2014-05-09 Christian Perrier * Include patches only included in Debian for 4.2 * man/su.1.xml: Fix typo * etc/login.defs src/newusers.c src/useradd.c libmisc/find_new_sub_uids.c libmisc/find_new_sub_gids.c: configure userns * po/vi.po: Vietnamese translation update * po/fr.po, man/po/fr.po: French translation update * po/de.po: German translation update 2014-04-30 Christian Perrier * Release 4.2 "as is" 2013-08-25 Nicolas François * src/vipw.c: After waitpid(), use errno only if waitpid returned -1. Debian#688260 * src/vipw.c: Likewise for system(). 2013-08-23 victory * po/ja.po: Updated to 558t 2013-08-22 Nicolas François * man/po/shadow-man-pages.pot: Regenerated. * man/po/*.po: Updated PO files. 2013-08-22 Nicolas François * man/newgrp.1.xml: Fix encoding. * man/sg.1.xml: Likewise. 2013-08-22 Nicolas François * man/po/da.po: Unfuzzy according to previous change. * man/po/de.po: Likewise. * man/po/fr.po: Likewise. * man/po/it.po: Likewise. * man/po/pl.po: Likewise. * man/po/ru.po: Likewise. * man/po/sv.po: Likewise. * man/po/zh_CN.po: Likewise. 2013-08-22 Nicolas François * man/chage.1.xml: Add a non breaking space between options and their parameter because xml2po removes those spaces. Alioth#314401 * man/chfn.1.xml: Likewise. * man/chgpasswd.8.xml: Likewise. * man/chpasswd.8.xml: Likewise. * man/chsh.1.xml: Likewise. * man/faillog.8.xml: Likewise. * man/gpasswd.1.xml: Likewise. * man/groupadd.8.xml: Likewise. * man/groupdel.8.xml: Likewise. * man/groupmems.8.xml: Likewise. * man/groupmod.8.xml: Likewise. * man/grpck.8.xml: Likewise. * man/lastlog.8.xml: Likewise. * man/newusers.8.xml: Likewise. * man/passwd.1.xml: Likewise. * man/pwck.8.xml: Likewise. * man/pwconv.8.xml: Likewise. * man/su.1.xml: Likewise. * man/useradd.8.xml: Likewise. * man/userdel.8.xml: Likewise. * man/usermod.8.xml: Likewise. * man/vipw.8.xml: Likewise. 2013-08-22 Nicolas François * man/po/shadow-man-pages.pot: Regenerated. * man/po/*.po: Updated PO files. 2013-08-22 Nicolas François * man/po/de.po: Fix encoding. 2013-08-19 Nicolas François * lib/subordinateio.c (subordinate_next): Fix return value. 2013-08-16 Nicolas François * libmisc/idmapping.c: Include needed for fprintf() and stderr. 2013-08-15 Nicolas François * man/login.defs.d/SUB_GID_COUNT.xml: Document newusers behavior when the user already have subordinate group IDs. * man/login.defs.d/SUB_UID_COUNT.xml: Likewise. * man/login.defs.d/SUB_GID_COUNT.xml: Fix typo (MAX<->MIN). * man/login.defs.d/SUB_UID_COUNT.xml: Likewise. 2013-08-15 Nicolas François * src/usermod.c: Check early if /etc/subuid (/etc/subgid) exists when option -v/-V (-w/-W) are provided. 2013-08-15 Nicolas François * src/usermod.c: Fix parse of ranges. The hyphen might be followed by a negative integer. 2013-08-15 Nicolas François * lib/subordinateio.c (find_free_range): max is allowed for new ranges. 2013-08-15 Nicolas François * libmisc/find_new_sub_gids.c: Remove dead code. find_new_sub_gids() is always called with *range_count set to 0. It's more difficult to keep the subordinate GIDs and UIDs synchronized, than for the user's UID/GId because the count of subordinate IDs may differ. * libmisc/find_new_sub_uids.c: Likewise. * lib/subordinateio.h, lib/subordinateio.c: Remove APIs that are no more needed: is_sub_uid_range_free(), is_sub_gid_range_free(), is_range_free(). 2013-08-13 Nicolas François * configure.in: Check if sizeof uid_t and gid_t is larger than 32 bit to support subordinate IDs. 2013-08-13 Nicolas François * lib/subordinateio.c: Avoid dead branches. * lib/subordinateio.c: Add schematics with ranges to help reviews. * lib/subordinateio.c: Avoid implicit conversion of pointers and integers to booleans. * lib/subordinateio.c: Added brackets. 2013-08-13 Nicolas François * src/vipw.c: Fail in case arguments are provided after options. Debian#677812 2013-08-13 Nicolas François * lib/subordinateio.c: Fix count for ranges truncated in remove_range(). 2013-08-13 Nicolas François * src/su.c: Terminate the child (if needed) before closing the PAM session. This is probably more correct, and avoid reporting termination from signals possibly sent by PAM modules (e.g. former versions of pam_systemd). Debian#670132 2013-08-13 Nicolas François * src/su.c: When a SIGTSTP is caught, reset caught to 0. There is no need to kill the child in such case after su is resumed. This remove the "Session terminated, terminating shell... ...terminated." messages in such case. 2013-08-13 Nicolas François * man/newgidmap.1.xml: Document the checks performed before setting the mapping in /proc. * man/newuidmap.1.xml: Likewise. 2013-08-13 Nicolas François * libmisc/idmapping.h: Document what the upper and lower fields are in struct map_range. * man/newgidmap.1.xml: Document when the gid, gidlower and count argument are. * man/newuidmap.1.xml: Likewise for uid, uidlower and count. 2013-08-13 Nicolas François * libmisc/salt.c (shadow_random): Use long instead of size_t. Compatibility with size_t is easier to check since it's used for smaller numbers (salt size). 2013-08-13 Nicolas François * lib/groupmem.c: Add splint annotations. The added memset makes splint think data was allocated. * lib/pwmem.c: Likewise. * lib/sgroupio.c: Likewise. * lib/shadowmem.c: Likewise. 2013-08-13 Nicolas François * man/login.defs.d/SUB_GID_COUNT.xml: Document that the behavior of useradd and newusers depends on the existence of /etc/subgid. * man/login.defs.d/SUB_UID_COUNT.xml: Likewise for /etc/subuid. 2013-08-13 Nicolas François * src/useradd.c: Change message in case of find_new_sub_uids / find_new_sub_gids failure. This complements the messages already provided by these APIs. 2013-08-13 Nicolas François * lib/subordinateio.c: Fix handling of boundaries. * libmisc/find_new_sub_uids.c: Likewise. * libmisc/find_new_sub_gids.c: Likewise. 2013-08-12 Nicolas François * lib/subordinateio.c: Fix removal of ranges. The database needs to be marked as changed or commonio_close will discard any change. 2013-08-11 Nicolas François * man/newusers.8.xml: Include documentation of SUB_GID_MIN, SUB_GID_MAX, SUB_GID_COUNT, SUB_UID_MIN, SUB_UID_MAX, SUB_UID_COUNT. * man/useradd.8.xml: Likewise. * man/usermod.8.xml: Likewise. * man/newusers.8.xml: Document usage of /etc/subgid /etc/subuid. * man/useradd.8.xml: Likewise. * man/userdel.8.xml: Likewise. * man/usermod.8.xml: Likewise. * man/newusers.8.xml: Add references to subgid(5) and subuid(5). * man/useradd.8.xml: Likewise. * man/userdel.8.xml: Likewise. * man/subgid.5.xml: Sort references alphabetically. * man/subuid.5.xml: Likewise. * man/subgid.5.xml: Add references to newusers(8), useradd(8), userdel(8), usermod(8), user_namespaces(7). * man/subuid.5.xml: Likewise. 2013-08-11 Nicolas François * man/newgidmap.1.xml: Sort references alphabetically. * man/newuidmap.1.xml: Likewise. 2013-08-11 Nicolas François * configure.in: Add configure options --enable-subordinate-ids / --disable-subordinate-ids. Enabled by default. * lib/prototypes.h: Include before using its macros. * lib/commonio.h, lib/commonio.c: Define commonio_append only when ENABLE_SUBIDS is defined. * lib/prototypes.h, libmisc/find_new_sub_gids.c, libmisc/find_new_sub_uids.c: Likewise. * lib/subordinateio.h, lib/subordinateio.c: Likewise. * libmisc/user_busy.c: Only check if subordinate IDs are in use if ENABLE_SUBIDS is defined. * src/Makefile.am: Create newgidmap and newuidmap only if ENABLE_SUBIDS is defined. * src/newusers.c: Check for ENABLE_SUBIDS to enable support for subordinate IDs. * src/useradd.c: Likewise. * src/userdel.c: Likewise. * src/usermod.c: Likewise. * man/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1, man5/subgid.5, and man5/subuid.5 only if ENABLE_SUBIDS is defined. * man/fr/Makefile.am: Install man1/newgidmap.1, man1/newuidmap.1, man5/subgid.5, and man5/subuid.5 (not translated yet). * man/generate_mans.mak: Add xsltproc conditionals subids/no_subids. * man/login.defs.d/SUB_GID_COUNT.xml: Add dependency on subids condition. * man/login.defs.d/SUB_UID_COUNT.xml: Likewise. * man/usermod.8.xml: Document options for subordinate IDs and reference subgid(5) / subuid(5) depending on the subids condition. 2013-08-09 Nicolas François * libmisc/salt.c: Remove unused variable. 2013-08-07 Nicolas François * libmisc/utmp.c: Add include files needed for getaddrinfo(). See Alioth#314271 2013-08-07 Mike Frysinger * configure.in: Check at configure time whether libc supports ruserok (support dropped by newer C libraries). 2013-08-07 Nicolas François * man/usermod.8.xml: Fix typos and wording. * man/usermod.8.xml: Add references to subgid(5) and subuid(5). 2013-08-07 Nicolas François * libmisc/find_new_sub_gids.c: Fix wording: secondary -> subordinate. * libmisc/find_new_sub_uids.c: Likewise. 2013-08-06 Nicolas François * libmisc/find_new_sub_gids.c: Remove duplicate check (duplicate at least in its intent). * libmisc/find_new_sub_uids.c: Likewise. 2013-08-06 Nicolas François * src/usermod.c: Fix typos. 2013-08-06 Nicolas François * man/subgid.5.xml: Reorder words. * man/subuid.5.xml: Likewise. 2013-08-06 Nicolas François * man/subgid.5.xml: Fix typos. * man/subuid.5.xml: Likewise. * man/subgid.5.xml: Fix copy-paste errors from subuid.5.xml. 2013-08-06 Nicolas François * man/newgidmap.1.xml: Remove copy-pasted NOTE. * man/newuidmap.1.xml: Likewise. 2013-08-06 Nicolas François * lib/subordinateio.c: Remove unused variables. 2013-08-06 Nicolas François * man/login.defs.d/SUB_GID_COUNT.xml: Fix typo. * man/login.defs.d/SUB_UID_COUNT.xml: Likewise. * man/login.defs.d/SUB_UID_COUNT.xml: Fix copy-paste issue from SUB_GID_COUNT. * man/newgidmap.1.xml: Fix Typo. * src/useradd.c: Fix typos. * lib/subordinateio.c: Fix typos. 2013-08-06 Nicolas François Fix Debian bug #675824 * lib/groupmem.c (__gr_dup): Support libc which define other fields in struct group. * lib/pwmem.c: Likewise for struct passwd. * lib/shadowmem.c: Likewise for struct spwd. * lib/sgroupio.c: Apply same logic, even if this structure is defined internally. 2013-08-05 Nicolas François * lib/groupio.c: Revert change from 2013-07-29. The length of the concatenated 2 lines was correct. 2013-08-05 Nicolas François * libmisc/salt.c: random() max value is 2^31-1 (same as RAND_MAX on GNU). As it is not clear whether on some systems the max value can exceed this number and whether some systems have max values which would be lower, we take this into account when defining the salt size and number of rounds for SHA encrypted passwords. Higher values are favored. 2013-08-04 Nicolas François * man/su.1.xml: With getopt, '-' does not need to be the last option, but it is recommended for portability. Closes https://bugs.launchpad.net/bugs/1100775 2013-08-04 Nicolas François * NEWS: Add NEWS entries. 2013-08-04 Nicolas François * man/po/da.po: Fix translation (--home became --home-dir). * man/po/de.po: Likewise. * man/po/fr.po: Likewise. * man/po/pl.po: Likewise. * man/po/ru.po: Likewise. * man/po/sv.po: Likewise. 2013-08-04 Nicolas François * lib/groupio.c (merge_group_entries): Do not allocate more than necessary (sizeof char* instead of char). Thanks for Tomáš Mráz (alioth#313962) * lib/groupio.c (merge_group_entries): Document that new_members is correctly NULL terminated. (alioth:#313940) 2013-08-03 Nicolas François * Changelog: Update documentation of 2013-07-28 mancha entry. * lib/prototypes.h, lib/encrypt.c: Update splint marker, pw_encrypt can return NULL. * lib/encrypt.c: Fix outdated statement on GNU crypt. * src/chgpasswd.c: Improve diagnostic to user when pw_encrypt fails and use fail_exit() instead of exit(). * src/chpasswd.c: Likewise. * src/newusers.c: Likewise. * src/passwd.c: Likewise when new password is encrypted. * src/newgrp.c: Improve diagnostic to user and syslog when pw_encrypt fails. Do not apply 1s penalty as this is not an invalid password issue. * src/passwd.c: Likewise when password is checked. 2013-08-02 Nicolas François * libmisc/setupenv.c: xstrdup the static char* temp_pw_dir / temp_pw_shell. That way we can continue to use pw_free() without segving. Thanks to Serge Hallyn for the patch. * libmisc/setupenv.c: Free pw_dir and pw_shell before reallocating them. 2013-08-01 Yuri Kozlov * po/ru.po: completed translation Closes: Debian#718356 2013-07-29 Michael Scherer * libmisc/root_flag.c: use chdir() before calling chroot() to avoid potential security issue (see http://www.bpfh.net/simes/computing/chroot-break.html) Closes: alioth#313962 2013-07-29 Christian Perrier * man/useradd.xml: use "--home-dir" instead of "--home" Fix translations too. Thanks to Ville Skyttä Closes: alioth#313880 2013-07-29 Ville Skyttä * man/ja/man8/groupmod.8: Syntax fix Closes: alioth#313785 2013-07-29 Brad Hubbard * lib/groupio.c: add newline char when two lines are concatenated Closes: alioth#313942 * lib/groupio.c: fix uninitialised memory in merge_group_entries causes segfault in useradd by changing a call to malloc to a call to calloc Closes: alioth:#313940 2013-07-28 Guido Trentalancia * etc/login.defs: fix typographic errors and use a better format Closes: Debian#685415 2013-07-28 Simon Brandmair * man/po/de.po: translation completed : 1203 translated messages Closes: Debian#679152 2013-07-28 mancha * lib/encrypt.c (pw_encrypt): crypt() in glibc/eglibc 2.17 now fails if passed a salt that violates specs. On Linux, crypt() also fails with DES/MD5 salts in FIPS140 mode. Rather than exit() on NULL returns we send them back to the caller for appropriate handling (instead of exiting). Closes: alioth#314234 * lib/pwauth.c: Handle NULL return from pw_crypt(), return non zero (as in case of failure). * libmisc/valid.c: Likewise. * src/chgpasswd.c: Handle NULL return from pw_crypt(), report crypt error to stderr and exit. * src/chpasswd.c: Likewise. * src/gpasswd.c: Likewise. * src/newusers.c: Likewise. * src/passwd.c: Likewise when new password is encrypted. * src/newgrp.c: Handle NULL return from pw_crypt(), report crypt error to stderr and syslog and return to report unchanged password. * src/passwd.c: Likewise when password is checked. 2013-07-28 Christian Perrier * configure.in: Prepare for next point release 4.2. * if using the static char* for pw_dir, strdup it so pw_free() can be used. (Closes: Debian#691459, alioth#313957) * Kill the child process group, rather than just the immediate child; this is needed now that su no longer starts a controlling terminal when not running an interactive shell (closes: Debian#713979) Thansk to Colin Watson for the patch. 2012-05-25 Nicolas François * NEWS: Set release date. * man/po/shadow-man-pages.pot: Regenerated. * man/po/*.po: Updated PO files. 2012-05-25 Nicolas François * man/*.xml: Add author based on copyright statement. * man//*.[1358], man//man[1358]/*.[1358], man//Makefile.am: Sort manpages per section as the generated manpages. 2012-05-20 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2012-05-20 Nicolas François * man/Makefile.am, man/generate_mans.mak: Update clean targets, due to the generation in separate sub folders. 2012-05-20 Nicolas François * man/su.1.xml: Document author to avoid warnings during generation. This needs to be rolled out to other manpages. * man/generate_mans.mak: Do not add a AUTHOR section in the man pages. 2012-05-20 Nicolas François * src/su.c: non PAM enabled versions: do not fail if su is called without a controlling terminal. Ignore ENXIO errors when opening /dev/tty. 2012-05-20 Nicolas François * src/useradd.c: Cleanup, return code 13 no more used. * man/useradd.8.xml: Document return code 14, and remove return code 13. 2012-05-20 Nicolas François * NEWS, man/generate_mans.mak: Generate manpages in man1, man3, man5, man8 subdirectories. This fix the generation of .so links which did not point to a path relative to the top-level manual hierarchy. * man/generate_mans.mak: Update man paths accordingly. * man/Makefile.am: Likewise. * man/da/Makefile.am: Likewise. * man/de/Makefile.am: Likewise. * man/fr/Makefile.am: Likewise. * man/it/Makefile.am: Likewise. * man/pl/Makefile.am: Likewise. * man/ru/Makefile.am: Likewise. * man/sv/Makefile.am: Likewise. * man/zh_CN/Makefile.am: Likewise. 2012-05-20 Nicolas François * configure.in: Prepare for next point release 4.1.5.1. 2012-05-19 Nitin A Kamble * configure.in: Remove deprecated AM_C_PROTOTYPES (no more supported in automake 1.12). 2012-05-18 Nicolas François * src/useradd.c: Keep the default file as much as possible to avoid issue in case of crash. Use link instead of rename. 2012-05-18 Peter Vrabec * lib/commonio.c: Fix labeling of /etc/{passwd,shadow,group,gshadow}. It will basically label them with same context as /etc/{passwd+,shadow+,group+,gshadow+} 2012-05-18 Nicolas François * src/pwunconv.c: Do not check spw_close() return value (file is opened readonly). * src/grpunconv.c: Do not check sgr_close() return value (file is opened readonly). 2012-05-18 Nicolas François * NEWS, src/userdel.c: Fix segfault when userdel removes the user's group. 2012-05-17 Nicolas François * NEWS, src/login.c: Log in utmp / utmpx / wtmp also when PAM is enabled. This is not done by pam_lastlog. This was broken on 2011-07-23. * NEWS, libmisc/utmp.c: Do not log in wtmp when PAM is enabled. This is done by pam_lastlog. 2012-05-17 Christian Perrier * man/po/fr.po: French translation of manpages completed 2012-05-17 Simon Brandmair * man/po/de.po: German translation of manpages completed 2012-02-12 Nicolas François * NEWS: New placeholder for the next release (4.1.5.1 expected) 2012-04-15 Robert Luberda * man/po/pl.po: Complete translation of logoutd(8) in Polish. 2012-02-13 Mike Frysinger * src/passwd.c: (non PAM flavour) Report permission denied when access to /etc/shadow fails with EACCES. 2012-02-13 Mike Frysinger * lib/nscd.c: Add missing newline to error message. * lib/nscd.c: If nscd is installed but not in use, then running `nscd -i` will exit(1). We shouldn't warn in this case since this is not abnormal behavior. 2012-02-13 Mike Frysinger * man/.gitignore: Add generate_mans.deps 2012-02-13 Mike Frysinger * man/grpck.8.xml: Relocate space. 2012-02-13 Mike Frysinger * libmisc/copydir.c: Add missing #include 2012-02-12 Nicolas François * NEWS: Set release date. 2012-02-12 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2012-02-11 Giuseppe Sacco * man/po/it.po: Updated after review. 2012-02-11 Nicolas François * man/it/Makefile.am: Activate all manpages. * man/po/it.po: Fix formal issues (end of lines). 2012-02-11 Giuseppe Sacco * man/po/it.po: Updated to 1173t. 2012-01-30 Nicolas François * man/useradd.8.xml, man/su.1.xml, man/po/da.po, man/po/ru.po, man/po/fr.po, man/po/de.po, man/po/sv.po, man/po/pl.po, man/po/it.po, man/po/shadow-man-pages.pot, man/po/zh_CN.po: Fix two typos. Thanks to Giuseppe Sacco. Unfuzzy translations * po/kk.po, po/nb.po, po/el.po, po/ca.po, po/ja.po: Re-generate. * man/login.defs.d/ENV_PATH.xml, man/login.defs.d/ENV_SUPATH.xml: Fix typo. 2012-01-28 Innocent De Marchi * po/ca.po: Updated to 557t. 2012-01-28 Nicolas François * NEWS, configure.in, man/da/Makefile.am, man/Makefile.am: Build manpages with more than 50% translated messages. * man/fr/Makefile.am: Add missing manpages: chgpasswd.8, groupmems.8, nologin.8, sulogin.8. * man/de/Makefile.am: Add missing manpages: chage.1, chgpasswd.8, chpasswd.8, expiry.1, faillog.5, faillog.8, getspnam.3, gpasswd.1, groupadd.8, groupdel.8, groupmems.8, groupmod.8, grpck.8, grpconv.8, grpunconv.8, gshadow.5, lastlog.8, login.defs.5, logoutd.8, newusers.8, nologin.8, pwck.8, pwconv.8, pwunconv.8, sg.1, shadow.3, shadow.5, suauth.5, useradd.8, userdel.8, usermod.8, limits.5, login.access.5, porttime.5, id.1, sulogin.8 * man/zh_CN/Makefile.am: Add missing manpages: chgpasswd.8, groupmems.8, nologin.8, sulogin.8 * man/pl/Makefile.am, man/sv/Makefile.am, man/it/Makefile.am: Translate only manpages with more than 50% translated messages. * man/po/da.po: Do not translate names of manpages (newusers, limits, groups) 2012-01-28 Yuri Kozlov * man/po/ru.po: Updated to 1173t. 2012-01-27 Thomas Blein * po/fr.po: Updated to 557t. * man/po/fr.po: Updated to 1173t. 2012-01-26 Joe Hansen * po/da.po: Updated to 557t. * man/po/da.po: Updated to 294t879u. 2012-01-23 Thomas Vasileiou * po/el.po: Updated to 553t. 2012-01-22 Baurzhan Muftakhidinov * po/kk.po: Updated to 557t. 2012-01-21 Miguel Figueiredo * po/pt.po: Updated to 557t. 2012-01-19 Holger Wansing * po/de.po: Updated to 557t. 2012-01-18 Bjørn Steensrud * po/nb.po: Updated to 557t. Thanks also to Hans Fredrik Nordhaug. 2012-01-16 NAKANO Takeo * po/ja.po: Updated to 557t 2012-01-16 Simon Brandmair * man/po/de.po: Updated to 1173t. 2012-01-14 YunQiang Su * po/zh_CN.po: Updated to 551t2f4u * man/po/zh_CN.po: Updated to 1026t15f132u 2012-01-09 Yuri Kozlov * po/ru.po: Updated to 557t. 2012-01-09 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2012-01-08 Nicolas François * lib/prototypes.h: Cleanup. * lib/selinux.c, lib/semanage.c: prototypes.h was not included. 2011-12-09 Peter Vrabec * lib/prototypes.h, lib/Makefile.am, po/POTFILES.in, libmisc/copydir.c, lib/selinux.c: Move set_selinux_file_context() and reset_selinux_file_context() from libmisc/copydir.c to lib/selinux.c. * lib/commonio.c: Use set_selinux_file_context() and reset_selinux_file_context() instead of using the existing database SELinux context to set the context for the newly created files. 2011-12-09 Nicolas François * src/vipw.c: Do not use a hardcoded program name in the usage message. 2011-12-04 Nicolas François * po/ca.po, po/cs.po, po/da.po, po/de.po, po/es.po, po/eu.po, po/fr.po, po/ja.po, po/kk.po, po/pt.po, po/pt_BR.po, po/ru.po, po/sk.po, po/sv.po, po/vi.po, po/zh_CN.po: Quick unfuzzy. 2011-12-09 Nicolas François * src/newusers.c, src/chpasswd.c, src/chgpasswd.c: Harmonize usage messages. 2011-12-09 Nicolas François * lib/Makefile.am, lib/prototypes.h, lib/selinux.c, lib/semanage.c, po/POTFILES.in: Move lib/selinux.c to lib/semanage.c. 2011-11-21 Nicolas François * src/usermod.c, man/usermod.8.xml: usermod -Z "" removes the SELinux user mapping for the modified user. * src/useradd.c: Zflg is #defined as user_selinux non empty. 2011-11-21 Peter Vrabec * libmisc/copydir.c: Ignore errors to copy ACLs if the operation is not supported. 2011-11-19 Nicolas François * libmisc/root_flag.c, src/gpasswd.c, src/chsh.c: Add splint annotations. * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c: Ignore return value of spw_rewind, pw_rewind, sgr_rewind, and gr_rewind. * lib/commonio.h: Both head and tail cannot be owned. Set tail as dependent. * src/expiry.c: Ignore return value of expire (). * src/expiry.c: The catch_signals function does not use its sig parameter. * src/userdel.c: Last audit_logger parameter is a shadow_audit_result, use SHADOW_AUDIT_FAILURE instead of 0. * lib/selinux.c: vasprintf requires _GNU_SOURCE to be defined before including stdio.h. * src/chage.c: Cast 3rd date_to_str parameter to a time_t * src/passwd.c: Add missing cast. * lib/commonio.c: Avoid multiple statements per line. * lib/commonio.c: Ignore fclose return value when the file was open read only or was not changed, or if an error is already reported. 2011-11-19 Nicolas François * src/faillog.c: The fail_max field is a short, use a short also for the max argument of setmax / setmax_one. * src/faillog.c: Fail with an error message when faillog fails to write to the faillog database. 2011-11-19 Nicolas François * man/gpasswd.1.xml: Document the difference between the -r and -R options. 2011-11-19 Nicolas François * man/useradd.8.xml, man/groupadd.8.xml, man/usermod.8.xml, man/groupmod.8.xml: Avoid hardcoded values, and reference instead the configuration options (e.g. UID_MIN) * man/groupmod.8.xml, man/usermod.8.xml: Add missing reference to login.defs * man/login.defs.d/UID_MAX.xml, man/login.defs.d/SYS_UID_MAX.xml, man/login.defs.d/GID_MAX.xml, man/login.defs.d/SYS_GID_MAX.xml: Document the default values. 2011-11-19 Nicolas François * src/gpasswd.c: Change of group password enforces gshadow password. Set /etc/group password to "x". 2011-11-16 Peter Vrabec * NEWS, src/userdel.c, man/userdel.8.xml: Add option -Z/--selinux-user. * libmisc/system.c, lib/prototypes.h, libmisc/Makefile.am: Removed safe_system(). * lib/selinux.c, po/POTFILES.in, lib/prototypes.h, lib/Makefile.am: Added helper functions for semanage. * NEWS, README, src/useradd.c, src/usermod.c, src/userdel.c, configure.in: Use libsemanage instead of semanage. 2011-11-16 Peter Vrabec * src/Makefile.am: useradd may need the LIBATTR library. 2011-11-16 Peter Vrabec * libmisc/copydir.c: Ignore perm_copy_file() errors with errno set to ENOTSUP. 2011-11-16 Nicolas François * src/useradd.c: Compilation fix when SHADOWGRP is not enabled. * libmisc/root_flag.c: Add missing #include 2011-11-13 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2011-11-12 Nicolas François * src/chage.c, src/chfn.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/newusers.c, src/useradd.c, src/userdel.c, src/usermod.c: Provide the PAM error message instead of our own, and log error to syslog. * src/groupmems.c: Exit with exit rather than fail_exit in usage(). * src/newusers.c: Check the number of arguments. * src/newusers.c: Do not create the home directory when it is not changed. * src/useradd.c: Set the group password to "!" rather "x" if there are no gshadow file. 2011-11-11 Nicolas François * src/pwck.c: Removed pw_opened. * src/pwck.c: optind cannot be greater than argc. * src/pwck.c: If spw_opened, then is_shadow is implicitly set. * src/pwck.c: Do not report passwd entry without x password and a shadow entry in --quiet mode (no interaction with the caller) * src/pwck.c: Do not check if the last password change is in the future if the time is set to 0. 2011-11-11 Nicolas François * libmisc/root_flag.c: Drop privileges before changing root. The --root option should not be used by regular users for suid utils. * libmisc/root_flag.c: Improve error messages. 2011-11-11 Nicolas François * src/pwck.c: Compile fix for TCB. 2011-11-11 Nicolas François * libmisc/copydir.c: Avoid conflict with glibc. Rename error to error_acl. 2011-11-11 Nicolas François * man/newusers.8.xml: Document the optional file argument. * man/newusers.8.xml: Fix the documentation of the inputs' format. 2011-11-06 Nicolas François * man/groupmod.8.xml: Document that the primary group of users may be changed by groupmod -g. 2011-11-06 Nicolas François * NEWS, src/newusers.c, man/newusers.8.xml: Add --root option. 2011-11-06 Nicolas François * src/vipw.c: Remove unused variable a. 2011-11-06 Nicolas François * man/generate_mans.mak: The xml-config files do not depend on the Makefile. 2011-10-31 Nicolas François * src/chage.c, src/chgpasswd.c, src/chpasswd.c, src/chsh.c, src/faillog.c, src/gpasswd.c, src/groupadd.c, src/groupdel.c, src/groupmems.c, src/groupmod.c, src/grpconv.c, src/grpunconv.c, src/lastlog.c, src/newusers.c, src/passwd.c, src/pwconv.c, src/pwunconv.c, src/su.c, src/useradd.c, src/userdel.c, src/usermod.c, src/vipw.c: Align and sort options. 2011-10-31 Nicolas François * NEWS, src/pwck.c, man/pwck.8.xm, src/grpck.c, man/grpck.8.xml: Add --root option. 2011-10-31 Nicolas François * man/limits.5.xml, libmisc/limits.c: Sort limit identifiers. * libmisc/limits.c: Fix support for the K limit identifier. * libmisc/limits.c: Add missing default limit for L and U. 2011-10-31 Nicolas François * src/pwck.c, man/pwck.8.xml: Add support for long options. * src/pwck.c, man/pwck.8.xml: Add -h/--help option * src/grpck.c, man/grpck.8.xml: Add support for long options. * src/grpck.c, man/grpck.8.xml: Add -h/--help option 2011-10-30 Nicolas François * src/expiry.c, man/expiry.1.xml: Add support for long options. * src/expiry.c, man/expiry.1.xml: Add -h/--help option 2011-10-30 Nicolas François * src/chfn.c, man/chfn.1.xml: Add support for long options. * src/chfn.c, man/chfn.1.xml: Add -u/--help option * NEWS, src/chfn.c, man/chfn.1.xml: Add --root option. 2011-10-30 Nicolas François * NEWS, src/vipw.c, man/vipw.8.xml: Add --root option. 2011-10-30 Nicolas François * NEWS, src/faillog.c, man/faillog.8.xml: Add --root option. * NEWS, src/lastlog.c, man/lastlog.8.xml: Likewise. * src/faillog.c: Add Prog variable, and prefix error messages with Prog rather than "faillog". * src/lastlog.c: Likewise. * src/lastlog.c: Split usage in smaller messages. 2011-10-30 Nicolas François * NEWS, src/chage.c, man/chage.1.xml: Add --root option. Open audit and syslog after the potential chroot. chage's usage split in smaller messages. 2011-10-30 Nicolas François * src/login.c: re-indent. * src/login.c: Fix support for sub-logins. 2011-10-30 Nicolas François * src/faillog.c, src/chage.c, src/newusers.c, src/su.c: The getopt index of long options is not used. 2011-10-29 Nicolas François * lib/prototypes.h, libmisc/Makefile.am, libmisc/root_flag.c, po/POTFILES.in: Add process_root_flag() to process the --root option and chroot so that the chroot config is used and changes are applied to the chroot. * NEWS, src/useradd.c, man/useradd.8.xml: Add --root option. Open audit after the potential chroot. * NEWS, src/userdel.c, man/userdel.8.xml: Add --root option. Open audit and syslog after the potential chroot. userdel's usage split in smaller messages. * NEWS, src/usermod.c, man/usermod.8.xml: Likewise * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open audit and syslog after the potential chroot. * src/groupadd.c: Check atexit failures. * src/groupadd.c: Return E_SUCCESS instead of exit'ing at the end of main(). * NEWS, src/groupadd.c, man/groupadd.8.xml: Add --root option. Open audit and syslog after the potential chroot. * src/groupmod.c: The getopt index of long options is not used. * src/groupdel.c: Add process_flags(). * src/groupdel.c, man/groupdel.8.xml: Add --help option. * NEWS, src/groupdel.c, man/groupdel.8.xml: Add --root option. Open audit and syslog after the potential chroot. * src/groupdel.c: Check atexit failures. * NEWS, src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c, man/pwconv.8.xml: Add --root option. * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c: Add --help option. * src/pwconv.c, src/pwunconv.c, src/grpconv.c, src/grpunconv.c: Add process_flags() and usage(). * NEWS, src/chpasswd.c, man/chpasswd.8.xml, src/chgpasswd.c, man/chgpasswd.8.xml: Add --root option. * src/chpasswd.c, src/chgpasswd.c: The getopt index of long options is not used. * NEWS, src/passwd.c, man/passwd.1.xml: Add --root option. passwd's usage split in smaller messages. * src/passwd.c: Call sanitize_env() before setting the locales. * NEWS, src/groupmems.c, man/groupmems.8.xml: Add --root option. Open syslog after the potential chroot. * src/groupmems.c: The getopt index of long options is not used. * NEWS, src/chsh.c, man/chsh.1.xml: Add --root option. chsh's usage split in smaller messages. * src/chsh.c: The getopt index of long options is not used. * NEWS, src/gpasswd.c, man/gpasswd.1.xml: Add --root option. * src/gpasswd.c: The getopt index of long options is not used. 2011-10-22 Nicolas François * man/ja/Makefile.am, man/fr/Makefile.am, man/ru/Makefile.am, man/sv/Makefile.am, man/pl/Makefile.am, man/zh_CN/Makefile.am, man/it/Makefile.am, man/Makefile.am: Include man_nopam in EXTRA_DIST only when USE_PAM (they are already in man_MANS otherwise). 2011-10-22 Nicolas François * man/su.1.xml: Document that su -c does not providea controlling terminal. 2011-10-18 Nicolas François * src/newusers.c: Fix typo. * src/useradd.c: Likewise. * lib/nscd.c: Remove unused variable. * lib/prototypes.h, libmisc/cleanup.c, lib/spawn.c, src/chage.c: Add splint annotations. * src/sulogin.c (main): env is only used when USE_PAM is not set. 2011-10-15 Nicolas François * man/login.defs.d/LOGIN_STRING.xml: Fix typo. 2011-09-18 Nicolas François * lib/prototypes, libmisc/basename.c (Basename): Input is a constant string. * lib/prototypes.h, lib/spawn.h, lib/spawn.c, src/userdel.c, lib/nscd.c, lib/Makefile.am: Delete spawn.h. Move from spawn.h to prototypes.h. * src/userdel.c: Remove unused variables. * lib/nscd.c: Remove unused header files. * lib/nscd.c: Add the program name to error messages. * lib/nscd.c: Indicate when nscd does not terminate normally (signal). * lib/spawn.c: Updated header. * lib/spawn.c: Flush stdout and stderr to avoid inheriting from ongoing buffers. * lib/spawn.c: Avoid implicit conversion of pointer to boolean. * lib/spawn.c: Replace perror by a complete message. * lib/spawn.c: Continue to wait for the child if another child terminates. * lib/prototypes.h: The name field from cleanup_info_mod is a constant string. (username). 2011-09-18 Nicolas François * libmisc/cleanup.c: Spawn children should no trigger cleanup actions. Make sure only the parent (initial caller) perform the cleanup actions. 2011-09-18 Nicolas François * libmisc/salt.c (SHA_salt_rounds): It is statically ensured that the format fits in rounds_prefix. * libmisc/loginprompt.c: Likewise. 2011-09-18 Nicolas François * src/grpconv.c: Fail if not called correctly. * src/grpconv.c: At the end of main, the passwd and shadow files are locked. No need to check before unlocking. No need to set the lock as false neither since there cannot be anymore failures. 2011-09-18 Nicolas François * src/chage.c: EPOCH is not needed, it's converted to -1 by strtoday(). But we need to support "-1" specifically. * src/chage.c: Fix usage: LOGIN is mandatory. * src/chage.c: Display disabled expiry or last change as "-1" instead of 1969-12-31. 1969-12-31 is still supported as input from the user. * src/chage.c: Exit cleanly with fail_exit() (lock files were not removed). 2011-09-18 Nicolas François * src/useradd.c: Remove def_file. It was always set to USER_DEFAULTS_FILE. * src/useradd.c: Fix cut&paste issue causing bad warning when the useradd.default file contains an invalid INACTIVE= value. * src/useradd.c: Added missing end of line for rename errors. * src/useradd.c: Added -D synopsis to the usage message. * src/useradd.c: Do not scale_age(-1), just use -1. * src/useradd.c: Added FIXME to be fixed later. * src/useradd.c: Allow -e -1 when there is no shadow file. * src/useradd.c: Fail, but do not print the usage message when the -e argument is not valid. * src/useradd.c: No need to check for oflg since uflg is already checked. 2011-09-18 Nicolas François * src/su.c: Too much const were added on 2011-08-15. pw in save_caller_context() is allocated and freed. * src/su.c: Added missing #endif indication * src/su.c (save_caller_context): password only needed if SU_ACCESS and !USE_PAM. 2011-09-18 Nicolas François * src/usermod.c: date_to_str() is always called with negativ set to "never", remove this argument. * src/usermod.c: Added missing cast for gr_free argument. 2011-09-18 Nicolas François * src/pwconv.c: Fail if not called correctly. * src/pwconv.c: At the end of main, the passwd and shadow files are locked. No need to check before unlocking. 2011-09-18 Nicolas François * src/newusers.c: Initially set the passwd's password to '*' instead of 'x'. Only when it is confirmed that a shadow entry is (will be) added, set the passwd's password to 'x'. * src/newusers.c: An invalid line is an error. A failure needs to be reported. 2011-09-18 Nicolas François * src/gpasswd.c: Remove log_gpasswd_success_gshadow(). Writing in gshadow is the last sub-task. 2011-09-18 Nicolas François * src/chsh.c: No needto remove lines tarting with '#' from /etc/shells. This is already done by getusershell() and these shell would fail the access(X_OK) test. 2011-09-18 Nicolas François * man/generate_mans.mak: Fix the generation of translated man pages. xml2po removed the comment from empty headers and the config was no more inserted. 2011-09-18 Nicolas François * man/chage.1.xml: The LOGIN argument is not optional. * man/login.defs.d/QUOTAS_ENAB.xml: Document the dependency between /etc/limits and QUOTAS_ENAB. 2011-08-20 Nicolas François * po/POTFILES.in: Added lib/spawn.c. 2011-08-20 Jonathan Nieder * lib/Makefile.am: Added lib/spawn.c and lib/spawn.h. * lib/nscd.c, lib/spawn.c, lib/spawn.h: It is not possible to differentiate between an nscd failure, and a failure to execute due to no nscd with posix_spawn. Use our own run_command routine. * src/userdel.c: Use run_command() 2011-08-15 Nicolas François * src/groupmod.c: Ignore return value from snprintf. * src/groupmod.c: Add static qualifier to the cleanup structures. * src/groupmod.c: Check atexit failures. 2011-08-15 Nicolas François * src/usermod.c: Do not assign static to NULL. * src/usermod.c (date_to_str): buf needs to be unique (e.g. independent from negativ), and is an out buffer. * src/usermod.c: Ignore return value from snprintf, and force nul-termination of buffer. * src/usermod.c: Improve memory management. * src/usermod.c: An audit bloc was not reachable, moved above on success to move the home directory. * src/usermod.c: Ignore close() return value for the mailbox (opened read only). 2011-08-15 Nicolas François * src/su.c: Added const modifiers. * lib/prototypes: Synchronize splint annotations. 2011-08-14 Nicolas François * src/su.c: Add splint annotations. * src/su.c: Set caller_on_console as boolean. * src/su.c: Ignore return value from fputs (usage) / puts (prompt). * src/su.c: Improved memory management. 2011-08-14 Nicolas François * src/chgpasswd.c, src/chpasswd.c, src/newusers.c: Replace cflg by a test on crypt_method. 2011-08-14 Nicolas François * libmisc/chowndir.c: Add splint annotations. * src/chgpasswd.c: Likewise. * src/chpasswd.c: Likewise. * src/newusers.c: Likewise. * libmisc/salt.c, lib/prototypes.h (crypt_make_salt): Likewise. 2011-08-14 Nicolas François * lib/gshadow_.h: Fix typo in comment. 2011-08-14 Nicolas François * lib/prototypes.h, libmisc/getgr_nam_gid.c: getgr_nam_gid() returns an allocated structure. 2011-08-14 Nicolas François * src/su.c: Add annotations to indicate that su_failure() does not return. 2011-07-30 Nicolas François * lib/commonio.c: Display PID as unsigned long. 2011-07-30 Nicolas François * src/useradd.c: Remove unused Zflg. 2011-07-30 Nicolas François * src/chgpasswd.c: Fix typo sp -> sg. sg_namp -> sg_name * src/chgpasswd.c: Always update the group file when SHADOWGRP is not enabled. 2011-07-30 Nicolas François * src/newgrp.c: Fix typo in notreached annotation. 2011-07-30 Nicolas François * src/usermod.c: Add annotations to indicate that fail_exit() does not return. * src/usermod.c: Fix typo in notreached annotation. 2011-07-30 Nicolas François * libmisc/find_new_uid.c: free (used_uids) on return. * libmisc/find_new_gid.c: free (used_gids) on return. 2011-07-28 Nicolas François * lib/commonio.c: Fix NIS commit from 2011-07-14. 2011-07-28 Nicolas François * NEWS, src/chpasswd.c: Create a shadow entry if the password is set to 'x' in passwd and there are no entry in shadow for the user. * NEWS, src/chgpasswd.c: Create a gshadow entry if the password is set to 'x' in group and there are no entry in gshadow for the group. 2011-07-28 Nicolas François * src/pwunconv.c: Exit after printing usage when arguments or options are provided. * src/pwunconv.c: Re-indent. * src/pwunconv.c: Open the shadow file read only. * src/grpunconv.c: Exit after printing usage when arguments or options are provided. * src/grpunconv.c: Open the gshadow file read only. 2011-07-28 Nicolas François * src/chgpasswd.c: Fix typo. 2011-07-23 Nicolas François * NEWS, src/login.c: Do not log in utmp / utmpx / wtmp when PAM is enabled. This is already done by pam_lastlog. Note that pam_lastlog can only log the parent PID, not the PID of the process forked by login. 2011-07-23 Nicolas François * src/chpasswd.c: Add annotations to indicate that usage() does not return. * src/chpasswd.c: Reindent. * src/chpasswd.c: Remove dead code. No need to set crypt_method to NULL when it is already NULL. sflg is only set if crypt_method is not NULL. 2011-07-23 Nicolas François * src/lastlog.c: Add annotations to indicate that usage() does not return. 2011-07-23 Nicolas François * src/faillog.c: Add annotations to indicate that usage() does not return. * src/faillog.c: Fix message: this is faillog, not lastlog. * src/faillog.c: Check that there are no extra arguments after parsing the options. 2011-07-23 Nicolas François * src/chgpasswd.c: Add annotations to indicate that usage() does not return. * src/chgpasswd.c: Split usage in smaller parts. Those parts are already translated for chpasswd. Usage is now closer to chpasswd's. * src/chgpasswd.c: Remove dead code. No need to set crypt_method to NULL when it is already NULL. sflg is only set if crypt_method is not NULL. 2011-07-23 Nicolas François * src/expiry.c: Remove dead code. * src/expiry.c: Improve comments. 2011-07-23 Nicolas François * src/grpck.c: Added comments. * src/grpck.c: Avoid implicit conversion of pointer to boolean. * src/grpck.c: Remove dead code. argc cannot be lower than optind. Avoid checking twice in a row for NULL != list[i]. 2011-07-22 Nicolas François * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Fail in case of invalid configuration. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Updated comments. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Be more strict on the loop stop conditions. Stop if we passed the limit, even if the limit itself was never noticed. 2011-07-14 Nicolas François * man/po/fr.po: Fix some spacing issues due to configuration variants. 2011-07-14 Nicolas François * src/passwd.c: Overflow when computing the number of days based on the scaling. Use of long long needed. 2011-07-14 Nicolas François * NEWS, lib/commonio.h, lib/commonio.c: Additional messages to indicate why locking failed. * NEWS, lib/commonio.c: Fix the sort algorithm in case of NIS. NIS entries were dropped. * lib/commonio.c: NIS entries can start by '+' or '-'. 2011-07-14 Nicolas François * NEWS, src/groupmod.c: When the gshadow file exists but there are no gshadow entries, an entry is created if the password is changed and group requires a shadow entry. 2011-07-14 Nicolas François * src/usermod.c: Fix typo in comment. * src/usermod.c (move_home): It is always an error to use -m if the new home directory already exist (independently from the existence of the old home directory did not exist) * src/usermod.c (process_flags): Report usage if no options are provided. Update the error message. * src/usermod.c (process_flags): Check option compatibility and dependency before options are discarded when no changes are requested. * src/usermod.c (process_flags): Check for oflg is not needed to check if changes are needed. * src/usermod.c: usage() does not return. Add annotations. * src/usermod.c (update_gshadow): is_member was computed twice. * src/usermod.c (update_group, update_gshadow): Reduce complexity and document checks. Some checks were always true/false within their call context. * NEWS, src/usermod.c; man/usermod.8.xml: When the shadow file exists but there are no shadow entries, an entry has to be created if the password is changed and passwd requires a shadow entry, or if aging features are used (-e or -f). Document this and also that -e and -f require a shadow file. * man/usermod.8.xml: Document behavior of an empty EXPIRE_DATE. * man/usermod.8.xml: Document that the mail spool might have to be renamed (as for the homedir) * src/usermod.c (new_pwent): Document that pw_locate will not fail because getpwnam returned successfully. * src/usermod.c (process_flags): Do not display the usage in case of an invalid -f value (similar to -e). * src/usermod.c (process_flags): Indicate that the user name is invalid, instead of just a 'field'. 2011-07-08 Nicolas François * src/groupadd.c: Fix typo in comment. * src/userdel.c: Fix typo from 2011-06-04. Report failure on the mailfile instead of user_home. * lib/fields.c: Fixed typo from 2010-02-15. field instead of cp ought to be checked. * src/vipw.c: Use Prog instead of progname. This is needed since Prog is used in the library. * configure.in: Fix typo. libcrack default is 'no'. * src/groupmod.c: Avoid implicit conversion of pointer to boolean. * src/groupmod.c: osgrp can be set only if pflg || nflg. No need to check for pflg || nflg again 2011-07-08 Nicolas François * man/*.xml, man/config.xml.in: Add source and version information. This reduce the amount of warnings during the manpages generation. 2011-06-25 Nicolas François * man/passwd.1.xml: Added reference to chpasswd(8). * man/po/ru.po: Add space between option and argument. 2011-06-16 Francisco Javier Cuadrado * po/es.po: Spanish translation 2011-06-16 Nicolas François * libmisc/isexpired.c: Added parenthesis. * libmisc/env.c: Added comments. * libmisc/env.c: Avoid implicit conversion of pointer to boolean. 2011-06-16 Nicolas François * src/su.c: environ is provided by . * src/su.c: Added function prototypes. * src/su.c: Rename shellstr parameter to shellname to avoid collision with static variable. * NEWS, src/su.c: Added support for PAM modules which change PAM_USER. 2011-06-13 Nicolas François * src/su.c (prepare_pam_close_session): Extract the creation of a child and listening for signal in the parent from run_shell(). prepare_pam_close_session() is now executed before the creation of the pam session and before the UID is changed. This allows to close the session as root. * src/su.c: Also drop the controlling terminal when PAM is not used. * src/su.c: Remove run_shell(). * src/su.c: After prepare_pam_close_session() there is no need to close the session in the child. Added pam_setcred to prepare_pam_close_session(). 2011-06-12 Nicolas François * src/su.c (save_caller_context): Extract from main() the code used to save the caller's context. * src/su.c: Split check_perms() in to a PAM (check_perms_pam) and a non-PAM (check_perms_nopam) version. * src/su.c: Cleanup check_perms_nopam(). * src/su.c: Merge environment setting blocks after the creation of the session. * src/su.c: Close the password databases together with syslog. * src/su.c: Extract command line processing from main(). * src/su.c: Extract export of environment from main(). 2011-06-10 Nicolas François * src/su.c: Group some of the environment processing blocks. The definition of shellstr, PATH and IFS is not influenced (getenv, getdef, restricted_shell) by and does not influence (addenv does not change environ) the authentication. And the authentication did not overwrite those definitions. This will ease an extraction from the big main() function. * src/su.c: Move definition of change_environment and shellstr after the switch to the final subsystem. The previous architecture forced to always change the environment (the shell starts with a '*' and was thus restricted, and change_environment could not be reset to false). * src/su.c: No need to change the user's shell in case of subsystem root. Update the comments. * src/su.c: Define shellstr before the environment so that restricted_shell is called only once. This will allow moving the environment definition after the switch to the new user. * src/su.c: Extract the authentication from the main function. * lib/prototypes.h, src/suauth.c, src/su.c (check_su_auth): Do not use the pwent global variable to communicate between APIs of different files. Added boolean parameter su_to_root to check_su_auth(). * src/su.c (check_perms): Return the passwd entry of the finally authenticated user. Remove usage of the pwent variable. * src/su.c: The password of the caller is the one from the spwd structure only if the passwd's password is 'x'. * src/su.c: Cleanup local variables. 2011-06-10 Nicolas François * src/su.c: Updating pwent after expire() is not useful. Only the password information may have changed and they are not used anymore afterwards. * src/su.c: No need to call expire() if there are no shadow entry. No need to convert a passwd entry into an spwd entry in that case. 2011-06-12 Thomas Blein * man/po/fr.po: French manpages translation 2011-06-05 Nicolas François * NEWS, src/su.c: Do not forward the controlling terminal to commands executed with -c. This prevents tty hijacking which could lead to execution with the caller's privileges. This required to forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to the executed command. 2011-06-05 Nicolas François * NEWS, src/userdel.c: Do not remove a group with the same name as the user (usergroup) if this group isn't the user's primary group. 2011-06-04 Nicolas François * NEWS, src/userdel.c: Check the existence of the user's mail spool before trying to remove it. If it does not exist, a warning is issued, but no failure. 2011-06-03 Nicolas François * src/sulogin.c: Added Prog, needed because of the last xmalloc() change. 2011-06-03 Nicolas François * man/zh_CN/, man/zh_CN/Makefile.am: Added directory, and zh_CN Makefile. * man/Makefile.am: Build zh_CN pages. * man/generate_translations.mak: Add config.xml to CLEANFILES. * man/po/zh_CN.po: limits, groups, faillog, expiry should not be translated (command name, file name), also this broke the build system as they are used to derive manpage names. 2011-06-02 Peter Vrabec * src/lastlog.c, src/faillog.c: Fix underflows causing wrong entry to be displayed. 2011-06-02 Nicolas François * libmisc/xmalloc.c: Harmonize message. 2011-06-02 Peter Vrabec * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Add missing memory allocation check. 2011-06-02 Cal Peake * NEWS, libmisc/addgrps.c: Fix allocator loop. Continue to getgroups() when getgroups fails (-1) with errno==EINVAL. 2011-06-01 Simon Brandmair * man/newusers.8.xml, man/suauth.5.xml, man/suauth.5.xml, man/logoutd.8.xml, man/chgpasswd.8.xml, man/groups.1.xml, man/faillog.5.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml, man/login.defs.d/DEFAULT_HOME.xml, man/login.defs.d/LOGIN_RETRIES.xml, man/login.defs.d/MD5_CRYPT_ENAB.xml, man/login.defs.d/PORTTIME_CHECKS_ENAB.xml, man/login.defs.d/SHA_CRYPT_MIN_ROUNDS.xml: Fix typos * man/po/de.po: German translation of manpages completed 2011-05-23 Innocent De Marchi * po/ca.po: Catalan translation completed 2011-04-22 Miguel Figueiredo * po/pt.po: Portuguese translation completed 2011-04-22 Thomas Blein * po/fr.po: French translation completed 2011-04-16 Holger Wansing * po/de.po: German translation completed 2011-04-15 Fred Maranhão * po/pt_BR.po: Brazilian Portuguese translation completed 2011-04-10 Yuri Kozlov * po/ru.po: Russian translation completed 2011-04-07 Daniel Nylander * po/sv.po: Swedish translation completed 2011-04-07 Joe Dalton * po/da.po: Danish translation completed 2011-04-05 Timur Birsh * po/kk.po: Kazakh translation completed 2011-04-05 NAKANO Takeo * po/ja.po: Japanese translation completed 2011-03-30 YunQiang Su * man/po/zh_CN.po: convert Simplified Chinese translation of manpages to gettext * po/zh_CN.po: Simplified Chinese translation completed 2010-02-15 Nicolas François * man/ru/Makefile.am: Remove double inclusion of $(man_nopam) 2010-02-15 Nicolas François * libmisc/user_busy.c, src/userdel.c, src/usermod.c: Warn in user_busy() rather than in src/userdel.c or src/usermod.c to provide more accurate failure cause (user is logged in or user still executes processes). 2010-02-15 Nicolas François * lib/groupio.c, lib/sgroupio.c, lib/shadowio.c, lib/pwio.c: Check entry validity before commits to databases. * libmisc/fields.c, libmisc/Makefile.am, lib/fields.c, lib/Makefile.am, po/POTFILES.in: fields.c moved from libmisc to lib. * lib/fields.c: Fail if input pointer is NULL. 2010-02-13 Nicolas François * NEWS, src/chfn.c, src/chsh.c: Fix CVE-2011-0721: forbid \n in gecos or shell. 2011-02-12 Nicolas François * autogen.sh: Restore original autoreconf (see 2010-08-29's change for autogen.sh) * configure.in, man/po/Makefile.in.in, man/po/Makefile.in: Makefile.in.in replaced by Makefile.in to avoid config.status issues when there are multiple po directories. * man/po/LINGUAS: Adapted to above change. * man/po/POTFILES.in, man/po/XMLFILES: POTFILES.in replaced by XMLFILES. * man/Makefile.am: generate_mans.deps shall be included by make, not automake. 2010-11-19 Nicolas François * NEWS, libmisc/console.c: Fix CONSOLE parser. This caused login to hang when CONSOLE was configured with a colon separated list of TTYs. See http://bugs.gentoo.org/show_bug.cgi?id=324419 2010-09-05 Nicolas François Integrate review comments from Julien Cristau * libmisc/copydir.c: Missing parenthesis in comment. * libmisc/chowndir.c: Fixed memory leak on failed realloc(). * libmisc/chowndir.c: Make sure the buffer for the path is large enough. * libmisc/remove_tree.c: Remove check for NULL before free(). 2010-08-29 Nicolas François * man/po/fr.po: Fix 2 fuzzy strings. 2010-08-29 Nicolas François * NEWS, src/usermod.c: Accept options in any order (username not necessarily at the end) 2010-08-29 Nicolas François * autogen.sh: Expand autoreconf to avoid running autopoint. 2010-08-29 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-08-28 Brian M. Carlson * man/chsh.1.xml: Fix comma splice. 2010-08-28 Nicolas François * lib/protoypes.h, libmisc/copydir.c, src/useradd.c: selinux_file_context renamed set_selinux_file_context. * lib/protoypes.h, libmisc/copydir.c, src/useradd.c: Added reset_selinux_file_context. * src/useradd.c: Check the return value of set_selinux_file_context and reset_selinux_file_context. * libmisc/copydir.c: Check the return value of reset_selinux_file_context. 2010-08-28 Nicolas François * src/su.c: Fix handling of environment variables when the environment is not changed. In particular, this makes su behave as documented regarding PATH and IFS (i.e. they are reset) when -p is provided. 2010-08-28 Nicolas François * man/su.1.xml: Fix typo. 2010-08-22 Nicolas François * src/newgrp.c, src/userdel.c, src/grpck.c, src/gpasswd.c, src/newusers.c, src/pwconv.c, src/chpasswd.c, src/logoutd.c, src/chfn.c, src/groupmems.c, src/usermod.c, src/pwunconv.c, src/expiry.c, src/groupdel.c, src/chgpasswd.c, src/useradd.c, src/su.c, src/groupmod.c, src/passwd.c, src/pwck.c, src/chage.c, src/groupadd.c, src/login.c, src/grpconv.c, src/groups.c, src/grpunconv.c, src/chsh.c: Prog changed to a constant string. 2010-08-22 Nicolas François * libmisc/limits.c: Avoid implicit conversion of integer to boolean. * libmisc/basename.c: Avoid implicit conversion of pointer to boolean. * libmisc/basename.c, lib/prototypes.h (Basename): Return a constant string. * libmisc/basename.c, libmisc/obscure.c, lib/prototypes.h, libmisc/xmalloc.c, libmisc/getdate.h, libmisc/system.c, libmisc/getgr_nam_gid.c, libmisc/failure.c, libmisc/valid.c: Add splint annotations. * libmisc/chowndir.c: Avoid memory leak. * libmisc/chowndir.c: Do not check *printf/*puts return value. * libmisc/chowntty.c: Avoid implicit conversion between integer types. * libmisc/obscure.c: Return a bool when possible instead of int. * libmisc/shell.c: Do not check *printf/*puts return value. * libmisc/shell.c: Do not check execle return value. * libmisc/setupenv.c: Avoid implicit conversion between integer types. * libmisc/xmalloc.c: size should not be zero to avoid returning NULL pointers. * libmisc/hushed.c: Do not check *printf/*puts return value. * libmisc/system.c: Avoid implicit conversion of integer to boolean. safe_system last argument is a boolean. * libmisc/system.c: Check return value of dup2. * libmisc/system.c: Do not check *printf/*puts return value. * libmisc/system.c: Do not check execve return value. * libmisc/salt.c: Do not check *printf/*puts return value. * libmisc/loginprompt.c: Do not check gethostname return value. * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not check gr_rewind/pw_rewind return value. * libmisc/ttytype.c: Limit the number of parsed characters in the sscanf format. * libmisc/ttytype.c: Test if a type was really read. * libmisc/sub.c: Do not check *printf/*puts return value. * libmisc/sub.c: Avoid implicit conversion of integer to boolean. * src/userdel.c: Fix typo in comment. * src/userdel.c: Avoid implicit conversion of boolean to integer. * src/userdel.c: safe_system last argument is a boolean. * src/newusers.c: Avoid implicit conversion of boolean to integer. * src/newusers.c: Avoid implicit conversion of integer to boolean. * src/usermod.c: Add brackets. * src/usermod.c: Avoid implicit conversion of characters or integers to booleans. * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c: Avoid implicit conversion of integer to boolean. * src/su.c: Add brackets. * src/useradd.c: Avoid implicit conversion of characters or integers to booleans. 2010-08-22 Nicolas François * libmisc/obscure.c, lib/prototypes.h (obscure): Return a bool instead of an int. * libmisc/obscure.c, libmisc/tz.c, src/passwd.c, lib/encrypt.c, libmisc/copydir.c, lib/prototypes.h: Add splint annotations. * libmisc/tz.c: Fix some const issues. * libmisc/tz.c: Avoid multi-statements lines. * libmisc/tz.c: Add brackets. * libmisc/copydir.c: Do not check *printf/*puts return value. * libmisc/copydir.c: Fail if we cannot set or reset the SELinux fscreate context. * libmisc/copydir.c: Use xmalloc instead of malloc. * libmisc/copydir.c: Do not check lutimes return value * src/vipw.c: Avoid implicit conversion of integer to boolean. * src/su.c (iswheel): Return a bool instead of an int. * src/passwd.c: Remove insert_crypt_passwd(). Use xstrdup instead. * src/passwd.c: Return constant strings when sufficient. * src/passwd.c: Do not check *printf/*puts return value. * src/passwd.c: Avoid implicit conversion of character to boolean. * src/passwd.c: Do not check sleep return value. * src/sulogin.c: Do not check *printf/*puts return value. * lib/encrypt.c: Do not check fprintf return value. 2010-08-21 Nicolas François * src/passwd.c: Fix a const issue. * src/passwd.c: Avoid multi-statements lines. * src/sulogin.c: Fix a const issue. 2010-08-21 Nicolas François * libmisc/copydir.c, lib/prototypes.h: Caller can choose not to copy the extended attributes (the SELinux context is hence reset) * src/usermod.c: Copy the extended attributes. * src/useradd.c: Only reset the SELinux context. 2010-08-21 Nicolas François * configure.in: Fixed typo. 2010-08-21 Nicolas François * libmisc/console.c, libmisc/motd.c, libmisc/setupenv.c, libmisc/sulog.c, libmisc/hushed.c, libmisc/failure.c, libmisc/loginprompt.c, libmisc/ttytype.c, libmisc/obscure.c, libmisc/pam_pass_non_interractive.c, src/userdel.c, src/login.c, lib/commonio.c, lib/commonio.h, libmisc/setugid.c, libmisc/setupenv.c: Fix some const issues. * libmisc/motd.c: Avoid multi-statements lines. * libmisc/motd.c: Support long MOTD_FILE. * libmisc/list.c, lib/prototypes.h: Revert previous change. dup_list and is_on_list are used with members as defined for the group structure, and thus even if the list is not modified, the list elements cannot be constant strings. * libmisc/system.c: Avoid C++ comments. * src/vipw.c: WITH_TCB cannot be tested inside a gettextized string. Split the Usage string. * lib/commonio.h: Re-indent. 2010-08-21 Nicolas François * libmisc/audit_help.c (audit_logger):pgname is not used. We let audit find out the name of the program. * libmisc/audit_help.c: Re-indent. 2010-08-20 Nicolas François * lib/groupio.c: Avoid implicit conversion from signed to unsigned. 2010-08-20 Nicolas François * lib/commonio.c: Make sure there are no NULL pointer dereference. 2010-08-20 Nicolas François * libmisc/remove_tree.c: Ignore snprintf return value. 2010-08-20 Nicolas François * lib/prototypes.h, libmisc/list.c: dup_list() and is_on_list() do not change the members of the list they receive. Added const qualifiers. 2010-08-20 Nicolas François * src/usermod.c: Re-indent. 2010-08-20 Nicolas François * lib/commonio.c: Avoid multi-statements lines. 2010-08-20 Nicolas François * man/po/fr.po: Fix a typo. 2010-06-24 Baurzhan Muftakhidinov * NEWS, po/kk.po: Updated Kazakh translation. 2010-04-12 Nicolas François * man/po/fr.po: Fix some typos. Minor updates: 886t70f187u. 2010-04-12 Nicolas François * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-04-05 Nicolas François * man/newusers.8.xml, man/useradd.8.xml, man/groupadd.8.xml, man/login.defs.d/UMASK.xml, man/login.defs.d/CREATE_HOME.xml, man/login.defs.d/LOGIN_RETRIES.xml: Fix typos: choosen, overriden, bahavior. 2010-04-04 Nicolas François * man/usermod.8.xml: Document changes of ownerships. 2010-04-04 Nicolas François * man/vipw.8.xml: Fix formatting typo. * man/vipw.8.xml: Document the login.defs parameters only when tcb is enabled. 2010-04-04 Nicolas François * src/useradd.c: spool is a constant string. * src/useradd.c: Set the new copy_tree's paramater 'copy_root' to false 2010-04-04 Nicolas François * src/usermod.c: move_home() is only called if mflg is set. * src/usermod.c: Fail is -m is provided but the old home directory is not a directory. * src/usermod.c: Use the previous improvement of copy_tree to provide better error diagnosis. * src/usermod.c: When rename() is used, also change the ownership. * src/usermod.c: Do not change the ownership of the root directory twice. * src/usermod.c: When -u is provided, only change the ownership of the home directory if it is a directory. * src/usermod.c: Also change ownerships when -g is used. 2010-04-04 Nicolas François * lib/prototypes.h, libmisc/copydir.c: Add the old UID and GID to copy_tree to detect when ownership shall be changed. * libmisc/copydir.c: Document the behavior when the IDs are set to -1. * lib/prototypes.h, libmisc/copydir.c (copy_tree): Add parameter copy_root. * libmisc/copydir.c: error() and ctx can be static. * libmisc/copydir.c (copy_hardlink): Remove parameter src. 2010-04-04 Nicolas François * libmisc/chowndir.c: Dynamically allocate memory to support path longer than 1024 characters. * libmisc/chowndir.c: Fix typos in documentation. * libmisc/chowndir.c: Support and document the behavior when a old or new ID is set to -1. * libmisc/chowndir.c: Improved error detection when chown fails. * libmisc/chowndir.c: Harmonize error handling strategy when an error occurs: stop changing ownership as soon as an error was detected. 2010-04-03 Nicolas François * man/hu/passwd.5: Fix formatting typo. * man/id/login.1: Likewise. 2010-03-31 Nicolas François * man/vipw.8.xml: When TCB is enabled, vipw uses login.defs. 2010-03-31 Nicolas François * NEWS, libmisc/copydir.c: When a hardlink is detected, the original hardlink should not be removed. 2010-03-30 Nicolas François * po/POTFILES.in, libmisc/Makefile.am, lib/prototypes.h, libmisc/remove_tree.c, libmisc/copydir.c: Split remove_tree() outside of copydir.c to avoid linking against libacl or libattr. 2010-03-30 Nicolas François * src/su.c: shell's name must be -su when a su fakes a login. 2010-03-30 Nicolas François * NEWS, configure.in, libmisc/copydir.c, man/useradd.8.xml, man/usermod.8.xml, src/Makefile.am: Added support for ACLs and Extended Attributes. 2010-03-30 Nicolas François * libmisc/copydir.c: Document the sections closed by #endif 2010-03-27 Nicolas François * man/vipw.8.xml: Add section ENVIRONMENT. 2010-03-26 Nicolas François * etc/login.defs: Updated description of UMASK to indicate its usage by pam_umask. * man/login.defs.d/UMASK.xml: Likewise. 2010-03-25 Nicolas François * man/login.1.xml: login does not check for new mails in PAM enabled versions. This is done by pam_mail. 2010-03-25 Nicolas François * NEWS, src/chpasswd.c, man/chpasswd.8.xml, man/login.defs.5.xml: PAM enabled versions: restore the -e option to allow restoring passwords without knowing those passwords. Restore together the -m and -c options. 2010-03-23 Nicolas François * src/su.c, src/vipw.c, src/newgrp.c: When the child is interrupted, stop ourself with a SIGSTOP signal. 2010-03-23 Nicolas François * src/newgrp.c: Limit the scope of variable pid. * src/login_nopam.c: Limit the scope of variables end, lineno, i, str_len. * src/logoutd.c: Limit the scope of variable c. * src/vipw.c: Re-indent. * src/vipw.c: Close the file after the creation of the backup. * src/useradd.c (set_default): Close input file on failure. * src/useradd.c: Limit the scope of variables spool, file, fd, gr, gid, mode. * src/passwd.c: Limit the scope of variables last and ok. * src/chage.c: Fix typo (non breaking space). * src/login.c: Limit the scope of variables erasechar killchar, c, failed. * src/groups.c: Limit the scope of variable ngroups, pri_grp, i. * src/id.c: Limit the scope of variable i. 2010-03-22 Nicolas François * lib/utent.c (getutline): Remove getutline(). This function is no more used. * lib/groupmem.c: Limit the scope of variable i. * lib/shadow.c: Avoid implicit conversion of pointers and integers to booleans. * lib/shadow.c: Added brackets. * libmisc/limits.c: Limit the scope of variable tmpmask. * libmisc/copydir.c: Close opened file on failure. * libmisc/loginprompt.c: Limit the scope of variable envc. * libmisc/find_new_uid.c, libmisc/find_new_gid.c: Limit the scope of variable id. 2010-03-21 Nicolas François * libmisc/find_new_gid.c, libmisc/find_new_uid.c: Detect some misconfigurations of UID_MIN, UID_MAX, SYS_UID_MIN, SYS_UID_MAX (and the GID equivalents) 2010-03-20 Nicolas François * NEWS, configure.in: Next version will be 4.1.5. * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2010-03-20 Nicolas François * libmisc/limits.c: Re-indent to make pmccabe happy. 2010-03-20 Nicolas François * man/generate_translations.mak, man/generate_mans.mak: Fix distcheck. All manpages generation code shall be enclosed in ENABLE_REGENERATE_MAN conditions. 2010-03-20 Nicolas François * man/useradd.8.xml: Do not document the features which are not working. * man/useradd.8.xml: Fix typo: -u was meant instead of -o. * man/useradd.8.xml: Document that the default behavior depends on CREATE_HOME. 2010-03-20 Nicolas François * lib/groupio.c: Fix memory management insplit_groups(). 2010-03-20 Nicolas François * libmisc/strtoday.c: Empty dates indicate a disabled date, this is not an error. 2010-03-19 Nicolas François * src/useradd.c, lib/commonio.c, po/POTFILES.in: Fix typos. * libmisc/limits.c: Removed unused variable. 2010-03-19 Nicolas François * lib/commonio.c: Stop sorting entries when we reach the first NIS line. 2010-03-18 Nicolas François * src/chsh.c: Even for root, warn if an invalid shell is specified. Alioth#311305 2010-03-18 Nicolas François * man/limits.5.xml: Document the selection of the limits when multiple lines match the user. 2010-03-18 Nicolas François * libmisc/limits.c: Re-indent. * libmisc/limits.c: Reformat the documentation. Avoid personal comments. * man/limits.5.xml: Document the new features. 2010-03-18 Thomas Orgis * NEWS, libmisc/limits.c: Fix parsing of limits. * NEWS, libmisc/limits.c: Add support for infinite limits. * NEWS, libmisc/limits.c: Add support for @group syntax. 2010-03-18 Nicolas François * lib/tcbfuncs.h: Re-indent. * lib/tcbfuncs.h: Explicitly indicate function taking a void parameter. 2010-03-18 Nicolas François * src/useradd.c: When exiting because of a failure, warn if an home directory created, but cannot be removed. 2010-03-18 Nicolas François * libmisc/chowndir.c: Re-indent. * libmisc/chowndir.c: Avoid assignment in comparisons. * libmisc/chowndir.c: Added brackets and parenthesis. 2010-03-18 Nicolas François * libmisc/strtoday.c: Add support for numerical dates, assuming they are already specified in number of days since Epoch. Return -2 in case of errors to support the specification of -1. * src/usermod.c, src/useradd.c: Adapt to the new error value of strtoday(). * src/chage.c: Remove isnum(). Adapt to the new error value of strtoday(). Support for numerical dates is moved to strtoday(). 2010-03-18 Nicolas François * man/po/fr.po: Harmonize name of parameters. 2010-03-18 Nicolas François * NEWS: Indicate which tools support TCB. 2010-03-18 Nicolas François * src/pwck.c: Unlock the password and shadow files when there is a failure to prepare the update in memory. 2010-03-18 Nicolas François * src/pwck.c: Only log to SYSLOG when acting on system files. 2010-03-18 Nicolas François * src/pwck.c: Document the sections closed by #endif * src/pwck.c, man/pwck.8.xml: No alternative shadow file can be given when USE_TCB is enabled. * src/pwck.c: Remove the -s option from the usage when USE_TCB is enabled. The option is still supported, but has no effect, as documented in the manpage. 2010-03-18 Nicolas François * src/pwck.c: Do not use pwd_file and spw_file. Always use the dbname() functions. 2010-03-18 Nicolas François * src/pwck.c: Re-indent. 2010-03-18 Nicolas François * src/userdel.c, src/usermod.c, src/vipw.c, src/useradd.c, src/pwck.c, src/chage.c, lib/shadowio.c: Explicitly use the SHADOWTCB_FAILURE return code instead of 0 or implicit conversion to booleans. 2010-03-18 Paweł Hajdan, Jr. * src/pwck.c: Add support for TCB. * src/pwck.c: Use spw_dbname() instead of spw_file since TCB changes from a file to another depending on the user. Also use pw_dbname() for consistency. 2010-03-17 Nicolas François * src/faillog.c: Re-indent. 2010-03-17 Nicolas François * lib/tcbfuncs.h: Added type shadowtcb_status. * lib/tcbfuncs.h, lib/tcbfuncs.c: Return a shadowtcb_status instead of an int. * lib/tcbfuncs.c: Do not return in OUT_OF_MEMORY. * lib/tcbfuncs.c: Only FreeBSD specify that the returned buffer is NULL in case of failure. The return value of asprintf shall be checked. * lib/tcbfuncs.c: Avoid implicit conversion of pointers or integers to booleans. * lib/tcbfuncs.c: Avoid assignments in comparisons. * lib/tcbfuncs.c: Do not free path before its last use. * lib/tcbfuncs.c: Include shadowio.h, needed for the spw_setdbname's prototype. * lib/tcbfuncs.c: Ignore fflush() return value. * lib/tcbfuncs.c: Avoid implicit signed to unsigned conversions. * lib/tcbfuncs.c: Avoid integer to char conversions. * lib/tcbfuncs.c: Include prototypes.h for the definition of Prog. * lib/tcbfuncs.c: Removed dead return. * lib/tcbfuncs.c: move_dir() and shadowtcb_move() need a non NULL stored_tcb_user. * lib/tcbfuncs.c: Avoid implicit int to mode_t conversion. * lib/tcbfuncs.c: Added brackets and parenthesis. * lib/tcbfuncs.c: Re-indent. 2010-03-17 Nicolas François * lib/commonio.c: Avoid implicit conversion of pointers to booleans. * lib/commonio.c: Ignore the return value of close when a failure is reported. 2010-03-16 Nicolas François * man/faillog.8.xml: Document the behavior in display mode of the -a option. * NEWS, man/faillog.8.xml, src/faillog.c: Extend the -a option to the non-display mode. This changes the default behavior of the -l, -m, -r, -t options when -a is not specified (restrict to existing users). 2010-03-15 Nicolas François * man/chage.1.xml, man/login.defs.5.xml, man/pwck.8.xml, man/pwconv.8.xml, man/useradd.8.xml, man/userdel.8.xml, man/usermod.8.xml, man/vipw.8.xml: Document the usage of the TCB_AUTH_GROUP, TCB_SYMLINKS, and USE_TCB configuration parameters. * man/pwconv.8.xml, man/pwck.8.xml: Document the behavior when USE_TCB is enabled. 2010-03-15 Nicolas François * po/POTFILES.in, lib/tcbfuncs.c: Add more strings for translation. * lib/tcbfuncs.c: Indicate the name of the program in error messages. Avoid perror. * src/useradd.c: Re-indent. * src/useradd.c: Add more strings for translation. Indicate the name of the program in error messages. * src/userdel.c: Re-indent. * src/userdel.c: Add more strings for translation. Indicate the name of the program in error messages. 2010-03-15 Nicolas François * src/usermod.c: user_newname and user_newid cannot be used to test if the username or ID is changed. lflg and uflg should be used instead. 2010-03-15 Nicolas François * src/userdel.c: Avoid perror. Give more verbose warnings. 2010-03-11 Nicolas François * man/Makefile.am: Indicate that man/generate_mans.deps is generated. 2010-03-11 Nicolas François * lib/commonio.c: Re-indent. * lib/commonio.c: Document the sections closed by #endif * lib/commonio.c: Added brackets. * lib/commonio.c: Avoid implicit conversion of integer to booleans. 2010-03-11 Nicolas François * src/userdel.c: Re-indent. * src/userdel.c: Added brackets. * src/userdel.c: Avoid implicit conversion of pointers to booleans. 2010-03-11 Nicolas François * lib/shadowio.c: Re-indent. * lib/shadowio.c: Added brackets and parenthesis. * lib/shadowio.c: Document the sections closed by #endif * lib/shadowio.c: Avoid negation of comparisons. * lib/shadowio.c: Avoid implicit conversion of integer to booleans and booleans to integers. 2010-03-11 Nicolas François * src/useradd.c: Re-indent. * src/useradd.c: Added brackets. * src/useradd.c: Avoid implicit conversion of integers to booleans. * src/useradd.c: Harmonize error messages. 2010-03-11 Nicolas François * src/vipw.c: Document the sections closed by #endif * src/vipw.c: Avoid implicit conversion of pointers or integers to booleans. * src/vipw.c: Added brackets and parenthesis. * src/vipw.c: Limit the definition of some variables and macros to the WITH_TCB scope. * src/vipw.c: Avoid assignment in comparisons. * src/vipw.c: Replace PASSWD_FILE (resp. GROUP_FILE and SGROUP_FILE) by pw_dbname () (resp. gr_dbname () and sgr_dbname ()). This is more consistent with the shadow file handling and may be useful to allow edition of another partition's files. 2010-03-11 Nicolas François * src/usermod.c: Re-indent. * src/usermod.c: Avoid implicit conversion of pointers to booleans. * src/usermod.c: Added parenthesis. 2010-03-11 Nicolas François * src/pwunconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-10 Nicolas François * src/userdel.c: Re-indent. * src/userdel.c: Avoid implicit conversion of pointers to booleans. * src/userdel.c: Document the sections closed by #endif 2010-03-10 Nicolas François * src/pwconv.c: Only check USE_TCB if configured WITH_TCB. 2010-03-10 Nicolas François * libmisc/copydir.c: Added parenthesis. 2010-02-14 Michael Bunk * NEWS, lib/gshadow.c: Fix parsing of gshadow entries. 2010-01-30 Paweł Hajdan, Jr. * NEWS: Add support for TCB. * lib/tcbfuncs.h, lib/tcbfuncs.c, lib/Makefile.am: New library to support TCB. * lib/prototypes, libmisc/copydir.c (remove_tree): Add boolean parameter remove_root. * configure.in: Add conditional WITH_TCB. * src/userdel.c, src/usermod.c: Add support for TCB. Update call to remove_tree(). * src/pwconv.c, src/pwunconv.c: Should not be used with TCB enabled. * src/vipw.c: Add support for TCB. Update call to remove_tree(). * src/useradd.c: Add support for TCB. Open the shadow file outside of open_files(). * src/chage.c: Add support for TCB. * src/Makefile.am: Install passwd sgid shadow when TCB is enabled. * lib/getdefs.c, man/vipw.8.xml, man/login.defs.5.xml, man/login.defs/TCB_AUTH_GROUP.xml, man/login.defs/USE_TCB.xml, man/login.defs/TCB_SYMLINKS.xml, man/generate_mans.mak, man/generate_mans.deps, man/Makefile.am: New configuration parameters: TCB_AUTH_GROUP, TCB_SYMLINKS, USE_TCB. * lib/shadowio.c, lib/commonio.c: Add support for TCB. 2010-01-24 Nicolas François * libmisc/env.c: Fix sanitize_env() noslash support. This fixes Alioth#311740. 2010-01-24 Nicolas François * src/su.c: Do not sanitize the environment. This breaks --preserve-environment. This sanitation was disabled on Debian since quite some time with no reported issues, and sanitize_env() documentation agrees that it should be useless as all modern Unixes will handle setuid executables properly. This fixes Alioth#312287. 2010-01-24 Nicolas François * libmisc/setupenv.c: Fix typo from 2009-11-01. 2010-01-24 Paweł Hajdan, Jr. * configure.in: Add support for TCB in configure.in. Actual TCB support will follow. 2009-11-05 Nicolas François * NEWS, src/groupmod.c: Fixed groupmod when configured with --enable-account-tools-setuid. 2009-11-01 Nicolas François * NEWS, man/login.defs.d/ENV_SUPATH.xml, libmisc/setupenv.c: Harmonize other paths and documentation with previous change. 2009-11-01 Michel Hermier * src/su.c: Set the default ENV_SUPATH to /sbin:/bin:/usr/sbin:/usr/bin (i.e. PATH when no ENV_SUPATH is specified). 2009-10-15 Thorsten Kukuk * src/faillog.c, man/faillog.8.xml: Harmonize long option in code and documentation. Use --lock-secs instead of --lock-time. 2009-10-05 Miroslav Kure * po/cs.po: updated to 412t 2009-09-29 Clytie Siddall * po/vi.po: updated to 412t 2009-09-27 Miroslav Kure * po/cs.po: updated to 411t1f 2009-09-24 Christian Perrier * man/po/fr.po: Updated French translation to 835t99f165 2009-09-24 Clytie Siddall * po/vi.po: updated to 348t30f34u 2009-09-08 Nicolas François * lib/commonio.c: Avoid pre-decrement operator (--n). Add some comments. * libmisc/cleanup.c: Fix off by one in an assertion. 2009-09-08 Nicolas François * src/su.c: Fix indentation. * src/su.c: Add more messages for translation. * src/su.c: Ignore kill() return value when sending the TERM signal. If it fails, a KILL should be sent anyway. 2009-09-08 Nicolas François * NEWS, src/su.c: When su receives a signal, wait for the child to terminate (after sending a SIGTERM), and kill it only if it did not terminate by itself. No delay will be enforced if the child cooperates. See http://bugs.gentoo.org/282094 * NEWS, man/su.1.xml: Document su's exit values. 2009-09-08 Nicolas François * src/useradd.c: The default value for the CREATE_MAIL_SPOOL variable (i.e. if CREATE_MAIL_SPOOL= is specified without any values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL="). 2009-09-08 Nicolas François * src/useradd.c: Avoid redefinition of SHELL. Use DSHELL instead. For consistency, change HOME, INACT, EXPIRE, SKEL, and CREATE_MAIL_SPOOL to DHOME, DINACT, DEXPIRE, DSKEL, and DCREATE_MAIL_SPOOL. 2009-09-08 Nicolas François * src/newusers.c: Prefer #ifdef over #if. 2009-09-08 Nicolas François * configure.in: We do not use SETPGRP_VOID, and already assume that setpgrp has a void argument. Remove AC_FUNC_SETPGRP to ease cross compiling. 2009-09-07 Nicolas François * man/generate_translations.mak, man/generate_mans.mak, po/Makefile.in.in: Removing and restoring the config.xml file broke parallel builds. Build the manpages based on *.xml-config files instead of *.xml files. The *.xml do not include config.xml anymore, which permits to run xml2po without needing to remove config.xml. The config.xml is restored in the *.xml-config files. * man/groupadd.8.xml: Implementation of the above. * man/generate_mans.deps: Updated dependencies 2009-09-07 Steve Grubb * libmisc/limits.c: Fix the format to match the unsigned long variable in argument. * libmisc/utmp.c: Fix tests. tmptty is a variable stack. ut_host is an array of the ut structure. None of them can be NULL. 2009-09-07 Nicolas François * lib/shadowmem.c: Only copy the required fields of the struct spwd. (start with the primitive types) * lib/shadowmem.c: Avoid memzero() on a possibly NULL pointer. * lib/groupmem.c: Only copy the required fields of the struct group. (start with the primitive types) * lib/groupmem.c: Avoid memzero() on a possibly NULL pointer. * lib/groupmem.c: Free gr_mem in addition to its elements. * lib/sgroupio.c: The struct sgrp has no primitive types to be copied initially. * lib/sgroupio.c: Avoid memzero() on a possibly NULL pointer. * lib/sgroupio.c: Free sg_mem and sg_add in addition to their elements. * lib/pwmem.c: Only copy the required fields of the struct passwd. (start with the primitive types) 2009-09-07 Nicolas François * lib/sgroupio.h: Harmonize splint annotations of sgr_locate() prototype with the one used in its definition. 2009-09-07 Steve Grubb * libmisc/copydir.c, lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c: Fix some memory leaks. 2009-09-06 Nicolas François * src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: Use booleans for tests. * src/userdel.c, src/gpasswd.c, src/groupmems.c, src/usermod.c, src/groupmod.c, src/passwd.c: Use a break even after usage(). 2009-09-05 Nicolas François * src/gpasswd.c, src/groupmems.c: Split the groupmems and gpasswd Usage string. It was changed anyway to add the --help option. 2009-09-05 Mike Frysinger * NEWS, src/userdel.c, src/lastlog.c, src/gpasswd.c, src/newusers.c, src/chpasswd.c, src/groupmems.c, src/usermod.c, src/chgpasswd.c, src/vipw.c, src/su.c, src/useradd.c, src/groupmod.c, src/passwd.c, src/groupadd.c, src/chage.c, src/faillog.c, src/chsh.c: If someone uses the -h/--help options, the usage should not go to stderr nor should the utility exit with non-zero status. All of the shadow utils do just this unfortunately, so convert them over to sanity. * man/groupmems.8.xml, man/gpasswd.1.xml: Added option -h/--help. 2009-09-05 Nicolas François * src/useradd.c: Fixed wrong format string. * lib/gshadow.c: Removed declaration of unused variable. 2009-08-30 Mike Frysinger * man/generate_mans.mak, man/generate_translations.mak: Provide an useful error message when --enable-man is not enabled and the translated manpages are not generated. 2009-08-21 Nicolas François * man/login.defs.d/ENCRYPT_METHOD.xml: Avoid using sub-lists. They break the groff formatting. 2009-07-24 Nicolas François * po/fr.po: Fix typos, based on reviews by the Debian French translation team. 2009-07-24 Nicolas François * NEWS, configure.in: Prepare for the next release 4.1.4.2. * po/shadow.pot, man/po/shadow-man-pages.pot: Regenerated. * po/*.po, man/po/*.po: Updated PO files. 2009-07-23 Nicolas François * configure.in: Fixed definition of the SHELL configuration. 2009-07-23 Nicolas François * etc/login.defs: SYS_GID_MIN /SYS_UID_MIN changed from 100 to 101. GID 100 seems to be used statically. 2009-07-22 Nicolas François * libmisc/shell.c, src/su.c: Execute the scripts with "sh -" rather than "sh". 2009-07-22 Nicolas François * configure.in, libmisc/shell.c, libmisc/setupenv.c, src/newgrp.c, src/su.c: Let the system shell be configurable. 2009-07-20 Nicolas François * NEWS, src/su.c, libmisc/shell.c: Added support for shells being a shell script without a shebang. 2009-07-19 Jean-Louis Dupond * po/nl.po: Fix obvious mistake in Dutch translation. 2009-07-18 Peter Vrabec * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Do not use getpwent / getgrent for system accounts. Trying the low-IDs with getpwuid / getgrgid should be more efficient on LDAP configured systems with many accounts. * NEWS, libmisc/find_new_gid.c, libmisc/find_new_uid.c: Since system accounts are allocated from SYS_?ID_MIN to SYS_?ID_MAX in reverse order, accounts are packed close to SYS_?ID_MAX if SYS_?ID_MIN is already used but there are still dome gaps. 2009-07-05 Piarres Beobide * po/eu.po: Updated Basque translation. 2009-06-20 Nicolas François * man/fi/Makefile.am: Stop distributing the Finnish translation of passwd.1 (outdated). 2009-06-20 Nicolas François * man/pwck.8.xml: The shadow file is optional. * man/pwck.8.xml: Updated description of the checks. Added description of the shadow checks. * man/pwck.8.xml: Updated description of the checks. 2009-06-12 Nicolas François * man/po/fr.po: Fixed typo (forunis) 2009-06-12 Nicolas François * lib/fputsx.c: Compare the result of fgets() with the provided buffer instead of NULL. 2009-06-12 Nicolas François * lib/gshadow.c: Removed limitation on the length of the gshadow lines. * lib/gshadow.c: Compare the result of fgetsx() with the provided buffer instead of NULL. 2009-06-11 Nicolas François * libmisc/xgetXXbyYY.c, libmisc/xgetpwnam.c, libmisc/xgetgrnam.c, libmisc/xgetpwuid.c, libmisc/xgetgrgid.c, libmisc/xgetspnam.c: Do not limit the size of the buffer to hold the group or user structure. It used to be limited to 16k, which caused issues with groups having many users. 2009-06-11 Nicolas François * src/su.c, man/su.1.xml: The default behavior (without -p or --login) is to copy most of the environment variables. Revert a previous change and update the documentation. 2009-06-06 Nicolas François * man/passwd.5.xml, man/shadow.5.xml: Document the passwd- and shadow- files. 2009-06-06 Nicolas François * NEWS, src/su.c: Preserve the DISPLAY and XAUTHORITY environment variables, even with --login. This was not the case before in the PAM version. 2009-06-06 Nicolas François * src/useradd.c, src/groupmod.c, src/groupadd.c, src/faillog.c: Fix typos. Take this opportunity to split the usage messages into smaller messages (one per option). * src/pwck.c: Fix typo. 2009-06-05 Petri Koistinen * man/passwd.1.xml: The short option for --mindays is -n, not -m. 2009-06-04 Mike Frysinger * .gitignore, man/.gitignore, src/.gitignore: Added .gitignore files. 2009-06-04 Nicolas François * man/su.1.xml: Use