1 /* $NetBSD: edit.c,v 1.22 2015/10/27 14:47:45 shm Exp $ */ 2 3 /*- 4 * Copyright (c) 1990, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #ifndef lint 34 #if 0 35 static char sccsid[] = "@(#)edit.c 8.3 (Berkeley) 4/2/94"; 36 #else 37 __RCSID("$NetBSD: edit.c,v 1.22 2015/10/27 14:47:45 shm Exp $"); 38 #endif 39 #endif /* not lint */ 40 41 #include <sys/param.h> 42 #include <sys/stat.h> 43 44 #include <ctype.h> 45 #include <err.h> 46 #include <errno.h> 47 #include <paths.h> 48 #include <pwd.h> 49 #include <stdio.h> 50 #include <stdlib.h> 51 #include <string.h> 52 #include <unistd.h> 53 #include <fcntl.h> 54 #include <util.h> 55 56 #include "chpass.h" 57 58 void 59 edit(char *tempname, struct passwd *pw) 60 { 61 struct stat begin, end; 62 63 for (;;) { 64 if (stat(tempname, &begin)) 65 (*Pw_error)(tempname, 1, 1); 66 pw_edit(1, tempname); 67 if (stat(tempname, &end)) 68 (*Pw_error)(tempname, 1, 1); 69 if (begin.st_mtime == end.st_mtime) { 70 warnx("no changes made"); 71 (*Pw_error)(NULL, 0, 0); 72 } 73 if (verify(tempname, pw)) 74 break; 75 #ifdef YP 76 if (use_yp) 77 yppw_prompt(); 78 else 79 #endif 80 pw_prompt(); 81 } 82 } 83 84 /* 85 * display -- 86 * print out the file for the user to edit; strange side-effect: 87 * set conditional flag if the user gets to edit the shell. 88 */ 89 void 90 display(char *tempname, int fd, struct passwd *pw) 91 { 92 FILE *fp; 93 char *bp, *p; 94 char chgstr[256], expstr[256]; 95 96 if (!(fp = fdopen(fd, "w"))) 97 (*Pw_error)(tempname, 1, 1); 98 99 (void)fprintf(fp, 100 "#Changing user %sdatabase information for %s.\n", 101 use_yp ? "YP " : "", pw->pw_name); 102 if (!uid) { 103 (void)fprintf(fp, "Login: %s\n", pw->pw_name); 104 (void)fprintf(fp, "Password: %s\n", pw->pw_passwd); 105 (void)fprintf(fp, "Uid [#]: %d\n", pw->pw_uid); 106 (void)fprintf(fp, "Gid [# or name]: %d\n", pw->pw_gid); 107 (void)fprintf(fp, "Change [month day year]: %s\n", 108 ttoa(chgstr, sizeof chgstr, pw->pw_change)); 109 (void)fprintf(fp, "Expire [month day year]: %s\n", 110 ttoa(expstr, sizeof expstr, pw->pw_expire)); 111 (void)fprintf(fp, "Class: %s\n", pw->pw_class); 112 (void)fprintf(fp, "Home directory: %s\n", pw->pw_dir); 113 (void)fprintf(fp, "Shell: %s\n", 114 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 115 } 116 /* Only admin can change "restricted" shells. */ 117 else if (ok_shell(pw->pw_shell)) 118 /* 119 * Make shell a restricted field. Ugly with a 120 * necklace, but there's not much else to do. 121 */ 122 (void)fprintf(fp, "Shell: %s\n", 123 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 124 else 125 list[E_SHELL].restricted = 1; 126 bp = strdup(pw->pw_gecos); 127 if (!bp) { 128 err(1, "strdup"); 129 /*NOTREACHED*/ 130 } 131 p = strsep(&bp, ","); 132 (void)fprintf(fp, "Full Name: %s\n", p ? p : ""); 133 p = strsep(&bp, ","); 134 (void)fprintf(fp, "Location: %s\n", p ? p : ""); 135 p = strsep(&bp, ","); 136 (void)fprintf(fp, "Office Phone: %s\n", p ? p : ""); 137 p = strsep(&bp, ","); 138 (void)fprintf(fp, "Home Phone: %s\n", p ? p : ""); 139 140 (void)fchown(fd, getuid(), getgid()); 141 (void)fclose(fp); 142 free(bp); 143 } 144 145 int 146 verify(char *tempname, struct passwd *pw) 147 { 148 ENTRY *ep; 149 char *p; 150 struct stat sb; 151 FILE *fp = NULL; 152 int len, fd; 153 static char buf[LINE_MAX]; 154 155 if ((fd = open(tempname, O_RDONLY|O_NOFOLLOW)) == -1 || 156 (fp = fdopen(fd, "r")) == NULL) 157 (*Pw_error)(tempname, 1, 1); 158 if (fstat(fd, &sb)) 159 (*Pw_error)(tempname, 1, 1); 160 if (sb.st_size == 0 || sb.st_nlink != 1) { 161 warnx("corrupted temporary file"); 162 goto bad; 163 } 164 while (fgets(buf, sizeof(buf), fp)) { 165 if (!buf[0] || buf[0] == '#') 166 continue; 167 if (!(p = strchr(buf, '\n'))) { 168 warnx("line too long"); 169 goto bad; 170 } 171 *p = '\0'; 172 for (ep = list;; ++ep) { 173 if (!ep->prompt) { 174 warnx("unrecognized field"); 175 goto bad; 176 } 177 if (!strncasecmp(buf, ep->prompt, ep->len)) { 178 if (ep->restricted && uid) { 179 warnx( 180 "you may not change the %s field", 181 ep->prompt); 182 goto bad; 183 } 184 if (!(p = strchr(buf, ':'))) { 185 warnx("line corrupted"); 186 goto bad; 187 } 188 while (isspace((unsigned char)*++p)); 189 if (ep->except && strpbrk(p, ep->except)) { 190 warnx( 191 "illegal character in the \"%s\" field", 192 ep->prompt); 193 goto bad; 194 } 195 if ((ep->func)(p, pw, ep)) { 196 bad: (void)fclose(fp); 197 return (0); 198 } 199 break; 200 } 201 } 202 } 203 (void)fclose(fp); 204 205 /* Build the gecos field. */ 206 len = strlen(list[E_NAME].save) + strlen(list[E_BPHONE].save) + 207 strlen(list[E_HPHONE].save) + strlen(list[E_LOCATE].save) + 4; 208 if (!(p = malloc(len))) 209 err(1, "malloc"); 210 (void)snprintf(p, len, "%s,%s,%s,%s", list[E_NAME].save, 211 list[E_LOCATE].save, list[E_BPHONE].save, list[E_HPHONE].save); 212 pw->pw_gecos = p; 213 214 if (snprintf(buf, sizeof(buf), 215 "%s:%s:%d:%d:%s:%lu:%lu:%s:%s:%s", 216 pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class, 217 (u_long)pw->pw_change, (u_long)pw->pw_expire, pw->pw_gecos, 218 pw->pw_dir, pw->pw_shell) >= (int)sizeof(buf)) { 219 warnx("entries too long"); 220 return (0); 221 } 222 return (pw_scan(buf, pw, NULL)); 223 } 224
Indexes created Sat Sep 20 22:09:52 GMT 2025