[Pkg-shadow-commits] r2340 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Wed Sep 3 21:02:33 UTC 2008
Author: nekral-guest
Date: 2008-09-03 21:02:32 +0000 (Wed, 03 Sep 2008)
New Revision: 2340
Modified:
upstream/trunk/ChangeLog
upstream/trunk/NEWS
upstream/trunk/src/groupadd.c
upstream/trunk/src/groupdel.c
upstream/trunk/src/useradd.c
upstream/trunk/src/userdel.c
Log:
* src/useradd.c: Log errors to syslog in grp_update() since
changes have started to be reported to syslog.
* src/userdel.c: Fix some result parameters sent to
audit_logger().
* NEWS: Following changes from a patch contributed by Steve Grubb
<sgrubb at redhat.com>
* src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
of AUDIT_USER_CHAUTHTOK.
* src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead
of AUDIT_USER_CHAUTHTOK.
* src/useradd.c: Log to audit with type AUDIT_ADD_USER /
AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
AUDIT_USER_CHAUTHTOK.
* src/useradd.c: Add missing logs to audit.
* src/userdel.c: Log to audit with type AUDIT_DEL_USER /
AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
* src/userdel.c: Add missing logs to audit.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2008-09-02 18:49:56 UTC (rev 2339)
+++ upstream/trunk/ChangeLog 2008-09-03 21:02:32 UTC (rev 2340)
@@ -1,3 +1,26 @@
+2008-09-03 Nicolas François <nicolas.francois at centraliens.net>
+
+ * src/useradd.c: Log errors to syslog in grp_update() since
+ changes have started to be reported to syslog.
+ * src/userdel.c: Fix some result parameters sent to
+ audit_logger().
+
+2008-09-02 Nicolas François <nicolas.francois at centraliens.net>
+
+ * NEWS: Following changes from a patch contributed by Steve Grubb
+ <sgrubb at redhat.com>
+ * src/groupadd.c: Log to audit with type AUDIT_ADD_GROUP instead
+ of AUDIT_USER_CHAUTHTOK.
+ * src/groupdel.c: Log to audit with type AUDIT_DEL_GROUP instead
+ of AUDIT_USER_CHAUTHTOK.
+ * src/useradd.c: Log to audit with type AUDIT_ADD_USER /
+ AUDIT_ADD_GROUP / AUDIT_USYS_CONFIG instead of
+ AUDIT_USER_CHAUTHTOK.
+ * src/useradd.c: Add missing logs to audit.
+ * src/userdel.c: Log to audit with type AUDIT_DEL_USER /
+ AUDIT_DEL_GROUP instead of AUDIT_USER_CHAUTHTOK.
+ * src/userdel.c: Add missing logs to audit.
+
2008-08-31 Nicolas François <nicolas.francois at centraliens.net>
* src/groupmems.c: Remove duplicated gr_open().
Modified: upstream/trunk/NEWS
===================================================================
--- upstream/trunk/NEWS 2008-09-02 18:49:56 UTC (rev 2339)
+++ upstream/trunk/NEWS 2008-09-03 21:02:32 UTC (rev 2340)
@@ -11,6 +11,10 @@
* Added support for long options --add (-a), --delete (-d),
--remove-password (-r), --restrict (-R), --administrators (-A), and
--members (-M).
+- groupadd
+ * audit logging improvements.
+- groupdel
+ * audit logging improvements.
- groupmems
* Check if user exist before they are added to groups.
* Avoid segfault in case the specified group does not exist in /etc/group.
@@ -27,6 +31,10 @@
* For compatibility with other passwd version, the --lock an --unlock
options do not lock or unlock the user account anymore. They only
lock or unlock the user's password.
+- useradd
+ * audit logging improvements.
+- userdel
+ * audit logging improvements.
- usermod
* Allow adding LDAP users (or any user not present in the local passwd
file) to local groups
Modified: upstream/trunk/src/groupadd.c
===================================================================
--- upstream/trunk/src/groupadd.c 2008-09-02 18:49:56 UTC (rev 2339)
+++ upstream/trunk/src/groupadd.c 2008-09-03 21:02:32 UTC (rev 2340)
@@ -215,7 +215,7 @@
}
#endif /* SHADOWGRP */
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"adding group",
group_name, (unsigned int) group_id, 1);
#endif
@@ -262,7 +262,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -281,7 +281,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -304,7 +304,7 @@
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"locking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -315,7 +315,7 @@
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"opening group file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -328,7 +328,7 @@
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"locking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -340,7 +340,7 @@
_("%s: cannot open %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_WARN, "cannot open %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"opening gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -360,7 +360,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -373,7 +373,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -384,7 +384,7 @@
#ifdef WITH_AUDIT
if (code != E_SUCCESS) {
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_GROUP, Prog,
"adding group",
group_name, AUDIT_NO_ID, 0);
}
Modified: upstream/trunk/src/groupdel.c
===================================================================
--- upstream/trunk/src/groupdel.c 2008-09-02 18:49:56 UTC (rev 2339)
+++ upstream/trunk/src/groupdel.c 2008-09-03 21:02:32 UTC (rev 2340)
@@ -99,7 +99,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -112,7 +112,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -122,7 +122,7 @@
#endif
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -168,7 +168,7 @@
static void close_files (void)
{
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, (unsigned int) group_id, 1);
#endif
@@ -183,7 +183,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking group file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -203,7 +203,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"unlocking gshadow file",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -374,7 +374,7 @@
fprintf (stderr, _("%s: group '%s' does not exist\n"),
Prog, group_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, AUDIT_NO_ID, 0);
#endif
@@ -396,7 +396,7 @@
Prog, group_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
group_name, AUDIT_NO_ID, 0);
#endif
Modified: upstream/trunk/src/useradd.c
===================================================================
--- upstream/trunk/src/useradd.c 2008-09-02 18:49:56 UTC (rev 2339)
+++ upstream/trunk/src/useradd.c 2008-09-03 21:02:32 UTC (rev 2340)
@@ -203,7 +203,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking shadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -215,7 +215,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking passwd file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -227,7 +227,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking group file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -240,7 +240,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking gshadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -250,7 +250,7 @@
#endif
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -580,8 +580,8 @@
return -1;
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
- "changing user defaults",
+ audit_logger (AUDIT_USYS_CONFIG, Prog,
+ "changing useradd defaults",
NULL, AUDIT_NO_ID, 1);
#endif
SYSLOG ((LOG_INFO,
@@ -834,6 +834,12 @@
fprintf (stderr,
_("%s: Out of memory. Cannot update %s.\n"),
Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to group",
+ user_name, AUDIT_NO_ID, 0);
+#endif
fail_exit (E_GRP_UPDATE); /* XXX */
}
@@ -846,10 +852,16 @@
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, gr_dbname (), ngrp->gr_name);
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", gr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to group",
+ user_name, AUDIT_NO_ID, 0);
+#endif
fail_exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding user to group",
user_name, AUDIT_NO_ID, 1);
#endif
@@ -889,6 +901,12 @@
fprintf (stderr,
_("%s: Out of memory. Cannot update %s.\n"),
Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to shadow group",
+ user_name, AUDIT_NO_ID, 0);
+#endif
fail_exit (E_GRP_UPDATE); /* XXX */
}
@@ -901,10 +919,16 @@
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, sgr_dbname (), nsgrp->sg_name);
+ SYSLOG ((LOG_ERR, "failed to prepare the new %s entry '%s'", sgr_dbname (), user_name));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_USER, Prog,
+ "adding user to shadow group",
+ user_name, AUDIT_NO_ID, 0);
+#endif
fail_exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding user to shadow group",
user_name, AUDIT_NO_ID, 1);
#endif
@@ -1198,7 +1222,7 @@
_("%s: invalid user name '%s'\n"),
Prog, user_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -1273,7 +1297,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, spw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking shadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -1285,7 +1309,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, pw_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking passwd file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -1296,7 +1320,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking group file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -1309,7 +1333,7 @@
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"unlocking gshadow file",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -1453,6 +1477,11 @@
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, gr_dbname (), grp.gr_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group",
+ grp.gr_name, AUDIT_NO_ID, 0);
+#endif
fail_exit (E_GRP_UPDATE);
}
#ifdef SHADOWGRP
@@ -1463,10 +1492,20 @@
fprintf (stderr,
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, sgr_dbname (), sgrp.sg_name);
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group",
+ grp.gr_name, AUDIT_NO_ID, 0);
+#endif
fail_exit (E_GRP_UPDATE);
}
#endif /* SHADOWGRP */
SYSLOG ((LOG_INFO, "new group: name=%s, GID=%u", user_name, user_gid));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_ADD_GROUP, Prog,
+ "adding group",
+ grp.gr_name, AUDIT_NO_ID, 1);
+#endif
do_grp_update = true;
}
@@ -1577,14 +1616,14 @@
_("%s: failed to prepare the new %s entry '%s'\n"),
Prog, spw_dbname (), spent.sp_namp);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding shadow password",
user_name, (unsigned int) user_id, 0);
#endif
fail_exit (E_PW_UPDATE);
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, (unsigned int) user_id, 1);
#endif
@@ -1614,7 +1653,7 @@
("%s: cannot create directory %s\n"),
Prog, user_home);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding home directory",
user_name, (unsigned int) user_id, 0);
#endif
@@ -1625,7 +1664,7 @@
0777 & ~getdef_num ("UMASK", GETDEF_DEFAULT_UMASK));
home_added = true;
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding home directory",
user_name, (unsigned int) user_id, 1);
#endif
@@ -1772,7 +1811,7 @@
if (getpwnam (user_name) != NULL) { /* local, no need for xgetpwnam */
fprintf (stderr, _("%s: user '%s' already exists\n"), Prog, user_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -1792,7 +1831,7 @@
_("%s: group %s exists - if you want to add this user to that group, use -g.\n"),
Prog, user_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding group",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -1826,7 +1865,7 @@
_("%s: UID %lu is not unique\n"),
Prog, (unsigned long) user_id);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_ADD_USER, Prog,
"adding user",
user_name, (unsigned int) user_id, 0);
#endif
Modified: upstream/trunk/src/userdel.c
===================================================================
--- upstream/trunk/src/userdel.c 2008-09-02 18:49:56 UTC (rev 2339)
+++ upstream/trunk/src/userdel.c 2008-09-03 21:02:32 UTC (rev 2340)
@@ -177,9 +177,9 @@
* Update the DBM group file with the new entry as well.
*/
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting user from group",
- user_name, (unsigned int) user_id, 0);
+ user_name, (unsigned int) user_id, 1);
#endif
SYSLOG ((LOG_INFO, "delete '%s' from group '%s'\n",
user_name, ngrp->gr_name));
@@ -233,9 +233,9 @@
#endif
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_GROUP, Prog,
"deleting group",
- user_name, (unsigned int) user_id, 0);
+ grp->gr_name, AUDIT_NO_ID, 1);
#endif
SYSLOG ((LOG_INFO,
"removed group '%s' owned by '%s'\n",
@@ -291,9 +291,9 @@
exit (E_GRP_UPDATE);
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting user from shadow group",
- user_name, (unsigned int) user_id, 0);
+ user_name, (unsigned int) user_id, 1);
#endif
SYSLOG ((LOG_INFO, "delete '%s' from shadow group '%s'\n",
user_name, nsgrp->sg_name));
@@ -414,7 +414,7 @@
#endif
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting user",
user_name, (unsigned int) user_id, 0);
#endif
@@ -435,7 +435,7 @@
_("%s: cannot lock %s; try again later.\n"),
Prog, pw_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"locking password file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -446,7 +446,7 @@
fprintf (stderr,
_("%s: cannot open %s\n"), Prog, pw_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"opening password file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -458,7 +458,7 @@
_("%s: cannot lock %s; try again later.\n"),
Prog, spw_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"locking shadow password file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -470,7 +470,7 @@
_("%s: cannot open %s\n"),
Prog, spw_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"opening shadow password file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -482,7 +482,7 @@
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"locking group file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -492,7 +492,7 @@
if (gr_open (O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"), Prog, gr_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"opening group file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -505,7 +505,7 @@
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"locking shadow group file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -516,7 +516,7 @@
fprintf (stderr, _("%s: cannot open %s\n"),
Prog, sgr_dbname ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"opening shadow group file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -547,7 +547,7 @@
fail_exit (E_PW_UPDATE);
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting user entries",
user_name, (unsigned int) user_id, 1);
#endif
@@ -589,7 +589,7 @@
_("%s: user %s is currently logged in\n"), Prog, name);
if (!fflg) {
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting user logged in",
name, AUDIT_NO_ID, 0);
#endif
@@ -697,7 +697,7 @@
if (fflg) {
unlink (mailfile); /* always remove, ignore errors */
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
user_name, (unsigned int) user_id, 1);
#endif
@@ -710,7 +710,7 @@
Prog, mailfile, user_name);
SYSLOG ((LOG_ERR, "%s not owned by %s, not removed", mailfile, strerror (errno)));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
user_name, (unsigned int) user_id, 0);
#endif
@@ -721,11 +721,16 @@
if (unlink (mailfile) != 0) {
fprintf (stderr, _("%s: warning: can't remove %s: %s"), Prog, mailfile, strerror (errno));
SYSLOG ((LOG_ERR, "Cannot remove %s: %s", mailfile, strerror (errno)));
+#ifdef WITH_AUDIT
+ audit_logger (AUDIT_DEL_USER, Prog,
+ "deleting mail file",
+ user_name, (unsigned int) user_id, 0);
+#endif
/* continue */
}
#ifdef WITH_AUDIT
else {
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting mail file",
user_name, (unsigned int) user_id, 1);
}
@@ -835,7 +840,7 @@
fprintf (stderr, _("%s: user '%s' does not exist\n"),
Prog, user_name);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting user not found",
user_name, AUDIT_NO_ID, 0);
#endif
@@ -924,14 +929,14 @@
_("%s: error removing directory %s\n"),
Prog, user_home);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting home directory",
- user_name, (unsigned int) user_id, 1);
+ user_name, (unsigned int) user_id, 0);
#endif
errors++;
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting home directory",
user_name, (unsigned int) user_id, 1);
#endif
@@ -951,9 +956,8 @@
(void) pam_end (pamh, PAM_SUCCESS);
#endif /* USE_PAM */
#ifdef WITH_AUDIT
-/* FIXME: Is it really "deleting home directory"? */
if (0 != errors) {
- audit_logger (AUDIT_USER_CHAUTHTOK, Prog,
+ audit_logger (AUDIT_DEL_USER, Prog,
"deleting home directory",
user_name, AUDIT_NO_ID, 0);
}
More information about the Pkg-shadow-commits
mailing list