It seems like overkill to provide this #ifdef. For example coreutils
use "char *" for all selinux contexts (since 2014).
Signed-off-by: Karel Zak <kzak@redhat.com>
When readline is called to get user input, it is called without
a prompt argument. As a result, if the user does not enter anything
for a given field, then the next field is displayed on the same
line, yielding the following output:
$ chfn
Changing finger information for user.
Password:
Name []: Office []: Office Phone []: Home Phone []:
instead of the expected:
$ chfn
Changing finger information for user.
Password:
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
This patch restores the expected behavior by feeding readline with
a character to display as "prompt".
[kzak@redhat.com: - do the same change in chsh
- use ' ' rather than '\n' for non-readline code]
Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
Less code, less bugs. And if there are bugs at least share them with all
other programs that use getusershell(3) from libc.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
changed in include/c.h and applied via sed:
sed -i 's/fprintf.*\(USAGE_MAN_TAIL.*\)/printf(\1/' $(git ls-files -- "*.c")
sed -i 's/print_usage_help_options\(.*\);/printf(USAGE_HELP_OPTIONS\1);/' $(git ls-files -- "*.c")
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
Now we are always using the same text also for commands
which had still hardcoded descriptions or where we can't
use the standard print_usage_help_options macro.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
* global variables are always initialized by NULL
* it seems we need it as global variable due to libreadline, then use it as
global everywhere in the same .c file.
Signed-off-by: Karel Zak <kzak@redhat.com>
Let's use two functions is_known_shell() and print_shells() to make
the code more readable and to avoid complex semantic of the original
get_shell_list().
Signed-off-by: Karel Zak <kzak@redhat.com>
The readline offers editing capabilities while the user is entering the
line, unlike fgets(3) and getline(3) that were used earlier.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
text-utils/tailf.c:69:21: warning: Using plain integer as NULL pointer
Since many 'struct option' has used zero as NULL make them more readable in
same go by reindenting, and using named argument requirements.
Reference: https://lwn.net/Articles/93577/
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
* selinux/av_permissions.h and magic constants are deprecated, the
recommended solution is to use string_to_security_class() and
string_to_av_perm() to get access vector
* it also seems that selinux_check_passwd_access() does exactly the
same as our checkAccess(), let's use it.
Signed-off-by: Karel Zak <kzak@redhat.com>
The utils when compiled WITHOUT libuser then mkostemp()ing
"/etc/%s.XXXXXX" where the filename prefix is argv[0] basename.
An attacker could repeatedly execute the util with modified argv[0]
and after many many attempts mkostemp() may generate suffix which
makes sense. The result maybe temporary file with name like rc.status
ld.so.preload or krb5.keytab, etc.
Note that distros usually use libuser based ch{sh,fn} or stuff from
shadow-utils.
It's probably very minor security bug.
Addresses: CVE-2015-5224
Signed-off-by: Karel Zak <kzak@redhat.com>
This adds a concise description of a tool to its usage text.
A first form of this patch was proposed by Steven Honeyman
(see http://www.spinics.net/lists/util-linux-ng/msg09994.html).
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
Shell null check is redundant. The shell can be null only after
ask_new_shell returned such, and that is checked earlier in program
logic.
Secondly the check_shell does not need to return values, in such cases
the program can simply exit.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Rename prompt() to ask_new_shell(). Remove fixed size buffer and
allocate path to new shell, that should make Hurd people happy. Use
strutils.h for white space trimming.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Earlier setting a /bin/sh was impossible for users that had nothing set
as shell, as that was seen as no change.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Use of fgets() can make a single long line to be understood as two
entries, and someone could play tricks with the remainder part of the
buffer.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Fixing plain typos, miswordings, inconsistent periods, some missing
angular brackets, and a proper pluralization (even when it involves
a constant, because for some languages the precise value matters).
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
* rename --disable-require-password to --disable-chsh-chfn-password
* is_local() is really unnecessary when linked with libuser
* fix set_value_libuser() returns codes
* fix chfn.c, there is no 'pw', but oldf.pw
* don't link with PAM when--disable-chsh-chfn-password
Signed-off-by: Karel Zak <kzak@redhat.com>
This is based directly on lchsh which is a part of libuser. libuser.{c,h}
exist because exactly the same code is needed for both chsh and chfn.
[kzak@redhat.com: cleanup err() usage]
Signed-off-by: Cody Maloney <cmaloney@theoreticalchaos.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
This makes it easier to add support for libuser, which needs the same PAM
authentication. Also removes duplicate code between chsh and chfn.
Signed-off-by: Cody Maloney <cmaloney@theoreticalchaos.com>
Karel Zak
Damien Goutte-Gattat
Quentin Rameau
Sami Kerola
Ruediger Meier
Andreas Henriksson
Benno Schulenberg
Cody Maloney