"*************" rather than a single asterisk - it's just as difficult
to hash to the longer password since the asterisk character itself is
not in its alphabet, and pwd_mkdb now thinks it's a valid DES password.
can be a variable length field, so check the (fixed length) password
length, rather then the length of the whole password+salt+cipher.
Use a cipher type of "$2a" for blowfish.
password types, and their associated lengths, and check in useradd or
usermod whether the given encrypted password has the correct length.
This removes the (duplicated) hardcoded lengths which had crept in
with the last commit, and also checks the length of the given password
against the expected length.
and modification of user and group information.
Syslog priority is LOG_INFO, facility is LOG_USER (there is no need to
do this via LOG_AUTH, since the password and group files are world
readable).
Suggested by Hubert Feyrer, after a similar facility in Linux.
the user is not found through NIS.
Completes fix of PR 17849, from Grant Beattie (grant@netbsd.org).
Also, don't cast return type of pw_abort(3) to void, as it already is void.
preserving information.
Remove BUGS section from userdel(8) accordingly.
Make this utility compile with WARNS=3 - add const-poisoning and
shadow variable name resolution.
based on some code from Todd C. Miller, which in turn was based on a
patch from Brian Poole <raj@cerias.purdue.edu>.
Look first in any uid ranges specified on the command line, in the order
they were given on the command line, and then in any ranges specified in
the defaults file.
With thanks to Brian for nudging me a number of times to fix this.
UID ranges. Previous behaviour is demonstrated below...
# useradd -D
group users
base_dir /home
skel_dir /etc/skel
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10200..10300
# useradd -D -r 10200..10300 -r 10400..10500
# useradd -D
group users
base_dir /home
skel_dir /etc/skel
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10400..10500
The second command should have put 2 ranges back into the config file,
but it really only put one because the first range on the command line
was marked as a duplicate (but when it got to writing the config file,
it only wrote command line ranges, so the 10200 got skipped). Fix
this by initializing defrc to 0 and then only looking after defrc for
duplicate ranges.
+ if the cd built-in fails, don't try to copy the directory hierarchy
with pax - s/;/&&/ in a shell command
+ clean up after ourselves if a rename fails - remove the newly-created
group file.
+ remove some unused code in a comment.
+ add F_SHELL flag in userdel
+ use a separate local declaration for a temporary variable, rather
than overloading a variable that's used for something else.
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).
Improved by comments from enami and christos -- thanks!
Heimdal/krb4/KAME changes already fed back, rest to follow.
Inspired by, but not not based on, OpenBSD.
instead of err()), as all error cases in creategid() are already commented
properly from inside creategid().
This prevents funny errors like:
miyu# groupadd test2
miyu# groupadd test2
groupadd: group `test2' already exists
groupadd: can't add group: problems with /etc/group file: Inappropriate ioctl for device
directory already exists. Previously new skel files from /etc/skel were
copied and permissions/ownerships changed even if the directory already
existed.
Before removing the home directory of a user check that
+ the user does not have uid 0
+ the user is the owner of the directory.
and remove the files using the effective user-id of the user. Show
a warning if the directory is not removed.
Use asprintf and fgetln for some string work to remove arbitary string
length limitations.
Fixes for PRs bin/11100 and bin/11103.
+ Use _PATH_GROUP and _PATH_MASTERPASSWD (from OpenBSD)
+ Use -G group1,group2,group3 for multiple groups in useradd and usermod
(pointed out by Matt Green, and also changed in OpenBSD, but done more
efficiently here)
+ is_number should not be inside #ifdef EXTENSIONS (from OpenBSD)
+ clear up yet another usage message (for user(8) and group(8)) - noticed
in passing, unknown if fixed anywhere else
agc