📄 group.c
字号:
retval = -1; goto error_group; }#ifdef WITH_SELINUX security_context_t prev_context; if (set_default_context (group_orig, &prev_context) < 0) { fclose (oldgf); retval = -1; goto error_group; }#endif /* Open a temp group file */ newgf_fd = mkstemp (group_tmp);#ifdef WITH_SELINUX if (restore_default_context (prev_context) < 0) { if (newgf_fd >= 0) close (newgf_fd); fclose (oldgf); retval = -1; goto error_group; }#endif if (newgf_fd == -1) { fprintf (stderr, _("Can't create `%s': %m\n"), group_orig); fclose (oldgf); retval = -1; goto error_group; } if (fchmod (newgf_fd, group_stat.st_mode) < 0) { fprintf (stderr, _("Cannot change permissions for `%s': %s\n"), group_tmp, strerror (errno)); fclose (oldgf); close (newgf_fd); unlink (group_tmp); retval = -1; goto error_group; } if (fchown (newgf_fd, group_stat.st_uid, group_stat.st_gid) < 0) { fprintf (stderr, _("Cannot change owner/group for `%s': %s\n"), group_tmp, strerror (errno)); fclose (oldgf); close (newgf_fd); unlink (group_tmp); retval = -1; goto error_group; } if (copy_xattr (group_orig, group_tmp) != 0) { fclose (oldgf); close (newgf_fd); unlink (group_tmp); retval = -1; goto error_group; } newgf = fdopen (newgf_fd, "w+"); if (newgf == NULL) { fprintf (stderr, _("Can't open `%s': %m\n"), group_tmp); fclose (oldgf); close (newgf_fd); unlink (group_tmp); retval = -1; goto error_group; } gotit = 0; /* Loop over all group entries */ while ((gr = fgetgrent (oldgf)) != NULL) { if (data->todo == DO_CREATE) { /* insert the new group before we find a group with a higher GID or before we find a +/- character. */ if (!gotit && (/* data->gr.gr_gid < gr->gr_gid || XXX not yet? */ gr->gr_name[0] == '+' || gr->gr_name[0] == '-')) { /* write the group entry to tmp file */ if (putgrent (&data->gr, newgf) < 0) { fprintf (stderr, _("Error while writing `%s': %m\n"), group_tmp); fclose (oldgf); fclose (newgf); retval = -1; goto error_group; } gotit = 1; } } else if (data->todo == DO_DELETE) { if (data->gr.gr_gid == gr->gr_gid && strcmp (data->gr.gr_name, gr->gr_name) == 0) { gotit = 1; continue; } } else { /* check if this is the gid we want to change. A few sanity checks added for consistency. */ if (data->gr.gr_gid == gr->gr_gid && !strcmp (data->gr.gr_name, gr->gr_name) && !gotit) { if (data->newpassword && !data->use_gshadow) gr->gr_passwd = data->newpassword; if (data->new_gr_mem) gr->gr_mem = data->new_gr_mem; if (data->have_new_gid) gr->gr_gid = data->new_gid; if (data->new_name) gr->gr_name = data->new_name; gotit = 1; } } /* write the group entry to tmp file */ if (putgrent (gr, newgf) < 0) { fprintf (stderr, _("Error while writing `%s': %m\n"), group_tmp); fclose (oldgf); fclose (newgf); retval = -1; goto error_group; } } if (data->todo == DO_CREATE && !gotit) { /* write the group entry to tmp file */ if (putgrent (&data->gr, newgf) < 0) { fprintf (stderr, _("Error while writing `%s': %m\n"), group_tmp); fclose (oldgf); fclose (newgf); retval = -1; goto error_group; } } else if (data->todo == DO_DELETE && !gotit) { fprintf (stderr, _("Group not found (and not deleted): %s\n"), data->gr.gr_name); retval = -1; } if (fclose (oldgf) != 0) { fprintf (stderr, _("Error while closing `%s': %m\n"), group_orig); fclose (newgf); retval = -1; goto error_group; } if (fclose (newgf) != 0) { fprintf (stderr, _("Error while closing `%s': %m\n"), group_tmp); retval = -1; goto error_group; } unlink (group_old); if (link (group_orig, group_old) < 0) fprintf (stderr, _("Warning: cannot create backup file `%s': %m\n"), group_old); if (rename (group_tmp, group_orig) < 0) { fprintf (stderr, _("Error while renaming `%s': %m\n"), group_tmp); retval = -1; goto error_group; } error_group: unlink (group_tmp); } if (!is_locked) ulckpwdf (); }#ifdef USE_LDAP else if (data->service == S_LDAP) { ldap_session_t *session = NULL; session = create_ldap_session (LDAP_PATH_CONF); if (session == NULL) retval = -1; else { if (data->todo == DO_CREATE) { retval = ldap_create_group (session, &data->gr, data->binddn, data->oldclearpwd); } else if (data->todo == DO_DELETE) { retval = ldap_delete_group (session, data->gr.gr_name, data->binddn, data->oldclearpwd); } else { if (data->new_name) {#if 0 /* XXX does not work */ retval = ldap_update_group (session, data->gr.gr_name, data->binddn, data->oldclearpwd, LDAP_MOD_REPLACE, "cn", data->new_name);#else retval = -1;#endif } if (data->have_new_gid) { char *buf; if (asprintf (&buf, "%u", data->new_gid) < 1) { if (retval == 0) retval = LDAP_OTHER; } else { int rc; rc = ldap_update_group (session, data->gr.gr_name, data->binddn, data->oldclearpwd, LDAP_MOD_REPLACE, "gidNumber", buf); free (buf); if (retval == 0 && rc != LDAP_SUCCESS) retval = rc; } } if (data->new_gr_mem) { unsigned int i; /* At first, check if there is a new member and add this. */ for (i = 0; data->new_gr_mem[i] != 0; i++) { unsigned int j; int found = 0; for (j = 0; data->gr.gr_mem[j]; j++) { if (strcmp (data->new_gr_mem[i], data->gr.gr_mem[j]) == 0) { found = 1; break; } } if (!found) { int rc; rc = ldap_update_group (session, data->gr.gr_name, data->binddn, data->oldclearpwd, LDAP_MOD_ADD, "memberUid", data->new_gr_mem[i]); if (retval == 0 && rc != 0) retval = rc; } } /* Now check, if there are entries missing and delete them. */ for (i = 0; data->gr.gr_mem[i] != 0; i++) { unsigned int j; int found = 0; for (j = 0; data->new_gr_mem[j]; j++) { if (strcmp (data->gr.gr_mem[i], data->new_gr_mem[j]) == 0) { found = 1; break; } } if (!found) { int rc; rc = ldap_update_group (session, data->gr.gr_name, data->binddn, data->oldclearpwd, LDAP_MOD_DELETE, "memberUid", data->gr.gr_mem[i]); if (retval == 0 && rc != 0) retval = rc; } } } } if (retval != 0) fprintf (stderr, _("LDAP information update failed: %s\n"), ldap_err2string (retval)); close_ldap_session (session); } }#endif else if (data->service == S_YP) { fprintf (stderr, _("Cannot modify/add NIS group entries.\n")); retval = -1; } else { fprintf (stderr, _("Unknown service %d.\n"), data->service); retval = -1; } return retval;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -