]> git.cameronkatri.com Git - pw-darwin.git/blob - pw/pw_group.c
git.ckatri.com / pw-darwin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Copyright update by the author, to be more in line with our sample
[pw-darwin.git] / pw / pw_group.c
1 /*-
2 * Copyright (C) 1996
3 * David L. Nugent. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY DAVID L. NUGENT AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL DAVID L. NUGENT OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $Id: pw_group.c,v 1.1.1.2 1996/12/09 23:55:25 joerg Exp $
27 */
28
29 #include <unistd.h>
30 #include <ctype.h>
31 #include <termios.h>
32
33 #include "pw.h"
34 #include "bitmap.h"
35
36
37 static int print_group(struct group * grp, int pretty);
38 static gid_t gr_gidpolicy(struct userconf * cnf, struct cargs * args);
39
40 int
41 pw_group(struct userconf * cnf, int mode, struct cargs * args)
42 {
43 struct carg *a_name = getarg(args, 'n');
44 struct carg *a_gid = getarg(args, 'g');
45 struct carg *arg;
46 struct group *grp = NULL;
47 char *members[_UC_MAXGROUPS];
48
49 static struct group fakegroup =
50 {
51 "nogroup",
52 "*",
53 -1,
54 NULL
55 };
56
57 /*
58 * With M_NEXT, we only need to return the
59 * next gid to stdout
60 */
61 if (mode == M_NEXT)
62 {
63 gid_t next = gr_gidpolicy(cnf, args);
64 if (getarg(args, 'q'))
65 return next;
66 printf("%ld\n", (long)next);
67 return EXIT_SUCCESS;
68 }
69
70 if (mode == M_PRINT && getarg(args, 'a')) {
71 int pretty = getarg(args, 'P') != NULL;
72
73 setgrent();
74 while ((grp = getgrent()) != NULL)
75 print_group(grp, pretty);
76 endgrent();
77 return EXIT_SUCCESS;
78 }
79 if (a_gid == NULL) {
80 if (a_name == NULL)
81 cmderr(EX_DATAERR, "group name or id required\n");
82
83 if (mode != M_ADD && grp == NULL && isdigit(*a_name->val)) {
84 (a_gid = a_name)->ch = 'g';
85 a_name = NULL;
86 }
87 }
88 grp = (a_name != NULL) ? getgrnam(a_name->val) : getgrgid((gid_t) atoi(a_gid->val));
89
90 if (mode == M_UPDATE || mode == M_DELETE || mode == M_PRINT) {
91 if (a_name == NULL && grp == NULL) /* Try harder */
92 grp = getgrgid(atoi(a_gid->val));
93
94 if (grp == NULL) {
95 if (mode == M_PRINT && getarg(args, 'F')) {
96 fakegroup.gr_name = a_name ? a_name->val : "nogroup";
97 fakegroup.gr_gid = a_gid ? (gid_t) atol(a_gid->val) : -1;
98 return print_group(&fakegroup, getarg(args, 'P') != NULL);
99 }
100 cmderr(EX_DATAERR, "unknown group `%s'\n", a_name ? a_name->val : a_gid->val);
101 }
102 if (a_name == NULL) /* Needed later */
103 a_name = addarg(args, 'n', grp->gr_name);
104
105 /*
106 * Handle deletions now
107 */
108 if (mode == M_DELETE) {
109 gid_t gid = grp->gr_gid;
110
111 if (delgrent(grp) == -1)
112 cmderr(EX_IOERR, "Error updating group file: %s\n", strerror(errno));
113 pw_log(cnf, mode, W_GROUP, "%s(%ld) removed", a_name->val, (long) gid);
114 return EXIT_SUCCESS;
115 } else if (mode == M_PRINT)
116 return print_group(grp, getarg(args, 'P') != NULL);
117
118 if (a_gid)
119 grp->gr_gid = (gid_t) atoi(a_gid->val);
120
121 if ((arg = getarg(args, 'l')) != NULL)
122 grp->gr_name = arg->val;
123 } else {
124 if (a_name == NULL) /* Required */
125 cmderr(EX_DATAERR, "group name required\n");
126 else if (grp != NULL) /* Exists */
127 cmderr(EX_DATAERR, "group name `%s' already exists\n", a_name->val);
128
129 memset(members, 0, sizeof members);
130 grp = &fakegroup;
131 grp->gr_name = a_name->val;
132 grp->gr_passwd = "*";
133 grp->gr_gid = gr_gidpolicy(cnf, args);
134 grp->gr_mem = members;
135 }
136
137 /*
138 * This allows us to set a group password Group passwords is an
139 * antique idea, rarely used and insecure (no secure database) Should
140 * be discouraged, but it is apparently still supported by some
141 * software.
142 */
143
144 if ((arg = getarg(args, 'h')) != NULL) {
145 if (strcmp(arg->val, "-") == 0)
146 grp->gr_passwd = "*"; /* No access */
147 else {
148 int fd = atoi(arg->val);
149 int b;
150 int istty = isatty(fd);
151 struct termios t;
152 char *p, line[256];
153
154 if (istty) {
155 if (tcgetattr(fd, &t) == -1)
156 istty = 0;
157 else {
158 struct termios n = t;
159
160 /* Disable echo */
161 n.c_lflag &= ~(ECHO);
162 tcsetattr(fd, TCSANOW, &n);
163 printf("%sassword for group %s:", (mode == M_UPDATE) ? "New p" : "P", grp->gr_name);
164 fflush(stdout);
165 }
166 }
167 b = read(fd, line, sizeof(line) - 1);
168 if (istty) { /* Restore state */
169 tcsetattr(fd, TCSANOW, &t);
170 fputc('\n', stdout);
171 fflush(stdout);
172 }
173 if (b < 0) {
174 perror("-h file descriptor");
175 return EX_OSERR;
176 }
177 line[b] = '\0';
178 if ((p = strpbrk(line, " \t\r\n")) != NULL)
179 *p = '\0';
180 if (!*line)
181 cmderr(EX_DATAERR, "empty password read on file descriptor %d\n", fd);
182 grp->gr_passwd = pw_pwcrypt(line);
183 }
184 }
185
186 if (((arg = getarg(args, 'M')) != NULL || (arg = getarg(args, 'm')) != NULL) && arg->val) {
187 int i = 0;
188 char *p;
189 struct passwd *pwd;
190
191 if (arg->ch == 'm') {
192 while (i < _UC_MAXGROUPS && grp->gr_mem[i] != NULL) {
193 members[i] = grp->gr_mem[i];
194 i++;
195 }
196 }
197 for (p = strtok(arg->val, ", \t"); i < _UC_MAXGROUPS && p != NULL; p = strtok(NULL, ", \t")) {
198 int j;
199 if ((pwd = getpwnam(p)) == NULL) {
200 if (!isdigit(*p) || (pwd = getpwuid((uid_t) atoi(p))) == NULL)
201 cmderr(EX_NOUSER, "user `%s' does not exist\n", p);
202 }
203 /*
204 * Check for duplicates
205 */
206 for (j = 0; j < i && strcmp(members[j], pwd->pw_name)!=0; j++)
207 ;
208 if (j == i)
209 members[i++] = newstr(pwd->pw_name);
210 }
211 while (i < _UC_MAXGROUPS)
212 members[i++] = NULL;
213 grp->gr_mem = members;
214 }
215
216 if (getarg(args, 'N') != NULL)
217 return print_group(grp, getarg(args, 'P') != NULL);
218
219 if ((mode == M_ADD && !addgrent(grp)) || (mode == M_UPDATE && !chggrent(a_name->val, grp))) {
220 perror("group update");
221 return EX_IOERR;
222 }
223 /* grp may have been invalidated */
224 if ((grp = getgrnam(a_name->val)) == NULL)
225 cmderr(EX_SOFTWARE, "group disappeared during update\n");
226
227 pw_log(cnf, mode, W_GROUP, "%s(%ld)", grp->gr_name, (long) grp->gr_gid);
228
229 return EXIT_SUCCESS;
230 }
231
232
233 static gid_t
234 gr_gidpolicy(struct userconf * cnf, struct cargs * args)
235 {
236 struct group *grp;
237 gid_t gid = (gid_t) - 1;
238 struct carg *a_gid = getarg(args, 'g');
239
240 /*
241 * Check the given gid, if any
242 */
243 if (a_gid != NULL) {
244 gid = (gid_t) atol(a_gid->val);
245
246 if ((grp = getgrgid(gid)) != NULL && getarg(args, 'o') == NULL)
247 cmderr(EX_DATAERR, "gid `%ld' has already been allocated\n", (long) grp->gr_gid);
248 } else {
249 struct bitmap bm;
250
251 /*
252 * We need to allocate the next available gid under one of
253 * two policies a) Grab the first unused gid b) Grab the
254 * highest possible unused gid
255 */
256 if (cnf->min_gid >= cnf->max_gid) { /* Sanity claus^H^H^H^Hheck */
257 cnf->min_gid = 1000;
258 cnf->max_gid = 32000;
259 }
260 bm = bm_alloc(cnf->max_gid - cnf->min_gid + 1);
261
262 /*
263 * Now, let's fill the bitmap from the password file
264 */
265 setgrent();
266 while ((grp = getgrent()) != NULL)
267 if (grp->gr_gid >= (int) cnf->min_gid && grp->gr_gid <= (int) cnf->max_gid)
268 bm_setbit(&bm, grp->gr_gid - cnf->min_gid);
269 endgrent();
270
271 /*
272 * Then apply the policy, with fallback to reuse if necessary
273 */
274 if (cnf->reuse_gids)
275 gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid);
276 else {
277 gid = (gid_t) (bm_lastset(&bm) + 1);
278 if (!bm_isset(&bm, gid))
279 gid += cnf->min_gid;
280 else
281 gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid);
282 }
283
284 /*
285 * Another sanity check
286 */
287 if (gid < cnf->min_gid || gid > cnf->max_gid)
288 cmderr(EX_SOFTWARE, "unable to allocate a new gid - range fully used\n");
289 bm_dealloc(&bm);
290 }
291 return gid;
292 }
293
294
295 static int
296 print_group(struct group * grp, int pretty)
297 {
298 if (!pretty) {
299 char buf[_UC_MAXLINE];
300
301 fmtgrent(buf, grp);
302 fputs(buf, stdout);
303 } else {
304 int i;
305
306 printf("Group Name : %-10s #%lu\n"
307 " Members : ",
308 grp->gr_name, (long) grp->gr_gid);
309 for (i = 0; i < _UC_MAXGROUPS && grp->gr_mem[i]; i++)
310 printf("%s%s", i ? "," : "", grp->gr_mem[i]);
311 fputs("\n\n", stdout);
312 }
313 return EXIT_SUCCESS;
314 }
A port of FreeBSDs pw for Darwin