait_status);
|
||||||
|
}
|
||||||
|
|
||||||
|
perror ("waitpid");
|
||||||
|
return (1);
|
||||||
|
}
|
||||||
|
|
||||||
|
int run_parts (char *directory, char *name, char *action)
|
||||||
|
{
|
||||||
|
struct dirent **namelist;
|
||||||
|
int scanlist;
|
||||||
|
int n;
|
||||||
|
int execute_result;
|
||||||
|
|
||||||
|
scanlist = scandir (directory, &namelist, 0, alphasort);
|
||||||
|
if (scanlist<0) {
|
||||||
|
return (0);
|
||||||
|
}
|
||||||
|
|
||||||
|
for (n=0; n<scanlist; n++) {
|
||||||
|
int path_length;
|
||||||
|
struct stat sb;
|
||||||
|
|
||||||
|
path_length=strlen(directory) + strlen(namelist[n]->d_name) + 2;
|
||||||
|
char *s = (char*)malloc(path_length);
|
||||||
|
if (!s) {
|
||||||
|
printf ("could not allocate memory\n");
|
||||||
|
for (; n<scanlist; n++) {
|
||||||
|
free (namelist[n]);
|
||||||
|
}
|
||||||
|
free (namelist);
|
||||||
|
return (1);
|
||||||
|
}
|
||||||
|
snprintf (s, path_length, "%s/%s", directory, namelist[n]->d_name);
|
||||||
|
|
||||||
|
execute_result = 0;
|
||||||
|
if (stat (s, &sb) == -1) {
|
||||||
|
perror ("stat");
|
||||||
|
free (s);
|
||||||
|
for (; n<scanlist; n++) {
|
||||||
|
free (namelist[n]);
|
||||||
|
}
|
||||||
|
free (namelist);
|
||||||
|
return (1);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (S_ISREG (sb.st_mode) || S_ISLNK (sb.st_mode)) {
|
||||||
|
execute_result = run_part (s, name, action);
|
||||||
|
}
|
||||||
|
|
||||||
|
free (s);
|
||||||
|
|
||||||
|
if (execute_result!=0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
"%s: did not exit cleanly.\n",
|
||||||
|
namelist[n]->d_name);
|
||||||
|
for (; n<scanlist; n++) {
|
||||||
|
free (namelist[n]);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
free (namelist[n]);
|
||||||
|
}
|
||||||
|
free (namelist);
|
||||||
|
|
||||||
|
return (execute_result);
|
||||||
|
}
|
||||||
|
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
int run_part (char *script_path, char *name, char *action);
|
||||||
|
int run_parts (char *directory, char *name, char *action);
|
||||||
+53
-46
@@ -1,45 +1,38 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2011 , Peter Vrabec <pvrabec@redhat.com>
|
* SPDX-FileCopyrightText: 2011 , Peter Vrabec <pvrabec@redhat.com>
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
|
|
||||||
|
#include <stdio.h>
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
|
|
||||||
#include <selinux/selinux.h>
|
#include <selinux/selinux.h>
|
||||||
#include <selinux/context.h>
|
#include <selinux/label.h>
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
static bool selinux_checked = false;
|
static bool selinux_checked = false;
|
||||||
static bool selinux_enabled;
|
static bool selinux_enabled;
|
||||||
|
static /*@null@*/struct selabel_handle *selabel_hnd = NULL;
|
||||||
|
|
||||||
|
static void cleanup(void)
|
||||||
|
{
|
||||||
|
if (selabel_hnd) {
|
||||||
|
selabel_close(selabel_hnd);
|
||||||
|
selabel_hnd = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
void reset_selinux_handle (void)
|
||||||
|
{
|
||||||
|
cleanup();
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* set_selinux_file_context - Set the security context before any file or
|
* set_selinux_file_context - Set the security context before any file or
|
||||||
@@ -51,10 +44,8 @@ static bool selinux_enabled;
|
|||||||
* Callers may have to Reset SELinux to create files with default
|
* Callers may have to Reset SELinux to create files with default
|
||||||
* contexts with reset_selinux_file_context
|
* contexts with reset_selinux_file_context
|
||||||
*/
|
*/
|
||||||
int set_selinux_file_context (const char *dst_name)
|
int set_selinux_file_context (const char *dst_name, mode_t mode)
|
||||||
{
|
{
|
||||||
/*@null@*/security_context_t scontext = NULL;
|
|
||||||
|
|
||||||
if (!selinux_checked) {
|
if (!selinux_checked) {
|
||||||
selinux_enabled = is_selinux_enabled () > 0;
|
selinux_enabled = is_selinux_enabled () > 0;
|
||||||
selinux_checked = true;
|
selinux_checked = true;
|
||||||
@@ -62,18 +53,34 @@ int set_selinux_file_context (const char *dst_name)
|
|||||||
|
|
||||||
if (selinux_enabled) {
|
if (selinux_enabled) {
|
||||||
/* Get the default security context for this file */
|
/* Get the default security context for this file */
|
||||||
if (matchpathcon (dst_name, 0, &scontext) < 0) {
|
|
||||||
if (security_getenforce () != 0) {
|
/*@null@*/char *fcontext_raw = NULL;
|
||||||
return 1;
|
int r;
|
||||||
|
|
||||||
|
if (selabel_hnd == NULL) {
|
||||||
|
selabel_hnd = selabel_open(SELABEL_CTX_FILE, NULL, 0);
|
||||||
|
if (selabel_hnd == NULL) {
|
||||||
|
return security_getenforce () != 0;
|
||||||
}
|
}
|
||||||
|
(void) atexit(cleanup);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
r = selabel_lookup_raw(selabel_hnd, &fcontext_raw, dst_name, mode);
|
||||||
|
if (r < 0) {
|
||||||
|
/* No context specified for the searched path */
|
||||||
|
if (errno == ENOENT) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
return security_getenforce () != 0;
|
||||||
|
}
|
||||||
|
|
||||||
/* Set the security context for the next created file */
|
/* Set the security context for the next created file */
|
||||||
if (setfscreatecon (scontext) < 0) {
|
r = setfscreatecon_raw (fcontext_raw);
|
||||||
if (security_getenforce () != 0) {
|
freecon (fcontext_raw);
|
||||||
return 1;
|
if (r < 0) {
|
||||||
}
|
return security_getenforce () != 0;
|
||||||
}
|
}
|
||||||
freecon (scontext);
|
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -92,8 +99,8 @@ int reset_selinux_file_context (void)
|
|||||||
selinux_checked = true;
|
selinux_checked = true;
|
||||||
}
|
}
|
||||||
if (selinux_enabled) {
|
if (selinux_enabled) {
|
||||||
if (setfscreatecon (NULL) != 0) {
|
if (setfscreatecon_raw (NULL) != 0) {
|
||||||
return 1;
|
return security_getenforce () != 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
@@ -131,7 +138,7 @@ static int selinux_log_cb (int type, const char *fmt, ...) {
|
|||||||
&& (errno != EAFNOSUPPORT)) {
|
&& (errno != EAFNOSUPPORT)) {
|
||||||
|
|
||||||
(void) fputs (_("Cannot open audit interface.\n"),
|
(void) fputs (_("Cannot open audit interface.\n"),
|
||||||
stderr);
|
shadow_logfd);
|
||||||
SYSLOG ((LOG_WARN, "Cannot open audit interface."));
|
SYSLOG ((LOG_WARN, "Cannot open audit interface."));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -174,7 +181,7 @@ skip_syslog:
|
|||||||
*/
|
*/
|
||||||
int check_selinux_permit (const char *perm_name)
|
int check_selinux_permit (const char *perm_name)
|
||||||
{
|
{
|
||||||
char *user_context_str;
|
char *user_context_raw;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
if (0 == is_selinux_enabled ()) {
|
if (0 == is_selinux_enabled ()) {
|
||||||
@@ -183,18 +190,18 @@ int check_selinux_permit (const char *perm_name)
|
|||||||
|
|
||||||
selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) selinux_log_cb);
|
selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) selinux_log_cb);
|
||||||
|
|
||||||
if (getprevcon (&user_context_str) != 0) {
|
if (getprevcon_raw (&user_context_raw) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: can not get previous SELinux process context: %s\n"),
|
_("%s: can not get previous SELinux process context: %s\n"),
|
||||||
Prog, strerror (errno));
|
shadow_progname, strerror (errno));
|
||||||
SYSLOG ((LOG_WARN,
|
SYSLOG ((LOG_WARN,
|
||||||
"can not get previous SELinux process context: %s",
|
"can not get previous SELinux process context: %s",
|
||||||
strerror (errno)));
|
strerror (errno)));
|
||||||
return (security_getenforce () != 0);
|
return (security_getenforce () != 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
r = selinux_check_access (user_context_str, user_context_str, "passwd", perm_name, NULL);
|
r = selinux_check_access (user_context_raw, user_context_raw, "passwd", perm_name, NULL);
|
||||||
freecon (user_context_str);
|
freecon (user_context_raw);
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+34
-55
@@ -1,31 +1,8 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2010 , Jakub Hrozek <jhrozek@redhat.com>
|
* SPDX-FileCopyrightText: 2010 , Jakub Hrozek <jhrozek@redhat.com>
|
||||||
* Copyright (c) 2011 , Peter Vrabec <pvrabec@redhat.com>
|
* SPDX-FileCopyrightText: 2011 , Peter Vrabec <pvrabec@redhat.com>
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -43,6 +20,7 @@
|
|||||||
#include <semanage/semanage.h>
|
#include <semanage/semanage.h>
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
#ifndef DEFAULT_SERANGE
|
#ifndef DEFAULT_SERANGE
|
||||||
#define DEFAULT_SERANGE "s0"
|
#define DEFAULT_SERANGE "s0"
|
||||||
@@ -69,7 +47,7 @@ static void semanage_error_callback (unused void *varg,
|
|||||||
switch (semanage_msg_get_level (handle)) {
|
switch (semanage_msg_get_level (handle)) {
|
||||||
case SEMANAGE_MSG_ERR:
|
case SEMANAGE_MSG_ERR:
|
||||||
case SEMANAGE_MSG_WARN:
|
case SEMANAGE_MSG_WARN:
|
||||||
fprintf (stderr, _("[libsemanage]: %s\n"), message);
|
fprintf (shadow_logfd, _("[libsemanage]: %s\n"), message);
|
||||||
break;
|
break;
|
||||||
case SEMANAGE_MSG_INFO:
|
case SEMANAGE_MSG_INFO:
|
||||||
/* nop */
|
/* nop */
|
||||||
@@ -87,7 +65,7 @@ static semanage_handle_t *semanage_init (void)
|
|||||||
|
|
||||||
handle = semanage_handle_create ();
|
handle = semanage_handle_create ();
|
||||||
if (NULL == handle) {
|
if (NULL == handle) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Cannot create SELinux management handle\n"));
|
_("Cannot create SELinux management handle\n"));
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@@ -96,26 +74,26 @@ static semanage_handle_t *semanage_init (void)
|
|||||||
|
|
||||||
ret = semanage_is_managed (handle);
|
ret = semanage_is_managed (handle);
|
||||||
if (ret != 1) {
|
if (ret != 1) {
|
||||||
fprintf (stderr, _("SELinux policy not managed\n"));
|
fprintf (shadow_logfd, _("SELinux policy not managed\n"));
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_access_check (handle);
|
ret = semanage_access_check (handle);
|
||||||
if (ret < SEMANAGE_CAN_READ) {
|
if (ret < SEMANAGE_CAN_READ) {
|
||||||
fprintf (stderr, _("Cannot read SELinux policy store\n"));
|
fprintf (shadow_logfd, _("Cannot read SELinux policy store\n"));
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_connect (handle);
|
ret = semanage_connect (handle);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Cannot establish SELinux management connection\n"));
|
_("Cannot establish SELinux management connection\n"));
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_begin_transaction (handle);
|
ret = semanage_begin_transaction (handle);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr, _("Cannot begin SELinux transaction\n"));
|
fprintf (shadow_logfd, _("Cannot begin SELinux transaction\n"));
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -137,7 +115,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
|
|||||||
|
|
||||||
semanage_seuser_query (handle, key, &seuser);
|
semanage_seuser_query (handle, key, &seuser);
|
||||||
if (NULL == seuser) {
|
if (NULL == seuser) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not query seuser for %s\n"), login_name);
|
_("Could not query seuser for %s\n"), login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
@@ -145,7 +123,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
|
|||||||
|
|
||||||
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
|
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not set serange for %s\n"), login_name);
|
_("Could not set serange for %s\n"), login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
@@ -153,7 +131,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
|
|||||||
|
|
||||||
ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
|
ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not set sename for %s\n"),
|
_("Could not set sename for %s\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@@ -162,7 +140,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
|
|||||||
|
|
||||||
ret = semanage_seuser_modify_local (handle, key, seuser);
|
ret = semanage_seuser_modify_local (handle, key, seuser);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not modify login mapping for %s\n"),
|
_("Could not modify login mapping for %s\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@@ -186,7 +164,7 @@ static int semanage_user_add (semanage_handle_t *handle,
|
|||||||
|
|
||||||
ret = semanage_seuser_create (handle, &seuser);
|
ret = semanage_seuser_create (handle, &seuser);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Cannot create SELinux login mapping for %s\n"),
|
_("Cannot create SELinux login mapping for %s\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@@ -195,14 +173,14 @@ static int semanage_user_add (semanage_handle_t *handle,
|
|||||||
|
|
||||||
ret = semanage_seuser_set_name (handle, seuser, login_name);
|
ret = semanage_seuser_set_name (handle, seuser, login_name);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr, _("Could not set name for %s\n"), login_name);
|
fprintf (shadow_logfd, _("Could not set name for %s\n"), login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
|
ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not set serange for %s\n"),
|
_("Could not set serange for %s\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@@ -211,7 +189,7 @@ static int semanage_user_add (semanage_handle_t *handle,
|
|||||||
|
|
||||||
ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
|
ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not set SELinux user for %s\n"),
|
_("Could not set SELinux user for %s\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@@ -220,7 +198,7 @@ static int semanage_user_add (semanage_handle_t *handle,
|
|||||||
|
|
||||||
ret = semanage_seuser_modify_local (handle, key, seuser);
|
ret = semanage_seuser_modify_local (handle, key, seuser);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not add login mapping for %s\n"),
|
_("Could not add login mapping for %s\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@@ -248,21 +226,21 @@ int set_seuser (const char *login_name, const char *seuser_name)
|
|||||||
|
|
||||||
handle = semanage_init ();
|
handle = semanage_init ();
|
||||||
if (NULL == handle) {
|
if (NULL == handle) {
|
||||||
fprintf (stderr, _("Cannot init SELinux management\n"));
|
fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_seuser_key_create (handle, login_name, &key);
|
ret = semanage_seuser_key_create (handle, login_name, &key);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr, _("Cannot create SELinux user key\n"));
|
fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_seuser_exists (handle, key, &seuser_exists);
|
ret = semanage_seuser_exists (handle, key, &seuser_exists);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
fprintf (stderr, _("Cannot verify the SELinux user\n"));
|
fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
@@ -270,7 +248,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
|
|||||||
if (0 != seuser_exists) {
|
if (0 != seuser_exists) {
|
||||||
ret = semanage_user_mod (handle, key, login_name, seuser_name);
|
ret = semanage_user_mod (handle, key, login_name, seuser_name);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Cannot modify SELinux user mapping\n"));
|
_("Cannot modify SELinux user mapping\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
@@ -278,7 +256,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
|
|||||||
} else {
|
} else {
|
||||||
ret = semanage_user_add (handle, key, login_name, seuser_name);
|
ret = semanage_user_add (handle, key, login_name, seuser_name);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Cannot add SELinux user mapping\n"));
|
_("Cannot add SELinux user mapping\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
@@ -287,12 +265,13 @@ int set_seuser (const char *login_name, const char *seuser_name)
|
|||||||
|
|
||||||
ret = semanage_commit (handle);
|
ret = semanage_commit (handle);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
fprintf (stderr, _("Cannot commit SELinux transaction\n"));
|
fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = 0;
|
ret = 0;
|
||||||
|
reset_selinux_handle();
|
||||||
|
|
||||||
done:
|
done:
|
||||||
semanage_seuser_key_free (key);
|
semanage_seuser_key_free (key);
|
||||||
@@ -310,27 +289,27 @@ int del_seuser (const char *login_name)
|
|||||||
|
|
||||||
handle = semanage_init ();
|
handle = semanage_init ();
|
||||||
if (NULL == handle) {
|
if (NULL == handle) {
|
||||||
fprintf (stderr, _("Cannot init SELinux management\n"));
|
fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_seuser_key_create (handle, login_name, &key);
|
ret = semanage_seuser_key_create (handle, login_name, &key);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr, _("Cannot create SELinux user key\n"));
|
fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = semanage_seuser_exists (handle, key, &exists);
|
ret = semanage_seuser_exists (handle, key, &exists);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
fprintf (stderr, _("Cannot verify the SELinux user\n"));
|
fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (0 == exists) {
|
if (0 == exists) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Login mapping for %s is not defined, OK if default mapping was used\n"),
|
_("Login mapping for %s is not defined, OK if default mapping was used\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 0; /* probably default mapping */
|
ret = 0; /* probably default mapping */
|
||||||
@@ -339,13 +318,13 @@ int del_seuser (const char *login_name)
|
|||||||
|
|
||||||
ret = semanage_seuser_exists_local (handle, key, &exists);
|
ret = semanage_seuser_exists_local (handle, key, &exists);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
fprintf (stderr, _("Cannot verify the SELinux user\n"));
|
fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (0 == exists) {
|
if (0 == exists) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Login mapping for %s is defined in policy, cannot be deleted\n"),
|
_("Login mapping for %s is defined in policy, cannot be deleted\n"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 0; /* Login mapping defined in policy can't be deleted */
|
ret = 0; /* Login mapping defined in policy can't be deleted */
|
||||||
@@ -354,7 +333,7 @@ int del_seuser (const char *login_name)
|
|||||||
|
|
||||||
ret = semanage_seuser_del_local (handle, key);
|
ret = semanage_seuser_del_local (handle, key);
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Could not delete login mapping for %s"),
|
_("Could not delete login mapping for %s"),
|
||||||
login_name);
|
login_name);
|
||||||
ret = 1;
|
ret = 1;
|
||||||
@@ -363,7 +342,7 @@ int del_seuser (const char *login_name)
|
|||||||
|
|
||||||
ret = semanage_commit (handle);
|
ret = semanage_commit (handle);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
fprintf (stderr, _("Cannot commit SELinux transaction\n"));
|
fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
|
||||||
ret = 1;
|
ret = 1;
|
||||||
goto done;
|
goto done;
|
||||||
}
|
}
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+6
-29
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -91,7 +68,7 @@ struct passwd *sgetpwent (const char *buf)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* something at the end, columns over shot */
|
/* something at the end, columns over shot */
|
||||||
if( cp != NULL ) {
|
if ( cp != NULL ) {
|
||||||
return( NULL );
|
return( NULL );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+5
-29
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2009 , Nicolas François
|
* SPDX-FileCopyrightText: 2009 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -52,7 +29,6 @@ struct spwd *sgetspent (const char *string)
|
|||||||
static struct spwd spwd;
|
static struct spwd spwd;
|
||||||
char *fields[FIELDS];
|
char *fields[FIELDS];
|
||||||
char *cp;
|
char *cp;
|
||||||
char *cpp;
|
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2013, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id$ */
|
/* $Id$ */
|
||||||
|
|||||||
+5
-31
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2009 , Nicolas François
|
* SPDX-FileCopyrightText: 2009 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -130,7 +107,6 @@ static struct spwd *my_sgetspent (const char *string)
|
|||||||
static struct spwd spwd;
|
static struct spwd spwd;
|
||||||
char *fields[FIELDS];
|
char *fields[FIELDS];
|
||||||
char *cp;
|
char *cp;
|
||||||
char *cpp;
|
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -389,7 +365,6 @@ struct spwd *getspent (void)
|
|||||||
#ifdef USE_NIS
|
#ifdef USE_NIS
|
||||||
int nis_1_user = 0;
|
int nis_1_user = 0;
|
||||||
struct spwd *val;
|
struct spwd *val;
|
||||||
char buf[BUFSIZ];
|
|
||||||
#endif
|
#endif
|
||||||
if (NULL == shadow) {
|
if (NULL == shadow) {
|
||||||
setspent ();
|
setspent ();
|
||||||
@@ -484,7 +459,6 @@ struct spwd *getspnam (const char *name)
|
|||||||
struct spwd *sp;
|
struct spwd *sp;
|
||||||
|
|
||||||
#ifdef USE_NIS
|
#ifdef USE_NIS
|
||||||
char buf[BUFSIZ];
|
|
||||||
static char save_name[16];
|
static char save_name[16];
|
||||||
bool nis_disabled = false;
|
bool nis_disabled = false;
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id$ */
|
/* $Id$ */
|
||||||
|
|||||||
@@ -0,0 +1,31 @@
|
|||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
|
#include "lib/shadowlog_internal.h"
|
||||||
|
|
||||||
|
const char *shadow_progname = "libshadow";
|
||||||
|
FILE *shadow_logfd = NULL;
|
||||||
|
|
||||||
|
void log_set_progname(const char *progname)
|
||||||
|
{
|
||||||
|
shadow_progname = progname;
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *log_get_progname(void)
|
||||||
|
{
|
||||||
|
return shadow_progname;
|
||||||
|
}
|
||||||
|
|
||||||
|
void log_set_logfd(FILE *fd)
|
||||||
|
{
|
||||||
|
if (NULL != fd)
|
||||||
|
shadow_logfd = fd;
|
||||||
|
else
|
||||||
|
shadow_logfd = stderr;
|
||||||
|
}
|
||||||
|
|
||||||
|
FILE *log_get_logfd(void)
|
||||||
|
{
|
||||||
|
if (shadow_logfd != NULL)
|
||||||
|
return shadow_logfd;
|
||||||
|
return stderr;
|
||||||
|
}
|
||||||
@@ -0,0 +1,41 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2021 , Serge Hallyn
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. The name of the copyright holders or contributors may not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* specific prior written permission.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||||
|
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||||
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||||
|
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||||
|
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||||
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||||
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||||
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||||
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||||
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
/* $Id$ */
|
||||||
|
#ifndef _LOG_H
|
||||||
|
#define _LOG_H
|
||||||
|
#include <stdio.h>
|
||||||
|
|
||||||
|
extern void log_set_progname(const char *);
|
||||||
|
extern const char *log_get_progname(void);
|
||||||
|
extern void log_set_logfd(FILE *fd);
|
||||||
|
extern FILE *log_get_logfd(void);
|
||||||
|
extern void log_dolog(char *, ...);
|
||||||
|
|
||||||
|
#endif
|
||||||
@@ -0,0 +1,2 @@
|
|||||||
|
extern const char *shadow_progname; /* Program name showed in error messages */
|
||||||
|
extern FILE *shadow_logfd; /* file descripter to which error messages are printed */
|
||||||
+13
-34
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 , Michał Moskal
|
* SPDX-FileCopyrightText: 2001 , Michał Moskal
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2013, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2013, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -79,11 +56,13 @@
|
|||||||
|
|
||||||
void spw_free (/*@out@*/ /*@only@*/struct spwd *spent)
|
void spw_free (/*@out@*/ /*@only@*/struct spwd *spent)
|
||||||
{
|
{
|
||||||
free (spent->sp_namp);
|
if (spent != NULL) {
|
||||||
if (NULL != spent->sp_pwdp) {
|
free (spent->sp_namp);
|
||||||
memzero (spent->sp_pwdp, strlen (spent->sp_pwdp));
|
if (NULL != spent->sp_pwdp) {
|
||||||
free (spent->sp_pwdp);
|
memzero (spent->sp_pwdp, strlen (spent->sp_pwdp));
|
||||||
|
free (spent->sp_pwdp);
|
||||||
|
}
|
||||||
|
free (spent);
|
||||||
}
|
}
|
||||||
free (spent);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+11
-32
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2011 , Jonathan Nieder
|
* SPDX-FileCopyrightText: 2011 , Jonathan Nieder
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -38,6 +15,8 @@
|
|||||||
#include "exitcodes.h"
|
#include "exitcodes.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
int run_command (const char *cmd, const char *argv[],
|
int run_command (const char *cmd, const char *argv[],
|
||||||
/*@null@*/const char *envp[], /*@out@*/int *status)
|
/*@null@*/const char *envp[], /*@out@*/int *status)
|
||||||
{
|
{
|
||||||
@@ -48,7 +27,7 @@ int run_command (const char *cmd, const char *argv[],
|
|||||||
}
|
}
|
||||||
|
|
||||||
(void) fflush (stdout);
|
(void) fflush (stdout);
|
||||||
(void) fflush (stderr);
|
(void) fflush (shadow_logfd);
|
||||||
|
|
||||||
pid = fork ();
|
pid = fork ();
|
||||||
if (0 == pid) {
|
if (0 == pid) {
|
||||||
@@ -57,12 +36,12 @@ int run_command (const char *cmd, const char *argv[],
|
|||||||
if (ENOENT == errno) {
|
if (ENOENT == errno) {
|
||||||
exit (E_CMD_NOTFOUND);
|
exit (E_CMD_NOTFOUND);
|
||||||
}
|
}
|
||||||
fprintf (stderr, "%s: cannot execute %s: %s\n",
|
fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
|
||||||
Prog, cmd, strerror (errno));
|
shadow_progname, cmd, strerror (errno));
|
||||||
exit (E_CMD_NOEXEC);
|
exit (E_CMD_NOEXEC);
|
||||||
} else if ((pid_t)-1 == pid) {
|
} else if ((pid_t)-1 == pid) {
|
||||||
fprintf (stderr, "%s: cannot execute %s: %s\n",
|
fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
|
||||||
Prog, cmd, strerror (errno));
|
shadow_progname, cmd, strerror (errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -74,8 +53,8 @@ int run_command (const char *cmd, const char *argv[],
|
|||||||
|| ((pid_t)-1 != wpid && wpid != pid));
|
|| ((pid_t)-1 != wpid && wpid != pid));
|
||||||
|
|
||||||
if ((pid_t)-1 == wpid) {
|
if ((pid_t)-1 == wpid) {
|
||||||
fprintf (stderr, "%s: waitpid (status: %d): %s\n",
|
fprintf (shadow_logfd, "%s: waitpid (status: %d): %s\n",
|
||||||
Prog, *status, strerror (errno));
|
shadow_progname, *status, strerror (errno));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+8
-8
@@ -11,7 +11,9 @@
|
|||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "sssd.h"
|
#include "sssd.h"
|
||||||
|
|
||||||
#define MSG_SSSD_FLUSH_CACHE_FAILED "%s: Failed to flush the sssd cache.\n"
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
|
#define MSG_SSSD_FLUSH_CACHE_FAILED "%s: Failed to flush the sssd cache."
|
||||||
|
|
||||||
int sssd_flush_cache (int dbflags)
|
int sssd_flush_cache (int dbflags)
|
||||||
{
|
{
|
||||||
@@ -46,24 +48,22 @@ int sssd_flush_cache (int dbflags)
|
|||||||
free(sss_cache_args);
|
free(sss_cache_args);
|
||||||
if (rv != 0) {
|
if (rv != 0) {
|
||||||
/* run_command writes its own more detailed message. */
|
/* run_command writes its own more detailed message. */
|
||||||
(void) fprintf (stderr, _(MSG_SSSD_FLUSH_CACHE_FAILED), Prog);
|
SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
code = WEXITSTATUS (status);
|
code = WEXITSTATUS (status);
|
||||||
if (!WIFEXITED (status)) {
|
if (!WIFEXITED (status)) {
|
||||||
(void) fprintf (stderr,
|
SYSLOG ((LOG_WARN, "%s: sss_cache did not terminate normally (signal %d)",
|
||||||
_("%s: sss_cache did not terminate normally (signal %d)\n"),
|
shadow_progname, WTERMSIG (status)));
|
||||||
Prog, WTERMSIG (status));
|
|
||||||
return -1;
|
return -1;
|
||||||
} else if (code == E_CMD_NOTFOUND) {
|
} else if (code == E_CMD_NOTFOUND) {
|
||||||
/* sss_cache is not installed, or it is installed but uses an
|
/* sss_cache is not installed, or it is installed but uses an
|
||||||
interpreter that is missing. Probably the former. */
|
interpreter that is missing. Probably the former. */
|
||||||
return 0;
|
return 0;
|
||||||
} else if (code != 0) {
|
} else if (code != 0) {
|
||||||
(void) fprintf (stderr, _("%s: sss_cache exited with status %d\n"),
|
SYSLOG ((LOG_WARN, "%s: sss_cache exited with status %d", shadow_progname, code));
|
||||||
Prog, code);
|
SYSLOG ((LOG_WARN, MSG_SSSD_FLUSH_CACHE_FAILED, shadow_progname));
|
||||||
(void) fprintf (stderr, _(MSG_SSSD_FLUSH_CACHE_FAILED), Prog);
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
+370
-16
@@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2012 - Eric Biederman
|
* SPDX-FileCopyrightText: 2012 - Eric Biederman
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -11,16 +11,11 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include "commonio.h"
|
#include "commonio.h"
|
||||||
#include "subordinateio.h"
|
#include "subordinateio.h"
|
||||||
|
#include "../libsubid/subid.h"
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#include <pwd.h>
|
#include <pwd.h>
|
||||||
|
#include <ctype.h>
|
||||||
struct subordinate_range {
|
#include <fcntl.h>
|
||||||
const char *owner;
|
|
||||||
unsigned long start;
|
|
||||||
unsigned long count;
|
|
||||||
};
|
|
||||||
|
|
||||||
#define NFIELDS 3
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* subordinate_dup: create a duplicate range
|
* subordinate_dup: create a duplicate range
|
||||||
@@ -78,7 +73,7 @@ static void *subordinate_parse (const char *line)
|
|||||||
static char rangebuf[1024];
|
static char rangebuf[1024];
|
||||||
int i;
|
int i;
|
||||||
char *cp;
|
char *cp;
|
||||||
char *fields[NFIELDS];
|
char *fields[SUBID_NFIELDS];
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copy the string to a temporary buffer so the substrings can
|
* Copy the string to a temporary buffer so the substrings can
|
||||||
@@ -93,7 +88,7 @@ static void *subordinate_parse (const char *line)
|
|||||||
* field. The fields are converted into NUL terminated strings.
|
* field. The fields are converted into NUL terminated strings.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
for (cp = rangebuf, i = 0; (i < NFIELDS) && (NULL != cp); i++) {
|
for (cp = rangebuf, i = 0; (i < SUBID_NFIELDS) && (NULL != cp); i++) {
|
||||||
fields[i] = cp;
|
fields[i] = cp;
|
||||||
while (('\0' != *cp) && (':' != *cp)) {
|
while (('\0' != *cp) && (':' != *cp)) {
|
||||||
cp++;
|
cp++;
|
||||||
@@ -108,10 +103,10 @@ static void *subordinate_parse (const char *line)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* There must be exactly NFIELDS colon separated fields or
|
* There must be exactly SUBID_NFIELDS colon separated fields or
|
||||||
* the entry is invalid. Also, fields must be non-blank.
|
* the entry is invalid. Also, fields must be non-blank.
|
||||||
*/
|
*/
|
||||||
if (i != NFIELDS || *fields[0] == '\0' || *fields[1] == '\0' || *fields[2] == '\0')
|
if (i != SUBID_NFIELDS || *fields[0] == '\0' || *fields[1] == '\0' || *fields[2] == '\0')
|
||||||
return NULL;
|
return NULL;
|
||||||
range.owner = fields[0];
|
range.owner = fields[0];
|
||||||
if (getulong (fields[1], &range.start) == 0)
|
if (getulong (fields[1], &range.start) == 0)
|
||||||
@@ -229,7 +224,7 @@ static const struct subordinate_range *find_range(struct commonio_db *db,
|
|||||||
/* Get UID of the username we are looking for */
|
/* Get UID of the username we are looking for */
|
||||||
pwd = getpwnam(owner);
|
pwd = getpwnam(owner);
|
||||||
if (NULL == pwd) {
|
if (NULL == pwd) {
|
||||||
/* Username not defined in /etc/passwd, or error occured during lookup */
|
/* Username not defined in /etc/passwd, or error occurred during lookup */
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
owner_uid = pwd->pw_uid;
|
owner_uid = pwd->pw_uid;
|
||||||
@@ -314,6 +309,35 @@ static bool have_range(struct commonio_db *db,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool append_range(struct subid_range **ranges, const struct subordinate_range *new, int n)
|
||||||
|
{
|
||||||
|
if (!*ranges) {
|
||||||
|
*ranges = malloc(sizeof(struct subid_range));
|
||||||
|
if (!*ranges)
|
||||||
|
return false;
|
||||||
|
} else {
|
||||||
|
struct subid_range *alloced;
|
||||||
|
alloced = realloc(*ranges, (n + 1) * (sizeof(struct subid_range)));
|
||||||
|
if (!alloced)
|
||||||
|
return false;
|
||||||
|
*ranges = alloced;
|
||||||
|
}
|
||||||
|
(*ranges)[n].start = new->start;
|
||||||
|
(*ranges)[n].count = new->count;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
void free_subordinate_ranges(struct subordinate_range **ranges, int count)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (!ranges)
|
||||||
|
return;
|
||||||
|
for (i = 0; i < count; i++)
|
||||||
|
subordinate_free(ranges[i]);
|
||||||
|
free(ranges);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* subordinate_range_cmp: compare uid ranges
|
* subordinate_range_cmp: compare uid ranges
|
||||||
*
|
*
|
||||||
@@ -574,23 +598,37 @@ int sub_uid_open (int mode)
|
|||||||
return commonio_open (&subordinate_uid_db, mode);
|
return commonio_open (&subordinate_uid_db, mode);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool sub_uid_assigned(const char *owner)
|
bool local_sub_uid_assigned(const char *owner)
|
||||||
{
|
{
|
||||||
return range_exists (&subordinate_uid_db, owner);
|
return range_exists (&subordinate_uid_db, owner);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool have_sub_uids(const char *owner, uid_t start, unsigned long count)
|
bool have_sub_uids(const char *owner, uid_t start, unsigned long count)
|
||||||
{
|
{
|
||||||
|
struct subid_nss_ops *h;
|
||||||
|
bool found;
|
||||||
|
enum subid_status status;
|
||||||
|
h = get_subid_nss_handle();
|
||||||
|
if (h) {
|
||||||
|
status = h->has_range(owner, start, count, ID_TYPE_UID, &found);
|
||||||
|
if (status == SUBID_STATUS_SUCCESS && found)
|
||||||
|
return true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
return have_range (&subordinate_uid_db, owner, start, count);
|
return have_range (&subordinate_uid_db, owner, start, count);
|
||||||
}
|
}
|
||||||
|
|
||||||
int sub_uid_add (const char *owner, uid_t start, unsigned long count)
|
int sub_uid_add (const char *owner, uid_t start, unsigned long count)
|
||||||
{
|
{
|
||||||
|
if (get_subid_nss_handle())
|
||||||
|
return -EOPNOTSUPP;
|
||||||
return add_range (&subordinate_uid_db, owner, start, count);
|
return add_range (&subordinate_uid_db, owner, start, count);
|
||||||
}
|
}
|
||||||
|
|
||||||
int sub_uid_remove (const char *owner, uid_t start, unsigned long count)
|
int sub_uid_remove (const char *owner, uid_t start, unsigned long count)
|
||||||
{
|
{
|
||||||
|
if (get_subid_nss_handle())
|
||||||
|
return -EOPNOTSUPP;
|
||||||
return remove_range (&subordinate_uid_db, owner, start, count);
|
return remove_range (&subordinate_uid_db, owner, start, count);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -658,21 +696,35 @@ int sub_gid_open (int mode)
|
|||||||
|
|
||||||
bool have_sub_gids(const char *owner, gid_t start, unsigned long count)
|
bool have_sub_gids(const char *owner, gid_t start, unsigned long count)
|
||||||
{
|
{
|
||||||
|
struct subid_nss_ops *h;
|
||||||
|
bool found;
|
||||||
|
enum subid_status status;
|
||||||
|
h = get_subid_nss_handle();
|
||||||
|
if (h) {
|
||||||
|
status = h->has_range(owner, start, count, ID_TYPE_GID, &found);
|
||||||
|
if (status == SUBID_STATUS_SUCCESS && found)
|
||||||
|
return true;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
return have_range(&subordinate_gid_db, owner, start, count);
|
return have_range(&subordinate_gid_db, owner, start, count);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool sub_gid_assigned(const char *owner)
|
bool local_sub_gid_assigned(const char *owner)
|
||||||
{
|
{
|
||||||
return range_exists (&subordinate_gid_db, owner);
|
return range_exists (&subordinate_gid_db, owner);
|
||||||
}
|
}
|
||||||
|
|
||||||
int sub_gid_add (const char *owner, gid_t start, unsigned long count)
|
int sub_gid_add (const char *owner, gid_t start, unsigned long count)
|
||||||
{
|
{
|
||||||
|
if (get_subid_nss_handle())
|
||||||
|
return -EOPNOTSUPP;
|
||||||
return add_range (&subordinate_gid_db, owner, start, count);
|
return add_range (&subordinate_gid_db, owner, start, count);
|
||||||
}
|
}
|
||||||
|
|
||||||
int sub_gid_remove (const char *owner, gid_t start, unsigned long count)
|
int sub_gid_remove (const char *owner, gid_t start, unsigned long count)
|
||||||
{
|
{
|
||||||
|
if (get_subid_nss_handle())
|
||||||
|
return -EOPNOTSUPP;
|
||||||
return remove_range (&subordinate_gid_db, owner, start, count);
|
return remove_range (&subordinate_gid_db, owner, start, count);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -692,6 +744,308 @@ gid_t sub_gid_find_free_range(gid_t min, gid_t max, unsigned long count)
|
|||||||
start = find_free_range (&subordinate_gid_db, min, max, count);
|
start = find_free_range (&subordinate_gid_db, min, max, count);
|
||||||
return start == ULONG_MAX ? (gid_t) -1 : start;
|
return start == ULONG_MAX ? (gid_t) -1 : start;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* int list_owner_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges)
|
||||||
|
*
|
||||||
|
* @owner: username
|
||||||
|
* @id_type: UID or GUID
|
||||||
|
* @ranges: pointer to array of ranges into which results will be placed.
|
||||||
|
*
|
||||||
|
* Fills in the subuid or subgid ranges which are owned by the specified
|
||||||
|
* user. Username may be a username or a string representation of a
|
||||||
|
* UID number. If id_type is UID, then subuids are returned, else
|
||||||
|
* subgids are given.
|
||||||
|
|
||||||
|
* Returns the number of ranges found, or < 0 on error.
|
||||||
|
*
|
||||||
|
* The caller must free the subordinate range list.
|
||||||
|
*/
|
||||||
|
int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range **in_ranges)
|
||||||
|
{
|
||||||
|
// TODO - need to handle owner being either uid or username
|
||||||
|
struct subid_range *ranges = NULL;
|
||||||
|
const struct subordinate_range *range;
|
||||||
|
struct commonio_db *db;
|
||||||
|
enum subid_status status;
|
||||||
|
int count = 0;
|
||||||
|
struct subid_nss_ops *h;
|
||||||
|
|
||||||
|
*in_ranges = NULL;
|
||||||
|
|
||||||
|
h = get_subid_nss_handle();
|
||||||
|
if (h) {
|
||||||
|
status = h->list_owner_ranges(owner, id_type, in_ranges, &count);
|
||||||
|
if (status == SUBID_STATUS_SUCCESS)
|
||||||
|
return count;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
switch (id_type) {
|
||||||
|
case ID_TYPE_UID:
|
||||||
|
if (!sub_uid_open(O_RDONLY)) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
db = &subordinate_uid_db;
|
||||||
|
break;
|
||||||
|
case ID_TYPE_GID:
|
||||||
|
if (!sub_gid_open(O_RDONLY)) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
db = &subordinate_gid_db;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
commonio_rewind(db);
|
||||||
|
while ((range = commonio_next(db)) != NULL) {
|
||||||
|
if (0 == strcmp(range->owner, owner)) {
|
||||||
|
if (!append_range(&ranges, range, count++)) {
|
||||||
|
free(ranges);
|
||||||
|
ranges = NULL;
|
||||||
|
count = -1;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
out:
|
||||||
|
if (id_type == ID_TYPE_UID)
|
||||||
|
sub_uid_close();
|
||||||
|
else
|
||||||
|
sub_gid_close();
|
||||||
|
|
||||||
|
*in_ranges = ranges;
|
||||||
|
return count;
|
||||||
|
}
|
||||||
|
|
||||||
|
static bool all_digits(const char *str)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
for (i = 0; str[i] != '\0'; i++)
|
||||||
|
if (!isdigit(str[i]))
|
||||||
|
return false;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int append_uids(uid_t **uids, const char *owner, int n)
|
||||||
|
{
|
||||||
|
uid_t owner_uid;
|
||||||
|
uid_t *ret;
|
||||||
|
int i;
|
||||||
|
|
||||||
|
if (all_digits(owner)) {
|
||||||
|
i = sscanf(owner, "%d", &owner_uid);
|
||||||
|
if (i != 1) {
|
||||||
|
// should not happen
|
||||||
|
free(*uids);
|
||||||
|
*uids = NULL;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
struct passwd *pwd = getpwnam(owner);
|
||||||
|
if (NULL == pwd) {
|
||||||
|
/* Username not defined in /etc/passwd, or error occurred during lookup */
|
||||||
|
free(*uids);
|
||||||
|
*uids = NULL;
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
owner_uid = pwd->pw_uid;
|
||||||
|
}
|
||||||
|
|
||||||
|
for (i = 0; i < n; i++) {
|
||||||
|
if (owner_uid == (*uids)[i])
|
||||||
|
return n;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = realloc(*uids, (n + 1) * sizeof(uid_t));
|
||||||
|
if (!ret) {
|
||||||
|
free(*uids);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
ret[n] = owner_uid;
|
||||||
|
*uids = ret;
|
||||||
|
return n+1;
|
||||||
|
}
|
||||||
|
|
||||||
|
int find_subid_owners(unsigned long id, enum subid_type id_type, uid_t **uids)
|
||||||
|
{
|
||||||
|
const struct subordinate_range *range;
|
||||||
|
struct subid_nss_ops *h;
|
||||||
|
enum subid_status status;
|
||||||
|
struct commonio_db *db;
|
||||||
|
int n = 0;
|
||||||
|
|
||||||
|
h = get_subid_nss_handle();
|
||||||
|
if (h) {
|
||||||
|
status = h->find_subid_owners(id, id_type, uids, &n);
|
||||||
|
// Several ways we could handle the error cases here.
|
||||||
|
if (status != SUBID_STATUS_SUCCESS)
|
||||||
|
return -1;
|
||||||
|
return n;
|
||||||
|
}
|
||||||
|
|
||||||
|
switch (id_type) {
|
||||||
|
case ID_TYPE_UID:
|
||||||
|
if (!sub_uid_open(O_RDONLY)) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
db = &subordinate_uid_db;
|
||||||
|
break;
|
||||||
|
case ID_TYPE_GID:
|
||||||
|
if (!sub_gid_open(O_RDONLY)) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
db = &subordinate_gid_db;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
*uids = NULL;
|
||||||
|
|
||||||
|
commonio_rewind(db);
|
||||||
|
while ((range = commonio_next(db)) != NULL) {
|
||||||
|
if (id >= range->start && id < range->start + range-> count) {
|
||||||
|
n = append_uids(uids, range->owner, n);
|
||||||
|
if (n < 0)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (id_type == ID_TYPE_UID)
|
||||||
|
sub_uid_close();
|
||||||
|
else
|
||||||
|
sub_gid_close();
|
||||||
|
|
||||||
|
return n;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, bool reuse)
|
||||||
|
{
|
||||||
|
struct commonio_db *db;
|
||||||
|
const struct subordinate_range *r;
|
||||||
|
bool ret;
|
||||||
|
|
||||||
|
if (get_subid_nss_handle())
|
||||||
|
return false;
|
||||||
|
|
||||||
|
switch (id_type) {
|
||||||
|
case ID_TYPE_UID:
|
||||||
|
if (!sub_uid_lock()) {
|
||||||
|
printf("Failed loging subuids (errno %d)\n", errno);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!sub_uid_open(O_CREAT | O_RDWR)) {
|
||||||
|
printf("Failed opening subuids (errno %d)\n", errno);
|
||||||
|
sub_uid_unlock();
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
db = &subordinate_uid_db;
|
||||||
|
break;
|
||||||
|
case ID_TYPE_GID:
|
||||||
|
if (!sub_gid_lock()) {
|
||||||
|
printf("Failed loging subgids (errno %d)\n", errno);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!sub_gid_open(O_CREAT | O_RDWR)) {
|
||||||
|
printf("Failed opening subgids (errno %d)\n", errno);
|
||||||
|
sub_gid_unlock();
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
db = &subordinate_gid_db;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
commonio_rewind(db);
|
||||||
|
if (reuse) {
|
||||||
|
while ((r = commonio_next(db)) != NULL) {
|
||||||
|
// TODO account for username vs uid_t
|
||||||
|
if (0 != strcmp(r->owner, range->owner))
|
||||||
|
continue;
|
||||||
|
if (r->count >= range->count) {
|
||||||
|
range->count = r->count;
|
||||||
|
range->start = r->start;
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
range->start = find_free_range(db, range->start, ULONG_MAX, range->count);
|
||||||
|
|
||||||
|
if (range->start == ULONG_MAX) {
|
||||||
|
ret = false;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = add_range(db, range->owner, range->start, range->count) == 1;
|
||||||
|
|
||||||
|
out:
|
||||||
|
if (id_type == ID_TYPE_UID) {
|
||||||
|
sub_uid_close();
|
||||||
|
sub_uid_unlock();
|
||||||
|
} else {
|
||||||
|
sub_gid_close();
|
||||||
|
sub_gid_unlock();
|
||||||
|
}
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
bool release_subid_range(struct subordinate_range *range, enum subid_type id_type)
|
||||||
|
{
|
||||||
|
struct commonio_db *db;
|
||||||
|
bool ret;
|
||||||
|
|
||||||
|
if (get_subid_nss_handle())
|
||||||
|
return false;
|
||||||
|
|
||||||
|
switch (id_type) {
|
||||||
|
case ID_TYPE_UID:
|
||||||
|
if (!sub_uid_lock()) {
|
||||||
|
printf("Failed loging subuids (errno %d)\n", errno);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!sub_uid_open(O_CREAT | O_RDWR)) {
|
||||||
|
printf("Failed opening subuids (errno %d)\n", errno);
|
||||||
|
sub_uid_unlock();
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
db = &subordinate_uid_db;
|
||||||
|
break;
|
||||||
|
case ID_TYPE_GID:
|
||||||
|
if (!sub_gid_lock()) {
|
||||||
|
printf("Failed loging subgids (errno %d)\n", errno);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
if (!sub_gid_open(O_CREAT | O_RDWR)) {
|
||||||
|
printf("Failed opening subgids (errno %d)\n", errno);
|
||||||
|
sub_gid_unlock();
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
db = &subordinate_gid_db;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
ret = remove_range(db, range->owner, range->start, range->count) == 1;
|
||||||
|
|
||||||
|
if (id_type == ID_TYPE_UID) {
|
||||||
|
sub_uid_close();
|
||||||
|
sub_uid_unlock();
|
||||||
|
} else {
|
||||||
|
sub_gid_close();
|
||||||
|
sub_gid_unlock();
|
||||||
|
}
|
||||||
|
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
#else /* !ENABLE_SUBIDS */
|
#else /* !ENABLE_SUBIDS */
|
||||||
extern int errno; /* warning: ANSI C forbids an empty source file */
|
extern int errno; /* warning: ANSI C forbids an empty source file */
|
||||||
#endif /* !ENABLE_SUBIDS */
|
#endif /* !ENABLE_SUBIDS */
|
||||||
|
|||||||
+9
-2
@@ -11,10 +11,12 @@
|
|||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
|
|
||||||
|
#include "../libsubid/subid.h"
|
||||||
|
|
||||||
extern int sub_uid_close(void);
|
extern int sub_uid_close(void);
|
||||||
extern bool have_sub_uids(const char *owner, uid_t start, unsigned long count);
|
extern bool have_sub_uids(const char *owner, uid_t start, unsigned long count);
|
||||||
extern bool sub_uid_file_present (void);
|
extern bool sub_uid_file_present (void);
|
||||||
extern bool sub_uid_assigned(const char *owner);
|
extern bool local_sub_uid_assigned(const char *owner);
|
||||||
extern int sub_uid_lock (void);
|
extern int sub_uid_lock (void);
|
||||||
extern int sub_uid_setdbname (const char *filename);
|
extern int sub_uid_setdbname (const char *filename);
|
||||||
extern /*@observer@*/const char *sub_uid_dbname (void);
|
extern /*@observer@*/const char *sub_uid_dbname (void);
|
||||||
@@ -23,11 +25,16 @@ extern int sub_uid_unlock (void);
|
|||||||
extern int sub_uid_add (const char *owner, uid_t start, unsigned long count);
|
extern int sub_uid_add (const char *owner, uid_t start, unsigned long count);
|
||||||
extern int sub_uid_remove (const char *owner, uid_t start, unsigned long count);
|
extern int sub_uid_remove (const char *owner, uid_t start, unsigned long count);
|
||||||
extern uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count);
|
extern uid_t sub_uid_find_free_range(uid_t min, uid_t max, unsigned long count);
|
||||||
|
extern int list_owner_ranges(const char *owner, enum subid_type id_type, struct subid_range **ranges);
|
||||||
|
extern bool new_subid_range(struct subordinate_range *range, enum subid_type id_type, bool reuse);
|
||||||
|
extern bool release_subid_range(struct subordinate_range *range, enum subid_type id_type);
|
||||||
|
extern int find_subid_owners(unsigned long id, enum subid_type id_type, uid_t **uids);
|
||||||
|
extern void free_subordinate_ranges(struct subordinate_range **ranges, int count);
|
||||||
|
|
||||||
extern int sub_gid_close(void);
|
extern int sub_gid_close(void);
|
||||||
extern bool have_sub_gids(const char *owner, gid_t start, unsigned long count);
|
extern bool have_sub_gids(const char *owner, gid_t start, unsigned long count);
|
||||||
extern bool sub_gid_file_present (void);
|
extern bool sub_gid_file_present (void);
|
||||||
extern bool sub_gid_assigned(const char *owner);
|
extern bool local_sub_gid_assigned(const char *owner);
|
||||||
extern int sub_gid_lock (void);
|
extern int sub_gid_lock (void);
|
||||||
extern int sub_gid_setdbname (const char *filename);
|
extern int sub_gid_setdbname (const char *filename);
|
||||||
extern /*@observer@*/const char *sub_gid_dbname (void);
|
extern /*@observer@*/const char *sub_gid_dbname (void);
|
||||||
|
|||||||
+72
-79
@@ -1,21 +1,6 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2001 Rafal Wojtczuk, Solar Designer
|
* SPDX-FileCopyrightText: 2001 Rafal Wojtczuk, Solar Designer
|
||||||
* All rights reserved.
|
* SPDX-License-Identifier: 0BSD
|
||||||
*
|
|
||||||
* Redistribution and use in source and binary forms, with or without
|
|
||||||
* modification, are permitted.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define _GNU_SOURCE
|
#define _GNU_SOURCE
|
||||||
@@ -38,6 +23,8 @@
|
|||||||
#include "shadowio.h"
|
#include "shadowio.h"
|
||||||
#include "tcbfuncs.h"
|
#include "tcbfuncs.h"
|
||||||
|
|
||||||
|
#include "shadowlog_internal.h"
|
||||||
|
|
||||||
#define SHADOWTCB_HASH_BY 1000
|
#define SHADOWTCB_HASH_BY 1000
|
||||||
#define SHADOWTCB_LOCK_SUFFIX ".lock"
|
#define SHADOWTCB_LOCK_SUFFIX ".lock"
|
||||||
|
|
||||||
@@ -72,8 +59,8 @@ shadowtcb_status shadowtcb_gain_priv (void)
|
|||||||
* to exit soon.
|
* to exit soon.
|
||||||
*/
|
*/
|
||||||
#define OUT_OF_MEMORY do { \
|
#define OUT_OF_MEMORY do { \
|
||||||
fprintf (stderr, _("%s: out of memory\n"), Prog); \
|
fprintf (shadow_logfd, _("%s: out of memory\n"), shadow_progname); \
|
||||||
(void) fflush (stderr); \
|
(void) fflush (shadow_logfd); \
|
||||||
} while (false)
|
} while (false)
|
||||||
|
|
||||||
/* Returns user's tcb directory path relative to TCB_DIR. */
|
/* Returns user's tcb directory path relative to TCB_DIR. */
|
||||||
@@ -116,9 +103,9 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if (lstat (path, &st) != 0) {
|
if (lstat (path, &st) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot stat %s: %s\n"),
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
Prog, path, strerror (errno));
|
shadow_progname, path, strerror (errno));
|
||||||
free (path);
|
free (path);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@@ -132,26 +119,26 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
|
|||||||
return rval;
|
return rval;
|
||||||
}
|
}
|
||||||
if (!S_ISLNK (st.st_mode)) {
|
if (!S_ISLNK (st.st_mode)) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: %s is neither a directory, nor a symlink.\n"),
|
_("%s: %s is neither a directory, nor a symlink.\n"),
|
||||||
Prog, path);
|
shadow_progname, path);
|
||||||
free (path);
|
free (path);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
ret = readlink (path, link, sizeof (link) - 1);
|
ret = readlink (path, link, sizeof (link) - 1);
|
||||||
if (-1 == ret) {
|
if (-1 == ret) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot read symbolic link %s: %s\n"),
|
_("%s: Cannot read symbolic link %s: %s\n"),
|
||||||
Prog, path, strerror (errno));
|
shadow_progname, path, strerror (errno));
|
||||||
free (path);
|
free (path);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
free (path);
|
free (path);
|
||||||
if ((size_t)ret >= sizeof(link) - 1) {
|
if ((size_t)ret >= sizeof(link) - 1) {
|
||||||
link[sizeof(link) - 1] = '\0';
|
link[sizeof(link) - 1] = '\0';
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Suspiciously long symlink: %s\n"),
|
_("%s: Suspiciously long symlink: %s\n"),
|
||||||
Prog, link);
|
shadow_progname, link);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
link[(size_t)ret] = '\0';
|
link[(size_t)ret] = '\0';
|
||||||
@@ -207,9 +194,9 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
|
|||||||
}
|
}
|
||||||
ptr = path;
|
ptr = path;
|
||||||
if (stat (TCB_DIR, &st) != 0) {
|
if (stat (TCB_DIR, &st) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot stat %s: %s\n"),
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
Prog, TCB_DIR, strerror (errno));
|
shadow_progname, TCB_DIR, strerror (errno));
|
||||||
goto out_free_path;
|
goto out_free_path;
|
||||||
}
|
}
|
||||||
while ((ind = strchr (ptr, '/'))) {
|
while ((ind = strchr (ptr, '/'))) {
|
||||||
@@ -219,21 +206,21 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
|
|||||||
return SHADOWTCB_FAILURE;
|
return SHADOWTCB_FAILURE;
|
||||||
}
|
}
|
||||||
if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
|
if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot create directory %s: %s\n"),
|
_("%s: Cannot create directory %s: %s\n"),
|
||||||
Prog, dir, strerror (errno));
|
shadow_progname, dir, strerror (errno));
|
||||||
goto out_free_dir;
|
goto out_free_dir;
|
||||||
}
|
}
|
||||||
if (chown (dir, 0, st.st_gid) != 0) {
|
if (chown (dir, 0, st.st_gid) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change owner of %s: %s\n"),
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
Prog, dir, strerror (errno));
|
shadow_progname, dir, strerror (errno));
|
||||||
goto out_free_dir;
|
goto out_free_dir;
|
||||||
}
|
}
|
||||||
if (chmod (dir, 0711) != 0) {
|
if (chmod (dir, 0711) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change mode of %s: %s\n"),
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
Prog, dir, strerror (errno));
|
shadow_progname, dir, strerror (errno));
|
||||||
goto out_free_dir;
|
goto out_free_dir;
|
||||||
}
|
}
|
||||||
free (dir);
|
free (dir);
|
||||||
@@ -261,9 +248,9 @@ static shadowtcb_status unlink_suffs (const char *user)
|
|||||||
return SHADOWTCB_FAILURE;
|
return SHADOWTCB_FAILURE;
|
||||||
}
|
}
|
||||||
if ((unlink (tmp) != 0) && (errno != ENOENT)) {
|
if ((unlink (tmp) != 0) && (errno != ENOENT)) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: unlink: %s: %s\n"),
|
_("%s: unlink: %s: %s\n"),
|
||||||
Prog, tmp, strerror (errno));
|
shadow_progname, tmp, strerror (errno));
|
||||||
free (tmp);
|
free (tmp);
|
||||||
return SHADOWTCB_FAILURE;
|
return SHADOWTCB_FAILURE;
|
||||||
}
|
}
|
||||||
@@ -286,9 +273,9 @@ static shadowtcb_status rmdir_leading (char *path)
|
|||||||
}
|
}
|
||||||
if (rmdir (dir) != 0) {
|
if (rmdir (dir) != 0) {
|
||||||
if (errno != ENOTEMPTY) {
|
if (errno != ENOTEMPTY) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot remove directory %s: %s\n"),
|
_("%s: Cannot remove directory %s: %s\n"),
|
||||||
Prog, dir, strerror (errno));
|
shadow_progname, dir, strerror (errno));
|
||||||
ret = SHADOWTCB_FAILURE;
|
ret = SHADOWTCB_FAILURE;
|
||||||
}
|
}
|
||||||
free (dir);
|
free (dir);
|
||||||
@@ -315,9 +302,9 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
|
|||||||
goto out_free_nomem;
|
goto out_free_nomem;
|
||||||
}
|
}
|
||||||
if (stat (olddir, &oldmode) != 0) {
|
if (stat (olddir, &oldmode) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot stat %s: %s\n"),
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
Prog, olddir, strerror (errno));
|
shadow_progname, olddir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
old_uid = oldmode.st_uid;
|
old_uid = oldmode.st_uid;
|
||||||
@@ -342,18 +329,18 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
|
|||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (rename (real_old_dir, real_new_dir) != 0) {
|
if (rename (real_old_dir, real_new_dir) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot rename %s to %s: %s\n"),
|
_("%s: Cannot rename %s to %s: %s\n"),
|
||||||
Prog, real_old_dir, real_new_dir, strerror (errno));
|
shadow_progname, real_old_dir, real_new_dir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (rmdir_leading (real_old_dir_rel) == SHADOWTCB_FAILURE) {
|
if (rmdir_leading (real_old_dir_rel) == SHADOWTCB_FAILURE) {
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if ((unlink (olddir) != 0) && (errno != ENOENT)) {
|
if ((unlink (olddir) != 0) && (errno != ENOENT)) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot remove %s: %s\n"),
|
_("%s: Cannot remove %s: %s\n"),
|
||||||
Prog, olddir, strerror (errno));
|
shadow_progname, olddir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (asprintf (&newdir, TCB_DIR "/%s", user_newname) == -1) {
|
if (asprintf (&newdir, TCB_DIR "/%s", user_newname) == -1) {
|
||||||
@@ -365,9 +352,9 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
|
|||||||
}
|
}
|
||||||
if ( (strcmp (real_new_dir, newdir) != 0)
|
if ( (strcmp (real_new_dir, newdir) != 0)
|
||||||
&& (symlink (real_new_dir_rel, newdir) != 0)) {
|
&& (symlink (real_new_dir_rel, newdir) != 0)) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot create symbolic link %s: %s\n"),
|
_("%s: Cannot create symbolic link %s: %s\n"),
|
||||||
Prog, real_new_dir_rel, strerror (errno));
|
shadow_progname, real_new_dir_rel, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
ret = SHADOWTCB_SUCCESS;
|
ret = SHADOWTCB_SUCCESS;
|
||||||
@@ -464,53 +451,53 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
|
|||||||
return SHADOWTCB_FAILURE;
|
return SHADOWTCB_FAILURE;
|
||||||
}
|
}
|
||||||
if (stat (tcbdir, &dirmode) != 0) {
|
if (stat (tcbdir, &dirmode) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot stat %s: %s\n"),
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
Prog, tcbdir, strerror (errno));
|
shadow_progname, tcbdir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chown (tcbdir, 0, 0) != 0) {
|
if (chown (tcbdir, 0, 0) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change owners of %s: %s\n"),
|
_("%s: Cannot change owners of %s: %s\n"),
|
||||||
Prog, tcbdir, strerror (errno));
|
shadow_progname, tcbdir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chmod (tcbdir, 0700) != 0) {
|
if (chmod (tcbdir, 0700) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change mode of %s: %s\n"),
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
Prog, tcbdir, strerror (errno));
|
shadow_progname, tcbdir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (lstat (shadow, &filemode) != 0) {
|
if (lstat (shadow, &filemode) != 0) {
|
||||||
if (errno != ENOENT) {
|
if (errno != ENOENT) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot lstat %s: %s\n"),
|
_("%s: Cannot lstat %s: %s\n"),
|
||||||
Prog, shadow, strerror (errno));
|
shadow_progname, shadow, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Warning, user %s has no tcb shadow file.\n"),
|
_("%s: Warning, user %s has no tcb shadow file.\n"),
|
||||||
Prog, user_newname);
|
shadow_progname, user_newname);
|
||||||
} else {
|
} else {
|
||||||
if (!S_ISREG (filemode.st_mode) ||
|
if (!S_ISREG (filemode.st_mode) ||
|
||||||
filemode.st_nlink != 1) {
|
filemode.st_nlink != 1) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Emergency: %s's tcb shadow is not a "
|
_("%s: Emergency: %s's tcb shadow is not a "
|
||||||
"regular file with st_nlink=1.\n"
|
"regular file with st_nlink=1.\n"
|
||||||
"The account is left locked.\n"),
|
"The account is left locked.\n"),
|
||||||
Prog, user_newname);
|
shadow_progname, user_newname);
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chown (shadow, user_newid, filemode.st_gid) != 0) {
|
if (chown (shadow, user_newid, filemode.st_gid) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change owner of %s: %s\n"),
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
Prog, shadow, strerror (errno));
|
shadow_progname, shadow, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chmod (shadow, filemode.st_mode & 07777) != 0) {
|
if (chmod (shadow, filemode.st_mode & 07777) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change mode of %s: %s\n"),
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
Prog, shadow, strerror (errno));
|
shadow_progname, shadow, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -518,9 +505,15 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
|
|||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
|
if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change owner of %s: %s\n"),
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
Prog, tcbdir, strerror (errno));
|
shadow_progname, tcbdir, strerror (errno));
|
||||||
|
goto out_free;
|
||||||
|
}
|
||||||
|
if (chmod (tcbdir, dirmode.st_mode & 07777) != 0) {
|
||||||
|
fprintf (shadow_logfd,
|
||||||
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
|
shadow_progname, tcbdir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
ret = SHADOWTCB_SUCCESS;
|
ret = SHADOWTCB_SUCCESS;
|
||||||
@@ -543,9 +536,9 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
|
|||||||
return SHADOWTCB_SUCCESS;
|
return SHADOWTCB_SUCCESS;
|
||||||
}
|
}
|
||||||
if (stat (TCB_DIR, &tcbdir_stat) != 0) {
|
if (stat (TCB_DIR, &tcbdir_stat) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot stat %s: %s\n"),
|
_("%s: Cannot stat %s: %s\n"),
|
||||||
Prog, TCB_DIR, strerror (errno));
|
shadow_progname, TCB_DIR, strerror (errno));
|
||||||
return SHADOWTCB_FAILURE;
|
return SHADOWTCB_FAILURE;
|
||||||
}
|
}
|
||||||
shadowgid = tcbdir_stat.st_gid;
|
shadowgid = tcbdir_stat.st_gid;
|
||||||
@@ -563,41 +556,41 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
|
|||||||
return SHADOWTCB_FAILURE;
|
return SHADOWTCB_FAILURE;
|
||||||
}
|
}
|
||||||
if (mkdir (dir, 0700) != 0) {
|
if (mkdir (dir, 0700) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: mkdir: %s: %s\n"),
|
_("%s: mkdir: %s: %s\n"),
|
||||||
Prog, dir, strerror (errno));
|
shadow_progname, dir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
|
fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
|
||||||
if (fd < 0) {
|
if (fd < 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot open %s: %s\n"),
|
_("%s: Cannot open %s: %s\n"),
|
||||||
Prog, shadow, strerror (errno));
|
shadow_progname, shadow, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
close (fd);
|
close (fd);
|
||||||
if (chown (shadow, 0, authgid) != 0) {
|
if (chown (shadow, 0, authgid) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change owner of %s: %s\n"),
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
Prog, shadow, strerror (errno));
|
shadow_progname, shadow, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
|
if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change mode of %s: %s\n"),
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
Prog, shadow, strerror (errno));
|
shadow_progname, shadow, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chown (dir, 0, authgid) != 0) {
|
if (chown (dir, 0, authgid) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change owner of %s: %s\n"),
|
_("%s: Cannot change owner of %s: %s\n"),
|
||||||
Prog, dir, strerror (errno));
|
shadow_progname, dir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
|
if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("%s: Cannot change mode of %s: %s\n"),
|
_("%s: Cannot change mode of %s: %s\n"),
|
||||||
Prog, dir, strerror (errno));
|
shadow_progname, dir, strerror (errno));
|
||||||
goto out_free;
|
goto out_free;
|
||||||
}
|
}
|
||||||
if ( (shadowtcb_set_user (name) == SHADOWTCB_FAILURE)
|
if ( (shadowtcb_set_user (name) == SHADOWTCB_FAILURE)
|
||||||
|
|||||||
+4
-27
@@ -1,32 +1,9 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1993 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1993 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+5
-4
@@ -1,11 +1,11 @@
|
|||||||
|
|
||||||
EXTRA_DIST = .indent.pro xgetXXbyYY.c
|
EXTRA_DIST = .indent.pro xgetXXbyYY.c
|
||||||
|
|
||||||
AM_CPPFLAGS = -I$(top_srcdir)/lib $(ECONF_CPPFLAGS)
|
AM_CPPFLAGS = -I$(top_srcdir)/lib -I$(top_srcdir) $(ECONF_CPPFLAGS)
|
||||||
|
|
||||||
noinst_LIBRARIES = libmisc.a
|
noinst_LTLIBRARIES = libmisc.la
|
||||||
|
|
||||||
libmisc_a_SOURCES = \
|
libmisc_la_SOURCES = \
|
||||||
addgrps.c \
|
addgrps.c \
|
||||||
age.c \
|
age.c \
|
||||||
audit_help.c \
|
audit_help.c \
|
||||||
@@ -19,6 +19,7 @@ libmisc_a_SOURCES = \
|
|||||||
cleanup_user.c \
|
cleanup_user.c \
|
||||||
console.c \
|
console.c \
|
||||||
copydir.c \
|
copydir.c \
|
||||||
|
date_to_str.c \
|
||||||
entry.c \
|
entry.c \
|
||||||
env.c \
|
env.c \
|
||||||
failure.c \
|
failure.c \
|
||||||
@@ -74,6 +75,6 @@ libmisc_a_SOURCES = \
|
|||||||
yesno.c
|
yesno.c
|
||||||
|
|
||||||
if WITH_BTRFS
|
if WITH_BTRFS
|
||||||
libmisc_a_SOURCES += btrfs.c
|
libmisc_la_SOURCES += btrfs.c
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
|||||||
+14
-31
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -40,6 +17,7 @@
|
|||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <grp.h>
|
#include <grp.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
#ident "$Id$"
|
#ident "$Id$"
|
||||||
|
|
||||||
@@ -57,6 +35,8 @@ int add_groups (const char *list)
|
|||||||
bool added;
|
bool added;
|
||||||
char *token;
|
char *token;
|
||||||
char buf[1024];
|
char buf[1024];
|
||||||
|
int ret;
|
||||||
|
FILE *shadow_logfd = log_get_logfd();
|
||||||
|
|
||||||
if (strlen (list) >= sizeof (buf)) {
|
if (strlen (list) >= sizeof (buf)) {
|
||||||
errno = EINVAL;
|
errno = EINVAL;
|
||||||
@@ -93,7 +73,7 @@ int add_groups (const char *list)
|
|||||||
|
|
||||||
grp = getgrnam (token); /* local, no need for xgetgrnam */
|
grp = getgrnam (token); /* local, no need for xgetgrnam */
|
||||||
if (NULL == grp) {
|
if (NULL == grp) {
|
||||||
fprintf (stderr, _("Warning: unknown group %s\n"),
|
fprintf (shadow_logfd, _("Warning: unknown group %s\n"),
|
||||||
token);
|
token);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
@@ -105,7 +85,7 @@ int add_groups (const char *list)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
|
if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
|
||||||
fputs (_("Warning: too many groups\n"), stderr);
|
fputs (_("Warning: too many groups\n"), shadow_logfd);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
|
tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
|
||||||
@@ -120,9 +100,12 @@ int add_groups (const char *list)
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (added) {
|
if (added) {
|
||||||
return setgroups ((size_t)ngroups, grouplist);
|
ret = setgroups ((size_t)ngroups, grouplist);
|
||||||
|
free (grouplist);
|
||||||
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
free (grouplist);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#else /* HAVE_SETGROUPS && !USE_PAM */
|
#else /* HAVE_SETGROUPS && !USE_PAM */
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2001 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2008 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+6
-28
@@ -1,32 +1,9 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2005 , Red Hat, Inc.
|
* SPDX-FileCopyrightText: 2005 , Red Hat, Inc.
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -45,6 +22,7 @@
|
|||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
#include "shadowlog.h"
|
||||||
int audit_fd;
|
int audit_fd;
|
||||||
|
|
||||||
void audit_help_open (void)
|
void audit_help_open (void)
|
||||||
@@ -59,7 +37,7 @@ void audit_help_open (void)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
(void) fputs (_("Cannot open audit interface - aborting.\n"),
|
(void) fputs (_("Cannot open audit interface - aborting.\n"),
|
||||||
stderr);
|
log_get_logfd());
|
||||||
exit (EXIT_FAILURE);
|
exit (EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+4
-27
@@ -1,32 +1,9 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1997, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1997, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
@@ -7,7 +7,6 @@
|
|||||||
|
|
||||||
static bool path_exists(const char *p)
|
static bool path_exists(const char *p)
|
||||||
{
|
{
|
||||||
int ret;
|
|
||||||
struct stat sb;
|
struct stat sb;
|
||||||
|
|
||||||
return stat(p, &sb) == 0;
|
return stat(p, &sb) == 0;
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2001 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2001 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2005 - 2008, Nicolas François
|
* SPDX-FileCopyrightText: 2005 - 2008, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1990 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1990 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1997 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1997 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2005 , Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2005 , Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* $Id$ */
|
/* $Id$ */
|
||||||
|
|||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1992 - 1993, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1992 - 1993, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2010 - , Nicolas François
|
* SPDX-FileCopyrightText: 2010 - , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+9
-29
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2001, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2001, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -43,6 +20,7 @@
|
|||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
#include <pwd.h>
|
#include <pwd.h>
|
||||||
#include "getdef.h"
|
#include "getdef.h"
|
||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* chown_tty() sets the login tty to be owned by the new user ID
|
* chown_tty() sets the login tty to be owned by the new user ID
|
||||||
@@ -62,6 +40,7 @@ void chown_tty (const struct passwd *info)
|
|||||||
grent = getgr_nam_gid (getdef_str ("TTYGROUP"));
|
grent = getgr_nam_gid (getdef_str ("TTYGROUP"));
|
||||||
if (NULL != grent) {
|
if (NULL != grent) {
|
||||||
gid = grent->gr_gid;
|
gid = grent->gr_gid;
|
||||||
|
gr_free (grent);
|
||||||
} else {
|
} else {
|
||||||
gid = info->pw_gid;
|
gid = info->pw_gid;
|
||||||
}
|
}
|
||||||
@@ -74,8 +53,9 @@ void chown_tty (const struct passwd *info)
|
|||||||
if ( (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
|
if ( (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
|
||||||
|| (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
|
|| (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
|
||||||
int err = errno;
|
int err = errno;
|
||||||
|
FILE *shadow_logfd = log_get_logfd();
|
||||||
|
|
||||||
fprintf (stderr,
|
fprintf (shadow_logfd,
|
||||||
_("Unable to change owner or mode of tty stdin: %s"),
|
_("Unable to change owner or mode of tty stdin: %s"),
|
||||||
strerror (err));
|
strerror (err));
|
||||||
SYSLOG ((LOG_WARN,
|
SYSLOG ((LOG_WARN,
|
||||||
|
|||||||
+2
-25
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2008 - 2011, Nicolas François
|
* SPDX-FileCopyrightText: 2008 - 2011, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+15
-37
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -36,6 +13,7 @@
|
|||||||
#include "groupio.h"
|
#include "groupio.h"
|
||||||
#include "sgroupio.h"
|
#include "sgroupio.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* cleanup_report_add_group - Report failure to add a group to the system
|
* cleanup_report_add_group - Report failure to add a group to the system
|
||||||
@@ -48,7 +26,7 @@ void cleanup_report_add_group (void *group_name)
|
|||||||
|
|
||||||
SYSLOG ((LOG_ERR, "failed to add group %s", name));
|
SYSLOG ((LOG_ERR, "failed to add group %s", name));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_GROUP, Prog,
|
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
|
||||||
"",
|
"",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -66,7 +44,7 @@ void cleanup_report_del_group (void *group_name)
|
|||||||
|
|
||||||
SYSLOG ((LOG_ERR, "failed to remove group %s", name));
|
SYSLOG ((LOG_ERR, "failed to remove group %s", name));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_DEL_GROUP, Prog,
|
audit_logger (AUDIT_DEL_GROUP, log_get_progname(),
|
||||||
"",
|
"",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -83,7 +61,7 @@ void cleanup_report_mod_group (void *cleanup_info)
|
|||||||
gr_dbname (),
|
gr_dbname (),
|
||||||
info->action));
|
info->action));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_ACCT, Prog,
|
audit_logger (AUDIT_USER_ACCT, log_get_progname(),
|
||||||
info->audit_msg,
|
info->audit_msg,
|
||||||
info->name, AUDIT_NO_ID,
|
info->name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -101,7 +79,7 @@ void cleanup_report_mod_gshadow (void *cleanup_info)
|
|||||||
sgr_dbname (),
|
sgr_dbname (),
|
||||||
info->action));
|
info->action));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_ACCT, Prog,
|
audit_logger (AUDIT_USER_ACCT, log_get_progname(),
|
||||||
info->audit_msg,
|
info->audit_msg,
|
||||||
info->name, AUDIT_NO_ID,
|
info->name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -121,7 +99,7 @@ void cleanup_report_add_group_group (void *group_name)
|
|||||||
|
|
||||||
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_GROUP, Prog,
|
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
|
||||||
"adding group to /etc/group",
|
"adding group to /etc/group",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -141,7 +119,7 @@ void cleanup_report_add_group_gshadow (void *group_name)
|
|||||||
|
|
||||||
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to add group %s to %s", name, sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_GROUP, Prog,
|
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
|
||||||
"adding group to /etc/gshadow",
|
"adding group to /etc/gshadow",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -164,7 +142,7 @@ void cleanup_report_del_group_group (void *group_name)
|
|||||||
"failed to remove group %s from %s",
|
"failed to remove group %s from %s",
|
||||||
name, gr_dbname ()));
|
name, gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_GROUP, Prog,
|
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
|
||||||
"removing group from /etc/group",
|
"removing group from /etc/group",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -187,7 +165,7 @@ void cleanup_report_del_group_gshadow (void *group_name)
|
|||||||
"failed to remove group %s from %s",
|
"failed to remove group %s from %s",
|
||||||
name, sgr_dbname ()));
|
name, sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_GROUP, Prog,
|
audit_logger (AUDIT_ADD_GROUP, log_get_progname(),
|
||||||
"removing group from /etc/gshadow",
|
"removing group from /etc/gshadow",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -203,9 +181,9 @@ void cleanup_report_del_group_gshadow (void *group_name)
|
|||||||
void cleanup_unlock_group (unused void *arg)
|
void cleanup_unlock_group (unused void *arg)
|
||||||
{
|
{
|
||||||
if (gr_unlock () == 0) {
|
if (gr_unlock () == 0) {
|
||||||
fprintf (stderr,
|
fprintf (log_get_logfd(),
|
||||||
_("%s: failed to unlock %s\n"),
|
_("%s: failed to unlock %s\n"),
|
||||||
Prog, gr_dbname ());
|
log_get_progname(), gr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger_message ("unlocking group file",
|
audit_logger_message ("unlocking group file",
|
||||||
@@ -223,9 +201,9 @@ void cleanup_unlock_group (unused void *arg)
|
|||||||
void cleanup_unlock_gshadow (unused void *arg)
|
void cleanup_unlock_gshadow (unused void *arg)
|
||||||
{
|
{
|
||||||
if (sgr_unlock () == 0) {
|
if (sgr_unlock () == 0) {
|
||||||
fprintf (stderr,
|
fprintf (log_get_logfd(),
|
||||||
_("%s: failed to unlock %s\n"),
|
_("%s: failed to unlock %s\n"),
|
||||||
Prog, sgr_dbname ());
|
log_get_progname(), sgr_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger_message ("unlocking gshadow file",
|
audit_logger_message ("unlocking gshadow file",
|
||||||
|
|||||||
+11
-33
@@ -1,30 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2008 , Nicolas François
|
* SPDX-FileCopyrightText: 2008 , Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -36,6 +13,7 @@
|
|||||||
#include "pwio.h"
|
#include "pwio.h"
|
||||||
#include "shadowio.h"
|
#include "shadowio.h"
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* cleanup_report_add_user - Report failure to add an user to the system
|
* cleanup_report_add_user - Report failure to add an user to the system
|
||||||
@@ -48,7 +26,7 @@ void cleanup_report_add_user (void *user_name)
|
|||||||
|
|
||||||
SYSLOG ((LOG_ERR, "failed to add user %s", name));
|
SYSLOG ((LOG_ERR, "failed to add user %s", name));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_USER, Prog,
|
audit_logger (AUDIT_ADD_USER, log_get_progname(),
|
||||||
"",
|
"",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -65,7 +43,7 @@ void cleanup_report_mod_passwd (void *cleanup_info)
|
|||||||
pw_dbname (),
|
pw_dbname (),
|
||||||
info->action));
|
info->action));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_USER_ACCT, Prog,
|
audit_logger (AUDIT_USER_ACCT, log_get_progname(),
|
||||||
info->audit_msg,
|
info->audit_msg,
|
||||||
info->name, AUDIT_NO_ID,
|
info->name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -85,7 +63,7 @@ void cleanup_report_add_user_passwd (void *user_name)
|
|||||||
|
|
||||||
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_USER, Prog,
|
audit_logger (AUDIT_ADD_USER, log_get_progname(),
|
||||||
"adding user to /etc/passwd",
|
"adding user to /etc/passwd",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -105,7 +83,7 @@ void cleanup_report_add_user_shadow (void *user_name)
|
|||||||
|
|
||||||
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger (AUDIT_ADD_USER, Prog,
|
audit_logger (AUDIT_ADD_USER, log_get_progname(),
|
||||||
"adding user to /etc/shadow",
|
"adding user to /etc/shadow",
|
||||||
name, AUDIT_NO_ID,
|
name, AUDIT_NO_ID,
|
||||||
SHADOW_AUDIT_FAILURE);
|
SHADOW_AUDIT_FAILURE);
|
||||||
@@ -120,9 +98,9 @@ void cleanup_report_add_user_shadow (void *user_name)
|
|||||||
void cleanup_unlock_passwd (unused void *arg)
|
void cleanup_unlock_passwd (unused void *arg)
|
||||||
{
|
{
|
||||||
if (pw_unlock () == 0) {
|
if (pw_unlock () == 0) {
|
||||||
fprintf (stderr,
|
fprintf (log_get_logfd(),
|
||||||
_("%s: failed to unlock %s\n"),
|
_("%s: failed to unlock %s\n"),
|
||||||
Prog, pw_dbname ());
|
log_get_progname(), pw_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger_message ("unlocking passwd file",
|
audit_logger_message ("unlocking passwd file",
|
||||||
@@ -139,9 +117,9 @@ void cleanup_unlock_passwd (unused void *arg)
|
|||||||
void cleanup_unlock_shadow (unused void *arg)
|
void cleanup_unlock_shadow (unused void *arg)
|
||||||
{
|
{
|
||||||
if (spw_unlock () == 0) {
|
if (spw_unlock () == 0) {
|
||||||
fprintf (stderr,
|
fprintf (log_get_logfd(),
|
||||||
_("%s: failed to unlock %s\n"),
|
_("%s: failed to unlock %s\n"),
|
||||||
Prog, spw_dbname ());
|
log_get_progname(), spw_dbname ());
|
||||||
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
|
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
|
||||||
#ifdef WITH_AUDIT
|
#ifdef WITH_AUDIT
|
||||||
audit_logger_message ("unlocking shadow file",
|
audit_logger_message ("unlocking shadow file",
|
||||||
|
|||||||
+6
-29
@@ -1,34 +1,11 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1991 , Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1991 , Julianne Frances Haugh
|
||||||
* Copyright (c) 1991 , Chip Rosenthal
|
* SPDX-FileCopyrightText: 1991 , Chip Rosenthal
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2010, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+25
-40
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1991 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1991 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2001, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2001, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2006, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2006, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2010, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2010, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -55,6 +32,7 @@
|
|||||||
#ifdef WITH_ATTR
|
#ifdef WITH_ATTR
|
||||||
#include <attr/libattr.h>
|
#include <attr/libattr.h>
|
||||||
#endif /* WITH_ATTR */
|
#endif /* WITH_ATTR */
|
||||||
|
#include "shadowlog.h"
|
||||||
|
|
||||||
|
|
||||||
static /*@null@*/const char *src_orig;
|
static /*@null@*/const char *src_orig;
|
||||||
@@ -116,6 +94,7 @@ static int fchown_if_needed (int fdst, const struct stat *statp,
|
|||||||
static void error_acl (struct error_context *ctx, const char *fmt, ...)
|
static void error_acl (struct error_context *ctx, const char *fmt, ...)
|
||||||
{
|
{
|
||||||
va_list ap;
|
va_list ap;
|
||||||
|
FILE *shadow_logfd = log_get_logfd();
|
||||||
|
|
||||||
/* ignore the case when destination does not support ACLs
|
/* ignore the case when destination does not support ACLs
|
||||||
* or extended attributes */
|
* or extended attributes */
|
||||||
@@ -125,11 +104,11 @@ static void error_acl (struct error_context *ctx, const char *fmt, ...)
|
|||||||
}
|
}
|
||||||
|
|
||||||
va_start (ap, fmt);
|
va_start (ap, fmt);
|
||||||
(void) fprintf (stderr, _("%s: "), Prog);
|
(void) fprintf (shadow_logfd, _("%s: "), log_get_progname());
|
||||||
if (vfprintf (stderr, fmt, ap) != 0) {
|
if (vfprintf (shadow_logfd, fmt, ap) != 0) {
|
||||||
(void) fputs (_(": "), stderr);
|
(void) fputs (_(": "), shadow_logfd);
|
||||||
}
|
}
|
||||||
(void) fprintf (stderr, "%s\n", strerror (errno));
|
(void) fprintf (shadow_logfd, "%s\n", strerror (errno));
|
||||||
va_end (ap);
|
va_end (ap);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -248,9 +227,9 @@ int copy_tree (const char *src_root, const char *dst_root,
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!S_ISDIR (sb.st_mode)) {
|
if (!S_ISDIR (sb.st_mode)) {
|
||||||
fprintf (stderr,
|
fprintf (log_get_logfd(),
|
||||||
"%s: %s is not a directory",
|
"%s: %s is not a directory",
|
||||||
Prog, src_root);
|
log_get_progname(), src_root);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -484,7 +463,7 @@ static int copy_dir (const char *src, const char *dst,
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (dst) != 0) {
|
if (set_selinux_file_context (dst, S_IFDIR) != 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#endif /* WITH_SELINUX */
|
#endif /* WITH_SELINUX */
|
||||||
@@ -605,7 +584,7 @@ static int copy_symlink (const char *src, const char *dst,
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (dst) != 0) {
|
if (set_selinux_file_context (dst, S_IFLNK) != 0) {
|
||||||
free (oldlink);
|
free (oldlink);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -684,7 +663,7 @@ static int copy_special (const char *src, const char *dst,
|
|||||||
int err = 0;
|
int err = 0;
|
||||||
|
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (dst) != 0) {
|
if (set_selinux_file_context (dst, statp->st_mode & S_IFMT) != 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#endif /* WITH_SELINUX */
|
#endif /* WITH_SELINUX */
|
||||||
@@ -739,16 +718,17 @@ static int copy_file (const char *src, const char *dst,
|
|||||||
char buf[1024];
|
char buf[1024];
|
||||||
ssize_t cnt;
|
ssize_t cnt;
|
||||||
|
|
||||||
ifd = open (src, O_RDONLY);
|
ifd = open (src, O_RDONLY|O_NOFOLLOW);
|
||||||
if (ifd < 0) {
|
if (ifd < 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#ifdef WITH_SELINUX
|
#ifdef WITH_SELINUX
|
||||||
if (set_selinux_file_context (dst) != 0) {
|
if (set_selinux_file_context (dst, S_IFREG) != 0) {
|
||||||
|
(void) close (ifd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#endif /* WITH_SELINUX */
|
#endif /* WITH_SELINUX */
|
||||||
ofd = open (dst, O_WRONLY | O_CREAT | O_TRUNC, statp->st_mode & 07777);
|
ofd = open (dst, O_WRONLY | O_CREAT | O_TRUNC | O_NOFOLLOW, statp->st_mode & 07777);
|
||||||
if ( (ofd < 0)
|
if ( (ofd < 0)
|
||||||
|| (fchown_if_needed (ofd, statp,
|
|| (fchown_if_needed (ofd, statp,
|
||||||
old_uid, new_uid, old_gid, new_gid) != 0)
|
old_uid, new_uid, old_gid, new_gid) != 0)
|
||||||
@@ -771,12 +751,16 @@ static int copy_file (const char *src, const char *dst,
|
|||||||
&& (errno != 0))
|
&& (errno != 0))
|
||||||
#endif /* WITH_ATTR */
|
#endif /* WITH_ATTR */
|
||||||
) {
|
) {
|
||||||
|
if (ofd >= 0) {
|
||||||
|
(void) close (ofd);
|
||||||
|
}
|
||||||
(void) close (ifd);
|
(void) close (ifd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
while ((cnt = read (ifd, buf, sizeof buf)) > 0) {
|
while ((cnt = read (ifd, buf, sizeof buf)) > 0) {
|
||||||
if (write (ofd, buf, (size_t)cnt) != cnt) {
|
if (write (ofd, buf, (size_t)cnt) != cnt) {
|
||||||
|
(void) close (ofd);
|
||||||
(void) close (ifd);
|
(void) close (ifd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@@ -786,6 +770,7 @@ static int copy_file (const char *src, const char *dst,
|
|||||||
|
|
||||||
#ifdef HAVE_FUTIMES
|
#ifdef HAVE_FUTIMES
|
||||||
if (futimes (ofd, mt) != 0) {
|
if (futimes (ofd, mt) != 0) {
|
||||||
|
(void) close (ofd);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
#endif /* HAVE_FUTIMES */
|
#endif /* HAVE_FUTIMES */
|
||||||
|
|||||||
@@ -0,0 +1,46 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2021, Alejandro Colomar <alx.manpages@gmail.com>
|
||||||
|
*
|
||||||
|
* Redistribution and use in source and binary forms, with or without
|
||||||
|
* modification, are permitted provided that the following conditions
|
||||||
|
* are met:
|
||||||
|
* 1. Redistributions of source code must retain the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer.
|
||||||
|
* 2. Redistributions in binary form must reproduce the above copyright
|
||||||
|
* notice, this list of conditions and the following disclaimer in the
|
||||||
|
* documentation and/or other materials provided with the distribution.
|
||||||
|
* 3. The name of the copyright holders or contributors may not be used to
|
||||||
|
* endorse or promote products derived from this software without
|
||||||
|
* specific prior written permission.
|
||||||
|
*
|
||||||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||||
|
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||||
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
||||||
|
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||||
|
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||||
|
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||||
|
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||||
|
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||||
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||||
|
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#include <string.h>
|
||||||
|
#include <time.h>
|
||||||
|
|
||||||
|
#ident "$Id$"
|
||||||
|
|
||||||
|
#include "prototypes.h"
|
||||||
|
|
||||||
|
void date_to_str (size_t size, char buf[size], long date)
|
||||||
|
{
|
||||||
|
time_t t;
|
||||||
|
|
||||||
|
t = date;
|
||||||
|
if (date < 0)
|
||||||
|
(void) strncpy (buf, "never", size);
|
||||||
|
else
|
||||||
|
(void) strftime (buf, size, "%Y-%m-%d", gmtime (&t));
|
||||||
|
buf[size - 1] = '\0';
|
||||||
|
}
|
||||||
+5
-28
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 2000, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 2000, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2007 - 2008, Nicolas François
|
* SPDX-FileCopyrightText: 2007 - 2008, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
|
|||||||
+7
-29
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1992, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1992, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1999, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1999, Marek Michałkiewicz
|
||||||
* Copyright (c) 2003 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2003 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 - 2009, Nicolas François
|
* SPDX-FileCopyrightText: 2008 - 2009, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -40,6 +17,7 @@
|
|||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include "prototypes.h"
|
#include "prototypes.h"
|
||||||
#include "defines.h"
|
#include "defines.h"
|
||||||
|
#include "shadowlog.h"
|
||||||
/*
|
/*
|
||||||
* NEWENVP_STEP must be a power of two. This is the number
|
* NEWENVP_STEP must be a power of two. This is the number
|
||||||
* of (char *) pointers to allocate at a time, to avoid using
|
* of (char *) pointers to allocate at a time, to avoid using
|
||||||
@@ -171,7 +149,7 @@ void addenv (const char *string, /*@null@*/const char *value)
|
|||||||
}
|
}
|
||||||
newenvp = __newenvp;
|
newenvp = __newenvp;
|
||||||
} else {
|
} else {
|
||||||
(void) fputs (_("Environment overflow\n"), stderr);
|
(void) fputs (_("Environment overflow\n"), log_get_logfd());
|
||||||
newenvc--;
|
newenvc--;
|
||||||
free (newenvp[newenvc]);
|
free (newenvp[newenvc]);
|
||||||
}
|
}
|
||||||
|
|||||||
+6
-54
@@ -1,33 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1989 - 1994, Julianne Frances Haugh
|
* SPDX-FileCopyrightText: 1989 - 1994, Julianne Frances Haugh
|
||||||
* Copyright (c) 1996 - 1998, Marek Michałkiewicz
|
* SPDX-FileCopyrightText: 1996 - 1998, Marek Michałkiewicz
|
||||||
* Copyright (c) 2002 - 2005, Tomasz Kłoczko
|
* SPDX-FileCopyrightText: 2002 - 2005, Tomasz Kłoczko
|
||||||
* Copyright (c) 2008 - 2010, Nicolas François
|
* SPDX-FileCopyrightText: 2008 - 2010, Nicolas François
|
||||||
* All rights reserved.
|
|
||||||
*
|
*
|
||||||
* Redistribution and use in source and binary forms, with or without
|
* SPDX-License-Identifier: BSD-3-Clause
|
||||||
* modification, are permitted provided that the following conditions
|
|
||||||
* are met:
|
|
||||||
* 1. Redistributions of source code must retain the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer.
|
|
||||||
* 2. Redistributions in binary form must reproduce the above copyright
|
|
||||||
* notice, this list of conditions and the following disclaimer in the
|
|
||||||
* documentation and/or other materials provided with the distribution.
|
|
||||||
* 3. The name of the copyright holders or contributors may not be used to
|
|
||||||
* endorse or promote products derived from this software without
|
|
||||||
* specific prior written permission.
|
|
||||||
*
|
|
||||||
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
||||||
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
|
|
||||||
* PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
|
||||||
* HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
||||||
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
|
||||||
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
|
||||||
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|
||||||
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
||||||
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
|
||||||
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include <config.h>
|
#include <config.h>
|
||||||
@@ -98,7 +75,7 @@ void failure (uid_t uid, const char *tty, struct faillog *fl)
|
|||||||
fl->fail_cnt++;
|
fl->fail_cnt++;
|
||||||
}
|
}
|
||||||
|
|
||||||
strncpy (fl->fail_line, tty, sizeof fl->fail_line);
|
strncpy (fl->fail_line, tty, sizeof (fl->fail_line) - 1);
|
||||||
(void) time (&fl->fail_time);
|
(void) time (&fl->fail_time);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -232,13 +209,8 @@ int failcheck (uid_t uid, struct faillog *fl, bool failed)
|
|||||||
void failprint (const struct faillog *fail)
|
void failprint (const struct faillog *fail)
|
||||||
{
|
{
|
||||||
struct tm *tp;
|
struct tm *tp;
|
||||||
|
|
||||||
#if HAVE_STRFTIME
|
|
||||||
char lasttimeb[256];
|
char lasttimeb[256];
|
||||||
char *lasttime = lasttimeb;
|
char *lasttime = lasttimeb;
|
||||||
#else
|
|
||||||
char *lasttime;
|
|
||||||
#endif
|
|
||||||
time_t NOW;
|
time_t NOW;
|
||||||
|
|
||||||
if (0 == fail->fail_cnt) {
|
if (0 == fail->fail_cnt) {
|
||||||
@@ -248,31 +220,11 @@ void failprint (const struct faillog *fail)
|
|||||||
tp = localtime (&(fail->fail_time));
|
tp = localtime (&(fail->fail_time));
|
||||||
(void) time (&NOW);
|
(void) time (&NOW);
|
||||||
|
|
||||||
#if HAVE_STRFTIME
|
|
||||||
/*
|
/*
|
||||||
* Print all information we have.
|
* Print all information we have.
|
||||||
*/
|
*/
|
||||||
(void) strftime (lasttimeb, sizeof lasttimeb, "%c", tp);
|
(void) strftime (lasttimeb, sizeof lasttimeb, "%c", tp);
|
||||||
#else
|
|
||||||
|
|
||||||
/*
|
|
||||||
* Do the same thing, but don't use strftime since it
|
|
||||||
* probably doesn't exist on this system
|
|
||||||
*/
|
|
||||||
lasttime = asctime (tp);
|
|
||||||
lasttime[24] = '\0';
|
|
||||||
|
|
||||||
if ((NOW - fail->fail_time) < YEAR) {
|
|
||||||
lasttime[19] = '\0';
|
|
||||||
}
|
|
||||||
if ((NOW - fail->fail_time) < DAY) {
|
|
||||||
lasttime = lasttime + 11;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (' ' == *lasttime) {
|
|
||||||
lasttime++;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
/*@-formatconst@*/
|
/*@-formatconst@*/
|
||||||
(void) printf (ngettext ("%d failure since last login.\n"
|
(void) printf (ngettext ("%d failure since last login.\n"
|
||||||
"Last was %s on %s.\n",
|
"Last was %s on %s.\n",
|
||||||
|
|||||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user