lib/idmapping.c: get_map_ranges(): Move range check to a2ul() call

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Move range check to a2ul() calls

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Rename local variable

For a pointer iterator used often, a single-letter identifier is more
appropriate.  That reduces the length of lines considerably, avoiding
unnecessary line breaks.  And since we initialize it with

m = mappings;

it's clear what it is.

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: check_logins(): Report LOGIN_ERROR_LOGIN if str2ul() ERANGE

Fixes: 10396f953613 ("* libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file limit with getlog() / getulong().")
Link: <https://github.com/shadow-maint/shadow/pull/893/commits/882cf59459bc4501b0882a7f02d36c8ce28a30f2>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/login_nopam.c: login_access(): Use stpsep() to simplify

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/useradd.c: Use stpsep() to simplify

This allows using plain strcmp(3) instead of MATCH().

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/nss.c: nss_init(): Use stpsep() instead of strtok_r(3)

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/suauth.c: check_su_auth(): Use stpsep() to simplify

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strchr/stpcspn.[ch]: stpcspn(): Remove unused function

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/attr.h: ATTR_STRING(): It only accepts one argument

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Use stpsep() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strtok/stpsep.[ch]: stpsep(): Add function

This function is somewhat simpler to use than strsep(3) in some cases.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/find_new_[gu]id.c: include stdint.h for UINT16_MAX/UINT32_MAX

Signed-off-by: Chris Hofstaedtler <zeha@debian.org>

lib/port.c: getportent(): Use strsep(3) instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getportent(): Align variables

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getttyuser(): Use pointer arithmetic to simplify

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getportent(): Use equivalent code to parse equally-formatted fields

The tty names field and the user names field have the same formatting:
a CSV terminated by a ':'.  Thus, we can --and should-- use the same
exact code for parsing both.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getportent(): Make sure the aren't too many fields in the CSV

Otherwise, the line is invalidly formatted, and we ignore it.

Detailed explanation:

There are two conditions on which we break out of the loops that precede
these added checks:

-  j is too big (we've exhausted the space in the static arrays)

$ grep -r -e PORT_TTY -e PORT_IDS lib/port.*
lib/port.c: static char *ttys[PORT_TTY + 1]; /* some pointers to tty names     */
lib/port.c: static char *users[PORT_IDS + 1]; /* some pointers to user ids     */
lib/port.c: for (cp = buf, j = 0; j < PORT_TTY; j++) {
lib/port.c: if ((',' == *cp) && (j < PORT_IDS)) {
lib/port.h: * PORT_IDS - Allowable number of IDs per entry.
lib/port.h: * PORT_TTY - Allowable number of TTYs per entry.
lib/port.h:#define PORT_IDS 64
lib/port.h:#define PORT_TTY 64

-  strpbrk(3) found a ':', which signals the end of the comma-sepatated
   list, and the start of the next colon-separated field.

If the first character in the remainder of the string is not a ':', it
means we've exhausted the array size, but the CSV list was longer, so
we'd be truncating it.  Consider the entire line invalid, and skip it.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getportent(): Make sure there are at least 2 ':' in the line

Otherwise, the line is invalidly formatted, and we ignore it.

Closes: <https://github.com/shadow-maint/shadow/issues/1036>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getportent(): Remove obvious comments

And do some style changes on the corresponding code.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getportent(): Rename goto label

This label means we detected a bogus line, and want to skip it and jump
to the next one; rename it accordingly.  'again' seemed to say that it
was somehow looping on the same line.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getttyuser(): Use goto to break out of nested loops

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: getttyuser(): Remove dead code

port.pt_names cannot be NULL; it always points to the static array ttys.

$ grep -rn pt_names
lib/port.c:157: port.pt_names = ttys;
lib/port.c:159: port.pt_names[j] = cp;
lib/port.c:172: port.pt_names[j] = NULL;
lib/port.c:344: for (i = 0; NULL != port->pt_names[i]; i++) {
lib/port.c:345: if (portcmp (port->pt_names[i], tty) == 0) {
lib/port.c:350: if (port->pt_names[i] == 0) {
lib/port.h:39: * pt_names - pointer to array of device names in /dev/
lib/port.h:45: char **pt_names;

Signed-off-by: Alejandro Colomar <alx@kernel.org>

contrib/adduser.c: main(): Use strcpy/cat(3) instead of their pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

contrib, lib/, src/, tests/: Use stpcpy(3) instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Use strrspn() instead of its pattern

This requires changing isspace(3) calls to an explicit accept string,
and I chose " \t\n" for it (as is done in other parts of this project),
which isn't exactly the same, but we probably don't want other
isspace(3) characters in those files, so it should work.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/sssd.c: Style fixes

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/login_nopam.c: login_access(): Simplify, calling strchr(3)

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/getdef.c: def_load(): Use stp[c]spn() instead of their patterns

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strchr/: stp[c]spn(), strrspn(), strnul(): Add macros and functions

Often, a pointer is more useful than a length when calling these.

Link: <https://docs.oracle.com/cd/E86824_01/html/E54769/strrspn-3gen.html>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/chage.c: Simplify, by calling a2sl() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/faillog.c: Simplify, by calling str2sh() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/usermod.c: Simplify, by calling a2sl() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/passwd.c: Simplify, by calling a2sl() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/useradd.c: Simplify, by calling a2sl() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/: Use get_[ug]id() where appropriate

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/shadow.c: my_sgetspent(): Simplify error handling

Handle negative values as errors from a2sl(), and reuse its
error-handling code.

Cc: Iker Pedrosa <ipedrosa@redhat.com>
Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/shadow.c: my_sgetspent(): Remove dead code

spwd.sp_flag is an unsigned long, which can never be negative.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/shadow.c: my_sgetspent(): Merge 'else {if}' into 'else if'

This reduces indentation.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/sgetspent.c: sgetspent(): Simplify, by calling a2sl() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: setup_limits(): Simplify, by calling str2i(mode_t, ) instead of str2ul()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: setup_limits(): Simplify, by calling str2si() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: setup_limits(): Simplify, by calling a2si() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: set_umask(): Simplify, by calling str2i(mode_t, ) instead of str2ul()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: set_prio(): Simplify, by calling str2si() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/getdef.c: getdef_long(): Simplify, by calling a2sl() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/getdef.c: getdef_unum(): Fix wrong limit check

The limit, since it's an unsigned int, should have been UINT_MAX, not
INT_MAX.  By calling a2ui() we can fix that and simplify too.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/getdef.c: getdef_num(): Simplify, by calling a2si() instead of str2sl()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

Remove groups(1)

Signed-off-by: Alejandro Colomar <alx@kernel.org>

Remove id(1)

Distributions use id(1) from GNU coreutils or BusyBox.  Drop ours.

Closes: <https://github.com/shadow-maint/shadow/issues/1005>
Suggested-by: dkwo <nicolopiazzalunga@gmail.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Cc: Michael Vetter <jubalh@iodoru.org>
Cc: Sam James <sam@gentoo.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: Use long constants in prctl(2), and remove 0s

The prctl(2) system-call wrapper is implemented as a variadic function.
This makes it important to pass arguments to it of the right type (and
more importantly of the right width), to avoid undefined behavior.

While at it, check errors with ==-1, not <0, which is more explicit.

Also, PR_SET_KEEPCAPS(2const) doesn't need all arguments, so it can be
called with just two of them; remove unnecessary 0s.

See-also: prctl(2), PR_SET_KEEPCAPS(2const)
Link: <https://lore.kernel.org/linux-man/ddbdyaiptesjalgfmztxideej67e3yaob7ucsmbf6qvriwxiif@dohhxrqgwhrf/T/#med306b5b003f9cc7cc2de69fcdd7ee2d056d0954>
Cc: Xi Ruoyao <xry111@xry111.site>
Cc: Lukas Slebodnik <lslebodn@fedoraproject.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/attr.h: Use C23-style attributes

They're stricter.  The GNU attributes are too lazy, and can be misused
more easily.  Also, mixing both has its own problems.

Link: <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108796>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/gshadow.c: Use XREALLOC() instead of silently continuing on ENOMEM

We should do better, and correctly handle errors, since this is library
code.  However, I'm lazy right now, so let's die hard, and let us
improve this later.

Link: <https://github.com/shadow-maint/shadow/pull/991#discussion_r1660308154>
Reported-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/: Remove dead code

FIRST_MEMBER_IS_ADMIN was never enabled.  And BTW, that code had been
broken for a long time, so probably nobody should manually enable it.

Link: <https://github.com/shadow-maint/shadow/pull/991#discussion_r1660308748>
Reported-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Use [[gnu::alloc_size(...)]] on allocation functions

Suggested-by: Martin Uecker <uecker@tugraz.at>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Use multi-line macro definitions

This reduces the complexity of those nested parentheses.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/alloc/, lib/, src/, tests/: Organize the allocation APIs in a new subdirectory

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/alloc.[ch]: xmalloc(): Remove unused function

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strdup/xstrdup.[ch], lib/, src/: Move xstrdup() to its own file

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strcpy/zustr2stp.[ch], tests/: Remove ZUSTR2STP()

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/logoutd.c: Use STRNCAT() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/logoutd.c: Use STRNDUPA() instead of its pattern

STRNDUPA() is equivalent to automatic storage allocation (alloca(3))
+ ZUSTR2STP().

The benefits of this refactor are:

-  The allocation size is always correct, and needs no comments, since
   it's now automatically calculated by the macro.

-  STRNDUPA() is probably more familiar, since
   -  strndupa(3) is a libc function,
   -  STRNDUPA() is the obvious wrapper that
      calculates the size based on the input array.

-  We can remove ZUSTR2STP().

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/newusers.c: Exit on ENOMEM, by calling xstrdup() instead of strdup(3)

The program was happily ignoring ENOMEM errors.

Fixes: 7f9e19690333 ("* NEWS, src/newusers.c, src/Makefile.am: Added support for")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/utmp.c: prepare_utmp(): Use xstrdup() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/utmp.c: Use XSTRNDUP() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strdup/: XSTRNDUP(), STRNDUPA(): Add macros

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strcpy/strncat.[ch]: STRNCAT(): Add macro

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/: Use xasprintf() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/groupmems.c: Fix number of elements in allocation

We are setting `sgrent.sg_adm[1] = NULL;`, so we need 2 elements.

Fixes: 87b56b19fb72 ("* NEWS, src/groupmems.c, man/groupmems.8.xml: Added support for [...]")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/gshadow.c: build_list(): Fix REALLOC() nmemb calculation

Fixes: efbbcade43ff ("Use safer allocation macros")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/gshadow.c: build_list(): Fix forever loop on ENOMEM

Before this patch, the function looped while (s != NULL && *s != '\0').
However, nothing was modifying that string if REALLOC() failed, so the
loop was forever.

Fixes: 8e167d28afd6 ("[svn-upgrade] Integrating new upstream version, shadow (4.0.8)")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Use strsep(3) instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/useradd.c: tallylog_reset(): Use Basename() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Use strchrnul(3) instead of its pattern

In the files where #include <string.h> is missing, add it, and sort the
includes.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/commonio.c: commonio_open(): MALLOC() and REALLOCF() already set ENOMEM

We don't need to set ENOMEM on failure of those functions.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Use REALLOCF() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Add missing include

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/failure.c: failprint(): Remove dead code

This should have gone into the #else'd branch in 8451bed8b06d, and
should have been removed in 3e602b58a2aa.

Fixes: 8451bed8b06d ("[svn-upgrade] Integrating new upstream version, shadow (4.0.13)")
Fixes: 3e602b58a2aa ("Remove HAVE_STRFTIME ifdefs")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Always pass NULL to time(2)

See time(2):

BUGS
     Error returns from this system  call  are  indistinguishable  from
     successful  reports  that  the  time  is  a few seconds before the
     Epoch, so the C library wrapper function never sets errno as a re‐
     sult of this call.

     The tloc argument is obsolescent and should always be NULL in  new
     code.  When tloc is NULL, the call cannot fail.

Fixes: 45c6603cc86c ("[svn-upgrade] Integrating new upstream version, shadow (19990709)")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/getdate.y: NULL doesn't need a cast

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/shadow.c: my_sgetspent(): Clarify that we're assigning an empty string

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Reduce scope of local variables

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/login.c: Remove dead code

The functions that set these strings --do_rlogin() and login_prompt()--
make sure to terminate them with a NUL.

Fixes: 3704745289f5 ("* lib/defines.h: Define USER_NAME_MAX_LENGTH, based on utmp and [...]")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/logoutd.c: Remove unused variable

wait(2) accepts NULL if the status won't be read.  Simplify.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/su.c: save_caller_context(): Remove unused parameter

Fixes: e6c2e4393784 ("Hardcoding Prog to known value")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strcpy/, lib/, src/, tests/: Move all copying APIs to a subdirectory

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/sprintf/, lib/, src/, tests/: Move all sprintf(3)-like APIs to a subdirectory

And have a separate file for each pair of APIs.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/get_subid_owners.c: Use uid_t for holding UIDs (and GIDs)

Suggested-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/usermod.c: Fix const correctness

Now that we use liba2i's const-generic macros, we can (and must) use a
'const char **' endp where the input string is 'const char *'.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: setrlimit_value(): Reimplement in terms of a2i()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, po/, src/: get_uid(): Move function to "atoi/getnum.h"

Implement it as an inline function, and add restrict and ATTR_STRING()
and ATTR_ACCESS() as appropriate.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/get_uid.c: get_uid(): Reimplement in terms of a2i()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/usermod.c: getulong_range(): Reimplement in terms of a2ul()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/get_pid.c: get_pidfd_from_fd(): Don't open-code get_fd()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/atoi/getnum.[ch]: get_fd(): Add function for parsing a file descriptor from a string

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: get_pid(): Move function to "atoi/getnum.h"

Implement it as an inline function, and add restrict and ATTR_STRING()
and ATTR_ACCESS() as appropriate.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/get_pid.c: get_pid(): Reimplement in terms of a2i()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Don't open-code get_gid()

These functions were open-coding get_gid().  Use the actual function.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, libsubid/, po/, src/: get_gid(): Move function to "atoi/getnum.h"

Implement it as an inline function, and add restrict and ATTR_STRING()
and ATTR_ACCESS() as appropriate.

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/get_gid.c: get_gid(): Reimplement in terms of a2i()

Reviewed-by: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>