file.
Modify the logic in the previous but one commit - /sbin/nologin should
be considered a valid user shell, since otherwise, with the addition
of the checks for a valid user shell, useradd with a shell of
/sbin/nologin will fail.
Modify some of the code here to conform to the standards in the rest
of this file.
- Fix error messages, some are completely incorrect
- Asystem prints the error message so don't bother saving errno
- Don't continue if a lock can't be obtained on /etc/group
- Just pass struct passwd * to removehomedir, not its members
Some copyright maintenance:
- Add Liam Foy.
- Move Todd's copyright higher up.
XXX: We should remove clause 3 and merge the two copyright groups.
- Correct lenght for the username
- First character in the login name cannot be '-' (OpenBSD)
- Remove some #ifdef EXTENSIONS. find_group_info is always needed
- When printing change, if it's -1, place a correct string.
*tp > LONG_MAX is never true, so replace that check with a test
for strtol() setting errno == ERANGE (oddly, some ports' build
swallowed this without warning).
There's no guarantee that a time_t stores the same number of bits
as a long, so check for an overflow there as well, and pass any
error up.
Discussed with christos, martin and mrg.
- Add new -C option to 'usermod'. This allows a quick way to temporary
lock a users account. This is similar to how FreeBSD do it using
'adduser'. This function can be very handy to administrators!
- Import a function to check if the inputted class actually exists. It
contains my modifications to test whether /etc/login.conf exists
in the first place. -OpenBSD
While I am there:
- KNF (long wrapped lines, and spaces after void casts).
- Factor out some common code.
- Fix error messages.
1. Consistently capitalize them.
2. Fix err->errx and warn->warnx inappropriate uses.
3. Use regerror where appropriate.
4. Don't call warn()/err() to report errors after you trashed errno
by calling other syscalls. Save and restore the errno instead,
or in the warn() case, call warn() first.
- Fix size_t - int, uid_t - int confusion.
- Pass lint
- system(), rmdir() sets errno, use it
- Use warnx() if strchr failed, not warn()
- Constify some arguments
- Fix cases when errx()/warnx() should be used instead of err()/warn()
due to errno not being set.
Group code:
------------
- List members in a neat fashion, separated by commas
- groupmod(): Use find_group_info - consistency
new groups should be created. This is similar to useradd's -r flag.
Closes my own PR bin/22791. Patch by URA Hiroshi with some minor changes
by me.
No objections in tech-userlevel@ for multiple days.
Revert fgetln/asprintf changes from rev 1.26 - fgetln(3) does not return
a NUL-terminated string, so using strchr(3) is inappropriate. As the entry
from the password file is a known size, there's no need to use fgetln(3),
just use fgets(3) for consistency. This also means that an inappropriate
cast to int from asprintf(3) is unneeded, which was apparently causing
problems on OpenBSD's sparc64 port - just be consistent and use snprintf(3).
1. Use REG_NEWLINE, rather than matching "\n".
2. Fix a bug where rm_user_from_groups would mangle group entries in
/etc/group when the user to be removed is the only member of the group,
by using substring matches.
char as a parameter. On platforms with char signed by default, those are wrong.
Thanks to Christian Biere christianbiere@gmx.de for the patch he supplied.
I tested the patch and agc approved it for commit.
"*************" rather than a single asterisk - it's just as difficult
to hash to the longer password since the asterisk character itself is
not in its alphabet, and pwd_mkdb now thinks it's a valid DES password.
can be a variable length field, so check the (fixed length) password
length, rather then the length of the whole password+salt+cipher.
Use a cipher type of "$2a" for blowfish.
password types, and their associated lengths, and check in useradd or
usermod whether the given encrypted password has the correct length.
This removes the (duplicated) hardcoded lengths which had crept in
with the last commit, and also checks the length of the given password
against the expected length.
and modification of user and group information.
Syslog priority is LOG_INFO, facility is LOG_USER (there is no need to
do this via LOG_AUTH, since the password and group files are world
readable).
Suggested by Hubert Feyrer, after a similar facility in Linux.
the user is not found through NIS.
Completes fix of PR 17849, from Grant Beattie (grant@netbsd.org).
Also, don't cast return type of pw_abort(3) to void, as it already is void.
jmmv