src/login_nopam.c: Rely on the system's MAXHOSTNAMELEN

The reason for that code seems to be some ancient AIX version that
defined a value that was too small (32).  We don't support such systems.
In the link below, I found the following comment and code:

 /*
  * Some AIX versions advertise a too small MAXHOSTNAMELEN value (32).
  * Result: long hostnames would be truncated, and connections would be
  * dropped because of host name verification failures. Adrian van Bloois
  * (A.vanBloois@info.nic.surfnet.nl) figured out what was the problem.
  */

#if (MAXHOSTNAMELEN < 64)
#undef MAXHOSTNAMELEN
#endif

/* In case not defined in <sys/param.h>. */

#ifndef MAXHOSTNAMELEN
#define MAXHOSTNAMELEN  256             /* storage for host name */
#endif

Today's systems seem to be much better regarding this macro.  Rely on
them.

Link: <https://sources.debian.org/src/tcp-wrappers/7.6.q-33/workarounds.c/?hl=36#L36>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/gshadow.c: endsgent(): Invert logic to reduce indentation

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/list.c: comma_to_list(): Use strchrcnt() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strchr/: strchrcnt(): Add function

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strcmp/: streq(): Add function

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/gpasswd.c: is_valid_user_list(): Fix invalid free(3)

This fix addresses an issue in is_valid_user_list() where the free
operation was attempted on an address not allocated with malloc().  By
duplicating the pointer with xstrdup(users) into dup, and using dup as
the original pointer, we ensure that only the valid pointer is freed,
avoiding an invalid free operation.

This bug was introduced when changing some code that used strchrnul(3)
to use strsep(3) instead.  strsep(3) advances the pointer, unlike the
previous code.

This unconditionally leads to a bug:

-  Passing NULL to free(3), if the last field in the
   colon-separated-value list is non-empty.  This results in a memory
   leak.

-  Passing a pointer to the null byte ('\0') that terminates the string,
   if the last element of the colon-separated-value list is empty.  The
   most obvious reproducer of such a bogus free(3) call is:

       free(strdup("foo:") + 4);

   This results in Undefined Behavior, and could result in allocator
   data corruption.

Fixes: 16cb66486554 (2024-07-01, "lib/, src/: Use strsep(3) instead of its pattern")
Suggested-by: <https://github.com/frostb1ten>
Reported-by: <https://github.com/frostb1ten>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Cc: Christian Brauner <christian@brauner.io>

man/shadow,man/gshadow: Fix grammar

Signed-off-by: Miroslav Cimerman <mc@doas.su>

lib/fs/readlink/areadlink.h: areadlink(): Use PATH_MAX instead of a magic value

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/fs/readlink/areadlink.h: Cosmetic changes

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/fs/readlink/, lib/: areadlink(): Move and rename function

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Use READLINKNUL() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Use readlinknul() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/fs/readlink/readlinknul.h: READLINKNUL(): Add macro

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/fs/readlink/: readlinknul(): Add function

Signed-off-by: Alejandro Colomar <alx@kernel.org>

CI: fix fedora build problems

The new fedora 41 has been released and some things have changed. Make
sure to install python and python3-dnf and specify the dnf version in
the roles.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

CI: fix handling of sources.list

Closes #1088

We can't be sure whether a github runner will have new- or old-
style sources.list, so check whether the new exists, else use
the old style.

Signed-off-by: Serge Hallyn <serge@hallyn.com>

lib/loginprompt.c: login_prompt(): Use strtcpy() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/getdef.c: Remove dead code

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/fields.c: Remove dead code

A few lines above, we've removed the '\n' already.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/useradd.c: get_groups(): Fix memory leak

Fix coverity unbound buffer issues

During coverity scan, there are reported four issues
with unbounded source buffer for each usage of input arg
directly with syslog function.

Sample coverity test report for chsh.c file:

 1. string_size_argv: argv contains strings with unknown size.
 int main (int argc, char **argv)
[...]
 4. var_assign_var: Assigning: user = argv[optind]. Both are now tainted.
 user = argv[optind];
[...]
CID 5771784: (#1 of 1): Unbounded source buffer (STRING_SIZE)
15. string_size: Passing string user of unknown size to syslog.
 SYSLOG ((LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh));

Similar issue is reported three times more:
File: chfn.c, function: main, variable: user
File: passwd.c, function: main, variable: name
File: newgrp.c, function: main, variable: group

This commit is the first approach to fix the reported issues.
The proposed changes add conditions, which verify
the user and group names arguments, including their lengths.
This will not silence the coverity reports, but the change causes
that they are irrelevant and could be ignored.

lib/alloc/realloc*.h: Always reallocate at least 1 byte

glibc's realloc(3) is broken.  It was originally good (I believe) until
at some point, when it was changed to conform to C89, which had a bogus
specification that required that it returns NULL.  C99 fixed the mistake
from C89, and so glibc's realloc(3) is non-conforming to
C99/C11/POSIX.1-2008.  C17 broke again the definition of realloc(3).

Link: <https://github.com/shadow-maint/shadow/pull/1095>
Link: <https://nabijaczleweli.xyz/content/blogn_t/017-malloc0.html>
Link: <https://inbox.sourceware.org/libc-alpha/5gclfbrxfd7446gtwd2x2gfuquy7ukjdbrndphyfmfszxlft76@wwjz7spd4vd7/T/#t>
Co-developed-by: наб <nabijaczleweli@nabijaczleweli.xyz>
Signed-off-by: наб <nabijaczleweli@nabijaczleweli.xyz>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
Acked-by: Paul Eggert <eggert@cs.ucla.edu>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/alloc/realloc*.h: Rename macro parameter

This is in preparation for the following commit, which will need this
shorter parameter name to avoid breaking long lines.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

doc/contributions/introduction.md: Fix typo in link

Fixes: 981bb8f9d1ba ("doc: add contributions introduction")
Reported-by: наб <nabijaczleweli@nabijaczleweli.xyz>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

CI: install `libltdl-dev`

Required to manage an autoconf macro.

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

CI: run command as non-root user

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

CI: run `Install dependencies` workflow

Run this workflow instead of replicating the script every time we need
to install the dependencies.

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

CI: update Ubuntu repositories configuration

Recently Ubuntu updated its repositories configuration file from
`/etc/apt/sources.list` to `/etc/apt/sources.list.d/ubuntu.source`.
Thus, we need to update its location to be able to install all the
package dependencies.

In addition, the CI script was trying to uncomment the lines starting
with `deb-src`, but there is none in the new configuration file format.
Replace `Types: deb` by `Types: deb deb-src` at the beginning of the
line instead.

This commit merges all dependency installation scripts into a single
workflow, which will be called from all sites that have to install
dependencies.

Link: https://linuxconfig.org/ubuntus-repository-configuration-ubuntu-sources-have-moved-to-etc-apt-sources-list-d-ubuntu-sources
Closes: https://github.com/shadow-maint/shadow/issues/1088
Reported-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

src/suauth.c: check_su_auth(): Use pointers to simplify

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/suauth.c: check_su_auth(): Use strspn(3) instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/gshadow.c: endsgent(): Remove dead assignment

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/port.c: portcmp(): Use strcmp(3) instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Use stpspn() instead of its pattern

Signed-off-by: Alejandro Colomar <alx@kernel.org>

useradd: fix comparison sign for write_full() return

I forgot to change the comparison sign that checks the return value of
write_full()

Closes: https://github.com/shadow-maint/shadow/issues/1072
Fixes: 8903b94c86c9 ("useradd: fix write_full() return value")
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2313559

Reported-by: <https://github.com/brown-midas>
Suggested-by: <https://github.com/brown-midas>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>

src/useradd.c: Add the missing equals sign

Fixes: a7b169be1862 ("src/useradd.c: Use stpsep() to simplify")
Reviewed-by: Alejandro Colomar <alx@kernel.org>

src/check_subid_range.c: Remove dead code

I forgot to remove the setting of errno when I switched from
strtoul_noneg() to str2ul().  strtoul(3) needs errno for determining
success, but str2ul() does not.

Fixes: f3a1e1cf098d ("src/check_subid_range.c: Call str2ul() instead of strtoul_noneg()")
Signed-off-by: Alejandro Colomar <alx@kernel.org>

man/subgid,man/subuid: Fix program list

The groupadd utility does not set information in subgid. Instead, list
all programs which actually can do so.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

man/passwd: Fix typo

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

src/useradd.c: Add fmkomstemp() to fix mode of </etc/default/useradd>

The mode of the file should be 644, but mkstemp(2) was transforming it
to 600.

To do this, we need a function that accepts a mode parameter.  While we
don't need a flags parameter, to avoid confusion with mkostemp(2), let's
add both a flags and a mode parameter.

Link: <https://github.com/shadow-maint/shadow/pull/1080>
Reported-by: kugarocks <kugacola@gmail.com>
Suggested-by: kugarocks <kugacola@gmail.com>
Tested-by: kugarocks <kugacola@gmail.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib: Eliminate dead code

The tz function is only called if ENV_TZ starts with a slash.

If the specified file cannot be read, the code implies that ENV_TZ
would be returned if it does not start with a slash.

Since we know that it DOES start with a slash, the code can be
simplified to state that "TZ=CST6CDT" is returned as a default if
the specified file cannot be read.

Benefit of this change is that strcpy's use case here can be
easier verified.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

lib/run_part: Adjust style

Remove some of these whitespaces.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

lib/run_part: Unify error messages

At least if they can be assigned directly to a function call.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

lib: Fix typo

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

lib/run_part: Reduce visibility

The run_part function is only used in run_part.c itself, so no
need to expose it to other files.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

lib/run_part: Unify logging

Use shadow_logfd for logging instead of fixed stderr to use
shadow's own logging infrastructure.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

lib/run_part: Use correct data types

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

Fix typos

Typos in comments and configure output, i.e. no functional change.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

useradd: fix write_full() return value

write_full() returns -1 on error and useradd was checking another value.

Closes: https://github.com/shadow-maint/shadow/issues/1072
Fixes: f45498a6c286 ("libmisc/write_full.c: Improve write_full()")
Reported-by: <https://github.com/brown-midas>
Suggested-by: <https://github.com/brown-midas>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>

lib/user_busy.c: Include <utmpx.h>

Since:
- utmpx APIs are used in non-Linux code blocks
- <utmpx.h> is already unconditionally included in Linux parts in other
  files
then unconditionally include it in this file as well.

Signed-off-by: Pino Toscano <toscano.pino@tiscali.it>

src/: Recommend --badname only if it is useful

(Review with -w (--ignore-all-space).)

Closes: <https://github.com/shadow-maint/shadow/issues/1067>
Reported-by: Anselm Schüler <mail@anselmschueler.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/: Invert logic to improve readability

And remove the (now) redundant comments.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/chkname.c: is_valid_{user,group}_name(): Set errno to distinguish the reasons

Signed-off-by: Alejandro Colomar <alx@kernel.org>

man/userdel.8.xml: Reword '-f'

The previous wording seemed to say that -f implied -r.  It doesn't; -f
only skips safety checks, so reword accordingly.

Closes: <https://github.com/shadow-maint/shadow/issues/1062>
Reported-by: Martin von Wittich <martin.von.wittich@iserv.eu>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Chain free(strzero(s))

This reduces the repetition of the argument, which could be error-prone.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/memset/: memzero(), strzero(): Return the pointer

This allows chaining with free(3) on the same line.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/: Move memzero.[ch] under lib/string/memset/

Signed-off-by: Alejandro Colomar <alx@kernel.org>

po/es.po: wsfix

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strftime.h: STRFTIME(): Tighten macro definition

strftime(3) is not a variadic function; there's exactly one argument
after the format string.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/chage.c: print_day_as_date(): Handle errors from strfime(3)

Just like we do in day_to_str().

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/chage.c: print_day_as_date(): Simplify error handling

If localtime_r(3) fails, just print future, as we do in day_to_str().
It should only fail for unrealistic dates, if at all.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/, src/: Use %F instead of %Y-%m-%d with strftime(3)

%F is specified by ISO C99.  It adds semantic meaning as printing an
ISO 8601 date.

Scripted change:

$ cat ~/tmp/spatch/strftime_F.sp
@@
@@

- "%Y-%m-%d"
+ "%F"
$ find contrib/ lib* src/ -type f \
| xargs spatch --sp-file ~/tmp/spatch/strftime_F.sp --in-place

Signed-off-by: Alejandro Colomar <alx@kernel.org>

Remove references to cppw, cpgr

cppw, cpgr were Debian-only tools, which I've dropped in a recent upload.

Upstream should have never had tests for them.

Signed-off-by: Chris Hofstaedtler <zeha@debian.org>

Update Catalan translation

lib/, src/: Use local time for human-readable dates

That is, use localtime_r(3) instead of gmtime_r(3).

Closes: <https://github.com/shadow-maint/shadow/issues/1057>
Reported-by: Gus Kenion <https://github.com/kenion>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Paul Eggert <eggert@cs.ucla.edu>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

doc(login.defs): fix type of TTYPERM

share/containers: remove unused dockerfiles

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

CI: use Ansible build in Github Action

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

doc: update documentation to use Ansible build

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/container-build.sh: update to use Ansible build

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/ansible: implement distribution selection

Distribution to run can be selected when running `ansible-playbook` by
appending `-e 'distribution=fedora'` to the command.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/ansible: convert alpine dockerfile to ansible

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/ansible: convert debian dockerfile to ansible

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/ansible: move fedora ci_run to its own file

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/.gitignore: add build-out folder

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/ansible: create roles

Create `build_container` and `ci_run` roles and move the fedora target
to them.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

share/ansible: convert fedora dockerfile to ansible

Using a dockerfile to build, install and test the code can be
problematic as we can't capture the log files to check what failed in
case of failure. This PR converts the fedora dockerfile to Ansible, an
open source IT automation tool. The tool can be used on the developers
and the CI system to check whether a piece of code can be built,
installed and tested.

This is the first patch in a series, where I will convert the existing
PR workflows to use Ansible instead of dockerfiles.

Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>

Makefile.am: avoid warning: EXTRA_DIST multiply defined

automake complained about duplicate definitions of EXTRA_DIST:

autoreconf: running: automake --add-missing --copy --no-force
Makefile.am:19: warning: EXTRA_DIST multiply defined in condition TRUE ...
Makefile.am:3: ... 'EXTRA_DIST' previously defined here
autoreconf: Leaving directory '.'

Signed-off-by: Chris Hofstaedtler <zeha@debian.org>

tests/libsubid/04_nss: fix setting basedir

Align on variable name BUILD_BASE_DIR for overriding the toplevel
directory. This is the same name as accepted by tests/common/config.sh.

Without this, the test libsubid/04_nss fails in Debian's autopkgtests.

Signed-off-by: Chris Hofstaedtler <zeha@debian.org>

man: groupmod: remove misleading -N option

The extra paragraph for --users mentions a -N option. groupmod has no -N
option.

Prevent confusion and remove its appearance.

Signed-off-by: Sebastian Gross <sgross@emlix.com>

man: group(add|mod): clarify list format

The --users list option expect a string of comma separated values.
While this might be obvious to some others it is certainly not for others.

Remove this ambiguity.

Closes #848

Signed-off-by: Sebastian Gross <sgross@emlix.com>

man: groupmod: fix misleading param

--append has no argument in groupmod.c but the man pages states GID as
parameter.

In order to avoid confusion remove it from man page.

Signed-off-by: Sebastian Gross <sgross@emlix.com>

lib/chkname.c: An object cannot expand further than the universe in which it resides

If you want a larger object, you'll have to wait at least until the
universe expands so much.

If an implementation doesn't recognize its own limitations, its a bug,
not a feature.

Closes: <https://github.com/shadow-maint/shadow/issues/1052>
Cc: Tobias Stoeckmann <tobias@stoeckmann.org>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/atoi/strtoi/, tests/: strto[iu]_(): 1 is an invalid base

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/atoi/, *: Split files

src/usermod.c: Use id_t for parsing uid_t and gid_t

Use a static_assert(3) to make sure that id_t == uid_t == gid_t.

And use uintmax_t to print it, since on Linux they are unsigned types.

Link: <https://github.com/shadow-maint/shadow/pull/951>
Reviewed-by: Tycho Andersen <tycho@tycho.pizza>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/usermod.c: Rename identifiers ralated to [ug]id's

It was unclear why this code is using ulong.  Since these only handle
uid's and gid's, rename the identifiers accordingly, after id_t.

Link: <https://github.com/shadow-maint/shadow/pull/951>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Don't exit() from a library function

Fixes: ff2baed5dbf8 ("idmapping: add more checks for overflow")
Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Reported-by: Alejandro Colomar <alx@kernel.org>
Suggested-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Simplify iterator variables

Merge two iterator variables into one, and reduce its scope.

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Remove dead code

This test is impossible.  The limits specified in a2ul() already cover
this.

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Move range check to a2ul() call

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Move range check to a2ul() call

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Move range check to a2ul() calls

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/idmapping.c: get_map_ranges(): Rename local variable

For a pointer iterator used often, a single-letter identifier is more
appropriate.  That reduces the length of lines considerably, avoiding
unnecessary line breaks.  And since we initialize it with

m = mappings;

it's clear what it is.

Link: <https://github.com/shadow-maint/shadow/commit/ff2baed5dbf81e8967b805889f565fedb48600df#r136635300>
Cc: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/limits.c: check_logins(): Report LOGIN_ERROR_LOGIN if str2ul() ERANGE

Fixes: 10396f953613 ("* libmisc/limits.c: Parse the limits, umask, nice, maxlogin, file limit with getlog() / getulong().")
Link: <https://github.com/shadow-maint/shadow/pull/893/commits/882cf59459bc4501b0882a7f02d36c8ce28a30f2>
Cc: Iker Pedrosa <ipedrosa@redhat.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/login_nopam.c: login_access(): Use stpsep() to simplify

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/useradd.c: Use stpsep() to simplify

This allows using plain strcmp(3) instead of MATCH().

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/nss.c: nss_init(): Use stpsep() instead of strtok_r(3)

Signed-off-by: Alejandro Colomar <alx@kernel.org>

src/suauth.c: check_su_auth(): Use stpsep() to simplify

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/string/strchr/stpcspn.[ch]: stpcspn(): Remove unused function

Signed-off-by: Alejandro Colomar <alx@kernel.org>

lib/attr.h: ATTR_STRING(): It only accepts one argument

Signed-off-by: Alejandro Colomar <alx@kernel.org>