static bool gr_locked = false;
/* local function prototypes */
-NORETURN static void fail_exit (int code);
+NORETURN static void fail_exit (int code, bool process_selinux);
NORETURN static void usage (int status);
static void process_flags (int argc, char **argv, struct option_flags *flags);
static void check_flags (void);
static void check_perms (void);
-static void open_files (void);
+static void open_files (bool process_selinux);
static void close_files (struct option_flags *flags);
/*
* fail_exit - exit with a failure code after unlocking the files
*/
-static void fail_exit (int code)
+static void fail_exit (int code, bool process_selinux)
{
if (gr_locked) {
- if (gr_unlock (true) == 0) {
+ if (gr_unlock (process_selinux) == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
/* continue */
#ifdef SHADOWGRP
if (sgr_locked) {
- if (sgr_unlock (true) == 0) {
+ if (sgr_unlock (process_selinux) == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
/* continue */
/*
* open_files - lock and open the group databases
*/
-static void open_files (void)
+static void open_files (bool process_selinux)
{
/*
* Lock the group file and open it for reading and writing. This will
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, gr_dbname ());
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
gr_locked = true;
if (gr_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr,
_("%s: cannot open %s\n"), Prog, gr_dbname ());
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
#ifdef SHADOWGRP
fprintf (stderr,
_("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
sgr_locked = true;
if (sgr_open (O_CREAT | O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"),
Prog, sgr_dbname ());
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
}
#endif
_("%s: failure while writing changes to %s\n"),
Prog, sgr_dbname ());
SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
if (sgr_unlock (process_selinux) == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
_("%s: failure while writing changes to %s\n"),
Prog, gr_dbname ());
SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
if (gr_unlock (process_selinux) == 0) {
fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
bool errors = false;
intmax_t line = 0;
struct option_flags flags;
+ bool process_selinux;
log_set_progname(Prog);
log_set_logfd(stderr);
process_root_flag ("-R", argc, argv);
process_flags (argc, argv, &flags);
+ process_selinux = !flags.chroot;
OPENLOG (Prog);
is_shadow_grp = sgr_file_present ();
#endif
- open_files ();
+ open_files (process_selinux);
/*
* Read each line, separating the group name from the password. The
fprintf (stderr,
_("%s: failed to crypt password with salt '%s': %s\n"),
Prog, salt, strerror (errno));
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
}
if (errors) {
fprintf (stderr,
_("%s: error detected, changes ignored\n"), Prog);
- fail_exit (1);
+ fail_exit (1, process_selinux);
}
close_files (&flags);
projects / thirdparty / shadow.git / commitdiff
