diff options
author | Christian Perrier <bubulle@debian.org> | 2014-03-01 19:59:36 +0100 |
---|---|---|
committer | Christian Perrier <bubulle@debian.org> | 2014-03-01 19:59:36 +0100 |
commit | 65b471a2f27acb2f3ce378106eb8aeba8b496557 (patch) | |
tree | 29941e07f9b1d7c9a44a08b65782505eb6ef58a5 /src | |
parent | db1dc7288b64873f4f39e8404fd99c1bf55c7a8b (diff) | |
download | shadow-65b471a2f27acb2f3ce378106eb8aeba8b496557.tar.gz |
Imported Upstream version 4.2upstream/4.2
Diffstat (limited to 'src')
-rw-r--r-- | src/.gitignore | 35 | ||||
-rw-r--r-- | src/Makefile.am | 7 | ||||
-rw-r--r-- | src/Makefile.in | 1099 | ||||
-rw-r--r-- | src/chage.c | 2 | ||||
-rw-r--r-- | src/chfn.c | 2 | ||||
-rw-r--r-- | src/chgpasswd.c | 13 | ||||
-rw-r--r-- | src/chpasswd.c | 13 | ||||
-rw-r--r-- | src/chsh.c | 2 | ||||
-rw-r--r-- | src/expiry.c | 2 | ||||
-rw-r--r-- | src/faillog.c | 2 | ||||
-rw-r--r-- | src/gpasswd.c | 12 | ||||
-rw-r--r-- | src/groupadd.c | 2 | ||||
-rw-r--r-- | src/groupdel.c | 2 | ||||
-rw-r--r-- | src/groupmod.c | 2 | ||||
-rw-r--r-- | src/groups.c | 2 | ||||
-rw-r--r-- | src/grpck.c | 2 | ||||
-rw-r--r-- | src/grpconv.c | 2 | ||||
-rw-r--r-- | src/grpunconv.c | 2 | ||||
-rw-r--r-- | src/id.c | 2 | ||||
-rw-r--r-- | src/lastlog.c | 2 | ||||
-rw-r--r-- | src/login.c | 2 | ||||
-rw-r--r-- | src/login_nopam.c | 2 | ||||
-rw-r--r-- | src/logoutd.c | 2 | ||||
-rw-r--r-- | src/newgidmap.c | 183 | ||||
-rw-r--r-- | src/newgrp.c | 12 | ||||
-rw-r--r-- | src/newuidmap.c | 183 | ||||
-rw-r--r-- | src/newusers.c | 193 | ||||
-rw-r--r-- | src/nologin.c | 2 | ||||
-rw-r--r-- | src/passwd.c | 25 | ||||
-rw-r--r-- | src/pwck.c | 2 | ||||
-rw-r--r-- | src/pwconv.c | 2 | ||||
-rw-r--r-- | src/pwunconv.c | 2 | ||||
-rw-r--r-- | src/su.c | 23 | ||||
-rw-r--r-- | src/sulogin.c | 2 | ||||
-rw-r--r-- | src/useradd.c | 164 | ||||
-rw-r--r-- | src/userdel.c | 133 | ||||
-rw-r--r-- | src/usermod.c | 323 | ||||
-rw-r--r-- | src/vipw.c | 41 |
38 files changed, 1326 insertions, 1177 deletions
diff --git a/src/.gitignore b/src/.gitignore new file mode 100644 index 00000000..d5716b98 --- /dev/null +++ b/src/.gitignore @@ -0,0 +1,35 @@ +/chage +/chfn +/chgpasswd +/chpasswd +/chsh +/expiry +/faillog +/gpasswd +/groupadd +/groupdel +/groupmems +/groupmod +/groups +/grpck +/grpconv +/grpunconv +/id +/lastlog +/login +/logoutd +/newgrp +/newgidmap +/newuidmap +/newusers +/nologin +/passwd +/pwck +/pwconv +/pwunconv +/su +/sulogin +/useradd +/userdel +/usermod +/vipw diff --git a/src/Makefile.am b/src/Makefile.am index 88cae993..25e288d3 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -25,6 +25,9 @@ INCLUDES = \ bin_PROGRAMS = groups login su sbin_PROGRAMS = nologin ubin_PROGRAMS = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd +if ENABLE_SUBIDS +ubin_PROGRAMS += newgidmap newuidmap +endif usbin_PROGRAMS = \ chgpasswd \ chpasswd \ @@ -49,7 +52,7 @@ usbin_PROGRAMS = \ noinst_PROGRAMS = id sulogin suidbins = su -suidubins = chage chfn chsh expiry gpasswd newgrp passwd +suidubins = chage chfn chsh expiry gpasswd newgrp passwd newuidmap newgidmap if ACCT_TOOLS_SETUID suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod endif @@ -78,6 +81,8 @@ LIBCRYPT_NOPAM = $(LIBCRYPT) endif chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) +newuidmap_LDADD = $(LDADD) $(LIBSELINUX) +newgidmap_LDADD = $(LDADD) $(LIBSELINUX) chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) diff --git a/src/Makefile.in b/src/Makefile.in deleted file mode 100644 index 3b5387bf..00000000 --- a/src/Makefile.in +++ /dev/null @@ -1,1099 +0,0 @@ -# Makefile.in generated by automake 1.11.5 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software -# Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -VPATH = @srcdir@ -am__make_dryrun = \ - { \ - am__dry=no; \ - case $$MAKEFLAGS in \ - *\\[\ \ ]*) \ - echo 'am--echo: ; @echo "AM" OK' | $(MAKE) -f - 2>/dev/null \ - | grep '^AM OK$$' >/dev/null || am__dry=yes;; \ - *) \ - for am__flg in $$MAKEFLAGS; do \ - case $$am__flg in \ - *=*|--*) ;; \ - *n*) am__dry=yes; break;; \ - esac; \ - done;; \ - esac; \ - test $$am__dry = yes; \ - } -pkgdatadir = $(datadir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkglibexecdir = $(libexecdir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -bin_PROGRAMS = groups$(EXEEXT) login$(EXEEXT) su$(EXEEXT) -sbin_PROGRAMS = nologin$(EXEEXT) -ubin_PROGRAMS = faillog$(EXEEXT) lastlog$(EXEEXT) chage$(EXEEXT) \ - chfn$(EXEEXT) chsh$(EXEEXT) expiry$(EXEEXT) gpasswd$(EXEEXT) \ - newgrp$(EXEEXT) passwd$(EXEEXT) -usbin_PROGRAMS = chgpasswd$(EXEEXT) chpasswd$(EXEEXT) \ - groupadd$(EXEEXT) groupdel$(EXEEXT) groupmems$(EXEEXT) \ - groupmod$(EXEEXT) grpck$(EXEEXT) grpconv$(EXEEXT) \ - grpunconv$(EXEEXT) logoutd$(EXEEXT) newusers$(EXEEXT) \ - pwck$(EXEEXT) pwconv$(EXEEXT) pwunconv$(EXEEXT) \ - useradd$(EXEEXT) userdel$(EXEEXT) usermod$(EXEEXT) \ - vipw$(EXEEXT) -noinst_PROGRAMS = id$(EXEEXT) sulogin$(EXEEXT) -subdir = src -DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(install_sh) -d -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -CONFIG_CLEAN_VPATH_FILES = -am__installdirs = "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" \ - "$(DESTDIR)$(ubindir)" "$(DESTDIR)$(usbindir)" -PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) $(sbin_PROGRAMS) \ - $(ubin_PROGRAMS) $(usbin_PROGRAMS) -chage_SOURCES = chage.c -chage_OBJECTS = chage.$(OBJEXT) -am__DEPENDENCIES_1 = -am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -@ACCT_TOOLS_SETUID_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1) -chage_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -chfn_SOURCES = chfn.c -chfn_OBJECTS = chfn.$(OBJEXT) -@USE_PAM_FALSE@am__DEPENDENCIES_4 = $(am__DEPENDENCIES_1) -chfn_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -chgpasswd_SOURCES = chgpasswd.c -chgpasswd_OBJECTS = chgpasswd.$(OBJEXT) -chgpasswd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -chpasswd_SOURCES = chpasswd.c -chpasswd_OBJECTS = chpasswd.$(OBJEXT) -chpasswd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -chsh_SOURCES = chsh.c -chsh_OBJECTS = chsh.$(OBJEXT) -chsh_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -expiry_SOURCES = expiry.c -expiry_OBJECTS = expiry.$(OBJEXT) -expiry_LDADD = $(LDADD) -expiry_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -faillog_SOURCES = faillog.c -faillog_OBJECTS = faillog.$(OBJEXT) -faillog_LDADD = $(LDADD) -faillog_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -gpasswd_SOURCES = gpasswd.c -gpasswd_OBJECTS = gpasswd.$(OBJEXT) -gpasswd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groupadd_SOURCES = groupadd.c -groupadd_OBJECTS = groupadd.$(OBJEXT) -groupadd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groupdel_SOURCES = groupdel.c -groupdel_OBJECTS = groupdel.$(OBJEXT) -groupdel_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groupmems_SOURCES = groupmems.c -groupmems_OBJECTS = groupmems.$(OBJEXT) -groupmems_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -groupmod_SOURCES = groupmod.c -groupmod_OBJECTS = groupmod.$(OBJEXT) -groupmod_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -groups_SOURCES = groups.c -groups_OBJECTS = groups.$(OBJEXT) -groups_LDADD = $(LDADD) -groups_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -grpck_SOURCES = grpck.c -grpck_OBJECTS = grpck.$(OBJEXT) -grpck_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -grpconv_SOURCES = grpconv.c -grpconv_OBJECTS = grpconv.$(OBJEXT) -grpconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -grpunconv_SOURCES = grpunconv.c -grpunconv_OBJECTS = grpunconv.$(OBJEXT) -grpunconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -id_SOURCES = id.c -id_OBJECTS = id.$(OBJEXT) -id_LDADD = $(LDADD) -id_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -lastlog_SOURCES = lastlog.c -lastlog_OBJECTS = lastlog.$(OBJEXT) -lastlog_LDADD = $(LDADD) -lastlog_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -am_login_OBJECTS = login.$(OBJEXT) login_nopam.$(OBJEXT) -login_OBJECTS = $(am_login_OBJECTS) -login_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -logoutd_SOURCES = logoutd.c -logoutd_OBJECTS = logoutd.$(OBJEXT) -logoutd_LDADD = $(LDADD) -logoutd_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la -newgrp_SOURCES = newgrp.c -newgrp_OBJECTS = newgrp.$(OBJEXT) -newgrp_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -newusers_SOURCES = newusers.c -newusers_OBJECTS = newusers.$(OBJEXT) -newusers_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) -nologin_SOURCES = nologin.c -nologin_OBJECTS = nologin.$(OBJEXT) -nologin_DEPENDENCIES = -passwd_SOURCES = passwd.c -passwd_OBJECTS = passwd.$(OBJEXT) -passwd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_4) -pwck_SOURCES = pwck.c -pwck_OBJECTS = pwck.$(OBJEXT) -pwck_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -pwconv_SOURCES = pwconv.c -pwconv_OBJECTS = pwconv.$(OBJEXT) -pwconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -pwunconv_SOURCES = pwunconv.c -pwunconv_OBJECTS = pwunconv.$(OBJEXT) -pwunconv_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -am_su_OBJECTS = su.$(OBJEXT) suauth.$(OBJEXT) -su_OBJECTS = $(am_su_OBJECTS) -su_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_4) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -sulogin_SOURCES = sulogin.c -sulogin_OBJECTS = sulogin.$(OBJEXT) -sulogin_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -useradd_SOURCES = useradd.c -useradd_OBJECTS = useradd.$(OBJEXT) -useradd_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -userdel_SOURCES = userdel.c -userdel_OBJECTS = userdel.$(OBJEXT) -userdel_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -usermod_SOURCES = usermod.c -usermod_OBJECTS = usermod.$(OBJEXT) -usermod_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_3) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_1) -vipw_SOURCES = vipw.c -vipw_OBJECTS = vipw.$(OBJEXT) -vipw_DEPENDENCIES = $(am__DEPENDENCIES_2) $(am__DEPENDENCIES_1) -DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -am__mv = mv -f -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = chage.c chfn.c chgpasswd.c chpasswd.c chsh.c expiry.c \ - faillog.c gpasswd.c groupadd.c groupdel.c groupmems.c \ - groupmod.c groups.c grpck.c grpconv.c grpunconv.c id.c \ - lastlog.c $(login_SOURCES) logoutd.c newgrp.c newusers.c \ - nologin.c passwd.c pwck.c pwconv.c pwunconv.c $(su_SOURCES) \ - sulogin.c useradd.c userdel.c usermod.c vipw.c -DIST_SOURCES = chage.c chfn.c chgpasswd.c chpasswd.c chsh.c expiry.c \ - faillog.c gpasswd.c groupadd.c groupdel.c groupmems.c \ - groupmod.c groups.c grpck.c grpconv.c grpunconv.c id.c \ - lastlog.c $(login_SOURCES) logoutd.c newgrp.c newusers.c \ - nologin.c passwd.c pwck.c pwconv.c pwunconv.c $(su_SOURCES) \ - sulogin.c useradd.c userdel.c usermod.c vipw.c -am__can_run_installinfo = \ - case $$AM_UPDATE_INFO_DIR in \ - n|no|NO) false;; \ - *) (install-info --version) >/dev/null 2>&1;; \ - esac -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -DLLTOOL = @DLLTOOL@ -DSYMUTIL = @DSYMUTIL@ -DUMPBIN = @DUMPBIN@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -FGREP = @FGREP@ -GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -GROUP_NAME_MAX_LENGTH = @GROUP_NAME_MAX_LENGTH@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LD = @LD@ -LDFLAGS = @LDFLAGS@ -LIBACL = @LIBACL@ -LIBATTR = @LIBATTR@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBMD = @LIBMD@ -LIBOBJS = @LIBOBJS@ -LIBPAM = @LIBPAM@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBSEMANAGE = @LIBSEMANAGE@ -LIBSKEY = @LIBSKEY@ -LIBTCB = @LIBTCB@ -LIBTOOL = @LIBTOOL@ -LIPO = @LIPO@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAINT = @MAINT@ -MAKEINFO = @MAKEINFO@ -MANIFEST_TOOL = @MANIFEST_TOOL@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -NM = @NM@ -NMEDIT = @NMEDIT@ -OBJDUMP = @OBJDUMP@ -OBJEXT = @OBJEXT@ -OTOOL = @OTOOL@ -OTOOL64 = @OTOOL64@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_URL = @PACKAGE_URL@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ -XMLCATALOG = @XMLCATALOG@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_AR = @ac_ct_AR@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_build_prefix = @top_build_prefix@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -EXTRA_DIST = \ - .indent.pro - -ubindir = ${prefix}/bin -usbindir = ${prefix}/sbin -suidperms = 4755 -sgidperms = 2755 -INCLUDES = \ - -I${top_srcdir}/lib \ - -I$(top_srcdir)/libmisc - -suidbins = su -suidubins = chage chfn chsh expiry gpasswd newgrp passwd -@WITH_TCB_TRUE@shadowsgidubins = passwd -LDADD = $(INTLLIBS) \ - $(LIBTCB) \ - $(top_builddir)/libmisc/libmisc.a \ - $(top_builddir)/lib/libshadow.la - -AM_CPPFLAGS = -DLOCALEDIR=\"$(datadir)/locale\" -@ACCT_TOOLS_SETUID_FALSE@LIBPAM_SUID = -@ACCT_TOOLS_SETUID_TRUE@LIBPAM_SUID = $(LIBPAM) -@USE_PAM_FALSE@LIBCRYPT_NOPAM = $(LIBCRYPT) -@USE_PAM_TRUE@LIBCRYPT_NOPAM = -chage_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -chfn_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -chgpasswd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBSELINUX) $(LIBCRYPT) -chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) -gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) -groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) -groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) -grpck_LDADD = $(LDADD) $(LIBSELINUX) -grpconv_LDADD = $(LDADD) $(LIBSELINUX) -grpunconv_LDADD = $(LDADD) $(LIBSELINUX) -login_SOURCES = \ - login.c \ - login_nopam.c - -login_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -newgrp_LDADD = $(LDADD) $(LIBAUDIT) $(LIBCRYPT) -newusers_LDADD = $(LDADD) $(LIBPAM) $(LIBSELINUX) $(LIBCRYPT) -nologin_LDADD = -passwd_LDADD = $(LDADD) $(LIBPAM) $(LIBCRACK) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) -pwck_LDADD = $(LDADD) $(LIBSELINUX) -pwconv_LDADD = $(LDADD) $(LIBSELINUX) -pwunconv_LDADD = $(LDADD) $(LIBSELINUX) -su_SOURCES = \ - su.c \ - suauth.c - -su_LDADD = $(LDADD) $(LIBPAM) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) -sulogin_LDADD = $(LDADD) $(LIBCRYPT) -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) -userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) -vipw_LDADD = $(LDADD) $(LIBSELINUX) -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ - && { if test -f $@; then exit 0; else break; fi; }; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/Makefile'; \ - $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --gnu src/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: @MAINTAINER_MODE_TRUE@ $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): @MAINTAINER_MODE_TRUE@ $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(am__aclocal_m4_deps): -install-binPROGRAMS: $(bin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p || test -f $$p1; \ - then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-binPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(bindir)" && rm -f $$files - -clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list - -clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -install-sbinPROGRAMS: $(sbin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(sbindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(sbindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p || test -f $$p1; \ - then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(sbindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-sbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(sbin_PROGRAMS)'; test -n "$(sbindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(sbindir)" && rm -f $$files - -clean-sbinPROGRAMS: - @list='$(sbin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -install-ubinPROGRAMS: $(ubin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(ubin_PROGRAMS)'; test -n "$(ubindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(ubindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(ubindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p || test -f $$p1; \ - then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(ubindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(ubindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-ubinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(ubin_PROGRAMS)'; test -n "$(ubindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(ubindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(ubindir)" && rm -f $$files - -clean-ubinPROGRAMS: - @list='$(ubin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -install-usbinPROGRAMS: $(usbin_PROGRAMS) - @$(NORMAL_INSTALL) - @list='$(usbin_PROGRAMS)'; test -n "$(usbindir)" || list=; \ - if test -n "$$list"; then \ - echo " $(MKDIR_P) '$(DESTDIR)$(usbindir)'"; \ - $(MKDIR_P) "$(DESTDIR)$(usbindir)" || exit 1; \ - fi; \ - for p in $$list; do echo "$$p $$p"; done | \ - sed 's/$(EXEEXT)$$//' | \ - while read p p1; do if test -f $$p || test -f $$p1; \ - then echo "$$p"; echo "$$p"; else :; fi; \ - done | \ - sed -e 'p;s,.*/,,;n;h' -e 's|.*|.|' \ - -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ - sed 'N;N;N;s,\n, ,g' | \ - $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ - { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ - if ($$2 == $$4) files[d] = files[d] " " $$1; \ - else { print "f", $$3 "/" $$4, $$1; } } \ - END { for (d in files) print "f", d, files[d] }' | \ - while read type dir files; do \ - if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ - test -z "$$files" || { \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(usbindir)$$dir'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(usbindir)$$dir" || exit $$?; \ - } \ - ; done - -uninstall-usbinPROGRAMS: - @$(NORMAL_UNINSTALL) - @list='$(usbin_PROGRAMS)'; test -n "$(usbindir)" || list=; \ - files=`for p in $$list; do echo "$$p"; done | \ - sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ - -e 's/$$/$(EXEEXT)/' `; \ - test -n "$$list" || exit 0; \ - echo " ( cd '$(DESTDIR)$(usbindir)' && rm -f" $$files ")"; \ - cd "$(DESTDIR)$(usbindir)" && rm -f $$files - -clean-usbinPROGRAMS: - @list='$(usbin_PROGRAMS)'; test -n "$$list" || exit 0; \ - echo " rm -f" $$list; \ - rm -f $$list || exit $$?; \ - test -n "$(EXEEXT)" || exit 0; \ - list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f" $$list; \ - rm -f $$list -chage$(EXEEXT): $(chage_OBJECTS) $(chage_DEPENDENCIES) $(EXTRA_chage_DEPENDENCIES) - @rm -f chage$(EXEEXT) - $(LINK) $(chage_OBJECTS) $(chage_LDADD) $(LIBS) -chfn$(EXEEXT): $(chfn_OBJECTS) $(chfn_DEPENDENCIES) $(EXTRA_chfn_DEPENDENCIES) - @rm -f chfn$(EXEEXT) - $(LINK) $(chfn_OBJECTS) $(chfn_LDADD) $(LIBS) -chgpasswd$(EXEEXT): $(chgpasswd_OBJECTS) $(chgpasswd_DEPENDENCIES) $(EXTRA_chgpasswd_DEPENDENCIES) - @rm -f chgpasswd$(EXEEXT) - $(LINK) $(chgpasswd_OBJECTS) $(chgpasswd_LDADD) $(LIBS) -chpasswd$(EXEEXT): $(chpasswd_OBJECTS) $(chpasswd_DEPENDENCIES) $(EXTRA_chpasswd_DEPENDENCIES) - @rm -f chpasswd$(EXEEXT) - $(LINK) $(chpasswd_OBJECTS) $(chpasswd_LDADD) $(LIBS) -chsh$(EXEEXT): $(chsh_OBJECTS) $(chsh_DEPENDENCIES) $(EXTRA_chsh_DEPENDENCIES) - @rm -f chsh$(EXEEXT) - $(LINK) $(chsh_OBJECTS) $(chsh_LDADD) $(LIBS) -expiry$(EXEEXT): $(expiry_OBJECTS) $(expiry_DEPENDENCIES) $(EXTRA_expiry_DEPENDENCIES) - @rm -f expiry$(EXEEXT) - $(LINK) $(expiry_OBJECTS) $(expiry_LDADD) $(LIBS) -faillog$(EXEEXT): $(faillog_OBJECTS) $(faillog_DEPENDENCIES) $(EXTRA_faillog_DEPENDENCIES) - @rm -f faillog$(EXEEXT) - $(LINK) $(faillog_OBJECTS) $(faillog_LDADD) $(LIBS) -gpasswd$(EXEEXT): $(gpasswd_OBJECTS) $(gpasswd_DEPENDENCIES) $(EXTRA_gpasswd_DEPENDENCIES) - @rm -f gpasswd$(EXEEXT) - $(LINK) $(gpasswd_OBJECTS) $(gpasswd_LDADD) $(LIBS) -groupadd$(EXEEXT): $(groupadd_OBJECTS) $(groupadd_DEPENDENCIES) $(EXTRA_groupadd_DEPENDENCIES) - @rm -f groupadd$(EXEEXT) - $(LINK) $(groupadd_OBJECTS) $(groupadd_LDADD) $(LIBS) -groupdel$(EXEEXT): $(groupdel_OBJECTS) $(groupdel_DEPENDENCIES) $(EXTRA_groupdel_DEPENDENCIES) - @rm -f groupdel$(EXEEXT) - $(LINK) $(groupdel_OBJECTS) $(groupdel_LDADD) $(LIBS) -groupmems$(EXEEXT): $(groupmems_OBJECTS) $(groupmems_DEPENDENCIES) $(EXTRA_groupmems_DEPENDENCIES) - @rm -f groupmems$(EXEEXT) - $(LINK) $(groupmems_OBJECTS) $(groupmems_LDADD) $(LIBS) -groupmod$(EXEEXT): $(groupmod_OBJECTS) $(groupmod_DEPENDENCIES) $(EXTRA_groupmod_DEPENDENCIES) - @rm -f groupmod$(EXEEXT) - $(LINK) $(groupmod_OBJECTS) $(groupmod_LDADD) $(LIBS) -groups$(EXEEXT): $(groups_OBJECTS) $(groups_DEPENDENCIES) $(EXTRA_groups_DEPENDENCIES) - @rm -f groups$(EXEEXT) - $(LINK) $(groups_OBJECTS) $(groups_LDADD) $(LIBS) -grpck$(EXEEXT): $(grpck_OBJECTS) $(grpck_DEPENDENCIES) $(EXTRA_grpck_DEPENDENCIES) - @rm -f grpck$(EXEEXT) - $(LINK) $(grpck_OBJECTS) $(grpck_LDADD) $(LIBS) -grpconv$(EXEEXT): $(grpconv_OBJECTS) $(grpconv_DEPENDENCIES) $(EXTRA_grpconv_DEPENDENCIES) - @rm -f grpconv$(EXEEXT) - $(LINK) $(grpconv_OBJECTS) $(grpconv_LDADD) $(LIBS) -grpunconv$(EXEEXT): $(grpunconv_OBJECTS) $(grpunconv_DEPENDENCIES) $(EXTRA_grpunconv_DEPENDENCIES) - @rm -f grpunconv$(EXEEXT) - $(LINK) $(grpunconv_OBJECTS) $(grpunconv_LDADD) $(LIBS) -id$(EXEEXT): $(id_OBJECTS) $(id_DEPENDENCIES) $(EXTRA_id_DEPENDENCIES) - @rm -f id$(EXEEXT) - $(LINK) $(id_OBJECTS) $(id_LDADD) $(LIBS) -lastlog$(EXEEXT): $(lastlog_OBJECTS) $(lastlog_DEPENDENCIES) $(EXTRA_lastlog_DEPENDENCIES) - @rm -f lastlog$(EXEEXT) - $(LINK) $(lastlog_OBJECTS) $(lastlog_LDADD) $(LIBS) -login$(EXEEXT): $(login_OBJECTS) $(login_DEPENDENCIES) $(EXTRA_login_DEPENDENCIES) - @rm -f login$(EXEEXT) - $(LINK) $(login_OBJECTS) $(login_LDADD) $(LIBS) -logoutd$(EXEEXT): $(logoutd_OBJECTS) $(logoutd_DEPENDENCIES) $(EXTRA_logoutd_DEPENDENCIES) - @rm -f logoutd$(EXEEXT) - $(LINK) $(logoutd_OBJECTS) $(logoutd_LDADD) $(LIBS) -newgrp$(EXEEXT): $(newgrp_OBJECTS) $(newgrp_DEPENDENCIES) $(EXTRA_newgrp_DEPENDENCIES) - @rm -f newgrp$(EXEEXT) - $(LINK) $(newgrp_OBJECTS) $(newgrp_LDADD) $(LIBS) -newusers$(EXEEXT): $(newusers_OBJECTS) $(newusers_DEPENDENCIES) $(EXTRA_newusers_DEPENDENCIES) - @rm -f newusers$(EXEEXT) - $(LINK) $(newusers_OBJECTS) $(newusers_LDADD) $(LIBS) -nologin$(EXEEXT): $(nologin_OBJECTS) $(nologin_DEPENDENCIES) $(EXTRA_nologin_DEPENDENCIES) - @rm -f nologin$(EXEEXT) - $(LINK) $(nologin_OBJECTS) $(nologin_LDADD) $(LIBS) -passwd$(EXEEXT): $(passwd_OBJECTS) $(passwd_DEPENDENCIES) $(EXTRA_passwd_DEPENDENCIES) - @rm -f passwd$(EXEEXT) - $(LINK) $(passwd_OBJECTS) $(passwd_LDADD) $(LIBS) -pwck$(EXEEXT): $(pwck_OBJECTS) $(pwck_DEPENDENCIES) $(EXTRA_pwck_DEPENDENCIES) - @rm -f pwck$(EXEEXT) - $(LINK) $(pwck_OBJECTS) $(pwck_LDADD) $(LIBS) -pwconv$(EXEEXT): $(pwconv_OBJECTS) $(pwconv_DEPENDENCIES) $(EXTRA_pwconv_DEPENDENCIES) - @rm -f pwconv$(EXEEXT) - $(LINK) $(pwconv_OBJECTS) $(pwconv_LDADD) $(LIBS) -pwunconv$(EXEEXT): $(pwunconv_OBJECTS) $(pwunconv_DEPENDENCIES) $(EXTRA_pwunconv_DEPENDENCIES) - @rm -f pwunconv$(EXEEXT) - $(LINK) $(pwunconv_OBJECTS) $(pwunconv_LDADD) $(LIBS) -su$(EXEEXT): $(su_OBJECTS) $(su_DEPENDENCIES) $(EXTRA_su_DEPENDENCIES) - @rm -f su$(EXEEXT) - $(LINK) $(su_OBJECTS) $(su_LDADD) $(LIBS) -sulogin$(EXEEXT): $(sulogin_OBJECTS) $(sulogin_DEPENDENCIES) $(EXTRA_sulogin_DEPENDENCIES) - @rm -f sulogin$(EXEEXT) - $(LINK) $(sulogin_OBJECTS) $(sulogin_LDADD) $(LIBS) -useradd$(EXEEXT): $(useradd_OBJECTS) $(useradd_DEPENDENCIES) $(EXTRA_useradd_DEPENDENCIES) - @rm -f useradd$(EXEEXT) - $(LINK) $(useradd_OBJECTS) $(useradd_LDADD) $(LIBS) -userdel$(EXEEXT): $(userdel_OBJECTS) $(userdel_DEPENDENCIES) $(EXTRA_userdel_DEPENDENCIES) - @rm -f userdel$(EXEEXT) - $(LINK) $(userdel_OBJECTS) $(userdel_LDADD) $(LIBS) -usermod$(EXEEXT): $(usermod_OBJECTS) $(usermod_DEPENDENCIES) $(EXTRA_usermod_DEPENDENCIES) - @rm -f usermod$(EXEEXT) - $(LINK) $(usermod_OBJECTS) $(usermod_LDADD) $(LIBS) -vipw$(EXEEXT): $(vipw_OBJECTS) $(vipw_DEPENDENCIES) $(EXTRA_vipw_DEPENDENCIES) - @rm -f vipw$(EXEEXT) - $(LINK) $(vipw_OBJECTS) $(vipw_LDADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chage.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chfn.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chgpasswd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chpasswd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chsh.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/expiry.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faillog.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gpasswd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupadd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupdel.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupmems.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groupmod.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/groups.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/grpck.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/grpconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/grpunconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/id.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lastlog.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/login.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/login_nopam.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logoutd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newgrp.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/newusers.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/nologin.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/passwd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwck.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pwunconv.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/su.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/suauth.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/sulogin.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/useradd.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/userdel.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/usermod.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vipw.Po@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - set x; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - shift; \ - if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - if test $$# -gt 0; then \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - "$$@" $$unique; \ - else \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$unique; \ - fi; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ - END { if (nonempty) { for (i in files) print i; }; }'`; \ - test -z "$(CTAGS_ARGS)$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && $(am__cd) $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) "$$here" - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d "$(distdir)/$$file"; then \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ - find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ - fi; \ - cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ - else \ - test -f "$(distdir)/$$file" \ - || cp -p $$d/$$file "$(distdir)/$$file" \ - || exit 1; \ - fi; \ - done -check-am: all-am -check: check-am -all-am: Makefile $(PROGRAMS) -installdirs: - for dir in "$(DESTDIR)$(bindir)" "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(ubindir)" "$(DESTDIR)$(usbindir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -installcheck: installcheck-am -install-strip: - if test -z '$(STRIP)'; then \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - install; \ - else \ - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ - fi -mostlyclean-generic: - -clean-generic: - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-binPROGRAMS clean-generic clean-libtool \ - clean-noinstPROGRAMS clean-sbinPROGRAMS clean-ubinPROGRAMS \ - clean-usbinPROGRAMS mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -html-am: - -info: info-am - -info-am: - -install-data-am: install-ubinPROGRAMS install-usbinPROGRAMS - -install-dvi: install-dvi-am - -install-dvi-am: - -install-exec-am: install-binPROGRAMS install-sbinPROGRAMS - -install-html: install-html-am - -install-html-am: - -install-info: install-info-am - -install-info-am: - -install-man: - -install-pdf: install-pdf-am - -install-pdf-am: - -install-ps: install-ps-am - -install-ps-am: - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-binPROGRAMS uninstall-sbinPROGRAMS \ - uninstall-ubinPROGRAMS uninstall-usbinPROGRAMS - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-am clean clean-binPROGRAMS \ - clean-generic clean-libtool clean-noinstPROGRAMS \ - clean-sbinPROGRAMS clean-ubinPROGRAMS clean-usbinPROGRAMS \ - ctags distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-binPROGRAMS \ - install-data install-data-am install-dvi install-dvi-am \ - install-exec install-exec-am install-html install-html-am \ - install-info install-info-am install-man install-pdf \ - install-pdf-am install-ps install-ps-am install-sbinPROGRAMS \ - install-strip install-ubinPROGRAMS install-usbinPROGRAMS \ - installcheck installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-sbinPROGRAMS uninstall-ubinPROGRAMS \ - uninstall-usbinPROGRAMS - -@ACCT_TOOLS_SETUID_TRUE@ suidubins += chage chgpasswd chpasswd groupadd groupdel groupmod newusers useradd userdel usermod - -@WITH_TCB_TRUE@suidubins -= passwd - -install-am: all-am - $(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - ln -sf newgrp $(DESTDIR)$(ubindir)/sg - ln -sf vipw $(DESTDIR)$(usbindir)/vigr - for i in $(suidbins); do \ - chmod -f $(suidperms) $(DESTDIR)$(bindir)/$$i; \ - done - for i in $(suidubins); do \ - chmod -f $(suidperms) $(DESTDIR)$(ubindir)/$$i; \ - done -@WITH_TCB_TRUE@ for i in $(shadowsgidubins); do \ -@WITH_TCB_TRUE@ chown root:shadow $(DESTDIR)$(ubindir)/$$i; \ -@WITH_TCB_TRUE@ chmod -f $(sgidperms) $(DESTDIR)$(ubindir)/$$i; \ -@WITH_TCB_TRUE@ done - -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/src/chage.c b/src/chage.c index 753bf849..2df65a94 100644 --- a/src/chage.c +++ b/src/chage.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: chage.c 3642 2011-11-19 21:56:10Z nekral-guest $" +#ident "$Id$" #include <ctype.h> #include <fcntl.h> @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: chfn.c 3576 2011-11-13 16:24:57Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <pwd.h> diff --git a/src/chgpasswd.c b/src/chgpasswd.c index bce7a18d..4dd5fbab 100644 --- a/src/chgpasswd.c +++ b/src/chgpasswd.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: chgpasswd.c 3652 2011-12-09 21:31:39Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <getopt.h> @@ -459,6 +459,7 @@ int main (int argc, char **argv) && ( (NULL == crypt_method) || (0 != strcmp (crypt_method, "NONE")))) { void *arg = NULL; + const char *salt; if (md5flg) { crypt_method = "MD5"; } @@ -467,8 +468,14 @@ int main (int argc, char **argv) arg = &sha_rounds; } #endif - cp = pw_encrypt (newpwd, - crypt_make_salt (crypt_method, arg)); + salt = crypt_make_salt (crypt_method, arg); + cp = pw_encrypt (newpwd, salt); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + fail_exit (1); + } } /* diff --git a/src/chpasswd.c b/src/chpasswd.c index e533ba8e..78436d6a 100644 --- a/src/chpasswd.c +++ b/src/chpasswd.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: chpasswd.c 3652 2011-12-09 21:31:39Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <getopt.h> @@ -482,6 +482,7 @@ int main (int argc, char **argv) && ( (NULL == crypt_method) || (0 != strcmp (crypt_method, "NONE")))) { void *arg = NULL; + const char *salt; if (md5flg) { crypt_method = "MD5"; } @@ -490,8 +491,14 @@ int main (int argc, char **argv) arg = &sha_rounds; } #endif - cp = pw_encrypt (newpwd, - crypt_make_salt(crypt_method, arg)); + salt = crypt_make_salt (crypt_method, arg); + cp = pw_encrypt (newpwd, salt); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + fail_exit (1); + } } /* @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: chsh.c 3640 2011-11-19 21:51:52Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <getopt.h> diff --git a/src/expiry.c b/src/expiry.c index b16d98fb..4ae47703 100644 --- a/src/expiry.c +++ b/src/expiry.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: expiry.c 3640 2011-11-19 21:51:52Z nekral-guest $" +#ident "$Id$" #include <pwd.h> #include <signal.h> diff --git a/src/faillog.c b/src/faillog.c index c23b6cff..073561c5 100644 --- a/src/faillog.c +++ b/src/faillog.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: faillog.c 3639 2011-11-19 21:44:34Z nekral-guest $" +#ident "$Id$" #include <getopt.h> #include <pwd.h> diff --git a/src/gpasswd.c b/src/gpasswd.c index 9f0cd195..8959a35a 100644 --- a/src/gpasswd.c +++ b/src/gpasswd.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: gpasswd.c 3640 2011-11-19 21:51:52Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <fcntl.h> @@ -898,6 +898,7 @@ static void change_passwd (struct group *gr) char *cp; static char pass[BUFSIZ]; int retries; + const char *salt; /* * A new password is to be entered and it must be encrypted, etc. @@ -938,7 +939,14 @@ static void change_passwd (struct group *gr) exit (1); } - cp = pw_encrypt (pass, crypt_make_salt (NULL, NULL)); + salt = crypt_make_salt (NULL, NULL); + cp = pw_encrypt (pass, salt); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + exit (1); + } memzero (pass, sizeof pass); #ifdef SHADOWGRP if (is_shadowgrp) { diff --git a/src/groupadd.c b/src/groupadd.c index 84ff55e2..39b4ec02 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: groupadd.c 3576 2011-11-13 16:24:57Z nekral-guest $" +#ident "$Id$" #include <ctype.h> #include <fcntl.h> diff --git a/src/groupdel.c b/src/groupdel.c index bdadf7d3..da993475 100644 --- a/src/groupdel.c +++ b/src/groupdel.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: groupdel.c 3576 2011-11-13 16:24:57Z nekral-guest $" +#ident "$Id$" #include <ctype.h> #include <fcntl.h> diff --git a/src/groupmod.c b/src/groupmod.c index 079ac870..d9d38071 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: groupmod.c 3576 2011-11-13 16:24:57Z nekral-guest $" +#ident "$Id$" #include <ctype.h> #include <fcntl.h> diff --git a/src/groups.c b/src/groups.c index b2c2d8e2..fcd669b0 100644 --- a/src/groups.c +++ b/src/groups.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: groups.c 3233 2010-08-22 19:36:09Z nekral-guest $" +#ident "$Id$" #include <grp.h> #include <pwd.h> diff --git a/src/grpck.c b/src/grpck.c index 1846c4dd..9d1ed903 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -33,7 +33,7 @@ #include <config.h> -#ident "$Id: grpck.c 3559 2011-11-06 18:39:53Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <grp.h> diff --git a/src/grpconv.c b/src/grpconv.c index bb19ffd1..ece8095d 100644 --- a/src/grpconv.c +++ b/src/grpconv.c @@ -36,7 +36,7 @@ */ #include <config.h> -#ident "$Id: grpconv.c 3640 2011-11-19 21:51:52Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <fcntl.h> diff --git a/src/grpunconv.c b/src/grpunconv.c index 416b6a52..ea8914cb 100644 --- a/src/grpunconv.c +++ b/src/grpunconv.c @@ -37,7 +37,7 @@ #include <config.h> -#ident "$Id: grpunconv.c 3726 2012-05-18 19:32:32Z nekral-guest $" +#ident "$Id$" #include <stdio.h> #include <stdlib.h> @@ -40,7 +40,7 @@ #include <config.h> -#ident "$Id: id.c 3182 2010-03-23 11:26:34Z nekral-guest $" +#ident "$Id$" #include <grp.h> #include <pwd.h> diff --git a/src/lastlog.c b/src/lastlog.c index 70be734c..ed9484aa 100644 --- a/src/lastlog.c +++ b/src/lastlog.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: lastlog.c 3560 2011-11-06 18:39:59Z nekral-guest $" +#ident "$Id$" #include <getopt.h> #include <lastlog.h> diff --git a/src/login.c b/src/login.c index 2e5f65e4..d610844d 100644 --- a/src/login.c +++ b/src/login.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: login.c 3743 2012-05-25 11:51:53Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <grp.h> diff --git a/src/login_nopam.c b/src/login_nopam.c index 439a3c54..68a37755 100644 --- a/src/login_nopam.c +++ b/src/login_nopam.c @@ -22,7 +22,7 @@ #endif #ifndef USE_PAM -#ident "$Id: login_nopam.c 3182 2010-03-23 11:26:34Z nekral-guest $" +#ident "$Id$" #include "prototypes.h" /* diff --git a/src/logoutd.c b/src/logoutd.c index c836da86..1503a743 100644 --- a/src/logoutd.c +++ b/src/logoutd.c @@ -31,7 +31,7 @@ #include <config.h> -#ident "$Id: logoutd.c 3233 2010-08-22 19:36:09Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <signal.h> diff --git a/src/newgidmap.c b/src/newgidmap.c new file mode 100644 index 00000000..1527a615 --- /dev/null +++ b/src/newgidmap.c @@ -0,0 +1,183 @@ +/* + * Copyright (c) 2013 Eric Biederman + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the copyright holders or contributors may not be used to + * endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <config.h> +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include <stdbool.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include "defines.h" +#include "prototypes.h" +#include "subordinateio.h" +#include "idmapping.h" + +/* + * Global variables + */ +const char *Prog; + +static bool verify_range(struct passwd *pw, struct map_range *range) +{ + /* An empty range is invalid */ + if (range->count == 0) + return false; + + /* Test /etc/subgid */ + if (have_sub_gids(pw->pw_name, range->lower, range->count)) + return true; + + /* Allow a process to map it's own gid */ + if ((range->count == 1) && (pw->pw_gid == range->lower)) + return true; + + return false; +} + +static void verify_ranges(struct passwd *pw, int ranges, + struct map_range *mappings) +{ + struct map_range *mapping; + int idx; + + mapping = mappings; + for (idx = 0; idx < ranges; idx++, mapping++) { + if (!verify_range(pw, mapping)) { + fprintf(stderr, _( "%s: gid range [%lu-%lu) -> [%lu-%lu) not allowed\n"), + Prog, + mapping->upper, + mapping->upper + mapping->count, + mapping->lower, + mapping->lower + mapping->count); + exit(EXIT_FAILURE); + } + } +} + +static void usage(void) +{ + fprintf(stderr, _("usage: %s <pid> <gid> <lowergid> <count> [ <gid> <lowergid> <count> ] ... \n"), Prog); + exit(EXIT_FAILURE); +} + +/* + * newgidmap - Set the gid_map for the specified process + */ +int main(int argc, char **argv) +{ + char proc_dir_name[PATH_MAX]; + char *target_str; + pid_t target, parent; + int proc_dir_fd; + int ranges; + struct map_range *mappings; + struct stat st; + struct passwd *pw; + int written; + + Prog = Basename (argv[0]); + + /* + * The valid syntax are + * newgidmap target_pid + */ + if (argc < 2) + usage(); + + /* Find the process that needs it's user namespace + * gid mapping set. + */ + target_str = argv[1]; + if (!get_pid(target_str, &target)) + usage(); + + written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/", + target); + if ((written <= 0) || (written >= sizeof(proc_dir_name))) { + fprintf(stderr, "%s: snprintf of proc path failed: %s\n", + Prog, strerror(errno)); + } + + proc_dir_fd = open(proc_dir_name, O_DIRECTORY); + if (proc_dir_fd < 0) { + fprintf(stderr, _("%s: Could not open proc directory for target %u\n"), + Prog, target); + return EXIT_FAILURE; + } + + /* Who am i? */ + pw = get_my_pwent (); + if (NULL == pw) { + fprintf (stderr, + _("%s: Cannot determine your user name.\n"), + Prog); + SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)", + (unsigned long) getuid ())); + return EXIT_FAILURE; + } + + /* Get the effective uid and effective gid of the target process */ + if (fstat(proc_dir_fd, &st) < 0) { + fprintf(stderr, _("%s: Could not stat directory for target %u\n"), + Prog, target); + return EXIT_FAILURE; + } + + /* Verify real user and real group matches the password entry + * and the effective user and group of the program whose + * mappings we have been asked to set. + */ + if ((getuid() != pw->pw_uid) || + (getgid() != pw->pw_gid) || + (pw->pw_uid != st.st_uid) || + (pw->pw_gid != st.st_gid)) { + fprintf(stderr, _( "%s: Target %u is owned by a different user\n" ), + Prog, target); + return EXIT_FAILURE; + } + + if (!sub_gid_open(O_RDONLY)) { + return EXIT_FAILURE; + } + + ranges = ((argc - 2) + 2) / 3; + mappings = get_map_ranges(ranges, argc - 2, argv + 2); + if (!mappings) + usage(); + + verify_ranges(pw, ranges, mappings); + + write_mapping(proc_dir_fd, ranges, mappings, "gid_map"); + sub_gid_close(); + + return EXIT_SUCCESS; +} diff --git a/src/newgrp.c b/src/newgrp.c index 46d6deb6..49dd1512 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: newgrp.c 3458 2011-07-30 01:41:56Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <grp.h> @@ -184,6 +184,16 @@ static void check_perms (const struct group *grp, cpasswd = pw_encrypt (cp, grp->gr_passwd); strzero (cp); + if (NULL == cpasswd) { + fprintf (stderr, + _("%s: failed to crypt password with previous salt: %s\n"), + Prog, strerror (errno)); + SYSLOG ((LOG_INFO, + "Failed to crypt password with previous salt of group '%s'", + groupname)); + goto failure; + } + if (grp->gr_passwd[0] == '\0' || strcmp (cpasswd, grp->gr_passwd) != 0) { #ifdef WITH_AUDIT diff --git a/src/newuidmap.c b/src/newuidmap.c new file mode 100644 index 00000000..69c50940 --- /dev/null +++ b/src/newuidmap.c @@ -0,0 +1,183 @@ +/* + * Copyright (c) 2013 Eric Biederman + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the copyright holders or contributors may not be used to + * endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include <config.h> +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include <stdbool.h> +#include <stdlib.h> +#include <sys/types.h> +#include <sys/stat.h> +#include <fcntl.h> +#include "defines.h" +#include "prototypes.h" +#include "subordinateio.h" +#include "idmapping.h" + +/* + * Global variables + */ +const char *Prog; + +static bool verify_range(struct passwd *pw, struct map_range *range) +{ + /* An empty range is invalid */ + if (range->count == 0) + return false; + + /* Test /etc/subuid */ + if (have_sub_uids(pw->pw_name, range->lower, range->count)) + return true; + + /* Allow a process to map it's own uid */ + if ((range->count == 1) && (pw->pw_uid == range->lower)) + return true; + + return false; +} + +static void verify_ranges(struct passwd *pw, int ranges, + struct map_range *mappings) +{ + struct map_range *mapping; + int idx; + + mapping = mappings; + for (idx = 0; idx < ranges; idx++, mapping++) { + if (!verify_range(pw, mapping)) { + fprintf(stderr, _( "%s: uid range [%lu-%lu) -> [%lu-%lu) not allowed\n"), + Prog, + mapping->upper, + mapping->upper + mapping->count, + mapping->lower, + mapping->lower + mapping->count); + exit(EXIT_FAILURE); + } + } +} + +void usage(void) +{ + fprintf(stderr, _("usage: %s <pid> <uid> <loweruid> <count> [ <uid> <loweruid> <count> ] ... \n"), Prog); + exit(EXIT_FAILURE); +} + +/* + * newuidmap - Set the uid_map for the specified process + */ +int main(int argc, char **argv) +{ + char proc_dir_name[PATH_MAX]; + char *target_str; + pid_t target, parent; + int proc_dir_fd; + int ranges; + struct map_range *mappings; + struct stat st; + struct passwd *pw; + int written; + + Prog = Basename (argv[0]); + + /* + * The valid syntax are + * newuidmap target_pid + */ + if (argc < 2) + usage(); + + /* Find the process that needs it's user namespace + * uid mapping set. + */ + target_str = argv[1]; + if (!get_pid(target_str, &target)) + usage(); + + written = snprintf(proc_dir_name, sizeof(proc_dir_name), "/proc/%u/", + target); + if ((written <= 0) || (written >= sizeof(proc_dir_name))) { + fprintf(stderr, "%s: snprintf of proc path failed: %s\n", + Prog, strerror(errno)); + } + + proc_dir_fd = open(proc_dir_name, O_DIRECTORY); + if (proc_dir_fd < 0) { + fprintf(stderr, _("%s: Could not open proc directory for target %u\n"), + Prog, target); + return EXIT_FAILURE; + } + + /* Who am i? */ + pw = get_my_pwent (); + if (NULL == pw) { + fprintf (stderr, + _("%s: Cannot determine your user name.\n"), + Prog); + SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)", + (unsigned long) getuid ())); + return EXIT_FAILURE; + } + + /* Get the effective uid and effective gid of the target process */ + if (fstat(proc_dir_fd, &st) < 0) { + fprintf(stderr, _("%s: Could not stat directory for target %u\n"), + Prog, target); + return EXIT_FAILURE; + } + + /* Verify real user and real group matches the password entry + * and the effective user and group of the program whose + * mappings we have been asked to set. + */ + if ((getuid() != pw->pw_uid) || + (getgid() != pw->pw_gid) || + (pw->pw_uid != st.st_uid) || + (pw->pw_gid != st.st_gid)) { + fprintf(stderr, _( "%s: Target %u is owned by a different user\n" ), + Prog, target); + return EXIT_FAILURE; + } + + if (!sub_uid_open(O_RDONLY)) { + return EXIT_FAILURE; + } + + ranges = ((argc - 2) + 2) / 3; + mappings = get_map_ranges(ranges, argc - 2, argv + 2); + if (!mappings) + usage(); + + verify_ranges(pw, ranges, mappings); + + write_mapping(proc_dir_fd, ranges, mappings, "uid_map"); + sub_uid_close(); + + return EXIT_SUCCESS; +} diff --git a/src/newusers.c b/src/newusers.c index c25f40e1..a90d04ee 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -40,7 +40,7 @@ #include <config.h> -#ident "$Id: newusers.c 3652 2011-12-09 21:31:39Z nekral-guest $" +#ident "$Id$" #include <sys/types.h> #include <sys/stat.h> @@ -65,6 +65,9 @@ #include "pwio.h" #include "sgroupio.h" #include "shadowio.h" +#ifdef ENABLE_SUBIDS +#include "subordinateio.h" +#endif /* ENABLE_SUBIDS */ #include "chkname.h" /* @@ -90,6 +93,12 @@ static bool sgr_locked = false; static bool pw_locked = false; static bool gr_locked = false; static bool spw_locked = false; +#ifdef ENABLE_SUBIDS +static bool is_sub_uid = false; +static bool is_sub_gid = false; +static bool sub_uid_locked = false; +static bool sub_gid_locked = false; +#endif /* ENABLE_SUBIDS */ /* local function prototypes */ static void usage (int status); @@ -98,7 +107,7 @@ static int add_group (const char *, const char *, gid_t *, gid_t); static int get_user_id (const char *, uid_t *); static int add_user (const char *, uid_t, gid_t); #ifndef USE_PAM -static void update_passwd (struct passwd *, const char *); +static int update_passwd (struct passwd *, const char *); #endif /* !USE_PAM */ static int add_passwd (struct passwd *, const char *); static void process_flags (int argc, char **argv); @@ -178,6 +187,22 @@ static void fail_exit (int code) } } #endif +#ifdef ENABLE_SUBIDS + if (sub_uid_locked) { + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); + /* continue */ + } + } + if (sub_gid_locked) { + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); + /* continue */ + } + } +#endif /* ENABLE_SUBIDS */ exit (code); } @@ -384,9 +409,15 @@ static int add_user (const char *name, uid_t uid, gid_t gid) } #ifndef USE_PAM -static void update_passwd (struct passwd *pwd, const char *password) +/* + * update_passwd - update the password in the passwd entry + * + * Return 0 if successful. + */ +static int update_passwd (struct passwd *pwd, const char *password) { void *crypt_arg = NULL; + char *cp; if (crypt_method != NULL) { #ifdef USE_SHA_CRYPT if (sflg) { @@ -398,10 +429,18 @@ static void update_passwd (struct passwd *pwd, const char *password) if ((crypt_method != NULL) && (0 == strcmp(crypt_method, "NONE"))) { pwd->pw_passwd = (char *)password; } else { - pwd->pw_passwd = pw_encrypt (password, - crypt_make_salt (crypt_method, - crypt_arg)); + const char *salt = crypt_make_salt (crypt_method, crypt_arg); + cp = pw_encrypt (password, salt); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + return 1; + } + pwd->pw_passwd = cp; } + + return 0; } #endif /* !USE_PAM */ @@ -412,6 +451,7 @@ static int add_passwd (struct passwd *pwd, const char *password) { const struct spwd *sp; struct spwd spent; + char *cp; #ifndef USE_PAM void *crypt_arg = NULL; @@ -429,8 +469,7 @@ static int add_passwd (struct passwd *pwd, const char *password) * harder since there are zillions of things to do ... */ if (!is_shadow) { - update_passwd (pwd, password); - return 0; + return update_passwd (pwd, password); } #endif /* USE_PAM */ @@ -448,7 +487,14 @@ static int add_passwd (struct passwd *pwd, const char *password) } else { const char *salt = crypt_make_salt (crypt_method, crypt_arg); - spent.sp_pwdp = pw_encrypt (password, salt); + cp = pw_encrypt (password, salt); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + return 1; + } + spent.sp_pwdp = cp; } spent.sp_lstchg = (long) time ((time_t *) 0) / SCALE; if (0 == spent.sp_lstchg) { @@ -466,8 +512,7 @@ static int add_passwd (struct passwd *pwd, const char *password) * the password set someplace else. */ if (strcmp (pwd->pw_passwd, "x") != 0) { - update_passwd (pwd, password); - return 0; + return update_passwd (pwd, password); } #else /* USE_PAM */ /* @@ -492,7 +537,14 @@ static int add_passwd (struct passwd *pwd, const char *password) spent.sp_pwdp = (char *)password; } else { const char *salt = crypt_make_salt (crypt_method, crypt_arg); - spent.sp_pwdp = pw_encrypt (password, salt); + cp = pw_encrypt (password, salt); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + return 1; + } + spent.sp_pwdp = cp; } #else /* @@ -732,6 +784,26 @@ static void open_files (void) sgr_locked = true; } #endif +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (sub_uid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_uid_dbname ()); + fail_exit (EXIT_FAILURE); + } + sub_uid_locked = true; + } + if (is_sub_gid) { + if (sub_gid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_gid_dbname ()); + fail_exit (EXIT_FAILURE); + } + sub_gid_locked = true; + } +#endif /* ENABLE_SUBIDS */ if (pw_open (O_RDWR) == 0) { fprintf (stderr, _("%s: cannot open %s\n"), Prog, pw_dbname ()); @@ -751,6 +823,24 @@ static void open_files (void) fail_exit (EXIT_FAILURE); } #endif +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (sub_uid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, sub_uid_dbname ()); + fail_exit (EXIT_FAILURE); + } + } + if (is_sub_gid) { + if (sub_gid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, sub_gid_dbname ()); + fail_exit (EXIT_FAILURE); + } + } +#endif /* ENABLE_SUBIDS */ } /* @@ -795,6 +885,21 @@ static void close_files (void) SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ())); fail_exit (EXIT_FAILURE); } +#ifdef ENABLE_SUBIDS + if (is_sub_uid && (sub_uid_close () == 0)) { + fprintf (stderr, + _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ())); + fail_exit (EXIT_FAILURE); + } + if (is_sub_gid && (sub_gid_close () == 0)) { + fprintf (stderr, + _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ())); + fail_exit (EXIT_FAILURE); + } +#endif /* ENABLE_SUBIDS */ + if (gr_unlock () == 0) { fprintf (stderr, _("%s: failed to unlock %s\n"), @@ -823,6 +928,24 @@ static void close_files (void) sgr_locked = false; } #endif +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); + /* continue */ + } + sub_uid_locked = false; + } + if (is_sub_gid) { + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); + /* continue */ + } + sub_gid_locked = false; + } +#endif /* ENABLE_SUBIDS */ } int main (int argc, char **argv) @@ -864,6 +987,10 @@ int main (int argc, char **argv) #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif +#ifdef ENABLE_SUBIDS + is_sub_uid = sub_uid_file_present (); + is_sub_gid = sub_gid_file_present (); +#endif /* ENABLE_SUBIDS */ open_files (); @@ -1044,6 +1171,48 @@ int main (int argc, char **argv) errors++; continue; } + +#ifdef ENABLE_SUBIDS + /* + * Add subordinate uids if the user does not have them. + */ + if (is_sub_uid && !sub_uid_assigned(fields[0])) { + uid_t sub_uid_start = 0; + unsigned long sub_uid_count = 0; + if (find_new_sub_uids(fields[0], &sub_uid_start, &sub_uid_count) == 0) { + if (sub_uid_add(fields[0], sub_uid_start, sub_uid_count) == 0) { + fprintf (stderr, + _("%s: failed to prepare new %s entry\n"), + Prog, sub_uid_dbname ()); + } + } else { + fprintf (stderr, + _("%s: can't find subordinate user range\n"), + Prog); + errors++; + } + } + + /* + * Add subordinate gids if the user does not have them. + */ + if (is_sub_gid && !sub_gid_assigned(fields[0])) { + gid_t sub_gid_start = 0; + unsigned long sub_gid_count = 0; + if (find_new_sub_gids(fields[0], &sub_gid_start, &sub_gid_count) == 0) { + if (sub_gid_add(fields[0], sub_gid_start, sub_gid_count) == 0) { + fprintf (stderr, + _("%s: failed to prepare new %s entry\n"), + Prog, sub_uid_dbname ()); + } + } else { + fprintf (stderr, + _("%s: can't find subordinate group range\n"), + Prog); + errors++; + } + } +#endif /* ENABLE_SUBIDS */ } /* diff --git a/src/nologin.c b/src/nologin.c index fba28650..7fe8a6a2 100644 --- a/src/nologin.c +++ b/src/nologin.c @@ -26,7 +26,7 @@ #include <config.h> -#ident "$Id: nologin.c 2862 2009-05-09 13:14:23Z nekral-guest $" +#ident "$Id$" #include <stdio.h> #include <stdlib.h> diff --git a/src/passwd.c b/src/passwd.c index 8e566a29..3424f3bf 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: passwd.c 3710 2012-02-13 20:32:00Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <fcntl.h> @@ -218,6 +218,7 @@ static int new_password (const struct passwd *pw) { char *clear; /* Pointer to clear text */ char *cipher; /* Pointer to cipher text */ + const char *salt; /* Pointer to new salt */ char *cp; /* Pointer to getpass() response */ char orig[200]; /* Original password */ char pass[200]; /* New password */ @@ -242,6 +243,18 @@ static int new_password (const struct passwd *pw) } cipher = pw_encrypt (clear, crypt_passwd); + + if (NULL == cipher) { + strzero (clear); + fprintf (stderr, + _("%s: failed to crypt password with previous salt: %s\n"), + Prog, strerror (errno)); + SYSLOG ((LOG_INFO, + "Failed to crypt password with previous salt of user '%s'", + pw->pw_name)); + return -1; + } + if (strcmp (cipher, crypt_passwd) != 0) { strzero (clear); strzero (cipher); @@ -348,9 +361,17 @@ static int new_password (const struct passwd *pw) /* * Encrypt the password, then wipe the cleartext password. */ - cp = pw_encrypt (pass, crypt_make_salt (NULL, NULL)); + salt = crypt_make_salt (NULL, NULL); + cp = pw_encrypt (pass, salt); memzero (pass, sizeof pass); + if (NULL == cp) { + fprintf (stderr, + _("%s: failed to crypt password with salt '%s': %s\n"), + Prog, salt, strerror (errno)); + return -1; + } + #ifdef HAVE_LIBCRACK_HIST HistUpdate (pw->pw_name, crypt_passwd); #endif /* HAVE_LIBCRACK_HIST */ @@ -33,7 +33,7 @@ #include <config.h> -#ident "$Id: pwck.c 3574 2011-11-13 16:24:39Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <grp.h> diff --git a/src/pwconv.c b/src/pwconv.c index 3f059e46..515eba19 100644 --- a/src/pwconv.c +++ b/src/pwconv.c @@ -55,7 +55,7 @@ #include <config.h> -#ident "$Id: pwconv.c 3743 2012-05-25 11:51:53Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <fcntl.h> diff --git a/src/pwunconv.c b/src/pwunconv.c index a706d60e..62e2af04 100644 --- a/src/pwunconv.c +++ b/src/pwunconv.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: pwunconv.c 3743 2012-05-25 11:51:53Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <pwd.h> @@ -2,7 +2,7 @@ * Copyright (c) 1989 - 1994, Julianne Frances Haugh * Copyright (c) 1996 - 2000, Marek Michałkiewicz * Copyright (c) 2000 - 2006, Tomasz Kłoczko - * Copyright (c) 2007 - 2012, Nicolas François + * Copyright (c) 2007 - 2013, Nicolas François * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -53,7 +53,7 @@ #include <config.h> -#ident "$Id: su.c 3743 2012-05-25 11:51:53Z nekral-guest $" +#ident "$Id$" #include <getopt.h> #include <grp.h> @@ -181,7 +181,7 @@ static bool iswheel (const char *username) static RETSIGTYPE kill_child (int unused(s)) { if (0 != pid_child) { - (void) kill (pid_child, SIGKILL); + (void) kill (-pid_child, SIGKILL); (void) fputs (_(" ...killed.\n"), stderr); } else { (void) fputs (_(" ...waiting for child to terminate.\n"), @@ -347,6 +347,7 @@ static void prepare_pam_close_session (void) if ( ((pid_t)-1 == pid) && (EINTR == errno) && (SIGTSTP == caught)) { + caught = 0; /* Except for SIGTSTP, which request to * stop the child. * We will SIGSTOP ourself on the next @@ -370,7 +371,13 @@ static void prepare_pam_close_session (void) (void) fputs ("\n", stderr); (void) fputs (_("Session terminated, terminating shell..."), stderr); - (void) kill (pid_child, caught); + (void) kill (-pid_child, caught); + + (void) signal (SIGALRM, kill_child); + (void) alarm (2); + + (void) wait (&status); + (void) fputs (_(" ...terminated.\n"), stderr); } ret = pam_close_session (pamh, 0); @@ -383,14 +390,6 @@ static void prepare_pam_close_session (void) (void) pam_setcred (pamh, PAM_DELETE_CRED); (void) pam_end (pamh, PAM_SUCCESS); - if (0 != caught) { - (void) signal (SIGALRM, kill_child); - (void) alarm (2); - - (void) wait (&status); - (void) fputs (_(" ...terminated.\n"), stderr); - } - exit ((0 != WIFEXITED (status)) ? WEXITSTATUS (status) : WTERMSIG (status) + 128); /* Only the child returns. See above. */ diff --git a/src/sulogin.c b/src/sulogin.c index 642490e6..ccbf2c5d 100644 --- a/src/sulogin.c +++ b/src/sulogin.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: sulogin.c 3521 2011-10-18 20:28:01Z nekral-guest $" +#ident "$Id$" #include <fcntl.h> #include <pwd.h> diff --git a/src/useradd.c b/src/useradd.c index bfddfc62..1b65bf44 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: useradd.c 3743 2012-05-25 11:51:53Z nekral-guest $" +#ident "$Id$" #include <assert.h> #include <ctype.h> @@ -65,6 +65,9 @@ #include "sgroupio.h" #endif #include "shadowio.h" +#ifdef ENABLE_SUBIDS +#include "subordinateio.h" +#endif /* ENABLE_SUBIDS */ #ifdef WITH_TCB #include "tcbfuncs.h" #endif @@ -121,6 +124,16 @@ static bool is_shadow_pwd; static bool is_shadow_grp; static bool sgr_locked = false; #endif +#ifdef ENABLE_SUBIDS +static bool is_sub_uid = false; +static bool is_sub_gid = false; +static bool sub_uid_locked = false; +static bool sub_gid_locked = false; +static uid_t sub_uid_start; /* New subordinate uid range */ +static unsigned long sub_uid_count; +static gid_t sub_gid_start; /* New subordinate gid range */ +static unsigned long sub_gid_count; +#endif /* ENABLE_SUBIDS */ static bool pw_locked = false; static bool gr_locked = false; static bool spw_locked = false; @@ -168,6 +181,10 @@ static bool home_added = false; #define E_GRP_UPDATE 10 /* can't update group file */ #define E_HOMEDIR 12 /* can't create home directory */ #define E_SE_UPDATE 14 /* can't update SELinux user mapping */ +#ifdef ENABLE_SUBIDS +#define E_SUB_UID_UPDATE 16 /* can't update the subordinate uid file */ +#define E_SUB_GID_UPDATE 18 /* can't update the subordinate gid file */ +#endif /* ENABLE_SUBIDS */ #define DGROUP "GROUP=" #define DHOME "HOME=" @@ -268,6 +285,34 @@ static void fail_exit (int code) } } #endif +#ifdef ENABLE_SUBIDS + if (sub_uid_locked) { + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "unlocking subordinate user file", + user_name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif + /* continue */ + } + } + if (sub_gid_locked) { + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "unlocking subordinate group file", + user_name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif + /* continue */ + } + } +#endif /* ENABLE_SUBIDS */ #ifdef WITH_AUDIT audit_logger (AUDIT_ADD_USER, Prog, @@ -1378,6 +1423,20 @@ static void close_files (void) } #endif } +#ifdef ENABLE_SUBIDS + if (is_sub_uid && (sub_uid_close () == 0)) { + fprintf (stderr, + _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ())); + fail_exit (E_SUB_UID_UPDATE); + } + if (is_sub_gid && (sub_gid_close () == 0)) { + fprintf (stderr, + _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ())); + fail_exit (E_SUB_GID_UPDATE); + } +#endif /* ENABLE_SUBIDS */ if (is_shadow_pwd) { if (spw_unlock () == 0) { fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ()); @@ -1432,6 +1491,36 @@ static void close_files (void) sgr_locked = false; } #endif +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "unlocking subordinate user file", + user_name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif + /* continue */ + } + sub_uid_locked = false; + } + if (is_sub_gid) { + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); +#ifdef WITH_AUDIT + audit_logger (AUDIT_ADD_USER, Prog, + "unlocking subordinate group file", + user_name, AUDIT_NO_ID, + SHADOW_AUDIT_FAILURE); +#endif + /* continue */ + } + sub_gid_locked = false; + } +#endif /* ENABLE_SUBIDS */ } /* @@ -1486,6 +1575,38 @@ static void open_files (void) } } #endif +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (sub_uid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + sub_uid_locked = true; + if (sub_uid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + } + if (is_sub_gid) { + if (sub_gid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + sub_gid_locked = true; + if (sub_gid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + } +#endif /* ENABLE_SUBIDS */ } static void open_shadow (void) @@ -1732,13 +1853,29 @@ static void usr_update (void) #endif fail_exit (E_PW_UPDATE); } +#ifdef ENABLE_SUBIDS + if (is_sub_uid && + (sub_uid_add(user_name, sub_uid_start, sub_uid_count) == 0)) { + fprintf (stderr, + _("%s: failed to prepare the new %s entry\n"), + Prog, sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + if (is_sub_gid && + (sub_gid_add(user_name, sub_gid_start, sub_gid_count) == 0)) { + fprintf (stderr, + _("%s: failed to prepare the new %s entry\n"), + Prog, sub_uid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } +#endif /* ENABLE_SUBIDS */ + #ifdef WITH_AUDIT audit_logger (AUDIT_ADD_USER, Prog, "adding user", user_name, (unsigned int) user_id, SHADOW_AUDIT_SUCCESS); #endif - /* * Do any group file updates for this user. */ @@ -1884,6 +2021,10 @@ int main (int argc, char **argv) #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif +#ifdef ENABLE_SUBIDS + is_sub_uid = sub_uid_file_present (); + is_sub_gid = sub_gid_file_present (); +#endif /* ENABLE_SUBIDS */ get_defaults (); @@ -2034,6 +2175,25 @@ int main (int argc, char **argv) grp_add (); } +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (find_new_sub_uids(user_name, &sub_uid_start, &sub_uid_count) < 0) { + fprintf (stderr, + _("%s: can't create subordinate user IDs\n"), + Prog); + fail_exit(E_SUB_UID_UPDATE); + } + } + if (is_sub_gid) { + if (find_new_sub_gids(user_name, &sub_gid_start, &sub_gid_count) < 0) { + fprintf (stderr, + _("%s: can't create subordinate group IDs\n"), + Prog); + fail_exit(E_SUB_GID_UPDATE); + } + } +#endif /* ENABLE_SUBIDS */ + usr_update (); if (mflg) { diff --git a/src/userdel.c b/src/userdel.c index 4439f620..19b12bc4 100644 --- a/src/userdel.c +++ b/src/userdel.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: userdel.c 3743 2012-05-25 11:51:53Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <fcntl.h> @@ -65,6 +65,9 @@ #endif /* WITH_TCB */ /*@-exitarg@*/ #include "exitcodes.h" +#ifdef ENABLE_SUBIDS +#include "subordinateio.h" +#endif /* ENABLE_SUBIDS */ /* * exit status values @@ -75,6 +78,10 @@ #define E_GRP_UPDATE 10 /* can't update group file */ #define E_HOMEDIR 12 /* can't remove home directory */ #define E_SE_UPDATE 14 /* can't update SELinux user mapping */ +#ifdef ENABLE_SUBIDS +#define E_SUB_UID_UPDATE 16 /* can't update the subordinate uid file */ +#define E_SUB_GID_UPDATE 18 /* can't update the subordinate gid file */ +#endif /* ENABLE_SUBIDS */ /* * Global variables @@ -99,6 +106,12 @@ static bool sgr_locked = false; static bool pw_locked = false; static bool gr_locked = false; static bool spw_locked = false; +#ifdef ENABLE_SUBIDS +static bool is_sub_uid; +static bool is_sub_gid; +static bool sub_uid_locked = false; +static bool sub_gid_locked = false; +#endif /* ENABLE_SUBIDS */ /* local function prototypes */ static void usage (int status); @@ -437,6 +450,36 @@ static void close_files (void) sgr_locked = false; } #endif /* SHADOWGRP */ + +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (sub_uid_close () == 0) { + fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ())); + fail_exit (E_SUB_UID_UPDATE); + } + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); + /* continue */ + } + sub_uid_locked = false; + } + + if (is_sub_gid) { + if (sub_gid_close () == 0) { + fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ())); + fail_exit (E_SUB_GID_UPDATE); + } + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); + /* continue */ + } + sub_gid_locked = false; + } +#endif /* ENABLE_SUBIDS */ } /* @@ -474,6 +517,22 @@ static void fail_exit (int code) } } #endif /* SHADOWGRP */ +#ifdef ENABLE_SUBIDS + if (sub_uid_locked) { + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); + /* continue */ + } + } + if (sub_gid_locked) { + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); + /* continue */ + } + } +#endif /* ENABLE_SUBIDS */ #ifdef WITH_AUDIT audit_logger (AUDIT_DEL_USER, Prog, @@ -595,6 +654,60 @@ static void open_files (void) } } #endif /* SHADOWGRP */ +#ifdef ENABLE_SUBIDS + if (is_sub_uid) { + if (sub_uid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_uid_dbname ()); +#ifdef WITH_AUDIT + audit_logger (AUDIT_DEL_USER, Prog, + "locking subordinate user file", + user_name, (unsigned int) user_id, + SHADOW_AUDIT_FAILURE); +#endif /* WITH_AUDIT */ + fail_exit (E_SUB_UID_UPDATE); + } + sub_uid_locked = true; + if (sub_uid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), Prog, sub_uid_dbname ()); +#ifdef WITH_AUDIT + audit_logger (AUDIT_DEL_USER, Prog, + "opening subordinate user file", + user_name, (unsigned int) user_id, + SHADOW_AUDIT_FAILURE); +#endif /* WITH_AUDIT */ + fail_exit (E_SUB_UID_UPDATE); + } + } + if (is_sub_gid) { + if (sub_gid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_gid_dbname ()); +#ifdef WITH_AUDIT + audit_logger (AUDIT_DEL_USER, Prog, + "locking subordinate group file", + user_name, (unsigned int) user_id, + SHADOW_AUDIT_FAILURE); +#endif /* WITH_AUDIT */ + fail_exit (E_SUB_GID_UPDATE); + } + sub_gid_locked = true; + if (sub_gid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), Prog, sub_gid_dbname ()); +#ifdef WITH_AUDIT + audit_logger (AUDIT_DEL_USER, Prog, + "opening subordinate group file", + user_name, (unsigned int) user_id, + SHADOW_AUDIT_FAILURE); +#endif /* WITH_AUDIT */ + fail_exit (E_SUB_GID_UPDATE); + } + } +#endif /* ENABLE_SUBIDS */ } /* @@ -619,6 +732,20 @@ static void update_user (void) Prog, user_name, spw_dbname ()); fail_exit (E_PW_UPDATE); } +#ifdef ENABLE_SUBIDS + if (is_sub_uid && sub_uid_remove(user_name, 0, ULONG_MAX) == 0) { + fprintf (stderr, + _("%s: cannot remove entry %lu from %s\n"), + Prog, (unsigned long)user_id, sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + if (is_sub_gid && sub_gid_remove(user_name, 0, ULONG_MAX) == 0) { + fprintf (stderr, + _("%s: cannot remove entry %lu from %s\n"), + Prog, (unsigned long)user_id, sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } +#endif /* ENABLE_SUBIDS */ #ifdef WITH_AUDIT audit_logger (AUDIT_DEL_USER, Prog, "deleting user entries", @@ -966,6 +1093,10 @@ int main (int argc, char **argv) #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif /* SHADOWGRP */ +#ifdef ENABLE_SUBIDS + is_sub_uid = sub_uid_file_present (); + is_sub_gid = sub_gid_file_present (); +#endif /* ENABLE_SUBIDS */ /* * Start with a quick check to see if the user exists. diff --git a/src/usermod.c b/src/usermod.c index e411a323..e7d43513 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -32,7 +32,7 @@ #include <config.h> -#ident "$Id: usermod.c 3650 2011-11-21 22:02:15Z nekral-guest $" +#ident "$Id$" #include <ctype.h> #include <errno.h> @@ -63,6 +63,9 @@ #include "sgroupio.h" #endif #include "shadowio.h" +#ifdef ENABLE_SUBIDS +#include "subordinateio.h" +#endif /* ENABLE_SUBIDS */ #ifdef WITH_TCB #include "tcbfuncs.h" #endif @@ -86,7 +89,13 @@ /* #define E_NOSPACE 11 insufficient space to move home dir */ #define E_HOMEDIR 12 /* unable to complete home dir move */ #define E_SE_UPDATE 13 /* can't update SELinux user mapping */ +#ifdef ENABLE_SUBIDS +#define E_SUB_UID_UPDATE 16 /* can't update the subordinate uid file */ +#define E_SUB_GID_UPDATE 18 /* can't update the subordinate gid file */ +#endif /* ENABLE_SUBIDS */ + #define VALID(s) (strcspn (s, ":\n") == strlen (s)) + /* * Global variables */ @@ -132,6 +141,12 @@ static bool #ifdef WITH_SELINUX Zflg = false, /* new selinux user */ #endif +#ifdef ENABLE_SUBIDS + vflg = false, /* add subordinate uids */ + Vflg = false, /* delete subordinate uids */ + wflg = false, /* add subordinate gids */ + Wflg = false, /* delete subordinate gids */ +#endif /* ENABLE_SUBIDS */ uflg = false, /* specify new user ID */ Uflg = false; /* unlock the password */ @@ -141,12 +156,21 @@ static bool is_shadow_pwd; static bool is_shadow_grp; #endif +#ifdef ENABLE_SUBIDS +static bool is_sub_uid = false; +static bool is_sub_gid = false; +#endif /* ENABLE_SUBIDS */ + static bool pw_locked = false; static bool spw_locked = false; static bool gr_locked = false; #ifdef SHADOWGRP static bool sgr_locked = false; #endif +#ifdef ENABLE_SUBIDS +static bool sub_uid_locked = false; +static bool sub_gid_locked = false; +#endif /* ENABLE_SUBIDS */ /* local function prototypes */ @@ -302,6 +326,71 @@ static int get_groups (char *list) return 0; } +#ifdef ENABLE_SUBIDS +struct ulong_range +{ + unsigned long first; + unsigned long last; +}; + +static struct ulong_range getulong_range(const char *str) +{ + struct ulong_range result = { .first = ULONG_MAX, .last = 0 }; + long long first, last; + char *pos; + + errno = 0; + first = strtoll(str, &pos, 10); + if (('\0' == *str) || ('-' != *pos ) || (ERANGE == errno) || + (first != (unsigned long int)first)) + goto out; + + errno = 0; + last = strtoll(pos + 1, &pos, 10); + if (('\0' != *pos ) || (ERANGE == errno) || + (last != (unsigned long int)last)) + goto out; + + if (first > last) + goto out; + + result.first = (unsigned long int)first; + result.last = (unsigned long int)last; +out: + return result; + +} + +struct ulong_range_list_entry { + struct ulong_range_list_entry *next; + struct ulong_range range; +}; + +static struct ulong_range_list_entry *add_sub_uids = NULL, *del_sub_uids = NULL; +static struct ulong_range_list_entry *add_sub_gids = NULL, *del_sub_gids = NULL; + +static int prepend_range(const char *str, struct ulong_range_list_entry **head) +{ + struct ulong_range range; + struct ulong_range_list_entry *entry; + range = getulong_range(str); + if (range.first > range.last) + return 0; + + entry = malloc(sizeof(*entry)); + if (!entry) { + fprintf (stderr, + _("%s: failed to allocate memory: %s\n"), + Prog, strerror (errno)); + return 0; + } + entry->next = *head; + entry->range = range; + *head = entry; + return 1; +} +#endif /* ENABLE_SUBIDS */ + /* * usage - display usage message and exit */ @@ -334,6 +423,12 @@ static /*@noreturn@*/void usage (int status) (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout); +#ifdef ENABLE_SUBIDS + (void) fputs (_(" -v, --add-subuids FIRST-LAST add range of subordinate uids\n"), usageout); + (void) fputs (_(" -V, --del-subuids FIRST-LAST remove range of subordinate uids\n"), usageout); + (void) fputs (_(" -w, --add-subgids FIRST-LAST add range of subordinate gids\n"), usageout); + (void) fputs (_(" -W, --del-subgids FIRST-LAST remove range of subordinate gids\n"), usageout); +#endif /* ENABLE_SUBIDS */ #ifdef WITH_SELINUX (void) fputs (_(" -Z, --selinux-user SEUSER new SELinux user mapping for the user account\n"), usageout); #endif /* WITH_SELINUX */ @@ -590,6 +685,22 @@ static /*@noreturn@*/void fail_exit (int code) /* continue */ } } +#ifdef ENABLE_SUBIDS + if (sub_uid_locked) { + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); + /* continue */ + } + } + if (sub_gid_locked) { + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); + /* continue */ + } + } +#endif /* ENABLE_SUBIDS */ #ifdef WITH_AUDIT audit_logger (AUDIT_USER_CHAUTHTOK, Prog, @@ -889,18 +1000,26 @@ static void process_flags (int argc, char **argv) {"shell", required_argument, NULL, 's'}, {"uid", required_argument, NULL, 'u'}, {"unlock", no_argument, NULL, 'U'}, +#ifdef ENABLE_SUBIDS + {"add-subuids", required_argument, NULL, 'v'}, + {"del-subuids", required_argument, NULL, 'V'}, + {"add-subgids", required_argument, NULL, 'w'}, + {"del-subgids", required_argument, NULL, 'W'}, +#endif /* ENABLE_SUBIDS */ #ifdef WITH_SELINUX {"selinux-user", required_argument, NULL, 'Z'}, #endif /* WITH_SELINUX */ {NULL, 0, NULL, '\0'} }; while ((c = getopt_long (argc, argv, + "ac:d:e:f:g:G:hl:Lmop:R:s:u:U" +#ifdef ENABLE_SUBIDS + "v:w:V:W:" +#endif /* ENABLE_SUBIDS */ #ifdef WITH_SELINUX - "ac:d:e:f:g:G:hl:Lmop:R:s:u:UZ:", -#else /* !WITH_SELINUX */ - "ac:d:e:f:g:G:hl:Lmop:R:s:u:U", -#endif /* !WITH_SELINUX */ - long_options, NULL)) != -1) { + "Z:" +#endif /* WITH_SELINUX */ + , long_options, NULL)) != -1) { switch (c) { case 'a': aflg = true; @@ -1018,6 +1137,44 @@ static void process_flags (int argc, char **argv) case 'U': Uflg = true; break; +#ifdef ENABLE_SUBIDS + case 'v': + if (prepend_range (optarg, &add_sub_uids) == 0) { + fprintf (stderr, + _("%s: invalid subordinate uid range '%s'\n"), + Prog, optarg); + exit(E_BAD_ARG); + } + vflg = true; + break; + case 'V': + if (prepend_range (optarg, &del_sub_uids) == 0) { + fprintf (stderr, + _("%s: invalid subordinate uid range '%s'\n"), + Prog, optarg); + exit(E_BAD_ARG); + } + Vflg = true; + break; + case 'w': + if (prepend_range (optarg, &add_sub_gids) == 0) { + fprintf (stderr, + _("%s: invalid subordinate gid range '%s'\n"), + Prog, optarg); + exit(E_BAD_ARG); + } + wflg = true; + break; + case 'W': + if (prepend_range (optarg, &del_sub_gids) == 0) { + fprintf (stderr, + _("%s: invalid subordinate gid range '%s'\n"), + Prog, optarg); + exit(E_BAD_ARG); + } + Wflg = true; + break; +#endif /* ENABLE_SUBIDS */ #ifdef WITH_SELINUX case 'Z': if (is_selinux_enabled () > 0) { @@ -1170,6 +1327,9 @@ static void process_flags (int argc, char **argv) if (!(Uflg || uflg || sflg || pflg || mflg || Lflg || lflg || Gflg || gflg || fflg || eflg || dflg || cflg +#ifdef ENABLE_SUBIDS + || vflg || Vflg || wflg || Wflg +#endif /* ENABLE_SUBIDS */ #ifdef WITH_SELINUX || Zflg #endif /* WITH_SELINUX */ @@ -1200,6 +1360,22 @@ static void process_flags (int argc, char **argv) Prog, (unsigned long) user_newid); exit (E_UID_IN_USE); } + + if ( (vflg || Vflg) + && !is_sub_uid) { + fprintf (stderr, + _("%s: %s does not exist, you cannot use the flags %s or %s\n"), + Prog, sub_uid_dbname (), "-v", "-V"); + exit (E_USAGE); + } + + if ( (wflg || Wflg) + && !is_sub_gid) { + fprintf (stderr, + _("%s: %s does not exist, you cannot use the flags %s or %s\n"), + Prog, sub_gid_dbname (), "-w", "-W"); + exit (E_USAGE); + } } /* @@ -1248,6 +1424,10 @@ static void close_files (void) sgr_dbname ())); fail_exit (E_GRP_UPDATE); } + } +#endif +#ifdef SHADOWGRP + if (is_shadow_grp) { if (sgr_unlock () == 0) { fprintf (stderr, _("%s: failed to unlock %s\n"), @@ -1296,6 +1476,35 @@ static void close_files (void) sgr_locked = false; #endif +#ifdef ENABLE_SUBIDS + if (vflg || Vflg) { + if (sub_uid_close () == 0) { + fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_uid_dbname ())); + fail_exit (E_SUB_UID_UPDATE); + } + if (sub_uid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_uid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_uid_dbname ())); + /* continue */ + } + sub_uid_locked = false; + } + if (wflg || Wflg) { + if (sub_gid_close () == 0) { + fprintf (stderr, _("%s: failure while writing changes to %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failure while writing changes to %s", sub_gid_dbname ())); + fail_exit (E_SUB_GID_UPDATE); + } + if (sub_gid_unlock () == 0) { + fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sub_gid_dbname ()); + SYSLOG ((LOG_ERR, "failed to unlock %s", sub_gid_dbname ())); + /* continue */ + } + sub_gid_locked = false; + } +#endif /* ENABLE_SUBIDS */ + /* * Close the DBM and/or flat files */ @@ -1375,6 +1584,38 @@ static void open_files (void) } #endif } +#ifdef ENABLE_SUBIDS + if (vflg || Vflg) { + if (sub_uid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + sub_uid_locked = true; + if (sub_uid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + } + if (wflg || Wflg) { + if (sub_gid_lock () == 0) { + fprintf (stderr, + _("%s: cannot lock %s; try again later.\n"), + Prog, sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + sub_gid_locked = true; + if (sub_gid_open (O_RDWR) == 0) { + fprintf (stderr, + _("%s: cannot open %s\n"), + Prog, sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + } +#endif /* ENABLE_SUBIDS */ } /* @@ -1476,6 +1717,60 @@ static void usr_update (void) fail_exit (E_PW_UPDATE); } } +#ifdef ENABLE_SUBIDS + if (Vflg) { + struct ulong_range_list_entry *ptr; + for (ptr = del_sub_uids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_uid_remove(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to remove uid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + } + } + if (vflg) { + struct ulong_range_list_entry *ptr; + for (ptr = add_sub_uids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_uid_add(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to add uid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_uid_dbname ()); + fail_exit (E_SUB_UID_UPDATE); + } + } + } + if (Wflg) { + struct ulong_range_list_entry *ptr; + for (ptr = del_sub_gids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_gid_remove(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to remove gid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + } + } + if (wflg) { + struct ulong_range_list_entry *ptr; + for (ptr = add_sub_gids; ptr != NULL; ptr = ptr->next) { + unsigned long count = ptr->range.last - ptr->range.first + 1; + if (sub_gid_add(user_name, ptr->range.first, count) == 0) { + fprintf (stderr, + _("%s: failed to add gid range %lu-%lu from '%s'\n"), + Prog, ptr->range.first, ptr->range.last, + sub_gid_dbname ()); + fail_exit (E_SUB_GID_UPDATE); + } + } + } +#endif /* ENABLE_SUBIDS */ } /* @@ -1811,6 +2106,10 @@ int main (int argc, char **argv) #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif +#ifdef ENABLE_SUBIDS + is_sub_uid = sub_uid_file_present (); + is_sub_gid = sub_gid_file_present (); +#endif /* ENABLE_SUBIDS */ process_flags (argc, argv); @@ -1818,7 +2117,11 @@ int main (int argc, char **argv) * The home directory, the username and the user's UID should not * be changed while the user is logged in. */ - if ( (uflg || lflg || dflg) + if ( (uflg || lflg || dflg +#ifdef ENABLE_SUBIDS + || Vflg || Wflg +#endif /* ENABLE_SUBIDS */ + ) && (user_busy (user_name, user_id) != 0)) { exit (E_USER_BUSY); } @@ -1871,7 +2174,11 @@ int main (int argc, char **argv) */ open_files (); if ( cflg || dflg || eflg || fflg || gflg || Lflg || lflg || pflg - || sflg || uflg || Uflg) { + || sflg || uflg || Uflg +#ifdef ENABLE_SUBIDS + || vflg || Vflg || wflg || Wflg +#endif /* ENABLE_SUBIDS */ + ) { usr_update (); } if (Gflg || lflg) { @@ -5,7 +5,7 @@ Copyright (c) 1997 , Guy Maor <maor@ece.utexas.edu> Copyright (c) 1999 - 2000, Marek Michałkiewicz Copyright (c) 2002 - 2006, Tomasz Kłoczko - Copyright (c) 2007 - 2011, Nicolas François + Copyright (c) 2007 - 2013, Nicolas François All rights reserved. This program is free software; you can redistribute it and/or modify @@ -25,7 +25,7 @@ #include <config.h> -#ident "$Id: vipw.c 3654 2011-12-09 21:35:57Z nekral-guest $" +#ident "$Id$" #include <errno.h> #include <getopt.h> @@ -180,7 +180,10 @@ static void vipwexit (const char *msg, int syserr, int ret) if (0 != syserr) { fprintf (stderr, ": %s", strerror (err)); } - (void) fputs ("\n", stderr); + if ( (NULL != msg) + || (0 != syserr)) { + (void) fputs ("\n", stderr); + } if (!quiet) { fprintf (stdout, _("%s: %s is unchanged\n"), Prog, filename); @@ -297,14 +300,25 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) /* use the system() call to invoke the editor so that it accepts command line args in the EDITOR and VISUAL environment vars */ char *buf; + int status; buf = (char *) malloc (strlen (editor) + strlen (fileedit) + 2); snprintf (buf, strlen (editor) + strlen (fileedit) + 2, - "%s %s", editor, fileedit); - if (system (buf) != 0) { - fprintf (stderr, "%s: %s: %s\n", Prog, editor, + "%s %s", editor, fileedit); + status = system (buf); + if (-1 == status) { + fprintf (stderr, _("%s: %s: %s\n"), Prog, editor, strerror (errno)); exit (1); + } else if ( WIFEXITED (status) + && (WEXITSTATUS (status) != 0)) { + fprintf (stderr, _("%s: %s returned with status %d\n"), + Prog, editor, WEXITSTATUS (status)); + exit (WEXITSTATUS (status)); + } else if (WIFSIGNALED (status)) { + fprintf (stderr, _("%s: %s killed by signal %d\n"), + Prog, editor, WTERMSIG (status)); + exit (1); } else { exit (0); } @@ -323,10 +337,15 @@ vipwedit (const char *file, int (*file_lock) (void), int (*file_unlock) (void)) } } - if ( (-1 == pid) - || (WIFEXITED (status) == 0) - || (WEXITSTATUS (status) != 0)) { + if (-1 == pid) { vipwexit (editor, 1, 1); + } else if ( WIFEXITED (status) + && (WEXITSTATUS (status) != 0)) { + vipwexit (NULL, 0, WEXITSTATUS (status)); + } else if (WIFSIGNALED (status)) { + fprintf (stderr, _("%s: %s killed by signal %d\n"), + Prog, editor, WTERMSIG(status)); + vipwexit (NULL, 0, 1); } if (stat (fileedit, &st2) != 0) { @@ -480,6 +499,10 @@ int main (int argc, char **argv) usage (E_USAGE); } } + + if (optind != argc) { + usage (E_USAGE); + } } if (do_vipw) { |