From 4aee5e0687d836b7dd3dd1566fa65ac4e720ade9 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 2 Dec 2024 13:23:49 +0100 Subject: [PATCH 1/9] lib/chkname.c: is_valid_name(): Use streq() instead of its pattern Signed-off-by: Alejandro Colomar --- lib/chkname.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/chkname.c b/lib/chkname.c index 98f791706..c2b46d2a2 100644 --- a/lib/chkname.c +++ b/lib/chkname.c @@ -71,9 +71,9 @@ is_valid_name(const char *name) */ int numeric; - if ('\0' == *name || - ('.' == *name && (('.' == name[1] && '\0' == name[2]) || - '\0' == name[1])) || + if (streq(name, "") || + streq(name, ".") || + streq(name, "..") || !((*name >= 'a' && *name <= 'z') || (*name >= 'A' && *name <= 'Z') || (*name >= '0' && *name <= '9') || @@ -93,7 +93,7 @@ is_valid_name(const char *name) *name == '_' || *name == '.' || *name == '-' || - (*name == '$' && name[1] == '\0') + streq(name, "$") )) { errno = EINVAL; From dda02b8b88968ebfbea98fe378213713d509a5e1 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Tue, 10 Dec 2024 15:57:58 +0100 Subject: [PATCH 2/9] src/useradd.c: create_home(): Use !streq() instead of its pattern Signed-off-by: Alejandro Colomar --- src/useradd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/useradd.c b/src/useradd.c index 7623dabd4..4275794a7 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -2259,9 +2259,9 @@ static void create_home (void) */ for (cp = strtok(bhome, "/"); cp != NULL; cp = strtok(NULL, "/")) { /* Avoid turning a relative path into an absolute path. */ - if (bhome[0] == '/' || strlen(path) != 0) { + if (bhome[0] == '/' || !streq(path, "")) strcat(path, "/"); - } + strcat(path, cp); if (access(path, F_OK) == 0) { continue; From 810bc45c7e54b33bdf68916d91dc097dad9b4dbf Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 23 Dec 2024 11:06:33 +0100 Subject: [PATCH 3/9] lib/chkname.c, src/: Strictly disallow really bad names Some names are bad, and some names are really bad. '--badname' should only allow the mildly bad ones, which we can handle. Some names are too bad, and it's not possible to deal with them. Reject them unconditionally. Acked-by: Chris Hofstaedtler Cc: Marc 'Zugschlus' Haber Cc: Iker Pedrosa Cc: Serge Hallyn Signed-off-by: Alejandro Colomar --- lib/chkname.c | 38 ++++++++++++++++++++------------------ src/newusers.c | 2 +- src/pwck.c | 2 +- src/useradd.c | 2 +- src/usermod.c | 2 +- 5 files changed, 24 insertions(+), 22 deletions(-) diff --git a/lib/chkname.c b/lib/chkname.c index c2b46d2a2..874f770dd 100644 --- a/lib/chkname.c +++ b/lib/chkname.c @@ -13,7 +13,8 @@ * true - OK * false - bad name * errors: - * EINVAL Invalid name characters or sequences + * EINVAL Invalid name + * EILSEQ Invalid name character sequence (acceptable with --badname) * EOVERFLOW Name longer than maximum size */ @@ -33,7 +34,10 @@ #include "defines.h" #include "chkname.h" +#include "string/ctype/strchrisascii/strchriscntrl.h" +#include "string/ctype/strisascii/strisdigit.h" #include "string/strcmp/streq.h" +#include "string/strcmp/strprefix.h" int allow_bad_names = false; @@ -56,6 +60,18 @@ login_name_max_size(void) static bool is_valid_name(const char *name) { + if (streq(name, "") + || streq(name, ".") + || streq(name, "..") + || strpbrk(name, ",: /") + || strprefix(name, "-") + || strchriscntrl(name) + || strisdigit(name)) + { + errno = EINVAL; + return false; + } + if (allow_bad_names) { return true; } @@ -66,26 +82,18 @@ is_valid_name(const char *name) * * as a non-POSIX, extension, allow "$" as the last char for * sake of Samba 3.x "add machine script" - * - * Also do not allow fully numeric names or just "." or "..". */ - int numeric; - if (streq(name, "") || - streq(name, ".") || - streq(name, "..") || - !((*name >= 'a' && *name <= 'z') || + if (!((*name >= 'a' && *name <= 'z') || (*name >= 'A' && *name <= 'Z') || (*name >= '0' && *name <= '9') || *name == '_' || *name == '.')) { - errno = EINVAL; + errno = EILSEQ; return false; } - numeric = isdigit(*name); - while (!streq(++name, "")) { if (!((*name >= 'a' && *name <= 'z') || (*name >= 'A' && *name <= 'Z') || @@ -96,15 +104,9 @@ is_valid_name(const char *name) streq(name, "$") )) { - errno = EINVAL; + errno = EILSEQ; return false; } - numeric &= isdigit(*name); - } - - if (numeric) { - errno = EINVAL; - return false; } return true; diff --git a/src/newusers.c b/src/newusers.c index 5e78dd976..18748268e 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -388,7 +388,7 @@ static int add_user (const char *name, uid_t uid, gid_t gid) /* Check if this is a valid user name */ if (!is_valid_user_name(name)) { - if (errno == EINVAL) { + if (errno == EILSEQ) { fprintf(stderr, _("%s: invalid user name '%s': use --badname to ignore\n"), Prog, name); diff --git a/src/pwck.c b/src/pwck.c index ae7ddaddf..8594e2e59 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -475,7 +475,7 @@ static void check_pw_file (int *errors, bool *changed) */ if (!is_valid_user_name(pwd->pw_name)) { - if (errno == EINVAL) { + if (errno == EILSEQ) { printf(_("invalid user name '%s': use --badname to ignore\n"), pwd->pw_name); } else { diff --git a/src/useradd.c b/src/useradd.c index 4275794a7..67b2f3e18 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -1534,7 +1534,7 @@ static void process_flags (int argc, char **argv) user_name = argv[optind]; if (!is_valid_user_name(user_name)) { - if (errno == EINVAL) { + if (errno == EILSEQ) { fprintf(stderr, _("%s: invalid user name '%s': use --badname to ignore\n"), Prog, user_name); diff --git a/src/usermod.c b/src/usermod.c index 24c5a4d23..ca4860f93 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -1118,7 +1118,7 @@ process_flags(int argc, char **argv) /*@notreached@*/break; case 'l': if (!is_valid_user_name(optarg)) { - if (errno == EINVAL) { + if (errno == EILSEQ) { fprintf(stderr, _("%s: invalid user name '%s': use --badname to ignore\n"), Prog, optarg); From 2a18b2e7b01d67d02bc6ab976845db08114fbb57 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 23 Dec 2024 18:36:31 +0100 Subject: [PATCH 4/9] lib/ctype/: ispfchar(): Add function Link: Signed-off-by: Alejandro Colomar --- lib/Makefile.am | 2 ++ lib/ctype/ispfchar.c | 12 ++++++++++++ lib/ctype/ispfchar.h | 26 ++++++++++++++++++++++++++ 3 files changed, 40 insertions(+) create mode 100644 lib/ctype/ispfchar.c create mode 100644 lib/ctype/ispfchar.h diff --git a/lib/Makefile.am b/lib/Makefile.am index e76e7446a..e8b2f4993 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -89,6 +89,8 @@ libshadow_la_SOURCES = \ console.c \ copydir.c \ csrand.c \ + ctype/ispfchar.c \ + ctype/ispfchar.h \ defines.h \ encrypt.c \ env.c \ diff --git a/lib/ctype/ispfchar.c b/lib/ctype/ispfchar.c new file mode 100644 index 000000000..bb6868131 --- /dev/null +++ b/lib/ctype/ispfchar.c @@ -0,0 +1,12 @@ +// SPDX-FileCopyrightText: 2024, Alejandro Colomar +// SPDX-License-Identifier: BSD-3-Clause + + +#include + +#include "ctype/ispfchar.h" + +#include + + +extern inline bool ispfchar(unsigned char c); diff --git a/lib/ctype/ispfchar.h b/lib/ctype/ispfchar.h new file mode 100644 index 000000000..8cc9888bf --- /dev/null +++ b/lib/ctype/ispfchar.h @@ -0,0 +1,26 @@ +// SPDX-FileCopyrightText: 2024, Alejandro Colomar +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_CTYPE_ISPFCHAR_H_ +#define SHADOW_INCLUDE_LIB_CTYPE_ISPFCHAR_H_ + + +#include + +#include +#include + + +inline bool ispfchar(unsigned char c); + + +// Return true if 'c' is a character from the Portable Filename Character Set. +inline bool +ispfchar(unsigned char c) +{ + return isalnum(c) || c == '.' || c == '_' || c == '-'; +} + + +#endif // include guard From 29dde7d5eb67b113b58a317d0fecf622341e4742 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 23 Dec 2024 15:25:48 +0100 Subject: [PATCH 5/9] lib/chkname.c: is_valid_name(): Use isalnum(3) instead of its pattern Signed-off-by: Alejandro Colomar --- lib/chkname.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/lib/chkname.c b/lib/chkname.c index 874f770dd..2862f5c21 100644 --- a/lib/chkname.c +++ b/lib/chkname.c @@ -84,9 +84,7 @@ is_valid_name(const char *name) * sake of Samba 3.x "add machine script" */ - if (!((*name >= 'a' && *name <= 'z') || - (*name >= 'A' && *name <= 'Z') || - (*name >= '0' && *name <= '9') || + if (!(isalnum(*name) || *name == '_' || *name == '.')) { @@ -95,9 +93,7 @@ is_valid_name(const char *name) } while (!streq(++name, "")) { - if (!((*name >= 'a' && *name <= 'z') || - (*name >= 'A' && *name <= 'Z') || - (*name >= '0' && *name <= '9') || + if (!(isalnum(*name) || *name == '_' || *name == '.' || *name == '-' || From 531dd1e2fba08610fb645d9af755b2c48c322e0c Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 23 Dec 2024 17:30:57 +0100 Subject: [PATCH 6/9] lib/chkname.c: is_valid_name(): Split Samba check Signed-off-by: Alejandro Colomar --- lib/chkname.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/chkname.c b/lib/chkname.c index 2862f5c21..5bd9cff4d 100644 --- a/lib/chkname.c +++ b/lib/chkname.c @@ -93,11 +93,13 @@ is_valid_name(const char *name) } while (!streq(++name, "")) { + if (streq(name, "$")) // Samba + return true; + if (!(isalnum(*name) || *name == '_' || *name == '.' || - *name == '-' || - streq(name, "$") + *name == '-' )) { errno = EILSEQ; From fe5172f165f7dfdf767d9c7966b3adad5e571e63 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 23 Dec 2024 18:41:06 +0100 Subject: [PATCH 7/9] lib/chkname.c: is_valid_name(): Use ispfchar() to simplify In the first case, we can do the transformation because a few lines above, we explicitly reject a name starting with a '-'. In the second case, we're obviously using ispfchar() instead of its pattern. Signed-off-by: Alejandro Colomar --- lib/chkname.c | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/lib/chkname.c b/lib/chkname.c index 5bd9cff4d..ee1e5b605 100644 --- a/lib/chkname.c +++ b/lib/chkname.c @@ -34,6 +34,7 @@ #include "defines.h" #include "chkname.h" +#include "ctype/ispfchar.h" #include "string/ctype/strchrisascii/strchriscntrl.h" #include "string/ctype/strisascii/strisdigit.h" #include "string/strcmp/streq.h" @@ -84,10 +85,7 @@ is_valid_name(const char *name) * sake of Samba 3.x "add machine script" */ - if (!(isalnum(*name) || - *name == '_' || - *name == '.')) - { + if (!ispfchar(*name)) { errno = EILSEQ; return false; } @@ -96,12 +94,7 @@ is_valid_name(const char *name) if (streq(name, "$")) // Samba return true; - if (!(isalnum(*name) || - *name == '_' || - *name == '.' || - *name == '-' - )) - { + if (!ispfchar(*name)) { errno = EILSEQ; return false; } From c892957cdc3cb54f22cf7ba34d21f1c4bbc20599 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 9 Dec 2024 12:50:51 +0100 Subject: [PATCH 8/9] Little Bobby Tables lib/, man/, src/: Do not allow bad names Closes: Link: Link: Link: Link: Link: Link: Link: Link: Link: Link: Cc: Iker Pedrosa Cc: Serge Hallyn Cc: Sam James Cc: Michael Vetter Cc: Chris Hofstaedtler Cc: Balint Reczey Cc: Marc Haber Signed-off-by: Alejandro Colomar --- lib/chkname.c | 11 +---------- man/newusers.8.xml | 12 ------------ man/pwck.8.xml | 10 ---------- man/useradd.8.xml | 10 ---------- man/usermod.8.xml | 10 ---------- src/newusers.c | 17 +---------------- src/pwck.c | 18 +----------------- src/useradd.c | 18 +++--------------- src/usermod.c | 19 +++---------------- 9 files changed, 9 insertions(+), 116 deletions(-) diff --git a/lib/chkname.c b/lib/chkname.c index ee1e5b605..b2ef700c6 100644 --- a/lib/chkname.c +++ b/lib/chkname.c @@ -14,7 +14,7 @@ * false - bad name * errors: * EINVAL Invalid name - * EILSEQ Invalid name character sequence (acceptable with --badname) + * EILSEQ Invalid name character sequence * EOVERFLOW Name longer than maximum size */ @@ -41,9 +41,6 @@ #include "string/strcmp/strprefix.h" -int allow_bad_names = false; - - size_t login_name_max_size(void) { @@ -64,19 +61,13 @@ is_valid_name(const char *name) if (streq(name, "") || streq(name, ".") || streq(name, "..") - || strpbrk(name, ",: /") || strprefix(name, "-") - || strchriscntrl(name) || strisdigit(name)) { errno = EINVAL; return false; } - if (allow_bad_names) { - return true; - } - /* * User/group names must match BRE regex: * [a-zA-Z0-9_.][a-zA-Z0-9_.-]*$\? diff --git a/man/newusers.8.xml b/man/newusers.8.xml index 6812c7509..72da7253d 100644 --- a/man/newusers.8.xml +++ b/man/newusers.8.xml @@ -253,18 +253,6 @@ The options which apply to the newusers command are: - - - -   - - - - Allow names that do not conform to standards. - - - - , diff --git a/man/pwck.8.xml b/man/pwck.8.xml index 4eb820d66..3403de22f 100644 --- a/man/pwck.8.xml +++ b/man/pwck.8.xml @@ -159,16 +159,6 @@ The options which apply to the pwck command are: - - -   - - - - Allow names that do not conform to standards. - - - , diff --git a/man/useradd.8.xml b/man/useradd.8.xml index 001e7d14c..15af8de7b 100644 --- a/man/useradd.8.xml +++ b/man/useradd.8.xml @@ -103,16 +103,6 @@ The options which apply to the useradd command are: - - -   - - - - Allow names that do not conform to standards. - - - ,  BASE_DIR diff --git a/man/usermod.8.xml b/man/usermod.8.xml index 349248b6b..12829061c 100644 --- a/man/usermod.8.xml +++ b/man/usermod.8.xml @@ -84,16 +84,6 @@ - - - , - - - - Allow names that do not conform to standards. - - - ,  COMMENT diff --git a/src/newusers.c b/src/newusers.c index 18748268e..c89c8df75 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -112,7 +112,6 @@ static void check_perms (void); static void open_files (void); static void close_files (void); -extern int allow_bad_names; /* * usage - display usage message and exit @@ -125,7 +124,6 @@ static void usage (int status) "\n" "Options:\n"), Prog); - (void) fputs (_(" -b, --badname allow bad names\n"), usageout); #ifndef USE_PAM (void) fprintf (usageout, _(" -c, --crypt-method METHOD the crypt method (one of %s)\n"), @@ -386,17 +384,8 @@ static int add_user (const char *name, uid_t uid, gid_t gid) { struct passwd pwent; - /* Check if this is a valid user name */ if (!is_valid_user_name(name)) { - if (errno == EILSEQ) { - fprintf(stderr, - _("%s: invalid user name '%s': use --badname to ignore\n"), - Prog, name); - } else { - fprintf(stderr, - _("%s: invalid user name '%s'\n"), - Prog, name); - } + fprintf(stderr, _("%s: invalid user name '%s'\n"), Prog, name); return -1; } @@ -629,7 +618,6 @@ static void process_flags (int argc, char **argv) #endif /* USE_SHA_CRYPT || USE_BCRYPT || USE_YESCRYPT */ #endif /* !USE_PAM */ static struct option long_options[] = { - {"badname", no_argument, NULL, 'b'}, #ifndef USE_PAM {"crypt-method", required_argument, NULL, 'c'}, #endif /* !USE_PAM */ @@ -656,9 +644,6 @@ static void process_flags (int argc, char **argv) #endif long_options, NULL)) != -1) { switch (c) { - case 'b': - allow_bad_names = true; - break; #ifndef USE_PAM case 'c': crypt_method = optarg; diff --git a/src/pwck.c b/src/pwck.c index 8594e2e59..8e5046282 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -76,7 +76,6 @@ static void close_files (bool changed); static void check_pw_file (int *errors, bool *changed); static void check_spw_file (int *errors, bool *changed); -extern int allow_bad_names; /* * fail_exit - do some cleanup and exit with the given error code @@ -133,7 +132,6 @@ usage (int status) "Options:\n"), Prog); } - (void) fputs (_(" -b, --badname allow bad names\n"), usageout); (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); (void) fputs (_(" -q, --quiet report errors only\n"), usageout); (void) fputs (_(" -r, --read-only display errors and warnings\n" @@ -158,7 +156,6 @@ static void process_flags (int argc, char **argv) { int c; static struct option long_options[] = { - {"badname", no_argument, NULL, 'b'}, {"help", no_argument, NULL, 'h'}, {"quiet", no_argument, NULL, 'q'}, {"read-only", no_argument, NULL, 'r'}, @@ -173,9 +170,6 @@ static void process_flags (int argc, char **argv) while ((c = getopt_long (argc, argv, "behqrR:s", long_options, NULL)) != -1) { switch (c) { - case 'b': - allow_bad_names = true; - break; case 'h': usage (E_SUCCESS); /*@notreached@*/break; @@ -470,18 +464,8 @@ static void check_pw_file (int *errors, bool *changed) } } - /* - * Check for invalid usernames. --marekm - */ - if (!is_valid_user_name(pwd->pw_name)) { - if (errno == EILSEQ) { - printf(_("invalid user name '%s': use --badname to ignore\n"), - pwd->pw_name); - } else { - printf(_("invalid user name '%s'\n"), - pwd->pw_name); - } + printf(_("invalid user name '%s'\n"), pwd->pw_name); *errors += 1; } diff --git a/src/useradd.c b/src/useradd.c index 67b2f3e18..4331aa2f4 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -150,7 +150,6 @@ static char **user_groups; /* NULL-terminated list */ static long sys_ngroups; static bool do_grp_update = false; /* group files need to be updated */ -extern int allow_bad_names; static bool bflg = false, /* new default root of home directory */ @@ -893,7 +892,6 @@ static void usage (int status) "\n" "Options:\n"), Prog, Prog, Prog); - (void) fputs (_(" --badname do not check for bad names\n"), usageout); (void) fputs (_(" -b, --base-dir BASE_DIR base directory for the home directory of the\n" " new account\n"), usageout); #ifdef WITH_BTRFS @@ -1180,7 +1178,6 @@ static void process_flags (int argc, char **argv) #ifdef WITH_BTRFS {"btrfs-subvolume-home", no_argument, NULL, 200}, #endif - {"badname", no_argument, NULL, 201}, {"comment", required_argument, NULL, 'c'}, {"home-dir", required_argument, NULL, 'd'}, {"defaults", no_argument, NULL, 'D'}, @@ -1237,9 +1234,6 @@ static void process_flags (int argc, char **argv) case 200: subvolflg = true; break; - case 201: - allow_bad_names = true; - break; case 'c': if (!VALID (optarg)) { fprintf (stderr, @@ -1534,15 +1528,9 @@ static void process_flags (int argc, char **argv) user_name = argv[optind]; if (!is_valid_user_name(user_name)) { - if (errno == EILSEQ) { - fprintf(stderr, - _("%s: invalid user name '%s': use --badname to ignore\n"), - Prog, user_name); - } else { - fprintf(stderr, - _("%s: invalid user name '%s'\n"), - Prog, user_name); - } + fprintf(stderr, + _("%s: invalid user name '%s'\n"), + Prog, user_name); #ifdef WITH_AUDIT audit_logger (AUDIT_ADD_USER, Prog, "adding user", diff --git a/src/usermod.c b/src/usermod.c index ca4860f93..08116c7d7 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -207,7 +207,6 @@ static void update_faillog (void); static void move_mailbox (void); #endif -extern int allow_bad_names; /* * get_groups - convert a list of group names to an array of group IDs @@ -383,7 +382,6 @@ usage (int status) (void) fputs (_(" -a, --append append the user to the supplemental GROUPS\n" " mentioned by the -G option without removing\n" " the user from other groups\n"), usageout); - (void) fputs (_(" -b, --badname allow bad names\n"), usageout); (void) fputs (_(" -c, --comment COMMENT new value of the GECOS field\n"), usageout); (void) fputs (_(" -d, --home HOME_DIR new home directory for the user account\n"), usageout); (void) fputs (_(" -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE\n"), usageout); @@ -996,8 +994,6 @@ process_flags(int argc, char **argv) int c; static struct option long_options[] = { {"append", no_argument, NULL, 'a'}, - {"badname", no_argument, NULL, 'b'}, - {"badnames", no_argument, NULL, 'b'}, {"comment", required_argument, NULL, 'c'}, {"home", required_argument, NULL, 'd'}, {"expiredate", required_argument, NULL, 'e'}, @@ -1041,9 +1037,6 @@ process_flags(int argc, char **argv) case 'a': aflg = true; break; - case 'b': - allow_bad_names = true; - break; case 'c': if (!VALID (optarg)) { fprintf (stderr, @@ -1118,15 +1111,9 @@ process_flags(int argc, char **argv) /*@notreached@*/break; case 'l': if (!is_valid_user_name(optarg)) { - if (errno == EILSEQ) { - fprintf(stderr, - _("%s: invalid user name '%s': use --badname to ignore\n"), - Prog, optarg); - } else { - fprintf(stderr, - _("%s: invalid user name '%s'\n"), - Prog, optarg); - } + fprintf(stderr, + _("%s: invalid user name '%s'\n"), + Prog, optarg); exit (E_BAD_ARG); } lflg = true; From 1cd7313ff9ca55d1d2d43d519937d16770125f54 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 9 Dec 2024 13:04:50 +0100 Subject: [PATCH 9/9] src/: Report errors in user or groups names more consistently - Don't print the user name; if it's bad, it might be dangerous. - Print the string "user" or "group" before the error message. - Print the errno string to be consistent. Signed-off-by: Alejandro Colomar --- src/chfn.c | 4 +++- src/chsh.c | 4 +++- src/groupadd.c | 5 ++--- src/groupmod.c | 5 ++--- src/grpck.c | 6 ++++-- src/newgrp.c | 11 +++++------ src/newusers.c | 6 ++---- src/passwd.c | 3 ++- src/pwck.c | 4 +++- src/useradd.c | 4 +--- src/usermod.c | 6 +++--- 11 files changed, 30 insertions(+), 28 deletions(-) diff --git a/src/chfn.c b/src/chfn.c index 4c96fba28..9c490a6f6 100644 --- a/src/chfn.c +++ b/src/chfn.c @@ -11,10 +11,12 @@ #ident "$Id$" +#include #include #include #include #include +#include #include #include @@ -646,7 +648,7 @@ int main (int argc, char **argv) */ if (optind < argc) { if (!is_valid_user_name (argv[optind])) { - fprintf (stderr, _("%s: Provided user name is not a valid name\n"), Prog); + fprintf(stderr, _("%s: user: %s\n"), Prog, strerror(errno)); fail_exit (E_NOPERM); } user = argv[optind]; diff --git a/src/chsh.c b/src/chsh.c index 15bfae323..34cb470a0 100644 --- a/src/chsh.c +++ b/src/chsh.c @@ -11,10 +11,12 @@ #ident "$Id$" +#include #include #include #include #include +#include #include #include "chkname.h" @@ -503,7 +505,7 @@ int main (int argc, char **argv) */ if (optind < argc) { if (!is_valid_user_name (argv[optind])) { - fprintf (stderr, _("%s: Provided user name is not a valid name\n"), Prog); + fprintf(stderr, _("%s: user: %s\n"), Prog, strerror(errno)); fail_exit (1); } user = argv[optind]; diff --git a/src/groupadd.c b/src/groupadd.c index 9f0eb2e50..55eb15a28 100644 --- a/src/groupadd.c +++ b/src/groupadd.c @@ -12,6 +12,7 @@ #ident "$Id$" #include +#include #include #include #include @@ -247,9 +248,7 @@ static void check_new_name(void) { if (!is_valid_group_name(group_name)) { - fprintf(stderr, _("%s: '%s' is not a valid group name\n"), - Prog, group_name); - + fprintf(stderr, _("%s: group: %s\n"), Prog, strerror(errno)); exit(E_BAD_ARG); } diff --git a/src/groupmod.c b/src/groupmod.c index 7342707d0..a54fb73bd 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -12,6 +12,7 @@ #ident "$Id$" #include +#include #include #include #include @@ -381,9 +382,7 @@ check_new_name(void) } if (!is_valid_group_name(group_newname)) { - fprintf(stderr, - _("%s: invalid group name '%s'\n"), - Prog, group_newname); + fprintf(stderr, _("%s: group: %s\n"), Prog, strerror(errno)); exit(E_BAD_ARG); } diff --git a/src/grpck.c b/src/grpck.c index 6bac2849f..4a96f62ef 100644 --- a/src/grpck.c +++ b/src/grpck.c @@ -10,11 +10,13 @@ #include +#include #include +#include #include #include #include -#include +#include #include "chkname.h" #include "commonio.h" @@ -562,7 +564,7 @@ static void check_grp_file (int *errors, bool *changed) */ if (!is_valid_group_name (grp->gr_name)) { *errors += 1; - printf (_("invalid group name '%s'\n"), grp->gr_name); + printf(_("group: %s\n"), strerror(errno)); } /* diff --git a/src/newgrp.c b/src/newgrp.c index f73508663..7fdb3a9b5 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include "agetpass.h" @@ -486,9 +487,8 @@ int main (int argc, char **argv) */ if ((argc > 0) && (argv[0][0] != '-')) { if (!is_valid_group_name (argv[0])) { - fprintf ( - stderr, _("%s: provided group is not a valid group name\n"), - Prog); + fprintf(stderr, _("%s: group: %s\n"), + Prog, strerror(errno)); goto failure; } group = argv[0]; @@ -523,9 +523,8 @@ int main (int argc, char **argv) goto failure; } else if (argv[0] != NULL) { if (!is_valid_group_name (argv[0])) { - fprintf ( - stderr, _("%s: provided group is not a valid group name\n"), - Prog); + fprintf(stderr, _("%s: group: %s\n"), + Prog, strerror(errno)); goto failure; } group = argv[0]; diff --git a/src/newusers.c b/src/newusers.c index c89c8df75..da574dfae 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -289,9 +289,7 @@ static int add_group (const char *name, const char *gid, gid_t *ngid, uid_t uid) /* Check if this is a valid group name */ if (!is_valid_group_name (grent.gr_name)) { - fprintf (stderr, - _("%s: invalid group name '%s'\n"), - Prog, grent.gr_name); + fprintf(stderr, _("%s: group: %s\n"), Prog, strerror(errno)); free (grent.gr_name); return -1; } @@ -385,7 +383,7 @@ static int add_user (const char *name, uid_t uid, gid_t gid) struct passwd pwent; if (!is_valid_user_name(name)) { - fprintf(stderr, _("%s: invalid user name '%s'\n"), Prog, name); + fprintf(stderr, _("%s: user: %s\n"), Prog, strerror(errno)); return -1; } diff --git a/src/passwd.c b/src/passwd.c index cc79960a5..4dae512a4 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include @@ -913,7 +914,7 @@ main(int argc, char **argv) myname = xstrdup (pw->pw_name); if (optind < argc) { if (!is_valid_user_name (argv[optind])) { - fprintf (stderr, _("%s: Provided user name is not a valid name\n"), Prog); + fprintf(stderr, _("%s: user: %s\n"), Prog, strerror(errno)); fail_exit (E_NOPERM); } name = argv[optind]; diff --git a/src/pwck.c b/src/pwck.c index 8e5046282..3cfe39ef7 100644 --- a/src/pwck.c +++ b/src/pwck.c @@ -12,11 +12,13 @@ #ident "$Id$" +#include #include #include #include #include #include +#include #include "chkname.h" #include "commonio.h" @@ -465,7 +467,7 @@ static void check_pw_file (int *errors, bool *changed) } if (!is_valid_user_name(pwd->pw_name)) { - printf(_("invalid user name '%s'\n"), pwd->pw_name); + printf(_("user: %s\n"), strerror(errno)); *errors += 1; } diff --git a/src/useradd.c b/src/useradd.c index 4331aa2f4..628b7f20d 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -1528,9 +1528,7 @@ static void process_flags (int argc, char **argv) user_name = argv[optind]; if (!is_valid_user_name(user_name)) { - fprintf(stderr, - _("%s: invalid user name '%s'\n"), - Prog, user_name); + fprintf(stderr, _("%s: user: %s\n"), Prog, strerror(errno)); #ifdef WITH_AUDIT audit_logger (AUDIT_ADD_USER, Prog, "adding user", diff --git a/src/usermod.c b/src/usermod.c index 08116c7d7..3f1e2d137 100644 --- a/src/usermod.c +++ b/src/usermod.c @@ -27,6 +27,7 @@ #endif /* USE_PAM */ #endif /* ACCT_TOOLS_SETUID */ #include +#include #include #include #include @@ -1111,9 +1112,8 @@ process_flags(int argc, char **argv) /*@notreached@*/break; case 'l': if (!is_valid_user_name(optarg)) { - fprintf(stderr, - _("%s: invalid user name '%s'\n"), - Prog, optarg); + fprintf(stderr, _("%s: user: %s\n"), + Prog, strerror(errno)); exit (E_BAD_ARG); } lflg = true;