lib/shadowlog_internal.h: Drop shadow_logfd

author Tobias Stoeckmann <tobias@stoeckmann.org>

Sun, 11 Jan 2026 11:28:46 +0000 (12:28 +0100)

committer Alejandro Colomar <foss+github@alejandro-colomar.es>

Mon, 12 Jan 2026 13:27:05 +0000 (14:27 +0100)
author Tobias Stoeckmann <tobias@stoeckmann.org>
Sun, 11 Jan 2026 11:28:46 +0000 (12:28 +0100)
committer Alejandro Colomar <foss+github@alejandro-colomar.es>
Mon, 12 Jan 2026 13:27:05 +0000 (14:27 +0100)
diff --git a/lib/addgrps.c b/lib/addgrps.c

index b90828e1e2e6f28b2494b127307bb2c6acd9df1e..a8fbbb508f2a640bb3d8d078135cd48eefeb5012 100644 (file)
--- a/lib/addgrps.c
+++ b/lib/addgrps.c
@@ -37,7 +37,6 @@ int
  add_groups(const char *list)
  {
         char    *dup;
-       FILE *shadow_logfd = log_get_logfd();
         gid_t   *gids;
         size_t  n;
  
@@ -62,7 +61,7 @@ add_groups(const char *list)
  
                         grp = getgrnam(g); /* local, no need for xgetgrnam */
                         if (NULL == grp) {
-                               fprintf(shadow_logfd, _("Warning: unknown group %s\n"), g);
+                               fprintf(log_get_logfd(), _("Warning: unknown group %s\n"), g);
                                 continue;
                         }
  
@@ -72,7 +71,7 @@ add_groups(const char *list)
         free(dup);
  
         if (setgroups(n, gids) == -1) {
-               fprintf(shadow_logfd, "setgroups: %s\n", strerrno());
+               fprintf(log_get_logfd(), "setgroups: %s\n", strerrno());
                 goto free_gids;
         }
  
diff --git a/lib/chowntty.c b/lib/chowntty.c

index 1f99d2de361ea3c9d949c85e70e0f1cbacbb5483..e0271108a5a4c29debf7d1cdc470c10f691c52da 100644 (file)
--- a/lib/chowntty.c
+++ b/lib/chowntty.c
@@ -53,9 +53,8 @@ void chown_tty (const struct passwd *info)
         if (   (fchown (STDIN_FILENO, info->pw_uid, gid) != 0)
             || (fchmod (STDIN_FILENO, getdef_num ("TTYPERM", 0600)) != 0)) {
                 int err = errno;
-               FILE *shadow_logfd = log_get_logfd();
  
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Unable to change owner or mode of tty stdin: %s"),
                          strerror (err));
                 SYSLOG ((LOG_WARN,
diff --git a/lib/commonio.c b/lib/commonio.c

index 2c6a1a20f00d6845647c8e663387030b28790aa0..c93b302cffd478bb296e4b33304827ddf2c0617f 100644 (file)
--- a/lib/commonio.c
+++ b/lib/commonio.c
@@ -32,6 +32,7 @@
  #include <tcb.h>
  #endif                         /* WITH_TCB */
  #include "prototypes.h"
+#include "shadowlog.h"
  #include "shadowlog_internal.h"
  #include "sssd.h"
  #include "string/memset/memzero.h"
@@ -101,7 +102,7 @@ static int check_link_count (const char *file, bool log)
  
         if (stat (file, &sb) != 0) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: %s file stat error: %s\n",
                                         shadow_progname, file, strerrno());
                 }
@@ -110,7 +111,7 @@ static int check_link_count (const char *file, bool log)
  
         if (sb.st_nlink != 2) {
                 if (log) {
-                       fprintf(shadow_logfd,
+                       fprintf(log_get_logfd(),
                                 "%s: %s: lock file already used (nlink: %ju)\n",
                                 shadow_progname, file, (uintmax_t) sb.st_nlink);
                 }
@@ -132,7 +133,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         fd = open (file, O_CREAT | O_TRUNC | O_WRONLY, 0600);
         if (-1 == fd) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: %s: %s\n",
                                         shadow_progname, file, strerrno());
                 }
@@ -144,7 +145,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         len = (ssize_t) strlen (buf) + 1;
         if (write_full(fd, buf, len) == -1) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: %s file write error: %s\n",
                                         shadow_progname, file, strerrno());
                 }
@@ -154,7 +155,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         }
         if (fdatasync (fd) == -1) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: %s file sync error: %s\n",
                                         shadow_progname, file, strerrno());
                 }
@@ -173,7 +174,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         fd = open (lock, O_RDWR);
         if (-1 == fd) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: %s: %s\n",
                                         shadow_progname, lock, strerrno());
                 }
@@ -185,7 +186,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         close (fd);
         if (len <= 0) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: existing lock file %s without a PID\n",
                                         shadow_progname, lock);
                 }
@@ -196,7 +197,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         stpcpy(&buf[len], "");
         if (get_pid(buf, &pid) == -1) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: existing lock file %s with an invalid PID '%s'\n",
                                         shadow_progname, lock, buf);
                 }
@@ -206,7 +207,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         }
         if (kill (pid, 0) == 0) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: lock %s already used by PID %lu\n",
                                         shadow_progname, lock, (unsigned long) pid);
                 }
@@ -216,7 +217,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
         }
         if (unlink (lock) != 0) {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: cannot get lock %s: %s\n",
                                         shadow_progname, lock, strerrno());
                 }
@@ -229,7 +230,7 @@ static int do_lock_file (const char *file, const char *lock, bool log)
                 retval = check_link_count (file, log);
         } else {
                 if (log) {
-                       (void) fprintf (shadow_logfd,
+                       (void) fprintf (log_get_logfd(),
                                         "%s: cannot get lock %s: %s\n",
                                         shadow_progname, lock, strerrno());
                 }
@@ -402,7 +403,7 @@ int commonio_lock (struct commonio_db *db)
                 if (0 == lock_count) {
                         if (lckpwdf () == -1) {
                                 if (geteuid () != 0) {
-                                       (void) fprintf (shadow_logfd,
+                                       (void) fprintf (log_get_logfd(),
                                                         "%s: Permission denied.\n",
                                                         shadow_progname);
                                 }
@@ -438,7 +439,7 @@ int commonio_lock (struct commonio_db *db)
                 }
                 /* no unnecessary retries on "permission denied" errors */
                 if (geteuid () != 0) {
-                       (void) fprintf (shadow_logfd, "%s: Permission denied.\n",
+                       (void) fprintf (log_get_logfd(), "%s: Permission denied.\n",
                                         shadow_progname);
                         return 0;
                 }
@@ -1045,7 +1046,7 @@ int commonio_update (struct commonio_db *db, const void *eptr)
         p = find_entry_by_name(db, db->ops->cio_getname(eptr));
         if (NULL != p) {
                 if (next_entry_by_name(db, p->next, db->ops->cio_getname(eptr)) != NULL) {
-                       fprintf(shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->cio_getname(eptr), db->filename);
+                       fprintf(log_get_logfd(), _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), db->ops->cio_getname(eptr), db->filename);
                         db->ops->cio_free(nentry);
                         return 0;
                 }
@@ -1150,7 +1151,7 @@ int commonio_remove (struct commonio_db *db, const char *name)
                 return 0;
         }
         if (next_entry_by_name (db, p->next, name) != NULL) {
-               fprintf (shadow_logfd, _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
+               fprintf (log_get_logfd(), _("Multiple entries named '%s' in %s. Please fix this with pwck or grpck.\n"), name, db->filename);
                 return 0;
         }
  
diff --git a/lib/copydir.c b/lib/copydir.c

index f04cd51b11a1f38b391db708e471638d257d9402..058a79221bb0d41329db10f30784be3c3877288b 100644 (file)
--- a/lib/copydir.c
+++ b/lib/copydir.c
@@ -94,7 +94,6 @@ static void
  error_acl(struct error_context *, const char *fmt, ...)
  {
         va_list ap;
-       FILE *shadow_logfd = log_get_logfd();
  
         /* ignore the case when destination does not support ACLs
          * or extended attributes */
@@ -104,11 +103,11 @@ error_acl(struct error_context *, const char *fmt, ...)
         }
  
         va_start (ap, fmt);
-       (void) fprintf (shadow_logfd, _("%s: "), log_get_progname());
-       if (vfprintf (shadow_logfd, fmt, ap) != 0) {
-               (void) fputs (_(": "), shadow_logfd);
+       (void) fprintf (log_get_logfd(), _("%s: "), log_get_progname());
+       if (vfprintf (log_get_logfd(), fmt, ap) != 0) {
+               (void) fputs (_(": "), log_get_logfd());
         }
-       (void) fprintf(shadow_logfd, "%s\n", strerrno());
+       (void) fprintf(log_get_logfd(), "%s\n", strerrno());
         va_end (ap);
  }
  
diff --git a/lib/encrypt.c b/lib/encrypt.c

index 9a7d4aae238252cdcc8a3faf7f33a40c494c72fa..d21f962f36dfb65488220997845d0ca0f421c51d 100644 (file)
--- a/lib/encrypt.c
+++ b/lib/encrypt.c
@@ -16,7 +16,7 @@
  
  #include "prototypes.h"
  #include "defines.h"
-#include "shadowlog_internal.h"
+#include "shadowlog.h"
  #include "string/strcmp/strprefix.h"
  
  
@@ -64,7 +64,7 @@
                                 method = &nummethod[0];
                         }
                 }
-               (void) fprintf (shadow_logfd,
+               (void) fprintf (log_get_logfd(),
                                 _("crypt method not supported by libcrypt? (%s)\n"),
                                 method);
                 errno = EINVAL;
diff --git a/lib/getdef.c b/lib/getdef.c

index 930b350bde6ade43ab4f41145e269a0444a3ddbf..f67e00e48e12613322c3643521a8f3b3140c6ce0 100644 (file)
--- a/lib/getdef.c
+++ b/lib/getdef.c
@@ -26,7 +26,7 @@
  #include "defines.h"
  #include "getdef.h"
  #include "prototypes.h"
-#include "shadowlog_internal.h"
+#include "shadowlog.h"
  #include "sizeof.h"
  #include "string/sprintf/aprintf.h"
  #include "string/strcmp/strcaseeq.h"
@@ -255,7 +255,7 @@ getdef_num(const char *item, int dflt)
         }
  
         if (a2si(&val, d->value, NULL, 0, -1, INT_MAX) == -1) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -289,7 +289,7 @@ getdef_unum(const char *item, unsigned int dflt)
         }
  
         if (a2ui(&val, d->value, NULL, 0, 0, UINT_MAX) == -1) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -322,7 +322,7 @@ long getdef_long (const char *item, long dflt)
         }
  
         if (a2sl(&val, d->value, NULL, 0, -1, LONG_MAX) == -1) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -354,7 +354,7 @@ unsigned long getdef_ulong (const char *item, unsigned long dflt)
         }
  
         if (str2ul(&val, d->value) == -1) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("configuration error - cannot parse %s value: '%s'"),
                          item, d->value);
                 return dflt;
@@ -391,7 +391,7 @@ int putdef_str (const char *name, const char *value, const char *srcfile)
         cp = strdup (value);
         if (NULL == cp) {
                 (void) fputs (_("Could not allocate space for config info.\n"),
-                             shadow_logfd);
+                             log_get_logfd());
                 SYSLOG ((LOG_ERR, "could not allocate space for config info"));
                 return -1;
         }
@@ -435,7 +435,7 @@ static /*@observer@*/ /*@null@*/struct itemdef *def_find (const char *name, cons
                         goto out;
                 }
         }
-       fprintf (shadow_logfd,
+       fprintf (log_get_logfd(),
                  _("configuration error - unknown item '%s' (notify administrator)\n"),
                  name);
         if (srcfile != NULL)
diff --git a/lib/gettime.c b/lib/gettime.c

index 97b873ef2bf9817d02399e79c477f662b565269b..0d1d59086ca54374047e65b13423ab49403f5751 100644 (file)
--- a/lib/gettime.c
+++ b/lib/gettime.c
@@ -29,7 +29,6 @@
  gettime(void)
  {
         char    *source_date_epoch;
-       FILE    *shadow_logfd = log_get_logfd();
         time_t  fallback, epoch;
  
         fallback = time (NULL);
@@ -39,7 +38,7 @@ gettime(void)
                 return fallback;
  
         if (a2i(time_t, &epoch, source_date_epoch, NULL, 10, 0, fallback) == -1) {
-               fprintf(shadow_logfd,
+               fprintf(log_get_logfd(),
                         _("Environment variable $SOURCE_DATE_EPOCH: a2i(\"%s\"): %s"),
                         source_date_epoch, strerrno());
                 return fallback;
diff --git a/lib/nscd.c b/lib/nscd.c

index e2bb44e3fe30b51dbca3cce352f23f57f1533969..ae3321fe1f0fea5caf05c998af6b9e79479b0fed 100644 (file)
--- a/lib/nscd.c
+++ b/lib/nscd.c
@@ -10,6 +10,7 @@
  #include "defines.h"
  #include "prototypes.h"
  #include "nscd.h"
+#include "shadowlog.h"
  #include "shadowlog_internal.h"
  
  #define MSG_NSCD_FLUSH_CACHE_FAILED "%s: Failed to flush the nscd cache.\n"
@@ -26,13 +27,13 @@ int nscd_flush_cache (const char *service)
  
         if (run_command (cmd, spawnedArgs, spawnedEnv, &status) != 0) {
                 /* run_command writes its own more detailed message. */
-               (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
+               (void) fprintf (log_get_logfd(), _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
                 return -1;
         }
  
         code = WEXITSTATUS (status);
         if (!WIFEXITED (status)) {
-               (void) fprintf (shadow_logfd,
+               (void) fprintf (log_get_logfd(),
                                 _("%s: nscd did not terminate normally (signal %d)\n"),
                                 shadow_progname, WTERMSIG (status));
                 return -1;
@@ -44,9 +45,9 @@ int nscd_flush_cache (const char *service)
                 /* nscd is installed, but it isn't active. */
                 return 0;
         } else if (code != 0) {
-               (void) fprintf (shadow_logfd, _("%s: nscd exited with status %d\n"),
+               (void) fprintf (log_get_logfd(), _("%s: nscd exited with status %d\n"),
                                 shadow_progname, code);
-               (void) fprintf (shadow_logfd, _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
+               (void) fprintf (log_get_logfd(), _(MSG_NSCD_FLUSH_CACHE_FAILED), shadow_progname);
                 return -1;
         }
  
diff --git a/lib/nss.c b/lib/nss.c

index f2112d08b6dab2ee1caf994577cdb11cb3eaab04..f6e5146d150b362c55e138cf7f61685ac4fb0264 100644 (file)
--- a/lib/nss.c
+++ b/lib/nss.c
@@ -55,7 +55,6 @@ nss_init(const char *nsswitch_path) {
         char    *line = NULL, *p;
         char    libname[64];
         FILE    *nssfp = NULL;
-       FILE    *shadow_logfd = log_get_logfd();
         void    *h;
         size_t  len = 0;
  
@@ -74,7 +73,7 @@ nss_init(const char *nsswitch_path) {
         nssfp = fopen(nsswitch_path, "r");
         if (!nssfp) {
                 if (errno != ENOENT)
-                       fprintf(shadow_logfd, "Failed opening %s: %m\n", nsswitch_path);
+                       fprintf(log_get_logfd(), "Failed opening %s: %m\n", nsswitch_path);
  
                 atomic_store(&nss_init_completed, true);
                 return;
@@ -97,7 +96,7 @@ nss_init(const char *nsswitch_path) {
                 goto null_subid;
         }
         if (stpsep(p, " \t\n") == NULL) {
-               fprintf(shadow_logfd, "No usable subid NSS module found, using files\n");
+               fprintf(log_get_logfd(), "No usable subid NSS module found, using files\n");
                 // subid_nss has to be null here, but to ease reviews:
                 goto null_subid;
         }
@@ -105,15 +104,15 @@ nss_init(const char *nsswitch_path) {
                 goto null_subid;
         }
         if (strlen(p) > 50) {
-               fprintf(shadow_logfd, "Subid NSS module name too long (longer than 50 characters): %s\n", p);
-               fprintf(shadow_logfd, "Using files\n");
+               fprintf(log_get_logfd(), "Subid NSS module name too long (longer than 50 characters): %s\n", p);
+               fprintf(log_get_logfd(), "Using files\n");
                 goto null_subid;
         }
         stprintf_a(libname, "libsubid_%s.so", p);
         h = dlopen(libname, RTLD_LAZY);
         if (!h) {
-               fprintf(shadow_logfd, "Error opening %s: %s\n", libname, dlerror());
-               fprintf(shadow_logfd, "Using files\n");
+               fprintf(log_get_logfd(), "Error opening %s: %s\n", libname, dlerror());
+               fprintf(log_get_logfd(), "Using files\n");
                 goto null_subid;
         }
         subid_nss = malloc_T(1, struct subid_nss_ops);
@@ -122,22 +121,22 @@ nss_init(const char *nsswitch_path) {
         }
         subid_nss->has_range = dlsym(h, "shadow_subid_has_range");
         if (!subid_nss->has_range) {
-               fprintf(shadow_logfd, "%s did not provide @has_range@\n", libname);
+               fprintf(log_get_logfd(), "%s did not provide @has_range@\n", libname);
                 goto close_lib;
         }
         subid_nss->list_owner_ranges = dlsym(h, "shadow_subid_list_owner_ranges");
         if (!subid_nss->list_owner_ranges) {
-               fprintf(shadow_logfd, "%s did not provide @list_owner_ranges@\n", libname);
+               fprintf(log_get_logfd(), "%s did not provide @list_owner_ranges@\n", libname);
                 goto close_lib;
         }
         subid_nss->find_subid_owners = dlsym(h, "shadow_subid_find_subid_owners");
         if (!subid_nss->find_subid_owners) {
-               fprintf(shadow_logfd, "%s did not provide @find_subid_owners@\n", libname);
+               fprintf(log_get_logfd(), "%s did not provide @find_subid_owners@\n", libname);
                 goto close_lib;
         }
         subid_nss->free = dlsym(h, "shadow_subid_free");
         if (!subid_nss->free) {
-               fprintf(shadow_logfd, "%s did not provide @subid_free@\n", libname);
+               fprintf(log_get_logfd(), "%s did not provide @subid_free@\n", libname);
                 goto close_lib;
         }
         subid_nss->handle = h;
diff --git a/lib/pam_pass.c b/lib/pam_pass.c

index 5df10f199a7afba863dbd4f447db4d7ca524fd55..d6372e1a2c3ad6fea7a99b9fcf487eb22f79667d 100644 (file)
--- a/lib/pam_pass.c
+++ b/lib/pam_pass.c
@@ -32,7 +32,6 @@ void do_pam_passwd (const char *user, bool silent, bool change_expired)
  {
         pam_handle_t *pamh = NULL;
         int flags = 0, ret;
-       FILE *shadow_logfd = log_get_logfd();
  
         if (silent)
                 flags |= PAM_SILENT;
@@ -41,20 +40,20 @@ void do_pam_passwd (const char *user, bool silent, bool change_expired)
  
         ret = pam_start ("passwd", user, &conv, &pamh);
         if (ret != PAM_SUCCESS) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("passwd: pam_start() failed, error %d\n"), ret);
                 exit (E_PAM_ERR);
         }
  
         ret = pam_chauthtok (pamh, flags);
         if (ret != PAM_SUCCESS) {
-               fprintf (shadow_logfd, _("passwd: %s\n"), pam_strerror (pamh, ret));
-               fputs (_("passwd: password unchanged\n"), shadow_logfd);
+               fprintf (log_get_logfd(), _("passwd: %s\n"), pam_strerror (pamh, ret));
+               fputs (_("passwd: password unchanged\n"), log_get_logfd());
                 pam_end (pamh, ret);
                 exit (E_PAM_ERR);
         }
  
-       fputs (_("passwd: password updated successfully\n"), shadow_logfd);
+       fputs (_("passwd: password updated successfully\n"), log_get_logfd());
         (void) pam_end (pamh, PAM_SUCCESS);
  }
  #else                          /* !USE_PAM */
diff --git a/lib/run_part.c b/lib/run_part.c

index f3ac46dbf88190b45e09ea24088c4f0941a0bcfa..97b5206636e814c9b75a0e98f500a9648fa889e3 100644 (file)
--- a/lib/run_part.c
+++ b/lib/run_part.c
@@ -12,7 +12,7 @@
  #include <lib/prototypes.h>
  
  #include "run_part.h"
-#include "shadowlog_internal.h"
+#include "shadowlog.h"
  #include "string/sprintf/aprintf.h"
  #include "string/strerrno.h"
  
@@ -26,14 +26,14 @@ static int run_part(char *script_path, const char *name, const char *action)
  
         pid=fork();
         if (pid==-1) {
-               fprintf(shadow_logfd, "fork: %s\n", strerrno());
+               fprintf(log_get_logfd(), "fork: %s\n", strerrno());
                 return 1;
         }
         if (pid==0) {
                 setenv("ACTION",action,1);
                 setenv("SUBJECT",name,1);
                 execv(script_path,args);
-               fprintf(shadow_logfd, "execv: %s\n", strerrno());
+               fprintf(log_get_logfd(), "execv: %s\n", strerrno());
                 _exit(1);
         }
  
@@ -42,7 +42,7 @@ static int run_part(char *script_path, const char *name, const char *action)
                 return (wait_status);
         }
  
-       fprintf(shadow_logfd, "wait: %s\n", strerrno());
+       fprintf(log_get_logfd(), "wait: %s\n", strerrno());
         return (1);
  }
  
@@ -64,7 +64,7 @@ int run_parts(const char *directory, const char *name, const char *action)
  
                 s = aprintf("%s/%s", directory, namelist[n]->d_name);
                 if (s == NULL) {
-                       fprintf(shadow_logfd, "aprintf: %s\n", strerrno());
+                       fprintf(log_get_logfd(), "aprintf: %s\n", strerrno());
                         for (; n<scanlist; n++) {
                                 free(namelist[n]);
                         }
@@ -74,7 +74,7 @@ int run_parts(const char *directory, const char *name, const char *action)
  
                 execute_result = 0;
                 if (stat(s, &sb) == -1) {
-                       fprintf(shadow_logfd, "stat: %s\n", strerrno());
+                       fprintf(log_get_logfd(), "stat: %s\n", strerrno());
                         free(s);
                         for (; n<scanlist; n++) {
                                 free(namelist[n]);
@@ -90,7 +90,7 @@ int run_parts(const char *directory, const char *name, const char *action)
                 free(s);
  
                 if (execute_result!=0) {
-                       fprintf(shadow_logfd,
+                       fprintf(log_get_logfd(),
                                 "%s: did not exit cleanly.\n",
                             namelist[n]->d_name);
                         for (; n<scanlist; n++) {
diff --git a/lib/selinux.c b/lib/selinux.c

index 0f6ffaf721536e58b7df5c4995218151ebce5a44..3d32636034ee198f186ffb6335c793f1600bbcbf 100644 (file)
--- a/lib/selinux.c
+++ b/lib/selinux.c
@@ -15,6 +15,7 @@
  #include <selinux/label.h>
  
  #include "prototypes.h"
+#include "shadowlog.h"
  #include "shadowlog_internal.h"
  #include "string/sprintf/aprintf.h"
  #include "string/strerrno.h"
@@ -138,7 +139,7 @@ static int selinux_log_cb (int type, const char *fmt, ...) {
                             && (errno != EAFNOSUPPORT)) {
  
                             (void) fputs (_("Cannot open audit interface.\n"),
-                                     shadow_logfd);
+                                     log_get_logfd());
                             SYSLOG ((LOG_WARN, "Cannot open audit interface."));
                         }
                 }
@@ -191,7 +192,7 @@ int check_selinux_permit (const char *perm_name)
         selinux_set_callback (SELINUX_CB_LOG, (union selinux_callback) { .func_log = selinux_log_cb });
  
         if (getprevcon_raw (&user_context_raw) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                     _("%s: can not get previous SELinux process context: %s\n"),
                     shadow_progname, strerrno());
                 SYSLOG ((LOG_WARN,
diff --git a/lib/semanage.c b/lib/semanage.c

index e20fea6ef0aa6f8b35df329a2887efe8caaed5d9..0018536be692e13b921055ecfd43f52ca65095fc 100644 (file)
--- a/lib/semanage.c
+++ b/lib/semanage.c
@@ -23,7 +23,7 @@
  
  #include "attr.h"
  #include "prototypes.h"
-#include "shadowlog_internal.h"
+#include "shadowlog.h"
  #include "string/sprintf/aprintf.h"
  
  
@@ -44,7 +44,7 @@ static void semanage_error_callback (void *,
         switch (semanage_msg_get_level (handle)) {
         case SEMANAGE_MSG_ERR:
         case SEMANAGE_MSG_WARN:
-               fprintf (shadow_logfd, _("[libsemanage]: %s\n"), message);
+               fprintf (log_get_logfd(), _("[libsemanage]: %s\n"), message);
                 break;
         case SEMANAGE_MSG_INFO:
                 /* nop */
@@ -62,7 +62,7 @@ static semanage_handle_t *semanage_init (void)
  
         handle = semanage_handle_create ();
         if (NULL == handle) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Cannot create SELinux management handle\n"));
                 return NULL;
         }
@@ -71,26 +71,26 @@ static semanage_handle_t *semanage_init (void)
  
         ret = semanage_is_managed (handle);
         if (ret != 1) {
-               fprintf (shadow_logfd, _("SELinux policy not managed\n"));
+               fprintf (log_get_logfd(), _("SELinux policy not managed\n"));
                 goto fail;
         }
  
         ret = semanage_access_check (handle);
         if (ret < SEMANAGE_CAN_READ) {
-               fprintf (shadow_logfd, _("Cannot read SELinux policy store\n"));
+               fprintf (log_get_logfd(), _("Cannot read SELinux policy store\n"));
                 goto fail;
         }
  
         ret = semanage_connect (handle);
         if (ret != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Cannot establish SELinux management connection\n"));
                 goto fail;
         }
  
         ret = semanage_begin_transaction (handle);
         if (ret != 0) {
-               fprintf (shadow_logfd, _("Cannot begin SELinux transaction\n"));
+               fprintf (log_get_logfd(), _("Cannot begin SELinux transaction\n"));
                 goto fail;
         }
  
@@ -115,7 +115,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
  
         semanage_seuser_query (handle, key, &seuser);
         if (NULL == seuser) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Could not query seuser for %s\n"), login_name);
                 ret = 1;
                 goto done;
@@ -124,7 +124,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
         if (serange && semanage_mls_enabled(handle)) {
                 ret = semanage_seuser_set_mlsrange (handle, seuser, serange);
                 if (ret != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("Could not set serange for %s to %s\n"),
                                  login_name, serange);
                         ret = 1;
@@ -134,7 +134,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
  
         ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
         if (ret != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Could not set sename for %s\n"),
                          login_name);
                 ret = 1;
@@ -143,7 +143,7 @@ static int semanage_user_mod (semanage_handle_t *handle,
  
         ret = semanage_seuser_modify_local (handle, key, seuser);
         if (ret != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Could not modify login mapping for %s\n"),
                          login_name);
                 ret = 1;
@@ -168,7 +168,7 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_create (handle, &seuser);
         if (ret != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Cannot create SELinux login mapping for %s\n"),
                          login_name);
                 ret = 1;
@@ -177,7 +177,7 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_set_name (handle, seuser, login_name);
         if (ret != 0) {
-               fprintf (shadow_logfd, _("Could not set name for %s\n"), login_name);
+               fprintf (log_get_logfd(), _("Could not set name for %s\n"), login_name);
                 ret = 1;
                 goto done;
         }
@@ -185,7 +185,7 @@ static int semanage_user_add (semanage_handle_t *handle,
         if (serange && semanage_mls_enabled(handle)) {
                 ret = semanage_seuser_set_mlsrange (handle, seuser, serange);
                 if (ret != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("Could not set serange for %s to %s\n"),
                                  login_name, serange);
                         ret = 1;
@@ -195,7 +195,7 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_set_sename (handle, seuser, seuser_name);
         if (ret != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Could not set SELinux user for %s\n"),
                          login_name);
                 ret = 1;
@@ -204,7 +204,7 @@ static int semanage_user_add (semanage_handle_t *handle,
  
         ret = semanage_seuser_modify_local (handle, key, seuser);
         if (ret != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Could not add login mapping for %s\n"),
                          login_name);
                 ret = 1;
@@ -232,21 +232,21 @@ int set_seuser (const char *login_name, const char *seuser_name, const char *ser
  
         handle = semanage_init ();
         if (NULL == handle) {
-               fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
+               fprintf (log_get_logfd(), _("Cannot init SELinux management\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_key_create (handle, login_name, &key);
         if (ret != 0) {
-               fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
+               fprintf (log_get_logfd(), _("Cannot create SELinux user key\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_exists (handle, key, &seuser_exists);
         if (ret < 0) {
-               fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
+               fprintf (log_get_logfd(), _("Cannot verify the SELinux user\n"));
                 ret = 1;
                 goto done;
         }
@@ -254,7 +254,7 @@ int set_seuser (const char *login_name, const char *seuser_name, const char *ser
         if (0 != seuser_exists) {
                 ret = semanage_user_mod (handle, key, login_name, seuser_name, serange);
                 if (ret != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("Cannot modify SELinux user mapping\n"));
                         ret = 1;
                         goto done;
@@ -262,7 +262,7 @@ int set_seuser (const char *login_name, const char *seuser_name, const char *ser
         } else {
                 ret = semanage_user_add (handle, key, login_name, seuser_name, serange);
                 if (ret != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("Cannot add SELinux user mapping\n"));
                         ret = 1;
                         goto done;
@@ -271,7 +271,7 @@ int set_seuser (const char *login_name, const char *seuser_name, const char *ser
  
         ret = semanage_commit (handle);
         if (ret < 0) {
-               fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
+               fprintf (log_get_logfd(), _("Cannot commit SELinux transaction\n"));
                 ret = 1;
                 goto done;
         }
@@ -297,27 +297,27 @@ int del_seuser (const char *login_name)
  
         handle = semanage_init ();
         if (NULL == handle) {
-               fprintf (shadow_logfd, _("Cannot init SELinux management\n"));
+               fprintf (log_get_logfd(), _("Cannot init SELinux management\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_key_create (handle, login_name, &key);
         if (ret != 0) {
-               fprintf (shadow_logfd, _("Cannot create SELinux user key\n"));
+               fprintf (log_get_logfd(), _("Cannot create SELinux user key\n"));
                 ret = 1;
                 goto done;
         }
  
         ret = semanage_seuser_exists (handle, key, &exists);
         if (ret < 0) {
-               fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
+               fprintf (log_get_logfd(), _("Cannot verify the SELinux user\n"));
                 ret = 1;
                 goto done;
         }
  
         if (0 == exists) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Login mapping for %s is not defined, OK if default mapping was used\n"),
                          login_name);
                 ret = 0;  /* probably default mapping */
@@ -326,13 +326,13 @@ int del_seuser (const char *login_name)
  
         ret = semanage_seuser_exists_local (handle, key, &exists);
         if (ret < 0) {
-               fprintf (shadow_logfd, _("Cannot verify the SELinux user\n"));
+               fprintf (log_get_logfd(), _("Cannot verify the SELinux user\n"));
                 ret = 1;
                 goto done;
         }
  
         if (0 == exists) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Login mapping for %s is defined in policy, cannot be deleted\n"),
                          login_name);
                 ret = 0; /* Login mapping defined in policy can't be deleted */
@@ -341,7 +341,7 @@ int del_seuser (const char *login_name)
  
         ret = semanage_seuser_del_local (handle, key);
         if (ret != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("Could not delete login mapping for %s"),
                          login_name);
                 ret = 1;
@@ -350,7 +350,7 @@ int del_seuser (const char *login_name)
  
         ret = semanage_commit (handle);
         if (ret < 0) {
-               fprintf (shadow_logfd, _("Cannot commit SELinux transaction\n"));
+               fprintf (log_get_logfd(), _("Cannot commit SELinux transaction\n"));
                 ret = 1;
                 goto done;
         }
diff --git a/lib/shadowlog.c b/lib/shadowlog.c

index 7bcc63cab0441afd9c82ea4a0951d6f1de67a2e7..4c8dddd7eeb5febd4912d3ed7bcaeee23b695364 100644 (file)
--- a/lib/shadowlog.c
+++ b/lib/shadowlog.c
@@ -3,7 +3,7 @@
  #include "lib/shadowlog_internal.h"
  
  const char *shadow_progname = "libshadow";
-FILE *shadow_logfd = NULL;
+static FILE *shadow_logfd = NULL;
  
  void log_set_progname(const char *progname)
  {
diff --git a/lib/shadowlog_internal.h b/lib/shadowlog_internal.h

index 2ed7932be90070fbfc43de60af51dd713ac4ac5e..1d2d16761bfaac57805b6aad51b9124643bcf2b9 100644 (file)
--- a/lib/shadowlog_internal.h
+++ b/lib/shadowlog_internal.h
@@ -2,6 +2,5 @@
  #define _SHADOWLOG_INTERNAL_H
  
  extern const char *shadow_progname; /* Program name shown in error messages */
-extern FILE *shadow_logfd;  /* file descriptor to which error messages are printed */
  
  #endif /* _SHADOWLOG_INTERNAL_H */
diff --git a/lib/spawn.c b/lib/spawn.c

index 2bcbc4451f0b59266e7cd55cfd8c7c570ff22e26..4b6169e5bc3e0c0cdb4564aae59df6f0b36d2533 100644 (file)
--- a/lib/spawn.c
+++ b/lib/spawn.c
@@ -15,6 +15,7 @@
  
  #include "exitcodes.h"
  #include "prototypes.h"
+#include "shadowlog.h"
  #include "shadowlog_internal.h"
  #include "string/strerrno.h"
  
@@ -30,7 +31,7 @@ run_command(const char *cmd, const char *argv[],
         }
  
         (void) fflush (stdout);
-       (void) fflush (shadow_logfd);
+       (void) fflush (log_get_logfd());
  
         pid = fork ();
         if (0 == pid) {
@@ -39,11 +40,11 @@ run_command(const char *cmd, const char *argv[],
                 if (ENOENT == errno) {
                         _exit (E_CMD_NOTFOUND);
                 }
-               fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
+               fprintf (log_get_logfd(), "%s: cannot execute %s: %s\n",
                          shadow_progname, cmd, strerrno());
                 _exit (E_CMD_NOEXEC);
         } else if ((pid_t)-1 == pid) {
-               fprintf (shadow_logfd, "%s: cannot execute %s: %s\n",
+               fprintf (log_get_logfd(), "%s: cannot execute %s: %s\n",
                          shadow_progname, cmd, strerrno());
                 return -1;
         }
@@ -56,7 +57,7 @@ run_command(const char *cmd, const char *argv[],
                  || ((pid_t)-1 != wpid && wpid != pid));
  
         if ((pid_t)-1 == wpid) {
-               fprintf (shadow_logfd, "%s: waitpid (status: %d): %s\n",
+               fprintf (log_get_logfd(), "%s: waitpid (status: %d): %s\n",
                          shadow_progname, *status, strerrno());
                 return -1;
         }
diff --git a/lib/tcbfuncs.c b/lib/tcbfuncs.c

index 269ae0d0443dc94dd51f432d176df1211730ca79..ee8f5768274eeba591854a92b7c3299a484b56f4 100644 (file)
--- a/lib/tcbfuncs.c
+++ b/lib/tcbfuncs.c
@@ -23,6 +23,7 @@
  #include "prototypes.h"
  #include "tcbfuncs.h"
  #include "shadowio.h"
+#include "shadowlog.h"
  #include "shadowlog_internal.h"
  #include "string/sprintf/aprintf.h"
  #include "string/strcmp/streq.h"
@@ -64,8 +65,8 @@ shadowtcb_status shadowtcb_gain_priv (void)
   * to exit soon.
   */
  #define OUT_OF_MEMORY do { \
-       fprintf (shadow_logfd, _("%s: out of memory\n"), shadow_progname); \
-       (void) fflush (shadow_logfd); \
+       fprintf (log_get_logfd(), _("%s: out of memory\n"), shadow_progname); \
+       (void) fflush (log_get_logfd()); \
  } while (false)
  
  /* Returns user's tcb directory path relative to TCB_DIR. */
@@ -102,7 +103,7 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
                 return NULL;
         }
         if (lstat (path, &st) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot stat %s: %s\n"),
                          shadow_progname, path, strerrno());
                 free (path);
@@ -118,14 +119,14 @@ static /*@null@*/ char *shadowtcb_path_rel_existing (const char *name)
                 return rval;
         }
         if (!S_ISLNK (st.st_mode)) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: %s is neither a directory, nor a symlink.\n"),
                          shadow_progname, path);
                 free (path);
                 return NULL;
         }
         if (readlinknul_a(path, link) == -1) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot read symbolic link %s: %s\n"),
                          shadow_progname, path, strerrno());
                 free (path);
@@ -186,7 +187,7 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
         }
         ptr = path;
         if (stat (TCB_DIR, &st) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot stat %s: %s\n"),
                          shadow_progname, TCB_DIR, strerrno());
                 goto out_free_path;
@@ -199,19 +200,19 @@ static shadowtcb_status mkdir_leading (const char *name, uid_t uid)
                         return SHADOWTCB_FAILURE;
                 }
                 if ((mkdir (dir, 0700) != 0) && (errno != EEXIST)) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: Cannot create directory %s: %s\n"),
                                  shadow_progname, dir, strerrno());
                         goto out_free_dir;
                 }
                 if (chown (dir, 0, st.st_gid) != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: Cannot change owner of %s: %s\n"),
                                  shadow_progname, dir, strerrno());
                         goto out_free_dir;
                 }
                 if (chmod (dir, 0711) != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: Cannot change mode of %s: %s\n"),
                                  shadow_progname, dir, strerrno());
                         goto out_free_dir;
@@ -242,7 +243,7 @@ static shadowtcb_status unlink_suffs (const char *user)
                         return SHADOWTCB_FAILURE;
                 }
                 if ((unlink (tmp) != 0) && (errno != ENOENT)) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: unlink: %s: %s\n"),
                                  shadow_progname, tmp, strerrno());
                         free (tmp);
@@ -272,7 +273,7 @@ rmdir_leading(const char *relpath)
  
                 if (rmdir(path) != 0) {
                         if (errno != ENOTEMPTY) {
-                               fprintf (shadow_logfd,
+                               fprintf (log_get_logfd(),
                                          _("%s: Cannot remove directory %s: %s\n"),
                                          shadow_progname, path, strerrno());
                                 ret = SHADOWTCB_FAILURE;
@@ -306,7 +307,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
                 goto out_free_nomem;
         }
         if (stat (olddir, &oldmode) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot stat %s: %s\n"),
                          shadow_progname, olddir, strerrno());
                 goto out_free;
@@ -333,7 +334,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
                 goto out_free;
         }
         if (rename (real_old_dir, real_new_dir) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot rename %s to %s: %s\n"),
                          shadow_progname, real_old_dir, real_new_dir, strerrno());
                 goto out_free;
@@ -342,7 +343,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
                 goto out_free;
         }
         if ((unlink (olddir) != 0) && (errno != ENOENT)) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot remove %s: %s\n"),
                          shadow_progname, olddir, strerrno());
                 goto out_free;
@@ -357,7 +358,7 @@ static shadowtcb_status move_dir (const char *user_newname, uid_t user_newid)
         }
         if (   !streq(real_new_dir, newdir)
             && (symlink (real_new_dir_rel, newdir) != 0)) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot create symbolic link %s: %s\n"),
                          shadow_progname, real_new_dir_rel, strerrno());
                 goto out_free;
@@ -461,37 +462,37 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
                 return SHADOWTCB_FAILURE;
         }
         if (stat (tcbdir, &dirmode) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot stat %s: %s\n"),
                          shadow_progname, tcbdir, strerrno());
                 goto out_free;
         }
         if (chown (tcbdir, 0, 0) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change owners of %s: %s\n"),
                          shadow_progname, tcbdir, strerrno());
                 goto out_free;
         }
         if (chmod (tcbdir, 0700) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change mode of %s: %s\n"),
                          shadow_progname, tcbdir, strerrno());
                 goto out_free;
         }
         if (lstat (shadow, &filemode) != 0) {
                 if (errno != ENOENT) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: Cannot lstat %s: %s\n"),
                                  shadow_progname, shadow, strerrno());
                         goto out_free;
                 }
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Warning, user %s has no tcb shadow file.\n"),
                          shadow_progname, user_newname);
         } else {
                 if (!S_ISREG (filemode.st_mode) ||
                         filemode.st_nlink != 1) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: Emergency: %s's tcb shadow is not a "
                                    "regular file with st_nlink=1.\n"
                                    "The account is left locked.\n"),
@@ -499,13 +500,13 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
                         goto out_free;
                 }
                 if (chown (shadow, user_newid, filemode.st_gid) != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: Cannot change owner of %s: %s\n"),
                                  shadow_progname, shadow, strerrno());
                         goto out_free;
                 }
                 if (chmod (shadow, filemode.st_mode & 07777) != 0) {
-                       fprintf (shadow_logfd,
+                       fprintf (log_get_logfd(),
                                  _("%s: Cannot change mode of %s: %s\n"),
                                  shadow_progname, shadow, strerrno());
                         goto out_free;
@@ -515,13 +516,13 @@ shadowtcb_status shadowtcb_move (/*@NULL@*/const char *user_newname, uid_t user_
                 goto out_free;
         }
         if (chown (tcbdir, user_newid, dirmode.st_gid) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change owner of %s: %s\n"),
                          shadow_progname, tcbdir, strerrno());
                 goto out_free;
         }
         if (chmod (tcbdir, dirmode.st_mode & 07777) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change mode of %s: %s\n"),
                          shadow_progname, tcbdir, strerrno());
                 goto out_free;
@@ -546,7 +547,7 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
                 return SHADOWTCB_SUCCESS;
         }
         if (stat (TCB_DIR, &tcbdir_stat) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot stat %s: %s\n"),
                          shadow_progname, TCB_DIR, strerrno());
                 return SHADOWTCB_FAILURE;
@@ -571,37 +572,37 @@ shadowtcb_status shadowtcb_create (const char *name, uid_t uid)
                 return SHADOWTCB_FAILURE;
         }
         if (mkdir (dir, 0700) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: mkdir: %s: %s\n"), shadow_progname, dir, strerrno());
                 goto out_free;
         }
         fd = open (shadow, O_RDWR | O_CREAT | O_TRUNC, 0600);
         if (fd < 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot open %s: %s\n"),
                          shadow_progname, shadow, strerrno());
                 goto out_free;
         }
         if (fchown (fd, 0, authgid) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change owner of %s: %s\n"),
                          shadow_progname, shadow, strerrno());
                 goto out_free;
         }
         if (fchmod (fd, (mode_t) ((authgid == shadowgid) ? 0600 : 0640)) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change mode of %s: %s\n"),
                          shadow_progname, shadow, strerrno());
                 goto out_free;
         }
         if (chown (dir, 0, authgid) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change owner of %s: %s\n"),
                          shadow_progname, dir, strerrno());
                 goto out_free;
         }
         if (chmod (dir, (mode_t) ((authgid == shadowgid) ? 02700 : 02710)) != 0) {
-               fprintf (shadow_logfd,
+               fprintf (log_get_logfd(),
                          _("%s: Cannot change mode of %s: %s\n"),
                          shadow_progname, dir, strerrno());
                 goto out_free;
author	Tobias Stoeckmann <tobias@stoeckmann.org>
	Sun, 11 Jan 2026 11:28:46 +0000 (12:28 +0100)
committer	Alejandro Colomar <foss+github@alejandro-colomar.es>
	Mon, 12 Jan 2026 13:27:05 +0000 (14:27 +0100)
lib/addgrps.c		patch \| blob \| blame \| history
lib/chowntty.c		patch \| blob \| blame \| history
lib/commonio.c		patch \| blob \| blame \| history
lib/copydir.c		patch \| blob \| blame \| history
lib/encrypt.c		patch \| blob \| blame \| history
lib/getdef.c		patch \| blob \| blame \| history
lib/gettime.c		patch \| blob \| blame \| history
lib/nscd.c		patch \| blob \| blame \| history
lib/nss.c		patch \| blob \| blame \| history
lib/pam_pass.c		patch \| blob \| blame \| history
lib/run_part.c		patch \| blob \| blame \| history
lib/selinux.c		patch \| blob \| blame \| history
lib/semanage.c		patch \| blob \| blame \| history
lib/shadowlog.c		patch \| blob \| blame \| history
lib/shadowlog_internal.h		patch \| blob \| blame \| history
lib/spawn.c		patch \| blob \| blame \| history
lib/tcbfuncs.c		patch \| blob \| blame \| history