[Pkg-shadow-commits] r2256 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Sat Aug 9 23:25:19 UTC 2008
Author: nekral-guest
Date: 2008-08-09 23:25:18 +0000 (Sat, 09 Aug 2008)
New Revision: 2256
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/chpasswd.c
Log:
* src/chpasswd.c: Added fail_exit().
* src/chpasswd.c: Added support for syslog.
* src/chpasswd.c: Report failure to unlock files to stderr and
syslog.
* src/chpasswd.c: Simplify the PAM error handling.
* src/chpasswd.c: Report failure during *_close() to syslog.
* src/chpasswd.c: Ignore the return value or pam_end().
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2008-08-09 23:24:15 UTC (rev 2255)
+++ upstream/trunk/ChangeLog 2008-08-09 23:25:18 UTC (rev 2256)
@@ -1,5 +1,15 @@
2008-08-07 Nicolas François <nicolas.francois at centraliens.net>
+ * src/chpasswd.c: Added fail_exit().
+ * src/chpasswd.c: Added support for syslog.
+ * src/chpasswd.c: Report failure to unlock files to stderr and
+ syslog.
+ * src/chpasswd.c: Simplify the PAM error handling.
+ * src/chpasswd.c: Report failure during *_close() to syslog.
+ * src/chpasswd.c: Ignore the return value or pam_end().
+
+2008-08-07 Nicolas François <nicolas.francois at centraliens.net>
+
* src/chgpasswd.c: Added fail_exit().
* src/chgpasswd.c: Added support for syslog.
* src/chgpasswd.c: Report failure to unlock files to stderr and
Modified: upstream/trunk/src/chpasswd.c
===================================================================
--- upstream/trunk/src/chpasswd.c 2008-08-09 23:24:15 UTC (rev 2255)
+++ upstream/trunk/src/chpasswd.c 2008-08-09 23:25:18 UTC (rev 2256)
@@ -52,21 +52,24 @@
* Global variables
*/
static char *Prog;
-static bool cflg = false;
-static bool eflg = false;
+static bool cflg = false;
+static bool eflg = false;
static bool md5flg = false;
-static bool sflg = false;
+static bool sflg = false;
static const char *crypt_method = NULL;
static long sha_rounds = 5000;
static bool is_shadow_pwd;
+static bool passwd_locked = false;
+static bool shadow_locked = false;
#ifdef USE_PAM
static pam_handle_t *pamh = NULL;
#endif
/* local function prototypes */
+static void fail_exit (int code);
static void usage (void);
static void process_flags (int argc, char **argv);
static void check_flags (void);
@@ -75,6 +78,30 @@
static void close_files (void);
/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+ if (passwd_locked) {
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ }
+
+ if (shadow_locked) {
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ }
+
+ exit (code);
+}
+
+/*
* usage - display usage message and exit
*/
static void usage (void)
@@ -219,32 +246,27 @@
{
#ifdef USE_PAM
int retval = PAM_SUCCESS;
+ struct passwd *pampw;
- struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
- if (pampw == NULL) {
+ if (NULL == pampw) {
retval = PAM_USER_UNKNOWN;
}
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
}
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
- if (retval != PAM_SUCCESS) {
- pam_end (pamh, retval);
- }
}
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_acct_mgmt (pamh, 0);
- if (retval != PAM_SUCCESS) {
- pam_end (pamh, retval);
- }
}
- if (retval != PAM_SUCCESS) {
+ if (PAM_SUCCESS != retval) {
+ (void) pam_end (pamh, retval);
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (1);
}
@@ -263,13 +285,13 @@
if (pw_lock () == 0) {
fprintf (stderr,
_("%s: cannot lock %s\n"), Prog, pw_dbname ());
- exit (1);
+ fail_exit (1);
}
+ passwd_locked = true;
if (pw_open (O_RDWR) == 0) {
fprintf (stderr,
_("%s: cannot open %s\n"), Prog, pw_dbname ());
- pw_unlock ();
- exit (1);
+ fail_exit (1);
}
/* Do the same for the shadowed database, if it exist */
@@ -278,16 +300,14 @@
fprintf (stderr,
_("%s: cannot lock %s\n"),
Prog, spw_dbname ());
- pw_unlock ();
- exit (1);
+ fail_exit (1);
}
+ shadow_locked = true;
if (spw_open (O_RDWR) == 0) {
fprintf (stderr,
_("%s: cannot open %s\n"),
Prog, spw_dbname ());
- pw_unlock ();
- spw_unlock ();
- exit (1);
+ fail_exit (1);
}
}
}
@@ -302,19 +322,30 @@
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, spw_dbname ());
- pw_unlock ();
- exit (1);
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", spw_dbname ()));
+ fail_exit (1);
}
- spw_unlock ();
+ if (spw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
+ /* continue */
+ }
+ shadow_locked = false;
}
if (pw_close () == 0) {
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, pw_dbname ());
- exit (1);
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", pw_dbname ()));
+ fail_exit (1);
}
- pw_unlock ();
+ if (pw_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
+ /* continue */
+ }
+ passwd_locked = false;
}
int main (int argc, char **argv)
@@ -342,6 +373,8 @@
process_flags (argc, argv);
+ OPENLOG ("chpasswd");
+
check_perms ();
is_shadow_pwd = spw_file_present ();
@@ -469,11 +502,7 @@
if (0 != errors) {
fprintf (stderr,
_("%s: error detected, changes ignored\n"), Prog);
- if (is_shadow_pwd) {
- spw_unlock ();
- }
- pw_unlock ();
- exit (1);
+ fail_exit (1);
}
close_files ();
@@ -481,7 +510,7 @@
nscd_flush_cache ("passwd");
#ifdef USE_PAM
- pam_end (pamh, PAM_SUCCESS);
+ (void) pam_end (pamh, PAM_SUCCESS);
#endif /* USE_PAM */
return (0);
More information about the Pkg-shadow-commits
mailing list