chpass/chpass.c

   1 /*-
   2  * Copyright (c) 1988, 1993, 1994
   3  *      The Regents of the University of California.  All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  * 3. All advertising materials mentioning features or use of this software
  14  *    must display the following acknowledgement:
  15  *      This product includes software developed by the University of
  16  *      California, Berkeley and its contributors.
  17  * 4. Neither the name of the University nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  */
  33
  34 #ifndef lint
  35 static char copyright[] =
  36 "@(#) Copyright (c) 1988, 1993, 1994\n\
  37         The Regents of the University of California.  All rights reserved.\n";
  38 #endif /* not lint */
  39
  40 #ifndef lint
  41 static char sccsid[] = "From: @(#)chpass.c      8.4 (Berkeley) 4/2/94";
  42 static char rcsid[] =
  43         "$Id: chpass.c,v 1.2 1995/01/14 23:14:25 wollman Exp $";
  44 #endif /* not lint */
  45
  46 #include <sys/param.h>
  47 #include <sys/stat.h>
  48 #include <sys/signal.h>
  49 #include <sys/time.h>
  50 #include <sys/resource.h>
  51
  52 #include <ctype.h>
  53 #include <err.h>
  54 #include <errno.h>
  55 #include <fcntl.h>
  56 #include <pwd.h>
  57 #include <stdio.h>
  58 #include <stdlib.h>
  59 #include <string.h>
  60 #include <unistd.h>
  61
  62 #include <pw_scan.h>
  63 #include <pw_util.h>
  64 #include "pw_copy.h"
  65
  66 #include "chpass.h"
  67 #include "pathnames.h"
  68
  69 char *progname = "chpass";
  70 char *tempname;
  71 uid_t uid;
  72
  73 void    baduser __P((void));
  74 void    usage __P((void));
  75
  76 int
  77 main(argc, argv)
  78         int argc;
  79         char **argv;
  80 {
  81         enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW } op;
  82         struct passwd *pw, lpw;
  83         int ch, pfd, tfd;
  84         char *arg;
  85
  86         op = EDITENTRY;
  87         while ((ch = getopt(argc, argv, "a:p:s:")) != EOF)
  88                 switch(ch) {
  89                 case 'a':
  90                         op = LOADENTRY;
  91                         arg = optarg;
  92                         break;
  93                 case 's':
  94                         op = NEWSH;
  95                         arg = optarg;
  96                         break;
  97                 case 'p':
  98                         op = NEWPW;
  99                         arg = optarg;
 100                         break;
 101                 case '?':
 102                 default:
 103                         usage();
 104                 }
 105         argc -= optind;
 106         argv += optind;
 107
 108         uid = getuid();
 109
 110         if (op == EDITENTRY || op == NEWSH || op == NEWPW)
 111                 switch(argc) {
 112                 case 0:
 113                         if (!(pw = getpwuid(uid)))
 114                                 errx(1, "unknown user: uid %u", uid);
 115                         break;
 116                 case 1:
 117                         if (!(pw = getpwnam(*argv)))
 118                                 errx(1, "unknown user: %s", *argv);
 119                         if (uid && uid != pw->pw_uid)
 120                                 baduser();
 121                         break;
 122                 default:
 123                         usage();
 124                 }
 125
 126         if (op == NEWSH) {
 127                 /* protect p_shell -- it thinks NULL is /bin/sh */
 128                 if (!arg[0])
 129                         usage();
 130                 if (p_shell(arg, pw, (ENTRY *)NULL))
 131                         pw_error((char *)NULL, 0, 1);
 132         }
 133
 134         if (op == LOADENTRY) {
 135                 if (uid)
 136                         baduser();
 137                 pw = &lpw;
 138                 if (!pw_scan(arg, pw))
 139                         exit(1);
 140         }
 141
 142         if (op == NEWPW) {
 143                 if (uid)
 144                         baduser();
 145
 146                 if(strchr(arg, ':')) {
 147                         errx(1, "invalid format for password");
 148                 }
 149                 pw->pw_passwd = arg;
 150         }
 151
 152         /*
 153          * The temporary file/file descriptor usage is a little tricky here.
 154          * 1:   We start off with two fd's, one for the master password
 155          *      file (used to lock everything), and one for a temporary file.
 156          * 2:   Display() gets an fp for the temporary file, and copies the
 157          *      user's information into it.  It then gives the temporary file
 158          *      to the user and closes the fp, closing the underlying fd.
 159          * 3:   The user edits the temporary file some number of times.
 160          * 4:   Verify() gets an fp for the temporary file, and verifies the
 161          *      contents.  It can't use an fp derived from the step #2 fd,
 162          *      because the user's editor may have created a new instance of
 163          *      the file.  Once the file is verified, its contents are stored
 164          *      in a password structure.  The verify routine closes the fp,
 165          *      closing the underlying fd.
 166          * 5:   Delete the temporary file.
 167          * 6:   Get a new temporary file/fd.  Pw_copy() gets an fp for it
 168          *      file and copies the master password file into it, replacing
 169          *      the user record with a new one.  We can't use the first
 170          *      temporary file for this because it was owned by the user.
 171          *      Pw_copy() closes its fp, flushing the data and closing the
 172          *      underlying file descriptor.  We can't close the master
 173          *      password fp, or we'd lose the lock.
 174          * 7:   Call pw_mkdb() (which renames the temporary file) and exit.
 175          *      The exit closes the master passwd fp/fd.
 176          */
 177         pw_init();
 178         pfd = pw_lock();
 179         tfd = pw_tmp();
 180
 181         if (op == EDITENTRY) {
 182                 display(tfd, pw);
 183                 edit(pw);
 184                 (void)unlink(tempname);
 185                 tfd = pw_tmp();
 186         }
 187
 188         pw_copy(pfd, tfd, pw);
 189
 190         if (!pw_mkdb())
 191                 pw_error((char *)NULL, 0, 1);
 192         exit(0);
 193 }
 194
 195 void
 196 baduser()
 197 {
 198         errx(1, "%s", strerror(EACCES));
 199 }
 200
 201 void
 202 usage()
 203 {
 204
 205         (void)fprintf(stderr,
 206                 "usage: chpass [-a list] [-p encpass] [-s shell] [user]\n");
 207         exit(1);
 208 }