+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * lib/prototypes.h, configure.in, libmisc/Makefile.am,
+ libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetpwuid.c,
+ libmisc/xgetgrnam.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c:
+ Added functions xgetpwnam(), xgetpwuid(), xgetgrnam(),
+ xgetgrgid(), and xgetspnam(). They allocate memory for the
+ returned structure and are more robust to successive calls. They
+ are implemented with the libc's getxxyyy_r() functions if
+ available.
+ * libmisc/limits.c, libmisc/entry.c, libmisc/chowntty.c,
+ libmisc/addgrps.c, libmisc/myname.c, libmisc/rlogin.c,
+ libmisc/pwdcheck.c, src/newgrp.c, src/login_nopam.c,
+ src/userdel.c, src/lastlog.c, src/grpck.c, src/gpasswd.c,
+ src/newusers.c, src/chpasswd.c, src/chfn.c, src/groupmems.c,
+ src/usermod.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c,
+ src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/pwck.c,
+ src/groupadd.c, src/chage.c, src/login.c, src/suauth.c,
+ src/faillog.c, src/groups.c, src/chsh.c, src/id.c: Review all the
+ usage of one of the getpwnam(), getpwuid(), getgrnam(),
+ getgrgid(), and getspnam() functions. It was noticed on
+ http://bugs.debian.org/341230 that chfn and chsh use a passwd
+ structure after calling a pam function, which result in using
+ information from the passwd structure requested by pam, not the
+ original one. It is much easier to use the new xget... functions
+ to avoid these issues. I've checked which call to the original
+ get... functions could be left (reducing the scope of the
+ structure if possible), and I've left comments to ease future
+ reviews (e.g. /* local, no need for xgetpwnam */).
+ Note: the getpwent/getgrent calls should probably be checked also.
+ * src/groupdel.c, src/expiry.c: Fix typos in comments.
+ * src/groupmod.c: Re-indent.
+ * libmisc/Makefile.am, lib/groupmem.c, lib/groupio.c, lib/pwmem.c,
+ lib/pwio.c, lib/shadowmem.c, lib/shadowio.c: Move the __<xx>_dup
+ functions (used by the xget... functions) from the <xx>io.c files
+ to the new <xx>mem.c files. This avoid linking some utils against
+ the SELinux library.
+
+2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/pl/pl.po: Fix typo: chgpassw -> chgpasswd.
+ * man/pl/Makefile.am: Fix typo: chgpassw -> chgpasswd.
+ * man/de/de.po: groups shall not be translated (for command,
+ refname, or refentrytitle).
+
2007-11-18 Nicolas François <nicolas.francois@centraliens.net>
* src/login.c: Fix typo introduced while fixing
AC_CHECK_FUNCS(l64a fchmod fchown fsync getgroups gethostname getspnam \
gettimeofday getusershell getutent initgroups lchown lckpwdf lstat \
- memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr)
+ memcpy memset setgroups sigaction strchr updwtmp updwtmpx innetgr \
+ getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r)
AC_SYS_LARGEFILE
dnl Checks for typedefs, structures, and compiler characteristics.
extern int putgrent (const struct group *, FILE *);
extern struct group *sgetgrent (const char *);
-struct group *__gr_dup (const struct group *grent)
-{
- struct group *gr;
- int i;
-
- if (!(gr = (struct group *) malloc (sizeof *gr)))
- return NULL;
- *gr = *grent;
- if (!(gr->gr_name = strdup (grent->gr_name)))
- return NULL;
- if (!(gr->gr_passwd = strdup (grent->gr_passwd)))
- return NULL;
-
- for (i = 0; grent->gr_mem[i]; i++);
- gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
- if (!gr->gr_mem)
- return NULL;
- for (i = 0; grent->gr_mem[i]; i++) {
- gr->gr_mem[i] = strdup (grent->gr_mem[i]);
- if (!gr->gr_mem[i])
- return NULL;
- }
- gr->gr_mem[i] = NULL;
- return gr;
-}
-
static void *group_dup (const void *ent)
{
const struct group *gr = ent;
--- /dev/null
+
+#include <config.h>
+
+#ident "$Id: groupio.c 1342 2007-11-10 23:46:11Z nekral-guest $"
+
+#include "prototypes.h"
+#include "defines.h"
+#include "groupio.h"
+
+struct group *__gr_dup (const struct group *grent)
+{
+ struct group *gr;
+ int i;
+
+ if (!(gr = (struct group *) malloc (sizeof *gr)))
+ return NULL;
+ *gr = *grent;
+ if (!(gr->gr_name = strdup (grent->gr_name)))
+ return NULL;
+ if (!(gr->gr_passwd = strdup (grent->gr_passwd)))
+ return NULL;
+
+ for (i = 0; grent->gr_mem[i]; i++);
+ gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
+ if (!gr->gr_mem)
+ return NULL;
+ for (i = 0; grent->gr_mem[i]; i++) {
+ gr->gr_mem[i] = strdup (grent->gr_mem[i]);
+ if (!gr->gr_mem[i])
+ return NULL;
+ }
+ gr->gr_mem[i] = NULL;
+ return gr;
+}
+
#endif
#include <pwd.h>
#include <grp.h>
+#include "shadowio.h"
#include "defines.h"
extern char *xmalloc (size_t);
extern char *xstrdup (const char *);
+/* xgetpwnam.c */
+extern struct passwd *xgetpwnam (const char *);
+/* xgetpwuid.c */
+extern struct passwd *xgetpwuid (uid_t);
+/* xgetgrnam.c */
+extern struct group *xgetgrnam (const char *);
+/* xgetgrgid.c */
+extern struct group *xgetgrgid (gid_t);
+/* xgetspnam.c */
+extern struct spwd *xgetspnam(const char *);
+
#endif /* _PROTOTYPES_H */
extern struct passwd *sgetpwent (const char *);
extern int putpwent (const struct passwd *, FILE *);
-struct passwd *__pw_dup (const struct passwd *pwent)
-{
- struct passwd *pw;
-
- if (!(pw = (struct passwd *) malloc (sizeof *pw)))
- return NULL;
- *pw = *pwent;
- if (!(pw->pw_name = strdup (pwent->pw_name)))
- return NULL;
- if (!(pw->pw_passwd = strdup (pwent->pw_passwd)))
- return NULL;
- if (!(pw->pw_gecos = strdup (pwent->pw_gecos)))
- return NULL;
- if (!(pw->pw_dir = strdup (pwent->pw_dir)))
- return NULL;
- if (!(pw->pw_shell = strdup (pwent->pw_shell)))
- return NULL;
- return pw;
-}
-
static void *passwd_dup (const void *ent)
{
const struct passwd *pw = ent;
--- /dev/null
+
+#include <config.h>
+
+#ident "$Id: pwio.c 1342 2007-11-10 23:46:11Z nekral-guest $"
+
+#include "prototypes.h"
+#include "defines.h"
+#include <pwd.h>
+#include <stdio.h>
+#include "pwio.h"
+
+struct passwd *__pw_dup (const struct passwd *pwent)
+{
+ struct passwd *pw;
+
+ if (!(pw = (struct passwd *) malloc (sizeof *pw)))
+ return NULL;
+ *pw = *pwent;
+ if (!(pw->pw_name = strdup (pwent->pw_name)))
+ return NULL;
+ if (!(pw->pw_passwd = strdup (pwent->pw_passwd)))
+ return NULL;
+ if (!(pw->pw_gecos = strdup (pwent->pw_gecos)))
+ return NULL;
+ if (!(pw->pw_dir = strdup (pwent->pw_dir)))
+ return NULL;
+ if (!(pw->pw_shell = strdup (pwent->pw_shell)))
+ return NULL;
+ return pw;
+}
+
#include <stdio.h>
#include "commonio.h"
#include "shadowio.h"
-struct spwd *__spw_dup (const struct spwd *spent)
-{
- struct spwd *sp;
-
- if (!(sp = (struct spwd *) malloc (sizeof *sp)))
- return NULL;
- *sp = *spent;
- if (!(sp->sp_namp = strdup (spent->sp_namp)))
- return NULL;
- if (!(sp->sp_pwdp = strdup (spent->sp_pwdp)))
- return NULL;
- return sp;
-}
static void *shadow_dup (const void *ent)
{
--- /dev/null
+
+#include <config.h>
+
+#ident "$Id: shadowio.c 1342 2007-11-10 23:46:11Z nekral-guest $"
+
+#include "prototypes.h"
+#include "defines.h"
+#ifdef HAVE_SHADOW_H
+# include <shadow.h>
+#endif
+#include <stdio.h>
+#include "shadowio.h"
+
+struct spwd *__spw_dup (const struct spwd *spent)
+{
+ struct spwd *sp;
+
+ if (!(sp = (struct spwd *) malloc (sizeof *sp)))
+ return NULL;
+ *sp = *spent;
+ if (!(sp->sp_namp = strdup (spent->sp_namp)))
+ return NULL;
+ if (!(sp->sp_pwdp = strdup (spent->sp_pwdp)))
+ return NULL;
+ return sp;
+}
+
-EXTRA_DIST = .indent.pro
+EXTRA_DIST = .indent.pro xgetXXbyYY.c
INCLUDES = -I$(top_srcdir)/lib
ulimit.c \
utmp.c \
valid.c \
+ xgetpwnam.c \
+ xgetpwuid.c \
+ xgetgrnam.c \
+ xgetgrgid.c \
+ xgetspnam.c \
xmalloc.c
{
GETGROUPS_T *grouplist, *tmp;
int i, ngroups, added;
- struct group *grp;
char *token;
char buf[1024];
added = 0;
for (token = strtok (buf, SEP); token; token = strtok (NULL, SEP)) {
+ struct group *grp;
- grp = getgrnam (token);
+ grp = getgrnam (token); /* local, no need for xgetgrnam */
if (!grp) {
fprintf (stderr, _("Warning: unknown group %s\n"),
token);
gid = info->pw_gid;
else if (group[0] >= '0' && group[0] <= '9')
gid = atoi (group);
- else if ((grent = getgrnam (group)))
+ else if ((grent = getgrnam (group))) /* local, no need for xgetgrnam */
gid = grent->gr_gid;
else
gid = info->pw_gid;
struct spwd *spwd;
- if (!(passwd = getpwnam (name))) {
+ if (!(passwd = getpwnam (name))) { /* local, no need for xgetpwnam */
pwent->pw_name = (char *) 0;
return;
} else {
pwent->pw_shell = xstrdup (passwd->pw_shell);
#if !defined(AUTOSHADOW)
setspent ();
+ /* local, no need for xgetspnam */
if ((spwd = getspnam (name))) {
pwent->pw_passwd = xstrdup (spwd->sp_pwdp);
endspent ();
* (examples: 022 -> 002, 077 -> 007).
*/
if (info->pw_uid != 0 && info->pw_uid == info->pw_gid) {
+ /* local, no need for xgetgrgid */
grp = getgrgid (info->pw_gid);
if (grp && (strcmp (info->pw_name, grp->gr_name) == 0)) {
oldmask = umask (0777);
* XXX - when running from su, will return the current user (not
* the original user, like getlogin() does). Does this matter?
*/
- if (cp && *cp && (pw = getpwnam (cp)) && pw->pw_uid == ruid)
+ if (cp && *cp && (pw = xgetpwnam (cp)) && pw->pw_uid == ruid)
return pw;
- return getpwuid (ruid);
+ return xgetpwuid (ruid);
}
+
struct spwd *sp;
- if ((sp = getspnam (user)))
+ if ((sp = getspnam (user))) /* !USE_PAM, no need for xgetspnam */
passwd = sp->sp_pwdp;
endspent ();
if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
#endif
STTY (0, &termio);
- if (!(pwd = getpwnam (name)))
+ if (!(pwd = getpwnam (name))) /* local, no need for xgetpwnam */
return 0;
/*
--- /dev/null
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include "config.h"
+#include "prototypes.h"
+
+#define XFUNCTION_NAME XPREFIX (FUNCTION_NAME)
+#define XPREFIX(name) XPREFIX1 (name)
+#define XPREFIX1(name) x##name
+#define REENTRANT_NAME APPEND_R (FUNCTION_NAME)
+#define APPEND_R(name) APPEND_R1 (name)
+#define APPEND_R1(name) name##_r
+#define STRINGIZE(name) STRINGIZE1 (name)
+#define STRINGIZE1(name) #name
+
+LOOKUP_TYPE *XFUNCTION_NAME (ARG_TYPE ARG_NAME)
+{
+#if HAVE_FUNCTION_R
+ LOOKUP_TYPE *result=NULL;
+ char *buffer=NULL;
+ /* we have to start with something */
+ size_t length = 0x100;
+
+ result = malloc(sizeof(LOOKUP_TYPE));
+ if (NULL == result) {
+ fprintf (stderr, _("%s: out of memory\n"),
+ "x" STRINGIZE(FUNCTION_NAME));
+ exit (13);
+ }
+
+ do {
+ int status;
+ LOOKUP_TYPE *resbuf = NULL;
+ buffer = (char *)realloc (buffer, length);
+ if (NULL == buffer) {
+ fprintf (stderr, _("%s: out of memory\n"),
+ "x" STRINGIZE(FUNCTION_NAME));
+ exit (13);
+ }
+ errno = 0;
+ status = REENTRANT_NAME(ARG_NAME, result, buffer,
+ length, &resbuf);
+ if (!status && (resbuf == result)) {
+ /* Build a result structure that can be freed by
+ * the shadow *_free functions. */
+ LOOKUP_TYPE *ret_result = DUP_FUNCTION(result);
+ free(buffer);
+ free(result);
+ return ret_result;
+ }
+
+ if (ERANGE != errno) {
+ free (buffer);
+ free (result);
+ return NULL;
+ }
+
+ length *= 4;
+ } while (length < MAX_LENGTH);
+
+ free(buffer);
+ free(result);
+ return NULL;
+
+#else /* !HAVE_FUNCTION_R */
+
+ /* No reentrant function.
+ * Duplicate the structure to avoid other call to overwrite it.
+ *
+ * We should also restore the initial structure. But that would be
+ * overkill.
+ */
+ LOOKUP_TYPE *result = FUNCTION_NAME(ARG_NAME);
+
+ if (result) {
+// result = DUP_FUNCTION(result);
+ if (NULL == result) {
+ fprintf (stderr, _("%s: out of memory\n"),
+ "x" STRINGIZE(FUNCTION_NAME));
+ exit (13);
+ }
+ }
+
+ return result;
+#endif
+}
+
--- /dev/null
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include "groupio.h"
+
+#define LOOKUP_TYPE struct group
+#define FUNCTION_NAME getgrgid
+#define ARG_TYPE gid_t
+#define ARG_NAME gid
+#define DUP_FUNCTION __gr_dup
+#define MAX_LENGTH 0x8000
+#define HAVE_FUNCTION_R (defined HAVE_GETGRGID_R)
+
+#include "xgetXXbyYY.c"
+
--- /dev/null
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include "groupio.h"
+
+#define LOOKUP_TYPE struct group
+#define FUNCTION_NAME getgrnam
+#define ARG_TYPE const char *
+#define ARG_NAME name
+#define DUP_FUNCTION __gr_dup
+#define MAX_LENGTH 0x8000
+#define HAVE_FUNCTION_R (defined HAVE_GETGRNAM_R)
+
+#include "xgetXXbyYY.c"
+
--- /dev/null
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include "pwio.h"
+
+#define LOOKUP_TYPE struct passwd
+#define FUNCTION_NAME getpwnam
+#define ARG_TYPE const char *
+#define ARG_NAME name
+#define DUP_FUNCTION __pw_dup
+#define MAX_LENGTH 0x8000
+#define HAVE_FUNCTION_R (defined HAVE_GETPWNAM_R)
+
+#include "xgetXXbyYY.c"
+
--- /dev/null
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#include "pwio.h"
+
+#define LOOKUP_TYPE struct passwd
+#define FUNCTION_NAME getpwuid
+#define ARG_TYPE uid_t
+#define ARG_NAME uid
+#define DUP_FUNCTION __pw_dup
+#define MAX_LENGTH 0x8000
+#define HAVE_FUNCTION_R (defined HAVE_GETPWUID_R)
+
+#include "xgetXXbyYY.c"
+
--- /dev/null
+/*
+ * According to the Linux-PAM documentation:
+ *
+ * 4.1. Care about standard library calls
+ *
+ * In general, writers of authorization-granting applications should
+ * assume that each module is likely to call any or all 'libc' functions.
+ * For 'libc' functions that return pointers to static/dynamically
+ * allocated structures (ie. the library allocates the memory and the
+ * user is not expected to 'free()' it) any module call to this function
+ * is likely to corrupt a pointer previously obtained by the application.
+ * The application programmer should either re-call such a 'libc'
+ * function after a call to the Linux-PAM library, or copy the structure
+ * contents to some safe area of memory before passing control to the
+ * Linux-PAM library.
+ *
+ * Two important function classes that fall into this category are
+ * getpwnam(3) and syslog(3).
+ *
+ * This file provide wrapper to the getpwnam or getpwnam_r functions.
+ */
+
+#define LOOKUP_TYPE struct spwd
+#define FUNCTION_NAME getspnam
+#define ARG_TYPE const char *
+#define ARG_NAME name
+#define DUP_FUNCTION __spw_dup
+#define MAX_LENGTH 0x8000
+#define HAVE_FUNCTION_R (defined HAVE_GETSPNAM_R)
+
+#include "xgetXXbyYY.c"
+
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("chage", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
*/
if (optind < argc) {
user = argv[optind];
- pw = getpwnam (user);
+ pw = xgetpwnam (user);
if (!pw) {
fprintf (stderr, _("%s: unknown user %s\n"), Prog,
user);
#else /* !USE_PAM */
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("chfn", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifndef SHADOWGRP
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("chpasswd", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("chpasswd", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
*/
if (optind < argc) {
user = argv[optind];
- pw = getpwnam (user);
+ pw = xgetpwnam (user);
if (!pw) {
fprintf (stderr,
_("%s: unknown user %s\n"), Prog, user);
#else /* !USE_PAM */
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("chsh", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
/*
* expiry - check and enforce password expiration policy
*
- * expiry checks (-c) the current password expiraction and forces (-f)
+ * expiry checks (-c) the current password expiration and forces (-f)
* changes when required. It is callable as a normal user command.
*/
int main (int argc, char **argv)
fprintf (stderr, _("%s: unknown user\n"), Prog);
exit (10);
}
- spwd = getspnam (pwd->pw_name);
+ spwd = getspnam (pwd->pw_name); /* !USE_PAM, No need for xgetspnam */
/*
* If checking accounts, use agecheck() function.
("Login Failures Maximum Latest On\n"));
once++;
}
- pwent = getpwuid (uid);
+ pwent = getpwuid (uid); /* local, no need for xgetpwuid */
time (&now);
tm = localtime (&fl->fail_time);
#ifdef HAVE_STRFTIME
int main (int argc, char **argv)
{
int anyflag = 0;
- struct passwd *pwent;
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
tflg++;
break;
case 'u':
+ {
+ struct passwd *pwent;
if (aflg)
usage ();
+ /* local, no need for xgetpwnam */
pwent = getpwnam (optarg);
if (!pwent) {
fprintf (stderr,
uflg++;
user = pwent->pw_uid;
break;
+ }
default:
usage ();
}
* This user must exist.
*/
- if (!getpwnam (username)) {
+ if (!getpwnam (username)) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: unknown user %s\n"),
Prog, username);
errors++;
switch (flag) {
case 'a': /* add a user */
user = optarg;
+ /* local, no need for xgetpwnam */
if (!getpwnam (user)) {
fprintf (stderr,
_("%s: unknown user %s\n"), Prog,
if (!(group = argv[optind]))
usage ();
- if (!(gr = getgrnam (group))) {
+ if (!(gr = getgrnam (group))) { /* dup, no need for xgetgrnam */
fprintf (stderr, _("unknown group: %s\n"), group);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "group lookup", group,
if (!grp)
break;
#else
+ /* local, no need for xgetgrgid */
if (!getgrgid (group_id))
break;
#endif
{
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("groupadd", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
/*
* Start with a quick check to see if the group exists.
*/
- if (getgrnam (group_name)) {
+ if (getgrnam (group_name)) { /* local, no need for xgetgrnam */
if (fflg) {
exit (E_SUCCESS);
}
endpwent ();
/*
- * If pwd isn't NULL, it stopped becaues the gid's matched.
+ * If pwd isn't NULL, it stopped because the gid's matched.
*/
if (pwd == (struct passwd *) 0)
int main (int argc, char **argv)
{
- struct group *grp;
-
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("groupdel", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
is_shadow_grp = sgr_file_present ();
#endif
- /*
- * Start with a quick check to see if the group exists.
- */
- if (!(grp = getgrnam (group_name))) {
- fprintf (stderr, _("%s: group %s does not exist\n"),
- Prog, group_name);
+ {
+ struct group *grp;
+ /*
+ * Start with a quick check to see if the group exists.
+ */
+ /* local, no need for xgetgrnam */
+ if (!(grp = getgrnam (group_name))) {
+ fprintf (stderr, _("%s: group %s does not exist\n"),
+ Prog, group_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting group",
- group_name, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "deleting group",
+ group_name, -1, 0);
#endif
- exit (E_NOTFOUND);
- }
+ exit (E_NOTFOUND);
+ }
- group_id = grp->gr_gid; /* LAUS */
+ group_id = grp->gr_gid; /* LAUS */
+ }
#ifdef USE_NIS
/*
* Now check to insure that this isn't the primary group of
* anyone.
*/
- group_busy (grp->gr_gid);
+ group_busy (group_id);
/*
* Do the hard stuff - open the files, delete the group entries,
static int isgroup (void)
{
gid_t g = getgid ();
- struct group *grp = getgrgid (g);
+ struct group *grp = getgrgid (g); /* local, no need for xgetgrgid */
return TRUE;
}
static char *whoami (void)
{
+ /* local, no need for xgetgrgid */
struct group *grp = getgrgid (getgid ());
+ /* local, no need for xgetpwuid */
struct passwd *usr = getpwuid (getuid ());
if (0 == strcmp (usr->pw_name, grp->gr_name)) {
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("groupmod", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
static char *Prog;
static int
- oflg = 0, /* permit non-unique group ID to be specified with -g */
+ oflg = 0, /* permit non-unique group ID to be specified with -g */
gflg = 0, /* new ID value for the group */
nflg = 0; /* a new name has been specified for the group */
return;
}
- if (oflg || !getgrgid (group_newid))
+ if (oflg || !getgrgid (group_newid)) /* local, no need for xgetgrgid */
return;
/*
/*
* If the entry is found, too bad.
*/
+ /* local, no need for xgetgrnam */
if (getgrnam (group_newname)) {
fprintf (stderr,
_("%s: %s is not a unique name\n"), Prog,
*/
int main (int argc, char **argv)
{
- struct group *grp;
-
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("groupmod", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
#ifdef SHADOWGRP
is_shadow_grp = sgr_file_present ();
#endif
- /*
- * Start with a quick check to see if the group exists.
- */
- if (!(grp = getgrnam (group_name))) {
- fprintf (stderr, _("%s: group %s does not exist\n"),
- Prog, group_name);
+ {
+ struct group *grp;
+ /*
+ * Start with a quick check to see if the group exists.
+ */
+ /* local, no need for xgetgrnam */
+ if (!(grp = getgrnam (group_name))) {
+ fprintf (stderr, _("%s: group %s does not exist\n"),
+ Prog, group_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "modifying group",
- group_name, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "modifying group", group_name, -1, 0);
#endif
- exit (E_NOTFOUND);
- } else
- group_id = grp->gr_gid;
+ exit (E_NOTFOUND);
+ } else
+ group_id = grp->gr_gid;
+ }
#ifdef WITH_AUDIT
/* Set new name/id to original if not specified on command line */
setgrent ();
+ /* local, no need for xgetpwnam */
if ((pwd = getpwnam (member)) == 0) {
fprintf (stderr, _("%s: unknown user %s\n"), Prog, member);
exit (1);
flag = 1;
}
}
+ /* local, no need for xgetgrgid */
if (!flag && (grp = getgrgid (pwd->pw_gid))) {
if (groups++)
putchar (' ');
GETGROUPS_T *groups;
int pri_grp;
int i;
- struct group *gr;
#else
char *logname;
char *getlogin ();
* values.
*/
if (pri_grp != -1) {
+ struct group *gr;
+ /* local, no need for xgetgrgid */
if ((gr = getgrgid (pri_grp)))
printf ("%s", gr->gr_name);
else
}
for (i = 0; i < ngroups; i++) {
+ struct group *gr;
if (i || pri_grp != -1)
putchar (' ');
+ /* local, no need for xgetgrgid */
if ((gr = getgrgid (groups[i])))
printf ("%s", gr->gr_name);
else
* Make sure each member exists
*/
for (i = 0; grp->gr_mem[i]; i++) {
+ /* local, no need for xgetpwnam */
if (getpwnam (grp->gr_mem[i]))
continue;
/*
* Make sure each administrator exists
*/
for (i = 0; sgr->sg_adm[i]; i++) {
+ /* local, no need for xgetpwnam */
if (getpwnam (sgr->sg_adm[i]))
continue;
/*
* Make sure each member exists
*/
for (i = 0; sgr->sg_mem[i]; i++) {
+ /* local, no need for xgetpwnam */
if (getpwnam (sgr->sg_mem[i]))
continue;
* does not exist, just give the numerical value.
*/
- pw = getpwuid (ruid);
+ pw = getpwuid (ruid); /* local, no need for xgetpwuid */
if (pw)
printf ("UID=%u(%s)", ruid, pw->pw_name);
else
printf ("UID=%u", ruid);
- gr = getgrgid (rgid);
+ gr = getgrgid (rgid);; /* local, no need for xgetgrgid */
if (gr)
printf (" GID=%u(%s)", rgid, gr->gr_name);
else
*/
if (ruid != euid) {
- pw = getpwuid (euid);
+ pw = getpwuid (euid); /* local, no need for xgetpwuid */
if (pw)
printf (" EUID=%u(%s)", euid, pw->pw_name);
else
printf (" EUID=%u", euid);
}
if (rgid != egid) {
- gr = getgrgid (egid);
+ gr = getgrgid (egid); /* local, no need for xgetgrgid */
if (gr)
printf (" EGID=%u(%s)", egid, gr->gr_name);
else
if (i)
putchar (',');
+ /* local, no need for xgetgrgid */
gr = getgrgid (groups[i]);
if (gr)
printf ("%u(%s)", groups[i], gr->gr_name);
bflg++;
break;
case 'u':
- pwent = getpwnam (optarg);
+ pwent = xgetpwnam (optarg);
if (!pwent) {
fprintf (stderr,
_("Unknown User: %s\n"),
#endif
} else if (string_match (tok, string)) { /* ALL or exact match */
return (YES);
+ /* local, no need for xgetgrnam */
} else if ((group = getgrnam (tok))) { /* try group membership */
for (i = 0; group->gr_mem[i]; i++)
if (strcasecmp (string, group->gr_mem[i]) == 0)
* XXX - disabled by default for now. Need to verify that
* getpwnam() doesn't have some nasty side effects. --marekm
*/
+ /* local, no need for xgetpwnam */
if ((userinf = getpwnam (string)))
if (userinf->pw_gid == group->gr_gid)
return (YES);
* Perhaps in the past, but the default behavior now depends on the
* group entry, so it had better exist. -- JWP
*/
- if (!(grp = getgrgid (pwd->pw_gid))) {
+ if (!(grp = xgetgrgid (pwd->pw_gid))) {
fprintf (stderr, _("unknown GID: %lu\n"),
(unsigned long) pwd->pw_gid);
SYSLOG ((LOG_CRIT, "unknown GID: %lu",
* including the user's name in the member list of the user's login
* group. -- JWP
*/
- if (!(grp = getgrnam (group))) {
+ if (!(grp = getgrnam (group))) { /* local, no need for xgetgrnam */
fprintf (stderr, _("unknown group: %s\n"), group);
goto failure;
}
*
* Re-read the group entry for further processing.
*/
- grp = getgrnam (group);
+ grp = xgetgrnam (group);
}
#ifdef SHADOWGRP
if ((sgrp = getsgnam (group))) {
* password, and the group has a password, she needs to give the
* group password.
*/
- if ((spwd = getspnam (name)))
+ if ((spwd = xgetspnam (name)))
pwd->pw_passwd = spwd->sp_pwdp;
if (pwd->pw_passwd[0] == '\0' && grp->gr_passwd[0])
}
} while ((pid == child && WIFSTOPPED (cst)) ||
(pid != child && errno == EINTR));
+ /* local, no need for xgetgrgid */
SYSLOG ((LOG_INFO,
"user `%s' (login `%s' on %s) returned to group `%s'",
name, loginname, tty,
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("newusers", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("newusers", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
{
struct spwd *sp;
- sp = getspnam (pw->pw_name);
+ sp = getspnam (pw->pw_name); /* local, no need for xgetspnam */
if (sp) {
printf ("%s %s %s %ld %ld %ld %ld\n",
pw->pw_name,
exit (E_NOPERM);
}
- pw = getpwnam (name);
+ pw = xgetpwnam (name);
if (!pw) {
fprintf (stderr, _("%s: unknown user %s\n"), Prog, name);
exit (E_NOPERM);
/*
* The user name is valid, so let's get the shadow file entry.
*/
- sp = getspnam (name);
+ sp = getspnam (name); /* !USE_PAM, no need for xgetspnam */
if (!sp)
sp = pwd_to_spwd (pw);
/*
* Make sure the primary group exists
*/
+ /* local, no need for xgetgrgid */
if (!quiet && !getgrgid (pwd->pw_gid)) {
/*
{
struct group *grp;
- grp = getgrnam ("wheel");;
+ grp = getgrnam ("wheel"); /* !USE_PAM, no need for xgetgrnam */
if (!grp || !grp->gr_mem)
return 0;
return is_on_list (grp->gr_mem, username);
* Sort out the password of user calling su, in case needed later
* -- chris
*/
- if ((spwd = getspnam (oldname)))
+ if ((spwd = getspnam (oldname))) /* !USE_PAM, no need for xgetspnam */
pw->pw_passwd = spwd->sp_pwdp;
oldpass = xstrdup (pw->pw_passwd);
#endif /* SU_ACCESS */
* The password file entries for the user is gotten and the account
* validated.
*/
- if (!(pw = getpwnam (name))) {
+ if (!(pw = xgetpwnam (name))) {
(void) fprintf (stderr, _("Unknown id: %s\n"), name);
closelog ();
exit (1);
#ifndef USE_PAM
spwd = NULL;
if (strcmp (pw->pw_passwd, SHADOW_PASSWD_STRING) == 0
- && (spwd = getspnam (name)))
+ && (spwd = getspnam (name))) /* !USE_PAM, no need for xgetspnam */
pw->pw_passwd = spwd->sp_pwdp;
#endif /* !USE_PAM */
pwent = *pw;
spwd = pwd_to_spwd (&pwent);
if (expire (&pwent, spwd)) {
+ /* !USE_PAM, no need for xgetpwnam */
struct passwd *pwd = getpwnam (name);
+ /* !USE_PAM, no need for xgetspnam */
spwd = getspnam (name);
if (pwd)
pwent = *pwd;
{
struct group *grp;
- grp = getgrnam (group);
+ grp = getgrnam (group); /* local, no need for xgetgrnam */
if (!grp || !grp->gr_mem)
return 0;
gid = strtol (grname, &errptr, 10);
if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && gid >= 0)
- return getgrgid (gid);
- return getgrnam (grname);
+ return xgetgrgid (gid);
+ return xgetgrnam (grname);
}
static long get_number (const char *numstr)
FILE *fp;
char buf[1024];
char *cp, *ep;
- const struct group *grp;
/*
* Open the defaults file for reading.
*/
if (MATCH (buf, DGROUP)) {
unsigned int val = (unsigned int) strtoul (cp, &ep, 10);
+ const struct group *grp;
- if (*cp != '\0' && *ep == '\0') { /* valid number */
+ if (*cp != '\0' && *ep == '\0') { /* valid number */
def_group = val;
+ /* local, no need for xgetgrgid */
if ((grp = getgrgid (def_group))) {
def_gname = xstrdup (grp->gr_name);
} else {
_("%s: unknown GID %s\n"),
Prog, cp);
}
+ /* local, no need for xgetgrnam */
} else if ((grp = getgrnam (cp))) {
def_group = grp->gr_gid;
def_gname = xstrdup (cp);
#ifdef NO_GETPWENT
pw_rewind ();
while ((pwd = pw_next ())) {
-#else /* using getpwent() we can check against NIS users etc. */
+#else /* using getpwent() we can check against NIS users etc. */
setpwent ();
while ((pwd = getpwent ())) {
#endif
if (!pwd)
break;
#else
+ /* local, no need for xgetpwuid */
if (!getpwuid (user_id))
break;
#endif
#ifndef NO_GETGRENT /* glibc does have this, so ... */
/* A quick test gets here: if the UID is available
* as a GID, go ahead and use it */
- if (!getgrgid (user_id)) {
+ if (!getgrgid (user_id)) { /* local, no need for xgetgrgid */
user_gid = user_id;
return;
}
if (!grp)
break;
#else
+ /* local, no need for xgetgrgid */
if (!getgrgid (user_gid))
break;
#endif
* no user with this UID exists yet (entries for shared UIDs
* are left unchanged). --marekm
*/
+ /* local, no need for xgetpwuid */
if (!getpwuid (user_id)) {
faillog_reset (user_id);
lastlog_reset (user_id);
return;
}
- gr = getgrnam ("mail");
+ gr = getgrnam ("mail"); /* local, no need for xgetgrnam */
if (!gr) {
fprintf (stderr,
_
{
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("useradd", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("useradd", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
/*
* Start with a quick check to see if the user exists.
*/
- if (getpwnam (user_name)) {
+ if (getpwnam (user_name)) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: user %s exists\n"), Prog, user_name);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding user",
* --bero
*/
if (!gflg) {
- if (getgrnam (user_name)) {
+ if (getgrnam (user_name)) { /* local, no need for xgetgrnam */
fprintf (stderr,
_
("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
* now if they have a group with the same name as their
* user name, with no members, we delete it.
*/
- grp = getgrnam (user_name);
+ grp = xgetgrnam (user_name);
if (grp && getdef_bool ("USERGROUPS_ENAB")
&& (grp->gr_mem[0] == NULL)) {
*/
int main (int argc, char **argv)
{
- struct passwd *pwd;
int errors = 0;
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
- if (retval == PAM_SUCCESS)
- retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
+
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("userdel", pampw->pw_name,
+ &conv, &pamh);
+ }
+ }
if (retval == PAM_SUCCESS) {
retval = pam_authenticate (pamh, 0);
* Start with a quick check to see if the user exists.
*/
user_name = argv[argc - 1];
- if (!(pwd = getpwnam (user_name))) {
- fprintf (stderr, _("%s: user %s does not exist\n"),
- Prog, user_name);
+ {
+ struct passwd *pwd;
+ /* local, no need for xgetpwnam */
+ if (!(pwd = getpwnam (user_name))) {
+ fprintf (stderr, _("%s: user %s does not exist\n"),
+ Prog, user_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "deleting user not found", user_name, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "deleting user not found", user_name, -1, 0);
#endif
- exit (E_NOTFOUND);
+ exit (E_NOTFOUND);
+ }
+ user_id = pwd->pw_uid;
+ user_home = xstrdup (pwd->pw_dir);
}
#ifdef USE_NIS
exit (E_NOTFOUND);
}
#endif
- user_id = pwd->pw_uid;
- user_home = xstrdup (pwd->pw_dir);
/*
* Check to make certain the user isn't logged in.
*/
#ifdef EXTRA_CHECK_HOME_DIR
/* This may be slow, the above should be good enough. */
if (rflg && !fflg) {
+ struct passwd *pwd;
/*
* For safety, refuse to remove the home directory if it
* would result in removing some other user's home
val = strtol (grname, &errptr, 10);
if (*grname != '\0' && *errptr == '\0' && errno != ERANGE && val >= 0)
- return getgrgid (val);
- return getgrnam (grname);
+ return xgetgrgid (val);
+ return xgetgrnam (grname);
}
/*
static void process_flags (int argc, char **argv)
{
const struct group *grp;
- const struct passwd *pwd;
- const struct spwd *spwd = NULL;
int anyflag = 0;
if (argc == 1 || argv[argc - 1][0] == '-')
usage ();
- if (!(pwd = getpwnam (argv[argc - 1]))) {
- fprintf (stderr, _("%s: user %s does not exist\n"),
- Prog, argv[argc - 1]);
- exit (E_NOTFOUND);
- }
+ {
+ const struct passwd *pwd;
+ /* local, no need for xgetpwnam */
+ if (!(pwd = getpwnam (argv[argc - 1]))) {
+ fprintf (stderr, _("%s: user %s does not exist\n"),
+ Prog, argv[argc - 1]);
+ exit (E_NOTFOUND);
+ }
- user_name = argv[argc - 1];
- user_id = pwd->pw_uid;
- user_gid = pwd->pw_gid;
- user_comment = xstrdup (pwd->pw_gecos);
- user_home = xstrdup (pwd->pw_dir);
- user_shell = xstrdup (pwd->pw_shell);
+ user_name = argv[argc - 1];
+ user_id = pwd->pw_uid;
+ user_gid = pwd->pw_gid;
+ user_comment = xstrdup (pwd->pw_gecos);
+ user_home = xstrdup (pwd->pw_dir);
+ user_shell = xstrdup (pwd->pw_shell);
+ }
#ifdef WITH_AUDIT
user_newname = user_name;
user_newid = user_id;
}
#endif
- if (is_shadow_pwd && (spwd = getspnam (user_name))) {
- user_expire = spwd->sp_expire;
- user_inactive = spwd->sp_inact;
+ {
+ const struct spwd *spwd = NULL;
+ /* local, no need for xgetspnam */
+ if (is_shadow_pwd && (spwd = getspnam (user_name))) {
+ user_expire = spwd->sp_expire;
+ user_inactive = spwd->sp_inact;
#ifdef WITH_AUDIT
- user_newexpire = user_expire;
- user_newinactive = user_inactive;
+ user_newexpire = user_expire;
+ user_newinactive = user_inactive;
#endif
+ }
}
{
#ifdef WITH_AUDIT
user_newexpire = strtoday (optarg);
if (user_newexpire == -1) {
-#else
+#else /* } */
user_expire = strtoday (optarg);
if (user_expire == -1) {
#endif
if (uflg && user_id == user_newid)
uflg = oflg = 0;
+ /* local, no need for xgetpwnam */
if (lflg && getpwnam (user_newname)) {
fprintf (stderr, _("%s: user %s exists\n"), Prog, user_newname);
exit (E_NAME_IN_USE);
}
+ /* local, no need for xgetpwuid */
if (uflg && !oflg && getpwuid (user_newid)) {
fprintf (stderr, _("%s: uid %lu is not unique\n"),
Prog, (unsigned long) user_newid);
}
#endif
}
-
-
-
}
/*
{
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
- struct passwd *pampw;
int retval;
#endif
#ifdef USE_PAM
retval = PAM_SUCCESS;
- pampw = getpwuid (getuid ());
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
- }
+ {
+ struct passwd *pampw;
+ pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
+ if (pampw == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ }
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
+ if (retval == PAM_SUCCESS) {
+ retval = pam_start ("usermod", pampw->pw_name,
+ &conv, &pamh);
+ }
}
if (retval == PAM_SUCCESS) {
projects / shadow / commitdiff