[Pkg-shadow-commits] r2235 - in upstream/trunk: . src

[nekral-guest at alioth.debian.org]

Author: nekral-guest
Date: 2008-08-06 15:52:42 +0000 (Wed, 06 Aug 2008)
New Revision: 2235

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/src/gpasswd.c
Log:
	* src/gpasswd.c: Warn and log to syslog and audit when group or
	gshadow cannot be unlocked, but do not fail.

Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2008-08-06 15:52:21 UTC (rev 2234)
+++ upstream/trunk/ChangeLog	2008-08-06 15:52:42 UTC (rev 2235)
@@ -1,6 +1,8 @@
 2008-08-01  Nicolas François  <nicolas.francois at centraliens.net>
 
 	* src/gpasswd.c: Harmonize error & syslog messages.
+	* src/gpasswd.c: Warn and log to syslog and audit when group or
+	gshadow cannot be unlocked, but do not fail.
 
 2008-08-01  Nicolas François  <nicolas.francois at centraliens.net>
 

Modified: upstream/trunk/src/gpasswd.c
===================================================================
--- upstream/trunk/src/gpasswd.c	2008-08-06 15:52:21 UTC (rev 2234)
+++ upstream/trunk/src/gpasswd.c	2008-08-06 15:52:42 UTC (rev 2235)
@@ -161,11 +161,27 @@
 static void fail_exit (int status)
 {
 	if (group_locked) {
-		gr_unlock ();
+		if (gr_unlock () == 0) {
+			fprintf (stderr, _("%s: cannot unlock the group file\n"), Prog);
+			SYSLOG ((LOG_WARN, "cannot unlock the group file"));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "unlocking group file",
+			              group, AUDIT_NO_ID, 0);
+#endif
+		}
 	}
 #ifdef SHADOWGRP
 	if (gshadow_locked) {
-		sgr_unlock ();
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: cannot unlock the shadow group file\n"), Prog);
+			SYSLOG ((LOG_WARN, "cannot unlock the shadow group file"));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "unlocking gshadow file",
+			              group, AUDIT_NO_ID, 0);
+#endif
+		}
 	}
 #endif
 
@@ -433,19 +449,26 @@
 		fail_exit (1);
 	}
 	if (is_shadowgrp) {
-		/* TODO: same logging as in open_files & for /etc/group */
-		sgr_unlock ();
+		if (sgr_unlock () == 0) {
+			fprintf (stderr, _("%s: cannot unlock the shadow group file\n"), Prog);
+			SYSLOG ((LOG_WARN, "cannot unlock the shadow group file"));
+#ifdef WITH_AUDIT
+			audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+			              "unlocking gshadow file",
+			              group, AUDIT_NO_ID, 0);
+#endif
+		}
 		gshadow_locked = false;
 	}
 #endif
 	if (gr_unlock () == 0) {
 		fprintf (stderr, _("%s: cannot unlock the group file\n"), Prog);
+		SYSLOG ((LOG_WARN, "cannot unlock the group file"));
 #ifdef WITH_AUDIT
 		audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
 		              "unlocking group file",
 		              group, AUDIT_NO_ID, 0);
 #endif
-		exit (1);
 	}
 	group_locked = false;
 }