*tp > LONG_MAX is never true, so replace that check with a test
for strtol() setting errno == ERANGE (oddly, some ports' build
swallowed this without warning).
There's no guarantee that a time_t stores the same number of bits
as a long, so check for an overflow there as well, and pass any
error up.
Discussed with christos, martin and mrg.
- Add new -C option to 'usermod'. This allows a quick way to temporary
lock a users account. This is similar to how FreeBSD do it using
'adduser'. This function can be very handy to administrators!
- Import a function to check if the inputted class actually exists. It
contains my modifications to test whether /etc/login.conf exists
in the first place. -OpenBSD
- Add new -C option to 'usermod'. This allows a quick way to temporary
lock a users account. This is similar to how FreeBSD do it using
'adduser'. This function can be very handy to administrators!
- Import a function to check if the inputted class actually exists. It
contains my modifications to test whether /etc/login.conf exists
in the first place. -OpenBSD
While I am there:
- KNF (long wrapped lines, and spaces after void casts).
- Factor out some common code.
- Fix error messages.
1. Consistently capitalize them.
2. Fix err->errx and warn->warnx inappropriate uses.
3. Use regerror where appropriate.
4. Don't call warn()/err() to report errors after you trashed errno
by calling other syscalls. Save and restore the errno instead,
or in the warn() case, call warn() first.
- Fix size_t - int, uid_t - int confusion.
- Pass lint
- system(), rmdir() sets errno, use it
- Use warnx() if strchr failed, not warn()
- Constify some arguments
- Fix cases when errx()/warnx() should be used instead of err()/warn()
due to errno not being set.
Group code:
------------
- List members in a neat fashion, separated by commas
- groupmod(): Use find_group_info - consistency
new groups should be created. This is similar to useradd's -r flag.
Closes my own PR bin/22791. Patch by URA Hiroshi with some minor changes
by me.
No objections in tech-userlevel@ for multiple days.
Revert fgetln/asprintf changes from rev 1.26 - fgetln(3) does not return
a NUL-terminated string, so using strchr(3) is inappropriate. As the entry
from the password file is a known size, there's no need to use fgetln(3),
just use fgets(3) for consistency. This also means that an inappropriate
cast to int from asprintf(3) is unneeded, which was apparently causing
problems on OpenBSD's sparc64 port - just be consistent and use snprintf(3).
1. Use REG_NEWLINE, rather than matching "\n".
2. Fix a bug where rm_user_from_groups would mangle group entries in
/etc/group when the user to be removed is the only member of the group,
by using substring matches.
char as a parameter. On platforms with char signed by default, those are wrong.
Thanks to Christian Biere christianbiere@gmx.de for the patch he supplied.
I tested the patch and agc approved it for commit.
"*************" rather than a single asterisk - it's just as difficult
to hash to the longer password since the asterisk character itself is
not in its alphabet, and pwd_mkdb now thinks it's a valid DES password.
can be a variable length field, so check the (fixed length) password
length, rather then the length of the whole password+salt+cipher.
Use a cipher type of "$2a" for blowfish.
password types, and their associated lengths, and check in useradd or
usermod whether the given encrypted password has the correct length.
This removes the (duplicated) hardcoded lengths which had crept in
with the last commit, and also checks the length of the given password
against the expected length.
and modification of user and group information.
Syslog priority is LOG_INFO, facility is LOG_USER (there is no need to
do this via LOG_AUTH, since the password and group files are world
readable).
Suggested by Hubert Feyrer, after a similar facility in Linux.
the user is not found through NIS.
Completes fix of PR 17849, from Grant Beattie (grant@netbsd.org).
Also, don't cast return type of pw_abort(3) to void, as it already is void.
preserving information.
Remove BUGS section from userdel(8) accordingly.
Make this utility compile with WARNS=3 - add const-poisoning and
shadow variable name resolution.
based on some code from Todd C. Miller, which in turn was based on a
patch from Brian Poole <raj@cerias.purdue.edu>.
Look first in any uid ranges specified on the command line, in the order
they were given on the command line, and then in any ranges specified in
the defaults file.
With thanks to Brian for nudging me a number of times to fix this.
UID ranges. Previous behaviour is demonstrated below...
# useradd -D
group users
base_dir /home
skel_dir /etc/skel
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10200..10300
# useradd -D -r 10200..10300 -r 10400..10500
# useradd -D
group users
base_dir /home
skel_dir /etc/skel
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10400..10500
The second command should have put 2 ranges back into the config file,
but it really only put one because the first range on the command line
was marked as a duplicate (but when it got to writing the config file,
it only wrote command line ranges, so the 10200 got skipped). Fix
this by initializing defrc to 0 and then only looking after defrc for
duplicate ranges.
+ if the cd built-in fails, don't try to copy the directory hierarchy
with pax - s/;/&&/ in a shell command
+ clean up after ourselves if a rename fails - remove the newly-created
group file.
+ remove some unused code in a comment.
+ add F_SHELL flag in userdel
+ use a separate local declaration for a temporary variable, rather
than overloading a variable that's used for something else.
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).
Improved by comments from enami and christos -- thanks!
Heimdal/krb4/KAME changes already fed back, rest to follow.
Inspired by, but not not based on, OpenBSD.
instead of err()), as all error cases in creategid() are already commented
properly from inside creategid().
This prevents funny errors like:
miyu# groupadd test2
miyu# groupadd test2
groupadd: group `test2' already exists
groupadd: can't add group: problems with /etc/group file: Inappropriate ioctl for device
directory already exists. Previously new skel files from /etc/skel were
copied and permissions/ownerships changed even if the directory already
existed.
