[Pkg-shadow-commits] r1868 - upstream/trunk/src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Tue Feb 26 19:17:21 UTC 2008
Author: nekral-guest
Date: 2008-02-26 19:17:20 +0000 (Tue, 26 Feb 2008)
New Revision: 1868
Modified:
upstream/trunk/src/gpasswd.c
Log:
Re-indent.
Modified: upstream/trunk/src/gpasswd.c
===================================================================
--- upstream/trunk/src/gpasswd.c 2008-02-26 19:09:10 UTC (rev 1867)
+++ upstream/trunk/src/gpasswd.c 2008-02-26 19:17:20 UTC (rev 1868)
@@ -407,60 +407,63 @@
{
#ifdef SHADOWGRP
if (is_shadowgrp) {
- /*
- * The policy here for changing a group is that 1) you must be root
- * or 2). you must be listed as an administrative member.
- * Administrative members can do anything to a group that the root
- * user can.
- */
- if (!amroot && !is_on_list (sg->sg_adm, myname)) {
+ /*
+ * The policy here for changing a group is that
+ * 1) you must be root or
+ * 2) you must be listed as an administrative member.
+ * Administrative members can do anything to a group that
+ * the root user can.
+ */
+ if (!amroot && !is_on_list (sg->sg_adm, myname)) {
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "modify group", group, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "modify group", group, -1, 0);
#endif
- failure ();
- }
+ failure ();
+ }
} else
#endif /* ! SHADOWGRP */
{
#ifdef FIRST_MEMBER_IS_ADMIN
- /*
- * The policy here for changing a group is that 1) you must be root
- * or 2) you must be the first listed member of the group. The
- * first listed member of a group can do anything to that group that
- * the root user can. The rationale for this hack is that the FIRST
- * user is probably the most important user in this entire group.
- */
- /*
- * This feature enabled by default could be a security problem when
- * installed on existing systems where the first group member might
- * be just a normal user. --marekm
- */
- if (!amroot) {
- if (gr->gr_mem[0] == (char *) 0) {
+ /*
+ * The policy here for changing a group is that
+ * 1) you must be root or
+ * 2) you must be the first listed member of the group.
+ * The first listed member of a group can do anything to
+ * that group that the root user can. The rationale for
+ * this hack is that the FIRST user is probably the most
+ * important user in this entire group.
+ *
+ * This feature enabled by default could be a security
+ * problem when installed on existing systems where the
+ * first group member might be just a normal user.
+ * --marekm
+ */
+ if (!amroot) {
+ if (gr->gr_mem[0] == (char *) 0) {
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "modifying group", group, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "modifying group", group, -1, 0);
#endif
- failure ();
- }
+ failure ();
+ }
- if (strcmp (gr->gr_mem[0], myname) != 0) {
+ if (strcmp (gr->gr_mem[0], myname) != 0) {
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "modifying group", myname, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "modifying group", myname, -1, 0);
#endif
- failure ();
+ failure ();
+ }
}
- }
#else /* ! FIRST_MEMBER_IS_ADMIN */
- if (!amroot) {
+ if (!amroot) {
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "modifying group", group, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "modifying group", group, -1, 0);
#endif
- failure ();
- }
+ failure ();
+ }
#endif
}
}
@@ -550,52 +553,54 @@
#ifdef SHADOWGRP
if (is_shadowgrp) {
- if (sgr_open (O_RDONLY) == 0) {
- fprintf (stderr, _("%s: can't open shadow file\n"), Prog);
- SYSLOG ((LOG_WARN, "cannot open /etc/gshadow"));
+ if (sgr_open (O_RDONLY) == 0) {
+ fprintf (stderr,
+ _("%s: can't open shadow file\n"), Prog);
+ SYSLOG ((LOG_WARN, "cannot open /etc/gshadow"));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "opening /etc/gshadow", group, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "opening /etc/gshadow", group, -1, 0);
#endif
- exit (1);
- }
- tmpsg = sgr_locate (group);
- if (NULL != tmpsg) {
- *sg = *tmpsg;
- sg->sg_name = xstrdup (tmpsg->sg_name);
- sg->sg_passwd = xstrdup (tmpsg->sg_passwd);
+ exit (1);
+ }
+ tmpsg = sgr_locate (group);
+ if (NULL != tmpsg) {
+ *sg = *tmpsg;
+ sg->sg_name = xstrdup (tmpsg->sg_name);
+ sg->sg_passwd = xstrdup (tmpsg->sg_passwd);
- sg->sg_mem = dup_list (tmpsg->sg_mem);
- sg->sg_adm = dup_list (tmpsg->sg_adm);
- } else {
- sg->sg_name = xstrdup (group);
- sg->sg_passwd = gr->gr_passwd;
- gr->gr_passwd = "!"; /* XXX warning: const */
+ sg->sg_mem = dup_list (tmpsg->sg_mem);
+ sg->sg_adm = dup_list (tmpsg->sg_adm);
+ } else {
+ sg->sg_name = xstrdup (group);
+ sg->sg_passwd = gr->gr_passwd;
+ gr->gr_passwd = "!"; /* XXX warning: const */
- sg->sg_mem = dup_list (gr->gr_mem);
+ sg->sg_mem = dup_list (gr->gr_mem);
- sg->sg_adm = (char **) xmalloc (sizeof (char *) * 2);
+ sg->sg_adm = (char **) xmalloc (sizeof (char *) * 2);
#ifdef FIRST_MEMBER_IS_ADMIN
- if (sg->sg_mem[0]) {
- sg->sg_adm[0] = xstrdup (sg->sg_mem[0]);
- sg->sg_adm[1] = NULL;
- } else
+ if (sg->sg_mem[0]) {
+ sg->sg_adm[0] = xstrdup (sg->sg_mem[0]);
+ sg->sg_adm[1] = NULL;
+ } else
#endif
- {
- sg->sg_adm[0] = NULL;
+ {
+ sg->sg_adm[0] = NULL;
+ }
+
}
-
- }
- if (sgr_close () == 0) {
- fprintf (stderr, _("%s: can't close shadow file\n"), Prog);
- SYSLOG ((LOG_WARN, "cannot close /etc/gshadow"));
+ if (sgr_close () == 0) {
+ fprintf (stderr,
+ _("%s: can't close shadow file\n"), Prog);
+ SYSLOG ((LOG_WARN, "cannot close /etc/gshadow"));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "closing /etc/gshadow", group, -1, 0);
+ audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ "closing /etc/gshadow", group, -1, 0);
#endif
- exit (1);
+ exit (1);
+ }
}
- }
#endif /* SHADOWGRP */
}
@@ -738,7 +743,7 @@
fputs (_("Who are you?\n"), stderr);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "user lookup", NULL,
- bywho, 0);
+ bywho, 0);
#endif
failure ();
}
@@ -773,10 +778,10 @@
#endif
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "deleting group password", group, -1, 1);
+ "deleting group password", group, -1, 1);
#endif
SYSLOG ((LOG_INFO, "remove password from group %s by %s",
- group, myname));
+ group, myname));
goto output;
} else if (Rflg) {
/*
@@ -789,7 +794,7 @@
#endif
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "restrict access to group", group, -1, 1);
+ "restrict access to group", group, -1, 1);
#endif
SYSLOG ((LOG_INFO, "restrict access to group %s by %s",
group, myname));
@@ -805,15 +810,15 @@
grent.gr_mem = add_list (grent.gr_mem, user);
#ifdef SHADOWGRP
if (is_shadowgrp) {
- sgent.sg_mem = add_list (sgent.sg_mem, user);
+ sgent.sg_mem = add_list (sgent.sg_mem, user);
}
#endif
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "adding group member",
- user, -1, 1);
+ user, -1, 1);
#endif
SYSLOG ((LOG_INFO, "add member %s to group %s by %s", user,
- group, myname));
+ group, myname));
goto output;
}
@@ -832,27 +837,27 @@
}
#ifdef SHADOWGRP
if (is_shadowgrp) {
- if (is_on_list (sgent.sg_mem, user)) {
- removed = 1;
- sgent.sg_mem = del_list (sgent.sg_mem, user);
+ if (is_on_list (sgent.sg_mem, user)) {
+ removed = 1;
+ sgent.sg_mem = del_list (sgent.sg_mem, user);
+ }
}
- }
#endif
if (!removed) {
fprintf (stderr, _("%s: unknown member %s\n"),
- Prog, user);
+ Prog, user);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "deleting member", user, -1, 0);
+ "deleting member", user, -1, 0);
#endif
exit (1);
}
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "deleting member",
- user, -1, 1);
+ user, -1, 1);
#endif
SYSLOG ((LOG_INFO, "remove member %s from group %s by %s",
- user, group, myname));
+ user, group, myname));
goto output;
}
#ifdef SHADOWGRP
@@ -864,10 +869,10 @@
if (Aflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "setting group admin",
- group, -1, 1);
+ group, -1, 1);
#endif
SYSLOG ((LOG_INFO, "set administrators of %s to %s",
- group, admins));
+ group, admins));
sgent.sg_adm = comma_to_list (admins);
if (!Mflg) {
goto output;
@@ -883,7 +888,7 @@
if (Mflg) {
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "setting group members", group, -1, 1);
+ "setting group members", group, -1, 1);
#endif
SYSLOG ((LOG_INFO, "set members of %s to %s", group, members));
#ifdef SHADOWGRP
@@ -902,7 +907,7 @@
fprintf (stderr, _("%s: Not a tty\n"), Prog);
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "changing password",
- group, -1, 0);
+ group, -1, 0);
#endif
exit (1);
}
@@ -936,7 +941,7 @@
SYSLOG ((LOG_ERR, "can't setuid(0)"));
#ifdef WITH_AUDIT
audit_logger (AUDIT_USER_CHAUTHTOK, Prog, "changing id to root",
- group, -1, 0);
+ group, -1, 0);
#endif
closelog ();
exit (1);
More information about the Pkg-shadow-commits
mailing list