1 1.35 plunky /* $NetBSD: chpass.c,v 1.35 2011/08/31 16:24:57 plunky Exp $ */ 2 1.5 glass 3 1.1 cgd /*- 4 1.5 glass * Copyright (c) 1988, 1993, 1994 5 1.5 glass * The Regents of the University of California. All rights reserved. 6 1.1 cgd * 7 1.1 cgd * Redistribution and use in source and binary forms, with or without 8 1.1 cgd * modification, are permitted provided that the following conditions 9 1.1 cgd * are met: 10 1.1 cgd * 1. Redistributions of source code must retain the above copyright 11 1.1 cgd * notice, this list of conditions and the following disclaimer. 12 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 cgd * notice, this list of conditions and the following disclaimer in the 14 1.1 cgd * documentation and/or other materials provided with the distribution. 15 1.28 agc * 3. Neither the name of the University nor the names of its contributors 16 1.1 cgd * may be used to endorse or promote products derived from this software 17 1.1 cgd * without specific prior written permission. 18 1.1 cgd * 19 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 1.1 cgd * SUCH DAMAGE. 30 1.1 cgd */ 31 1.1 cgd 32 1.14 lukem #include <sys/cdefs.h> 33 1.1 cgd #ifndef lint 34 1.33 lukem __COPYRIGHT("@(#) Copyright (c) 1988, 1993, 1994\ 35 1.33 lukem The Regents of the University of California. All rights reserved."); 36 1.1 cgd #endif /* not lint */ 37 1.1 cgd 38 1.1 cgd #ifndef lint 39 1.5 glass #if 0 40 1.5 glass static char sccsid[] = "@(#)chpass.c 8.4 (Berkeley) 4/2/94"; 41 1.5 glass #else 42 1.35 plunky __RCSID("$NetBSD: chpass.c,v 1.35 2011/08/31 16:24:57 plunky Exp $"); 43 1.5 glass #endif 44 1.1 cgd #endif /* not lint */ 45 1.1 cgd 46 1.1 cgd #include <sys/param.h> 47 1.1 cgd #include <sys/stat.h> 48 1.1 cgd #include <sys/time.h> 49 1.1 cgd #include <sys/resource.h> 50 1.5 glass 51 1.5 glass #include <ctype.h> 52 1.5 glass #include <err.h> 53 1.5 glass #include <errno.h> 54 1.1 cgd #include <fcntl.h> 55 1.1 cgd #include <pwd.h> 56 1.1 cgd #include <stdio.h> 57 1.5 glass #include <stdlib.h> 58 1.1 cgd #include <string.h> 59 1.5 glass #include <unistd.h> 60 1.8 jtc #include <util.h> 61 1.31 elad #include <libgen.h> 62 1.5 glass 63 1.1 cgd #include "chpass.h" 64 1.1 cgd #include "pathnames.h" 65 1.9 thorpej 66 1.31 elad static char tempname[] = "/tmp/pw.XXXXXX"; 67 1.1 cgd uid_t uid; 68 1.9 thorpej int use_yp; 69 1.9 thorpej 70 1.29 xtraeme void (*Pw_error)(const char *, int, int); 71 1.1 cgd 72 1.2 brezak #ifdef YP 73 1.29 xtraeme extern int _yp_check(char **); /* buried deep inside libc */ 74 1.2 brezak #endif 75 1.2 brezak 76 1.34 joerg __dead static void baduser(void); 77 1.34 joerg static void cleanup(void); 78 1.34 joerg __dead static void usage(void); 79 1.5 glass 80 1.5 glass int 81 1.29 xtraeme main(int argc, char **argv) 82 1.1 cgd { 83 1.5 glass enum { NEWSH, LOADENTRY, EDITENTRY } op; 84 1.12 phil struct passwd *pw, lpw, old_pw; 85 1.26 enami int ch, dfd, pfd, tfd; 86 1.26 enami #ifdef YP 87 1.30 lukem int yflag = 0; 88 1.26 enami #endif 89 1.25 enami char *arg, *username = NULL; 90 1.1 cgd 91 1.13 mikel #ifdef __GNUC__ 92 1.13 mikel pw = NULL; /* XXX gcc -Wuninitialized */ 93 1.13 mikel arg = NULL; 94 1.13 mikel #endif 95 1.2 brezak #ifdef YP 96 1.4 deraadt use_yp = _yp_check(NULL); 97 1.2 brezak #endif 98 1.2 brezak 99 1.1 cgd op = EDITENTRY; 100 1.13 mikel while ((ch = getopt(argc, argv, "a:s:ly")) != -1) 101 1.25 enami switch (ch) { 102 1.1 cgd case 'a': 103 1.1 cgd op = LOADENTRY; 104 1.1 cgd arg = optarg; 105 1.1 cgd break; 106 1.1 cgd case 's': 107 1.1 cgd op = NEWSH; 108 1.1 cgd arg = optarg; 109 1.1 cgd break; 110 1.4 deraadt case 'l': 111 1.4 deraadt use_yp = 0; 112 1.4 deraadt break; 113 1.4 deraadt case 'y': 114 1.9 thorpej #ifdef YP 115 1.9 thorpej if (!use_yp) 116 1.9 thorpej errx(1, "YP not in use."); 117 1.10 thorpej yflag = 1; 118 1.9 thorpej #else 119 1.9 thorpej errx(1, "YP support not compiled in."); 120 1.9 thorpej #endif 121 1.4 deraadt break; 122 1.1 cgd default: 123 1.1 cgd usage(); 124 1.1 cgd } 125 1.1 cgd argc -= optind; 126 1.1 cgd argv += optind; 127 1.1 cgd 128 1.10 thorpej uid = getuid(); 129 1.10 thorpej switch (argc) { 130 1.10 thorpej case 0: 131 1.10 thorpej /* nothing */ 132 1.10 thorpej break; 133 1.10 thorpej 134 1.10 thorpej case 1: 135 1.10 thorpej username = argv[0]; 136 1.10 thorpej break; 137 1.10 thorpej 138 1.10 thorpej default: 139 1.10 thorpej usage(); 140 1.10 thorpej } 141 1.10 thorpej 142 1.10 thorpej #ifdef YP 143 1.10 thorpej /* 144 1.10 thorpej * We need to determine if we _really_ want to use YP. 145 1.10 thorpej * If we defaulted to YP (i.e. were not given the -y flag), 146 1.10 thorpej * and the master is not running rpc.yppasswdd, we check 147 1.10 thorpej * to see if the user exists in the local passwd database. 148 1.10 thorpej * If so, we use it, otherwise we error out. 149 1.10 thorpej */ 150 1.10 thorpej if (use_yp && yflag == 0) { 151 1.10 thorpej if (check_yppasswdd()) { 152 1.10 thorpej /* 153 1.10 thorpej * We weren't able to contact rpc.yppasswdd. 154 1.10 thorpej * Check to see if we're in the local 155 1.10 thorpej * password database. If we are, use it. 156 1.10 thorpej */ 157 1.10 thorpej if (username != NULL) 158 1.10 thorpej pw = getpwnam(username); 159 1.10 thorpej else 160 1.10 thorpej pw = getpwuid(uid); 161 1.10 thorpej if (pw != NULL) 162 1.10 thorpej use_yp = 0; 163 1.10 thorpej else { 164 1.25 enami warnx("master YP server not running yppasswd" 165 1.25 enami " daemon."); 166 1.25 enami errx(1, "Can't change password."); 167 1.10 thorpej } 168 1.10 thorpej } 169 1.10 thorpej } 170 1.10 thorpej #endif 171 1.10 thorpej 172 1.9 thorpej #ifdef YP 173 1.9 thorpej if (use_yp) 174 1.9 thorpej Pw_error = yppw_error; 175 1.9 thorpej else 176 1.9 thorpej #endif 177 1.9 thorpej Pw_error = pw_error; 178 1.9 thorpej 179 1.2 brezak #ifdef YP 180 1.5 glass if (op == LOADENTRY && use_yp) 181 1.25 enami errx(1, "cannot load entry using YP.\n" 182 1.25 enami "\tUse the -l flag to load local."); 183 1.2 brezak #endif 184 1.1 cgd 185 1.10 thorpej if (op == EDITENTRY || op == NEWSH) { 186 1.11 cjs if (username != NULL) { 187 1.20 phil pw = getpwnam(username); 188 1.10 thorpej if (pw == NULL) 189 1.10 thorpej errx(1, "unknown user: %s", username); 190 1.10 thorpej if (uid && uid != pw->pw_uid) 191 1.10 thorpej baduser(); 192 1.10 thorpej } else { 193 1.20 phil pw = getpwuid(uid); 194 1.10 thorpej if (pw == NULL) 195 1.23 itojun errx(1, "unknown user: uid %u", uid); 196 1.1 cgd } 197 1.18 mjl 198 1.18 mjl /* Make a copy for later verification */ 199 1.18 mjl old_pw = *pw; 200 1.18 mjl old_pw.pw_gecos = strdup(old_pw.pw_gecos); 201 1.27 itojun if (!old_pw.pw_gecos) { 202 1.27 itojun err(1, "strdup"); 203 1.27 itojun /*NOTREACHED*/ 204 1.27 itojun } 205 1.10 thorpej } 206 1.1 cgd 207 1.1 cgd if (op == NEWSH) { 208 1.1 cgd /* protect p_shell -- it thinks NULL is /bin/sh */ 209 1.1 cgd if (!arg[0]) 210 1.1 cgd usage(); 211 1.17 thorpej if (p_shell(arg, pw, NULL)) 212 1.17 thorpej (*Pw_error)(NULL, 0, 1); 213 1.1 cgd } 214 1.1 cgd 215 1.1 cgd if (op == LOADENTRY) { 216 1.1 cgd if (uid) 217 1.1 cgd baduser(); 218 1.1 cgd pw = &lpw; 219 1.17 thorpej if (!pw_scan(arg, pw, NULL)) 220 1.1 cgd exit(1); 221 1.1 cgd } 222 1.1 cgd 223 1.8 jtc /* Edit the user passwd information if requested. */ 224 1.1 cgd if (op == EDITENTRY) { 225 1.31 elad struct stat sb; 226 1.31 elad 227 1.8 jtc dfd = mkstemp(tempname); 228 1.17 thorpej if (dfd < 0 || fcntl(dfd, F_SETFD, 1) < 0) 229 1.15 mrg (*Pw_error)(tempname, 1, 1); 230 1.25 enami if (atexit(cleanup)) { 231 1.25 enami cleanup(); 232 1.25 enami errx(1, "couldn't register cleanup"); 233 1.25 enami } 234 1.31 elad if (stat(dirname(tempname), &sb) == -1) 235 1.31 elad err(1, "couldn't stat `%s'", dirname(tempname)); 236 1.31 elad if (!(sb.st_mode & S_ISTXT)) 237 1.31 elad errx(1, "temporary directory `%s' is not sticky", 238 1.31 elad dirname(tempname)); 239 1.31 elad 240 1.8 jtc display(tempname, dfd, pw); 241 1.8 jtc edit(tempname, pw); 242 1.1 cgd } 243 1.8 jtc 244 1.2 brezak #ifdef YP 245 1.4 deraadt if (use_yp) { 246 1.4 deraadt if (pw_yp(pw, uid)) 247 1.35 plunky yppw_error(NULL, 0, 1); 248 1.4 deraadt else 249 1.4 deraadt exit(0); 250 1.12 phil /* Will not exit from this if. */ 251 1.4 deraadt } 252 1.2 brezak #endif /* YP */ 253 1.8 jtc 254 1.12 phil 255 1.12 phil /* 256 1.12 phil * Get the passwd lock file and open the passwd file for 257 1.12 phil * reading. 258 1.12 phil */ 259 1.12 phil pw_init(); 260 1.12 phil tfd = pw_lock(0); 261 1.12 phil if (tfd < 0) { 262 1.16 thorpej if (errno != EEXIST) 263 1.19 itojun err(1, "%s", _PATH_MASTERPASSWD_LOCK); 264 1.16 thorpej warnx("The passwd file is busy, waiting..."); 265 1.12 phil tfd = pw_lock(10); 266 1.16 thorpej if (tfd < 0) { 267 1.16 thorpej if (errno != EEXIST) 268 1.19 itojun err(1, "%s", _PATH_MASTERPASSWD_LOCK); 269 1.12 phil errx(1, "The passwd file is still busy, " 270 1.12 phil "try again later."); 271 1.16 thorpej } 272 1.12 phil } 273 1.17 thorpej if (fcntl(tfd, F_SETFD, 1) < 0) 274 1.17 thorpej pw_error(_PATH_MASTERPASSWD_LOCK, 1, 1); 275 1.12 phil 276 1.12 phil pfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0); 277 1.17 thorpej if (pfd < 0 || fcntl(pfd, F_SETFD, 1) < 0) 278 1.12 phil pw_error(_PATH_MASTERPASSWD, 1, 1); 279 1.12 phil 280 1.8 jtc /* Copy the passwd file to the lock file, updating pw. */ 281 1.18 mjl pw_copy(pfd, tfd, pw, (op == LOADENTRY) ? NULL : &old_pw); 282 1.1 cgd 283 1.32 hubertf close(pfd); 284 1.32 hubertf close(tfd); 285 1.32 hubertf 286 1.8 jtc /* Now finish the passwd file update. */ 287 1.22 ad if (pw_mkdb(username, 0) < 0) 288 1.17 thorpej pw_error(NULL, 0, 1); 289 1.2 brezak 290 1.1 cgd exit(0); 291 1.1 cgd } 292 1.1 cgd 293 1.34 joerg static void 294 1.29 xtraeme baduser(void) 295 1.1 cgd { 296 1.5 glass 297 1.5 glass errx(1, "%s", strerror(EACCES)); 298 1.1 cgd } 299 1.1 cgd 300 1.34 joerg static void 301 1.29 xtraeme usage(void) 302 1.1 cgd { 303 1.5 glass 304 1.25 enami (void)fprintf(stderr, 305 1.25 enami "usage: %s [-a list] [-s shell] [-l] [user]\n" 306 1.25 enami " %s [-a list] [-s shell] [-y] [user]\n", 307 1.25 enami getprogname(), getprogname()); 308 1.1 cgd exit(1); 309 1.25 enami } 310 1.25 enami 311 1.34 joerg static void 312 1.29 xtraeme cleanup(void) 313 1.25 enami { 314 1.25 enami 315 1.25 enami (void)unlink(tempname); 316 1.1 cgd } 317
Indexes created Sun Sep 21 14:09:52 GMT 2025