X-Git-Url: https://granicus.if.org/sourcecode?a=blobdiff_plain;f=ChangeLog;h=4847e133d0571524c5ec4d5fd313900e8e849a8b;hb=f634cd3e2c8b6d772341fccd5d887316b7b40b9d;hp=a7f73601f6e44da4f2c8e53af17fbcf9c4e9de9c;hpb=1a87c698544de19a82e55d0fb5996090da8ae1d6;p=shadow diff --git a/ChangeLog b/ChangeLog index a7f73601..4847e133 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,457 @@ +2009-05-16 Nicolas François + + * libmisc/console.c (console): Remove the leading /dev/ from the + tty before comparing with the lines specified by CONSOLE. + * src/su.c: Do not remove the /dev/ prefix since it is done by + console(). + +2009-05-16 Nicolas François + + * man/login.defs.d/CONSOLE.xml: Document the format of the CONSOLE + file. + +2009-05-16 Nicolas François + + * src/login.c: Fix failure of non PAM enabled versions when an + empty username is entered after a first prompt. + +2009-05-16 Nicolas François + + * src/passwd.c: Added missing end of line at the end of success + messages. + +2009-05-16 sacha + + * po/fr.po: Fixed typo in the vipw usage string. + +2009-05-12 Nicolas François + + * libmisc/shell.c: Removed invalid code that executed the user's + shell as a shell script when the direct execution of the user's + shell failed with ENOEXEC and the user's shell has a shebang. The + interpreter might not be the right one. Executing the user's + shell with sh -c might be better, but I'm not sure we should try + harder when there is a failure. Note: the removed code was only + included #ifndef __linux__. + +2009-05-12 Nicolas François + + * man/userdel.8.xml: The USERGROUPS_ENAB group may not be removed + when the group is used by other users, not the user. + +2009-05-12 Nicolas François + + * src/userdel.c, man/login.defs.d/USERDEL_CMD.xml: Move the + USERDEL_CMD script example from the source code to the + documentation. + +2009-05-11 Nicolas François + + * man/newusers.8.xml: PAM enabled version: describe how passwords + are updated and how newusers behave in case of error. + +2009-05-10 Nicolas François + + * NEWS, configure.in: New release will be 4.1.4. + * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. + * po/*.po, man/po/*.po: Updated PO files. + +2009-05-10 Nicolas François + + * libmisc/copydir.c: Added prototype of readlink_malloc(), and + readlink_malloc() changed to static. + +2009-05-10 Nicolas François + + * src/su.c: Avoid redeclaration of root_pw. + +2009-05-10 NAKANO Takeo + + * po/ja.po: Updated Japanese translation. + +2009-05-10 Jean-Luc Coulon (f5ibh) + + * po/fr.po: Updated French translation. + +2009-05-10 Nicolas François + + * lib/commonio.c: Avoid PATH_MAX. On glibc, we can use realpath + with a NULL argument. + * src/useradd.c: Replace PATH_MAX by a fixed constant. The buffer + was not meant as a storage for a path. + * src/useradd.c, src/newusers.c, src/chpasswd.c: Better detection + of fgets errors. Lines shall end with a \n, unless we reached the + end of file. + * libmisc/copydir.c: Avoid PATH_MAX. Support file paths with any + length. Added readlink_malloc(). + +2009-05-09 Nicolas François + + * src/pwck.c: Warn if an user has an entry in passwd and shadow, + and the password field in passwd is not 'x'. + * src/grpck.c: Warn if a group has an entry in group and gshadow, + and the password field in group is not 'x'. + +2009-05-09 Nicolas François + + * man/login.defs.d/ENCRYPT_METHOD.xml, + man/login.defs.d/MD5_CRYPT_ENAB.xml, + man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Updated note for PAM + enabled versions. These variables are only used for group + passwords in this case. + +2009-05-09 Nicolas François + + * man/chpasswd.8.xml: Sorted options alphabetically. + +2009-05-09 Nicolas François + + * NEWS, src/newusers.c, src/Makefile.am: Added support for + changing the passwords with PAM. + * src/newusers.c: Split the usage string in smaller parts to + allow enabling single parts. + * man/newusers.8.xml: Indicate the options and configuration + variables valid for PAM and non-PAM versions. + * man/newusers.8.xml: Added pointer to /etc/pam.d/chpasswd. + +2009-05-09 Nicolas François + + * src/userdel.c: Remove duplicate definitions of exit codes. + +2009-05-07 Nicolas François + + * libmisc/non_interactive_pam_conv.c, + libmisc/pam_pass_non_interractive.c, libmisc/Makefile.am: Renamed. + * libmisc/pam_pass_non_interractive.c, lib/prototypes.h: + non_interactive_password and non_interactive_pam_conv do not need + to be externally visible. + * libmisc/pam_pass_non_interractive.c: Added declaration of + ni_conv. + * libmisc/pam_pass_non_interractive.c: Only compile ifdef USE_PAM. + * libmisc/pam_pass_non_interractive.c, lib/prototypes.h: + Added do_pam_passwd_non_interractive(). + * src/chpasswd.c: Use do_pam_passwd_non_interractive(). + +2009-05-07 Nicolas François + + * libmisc/pam_pass.c: Removed comment regarding pam_misc. This is + checked by configure.in. + +2009-05-07 Nicolas François + + * man/login.defs.5.xml: PAM enabled chpasswd do not use any + configuration variable from login.defs. + +2009-05-07 Nicolas François + + * man/passwd.1.xml: Differentiate the files used for PAM and + non-PAM versions. + +2009-05-07 Nicolas François + + * man/chpasswd.8.xml: Describe how chpasswd behaves in case of error. + * man/chpasswd.8.xml: Describe the PAM enabled chpasswd behavior. + * man/chpasswd.8.xml: Differentiate the files and configurations + used for PAM and non-PAM versions. + +2009-05-07 Nicolas François + + * src/login.c: failcount does not need to be signed. + +2009-05-07 Nicolas François + + * src/Makefile.am: PAM enabled chpasswd now needs to be linked to + the PAM library, even if --enable-account-tools-setuid is not + used. + +2009-05-07 Nicolas François + + * src/chpasswd.c: Added the line number when an error is reported + instead of only the username. + * src/chpasswd.c: PAM enabled chpasswd may change the password + database (for the user where the password update succeeded) even + if there were a failure for one user. Do not indicate that changes + were ignored. + +2009-05-07 Nicolas François + + * src/passwd.c: Exit immediately when unlocking a password would + result in a passwordless account. This avoid printing a success + message after the warning. + +2009-05-07 Nicolas François + + * src/nologin.c: Include to get EXIT_FAILURE. + +2009-05-04 Nicolas François + + * NEWS, configure.in: Fix build failure on non-PAM enabled system + when --without-pam is not specified. + +2009-04-30 Nicolas François + + * lib/commonio.c: Ignore teh return values of fclose() and + unlink() in case of failure of fopen_set_perms() or + create_backup(). + * lib/commonio.c: Should the backup file be unlink'ed in case of + failure of create_backup()? + +2009-04-30 Nicolas François + + * lib/getulong.c: Added splint annotations. + +2009-04-30 Nicolas François + + * src/newgrp.c, src/chfn.c, src/groupmems.c, src/usermod.c, + src/userdel.c, src/chpasswd.c, src/grpck.c, src/gpasswd.c, + src/groupdel.c, src/chgpasswd.c, src/vipw.c, src/useradd.c, + src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, + src/groupadd.c, src/chage.c, src/login.c, src/faillog.c, + src/sulogin.c, src/chsh.c, src/pwconv.c: Added splint annotations. + * src/userdel.c, src/pwconv.c, src/lastlog.c, src/grpck.c, + src/vipw.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/login.c, + src/sulogin.c, src/usermod.c: Use return instead of exit at the + end of main(). + * src/gpasswd.c, src/passwd.c, src/faillog.c: Use the exitcodes.h + exit codes. + * src/chpasswd.c: Added missing ||. + * src/nologin.c: Do not include exitcodes.h. + * src/nologin.c: Added brackets. + * src/nologin.c: Avoid assignments in comparisons. + +2009-04-30 Nicolas François + + * libmisc/getgr_nam_gid.c, lib/get_gid.c, lib/get_pid.c, + lib/get_uid.c: Added splint annotations. + +2009-04-30 Nicolas François + + * lib/exitcodes.h: Define E_SUCCESS as EXIT_SUCCESS. Added FIXMEs. + * libmisc/chowntty.c, libmisc/rlogin.c, libmisc/sub.c, + src/newusers.c, libmisc/sulog.c, libmisc/system.c, src/logoutd.c, + src/groups.c, src/id.c, lib/encrypt.c, libmisc/audit_help.c, + libmisc/limits.c: Return EXIT_FAILURE instead of 1, and + EXIT_SUCCESS instead of 0. + * libmisc/audit_help.c: Replace an fprintf() by fputs(). + * libmisc/audit_help.c: Remove documentation of the audit_logger + returned values. The function returns void. + * libmisc/system.c: Only return status if waitpid succeeded. + Return -1 otherwise. + +2009-04-28 Nicolas François + + * NEWS, src/chpasswd.c: Added support for changing the passwords + with PAM. + * src/chpasswd.c: Split the usage string in smaller parts to + allow enabling single parts. + * src/chpasswd.c: Do not set a global lock on the password files. + This is done by PAM each time a password is updated. + +2009-04-28 Nicolas François + + * lib/defines.h: Include and to define + USER_NAME_MAX_LENGTH. + +2009-04-28 Nicolas François + + * src/login.c: Change a snprintf() to strncpy(). There are no + format. + +2009-04-28 Nicolas François + + * src/passwd.c: Harmonize status report at the end of passwd. + Prefix the messages with "passwd: ", only indicate a password + change if the password was actually changed, and password + properties changed otherwise. + +2009-04-28 Nicolas François + + * src/chgpasswd.c, src/newusers.c: There is no need to test for 0 + after getopt_long. No options have flag != NULL. + +2009-04-28 Nicolas François + + * lib/prototypes.h: Replace #if by #ifdef + * libmisc/Makefile.am, lib/prototypes.h, + libmisc/non_interactive_pam_conv.c: Added + non_interactive_pam_conv() and non_interactive_password. + +2009-04-28 Nicolas François + + * libmisc/utmp.c, src/userdel.c, src/logoutd.c: Replace #if by #ifdef + +2009-04-28 Nicolas François + + * src/vipw.c: Harmonize messages. + +2009-04-28 Nicolas François + + * src/lastlog.c: Replace atoi() by getulong(). + +2009-04-28 Nicolas François + + * libmisc/failure.h: Replace HAVE_UTMPX_H by USE_UTMPX. + +2009-04-28 Nicolas François + + * libmisc/rlogin.c: Replace atoi() by getulong(). + +2009-04-28 Nicolas François + + * libmisc/failure.c: Replace HAVE_UTMPX_H by USE_UTMPX. + +2009-04-28 Nicolas François + + * libmisc/chkname.c: Do not include and . There + are no more needed. + +2009-04-28 Nicolas François + + * libmisc/limits.c: Replace strtol() by getlong(). + * libmisc/limits.c: Replace HAVE_UTMPX_H by USE_UTMPX. + +2009-04-27 Nicolas François + + * man/groupmod.8.xml, man/usermod.8.xml, man/groupadd.8.xml, + man/useradd.8.xml: Added note to warn about insecurity in using + --password. + * man/groupmod.8.xml: Removed not regarding default if --password + is not used. This was a cut&paste from groupadd.8.xml. + * man/passwd.1.xml: Split some paragraphs. + * man/passwd.1.xml: Recommend other encryption methods than DES. + +2009-04-27 Nicolas François + + * src/login.c: Move update_utmp() after the PID or session ID + changed in order to get more accurate data in UTMP. This also + fixes "exec login" when login in installed setuid. + +2009-04-27 Nicolas François + + * src/login.c: Reuse a string and avoid an untranslated message + "Login incorrect". + +2009-04-27 Nicolas François + + * src/login.c: Replace HAVE_UTMPX_H by USE_UTMPX. + * src/login.c: Avoid name clash between global variables and the + update_utmp() arguments. + +2009-04-27 Nicolas François + + * src/groupadd.c, lib/commonio.c, lib/groupio.c: Added missing + include of + +2009-04-27 Nicolas François + + * lib/prototypes.h: Replace HAVE_UTMPX_H by USE_UTMPX. + * lib/prototypes.h, libmisc/log.c: Added splint annotations. + * libmisc/log.c: Added SYSLOG warning when lseek fails (should not + happen). + +2009-04-27 Nicolas François + + * libmisc/mail.c, libmisc/copydir.c: Added missing include of + + +2009-04-27 Nicolas François + + * libmisc/env.c: Added assertions on the snprintf results. + +2009-04-27 Nicolas François + + * NEWS, configure.in: Added configure option --enable-utmpx, + disabled by default. This defines USE_UTMPX, which should be used + instead of HAVE_UTMPX_H. + * libmisc/utmp.c: Replace HAVE_UTMPX_H by USE_UTMPX. + * libmisc/utmp.c: Removed old comment on HAVE_STRUCT_UTMP_UT_ID + and UTMPX support. + +2009-04-27 Nicolas François + + * man/po/fr.po: Fix typo. + +2009-04-26 Nicolas François + + * src/newgrp.c: Close the databases before changing the UDI and + GID. + +2009-04-26 Nicolas François + + * libmisc/myname.c: Updated splint annotations. + +2009-04-26 Nicolas François + + * lib/commonio.c: Added splint annotations. + * lib/commonio.c: old_context should be local to commonio_close(), + not global. + +2009-04-26 Nicolas François + + * src/passwd.c: Do not freecon strings duplicated with strdup. + Also avoid allocation of memory. + * src/passwd.c: Use SYSLOG instead of syslog. + +2009-04-25 Miroslav Kure + + * po/cs.po: Updated to 352T7f8u + +2009-04-25 Nicolas François + + * lib/commonio.h, lib/commonio.c: Added splint annotations. + * lib/commonio.c: Do not assumes eptr is always notnull. + +2009-04-25 Nicolas François + + * NEWS, po/pt.po: Updated Portuguese translation. + +2009-04-25 Nicolas François + + * libmisc/copydir.c: Added splint annotations. + * libmisc/copydir.c: Added assert to help splint. + * libmisc/copydir.c: Free allocated structures in cas of failure. + * libmisc/copydir.c: Avoid implicit conversion of pointers to + booleans. + * libmisc/copydir.c: Use buffers of size PATH_MAX instead of 1024 + for filenames. + * libmisc/copydir.c: Use fchmod and fchown to change the mode of + the opened file. + * libmisc/copydir.c: Indicate the mode to open(), even if we chmod + later. + +2009-04-25 Nicolas François + + * lib/prototypes.h: Added prototypes of getulong() and get_pid(). + * lib/prototypes.h: Added splint annotations. + +2009-04-25 Nicolas François + + * lib/commonio.c: Use get_pid() instead of strtol. + * lib/commonio.c: Replace an int by a size_t. + +2009-04-25 Nicolas François + + * lib/commonio.h: Added splint annotations. + +2009-04-25 Nicolas François + + * lib/sgroupio.c: Free allocated structures on failure. + * lib/sgroupio.c: Added splint annotations. + +2009-04-25 Nicolas François + + * lib/Makefile.am, lib/get_pid.c, lib/getulong.c: Added get_pid() + and getulong(). + +2009-04-25 Nicolas François + + * lib/getlong.c: Do not check for NULL string but empty string. + +2009-04-25 Nicolas François + + * lib/groupio.c: Updated splint annotations. + * lib/groupio.c: Added assert to help splint. + 2009-04-25 Nicolas François * src/useradd.c: Check assumptions on snprintf().