]> granicus.if.org Git - shadow/log
shadow
8 years agoignore config.cache & dist files
Mike Frysinger [Mon, 5 Dec 2016 20:48:10 +0000 (15:48 -0500)]
ignore config.cache & dist files

config.cache is generated when running `./configure -C`.

The tarballs are generated when running `make dist`.

8 years agoconfigure: avoid deprecated AC_INIT/AM_INIT_AUTOMAKE invocation
Mike Frysinger [Mon, 5 Dec 2016 20:43:20 +0000 (15:43 -0500)]
configure: avoid deprecated AC_INIT/AM_INIT_AUTOMAKE invocation

The autoconf/automake guys want AC_INIT to be passed the details of the
package directly rather than going through AM_INIT_AUTOMAKE.  Update them
both to use the newer style.

This also allows us to pass in contact details for the project.

We set the minimum autoconf version to 2.64 as that's the first one to
support passing the homepage URL in to AC_INIT.  That's a pretty old
release by now, so it shouldn't be a problem.

8 years agoupdate Changelog
Serge Hallyn [Fri, 2 Dec 2016 22:15:28 +0000 (16:15 -0600)]
update Changelog

8 years agoMerge pull request #48 from t8m/fedora
Serge Hallyn [Fri, 2 Dec 2016 22:14:24 +0000 (16:14 -0600)]
Merge pull request #48 from t8m/fedora

Four simple patches from the Fedora package to merge

8 years agoupdate changelog, finally
Serge Hallyn [Fri, 2 Dec 2016 19:41:49 +0000 (13:41 -0600)]
update changelog, finally

8 years agoMerge pull request #50 from m4sk1n/master
Serge Hallyn [Fri, 25 Nov 2016 17:58:14 +0000 (11:58 -0600)]
Merge pull request #50 from m4sk1n/master

update Polish translation

8 years agoMerge pull request #1 from m4sk1n/pl-translation-update
m4sk1n [Thu, 24 Nov 2016 08:16:48 +0000 (09:16 +0100)]
Merge pull request #1 from m4sk1n/pl-translation-update

Add files via upload

8 years agoAdd files via upload
m4sk1n [Thu, 24 Nov 2016 08:07:41 +0000 (09:07 +0100)]
Add files via upload

81% completed

8 years agoMerge pull request #43 from Blub/suidbins-rule-fixup
Serge Hallyn [Sat, 19 Nov 2016 02:13:48 +0000 (20:13 -0600)]
Merge pull request #43 from Blub/suidbins-rule-fixup

buildsys: fix suidubins assignments

8 years agosnprintf() always terminates output with \0
Tomas Mraz [Tue, 15 Nov 2016 15:05:44 +0000 (16:05 +0100)]
snprintf() always terminates output with \0

8 years agoKeep the permissions of the original file when creating a backup.
Tomas Mraz [Tue, 15 Nov 2016 15:04:24 +0000 (16:04 +0100)]
Keep the permissions of the original file when creating a backup.

8 years agoAudit the home directory ownership change.
Tomas Mraz [Tue, 15 Nov 2016 15:03:40 +0000 (16:03 +0100)]
Audit the home directory ownership change.

8 years agoPrint error message if SELinux file context manipulation fails.
Tomas Mraz [Tue, 15 Nov 2016 15:00:51 +0000 (16:00 +0100)]
Print error message if SELinux file context manipulation fails.

8 years agoMerge pull request #44 from evgeni/man-subuid-spelling
Serge Hallyn [Wed, 9 Nov 2016 23:05:33 +0000 (17:05 -0600)]
Merge pull request #44 from evgeni/man-subuid-spelling

man: fix --{add,del}-sub{g,u}ids spelling

8 years agoman: fix --{add,del}-sub{g,u}ids spelling
Evgeni Golov [Wed, 9 Nov 2016 21:23:18 +0000 (22:23 +0100)]
man: fix --{add,del}-sub{g,u}ids spelling

docs wrongly had a hyphen between sub and uids/gids

8 years agobuildsys: fix suidubins assignments
Wolfgang Bumiller [Sat, 5 Nov 2016 14:51:13 +0000 (15:51 +0100)]
buildsys: fix suidubins assignments

These assignments were pasted as is into the Makefile and
ended up as part of a rule. (Usually the .PRECIOUS rule
which is why the build system never attempted to execute it
as commands, hiding the problem.)

Signed-off-by: Wolfgang Bumiller <wry.git@bumiller.com>
Reported-by: Rahel A <ra00177@surrey.ac.uk>
8 years agoMerge pull request #42 from jubalh/maint
Serge Hallyn [Fri, 4 Nov 2016 14:01:16 +0000 (09:01 -0500)]
Merge pull request #42 from jubalh/maint

Update README with current maintainer

8 years agoUpdate README with current maintainer
Michael Vetter [Wed, 2 Nov 2016 08:30:05 +0000 (09:30 +0100)]
Update README with current maintainer

8 years agoMerge pull request #41 from selkfoster/master
Serge Hallyn [Thu, 20 Oct 2016 00:29:43 +0000 (19:29 -0500)]
Merge pull request #41 from selkfoster/master

Remove non-POSIX option in chmod(1) used for src/Makefile.am

8 years agoRemove non-POSIX option in chmod(1) used for src/Makefile.am
Matias A. Fonzo [Tue, 18 Oct 2016 18:46:27 +0000 (15:46 -0300)]
Remove non-POSIX option in chmod(1) used for src/Makefile.am

8 years agoUpdate Vietnamese translations
Trần Ngọc Quân [Thu, 6 Oct 2016 17:15:19 +0000 (12:15 -0500)]
Update Vietnamese translations

8 years agoMerge pull request #33 from t8m/master
Serge Hallyn [Wed, 21 Sep 2016 14:12:15 +0000 (09:12 -0500)]
Merge pull request #33 from t8m/master

Fix regression in useradd not loading defaults properly.

8 years agoMerge pull request #36 from atsampson/master
Serge Hallyn [Tue, 20 Sep 2016 13:14:28 +0000 (08:14 -0500)]
Merge pull request #36 from atsampson/master

Add missing size args to snprintf calls.

8 years agoUse sizeof rather than hardcoding snprintf's size argument.
Adam Sampson [Thu, 15 Sep 2016 15:54:42 +0000 (16:54 +0100)]
Use sizeof rather than hardcoding snprintf's size argument.

8 years agorelease 4.4 4.4
Serge Hallyn [Sun, 18 Sep 2016 23:34:57 +0000 (18:34 -0500)]
release 4.4

8 years agosu.c: fix missing length argument to snprintf
Serge Hallyn [Mon, 19 Sep 2016 02:31:18 +0000 (21:31 -0500)]
su.c: fix missing length argument to snprintf

8 years agoupdate translations
Serge Hallyn [Sun, 18 Sep 2016 23:23:49 +0000 (18:23 -0500)]
update translations

8 years agoFix regression in useradd not loading defaults properly.
Tomas Mraz [Thu, 25 Aug 2016 09:20:34 +0000 (11:20 +0200)]
Fix regression in useradd not loading defaults properly.

The get_defaults() has to be called before processing the flags.

Signed-off-by: Tomáš Mráz <tmraz@fedoraproject.org>
8 years agoconfigure.ac: release 4.3.1 4.3.1
Serge Hallyn [Mon, 15 Aug 2016 03:59:23 +0000 (22:59 -0500)]
configure.ac: release 4.3.1

Signed-off-by: Serge Hallyn <serge@hallyn.com>
8 years agoidmapping: add more checks for overflow
Serge Hallyn [Sun, 14 Aug 2016 23:05:00 +0000 (18:05 -0500)]
idmapping: add more checks for overflow

At this point they are redundant but should be safe.  Thanks to
Sebastian Krahmer for the first check.

8 years agoalso check upper for wrap
Serge Hallyn [Fri, 5 Aug 2016 22:16:48 +0000 (17:16 -0500)]
also check upper for wrap

8 years agoMerge pull request #30 from jwilk/spelling
Serge Hallyn [Fri, 5 Aug 2016 16:59:45 +0000 (11:59 -0500)]
Merge pull request #30 from jwilk/spelling

man: Fix typos

8 years agoMerge pull request #29 from hemio-ev/lower-su-syslog-priority
Serge Hallyn [Fri, 5 Aug 2016 16:59:15 +0000 (11:59 -0500)]
Merge pull request #29 from hemio-ev/lower-su-syslog-priority

Reduces syslog priority of common usage events

8 years agoman: Fix typos
Jakub Wilk [Fri, 5 Aug 2016 16:50:51 +0000 (18:50 +0200)]
man: Fix typos

8 years agoMerge pull request #24 from stoeckmann/typos
Serge Hallyn [Fri, 5 Aug 2016 04:39:25 +0000 (23:39 -0500)]
Merge pull request #24 from stoeckmann/typos

Fixed typos in new{g,u}idmap tools.

8 years agoMerge pull request #25 from stoeckmann/sigrace
Serge Hallyn [Fri, 5 Aug 2016 04:38:24 +0000 (23:38 -0500)]
Merge pull request #25 from stoeckmann/sigrace

Fixed signal races in shadow tools.

8 years agoReduces syslog priority of common usage events
Michael Herold [Thu, 4 Aug 2016 20:17:31 +0000 (22:17 +0200)]
Reduces syslog priority of common usage events

- Log INFO instead of ERR on `su missing-user`
- Log NOTICE/WARN instead of ERR on pam_authenticate failure (wrong password for example)

8 years agoSimplify getulong
Sebastian Krahmer [Wed, 3 Aug 2016 16:51:07 +0000 (11:51 -0500)]
Simplify getulong

Use strtoul to read an unsigned long, rather than reading
a signed long long and casting it.

https://bugzilla.suse.com/show_bug.cgi?id=979282

8 years agoget_map_ranges: check for overflow
Serge Hallyn [Sun, 31 Jul 2016 17:55:44 +0000 (12:55 -0500)]
get_map_ranges: check for overflow

The kernel accepts u32 values, so make sure that userspace
is not passing large values.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
8 years agoMerge pull request #26 from jubalh/master
Serge Hallyn [Tue, 19 Jul 2016 13:02:31 +0000 (08:02 -0500)]
Merge pull request #26 from jubalh/master

Fix sentence in usermod manual

8 years agoFix sentence in usermod manual
Michael Vetter [Mon, 18 Jul 2016 13:18:08 +0000 (15:18 +0200)]
Fix sentence in usermod manual

Should have been: '[...] but only checkS [...]'.
So there was a missing 's'. Architectures isn't the right word either.
I decided to write the whole sentence new.

8 years agoFixed signal races in shadow tools.
Tobias Stoeckmann [Sat, 2 Jul 2016 16:11:09 +0000 (18:11 +0200)]
Fixed signal races in shadow tools.

Some of the supplied tools use functions which are not signal-safe.

Most of the times it's exit() vs. _exit().

In other times it's how the standard output or standard error is
handled. FILE-related functions shall be avoided, therefore I replaced
them with write().

Also there is no need to call closelog(). At worst, it allows to
trigger a deadlock by issuing different signal types at bad timings.
But as these fixes are about race conditions, expect bad timings in
general for these bugs to be triggered. :)

8 years agoFixed typos in new{g,u}idmap tools.
Tobias Stoeckmann [Sat, 2 Jul 2016 14:39:18 +0000 (16:39 +0200)]
Fixed typos in new{g,u}idmap tools.

Fixed small typos in manual pages and code comments.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
8 years agoMerge pull request #16 from sebras/master
Serge Hallyn [Fri, 20 May 2016 19:05:56 +0000 (14:05 -0500)]
Merge pull request #16 from sebras/master

man: Fix a number of typos for various commands.

8 years agoMerge pull request #19 from brauner/manfix
Serge Hallyn [Thu, 5 May 2016 21:18:15 +0000 (16:18 -0500)]
Merge pull request #19 from brauner/manfix

add long option --no-create-home to -M

8 years agoadd long option --no-create-home to -M
Christian Brauner [Thu, 5 May 2016 10:00:07 +0000 (12:00 +0200)]
add long option --no-create-home to -M

Let's get rid of all the downstream fixes floating around.

Signed-off-by: Christian Brauner <christian.brauner@mailbox.org>
8 years agoman: Fix a number of typos for various commands.
Sebastian Rasmussen [Thu, 28 Apr 2016 13:55:15 +0000 (15:55 +0200)]
man: Fix a number of typos for various commands.

8 years agoconfigure.ac: release 4.3 4.3.0
Serge Hallyn [Thu, 17 Mar 2016 00:11:36 +0000 (17:11 -0700)]
configure.ac: release 4.3

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
8 years agoMerge pull request #13 from t8m/master
Serge Hallyn [Sat, 5 Mar 2016 08:07:24 +0000 (00:07 -0800)]
Merge pull request #13 from t8m/master

Add ability to clear or set lastlog record for user via lastlog command

8 years agoAdd ability to clear or set lastlog record for user via lastlog command
Tomas Mraz [Thu, 3 Mar 2016 14:37:01 +0000 (15:37 +0100)]
Add ability to clear or set lastlog record for user via lastlog command

This functionality is useful because there is now a feature
of Linux-PAM's pam_lastlog module to block expired users (users
which did not login recently enough) from login. This commit
complements it so the sysadmin is able to unblock such expired user.

Signed-off-by: Tomáš Mráz <tmraz@fedoraproject.org>
8 years agouseradd: respect -r flag when allocating subuids
Serge Hallyn [Thu, 18 Feb 2016 17:20:43 +0000 (09:20 -0800)]
useradd: respect -r flag when allocating subuids

We intend to not create subuids for system users. However we are
checking for command line flags after we check whether -r flag
was set, so it was never found to be true.  Fix that.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
8 years agoMerge pull request #12 from stgraber/master
Serge Hallyn [Mon, 15 Feb 2016 23:27:20 +0000 (15:27 -0800)]
Merge pull request #12 from stgraber/master

Tweak uid/gid map default configuration

8 years agoTweak uid/gid map default configuration
Stéphane Graber [Mon, 15 Feb 2016 23:11:10 +0000 (18:11 -0500)]
Tweak uid/gid map default configuration

 - Use an allocation of 65536 uids and gids to allow for POSIX-compliant
   user owned namespaces.
 - Don't allocate a uid/gid map to system users.
   Unfortunately checking for --system isn't quite enough as some
   distribution wrappers always call useradd without --system and take care
   of choosing a uid and gid themselves, so also check whether the
   requested uid/gid is in the user range.

This is taken from a patch I wrote for Ubuntu a couple years ago and
which somehow didn't make it upstream.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
8 years agoMerge pull request #11 from taizo/typo_in_japanese_usage_desc
Serge Hallyn [Tue, 12 Jan 2016 01:20:57 +0000 (17:20 -0800)]
Merge pull request #11 from taizo/typo_in_japanese_usage_desc

typo in japanese usage description of useradd.

8 years agotypo in japanese usage description of useradd.
Taizo Ito [Mon, 4 Jan 2016 04:27:31 +0000 (13:27 +0900)]
typo in japanese usage description of useradd.

9 years agoFix user busy errors at userdel
Bastian Blank [Tue, 17 Nov 2015 16:52:24 +0000 (10:52 -0600)]
Fix user busy errors at userdel

From: Bastian Blank <bastian.blank@credativ.de>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoMerge pull request #4 from xnox/master
Serge Hallyn [Fri, 13 Nov 2015 05:07:29 +0000 (23:07 -0600)]
Merge pull request #4 from xnox/master

Make shadow more robust in hostile environments

9 years agoMerge pull request #9 from shadow-maint/idmapleak
Serge Hallyn [Fri, 13 Nov 2015 05:03:09 +0000 (23:03 -0600)]
Merge pull request #9 from shadow-maint/idmapleak

Idmapleak

9 years agoMerge pull request #8 from shadow-maint/newgrpleak
Serge Hallyn [Fri, 13 Nov 2015 05:02:13 +0000 (23:02 -0600)]
Merge pull request #8 from shadow-maint/newgrpleak

Fix a resource leak in syslog_sg

9 years agoMerge pull request #6 from stoeckmann/master
Serge Hallyn [Mon, 10 Aug 2015 00:57:38 +0000 (19:57 -0500)]
Merge pull request #6 from stoeckmann/master

Clear passwords on __gr_dup/__pw_dup errors and fix memory leak

9 years agoMerge pull request #5 from vapier/master
Serge Hallyn [Mon, 10 Aug 2015 00:51:54 +0000 (19:51 -0500)]
Merge pull request #5 from vapier/master

misc autoool fixes

9 years agoget_map_ranges: initialize argidx to 0 at top of loop
Serge Hallyn [Thu, 6 Aug 2015 05:34:17 +0000 (00:34 -0500)]
get_map_ranges: initialize argidx to 0 at top of loop

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoFix a resource leak in syslog_sg
Serge Hallyn [Thu, 6 Aug 2015 05:11:06 +0000 (00:11 -0500)]
Fix a resource leak in syslog_sg

Reported at https://alioth.debian.org/tracker/?func=detail&atid=411478&aid=315135&group_id=30580
by Alejandro Joya (afjoyacr-guest)

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoFix a resource leak in libmis/idmapping.c
Serge Hallyn [Thu, 6 Aug 2015 05:10:13 +0000 (00:10 -0500)]
Fix a resource leak in libmis/idmapping.c

Reported at https://alioth.debian.org/tracker/?func=detail&atid=411478&aid=315136&group_id=30580
by Alejandro Joya.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoMerge pull request #7 from shadow-maint/2015-07-20/vflg
Serge Hallyn [Thu, 23 Jul 2015 15:11:46 +0000 (10:11 -0500)]
Merge pull request #7 from shadow-maint/2015-07-20/vflg

Don't limit subuid/subgid support to local users

9 years agoDon't limit subuid/subgid support to local users
Serge Hallyn [Mon, 20 Jul 2015 17:14:26 +0000 (12:14 -0500)]
Don't limit subuid/subgid support to local users

The current implementation of subuid/subgid support in usermod requires the
user to be a local user present in /etc/passwd.  There doesn't seem to be a
good reason for this; subuids should work equally well for users whose
records are in other NSS databases.

Bug-Ubuntu: https://bugs.launchpad.net/bugs/1475749

Author: Steve Langasek <steve.langasek@ubuntu.com>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoFree memory on error path
Tobias Stoeckmann [Sun, 12 Jul 2015 12:30:32 +0000 (14:30 +0200)]
Free memory on error path

When multiple entries with the same name are encountered, nentry is
not properly freed, which results in a memory leak.

9 years agoClear passwords on __gr_dup/__pw_dup errors.
Tobias Stoeckmann [Sat, 11 Jul 2015 11:00:13 +0000 (13:00 +0200)]
Clear passwords on __gr_dup/__pw_dup errors.

The functions __gr_dup and __pw_dup do not explicitly zero the
memory which hold the passwords after free. The gr_free and pw_free
functions do this explicitly.

To guarantee same behaviour, it's possible to call these *_free
functions directly from __*_dup, because the memory is initialized
with zeros at the beginning. Calling free(NULL) has no negative
effect and can be considered safe these days.

9 years agoAllow deleting the group even if it is the primary group of a user
Jesse W. Hathaway [Fri, 12 Jun 2015 22:32:50 +0000 (17:32 -0500)]
Allow deleting the group even if it is the primary group of a user

This is helpful when using configuration management tools such as
Puppet, where you are managing the groups in a central location and you
don't need this safeguard.

Signed-off-by: "Jesse W. Hathaway" <jesse@mbuki-mvuki.org>
Acked-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agonewgidmap manpage: remove wrongly added extra pid arg
Serge Hallyn [Fri, 5 Jun 2015 04:45:58 +0000 (23:45 -0500)]
newgidmap manpage: remove wrongly added extra pid arg

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoignore the compile file
Mike Frysinger [Thu, 30 Apr 2015 06:45:41 +0000 (02:45 -0400)]
ignore the compile file

Newer autotools installs this file.

9 years agorename configure.in
Mike Frysinger [Thu, 30 Apr 2015 06:43:08 +0000 (02:43 -0400)]
rename configure.in

Newer autotools complains when the file is named configure.in.

9 years agoExpand the error message when newuidmap / newgidmap do not like the user/group owners...
Hank Leininger [Mon, 6 Apr 2015 13:22:48 +0000 (08:22 -0500)]
Expand the error message when newuidmap / newgidmap do not like the user/group ownership of their target process.

Currently the error is just:

newuidmap: Target [pid] is owned by a different user

With this patch it will be like:

newuidmap: Target [pid] is owned by a different user: uid:0 pw_uid:0 st_uid:0, gid:0 pw_gid:0 st_gid:99

Why is this useful?  Well, in my case...

The grsecurity kernel-hardening patch includes an option to make parts
of /proc unreadable, such as /proc/pid/ dirs for processes not owned by
the current uid.  This comes with an option to make /proc/pid/
directories readable by a specific gid; sysadmins and the like are then
put into that group so they can see a full 'ps'.

This means that the check in new[ug]idmap fails, as in the above quoted
error - /proc/[targetpid] is owned by root, but the group is 99 so that
users in group 99 can see the process.

Some Googling finds dozens of people hitting this problem, but not
*knowing* that they have hit this problem, because the errors and
circumstances are non-obvious.

Some graceful way of handling this and not failing, will be next ;)  But
in the meantime it'd be nice to have new[ug]idmap emit a more useful
error, so that it's easier to troubleshoot.

Thanks!

Signed-off-by: Hank Leininger <hlein@korelogic.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoMerge pull request #3 from vapier/master
Serge Hallyn [Mon, 16 Mar 2015 17:08:55 +0000 (17:08 +0000)]
Merge pull request #3 from vapier/master

man: useradd(8): fix typo in German translation

9 years agoCreate dbs with correct permissions.
Dimitri John Ledkov [Fri, 27 Feb 2015 16:26:57 +0000 (16:26 +0000)]
Create dbs with correct permissions.

9 years agoForce use shadow, even if missing.
Dimitri John Ledkov [Fri, 27 Feb 2015 14:18:56 +0000 (14:18 +0000)]
Force use shadow, even if missing.

9 years agoDo not fail on missing files in /etc/, create them instead.
Dimitri John Ledkov [Fri, 27 Feb 2015 13:17:25 +0000 (13:17 +0000)]
Do not fail on missing files in /etc/, create them instead.

passwd, shadow, group, gshadow etc. can be managed via nss -
e.g. system default accounts can be specified using nss_altfiles,
rather than in /etc/. Thus despite having default accounts, these
files can be missing on disk and thus should be opened with O_CREATE
whenever they are attempted to be opened in O_RDWR modes.

9 years agoDo not report unknown settings, when compiled with PAM.
Dimitri John Ledkov [Fri, 27 Feb 2015 12:39:44 +0000 (12:39 +0000)]
Do not report unknown settings, when compiled with PAM.

When compiled with PAM certain settings are not used, however they are
still defined in the stock login.defs file. Thus every command reports
them as "unknown setting contact administrator".

Alternative would be to parse stock login.defs and comment out/remove
settings that are not applied, when compiled with PAM.

9 years agoDo not bail out on missing login.defs.
Dimitri John Ledkov [Fri, 27 Feb 2015 11:23:58 +0000 (11:23 +0000)]
Do not bail out on missing login.defs.

For most operations tools have compiled-in defaults, and thus can
operate without login.defs present.

9 years agoSuppress pwconv passwd- chmod failure message
Duncan Eastoe [Mon, 9 Feb 2015 14:39:31 +0000 (14:39 +0000)]
Suppress pwconv passwd- chmod failure message

Prevent chmod failure message from displaying if the failure
was due to the backup file not existing.

If there is no backup file present and if no changes have been
made, then this error would always appear since the backup
file isn't created in this situation.

Signed-off-by: Duncan Eastoe <deastoe@Brocade.com>
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
9 years agoman: useradd(8): fix typo in German translation
Mike Frysinger [Mon, 16 Jun 2014 05:48:27 +0000 (01:48 -0400)]
man: useradd(8): fix typo in German translation

When referring to USERGROUPS_ENAB, the German mentions /etc/default/useradd
when it should be /etc/login.defs (like the original English does).

Reported-by: Stefan Kiesler <heavymetal@gmx.de>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
10 years agoTest userdel/usermod when homedir is a symlink
Nicolas François [Sat, 20 Sep 2014 22:33:02 +0000 (00:33 +0200)]
Test userdel/usermod when homedir is a symlink

10 years agoExtend checks for changing U/GID in home directory
Nicolas François [Sat, 20 Sep 2014 21:59:46 +0000 (23:59 +0200)]
Extend checks for changing U/GID in home directory

Add files with user or group owner different from the user.

10 years agoExtend checks for moving home directory
Nicolas François [Sat, 20 Sep 2014 21:56:25 +0000 (23:56 +0200)]
Extend checks for moving home directory

Add hard link to files inside or outside the home directory)
Add files with user or group owner different from the user.

10 years agosubids options added to usermod's usage
Nicolas François [Sat, 20 Sep 2014 21:18:52 +0000 (23:18 +0200)]
subids options added to usermod's usage

10 years agoProvides coverage with traceability to test cases
Nicolas François [Sat, 20 Sep 2014 20:49:41 +0000 (22:49 +0200)]
Provides coverage with traceability to test cases

10 years agoAdd missing configuration files
Nicolas François [Sat, 20 Sep 2014 20:39:27 +0000 (22:39 +0200)]
Add missing configuration files

10 years agouseradd now uses link rather than rename
Nicolas François [Sat, 20 Sep 2014 20:35:21 +0000 (22:35 +0200)]
useradd now uses link rather than rename

10 years agoAdd support for syscall failure tests
Nicolas François [Sat, 20 Sep 2014 14:15:32 +0000 (16:15 +0200)]
Add support for syscall failure tests

10 years agoAdd cleanup script
Nicolas François [Sat, 20 Sep 2014 14:14:33 +0000 (16:14 +0200)]
Add cleanup script

10 years agoAdd config to disable execution of failure tests
Nicolas François [Sat, 20 Sep 2014 14:10:57 +0000 (16:10 +0200)]
Add config to disable execution of failure tests

10 years agoAdd tests for subids handling
Nicolas François [Sat, 20 Sep 2014 13:49:41 +0000 (15:49 +0200)]
Add tests for subids handling

10 years agoUse build_path from common/config.sh
Nicolas François [Sat, 20 Sep 2014 13:46:14 +0000 (15:46 +0200)]
Use build_path from common/config.sh

10 years agoForce removal of files when restoring system config
Nicolas François [Sat, 20 Sep 2014 13:40:46 +0000 (15:40 +0200)]
Force removal of files when restoring system config

10 years agoUpdate list of files in login and passwd packages
Nicolas François [Sat, 20 Sep 2014 13:39:32 +0000 (15:39 +0200)]
Update list of files in login and passwd packages

10 years agosub[ug]id: compare range before comparing username/UID, to avoid unnecessary syscalls subuigid-numeric
Bostjan Skufca [Sat, 6 Sep 2014 18:47:55 +0000 (18:47 +0000)]
sub[ug]id: compare range before comparing username/UID, to avoid unnecessary syscalls

Change suggested by Nicolas François as performance optimization.
Performance penalty would be really noticeable when usernames are
stored in remote databases (ldap).

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
10 years agosub[ug]id manpages: add note about performance when using login names versus UIDs
Bostjan Skufca [Fri, 5 Sep 2014 22:34:40 +0000 (22:34 +0000)]
sub[ug]id manpages: add note about performance when using login names versus UIDs

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
10 years agonewuidmap/newgidmap: added support for user matching by UID in /etc/sub[ug]id
Bostjan Skufca [Fri, 5 Sep 2014 21:21:03 +0000 (21:21 +0000)]
newuidmap/newgidmap: added support for user matching by UID in /etc/sub[ug]id

Until now only exact username specification in /etc/sub[ug]id file allowed the
mapping. This prevented normal use for those users who use multiple usernames
with the same UID, as it rejected mapping even though it was allowed for
another username with the same UID.

This patch initially retains the old behaviour, for performance's sake. In the
first pass, new[ug]idmap only searches for exact username match.
If that yields no valid results, it continues into another loop, which does UID
resolution and comparison. If either definition (numeric UID mapping
specification or mapping specification for another username with the same UID as
current username) is found, it is used.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
10 years agoAdd tests from the old svn tree
Serge Hallyn [Wed, 17 Sep 2014 19:42:55 +0000 (14:42 -0500)]
Add tests from the old svn tree

We're losing the svn history (which we could probably keep if we tried
hard enough) but don't consider that worthwhile.

Note these tests are destructive, so run them only in a throwaway
environment like a chroot, container, or vm.

The tests/run.all script should be the one which launches all the tests.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
10 years agoCheck size of uid_t and gid_t using AC_CHECK_SIZEOF
James Le Cuirot [Sat, 23 Aug 2014 08:46:39 +0000 (09:46 +0100)]
Check size of uid_t and gid_t using AC_CHECK_SIZEOF

This built-in check is simpler than the previous method and, most
importantly, works when cross-compiling.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>