In several pages, there is a consistent wording problem: "another"
where "other" should be used. This wording problem can be
surprisingly confusing for native speakers, especially those
unaware that in some other languages, "another" and "other" can be
expressed with the same word.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
- use --with-vendordir= (rather than --enable) to be compatible with
another package stuuf
- add USE_VENDORDIR automake condition
- add vendordir to global AM_CPPFLAGS to avoid binary specific cflags
modifications
Signed-off-by: Karel Zak <kzak@redhat.com>
There is value in ensuring that manual page sections use consistently
named sections, as far as possible, and also that sections have a
consistent order within manual pages. This is one of a series of patches
to place manual page sections in a consistent order.
In this patch, we ensure that the NOTES, HISTORY, BUGS, and EXAMPLE
sections are always placed near the end of the page, just above
AUTHORS, COPYRIGHT, SEE ALSO, and AVAILABILITY.
One page is not fixed by this patch: term-utils/agetty.8. This page
is a mess of unusual section names, and probably requires an individual
edit.
Testing that no gross editing mistake (causing accidental loss or addition
of text) was performed as follows:
$ cat $(grep '\.SH' -l $(find . -name '*.[1-9]') |sort) | sort > a
[Apply patch]
$ cat $(grep '\.SH' -l $(find . -name '*.[1-9]') |sort) | sort > b
$ diff a b
$ echo $?
0
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
There is value in ensuring that manual page sections use consistently
named sections, as far as possible, and also that sections have a
consistent order within manual pages. This is one of a series of patches
to place manual page sections in a consistent order.
In this patch, we ensure that the AUTHORS, COPYRIGHT, SEE ALSO, and
AVAILABILITY sections are always placed at the end of the page.
Testing that no gross editing mistake (causing accidental loss or addition
of text) was performed as follows:
$ cat $(grep '\.SH' -l $(find . -name '*.[1-9]') |sort) | sort > a
[Apply patch]
$ cat $(grep '\.SH' -l $(find . -name '*.[1-9]') |sort) | sort > b
$ diff a b
$ echo $?
0
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
The manual pages currently use a multitude of terms--"exit code",
"error code", "return code", "exit code", and so on--when what
is always meant is "exit status" (the POSIX term). This patch fixes
as many of these erroneous terms as I could find.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
There is quite some value (in terms of readability and user
expectations) if consistent names are used for the sections
within manual pages. This patch is one of a series to bring
about this consistency.
But, let's make sure that the section is consistently titled
across pages. Currently we have ENVIRONMENT (many) or ENVIRONMENT
VARIABLES (3). Let's standardize on ENVIRONMENT (which is also
what is suggested in man-pages(7)).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
There is quite some value (in terms of readability and user
expectations) if consistent names are used for the sections
within manual pages. This patch is one of a series to bring
about this consistency.
In the Linux man-pages project, I long ago did away with the
AUTHOR(S) section, but I realize some projects like to keep this.
But, let's make sure that the section is consistently titled
across pages. Currently we have AUTHOR (47) or AUTHORS (41).
Let's standardize on the latter (which is also what is
suggested in man-pages(7)).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Using double quotes in .SH lines containing multiple words is unneeded,
and in any case is not consistently done in the util-linux manual pages,
where double quotes are used in only around half of the cases.
(This usage was long ago elminated in the man-pages project, with
no ill effects reported to date.)
Remove these quotes, so that .SH lines are more uniform, in preparation
for some (more easily) scripted doiscovery of consistency problems in
(and possibly global fixes to) the manual pages.
Other than stripping the double quotes, this patch makes no changes to
the content of the manual pages.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
The current default behavior is to print the first issue file/dir and
all alternative locations are used as a backup solution only. If something
is found than the rest is ignored. The --issue-file allow to overwrite
this default behavior, but currently it supports only one file/dir.
This patch extend --issue-file to support ':' separated list of paths
and *all* the files (if exist and no empty) in the list are printed.
agetty --issue-file=/etc/issue:/etc/issue.d:/run/issue:/run/issue.d:/usr/lib/issue:/usr/lib/issue.d
Addresses: https://github.com/karelzak/util-linux/issues/1041
Signed-off-by: Karel Zak <kzak@redhat.com>
It seems that directories like /etc/motd.d are already used by PAM or
by another stuff. Let's keep it in admin/distro hands and do not
change the current default.
Signed-off-by: Karel Zak <kzak@redhat.com>
The current standard is to use directories to make it easy for
distributions to share resources. This patch also add /etc/motd.d
and /run/motd.d to the default MOTD_FILE=.
Addresses: https://github.com/karelzak/util-linux/issues/10341
Signed-off-by: Karel Zak <kzak@redhat.com>
The wtmp file tends to rotate higher rate than lastlog, so use the later as
fallback in when wtmp tells nothing in LAST-LOGIN column.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Deprecating calls to not-thread safe asctime(), ctime(), and localtime()
calls is pretty close to pointless change. Lets do it to reduce lgtm scan
warnings with justification it's nicer to use static analysis tools when
they have very few positives.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Change a HYPHEN-MINUS (code 0x55, 2D) to a minus (\-), if in front of
1) a name of an option
2) a negative number to be printed.
See man-pages(7) [Debian package "manpages"].
The output from "nroff" is unchanged.
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Add a comma (,) after "e.g." and "i.e.", or use English words
(man-pages(7) [package "manpages"]).
Abbreviation points should be protected (usually with the
non-printing, zero width character '\&') from being interpreted as an
end of sentence, if they are not, and that independent of their current
place on the line.
This is important when typing, as one does not usually know in
advance when the editor jumps to a new line.
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Two-fonts macros are made for two or more arguments.
Remove space at end of lines in the files "term-utils/{script.1,
scriptlive.1, scriptreplay.1}".
Put "\-\-summary" to the correct indent in the file
"term-utils/script.1"
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
When the requested shell matches the restricted shell, there is no reason
to issue a warning, since we will be doing precisely as requested.
Signed-off-by: Jouke Witteveen <j.witteveen@gmail.com>
nologin is typically used in /etc/passwd as a shell replacement. Hence it
is reasonable to ignore well known command-line options silently to avoid
unwanted ugly error messages.
Addresses: https://github.com/karelzak/util-linux/issues/895
Requested-by: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
"su -c" can pass "-c" to nologin. It causes ugly error:
su -c "echo OK" - man
-nologin: invalid option -- 'c'
Try '-nologin --help' for more information.
Accept -c to prevent this error.
Signed-off-by: Josef Cejka <jcejka@suse.com>
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
Now the code is duplicate on many places, but all we usually need is to
remember child status. It seems good enough to have very simple
callback child_die() to inform application about a change.
The patch also add PID to all signal related callbacks.
Signed-off-by: Karel Zak <kzak@redhat.com>
Sorry detail-oriented people tend to wipe these out if they notice them.
Add in automated tools and lots of excess end-of-line spaces get wiped
out.
Addresses: https://github.com/karelzak/util-linux/pull/849
Signed-off-by: Karel Zak <kzak@redhat.com>
With users coming from LDAP, it is often the case that the entry in LDAP
does not contain one or more attributes required by su or, because of
misconfigured access control rights, the attribute might not be readable
by the LDAP client. In that case, su just tells the user that the user
does not exist.
It might be more user-friendly to tell the user to check the user entry
for all required fields.
This fixes following warning about deprecatd __FUNCTION__ that is another
name for __func__ since GCC (pre 2.95, released July 1999).
login-utils/login.c:860:10: warning: ISO C does not support
‘__FUNCTION__’ predefined identifier [-Wpedantic]
Co-Author: Sami Kerola <kerolasa@iki.fi>
Reference: https://c0x.coding-guidelines.com/6.4.2.2.html
Reference: https://github.com/karelzak/util-linux/pull/802
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Karel Zak <kzak@redhat.com>
[login-utils/sulogin.c:398] -> [login-utils/sulogin.c:171]: (style) Local
variable set shadows outer function
[login-utils/sulogin.c:398] -> [login-utils/sulogin.c:830]: (style) Local
variable set shadows outer function
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
util-linux does not contain useradd. Its most popular implementation
comes from shadow. SYS_UID_MIN is one of common parameters. Its
hardcoded fallback value is equal to 101 in shadow useradd (see
shadow-4.6/libmisc/find_new_uid.c: get_ranges()), but 201 in
login-utils/lslogins.c.
Let lslogins use the same fallback as useradd from shadow.
Hopefully most distros define its custom value of SYS_UID_MIN in
/etc/login.defs, so this problem is not visible.
login-utils/lslogins.1 does not mention its default at all. Add a
reference and improve text of lslogins(1) to prevent off-by-one
interpretation.
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
Signed-off-by: Karel Zak <kzak@redhat.com>
We use PAM and if pam_strerror() returns nothing we have no clue why
authentication failed. It's mistake to blame incorrect password if
there are many possible reason...
Addresses: https://github.com/karelzak/util-linux/issues/778
Signed-off-by: Karel Zak <kzak@redhat.com>
* use proper winsize rather than uninitialized variable (Oops...)
* set the current terminal to the raw mode
* disable ECHO for non-terminal execution to be compatible with
non-pty output
Addresses: https://github.com/karelzak/util-linux/issues/767
Signed-off-by: Karel Zak <kzak@redhat.com>
* let's assume that --pty is stable enough that we do not have to remove it ;-)
* add --pty to the runuser.1 man page
Addresses: https://github.com/karelzak/util-linux/issues/760
Signed-off-by: Karel Zak <kzak@redhat.com>
In commit b22332dd4 (last: fix wtmp user name buffer overflow
[asan], 2019-01-13), we started to make sure that the `ut_user`
field of the `utmpx` struct is always NUL-terminated. The
implementation makes use of the `__UT_NAMESIZE` define to
determine the position of the last character in that array. The
problem is that this is a non-standard define that is not
necessarily available on non-glibc platforms.
As there is no standardized define, we should just use `sizeof`.
This fixes compilation on musl libc based systems.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Ensure utmp user name field is null terminated. Without that getpwnam() can
buffer overflow, when wtmp file is malformed.
Addresses: https://github.com/karelzak/util-linux/issues/715
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
This new variable allows to keep lastlog file small and filter out
things like huge nfsnobody UIDs.
The variable is also supported by shadow-utils (adduser, etc.).
Addresses: https://github.com/shadow-maint/shadow/pull/142/
Signed-off-by: Karel Zak <kzak@redhat.com>
ENV_SUPATH and ENV_ROOTPATH are equivalent and ENV_ROOTPATH takes
precedence in both login and su. It makes no sense. More logical would be
precedence of ENV_SUPATH in su and ENV_ROOTPATH in login.
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
su(1) documentation says:
/etc/default/su command specific logindef config file
/etc/login.defs global logindef config file
It indirectly indicates that /etc/default/su should take precedence
over /etc/login.defs.
But the reverse is true. It is not possible to define ENV_PATH in
/etc/login.defs and then make su specific customization in
/etc/default/su. We need to change read order to match the documented
behavior.
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
From
The only binary version of the utmp(5) is standardised.
To
Only the binary version of the utmp(5) is standardised.
Change-Id: I0033f6cf055d569c7dfca5e05e918f735ea72582
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Having this excess NULL check in place causes small performance penalty, and
makes compiler to guess wrong if a null should be checked. To me getting
rid of false positive warning is more useful.
login-utils/lslogins.c:634:7: warning: potential null pointer dereference
[-Wnull-dereference]
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
man utmp:
String fields are terminated by a null byte ('\0') if they are shorter
than the size of the field.
Signed-off-by: Karel Zak <kzak@redhat.com>
man utmp:
String fields are terminated by a null byte ('\0') if they are shorter
than the size of the field.
Signed-off-by: Karel Zak <kzak@redhat.com>
* removes unnecessary variable
* the current code restores signals always when shell has not been
executed -- this is correct as function sushell() modify signal
mask, but in all another cases we do not need touch the mask.
Especially when we ask for the password in endless while() loop...
Signed-off-by: Karel Zak <kzak@redhat.com>
* usable with --login to whitelist specified environment variables
* the list is ignored for the core variables like HOME, SHELL, USER,
LOGNAME and PATH (su --login always resets these variables)
Note that su(1) requires password and after successful authentication
user has full control over the session, so he can set arbitrary
environment variables. The whitelist makes things more user friendly
only.
The patch removes unnecessary optimization when allocate environ[]. It
seems better to keep all in glibc hands and just reset the environment
array only.
Addresses: https://github.com/karelzak/util-linux/issues/221
Signed-off-by: Karel Zak <kzak@redhat.com>
The default behavior for -l and -g is to silently ignore unknown login
names, but this is very confusing when you explicitly specify just one
login name.
Note that the current implementation also prints empty "Last log" for
nonexisting user. It seems ugly.
# lslogins nonexisting
Last logs:
new version:
# lslogins nonexisting
lt-lslogins: cannot found 'nonexisting'
# echo $?
1
The -l and -g behaviour has not been changed.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1614967
Signed-off-by: Karel Zak <kzak@redhat.com>
The supported command line synopsis is also
lslogins foo
and it provides different output than
lslogins -l foo
Signed-off-by: Karel Zak <kzak@redhat.com>
A developmental version of "groff" issued a warning, for example with
"test-groff -b -e -mandoc -T utf8 -rF0 -t -w w -z":
troff: <logger.1>:299: warning: can't find font 't'
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
It seems more robust to use 'const' qualifier for username if this
variable points to external resources like PAM or struct passwd. The
patch introduces new variable cmd_username for username specified on
login(1) command line.
Signed-off-by: Karel Zak <kzak@redhat.com>
[util-linux-2.32.1/login-utils/lslogins.c:601]: (style) Redundant condition: If '!EXPR', the comparison 'EXPR != '$'' is always true.
Reported-by: David Binderman <dcb314@hotmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
Let's follow the standard $id$salt$encrypted password format in
verification code.
The current code is useless and for example PWD-LOCK column is always
FALSE.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1581611
Signed-off-by: Karel Zak <kzak@redhat.com>
Punctuation marks have been left in the only argument of two-fonts
macros, instead of being separated from it to make the second one.
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Use the correct macro (I, B) for the font change of one argument, not
those that are used for alternating two fonts, like "BR", "IR", "RB",
or "RI".
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
login-utils/last.c: In function ‘list’:
login-utils/last.c:398:36: warning: argument to ‘sizeof’ in ‘strncat’ call
is the same expression as the source; did you mean to use the size of the
destination? [-Wsizeof-pointer-memaccess]
strncat(utline, p->ut_line, sizeof(p->ut_line));
The sizeof(utline) is defined as sizeof(p->ut_line) + 1, so the compiler got
that wrong. Lets truncate strncat() otherway around to keep gcc 8.1 happy.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Let's make it possible to use debug.h without environment variables.
Suggested-by: J William Piggott <elseifthen@gmx.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
We have command line option -H to disable hostname in login prompt.
Unfortunately, in same cases (e.g. telnetd) it's impossible to specify
login(1) command line options due to hardcoded execl()...
This patch introduces LOGIN_PLAIN_PROMPT boolean for /etc/login.defs
to suppress hostname in the prompt.
Signed-off-by: Karel Zak <kzak@redhat.com>
It seems better to deallocate logindefs.conf stuff in long time
running (=waiting) processes like login(1) and su(1).
Signed-off-by: Karel Zak <kzak@redhat.com>
* Start the ISO format flags at bit 0 instead of bit 1.
* Remove unnecessary _8601 from ISO format flag names to
avoid line wrapping and to ease readability.
* ISO timestamps have date-time-timzone in common, so move
the TIMEZONE flag to bit 2 causing all timestamp masks
to have the first three bits set and the last four bits
as timestamp 'options'.
* Change the 'SPACE' flag to a 'T' flag, because it makes
the code and comments more concise.
* Add common ISO timestamp masks.
* Implement the ISO timestamp masks in all applicable code
using the strxxx_iso() functions.
Signed-off-by: J William Piggott <elseifthen@gmx.com>
This new function returns the GMT offset relative to its
argument. It is used in this patch to fix two bugs:
1) On platforms that the tm struct excludes tm_gmtoff,
hwclock assumes a one hour DST offset. This can cause
an incorrect kernel timezone setting. For example:
Master branch tested with tm_gmtoff illustrates the correct offset:
$ TZ="Australia/Lord_Howe" hwclock --hctosys --test | grep settimeofday
Calling settimeofday(1507494204.192398, -660)
Master branch tested without tm_gmtoff has an incorrect offset:
$ TZ="Australia/Lord_Howe" hwclock --hctosys --test | grep settimeofday
Calling settimeofday(1507494249.193852, -690)
Patched tested without tm_gmtoff has the correct offset:
$ TZ="Australia/Lord_Howe" hwclock --hctosys --test | grep settimeofday
Calling settimeofday(1507494260.194208, -660)
2) ISO 8601 'extended' format requires all time elements
to use a colon (:).
Current invalid ISO 8601:
$ hwclock
2017-10-08 16:25:17.895462-0400
Patched:
$ hwclock
2017-10-08 16:25:34.141895-04:00
Also required by this change:
login-utils/last.c: increase ISO out_len and in_len by one to
accommodate the addition of the timezone colon.
Signed-off-by: J William Piggott <elseifthen@gmx.com>
The functions warnx(3) and gettext(3) are not safe to use within signal
handlers and should be avoided. Preparing the message beforehand and
calling write(2) as well as calling _exit(2) solves the problem.
[kzak@redhat.com: - use program_invocation_short_name rather than argv[0],
- use ignore_result() to keep compiler happy]
Signed-off-by: Karel Zak <kzak@redhat.com>
We want to use waitpid() only when child is terminated or stopped to
pick up child status, otherwise PTY proxy has to be active. This is
difference between "su" and "su --pty". For "su" we keep parent all
time in waitpid().
It would be possible to use separate code based on signalfd_siginfo,
but it seems better to keep all this stuff on one place -- it means
wait_for_child().
Signed-off-by: Karel Zak <kzak@redhat.com>
Not sure why I have problem with this years ago for script(1), but it
seems .fd=-1 is really enough to the ignore the FD.
Reported-by: Vaclav Dolezal <vdolezal@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
The signal mask is used by pty_init_slave(), but it has never been
uninitialized before fork(), so child gets 0 as a mask :-(
Note that script(1) has no this issue because it opens signal-fd
before fork().
Reported-by: Vaclav Dolezal <vdolezal@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
Add conditional -lutil to runuser when needed to avoid linking error.
login-utils/su-common.o: In function `pty_create':
login-utils/su-common.c:269: undefined reference to `openpty'
login-utils/su-common.c:273: undefined reference to `openpty'
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
This patch a little bit reorders signals initialization. The original
code unblocks SIGINT SIGQUIT before signal handler is set for the
signals. It means there is a small possible race.
It seems better to compose wanted mask, setup handlers and then
unblock all the wanted signals.
Signed-off-by: Karel Zak <kzak@redhat.com>
The patch from master branch, somehow lost during su refactoring
rebase.
Reported-by: Tobias Stöckmann <tobias@stoeckmann.org>
Signed-off-by: Karel Zak <kzak@redhat.com>