summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSkyler Ferrante <sjf5462@rit.edu>2024-03-03 00:54:05 -0500
committerAlejandro Colomar <alx@kernel.org>2024-03-07 22:54:04 +0100
commita28371336e17a22c6959f40b4647b8e54923c433 (patch)
tree08147c408bfc742079609e09954ec002241b6e4f
parent71080e790011f2bce502b26ba1463e42cb2212fe (diff)
src/: Hardcode Prog to known value
Set Prog (program name) based on hardcoded value instead of argv[0]. This is to help prevent escape sequence injection. Cherry-picked-from: e6c2e4393784 ("Hardcoding Prog to known value") Link: <https://github.com/shadow-maint/shadow/issues/959> Link: <https://github.com/shadow-maint/shadow/pull/960> Cc: "Skyler Ferrante (RIT Student)" <sjf5462@rit.edu> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: Karel Zak <kzak@redhat.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Cc: Christian Brauner <christian@brauner.io> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Diffstat
-rw-r--r--src/chage.c7
-rw-r--r--src/check_subid_range.c3
-rw-r--r--src/chfn.c15
-rw-r--r--src/chgpasswd.c7
-rw-r--r--src/chpasswd.c9
-rw-r--r--src/chsh.c15
-rw-r--r--src/expiry.c5
-rw-r--r--src/faillog.c7
-rw-r--r--src/free_subid_range.c3
-rw-r--r--src/get_subid_owners.c3
-rw-r--r--src/getsubids.c3
-rw-r--r--src/gpasswd.c5
-rw-r--r--src/groupadd.c14
-rw-r--r--src/groupdel.c14
-rw-r--r--src/groupmems.c10
-rw-r--r--src/groupmod.c10
-rw-r--r--src/groups.c6
-rw-r--r--src/grpck.c8
-rw-r--r--src/grpconv.c5
-rw-r--r--src/grpunconv.c5
-rw-r--r--src/lastlog.c3
-rw-r--r--src/login.c7
-rw-r--r--src/logoutd.c5
-rw-r--r--src/new_subid_range.c3
-rw-r--r--src/newgidmap.c3
-rw-r--r--src/newgrp.c2
-rw-r--r--src/newuidmap.c3
-rw-r--r--src/newusers.c3
-rw-r--r--src/passwd.c11
-rw-r--r--src/pwck.c8
-rw-r--r--src/pwconv.c5
-rw-r--r--src/pwunconv.c5
-rw-r--r--src/su.c11
-rw-r--r--src/sulogin.c3
-rw-r--r--src/useradd.c10
-rw-r--r--src/userdel.c10
-rw-r--r--src/usermod.c10
37 files changed, 85 insertions, 171 deletions
diff --git a/src/chage.c b/src/chage.c
index 8a6d3584..b64961f6 100644
--- a/src/chage.c
+++ b/src/chage.c
@@ -41,7 +41,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "chage";
static bool
dflg = false, /* set last password change date */
@@ -511,7 +511,7 @@ static void check_perms (void)
exit (E_NOPERM);
}
- retval = pam_start ("chage", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -765,7 +765,6 @@ int main (int argc, char **argv)
/*
* Get the program name so that error messages can use it.
*/
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -780,7 +779,7 @@ int main (int argc, char **argv)
#ifdef WITH_AUDIT
audit_help_open ();
#endif
- OPENLOG ("chage");
+ OPENLOG (Prog);
ruid = getuid ();
rgid = getgid ();
diff --git a/src/check_subid_range.c b/src/check_subid_range.c
index 38703b60..63bc882f 100644
--- a/src/check_subid_range.c
+++ b/src/check_subid_range.c
@@ -18,14 +18,13 @@
#include "idmapping.h"
#include "shadowlog.h"
-const char *Prog;
+static const char Prog[] = "check_subid_range";
int main(int argc, char **argv)
{
char *owner;
unsigned long start, count;
bool check_uids;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
diff --git a/src/chfn.c b/src/chfn.c
index 5018ab87..2fd81d3d 100644
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -36,7 +36,7 @@
/*
* Global variables.
*/
-const char *Prog;
+static const char Prog[] = "chfn";
static char fullnm[BUFSIZ];
static char roomno[BUFSIZ];
static char workph[BUFSIZ];
@@ -362,7 +362,7 @@ static void check_perms (const struct passwd *pw)
* check if the change is allowed by SELinux policy.
*/
if ((pw->pw_uid != getuid ())
- && (check_selinux_permit ("chfn") != 0)) {
+ && (check_selinux_permit (Prog) != 0)) {
fprintf (stderr, _("%s: Permission denied.\n"), Prog);
closelog ();
exit (E_NOPERM);
@@ -377,7 +377,7 @@ static void check_perms (const struct passwd *pw)
* --marekm
*/
if (!amroot && getdef_bool ("CHFN_AUTH")) {
- passwd_check (pw->pw_name, pw->pw_passwd, "chfn");
+ passwd_check (pw->pw_name, pw->pw_passwd, Prog);
}
#else /* !USE_PAM */
@@ -389,7 +389,7 @@ static void check_perms (const struct passwd *pw)
exit (E_NOPERM);
}
- retval = pam_start ("chfn", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -616,11 +616,6 @@ int main (int argc, char **argv)
char new_gecos[BUFSIZ]; /* buffer for new GECOS fields */
char *user;
- /*
- * Get the program name. The program name is used as a
- * prefix to most error messages.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -637,7 +632,7 @@ int main (int argc, char **argv)
*/
amroot = (getuid () == 0);
- OPENLOG ("chfn");
+ OPENLOG (Prog);
/* parse the command line options */
process_flags (argc, argv);
diff --git a/src/chgpasswd.c b/src/chgpasswd.c
index 7b773e2f..89e9a6dc 100644
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@@ -36,7 +36,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "chgpasswd";
static bool eflg = false;
static bool md5flg = false;
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -303,7 +303,7 @@ static void check_perms (void)
exit (1);
}
- retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -423,7 +423,6 @@ int main (int argc, char **argv)
int errors = 0;
int line = 0;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -441,7 +440,7 @@ int main (int argc, char **argv)
process_flags (argc, argv);
- OPENLOG ("chgpasswd");
+ OPENLOG (Prog);
check_perms ();
diff --git a/src/chpasswd.c b/src/chpasswd.c
index 21d3018f..64070bc1 100644
--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@@ -35,7 +35,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "chpasswd";
static bool eflg = false;
static bool md5flg = false;
#if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -302,7 +302,7 @@ static void check_perms (void)
exit (1);
}
- retval = pam_start ("chpasswd", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -450,7 +450,6 @@ int main (int argc, char **argv)
int errors = 0;
int line = 0;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -476,7 +475,7 @@ int main (int argc, char **argv)
}
#endif /* USE_PAM */
- OPENLOG ("chpasswd");
+ OPENLOG (Prog);
check_perms ();
@@ -546,7 +545,7 @@ int main (int argc, char **argv)
#ifdef USE_PAM
if (use_pam) {
- if (do_pam_passwd_non_interactive ("chpasswd", name, newpwd) != 0) {
+ if (do_pam_passwd_non_interactive (Prog, name, newpwd) != 0) {
fprintf (stderr,
_("%s: (line %d, user %s) password not changed\n"),
Prog, line, name);
diff --git a/src/chsh.c b/src/chsh.c
index e069b9fb..e29ac580 100644
--- a/src/chsh.c
+++ b/src/chsh.c
@@ -45,7 +45,7 @@
/*
* Global variables
*/
-const char *Prog; /* Program name */
+static const char Prog[] = "chsh"; /* Program name */
static bool amroot; /* Real UID is root */
static char loginsh[BUFSIZ]; /* Name of new login shell */
/* command line options */
@@ -320,7 +320,7 @@ static void check_perms (const struct passwd *pw)
* check if the change is allowed by SELinux policy.
*/
if ((pw->pw_uid != getuid ())
- && (check_selinux_permit("chsh") != 0)) {
+ && (check_selinux_permit(Prog) != 0)) {
SYSLOG ((LOG_WARN, "can't change shell for '%s'", pw->pw_name));
fprintf (stderr,
_("You may not change the shell for '%s'.\n"),
@@ -337,7 +337,7 @@ static void check_perms (const struct passwd *pw)
* chfn/chsh. --marekm
*/
if (!amroot && getdef_bool ("CHSH_AUTH")) {
- passwd_check (pw->pw_name, pw->pw_passwd, "chsh");
+ passwd_check (pw->pw_name, pw->pw_passwd, Prog);
}
#else /* !USE_PAM */
@@ -349,7 +349,7 @@ static void check_perms (const struct passwd *pw)
exit (E_NOPERM);
}
- retval = pam_start ("chsh", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -474,11 +474,6 @@ int main (int argc, char **argv)
sanitize_env ();
- /*
- * Get the program name. The program name is used as a prefix to
- * most error messages.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -493,7 +488,7 @@ int main (int argc, char **argv)
*/
amroot = (getuid () == 0);
- OPENLOG ("chsh");
+ OPENLOG (Prog);
/* parse the command line options */
process_flags (argc, argv);
diff --git a/src/expiry.c b/src/expiry.c
index b980b656..673cbc3c 100644
--- a/src/expiry.c
+++ b/src/expiry.c
@@ -23,7 +23,7 @@
#include "shadowlog.h"
/* Global variables */
-const char *Prog;
+static const char Prog[] = "expiry";
static bool cflg = false;
/* local function prototypes */
@@ -123,7 +123,6 @@ int main (int argc, char **argv)
struct passwd *pwd;
struct spwd *spwd;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -145,7 +144,7 @@ int main (int argc, char **argv)
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);
- OPENLOG ("expiry");
+ OPENLOG (Prog);
process_flags (argc, argv);
diff --git a/src/faillog.c b/src/faillog.c
index dbcf5a5f..60d56d02 100644
--- a/src/faillog.c
+++ b/src/faillog.c
@@ -39,7 +39,7 @@ static void reset (void);
/*
* Global variables
*/
-const char *Prog; /* Program name */
+static const char Prog[] = "faillog"; /* Program name */
static FILE *fail; /* failure file stream */
static time_t seconds; /* that number of days in seconds */
static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
@@ -543,11 +543,6 @@ int main (int argc, char **argv)
short fail_max = 0; // initialize to silence compiler warning
long days = 0;
- /*
- * Get the program name. The program name is used as a prefix to
- * most error messages.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
diff --git a/src/free_subid_range.c b/src/free_subid_range.c
index d9a2cd8d..441c2277 100644
--- a/src/free_subid_range.c
+++ b/src/free_subid_range.c
@@ -9,7 +9,7 @@
/* Test program for the subid freeing routine */
-const char *Prog;
+static const char Prog[] = "free_subid_range";
static void usage(void)
{
@@ -25,7 +25,6 @@ int main(int argc, char *argv[])
struct subordinate_range range;
bool group = false; // get subuids by default
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
while ((c = getopt(argc, argv, "g")) != EOF) {
diff --git a/src/get_subid_owners.c b/src/get_subid_owners.c
index 36974b84..e1c1e795 100644
--- a/src/get_subid_owners.c
+++ b/src/get_subid_owners.c
@@ -6,7 +6,7 @@
#include "prototypes.h"
#include "shadowlog.h"
-const char *Prog;
+static const char Prog[] = "get_subid_owners";
static void usage(void)
{
@@ -21,7 +21,6 @@ int main(int argc, char *argv[])
int i, n;
uid_t *uids;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
if (argc < 2) {
diff --git a/src/getsubids.c b/src/getsubids.c
index c91ae39e..fb645b19 100644
--- a/src/getsubids.c
+++ b/src/getsubids.c
@@ -7,7 +7,7 @@
#include "prototypes.h"
#include "shadowlog.h"
-const char *Prog;
+static const char Prog[] = "getsubids";
static void usage(void)
{
@@ -23,7 +23,6 @@ int main(int argc, char *argv[])
struct subid_range *ranges;
const char *owner;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
if (argc < 2)
diff --git a/src/gpasswd.c b/src/gpasswd.c
index 3b76ff8e..34205cc7 100644
--- a/src/gpasswd.c
+++ b/src/gpasswd.c
@@ -37,7 +37,7 @@
* Global variables
*/
/* The name of this command, as it is invoked */
-const char *Prog;
+static const char Prog[] = "gpasswd";
#ifdef SHADOWGRP
/* Indicate if shadow groups are enabled on the system
@@ -968,11 +968,10 @@ int main (int argc, char **argv)
* with this command.
*/
bywho = getuid ();
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
- OPENLOG ("gpasswd");
+ OPENLOG (Prog);
setbuf (stdout, NULL);
setbuf (stderr, NULL);
diff --git a/src/groupadd.c b/src/groupadd.c
index 2eda1c68..c30a2008 100644
--- a/src/groupadd.c
+++ b/src/groupadd.c
@@ -50,7 +50,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "groupadd";
static /*@null@*/char *group_name;
static gid_t group_id;
@@ -542,7 +542,7 @@ static void check_perms (void)
exit (1);
}
- retval = pam_start ("groupadd", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -571,10 +571,6 @@ static void check_perms (void)
*/
int main (int argc, char **argv)
{
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -585,7 +581,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
- OPENLOG ("groupadd");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif
@@ -605,7 +601,7 @@ int main (int argc, char **argv)
check_perms ();
if (run_parts ("/etc/shadow-maint/groupadd-pre.d", group_name,
- "groupadd")) {
+ Prog)) {
exit(1);
}
@@ -628,7 +624,7 @@ int main (int argc, char **argv)
grp_update ();
close_files ();
if (run_parts ("/etc/shadow-maint/groupadd-post.d", group_name,
- "groupadd")) {
+ Prog)) {
exit(1);
}
diff --git a/src/groupdel.c b/src/groupdel.c
index bae4367b..3e3905fb 100644
--- a/src/groupdel.c
+++ b/src/groupdel.c
@@ -36,7 +36,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "groupdel";
static char *group_name;
static gid_t group_id = -1;
@@ -349,10 +349,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -363,7 +359,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
- OPENLOG ("groupdel");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif
@@ -389,7 +385,7 @@ int main (int argc, char **argv)
exit (1);
}
- retval = pam_start ("groupdel", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
@@ -463,7 +459,7 @@ int main (int argc, char **argv)
}
if (run_parts ("/etc/shadow-maint/groupdel-pre.d", group_name,
- "groupdel")) {
+ Prog)) {
exit(1);
}
@@ -478,7 +474,7 @@ int main (int argc, char **argv)
close_files ();
if (run_parts ("/etc/shadow-maint/groupdel-post.d", group_name,
- "groupdel")) {
+ Prog)) {
exit(1);
}
diff --git a/src/groupmems.c b/src/groupmems.c
index 1ac937ea..9c449086 100644
--- a/src/groupmems.c
+++ b/src/groupmems.c
@@ -44,7 +44,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "groupmems";
static char *adduser = NULL;
static char *deluser = NULL;
@@ -443,7 +443,7 @@ static void check_perms (void)
fail_exit (1);
}
- retval = pam_start ("groupmems", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
@@ -573,10 +573,6 @@ int main (int argc, char **argv)
char *name;
const struct group *grp;
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -586,7 +582,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- OPENLOG ("groupmems");
+ OPENLOG (Prog);
#ifdef SHADOWGRP
is_shadowgrp = sgr_file_present ();
diff --git a/src/groupmod.c b/src/groupmod.c
index 7fd02d6f..5438342d 100644
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -58,7 +58,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "groupmod";
#ifdef SHADOWGRP
static bool is_shadow_grp;
@@ -750,10 +750,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -764,7 +760,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
- OPENLOG ("groupmod");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif
@@ -790,7 +786,7 @@ int main (int argc, char **argv)
exit (E_PAM_USERNAME);
}
- retval = pam_start ("groupmod", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
diff --git a/src/groups.c b/src/groups.c
index a62f2f56..97c2843f 100644
--- a/src/groups.c
+++ b/src/groups.c
@@ -23,7 +23,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "groups";
/* local function prototypes */
static void print_groups (const char *member);
@@ -97,10 +97,6 @@ int main (int argc, char **argv)
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);
- /*
- * Get the program name so that error messages can use it.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
diff --git a/src/grpck.c b/src/grpck.c
index ec092b2c..4ef1b154 100644
--- a/src/grpck.c
+++ b/src/grpck.c
@@ -43,7 +43,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "grpck";
static const char *grp_file = GROUP_FILE;
static bool use_system_grp_file = true;
@@ -816,10 +816,6 @@ int main (int argc, char **argv)
int errors = 0;
bool changed = false;
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -829,7 +825,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- OPENLOG ("grpck");
+ OPENLOG (Prog);
/* Parse the command line arguments */
process_flags (argc, argv);
diff --git a/src/grpconv.c b/src/grpconv.c
index 57d8d58e..591c8b10 100644
--- a/src/grpconv.c
+++ b/src/grpconv.c
@@ -36,7 +36,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "grpconv";
static bool gr_locked = false;
static bool sgr_locked = false;
@@ -123,7 +123,6 @@ int main (int argc, char **argv)
const struct sgrp *sg;
struct sgrp sgent;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -133,7 +132,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- OPENLOG ("grpconv");
+ OPENLOG (Prog);
process_flags (argc, argv);
diff --git a/src/grpunconv.c b/src/grpunconv.c
index fc6cecf9..fbffbf53 100644
--- a/src/grpunconv.c
+++ b/src/grpunconv.c
@@ -36,7 +36,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "grpunconv";
static bool gr_locked = false;
static bool sgr_locked = false;
@@ -122,7 +122,6 @@ int main (int argc, char **argv)
struct group grent;
const struct sgrp *sg;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -132,7 +131,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- OPENLOG ("grpunconv");
+ OPENLOG (Prog);
process_flags (argc, argv);
diff --git a/src/lastlog.c b/src/lastlog.c
index 1db66887..ed0c78c4 100644
--- a/src/lastlog.c
+++ b/src/lastlog.c
@@ -39,7 +39,7 @@
/*
* Global variables
*/
-const char *Prog; /* Program name */
+static const char Prog[] = "lastlog"; /* Program name */
static FILE *lastlogfile; /* lastlog file stream */
static unsigned long umin; /* if uflg and has_umin, only display users with uid >= umin */
static bool has_umin = false;
@@ -290,7 +290,6 @@ int main (int argc, char **argv)
* Get the program name. The program name is used as a prefix to
* most error messages.
*/
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
diff --git a/src/login.c b/src/login.c
index c0ae3a1b..c7d29483 100644
--- a/src/login.c
+++ b/src/login.c
@@ -64,7 +64,7 @@ static pam_handle_t *pamh = NULL;
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "login";
static const char *hostname = "";
static /*@null@*/ /*@only@*/char *username = NULL;
@@ -520,7 +520,6 @@ int main (int argc, char **argv)
initenv ();
amroot = (getuid () == 0);
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -587,7 +586,7 @@ int main (int argc, char **argv)
}
#endif /* RLOGIN */
- OPENLOG ("login");
+ OPENLOG (Prog);
setup_tty ();
@@ -673,7 +672,7 @@ int main (int argc, char **argv)
retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
#ifdef USE_PAM
- retcode = pam_start ("login", username, &conv, &pamh);
+ retcode = pam_start (Prog, username, &conv, &pamh);
if (retcode != PAM_SUCCESS) {
fprintf (stderr,
_("login: PAM Failure, aborting: %s\n"),
diff --git a/src/logoutd.c b/src/logoutd.c
index 3cfecaee..d10887bc 100644
--- a/src/logoutd.c
+++ b/src/logoutd.c
@@ -22,7 +22,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "logoutd";
#ifndef DEFAULT_HUP_MESG
#define DEFAULT_HUP_MESG _("login time exceeded\n\n")
@@ -157,11 +157,10 @@ main(int argc, char **argv)
/*
* Start syslogging everything
*/
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
- OPENLOG ("logoutd");
+ OPENLOG (Prog);
/*
* Scan the utmp file once per minute looking for users that
diff --git a/src/new_subid_range.c b/src/new_subid_range.c
index 523d480a..1ef71f36 100644
--- a/src/new_subid_range.c
+++ b/src/new_subid_range.c
@@ -9,7 +9,7 @@
/* Test program for the subid creation routine */
-const char *Prog;
+static const char Prog[] = "new_subid_range";
static void usage(void)
{
@@ -28,7 +28,6 @@ int main(int argc, char *argv[])
bool group = false; // get subuids by default
bool ok;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
while ((c = getopt(argc, argv, "gn")) != EOF) {
diff --git a/src/newgidmap.c b/src/newgidmap.c
index d6d29725..1d349598 100644
--- a/src/newgidmap.c
+++ b/src/newgidmap.c
@@ -23,7 +23,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "newgidmap";
static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups)
@@ -151,7 +151,6 @@ int main(int argc, char **argv)
struct passwd *pw;
bool allow_setgroups = false;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
diff --git a/src/newgrp.c b/src/newgrp.c
index f786a96f..68e80fe9 100644
--- a/src/newgrp.c
+++ b/src/newgrp.c
@@ -28,7 +28,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char *Prog;
extern char **newenvp;
diff --git a/src/newuidmap.c b/src/newuidmap.c
index e99655c9..5dd984f6 100644
--- a/src/newuidmap.c
+++ b/src/newuidmap.c
@@ -23,7 +23,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "newuidmap";
static bool verify_range(struct passwd *pw, struct map_range *range)
{
@@ -80,7 +80,6 @@ int main(int argc, char **argv)
struct stat st;
struct passwd *pw;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
diff --git a/src/newusers.c b/src/newusers.c
index 2a3dd79e..3cc912e0 100644
--- a/src/newusers.c
+++ b/src/newusers.c
@@ -54,7 +54,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "newusers";
static bool rflg = false; /* create a system account */
#ifndef USE_PAM
@@ -1056,7 +1056,6 @@ int main (int argc, char **argv)
unsigned int nusers = 0;
#endif /* USE_PAM */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
diff --git a/src/passwd.c b/src/passwd.c
index 4549d95d..3ef0cf3f 100644
--- a/src/passwd.c
+++ b/src/passwd.c
@@ -45,7 +45,7 @@
/*
* Global variables
*/
-const char *Prog; /* Program name */
+static const char Prog[] = "passwd"; /* Program name */
static char *name; /* The name of user whose password is being changed */
static char *myname; /* The current user's name */
@@ -731,11 +731,6 @@ int main (int argc, char **argv)
sanitize_env ();
- /*
- * Get the program name. The program name is used as a prefix to
- * most error messages.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -757,7 +752,7 @@ int main (int argc, char **argv)
*/
amroot = (getuid () == 0);
- OPENLOG ("passwd");
+ OPENLOG (Prog);
{
/*
@@ -976,7 +971,7 @@ int main (int argc, char **argv)
#ifdef WITH_SELINUX
/* only do this check when getuid()==0 because it's a pre-condition for
changing a password without entering the old one */
- if (amroot && (check_selinux_permit ("passwd") != 0)) {
+ if (amroot && (check_selinux_permit (Prog) != 0)) {
SYSLOG ((LOG_ALERT,
"root is not authorized by SELinux to change the password of %s",
name));
diff --git a/src/pwck.c b/src/pwck.c
index 535ba4e5..baa24ba3 100644
--- a/src/pwck.c
+++ b/src/pwck.c
@@ -47,7 +47,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "pwck";
static bool use_system_pw_file = true;
static bool use_system_spw_file = true;
@@ -833,10 +833,6 @@ int main (int argc, char **argv)
int errors = 0;
bool changed = false;
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -846,7 +842,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- OPENLOG ("pwck");
+ OPENLOG (Prog);
/* Parse the command line arguments */
process_flags (argc, argv);
diff --git a/src/pwconv.c b/src/pwconv.c
index 0788d076..13d80ca6 100644
--- a/src/pwconv.c
+++ b/src/pwconv.c
@@ -66,7 +66,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "pwconv";
static bool spw_locked = false;
static bool pw_locked = false;
@@ -153,7 +153,6 @@ int main (int argc, char **argv)
const struct spwd *sp;
struct spwd spent;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -163,7 +162,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- OPENLOG ("pwconv");
+ OPENLOG (Prog);
process_flags (argc, argv);
diff --git a/src/pwunconv.c b/src/pwunconv.c
index b8624359..9bc0ab6b 100644
--- a/src/pwunconv.c
+++ b/src/pwunconv.c
@@ -30,7 +30,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "pwunconv";
static bool spw_locked = false;
static bool pw_locked = false;
@@ -114,7 +114,6 @@ int main (int argc, char **argv)
struct passwd pwent;
const struct spwd *spwd;
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -124,7 +123,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
- OPENLOG ("pwunconv");
+ OPENLOG (Prog);
process_flags (argc, argv);
diff --git a/src/su.c b/src/su.c
index 5f5cecfb..8c3be346 100644
--- a/src/su.c
+++ b/src/su.c
@@ -61,7 +61,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "su";
static /*@observer@*/const char *caller_tty = NULL; /* Name of tty SU is run from */
static bool caller_is_root = false;
static uid_t caller_uid;
@@ -730,11 +730,6 @@ static void save_caller_context (char **argv)
const char *password = NULL;
#endif /* SU_ACCESS */
#endif /* !USE_PAM */
- /*
- * Get the program name. The program name is used as a prefix to
- * most error messages.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -1010,14 +1005,14 @@ int main (int argc, char **argv)
save_caller_context (argv);
- OPENLOG ("su");
+ OPENLOG (Prog);
process_flags (argc, argv);
initenv ();
#ifdef USE_PAM
- ret = pam_start ("su", name, &conv, &pamh);
+ ret = pam_start (Prog, name, &conv, &pamh);
if (PAM_SUCCESS != ret) {
SYSLOG ((LOG_ERR, "pam_start: error %d", ret);
fprintf (stderr,
diff --git a/src/sulogin.c b/src/sulogin.c
index 080b92f1..d7fe5fb8 100644
--- a/src/sulogin.c
+++ b/src/sulogin.c
@@ -27,7 +27,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "sulogin";
static char pass[BUFSIZ];
@@ -63,7 +63,6 @@ static void catch_signals (unused int sig)
termio.c_lflag |= (ECHO | ECHOE | ECHOK | ICANON | ISIG);
tcsetattr (0, TCSANOW, &termio);
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
(void) setlocale (LC_ALL, "");
diff --git a/src/useradd.c b/src/useradd.c
index 5c62dbaf..896ff0dd 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -82,7 +82,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "useradd";
/*
* These defaults are used if there is no defaults file.
@@ -2518,10 +2518,6 @@ int main (int argc, char **argv)
unsigned long subuid_count = 0;
unsigned long subgid_count = 0;
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -2533,7 +2529,7 @@ int main (int argc, char **argv)
prefix = process_prefix_flag("-P", argc, argv);
- OPENLOG ("useradd");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif
@@ -2585,7 +2581,7 @@ int main (int argc, char **argv)
fail_exit (1);
}
- retval = pam_start ("useradd", pampw?pampw->pw_name:"root", &conv, &pamh);
+ retval = pam_start (Prog, pampw?pampw->pw_name:"root", &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
diff --git a/src/userdel.c b/src/userdel.c
index f68b91ec..69c6d741 100644
--- a/src/userdel.c
+++ b/src/userdel.c
@@ -70,7 +70,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "userdel";
static char *user_name;
static uid_t user_id;
@@ -969,10 +969,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
(void) setlocale (LC_ALL, "");
@@ -982,7 +978,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
- OPENLOG ("userdel");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif /* WITH_AUDIT */
@@ -1066,7 +1062,7 @@ int main (int argc, char **argv)
exit (E_PW_UPDATE);
}
- retval = pam_start ("userdel", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
diff --git a/src/usermod.c b/src/usermod.c
index 502d31be..59bd4495 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -86,7 +86,7 @@
/*
* Global variables
*/
-const char *Prog;
+static const char Prog[] = "usermod";
static char *user_name;
static char *user_newname;
@@ -2153,10 +2153,6 @@ int main (int argc, char **argv)
#endif /* USE_PAM */
#endif /* ACCT_TOOLS_SETUID */
- /*
- * Get my name so that I can use it to report errors.
- */
- Prog = Basename (argv[0]);
log_set_progname(Prog);
log_set_logfd(stderr);
@@ -2167,7 +2163,7 @@ int main (int argc, char **argv)
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
- OPENLOG ("usermod");
+ OPENLOG (Prog);
#ifdef WITH_AUDIT
audit_help_open ();
#endif
@@ -2213,7 +2209,7 @@ int main (int argc, char **argv)
exit (1);
}
- retval = pam_start ("usermod", pampw->pw_name, &conv, &pamh);
+ retval = pam_start (Prog, pampw->pw_name, &conv, &pamh);
}
if (PAM_SUCCESS == retval) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 07:53:09 +0000