Imported from util-linux-2.11m tarball.

8 files changed, 178 insertions, 108 deletions

diff --git a/login-utils/Makefile b/login-utils/Makefile
index dc96f878..13191a4a 100644
--- a/login-utils/Makefile
+++ b/login-utils/Makefile
@@ -95,7 +95,7 @@ agetty.o islocal.o last.o setpwnam.o shutdown.o simpleinit.o \
 shutdown.o simpleinit.o: $(LIB)/linux_reboot.h
 wall.o: ttymsg.h $(LIB)/carefulputc.h
 
-agetty: agetty.o
+agetty: agetty.o $(LIB)/xstrncpy.o
 chfn: chfn.o islocal.o setpwnam.o $(LIB)/env.o $(LIB)/xstrncpy.o
 	$(CC) $(LDFLAGS) -o $@ $^ $(CRYPT) $(PAM)
 chsh: chsh.o islocal.o setpwnam.o $(LIB)/env.o
diff --git a/login-utils/agetty.c b/login-utils/agetty.c
index c7f0f3d2..d53811b2 100644
--- a/login-utils/agetty.c
+++ b/login-utils/agetty.c
@@ -30,6 +30,7 @@
 #include <getopt.h>
 #include <time.h>
 #include <sys/file.h>
+#include "xstrncpy.h"
 #include "nls.h"
 
 #ifdef __linux__
@@ -273,9 +274,14 @@ main(argc, argv)
     /* The BSD-style init command passes us a useless process name. */
 
 #ifdef	SYSV_STYLE
-    progname = argv[0];
+       {
+	       char *ptr;
+	       progname = argv[0];
+	       if ((ptr = strrchr(argv[0], '/')))
+		       progname = ++ptr;
+       }
 #else
-    progname = "agetty";
+       progname = "agetty";
 #endif
 
 #ifdef DEBUGGING
@@ -1220,13 +1226,13 @@ error(const char *fmt, ...) {
      */
 
     va_start(ap, fmt);
-    while (*fmt) {
+    while (*fmt && bp < &buf[BUFSIZ-1]) {
 	if (strncmp(fmt, "%s", 2) == 0) {
-	    (void) strcpy(bp, va_arg(ap, char *));
+	    xstrncpy(bp, va_arg(ap, char *), &buf[BUFSIZ-1] - bp);
 	    bp += strlen(bp);
 	    fmt += 2;
 	} else if (strncmp(fmt, "%m", 2) == 0) {
-	    (void) strcpy(bp, strerror(errno));
+	    xstrncpy(bp, strerror(errno), &buf[BUFSIZ-1] - bp);
 	    bp += strlen(bp);
 	    fmt += 2;
 	} else {
diff --git a/login-utils/login.c b/login-utils/login.c
index 40950739..d66295c5 100644
--- a/login-utils/login.c
+++ b/login-utils/login.c
@@ -222,6 +222,9 @@ int     timeout = 60;		/* used in cryptocard.c */
 #endif
 
 struct	passwd *pwd;		/* used in cryptocard.c */
+#if USE_PAM
+static struct passwd pwdcopy;
+#endif
 char    hostaddress[4];		/* used in checktty.c */
 char	*hostname;		/* idem */
 static char	*username, *tty_name, *tty_number;
@@ -532,9 +535,10 @@ main(int argc, char **argv)
 
     retcode = pam_start("login",username, &conv, &pamh);
     if(retcode != PAM_SUCCESS) {
-	fprintf(stderr,_("login: PAM Failure, aborting: %s\n"),
+	fprintf(stderr, _("login: PAM Failure, aborting: %s\n"),
 	pam_strerror(pamh, retcode));
-	syslog(LOG_ERR,_("Couldn't initialize PAM: %s"), pam_strerror(pamh, retcode));
+	syslog(LOG_ERR, _("Couldn't initialize PAM: %s"),
+	       pam_strerror(pamh, retcode));
 	exit(99);
     }
     /* hostname & tty are either set to NULL or their correct values,
@@ -629,16 +633,52 @@ main(int argc, char **argv)
        First get the username that we are actually using, though.
     */
     retcode = pam_get_item(pamh, PAM_USER, (const void **) &username);
-    if (retcode == PAM_SUCCESS && username && *username) {
-      pwd = getpwnam(username);
+    PAM_FAIL_CHECK;
+
+    if (!username || !*username) {
+	    fprintf(stderr, _("\nSession setup problem, abort.\n"));
+	    syslog(LOG_ERR, _("NULL user name in %s:%d. Abort."),
+		   __FUNCTION__, __LINE__);
+	    pam_end(pamh, PAM_SYSTEM_ERR);
+	    exit(1);
+    }
+    if (!(pwd = getpwnam(username))) {
+	    fprintf(stderr, _("\nSession setup problem, abort.\n"));
+	    syslog(LOG_ERR, _("Invalid user name \"%s\" in %s:%d. Abort."),
+		   __FUNCTION__, __LINE__);
+	    pam_end(pamh, PAM_SYSTEM_ERR);
+	    exit(1);
+    }
+
+    /* Create a copy of the pwd struct - otherwise it may get
+     * clobbered by PAM */
+    memcpy(&pwdcopy, pwd, sizeof(*pwd));
+    pwd = &pwdcopy;
+    pwd->pw_name   = strdup(pwd->pw_name);
+    pwd->pw_passwd = strdup(pwd->pw_passwd);
+    pwd->pw_gecos  = strdup(pwd->pw_gecos);
+    pwd->pw_dir    = strdup(pwd->pw_dir);
+    pwd->pw_shell  = strdup(pwd->pw_shell);
+    if (!pwd->pw_name || !pwd->pw_passwd || !pwd->pw_gecos ||
+	!pwd->pw_dir || !pwd->pw_shell) {
+	    fprintf(stderr, _("login: Out of memory\n"));
+	    syslog(LOG_ERR, "Out of memory");
+	    pam_end(pamh, PAM_SYSTEM_ERR);
+	    exit(1);
     }
+    username = pwd->pw_name;
 
     /*
      * Initialize the supplementary group list.
      * This should be done before pam_setcred because
      * the PAM modules might add groups during pam_setcred.
      */
-    if (pwd) initgroups(username, pwd->pw_gid);
+    if (initgroups(username, pwd->pw_gid) < 0) {
+	    syslog(LOG_ERR, "initgroups: %m");
+	    fprintf(stderr, _("\nSession setup problem, abort.\n"));
+	    pam_end(pamh, PAM_SYSTEM_ERR);
+	    exit(1);
+    }
 
     retcode = pam_open_session(pamh, 0);
     PAM_FAIL_CHECK;
@@ -803,7 +843,7 @@ main(int argc, char **argv)
 	  default:
 	    perror("quota (Q_SETUID)");
 	}
-	sleepexit(0);
+	sleepexit(0);		/* %% */
     }
 #endif
     
@@ -1057,8 +1097,10 @@ Michael Riepe <michael@stud.uni-hannover.de>
 	motd();
 	mail = getenv("MAIL");
 	if (mail && stat(mail, &st) == 0 && st.st_size != 0) {
-		printf(_("You have %smail.\n"),
-		       (st.st_mtime > st.st_atime) ? _("new ") : "");
+		if (st.st_mtime > st.st_atime)
+			printf(_("You have new mail.\n"));
+		else
+			printf(_("You have mail.\n"));
 	}
     }
     
@@ -1216,7 +1258,7 @@ timedout(int sig) {
     ioctl(0, TCGETA, &ti);
     ti.c_lflag |= ECHO;
     ioctl(0, TCSETA, &ti);
-    exit(0);
+    exit(0);			/* %% */
 }
 
 #ifndef USE_PAM
@@ -1285,12 +1327,13 @@ sigint(int sig) {
 #ifndef USE_PAM				/* PAM takes care of this */
 void
 checknologin(void) {
-    register int fd, nchars;
+    int fd, nchars;
     char tbuf[8192];
     
     if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) {
 	while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0)
 	  write(fileno(stdout), tbuf, nchars);
+	close(fd);
 	sleepexit(0);
     }
 }
@@ -1360,7 +1403,7 @@ stypeof(char *ttyid) {
 }
 #endif 
 
-/* should not be called from PAM code... Why? */
+/* Should not be called from PAM code... */
 void
 sleepexit(int eval) {
     sleep(SLEEP_EXIT_TIMEOUT);
diff --git a/login-utils/passwd.c b/login-utils/passwd.c
index d931d3b8..cb50c0ef 100644
--- a/login-utils/passwd.c
+++ b/login-utils/passwd.c
@@ -171,9 +171,11 @@ check_passwd(char *passwd, char *oldpasswd, char *user, char *gecos) {
     }
 	
     if ( (other + digit + ucase + lcase) < 2) {
-	printf(_("The password must contain characters out of two of the following\n"));
-	printf(_("classes:  upper and lower case letters, digits and non alphanumeric\n"));
-	printf(_("characters. See passwd(1) for more information.\n"));
+	printf(_("The password must contain characters out of two of "
+		 "the following\n"
+		 "classes:  upper and lower case letters, digits and "
+		 "non alphanumeric\n"
+		 "characters. See passwd(1) for more information.\n"));
 	return 0;
     }
 	
@@ -235,7 +237,7 @@ main(int argc, char *argv[]) {
     char salt[2];
     int force_passwd = 0;
     int silent = 0;
-    char c;
+    int c;
     int opt_index;
     int fullname = 0, shell = 0;
     static const struct option long_options[] =
diff --git a/login-utils/shutdown.c b/login-utils/shutdown.c
index c7efe746..46f29a70 100644
--- a/login-utils/shutdown.c
+++ b/login-utils/shutdown.c
@@ -152,6 +152,7 @@ main(int argc, char *argv[])
 	}
 	sigsetmask (0); /*  simpleinit(8) blocks all signals: undo for ALRM  */
 	for (i = 1; i < NSIG; i++) signal (i, SIG_DFL);
+
         setlocale(LC_ALL, "");
         bindtextdomain(PACKAGE, LOCALEDIR);
         textdomain(PACKAGE);
@@ -357,8 +358,12 @@ main(int argc, char *argv[])
 
 	/* do syslog message... */
 	openlog(prog, LOG_CONS, LOG_AUTH);
-	syslog(LOG_NOTICE, _("%s by %s: %s"), 
-	       opt_reboot ? _("rebooted") : _("halted"), whom, message);
+	if (opt_reboot)
+		syslog(LOG_NOTICE, _("rebooted by %s: %s"), 
+		       whom, message);
+	else
+		syslog(LOG_NOTICE, _("halted by %s: %s"), 
+		       whom, message);
 	closelog();
 
 	if(opt_fast)
diff --git a/login-utils/simpleinit.c b/login-utils/simpleinit.c
index 9c08a03a..1b4fbcbe 100644
--- a/login-utils/simpleinit.c
+++ b/login-utils/simpleinit.c
@@ -173,9 +173,11 @@ int main(int argc, char *argv[])
 	for (i = 0; i < NUMCMD; i++) inittab[i].pid = -1;
 	read_inittab ();
 	for (i = 1; i < argc; i++) {
-		if (strcmp (argv[i], "single") == 0) want_single = 1;
-		else if (strcmp (argv[i], "-noreboot") == 0) no_reboot = 1;
-		else {
+		if (strcmp (argv[i], "single") == 0)
+			want_single = 1;
+		else if (strcmp (argv[i], "-noreboot") == 0)
+			no_reboot = 1;
+		else if (strlen(script_prefix) + strlen(argv[i]) < PATH_SIZE) {
 			char path[PATH_SIZE];
 
 			strcpy (path, script_prefix);
diff --git a/login-utils/vipw.c b/login-utils/vipw.c
index f6133ac9..cb404807 100644
--- a/login-utils/vipw.c
+++ b/login-utils/vipw.c
@@ -135,14 +135,17 @@ pw_lock(void) {
 	 */
 #if 0 /* flock()ing is superfluous here, with the ptmp/ptmptmp system. */
 	if (flock(lockfd, LOCK_EX|LOCK_NB)) {
-		(void)fprintf(stderr,
-		    _("%s: the %s file is busy.\n"), progname, 
-			      program == VIPW ? "password" : "group" );
+		if (program == VIPW)
+			fprintf(stderr, _("%s: the password file is busy.\n"),
+				progname);
+		else
+			fprintf(stderr, _("%s: the group file is busy.\n"),
+				progname);
 		exit(1);
 	}
 #endif
 
-	if ((fd = open(tmptmp_file, O_WRONLY|O_CREAT, 0644)) == -1) {
+	if ((fd = open(tmptmp_file, O_WRONLY|O_CREAT, 0600)) == -1) {
 	  (void)fprintf(stderr,
 		   "%s: %s: %s\n", progname, tmptmp_file, strerror(errno));
 	  exit(1);
@@ -181,19 +184,19 @@ pw_lock(void) {
 
 static void
 pw_unlock(void) {
-  char tmp[FILENAMELEN];
+	char tmp[FILENAMELEN+4];
   
-  sprintf(tmp, "%s%s", orig_file, ".OLD");
-  unlink(tmp);
-  link(orig_file, tmp);
-  if (rename(tmp_file, orig_file) == -1) {
-    int errsv = errno;
-    (void)fprintf(stderr, 
-		  _("%s: can't unlock %s: %s (your changes are still in %s)\n"), 
-		  progname, orig_file, strerror(errsv), tmp_file);
-    exit(1);
-  }
-  (void)unlink(tmp_file);
+	sprintf(tmp, "%s%s", orig_file, ".OLD");
+	unlink(tmp);
+	link(orig_file, tmp);
+	if (rename(tmp_file, orig_file) == -1) {
+		int errsv = errno;
+		fprintf(stderr, 
+			_("%s: can't unlock %s: %s (your changes are still in %s)\n"), 
+			progname, orig_file, strerror(errsv), tmp_file);
+		exit(1);
+	}
+	unlink(tmp_file);
 }
 
 
@@ -238,27 +241,23 @@ pw_edit(int notsetuid) {
 }
 
 void
-pw_error(name, err, eval)
-	char *name;
-	int err, eval;
-{
-	int sverrno;
-
+pw_error(char *name, int err, int eval) {
 	if (err) {
-		sverrno = errno;
-		(void)fprintf(stderr, "%s: ", progname);
+		int sverrno = errno;
+
+		fprintf(stderr, "%s: ", progname);
 		if (name)
 			(void)fprintf(stderr, "%s: ", name);
-		(void)fprintf(stderr, "%s\n", strerror(sverrno));
+		fprintf(stderr, "%s\n", strerror(sverrno));
 	}
-	(void)fprintf(stderr,
+	fprintf(stderr,
 	    _("%s: %s unchanged\n"), progname, orig_file);
-	(void)unlink(tmp_file);
+	unlink(tmp_file);
 	exit(eval);
 }
 
 static void
-edit_file(void)
+edit_file(int is_shadow)
 {
 	struct stat begin, end;
 
@@ -274,62 +273,68 @@ edit_file(void)
 		(void)fprintf(stderr, _("%s: no changes made\n"), progname);
 		pw_error((char *)NULL, 0, 0);
 	}
+	if (!is_shadow)
+		chmod(tmp_file, 0644);
+#if 0
+	/* if shadow file, then mode is 0600 now */
+	else
+		chmod(tmp_file, 0400);
+#endif
 	pw_unlock();
 }
 
-int main(int argc, char *argv[])
-{
+int main(int argc, char *argv[]) {
+
+	setlocale(LC_ALL, "");
+	bindtextdomain(PACKAGE, LOCALEDIR);
+	textdomain(PACKAGE);
+
+	bzero(tmp_file, FILENAMELEN);
+	progname = (rindex(argv[0], '/')) ? rindex(argv[0], '/') + 1 : argv[0];
+	if (!strcmp(progname, "vigr")) {
+		program = VIGR;
+		xstrncpy(orig_file, GROUP_FILE, sizeof(orig_file));
+		xstrncpy(tmp_file, GTMP_FILE, sizeof(tmp_file));
+		xstrncpy(tmptmp_file, GTMPTMP_FILE, sizeof(tmptmp_file));
+	} else {
+		program = VIPW;
+		xstrncpy(orig_file, PASSWD_FILE, sizeof(orig_file));
+		xstrncpy(tmp_file, PTMP_FILE, sizeof(tmp_file));
+		xstrncpy(tmptmp_file, PTMPTMP_FILE, sizeof(tmptmp_file));
+	}
+
+	if ((argc > 1) && 
+	    (!strcmp(argv[1], "-V") || !strcmp(argv[1], "--version"))) {
+		printf("%s\n", version_string);
+		exit(0);
+	}
+
+	edit_file(0);
+
+	if (program == VIGR) {
+		strncpy(orig_file, SGROUP_FILE, FILENAMELEN-1);
+		strncpy(tmp_file, SGTMP_FILE, FILENAMELEN-1);
+		strncpy(tmptmp_file, SGTMPTMP_FILE, FILENAMELEN-1);
+	} else {
+		strncpy(orig_file, SHADOW_FILE, FILENAMELEN-1);
+		strncpy(tmp_file, SPTMP_FILE, FILENAMELEN-1);
+		strncpy(tmptmp_file, SPTMPTMP_FILE, FILENAMELEN-1);
+	}
+
+	if (access(orig_file, F_OK) == 0) {
+		char response[80];
+
+		printf((program == VIGR)
+		       ? _("You are using shadow groups on this system.\n")
+		       : _("You are using shadow passwords on this system.\n"));
+		printf(_("Would you like to edit %s now [y/n]? "), orig_file);
+
+		/* EOF means no */
+		if (fgets(response, sizeof(response), stdin)) {
+			if (response[0] == 'y' || response[0] == 'Y')
+				edit_file(1);
+		}
+	}
 
-  setlocale(LC_ALL, "");
-  bindtextdomain(PACKAGE, LOCALEDIR);
-  textdomain(PACKAGE);
-
-  bzero(tmp_file, FILENAMELEN);
-  progname = (rindex(argv[0], '/')) ? rindex(argv[0], '/') + 1 : argv[0];
-  if (!strcmp(progname, "vigr")) {
-    program = VIGR;
-    xstrncpy(orig_file, GROUP_FILE, sizeof(orig_file));
-    xstrncpy(tmp_file, GTMP_FILE, sizeof(tmp_file));
-    xstrncpy(tmptmp_file, GTMPTMP_FILE, sizeof(tmptmp_file));
-  } else {
-    program = VIPW;
-    xstrncpy(orig_file, PASSWD_FILE, sizeof(orig_file));
-    xstrncpy(tmp_file, PTMP_FILE, sizeof(tmp_file));
-    xstrncpy(tmptmp_file, PTMPTMP_FILE, sizeof(tmptmp_file));
-  }
-
-  if ((argc > 1) && 
-      (!strcmp(argv[1], "-V") || !strcmp(argv[1], "--version"))) {
-    printf("%s\n", version_string);
-    exit(0);
-  }
-
-  edit_file();
-
-  if (program == VIGR) {
-    strncpy(orig_file, SGROUP_FILE, FILENAMELEN-1);
-    strncpy(tmp_file, SGTMP_FILE, FILENAMELEN-1);
-    strncpy(tmptmp_file, SGTMPTMP_FILE, FILENAMELEN-1);
-  } else {
-    strncpy(orig_file, SHADOW_FILE, FILENAMELEN-1);
-    strncpy(tmp_file, SPTMP_FILE, FILENAMELEN-1);
-    strncpy(tmptmp_file, SPTMPTMP_FILE, FILENAMELEN-1);
-  }
-
-  if (!access(orig_file, X_OK)) {
-    char response[80];
-
-    printf((program == VIGR)
-	   ? _("You are using shadow groups on this system.\n")
-	   : _("You are using shadow passwords on this system.\n"));
-    printf(_("Would you like to edit %s now [y/n]? "), orig_file);
-
-    /* EOF means no */
-    if (fgets(response, sizeof(response), stdin)) {
-	if (response[0] == 'y' || response[0] == 'Y')
-	    edit_file();
-    }
-  }
-
-  exit(0);
+	exit(0);
 }
diff --git a/login-utils/wall.c b/login-utils/wall.c
index 744c910f..0bd3b79a 100644
--- a/login-utils/wall.c
+++ b/login-utils/wall.c
@@ -124,6 +124,13 @@ usage:
 		if (utmpptr->ut_type != USER_PROCESS)
 			continue;
 #endif
+
+		/* Joey Hess reports that use-sessreg in /etc/X11/wdm/
+		   produces ut_line entries like :0, and a write
+		   to /dev/:0 fails. */
+		if (utmpptr->ut_line[0] == ':')
+			continue;
+
 		xstrncpy(line, utmpptr->ut_line, sizeof(utmpptr->ut_line));
 		if ((p = ttymsg(&iov, 1, line, 60*5)) != NULL)
 			(void)fprintf(stderr, "%s: %s\n", progname, p);