From: nekral-guest Date: Sat, 13 Sep 2008 18:03:50 +0000 (+0000) Subject: * libmisc/setugid.c, src/login_nopam.c, src/suauth.c, X-Git-Tag: 4.1.3~167 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5df1f2f683922c9750cba417f225fc874510017a;p=shadow * libmisc/setugid.c, src/login_nopam.c, src/suauth.c, lib/getdef.c: Replace the %m format string by strerror(). This avoids errno to be reset between the system call error and the report function. --- diff --git a/ChangeLog b/ChangeLog index 65dc8edc..802ce37d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2008-09-13 Nicolas François + + * libmisc/setugid.c, src/login_nopam.c, src/suauth.c, + lib/getdef.c: Replace the %m format string by strerror(). This + avoids errno to be reset between the system call error and the + report function. + 2008-09-13 Nicolas François * lib/commonio.c: Ignore the return value of umask() when the mask diff --git a/lib/getdef.c b/lib/getdef.c index db1645a9..6f4ab706 100644 --- a/lib/getdef.c +++ b/lib/getdef.c @@ -39,6 +39,7 @@ #include #include #include +#include #include "getdef.h" /* * A configuration item definition. @@ -377,8 +378,9 @@ static void def_load (void) */ fp = fopen (def_fname, "r"); if (NULL == fp) { - SYSLOG ((LOG_CRIT, "cannot open login definitions %s [%m]", - def_fname)); + int err = errno; + SYSLOG ((LOG_CRIT, "cannot open login definitions %s [%s]", + def_fname, strerror (err))); exit (1); } @@ -426,8 +428,9 @@ static void def_load (void) } if (ferror (fp) != 0) { - SYSLOG ((LOG_CRIT, "cannot read login definitions %s [%m]", - def_fname)); + int err = errno; + SYSLOG ((LOG_CRIT, "cannot read login definitions %s [%s]", + def_fname, strerror (err))); exit (1); } diff --git a/libmisc/setugid.c b/libmisc/setugid.c index bfbde967..be0d7163 100644 --- a/libmisc/setugid.c +++ b/libmisc/setugid.c @@ -40,6 +40,7 @@ #include #include +#include #include "prototypes.h" #include "defines.h" #include @@ -56,9 +57,10 @@ int setup_groups (const struct passwd *info) * file. */ if (setgid (info->pw_gid) == -1) { + int err = errno; perror ("setgid"); - SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %m\n", - info->pw_gid, info->pw_name)); + SYSLOG ((LOG_ERR, "bad group ID `%d' for user `%s': %s\n", + info->pw_gid, info->pw_name, strerror (err))); closelog (); return -1; } @@ -68,9 +70,10 @@ int setup_groups (const struct passwd *info) * the group set from the /etc/group file. */ if (initgroups (info->pw_name, info->pw_gid) == -1) { + int err = errno; perror ("initgroups"); - SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %m\n", - info->pw_name)); + SYSLOG ((LOG_ERR, "initgroups failed for user `%s': %s\n", + info->pw_name, strerror (err))); closelog (); return -1; } @@ -84,9 +87,10 @@ int change_uid (const struct passwd *info) * Set the real UID to the UID value in the password file. */ if (setuid (info->pw_uid) != 0) { + int err = errno; perror ("setuid"); - SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %m\n", - (int) info->pw_uid, info->pw_name)); + SYSLOG ((LOG_ERR, "bad user ID `%d' for user `%s': %s\n", + (int) info->pw_uid, info->pw_name, strerror (err))); closelog (); return -1; } diff --git a/src/login_nopam.c b/src/login_nopam.c index 0a954534..d66087c5 100644 --- a/src/login_nopam.c +++ b/src/login_nopam.c @@ -133,7 +133,8 @@ int login_access (const char *user, const char *from) } (void) fclose (fp); } else if (errno != ENOENT) { - SYSLOG ((LOG_ERR, "cannot open %s: %m", TABLE)); + int err = errno; + SYSLOG ((LOG_ERR, "cannot open %s: %s", TABLE, strerror (err))); } return (!match || (line[0] == '+'))?1:0; } diff --git a/src/suauth.c b/src/suauth.c index 26f64aab..a2c6735a 100644 --- a/src/suauth.c +++ b/src/suauth.c @@ -76,17 +76,19 @@ int check_su_auth (const char *actual_id, const char *wanted_id) char *action; if (!(authfile_fd = fopen (SUAUTHFILE, "r"))) { + int err = errno; /* * If the file doesn't exist - default to the standard su * behaviour (no access control). If open fails for some * other reason - maybe someone is trying to fool us with * file descriptors limit etc., so deny access. --marekm */ - if (errno == ENOENT) + if (ENOENT == err) { return NOACTION; + } SYSLOG ((LOG_ERR, - "could not open/read config file '%s': %m\n", - SUAUTHFILE)); + "could not open/read config file '%s': %s\n", + SUAUTHFILE, strerror (err))); return DENY; }