| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
| |
This makes silly practical jokes impossible, like for example symlinking
/dev/null or dev/random to /etc/nologin.txt
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
| |
Default depends on whether the executable is called 'lastb' or something
else.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: James Clarke <jrtc27@jrtc27.com>
|
|
|
|
|
|
| |
[kzak@redhat.com: - POSIX.1-2008 marks siginterrupt() as obsolete]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The utils when compiled WITHOUT libuser then mkostemp()ing
"/etc/%s.XXXXXX" where the filename prefix is argv[0] basename.
An attacker could repeatedly execute the util with modified argv[0]
and after many many attempts mkostemp() may generate suffix which
makes sense. The result maybe temporary file with name like rc.status
ld.so.preload or krb5.keytab, etc.
Note that distros usually use libuser based ch{sh,fn} or stuff from
shadow-utils.
It's probably very minor security bug.
Addresses: CVE-2015-5224
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
The code is used only in lslogins, so it does not make sense to
maintain it in libcommon.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
| |
Reported-by: Mantas Mikulėnas <grawity@gmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some installations and distributions don't use a root account password
for security reasons and use sudo instead. In that case, asking for the
password makes no sense, and it is not even considered as valid as it's just
"*" or "!".
In these cases --force is required to just start a root shell and no
ask for password.
I don't think it's a good idea to automatically start root shell when
locked account is detected. It's possible that the machine is on
public place and for example Ubuntu uses root account disabled by
default (and also Fedora when installed by yum/dnf without anaconda).
The --force option forces admins to think about it...
The distro maintainers can also use --force in their initscripts or
systemd emergency.service if they believe that promiscuous setting is
the right thing for the distro.
Addresses: https://bugs.debian.org/326678
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
The last/lastb(1) from sysvinit has been around for about two years,
and the better implementation is already part of releases 2.24 to 2.26.
It should be safe to remove the unused last code from the source tree.
Reference: ce60272039ea11952b15fefb653892dd0da02217
Signed-off-by: Sami Kerola <sami.kerola@lastminute.com>
|
|
|
|
|
|
|
|
| |
The getline function distinguishes between the allocated and read
lenghts, and we should not mix them up, as we might end up processing
junk.
Signed-off-by: Guillem Jover <guillem@hadrons.org>
|
|
|
|
|
|
|
|
|
| |
* according to "man getpwnam" 16384 bytes is enough to store one
passwd entry (let's use 2*BUFSIZE to avoid magic numbers in code)
* don't use strcpy() to set empty password
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is just luck if two time() calls happen within the same
second. Introduced in 31d28e09.
Actually I don't like adding another global variable but this
way we avoid bigger refactoring. IMO it's questionable why
lastdate, lastdown, etc. are initialized with current time() at
all. It looks unsafe to print "still running" always when
logout_time = now.
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since 744c7fec lastrch was not set to current time anymore, but we need it.
# broken:
$ ./last -x | grep -m 2 runlevel
runlevel (to lvl 5) 3.11.10-25-deskt Wed Feb 18 13:11 - 01:00 (-16484+-12:-11)
runlevel (to lvl 5) 3.11.10-25-deskt Thu Jan 22 16:50 - 13:11 (26+20:21)
# fixed:
$ ./last -x | grep -m 2 runlevel
runlevel (to lvl 5) 3.11.10-25-deskt Wed Feb 18 13:11 still running
runlevel (to lvl 5) 3.11.10-25-deskt Thu Jan 22 16:50 - 13:11 (26+20:21)
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
last(1) uses a global list of entries, this is unnecessary and it's
also mistake because the pointer to the list is not set to NULL when
last(1) opens another utmp file. For example:
last -f /var/log/wtmp -f /var/log/wtmp-20150220
ends with unexpected free() call or sometimes with never ending loop.
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=1201033
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
| |
* check for timer_create()
* define dependence on timer_create() for flock
* rename CLOCKGETTIME_LIBS to REALTIME_LIBS
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
runuser.1: fix spelling implemenation -> implementation
scriptreplay.1: fix spelling overide -> override
unshare.1: fix spelling permamently -> permanently
last.1: fix spelling preferrable -> preferable
lslogins.1: fix spelling priviliges -> privileges
hwclock.8.in: fix spelling transfered -> transferred
prlimit.1: fix typo umlimited -> unlimited
agetty.8: fix typo unnsupported -> unsupported
Signed-off-by: Bill Pemberton <wfp5p@worldbroken.com>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
| |
As said in include/c.h the usleep() is marked as obsolete, so do the same
that most of the other util-linux calls do with this interface.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
| |
The message "stat failed %s" seems to say that stat() failed to
do something, or failed to pass a test, but of course it means
that the statting of something failed. So say so. Also make
two very similar messages equal to this one.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: J William Piggott <elseifthen@gmx.com>
|
|
|
|
|
|
|
|
|
| |
disk-utils/sfdisk.8 Fix font escape
login-utils/vipw.8 Delete bogus macro
misc-utils/look.1 Delete bogus macro
sys-utils/prlimit.1 Delete bogus macro
Signed-off-by: J William Piggott <elseifthen@gmx.com>
|
|
|
|
|
|
|
| |
Transform some of them into copyright lines.
Also fix three header lines and snip some trailing whitespace.
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change fixes all shadow declarations. The worth while to mention
fix is with libfdisk sun geometry. It comes from bitops.h cpu_to_be16
macro that further expands from include/bits/byteswap.h that has the
shadowing.
libfdisk/src/sun.c:961:173: warning: declaration of '__v' shadows a previous local [-Wshadow]
libfdisk/src/sun.c:961:69: warning: shadowed declaration is here [-Wshadow]
libfdisk/src/sun.c:961:178: warning: declaration of '__x' shadows a previous local [-Wshadow]
libfdisk/src/sun.c:961:74: warning: shadowed declaration is here [-Wshadow]
That could have caused earlier some unexpected results.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
| |
This adds a concise description of a tool to its usage text.
A first form of this patch was proposed by Steven Honeyman
(see http://www.spinics.net/lists/util-linux-ng/msg09994.html).
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
| |
The 'if' clauses that have termination as either of the control flow
results will never need 'else'. Making the termination to happen true
flow is enough.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
| |
And get rid of stdbool.h true/false usage.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
|
|
|
| |
Shell null check is redundant. The shell can be null only after
ask_new_shell returned such, and that is checked earlier in program
logic.
Secondly the check_shell does not need to return values, in such cases
the program can simply exit.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
| |
Rename prompt() to ask_new_shell(). Remove fixed size buffer and
allocate path to new shell, that should make Hurd people happy. Use
strutils.h for white space trimming.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
| |
Earlier setting a /bin/sh was impossible for users that had nothing set
as shell, as that was seen as no change.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
| |
This change also improves couple variable initializations.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
|
|
|
|
| |
Use of fgets() can make a single long line to be understood as two
entries, and someone could play tricks with the remainder part of the
buffer.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
| |
Reference: http://man7.org/linux/man-pages/man5/login.defs.5.html
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=138519
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
|