+2011-11-12 Nicolas François <nicolas.francois@centraliens.net>
+
+ * src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c,
+ src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c,
+ src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c,
+ src/usermod.c: Provide the PAM error
+ message instead of our own, and log error to syslog.
+ * src/groupmems.c: Exit with exit rather than fail_exit in usage().
+ * src/newusers.c: Check the number of arguments.
+ * src/newusers.c: Do not create the home directory when it is not
+ changed.
+ * src/useradd.c: Set the group password to "!" rather "x" if there
+ are no gshadow file.
+
2011-11-11 Nicolas François <nicolas.francois@centraliens.net>
* src/pwck.c: Removed pw_opened.
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
fail_exit (E_NOPERM);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (E_NOPERM);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (1);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (1);
}
+ (void) pam_end (pamh, retval);
#endif /* ACCT_TOOLS_SETUID */
#endif /* USE_PAM */
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (E_NOPERM);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (1);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (1);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
(void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
(void) fputs (_(" -p, --purge purge all members from the group\n"), usageout);
(void) fputs (_(" -l, --list list the members of the group\n"), usageout);
- fail_exit (status);
+ exit (status);
}
/*
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
fail_exit (1);
}
+ (void) pam_end (pamh, retval);
#endif
}
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (1);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
}
}
+ if ( (optind != argc)
+ && (optind + 1 != argc)) {
+ usage (EXIT_FAILURE);
+ }
+
if (argv[optind] != NULL) {
if (freopen (argv[optind], "r", stdin) == NULL) {
char buf[BUFSIZ];
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
fail_exit (EXIT_FAILURE);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
}
newpw.pw_shell = fields[6];
}
- if ( ('\0' != newpw.pw_dir[0])
+ if ( ('\0' != fields[5][0])
&& (access (newpw.pw_dir, F_OK) != 0)) {
/* FIXME: should check for directory */
mode_t msk = 0777 & ~getdef_num ("UMASK",
{
memzero (grent, sizeof *grent);
grent->gr_name = (char *) user_name;
- grent->gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ if (is_shadow_grp) {
+ grent->gr_passwd = SHADOW_PASSWD_STRING; /* XXX warning: const */
+ } else {
+ grent->gr_passwd = "!"; /* XXX warning: const */
+ }
grent->gr_gid = user_gid;
grent->gr_mem = &empty_list;
}
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
fail_exit (1);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (E_PW_UPDATE);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
retval = pam_acct_mgmt (pamh, 0);
}
- if (NULL != pamh) {
- (void) pam_end (pamh, retval);
- }
if (PAM_SUCCESS != retval) {
- fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
+ fprintf (stderr, _("%s: PAM: %s\n"),
+ Prog, pam_strerror (pamh, retval));
+ SYSLOG((LOG_ERR, "%s", pam_strerror (pamh, retval)));
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
exit (1);
}
+ (void) pam_end (pamh, retval);
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */