Fix various typos in error messages, warnings, debug strings,
comments and names of static functions.
Signed-off-by: Sebastian Rasmussen <sebras@gmail.com>
This patch does not change any su/runuser behaviour, code changes:
* don't use huge groups[NGROUPS_MAX]; the array has 256k, but we need
it only occasionally when -G/-g specified.
* the current code uses groups[0] for -g and the rest for -G, this patch adds
'gid' to remember -g argument to avoid memmove()
* add function add_supp_group() to simplify su_main()
* add note about -G and -g relation to the man pages (undocumented now)
Signed-off-by: Karel Zak <kzak@redhat.com>
OpenPAM is compatible with util-linux, with a few changes, namely
using OpenPAM's conversation function, openpam_ttyconv.
We check for Linux-PAM by querying for security/pam_misc.h, and OpenPAM
by querying for security/openpam.h.
Signed-off-by: Will Johansson <will.johansson@gmail.com>
An example is, in one terminal "sudo su -; echo $$", and in
another terminal, "kill -9 $PID" (the pid of the su -). It
should not print "(core dumped)", unless the kill signal
specified so, e.g. kill -7 or kill -11.
Signed-off-by: pcpa <paulo.cesar.pereira.de.andrade@gmail.com>
Fixing plain typos, miswordings, inconsistent periods, some missing
angular brackets, and a proper pluralization (even when it involves
a constant, because for some languages the precise value matters).
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
The current code uses kill(0, caught_signal) after regular
signal cleanup and before exit (all just to make shells happy).
Unfortunately, kill(0, ...) is a bad idea. It seems better to use
kill(getpid(), ...) otherwise we kill our parent process too.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1063887
Signed-off-by: Karel Zak <kzak@redhat.com>
The su(1) logging code mix ups "old" and "new" passwd structs. The
result is things like
Sep 9 11:50:45 x2 su: (to kzak) kzak on none
in /var/log/messages. The right log entry is
Sep 9 11:50:45 x2 su: (to root) kzak on pts/3
The bug has been introduced by commit c74a7af17c.
References: https://bugzilla.redhat.com/show_bug.cgi?id=1005194
Signed-off-by: Karel Zak <kzak@redhat.com>
The 'Last login:' messages from PAM lastlogin module is unexpected
for non-login sessions or when -c <command> executed.
For example:
$ su - -c id
Last login: Wed Jul 24 08:36:28 CEST 2013 from dhcp-25-161.brq.redhat.com on pts/18
uid=0(root) gid=0(root) skupiny=0(root)
this makes 'su' useless in scripts.
This patch suppress all PAM_TEXT_INFO messages for -c and for
non-login session ('-' is not specified) after pam_authenticate() and
pam_acct_mgmt().
Note that the new PAM conversation function checks the first message
in the msg[] array only. It seems good enough as PAM internally uses
pam_info() function that does not use multiple messages for one conv
call.
References: https://bugzilla.redhat.com/show_bug.cgi?id=987787
Signed-off-by: Karel Zak <kzak@redhat.com>
# su
su: COMMAND not specified
This error message make sense for "runuser -u <user> <command>" only.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=872787
Signed-off-by: Karel Zak <kzak@redhat.com>
Child processes that ended with segmentation fault previously
indicated this with return status only. The report is now more
verbose if core dump is allowed.
Improved-by: Pádraig Brady <P@draigBrady.com>
Signed-off-by: Ondrej Oprala <ooprala@redhat.com>
Let's support GNU Hurd over-engineering where a process can exist
without UID and getuid() returns -1 and sets errno.
Signed-off-by: Karel Zak <kzak@redhat.com>
This command is based on su(1), the differences:
- based on Fedora runuser su(1) patch
- not installed with suid rights
- allowed for root users only
- don't ask for password
- uses PAM session, for example:
$ cat /etc/pam.d/runuser
auth sufficient pam_rootok.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session required pam_unix.so
$ cat /etc/pam.d/runuser-l
auth include runuser
session optional pam_keyinit.so force revoke
session include runuser
Signed-off-by: Karel Zak <kzak@redhat.com>