From: Dimitri John Ledkov Date: Fri, 27 Feb 2015 13:17:25 +0000 (+0000) Subject: Do not fail on missing files in /etc/, create them instead. X-Git-Tag: 4.3.0~6^2~2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ee43f47f4521eda0ee9773f48de85058965653e8;p=shadow Do not fail on missing files in /etc/, create them instead. passwd, shadow, group, gshadow etc. can be managed via nss - e.g. system default accounts can be specified using nss_altfiles, rather than in /etc/. Thus despite having default accounts, these files can be missing on disk and thus should be opened with O_CREATE whenever they are attempted to be opened in O_RDWR modes. --- diff --git a/src/chage.c b/src/chage.c index 2df65a94..617e90f1 100644 --- a/src/chage.c +++ b/src/chage.c @@ -592,7 +592,7 @@ static void open_files (bool readonly) } pw_locked = true; } - if (pw_open (readonly ? O_RDONLY: O_RDWR) == 0) { + if (pw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ())); fail_exit (E_NOPERM); @@ -613,7 +613,7 @@ static void open_files (bool readonly) } spw_locked = true; } - if (spw_open (readonly ? O_RDONLY: O_RDWR) == 0) { + if (spw_open (readonly ? O_RDONLY: O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname ())); diff --git a/src/chfn.c b/src/chfn.c index a022c1a3..18aa3de7 100644 --- a/src/chfn.c +++ b/src/chfn.c @@ -463,7 +463,7 @@ static void update_gecos (const char *user, char *gecos) fail_exit (E_NOPERM); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (E_NOPERM); diff --git a/src/chgpasswd.c b/src/chgpasswd.c index 4dd5fbab..13203a46 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -316,7 +316,7 @@ static void open_files (void) fail_exit (1); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (1); @@ -332,7 +332,7 @@ static void open_files (void) fail_exit (1); } sgr_locked = true; - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); fail_exit (1); diff --git a/src/chpasswd.c b/src/chpasswd.c index 78436d6a..21008f58 100644 --- a/src/chpasswd.c +++ b/src/chpasswd.c @@ -313,7 +313,7 @@ static void open_files (void) fail_exit (1); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (1); @@ -328,7 +328,7 @@ static void open_files (void) fail_exit (1); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); diff --git a/src/chsh.c b/src/chsh.c index 393a79ff..c89708b9 100644 --- a/src/chsh.c +++ b/src/chsh.c @@ -373,7 +373,7 @@ static void update_shell (const char *user, char *newshell) fail_exit (1); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", pw_dbname ())); fail_exit (1); diff --git a/src/gpasswd.c b/src/gpasswd.c index 8959a35a..27ad9599 100644 --- a/src/gpasswd.c +++ b/src/gpasswd.c @@ -370,7 +370,7 @@ static void open_files (void) add_cleanup (log_gpasswd_failure_system, NULL); - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); @@ -380,7 +380,7 @@ static void open_files (void) #ifdef SHADOWGRP if (is_shadowgrp) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); diff --git a/src/groupadd.c b/src/groupadd.c index 39b4ec02..179438fb 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -346,7 +346,7 @@ static void open_files (void) add_cleanup (cleanup_report_add_group, group_name); /* And now open the databases */ - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ())); exit (E_GRP_UPDATE); @@ -354,7 +354,7 @@ static void open_files (void) #ifdef SHADOWGRP if (is_shadow_grp) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); diff --git a/src/groupdel.c b/src/groupdel.c index da993475..c64b6a7e 100644 --- a/src/groupdel.c +++ b/src/groupdel.c @@ -246,7 +246,7 @@ static void open_files (void) add_cleanup (cleanup_report_del_group, group_name); /* An now open the databases */ - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); @@ -255,7 +255,7 @@ static void open_files (void) } #ifdef SHADOWGRP if (is_shadow_grp) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); diff --git a/src/groupmems.c b/src/groupmems.c index e4f107f9..4a49e10b 100644 --- a/src/groupmems.c +++ b/src/groupmems.c @@ -536,14 +536,14 @@ static void open_files (void) #endif } - if (gr_open (list ? O_RDONLY : O_RDWR) == 0) { + if (gr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (EXIT_GROUP_FILE); } #ifdef SHADOWGRP if (is_shadowgrp) { - if (sgr_open (list ? O_RDONLY : O_RDWR) == 0) { + if (sgr_open (list ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); fail_exit (EXIT_GROUP_FILE); } diff --git a/src/groupmod.c b/src/groupmod.c index d9d38071..757c1a40 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -663,7 +663,7 @@ static void lock_files (void) */ static void open_files (void) { - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ())); exit (E_GRP_UPDATE); @@ -672,7 +672,7 @@ static void open_files (void) #ifdef SHADOWGRP if ( is_shadow_grp && (pflg || nflg)) { - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); @@ -683,7 +683,7 @@ static void open_files (void) #endif /* SHADOWGRP */ if (gflg) { - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); diff --git a/src/grpck.c b/src/grpck.c index 9d1ed903..ea5d3b39 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -299,7 +299,7 @@ static void open_files (void) * Open the files. Use O_RDONLY if we are in read_only mode, * O_RDWR otherwise. */ - if (gr_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (gr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, grp_file); if (use_system_grp_file) { @@ -308,7 +308,7 @@ static void open_files (void) fail_exit (E_CANT_OPEN); } #ifdef SHADOWGRP - if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_RDWR) == 0)) { + if (is_shadow && (sgr_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_file); if (use_system_sgr_file) { diff --git a/src/grpconv.c b/src/grpconv.c index ece8095d..f681f07f 100644 --- a/src/grpconv.c +++ b/src/grpconv.c @@ -163,7 +163,7 @@ int main (int argc, char **argv) fail_exit (5); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (1); } diff --git a/src/grpunconv.c b/src/grpunconv.c index ea8914cb..253f06f5 100644 --- a/src/grpunconv.c +++ b/src/grpunconv.c @@ -166,7 +166,7 @@ int main (int argc, char **argv) fail_exit (5); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (1); diff --git a/src/newusers.c b/src/newusers.c index a90d04ee..724cbb40 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -805,27 +805,27 @@ static void open_files (void) } #endif /* ENABLE_SUBIDS */ - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (EXIT_FAILURE); } - if (is_shadow && (spw_open (O_RDWR) == 0)) { + if (is_shadow && (spw_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); fail_exit (EXIT_FAILURE); } - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (EXIT_FAILURE); } #ifdef SHADOWGRP - if (is_shadow_grp && (sgr_open (O_RDWR) == 0)) { + if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); fail_exit (EXIT_FAILURE); } #endif #ifdef ENABLE_SUBIDS if (is_sub_uid) { - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); @@ -833,7 +833,7 @@ static void open_files (void) } } if (is_sub_gid) { - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); diff --git a/src/passwd.c b/src/passwd.c index 3424f3bf..1191111d 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -573,7 +573,7 @@ static void update_noshadow (void) exit (E_PWDBUSY); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); @@ -627,7 +627,7 @@ static void update_shadow (void) exit (E_PWDBUSY); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { (void) fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); diff --git a/src/pwck.c b/src/pwck.c index 05df68ec..523135f6 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -281,7 +281,7 @@ static void open_files (void) * Open the files. Use O_RDONLY if we are in read_only mode, O_RDWR * otherwise. */ - if (pw_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (pw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); if (use_system_pw_file) { @@ -290,7 +290,7 @@ static void open_files (void) fail_exit (E_CANTOPEN); } if (is_shadow && !use_tcb) { - if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); if (use_system_spw_file) { @@ -566,7 +566,7 @@ static void check_pw_file (int *errors, bool *changed) continue; } spw_locked = true; - if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) { + if (spw_open (read_only ? O_RDONLY : O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); diff --git a/src/pwconv.c b/src/pwconv.c index d41d5dd2..e2d61f87 100644 --- a/src/pwconv.c +++ b/src/pwconv.c @@ -200,7 +200,7 @@ int main (int argc, char **argv) fail_exit (E_PWDBUSY); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (E_MISSING); diff --git a/src/pwunconv.c b/src/pwunconv.c index 62e2af04..fabf0237 100644 --- a/src/pwunconv.c +++ b/src/pwunconv.c @@ -166,7 +166,7 @@ int main (int argc, char **argv) fail_exit (5); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); diff --git a/src/useradd.c b/src/useradd.c index 1b65bf44..31ea5845 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -1537,7 +1537,7 @@ static void open_files (void) exit (E_PW_UPDATE); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); fail_exit (E_PW_UPDATE); } @@ -1554,7 +1554,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); fail_exit (E_GRP_UPDATE); } @@ -1567,7 +1567,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } sgr_locked = true; - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); @@ -1584,7 +1584,7 @@ static void open_files (void) fail_exit (E_SUB_UID_UPDATE); } sub_uid_locked = true; - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); @@ -1599,7 +1599,7 @@ static void open_files (void) fail_exit (E_SUB_GID_UPDATE); } sub_gid_locked = true; - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); @@ -1621,7 +1621,7 @@ static void open_shadow (void) fail_exit (E_PW_UPDATE); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); diff --git a/src/userdel.c b/src/userdel.c index 19b12bc4..9092b5c1 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -565,7 +565,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); #ifdef WITH_AUDIT @@ -590,7 +590,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } spw_locked = true; - if (spw_open (O_RDWR) == 0) { + if (spw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); @@ -616,7 +616,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); #ifdef WITH_AUDIT audit_logger (AUDIT_DEL_USER, Prog, @@ -641,7 +641,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } sgr_locked= true; - if (sgr_open (O_RDWR) == 0) { + if (sgr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); #ifdef WITH_AUDIT @@ -669,7 +669,7 @@ static void open_files (void) fail_exit (E_SUB_UID_UPDATE); } sub_uid_locked = true; - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); #ifdef WITH_AUDIT @@ -695,7 +695,7 @@ static void open_files (void) fail_exit (E_SUB_GID_UPDATE); } sub_gid_locked = true; - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); #ifdef WITH_AUDIT diff --git a/src/usermod.c b/src/usermod.c index aa4c2621..25edd1f2 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -1532,7 +1532,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } pw_locked = true; - if (pw_open (O_RDWR) == 0) { + if (pw_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); @@ -1545,7 +1545,7 @@ static void open_files (void) fail_exit (E_PW_UPDATE); } spw_locked = true; - if (is_shadow_pwd && (spw_open (O_RDWR) == 0)) { + if (is_shadow_pwd && (spw_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, spw_dbname ()); @@ -1564,7 +1564,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } gr_locked = true; - if (gr_open (O_RDWR) == 0) { + if (gr_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ()); @@ -1578,7 +1578,7 @@ static void open_files (void) fail_exit (E_GRP_UPDATE); } sgr_locked = true; - if (is_shadow_grp && (sgr_open (O_RDWR) == 0)) { + if (is_shadow_grp && (sgr_open (O_CREAT | O_RDWR) == 0)) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sgr_dbname ()); @@ -1595,7 +1595,7 @@ static void open_files (void) fail_exit (E_SUB_UID_UPDATE); } sub_uid_locked = true; - if (sub_uid_open (O_RDWR) == 0) { + if (sub_uid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); @@ -1610,7 +1610,7 @@ static void open_files (void) fail_exit (E_SUB_GID_UPDATE); } sub_gid_locked = true; - if (sub_gid_open (O_RDWR) == 0) { + if (sub_gid_open (O_CREAT | O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, sub_gid_dbname ());