summaryrefslogtreecommitdiffstats
path: root/lib/cleanup_user.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/cleanup_user.c')
-rw-r--r--lib/cleanup_user.c131
1 files changed, 131 insertions, 0 deletions
diff --git a/lib/cleanup_user.c b/lib/cleanup_user.c
new file mode 100644
index 0000000..9c4bda9
--- /dev/null
+++ b/lib/cleanup_user.c
@@ -0,0 +1,131 @@
+/*
+ * SPDX-FileCopyrightText: 2008 , Nicolas François
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <config.h>
+
+#include <assert.h>
+#include <stdio.h>
+
+#include "attr.h"
+#include "defines.h"
+#include "pwio.h"
+#include "shadowio.h"
+#include "prototypes.h"
+#include "shadowlog.h"
+
+/*
+ * cleanup_report_add_user - Report failure to add a user to the system
+ *
+ * It should be registered when it is decided to add a user to the system.
+ */
+void cleanup_report_add_user (void *user_name)
+{
+ const char *name = user_name;
+
+ SYSLOG ((LOG_ERR, "failed to add user %s", name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, log_get_progname(),
+ "",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+void cleanup_report_mod_passwd (void *cleanup_info)
+{
+ const struct cleanup_info_mod *info;
+ info = (const struct cleanup_info_mod *)cleanup_info;
+
+ SYSLOG ((LOG_ERR,
+ "failed to change %s (%s)",
+ pw_dbname (),
+ info->action));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_ACCT, log_get_progname(),
+ info->audit_msg,
+ info->name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_add_user_passwd - Report failure to add a user to
+ * /etc/passwd
+ *
+ * It should be registered when it is decided to add a user to the
+ * /etc/passwd database.
+ */
+void cleanup_report_add_user_passwd (void *user_name)
+{
+ const char *name = user_name;
+
+ SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, pw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, log_get_progname(),
+ "adding user to /etc/passwd",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_report_add_user_shadow - Report failure to add a user to
+ * /etc/shadow
+ *
+ * It should be registered when it is decided to add a user to the
+ * /etc/shadow database.
+ */
+void cleanup_report_add_user_shadow (void *user_name)
+{
+ const char *name = user_name;
+
+ SYSLOG ((LOG_ERR, "failed to add user %s to %s", name, spw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, log_get_progname(),
+ "adding user to /etc/shadow",
+ name, AUDIT_NO_ID,
+ SHADOW_AUDIT_FAILURE);
+#endif
+}
+
+/*
+ * cleanup_unlock_passwd - Unlock the /etc/passwd database
+ *
+ * It should be registered after the passwd database is successfully locked.
+ */
+void cleanup_unlock_passwd (MAYBE_UNUSED void *arg)
+{
+ if (pw_unlock () == 0) {
+ fprintf (log_get_logfd(),
+ _("%s: failed to unlock %s\n"),
+ log_get_progname(), pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger_message ("unlocking passwd file",
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+}
+
+/*
+ * cleanup_unlock_shadow - Unlock the /etc/shadow database
+ *
+ * It should be registered after the shadow database is successfully locked.
+ */
+void cleanup_unlock_shadow (MAYBE_UNUSED void *arg)
+{
+ if (spw_unlock () == 0) {
+ fprintf (log_get_logfd(),
+ _("%s: failed to unlock %s\n"),
+ log_get_progname(), spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+#ifdef WITH_AUDIT
+ audit_logger_message ("unlocking shadow file",
+ SHADOW_AUDIT_FAILURE);
+#endif
+ }
+}
+