summaryrefslogtreecommitdiffstats
path: root/src/usermod.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/usermod.c')
-rw-r--r--src/usermod.c714
1 files changed, 360 insertions, 354 deletions
diff --git a/src/usermod.c b/src/usermod.c
index c1a5b2c..f889698 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -17,7 +17,9 @@
#include <fcntl.h>
#include <getopt.h>
#include <grp.h>
+#ifdef ENABLE_LASTLOG
#include <lastlog.h>
+#endif /* ENABLE_LASTLOG */
#include <pwd.h>
#ifdef ACCT_TOOLS_SETUID
#ifdef USE_PAM
@@ -25,14 +27,19 @@
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
#include <stdio.h>
+#include <strings.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <time.h>
+
+#include "alloc.h"
+#include "atoi/str2i.h"
#include "chkname.h"
#include "defines.h"
#include "faillog.h"
#include "getdef.h"
#include "groupio.h"
+#include "memzero.h"
#include "nscd.h"
#include "sssd.h"
#include "prototypes.h"
@@ -52,6 +59,9 @@
#include "tcbfuncs.h"
#endif
#include "shadowlog.h"
+#include "string/sprintf.h"
+#include "time/day_to_str.h"
+
/*
* exit status values
@@ -82,7 +92,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "usermod";
static char *user_name;
static char *user_newname;
@@ -98,6 +108,7 @@ static char *user_newhome;
static char *user_shell;
#ifdef WITH_SELINUX
static const char *user_selinux = "";
+static const char *user_selinux_range = NULL;
#endif /* WITH_SELINUX */
static char *user_newshell;
static long user_expire;
@@ -163,14 +174,16 @@ static bool sub_gid_locked = false;
/* local function prototypes */
static int get_groups (char *);
-static /*@noreturn@*/void usage (int status);
+NORETURN static void usage (int status);
static void new_pwent (struct passwd *);
static void new_spent (struct spwd *);
-static /*@noreturn@*/void fail_exit (int);
-static void update_group (void);
+NORETURN static void fail_exit (int);
+static void update_group_file(void);
+static void update_group(const struct group *grp);
#ifdef SHADOWGRP
-static void update_gshadow (void);
+static void update_gshadow_file(void);
+static void update_gshadow(const struct sgrp *sgrp);
#endif
static void grp_update (void);
@@ -179,7 +192,9 @@ static void close_files (void);
static void open_files (void);
static void usr_update (void);
static void move_home (void);
+#ifdef ENABLE_LASTLOG
static void update_lastlog (void);
+#endif /* ENABLE_LASTLOG */
static void update_faillog (void);
#ifndef NO_MOVE_MAILBOX
@@ -198,14 +213,14 @@ extern int allow_bad_names;
static int get_groups (char *list)
{
char *cp;
- const struct group *grp;
+ struct group *grp;
int errors = 0;
int ngroups = 0;
/*
* Initialize the list to be empty
*/
- user_groups[0] = (char *) 0;
+ user_groups[0] = NULL;
if ('\0' == *list) {
return 0;
@@ -251,25 +266,11 @@ static int get_groups (char *list)
continue;
}
-#ifdef USE_NIS
- /*
- * Don't add this group if they are an NIS group. Tell the
- * user to go to the server for this group.
- */
- if (__isgrNIS ()) {
- fprintf (stderr,
- _("%s: group '%s' is a NIS group.\n"),
- Prog, grp->gr_name);
- gr_free ((struct group *)grp);
- continue;
- }
-#endif
-
if (ngroups == sys_ngroups) {
fprintf (stderr,
_("%s: too many groups specified (max %d).\n"),
Prog, ngroups);
- gr_free ((struct group *)grp);
+ gr_free (grp);
break;
}
@@ -277,10 +278,10 @@ static int get_groups (char *list)
* Add the group name to the user's list of groups.
*/
user_groups[ngroups++] = xstrdup (grp->gr_name);
- gr_free ((struct group *)grp);
+ gr_free (grp);
} while (NULL != list);
- user_groups[ngroups] = (char *) 0;
+ user_groups[ngroups] = NULL;
/*
* Any errors in finding group names are fatal
@@ -307,21 +308,28 @@ static struct ulong_range getulong_range(const char *str)
errno = 0;
first = strtoll(str, &pos, 10);
- if (('\0' == *str) || ('-' != *pos ) || (ERANGE == errno) ||
- (first != (unsigned long int)first))
+ if (('\0' == *str) || ('-' != *pos ) || (0 != errno) ||
+ (first != (unsigned long)first))
goto out;
errno = 0;
last = strtoll(pos + 1, &pos, 10);
- if (('\0' != *pos ) || (ERANGE == errno) ||
- (last != (unsigned long int)last))
+ if (('\0' != *pos ) || (0 != errno) ||
+ (last != (unsigned long)last))
goto out;
if (first > last)
goto out;
- result.first = (unsigned long int)first;
- result.last = (unsigned long int)last;
+ /*
+ * uid_t in linux is an unsigned int, anything over this is an invalid
+ * range will be later refused anyway by get_map_ranges().
+ */
+ if (first > UINT_MAX || last > UINT_MAX)
+ goto out;
+
+ result.first = (unsigned long)first;
+ result.last = (unsigned long)last;
out:
return result;
}
@@ -342,7 +350,7 @@ static int prepend_range(const char *str, struct ulong_range_list_entry **head)
if (range.first > range.last)
return 0;
- entry = malloc(sizeof(*entry));
+ entry = MALLOC(1, struct ulong_range_list_entry);
if (!entry) {
fprintf (stderr,
_("%s: failed to allocate memory: %s\n"),
@@ -359,7 +367,9 @@ static int prepend_range(const char *str, struct ulong_range_list_entry **head)
/*
* usage - display usage message and exit
*/
-static /*@noreturn@*/void usage (int status)
+NORETURN
+static void
+usage (int status)
{
FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
(void) fprintf (usageout,
@@ -401,6 +411,7 @@ static /*@noreturn@*/void usage (int status)
#endif /* ENABLE_SUBIDS */
#ifdef WITH_SELINUX
(void) fputs (_(" -Z, --selinux-user SEUSER new SELinux user mapping for the user account\n"), usageout);
+ (void) fputs (_(" --selinux-range SERANGE new SELinux MLS range for the user account\n"), usageout);
#endif /* WITH_SELINUX */
(void) fputs ("\n", usageout);
exit (status);
@@ -413,20 +424,17 @@ static /*@noreturn@*/void usage (int status)
static char *new_pw_passwd (char *pw_pass)
{
if (Lflg && ('!' != pw_pass[0])) {
- char *buf = xmalloc (strlen (pw_pass) + 2);
+ char *buf = XMALLOC(strlen(pw_pass) + 2, char);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "updating passwd",
- user_newname, (unsigned int) user_newid, 0);
+ "updating passwd", user_newname, user_newid, 0);
#endif
SYSLOG ((LOG_INFO, "lock user '%s' password", user_newname));
strcpy (buf, "!");
strcat (buf, pw_pass);
pw_pass = buf;
} else if (Uflg && pw_pass[0] == '!') {
- char *s;
-
if (pw_pass[1] == '\0') {
fprintf (stderr,
_("%s: unlocking the user's password would result in a passwordless account.\n"
@@ -437,20 +445,14 @@ static char *new_pw_passwd (char *pw_pass)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "updating password",
- user_newname, (unsigned int) user_newid, 0);
+ "updating password", user_newname, user_newid, 0);
#endif
SYSLOG ((LOG_INFO, "unlock user '%s' password", user_newname));
- s = pw_pass;
- while ('\0' != *s) {
- *s = *(s + 1);
- s++;
- }
+ memmove(pw_pass, pw_pass + 1, strlen(pw_pass));
} else if (pflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing password",
- user_newname, (unsigned int) user_newid, 1);
+ "changing password", user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO, "change user '%s' password", user_newname));
pw_pass = xstrdup (user_pass);
@@ -479,8 +481,7 @@ static void new_pwent (struct passwd *pwent)
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing name",
- user_newname, (unsigned int) user_newid, 1);
+ "changing name", user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user name '%s' to '%s'",
@@ -500,8 +501,7 @@ static void new_pwent (struct passwd *pwent)
if (uflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing uid",
- user_newname, (unsigned int) user_newid, 1);
+ "changing uid", user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' UID from '%d' to '%d'",
@@ -512,7 +512,7 @@ static void new_pwent (struct passwd *pwent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing primary group",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' GID from '%d' to '%d'",
@@ -522,8 +522,7 @@ static void new_pwent (struct passwd *pwent)
if (cflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing comment",
- user_newname, (unsigned int) user_newid, 1);
+ "changing comment", user_newname, user_newid, 1);
#endif
pwent->pw_gecos = user_newcomment;
}
@@ -532,7 +531,7 @@ static void new_pwent (struct passwd *pwent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing home directory",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' home from '%s' to '%s'",
@@ -549,7 +548,7 @@ static void new_pwent (struct passwd *pwent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing user shell",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' shell from '%s' to '%s'",
@@ -580,7 +579,7 @@ static void new_spent (struct spwd *spent)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing inactive days",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' inactive from '%ld' to '%ld'",
@@ -590,12 +589,13 @@ static void new_spent (struct spwd *spent)
if (eflg) {
/* log dates rather than numbers of days. */
char new_exp[16], old_exp[16];
- date_to_str (sizeof(new_exp), new_exp, user_newexpire * DAY);
- date_to_str (sizeof(old_exp), old_exp, user_expire * DAY);
+
+ DAY_TO_STR(new_exp, user_newexpire);
+ DAY_TO_STR(old_exp, user_expire);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing expiration date",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
#endif
SYSLOG ((LOG_INFO,
"change user '%s' expiration from '%s' to '%s'",
@@ -615,7 +615,7 @@ static void new_spent (struct spwd *spent)
spent->sp_pwdp = new_pw_passwd (spent->sp_pwdp);
if (pflg) {
- spent->sp_lstchg = (long) gettime () / SCALE;
+ spent->sp_lstchg = gettime () / DAY;
if (0 == spent->sp_lstchg) {
/* Better disable aging than requiring a password
* change. */
@@ -627,7 +627,9 @@ static void new_spent (struct spwd *spent)
/*
* fail_exit - exit with an error code after unlocking files
*/
-static /*@noreturn@*/void fail_exit (int code)
+NORETURN
+static void
+fail_exit (int code)
{
if (gr_locked) {
if (gr_unlock () == 0) {
@@ -685,263 +687,277 @@ static /*@noreturn@*/void fail_exit (int code)
}
-static void update_group (void)
+static void
+update_group_file(void)
{
- bool is_member;
- bool was_member;
- bool changed;
- const struct group *grp;
- struct group *ngrp;
-
- changed = false;
+ const struct group *grp;
/*
* Scan through the entire group file looking for the groups that
* the user is a member of.
*/
- while ((grp = gr_next ()) != NULL) {
- /*
- * See if the user specified this group as one of their
- * concurrent groups.
- */
- was_member = is_on_list (grp->gr_mem, user_name);
- is_member = Gflg && ( (was_member && aflg)
- || is_on_list (user_groups, grp->gr_name));
+ while ((grp = gr_next()) != NULL)
+ update_group(grp);
+}
- if (!was_member && !is_member) {
- continue;
- }
- /*
- * If rflg+Gflg is passed in AKA -rG invert is_member flag, which removes
- * mentioned groups while leaving the others.
- */
- if (Gflg && rflg) {
- is_member = !is_member;
- }
+static void
+update_group(const struct group *grp)
+{
+ bool changed;
+ bool is_member;
+ bool was_member;
+ struct group *ngrp;
- ngrp = __gr_dup (grp);
- if (NULL == ngrp) {
- fprintf (stderr,
- _("%s: Out of memory. Cannot update %s.\n"),
- Prog, gr_dbname ());
- fail_exit (E_GRP_UPDATE);
- }
+ changed = false;
- if (was_member) {
- if ((!Gflg) || is_member) {
- /* User was a member and is still a member
- * of this group.
- * But the user might have been renamed.
- */
- if (lflg) {
- ngrp->gr_mem = del_list (ngrp->gr_mem,
- user_name);
- ngrp->gr_mem = add_list (ngrp->gr_mem,
- user_newname);
- changed = true;
-#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing group member",
- user_newname, AUDIT_NO_ID, 1);
-#endif
- SYSLOG ((LOG_INFO,
- "change '%s' to '%s' in group '%s'",
- user_name, user_newname,
- ngrp->gr_name));
- }
- } else {
- /* User was a member but is no more a
- * member of this group.
- */
- ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ */
+ was_member = is_on_list (grp->gr_mem, user_name);
+ is_member = Gflg && ( (was_member && aflg)
+ || is_on_list (user_groups, grp->gr_name));
+
+ if (!was_member && !is_member)
+ return;
+
+ /*
+ * If rflg+Gflg is passed in AKA -rG invert is_member flag, which removes
+ * mentioned groups while leaving the others.
+ */
+ if (Gflg && rflg) {
+ is_member = !is_member;
+ }
+
+ ngrp = __gr_dup (grp);
+ if (NULL == ngrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, gr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+
+ if (was_member) {
+ if ((!Gflg) || is_member) {
+ /* User was a member and is still a member
+ * of this group.
+ * But the user might have been renamed.
+ */
+ if (lflg) {
+ ngrp->gr_mem = del_list (ngrp->gr_mem,
+ user_name);
+ ngrp->gr_mem = add_list (ngrp->gr_mem,
+ user_newname);
changed = true;
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "removing group member",
- user_name, AUDIT_NO_ID, 1);
+ "changing group member",
+ user_newname, AUDIT_NO_ID, 1);
#endif
SYSLOG ((LOG_INFO,
- "delete '%s' from group '%s'",
- user_name, ngrp->gr_name));
+ "change '%s' to '%s' in group '%s'",
+ user_name, user_newname,
+ ngrp->gr_name));
}
- } else if (is_member) {
- /* User was not a member but is now a member this
- * group.
+ } else {
+ /* User was a member but is no more a
+ * member of this group.
*/
- ngrp->gr_mem = add_list (ngrp->gr_mem, user_newname);
+ ngrp->gr_mem = del_list (ngrp->gr_mem, user_name);
changed = true;
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "adding user to group",
- user_name, AUDIT_NO_ID, 1);
+ "removing group member",
+ user_name, AUDIT_NO_ID, 1);
#endif
- SYSLOG ((LOG_INFO, "add '%s' to group '%s'",
- user_newname, ngrp->gr_name));
- }
- if (!changed) {
- continue;
- }
-
- changed = false;
- if (gr_update (ngrp) == 0) {
- fprintf (stderr,
- _("%s: failed to prepare the new %s entry '%s'\n"),
- Prog, gr_dbname (), ngrp->gr_name);
- SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'", gr_dbname (), ngrp->gr_name));
- fail_exit (E_GRP_UPDATE);
+ SYSLOG ((LOG_INFO,
+ "delete '%s' from group '%s'",
+ user_name, ngrp->gr_name));
}
+ } else if (is_member) {
+ /* User was not a member but is now a member this
+ * group.
+ */
+ ngrp->gr_mem = add_list (ngrp->gr_mem, user_newname);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "adding user to group",
+ user_name, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO, "add '%s' to group '%s'",
+ user_newname, ngrp->gr_name));
+ }
+ if (!changed)
+ goto free_ngrp;
- gr_free(ngrp);
+ if (gr_update (ngrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, gr_dbname (), ngrp->gr_name);
+ SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'", gr_dbname (), ngrp->gr_name));
+ fail_exit (E_GRP_UPDATE);
}
+
+free_ngrp:
+ gr_free(ngrp);
}
+
#ifdef SHADOWGRP
-static void update_gshadow (void)
+static void
+update_gshadow_file(void)
{
- bool is_member;
- bool was_member;
- bool was_admin;
- bool changed;
- const struct sgrp *sgrp;
- struct sgrp *nsgrp;
-
- changed = false;
+ const struct sgrp *sgrp;
/*
* Scan through the entire shadow group file looking for the groups
* that the user is a member of.
*/
- while ((sgrp = sgr_next ()) != NULL) {
+ while ((sgrp = sgr_next()) != NULL)
+ update_gshadow(sgrp);
+}
+#endif /* SHADOWGRP */
- /*
- * See if the user was a member of this group
- */
- was_member = is_on_list (sgrp->sg_mem, user_name);
- /*
- * See if the user was an administrator of this group
- */
- was_admin = is_on_list (sgrp->sg_adm, user_name);
+#ifdef SHADOWGRP
+static void
+update_gshadow(const struct sgrp *sgrp)
+{
+ bool changed;
+ bool is_member;
+ bool was_member;
+ bool was_admin;
+ struct sgrp *nsgrp;
- /*
- * See if the user specified this group as one of their
- * concurrent groups.
- */
- is_member = Gflg && ( (was_member && aflg)
- || is_on_list (user_groups, sgrp->sg_name));
+ changed = false;
- if (!was_member && !was_admin && !is_member) {
- continue;
- }
+ /*
+ * See if the user was a member of this group
+ */
+ was_member = is_on_list (sgrp->sg_mem, user_name);
- /*
- * If rflg+Gflg is passed in AKA -rG invert is_member, to remove targeted
- * groups while leaving the user apart of groups not mentioned
- */
- if (Gflg && rflg) {
- is_member = !is_member;
- }
+ /*
+ * See if the user was an administrator of this group
+ */
+ was_admin = is_on_list (sgrp->sg_adm, user_name);
- nsgrp = __sgr_dup (sgrp);
- if (NULL == nsgrp) {
- fprintf (stderr,
- _("%s: Out of memory. Cannot update %s.\n"),
- Prog, sgr_dbname ());
- fail_exit (E_GRP_UPDATE);
- }
+ /*
+ * See if the user specified this group as one of their
+ * concurrent groups.
+ */
+ is_member = Gflg && ( (was_member && aflg)
+ || is_on_list (user_groups, sgrp->sg_name));
- if (was_admin && lflg) {
- /* User was an admin of this group but the user
- * has been renamed.
- */
- nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name);
- nsgrp->sg_adm = add_list (nsgrp->sg_adm, user_newname);
- changed = true;
-#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing admin name in shadow group",
- user_name, AUDIT_NO_ID, 1);
-#endif
- SYSLOG ((LOG_INFO,
- "change admin '%s' to '%s' in shadow group '%s'",
- user_name, user_newname, nsgrp->sg_name));
- }
-
- if (was_member) {
- if ((!Gflg) || is_member) {
- /* User was a member and is still a member
- * of this group.
- * But the user might have been renamed.
- */
- if (lflg) {
- nsgrp->sg_mem = del_list (nsgrp->sg_mem,
- user_name);
- nsgrp->sg_mem = add_list (nsgrp->sg_mem,
- user_newname);
- changed = true;
+ if (!was_member && !was_admin && !is_member)
+ return;
+
+ /*
+ * If rflg+Gflg is passed in AKA -rG invert is_member, to remove targeted
+ * groups while leaving the user apart of groups not mentioned
+ */
+ if (Gflg && rflg) {
+ is_member = !is_member;
+ }
+
+ nsgrp = __sgr_dup (sgrp);
+ if (NULL == nsgrp) {
+ fprintf (stderr,
+ _("%s: Out of memory. Cannot update %s.\n"),
+ Prog, sgr_dbname ());
+ fail_exit (E_GRP_UPDATE);
+ }
+
+ if (was_admin && lflg) {
+ /* User was an admin of this group but the user
+ * has been renamed.
+ */
+ nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name);
+ nsgrp->sg_adm = add_list (nsgrp->sg_adm, user_newname);
+ changed = true;
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing member in shadow group",
- user_name, AUDIT_NO_ID, 1);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "changing admin name in shadow group",
+ user_name, AUDIT_NO_ID, 1);
#endif
- SYSLOG ((LOG_INFO,
- "change '%s' to '%s' in shadow group '%s'",
- user_name, user_newname,
- nsgrp->sg_name));
- }
- } else {
- /* User was a member but is no more a
- * member of this group.
- */
- nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
+ SYSLOG ((LOG_INFO,
+ "change admin '%s' to '%s' in shadow group '%s'",
+ user_name, user_newname, nsgrp->sg_name));
+ }
+
+ if (was_member) {
+ if ((!Gflg) || is_member) {
+ /* User was a member and is still a member
+ * of this group.
+ * But the user might have been renamed.
+ */
+ if (lflg) {
+ nsgrp->sg_mem = del_list (nsgrp->sg_mem,
+ user_name);
+ nsgrp->sg_mem = add_list (nsgrp->sg_mem,
+ user_newname);
changed = true;
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "removing user from shadow group",
- user_name, AUDIT_NO_ID, 1);
+ "changing member in shadow group",
+ user_name, AUDIT_NO_ID, 1);
#endif
SYSLOG ((LOG_INFO,
- "delete '%s' from shadow group '%s'",
- user_name, nsgrp->sg_name));
+ "change '%s' to '%s' in shadow group '%s'",
+ user_name, user_newname,
+ nsgrp->sg_name));
}
- } else if (is_member) {
- /* User was not a member but is now a member this
- * group.
+ } else {
+ /* User was a member but is no more a
+ * member of this group.
*/
- nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_newname);
+ nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name);
changed = true;
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "adding user to shadow group",
- user_newname, AUDIT_NO_ID, 1);
+ "removing user from shadow group",
+ user_name, AUDIT_NO_ID, 1);
#endif
- SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
- user_newname, nsgrp->sg_name));
- }
- if (!changed) {
- continue;
+ SYSLOG ((LOG_INFO,
+ "delete '%s' from shadow group '%s'",
+ user_name, nsgrp->sg_name));
}
-
- changed = false;
-
- /*
- * Update the group entry to reflect the changes.
+ } else if (is_member) {
+ /* User was not a member but is now a member this
+ * group.
*/
- if (sgr_update (nsgrp) == 0) {
- fprintf (stderr,
- _("%s: failed to prepare the new %s entry '%s'\n"),
- Prog, sgr_dbname (), nsgrp->sg_name);
- SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'",
- sgr_dbname (), nsgrp->sg_name));
- fail_exit (E_GRP_UPDATE);
- }
+ nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_newname);
+ changed = true;
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "adding user to shadow group",
+ user_newname, AUDIT_NO_ID, 1);
+#endif
+ SYSLOG ((LOG_INFO, "add '%s' to shadow group '%s'",
+ user_newname, nsgrp->sg_name));
+ }
+ if (!changed)
+ goto free_nsgrp;
- free (nsgrp);
+ /*
+ * Update the group entry to reflect the changes.
+ */
+ if (sgr_update (nsgrp) == 0) {
+ fprintf (stderr,
+ _("%s: failed to prepare the new %s entry '%s'\n"),
+ Prog, sgr_dbname (), nsgrp->sg_name);
+ SYSLOG ((LOG_WARN, "failed to prepare the new %s entry '%s'",
+ sgr_dbname (), nsgrp->sg_name));
+ fail_exit (E_GRP_UPDATE);
}
+
+free_nsgrp:
+ free (nsgrp);
}
#endif /* SHADOWGRP */
+
/*
* grp_update - add user to secondary group set
*
@@ -950,10 +966,10 @@ static void update_gshadow (void)
*/
static void grp_update (void)
{
- update_group ();
+ update_group_file();
#ifdef SHADOWGRP
if (is_shadow_grp) {
- update_gshadow ();
+ update_gshadow_file();
}
#endif
}
@@ -967,7 +983,6 @@ static void grp_update (void)
*/
static void process_flags (int argc, char **argv)
{
- const struct group *grp;
struct stat st;
bool anyflag = false;
@@ -978,6 +993,7 @@ static void process_flags (int argc, char **argv)
int c;
static struct option long_options[] = {
{"append", no_argument, NULL, 'a'},
+ {"badname", no_argument, NULL, 'b'},
{"badnames", no_argument, NULL, 'b'},
{"comment", required_argument, NULL, 'c'},
{"home", required_argument, NULL, 'd'},
@@ -1000,11 +1016,12 @@ static void process_flags (int argc, char **argv)
#ifdef ENABLE_SUBIDS
{"add-subuids", required_argument, NULL, 'v'},
{"del-subuids", required_argument, NULL, 'V'},
- {"add-subgids", required_argument, NULL, 'w'},
- {"del-subgids", required_argument, NULL, 'W'},
+ {"add-subgids", required_argument, NULL, 'w'},
+ {"del-subgids", required_argument, NULL, 'W'},
#endif /* ENABLE_SUBIDS */
#ifdef WITH_SELINUX
- {"selinux-user", required_argument, NULL, 'Z'},
+ {"selinux-user", required_argument, NULL, 'Z'},
+ {"selinux-range", required_argument, NULL, 202},
#endif /* WITH_SELINUX */
{NULL, 0, NULL, '\0'}
};
@@ -1058,11 +1075,10 @@ static void process_flags (int argc, char **argv)
Prog, optarg);
exit (E_BAD_ARG);
}
- user_newexpire *= DAY / SCALE;
eflg = true;
break;
case 'f':
- if ( (getlong (optarg, &user_newinactive) == 0)
+ if ( (str2sl(&user_newinactive, optarg) == -1)
|| (user_newinactive < -1)) {
fprintf (stderr,
_("%s: invalid numeric argument '%s'\n"),
@@ -1072,7 +1088,10 @@ static void process_flags (int argc, char **argv)
fflg = true;
break;
case 'g':
- grp = getgr_nam_gid (optarg);
+ {
+ struct group *grp;
+
+ grp = prefix_getgr_nam_gid (optarg);
if (NULL == grp) {
fprintf (stderr,
_("%s: group '%s' does not exist\n"),
@@ -1083,6 +1102,7 @@ static void process_flags (int argc, char **argv)
gflg = true;
gr_free (grp);
break;
+ }
case 'G':
if (get_groups (optarg) != 0) {
exit (E_NOTFOUND);
@@ -1146,7 +1166,7 @@ static void process_flags (int argc, char **argv)
sflg = true;
break;
case 'u':
- if ( (get_uid (optarg, &user_newid) ==0)
+ if ( (get_uid(optarg, &user_newid) == -1)
|| (user_newid == (uid_t)-1)) {
fprintf (stderr,
_("%s: invalid user ID '%s'\n"),
@@ -1214,6 +1234,9 @@ static void process_flags (int argc, char **argv)
exit (E_BAD_ARG);
}
break;
+ case 202:
+ user_selinux_range = optarg;
+ break;
#endif /* WITH_SELINUX */
default:
usage (E_USAGE);
@@ -1258,46 +1281,16 @@ static void process_flags (int argc, char **argv)
user_newgid = user_gid;
}
if (prefix[0]) {
- size_t len = strlen(prefix) + strlen(user_home) + 2;
- int wlen;
- prefix_user_home = xmalloc(len);
- wlen = snprintf(prefix_user_home, len, "%s/%s", prefix, user_home);
- assert (wlen == (int) len -1);
+ xasprintf(&prefix_user_home, "%s/%s", prefix, user_home);
if (user_newhome) {
- len = strlen(prefix) + strlen(user_newhome) + 2;
- prefix_user_newhome = xmalloc(len);
- wlen = snprintf(prefix_user_newhome, len, "%s/%s", prefix, user_newhome);
- assert (wlen == (int) len -1);
+ xasprintf(&prefix_user_newhome, "%s/%s",
+ prefix, user_newhome);
}
-
- }
- else {
+ } else {
prefix_user_home = user_home;
prefix_user_newhome = user_newhome;
}
-#ifdef USE_NIS
- /*
- * Now make sure it isn't an NIS user.
- */
- if (__ispwNIS ()) {
- char *nis_domain;
- char *nis_master;
-
- fprintf (stderr,
- _("%s: user %s is a NIS user\n"),
- Prog, user_name);
-
- if ( !yp_get_default_domain (&nis_domain)
- && !yp_master (nis_domain, "passwd.byname", &nis_master)) {
- fprintf (stderr,
- _("%s: %s is the NIS master\n"),
- Prog, nis_master);
- }
- exit (E_NOTFOUND);
- }
-#endif
-
{
const struct spwd *spwd = NULL;
/* local, no need for xgetspnam */
@@ -1354,6 +1347,15 @@ static void process_flags (int argc, char **argv)
usage (E_USAGE);
}
+#ifdef WITH_SELINUX
+ if (user_selinux_range && !Zflg) {
+ fprintf (stderr,
+ _("%s: %s flag is only allowed with the %s flag\n"),
+ Prog, "--selinux-range", "--selinux-user");
+ usage (E_USAGE);
+ }
+#endif /* WITH_SELINUX */
+
if (user_newid == user_id) {
uflg = false;
oflg = false;
@@ -1723,7 +1725,7 @@ static void usr_update (void)
* a shadowed password
* + aging information is requested
*/
- memset (&spent, 0, sizeof spent);
+ bzero(&spent, sizeof spent);
spent.sp_namp = user_name;
/* The user explicitly asked for a shadow feature.
@@ -1732,7 +1734,7 @@ static void usr_update (void)
spent.sp_pwdp = xstrdup (pwent.pw_passwd);
pwent.pw_passwd = xstrdup (SHADOW_PASSWD_STRING);
- spent.sp_lstchg = (long) gettime () / SCALE;
+ spent.sp_lstchg = gettime () / DAY;
if (0 == spent.sp_lstchg) {
/* Better disable aging than
* requiring a password change */
@@ -1819,7 +1821,7 @@ static void move_home (void)
if (uflg || gflg) {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing home directory owner",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
}
#endif
@@ -1838,8 +1840,7 @@ static void move_home (void)
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"moving home directory",
- user_newname, (unsigned int) user_newid,
- 1);
+ user_newname, user_newid, 1);
#endif
return;
} else {
@@ -1869,7 +1870,7 @@ static void move_home (void)
Prog,
"moving home directory",
user_newname,
- (unsigned int) user_newid,
+ user_newid,
1);
#endif
return;
@@ -1897,6 +1898,7 @@ static void move_home (void)
* left alone in case the UID was shared. It doesn't hurt anything
* to just leave it be.
*/
+#ifdef ENABLE_LASTLOG
static void update_lastlog (void)
{
struct lastlog ll;
@@ -1909,7 +1911,7 @@ static void update_lastlog (void)
return;
}
- max_uid = (uid_t) getdef_ulong ("LASTLOG_UID_MAX", 0xFFFFFFFFUL);
+ max_uid = getdef_ulong ("LASTLOG_UID_MAX", 0xFFFFFFFFUL);
if (user_newid > max_uid) {
/* do not touch lastlog for large uids */
return;
@@ -1928,7 +1930,7 @@ static void update_lastlog (void)
&& (read (fd, &ll, sizeof ll) == (ssize_t) sizeof ll)) {
/* Copy the old entry to its new location */
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
- || (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
+ || (write_full(fd, &ll, sizeof ll) == -1)
|| (fsync (fd) != 0)) {
fprintf (stderr,
_("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
@@ -1944,7 +1946,7 @@ static void update_lastlog (void)
/* Reset the new uid's lastlog entry */
memzero (&ll, sizeof (ll));
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
- || (write (fd, &ll, sizeof ll) != (ssize_t) sizeof ll)
+ || (write_full(fd, &ll, sizeof ll) == -1)
|| (fsync (fd) != 0)) {
fprintf (stderr,
_("%s: failed to copy the lastlog entry of user %lu to user %lu: %s\n"),
@@ -1953,8 +1955,13 @@ static void update_lastlog (void)
}
}
- (void) close (fd);
+ if (close (fd) != 0 && errno != EINTR) {
+ fprintf (stderr,
+ _("%s: failed to copy the lastlog entry of user %ju to user %ju: %s\n"),
+ Prog, (uintmax_t) user_id, (uintmax_t) user_newid, strerror (errno));
+ }
}
+#endif /* ENABLE_LASTLOG */
/*
* update_faillog - update the faillog file
@@ -1984,10 +1991,10 @@ static void update_faillog (void)
}
if ( (lseek (fd, off_uid, SEEK_SET) == off_uid)
- && (read (fd, (char *) &fl, sizeof fl) == (ssize_t) sizeof fl)) {
+ && (read (fd, &fl, sizeof fl) == (ssize_t) sizeof fl)) {
/* Copy the old entry to its new location */
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
- || (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)
+ || (write_full(fd, &fl, sizeof fl) == -1)
|| (fsync (fd) != 0)) {
fprintf (stderr,
_("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
@@ -2003,7 +2010,8 @@ static void update_faillog (void)
/* Reset the new uid's faillog entry */
memzero (&fl, sizeof (fl));
if ( (lseek (fd, off_newuid, SEEK_SET) != off_newuid)
- || (write (fd, &fl, sizeof fl) != (ssize_t) sizeof fl)) {
+ || (write_full(fd, &fl, sizeof fl) == -1))
+ {
fprintf (stderr,
_("%s: failed to copy the faillog entry of user %lu to user %lu: %s\n"),
Prog, (unsigned long) user_id, (unsigned long) user_newid, strerror (errno));
@@ -2011,7 +2019,11 @@ static void update_faillog (void)
}
}
- (void) close (fd);
+ if (close (fd) != 0 && errno != EINTR) {
+ fprintf (stderr,
+ _("%s: failed to copy the faillog entry of user %ju to user %ju: %s\n"),
+ Prog, (uintmax_t) user_id, (uintmax_t) user_newid, strerror (errno));
+ }
}
#ifndef NO_MOVE_MAILBOX
@@ -2024,12 +2036,10 @@ static void update_faillog (void)
*/
static void move_mailbox (void)
{
- const char *maildir;
- char* mailfile;
- char* newmailfile;
- int fd;
- struct stat st;
- size_t len;
+ int fd;
+ char *mailfile;
+ const char *maildir;
+ struct stat st;
maildir = getdef_str ("MAIL_DIR");
#ifdef MAIL_SPOOL_DIR
@@ -2040,8 +2050,6 @@ static void move_mailbox (void)
if (NULL == maildir) {
return;
}
- len = strlen (prefix) + strlen (maildir) + strlen (user_name) + 2;
- mailfile = alloca (len);
/*
* O_NONBLOCK is to make sure open won't hang on mandatory locks.
@@ -2050,14 +2058,10 @@ static void move_mailbox (void)
* between stat and chown). --marekm
*/
if (prefix[0]) {
- (void) snprintf (mailfile, len, "%s/%s/%s",
- prefix, maildir, user_name);
- }
- else {
- (void) snprintf (mailfile, len, "%s/%s",
- maildir, user_name);
+ xasprintf(&mailfile, "%s/%s/%s", prefix, maildir, user_name);
+ } else {
+ xasprintf(&mailfile, "%s/%s", maildir, user_name);
}
- mailfile[len-1] = '\0';
fd = open (mailfile, O_RDONLY | O_NONBLOCK, 0);
if (fd < 0) {
@@ -2065,11 +2069,13 @@ static void move_mailbox (void)
if (errno != ENOENT) {
perror (mailfile);
}
+ free(mailfile);
return;
}
if (fstat (fd, &st) < 0) {
perror ("fstat");
(void) close (fd);
+ free(mailfile);
return;
}
if (st.st_uid != user_id) {
@@ -2077,6 +2083,7 @@ static void move_mailbox (void)
fprintf (stderr, _("%s: warning: %s not owned by %s\n"),
Prog, mailfile, user_name);
(void) close (fd);
+ free(mailfile);
return;
}
if (uflg) {
@@ -2087,7 +2094,7 @@ static void move_mailbox (void)
else {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing mail file owner",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
}
#endif
}
@@ -2095,17 +2102,14 @@ static void move_mailbox (void)
(void) close (fd);
if (lflg) {
- len = strlen (prefix) + strlen (maildir) + strlen (user_newname) + 2;
- newmailfile = alloca(len);
+ char *newmailfile;
+
if (prefix[0]) {
- (void) snprintf (newmailfile, len, "%s/%s/%s",
- prefix, maildir, user_newname);
- }
- else {
- (void) snprintf (newmailfile, len, "%s/%s",
- maildir, user_newname);
+ xasprintf(&newmailfile, "%s/%s/%s",
+ prefix, maildir, user_newname);
+ } else {
+ xasprintf(&newmailfile, "%s/%s", maildir, user_newname);
}
- newmailfile[len - 1] = '\0';
if ( (link (mailfile, newmailfile) != 0)
|| (unlink (mailfile) != 0)) {
perror (_("failed to rename mailbox"));
@@ -2114,10 +2118,14 @@ static void move_mailbox (void)
else {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing mail file name",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
}
+
+ free(newmailfile);
#endif
}
+
+ free(mailfile);
}
#endif
@@ -2133,10 +2141,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -2147,14 +2151,14 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
- OPENLOG ("usermod");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif
sys_ngroups = sysconf (_SC_NGROUPS_MAX);
- user_groups = (char **) malloc (sizeof (char *) * (1 + sys_ngroups));
- user_groups[0] = (char *) 0;
+ user_groups = XMALLOC(sys_ngroups + 1, char *);
+ user_groups[0] = NULL;
is_shadow_pwd = spw_file_present ();
#ifdef SHADOWGRP
@@ -2193,7 +2197,7 @@ int main (int argc, char **argv)
exit (1);
}
- retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
@@ -2305,14 +2309,14 @@ int main (int argc, char **argv)
#ifdef WITH_SELINUX
if (Zflg) {
if ('\0' != *user_selinux) {
- if (set_seuser (user_name, user_selinux) != 0) {
+ if (set_seuser (user_name, user_selinux, user_selinux_range) != 0) {
fprintf (stderr,
_("%s: warning: the user name %s to %s SELinux user mapping failed.\n"),
Prog, user_name, user_selinux);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"modifying User mapping ",
- user_name, (unsigned int) user_id,
+ user_name, user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE);
@@ -2325,7 +2329,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
audit_logger (AUDIT_ADD_USER, Prog,
"removing SELinux user mapping",
- user_name, (unsigned int) user_id,
+ user_name, user_id,
SHADOW_AUDIT_FAILURE);
#endif /* WITH_AUDIT */
fail_exit (E_SE_UPDATE);
@@ -2345,7 +2349,9 @@ int main (int argc, char **argv)
#endif /* NO_MOVE_MAILBOX */
if (uflg) {
+#ifdef ENABLE_LASTLOG
update_lastlog ();
+#endif /* ENABLE_LASTLOG */
update_faillog ();
}
@@ -2367,7 +2373,7 @@ int main (int argc, char **argv)
if (uflg || gflg) {
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
"changing home directory owner",
- user_newname, (unsigned int) user_newid, 1);
+ user_newname, user_newid, 1);
}
#endif
if (chown_tree (dflg ? prefix_user_newhome : prefix_user_home,
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-24 00:41:38 +0000