nekral-guest [Sun, 17 Feb 2008 15:29:41 +0000 (15:29 +0000)]
Change the default HOME directory in /etc/default/useradd according FHS
(/home instead of /home/users). This fixes Alioth's bug #310559.
Thanks to Dale E. Edmons.
nekral-guest [Thu, 14 Feb 2008 18:35:51 +0000 (18:35 +0000)]
Use the correct AUDIT_CHGRP_ID event instead of
AUDIT_USER_START, when changing the user space group ID with
newgrp or sg. Thanks to sgrubb@redhat.com for the patch.
nekral-guest [Sun, 10 Feb 2008 20:25:39 +0000 (20:25 +0000)]
Fix the handling of -a when a user is being renamed (with -l). The new
name of the user was used for the new supplementary groups, but not in the
existing ones.
nekral-guest [Sun, 3 Feb 2008 18:51:11 +0000 (18:51 +0000)]
TODO cleanup
- newusers: i = 100; not a nice initial value, use login.defs
This is done. newusers now uses (UID|GID)_(MIN|MAX)
- remove the entries regarding outdated translation of documentation.
The manpages translation should use the PO.
- the manpages should mention when the options were added.
This should help user to choose option for portable scripts
nekral-guest [Sun, 3 Feb 2008 17:53:21 +0000 (17:53 +0000)]
Switch to the C locale before sending messages to syslog. The messages
sent by shadow were not translated, but error messages from PAM returned
by pam_strerror() were translated in the users's locale.
nekral-guest [Sun, 3 Feb 2008 17:45:58 +0000 (17:45 +0000)]
* NEWS: newusers will behave more like useradd.
* src/newusers.c: The user's ID must be found before the group ID
to mimic useradd's behavior choices of UID and GID.
* src/newusers.c: Reuse the generic find_new_uid() and
find_new_gid() functions. This permits to respect the
UID_MIN/UID_MAX and GID_MIN/GID_MAX variables, should
* src/newusers.c: Check if the user or group exist using the
external databases (with the libc getpwnam/getgrnam functions).
Refuse to update an user which exist in an external database but
does not exist in the local database.
* src/newusers.c: Check the usernames and groupnames with
check_user_name() and check_group_name()
* src/newusers.c: Use isdigit() for readability.
* src/newusers.c: Check if numerical IDs are valid (no remaining
chars).
* NEWS, src/newusers.c: Fix the support for the NONE crypt method.
* src/newusers.c: Fix shadow group support (the list of admins was
not defined; it is now set to an empty list).
nekral-guest [Sun, 3 Feb 2008 17:23:58 +0000 (17:23 +0000)]
Do not seed the random number generator each time, and use the time in
microseconds to avoid having the same salt for different passwords
generated in the same second. This permits to avoid using the same salt
for different passwords in newusers.
nekral-guest [Sun, 3 Feb 2008 16:53:07 +0000 (16:53 +0000)]
Add new generic functions to find the next user or group ID available:
find_new_uid() and find_new_gid(). They work the same way as the functions
with the same name of useradd or groupadd, except that they check in the
local database to make sure an ID was not reserved in an uncommitted
change (this is needed to be used in newusers), they report a status
instead of calling exit(), and they can receive a preferred ID. They
should later support system IDs. This should be a little bit slower, but
not too much (if the database is not open the checks against the local
database will exit immediately, and if it is already open, all the checks
will be done regarding the data in memory).
nekral-guest [Sun, 3 Feb 2008 16:28:03 +0000 (16:28 +0000)]
* libmisc/age.c, libmisc/yesno.c, src/lastlog.c, src/grpck.c,
src/chfn.c, src/passwd.c, src/chage.c, src/login.c, src/sulogin.c,
src/chsh.c: Fix call to puts (remove end of line, or use fputs).
* po/*.po: Unfuzzy PO files according to above change.
nekral-guest [Sat, 26 Jan 2008 17:41:20 +0000 (17:41 +0000)]
Fix build failures with --disable-shadowgrp. Thanks to Jürgen
Daubert for the patch.
* libmisc/salt.c: Include <stdio.h>, needed for stderr and printf
functions.
* lib/encrypt.c: Include <stdio.h>, needed for perror, stderr and
printf functions
* src/usermod.c: sgr_locked exists only if SHADOWGRP is defined.
* src/chgpasswd.c: Only check is the gshadow file exists if
SHADOWGRP is defined.
nekral-guest [Wed, 23 Jan 2008 21:50:27 +0000 (21:50 +0000)]
Check that the new fields set with -u, -s, -l, -g, -f, -e, -d, and -c
differ from the old ones. If a requested new value is equal to the old
one, no changes will be performed for that field. If no fields are
changed, usermod will exist successfully with a warning. This avoids
logging changes to syslog when there are actually no changes.
nekral-guest [Wed, 23 Jan 2008 21:19:08 +0000 (21:19 +0000)]
Always define user_newcomment, user_newshell, user_newexpire, and
user_newinactive. It is more simple to always have user_<x> as the old
field, and user_new<x> as the new field (even if the field did not change)
instead of changing the algorithm depending on WITH_AUDIT.
nekral-guest [Tue, 22 Jan 2008 21:42:48 +0000 (21:42 +0000)]
* man/grpck.8.xml: Conditionally include the parts mentioning the
gshadow file (based on SHADOWGRP).
* man/grpck.8.xml: Add reference to the gshadow(5) manpage
(conditionally included).
nekral-guest [Tue, 22 Jan 2008 21:13:43 +0000 (21:13 +0000)]
Indicate that the shadow parameter is optional (i.e. a passwd file can be
specified without a shadow file, and the group file can be specified
without the gshadow file).
nekral-guest [Mon, 21 Jan 2008 23:33:43 +0000 (23:33 +0000)]
* NEWS, src/newgrp.c: Fix segfault when an user returns to an
unknown GID (either the user was deleted during the user's newgrp
session or the user's passwd entry referenced an invalid group).
Add a syslog warning in that case.
* src/newgrp.c: Add an end of line when reporting an invalid
password.
nekral-guest [Sat, 12 Jan 2008 21:09:46 +0000 (21:09 +0000)]
* NEWS, src/useradd.c: Fix the handling of the --defaults option
(it required an argument, but should behave as -D)
* NEWS, man/useradd.8.xml: Document the --defaults option, which
was already described in the useradd's Usage information.
nekral-guest [Sun, 6 Jan 2008 14:50:26 +0000 (14:50 +0000)]
* libmisc/salt.c: Add prototype for l64a(), gensalt(),
SHA_salt_size(), and SHA_salt_rounds().
* libmisc/salt.c: l64a() and gensalt() are static.
* libmisc/salt.c: The `meth' parameter of crypt_make_salt() is a
const. (ditto for the method variable).
* libmisc/salt.c: SHA_salt_rounds returns a const string.
* libmisc/salt.c: Avoid warnings with cast of random() to double.
* libmisc/salt.c: Replace rand() by random().
nekral-guest [Sun, 6 Jan 2008 14:19:32 +0000 (14:19 +0000)]
* lib/Makefile.am: Do not link libshadow.la with the intl, crypt,
skey and md libraries...
* src/Makefile.am: ...Specify for each binary which library is
required. skey and md are required for the binaries with
authentication of the user (chfn, chsh, login, passwd, su). intl
is required for all. mcrypt is required for user (chfn, chsh,
login, passwd, su, sulogin) and group (newgrp, gpasswd)
authentication and for the creation of passwords (chpasswd,
chgpasswd, gpasswd, newusers, passwd).
nekral-guest [Sun, 6 Jan 2008 13:57:17 +0000 (13:57 +0000)]
* lib/nscd.c, lib/nscd.h: Set the service parameter of
nscd_flush_cache() to const. This avoids a lot of warnings.
* lib/nscd.c: Include "nscd.h" to avoid inconsistent prototypes.
nekral-guest [Sun, 6 Jan 2008 13:20:25 +0000 (13:20 +0000)]
* libmisc/obscure.c: Tag the `old' parameter of palindrome(),
similar(), and simple() as unused.
* libmisc/loginprompt.c: Tag the `sig' parameter of login_exit()
as unused.
* src/expiry.c: Tag the `sig' parameter of catch_signals() as
unused.
* src/su.c: Tag the `sig' parameter of catch_signals() as unused.
* src/su.c: Add int parameter to the prototype of oldsig().
* src/login.c: Tag the `sig' parameter of alarm_handler() as
unused.
* src/sulogin.c: Tag the `sig' parameter of catch_signals() as
unused.
* libmisc/getdate.y: Tag the `string' parameter of yyerror() as
unused.
* libmisc/getdate.y: The string provided to yyerror() is const.
* libmisc/getdate.y: Fix the prototypes of yylex() and yyerror().
nekral-guest [Sun, 6 Jan 2008 13:12:09 +0000 (13:12 +0000)]
* Remove teh macro definition of SETXXENT_TYPE,
SETXXENT_RET, and SETXXENT_TEST. They were used by the now
removed pwent.c and grent.c.
* Remove the definition of PASSWD_PAG_FILE,
GROUP_PAG_FILE, SHADOW_PAG_FILE, and SGROUP_PAG_FILE. They are
never used.
* Don't include "snprintf.h". The file does not
exist in shadow.
* Add new macro unused to tag unused parameters.
nekral-guest [Sun, 6 Jan 2008 12:50:22 +0000 (12:50 +0000)]
Remove the pw_name argument of new_pw_passwd. Use the user_newname global
variable instead. This avoid using a parameter with the same name as a function.
nekral-guest [Sun, 6 Jan 2008 12:07:42 +0000 (12:07 +0000)]
* src/login_nopam.c: Use an ANSI prototype for resolve_hostname()
instead of K&R prototype.
* src/login_nopam.c: Fix the prototypes of list_match(),
user_match(), from_match(), string_match(). There were no
parameters in the prototypes.
* src/login_nopam.c: Fix the prototypes of the function parameter
match_fn of list_match().
nekral-guest [Sun, 6 Jan 2008 11:59:01 +0000 (11:59 +0000)]
* libmisc/console.c, libmisc/ulimit.c, lib/sgetgrent.c,
lib/sgetpwent.c: Include "prototypes.h" to make
sure the exported prototypes are the ones used for the definition
of functions.
* lib/prototypes.h: Added prototypes for __gr_del_entry(),
__gr_get_db(), __gr_get_head(), __gr_set_changed(), __gr_dup(),
__pw_del_entry(), __pw_get_db(), __pw_get_head(), __pw_dup(),
sgetgrent(), sgetpwent(), __sgr_del_entry(), __sgr_dup(),
__sgr_get_head(), __sgr_set_changed(), __spw_get_head(),
__spw_del_entry(), __spw_dup().
* lib/prototypes.h: Removed prototype for is_listed().
* lib/prototypes.h: Added name of the check_su_auth()'s parameters.
* lib/groupio.h: Removed prototypes for __gr_dup() and
__gr_set_changed().
* lib/sgroupio.c: Removed prototypes for putsgent(), sgetsgent(),
and __gr_get_db().
* lib/sgroupio.h: Removed prototypes for __sgr_dup() and
__sgr_set_changed().
* lib/shadowio.c: Removed prototype for __pw_get_db().
* lib/pwio.c: Removed prototype for sgetpwent() and putpwent().
* lib/shadowio.h: Removed prototypes for __spw_dup() and
__spw_set_changed().
* lib/pwio.h: Removed prototypes for __pw_dup() and
__pw_set_changed().
* lib/commonio.h: Add protection against multiple inclusions.
* lib/prototypes.h: Include commonio.h (needed for the
__xx_del_entry() functions).
nekral-guest [Sat, 5 Jan 2008 16:44:28 +0000 (16:44 +0000)]
* lib/prototypes.h: Add the dolastlog() prototype.
* lib/prototypes.h: Typo: login.c -> loginprompt.c
* src/login.c: Remove declaration of dolastlog().
* libmisc/log.c: dolastlog() should not have been changed to static.
Include prototypes.h instead.
nekral-guest [Sat, 5 Jan 2008 16:33:43 +0000 (16:33 +0000)]
* libmisc/pwdcheck.c: Do not include <pwd.h>. Include <shadow.h>
and "pwauth.h" only when compiled without PAM support.
* src/chfn.c, src/chsh.c: Do not include <shadow.h>
* lib/commonio.c: Do not include <shadow.h>. Do not include
<pwd.h>. Include "nscd.h" instead of <nscd.h>.
* configure.in: Do not check if shadow.h exist, but make sure it
exists.
* libmisc/pwdcheck.c, src/chfn.c, src/chsh.c, lib/defines.h,
lib/shadowmem.c, lib/shadowio.c, lib/commonio.c:
HAVE_SHADOW_H is no more needed (shadow.h should always exist).
nekral-guest [Sat, 5 Jan 2008 13:58:56 +0000 (13:58 +0000)]
Changelog entry forgotten in previous src/gshadow.c commit:
* list() is an external function. DO not shadow it
with a static function. The internal list() was renamed
build_list().
nekral-guest [Sat, 5 Jan 2008 13:37:32 +0000 (13:37 +0000)]
* libmisc/pam_pass.c: Define do_pam_passwd() as static and add its prototype.
* libmisc/log.c: Define dolastlog() as static and add its prototype.
* src/chage.c: Define isnum() as static and add its prototype.