]> granicus.if.org Git - shadow/log
shadow
7 years agospelling: if the
Josh Soref [Sun, 22 Oct 2017 19:47:52 +0000 (19:47 +0000)]
spelling: if the

7 years agospelling: if
Josh Soref [Sun, 22 Oct 2017 20:52:44 +0000 (20:52 +0000)]
spelling: if

7 years agospelling: gshadow
Josh Soref [Sun, 22 Oct 2017 19:47:08 +0000 (19:47 +0000)]
spelling: gshadow

7 years agospelling: groupmod
Josh Soref [Sun, 22 Oct 2017 19:33:50 +0000 (19:33 +0000)]
spelling: groupmod

7 years agospelling: gratuitously
Josh Soref [Sun, 22 Oct 2017 19:17:02 +0000 (19:17 +0000)]
spelling: gratuitously

7 years agospelling: getxxyyy
Josh Soref [Sun, 22 Oct 2017 19:16:30 +0000 (19:16 +0000)]
spelling: getxxyyy

7 years agospelling: forgotten
Josh Soref [Sun, 22 Oct 2017 19:13:08 +0000 (19:13 +0000)]
spelling: forgotten

7 years agospelling: faillog
Josh Soref [Sun, 22 Oct 2017 19:11:52 +0000 (19:11 +0000)]
spelling: faillog

7 years agospelling: equivalent
Josh Soref [Sun, 22 Oct 2017 19:11:20 +0000 (19:11 +0000)]
spelling: equivalent

7 years agospelling: enviroment
Josh Soref [Sun, 22 Oct 2017 19:10:52 +0000 (19:10 +0000)]
spelling: enviroment

7 years agospelling: entered
Josh Soref [Sun, 22 Oct 2017 19:10:41 +0000 (19:10 +0000)]
spelling: entered

7 years agospelling: else
Josh Soref [Sun, 22 Oct 2017 19:08:39 +0000 (19:08 +0000)]
spelling: else

7 years agospelling: display its
Josh Soref [Sun, 22 Oct 2017 18:44:58 +0000 (18:44 +0000)]
spelling: display its

7 years agospelling: displaying
Josh Soref [Sun, 22 Oct 2017 18:43:40 +0000 (18:43 +0000)]
spelling: displaying

7 years agospelling: displayed
Josh Soref [Sun, 22 Oct 2017 18:43:48 +0000 (18:43 +0000)]
spelling: displayed

7 years agospelling: devices
Josh Soref [Sun, 22 Oct 2017 18:40:47 +0000 (18:40 +0000)]
spelling: devices

7 years agospelling: default
Josh Soref [Sun, 22 Oct 2017 18:34:35 +0000 (18:34 +0000)]
spelling: default

7 years agospelling: cumulative
Josh Soref [Sun, 22 Oct 2017 18:33:13 +0000 (18:33 +0000)]
spelling: cumulative

7 years agospelling: created
Josh Soref [Sun, 22 Oct 2017 08:23:57 +0000 (08:23 +0000)]
spelling: created

7 years agospelling: conversation
Josh Soref [Sun, 22 Oct 2017 18:32:19 +0000 (18:32 +0000)]
spelling: conversation

7 years agospelling: constraints
Josh Soref [Sun, 22 Oct 2017 21:07:23 +0000 (21:07 +0000)]
spelling: constraints

7 years agospelling: configuration
Josh Soref [Sun, 22 Oct 2017 18:31:51 +0000 (18:31 +0000)]
spelling: configuration

7 years agospelling: conditionally
Josh Soref [Sun, 22 Oct 2017 18:31:24 +0000 (18:31 +0000)]
spelling: conditionally

7 years agospelling: comment
Josh Soref [Sun, 22 Oct 2017 18:25:35 +0000 (18:25 +0000)]
spelling: comment

7 years agospelling: command
Josh Soref [Sun, 22 Oct 2017 18:25:46 +0000 (18:25 +0000)]
spelling: command

7 years agospelling: close
Josh Soref [Sun, 22 Oct 2017 18:25:14 +0000 (18:25 +0000)]
spelling: close

7 years agospelling: chpasswd
Josh Soref [Sun, 22 Oct 2017 18:23:41 +0000 (18:23 +0000)]
spelling: chpasswd

7 years agospelling: checking
Josh Soref [Sun, 22 Oct 2017 18:22:12 +0000 (18:22 +0000)]
spelling: checking

7 years agospelling: changed
Josh Soref [Sun, 22 Oct 2017 08:24:23 +0000 (08:24 +0000)]
spelling: changed

7 years agospelling: change
Josh Soref [Sun, 22 Oct 2017 08:24:59 +0000 (08:24 +0000)]
spelling: change

7 years agospelling: categories
Josh Soref [Sun, 22 Oct 2017 08:08:07 +0000 (08:08 +0000)]
spelling: categories

7 years agospelling: cannot
Josh Soref [Sun, 22 Oct 2017 08:05:45 +0000 (08:05 +0000)]
spelling: cannot

7 years agospelling: built
Josh Soref [Sun, 22 Oct 2017 18:41:48 +0000 (18:41 +0000)]
spelling: built

7 years agospelling: better
Josh Soref [Sun, 22 Oct 2017 08:05:08 +0000 (08:05 +0000)]
spelling: better

7 years agospelling: beginning
Josh Soref [Sun, 22 Oct 2017 08:04:51 +0000 (08:04 +0000)]
spelling: beginning

7 years agospelling: available
Josh Soref [Sun, 22 Oct 2017 08:02:00 +0000 (08:02 +0000)]
spelling: available

7 years agospelling: attributes
Josh Soref [Sun, 22 Oct 2017 07:59:41 +0000 (07:59 +0000)]
spelling: attributes

7 years agospelling: at the
Josh Soref [Sun, 22 Oct 2017 08:00:59 +0000 (08:00 +0000)]
spelling: at the

7 years agospelling: applied
Josh Soref [Sun, 22 Oct 2017 07:57:56 +0000 (07:57 +0000)]
spelling: applied

7 years agospelling: anonymous
Josh Soref [Sun, 22 Oct 2017 07:56:49 +0000 (07:56 +0000)]
spelling: anonymous

7 years agospelling: always
Josh Soref [Sun, 22 Oct 2017 07:56:16 +0000 (07:56 +0000)]
spelling: always

7 years agospelling: allowed
Josh Soref [Sun, 22 Oct 2017 07:56:05 +0000 (07:56 +0000)]
spelling: allowed

7 years agospelling: address
Josh Soref [Sun, 22 Oct 2017 07:55:43 +0000 (07:55 +0000)]
spelling: address

7 years agospelling: account
Josh Soref [Sun, 22 Oct 2017 07:52:04 +0000 (07:52 +0000)]
spelling: account

6 years agoMerge pull request #97 from cyphar/newgidmap-secure-setgroups
Serge Hallyn [Fri, 16 Feb 2018 14:40:39 +0000 (08:40 -0600)]
Merge pull request #97 from cyphar/newgidmap-secure-setgroups

newgidmap: enforce setgroups=deny if self-mapping a group

6 years agoREADME: add Aleksa Sarai to author list
Aleksa Sarai [Thu, 15 Feb 2018 14:37:42 +0000 (01:37 +1100)]
README: add Aleksa Sarai to author list

Signed-off-by: Aleksa Sarai <asarai@suse.de>
6 years agonewgidmap: enforce setgroups=deny if self-mapping a group
Aleksa Sarai [Thu, 15 Feb 2018 12:49:40 +0000 (23:49 +1100)]
newgidmap: enforce setgroups=deny if self-mapping a group

This is necessary to match the kernel-side policy of "self-mapping in a
user namespace is fine, but you cannot drop groups" -- a policy that was
created in order to stop user namespaces from allowing trivial privilege
escalation by dropping supplementary groups that were "blacklisted" from
certain paths.

This is the simplest fix for the underlying issue, and effectively makes
it so that unless a user has a valid mapping set in /etc/subgid (which
only administrators can modify) -- and they are currently trying to use
that mapping -- then /proc/$pid/setgroups will be set to deny. This
workaround is only partial, because ideally it should be possible to set
an "allow_setgroups" or "deny_setgroups" flag in /etc/subgid to allow
administrators to further restrict newgidmap(1).

We also don't write anything in the "allow" case because "allow" is the
default, and users may have already written "deny" even if they
technically are allowed to use setgroups. And we don't write anything if
the setgroups policy is already "deny".

Ref: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
Fixes: CVE-2018-7169
Reported-by: Craig Furman <craig.furman89@gmail.com>
Signed-off-by: Aleksa Sarai <asarai@suse.de>
6 years agoMerge pull request #92 from IronicBadger/master
Serge Hallyn [Fri, 19 Jan 2018 04:42:12 +0000 (22:42 -0600)]
Merge pull request #92 from IronicBadger/master

Fixes mispelling of MAX_DAYS help text

6 years agoFixes mispelling of MAX_DAYS help text
Alex Kretzschmar [Wed, 17 Jan 2018 12:21:48 +0000 (12:21 +0000)]
Fixes mispelling of MAX_DAYS help text

6 years agoMerge pull request #90 from t8m/userdel-chroot
Serge Hallyn [Tue, 9 Jan 2018 04:57:43 +0000 (22:57 -0600)]
Merge pull request #90 from t8m/userdel-chroot

Make userdel to work with -R.

6 years agoMerge pull request #91 from kloeri/master
Serge Hallyn [Tue, 9 Jan 2018 04:56:23 +0000 (22:56 -0600)]
Merge pull request #91 from kloeri/master

Add note to passwd(1) that --maxdays -1 disables the setting.

6 years agoAdd note to passwd(1) that --maxdays -1 disables the setting.
Bryan Østergaard [Wed, 3 Jan 2018 17:32:44 +0000 (18:32 +0100)]
Add note to passwd(1) that --maxdays -1 disables the setting.

This note already exists in chage(1).

6 years agoMake userdel to work with -R.
Tomas Mraz [Thu, 21 Dec 2017 08:12:58 +0000 (09:12 +0100)]
Make userdel to work with -R.

The userdel checks for users with getpwnam() which might not work
properly in chroot. Check for the user's presence in local files only.

7 years agoMerge pull request #86 from WheresAlice/master
Serge Hallyn [Fri, 6 Oct 2017 22:47:31 +0000 (17:47 -0500)]
Merge pull request #86 from WheresAlice/master

Make language more inclusive

7 years agoMerge pull request #82 from t8m/ingroup
Serge Hallyn [Fri, 6 Oct 2017 22:45:31 +0000 (17:45 -0500)]
Merge pull request #82 from t8m/ingroup

newgrp: avoid unnecessary group lookups

7 years agoMerge pull request #84 from jubalh/mentionman
Serge Hallyn [Fri, 6 Oct 2017 22:43:47 +0000 (17:43 -0500)]
Merge pull request #84 from jubalh/mentionman

Add note about conditional man pages

7 years agoMerge pull request #85 from jubalh/nosilent
Serge Hallyn [Fri, 29 Sep 2017 15:08:47 +0000 (10:08 -0500)]
Merge pull request #85 from jubalh/nosilent

Add warning when turning off man switch

7 years agoAdd error when turning off man switch
Michael Vetter [Fri, 8 Sep 2017 14:25:29 +0000 (16:25 +0200)]
Add error when turning off man switch

Print a warning and abort in case xsltproc is missing.

7 years agoMake language less binary
WheresAlice [Tue, 19 Sep 2017 18:12:42 +0000 (18:12 +0000)]
Make language less binary

7 years agoAdd note about conditional man pages
Michael Vetter [Fri, 8 Sep 2017 14:20:18 +0000 (16:20 +0200)]
Add note about conditional man pages

Closes https://github.com/shadow-maint/shadow/issues/83

7 years agonewgrp: avoid unnecessary group lookups
Tomas Mraz [Mon, 14 Aug 2017 09:38:46 +0000 (11:38 +0200)]
newgrp: avoid unnecessary group lookups

In case a system uses remote identity server (LDAP) the group lookup
can be very slow. We avoid it when we already know the user has the
group membership.

7 years agonl.po: fix some missing newlines
Serge Hallyn [Sun, 16 Jul 2017 22:09:00 +0000 (17:09 -0500)]
nl.po: fix some missing newlines

Signed-off-by: Serge Hallyn <serge@hallyn.com>
7 years agoImport new Dutch translations.
Serge Hallyn [Sun, 16 Jul 2017 21:46:21 +0000 (16:46 -0500)]
Import new Dutch translations.

Thanks to Frans Spiesschaert.

Signed-off-by: Serge Hallyn <serge@hallyn.com>
7 years agoupdate changelog for last commit
Serge Hallyn [Tue, 11 Jul 2017 02:52:02 +0000 (21:52 -0500)]
update changelog for last commit

7 years agoadd error constant names to groupmod.8.xml This assists someone wanting to work out...
sbts [Sun, 18 Jun 2017 14:23:01 +0000 (22:23 +0800)]
add error constant names to groupmod.8.xml This assists someone wanting to work out what may have caused the error

7 years agoimplement and document additional error codes for groupmod add E_CLEANUP_SERVICE...
sbts [Sun, 18 Jun 2017 14:17:01 +0000 (22:17 +0800)]
implement and document additional error codes for groupmod add E_CLEANUP_SERVICE, E_PAM_USERNAME, E_PAM_ERROR to groupmod.c and groupmod.8.xml

7 years agoMerge pull request #74 from AdamMajer/upstream
Serge Hallyn [Fri, 16 Jun 2017 03:41:25 +0000 (22:41 -0500)]
Merge pull request #74 from AdamMajer/upstream

support dynamically added users via pam_group

7 years agoMerge pull request #76 from edmorley/fix-changelog-dates
Serge Hallyn [Fri, 16 Jun 2017 03:38:01 +0000 (22:38 -0500)]
Merge pull request #76 from edmorley/fix-changelog-dates

Correct wrong year in ChangeLog dates

7 years agoCorrect wrong year in ChangeLog dates
Ed Morley [Thu, 15 Jun 2017 13:34:46 +0000 (14:34 +0100)]
Correct wrong year in ChangeLog dates

The recently added entries were actually for 2017.

7 years agosupport dynamically added users via pam_group
Adam Majer [Mon, 22 May 2017 11:42:35 +0000 (13:42 +0200)]
support dynamically added users via pam_group

Dynamically added users via pam_group are not listed in groups
databases but are still valid.

7 years agorelease 4.5 4.5
Serge Hallyn [Wed, 17 May 2017 19:33:02 +0000 (14:33 -0500)]
release 4.5

7 years agoupdate Changelog
Serge Hallyn [Wed, 17 May 2017 19:27:48 +0000 (14:27 -0500)]
update Changelog

7 years agoMerge pull request #72 from stoeckmann/su-regression
Serge Hallyn [Sun, 14 May 2017 16:41:40 +0000 (11:41 -0500)]
Merge pull request #72 from stoeckmann/su-regression

Reset pid_child only if waitpid was successful.

7 years agoReset pid_child only if waitpid was successful.
Tobias Stoeckmann [Sun, 14 May 2017 15:58:10 +0000 (17:58 +0200)]
Reset pid_child only if waitpid was successful.

Do not reset the pid_child to 0 if the child process is still
running. This else-condition can be reached with pid being -1,
therefore explicitly test this condition.

This is a regression fix for CVE-2017-2616. If su receives a
signal like SIGTERM, it is not propagated to the child.

Reported-by: Radu Duta <raduduta@gmail.com>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
7 years agoMerge pull request #71 from lamby/sp_lstchg-reproducible-857803
Serge Hallyn [Wed, 19 Apr 2017 22:11:32 +0000 (17:11 -0500)]
Merge pull request #71 from lamby/sp_lstchg-reproducible-857803

Make the sp_lstchg shadow field reproducible.

7 years agoMake the sp_lstchg shadow field reproducible.
Chris Lamb [Wed, 15 Mar 2017 10:36:21 +0000 (10:36 +0000)]
Make the sp_lstchg shadow field reproducible.

The third field in the /etc/shadow file (sp_lstchg) contains the date of
the last password change expressed as the number of days since Jan 1, 1970.
As this is a relative time, creating a user today will result in:

   username:17238:0:99999:7:::

whilst creating the same user tomorrow will result in:

    username:17239:0:99999:7:::

This has an impact for the Reproducible Builds[0] project where we aim to
be independent of as many elements the build environment as possible,
including the current date.

This patch changes the behaviour to use the SOURCE_DATE_EPOCH[1]
environment variable (instead of Jan 1, 1970) if valid.

 [0] https://reproducible-builds.org/
 [1] https://reproducible-builds.org/specs/source-date-epoch/

Signed-off-by: Chris Lamb <lamby@debian.org>
7 years agoMerge pull request #70 from t8m/master
Serge Hallyn [Sat, 1 Apr 2017 20:46:05 +0000 (15:46 -0500)]
Merge pull request #70 from t8m/master

Fix buffer overflow if NULL line is present in db.

7 years agoFix buffer overflow if NULL line is present in db.
Tomas Mraz [Fri, 31 Mar 2017 14:25:06 +0000 (16:25 +0200)]
Fix buffer overflow if NULL line is present in db.

If ptr->line == NULL for an entry, the first cycle will exit,
but the second one will happily write past entries buffer.
We actually do not want to exit the first cycle prematurely
on ptr->line == NULL.
Signed-off-by: Tomas Mraz <tmraz@fedoraproject.org>
7 years agoMerge pull request #68 from yurayko/master
Serge Hallyn [Mon, 27 Mar 2017 13:24:40 +0000 (08:24 -0500)]
Merge pull request #68 from yurayko/master

updated russian translation

7 years agouser_busy: fix missing close of subuid file on error
Serge Hallyn [Thu, 23 Mar 2017 22:07:46 +0000 (17:07 -0500)]
user_busy: fix missing close of subuid file on error

Closes #69

Reported-by: plenkow
Signed-off-by: Serge Hallyn <serge@hallyn.com>
7 years agoMerge branch 'master' of https://github.com/yurayko/shadow
Yuri Kozlov [Sat, 18 Mar 2017 07:42:12 +0000 (10:42 +0300)]
Merge branch 'master' of https://github.com/yurayko/shadow

7 years agoupdated russian translation
Yuri Kozlov [Sun, 5 Mar 2017 08:17:27 +0000 (11:17 +0300)]
updated russian translation

7 years agoUpdate ru.po
yurayko [Sat, 18 Mar 2017 07:27:34 +0000 (11:27 +0400)]
Update ru.po

7 years agoUpdate ru.po
yurayko [Sat, 18 Mar 2017 07:17:56 +0000 (11:17 +0400)]
Update ru.po

7 years agoupdated russian translation
Yuri Kozlov [Sun, 5 Mar 2017 08:17:27 +0000 (11:17 +0300)]
updated russian translation

7 years agochangelog for last commit
Serge Hallyn [Thu, 23 Feb 2017 19:44:27 +0000 (13:44 -0600)]
changelog for last commit

7 years agosu: properly clear child PID
Tobias Stoeckmann [Thu, 23 Feb 2017 15:47:29 +0000 (09:47 -0600)]
su: properly clear child PID

If su is compiled with PAM support, it is possible for any local user
to send SIGKILL to other processes with root privileges. There are
only two conditions. First, the user must be able to perform su with
a successful login. This does NOT have to be the root user, even using
su with the same id is enough, e.g. "su $(whoami)". Second, SIGKILL
can only be sent to processes which were executed after the su process.
It is not possible to send SIGKILL to processes which were already
running. I consider this as a security vulnerability, because I was
able to write a proof of concept which unlocked a screen saver of
another user this way.

7 years agoMerge pull request #67 from AdamMajer/upstream
Serge Hallyn [Tue, 21 Feb 2017 20:37:42 +0000 (14:37 -0600)]
Merge pull request #67 from AdamMajer/upstream

Print error on exec failure + cosmetic changes

7 years agoRemove extra parenthesis
Adam Majer [Mon, 20 Feb 2017 13:49:30 +0000 (14:49 +0100)]
Remove extra parenthesis

7 years agoRemove unnecessary static variable usage
Adam Majer [Mon, 20 Feb 2017 13:46:18 +0000 (14:46 +0100)]
Remove unnecessary static variable usage

7 years agoAdd error handling in case exec fails
Josef Möllers [Mon, 20 Feb 2017 13:32:37 +0000 (14:32 +0100)]
Add error handling in case exec fails

We should print error message if exec fails, for some reason.

7 years agoUpdate changelog
Serge Hallyn [Sat, 11 Feb 2017 15:03:56 +0000 (09:03 -0600)]
Update changelog

7 years agouseradd: Read defaults after changing root directories
David Michael [Wed, 8 Feb 2017 23:48:36 +0000 (15:48 -0800)]
useradd: Read defaults after changing root directories

This reverts the behavior of "useradd --root" to using the settings
from login.defs in the target root directory, not the root of the
executed useradd command.

7 years agoDeleted a misplaced semicolon.
Josef Moellers [Fri, 10 Feb 2017 13:52:26 +0000 (14:52 +0100)]
Deleted a misplaced semicolon.

7 years agoUpdate Kazakh translation
Baurzhan Muftakhidinov [Tue, 7 Feb 2017 12:09:54 +0000 (17:09 +0500)]
Update Kazakh translation

Signed-off-by: Serge Hallyn <serge@hallyn.com>
7 years agoMerge pull request #59 from rbalint/master
Serge Hallyn [Sun, 5 Feb 2017 02:27:17 +0000 (20:27 -0600)]
Merge pull request #59 from rbalint/master

Patches from the Debian BTS

7 years agoUpdate changelog
Serge Hallyn [Sun, 29 Jan 2017 20:49:03 +0000 (14:49 -0600)]
Update changelog

7 years agoDon't crash on bogus keys in login.defs if PAM is enabled
Bernhard Rosenkränzer [Thu, 26 Jan 2017 15:48:48 +0000 (16:48 +0100)]
Don't crash on bogus keys in login.defs if PAM is enabled

Without this patch, PAM enabled builds crash when encountering an
invalid key in login.defs or key overrides because of array overflows

To reproduce, simply
useradd -K Windows=broken

Signed-off-by: Bernhard Rosenkränzer <bero@lindev.ch>
Signed-off-by: Serge Hallyn <serge@hallyn.com>
7 years agozh_TW.po: Remove duplicated Plural-Forms
Jakub Wilk [Tue, 24 Jan 2017 20:21:48 +0000 (21:21 +0100)]
zh_TW.po: Remove duplicated Plural-Forms

Signed-off-by: Serge Hallyn <serge@hallyn.com>
7 years agoChangelog for last commit
Serge Hallyn [Sun, 29 Jan 2017 20:38:44 +0000 (14:38 -0600)]
Changelog for last commit