| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
login-utils/su-common.c:619:14: warning: duplicate 'const' declaration
specifier [-Wduplicate-decl-specifier]
const char const **args = xcalloc (n_args, sizeof *args);
Regression-from: 71f207a5f598623a539ba825b97a503072c4a1b4
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
The readline offers editing capabilities while the user is entering the
line, unlike fgets(3) and getline(3) that were used earlier.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Hopefully these changes are unreachable code, but better safe than sorry
when dealing with setuid root code that is installed everywhere. Quite
obviously the introduced abort() calls protect from impossible inputs.
Secondly set all possible data to be read-only in attempt to make it more
difficult to alter anything at all.
Reference: https://www.securecoding.cert.org/confluence/display/c/DCL00-C.+Const-qualify+immutable+objects
Reviewed-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
|
| |
Use xstrcpy() to explicitly terminate the domain string.
Reported-by: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
If the file /etc/hushlogins exists and a line starts with '\0', the
login tools are prone to an off-by-one read.
I see no reliability issue with this, as it would clearly need a
hostile action from a system administrator. But for the sake of
correctness, I've sent this patch nonetheless.
|
| |
|
|
|
|
|
| |
text-utils/rev.c:68:9: warning: symbol 'buf' was not declared. Should it be
static?
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
|
|
|
|
| |
text-utils/tailf.c:69:21: warning: Using plain integer as NULL pointer
Since many 'struct option' has used zero as NULL make them more readable in
same go by reindenting, and using named argument requirements.
Reference: https://lwn.net/Articles/93577/
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Local timegm() is a replacement function in cases it is missing from libc
implementation. Hopefully the replacement is never, or very rarely, used.
CC: Ruediger Meier <ruediger.meier@ga-group.nl>
Reviewed-by: J William Piggott <elseifthen@gmx.com>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
| |
Reported-by: Tobias Stöckmann <tobias@stoeckmann.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |\
| |
| |
| |
| |
| |
| | |
* 'shadow-man' of https://github.com/andhe/util-linux:
chsh: use -h as shorthand for --help instead of -u
man: chsh(1): add login.defs to SEE ALSO
man: chfn(1): add chsh and login.defs to SEE ALSO
|
| | |
| |
| |
| |
| |
| | |
The -u is still supported (but no longer documented).
(This matches the switches used by shadow chsh.)
|
| | |
| |
| |
| | |
(The shadow equivalent manpage lists it.)
|
| | |
| |
| |
| |
| | |
(The shadow version of the same manpage mentions these utils,
but does not mention finger.)
|
| |/
|
|
|
| |
Reported-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
| |
This makes --time-format=iso timestamp to look the same as login/logout
times. When --time-format=noformat is used the file creation time not
printed. There is no change to default format.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
|
| |
This currently new function will be part of glibc 2.25.
Reference: https://sourceware.org/git/?p=glibc.git;a=commit;h=ea1bd74defcf9d5291d14972e63105168ca9eb4f
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* the variable definition with hidden type is always horrible, for
example:
int func() {
LIST_HEAD(foo);
...
}
the more readable is:
int func() {
struct list_head foo;
INIT_LIST_HEAD(&foo);
...
}
* the name LIST_HEAD conflict with /usr/include/sys/queue.h
* we use it only on two places in sulogin
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
| |
The current default is to print all usage() output. This is overkill
in many case.
Addresses: https://github.com/karelzak/util-linux/issues/338
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
The links to ftp://ftp.kernel.org/ are replaced by
https://www.kernel.org/.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
| |
\s-2...\s0 is unused anywhere else. Remove it.
Signed-off-by: Michael Kerrisk <mtk.man-pages@gmail.com>
|
| |
|
|
| |
Signed-off-by: Michael Kerrisk <mtk.man-pages@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Use consistent terminology for set-user-ID and set-group-ID bits.
There's much inconsistency in the pages. "suid",
"set-user-identifier", "setuid". Stick with one terminology,
"set-user-ID" and set-grout-ID, as suggested in man-pages(7).
Signed-off-by: <mtk.man-pages@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
In the majority of pages, pathnames are formatted as Italic,
which is the norm. However, there are several cases where they
are formatted as bold. This patch fixes a number of those
exceptions.
Signed-off-by: Michael Kerrisk <mtk.man-pages@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
If timeout happens while waiting in prompt, bail out instead
of retrying.
Reported-by: Bjørn Mork <bjorn@mork.no>
Addresses: http://bugs.debian.org/846107
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
|
| |
|
|
|
|
|
|
|
| |
This makes the caller bail out early instead of evaluating the
input as a password.
Reported-by: Bjørn Mork <bjorn@mork.no>
Addresses: http://bugs.debian.org/846112
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
|
| |
|
|
|
|
|
|
| |
Now the build will fail on many non-Linux systems because
utmpx.h is available everywhere but we still use non-POSIX
features. We'll fix this next commit.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This include was removed in a365953a but we will need it again
when we move from utmp.h to utmpx.h.
On Linux (glibc, musl) the struct lastlog is defined in utmp.h
and lastlog.h just includes utmp.h.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
Conflicts:
login-utils/login.c
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
| |
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
|
|
| |
BTW avoid using the defined sizes.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
|
|
|
|
|
|
| |
strlen() is not smarter than strncpy(). Bytes that follow a null byte
are not compared anyway.
BTW avoid using the defined sizes.
CC: Ondrej Oprala <ooprala@redhat.com>
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
|
|
|
|
|
|
| |
_HAVE_UT_TV is glibc only. Moreover we want to move to utmpx where
timeval is standard.
Now utmp/subsecond (1173d0a6) should work on all supported systems.
CC: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
| |
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
|
|
| |
Just to be consistent ...
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
| |
|
|
|
|
|
|
| |
Most pages in util-linux follow the standard convention
of formatting page cross references in bold. Fix the
few exceptions that use italic.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch does only the following:
* Order SEE ALSO entries first by section name, then alphabetically
within section
* Adds one or two missing commas in SEE ALSO lists
* Removes one or two periods that were (inconsistently) used
at the end of SEE ALSO lists.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
|
| |
|
|
|
| |
Reported-by: "Yuriy M. Kaminskiy" <yumkam@gmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
| |
This reverts commit 8e4925016875c6a4f2ab4f833ba66f0fc57396a2.
Stupid hack...
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch add libseccomp based syscalls filter to disable TIOCSTI
ioctl in su/runuser children.
IMHO it is not elegant solution due to dependence on libseccomp
(--without-seccomp if hate it)... but there is nothing better for now.
Addresses: CVE-2016-2779
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
.. and add notes about differences between the utuils.
Reported-by: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
| |
At least glibc setenv(3) can fail when system runs out of memory.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
| |
Fixes multiple occurences of 'optarg' overwrites.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
|
|
|
|
| |
The if clause change is pretty trivial. Moving the macro near to where it
is used makes sense to people who want to read the code. And finally the
comment about user list was at wrong spot.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
| |
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
