]> git.cameronkatri.com Git - pw-darwin.git/blob - chpass/chpass.c
git.ckatri.com / pw-darwin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Implement incremental passwd database updates. This is done by ading a '-u'
[pw-darwin.git] / chpass / chpass.c
1 /*-
2 * Copyright (c) 1988, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34 #ifndef lint
35 static char copyright[] =
36 "@(#) Copyright (c) 1988, 1993, 1994\n\
37 The Regents of the University of California. All rights reserved.\n";
38 #endif /* not lint */
39
40 #ifndef lint
41 static char sccsid[] = "From: @(#)chpass.c 8.4 (Berkeley) 4/2/94";
42 static char rcsid[] =
43 "$Id: chpass.c,v 1.8 1996/05/25 01:05:17 wpaul Exp $";
44 #endif /* not lint */
45
46 #include <sys/param.h>
47 #include <sys/stat.h>
48 #include <sys/signal.h>
49 #include <sys/time.h>
50 #include <sys/resource.h>
51
52 #include <ctype.h>
53 #include <err.h>
54 #include <errno.h>
55 #include <fcntl.h>
56 #include <pwd.h>
57 #include <stdio.h>
58 #include <stdlib.h>
59 #include <string.h>
60 #include <unistd.h>
61
62 #include <pw_scan.h>
63 #include <pw_util.h>
64 #include "pw_copy.h"
65 #ifdef YP
66 #include <rpcsvc/yp.h>
67 int yp_errno = YP_TRUE;
68 #include "pw_yp.h"
69 #endif
70
71 #include "chpass.h"
72 #include "pathnames.h"
73
74 char *tempname;
75 uid_t uid;
76
77 void baduser __P((void));
78 void usage __P((void));
79
80 int
81 main(argc, argv)
82 int argc;
83 char **argv;
84 {
85 enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW } op;
86 struct passwd *pw, lpw;
87 char *username;
88 int ch, pfd, tfd;
89 char *arg;
90 #ifdef YP
91 int force_local = 0;
92 int force_yp = 0;
93 #endif
94
95 op = EDITENTRY;
96 #ifdef YP
97 while ((ch = getopt(argc, argv, "a:p:s:d:h:oly")) != EOF)
98 #else
99 while ((ch = getopt(argc, argv, "a:p:s:")) != EOF)
100 #endif
101 switch(ch) {
102 case 'a':
103 op = LOADENTRY;
104 arg = optarg;
105 break;
106 case 's':
107 op = NEWSH;
108 arg = optarg;
109 break;
110 case 'p':
111 op = NEWPW;
112 arg = optarg;
113 break;
114 #ifdef YP
115 case 'h':
116 #ifdef PARANOID
117 if (getuid()) {
118 warnx("Only the superuser can use the -h flag");
119 } else {
120 #endif
121 yp_server = optarg;
122 #ifdef PARANOID
123 }
124 #endif
125 break;
126 case 'd':
127 #ifdef PARANOID
128 if (getuid()) {
129 warnx("Only the superuser can use the -d flag");
130 } else {
131 #endif
132 yp_domain = optarg;
133 if (yp_server == NULL)
134 yp_server = "localhost";
135 #ifdef PARANOID
136 }
137 #endif
138 break;
139 case 'l':
140 _use_yp = 0;
141 force_local = 1;
142 break;
143 case 'y':
144 _use_yp = force_yp = 1;
145 break;
146 case 'o':
147 force_old++;
148 break;
149 #endif
150 case '?':
151 default:
152 usage();
153 }
154 argc -= optind;
155 argv += optind;
156
157 uid = getuid();
158
159 if (op == EDITENTRY || op == NEWSH || op == NEWPW)
160 switch(argc) {
161 #ifdef YP
162 case 0:
163 GETPWUID(uid)
164 get_yp_master(1); /* XXX just to set the suser flag */
165 break;
166 case 1:
167 GETPWNAM(*argv)
168 get_yp_master(1); /* XXX just to set the suser flag */
169 #else
170 case 0:
171 if (!(pw = getpwuid(uid)))
172 errx(1, "unknown user: uid %u", uid);
173 break;
174 case 1:
175 if (!(pw = getpwnam(*argv)))
176 errx(1, "unknown user: %s", *argv);
177 #endif
178 if (uid && uid != pw->pw_uid)
179 baduser();
180 break;
181 default:
182 usage();
183 }
184 username = pw->pw_name;
185 if (op == NEWSH) {
186 /* protect p_shell -- it thinks NULL is /bin/sh */
187 if (!arg[0])
188 usage();
189 if (p_shell(arg, pw, (ENTRY *)NULL))
190 pw_error((char *)NULL, 0, 1);
191 }
192
193 if (op == LOADENTRY) {
194 if (uid)
195 baduser();
196 pw = &lpw;
197 if (!pw_scan(arg, pw))
198 exit(1);
199 }
200
201 if (op == NEWPW) {
202 if (uid)
203 baduser();
204
205 if(strchr(arg, ':')) {
206 errx(1, "invalid format for password");
207 }
208 pw->pw_passwd = arg;
209 }
210
211 /*
212 * The temporary file/file descriptor usage is a little tricky here.
213 * 1: We start off with two fd's, one for the master password
214 * file (used to lock everything), and one for a temporary file.
215 * 2: Display() gets an fp for the temporary file, and copies the
216 * user's information into it. It then gives the temporary file
217 * to the user and closes the fp, closing the underlying fd.
218 * 3: The user edits the temporary file some number of times.
219 * 4: Verify() gets an fp for the temporary file, and verifies the
220 * contents. It can't use an fp derived from the step #2 fd,
221 * because the user's editor may have created a new instance of
222 * the file. Once the file is verified, its contents are stored
223 * in a password structure. The verify routine closes the fp,
224 * closing the underlying fd.
225 * 5: Delete the temporary file.
226 * 6: Get a new temporary file/fd. Pw_copy() gets an fp for it
227 * file and copies the master password file into it, replacing
228 * the user record with a new one. We can't use the first
229 * temporary file for this because it was owned by the user.
230 * Pw_copy() closes its fp, flushing the data and closing the
231 * underlying file descriptor. We can't close the master
232 * password fp, or we'd lose the lock.
233 * 7: Call pw_mkdb() (which renames the temporary file) and exit.
234 * The exit closes the master passwd fp/fd.
235 */
236 pw_init();
237 pfd = pw_lock();
238 tfd = pw_tmp();
239
240 if (op == EDITENTRY) {
241 display(tfd, pw);
242 edit(pw);
243 (void)unlink(tempname);
244 tfd = pw_tmp();
245 }
246
247 #ifdef YP
248 if (_use_yp) {
249 yp_submit(pw);
250 (void)unlink(tempname);
251 } else {
252 #endif /* YP */
253 pw_copy(pfd, tfd, pw);
254
255 if (!pw_mkdb(username))
256 pw_error((char *)NULL, 0, 1);
257 #ifdef YP
258 }
259 #endif /* YP */
260 exit(0);
261 }
262
263 void
264 baduser()
265 {
266 errx(1, "%s", strerror(EACCES));
267 }
268
269 void
270 usage()
271 {
272
273 (void)fprintf(stderr,
274 #ifdef YP
275 "usage: chpass [-l] [-y] [-d domain [-h host]] [-a list] [-p encpass] [-s shell] [user]\n");
276 #else
277 "usage: chpass [-a list] [-p encpass] [-s shell] [user]\n");
278 #endif
279 exit(1);
280 }
A port of FreeBSDs pw for Darwin