shadow-maint · alejandro-colomar · May 19, 2026 · alejandro-colomar · May 19, 2026
diff --git a/lib/pam_pass_non_interactive.c b/lib/pam_pass_non_interactive.c
@@ -126,18 +126,18 @@ int do_pam_passwd_non_interactive (const char *pam_service,
 	ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
 	if (ret != PAM_SUCCESS) {
 		fprintf (log_get_logfd(),
-		         _("%s: (user %s) pam_start failure %d\n"),
-		         log_get_progname(), username, ret);
+		         _("%s: pam_start failure %d\n"),
+		         log_get_progname(), ret);
 		return 1;
 	}
 
 	non_interactive_password = password;
 	ret = pam_chauthtok (pamh, 0);
 	if (ret != PAM_SUCCESS) {
 		fprintf (log_get_logfd(),
-		         _("%s: (user %s) pam_chauthtok() failed, error:\n"
+		         _("%s: pam_chauthtok() failed, error:\n"
 		           "%s\n"),
-		         log_get_progname(), username, pam_strerror (pamh, ret));
+		         log_get_progname(), pam_strerror (pamh, ret));
 	}
 
 	(void) pam_end (pamh, PAM_SUCCESS);

diff --git a/src/chfn.c b/src/chfn.c
@@ -19,7 +19,6 @@
 #include <sys/types.h>
 #include <getopt.h>
 
-#include "chkname.h"
 #include "defines.h"
 /*@-exitarg@*/
 #include "exitcodes.h"
@@ -434,8 +433,7 @@ static void update_gecos(const char *user, char *gecos, const struct option_flag
 	pw = pw_locate (user);
 	if (NULL == pw) {
 		fprintf (stderr,
-		         _("%s: user '%s' does not exist in %s\n"),
-		         Prog, user, pw_dbname ());
+		         _("%s: user does not exist in %s\n"), Prog, pw_dbname());
 		fail_exit (E_NOPERM, process_selinux);
 	}
 
@@ -604,15 +602,10 @@ int main (int argc, char **argv)
 	 * name, or the name getlogin() returns.
 	 */
 	if (optind < argc) {
-		if (!is_valid_user_name (argv[optind])) {
-			fprintf (stderr, _("%s: Provided user name is not a valid name\n"), Prog);
-			fail_exit (E_NOPERM, process_selinux);
-		}
 		user = argv[optind];
 		pw = xgetpwnam (user);
 		if (NULL == pw) {
-			fprintf (stderr, _("%s: user '%s' does not exist\n"), Prog,
-			         user);
+			fprintf(stderr, _("%s: user does not exist\n"), Prog);
 			fail_exit (E_NOPERM, process_selinux);
 		}
 	} else {
@@ -641,7 +634,7 @@ int main (int argc, char **argv)
 	 * user interactively change them.
 	 */
 	if (!fflg && !rflg && !wflg && !hflg && !oflg) {
-		printf (_("Changing the user information for %s\n"), user);
+		printf (_("Changing information for user %ju\n"), (uintmax_t) pw->pw_uid);
 		new_fields ();
 	}
 
@@ -661,14 +654,14 @@ int main (int argc, char **argv)
 		p = seprintf(p, e, ",%s", slop);
 
 	if (p == e || p == NULL) {
-		fprintf (stderr, _("%s: fields too long\n"), Prog);
+		fprintf(stderr, _("%s: fields too long\n"), Prog);
 		fail_exit (E_NOPERM, process_selinux);
 	}
 
 	/* Rewrite the user's gecos in the passwd file */
 	update_gecos (user, new_gecos, &flags);
 
-	SYSLOG(LOG_INFO, "changed user '%s' information", user);
+	SYSLOG(LOG_INFO, "changed user %ju information", (uintmax_t) pw->pw_uid);
 
 	nscd_flush_cache ("passwd");
 	sssd_flush_cache (SSSD_DB_PASSWD);

diff --git a/src/chsh.c b/src/chsh.c
@@ -17,7 +17,6 @@
 #include <stdio.h>
 #include <sys/types.h>
 
-#include "chkname.h"
 #include "defines.h"
 /*@-exitarg@*/
 #include "exitcodes.h"
@@ -413,8 +412,7 @@ static void update_shell (const char *user, char *newshell, const struct option_
 	pw = pw_locate (user);
 	if (NULL == pw) {
 		fprintf (stderr,
-		         _("%s: user '%s' does not exist in %s\n"),
-		         Prog, user, pw_dbname ());
+		         _("%s: user does not exist in %s\n"), Prog, pw_dbname());
 		fail_exit (1, process_selinux);
 	}
 
@@ -493,15 +491,10 @@ int main (int argc, char **argv)
 	 * name, or the name getlogin() returns.
 	 */
 	if (optind < argc) {
-		if (!is_valid_user_name (argv[optind])) {
-			fprintf (stderr, _("%s: Provided user name is not a valid name\n"), Prog);
-			fail_exit (1, process_selinux);
-		}
 		user = argv[optind];
 		pw = xgetpwnam (user);
 		if (NULL == pw) {
-			fprintf (stderr,
-			         _("%s: user '%s' does not exist\n"), Prog, user);
+			fprintf(stderr, _("%s: user does not exist\n"), Prog);
 			fail_exit (1, process_selinux);
 		}
 	} else {
@@ -532,7 +525,7 @@ int main (int argc, char **argv)
 	 * interactively change it.
 	 */
 	if (!sflg) {
-		printf (_("Changing the login shell for %s\n"), user);
+		printf(_("Changing the login shell for %ju\n"), (uintmax_t) pw->pw_uid);
 		new_fields ();
 	}
 
@@ -571,7 +564,7 @@ int main (int argc, char **argv)
 
 	update_shell (user, loginsh, &flags);
 
-	SYSLOG(LOG_INFO, "changed user '%s' shell to '%s'", user, loginsh);
+	SYSLOG(LOG_INFO, "changed user %ju shell to '%s'", (uintmax_t) pw->pw_uid, loginsh);
 
 	nscd_flush_cache ("passwd");
 	sssd_flush_cache (SSSD_DB_PASSWD);

diff --git a/src/newgrp.c b/src/newgrp.c
@@ -19,7 +19,6 @@
 #include "agetpass.h"
 #include "alloc/malloc.h"
 #include "alloc/realloc.h"
-#include "chkname.h"
 #include "defines.h"
 /*@-exitarg@*/
 #include "exitcodes.h"
@@ -60,10 +59,8 @@
 
 /* local function prototypes */
 static void usage (void);
-static void check_perms (const struct group *grp,
-                         struct passwd *pwd,
-                         const char *groupname);
-static void syslog_sg (const char *name, const char *group);
+static void check_perms(const struct group *grp, struct passwd *pwd);
+static void syslog_sg(const char *name, gid_t group);
 
 /*
  * usage - print command usage message
@@ -125,9 +122,8 @@
  *
  *	It will not return if the user could not be authenticated.
  */
-static void check_perms (const struct group *grp,
-                         struct passwd *pwd,
-                         const char *groupname)
+static void
+check_perms(const struct group *grp, struct passwd *pwd)
 {
 	bool needspasswd = false;
 	struct spwd *spwd;
@@ -192,8 +188,8 @@
 			         _("%s: failed to crypt password with previous salt: %s\n"),
 			        Prog, strerrno());
 			SYSLOG(LOG_INFO,
-			       "Failed to crypt password with previous salt of group '%s'",
-			       groupname);
+			       "Failed to crypt password with previous salt of group %ju",
+			       (uintmax_t) grp->gr_gid);
 			goto failure;
 		}
 
@@ -206,8 +202,8 @@
 			              audit_buf, NULL, getuid (), SHADOW_AUDIT_FAILURE);
 #endif
 			SYSLOG(LOG_INFO,
-				"Invalid password for group '%s' from '%s'",
-				groupname, pwd->pw_name);
+				"Invalid password for group %ju from '%s'",
+				(uintmax_t) grp->gr_gid, pwd->pw_name);
 			(void) sleep (1);
 			(void) fputs (_("Invalid password.\n"), stderr);
 			goto failure;
@@ -236,7 +232,8 @@
  *	The logout will also be logged when the user will quit the
  *	sg/newgrp session.
  */
-static void syslog_sg (const char *name, const char *group)
+static void
+syslog_sg(const char *name, gid_t group)
 {
 	const char *loginname = getlogin ();
 	const char *tty = ttyname (0);
@@ -259,8 +256,8 @@
 	}
 	tty = strprefix(tty, "/dev/") ?: tty;
 
-	SYSLOG(LOG_INFO, "user '%s' (login '%s' on %s) switched to group '%s'",
-		name, loginname, tty, group);
+	SYSLOG(LOG_INFO, "user '%s' (login '%s' on %s) switched to group %ju",
+	       name, loginname, tty, (uintmax_t) group);
 #ifdef USE_PAM
 	/*
 	 * We want to fork and exec the new shell in the child, leaving the
@@ -298,15 +295,9 @@
 			fprintf (stderr, _("%s: failure forking: %s\n"),
 				is_newgrp ? "newgrp" : "sg", strerrno());
 #ifdef WITH_AUDIT
-			if (group) {
-				audit_logger_with_group(AUDIT_CHGRP_ID, "changing", NULL,
-							getuid(), "new_group", group,
-							SHADOW_AUDIT_FAILURE);
-			} else {
-				audit_logger (AUDIT_CHGRP_ID,
-				              "changing", NULL, getuid(),
-				              SHADOW_AUDIT_FAILURE);
-			}
+			audit_logger(AUDIT_CHGRP_ID,
+			             "changing", NULL, getuid(),
+			             SHADOW_AUDIT_FAILURE);
 #endif
 			exit (EXIT_FAILURE);
 		} else if (child != 0) {
@@ -480,12 +471,6 @@
 		 * not "newgrp".
 		 */
 		if ((argc > 0) && (argv[0][0] != '-')) {
-			if (!is_valid_group_name (argv[0])) {
-				fprintf (
-					stderr, _("%s: provided group is not a valid group name\n"),
-					Prog);
-				goto failure;
-			}
 			group = argv[0];
 			argc--;
 			argv++;
@@ -516,12 +501,6 @@
 			usage ();
 			goto failure;
 		} else if (argv[0] != NULL) {
-			if (!is_valid_group_name (argv[0])) {
-				fprintf (
-					stderr, _("%s: provided group is not a valid group name\n"),
-					Prog);
-				goto failure;
-			}
 			group = argv[0];
 		} else {
 			/*
@@ -555,13 +534,8 @@
 	if (gids == NULL) {
 		perror("agetgroups");
 #ifdef WITH_AUDIT
-		if (group) {
-			audit_logger_with_group(AUDIT_CHGRP_ID, "changing", NULL, getuid(),
-						"new_group", group, SHADOW_AUDIT_FAILURE);
-		} else {
-			audit_logger(AUDIT_CHGRP_ID,
-				     "changing", NULL, getuid(), SHADOW_AUDIT_FAILURE);
-		}
+		audit_logger(AUDIT_CHGRP_ID,
+		             "changing", NULL, getuid(), SHADOW_AUDIT_FAILURE);
 #endif
 		exit(EXIT_FAILURE);
 	}
@@ -608,7 +582,7 @@
 	 */
 	grp = getgrnam (group); /* local, no need for xgetgrnam */
 	if (NULL == grp) {
-		fprintf (stderr, _("%s: group '%s' does not exist\n"), Prog, group);
+		fprintf(stderr, _("%s: group does not exist\n"), Prog);
 		goto failure;
 	}
 
@@ -645,19 +619,16 @@
 	}
 #endif
 
-	/*
-	 * Check if the user is allowed to access this group.
-	 */
-	if (!is_member) {
-		check_perms (grp, pwd, group);
-	}
+	// Check if the user is allowed to access this group.
+	if (!is_member)
+		check_perms(grp, pwd);
 
 	/*
 	 * all successful validations pass through this point. The group id
 	 * will be set, and the group added to the concurrent groupset.
 	 */
 	if (getdef_bool ("SYSLOG_SG_ENAB")) {
-		syslog_sg (name, group);
+		syslog_sg (name, grp->gr_gid);
 	}
 
 	gid = grp->gr_gid;
@@ -814,14 +785,7 @@
 	 */
 	closelog ();
 #ifdef WITH_AUDIT
-	if (NULL != group) {
-		audit_logger_with_group(AUDIT_CHGRP_ID, "changing", NULL,
-					getuid(), "new_group", group,
-					SHADOW_AUDIT_FAILURE);
-	} else {
-		audit_logger (AUDIT_CHGRP_ID,
-		              "changing", NULL, getuid (), 0);
-	}
+	audit_logger(AUDIT_CHGRP_ID, "changing", NULL, getuid(), 0);
 #endif
 	exit (EXIT_FAILURE);
 }