Projects
openEuler:Mainline
libuser
Sign Up
Log In
Username
Password
We truncated the diff of some files because they were too big. If you want to see the full diff for every file,
click here
.
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 8
View file
_service:tar_scm:libuser.spec
Changed
@@ -1,14 +1,10 @@ Name: libuser -Version: 0.63 -Release: 5 +Version: 0.64 +Release: 1 Summary: A user and group account administration library License: LGPLv2+ URL: https://pagure.io/libuser -Source: http://releases.pagure.org/libuser/libuser-%{version}.tar.xz - -Patch0: libuser-0.63-PR49_add_yescrypt.patch -Patch1: libuser-0.63-downstream_test_xcrypt.patch -Patch2: fix-ldap-test-because-openldap-was-upgraded.patch +Source: http://releases.pagure.org/libuser/libuser-%{version}.tar.gz Patch9000: add-sm3-crypt-support.patch @@ -104,6 +100,9 @@ %{_mandir}/man5/* %changelog +* Mon Jul 17 2023 fuanan <fuanan3@h-partners.com> - 0.64-1 +- update version to 0.64 + * Wed Oct 19 2022 fuanan <fuanan3@h-partners.com> - 0.63-5 - DESC:optimize compilation by running make in parallel
View file
_service:tar_scm:fix-ldap-test-because-openldap-was-upgraded.patch
Deleted
@@ -1,67 +0,0 @@ -From 85bcf0efc3d3e6453f6e50da877dc7eb1a4d1ae1 Mon Sep 17 00:00:00 2001 -From: panxiaohe <panxiaohe@huawei.com> -Date: Mon, 10 Jan 2022 13:17:22 +0800 -Subject: PATCH fix ldap test because openldap was upgraded to 2.6.0 - -The new version of openldap has removed deprecated -h and -p options -to client tools. And it has deleted back-bdb, so this patch uses mdb. ---- - tests/default_pw_test | 6 ++++-- - tests/ldap_test | 3 ++- - tests/slapd.conf.in | 2 +- - 3 files changed, 7 insertions(+), 4 deletions(-) - -diff --git a/tests/default_pw_test b/tests/default_pw_test -index 733c85c..932dcb2 100755 ---- a/tests/default_pw_test -+++ b/tests/default_pw_test -@@ -69,7 +69,8 @@ get_file_password() # file under $workdir/files, entry name - get_ldap_password() # entry filter - { - echo "Checking $1 ..." >&2 -- ldapsearch -LLL -h 127.0.0.1 -p "$ldap_port" -x -b 'dc=libuser' "$1" \ -+ URI="ldap://127.0.0.1:$ldap_port/" -+ ldapsearch -LLL -H "$URI" -x -b 'dc=libuser' "$1" \ - userPassword | sed -n 's/userPassword:: //p' - } - -@@ -103,7 +104,8 @@ for modules in \ - tests/wait_for_slapd_start "$workdir"/slapd.pid "$ldap_port" - slapd_pid=$(cat "$workdir"/slapd.pid) - trap 'status=$?; kill $slapd_pid; rm -rf "$workdir"; exit $status' 0 -- ldapadd -h 127.0.0.1 -p "$ldap_port" -f "$srcdir/ldap_skel.ldif" -x \ -+ URI="ldap://127.0.0.1:$ldap_port/" -+ ldapadd -H "$URI" -f "$srcdir/ldap_skel.ldif" -x \ - -D cn=Manager,dc=libuser -w password - ;; - esac -diff --git a/tests/ldap_test b/tests/ldap_test -index 54609b1..de9308c 100755 ---- a/tests/ldap_test -+++ b/tests/ldap_test -@@ -56,7 +56,8 @@ slapd_pid=$(cat "$workdir"/slapd.pid) - trap 'status=$?; kill $slapd_pid - tests/wait_for_slapd_exit "$workdir"/slapd.pid "$ldap_port" - rm -rf "$workdir"; exit $status' 0 --ldapadd -h 127.0.0.1 -p "$ldap_port" -f "$srcdir/ldap_skel.ldif" -x \ -+URI="ldap://127.0.0.1:$ldap_port/" -+ldapadd -H "$URI" -f "$srcdir/ldap_skel.ldif" -x \ - -D cn=Manager,dc=libuser -w password - - -diff --git a/tests/slapd.conf.in b/tests/slapd.conf.in -index 06ef10d..8e49a36 100644 ---- a/tests/slapd.conf.in -+++ b/tests/slapd.conf.in -@@ -10,7 +10,7 @@ pidfile @WORKDIR@/slapd.pid - TLSCertificateFile @WORKDIR@/key.pem - TLSCertificateKeyFile @WORKDIR@/key.pem - --database bdb -+database mdb - suffix "dc=libuser" - rootdn "cn=Manager,dc=libuser" - rootpw {SSHA}ABgelmLFZQ/OJzVEp3OM5MzWQ9rt3b4F --- -1.8.3.1 -
View file
_service:tar_scm:libuser-0.63-PR49_add_yescrypt.patch
Deleted
@@ -1,260 +0,0 @@ -From 3b8a2aa52bcee6e03f047840251ae42ab971a8a0 Mon Sep 17 00:00:00 2001 -From: Björn Esser <besser82@fedoraproject.org> -Date: Jun 07 2021 20:25:41 +0000 -Subject: PATCH 1/5 lib/util.c: bcrypt should use $2b$ as prefix for setting. - - -This prefix is the recommended one for new bcrypt hashes -for a long time. - -Signed-off-by: Björn Esser <besser82@fedoraproject.org> - ---- - -diff --git a/lib/util.c b/lib/util.c -index 1b03f7d..e549a35 100644 ---- a/lib/util.c -+++ b/lib/util.c -@@ -124,7 +124,7 @@ static const struct { - } salt_type_info = { - {"$1$", "$", 8, FALSE }, - /* FIXME: number of rounds, base64 of 128 bits */ -- {"$2a$", "$", 8, FALSE }, -+ {"$2b$", "$", 8, FALSE }, - {"$5$", "$", 16, TRUE }, - {"$6$", "$", 16, TRUE }, - { "", "", 2 }, -@@ -231,7 +231,7 @@ lu_util_default_salt_specifier(struct lu_context *context) - } salt_types = { - { "des", "", FALSE }, - { "md5", "$1$", FALSE }, -- { "blowfish", "$2a$", FALSE }, -+ { "blowfish", "$2b$", FALSE }, - { "sha256", "$5$", TRUE }, - { "sha512", "$6$", TRUE }, - }; - -From 9dcc69425677cf510ec6da5ababfdd295f875c1a Mon Sep 17 00:00:00 2001 -From: Björn Esser <besser82@fedoraproject.org> -Date: Jun 17 2021 15:34:02 +0000 -Subject: PATCH 2/5 lib/util.c: Use crypt_gensalt(), if available in libcrypt. - - -Most Linux distributions, including Fedora and RHEL 8, are shipping -with libxcrypt >= 4.0. - -Since that version of libxcrypt the provided family of crypt_gensalt() -functions are able to use automatic entropy drawn from secure system -ressources, like arc4random(), getentropy() or getrandom(). - -Anyways, the settings generated by crypt_gensalt() are always -guaranteed to works with the crypt() function. - -Using crypt_gesalt() is also needed to make proper use of newer -hashing methods, like yescrypt, provided by libxcrypt. - -Signed-off-by: Björn Esser <besser82@fedoraproject.org> - ---- - -diff --git a/lib/util.c b/lib/util.c -index e549a35..b6db2af 100644 ---- a/lib/util.c -+++ b/lib/util.c -@@ -43,6 +43,13 @@ - #define HASH_ROUNDS_MIN 1000 - #define HASH_ROUNDS_MAX 999999999 - -+#if (defined CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY && \ -+ CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY) -+#define USE_XCRYPT_GENSALT 1 -+#else -+#define USE_XCRYPT_GENSALT 0 -+#endif -+ - struct lu_lock { - int fd; - struct flock lock; -@@ -66,6 +73,7 @@ lu_strcmp(gconstpointer v1, gconstpointer v2) - return strcmp((char *) v1, (char *) v2); - } - -+#if !USE_XCRYPT_GENSALT - /* A list of allowed salt characters, according to SUSv2. */ - #define ACCEPTABLE "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ - "abcdefghijklmnopqrstuvwxyz" \ -@@ -115,6 +123,7 @@ fill_urandom(char *output, size_t length) - close(fd); - return TRUE; - } -+#endif - - static const struct { - const char initial5; -@@ -135,6 +144,9 @@ lu_make_crypted(const char *plain, const char *previous) - { - char salt2048; - size_t i, len = 0; -+#if USE_XCRYPT_GENSALT -+ unsigned long rounds = 0; -+#endif - - if (previous == NULL) { - previous = LU_DEFAULT_SALT_TYPE; -@@ -151,6 +163,23 @@ lu_make_crypted(const char *plain, const char *previous) - - if (salt_type_infoi.sha_rounds != FALSE - && strncmp(previous + len, "rounds=", strlen("rounds=")) == 0) { -+#if USE_XCRYPT_GENSALT -+ const char *start; -+ char *end; -+ -+ start = previous + len + strlen("rounds="); -+ rounds = strtoul (start, &end, 10); -+ -+ if (rounds < HASH_ROUNDS_MIN) -+ rounds = HASH_ROUNDS_MIN; -+ else if (rounds > HASH_ROUNDS_MAX) -+ rounds = HASH_ROUNDS_MAX; -+ } -+ -+ g_assert(CRYPT_GENSALT_OUTPUT_SIZE <= sizeof(salt)); -+ -+ crypt_gensalt_rn(previous, rounds, NULL, 0, salt, sizeof(salt)); -+#else - const char *start, *end; - - start = previous + len + strlen("rounds="); -@@ -168,6 +197,7 @@ lu_make_crypted(const char *plain, const char *previous) - return NULL; - strcpy(salt + len + salt_type_infoi.salt_length, - salt_type_infoi.separator); -+#endif - - return crypt(plain, salt); - } -@@ -251,13 +281,18 @@ lu_util_default_salt_specifier(struct lu_context *context) - - found: - if (salt_typesi.sha_rounds != FALSE) { -- unsigned long rounds; -+ unsigned long rounds = 0; - - rounds = select_hash_rounds(context); -+#if USE_XCRYPT_GENSALT -+ return g_strdup(crypt_gensalt(salt_typesi.initializer, -+ rounds, NULL, 0)); -+#else - if (rounds != 0) - return g_strdup_printf("%srounds=%lu$", - salt_typesi.initializer, - rounds); -+#endif - } - return g_strdup(salt_typesi.initializer); - } - -From 2d40503977df3855f1415db995833ae4231e7944 Mon Sep 17 00:00:00 2001 -From: Björn Esser <besser82@fedoraproject.org> -Date: Jun 17 2021 15:34:02 +0000 -Subject: PATCH 3/5 lib/util.c: Add yescrypt hashing method for user passwords. - - -The yescrypt hashing method is considered to be much stronger than -sha512crypt and fully supported by libxcrypt >= 4.3. It is based -on NIST-approved primitives and on par with argon2 in strength. - -Signed-off-by: Björn Esser <besser82@fedoraproject.org> - ---- - -diff --git a/lib/util.c b/lib/util.c -index b6db2af..bba9420 100644 ---- a/lib/util.c -+++ b/lib/util.c -@@ -50,6 +50,14 @@ - #define USE_XCRYPT_GENSALT 0 - #endif - -+#if ((defined XCRYPT_VERSION_NUM && \ -+ XCRYPT_VERSION_NUM >= ((4 << 16) | 3)) && \ -+ USE_XCRYPT_GENSALT) -+#define HAVE_YESCRYPT 1 -+#else -+#define HAVE_YESCRYPT 0 -+#endif -+ - struct lu_lock { - int fd; - struct flock lock; -@@ -136,6 +144,9 @@ static const struct { - {"$2b$", "$", 8, FALSE }, - {"$5$", "$", 16, TRUE }, - {"$6$", "$", 16, TRUE }, -+#if HAVE_YESCRYPT -+ {"$y$", "$", 24, FALSE }, -+#endif - { "", "", 2 }, - }; -
View file
_service:tar_scm:libuser-0.63-downstream_test_xcrypt.patch
Deleted
@@ -1,27 +0,0 @@ -diff --git a/tests/pwhash_test b/tests/pwhash_test -index ff89d60..525885e 100755 ---- a/tests/pwhash_test -+++ b/tests/pwhash_test -@@ -77,6 +77,22 @@ if "x${pw#\$6\$}" = "x$pw" ; then - exit 1 - fi - -+cp "${LIBUSER_CONF}_" "$LIBUSER_CONF" -+echo 'crypt_style = blowfish' >> "$LIBUSER_CONF" -+pw=$(workdir="$workdir" $VALGRIND $PYTHON "$srcdir"/pwhash.py) -+if "x${pw#\$2b\$}" = "x$pw" ; then -+ echo "Invalid BLOWFISH hash" >&2 -+ exit 1 -+fi -+ -+cp "${LIBUSER_CONF}_" "$LIBUSER_CONF" -+echo 'crypt_style = yescrypt' >> "$LIBUSER_CONF" -+pw=$(workdir="$workdir" $VALGRIND $PYTHON "$srcdir"/pwhash.py) -+if "x${pw#\$y\$}" = "x$pw" ; then -+ echo "Invalid YESCRYPT hash" >&2 -+ exit 1 -+fi -+ - cp "${LIBUSER_CONF}_" "$LIBUSER_CONF" - cat >> "$LIBUSER_CONF" <<\EOF - crypt_style = sha256
View file
_constraints
Added
@@ -0,0 +1,3 @@ +<constraints> + <sandbox>qemu</sandbox> +</constraints>
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/apputil.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/apputil.c
Changed
@@ -38,7 +38,7 @@ check_access(const char *chuser, access_vector_t access) { int status; - security_context_t user_context; + char * user_context; status = -1; if (getprevcon(&user_context) == 0) { @@ -225,7 +225,7 @@ class = string_to_security_class("passwd"); perm = string_to_av_perm(class, "chfn"); if (check_access(user, perm) != 0) { - security_context_t user_context; + char *user_context; if (getprevcon(&user_context) < 0) user_context = NULL;
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lchage.1 -> _service:tar_scm:libuser-0.64.tar.gz/apps/lchage.1
Changed
@@ -72,7 +72,7 @@ Set \fIdays\fR to 0 or -1 to disable this requirement. If this value is larger than the value set by \fB\-\-maxdays\fP, -the user cannot change the pasword. +the user cannot change the password. .TP \fB\-M\fR, \fB\-\-maxdays\fR=\fIdays\fR
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lchage.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lchage.c
Changed
@@ -71,13 +71,14 @@ long shadowMin = INVALID_LONG, shadowMax = INVALID_LONG, shadowLastChange = INVALID_LONG, shadowInactive = INVALID_LONG, shadowExpire = INVALID_LONG, shadowWarning = INVALID_LONG; - const char *user; - struct lu_context *ctx; - struct lu_ent *ent; + const char *user = NULL; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; struct lu_error *error = NULL; int interactive = FALSE; int list_only = FALSE; int c; + int result; poptContext popt; struct poptOption options = { @@ -118,7 +119,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } user = poptGetArg(popt); @@ -126,11 +128,10 @@ if (user == NULL) { fprintf(stderr, _("No user name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } - poptFreeContext(popt); - /* Start up the library. */ ctx = lu_start(user, lu_user, NULL, NULL, interactive ? lu_prompt_console : @@ -138,7 +139,8 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } ent = lu_ent_new(); @@ -146,7 +148,8 @@ /* Look up information about the user. */ if (lu_user_lookup_name(ctx, user, ent, &error) == FALSE) { fprintf(stderr, _("User %s does not exist.\n"), user); - return 2; + result = 2; + goto done; } if (list_only) { @@ -242,7 +245,8 @@ "%s\n"), user, lu_strerror(error)); lu_audit_logger(AUDIT_USER_MGMT, "change-age", user, AUDIT_NO_ID, 0); - return 3; + result = 3; + goto done; } lu_audit_logger(AUDIT_USER_MGMT, "change-age", user, AUDIT_NO_ID, 1); @@ -250,9 +254,14 @@ lu_nscd_flush_cache(LU_NSCD_CACHE_PASSWD); } - lu_ent_free(ent); + result = 0; + + done: + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lchfn.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lchfn.c
Changed
@@ -41,11 +41,12 @@ { const char *user, *gecos; const char *name, *office, *officephone, *homephone; - struct lu_context *ctx; + struct lu_context *ctx = NULL; struct lu_error *error = NULL; - struct lu_ent *ent; + struct lu_ent *ent = NULL; int interactive = FALSE; int c; + int result; struct lu_prompt prompts7; poptContext popt; struct poptOption options = { @@ -53,7 +54,8 @@ N_("prompt for all information"), NULL}, POPT_AUTOHELP POPT_TABLEEND }; - char **fields, *p; + char **fields = NULL; + char *p; size_t fields_len; size_t pcount, i; @@ -70,7 +72,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } user = poptGetArg(popt); @@ -86,11 +89,11 @@ fprintf(stderr, _("No user name specified, no name " "for uid %d.\n"), getuid()); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } } - poptFreeContext(popt); /* Give the user some idea of what's going on. */ g_print(_("Changing finger information for %s.\n"), user); @@ -102,7 +105,8 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } /* Authenticate the user to the "chfn" service. */ @@ -112,7 +116,8 @@ ent = lu_ent_new(); if (lu_user_lookup_name(ctx, user, ent, &error) == FALSE) { fprintf(stderr, _("User %s does not exist.\n"), user); - exit(1); + result = 1; + goto done; } /* Read the user's GECOS information. */ @@ -206,7 +211,8 @@ if (lu_prompt_console(prompts, pcount, NULL, &error) == FALSE) { fprintf(stderr, _("Finger information not changed: input error.\n")); - exit(1); + result = 1; + goto done; } /* Now iterate over the answers and figure things out. */ @@ -272,14 +278,20 @@ } else { fprintf(stderr, _("Finger information not changed: %s.\n"), lu_strerror(error)); - return 1; + result = 1; + goto done; } + result = 0; + + done: g_strfreev(fields); - lu_ent_free(ent); + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lchsh.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lchsh.c
Changed
@@ -33,12 +33,13 @@ main(int argc, const char **argv) { const char *user; - struct lu_context *ctx; + struct lu_context *ctx = NULL; struct lu_error *error = NULL; - struct lu_ent *ent; + struct lu_ent *ent = NULL; char *shell; int interactive = FALSE; int c; + int result; poptContext popt; struct poptOption options = { {"interactive", 'i', POPT_ARG_NONE, &interactive, 0, @@ -59,7 +60,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } user = poptGetArg(popt); @@ -75,12 +77,11 @@ fprintf(stderr, _("No user name specified, no name for " "uid %d.\n"), getuid()); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } } - poptFreeContext(popt); - /* Give the user some idea of what's going on. */ g_print(_("Changing shell for %s.\n"), user); @@ -91,7 +92,8 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } /* Authenticate the user if we need to. */ @@ -101,7 +103,8 @@ ent = lu_ent_new(); if (lu_user_lookup_name(ctx, user, ent, &error) == FALSE) { fprintf(stderr, _("User %s does not exist.\n"), user); - exit(1); + result = 1; + goto done; } /* Read the user's shell. */ @@ -123,7 +126,8 @@ lu_strerror(error)); lu_audit_logger(AUDIT_USER_MGMT, "change-shell", user, AUDIT_NO_ID, 0); - return 1; + result = 1; + goto done; } /* Modify the in-memory structure's shell attribute. */ lu_ent_set_string(ent, LU_LOGINSHELL, prompts0.value); @@ -142,13 +146,19 @@ lu_strerror(error)); lu_audit_logger(AUDIT_USER_MGMT, "change-shell", user, AUDIT_NO_ID, 0); - return 1; + result = 1; + goto done; } } - lu_ent_free(ent); + result = 0; + + done: + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lgroupadd.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lgroupadd.c
Changed
@@ -34,12 +34,13 @@ { const char *name, *gid_number_str = NULL; gid_t gidNumber = LU_VALUE_INVALID_ID; - struct lu_context *ctx; - struct lu_ent *ent; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; struct lu_error *error = NULL; int interactive = FALSE; int system_account = FALSE; int c; + int result; poptContext popt; struct poptOption options = { @@ -65,7 +66,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } name = poptGetArg(popt); @@ -73,7 +75,8 @@ if (name == NULL) { fprintf(stderr, _("No group name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } if (gid_number_str != NULL) { @@ -87,13 +90,12 @@ fprintf(stderr, _("Invalid group ID %s\n"), gid_number_str); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } gidNumber = val; } - poptFreeContext(popt); - /* Start up the library. */ ctx = lu_start(NULL, 0, NULL, NULL, interactive ? lu_prompt_console : @@ -101,7 +103,8 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } /* Create a group entity object holding sensible defaults for a @@ -120,17 +123,22 @@ lu_strerror(error)); lu_audit_logger(AUDIT_ADD_GROUP, "add-group", name, AUDIT_NO_ID, 0); - return 2; + result = 2; + goto done; } lu_nscd_flush_cache(LU_NSCD_CACHE_GROUP); - lu_ent_free(ent); - - lu_end(ctx); - lu_audit_logger(AUDIT_ADD_GROUP, "add-group", name, AUDIT_NO_ID, 1); + result = 0; + + done: + if (ent) lu_ent_free(ent); + + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lgroupdel.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lgroupdel.c
Changed
@@ -30,12 +30,13 @@ int main(int argc, const char **argv) { - struct lu_context *ctx; - struct lu_ent *ent; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; struct lu_error *error = NULL; const char *group; int interactive = FALSE; int c; + int result; poptContext popt; struct poptOption options = { @@ -57,7 +58,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } group = poptGetArg(popt); @@ -65,11 +67,10 @@ if (group == NULL) { fprintf(stderr, _("No group name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } - poptFreeContext(popt); - /* Start up the library. */ ctx = lu_start(NULL, 0, NULL, NULL, interactive ? lu_prompt_console : @@ -77,14 +78,16 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } /* Look up the group structure. */ ent = lu_ent_new(); if (lu_group_lookup_name(ctx, group, ent, &error) == FALSE) { fprintf(stderr, _("Group %s does not exist.\n"), group); - return 2; + result = 2; + goto done; } /* Delete the group. */ @@ -93,17 +96,22 @@ group, lu_strerror(error)); lu_audit_logger(AUDIT_DEL_GROUP, "delete-group", group, AUDIT_NO_ID, 0); - return 3; + result = 3; + goto done; } lu_nscd_flush_cache(LU_NSCD_CACHE_GROUP); - lu_ent_free(ent); - - lu_end(ctx); - lu_audit_logger(AUDIT_DEL_GROUP, "delete-group", group, AUDIT_NO_ID, 1); + result = 0; + + done: + if (ent) lu_ent_free(ent); + + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lgroupmod.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lgroupmod.c
Changed
@@ -39,14 +39,16 @@ char **admins, **members; gid_t gidNumber = LU_VALUE_INVALID_ID; gid_t oldGidNumber = LU_VALUE_INVALID_ID; - struct lu_context *ctx; - struct lu_ent *ent; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; + struct lu_ent *user_ent; struct lu_error *error = NULL; GPtrArray *users = NULL; GValue val; int change = FALSE, lock = FALSE, unlock = FALSE; int interactive = FALSE; int c; + int result; poptContext popt; struct poptOption options = { @@ -85,14 +87,16 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } group = poptGetArg(popt); if (group == NULL) { fprintf(stderr, _("No group name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } if (gid_number_str != NULL) { intmax_t val; @@ -105,32 +109,34 @@ fprintf(stderr, _("Invalid group ID %s\n"), gid_number_str); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } gidNumber = val; } - poptFreeContext(popt); - ctx = lu_start(NULL, 0, NULL, NULL, interactive ? lu_prompt_console : lu_prompt_console_quiet, NULL, &error); if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } if (lock && unlock) { fprintf(stderr, _("Both -L and -U specified.\n")); - return 2; + result = 2; + goto done; } ent = lu_ent_new(); if (lu_group_lookup_name(ctx, group, ent, &error) == FALSE) { fprintf(stderr, _("Group %s does not exist.\n"), group); - return 3; + result = 3; + goto done; } if (userPassword) { @@ -141,7 +147,8 @@ lu_audit_logger(AUDIT_GRP_CHAUTHTOK, "changing-group-passwd", group, AUDIT_NO_ID, 0); - return 4; + result = 4; + goto done; } lu_audit_logger(AUDIT_GRP_CHAUTHTOK, "changing-group-passwd", group, @@ -156,7 +163,8 @@ lu_audit_logger(AUDIT_GRP_CHAUTHTOK, "changing-group-passwd", group, AUDIT_NO_ID, 0); - return 5; + result = 5; + goto done; } lu_audit_logger(AUDIT_GRP_CHAUTHTOK, "changing-group-passwd", group, @@ -171,7 +179,8 @@ lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-lock", group, AUDIT_NO_ID, 0); - return 6; + result = 6; + goto done; } lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-lock", group, @@ -186,7 +195,8 @@ lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-lock", group, AUDIT_NO_ID, 0); - return 7; + result = 7; + goto done; } lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-lock", group, @@ -268,7 +278,8 @@ lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-members", group, AUDIT_NO_ID, 0); - return 8; + result = 8; + goto done; } lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-members", group, @@ -289,15 +300,14 @@ lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-id", group, AUDIT_NO_ID, 0); - return 8; + result = 8; + goto done; } lu_audit_logger(AUDIT_GRP_MGMT, "changing-group-id", group, AUDIT_NO_ID, 1); } - lu_ent_free(ent); - lu_nscd_flush_cache(LU_NSCD_CACHE_GROUP); if (oldGidNumber != LU_VALUE_INVALID_ID && @@ -305,22 +315,29 @@ size_t i; for (i = 0; i < users->len; i++) { - ent = g_ptr_array_index(users, i); - if (lu_ent_get_first_id(ent, LU_GIDNUMBER) + user_ent = g_ptr_array_index(users, i); + if (lu_ent_get_first_id(user_ent, LU_GIDNUMBER) == oldGidNumber) { - lu_ent_set_id(ent, LU_GIDNUMBER, gidNumber); - lu_user_modify(ctx, ent, &error); + lu_ent_set_id(user_ent, LU_GIDNUMBER, gidNumber); + lu_user_modify(ctx, user_ent, &error); if (error != NULL) lu_error_free(&error); } - lu_ent_free(ent); + lu_ent_free(user_ent); } g_ptr_array_free(users, TRUE); lu_nscd_flush_cache(LU_NSCD_CACHE_PASSWD); } - lu_end(ctx); + result = 0; + + done: + if (ent) lu_ent_free(ent); + + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lid.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lid.c
Changed
@@ -103,12 +103,13 @@ main(int argc, const char **argv) { const char *name; - struct lu_context *ctx; + struct lu_context *ctx = NULL; struct lu_error *error = NULL; - struct lu_ent *ent; + struct lu_ent *ent = NULL; int interactive = FALSE; int groupflag = FALSE, nameonly = FALSE; int c; + int result; poptContext popt; struct poptOption options = { {"interactive", 'i', POPT_ARG_NONE, &interactive, 0, @@ -133,7 +134,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } name = poptGetArg(popt); @@ -150,7 +152,8 @@ fprintf(stderr, _("No group name specified, " "no name for gid %d.\n"), getgid()); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } } else { struct passwd *pwd; @@ -165,20 +168,20 @@ "no name for uid %d.\n"), getuid()); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } } } - poptFreeContext(popt); - ctx = lu_start(name, groupflag ? lu_user : lu_group, NULL, NULL, interactive ? lu_prompt_console : lu_prompt_console_quiet, NULL, &error); if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } ent = lu_ent_new(); @@ -190,9 +193,9 @@ lu_error_free(&error); } else fprintf(stderr, _("%s does not exist\n"), name); - return 1; + result = 1; + goto done; } - lu_ent_free(ent); if (nameonly) do_nameonly(ctx, name, @@ -207,7 +210,14 @@ LU_GROUPNAME, LU_GIDNUMBER, "gid"); } - lu_end(ctx); + result = 0; + + done: + if (ent) lu_ent_free(ent); + + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lnewusers.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lnewusers.c
Changed
@@ -31,11 +31,13 @@ int main(int argc, const char **argv) { - struct lu_context *ctx; + struct lu_context *ctx = NULL; struct lu_error *error = NULL; - struct lu_ent *ent, *groupEnt; + struct lu_ent *ent = NULL; + struct lu_ent *groupEnt = NULL; int interactive = FALSE, nocreatehome = FALSE, nocreatemail = FALSE; int c; + int result; char *file = NULL; FILE *fp = stdin; char bufLINE_MAX; @@ -66,11 +68,10 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } - poptFreeContext(popt); - /* Start up the library. */ ctx = lu_start(NULL, lu_user, NULL, NULL, interactive ? lu_prompt_console : @@ -78,7 +79,8 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } /* Open the file we're going to look at. */ @@ -87,7 +89,8 @@ if (fp == NULL) { fprintf(stderr, _("Error opening `%s': %s.\n"), file, strerror(errno)); - return 2; + result = 2; + goto done; } } else { fp = stdin; @@ -305,10 +308,15 @@ lu_ent_clear_all(groupEnt); } - lu_ent_free(groupEnt); - lu_ent_free(ent); + result = 0; + + done: + if (groupEnt) lu_ent_free(groupEnt); + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lpasswd.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lpasswd.c
Changed
@@ -32,12 +32,13 @@ int main(int argc, const char **argv) { - struct lu_context *ctx; - struct lu_ent *ent; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; struct lu_error *error = NULL; char *password = NULL, *cryptedPassword = NULL; const char *user; int c; + int result; int plain_fd = -1, crypted_fd = -1; int interactive = 0, groupflag = 0; poptContext popt; @@ -71,7 +72,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } user = poptGetArg(popt); @@ -84,19 +86,19 @@ } else { fprintf(stderr, _("No user name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } } - poptFreeContext(popt); - ctx = lu_start(user, groupflag ? lu_group : lu_user, NULL, NULL, interactive ? lu_prompt_console : lu_prompt_console_quiet, NULL, &error); if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } lu_authenticate_unprivileged(ctx, user, "passwd"); @@ -132,7 +134,8 @@ } else { fprintf(stderr, _("Password change " "canceled.\n")); - return 1; + result = 1; + goto done; } } if (error) { @@ -146,12 +149,14 @@ if (!groupflag) { if (lu_user_lookup_name(ctx, user, ent, &error) == FALSE) { fprintf(stderr, _("User %s does not exist.\n"), user); - return 2; + result = 2; + goto done; } } else { if (lu_group_lookup_name(ctx, user, ent, &error) == FALSE) { fprintf(stderr, _("Group %s does not exist.\n"), user); - return 2; + result = 2; + goto done; } } @@ -164,7 +169,8 @@ fprintf(stderr, _("Error reading from file descriptor %d.\n"), plain_fd); - return 1; + result = 1; + goto done; } while ((i > 0) && ((bufi - 1 == '\r') || (bufi - 1 == '\n'))) @@ -181,7 +187,8 @@ fprintf(stderr, _("Error reading from file descriptor %d.\n"), crypted_fd); - return 1; + result = 1; + goto done; } while ((i > 0) && ((bufi - 1 == '\r') || (bufi - 1 == '\n'))) @@ -203,7 +210,8 @@ fprintf(stderr, _("Error setting password for user " "%s: %s.\n"), user, lu_strerror(error)); - return 3; + result = 3; + goto done; } lu_nscd_flush_cache(LU_NSCD_CACHE_PASSWD); } else { @@ -212,16 +220,21 @@ fprintf(stderr, _("Error setting password for group " "%s: %s.\n"), user, lu_strerror(error)); - return 3; + result = 3; + goto done; } lu_nscd_flush_cache(LU_NSCD_CACHE_GROUP); } - lu_ent_free(ent); + fprintf(stderr, _("Password changed.\n")); + result = 0; + + done: + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); - fprintf(stderr, _("Password changed.\n")); + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/luseradd.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/luseradd.c
Changed
@@ -38,14 +38,16 @@ *uid_number_str = NULL, *commonName = NULL, *givenName = NULL, *surname = NULL, *roomNumber = NULL, *telephoneNumber = NULL, *homePhone = NULL; - struct lu_context *ctx; - struct lu_ent *ent, *groupEnt; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; + struct lu_ent *groupEnt = NULL; struct lu_error *error = NULL; uid_t uidNumber = LU_VALUE_INVALID_ID; gid_t gidNumber; int dont_create_group = FALSE, dont_create_home = FALSE, system_account = FALSE, interactive = FALSE, create_group; int c; + int result; intmax_t imax; char *p; @@ -103,7 +105,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } /* Force certain flags one way or another. */ @@ -117,7 +120,8 @@ if (name == NULL) { fprintf(stderr, _("No user name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } if (uid_number_str != NULL) { errno = 0; @@ -128,13 +132,12 @@ fprintf(stderr, _("Invalid user ID %s\n"), uid_number_str); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } uidNumber = imax; } - poptFreeContext(popt); - /* Initialize the library. */ ctx = lu_start(NULL, 0, NULL, NULL, interactive ? lu_prompt_console : @@ -142,7 +145,8 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } /* Select a group name for the user to be in. */ @@ -163,7 +167,8 @@ if (gidNumber == LU_VALUE_INVALID_ID) { fprintf(stderr, _("Invalid group ID %s\n"), gid); - return 1; + result = 1; + goto done; } } else /* It's not a number, so it's a group name. */ @@ -188,7 +193,8 @@ } else { fprintf(stderr, _("Group %jd does not exist\n"), (intmax_t)gidNumber); - return 1; + result = 1; + goto done; } } @@ -209,10 +215,10 @@ if (error) { lu_error_free(&error); } - lu_end(ctx); lu_audit_logger(AUDIT_ADD_GROUP, "add-group", name, AUDIT_NO_ID, 0); - return 1; + result = 1; + goto done; } lu_audit_logger(AUDIT_ADD_GROUP, "add-group", name, AUDIT_NO_ID, 1); @@ -226,8 +232,8 @@ if (error) { lu_error_free(&error); } - lu_end(ctx); - return 1; + result = 1; + goto done; } g_assert(gidNumber != LU_VALUE_INVALID_ID); @@ -266,7 +272,8 @@ lu_audit_logger(AUDIT_ADD_USER, "add-user", name, AUDIT_NO_ID, 0); - return 3; + result = 3; + goto done; } lu_nscd_flush_cache(LU_NSCD_CACHE_PASSWD); lu_audit_logger(AUDIT_ADD_USER, "add-user", name, AUDIT_NO_ID, 1); @@ -292,7 +299,8 @@ homeDirectory, lu_strerror(error)); lu_audit_logger(AUDIT_USER_MGMT, "add-home-dir", name, uidNumber, 0); - return 7; + result = 7; + goto done; } lu_audit_logger(AUDIT_USER_MGMT, "add-home-dir", name, uidNumber, 1); @@ -301,7 +309,8 @@ if (lu_mail_spool_create(ctx, ent, &error) != TRUE) { fprintf(stderr, _("Error creating mail spool: %s\n"), lu_strerror(error)); - return 8; + result = 8; + goto done; } } @@ -314,7 +323,8 @@ fprintf(stderr, _("Error setting password for user " "%s: %s.\n"), name, lu_strerror(error)); - return 3; + result = 3; + goto done; } } if (cryptedUserPassword != NULL) { @@ -325,16 +335,22 @@ lu_strerror(error)); lu_audit_logger(AUDIT_USER_CHAUTHTOK, "updating-password", name, uidNumber, 0); - return 3; + result = 3; + goto done; } lu_audit_logger(AUDIT_USER_CHAUTHTOK, "updating-password", name, uidNumber, 1); } lu_nscd_flush_cache(LU_NSCD_CACHE_PASSWD); - lu_ent_free(ent); + result = 0; + + done: + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/luserdel.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/luserdel.c
Changed
@@ -32,13 +32,14 @@ int main(int argc, const char **argv) { - struct lu_context *ctx; - struct lu_ent *ent; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; struct lu_error *error = NULL; const char *user; int interactive = FALSE; int remove_home = 0, dont_remove_group = 0; int c; + int result; poptContext popt; struct poptOption options = { @@ -63,32 +64,34 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } user = poptGetArg(popt); if (user == NULL) { fprintf(stderr, _("No user name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } - poptFreeContext(popt); - ctx = lu_start(NULL, 0, NULL, NULL, interactive ? lu_prompt_console : lu_prompt_console_quiet, NULL, &error); if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } ent = lu_ent_new(); if (lu_user_lookup_name(ctx, user, ent, &error) == FALSE) { fprintf(stderr, _("User %s does not exist.\n"), user); - return 2; + result = 2; + goto done; } if (lu_user_delete(ctx, ent, &error) == FALSE) { @@ -96,7 +99,8 @@ user, lu_strerror(error)); lu_audit_logger(AUDIT_DEL_USER, "delete-user", user, AUDIT_NO_ID, 0); - return 3; + result = 3; + goto done; } lu_audit_logger(AUDIT_DEL_USER, "delete-user", user, AUDIT_NO_ID, 1); @@ -112,19 +116,22 @@ if (gid == LU_VALUE_INVALID_ID) { fprintf(stderr, _("%s did not have a gid number.\n"), user); - return 4; + result = 4; + goto done; } group_ent = lu_ent_new(); if (lu_group_lookup_id(ctx, gid, group_ent, &error) == FALSE) { fprintf(stderr, _("No group with GID %jd exists, not " "removing.\n"), (intmax_t)gid); - return 5; + result = 5; + goto done; } tmp = lu_ent_get_first_string(group_ent, LU_GROUPNAME); if (tmp == NULL) { fprintf(stderr, _("Group with GID %jd did not have a " "group name.\n"), (intmax_t)gid); - return 6; + result = 6; + goto done; } if (strcmp(tmp, user) == 0) { if (lu_group_delete(ctx, group_ent, &error) == FALSE) { @@ -134,7 +141,8 @@ lu_audit_logger_with_group (AUDIT_DEL_GROUP, "delete-group", user, AUDIT_NO_ID, tmp, 0); - return 7; + result = 7; + goto done; } } lu_audit_logger_with_group (AUDIT_DEL_GROUP, @@ -152,7 +160,8 @@ lu_audit_logger(AUDIT_USER_MGMT, "deleting-home-directory", user, AUDIT_NO_ID, 0); - return 9; + result = 9; + goto done; } lu_audit_logger(AUDIT_USER_MGMT, "deleting-home-directory", user, AUDIT_NO_ID, 1); @@ -161,13 +170,19 @@ if (lu_mail_spool_remove(ctx, ent, &error) != TRUE) { fprintf(stderr, _("Error removing mail spool: %s"), lu_strerror(error)); - return 1; + result = 1; + goto done; } } - lu_ent_free(ent); + result = 0; + + done: + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/apps/lusermod.c -> _service:tar_scm:libuser-0.64.tar.gz/apps/lusermod.c
Changed
@@ -41,14 +41,15 @@ char *old_uid, *oldHomeDirectory; uid_t uidNumber = LU_VALUE_INVALID_ID; gid_t gidNumber = LU_VALUE_INVALID_ID; - struct lu_context *ctx; - struct lu_ent *ent; + struct lu_context *ctx = NULL; + struct lu_ent *ent = NULL; struct lu_error *error = NULL; GPtrArray *groups = NULL; GValue *value; int change, move_home = FALSE, lock = FALSE, unlock = FALSE; int interactive = FALSE; int c; + int result; poptContext popt; struct poptOption options = { @@ -104,7 +105,8 @@ fprintf(stderr, _("Error parsing arguments: %s.\n"), poptStrerror(c)); poptPrintUsage(popt, stderr, 0); - exit(1); + result = 1; + goto done; } /* We need to have been passed a user name on the command-line. We @@ -114,7 +116,8 @@ if (user == NULL) { fprintf(stderr, _("No user name specified.\n")); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } if (gid_number_str != NULL) { intmax_t val; @@ -127,7 +130,8 @@ fprintf(stderr, _("Invalid group ID %s\n"), gid_number_str); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } gidNumber = val; } @@ -142,13 +146,12 @@ fprintf(stderr, _("Invalid user ID %s\n"), uid_number_str); poptPrintUsage(popt, stderr, 0); - return 1; + result = 1; + goto done; } uidNumber = val; } - poptFreeContext(popt); - /* Start up the library. */ ctx = lu_start(NULL, 0, NULL, NULL, interactive ? lu_prompt_console : @@ -156,20 +159,23 @@ if (ctx == NULL) { fprintf(stderr, _("Error initializing %s: %s.\n"), PACKAGE, lu_strerror(error)); - return 1; + result = 1; + goto done; } /* Sanity-check arguments. */ if (lock && unlock) { fprintf(stderr, _("Both -L and -U specified.\n")); - return 2; + result = 2; + goto done; } /* Look up the user's record. */ ent = lu_ent_new(); if (lu_user_lookup_name(ctx, user, ent, &error) == FALSE) { fprintf(stderr, _("User %s does not exist.\n"), user); - return 3; + result = 3; + goto done; } /* If the user's password needs to be changed, try to change it. */ @@ -182,7 +188,8 @@ lu_audit_logger(AUDIT_USER_CHAUTHTOK, "updating-password", user, uidNumber, 0); - return 5; + result = 5; + goto done; } lu_audit_logger(AUDIT_USER_CHAUTHTOK, "updating-password", user, uidNumber, 0); @@ -200,7 +207,8 @@ lu_audit_logger(AUDIT_USER_CHAUTHTOK, "updating-password", user, uidNumber, 0); - return 6; + result = 6; + goto done; } lu_audit_logger(AUDIT_USER_CHAUTHTOK, "updating-password", user, uidNumber, 0); @@ -215,7 +223,8 @@ lu_audit_logger(AUDIT_USER_CHAUTHTOK, "locking-account", user, uidNumber, 0); - return 7; + result = 7; + goto done; } lu_audit_logger(AUDIT_USER_CHAUTHTOK, "locking-account", user, uidNumber, 0); @@ -228,7 +237,8 @@ lu_audit_logger(AUDIT_USER_CHAUTHTOK, "unlocking-account", user, uidNumber, 0); - return 8; + result = 8; + goto done; } lu_audit_logger(AUDIT_USER_CHAUTHTOK, "unlocking-account", user, uidNumber, 0); @@ -297,7 +307,8 @@ lu_audit_logger(AUDIT_USER_MGMT, "modify-account", user, uidNumber, 0); - return 9; + result = 9; + goto done; } lu_audit_logger(AUDIT_USER_MGMT, "modify-account", user, uidNumber, 1); @@ -373,12 +384,14 @@ if (oldHomeDirectory == NULL) { fprintf(stderr, _("No old home directory for %s.\n"), user); - return 10; + result = 10; + goto done; } if (homeDirectory == NULL) { fprintf(stderr, _("No new home directory for %s.\n"), user); - return 11; + result = 11; + goto done; } if (lu_homedir_move(oldHomeDirectory, homeDirectory, &error) == FALSE) { @@ -387,16 +400,22 @@ lu_strerror(error)); lu_audit_logger(AUDIT_USER_MGMT, "moving-home-dir", user, uidNumber, 0); - return 12; + result = 12; + goto done; } lu_audit_logger(AUDIT_USER_MGMT, "moving-home-dir", user, uidNumber, 1); } g_free(oldHomeDirectory); - lu_ent_free(ent); + result = 0; + + done: + if (ent) lu_ent_free(ent); - lu_end(ctx); + if (ctx) lu_end(ctx); + + poptFreeContext(popt); - return 0; + return result; }
View file
_service:tar_scm:libuser-0.63.tar.xz/docs/libuser.conf.5.in -> _service:tar_scm:libuser-0.64.tar.gz/docs/libuser.conf.5.in
Changed
@@ -69,8 +69,8 @@ when changing a password of an existing user, depending on the application. Possible values are \fBdes\fR, \fBmd5\fR, \fBblowfish\fR, -.B sha256 -and \fBsha512\fR, all case-insensitive. +.B sha256, +\fBsha512\fR, and \fByescrypt\fR, all case-insensitive. Unrecognized values are treated as \fBdes\fR. Default value is \fBdes\fR. @@ -285,6 +285,10 @@ .B root user if the value is \fByes\fR. +.TP +.B allow_id_duplicates +Allow to use duplicate uid/gid.The default value is \fBno\fR. + .SH \fBshadow\fR Configures the .B files
View file
_service:tar_scm:libuser-0.63.tar.xz/lib/config.c -> _service:tar_scm:libuser-0.64.tar.gz/lib/config.c
Changed
@@ -672,6 +672,7 @@ char bufLINE_MAX * 4; intmax_t val; char *p; + int rv; errno = 0; val = strtoimax(value, &p, 10); @@ -679,8 +680,8 @@ || (gid_t)val != val) { struct group grp, *g; - getgrnam_r(value, &grp, buf, sizeof(buf), &g); - if (g != NULL) + rv = getgrnam_r(value, &grp, buf, sizeof(buf), &g); + if (rv == 0 && g != NULL) value = g->gr_name; /* else ignore the entry */ }
View file
_service:tar_scm:libuser-0.63.tar.xz/lib/user.c -> _service:tar_scm:libuser-0.64.tar.gz/lib/user.c
Changed
@@ -986,7 +986,10 @@ case user_default: case group_default: /* Make sure we have both name and boolean here. */ - g_return_val_if_fail(sdata != NULL, FALSE); + if (sdata == NULL) { + free(tmp); + return FALSE; + } /* Run the checks and preps. */ if (run_list(context, context->create_module_names, logic_and, id, @@ -1065,7 +1068,10 @@ case user_setpass: case group_setpass: /* Make sure we have a valid password. */ - g_return_val_if_fail(sdata != NULL, FALSE); + if (sdata == NULL) { + free(tmp); + return FALSE; + } /* no break: fall through */ case user_removepass: case group_removepass: @@ -1094,7 +1100,10 @@ case users_enumerate_by_group: case groups_enumerate_by_user: /* Make sure we have both name and ID here. */ - g_return_val_if_fail(sdata != NULL, FALSE); + if (sdata == NULL) { + free(tmp); + return FALSE; + } if (id == users_enumerate_by_group) ldata = convert_group_name_to_id(context, sdata, error); @@ -2066,13 +2075,14 @@ struct lu_error *error = NULL; do { struct group grp, *err; + int rv; /* There may be read-only sources of user information * on the system, and we want to avoid allocating an ID * that's already in use by a service we can't write * to, so check with NSS first. */ - getgrgid_r(id, &grp, buf, sizeof(buf), &err); - if (err == &grp) { + rv = getgrgid_r(id, &grp, buf, sizeof(buf), &err); + if (rv == 0 && err == &grp) { id++; continue; }
View file
_service:tar_scm:libuser-0.63.tar.xz/lib/user_private.h -> _service:tar_scm:libuser-0.64.tar.gz/lib/user_private.h
Changed
@@ -308,10 +308,10 @@ /* Handle SELinux fscreate context. Note that modules built WITH_SELINUX are intentionally not compatible with libuser built !WITH_SELINUX. */ #ifdef WITH_SELINUX -typedef security_context_t lu_security_context_t; -gboolean lu_util_fscreate_save(security_context_t *ctx, +typedef char * lu_security_context_t; +gboolean lu_util_fscreate_save(char **ctx, struct lu_error **error); -void lu_util_fscreate_restore(security_context_t ctx); +void lu_util_fscreate_restore(char *ctx); gboolean lu_util_fscreate_from_fd(int fd, const char *path, struct lu_error **error); gboolean lu_util_fscreate_from_file(const char *file, struct lu_error **error);
View file
_service:tar_scm:libuser-0.63.tar.xz/lib/util.c -> _service:tar_scm:libuser-0.64.tar.gz/lib/util.c
Changed
@@ -11,7 +11,7 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * - * You should have received a copy of the GNU Library General Public + * You should have received a copy of the GNU Library General Public * License along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. */ @@ -32,6 +32,7 @@ #include <unistd.h> #ifdef WITH_SELINUX #include <selinux/selinux.h> +#include <selinux/label.h> #endif #define LU_DEFAULT_SALT_TYPE "$1$" #define LU_DEFAULT_SALT_LEN 8 @@ -43,6 +44,21 @@ #define HASH_ROUNDS_MIN 1000 #define HASH_ROUNDS_MAX 999999999 +#if (defined CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY && \ + CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY) +#define USE_XCRYPT_GENSALT 1 +#else +#define USE_XCRYPT_GENSALT 0 +#endif + +#if ((defined XCRYPT_VERSION_NUM && \ + XCRYPT_VERSION_NUM >= ((4 << 16) | 3)) && \ + USE_XCRYPT_GENSALT) +#define HAVE_YESCRYPT 1 +#else +#define HAVE_YESCRYPT 0 +#endif + struct lu_lock { int fd; struct flock lock; @@ -66,6 +82,7 @@ return strcmp((char *) v1, (char *) v2); } +#if !USE_XCRYPT_GENSALT /* A list of allowed salt characters, according to SUSv2. */ #define ACCEPTABLE "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ "abcdefghijklmnopqrstuvwxyz" \ @@ -115,6 +132,7 @@ close(fd); return TRUE; } +#endif static const struct { const char initial5; @@ -124,9 +142,12 @@ } salt_type_info = { {"$1$", "$", 8, FALSE }, /* FIXME: number of rounds, base64 of 128 bits */ - {"$2a$", "$", 8, FALSE }, + {"$2b$", "$", 8, FALSE }, {"$5$", "$", 16, TRUE }, {"$6$", "$", 16, TRUE }, +#if HAVE_YESCRYPT + {"$y$", "$", 24, FALSE }, +#endif { "", "", 2 }, }; @@ -135,6 +156,9 @@ { char salt2048; size_t i, len = 0; +#if USE_XCRYPT_GENSALT + unsigned long rounds = 0; +#endif if (previous == NULL) { previous = LU_DEFAULT_SALT_TYPE; @@ -151,6 +175,23 @@ if (salt_type_infoi.sha_rounds != FALSE && strncmp(previous + len, "rounds=", strlen("rounds=")) == 0) { +#if USE_XCRYPT_GENSALT + const char *start; + char *end; + + start = previous + len + strlen("rounds="); + rounds = strtoul (start, &end, 10); + + if (rounds < HASH_ROUNDS_MIN) + rounds = HASH_ROUNDS_MIN; + else if (rounds > HASH_ROUNDS_MAX) + rounds = HASH_ROUNDS_MAX; + } + + g_assert(CRYPT_GENSALT_OUTPUT_SIZE <= sizeof(salt)); + + crypt_gensalt_rn(previous, rounds, NULL, 0, salt, sizeof(salt)); +#else const char *start, *end; start = previous + len + strlen("rounds="); @@ -168,6 +209,7 @@ return NULL; strcpy(salt + len + salt_type_infoi.salt_length, salt_type_infoi.separator); +#endif return crypt(plain, salt); } @@ -231,9 +273,12 @@ } salt_types = { { "des", "", FALSE }, { "md5", "$1$", FALSE }, - { "blowfish", "$2a$", FALSE }, + { "blowfish", "$2b$", FALSE }, { "sha256", "$5$", TRUE }, { "sha512", "$6$", TRUE }, +#if HAVE_YESCRYPT + { "yescrypt", "$y$", FALSE }, +#endif }; const char *salt_type; @@ -251,13 +296,18 @@ found: if (salt_typesi.sha_rounds != FALSE) { - unsigned long rounds; + unsigned long rounds = 0; rounds = select_hash_rounds(context); +#if USE_XCRYPT_GENSALT + return g_strdup(crypt_gensalt(salt_typesi.initializer, + rounds, NULL, 0)); +#else if (rounds != 0) return g_strdup_printf("%srounds=%lu$", salt_typesi.initializer, rounds); +#endif } return g_strdup(salt_typesi.initializer); } @@ -696,7 +746,7 @@ #ifdef WITH_SELINUX /* Store current fscreate context to ctx. */ gboolean -lu_util_fscreate_save(security_context_t *ctx, struct lu_error **error) +lu_util_fscreate_save(char **ctx, struct lu_error **error) { *ctx = NULL; if (is_selinux_enabled() > 0 && getfscreatecon(ctx) < 0) { @@ -710,7 +760,7 @@ /* Restore fscreate context from ctx, and free it. */ void -lu_util_fscreate_restore(security_context_t ctx) +lu_util_fscreate_restore(char *ctx) { if (is_selinux_enabled() > 0) { (void)setfscreatecon(ctx); @@ -724,7 +774,7 @@ lu_util_fscreate_from_fd(int fd, const char *path, struct lu_error **error) { if (is_selinux_enabled() > 0) { - security_context_t ctx; + char *ctx; if (fgetfilecon(fd, &ctx) < 0) { lu_error_new(error, lu_error_stat, @@ -750,7 +800,7 @@ lu_util_fscreate_from_file(const char *file, struct lu_error **error) { if (is_selinux_enabled() > 0) { - security_context_t ctx; + char *ctx; if (getfilecon(file, &ctx) < 0) { lu_error_new(error, lu_error_stat, @@ -776,7 +826,7 @@ lu_util_fscreate_from_lfile(const char *file, struct lu_error **error) { if (is_selinux_enabled() > 0) { - security_context_t ctx; + char *ctx; if (lgetfilecon(file, &ctx) < 0) { lu_error_new(error, lu_error_stat, @@ -803,9 +853,18 @@ struct lu_error **error) { if (is_selinux_enabled() > 0) { - security_context_t ctx; - - if (matchpathcon(path, mode, &ctx) < 0) { + char *ctx; + struct selabel_handle *label_handle = NULL; +
View file
_service:tar_scm:libuser-0.63.tar.xz/libuser.conf -> _service:tar_scm:libuser-0.64.tar.gz/libuser.conf
Changed
@@ -17,7 +17,7 @@ # skeleton = /etc/skel # mailspooldir = /var/mail -crypt_style = sha512 +crypt_style = yescrypt modules = files shadow create_modules = files shadow # modules = files shadow ldap
View file
_service:tar_scm:libuser-0.63.tar.xz/modules/files.c -> _service:tar_scm:libuser-0.64.tar.gz/modules/files.c
Changed
@@ -832,6 +832,128 @@ return ret; } +static gboolean +lu_files_permits_duplicate_ids(struct lu_module *module) +{ + const char *allow_id_dupes; + + g_assert(module != NULL); + g_assert(module->lu_context != NULL); + + allow_id_dupes = lu_cfg_read_single(module->lu_context, + "files/allow_id_duplicates", + "false"); + if (allow_id_dupes && + strcasecmp(allow_id_dupes, "true") == 0) { + return TRUE; + } + + return FALSE; +} + +static gboolean +lu_files_mod_is_id_unique(struct lu_module *module, struct lu_ent *ent, + struct lu_error **error) +{ + id_t id_change = LU_VALUE_INVALID_ID; + struct lu_ent *dup_ent = NULL; + gboolean ret = FALSE; + gboolean found = FALSE; + const char *name_attribute; + const char *id_attribute; + + g_assert(module != NULL); + g_assert(ent != NULL); + g_assert(error != NULL); + + if (lu_files_permits_duplicate_ids(module)) { + return TRUE; + } + + /* Get the array of names for the entity object. */ + if (ent->type == lu_user) { + name_attribute = LU_USERNAME; + id_attribute = LU_UIDNUMBER; + } else if (ent->type == lu_group) { + name_attribute = LU_GROUPNAME; + id_attribute = LU_GIDNUMBER; + } else { + g_assert_not_reached(); + } + + id_change = lu_ent_get_first_id(ent, id_attribute); + if (id_change == LU_VALUE_INVALID_ID) { + /* The GID is not being changed, success */ + return TRUE; + } + + /* If the GID is being changed, check if there is another entry + * with the same GID + */ + dup_ent = lu_ent_new(); + if (dup_ent == NULL) { + return FALSE; + } + + /* Get the array of names for the entity object. */ + if (ent->type == lu_user) { + found = lu_files_user_lookup_id(module, id_change, dup_ent, + error); + } else if (ent->type == lu_group) { + found = lu_files_group_lookup_id(module, id_change, dup_ent, + error); + } else { + g_assert_not_reached(); + } + + if (found == TRUE) { + /* If there is, check if its original name is the same as + * the original name of ent. + */ + const char *dup_name = NULL; + const char *ent_cur_name = NULL; + + dup_name = lu_ent_get_first_string_current(dup_ent, + name_attribute); + if (dup_name == NULL) { + lu_error_new(error, lu_error_generic, + _("duplicate object has no %s attribute"), + name_attribute); + ret = FALSE; + goto done; + } + + ent_cur_name = lu_ent_get_first_string_current(ent, + name_attribute); + if (ent_cur_name == NULL) { + lu_error_new(error, lu_error_generic, + _("original object has no %s attribute"), + name_attribute); + ret = FALSE; + goto done; + } + + /* Another entry already has the same ID we're attempting to + * set, * this can only work if we are also renaming the group + * to the * duplicate name or if we're changing 'self' + */ + if (strcmp(dup_name, ent_cur_name) != 0) { + lu_error_new(error, lu_error_id_used, + _("ID %lu already in use by %s"), + (unsigned long) id_change, dup_name); + ret = FALSE; + goto done; + } + } + + ret = TRUE; +done: + if (dup_ent != NULL) { + lu_ent_free(dup_ent); + } + return ret; +} + /* Format a single field. Return field string for g_free (). */ static char * @@ -1071,6 +1193,13 @@ lu_files_user_add(struct lu_module *module, struct lu_ent *ent, struct lu_error **error) { + gboolean ret = FALSE; + + ret = lu_files_mod_is_id_unique(module, ent, error); + if (ret == FALSE) { + return FALSE; + } + return generic_add(module, suffix_passwd, format_passwd, G_N_ELEMENTS(format_passwd), ent, error); } @@ -1112,6 +1241,13 @@ lu_files_group_add(struct lu_module *module, struct lu_ent *ent, struct lu_error **error) { + gboolean ret = FALSE; + + ret = lu_files_mod_is_id_unique(module, ent, error); + if (ret == FALSE) { + return FALSE; + } + return generic_add(module, suffix_group, format_group, G_N_ELEMENTS(format_group), ent, error); } @@ -1262,6 +1398,13 @@ lu_files_user_mod(struct lu_module *module, struct lu_ent *ent, struct lu_error **error) { + gboolean ret = FALSE; + + ret = lu_files_mod_is_id_unique(module, ent, error); + if (ret == FALSE) { + return FALSE; + } + return generic_mod(module, suffix_passwd, format_passwd, G_N_ELEMENTS(format_passwd), ent, error); } @@ -1271,6 +1414,13 @@ lu_files_group_mod(struct lu_module *module, struct lu_ent *ent, struct lu_error **error) { + gboolean ret = FALSE; + + ret = lu_files_mod_is_id_unique(module, ent, error); + if (ret == FALSE) { + return FALSE; + } + return generic_mod(module, suffix_group, format_group, G_N_ELEMENTS(format_group), ent, error); }
View file
_service:tar_scm:libuser-0.63.tar.xz/po/LINGUAS -> _service:tar_scm:libuser-0.64.tar.gz/po/LINGUAS
Changed
@@ -28,6 +28,7 @@ is it ja +ka kn ko lv
View file
_service:tar_scm:libuser-0.63.tar.xz/po/ka.po -> _service:tar_scm:libuser-0.64.tar.gz/po/ka.po
Changed
@@ -1,116 +1,123 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR Red Hat, Inc. -# This file is distributed under the same license as the PACKAGE package. -# -# Translators: +# libuser translation to Georgian. +# Copyright (C) 2022 Red Hat, Inc. +# This file is distributed under the same license as the libuser package. +# +# Translators: Temuri Doghonadze <temuri.doghonadze@gmail.com>, 2022 + msgid "" msgstr "" "Project-Id-Version: libuser\n" "Report-Msgid-Bugs-To: https://fedorahosted.org/libuser/\n" "POT-Creation-Date: 2013-03-28 16:33+0100\n" -"PO-Revision-Date: 2013-04-29 08:37+0000\n" -"Last-Translator: Miloslav Trmač <mitr@volny.cz>\n" -"Language-Team: Georgian (http://www.transifex.com/projects/p/fedora/language/ka/)\n" +"PO-Revision-Date: 2022-09-04 11:26+0200\n" +"Last-Translator: Temuri Doghonadze <temuri.doghonadze@gmail.com>\n" +"Language-Team: Georgian (http://www.transifex.com/projects/p/fedora/" +"language/ka/)\n" +"Language: ka\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"Language: ka\n" "Plural-Forms: nplurals=1; plural=0;\n" +"X-Generator: Poedit 3.1.1\n" #: apps/apputil.c:197 apps/apputil.c:201 #, c-format msgid "Failed to drop privileges.\n" -msgstr "" +msgstr "პრივილეგიების მოცილების შეცდომა.\n" #: apps/apputil.c:210 #, c-format msgid "Internal error.\n" -msgstr "" +msgstr "შიდა შეცდომა.\n" #: apps/apputil.c:231 #, c-format msgid "%s is not authorized to change the finger info of %s\n" -msgstr "" +msgstr "%s-ს %s-ის ანაბეჭდის ინფორმაციის შეცვლა არ შეუძლია\n" #: apps/apputil.c:233 msgid "Unknown user context" -msgstr "" +msgstr "მომხმარებლის უცნობი კონტექსტი" #: apps/apputil.c:241 #, c-format msgid "Can't set default context for /etc/passwd\n" -msgstr "" +msgstr "/etc/passwd-სთვის ნაგულისხმები კონტექსტის დაყენების შეცდომა\n" #: apps/apputil.c:250 #, c-format msgid "Error initializing PAM.\n" -msgstr "" +msgstr "PAM-ის ინიციალიზაციის შეცდომა.\n" #: apps/apputil.c:260 apps/apputil.c:287 #, c-format msgid "Authentication failed for %s.\n" -msgstr "" +msgstr "ავთენტიკაციის შეცდომა: %s.\n" #: apps/apputil.c:268 #, c-format msgid "Internal PAM error `%s'.\n" -msgstr "" +msgstr "PAM-ის შიდა შეცდომა '%s'.\n" #: apps/apputil.c:273 #, c-format msgid "Unknown user authenticated.\n" -msgstr "" +msgstr "უცნობი მომხმარებელი ავთენტიფიცირებულია.\n" #: apps/apputil.c:277 #, c-format msgid "User mismatch.\n" -msgstr "" +msgstr "მომხმარებელი არ ემთხვევა\n" #: apps/lchage.c:84 apps/lchfn.c:53 apps/lchsh.c:44 apps/lgroupadd.c:47 #: apps/lgroupdel.c:42 apps/lgroupmod.c:54 apps/lid.c:115 apps/lnewusers.c:45 #: apps/lpasswd.c:47 apps/luseradd.c:55 apps/luserdel.c:45 apps/lusermod.c:56 msgid "prompt for all information" -msgstr "" +msgstr "ყველა ინფორმაციის მოთხოვნა" #: apps/lchage.c:86 msgid "list aging parameters for the user" -msgstr "" +msgstr "მომხმარებლის ასაკის პარამეტრების სიის ჩვენება" #: apps/lchage.c:88 msgid "minimum days between password changes" -msgstr "" +msgstr "დღეების მინიმალური რაოდენობა პაროლის ცვლილებებს შორის" #: apps/lchage.c:88 apps/lchage.c:90 apps/lchage.c:93 apps/lchage.c:96 #: apps/lchage.c:99 apps/lchage.c:102 msgid "DAYS" -msgstr "" +msgstr "დღე" #: apps/lchage.c:90 msgid "maximum days between password changes" -msgstr "" +msgstr "დღეების მაქსიმალური რაოდენობა პაროლის ცვლილებებს შორის" #: apps/lchage.c:92 msgid "date of last password change in days since 1/1/70" -msgstr "" +msgstr "პაროლის ბოლო ცვლილების თარიღი 1/1/70-ის შემდეგ" #: apps/lchage.c:95 msgid "" "number of days after password expiration date when account is considered " "inactive" msgstr "" +"პაროლის ვადის ამოწურვის შემდეგ გასული დღეების რაოდენობა, როცა ანგარიშის " +"არააქტიურად ცხადდება" #: apps/lchage.c:98 msgid "password expiration date in days since 1/1/70" -msgstr "" +msgstr "პაროლის ვადის გასვლის თარიღი 1/1/70-ის შემდეგ (დღეები)" #: apps/lchage.c:101 msgid "days before expiration to begin warning user" msgstr "" +"პაროლის ვადის ამოწურვამდე დარჩენილი დღეების რაოდენობა, როცა მომხმარებელი " +"გაფრთხილებული იქნება" #: apps/lchage.c:114 apps/lid.c:130 apps/lpasswd.c:68 apps/luseradd.c:100 #: apps/luserdel.c:59 apps/lusermod.c:101 msgid "OPTION... user" -msgstr "" +msgstr "პარამეტრი... მომხმარებელი" #: apps/lchage.c:117 apps/lchfn.c:70 apps/lchsh.c:58 apps/lgroupadd.c:65 #: apps/lgroupdel.c:56 apps/lgroupmod.c:85 apps/lid.c:133 apps/lnewusers.c:66 @@ -118,13 +125,13 @@ #: apps/lusermod.c:104 #, c-format msgid "Error parsing arguments: %s.\n" -msgstr "" +msgstr "არგუმენტის დამუშავების შეცდომა: %s\n" #: apps/lchage.c:126 apps/lpasswd.c:85 apps/luseradd.c:118 apps/luserdel.c:70 #: apps/lusermod.c:115 #, c-format msgid "No user name specified.\n" -msgstr "" +msgstr "მომხმარებლის სახელი მითითებული არაა.\n" #: apps/lchage.c:138 apps/lchfn.c:103 apps/lchsh.c:91 apps/lgroupadd.c:102 #: apps/lgroupdel.c:77 apps/lgroupmod.c:119 apps/lid.c:179 apps/lnewusers.c:79 @@ -133,218 +140,222 @@ #, c-format msgid "Error initializing %s: %s.\n" msgstr "" +"%s-ის ინიციალიზაციის შეცდომა: %s.\n" +"\n" #: apps/lchage.c:147 apps/lchfn.c:114 apps/lchsh.c:102 apps/lpasswd.c:148 #: apps/luserdel.c:89 apps/lusermod.c:171 #, c-format msgid "User %s does not exist.\n" -msgstr "" +msgstr "მომხმარებელი %s არ არსებობს.\n" #: apps/lchage.c:160 #, c-format msgid "Account is locked.\n" -msgstr "" +msgstr "ანგარიში დაბლოკილია.\n" #: apps/lchage.c:162 #, c-format msgid "Account is not locked.\n" -msgstr "" +msgstr "ანგარიში დაბლოკილი არაა.\n" #: apps/lchage.c:166 #, c-format msgid "Minimum:\t%ld\n" msgstr "" +"მინიმუმ:\t%ld\n" +"\n"
View file
_service:tar_scm:libuser-0.63.tar.xz/python/admin.c -> _service:tar_scm:libuser-0.64.tar.gz/python/admin.c
Changed
@@ -1512,7 +1512,7 @@ sizeof(struct libuser_admin), /* tp_basicsize */ 0, /* tp_itemsize */ libuser_admin_destroy, /* tp_dealloc */ - NULL, /* tp_print */ + 0, /* tp_print */ NULL, /* tp_getattr */ NULL, /* tp_setattr */ NULL, /* tp_compare */
View file
_service:tar_scm:libuser-0.63.tar.xz/python/ent.c -> _service:tar_scm:libuser-0.64.tar.gz/python/ent.c
Changed
@@ -255,7 +255,7 @@ static int libuser_entity_setattro(PyObject *self, PyObject *attr_name, PyObject *value) { - char *name; + const char *name; struct libuser_entity *me; PyObject *list; struct lu_ent *copy; @@ -616,7 +616,7 @@ libuser_entity_get_item(PyObject *self, PyObject *item) { struct libuser_entity *me; - char *attr; + const char *attr; DEBUG_ENTRY; me = (struct libuser_entity *)self; @@ -664,7 +664,7 @@ libuser_entity_set_item(PyObject *self, PyObject *item, PyObject *args) { struct libuser_entity *me; - char *attr = NULL; + const char *attr = NULL; Py_ssize_t i, size; int ret; GValue value; @@ -800,7 +800,7 @@ sizeof(struct libuser_entity), /* tp_basicsize */ 0, /* tp_itemsize */ libuser_entity_destroy, /* tp_dealloc */ - NULL, /* tp_print */ + 0, /* tp_print */ NULL, /* tp_getattr */ NULL, /* tp_setattr */ NULL, /* tp_compare */
View file
_service:tar_scm:libuser-0.63.tar.xz/python/misc.c -> _service:tar_scm:libuser-0.64.tar.gz/python/misc.c
Changed
@@ -493,7 +493,7 @@ sizeof(struct libuser_prompt), /* tp_basicsize */ 0, /* tp_itemsize */ libuser_prompt_destroy, /* tp_dealloc */ - NULL, /* tp_print */ + 0, /* tp_print */ NULL, /* tp_getattr */ NULL, /* tp_setattr */ NULL, /* tp_compare */
View file
_service:tar_scm:libuser-0.63.tar.xz/tests/default_pw_test -> _service:tar_scm:libuser-0.64.tar.gz/tests/default_pw_test
Changed
@@ -29,6 +29,10 @@ rm -rf "$workdir" mkdir "$workdir" +if ! -x /usr/sbin/slapd ; then + have_ldap=no +fi + # Create a SSL key /usr/bin/openssl req -newkey rsa:2048 -keyout "$workdir"/key1 -nodes \ -x509 -days 2 -out "$workdir"/key3 2>/dev/null <<EOF @@ -69,7 +73,7 @@ get_ldap_password() # entry filter { echo "Checking $1 ..." >&2 - ldapsearch -LLL -h 127.0.0.1 -p "$ldap_port" -x -b 'dc=libuser' "$1" \ + ldapsearch -LLL -H ldap://127.0.0.1:$ldap_port -x -b 'dc=libuser' "$1" \ userPassword | sed -n 's/userPassword:: //p' } @@ -88,6 +92,9 @@ 'files ldap shadow' 'files shadow ldap' 'ldap files shadow' \ 'ldap shadow files' 'shadow files ldap' 'shadow ldap files'; do + need_ldap=`echo $modules | grep ldap | wc -l` + test "$need_ldap" != "0" && test "$have_ldap" = "no" && continue + echo ">>>modules: $modules" >&2 # Set up an LDAP server and database files @@ -103,7 +110,7 @@ tests/wait_for_slapd_start "$workdir"/slapd.pid "$ldap_port" slapd_pid=$(cat "$workdir"/slapd.pid) trap 'status=$?; kill $slapd_pid; rm -rf "$workdir"; exit $status' 0 - ldapadd -h 127.0.0.1 -p "$ldap_port" -f "$srcdir/ldap_skel.ldif" -x \ + ldapadd -H ldap://127.0.0.1:$ldap_port -f "$srcdir/ldap_skel.ldif" -x \ -D cn=Manager,dc=libuser -w password ;; esac
View file
_service:tar_scm:libuser-0.63.tar.xz/tests/files_test.py -> _service:tar_scm:libuser-0.64.tar.gz/tests/files_test.py
Changed
@@ -278,6 +278,15 @@ efield = str(efield0) + '\nx' self.assertRaises(RuntimeError, self.a.addUser, e, False, False) + def testUserAdd10(self): + # Adding a duplicate user UID + e = self.a.initUser('user6_10') + self.a.addUser(e, False, False) + + e2 = self.a.initUser('user6_10_2') + e2libuser.UIDNUMBER = elibuser.UIDNUMBER + self.assertRaises(RuntimeError, self.a.addUser, e2, False, False) + def testUserMod1(self): # A minimal case e = self.a.initUser('user7_1') @@ -301,8 +310,8 @@ elibuser.USERNAME = 'user7_2username' self.assertNotEqual(elibuser.USERPASSWORD, '!!pwuser7_2') elibuser.USERPASSWORD = '!!pwuser7_2' - self.assertNotEqual(elibuser.UIDNUMBER, 4237) - elibuser.UIDNUMBER = 4237 + self.assertNotEqual(elibuser.UIDNUMBER, 4238) + elibuser.UIDNUMBER = 4238 self.assertNotEqual(elibuser.GIDNUMBER, 3742) elibuser.GIDNUMBER = 3742 self.assertNotEqual(elibuser.GECOS, 'Full Name,Office,1234,4321') @@ -336,7 +345,7 @@ self.assertIsNotNone(e) self.assertEqual(elibuser.USERNAME, 'user7_2username') self.assertEqual(elibuser.USERPASSWORD, '!!pwuser7_2') - self.assertEqual(elibuser.UIDNUMBER, 4237) + self.assertEqual(elibuser.UIDNUMBER, 4238) self.assertEqual(elibuser.GIDNUMBER, 3742) self.assertEqual(elibuser.GECOS, 'Full Name,Office,1234,4321') self.assertEqual(elibuser.HOMEDIRECTORY, '/home/user7_2home') @@ -457,6 +466,21 @@ efield = str(efield0) + '\nx' self.assertRaises(RuntimeError, self.a.modifyUser, e, False) + def testUserMod9(self): + # Attempt to modify to create UID duplicates + e = self.a.initUser('user7_9') + self.a.addUser(e, False, False) + e_uid = elibuser.UIDNUMBER + del e + + e = self.a.initUser('user7_9_2') + self.a.addUser(e, False, False) + del e + + e = self.a.lookupUserByName('user7_9_2') + elibuser.UIDNUMBER = e_uid + self.assertRaises(RuntimeError, self.a.modifyUser, e, False) + def testUserDel(self): e = self.a.initUser('user8_1') self.a.addUser(e, False, False) @@ -946,6 +970,19 @@ efield = field + '\nx' self.assertRaises(RuntimeError, self.a.addGroup, e) + def testGroupAdd7(self): + # Adding a duplicate group GID + e = self.a.initGroup('group21_7') + elibuser.MEMBERNAME = 'group21_7member1', 'group21_7member2' + self.a.addGroup(e) + e_gid = elibuser.GIDNUMBER + del e + + e_dup = self.a.initGroup('group21_7_dup') + self.assertNotEqual(e_duplibuser.GIDNUMBER, e_gid) + e_duplibuser.GIDNUMBER = e_gid + self.assertRaises(RuntimeError, self.a.modifyGroup, e_dup) + def testGroupMod1(self): # A minimal case e = self.a.initGroup('group22_1') @@ -971,7 +1008,7 @@ self.assertNotEqual(elibuser.GROUPPASSWORD, '!!grgroup22_2') elibuser.GROUPPASSWORD = '!!grgroup22_2' self.assertNotEqual(elibuser.GIDNUMBER, 4237) - elibuser.GIDNUMBER = 4237 + elibuser.GIDNUMBER = 4238 v = sorted(elibuser.MEMBERNAME) self.assertNotEqual(v, 'group22_2member1', 'group22_2member3') elibuser.MEMBERNAME = 'group22_2member1', 'group22_2member3' @@ -986,7 +1023,7 @@ self.assertIsNotNone(e) self.assertEqual(elibuser.GROUPNAME, 'group22_2groupname') self.assertEqual(elibuser.GROUPPASSWORD, '!!grgroup22_2') - self.assertEqual(elibuser.GIDNUMBER, 4237) + self.assertEqual(elibuser.GIDNUMBER, 4238) v = elibuser.MEMBERNAME v.sort() self.assertEqual(v, 'group22_2member1', 'group22_2member3') @@ -1077,6 +1114,25 @@ efield = field + '\nx' self.assertRaises(RuntimeError, self.a.modifyGroup, e) + def testGroupMod8(self): + # GID duplicate tests + e = self.a.initGroup('group22_8') + elibuser.MEMBERNAME = 'group22_8member1', 'group22_8member2' + self.a.addGroup(e) + e_gid = elibuser.GIDNUMBER + del e + + e_dup = self.a.initGroup('group22_8_2') + e_duplibuser.MEMBERNAME = 'group22_8member1', 'group22_8member2' + self.a.addGroup(e_dup) + del e_dup + + # Changing GID to e's should not work + e_dup = self.a.lookupGroupByName('group22_8_2') + self.assertNotEqual(e_duplibuser.GIDNUMBER, e_gid) + e_duplibuser.GIDNUMBER = e_gid + self.assertRaises(RuntimeError, self.a.modifyGroup, e_dup) + def testGroupDel(self): e = self.a.initGroup('group23_1') self.a.addGroup(e)
View file
_service:tar_scm:libuser-0.63.tar.xz/tests/fs_test -> _service:tar_scm:libuser-0.64.tar.gz/tests/fs_test
Changed
@@ -19,19 +19,29 @@ # # Author: Miloslav Trmač <mitr@redhat.com> -if ! fakeroot --version &>/dev/null; then - echo 'fakeroot not available, skipping test' >&2 - exit 77 +# Some tests runs only as root. If you want to run those tests, +# you must run it as a real root and set the variable USE_FAKEROOT=no +# Make sure you have backups! +if -z "$USE_FAKEROOT" ; then + USE_FAKEROOT=yes +fi + +export USE_FAKEROOT + +if "$USE_FAKEROOT" != "no" ; then + if ! fakeroot --version &>/dev/null; then + echo 'fakeroot not available, skipping test' >&2 + exit 77 + fi fi run_test() { - fakeroot "$@" + if "$USE_FAKEROOT" = "no" ; then + ( "$@"; ) + else + fakeroot "$@" + fi } -# If you want to test this as real root, use the following instead, and run the -# test manually. Make sure you have backups! -#run_test() { -# ( "$@"; ) -#} srcdir=$srcdir/tests @@ -70,7 +80,7 @@ ( cd "$1"; LC_ALL=C ls -lnR | \ - awk 'NF > 3 { printf("%.10s %d %4d %4d %s\n", $1, $2, $3, $4, $9); } + awk 'NF > 3 { printf("%.10s %4d %4d %s\n", $1, $3, $4, $9); } NF <= 3 && !/total/ { print }'; ) } @@ -82,7 +92,7 @@ # User's "own" content mkdir -p "$workdir"/rm/root/{dir,unreadable} touch "$workdir"/rm/{kept,root/{dir,unreadable}/f} - mkfifo "$workdir"/rm/root/fifo + mkfifo "$workdir"/rm/root/fifo 2>/dev/null ln -s ../kept "$workdir"/rm/root/symlink chown -R 555:555 "$workdir"/rm/root chmod 701 "$workdir"/rm/root @@ -107,10 +117,11 @@ diff "$workdir"/rm_output - <<EOF .: --rw-rw-r-- 1 0 0 kept ----------- 1 0 0 secret +-rw-rw-r-- 0 0 kept +---------- 0 0 secret EOF if $? -ne 0 ; then + echo "Failed: test_lu_homedir_remove" >&1 exit 1 fi @@ -142,6 +153,7 @@ .: EOF if $? -ne 0 ; then + echo "Failed: test_lu_homedir_remove_for_user_if_owned1" >&1 exit 1 fi @@ -172,19 +184,20 @@ \`$workdir/rm_owned2/root' is not owned by UID \`555' 1 .: -drwx-----x 4 444 444 root +drwx-----x 444 444 root ./root: -drwxrwxr-x 2 555 555 dir -drwxrwxr-x 2 0 0 non-owned-dir +drwxrwxr-x 555 555 dir +drwxrwxr-x 0 0 non-owned-dir ./root/dir: --rw-rw-r-- 1 555 555 f +-rw-rw-r-- 555 555 f ./root/non-owned-dir: --rw-rw-r-- 1 0 0 f +-rw-rw-r-- 0 0 f EOF if $? -ne 0 ; then + echo "Failed: test_lu_homedir_remove_for_user_if_owned2" >&1 exit 1 fi @@ -196,7 +209,7 @@ # User's "own" content for i in "$1" "$1"/dir "$1"/group-owned; do touch "$i"/f "$i"/setuid - mkfifo "$i"/fifo + mkfifo "$i"/fifo 2>/dev/null ln -s ../outside "$i"/symlink done mkdir "$1"/setgid @@ -229,39 +242,45 @@ filtered_ls "$workdir"/home2 } -export -f test_lu_homedir_move1 -run_test test_lu_homedir_move1 > "$workdir"/mv_output -# Special files and fifos are not copied over. Ownership and permissions are -# preserved. -diff "$workdir"/mv_output - <<EOF +if $USE_FAKEROOT = "no" ; then + export -f test_lu_homedir_move1 + run_test test_lu_homedir_move1 > "$workdir"/mv_output + + # Special files and fifos are not copied over. Ownership and permissions are + # preserved. + diff "$workdir"/mv_output - <<EOF .: -drwxrwxr-x 2 555 555 dir --rw-rw-r-- 1 555 555 f -drwxrwxr-x 2 555 444 group-owned ----------- 1 0 0 secret -drwxrwsr-x 2 555 555 setgid --rwsrw-r-- 1 555 555 setuid -lrwxrwxrwx 1 555 555 symlink -d--------- 2 555 555 unreadable +drwxrwxr-x 555 555 dir +-rw-rw-r-- 555 555 f +drwxrwxr-x 555 444 group-owned +---------- 0 0 secret +drwxrwsr-x 555 555 setgid +-rwsrw-r-- 555 555 setuid +lrwxrwxrwx 555 555 symlink +d--------- 555 555 unreadable ./dir: --rw-rw-r-- 1 555 555 f --rwsrw-r-- 1 555 555 setuid -lrwxrwxrwx 1 555 555 symlink +-rw-rw-r-- 555 555 f +-rwsrw-r-- 555 555 setuid +lrwxrwxrwx 555 555 symlink ./group-owned: --rw-rw-r-- 1 555 444 f --rwsrw-r-- 1 555 444 setuid -lrwxrwxrwx 1 555 444 symlink +-rw-rw-r-- 555 444 f +-rwsrw-r-- 555 444 setuid +lrwxrwxrwx 555 444 symlink ./setgid: ./unreadable: ----------- 1 555 555 f +---------- 555 555 f EOF -if $? -ne 0 ; then - exit 1 + if $? -ne 0 ; then + echo "Failed: test_lu_homedir_move1" >&2 + exit 1 + fi +else + echo "Skipped: test_lu_homedir_move1" >&2 fi # Moving onto an existing directory is prohibited @@ -271,17 +290,22 @@ $VALGRIND $PYTHON "$srcdir"/fs_test.py --move "$workdir"/mv2home{1,2} echo $? } -export -f test_lu_homedir_move2 -run_test test_lu_homedir_move2 > "$workdir"/mv2_output 2>&1 -diff "$workdir"/mv2_output - <<EOF + +if $USE_FAKEROOT = "no" ; then + export -f test_lu_homedir_move2 + run_test test_lu_homedir_move2 > "$workdir"/mv2_output 2>&1 + diff "$workdir"/mv2_output - <<EOF Error creating \`$workdir/mv2home2': File exists 1 EOF -if $? -ne 0 ; then - exit 1 + if $? -ne 0 ; then
View file
_service:tar_scm:libuser-0.63.tar.xz/tests/ldap_test -> _service:tar_scm:libuser-0.64.tar.gz/tests/ldap_test
Changed
@@ -19,6 +19,11 @@ # # Author: Miloslav Trmac <mitr@redhat.com> +if ! -x /usr/sbin/slapd ; then + echo "The openldap server not found" >&2 + exit 77 +fi + srcdir=$srcdir/tests workdir=$(pwd)/test_ldap @@ -56,7 +61,7 @@ trap 'status=$?; kill $slapd_pid tests/wait_for_slapd_exit "$workdir"/slapd.pid "$ldap_port" rm -rf "$workdir"; exit $status' 0 -ldapadd -h 127.0.0.1 -p "$ldap_port" -f "$srcdir/ldap_skel.ldif" -x \ +ldapadd -H "ldap://127.0.0.1:$ldap_port" -f "$srcdir/ldap_skel.ldif" -x \ -D cn=Manager,dc=libuser -w password
View file
_service:tar_scm:libuser-0.63.tar.xz/tests/pwhash_test -> _service:tar_scm:libuser-0.64.tar.gz/tests/pwhash_test
Changed
@@ -78,6 +78,22 @@ fi cp "${LIBUSER_CONF}_" "$LIBUSER_CONF" +echo 'crypt_style = blowfish' >> "$LIBUSER_CONF" +pw=$(workdir="$workdir" $VALGRIND $PYTHON "$srcdir"/pwhash.py) +if "x${pw#\$2b\$}" = "x$pw" ; then + echo "Invalid BLOWFISH hash" >&2 + exit 1 +fi + +cp "${LIBUSER_CONF}_" "$LIBUSER_CONF" +echo 'crypt_style = yescrypt' >> "$LIBUSER_CONF" +pw=$(workdir="$workdir" $VALGRIND $PYTHON "$srcdir"/pwhash.py) +if "x${pw#\$y\$}" = "x$pw" ; then + echo "Invalid YESCRYPT hash" >&2 + exit 1 +fi + +cp "${LIBUSER_CONF}_" "$LIBUSER_CONF" cat >> "$LIBUSER_CONF" <<\EOF crypt_style = sha256 hash_rounds_min = 4242
View file
_service:tar_scm:libuser-0.63.tar.xz/tests/slapd.conf.in -> _service:tar_scm:libuser-0.64.tar.gz/tests/slapd.conf.in
Changed
@@ -10,7 +10,7 @@ TLSCertificateFile @WORKDIR@/key.pem TLSCertificateKeyFile @WORKDIR@/key.pem -database bdb +database mdb suffix "dc=libuser" rootdn "cn=Manager,dc=libuser" rootpw {SSHA}ABgelmLFZQ/OJzVEp3OM5MzWQ9rt3b4F
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2