|
|
d8d8bc |
From 53339f53ab71c138578d4102a4e4011344d33b2d Mon Sep 17 00:00:00 2001
|
|
|
d8d8bc |
From: Karel Zak <kzak@redhat.com>
|
|
|
d8d8bc |
Date: Tue, 7 Jun 2022 09:11:56 +0200
|
|
|
d8d8bc |
Subject: lslogins: improve prefixes interpretation
|
|
|
d8d8bc |
|
|
|
d8d8bc |
It seems that for example 'passwd --lock' uses two exclamation marks
|
|
|
d8d8bc |
in password field. It seems better to assume arbitrary number of '!'
|
|
|
d8d8bc |
and '*' prefixes.
|
|
|
d8d8bc |
|
|
|
d8d8bc |
The patch also makes description of the PWD-EMPTY output field more
|
|
|
d8d8bc |
explicit.
|
|
|
d8d8bc |
|
|
|
d8d8bc |
Upstream: http://github.com/util-linux/util-linux/commit/c51cba1e838ae7e36a843ec785543492bb8737cd
|
|
|
d8d8bc |
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2094216
|
|
|
d8d8bc |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
d8d8bc |
---
|
|
|
d8d8bc |
login-utils/lslogins.c | 33 ++++++++++++++++++++++++++-------
|
|
|
d8d8bc |
1 file changed, 26 insertions(+), 7 deletions(-)
|
|
|
d8d8bc |
|
|
|
d8d8bc |
diff --git a/login-utils/lslogins.c b/login-utils/lslogins.c
|
|
|
d8d8bc |
index c37df9096..1332a9925 100644
|
|
|
d8d8bc |
--- a/login-utils/lslogins.c
|
|
|
d8d8bc |
+++ b/login-utils/lslogins.c
|
|
|
d8d8bc |
@@ -225,7 +225,7 @@ static const struct lslogins_coldesc coldescs[] =
|
|
|
d8d8bc |
{
|
|
|
d8d8bc |
[COL_USER] = { "USER", N_("user name"), N_("Username"), 0.1, SCOLS_FL_NOEXTREMES },
|
|
|
d8d8bc |
[COL_UID] = { "UID", N_("user ID"), "UID", 1, SCOLS_FL_RIGHT},
|
|
|
d8d8bc |
- [COL_PWDEMPTY] = { "PWD-EMPTY", N_("password not required"), N_("Password not required"), 1, SCOLS_FL_RIGHT },
|
|
|
d8d8bc |
+ [COL_PWDEMPTY] = { "PWD-EMPTY", N_("password not defined"), N_("Password not required (empty)"), 1, SCOLS_FL_RIGHT },
|
|
|
d8d8bc |
[COL_PWDDENY] = { "PWD-DENY", N_("login by password disabled"), N_("Login by password disabled"), 1, SCOLS_FL_RIGHT },
|
|
|
d8d8bc |
[COL_PWDLOCK] = { "PWD-LOCK", N_("password defined, but locked"), N_("Password is locked"), 1, SCOLS_FL_RIGHT },
|
|
|
d8d8bc |
[COL_PWDMETHOD] = { "PWD-METHOD", N_("password encryption method"), N_("Password encryption method"), 0.1 },
|
|
|
d8d8bc |
@@ -817,23 +817,42 @@ static struct lslogins_user *get_user_info(struct lslogins_control *ctl, const c
|
|
|
d8d8bc |
break;
|
|
|
d8d8bc |
case COL_PWDEMPTY:
|
|
|
d8d8bc |
if (shadow) {
|
|
|
d8d8bc |
- if (!*shadow->sp_pwdp) /* '\0' */
|
|
|
d8d8bc |
+ const char *p = shadow->sp_pwdp;
|
|
|
d8d8bc |
+
|
|
|
d8d8bc |
+ while (p && (*p == '!' || *p == '*'))
|
|
|
d8d8bc |
+ p++;
|
|
|
d8d8bc |
+
|
|
|
d8d8bc |
+ if (!p || !*p)
|
|
|
d8d8bc |
user->pwd_empty = STATUS_TRUE;
|
|
|
d8d8bc |
} else
|
|
|
d8d8bc |
user->pwd_empty = STATUS_UNKNOWN;
|
|
|
d8d8bc |
break;
|
|
|
d8d8bc |
case COL_PWDDENY:
|
|
|
d8d8bc |
if (shadow) {
|
|
|
d8d8bc |
- if ((*shadow->sp_pwdp == '!' ||
|
|
|
d8d8bc |
- *shadow->sp_pwdp == '*') &&
|
|
|
d8d8bc |
- !valid_pwd(shadow->sp_pwdp + 1))
|
|
|
d8d8bc |
+ const char *p = shadow->sp_pwdp;
|
|
|
d8d8bc |
+
|
|
|
d8d8bc |
+ while (p && (*p == '!' || *p == '*'))
|
|
|
d8d8bc |
+ p++;
|
|
|
d8d8bc |
+
|
|
|
d8d8bc |
+ if (p && *p && p != shadow->sp_pwdp && !valid_pwd(p))
|
|
|
d8d8bc |
user->pwd_deny = STATUS_TRUE;
|
|
|
d8d8bc |
} else
|
|
|
d8d8bc |
user->pwd_deny = STATUS_UNKNOWN;
|
|
|
d8d8bc |
break;
|
|
|
d8d8bc |
case COL_PWDLOCK:
|
|
|
d8d8bc |
if (shadow) {
|
|
|
d8d8bc |
- if (*shadow->sp_pwdp == '!' && valid_pwd(shadow->sp_pwdp + 1))
|
|
|
d8d8bc |
+ const char *p = shadow->sp_pwdp;
|
|
|
d8d8bc |
+ int i = 0;
|
|
|
d8d8bc |
+
|
|
|
d8d8bc |
+ /* 'passwd --lock' uses two exclamation marks,
|
|
|
d8d8bc |
+ * shadow(5) describes the lock as "field which
|
|
|
d8d8bc |
+ * starts with an exclamation mark". Let's
|
|
|
d8d8bc |
+ * support more '!' ...
|
|
|
d8d8bc |
+ */
|
|
|
d8d8bc |
+ while (p && *p == '!')
|
|
|
d8d8bc |
+ p++, i++;
|
|
|
d8d8bc |
+
|
|
|
d8d8bc |
+ if (i != 0 && (!*p || valid_pwd(p)))
|
|
|
d8d8bc |
user->pwd_lock = STATUS_TRUE;
|
|
|
d8d8bc |
} else
|
|
|
d8d8bc |
user->pwd_lock = STATUS_UNKNOWN;
|
|
|
d8d8bc |
@@ -842,7 +861,7 @@ static struct lslogins_user *get_user_info(struct lslogins_control *ctl, const c
|
|
|
d8d8bc |
if (shadow) {
|
|
|
d8d8bc |
const char *p = shadow->sp_pwdp;
|
|
|
d8d8bc |
|
|
|
d8d8bc |
- if (*p == '!' || *p == '*')
|
|
|
d8d8bc |
+ while (p && (*p == '!' || *p == '*'))
|
|
|
d8d8bc |
p++;
|
|
|
d8d8bc |
user->pwd_method = get_pwd_method(p, NULL, NULL);
|
|
|
d8d8bc |
} else
|
|
|
d8d8bc |
--
|
|
|
d8d8bc |
2.36.1
|
|
|
d8d8bc |
|