+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/login.c: Do not log in utmp / utmpx / wtmp when PAM is
+ enabled. This is already done by pam_lastlog. Note that
+ pam_lastlog can only log the parent PID, not the PID of the
+ process forked by login.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chpasswd.c: Add annotations to indicate that usage() does
+ not return.
+ * src/chpasswd.c: Reindent.
+ * src/chpasswd.c: Remove dead code. No need to set crypt_method
+ to NULL when it is already NULL. sflg is only set if crypt_method
+ is not NULL.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/lastlog.c: Add annotations to indicate that usage() does not
+ return.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/faillog.c: Add annotations to indicate that usage() does not
+ return.
+ * src/faillog.c: Fix message: this is faillog, not lastlog.
+ * src/faillog.c: Check that there are no extra arguments after
+ parsing the options.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chgpasswd.c: Add annotations to indicate that usage() does
+ not return.
+ * src/chgpasswd.c: Split usage in smaller parts. Those parts are
+ already translated for chpasswd. Usage is now closer to
+ chpasswd's.
+ * src/chgpasswd.c: Remove dead code. No need to set crypt_method
+ to NULL when it is already NULL. sflg is only set if crypt_method
+ is not NULL.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/expiry.c: Remove dead code.
+ * src/expiry.c: Improve comments.
+
+2011-07-23 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/grpck.c: Added comments.
+ * src/grpck.c: Avoid implicit conversion of pointer to boolean.
+ * src/grpck.c: Remove dead code. argc cannot be lower than optind.
+ Avoid checking twice in a row for NULL != list[i].
+
+2011-07-22 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of
+ invalid configuration.
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated
+ comments.
+ * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict
+ on the loop stop conditions. Stop if we passed the limit, even if
+ the limit itself was never noticed.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix some spacing issues due to configuration
+ variants.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/passwd.c: Overflow when computing the number of days based
+ on the scaling. Use of long long needed.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, lib/commonio.h, lib/commonio.c: Additional messages to
+ indicate why locking failed.
+ * NEWS, lib/commonio.c: Fix the sort algorithm in case of NIS. NIS
+ entries were dropped.
+ * lib/commonio.c: NIS entries can start by '+' or '-'.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/groupmod.c: When the gshadow file exists but there are
+ no gshadow entries, an entry is created if the password is changed
+ and group requires a shadow entry.
+
+2011-07-14 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/usermod.c: Fix typo in comment.
+ * src/usermod.c (move_home): It is always an error to use -m if
+ the new home directory already exist (independently from the
+ existence of the old home directory did not exist)
+ * src/usermod.c (process_flags): Report usage if no options are
+ provided. Update the error message.
+ * src/usermod.c (process_flags): Check option compatibility and
+ dependency before options are discarded when no changes are
+ requested.
+ * src/usermod.c (process_flags): Check for oflg is not needed to
+ check if changes are needed.
+ * src/usermod.c: usage() does not return. Add annotations.
+ * src/usermod.c (update_gshadow): is_member was computed twice.
+ * src/usermod.c (update_group, update_gshadow): Reduce complexity
+ and document checks. Some checks were always true/false within
+ their call context.
+ * NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file
+ exists but there are no shadow entries, an entry has to be created
+ if the password is changed and passwd requires a shadow entry, or
+ if aging features are used (-e or -f). Document this and also that
+ -e and -f require a shadow file.
+ * man/usermod.8.xml: Document behavior of an empty EXPIRE_DATE.
+ * man/usermod.8.xml: Document that the mail spool might have to be
+ renamed (as for the homedir)
+ * src/usermod.c (new_pwent): Document that pw_locate will not fail
+ because getpwnam returned successfully.
+ * src/usermod.c (process_flags): Do not display the usage in case
+ of an invalid -f value (similar to -e).
+ * src/usermod.c (process_flags): Indicate that the user name is
+ invalid, instead of just a 'field'.
+
+2011-07-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/groupadd.c: Fix typo in comment.
+ * src/userdel.c: Fix typo from 2011-06-04. Report failure on the
+ mailfile instead of user_home.
+ * lib/fields.c: Fixed typo from 2010-02-15. field insteadof cp
+ ought to be checked.
+ * src/vipw.c: Use Prog instead of progname. This is needed since
+ Prog is used in the library.
+ * configure.in: Fix typo. libcrack default is 'no'.
+ * src/groupmod.c: Avoid implicit conversion of pointer to boolean.
+ * src/groupmod.c: osgrp can be set only if pflg || nflg. No need
+ to check for pflg || nflg again
+
+2011-07-08 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/*.xml, man/config.xml.in: Add source and version
+ information. This reduce the amount of warnings during the
+ manpages generation.
+
+2011-06-25 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/passwd.1.xml: Added reference to chpasswd(8).
+ * man/po/ru.po: Add space between option and argument.
+
+2011-06-16 Francisco Javier Cuadrado <fcocuadrado@gmail.com>
+
+ * po/es.po: Spanish translation
+
+2011-06-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/isexpired.c: Added parenthesis.
+ * libmisc/env.c: Added comments.
+ * libmisc/env.c: Avoid implicit conversion of pointer to boolean.
+
+2011-06-16 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: environ is provided by <unistd.h>.
+ * src/su.c: Added function prototypes.
+ * src/su.c: Rename shellstr parameter to shellname to avoid
+ collision with static variable.
+ * NEWS, src/su.c: Added support for PAM modules which change
+ PAM_USER.
+
+2011-06-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c (prepare_pam_close_session): Extract the creation of a
+ child and listening for signal in the parent from run_shell().
+ prepare_pam_close_session() is now executed before the creation of
+ the pam session and before the UID is changed. This allows to
+ close the session as root.
+ * src/su.c: Also drop the controlling terminal when PAM is not
+ used.
+ * src/su.c: Remove run_shell().
+ * src/su.c: After prepare_pam_close_session() there is no need to
+ close the session in the child. Added pam_setcred to
+ prepare_pam_close_session().
+
+2011-06-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c (save_caller_context): Extract from main() the code
+ used to save the caller's context.
+ * src/su.c: Split check_perms() in to a PAM (check_perms_pam) and
+ a non-PAM (check_perms_nopam) version.
+ * src/su.c: Cleanup check_perms_nopam().
+ * src/su.c: Merge environment setting blocks after the creation of
+ the session.
+ * src/su.c: Close the password databases together with syslog.
+ * src/su.c: Extract command line processing from main().
+ * src/su.c: Extract export of environment from main().
+
+2011-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Group some of the environment processing blocks. The
+ definition of shellstr, PATH and IFS is not influenced (getenv,
+ getdef, restricted_shell) by and does not influence (addenv does
+ not change environ) the authentication. And the authentication
+ did not overwrite those definitions. This will ease an extraction
+ from the big main() function.
+ * src/su.c: Move definition of change_environment and shellstr
+ after the switch to the final subsystem. The previous architecture
+ forced to always change the environment (the shell starts with a
+ '*' and was thus restricted, and change_environment could not be
+ reset to false).
+ * src/su.c: No need to change the user's shell in case of
+ subsystem root. Update the comments.
+ * src/su.c: Define shellstr before the environment so that
+ restricted_shell is called only once. This will allow moving the
+ environment definition after the switch to the new user.
+ * src/su.c: Extract the authentication from the main function.
+ * lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not
+ use the pwent global variable to communicate between APIs of
+ different files. Added boolean parameter su_to_root to
+ check_su_auth().
+ * src/su.c (check_perms): Return the passwd entry of the finally
+ authenticated user. Remove usage of the pwent variable.
+ * src/su.c: The password of the caller is the one from the
+ spwd structure only if the passwd's password is 'x'.
+ * src/su.c: Cleanup local variables.
+
+2011-06-10 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/su.c: Updating pwent after expire() is not useful. Only the
+ password information may have changed and they are not used
+ anymore afterwards.
+ * src/su.c: No need to call expire() if there are no shadow entry.
+ No need to convert a passwd entry into an spwd entry in that case.
+
+2011-06-12 Thomas Blein <tblein@tblein.eu>
+
+ * man/po/fr.po: French manpages translation
+
+2011-06-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c: Do not forward the controlling terminal to
+ commands executed with -c. This prevents tty hijacking which could
+ lead to execution with the caller's privileges. This required to
+ forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to
+ the executed command.
+
+2011-06-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Do not remove a group with the same name as
+ the user (usergroup) if this group isn't the user's primary group.
+
+2011-06-04 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/userdel.c: Check the existence of the user's mail
+ spool before trying to remove it. If it does not exist, a warning
+ is issued, but no failure.
+
+2011-06-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/sulogin.c: Added Prog, needed because of the last xmalloc()
+ change.
+
+2011-06-03 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN
+ Makefile.
+ * man/Makefile.am: Build zh_CN pages.
+ * man/generate_translations.mak: Add config.xml to CLEANFILES.
+ * man/po/zh_CN.po: limits, groups, faillog, expiry should not be
+ translated (command name, file name), also this broke the build
+ system as they are used to derive manpage names.
+
+2011-06-02 Peter Vrabec <pvrabec@redhat.com>
+
+ * src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry
+ to be displayed.
+
+2011-06-02 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/xmalloc.c: Harmonize message.
+
+2011-06-02 Peter Vrabec <pvrabec@redhat.com>
+
+ * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing
+ memory allocation check.
+
+2011-06-02 Cal Peake <cp@absolutedigital.net>
+
+ * NEWS, libmisc/addgrps.c: Fix allocator loop. Continue to
+ getgroups() when getgroups fails (-1) with errno==EINVAL.
+
+2011-06-01 Simon Brandmair <sbrandmair@gmx.net>
+
+ * man/newusers.8.xml, man/suauth.5.xml, man/suauth.5.xml,
+ man/logoutd.8.xml, man/chgpasswd.8.xml, man/groups.1.xml,
+ man/faillog.5.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml,
+ man/login.defs.d/DEFAULT_HOME.xml,
+ man/login.defs.d/LOGIN_RETRIES.xml,
+ man/login.defs.d/MD5_CRYPT_ENAB.xml,
+ man/login.defs.d/PORTTIME_CHECKS_ENAB.xml,
+ man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml:
+ Fix typos
+ * man/po/de.po: German translation of manpages completed
+
+2011-05-23 Innocent De Marchi <tangram.peces@gmail.com>
+
+ * po/ca.po: Catalan translation completed
+
+2011-04-22 Miguel Figueiredo <elmig@debianpt.org>
+
+ * po/pt.po: Portuguese translation completed
+
+2011-04-22 Thomas Blein <tblein@tblein.eu>
+
+ * po/fr.po: French translation completed
+
+2011-04-16 Holger Wansing <linux@wansing-online.de>
+
+ * po/de.po: German translation completed
+
+2011-04-15 Fred Maranhão <fred.maranhao@gmail.com>
+
+ * po/pt_BR.po: Brazilian Portuguese translation completed
+
+2011-04-10 Yuri Kozlov <yuray@komyakino.ru>
+
+ * po/ru.po: Russian translation completed
+
+2011-04-07 Daniel Nylander <po@danielnylander.se>
+
+ * po/sv.po: Swedish translation completed
+
+2011-04-07 Joe Dalton <joedalton2@yahoo.dk>
+
+ * po/da.po: Danish translation completed
+
+2011-04-05 Timur Birsh <taem@linukz.org>
+
+ * po/kk.po: Kazakh translation completed
+
+2011-04-05 NAKANO Takeo <nakano@st.seikei.ac.jp>
+
+ * po/ja.po: Japanese translation completed
+
+2011-03-30 YunQiang Su <wzssyqa@gmail.com>
+
+ * man/po/zh_CN.po: convert Simplified Chinese translation
+ of manpages to gettext
+ * po/zh_CN.po: Simplified Chinese translation completed
+
+2010-02-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/ru/Makefile.am: Remove double inclusion of $(man_nopam)
+
+2010-02-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in
+ user_busy() rather than in src/userdel.c or src/usermod.c to
+ provide more accurate failure cause (user is logged in or user
+ still executes processes).
+
+2010-02-15 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check
+ entry validity before commits to databases.
+ * libmisc/fields.c, libmisc/Makefile.am, lib/fields.c,
+ lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to
+ lib.
+ * lib/fields.c: Fail if input pointer is NULL.
+
+2010-02-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in
+ gecos or shell.
+
+2011-02-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * autogen.sh: Restore original autoreconf (see 2010-08-29's change
+ for autogen.sh)
+ * configure.in, man/po/Makefile.in.in, man/po/Makefile.in:
+ Makefile.in.in replaced by Makefile.in to avoid config.status
+ issues when there are multiple po directories.
+ * man/po/LINGUAS: Adapted to above change.
+ * man/po/POTFILES.in, man/po/XMLFILES: POTFILES.in replaced by
+ XMLFILES.
+ * man/Makefile.am: generate_mans.deps shall be included by make,
+ not automake.
+
+2010-11-19 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login
+ to hang when CONSOLE was configured with a colon separated list of
+ TTYs. See http://bugs.gentoo.org/show_bug.cgi?id=324419
+
+2010-09-05 Nicolas François <nicolas.francois@centraliens.net>
+
+ Integrate review comments from Julien Cristau
+ * libmisc/copydir.c: Missing parenthesis in comment.
+ * libmisc/chowndir.c: Fixed memory leak on failed realloc().
+ * libmisc/chowndir.c: Make sure the buffer for the path is large
+ enough.
+ * libmisc/remove_tree.c: Remove check for NULL before free().
+
+2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/po/fr.po: Fix 2 fuzzy strings.
+
+2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/usermod.c: Accept options in any order (username not
+ necessarily at the end)
+
+2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
+
+ * autogen.sh: Expand autoreconf to avoid running autopoint.
+
2010-08-29 Nicolas François <nicolas.francois@centraliens.net>
* po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated.
projects / shadow / blobdiff