libsubid: don't print error messages on stderr by default

author Serge Hallyn <serge@hallyn.com>

Sat, 8 May 2021 22:42:14 +0000 (17:42 -0500)

committer Serge Hallyn <serge@hallyn.com>

Sat, 15 May 2021 17:38:55 +0000 (12:38 -0500)
author Serge Hallyn <serge@hallyn.com>
Sat, 8 May 2021 22:42:14 +0000 (17:42 -0500)
committer Serge Hallyn <serge@hallyn.com>
Sat, 15 May 2021 17:38:55 +0000 (12:38 -0500)
diff --git a/lib/commonio.c b/lib/commonio.c

index 3c81c796f0ea44847619e6b4c167dc99e3daa482..23ac91f9c6a4cbfd1df425004a959d61894eef0c 100644 (file)
--- a/lib/commonio.c
+++ b/lib/commonio.c
@@ -144,7 +144,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
         if (-1 == fd) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: %s: %s\n",
                                         Prog, file, strerror (errno));
                 }
@@ -156,7 +156,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         len = (ssize_t) strlen (buf) + 1;
         if (write (fd, buf, (size_t) len) != len) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: %s file write error: %s\n",
                                         Prog, file, strerror (errno));
                 }
@@ -166,7 +166,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         }
         if (fdatasync (fd) == -1) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: %s file sync error: %s\n",
                                         Prog, file, strerror (errno));
                 }
@@ -179,7 +179,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         if (link (file, lock) == 0) {
                 retval = check_link_count (file);
                 if ((0==retval) && log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: %s: lock file already used\n",
                                         Prog, file);
                 }
@@ -190,7 +190,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         fd = open (lock, O_RDWR);
         if (-1 == fd) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: %s: %s\n",
                                         Prog, lock, strerror (errno));
                 }
@@ -202,7 +202,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         close (fd);
         if (len <= 0) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: existing lock file %s without a PID\n",
                                         Prog, lock);
                 }
@@ -213,7 +213,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         buf[len] = '\0';
         if (get_pid (buf, &pid) == 0) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: existing lock file %s with an invalid PID '%s'\n",
                                         Prog, lock, buf);
                 }
@@ -223,7 +223,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         }
         if (kill (pid, 0) == 0) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: lock %s already used by PID %lu\n",
                                         Prog, lock, (unsigned long) pid);
                 }
@@ -233,7 +233,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         }
         if (unlink (lock) != 0) {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: cannot get lock %s: %s\n",
                                         Prog, lock, strerror (errno));
                 }
@@ -245,13 +245,13 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         if (link (file, lock) == 0) {
                 retval = check_link_count (file);
                 if ((0==retval) && log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: %s: lock file already used\n",
                                         Prog, file);
                 }
         } else {
                 if (log) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         "%s: cannot get lock %s: %s\n",
                                         Prog, lock, strerror (errno));
                 }
@@ -442,7 +442,7 @@ int commonio_lock (struct commonio_db *db)
                 if (0 == lock_count) {
                         if (lckpwdf () == -1) {
                                 if (geteuid () != 0) {
-                                       (void) fprintf (stderr,
+                                       (void) fprintf (shadow_logfd,
                                                         "%s: Permission denied.\n",
                                                         Prog);
                                 }
@@ -478,7 +478,7 @@ int commonio_lock (struct commonio_db *db)
                 }
                 /* no unnecessary retries on "permission denied" errors */
                 if (geteuid () != 0) {
-                       (void) fprintf (stderr, "%s: Permission denied.\n",
+                       (void) fprintf (shadow_logfd, "%s: Permission denied.\n",
                                         Prog);
                         return 0;
                 }
@@ -1109,7 +1109,7 @@ int commonio_update (struct commonio_db *db, const void *eptr)
         p = find_entry_by_name (db, db->ops->getname (eptr));
         if (NULL != p) {
                 if (next_entry_by_name (db, p->next, db->ops->getname (eptr)) != NULL) {
-                       fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename);
+                       fprintf (shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->getname (eptr), db->filename);
                         db->ops->free (nentry);
                         return 0;
                 }
@@ -1214,7 +1214,7 @@ int commonio_remove (struct commonio_db *db, const char *name)
                 return 0;
         }
         if (next_entry_by_name (db, p->next, name) != NULL) {
-               fprintf (stderr, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
+               fprintf (shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
                 return 0;
         }
  
diff --git a/lib/encrypt.c b/lib/encrypt.c

index 4ab0a1d72fc0216dc5c0cc54a9cafd4872fc94e9..66c52f2d8718f4d26864d2cede4b34ff7dbc6ead 100644 (file)
--- a/lib/encrypt.c
+++ b/lib/encrypt.c
@@ -84,7 +84,7 @@
                                 method = &nummethod[0];
                         }
                 }
-               (void) fprintf (stderr,
+               (void) fprintf (shadow_logfd,
                                 _("crypt method not supported by libcrypt? (%s)\n"),
                                 method);
                 exit (EXIT_FAILURE);
diff --git a/lib/getdef.c b/lib/getdef.c

index eaf6b48f205b4418dfe5b584adf6c2be389e16ef..c3d8001851902086f43eeb82833ec4d87e033d4e 100644 (file)
--- a/lib/getdef.c
+++ b/lib/getdef.c
@@ -266,7 +266,7 @@ int getdef_num (const char *item, int dflt)
         if (   (getlong (d->value, &val) == 0)
             || (val > INT_MAX)
             || (val < INT_MIN)) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -301,7 +301,7 @@ unsigned int getdef_unum (const char *item, unsigned int dflt)
         if (   (getlong (d->value, &val) == 0)
             || (val < 0)
             || (val > INT_MAX)) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -334,7 +334,7 @@ long getdef_long (const char *item, long dflt)
         }
  
         if (getlong (d->value, &val) == 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -367,7 +367,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
  
         if (getulong (d->value, &val) == 0) {
                 /* FIXME: we should have a getulong */
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -405,7 +405,7 @@ int putdef_str (const char *name, const char *value)
         cp = strdup (value);
         if (NULL == cp) {
                 (void) fputs (_("Could not allocate space for config info.\n"),
-                             stderr);
+                             shadow_logfd);
                 SYSLOG ((LOG_ERR, "could not allocate space for config info"));
                 return -1;
         }
@@ -449,7 +449,7 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name)
                         goto out;
                 }
         }
-       fprintf (stderr,
+       fprintf (shadow_logfd,
                  _("configuration error - unknown item '%s' (notify administrator)\n"),
                  name);
         SYSLOG ((LOG_CRIT, "unknown configuration item `%s'", name));
diff --git a/lib/nscd.c b/lib/nscd.c

index 7adb58ffdc7188ddf6622b223da3b81274c606d4..397212e22083ca6f58cab47af4b9c7748c8e5f12 100644 (file)
--- a/lib/nscd.c
+++ b/lib/nscd.c
@@ -25,13 +25,13 @@ int nscd_flush_cache (const char *service)
  
         if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
                 /* run_command writes its own more detailed message. */
-               (void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+               (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
                 return -1;
         }
  
         code = WEXITSTATUS (status);
         if (!WIFEXITED (status)) {
-               (void) fprintf (stderr,
+               (void) fprintf (shadow_logfd,
                                 _("%s: nscd did not terminate normally (signal %d)\n"),
                                 Prog, WTERMSIG (status));
                 return -1;
@@ -43,9 +43,9 @@ int nscd_flush_cache (const char *service)
                 /* nscd is installed, but it isn't active. */
                 return 0;
         } else if (code != 0) {
-               (void) fprintf (stderr, _("%s: nscd exited with status %d\n"),
+               (void) fprintf (shadow_logfd, _("%s: nscd exited with status %d\n"),
                                 Prog, code);
-               (void) fprintf (stderr, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
+               (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), Prog);
                 return -1;
         }
  
diff --git a/lib/nss.c b/lib/nss.c

index 2f92474017e9a0fb7320df6f5fce7ea235f3f342..a04441b1b32b618c44658a64ede974cb4ee7dfe1 100644 (file)
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -56,7 +56,7 @@ void nss_init(char *nsswitch_path) {
         //   subid:     files
         nssfp = fopen(nsswitch_path, "r");
         if (!nssfp) {
-               fprintf(stderr, "Failed opening %s: %m", nsswitch_path);
+               fprintf(shadow_logfd, "Failed opening %s: %m", nsswitch_path);
                 atomic_store(&nss_init_completed, true);
                 return;
         }
@@ -82,16 +82,16 @@ void nss_init(char *nsswitch_path) {
                                 goto done;
                         }
                         if (strlen(token) > 50) {
-                               fprintf(stderr, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
-                               fprintf(stderr, "Using files\n");
+                               fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", token);
+                               fprintf(shadow_logfd, "Using files\n");
                                 subid_nss = NULL;
                                 goto done;
                         }
                         snprintf(libname, 64,  "libsubid_%s.so", token);
                         h = dlopen(libname, RTLD_LAZY);
                         if (!h) {
-                               fprintf(stderr, "Error opening %s: %s\n", libname, dlerror());
-                               fprintf(stderr, "Using files\n");
+                               fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
+                               fprintf(shadow_logfd, "Using files\n");
                                 subid_nss = NULL;
                                 goto done;
                         }
@@ -102,7 +102,7 @@ void nss_init(char *nsswitch_path) {
                         }
                         subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
                         if (!subid_nss->has_range) {
-                               fprintf(stderr, "%s did not provide @has_range@\n", libname);
+                               fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
                                 dlclose(h);
                                 free(subid_nss);
                                 subid_nss = NULL;
@@ -110,7 +110,7 @@ void nss_init(char *nsswitch_path) {
                         }
                         subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
                         if (!subid_nss->list_owner_ranges) {
-                               fprintf(stderr, "%s did not provide @list_owner_ranges@\n", libname);
+                               fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
                                 dlclose(h);
                                 free(subid_nss);
                                 subid_nss = NULL;
@@ -118,7 +118,7 @@ void nss_init(char *nsswitch_path) {
                         }
                         subid_nss->has_any_range = dlsym(h, "shadow_subid_has_any_range");
                         if (!subid_nss->has_any_range) {
-                               fprintf(stderr, "%s did not provide @has_any_range@\n", libname);
+                               fprintf(shadow_logfd, "%s did not provide @has_any_range@\n", libname);
                                 dlclose(h);
                                 free(subid_nss);
                                 subid_nss = NULL;
@@ -126,7 +126,7 @@ void nss_init(char *nsswitch_path) {
                         }
                         subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
                         if (!subid_nss->find_subid_owners) {
-                               fprintf(stderr, "%s did not provide @find_subid_owners@\n", libname);
+                               fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
                                 dlclose(h);
                                 free(subid_nss);
                                 subid_nss = NULL;
@@ -135,7 +135,7 @@ void nss_init(char *nsswitch_path) {
                         subid_nss->handle = h;
                         goto done;
                 }
-               fprintf(stderr, "No usable subid NSS module found, using files\n");
+               fprintf(shadow_logfd, "No usable subid NSS module found, using files\n");
                 // subid_nss has to be null here, but to ease reviews:
                 free(subid_nss);
                 subid_nss = NULL;
diff --git a/lib/prototypes.h b/lib/prototypes.h

index d187660e304428b5c8706949fac68883522608ef..f7d60979829bf94cdd58c5a4495fa1b7b8de282d 100644 (file)
--- a/lib/prototypes.h
+++ b/lib/prototypes.h
@@ -59,7 +59,8 @@
  #include "defines.h"
  #include "commonio.h"
  
-extern /*@observer@*/ const char *Prog;
+extern /*@observer@*/ const char *Prog; /* Program name showed in error messages */
+extern FILE *shadow_logfd;  /* file descripter to which error messages are printed */
  
  /* addgrps.c */
  #if defined (HAVE_SETGROUPS) && ! defined (USE_PAM)
diff --git a/lib/run_part.c b/lib/run_part.c

index ab0bcc1fdecb8c6dfd5c81d8b044ac45af35ecde..03d1d675eb04b438168cc3340131cf4f8ab640c7 100644 (file)
--- a/lib/run_part.c
+++ b/lib/run_part.c
@@ -7,6 +7,7 @@
  #include <sys/types.h>
  #include <sys/wait.h>
  #include <unistd.h>
+#include <lib/prototypes.h>
  
  int run_part (char *script_path, char *name, char *action)
  {
@@ -83,7 +84,7 @@ int run_parts (char *directory, char *name, char *action)
                 free (s);
  
                 if (execute_result!=0) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                 "%s: did not exit cleanly.\n",
                             namelist[n]->d_name);
                         for (; n<scanlist; n++) {
diff --git a/lib/selinux.c b/lib/selinux.c

index 28ca5fff57077fbec93eb9a9a32211328c5e5881..c83545f99a4d11018188467db73de64fa8027a45 100644 (file)
--- a/lib/selinux.c
+++ b/lib/selinux.c
@@ -154,7 +154,7 @@ static int selinux_log_cb (int type, const char *fmt, ...) {
                             && (errno != EAFNOSUPPORT)) {
  
                             (void) fputs (_("Cannot open audit interface.\n"),
-                                     stderr);
+                                     shadow_logfd);
                             SYSLOG ((LOG_WARN, "Cannot open audit interface."));
                         }
                 }
@@ -207,7 +207,7 @@ int check_selinux_permit (const char *perm_name)
         selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) selinux_log_cb);
  
         if (getprevcon_raw (&user_context_raw) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                     _("%s: can not get previous SELinux process context: %s\n"),
                     Prog, strerror (errno));
                 SYSLOG ((LOG_WARN,
diff --git a/lib/semanage.c b/lib/semanage.c

index e983f5f7361da849372a3eca6e0a759c111e46d7..766ad6d0951a1d528195276c29236c9b7205168d 100644 (file)
--- a/lib/semanage.c
+++ b/lib/semanage.c
@@ -69,7 +69,7 @@ static void semanage_error_callback (unused void *varg,
         switch (semanage_msg_get_level (handle)) {
         case SEMANAGE_MSG_ERR:
         case SEMANAGE_MSG_WARN:
-               fprintf (stderr, _("[libsemanage]: %s\n"), message);
+               fprintf (shadow_logfd, _("[libsemanage]: %s\n"), message);
                 break;
         case SEMANAGE_MSG_INFO:
                 /* nop */
@@ -87,7 +87,7 @@ static semanage_handle_t *semanage_init (void)
  
         handle = semanage_handle_create ();
         if (NULL == handle) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Cannot create SELinux management handle\n"));
                 return NULL;
         }
@@ -96,26 +96,26 @@ static semanage_handle_t *semanage_init (void)
  
         ret = semanage_is_managed (handle);
         if (ret != 1) {
-               fprintf (stderr, _("SELinux policy not managed\n"));
+               fprintf (shadow_logfd, _("SELinux policy not managed\n"));
                 goto fail;
         }
  
         ret = semanage_access_check (handle);
         if (ret < SEMANAGE_CAN_READ) {
-               fprintf (stderr, _("Cannot read SELinux policy store\n"));
+               fprintf (shadow_logfd, _("Cannot read SELinux policy store\n"));
                 goto fail;
         }
  
         ret = semanage_connect (handle);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Cannot establish SELinux management connection\n"));
                 goto fail;
         }
  
         ret = semanage_begin_transaction (handle);
         if (ret != 0) {
-               fprintf (stderr, _("Cannot begin SELinux transaction\n"));
+               fprintf (shadow_logfd, _("Cannot begin SELinux transaction\n"));
                 goto fail;
         }
  
@@ -137,7 +137,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
  
         semanage_seuser_query (handle, key, &seuser);
         if (NULL == seuser) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not query seuser for %s\n"), login_name);
                 ret = 1;
                 goto done;
@@ -145,7 +145,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
  
         ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not set serange for %s\n"), login_name);
                 ret = 1;
                 goto done;
@@ -153,7 +153,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
  
         ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not set sename for %s\n"),
                          login_name);
                 ret = 1;
@@ -162,7 +162,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
  
         ret = semanage_seuser_modify_local (handle, key, seuser);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not modify login mapping for %s\n"),
                          login_name);
                 ret = 1;
@@ -186,7 +186,7 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_create (handle, &seuser);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Cannot create SELinux login mapping for %s\n"),
                          login_name);
                 ret = 1;
@@ -195,14 +195,14 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_set_name (handle, seuser, login_name);
         if (ret != 0) {
-               fprintf (stderr, _("Could not set name for %s\n"), login_name);
+               fprintf (shadow_logfd, _("Could not set name for %s\n"), login_name);
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_set_mlsrange (handle, seuser, DEFAULT_SERANGE);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not set serange for %s\n"),
                          login_name);
                 ret = 1;
@@ -211,7 +211,7 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not set SELinux user for %s\n"),
                          login_name);
                 ret = 1;
@@ -220,7 +220,7 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_modify_local (handle, key, seuser);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not add login mapping for %s\n"),
                          login_name);
                 ret = 1;
@@ -248,21 +248,21 @@ int set_seuser (const char *login_name, const char *seuser_name)
  
         handle = semanage_init ();
         if (NULL == handle) {
-               fprintf (stderr, _("Cannot init SELinux management\n"));
+               fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_key_create (handle, login_name, &key);
         if (ret != 0) {
-               fprintf (stderr, _("Cannot create SELinux user key\n"));
+               fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_exists (handle, key, &seuser_exists);
         if (ret < 0) {
-               fprintf (stderr, _("Cannot verify the SELinux user\n"));
+               fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
                 ret = 1;
                 goto done;
         }
@@ -270,7 +270,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
         if (0 != seuser_exists) {
                 ret = semanage_user_mod (handle, key, login_name, seuser_name);
                 if (ret != 0) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("Cannot modify SELinux user mapping\n"));
                         ret = 1;
                         goto done;
@@ -278,7 +278,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
         } else {
                 ret = semanage_user_add (handle, key, login_name, seuser_name);
                 if (ret != 0) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("Cannot add SELinux user mapping\n"));
                         ret = 1;
                         goto done;
@@ -287,7 +287,7 @@ int set_seuser (const char *login_name, const char *seuser_name)
  
         ret = semanage_commit (handle);
         if (ret < 0) {
-               fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+               fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
                 ret = 1;
                 goto done;
         }
@@ -310,27 +310,27 @@ int del_seuser (const char *login_name)
  
         handle = semanage_init ();
         if (NULL == handle) {
-               fprintf (stderr, _("Cannot init SELinux management\n"));
+               fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_key_create (handle, login_name, &key);
         if (ret != 0) {
-               fprintf (stderr, _("Cannot create SELinux user key\n"));
+               fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_exists (handle, key, &exists);
         if (ret < 0) {
-               fprintf (stderr, _("Cannot verify the SELinux user\n"));
+               fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
                 ret = 1;
                 goto done;
         }
  
         if (0 == exists) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Login mapping for %s is not defined, OK if default mapping was used\n"), 
                          login_name);
                 ret = 0;  /* probably default mapping */
@@ -339,13 +339,13 @@ int del_seuser (const char *login_name)
  
         ret = semanage_seuser_exists_local (handle, key, &exists);
         if (ret < 0) {
-               fprintf (stderr, _("Cannot verify the SELinux user\n"));
+               fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
                 ret = 1;
                 goto done;
         }
  
         if (0 == exists) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Login mapping for %s is defined in policy, cannot be deleted\n"), 
                          login_name);
                 ret = 0; /* Login mapping defined in policy can't be deleted */
@@ -354,7 +354,7 @@ int del_seuser (const char *login_name)
  
         ret = semanage_seuser_del_local (handle, key);
         if (ret != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Could not delete login mapping for %s"),
                          login_name);
                 ret = 1;
@@ -363,7 +363,7 @@ int del_seuser (const char *login_name)
  
         ret = semanage_commit (handle);
         if (ret < 0) {
-               fprintf (stderr, _("Cannot commit SELinux transaction\n"));
+               fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
                 ret = 1;
                 goto done;
         }
diff --git a/lib/spawn.c b/lib/spawn.c

index d0b5fb26e2594a2ee13c1e1948361e5d2c90b4f0..c53742ccda50288117f03f7798111a6581462372 100644 (file)
--- a/lib/spawn.c
+++ b/lib/spawn.c
@@ -48,7 +48,7 @@ int run_command (const char *cmd, const char *argv[],
         }
  
         (void) fflush (stdout);
-       (void) fflush (stderr);
+       (void) fflush (shadow_logfd);
  
         pid = fork ();
         if (0 == pid) {
@@ -57,11 +57,11 @@ int run_command (const char *cmd, const char *argv[],
                 if (ENOENT == errno) {
                         exit (E_CMD_NOTFOUND);
                 }
-               fprintf (stderr, "%s: cannot execute %s: %s\n",
+               fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
                          Prog, cmd, strerror (errno));
                 exit (E_CMD_NOEXEC);
         } else if ((pid_t)-1 == pid) {
-               fprintf (stderr, "%s: cannot execute %s: %s\n",
+               fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
                          Prog, cmd, strerror (errno));
                 return -1;
         }
@@ -74,7 +74,7 @@ int run_command (const char *cmd, const char *argv[],
                  || ((pid_t)-1 != wpid && wpid != pid));
  
         if ((pid_t)-1 == wpid) {
-               fprintf (stderr, "%s: waitpid (status: %d): %s\n",
+               fprintf (shadow_logfd, "%s: waitpid (status: %d): %s\n",
                          Prog, *status, strerror (errno));
                 return -1;
         }
diff --git a/lib/tcbfuncs.c b/lib/tcbfuncs.c

index 2f694bd7467fd06fe93283fcac5b948a0c2658fe..e9496cdf641fc84c64b4a34ec0ec1c8170fa904d 100644 (file)
--- a/lib/tcbfuncs.c
+++ b/lib/tcbfuncs.c
@@ -72,8 +72,8 @@ shadowtcb_status shadowtcb_gain_priv (void)
   * to exit soon.
   */
  #define OUT_OF_MEMORY do { \
-       fprintf (stderr, _("%s: out of memory\n"), Prog); \
-       (void) fflush (stderr); \
+       fprintf (shadow_logfd, _("%s: out of memory\n"), Prog); \
+       (void) fflush (shadow_logfd); \
  } while (false)
  
  /* Returns user's tcb directory path relative to TCB_DIR. */
@@ -116,7 +116,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
                 return NULL;
         }
         if (lstat (path, &st) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot stat %s: %s\n"),
                          Prog, path, strerror (errno));
                 free (path);
@@ -132,7 +132,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
                 return rval;
         }
         if (!S_ISLNK (st.st_mode)) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: %s is neither a directory, nor a symlink.\n"),
                          Prog, path);
                 free (path);
@@ -140,7 +140,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
         }
         ret = readlink (path, link, sizeof (link) - 1);
         if (-1 == ret) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot read symbolic link %s: %s\n"),
                          Prog, path, strerror (errno));
                 free (path);
@@ -149,7 +149,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
         free (path);
         if ((size_t)ret >= sizeof(link) - 1) {
                 link[sizeof(link) - 1] = '\0';
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Suspiciously long symlink: %s\n"),
                          Prog, link);
                 return NULL;
@@ -207,7 +207,7 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
         }
         ptr = path;
         if (stat (TCB_DIR, &st) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot stat %s: %s\n"),
                          Prog, TCB_DIR, strerror (errno));
                 goto out_free_path;
@@ -219,19 +219,19 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
                         return SHADOWTCB_FAILURE;
                 }
                 if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: Cannot create directory %s: %s\n"),
                                  Prog, dir, strerror (errno));
                         goto out_free_dir;
                 }
                 if (chown (dir, 0, st.st_gid) != 0) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: Cannot change owner of %s: %s\n"),
                                  Prog, dir, strerror (errno));
                         goto out_free_dir;
                 }
                 if (chmod (dir, 0711) != 0) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: Cannot change mode of %s: %s\n"),
                                  Prog, dir, strerror (errno));
                         goto out_free_dir;
@@ -261,7 +261,7 @@ static shadowtcb_status unlink_suffs (const char *user)
                         return SHADOWTCB_FAILURE;
                 }
                 if ((unlink (tmp) != 0) && (errno != ENOENT)) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: unlink: %s: %s\n"),
                                  Prog, tmp, strerror (errno));
                         free (tmp);
@@ -286,7 +286,7 @@ static shadowtcb_status rmdir_leading (char *path)
                 }
                 if (rmdir (dir) != 0) {
                         if (errno != ENOTEMPTY) {
-                               fprintf (stderr,
+                               fprintf (shadow_logfd,
                                          _("%s: Cannot remove directory %s: %s\n"),
                                          Prog, dir, strerror (errno));
                                 ret = SHADOWTCB_FAILURE;
@@ -315,7 +315,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
                 goto out_free_nomem;
         }
         if (stat (olddir, &oldmode) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot stat %s: %s\n"),
                          Prog, olddir, strerror (errno));
                 goto out_free;
@@ -342,7 +342,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
                 goto out_free;
         }
         if (rename (real_old_dir, real_new_dir) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot rename %s to %s: %s\n"),
                          Prog, real_old_dir, real_new_dir, strerror (errno));
                 goto out_free;
@@ -351,7 +351,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
                 goto out_free;
         }
         if ((unlink (olddir) != 0) && (errno != ENOENT)) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot remove %s: %s\n"),
                          Prog, olddir, strerror (errno));
                 goto out_free;
@@ -365,7 +365,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
         }
         if (   (strcmp (real_new_dir, newdir) != 0)
             && (symlink (real_new_dir_rel, newdir) != 0)) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot create symbolic link %s: %s\n"),
                          Prog, real_new_dir_rel, strerror (errno));
                 goto out_free;
@@ -464,37 +464,37 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
                 return SHADOWTCB_FAILURE;
         }
         if (stat (tcbdir, &dirmode) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot stat %s: %s\n"),
                          Prog, tcbdir, strerror (errno));
                 goto out_free;
         }
         if (chown (tcbdir, 0, 0) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot change owners of %s: %s\n"),
                          Prog, tcbdir, strerror (errno));
                 goto out_free;
         }
         if (chmod (tcbdir, 0700) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot change mode of %s: %s\n"),
                          Prog, tcbdir, strerror (errno));
                 goto out_free;
         }
         if (lstat (shadow, &filemode) != 0) {
                 if (errno != ENOENT) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: Cannot lstat %s: %s\n"),
                                  Prog, shadow, strerror (errno));
                         goto out_free;
                 }
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Warning, user %s has no tcb shadow file.\n"),
                          Prog, user_newname);
         } else {
                 if (!S_ISREG (filemode.st_mode) ||
                         filemode.st_nlink != 1) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: Emergency: %s's tcb shadow is not a "
                                    "regular file with st_nlink=1.\n"
                                    "The account is left locked.\n"),
@@ -502,13 +502,13 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
                         goto out_free;
                 }
                 if (chown (shadow, user_newid, filemode.st_gid) != 0) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: Cannot change owner of %s: %s\n"),
                                  Prog, shadow, strerror (errno));
                         goto out_free;
                 }
                 if (chmod (shadow, filemode.st_mode & 07777) != 0) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: Cannot change mode of %s: %s\n"),
                                  Prog, shadow, strerror (errno));
                         goto out_free;
@@ -518,7 +518,7 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
                 goto out_free;
         }
         if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot change owner of %s: %s\n"),
                          Prog, tcbdir, strerror (errno));
                 goto out_free;
@@ -543,7 +543,7 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
                 return SHADOWTCB_SUCCESS;
         }
         if (stat (TCB_DIR, &tcbdir_stat) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot stat %s: %s\n"),
                          Prog, TCB_DIR, strerror (errno));
                 return SHADOWTCB_FAILURE;
@@ -563,39 +563,39 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
                 return SHADOWTCB_FAILURE;
         }
         if (mkdir (dir, 0700) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: mkdir: %s: %s\n"),
                          Prog, dir, strerror (errno));
                 goto out_free;
         }
         fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
         if (fd < 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot open %s: %s\n"),
                          Prog, shadow, strerror (errno));
                 goto out_free;
         }
         close (fd);
         if (chown (shadow, 0, authgid) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot change owner of %s: %s\n"),
                          Prog, shadow, strerror (errno));
                 goto out_free;
         }
         if (chmod (shadow, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot change mode of %s: %s\n"),
                          Prog, shadow, strerror (errno));
                 goto out_free;
         }
         if (chown (dir, 0, authgid) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot change owner of %s: %s\n"),
                          Prog, dir, strerror (errno));
                 goto out_free;
         }
         if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Cannot change mode of %s: %s\n"),
                          Prog, dir, strerror (errno));
                 goto out_free;
diff --git a/libmisc/addgrps.c b/libmisc/addgrps.c

index 40fad994d89e6d6113029bc49ccd9bbd9264d588..2e38e34021a1a66e0fef12ef8a7560f22eeeb468 100644 (file)
--- a/libmisc/addgrps.c
+++ b/libmisc/addgrps.c
@@ -93,7 +93,7 @@ int add_groups (const char *list)
  
                 grp = getgrnam (token); /* local, no need for xgetgrnam */
                 if (NULL == grp) {
-                       fprintf (stderr, _("Warning: unknown group %s\n"),
+                       fprintf (shadow_logfd, _("Warning: unknown group %s\n"),
                                  token);
                         continue;
                 }
@@ -105,7 +105,7 @@ int add_groups (const char *list)
                 }
  
                 if (ngroups >= sysconf (_SC_NGROUPS_MAX)) {
-                       fputs (_("Warning: too many groups\n"), stderr);
+                       fputs (_("Warning: too many groups\n"), shadow_logfd);
                         break;
                 }
                 tmp = (gid_t *) realloc (grouplist, (size_t)(ngroups + 1) * sizeof (GETGROUPS_T));
diff --git a/libmisc/audit_help.c b/libmisc/audit_help.c

index 1aadaa3791b1873bf775adcb5324fb60bda67204..b4e5f10e572b2a04ec219c23ecacd92237ba4876 100644 (file)
--- a/libmisc/audit_help.c
+++ b/libmisc/audit_help.c
@@ -59,7 +59,7 @@ void audit_help_open (void)
                         return;
                 }
                 (void) fputs (_("Cannot open audit interface - aborting.\n"),
-                             stderr);
+                             shadow_logfd);
                 exit (EXIT_FAILURE);
         }
  }
diff --git a/libmisc/chowntty.c b/libmisc/chowntty.c

index f6f5dbc567cf154ad86ab08237c1ba291c746332..ea706c4f789253237ab195e42db3c07de028c9a6 100644 (file)
--- a/libmisc/chowntty.c
+++ b/libmisc/chowntty.c
@@ -75,7 +75,7 @@ void chown_tty (const struct passwd *info)
             || (fchmod (STDIN_FILENO, (mode_t)getdef_num ("TTYPERM", 0600)) != 0)) {
                 int err = errno;
  
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Unable to change owner or mode of tty stdin: %s"),
                          strerror (err));
                 SYSLOG ((LOG_WARN,
diff --git a/libmisc/cleanup_group.c b/libmisc/cleanup_group.c

index d07adc71922d00366664915a09a2b9c4c1192304..a1233eac4cc762f4f4607338ce61c25e6c265255 100644 (file)
--- a/libmisc/cleanup_group.c
+++ b/libmisc/cleanup_group.c
@@ -203,7 +203,7 @@ void cleanup_report_del_group_gshadow (void *group_name)
  void cleanup_unlock_group (unused void *arg)
  {
         if (gr_unlock () == 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: failed to unlock %s\n"),
                          Prog, gr_dbname ());
                 SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
@@ -223,7 +223,7 @@ void cleanup_unlock_group (unused void *arg)
  void cleanup_unlock_gshadow (unused void *arg)
  {
         if (sgr_unlock () == 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: failed to unlock %s\n"),
                          Prog, sgr_dbname ());
                 SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
diff --git a/libmisc/cleanup_user.c b/libmisc/cleanup_user.c

index 6e497512dfc98e78c2039841bd1b5adf9eff3c56..7422846a789cea30a19ddeca98339312a6380d4c 100644 (file)
--- a/libmisc/cleanup_user.c
+++ b/libmisc/cleanup_user.c
@@ -120,7 +120,7 @@ void cleanup_report_add_user_shadow (void *user_name)
  void cleanup_unlock_passwd (unused void *arg)
  {
         if (pw_unlock () == 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: failed to unlock %s\n"),
                          Prog, pw_dbname ());
                 SYSLOG ((LOG_ERR, "failed to unlock %s", pw_dbname ()));
@@ -139,7 +139,7 @@ void cleanup_unlock_passwd (unused void *arg)
  void cleanup_unlock_shadow (unused void *arg)
  {
         if (spw_unlock () == 0) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: failed to unlock %s\n"),
                          Prog, spw_dbname ());
                 SYSLOG ((LOG_ERR, "failed to unlock %s", spw_dbname ()));
diff --git a/libmisc/copydir.c b/libmisc/copydir.c

index 1ca98b67c408a9356f6559596b96b21918b85896..91d391f830d440259c62849a4308fba277dca468 100644 (file)
--- a/libmisc/copydir.c
+++ b/libmisc/copydir.c
@@ -125,11 +125,11 @@ static void error_acl (struct error_context *ctx, const char *fmt, ...)
         }
  
         va_start (ap, fmt);
-       (void) fprintf (stderr, _("%s: "), Prog);
-       if (vfprintf (stderr, fmt, ap) != 0) {
-               (void) fputs (_(": "), stderr);
+       (void) fprintf (shadow_logfd, _("%s: "), Prog);
+       if (vfprintf (shadow_logfd, fmt, ap) != 0) {
+               (void) fputs (_(": "), shadow_logfd);
         }
-       (void) fprintf (stderr, "%s\n", strerror (errno));
+       (void) fprintf (shadow_logfd, "%s\n", strerror (errno));
         va_end (ap);
  }
  
@@ -248,7 +248,7 @@ int copy_tree (const char *src_root, const char *dst_root,
                 }
  
                 if (!S_ISDIR (sb.st_mode)) {
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  "%s: %s is not a directory",
                                  Prog, src_root);
                         return -1;
diff --git a/libmisc/env.c b/libmisc/env.c

index 0b7c148fb29589f7f837129a9d8ba292e8c5f547..47a5558431f2e968b5d1adbd8ebefd6128d56357 100644 (file)
--- a/libmisc/env.c
+++ b/libmisc/env.c
@@ -171,7 +171,7 @@ void addenv (const char *string, /*@null@*/const char *value)
                         }
                         newenvp = __newenvp;
                 } else {
-                       (void) fputs (_("Environment overflow\n"), stderr);
+                       (void) fputs (_("Environment overflow\n"), shadow_logfd);
                         newenvc--;
                         free (newenvp[newenvc]);
                 }
diff --git a/libmisc/find_new_gid.c b/libmisc/find_new_gid.c

index f93b4a37d0be80f767f8f97812df5d4c9aa70746..d9a0b33ffc569a671edc1b905c26dd9b4127f96f 100644 (file)
--- a/libmisc/find_new_gid.c
+++ b/libmisc/find_new_gid.c
@@ -74,7 +74,7 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
  
                 /* Check that the ranges make sense */
                 if (*max_id < *min_id) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                              _("%s: Invalid configuration: SYS_GID_MIN (%lu), "
                                "GID_MIN (%lu), SYS_GID_MAX (%lu)\n"),
                              Prog, (unsigned long) *min_id,
@@ -97,7 +97,7 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
  
                 /* Check that the ranges make sense */
                 if (*max_id < *min_id) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         _("%s: Invalid configuration: GID_MIN (%lu), "
                                           "GID_MAX (%lu)\n"),
                                         Prog, (unsigned long) *min_id,
@@ -213,7 +213,7 @@ int find_new_gid (bool sys_group,
                          * more likely to want to stop and address the
                          * issue.
                          */
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                 _("%s: Encountered error attempting to use "
                                   "preferred GID: %s\n"),
                                 Prog, strerror (result));
@@ -243,7 +243,7 @@ int find_new_gid (bool sys_group,
         /* Create an array to hold all of the discovered GIDs */
         used_gids = malloc (sizeof (bool) * (gid_max +1));
         if (NULL == used_gids) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: failed to allocate memory: %s\n"),
                          Prog, strerror (errno));
                 return -1;
@@ -323,7 +323,7 @@ int find_new_gid (bool sys_group,
                                  *
                                  */
                                 if (!nospam) {
-                                       fprintf (stderr,
+                                       fprintf (shadow_logfd,
                                                 _("%s: Can't get unique system GID (%s). "
                                                   "Suppressing additional messages.\n"),
                                                 Prog, strerror (result));
@@ -366,7 +366,7 @@ int find_new_gid (bool sys_group,
                                          *
                                          */
                                         if (!nospam) {
-                                               fprintf (stderr,
+                                               fprintf (shadow_logfd,
                                                         _("%s: Can't get unique system GID (%s). "
                                                           "Suppressing additional messages.\n"),
                                                         Prog, strerror (result));
@@ -426,7 +426,7 @@ int find_new_gid (bool sys_group,
                                  *
                                  */
                                 if (!nospam) {
-                                       fprintf (stderr,
+                                       fprintf (shadow_logfd,
                                                 _("%s: Can't get unique GID (%s). "
                                                   "Suppressing additional messages.\n"),
                                                 Prog, strerror (result));
@@ -469,7 +469,7 @@ int find_new_gid (bool sys_group,
                                          *
                                          */
                                         if (!nospam) {
-                                               fprintf (stderr,
+                                               fprintf (shadow_logfd,
                                                         _("%s: Can't get unique GID (%s). "
                                                           "Suppressing additional messages.\n"),
                                                         Prog, strerror (result));
@@ -488,7 +488,7 @@ int find_new_gid (bool sys_group,
         }
  
         /* The code reached here and found no available IDs in the range */
-       fprintf (stderr,
+       fprintf (shadow_logfd,
                 _("%s: Can't get unique GID (no more available GIDs)\n"),
                 Prog);
         SYSLOG ((LOG_WARN, "no more available GIDs on the system"));
diff --git a/libmisc/find_new_sub_gids.c b/libmisc/find_new_sub_gids.c

index 4d25abad7b76e1d060b4d6a031f83fb5cbe8eaee..6d33dec66d494d1476c16d343d66bf0c8759e650 100644 (file)
--- a/libmisc/find_new_sub_gids.c
+++ b/libmisc/find_new_sub_gids.c
@@ -60,7 +60,7 @@ int find_new_sub_gids (gid_t *range_start, unsigned long *range_count)
         count = getdef_ulong ("SUB_GID_COUNT", 65536);
  
         if (min > max || count >= max || (min + count - 1) > max) {
-               (void) fprintf (stderr,
+               (void) fprintf (shadow_logfd,
                                 _("%s: Invalid configuration: SUB_GID_MIN (%lu),"
                                   " SUB_GID_MAX (%lu), SUB_GID_COUNT (%lu)\n"),
                         Prog, min, max, count);
@@ -69,7 +69,7 @@ int find_new_sub_gids (gid_t *range_start, unsigned long *range_count)
  
         start = sub_gid_find_free_range(min, max, count);
         if (start == (gid_t)-1) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Can't get unique subordinate GID range\n"),
                          Prog);
                 SYSLOG ((LOG_WARN, "no more available subordinate GIDs on the system"));
diff --git a/libmisc/find_new_sub_uids.c b/libmisc/find_new_sub_uids.c

index 7113887ed7f173f986e62b9de20c63cdb83acb73..be3a0df87ac1a807810518568c307a040cc51322 100644 (file)
--- a/libmisc/find_new_sub_uids.c
+++ b/libmisc/find_new_sub_uids.c
@@ -60,7 +60,7 @@ int find_new_sub_uids (uid_t *range_start, unsigned long *range_count)
         count = getdef_ulong ("SUB_UID_COUNT", 65536);
  
         if (min > max || count >= max || (min + count - 1) > max) {
-               (void) fprintf (stderr,
+               (void) fprintf (shadow_logfd,
                                 _("%s: Invalid configuration: SUB_UID_MIN (%lu),"
                                   " SUB_UID_MAX (%lu), SUB_UID_COUNT (%lu)\n"),
                         Prog, min, max, count);
@@ -69,7 +69,7 @@ int find_new_sub_uids (uid_t *range_start, unsigned long *range_count)
  
         start = sub_uid_find_free_range(min, max, count);
         if (start == (uid_t)-1) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: Can't get unique subordinate UID range\n"),
                          Prog);
                 SYSLOG ((LOG_WARN, "no more available subordinate UIDs on the system"));
diff --git a/libmisc/find_new_uid.c b/libmisc/find_new_uid.c

index 743cf0a54fe849c25e451193e147c1631fb78be8..30dc2ed643239e502f1e8be315bbedeaec71dd8a 100644 (file)
--- a/libmisc/find_new_uid.c
+++ b/libmisc/find_new_uid.c
@@ -74,7 +74,7 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
  
                 /* Check that the ranges make sense */
                 if (*max_id < *min_id) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                              _("%s: Invalid configuration: SYS_UID_MIN (%lu), "
                                "UID_MIN (%lu), SYS_UID_MAX (%lu)\n"),
                              Prog, (unsigned long) *min_id,
@@ -97,7 +97,7 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
  
                 /* Check that the ranges make sense */
                 if (*max_id < *min_id) {
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         _("%s: Invalid configuration: UID_MIN (%lu), "
                                           "UID_MAX (%lu)\n"),
                                         Prog, (unsigned long) *min_id,
@@ -213,7 +213,7 @@ int find_new_uid(bool sys_user,
                          * more likely to want to stop and address the
                          * issue.
                          */
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                 _("%s: Encountered error attempting to use "
                                   "preferred UID: %s\n"),
                                 Prog, strerror (result));
@@ -243,7 +243,7 @@ int find_new_uid(bool sys_user,
         /* Create an array to hold all of the discovered UIDs */
         used_uids = malloc (sizeof (bool) * (uid_max +1));
         if (NULL == used_uids) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: failed to allocate memory: %s\n"),
                          Prog, strerror (errno));
                 return -1;
@@ -323,7 +323,7 @@ int find_new_uid(bool sys_user,
                                  *
                                  */
                                 if (!nospam) {
-                                       fprintf (stderr,
+                                       fprintf (shadow_logfd,
                                                 _("%s: Can't get unique system UID (%s). "
                                                   "Suppressing additional messages.\n"),
                                                 Prog, strerror (result));
@@ -366,7 +366,7 @@ int find_new_uid(bool sys_user,
                                          *
                                          */
                                         if (!nospam) {
-                                               fprintf (stderr,
+                                               fprintf (shadow_logfd,
                                                         _("%s: Can't get unique system UID (%s). "
                                                           "Suppressing additional messages.\n"),
                                                         Prog, strerror (result));
@@ -426,7 +426,7 @@ int find_new_uid(bool sys_user,
                                  *
                                  */
                                 if (!nospam) {
-                                       fprintf (stderr,
+                                       fprintf (shadow_logfd,
                                                 _("%s: Can't get unique UID (%s). "
                                                   "Suppressing additional messages.\n"),
                                                 Prog, strerror (result));
@@ -469,7 +469,7 @@ int find_new_uid(bool sys_user,
                                          *
                                          */
                                         if (!nospam) {
-                                               fprintf (stderr,
+                                               fprintf (shadow_logfd,
                                                         _("%s: Can't get unique UID (%s). "
                                                           "Suppressing additional messages.\n"),
                                                         Prog, strerror (result));
@@ -488,7 +488,7 @@ int find_new_uid(bool sys_user,
         }
  
         /* The code reached here and found no available IDs in the range */
-       fprintf (stderr,
+       fprintf (shadow_logfd,
                 _("%s: Can't get unique UID (no more available UIDs)\n"),
                 Prog);
         SYSLOG ((LOG_WARN, "no more available UIDs on the system"));
diff --git a/libmisc/gettime.c b/libmisc/gettime.c

index 0e25a4b750616245bebdc116298366cf774b84bd..e882300c7adbf58b540b4bc8e3fdf975c289ceef 100644 (file)
--- a/libmisc/gettime.c
+++ b/libmisc/gettime.c
@@ -61,23 +61,23 @@
         epoch = strtoull (source_date_epoch, &endptr, 10);
         if ((errno == ERANGE && (epoch == ULLONG_MAX || epoch == 0))
                         || (errno != 0 && epoch == 0)) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n"),
                          strerror(errno));
         } else if (endptr == source_date_epoch) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n"),
                          endptr);
         } else if (*endptr != '\0') {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n"),
                          endptr);
         } else if (epoch > ULONG_MAX) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to %lu but was found to be: %llu\n"),
                          ULONG_MAX, epoch);
         } else if (epoch > fallback) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to the current time (%lu) but was found to be: %llu\n"),
                          fallback, epoch);
         } else {
diff --git a/libmisc/idmapping.c b/libmisc/idmapping.c

index 8697bd5445b7a66b1ea26cabe565eb43539ee2cb..b0ae488cf0917f7e8cec292d9a1b741c0cd17053 100644 (file)
--- a/libmisc/idmapping.c
+++ b/libmisc/idmapping.c
@@ -47,19 +47,19 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
         int idx, argidx;
  
         if (ranges < 0 || argc < 0) {
-               fprintf(stderr, "%s: error calculating number of arguments\n", Prog);
+               fprintf(shadow_logfd, "%s: error calculating number of arguments\n", Prog);
                 return NULL;
         }
  
         if (ranges != ((argc + 2) / 3)) {
-               fprintf(stderr, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
+               fprintf(shadow_logfd, "%s: ranges: %u is wrong for argc: %d\n", Prog, ranges, argc);
                 return NULL;
         }
  
         if ((ranges * 3) > argc) {
-               fprintf(stderr, "ranges: %u argc: %d\n",
+               fprintf(shadow_logfd, "ranges: %u argc: %d\n",
                         ranges, argc);
-               fprintf(stderr,
+               fprintf(shadow_logfd,
                         _( "%s: Not enough arguments to form %u mappings\n"),
                         Prog, ranges);
                 return NULL;
@@ -67,7 +67,7 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
  
         mappings = calloc(ranges, sizeof(*mappings));
         if (!mappings) {
-               fprintf(stderr, _( "%s: Memory allocation failure\n"),
+               fprintf(shadow_logfd, _( "%s: Memory allocation failure\n"),
                         Prog);
                 exit(EXIT_FAILURE);
         }
@@ -88,24 +88,24 @@ struct map_range *get_map_ranges(int ranges, int argc, char **argv)
                         return NULL;
                 }
                 if (ULONG_MAX - mapping->upper <= mapping->count || ULONG_MAX - mapping->lower <= mapping->count) {
-                       fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+                       fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
                         exit(EXIT_FAILURE);
                 }
                 if (mapping->upper > UINT_MAX ||
                         mapping->lower > UINT_MAX ||
                         mapping->count > UINT_MAX)  {
-                       fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+                       fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
                         exit(EXIT_FAILURE);
                 }
                 if (mapping->lower + mapping->count > UINT_MAX ||
                                 mapping->upper + mapping->count > UINT_MAX) {
-                       fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+                       fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
                         exit(EXIT_FAILURE);
                 }
                 if (mapping->lower + mapping->count < mapping->lower ||
                                 mapping->upper + mapping->count < mapping->upper) {
                         /* this one really shouldn't be possible given previous checks */
-                       fprintf(stderr, _( "%s: subuid overflow detected.\n"), Prog);
+                       fprintf(shadow_logfd, _( "%s: subuid overflow detected.\n"), Prog);
                         exit(EXIT_FAILURE);
                 }
         }
@@ -176,19 +176,19 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
         } else if (strcmp(map_file, "gid_map") == 0) {
                 cap = CAP_SETGID;
         } else {
-               fprintf(stderr, _("%s: Invalid map file %s specified\n"), Prog, map_file);
+               fprintf(shadow_logfd, _("%s: Invalid map file %s specified\n"), Prog, map_file);
                 exit(EXIT_FAILURE);
         }
  
         /* Align setuid- and fscaps-based new{g,u}idmap behavior. */
         if (geteuid() == 0 && geteuid() != ruid) {
                 if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) {
-                       fprintf(stderr, _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), Prog);
+                       fprintf(shadow_logfd, _("%s: Could not prctl(PR_SET_KEEPCAPS)\n"), Prog);
                         exit(EXIT_FAILURE);
                 }
  
                 if (seteuid(ruid) < 0) {
-                       fprintf(stderr, _("%s: Could not seteuid to %d\n"), Prog, ruid);
+                       fprintf(shadow_logfd, _("%s: Could not seteuid to %d\n"), Prog, ruid);
                         exit(EXIT_FAILURE);
                 }
         }
@@ -204,7 +204,7 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
                 data[0].effective |= CAP_TO_MASK(CAP_SETFCAP);
         data[0].permitted = data[0].effective;
         if (capset(&hdr, data) < 0) {
-               fprintf(stderr, _("%s: Could not set caps\n"), Prog);
+               fprintf(shadow_logfd, _("%s: Could not set caps\n"), Prog);
                 exit(EXIT_FAILURE);
         }
  #endif
@@ -222,7 +222,7 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
                         mapping->lower,
                         mapping->count);
                 if ((written <= 0) || (written >= (bufsize - (pos - buf)))) {
-                       fprintf(stderr, _("%s: snprintf failed!\n"), Prog);
+                       fprintf(shadow_logfd, _("%s: snprintf failed!\n"), Prog);
                         exit(EXIT_FAILURE);
                 }
                 pos += written;
@@ -231,12 +231,12 @@ void write_mapping(int proc_dir_fd, int ranges, struct map_range *mappings,
         /* Write the mapping to the mapping file */
         fd = openat(proc_dir_fd, map_file, O_WRONLY);
         if (fd < 0) {
-               fprintf(stderr, _("%s: open of %s failed: %s\n"),
+               fprintf(shadow_logfd, _("%s: open of %s failed: %s\n"),
                         Prog, map_file, strerror(errno));
                 exit(EXIT_FAILURE);
         }
         if (write(fd, buf, pos - buf) != (pos - buf)) {
-               fprintf(stderr, _("%s: write to %s failed: %s\n"),
+               fprintf(shadow_logfd, _("%s: write to %s failed: %s\n"),
                         Prog, map_file, strerror(errno));
                 exit(EXIT_FAILURE);
         }
diff --git a/libmisc/limits.c b/libmisc/limits.c

index f40e17161a951951e49e272d00b2373a437b5188..31f738daeb64884c704e8f802e09f18262a4e663 100644 (file)
--- a/libmisc/limits.c
+++ b/libmisc/limits.c
@@ -548,7 +548,7 @@ void setup_limits (const struct passwd *info)
  #ifdef LIMITS
                 if (info->pw_uid != 0) {
                         if ((setup_user_limits (info->pw_name) & LOGIN_ERROR_LOGIN) != 0) {
-                               (void) fputs (_("Too many logins.\n"), stderr);
+                               (void) fputs (_("Too many logins.\n"), shadow_logfd);
                                 (void) sleep (2); /* XXX: Should be FAIL_DELAY */
                                 exit (EXIT_FAILURE);
                         }
diff --git a/libmisc/pam_pass.c b/libmisc/pam_pass.c

index a89bb2c5d870046029810a21b496bcaa4151e985..58a3d3f6e00f0279da328f22a14071cb14d64504 100644 (file)
--- a/libmisc/pam_pass.c
+++ b/libmisc/pam_pass.c
@@ -59,20 +59,20 @@ void do_pam_passwd (const char *user, bool silent, bool change_expired)
  
         ret = pam_start ("passwd", user, &conv, &pamh);
         if (ret != PAM_SUCCESS) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("passwd: pam_start() failed, error %d\n"), ret);
                 exit (10);      /* XXX */
         }
  
         ret = pam_chauthtok (pamh, flags);
         if (ret != PAM_SUCCESS) {
-               fprintf (stderr, _("passwd: %s\n"), pam_strerror (pamh, ret));
-               fputs (_("passwd: password unchanged\n"), stderr);
+               fprintf (shadow_logfd, _("passwd: %s\n"), pam_strerror (pamh, ret));
+               fputs (_("passwd: password unchanged\n"), shadow_logfd);
                 pam_end (pamh, ret);
                 exit (10);      /* XXX */
         }
  
-       fputs (_("passwd: password updated successfully\n"), stderr);
+       fputs (_("passwd: password updated successfully\n"), shadow_logfd);
         (void) pam_end (pamh, PAM_SUCCESS);
  }
  #else                          /* !USE_PAM */
diff --git a/libmisc/pam_pass_non_interactive.c b/libmisc/pam_pass_non_interactive.c

index ded5c69e0270d9620f98951bd49abd3d6769e0cc..3c95c88cfedf25a2005b6f0d0520b0711b48a575 100644 (file)
--- a/libmisc/pam_pass_non_interactive.c
+++ b/libmisc/pam_pass_non_interactive.c
@@ -76,7 +76,7 @@ static int ni_conv (int num_msg,
  
                 switch (msg[count]->msg_style) {
                 case PAM_PROMPT_ECHO_ON:
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: PAM modules requesting echoing are not supported.\n"),
                                  Prog);
                         goto failed_conversation;
@@ -88,7 +88,7 @@ static int ni_conv (int num_msg,
                         break;
                 case PAM_ERROR_MSG:
                         if (   (NULL == msg[count]->msg)
-                           || (fprintf (stderr, "%s\n", msg[count]->msg) <0)) {
+                           || (fprintf (shadow_logfd, "%s\n", msg[count]->msg) <0)) {
                                 goto failed_conversation;
                         }
                         responses[count].resp = NULL;
@@ -101,7 +101,7 @@ static int ni_conv (int num_msg,
                         responses[count].resp = NULL;
                         break;
                 default:
-                       (void) fprintf (stderr,
+                       (void) fprintf (shadow_logfd,
                                         _("%s: conversation type %d not supported.\n"),
                                         Prog, msg[count]->msg_style);
                         goto failed_conversation;
@@ -143,7 +143,7 @@ int do_pam_passwd_non_interactive (const char *pam_service,
  
         ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
         if (ret != PAM_SUCCESS) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: (user %s) pam_start failure %d\n"),
                          Prog, username, ret);
                 return 1;
@@ -152,7 +152,7 @@ int do_pam_passwd_non_interactive (const char *pam_service,
         non_interactive_password = password;
         ret = pam_chauthtok (pamh, 0);
         if (ret != PAM_SUCCESS) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: (user %s) pam_chauthtok() failed, error:\n"
                            "%s\n"),
                          Prog, username, pam_strerror (pamh, ret));
diff --git a/libmisc/prefix_flag.c b/libmisc/prefix_flag.c

index 2e0e9a7e8a2b8b38febd591560d160f568fd7fc0..6eb71a727bf30940e8d1c516cf3ffb2d2ed84fa5 100644 (file)
--- a/libmisc/prefix_flag.c
+++ b/libmisc/prefix_flag.c
@@ -83,7 +83,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
                         && (val = argv[i] + 9))
                     || (strcmp (argv[i], short_opt) == 0)) {
                         if (NULL != prefix) {
-                               fprintf (stderr,
+                               fprintf (shadow_logfd,
                                          _("%s: multiple --prefix options\n"),
                                          Prog);
                                 exit (E_BAD_ARG);
@@ -92,7 +92,7 @@ extern const char* process_prefix_flag (const char* short_opt, int argc, char **
                         if (val) {
                                 prefix = val;
                         } else if (i + 1 == argc) {
-                               fprintf (stderr,
+                               fprintf (shadow_logfd,
                                          _("%s: option '%s' requires an argument\n"),
                                          Prog, argv[i]);
                                 exit (E_BAD_ARG);
diff --git a/libmisc/pwdcheck.c b/libmisc/pwdcheck.c

index ec1f47449acfac7930e43b43069d38ea29c40b73..bc6b66f8a90a3e42d77c9270612bfb0bda01a372 100644 (file)
--- a/libmisc/pwdcheck.c
+++ b/libmisc/pwdcheck.c
@@ -51,7 +51,7 @@ void passwd_check (const char *user, const char *passwd, unused const char *prog
         if (pw_auth (passwd, user, PW_LOGIN, (char *) 0) != 0) {
                 SYSLOG ((LOG_WARN, "incorrect password for `%s'", user));
                 (void) sleep (1);
-               fprintf (stderr, _("Incorrect password for %s.\n"), user);
+               fprintf (shadow_logfd, _("Incorrect password for %s.\n"), user);
                 exit (EXIT_FAILURE);
         }
  }
diff --git a/libmisc/root_flag.c b/libmisc/root_flag.c

index 3aea581a2b5f480a3a3cce2e2b60ccb843e07dac..e9a97d44035ae700550798aaf4688d14a0ed55d1 100644 (file)
--- a/libmisc/root_flag.c
+++ b/libmisc/root_flag.c
@@ -65,7 +65,7 @@ extern void process_root_flag (const char* short_opt, int argc, char **argv)
                         && (val = argv[i] + 7))
                     || (strcmp (argv[i], short_opt) == 0)) {
                         if (NULL != newroot) {
-                               fprintf (stderr,
+                               fprintf (shadow_logfd,
                                          _("%s: multiple --root options\n"),
                                          Prog);
                                 exit (E_BAD_ARG);
@@ -74,7 +74,7 @@ extern void process_root_flag (const char* short_opt, int argc, char **argv)
                         if (val) {
                                 newroot = val;
                         } else if (i + 1 == argc) {
-                               fprintf (stderr,
+                               fprintf (shadow_logfd,
                                          _("%s: option '%s' requires an argument\n"),
                                          Prog, argv[i]);
                                 exit (E_BAD_ARG);
@@ -94,34 +94,34 @@ static void change_root (const char* newroot)
         /* Drop privileges */
         if (   (setregid (getgid (), getgid ()) != 0)
             || (setreuid (getuid (), getuid ()) != 0)) {
-               fprintf (stderr, _("%s: failed to drop privileges (%s)\n"),
+               fprintf (shadow_logfd, _("%s: failed to drop privileges (%s)\n"),
                          Prog, strerror (errno));
                 exit (EXIT_FAILURE);
         }
  
         if ('/' != newroot[0]) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: invalid chroot path '%s'\n"),
                          Prog, newroot);
                 exit (E_BAD_ARG);
         }
  
         if (access (newroot, F_OK) != 0) {
-               fprintf(stderr,
+               fprintf(shadow_logfd,
                         _("%s: cannot access chroot directory %s: %s\n"),
                         Prog, newroot, strerror (errno));
                 exit (E_BAD_ARG);
         }
  
         if (chdir (newroot) != 0) {
-               fprintf(stderr,
+               fprintf(shadow_logfd,
                                 _("%s: cannot chdir to chroot directory %s: %s\n"),
                                 Prog, newroot, strerror (errno));
                 exit (E_BAD_ARG);
         }
  
         if (chroot (newroot) != 0) {
-               fprintf(stderr,
+               fprintf(shadow_logfd,
                         _("%s: unable to chroot to directory %s: %s\n"),
                         Prog, newroot, strerror (errno));
                 exit (E_BAD_ARG);
diff --git a/libmisc/salt.c b/libmisc/salt.c

index 46555dc40914df78821198f1d499eb9a7dc5b4b1..c35c679783359490c57e13923498901584991b40 100644 (file)
--- a/libmisc/salt.c
+++ b/libmisc/salt.c
@@ -426,7 +426,7 @@ static /*@observer@*/const char *gensalt (size_t salt_size)
                 salt_len = (size_t) shadow_random (8, 16);
  #endif /* USE_SHA_CRYPT */
         } else if (0 != strcmp (method, "DES")) {
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("Invalid ENCRYPT_METHOD value: '%s'.\n"
                            "Defaulting to DES.\n"),
                          method);
diff --git a/libmisc/setupenv.c b/libmisc/setupenv.c

index 24c6e67865eb84e31e8cb58e174acddec691d836..74b18723aeec231596d31e9e58e0037b0d0674ea 100644 (file)
--- a/libmisc/setupenv.c
+++ b/libmisc/setupenv.c
@@ -219,7 +219,7 @@ void setup_env (struct passwd *info)
                 static char temp_pw_dir[] = "/";
  
                 if (!getdef_bool ("DEFAULT_HOME") || chdir ("/") == -1) {
-                       fprintf (stderr, _("Unable to cd to '%s'\n"),
+                       fprintf (shadow_logfd, _("Unable to cd to '%s'\n"),
                                  info->pw_dir);
                         SYSLOG ((LOG_WARN,
                                  "unable to cd to `%s' for user `%s'\n",
diff --git a/libmisc/user_busy.c b/libmisc/user_busy.c

index 324bb94651640c373a9cb5b352ec33bde06512c8..4b507fe2f3fc645fe3fed2a22acc92dbddc70a86 100644 (file)
--- a/libmisc/user_busy.c
+++ b/libmisc/user_busy.c
@@ -96,7 +96,7 @@ static int user_busy_utmp (const char *name)
                         continue;
                 }
  
-               fprintf (stderr,
+               fprintf (shadow_logfd,
                          _("%s: user %s is currently logged in\n"),
                          Prog, name);
                 return 1;
@@ -249,7 +249,7 @@ static int user_busy_processes (const char *name, uid_t uid)
  #ifdef ENABLE_SUBIDS
                         sub_uid_close();
  #endif
-                       fprintf (stderr,
+                       fprintf (shadow_logfd,
                                  _("%s: user %s is currently used by process %d\n"),
                                  Prog, name, pid);
                         return 1;
@@ -272,7 +272,7 @@ static int user_busy_processes (const char *name, uid_t uid)
  #ifdef ENABLE_SUBIDS
                                         sub_uid_close();
  #endif
-                                       fprintf (stderr,
+                                       fprintf (shadow_logfd,
                                                  _("%s: user %s is currently used by process %d\n"),
                                                  Prog, name, pid);
                                         return 1;
diff --git a/libmisc/xgetXXbyYY.c b/libmisc/xgetXXbyYY.c

index 1b0b001337d2b5fa83de8d8bac3997eb3c2f903b..11f45fc478ba08aa210dd62a9e55a5d89bfa5884 100644 (file)
--- a/libmisc/xgetXXbyYY.c
+++ b/libmisc/xgetXXbyYY.c
@@ -74,7 +74,7 @@
  
         result = malloc(sizeof(LOOKUP_TYPE));
         if (NULL == result) {
-               fprintf (stderr, _("%s: out of memory\n"),
+               fprintf (shadow_logfd, _("%s: out of memory\n"),
                          "x" STRINGIZE(FUNCTION_NAME));
                 exit (13);
         }
@@ -84,7 +84,7 @@
                 LOOKUP_TYPE *resbuf = NULL;
                 buffer = (char *)realloc (buffer, length);
                 if (NULL == buffer) {
-                       fprintf (stderr, _("%s: out of memory\n"),
+                       fprintf (shadow_logfd, _("%s: out of memory\n"),
                                  "x" STRINGIZE(FUNCTION_NAME));
                         exit (13);
                 }
@@ -132,7 +132,7 @@
         if (result) {
                 result = DUP_FUNCTION(result);
                 if (NULL == result) {
-                       fprintf (stderr, _("%s: out of memory\n"),
+                       fprintf (shadow_logfd, _("%s: out of memory\n"),
                                  "x" STRINGIZE(FUNCTION_NAME));
                         exit (13);
                 }
diff --git a/libmisc/xmalloc.c b/libmisc/xmalloc.c

index 0c55d5b4ec228cc84f574fa5cdf76e74eae5e9a6..6d6861452b5fdf0e8d62f817dfa6762de3927a13 100644 (file)
--- a/libmisc/xmalloc.c
+++ b/libmisc/xmalloc.c
@@ -54,7 +54,7 @@
  
         ptr = (char *) malloc (size);
         if (NULL == ptr) {
-               (void) fprintf (stderr,
+               (void) fprintf (shadow_logfd,
                                 _("%s: failed to allocate memory: %s\n"),
                                 Prog, strerror (errno));
                 exit (13);
diff --git a/libsubid/api.c b/libsubid/api.c

index a1b5bb3f08e810cd1476d6f818fe22f8911a8f6c..8ca098590ca9bf4ecc9f0d69daa38f1762fabb74 100644 (file)
--- a/libsubid/api.c
+++ b/libsubid/api.c
@@ -32,12 +32,39 @@
  #include <stdio.h>
  #include <errno.h>
  #include <stdlib.h>
+#include <string.h>
  #include <pwd.h>
  #include <stdbool.h>
  #include "subordinateio.h"
  #include "idmapping.h"
  #include "subid.h"
  
+const char *Prog = "(libsubid)";
+extern FILE * shadow_logfd;
+
+bool libsubid_init(const char *progname, FILE * logfd)
+{
+       if (progname) {
+               progname = strdup(progname);
+               if (progname)
+                       Prog = progname;
+               else
+                       fprintf(stderr, "Out of memory");
+       }
+
+       if (logfd) {
+               shadow_logfd = logfd;
+               return true;
+       }
+       shadow_logfd = fopen("/dev/null", "w");
+       if (!shadow_logfd) {
+               fprintf(stderr, "ERROR opening /dev/null for error messages.  Using stderr.");
+               shadow_logfd = stderr;
+               return false;
+       }
+       return true;
+}
+
  static
  int get_subid_ranges(const char *owner, enum subid_type id_type, struct subordinate_range ***ranges)
  {
diff --git a/libsubid/subid.h b/libsubid/subid.h

index 769463f6e41ecf3508275518074f34b590b251db..23d4a1364696959f35b4e5386210e2783858d102 100644 (file)
--- a/libsubid/subid.h
+++ b/libsubid/subid.h
@@ -21,6 +21,22 @@ enum subid_status {
         SUBID_STATUS_ERROR = 3,
  };
  
+/*
+ * libsubid_init: initialize libsubid
+ *
+ * @progname: Name to display as program.  If NULL, then "(libsubid)" will be
+ *            shown in error messages.
+ * @logfd:    Open file pointer to pass error messages to.  If NULL, then
+ *            /dev/null will be opened and messages will be sent there.  The
+ *            default if libsubid_init() is not called is stderr (2).
+ *
+ * This function does not need to be called.  If not called, then the defaults
+ * will be used.
+ *
+ * Returns false if an error occurred.
+ */
+bool libsubid_init(const char *progname, FILE *logfd);
+
  /*
   * get_subuid_ranges: return a list of UID ranges for a user
   *
diff --git a/src/chage.c b/src/chage.c

index dc36af9a06a162f0892488ddeb899df099d3542f..f0dc00671d35dc86c6d1a843d10791afa254cc8e 100644 (file)
--- a/src/chage.c
+++ b/src/chage.c
@@ -62,6 +62,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool
      dflg = false,              /* set last password change date */
@@ -814,6 +815,7 @@ int main (int argc, char **argv)
          * Get the program name so that error messages can use it.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         sanitize_env ();
         (void) setlocale (LC_ALL, "");
diff --git a/src/check_subid_range.c b/src/check_subid_range.c

index fb1c2cfcb448f48bcaa9de220faee9439af7c4c8..8a9d5258efe997fed9998348ad8594aff7616ff7 100644 (file)
--- a/src/check_subid_range.c
+++ b/src/check_subid_range.c
@@ -18,6 +18,7 @@
  #include "idmapping.h"
  
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  int main(int argc, char **argv)
  {
@@ -25,6 +26,7 @@ int main(int argc, char **argv)
         unsigned long start, count;
         bool check_uids;
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         if (argc != 5)
                 exit(1);
diff --git a/src/chfn.c b/src/chfn.c

index cfcfa3519c306699a697d14daa171a2f56dac2ca..fc529c0bb85c7fdf4708ae61a0de5ef7eb800cb4 100644 (file)
--- a/src/chfn.c
+++ b/src/chfn.c
@@ -57,6 +57,7 @@
   * Global variables.
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  static char fullnm[BUFSIZ];
  static char roomno[BUFSIZ];
  static char workph[BUFSIZ];
@@ -639,6 +640,7 @@ int main (int argc, char **argv)
          * prefix to most error messages.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         sanitize_env ();
         (void) setlocale (LC_ALL, "");
diff --git a/src/chgpasswd.c b/src/chgpasswd.c

index ed5f75a616c7edc5e9439e4b0e7678eeab8dd432..56f3e882da60df25755755c021e55ace2f0749a0 100644 (file)
--- a/src/chgpasswd.c
+++ b/src/chgpasswd.c
@@ -59,6 +59,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  static bool eflg   = false;
  static bool md5flg = false;
  #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -437,6 +438,7 @@ int main (int argc, char **argv)
         int line = 0;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/chpasswd.c b/src/chpasswd.c

index 420342fd0a151da8762dd93724613be93aee2240..8a01227390df0b28cfdff0efd6c9b11db1912a78 100644 (file)
--- a/src/chpasswd.c
+++ b/src/chpasswd.c
@@ -56,6 +56,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  static bool eflg   = false;
  static bool md5flg = false;
  #if defined(USE_SHA_CRYPT) || defined(USE_BCRYPT) || defined(USE_YESCRYPT)
@@ -429,6 +430,7 @@ int main (int argc, char **argv)
         int line = 0;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/chsh.c b/src/chsh.c

index 06edf407b5540e1acd3dbc09e236404c12c3a09a..1cafb8b629ad01d22272f7f6a87dbe52e1100a33 100644 (file)
--- a/src/chsh.c
+++ b/src/chsh.c
@@ -59,6 +59,7 @@
   * Global variables
   */
  const char *Prog;              /* Program name */
+FILE *shadow_logfd = NULL;
  static bool amroot;            /* Real UID is root */
  static char loginsh[BUFSIZ];   /* Name of new login shell */
  /* command line options */
@@ -441,6 +442,7 @@ int main (int argc, char **argv)
          * most error messages.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/expiry.c b/src/expiry.c

index 41add942cc221d5a0aa4d751a68449a57873f535..1d200716fb49fcf32372c9e21f9cd384cdcba25c 100644 (file)
--- a/src/expiry.c
+++ b/src/expiry.c
@@ -46,6 +46,7 @@
  
  /* Global variables */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  static bool cflg = false;
  
  /* local function prototypes */
@@ -144,6 +145,7 @@ int main (int argc, char **argv)
         struct spwd *spwd;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         sanitize_env ();
  
diff --git a/src/faillog.c b/src/faillog.c

index e2c7838342a6315900682e9a3895f2d6c05db0dd..d09f151137007bf1b91ffcb04f24021b8fa3a1b8 100644 (file)
--- a/src/faillog.c
+++ b/src/faillog.c
@@ -62,6 +62,7 @@ static void reset (void);
   * Global variables
   */
  const char *Prog;              /* Program name */
+FILE *shadow_logfd = NULL;
  static FILE *fail;             /* failure file stream */
  static time_t seconds;         /* that number of days in seconds */
  static unsigned long umin;     /* if uflg and has_umin, only display users with uid >= umin */
@@ -573,6 +574,7 @@ int main (int argc, char **argv)
          * most error messages.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/free_subid_range.c b/src/free_subid_range.c

index 3701a262f7de44f63d790ae4a5e920f7d0bb9e1a..1e6663715b795ee2b24e16c8bbbd9cb01c97f3e5 100644 (file)
--- a/src/free_subid_range.c
+++ b/src/free_subid_range.c
@@ -7,6 +7,7 @@
  /* Test program for the subid freeing routine */
  
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  void usage(void)
  {
@@ -23,6 +24,7 @@ int main(int argc, char *argv[])
         bool group = false;   // get subuids by default
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
         while ((c = getopt(argc, argv, "g")) != EOF) {
                 switch(c) {
                 case 'g': group = true; break;
diff --git a/src/get_subid_owners.c b/src/get_subid_owners.c

index 409e3fea364c680a177b81446f035c9c51434513..f9a266baab9b8a3395d5e67d343c3da8e11d59af 100644 (file)
--- a/src/get_subid_owners.c
+++ b/src/get_subid_owners.c
@@ -4,6 +4,7 @@
  #include "prototypes.h"
  
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  void usage(void)
  {
@@ -19,6 +20,7 @@ int main(int argc, char *argv[])
         uid_t *uids;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
         if (argc < 2) {
                 usage();
         }
diff --git a/src/gpasswd.c b/src/gpasswd.c

index 9331d30c1db20e00c20d41c652a98e788984811f..a43d9a590a12501bc741b196666c4ece75e6014e 100644 (file)
--- a/src/gpasswd.c
+++ b/src/gpasswd.c
@@ -58,6 +58,7 @@
   */
  /* The name of this command, as it is invoked */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  #ifdef SHADOWGRP
  /* Indicate if shadow groups are enabled on the system
@@ -988,6 +989,7 @@ int main (int argc, char **argv)
          */
         bywho = getuid ();
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         OPENLOG ("gpasswd");
         setbuf (stdout, NULL);
diff --git a/src/groupadd.c b/src/groupadd.c

index fa75c7f71ff90b5b4884550a700fc49b212c308f..d7f68b1a15e8ae4ce6cbbd8b5e159cd96098aab1 100644 (file)
--- a/src/groupadd.c
+++ b/src/groupadd.c
@@ -72,6 +72,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static /*@null@*/char *group_name;
  static gid_t group_id;
@@ -598,6 +599,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/groupdel.c b/src/groupdel.c

index 6a6c53390f8e1c713a6f0637fcec145787973a63..5c893128ba34d97882b37f9042320aa1c0adcca6 100644 (file)
--- a/src/groupdel.c
+++ b/src/groupdel.c
@@ -58,6 +58,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static char *group_name;
  static gid_t group_id = -1;
@@ -376,6 +377,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/groupmems.c b/src/groupmems.c

index fc91c8b1194ac96ae18f640f239fa9aa86c1373e..654a8f3a945b228fbdb814e30af69837b49977dd 100644 (file)
--- a/src/groupmems.c
+++ b/src/groupmems.c
@@ -65,6 +65,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static char *adduser = NULL;
  static char *deluser = NULL;
@@ -595,6 +596,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/groupmod.c b/src/groupmod.c

index e64ae3e5ab7b9452c7204fd7944b34fe31f746f4..acd6f350a2fc3225bbe02b32c6cf0d42902a209a 100644 (file)
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -76,6 +76,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  #ifdef SHADOWGRP
  static bool is_shadow_grp;
@@ -792,6 +793,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/groups.c b/src/groups.c

index fcd669b0afd197e6ea10db19853c579b96d90525..3bfd48300707e875411c5a9004e9120c776959b1 100644 (file)
--- a/src/groups.c
+++ b/src/groups.c
@@ -43,6 +43,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  /* local function prototypes */
  static void print_groups (const char *member);
@@ -126,6 +127,7 @@ int main (int argc, char **argv)
          * Get the program name so that error messages can use it.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         if (argc == 1) {
  
diff --git a/src/grpck.c b/src/grpck.c

index 8ed59a9ca8899325fad02493d353f37c233d459e..b594851bfd8eac87afa3ebde15ba4c06de44001d 100644 (file)
--- a/src/grpck.c
+++ b/src/grpck.c
@@ -66,6 +66,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static const char *grp_file = GROUP_FILE;
  static bool use_system_grp_file = true;
@@ -840,6 +841,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/grpconv.c b/src/grpconv.c

index 5e5eaaca384045861192fe8f8ea20819b7bf25a7..aecafa404ad9ec415bd1fca82f8dcc94e0762b59 100644 (file)
--- a/src/grpconv.c
+++ b/src/grpconv.c
@@ -59,6 +59,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool gr_locked  = false;
  static bool sgr_locked = false;
@@ -146,6 +147,7 @@ int main (int argc, char **argv)
         struct sgrp sgent;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/grpunconv.c b/src/grpunconv.c

index e4105c2654ece54dbeca26069776a4e6d37a4c34..d750e2bd630653c347e23a6cdd240219ba0e851b 100644 (file)
--- a/src/grpunconv.c
+++ b/src/grpunconv.c
@@ -59,6 +59,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool gr_locked  = false;
  static bool sgr_locked = false;
@@ -145,6 +146,7 @@ int main (int argc, char **argv)
         const struct sgrp *sg;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/lastlog.c b/src/lastlog.c

index 492ac67efdfb7909bc653f51fc741129244b3fe1..1b1803e18362cf38f926a5ce91d6b1ecca5a3574 100644 (file)
--- a/src/lastlog.c
+++ b/src/lastlog.c
@@ -62,6 +62,7 @@
   * Global variables
   */
  const char *Prog;              /* Program name */
+FILE *shadow_logfd = NULL;
  static FILE *lastlogfile;      /* lastlog file stream */
  static unsigned long umin;     /* if uflg and has_umin, only display users with uid >= umin */
  static bool has_umin = false;
@@ -317,6 +318,7 @@ int main (int argc, char **argv)
          * most error messages.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/list_subid_ranges.c b/src/list_subid_ranges.c

index 21b2c1923c00793624e91e8d713e07f51421a1ad..2237ce355cb8bc5c64f56131860940acd31585d4 100644 (file)
--- a/src/list_subid_ranges.c
+++ b/src/list_subid_ranges.c
@@ -4,6 +4,7 @@
  #include "prototypes.h"
  
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  void usage(void)
  {
@@ -19,6 +20,7 @@ int main(int argc, char *argv[])
         struct subordinate_range **ranges;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
         if (argc < 2) {
                 usage();
         }
diff --git a/src/login.c b/src/login.c

index be84a884306c8dda2bb6ec0b45f74b3ead520be8..7ec2401e207da56b94f3ca2eddb980134213ccf4 100644 (file)
--- a/src/login.c
+++ b/src/login.c
@@ -83,6 +83,7 @@ static pam_handle_t *pamh = NULL;
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static const char *hostname = "";
  static /*@null@*/ /*@only@*/char *username = NULL;
@@ -577,6 +578,7 @@ int main (int argc, char **argv)
  
         amroot = (getuid () == 0);
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         if (geteuid() != 0) {
                 fprintf (stderr, _("%s: Cannot possibly work without effective root\n"), Prog);
diff --git a/src/logoutd.c b/src/logoutd.c

index 1503a743ac61f49f8e16840256c126227986b40f..780c29f863136a88211aa6939ecd2dfb63a5ae55 100644 (file)
--- a/src/logoutd.c
+++ b/src/logoutd.c
@@ -44,6 +44,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  #ifndef DEFAULT_HUP_MESG
  #define DEFAULT_HUP_MESG _("login time exceeded\n\n")
@@ -187,6 +188,7 @@ int main (int argc, char **argv)
          * Start syslogging everything
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         OPENLOG ("logoutd");
  
diff --git a/src/new_subid_range.c b/src/new_subid_range.c

index dde196b324beaa64598a11d6ffa6c366596b3a5a..721f9547f4c8ac282655f372cbffdccd48a35bdb 100644 (file)
--- a/src/new_subid_range.c
+++ b/src/new_subid_range.c
@@ -7,6 +7,7 @@
  /* Test program for the subid creation routine */
  
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  void usage(void)
  {
@@ -26,6 +27,7 @@ int main(int argc, char *argv[])
         bool ok;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
         while ((c = getopt(argc, argv, "gn")) != EOF) {
                 switch(c) {
                 case 'n': makenew = true; break;
diff --git a/src/newgidmap.c b/src/newgidmap.c

index 85b08055d186842c60e9b7f078865087ae707b63..51a2eb440d4c02961605cd032c372c220e2ffeba 100644 (file)
--- a/src/newgidmap.c
+++ b/src/newgidmap.c
@@ -46,6 +46,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  
  static bool verify_range(struct passwd *pw, struct map_range *range, bool *allow_setgroups)
@@ -176,6 +177,7 @@ int main(int argc, char **argv)
         bool allow_setgroups = false;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         /*
          * The valid syntax are
diff --git a/src/newgrp.c b/src/newgrp.c

index 76f3ce7b850e3da7336f0b6e3a06fbd13fd890db..2aa28b87ba9c6c03a92de5d5e832c12408338704 100644 (file)
--- a/src/newgrp.c
+++ b/src/newgrp.c
@@ -49,6 +49,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  extern char **newenvp;
  extern char **environ;
@@ -443,6 +444,7 @@ int main (int argc, char **argv)
          * don't need to re-exec anything.  -- JWP
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
         is_newgrp = (strcmp (Prog, "newgrp") == 0);
         OPENLOG (is_newgrp ? "newgrp" : "sg");
         argc--;
diff --git a/src/newuidmap.c b/src/newuidmap.c

index b8466de0af0323b17a814e93ffef51c947160fdc..bdd9cadfc4c43e8d1c134835f5938513444a1bd8 100644 (file)
--- a/src/newuidmap.c
+++ b/src/newuidmap.c
@@ -46,6 +46,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool verify_range(struct passwd *pw, struct map_range *range)
  {
@@ -106,6 +107,7 @@ int main(int argc, char **argv)
         int written;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         /*
          * The valid syntax are
diff --git a/src/newusers.c b/src/newusers.c

index ec0fe828f2d51b6f1d7b8c5aa1c92ea61046c5bd..d2a4f882a5b274eadb0b24242a2d6e54b1c1bc48 100644 (file)
--- a/src/newusers.c
+++ b/src/newusers.c
@@ -75,6 +75,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool rflg = false;      /* create a system account */
  #ifndef USE_PAM
@@ -1052,6 +1053,7 @@ int main (int argc, char **argv)
  #endif                         /* USE_PAM */
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/passwd.c b/src/passwd.c

index b056ee080aa3474bbacf1e0470ab232ee05f46ac..3d4206f4688346c6265e7e7d1870a70e68d8b907 100644 (file)
--- a/src/passwd.c
+++ b/src/passwd.c
@@ -66,6 +66,7 @@
   * Global variables
   */
  const char *Prog;              /* Program name */
+FILE *shadow_logfd = NULL;
  
  static char *name;             /* The name of user whose password is being changed */
  static char *myname;           /* The current user's name */
@@ -752,6 +753,7 @@ int main (int argc, char **argv)
          * most error messages.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/pwck.c b/src/pwck.c

index 3d494a69d28b58fd876f5ccf907c3133e056bc6a..4248944ae8a37f2e3836c7a12b97036dd101c63a 100644 (file)
--- a/src/pwck.c
+++ b/src/pwck.c
@@ -70,6 +70,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool use_system_pw_file = true;
  static bool use_system_spw_file = true;
diff --git a/src/pwconv.c b/src/pwconv.c

index f932f266c59cb18f3eb78fc4260f4bf40423b808..85ad9699e8dd78eac03e8866c7ea15934a5fe018 100644 (file)
--- a/src/pwconv.c
+++ b/src/pwconv.c
@@ -89,6 +89,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool spw_locked = false;
  static bool pw_locked = false;
@@ -176,6 +177,7 @@ int main (int argc, char **argv)
         struct spwd spent;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/pwunconv.c b/src/pwunconv.c

index e11ea4941e795a97f8d84c33dfd129b7a9cf773d..a5ee999efd921bc4a2ffe1f84138255e8a828bac 100644 (file)
--- a/src/pwunconv.c
+++ b/src/pwunconv.c
@@ -53,6 +53,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static bool spw_locked = false;
  static bool pw_locked = false;
@@ -137,6 +138,7 @@ int main (int argc, char **argv)
         const struct spwd *spwd;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/su.c b/src/su.c

index 0f3cd79366fb3a592db2637aad42712154fb724a..04011afa4d8ae045c2e5fc11e116a4e45e5bacfe 100644 (file)
--- a/src/su.c
+++ b/src/su.c
@@ -82,6 +82,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  static /*@observer@*/const char *caller_tty = NULL;    /* Name of tty SU is run from */
  static bool caller_is_root = false;
  static uid_t caller_uid;
@@ -716,6 +717,7 @@ static void save_caller_context (char **argv)
          * most error messages.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         caller_uid = getuid ();
         caller_is_root = (caller_uid == 0);
diff --git a/src/sulogin.c b/src/sulogin.c

index 4264099bc48c8c3992bac413bccc138ea11b4939..8f18150506f26289ee6cc81c89eea1ef0ab7e9ca 100644 (file)
--- a/src/sulogin.c
+++ b/src/sulogin.c
@@ -50,6 +50,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static char name[BUFSIZ];
  static char pass[BUFSIZ];
@@ -106,6 +107,7 @@ static RETSIGTYPE catch_signals (unused int sig)
  #endif
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
         (void) textdomain (PACKAGE);
diff --git a/src/useradd.c b/src/useradd.c

index b3fff8951959ae70fee93de47d01dc800837a9fb..06accb2f0c06f95593e76b9181a950cf3d2eceed 100644 (file)
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -96,6 +96,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  /*
   * These defaults are used if there is no defaults file.
@@ -2391,6 +2392,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/userdel.c b/src/userdel.c

index 92bca4999136be6edc407b5c3aa33684f720b72b..79a7c8994aad032ee691e6862c8eb213704fe4be 100644 (file)
--- a/src/userdel.c
+++ b/src/userdel.c
@@ -91,6 +91,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static char *user_name;
  static uid_t user_id;
@@ -1015,6 +1016,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
         (void) textdomain (PACKAGE);
diff --git a/src/usermod.c b/src/usermod.c

index 15c70b5c89d928e7fd704524745178b400c82e43..69afeda04e3d9abf5eb79c0b186faf3c97575c3d 100644 (file)
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -105,6 +105,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static char *user_name;
  static char *user_newname;
@@ -2200,6 +2201,7 @@ int main (int argc, char **argv)
          * Get my name so that I can use it to report errors.
          */
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
diff --git a/src/vipw.c b/src/vipw.c

index 465698d165594172357d5cfa7ecba8881342d31b..94185c3df95cc6f8ec25c4c4c74213f210cc77f4 100644 (file)
--- a/src/vipw.c
+++ b/src/vipw.c
@@ -63,6 +63,7 @@
   * Global variables
   */
  const char *Prog;
+FILE *shadow_logfd = NULL;
  
  static const char *filename, *fileeditname;
  static bool filelocked = false;
@@ -481,6 +482,7 @@ int main (int argc, char **argv)
         bool do_vipw;
  
         Prog = Basename (argv[0]);
+       shadow_logfd = stderr;
  
         (void) setlocale (LC_ALL, "");
         (void) bindtextdomain (PACKAGE, LOCALEDIR);
author	Serge Hallyn <serge@hallyn.com>
	Sat, 8 May 2021 22:42:14 +0000 (17:42 -0500)
committer	Serge Hallyn <serge@hallyn.com>
	Sat, 15 May 2021 17:38:55 +0000 (12:38 -0500)
lib/commonio.c		patch \| blob \| blame \| history
lib/encrypt.c		patch \| blob \| blame \| history
lib/getdef.c		patch \| blob \| blame \| history
lib/nscd.c		patch \| blob \| blame \| history
lib/nss.c		patch \| blob \| blame \| history
lib/prototypes.h		patch \| blob \| blame \| history
lib/run_part.c		patch \| blob \| blame \| history
lib/selinux.c		patch \| blob \| blame \| history
lib/semanage.c		patch \| blob \| blame \| history
lib/spawn.c		patch \| blob \| blame \| history
lib/tcbfuncs.c		patch \| blob \| blame \| history
libmisc/addgrps.c		patch \| blob \| blame \| history
libmisc/audit_help.c		patch \| blob \| blame \| history
libmisc/chowntty.c		patch \| blob \| blame \| history
libmisc/cleanup_group.c		patch \| blob \| blame \| history
libmisc/cleanup_user.c		patch \| blob \| blame \| history
libmisc/copydir.c		patch \| blob \| blame \| history
libmisc/env.c		patch \| blob \| blame \| history
libmisc/find_new_gid.c		patch \| blob \| blame \| history
libmisc/find_new_sub_gids.c		patch \| blob \| blame \| history
libmisc/find_new_sub_uids.c		patch \| blob \| blame \| history
libmisc/find_new_uid.c		patch \| blob \| blame \| history
libmisc/gettime.c		patch \| blob \| blame \| history
libmisc/idmapping.c		patch \| blob \| blame \| history
libmisc/limits.c		patch \| blob \| blame \| history
libmisc/pam_pass.c		patch \| blob \| blame \| history
libmisc/pam_pass_non_interactive.c		patch \| blob \| blame \| history
libmisc/prefix_flag.c		patch \| blob \| blame \| history
libmisc/pwdcheck.c		patch \| blob \| blame \| history
libmisc/root_flag.c		patch \| blob \| blame \| history
libmisc/salt.c		patch \| blob \| blame \| history
libmisc/setupenv.c		patch \| blob \| blame \| history
libmisc/user_busy.c		patch \| blob \| blame \| history
libmisc/xgetXXbyYY.c		patch \| blob \| blame \| history
libmisc/xmalloc.c		patch \| blob \| blame \| history
libsubid/api.c		patch \| blob \| blame \| history
libsubid/subid.h		patch \| blob \| blame \| history
src/chage.c		patch \| blob \| blame \| history
src/check_subid_range.c		patch \| blob \| blame \| history
src/chfn.c		patch \| blob \| blame \| history
src/chgpasswd.c		patch \| blob \| blame \| history
src/chpasswd.c		patch \| blob \| blame \| history
src/chsh.c		patch \| blob \| blame \| history
src/expiry.c		patch \| blob \| blame \| history
src/faillog.c		patch \| blob \| blame \| history
src/free_subid_range.c		patch \| blob \| blame \| history
src/get_subid_owners.c		patch \| blob \| blame \| history
src/gpasswd.c		patch \| blob \| blame \| history
src/groupadd.c		patch \| blob \| blame \| history
src/groupdel.c		patch \| blob \| blame \| history
src/groupmems.c		patch \| blob \| blame \| history
src/groupmod.c		patch \| blob \| blame \| history
src/groups.c		patch \| blob \| blame \| history
src/grpck.c		patch \| blob \| blame \| history
src/grpconv.c		patch \| blob \| blame \| history
src/grpunconv.c		patch \| blob \| blame \| history
src/lastlog.c		patch \| blob \| blame \| history
src/list_subid_ranges.c		patch \| blob \| blame \| history
src/login.c		patch \| blob \| blame \| history
src/logoutd.c		patch \| blob \| blame \| history
src/new_subid_range.c		patch \| blob \| blame \| history
src/newgidmap.c		patch \| blob \| blame \| history
src/newgrp.c		patch \| blob \| blame \| history
src/newuidmap.c		patch \| blob \| blame \| history
src/newusers.c		patch \| blob \| blame \| history
src/passwd.c		patch \| blob \| blame \| history
src/pwck.c		patch \| blob \| blame \| history
src/pwconv.c		patch \| blob \| blame \| history
src/pwunconv.c		patch \| blob \| blame \| history
src/su.c		patch \| blob \| blame \| history
src/sulogin.c		patch \| blob \| blame \| history
src/useradd.c		patch \| blob \| blame \| history
src/userdel.c		patch \| blob \| blame \| history
src/usermod.c		patch \| blob \| blame \| history
src/vipw.c		patch \| blob \| blame \| history