summaryrefslogtreecommitdiffstats
path: root/src/userdel.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-06-26 16:18:37 +0000
commitb6b00dd55e035bfbe311a527b567962ffa77ee43 (patch)
treecafc4d13785448e5a78bd40a51697ee07f07ac12 /src/userdel.c
parentAdding debian version 1:4.13+dfsg1-5. (diff)
downloadshadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.tar.xz
shadow-b6b00dd55e035bfbe311a527b567962ffa77ee43.zip
Merging upstream version 1:4.15.2.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/userdel.c156
1 files changed, 47 insertions, 109 deletions
diff --git a/src/userdel.c b/src/userdel.c
index 7012b0e..ff1f7dd 100644
--- a/src/userdel.c
+++ b/src/userdel.c
@@ -19,6 +19,8 @@
#include <sys/stat.h>
#include <sys/types.h>
#include <unistd.h>
+
+#include "alloc.h"
#ifdef ACCT_TOOLS_SETUID
#ifdef USE_PAM
#include "pam_defs.h"
@@ -50,6 +52,8 @@
#include "subordinateio.h"
#endif /* ENABLE_SUBIDS */
#include "shadowlog.h"
+#include "string/sprintf.h"
+
/*
* exit status values
@@ -68,7 +72,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "userdel";
static char *user_name;
static uid_t user_id;
@@ -204,8 +208,7 @@ static void update_groups (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user from group",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_SUCCESS);
+ user_name, user_id, SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
user_name, ngrp->gr_name));
@@ -266,8 +269,7 @@ static void update_groups (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user from shadow group",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_SUCCESS);
+ user_name, user_id, SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
user_name, nsgrp->sg_name));
@@ -526,8 +528,7 @@ static void fail_exit (int code)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
exit (code);
@@ -548,8 +549,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"locking password file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_PW_UPDATE);
}
@@ -560,8 +560,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"opening password file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_PW_UPDATE);
}
@@ -573,8 +572,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"locking shadow password file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_PW_UPDATE);
}
@@ -586,8 +584,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"opening shadow password file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_PW_UPDATE);
}
@@ -599,8 +596,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"locking group file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_GRP_UPDATE);
}
@@ -610,8 +606,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"opening group file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_GRP_UPDATE);
}
@@ -624,8 +619,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"locking shadow group file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_GRP_UPDATE);
}
@@ -636,8 +630,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"opening shadow group file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_GRP_UPDATE);
}
@@ -652,8 +645,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"locking subordinate user file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SUB_UID_UPDATE);
}
@@ -664,8 +656,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"opening subordinate user file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SUB_UID_UPDATE);
}
@@ -678,8 +669,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"locking subordinate group file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SUB_GID_UPDATE);
}
@@ -690,8 +680,7 @@ static void open_files (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"opening subordinate group file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SUB_GID_UPDATE);
}
@@ -738,8 +727,7 @@ static void update_user (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting user entries",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_SUCCESS);
+ user_name, user_id, SHADOW_AUDIT_SUCCESS);
#endif /* WITH_AUDIT */
SYSLOG ((LOG_INFO, "delete user '%s'\n", user_name));
}
@@ -763,7 +751,7 @@ static void user_cancel (const char *user)
}
argv[0] = cmd;
argv[1] = user;
- argv[2] = (char *)0;
+ argv[2] = NULL;
(void) run_command (cmd, argv, NULL, &status);
}
@@ -802,11 +790,9 @@ static int is_owner (uid_t uid, const char *path)
static int remove_mailbox (void)
{
- const char *maildir;
- char* mailfile;
- int i;
- int errors = 0;
- size_t len;
+ int i, errors = 0;
+ char *mailfile;
+ const char *maildir;
maildir = getdef_str ("MAIL_DIR");
#ifdef MAIL_SPOOL_DIR
@@ -818,18 +804,11 @@ static int remove_mailbox (void)
return 0;
}
- len = strlen (prefix) + strlen (maildir) + strlen (user_name) + 2;
- mailfile = xmalloc (len);
-
if (prefix[0]) {
- (void) snprintf (mailfile, len, "%s/%s/%s",
- prefix, maildir, user_name);
- }
- else {
- (void) snprintf (mailfile, len, "%s/%s",
- maildir, user_name);
+ xasprintf(&mailfile, "%s/%s/%s", prefix, maildir, user_name);
+ } else {
+ xasprintf(&mailfile, "%s/%s", maildir, user_name);
}
- mailfile[len-1] = '\0';
if (access (mailfile, F_OK) != 0) {
if (ENOENT == errno) {
@@ -846,8 +825,7 @@ static int remove_mailbox (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
free(mailfile);
return -1;
@@ -863,8 +841,7 @@ static int remove_mailbox (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
errors = 1;
/* continue */
@@ -874,8 +851,7 @@ static int remove_mailbox (void)
{
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_SUCCESS);
+ user_name, user_id, SHADOW_AUDIT_SUCCESS);
}
#endif /* WITH_AUDIT */
free(mailfile);
@@ -892,8 +868,7 @@ static int remove_mailbox (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
free(mailfile);
return 1;
@@ -909,8 +884,7 @@ static int remove_mailbox (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
errors = 1;
/* continue */
@@ -920,8 +894,7 @@ static int remove_mailbox (void)
{
audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_SUCCESS);
+ user_name, user_id, SHADOW_AUDIT_SUCCESS);
}
#endif /* WITH_AUDIT */
free(mailfile);
@@ -931,22 +904,19 @@ static int remove_mailbox (void)
#ifdef WITH_TCB
static int remove_tcbdir (const char *user_name, uid_t user_id)
{
- char *buf;
- int ret = 0;
- size_t buflen = (sizeof TCB_DIR) + strlen (user_name) + 2;
+ int ret = 0;
+ char *buf;
if (!getdef_bool ("USE_TCB")) {
return 0;
}
- buf = malloc (buflen);
- if (NULL == buf) {
- fprintf (stderr, _("%s: Can't allocate memory, "
- "tcb entry for %s not removed.\n"),
- Prog, user_name);
+ if (asprintf(&buf, TCB_DIR "/%s", user_name) == -1) {
+ fprintf(stderr,
+ _("%s: Can't allocate memory, tcb entry for %s not removed.\n"),
+ Prog, user_name);
return 1;
}
- snprintf (buf, buflen, TCB_DIR "/%s", user_name);
if (shadowtcb_drop_priv () == SHADOWTCB_FAILURE) {
fprintf (stderr, _("%s: Cannot drop privileges: %s\n"),
Prog, strerror (errno));
@@ -989,10 +959,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
(void) setlocale (LC_ALL, "");
@@ -1002,7 +968,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
- OPENLOG ("userdel");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif /* WITH_AUDIT */
@@ -1086,7 +1052,7 @@ int main (int argc, char **argv)
exit (E_PW_UPDATE);
}
- retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
@@ -1148,15 +1114,9 @@ int main (int argc, char **argv)
user_gid = pwd->pw_gid;
if (prefix[0]) {
-
- size_t len = strlen(prefix) + strlen(pwd->pw_dir) + 2;
- int wlen;
- user_home = xmalloc(len);
- wlen = snprintf(user_home, len, "%s/%s", prefix, pwd->pw_dir);
- assert (wlen == (int) len -1);
- }
- else {
- user_home = xstrdup (pwd->pw_dir);
+ xasprintf(&user_home, "%s/%s", prefix, pwd->pw_dir);
+ } else {
+ user_home = xstrdup(pwd->pw_dir);
}
pw_close();
}
@@ -1165,26 +1125,6 @@ int main (int argc, char **argv)
exit (E_NOTFOUND);
}
#endif /* WITH_TCB */
-#ifdef USE_NIS
-
- /*
- * Now make sure it isn't an NIS user.
- */
- if (__ispwNIS ()) {
- char *nis_domain;
- char *nis_master;
-
- fprintf (stderr,
- _("%s: user %s is a NIS user\n"), Prog, user_name);
- if ( !yp_get_default_domain (&nis_domain)
- && !yp_master (nis_domain, "passwd.byname", &nis_master)) {
- fprintf (stderr,
- _("%s: %s is the NIS master\n"),
- Prog, nis_master);
- }
- exit (E_NOTFOUND);
- }
-#endif /* USE_NIS */
/*
* Check to make certain the user isn't logged in.
* Note: This is a best effort basis. The user may log in between,
@@ -1290,8 +1230,7 @@ int main (int argc, char **argv)
{
audit_logger (AUDIT_DEL_USER, Prog,
"deleting home directory",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_SUCCESS);
+ user_name, user_id, SHADOW_AUDIT_SUCCESS);
}
#endif /* WITH_AUDIT */
}
@@ -1313,8 +1252,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"removing SELinux user mapping",
- user_name, (unsigned int) user_id,
- SHADOW_AUDIT_FAILURE);
+ user_name, user_id, SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE);
}