[Pkg-shadow-commits] r3141 - in upstream/trunk: . src
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Thu Mar 18 09:01:09 UTC 2010
Author: nekral-guest
Date: 2010-03-18 09:01:04 +0000 (Thu, 18 Mar 2010)
New Revision: 3141
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/pwck.c
Log:
2010-03-18 Pawe?\197?\130 Hajdan, Jr. <phajdan.jr at gentoo.org>
* src/pwck.c: Add support for TCB.
* src/pwck.c: Use spw_dbname() instead of spw_file since TCB
changes from a file to another depending on the user. Also use
pw_dbname() for consistency.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2010-03-18 00:07:00 UTC (rev 3140)
+++ upstream/trunk/ChangeLog 2010-03-18 09:01:04 UTC (rev 3141)
@@ -1,3 +1,10 @@
+2010-03-18 Paweł Hajdan, Jr. <phajdan.jr at gentoo.org>
+
+ * src/pwck.c: Add support for TCB.
+ * src/pwck.c: Use spw_dbname() instead of spw_file since TCB
+ changes from a file to another depending on the user. Also use
+ pw_dbname() for consistency.
+
2010-03-17 Nicolas François <nicolas.francois at centraliens.net>
* src/faillog.c: Re-indent.
Modified: upstream/trunk/src/pwck.c
===================================================================
--- upstream/trunk/src/pwck.c 2010-03-18 00:07:00 UTC (rev 3140)
+++ upstream/trunk/src/pwck.c 2010-03-18 09:01:04 UTC (rev 3141)
@@ -47,6 +47,9 @@
#include "shadowio.h"
#include "getdef.h"
#include "nscd.h"
+#ifdef WITH_TCB
+#include "tcbfuncs.h"
+#endif
/*
* Exit codes
@@ -72,6 +75,9 @@
static bool is_shadow = false;
+static bool pw_opened = false;
+static bool spw_opened = false;
+
static bool pw_locked = false;
static bool spw_locked = false;
@@ -192,6 +198,11 @@
*/
static void open_files (void)
{
+ bool use_tcb = false;
+#ifdef WITH_TCB
+ use_tcb = getdef_bool("USE_TCB");
+#endif
+
/*
* Lock the files if we aren't in "read-only" mode
*/
@@ -203,11 +214,11 @@
fail_exit (E_CANTLOCK);
}
pw_locked = true;
- if (is_shadow) {
+ if (is_shadow && !use_tcb) {
if (spw_lock () == 0) {
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
- Prog, spw_file);
+ Prog, spw_dbname());
fail_exit (E_CANTLOCK);
}
spw_locked = true;
@@ -226,13 +237,17 @@
}
fail_exit (E_CANTOPEN);
}
- if (is_shadow && (spw_open (read_only ? O_RDONLY : O_RDWR) == 0)) {
- fprintf (stderr, _("%s: cannot open %s\n"),
- Prog, spw_file);
- if (use_system_spw_file) {
- SYSLOG ((LOG_WARN, "cannot open %s", spw_file));
+ pw_opened = true;
+ if (is_shadow && !use_tcb) {
+ if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"),
+ Prog, spw_dbname());
+ if (use_system_spw_file) {
+ SYSLOG ((LOG_WARN, "cannot open %s", spw_dbname()));
+ }
+ fail_exit (E_CANTOPEN);
}
- fail_exit (E_CANTOPEN);
+ spw_opened = true;
}
}
@@ -250,18 +265,20 @@
* changes to the files.
*/
if (changed) {
- if (pw_close () == 0) {
+ if (pw_opened && pw_close () == 0) {
fprintf (stderr, _("%s: failure while writing changes to %s\n"),
Prog, pwd_file);
SYSLOG ((LOG_ERR, "failure while writing changes to %s", pwd_file));
fail_exit (E_CANTUPDATE);
}
- if (is_shadow && (spw_close () == 0)) {
+ pw_opened = false;
+ if (is_shadow && spw_opened && (spw_close () == 0)) {
fprintf (stderr, _("%s: failure while writing changes to %s\n"),
- Prog, spw_file);
- SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_file));
+ Prog, spw_dbname());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname()));
fail_exit (E_CANTUPDATE);
}
+ spw_opened = false;
}
/*
@@ -450,12 +467,49 @@
*/
if (is_shadow) {
+#ifdef WITH_TCB
+ if (getdef_bool("USE_TCB")) {
+ if (!shadowtcb_set_user (pwd->pw_name)) {
+ printf(_("no tcb directory for %s\n"), pwd->pw_name);
+ printf(_("create tcb directory for %s?"), pwd->pw_name);
+ *errors += 1;
+ if (yes_or_no (read_only)) {
+ if (!shadowtcb_create(pwd->pw_name, pwd->pw_uid)) {
+ *errors += 1;
+ printf(_("failed to create tcb directory for %s\n"), pwd->pw_name);
+ continue;
+ }
+ } else {
+ continue;
+ }
+ }
+ if (spw_lock () == 0) {
+ *errors += 1;
+ fprintf (stderr,
+ _("%s: cannot lock %s.\n"),
+ Prog, spw_dbname());
+ continue;
+ }
+ spw_locked = true;
+ if (spw_open (read_only ? O_RDONLY : O_RDWR) == 0) {
+ fprintf (stderr, _("%s: cannot open %s\n"),
+ Prog, spw_dbname());
+ *errors += 1;
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ }
+ continue;
+ }
+ spw_opened = true;
+ }
+#endif
spw = (struct spwd *) spw_locate (pwd->pw_name);
if (NULL == spw) {
printf (_("no matching password file entry in %s\n"),
- spw_file);
+ spw_dbname());
printf (_("add user '%s' in %s? "),
- pwd->pw_name, spw_file);
+ pwd->pw_name, spw_dbname());
*errors += 1;
if (yes_or_no (read_only)) {
struct spwd sp;
@@ -494,7 +548,7 @@
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, pw_dbname (), pw.pw_name);
- exit (E_CANTUPDATE);
+ fail_exit (E_CANTUPDATE);
}
}
} else {
@@ -503,11 +557,28 @@
*/
if (strcmp (pwd->pw_passwd, SHADOW_PASSWD_STRING) != 0) {
printf (_("user %s has an entry in %s, but its password field in %s is not set to 'x'\n"),
- pwd->pw_name, spw_file, pwd_file);
+ pwd->pw_name, spw_dbname(), pwd_file);
*errors += 1;
}
}
}
+#ifdef WITH_TCB
+ if (getdef_bool("USE_TCB") && spw_locked) {
+ if (spw_opened && spw_close () == 0) {
+ fprintf (stderr, _("%s: failure while writing changes to %s\n"),
+ Prog, spw_dbname());
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname()));
+ } else {
+ spw_opened = false;
+ }
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ } else {
+ spw_locked = false;
+ }
+ }
+#endif
}
}
More information about the Pkg-shadow-commits
mailing list