static int update_gshadow (void) { int is_member; int was_member; int was_admin; int changed; const struct sgrp *sgrp; struct sgrp *nsgrp; if (!sgr_lock ()) { fprintf (stderr, _("%s: error locking shadow group file\n"), Prog); SYSLOG ((LOG_ERR, "error locking shadow group file")); return -1; } if (!sgr_open (O_RDWR)) { fprintf (stderr, _("%s: error opening shadow group file\n"), Prog); SYSLOG ((LOG_ERR, "error opening shadow group file")); sgr_unlock (); return -1; } changed = 0; /* * Scan through the entire shadow group file looking for the groups * that the user is a member of. */ while ((sgrp = sgr_next ())) { /* * See if the user was a member of this group */ was_member = is_on_list (sgrp->sg_mem, user_name); /* * See if the user was an administrator of this group */ was_admin = is_on_list (sgrp->sg_adm, user_name); /* * See if the user specified this group as one of their * concurrent groups. */ is_member = Gflg && is_on_list (user_groups, sgrp->sg_name); if (!was_member && !was_admin && !is_member) continue; nsgrp = __sgr_dup (sgrp); if (!nsgrp) { fprintf (stderr, _ ("%s: out of memory in update_gshadow\n"), Prog); sgr_unlock (); return -1; } if (was_admin && lflg) { nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name); nsgrp->sg_adm = add_list (nsgrp->sg_adm, user_newname); changed = 1; SYSLOG ((LOG_INFO, "change admin `%s' to `%s' in shadow group `%s'", user_name, user_newname, nsgrp->sg_name)); } if (was_member && (!Gflg || is_member)) { if (lflg) { nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name); nsgrp->sg_mem = add_list (nsgrp->sg_mem, user_newname); changed = 1; SYSLOG ((LOG_INFO, "change `%s' to `%s' in shadow group `%s'", user_name, user_newname, nsgrp->sg_name)); } } else if (was_member && Gflg && !is_member) { nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name); changed = 1; SYSLOG ((LOG_INFO, "delete `%s' from shadow group `%s'", user_name, nsgrp->sg_name)); } else if (!was_member && Gflg && is_member) { nsgrp->sg_mem = add_list (nsgrp->sg_mem, lflg ? user_newname : user_name); changed = 1; SYSLOG ((LOG_INFO, "add `%s' to shadow group `%s'", lflg ? user_newname : user_name, nsgrp->sg_name)); } if (!changed) continue; changed = 0; /* * Update the group entry to reflect the changes. */ if (!sgr_update (nsgrp)) { fprintf (stderr, _("%s: error adding new group entry\n"), Prog); SYSLOG ((LOG_ERR, "error adding shadow group entry")); sgr_unlock (); return -1; } #ifdef NDBM /* * Update the DBM group file with the new entry as well. */ if (!sg_dbm_update (nsgrp)) { fprintf (stderr, _("%s: cannot add new dbm group entry\n"), Prog); SYSLOG ((LOG_ERR, "error adding dbm shadow group entry")); sgr_unlock (); return -1; } #endif /* NDBM */ } #ifdef NDBM endsgent (); #endif /* NDBM */ if (!sgr_close ()) { fprintf (stderr, _("%s: cannot rewrite shadow group file\n"), Prog); sgr_unlock (); return -1; } sgr_unlock (); return 0; }
static void grp_update (void) { struct group grp; #ifdef SHADOWGRP struct sgrp sgrp; #endif /* SHADOWGRP */ /* * Create the initial entries for this new group. */ new_grent (&grp); #ifdef SHADOWGRP new_sgent (&sgrp); #endif /* SHADOWGRP */ /* * Write out the new group file entry. */ if (!gr_update (&grp)) { fprintf (stderr, _("%s: error adding new group entry\n"), Prog); fail_exit (E_GRP_UPDATE); } #ifdef NDBM /* * Update the DBM group file with the new entry as well. */ if (gr_dbm_present () && !gr_dbm_update (&grp)) { fprintf (stderr, _("%s: cannot add new dbm group entry\n"), Prog); fail_exit (E_GRP_UPDATE); } endgrent (); #endif /* NDBM */ #ifdef SHADOWGRP /* * Write out the new shadow group entries as well. */ if (is_shadow_grp && !sgr_update (&sgrp)) { fprintf (stderr, _("%s: error adding new group entry\n"), Prog); fail_exit (E_GRP_UPDATE); } #ifdef NDBM /* * Update the DBM group file with the new entry as well. */ if (is_shadow_grp && sg_dbm_present () && !sg_dbm_update (&sgrp)) { fprintf (stderr, _("%s: cannot add new dbm group entry\n"), Prog); fail_exit (E_GRP_UPDATE); } endsgent (); #endif /* NDBM */ #endif /* SHADOWGRP */ SYSLOG ((LOG_INFO, "new group: name=%s, gid=%u", group_name, (unsigned int)group_id)); }
static void update_groups(void) { const struct group *grp; struct group *ngrp; #ifdef SHADOWGRP const struct sgrp *sgrp; struct sgrp *nsgrp; #endif /* SHADOWGRP */ /* * Scan through the entire group file looking for the groups that * the user is a member of. */ for (gr_rewind (), grp = gr_next ();grp;grp = gr_next ()) { /* * See if the user specified this group as one of their * concurrent groups. */ if (!is_on_list(grp->gr_mem, user_name)) continue; /* * Delete the username from the list of group members and * update the group entry to reflect the change. */ ngrp = __gr_dup(grp); if (!ngrp) { exit(13); /* XXX */ } ngrp->gr_mem = del_list (ngrp->gr_mem, user_name); if (!gr_update(ngrp)) fprintf(stderr, _("%s: error updating group entry\n"), Prog); /* * Update the DBM group file with the new entry as well. */ #ifdef NDBM if (!gr_dbm_update(ngrp)) fprintf(stderr, _("%s: cannot update dbm group entry\n"), Prog); #endif /* NDBM */ SYSLOG((LOG_INFO, "delete `%s' from group `%s'\n", user_name, ngrp->gr_name)); } #ifdef NDBM endgrent (); #endif /* NDBM */ #ifdef SHADOWGRP if (!is_shadow_grp) return; /* * Scan through the entire shadow group file looking for the groups * that the user is a member of. Both the administrative list and * the ordinary membership list is checked. */ for (sgr_rewind (), sgrp = sgr_next ();sgrp;sgrp = sgr_next ()) { int was_member, was_admin; /* * See if the user specified this group as one of their * concurrent groups. */ was_member = is_on_list(sgrp->sg_mem, user_name); was_admin = is_on_list(sgrp->sg_adm, user_name); if (!was_member && !was_admin) continue; nsgrp = __sgr_dup(sgrp); if (!nsgrp) { exit(13); /* XXX */ } if (was_member) nsgrp->sg_mem = del_list (nsgrp->sg_mem, user_name); if (was_admin) nsgrp->sg_adm = del_list (nsgrp->sg_adm, user_name); if (!sgr_update(nsgrp)) fprintf(stderr, _("%s: error updating group entry\n"), Prog); #ifdef NDBM /* * Update the DBM group file with the new entry as well. */ if (!sg_dbm_update(nsgrp)) fprintf(stderr, _("%s: cannot update dbm group entry\n"), Prog); #endif /* NDBM */ SYSLOG((LOG_INFO, "delete `%s' from shadow group `%s'\n", user_name, nsgrp->sg_name)); } #ifdef NDBM endsgent (); #endif /* NDBM */ #endif /* SHADOWGRP */ }