[Pkg-shadow-commits] r3145 - in upstream/trunk: . man src
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Thu Mar 18 10:23:51 UTC 2010
Author: nekral-guest
Date: 2010-03-18 10:23:51 +0000 (Thu, 18 Mar 2010)
New Revision: 3145
Modified:
upstream/trunk/ChangeLog
upstream/trunk/TODO
upstream/trunk/man/pwck.8.xml
upstream/trunk/src/pwck.c
Log:
* src/pwck.c: Document the sections closed by #endif
* src/pwck.c, man/pwck.8.xml: No alternative shadow file can be
given when USE_TCB is enabled.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2010-03-18 09:46:15 UTC (rev 3144)
+++ upstream/trunk/ChangeLog 2010-03-18 10:23:51 UTC (rev 3145)
@@ -1,5 +1,11 @@
2010-03-18 Nicolas François <nicolas.francois at centraliens.net>
+ * src/pwck.c: Document the sections closed by #endif
+ * src/pwck.c, man/pwck.8.xml: No alternative shadow file can be
+ given when USE_TCB is enabled.
+
+2010-03-18 Nicolas François <nicolas.francois at centraliens.net>
+
* src/pwck.c: Do not use pwd_file and spw_file. Always use the
dbname() functions.
Modified: upstream/trunk/TODO
===================================================================
--- upstream/trunk/TODO 2010-03-18 09:46:15 UTC (rev 3144)
+++ upstream/trunk/TODO 2010-03-18 10:23:51 UTC (rev 3145)
@@ -115,6 +115,7 @@
entry (with a password).
- Add check to move passwd passwords to shadow if there is a shadow
file.
+ - Support an alternative /etc/tcb directory as second parameter.
- su
- add a login.defs configuration parameter to add variables to keep in
Modified: upstream/trunk/man/pwck.8.xml
===================================================================
--- upstream/trunk/man/pwck.8.xml 2010-03-18 09:46:15 UTC (rev 3144)
+++ upstream/trunk/man/pwck.8.xml 2010-03-18 10:23:51 UTC (rev 3145)
@@ -88,6 +88,9 @@
The <command>pwck</command> command verifies the integrity of the
users and authentication information. It checks that all entries in
<filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>
+ <phrase condition="tcb">(or the files in
+ <filename>/etc/tcb</filename>, when <option>USE_TCB</option> is
+ enabled)</phrase>
have the proper format and contain valid data.
The user is prompted to delete entries that are
improperly formatted or which have other uncorrectable errors.
@@ -200,7 +203,7 @@
<filename>/etc/shadow</filename> by UID.
</para>
<para condition="tcb">
- This option has no effect when TCB is enabled.
+ This option has no effect when <option>USE_TCB</option> is enabled.
</para>
</listitem>
</varlistentry>
@@ -208,11 +211,19 @@
<para>
By default, <command>pwck</command> operates on the files
- <filename>/etc/passwd</filename> and <filename>/etc/shadow</filename>.
- The user may select alternate files with the <emphasis
- remap='I'>passwd</emphasis> and <emphasis remap='I'>shadow</emphasis>
- parameters.
+ <filename>/etc/passwd</filename> and
+ <filename>/etc/shadow</filename><phrase condition="tcb"> (or the
+ files in <filename>/etc/tcb</filename>)</phrase>.
+ The user may select alternate files with the
+ <replaceable>passwd</replaceable> and
+ <replaceable>shadow</replaceable> parameters.
</para>
+ <para condition="tcb">
+ Note that when <option>USE_TCB</option> is enabled, you cannot
+ specify an alternative <replaceable>shadow</replaceable> file. In
+ future releases, this paramater could be replaced by an alternate
+ TCB directory.
+ </para>
</refsect1>
<refsect1 id='configuration'>
Modified: upstream/trunk/src/pwck.c
===================================================================
--- upstream/trunk/src/pwck.c 2010-03-18 09:46:15 UTC (rev 3144)
+++ upstream/trunk/src/pwck.c 2010-03-18 10:23:51 UTC (rev 3145)
@@ -49,7 +49,7 @@
#include "nscd.h"
#ifdef WITH_TCB
#include "tcbfuncs.h"
-#endif
+#endif /* WITH_TCB */
/*
* Exit codes
@@ -123,8 +123,17 @@
*/
static void usage (void)
{
- fprintf (stderr, _("Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"),
- Prog);
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB")) {
+ fprintf (stderr, _("Usage: %s [-q] [-r] [-s] [passwd]\n"),
+ Prog);
+ } else
+#endif /* WITH_TCB */
+ {
+ fprintf (stderr,
+ _("Usage: %s [-q] [-r] [-s] [passwd [shadow]]\n"),
+ Prog);
+ }
exit (E_USAGE);
}
@@ -178,6 +187,14 @@
use_system_pw_file = false;
}
if ((optind + 2) == argc) {
+#ifdef WITH_TCB
+ if (getdef_bool ("USE_TCB")) {
+ fprintf (stderr,
+ _("%s: no alternative shadow file allowed when USE_TCB is enabled.\n"),
+ Prog);
+ usage ();
+ }
+#endif /* WITH_TCB */
spw_setdbname (argv[optind + 1]);
is_shadow = true;
use_system_spw_file = false;
@@ -197,7 +214,7 @@
bool use_tcb = false;
#ifdef WITH_TCB
use_tcb = getdef_bool ("USE_TCB");
-#endif
+#endif /* WITH_TCB */
/*
* Lock the files if we aren't in "read-only" mode
@@ -513,7 +530,7 @@
}
spw_opened = true;
}
-#endif
+#endif /* WITH_TCB */
spw = (struct spwd *) spw_locate (pwd->pw_name);
if (NULL == spw) {
printf (_("no matching password file entry in %s\n"),
@@ -595,7 +612,7 @@
spw_locked = false;
}
}
-#endif
+#endif /* WITH_TCB */
}
}
More information about the Pkg-shadow-commits
mailing list