2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
* src/useradd.c: spool is a constant string.
* src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false
2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
* src/usermod.c: move_home() is only called if mflg is set.
* src/usermod.c: Fail is -m is provided but the old home directory
is not a directory.
* src/usermod.c: Use the previous improvement of copy_tree to
provide better error diagnosis.
* src/usermod.c: When rename() is used, also change the ownership.
* src/usermod.c: Do not change the ownership of the root directory
twice.
* src/usermod.c: When -u is provided, only change the ownership of
the home directory if it is a directory.
* src/usermod.c: Also change ownerships when -g is used.
2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
* lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to
copy_tree to detect when ownership shall be changed.
* libmisc/copydir.c: Document the behavior when the IDs are set to
-1.
* lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter
copy_root.
* libmisc/copydir.c: error() and ctx can be static.
* libmisc/copydir.c (copy_hardlink): Remove parameter src.
2010-04-04 Nicolas François <nicolas.francois@centraliens.net>
* libmisc/chowndir.c: Dynamically allocate memory to support
path longer than 1024 characters.
* libmisc/chowndir.c: Fix typos in documentation.
* libmisc/chowndir.c: Support and document the behavior when a old
or new ID is set to -1.
* libmisc/chowndir.c: Improved error detection when chown fails.
* libmisc/chowndir.c: Harmonize error handling strategy when an
error occurs: stop changing ownership as soon as an error was
detected.
nekral-guest [Tue, 30 Mar 2010 21:54:29 +0000 (21:54 +0000)]
* po/POTFILES.in, libmisc/Makefile.am, lib/prototypes.h,
libmisc/remove_tree.c, libmisc/copydir.c: Split remove_tree()
outside of copydir.c to avoid linking against libacl or libattr.
nekral-guest [Thu, 25 Mar 2010 20:35:59 +0000 (20:35 +0000)]
* NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml:
PAM enabled versions: restore the -e option to allow restoring
passwords without knowing those passwords. Restore together the -m
and -c options.
nekral-guest [Tue, 23 Mar 2010 11:26:34 +0000 (11:26 +0000)]
* src/newgrp.c: Limit the scope of variable pid.
* src/login_nopam.c: Limit the scope of variables end, lineno, i,
str_len.
* src/logoutd.c: Limit the scope of variable c.
* src/vipw.c: Re-indent.
* src/vipw.c: Close the file after the creation of the backup.
* src/useradd.c (set_default): Close input file on failure.
* src/useradd.c: Limit the scope of variables spool, file, fd, gr,
gid, mode.
* src/passwd.c: Limit the scope of variables last and ok.
* src/chage.c: Fix typo (non breaking space).
* src/login.c: Limit the scope of variables erasechar killchar, c,
failed.
* src/groups.c: Limit the scope of variable ngroups, pri_grp, i.
* src/id.c: Limit the scope of variable i.
nekral-guest [Tue, 23 Mar 2010 08:56:52 +0000 (08:56 +0000)]
* lib/utent.c (getutline): Remove getutline(). This function is
no more used.
* lib/groupmem.c: Limit the scope of variable i.
* lib/shadow.c: Avoid implicit conversion of pointers and integers
to booleans.
* lib/shadow.c: Added brackets.
* libmisc/limits.c: Limit the scope of variable tmpmask.
* libmisc/copydir.c: Close opened file on failure.
* libmisc/loginprompt.c: Limit the scope of variable envc.
* libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope
of variable id.
nekral-guest [Sun, 21 Mar 2010 01:20:50 +0000 (01:20 +0000)]
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some
misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and
the GID equivalents)
nekral-guest [Sat, 20 Mar 2010 10:25:34 +0000 (10:25 +0000)]
* man/generate_translations.mak, man/generate_mans.mak: Fix
distcheck. All manpages generation code shall be enclosed in
ENABLE_REGENERATE_MAN conditions.
nekral-guest [Sat, 20 Mar 2010 10:23:57 +0000 (10:23 +0000)]
* man/useradd.8.xml: Do not document the features which are not
working.
* man/useradd.8.xml: Fix typo: -u was meant instead of -o.
* man/useradd.8.xml: Document that the default behavior depends on
CREATE_HOME.
nekral-guest [Thu, 18 Mar 2010 23:20:15 +0000 (23:20 +0000)]
* NEWS, libmisc/limits.c: Fix parsing of limits.
* NEWS, libmisc/limits.c, man/limits.5.xml: Add support for
infinite limits.
* NEWS, libmisc/limits.c, man/limits.5.xml: Add support for @group
syntax.
nekral-guest [Thu, 18 Mar 2010 11:53:49 +0000 (11:53 +0000)]
* libmisc/strtoday.c: Add support for numerical dates, assuming
they are already specified in number of days since Epoch. Return
-2 in case of errors to support the specification of -1.
* src/usermod.c, src/useradd.c: Adapt to the new error value of
strtoday().
* src/chage.c: Remove isnum(). Adapt to the new error value of
strtoday(). Support for numerical dates is moved to strtoday().
nekral-guest [Thu, 18 Mar 2010 10:25:08 +0000 (10:25 +0000)]
* src/pwck.c: Remove the -s option from the usage when USE_TCB is
enabled. The option is still supported, but has no effect, as
documented in the manpage.
nekral-guest [Thu, 18 Mar 2010 09:21:27 +0000 (09:21 +0000)]
* src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c,
src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the
SHADOWTCB_FAILURE return code instead of 0 or implicit conversion
to booleans.
nekral-guest [Thu, 18 Mar 2010 09:01:04 +0000 (09:01 +0000)]
2010-03-18 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
* src/pwck.c: Add support for TCB.
* src/pwck.c: Use spw_dbname() instead of spw_file since TCB
changes from a file to another depending on the user. Also use
pw_dbname() for consistency.
nekral-guest [Wed, 17 Mar 2010 23:59:55 +0000 (23:59 +0000)]
* lib/tcbfuncs.h: Added type shadowtcb_status.
* lib/tcbfuncs.h, lib/tcbfuncs.c: Return a shadowtcb_status
instead of an int.
* lib/tcbfuncs.c: Do not return in OUT_OF_MEMORY.
nekral-guest [Tue, 16 Mar 2010 19:15:22 +0000 (19:15 +0000)]
* man/faillog.8.xml: Document the behavior in display mode of the
-a option.
* NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to
the non-display mode. This changes the default behavior of the -l,
-m, -r, -t options when -a is not specified (restrict to existing
users).
nekral-guest [Tue, 16 Mar 2010 19:15:05 +0000 (19:15 +0000)]
* man/chage.1.xml, man/login.defs.5.xml, man/pwck.8.xml,
man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml,
man/usermod.8.xml, man/vipw.8.xml: Document the usage of the
TCB_AUTH_GROUP, TCB_SYMLINKS, and USE_TCB configuration
parameters.
* man/pwconv.8.xml, man/pwck.8.xml: Document the behavior when
USE_TCB is enabled.
nekral-guest [Tue, 16 Mar 2010 19:14:54 +0000 (19:14 +0000)]
* po/POTFILES.in, lib/tcbfuncs.c: Add more strings for
translation.
* lib/tcbfuncs.c: Indicate the name of the program in error
messages. Avoid perror.
* src/useradd.c: Re-indent.
* src/useradd.c: Add more strings for translation. Indicate the
name of the program in error messages.
* src/userdel.c: Re-indent.
* src/userdel.c: Add more strings for translation. Indicate the
name of the program in error messages.
nekral-guest [Thu, 11 Mar 2010 22:03:57 +0000 (22:03 +0000)]
* lib/shadowio.c: Re-indent.
* lib/shadowio.c: Added brackets and parenthesis.
* lib/shadowio.c: Document the sections closed by #endif
* lib/shadowio.c: Avoid negation of comparisons.
* lib/shadowio.c: Avoid implicit conversion of integer to booleans
and booleans to integers.
nekral-guest [Thu, 11 Mar 2010 22:03:37 +0000 (22:03 +0000)]
* src/vipw.c: Document the sections closed by #endif
* src/vipw.c: Avoid implicit conversion of pointers or integers to
booleans.
* src/vipw.c: Added brackets and parenthesis.
* src/vipw.c: Limit the definition of some variables and macros to
the WITH_TCB scope.
* src/vipw.c: Avoid assignment in comparisons.
* src/vipw.c: Replace PASSWD_FILE (resp. GROUP_FILE and
SGROUP_FILE) by pw_dbname () (resp. gr_dbname () and sgr_dbname ()).
This is more consistent with the shadow file handling and may be
useful to allow edition of another partition's files.
nekral-guest [Thu, 11 Mar 2010 22:01:59 +0000 (22:01 +0000)]
* src/userdel.c: Re-indent.
* src/userdel.c: Avoid implicit conversion of pointers to
booleans.
* src/userdel.c: Document the sections closed by #endif
nekral-guest [Thu, 4 Mar 2010 18:11:13 +0000 (18:11 +0000)]
2010-01-30 Paweł Hajdan, Jr. <phajdan.jr@gentoo.org>
* NEWS: Add support for TCB.
* lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to
support TCB.
* lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean
parameter remove_root.
* configure.in: Add conditional WITH_TCB.
* src/userdel.c, src/usermod.c: Add support for TCB. Update call to
remove_tree().
* src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled.
* src/vipw.c: Add support for TCB. Update call to remove_tree().
* src/useradd.c: Add support for TCB. Open the shadow file outside
of open_files().
* src/chage.c: Add support for TCB.
* src/Makefile.am: Install passwd sgid shadow when TCB is enabled.
* lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml,
man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml,
man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak,
man/generate_mans.deps, man/Makefile.am: New configuration
parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB.
* lib/shadowio.c, lib/commonio.c: Add support for TCB.
nekral-guest [Sun, 24 Jan 2010 17:13:40 +0000 (17:13 +0000)]
* src/su.c: Do not sanitize the environment. This breaks
--preserve-environment. This sanitation was disabled on Debian
since quite some time with no reported issues, and sanitize_env()
documentation agrees that it should be useless as all modern
Unixes will handle setuid executables properly. This Fixes
Alioth#312287.