* src/chpasswd.c: Add annotations to indicate that usage() does
not return.
* src/chpasswd.c: Reindent.
* src/chpasswd.c: Remove dead code. No need to set crypt_method
to NULL when it is already NULL. sflg is only set if crypt_method
is not NULL.
* src/faillog.c: Add annotations to indicate that usage() does not
return.
* src/faillog.c: Fix message: this is faillog, not lastlog.
* src/faillog.c: Check that there are no extra arguments after
parsing the options.
* src/chgpasswd.c: Add annotations to indicate that usage() does
not return.
* src/chgpasswd.c: Split usage in smaller parts. Those parts are
already translated for chpasswd. Usage is now closer to
chpasswd's.
* src/chgpasswd.c: Remove dead code. No need to set crypt_method
to NULL when it is already NULL. sflg is only set if crypt_method
is not NULL.
* src/grpck.c: Added comments.
* src/grpck.c: Avoid implicit conversion of pointer to boolean.
* src/grpck.c: Remove dead code. argc cannot be lower than optind.
Avoid checking twice in a row for NULL != list[i].
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of
invalid configuration.
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated
comments.
* libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict
on the loop stop conditions. Stop if we passed the limit, even if
the limit itself was never noticed.
* NEWS, lib/commonio.h, lib/commonio.c: Additional messages to
indicate why locking failed.
* NEWS, lib/commonio.c: Fix the sort algorithm in case of NIS. NIS
entries were dropped.
* lib/commonio.c: NIS entries can start by '+' or '-'.
* NEWS, src/groupmod.c: When the gshadow file exists but there are
no gshadow entries, an entry is created if the password is changed
and group requires a shadow entry.
* man/usermod.8.xml: Document behavior of an empty EXPIRE_DATE.
* man/usermod.8.xml: Document that the mail spool might have to be
renamed (as for the homedir)
* NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file
exists but there are no shadow entries, an entry has to be created
if the password is changed and passwd requires a shadow entry, or
if aging features are used (-e or -f). Document this and also that
-e and -f require a shadow file.
* src/usermod.c (process_flags): Report usage if no options are
provided. Update the error message.
* src/usermod.c (process_flags): Check option compatibility and
dependency before options are discarded when no changes are
requested.
* src/usermod.c (move_home): It is always an error to use -m if
the new home directory already exist (independently from the
existence of the old home directory did not exist)
* src/groupmod.c: Avoid implicit conversion of pointer to boolean.
* src/groupmod.c: osgrp can be set only if pflg || nflg. No need
to check for pflg || nflg again
* lib/fields.c: Fixed typo from 2010-02-15. field insteadof cp
ought to be checked.
* src/vipw.c: Use Prog instead of progname. This is needed since
Prog is used in the library.
nekral-guest [Thu, 16 Jun 2011 21:21:29 +0000 (21:21 +0000)]
* src/su.c: environ is provided by <unistd.h>.
* src/su.c: Added function prototypes.
* src/su.c: Rename shellstr parameter to shellname to avoid
collision with static variable.
* NEWS, src/su.c: Added support for PAM modules which change
PAM_USER.
nekral-guest [Mon, 13 Jun 2011 18:27:34 +0000 (18:27 +0000)]
* src/su.c (prepare_pam_close_session): Extract the creation of a
child and listening for signal in the parent from run_shell().
prepare_pam_close_session() is now executed before the creation of
the pam session and before the UID is changed. This allows to
close the session as root.
nekral-guest [Mon, 13 Jun 2011 18:26:26 +0000 (18:26 +0000)]
* lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not
use the pwent global variable to communicate between APIs of
different files. Added boolean parameter su_to_root to
check_su_auth().
* src/su.c (check_perms): Return the passwd entry of the finally
authenticated user. Remove usage of the pwent variable.
* src/su.c: The password of the caller is the one from the
spwd structure only if the passwd's password is 'x'.
nekral-guest [Mon, 13 Jun 2011 18:26:10 +0000 (18:26 +0000)]
* src/su.c: Define shellstr before the environment so that
restricted_shell is called only once. This will allow moving the
environment definition after the switch to the new user.
nekral-guest [Mon, 13 Jun 2011 18:25:57 +0000 (18:25 +0000)]
* src/su.c: Move definition of change_environment and shellstr
after the switch to the final subsystem. The previous architecture
forced to always change the environment (the shell starts with a
'*' and was thus restricted, and change_environment could not be
reset to false).
nekral-guest [Mon, 13 Jun 2011 18:25:45 +0000 (18:25 +0000)]
* src/su.c: Group some of the environment processing blocks. The
definition of shellstr, PATH and IFS is not influenced (getenv,
getdef, restricted_shell) by and does not influence (addenv does
not change environ) the authentication. And the authentication
does not overwrite those definitions. This will ease an extraction
from the big main() function.
nekral-guest [Sun, 5 Jun 2011 14:41:15 +0000 (14:41 +0000)]
* NEWS, src/su.c: Do not forward the controlling terminal to
commands executed with -c. This prevents tty hijacking which could
lead to execution with the caller's privileges. This required to
forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to
the executed command.
nekral-guest [Sat, 4 Jun 2011 22:38:57 +0000 (22:38 +0000)]
* NEWS, src/userdel.c: Check the existence of the user's mail
spool before trying to remove it. If it does not exist, a warning
is issued, but no failure.
nekral-guest [Fri, 3 Jun 2011 21:07:58 +0000 (21:07 +0000)]
* man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN
Makefile.
* man/Makefile.am: Build zh_CN pages.
* man/generate_translations.mak: Add config.xml to CLEANFILES.
* man/po/zh_CN.po: limits, groups, faillog, expiry should not be
translated (command name, file name), also this broke the build
system as they are used to derive manpage names.
nekral-guest [Fri, 3 Jun 2011 21:06:23 +0000 (21:06 +0000)]
* man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN
Makefile.
* man/Makefile.am: Build zh_CN pages.
* man/generate_translations.mak: Add config.xml to CLEANFILES.
* man/po/zh_CN.po: limits, groups, faillog, expiry should not be
translated (command name, file name), also this broke the build
system as they are used to derive manpage names.
nekral-guest [Wed, 16 Feb 2011 20:46:27 +0000 (20:46 +0000)]
* libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in
user_busy() rather than in src/userdel.c or src/usermod.c to
provide more accurate failure cause (user is logged in or user
still executes processes).
nekral-guest [Wed, 16 Feb 2011 20:32:16 +0000 (20:32 +0000)]
* lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check
entry validity before commits to databases.
* libmisc/fields.c, libmisc/Makefile.am, lib/fields.c,
lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to
lib.
nekral-guest [Sat, 12 Feb 2011 14:57:37 +0000 (14:57 +0000)]
* autogen.sh: Restore original autoreconf (see 2010-08-29's change
for autogen.sh)
* configure.in, man/po/Makefile.in.in, man/po/Makefile.in:
Makefile.in.in replaced by Makefile.in to avoid config.status
issues when there are multiple po directories.
* man/po/LINGUAS: Adapted to above change.
* man/po/POTFILES.in, man/po/XMLFILES: POTFILES.in replaced by
XMLFILES.
* man/Makefile.am: generate_mans.deps shall be included by make,
not automake.
nekral-guest [Fri, 19 Nov 2010 21:54:41 +0000 (21:54 +0000)]
* NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login
to hang when CONSOLE was configured with a colon separated list of
TTYs. See http://bugs.gentoo.org/show_bug.cgi?id=324419
Integrate review comments from Julien Cristau
* libmisc/copydir.c: Missing parenthesis in comment.
* libmisc/chowndir.c: Fixed memory leak on failed realloc().
* libmisc/chowndir.c: Make sure the buffer for the path is large
enough.
* libmisc/remove_tree.c: Remove check for NULL before free().
nekral-guest [Sat, 28 Aug 2010 19:58:00 +0000 (19:58 +0000)]
* lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
selinux_file_context renamed set_selinux_file_context.
* lib/protoypes.h, libmisc/copydir.c, src/useradd.c:
Added reset_selinux_file_context.
* src/useradd.c: Check the return value of
set_selinux_file_context and reset_selinux_file_context.
* libmisc/copydir.c: Check the return value of
reset_selinux_file_context.
nekral-guest [Sat, 28 Aug 2010 19:55:31 +0000 (19:55 +0000)]
* src/su.c: Fix handling of environment variables when
the environment is not changed. In particular, this makes su
behave as documented regarding PATH and IFS (i.e. they are reset)
when -p is provided.