[Pkg-shadow-commits] r298 - trunk/debian/patches
Nicolas FRANCOIS
pkg-shadow-devel@lists.alioth.debian.org
Thu, 23 Jun 2005 22:48:20 +0000
Author: nekral-guest
Date: 2005-06-23 22:48:20 +0000 (Thu, 23 Jun 2005)
New Revision: 298
Added:
trunk/debian/patches/426_grpck_group-gshadow_members_consistency
Modified:
trunk/debian/patches/series
Log:
Warn when the members of a group differ in /etc/groups and /etc/gshadow.
Added: trunk/debian/patches/426_grpck_group-gshadow_members_consistency
===================================================================
--- trunk/debian/patches/426_grpck_group-gshadow_members_consistency 2005-06-23 21:07:44 UTC (rev 297)
+++ trunk/debian/patches/426_grpck_group-gshadow_members_consistency 2005-06-23 22:48:20 UTC (rev 298)
@@ -0,0 +1,81 @@
+Goal: Warn when the members of a group differ in /etc/groups and /etc/gshadow.
+Fixes: #75181
+
+Status wrt upstream: It should be forwarded to upstream.
+
+Index: shadow-4.0.3/src/grpck.c
+===================================================================
+--- shadow-4.0.3.orig/src/grpck.c 2005-06-24 00:02:49.490159000 +0200
++++ shadow-4.0.3/src/grpck.c 2005-06-24 00:33:48.520159000 +0200
+@@ -437,6 +437,40 @@
+ gre->changed = 1;
+ __gr_set_changed ();
+ }
++
++#ifdef SHADOWGRP
++ /*
++ * Make sure this entry exists in the /etc/gshadow file.
++ */
++
++ if (is_shadow)
++ {
++ sgr = (struct sgrp *)sgr_locate (grp->gr_name);
++ if (sgr == NULL) {
++ printf (_("no matching group file entry in %s\n"), grp_file);
++ printf (_("delete line `%s'? "), gre->line);
++ errors++;
++ if (yes_or_no ())
++ goto delete_gr;
++ } else {
++ char **pgrp_mem,**psgr_mem;
++ for (pgrp_mem=grp->gr_mem; *pgrp_mem; pgrp_mem++)
++ {
++ for (psgr_mem=sgr->sg_mem; *psgr_mem; psgr_mem++)
++ {
++ if (strcmp(*pgrp_mem, *psgr_mem) == 0)
++ break;
++ }
++ if (*psgr_mem == NULL)
++ {
++ printf ("'%s' is a member of the '%s' group in %s but not in %s\n",
++ *pgrp_mem, sgr->sg_name, grp_file, sgr_file);
++ }
++ }
++ }
++ }
++#endif
++
+ }
+
+ #ifdef SHADOWGRP
+@@ -541,12 +575,28 @@
+ * Make sure this entry exists in the /etc/group file.
+ */
+
+- if (!gr_locate (sgr->sg_name)) {
+- puts (_("no matching group file entry\n"));
++ grp = (struct group *)gr_locate (sgr->sg_name);
++ if (grp == NULL) {
++ printf (_("no matching group file entry in %s\n"), sgr_file);
+ printf (_("delete line `%s'? "), sge->line);
+ errors++;
+ if (yes_or_no ())
+ goto delete_sg;
++ } else {
++ char **pgrp_mem,**psgr_mem;
++ for (psgr_mem=sgr->sg_mem; *psgr_mem; psgr_mem++)
++ {
++ for (pgrp_mem=grp->gr_mem; *pgrp_mem; pgrp_mem++)
++ {
++ if (strcmp(*pgrp_mem, *psgr_mem) == 0)
++ break;
++ }
++ if (*pgrp_mem == NULL)
++ {
++ printf ("'%s' is a member of the '%s' group in %s but not in %s\n",
++ *psgr_mem, sgr->sg_name, sgr_file, grp_file);
++ }
++ }
+ }
+
+ /*
Modified: trunk/debian/patches/series
===================================================================
--- trunk/debian/patches/series 2005-06-23 21:07:44 UTC (rev 297)
+++ trunk/debian/patches/series 2005-06-23 22:48:20 UTC (rev 298)
@@ -125,3 +125,4 @@
423_su_pass_args_without_concatenation
424_pwck.8_quiet_option
425_lastlog_8_sparse
+#426_grpck_group-gshadow_members_consistency