X-Git-Url: https://git.cameronkatri.com/pw-darwin.git/blobdiff_plain/0bd62940e7448723174826add8a3541601d442d8..6c3bf245a1f6262fec55df02180ce4243db767b3:/libutil/pw_util.c diff --git a/libutil/pw_util.c b/libutil/pw_util.c index 5eae280..e55c2b1 100644 --- a/libutil/pw_util.c +++ b/libutil/pw_util.c @@ -17,7 +17,7 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 4. Neither the name of the University nor the names of its contributors + * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * @@ -58,7 +58,6 @@ static const char rcsid[] = #include #include #include -#include #include #include #include @@ -179,11 +178,8 @@ pw_lock(void) for (;;) { struct stat st; - lockfd = open(masterpasswd, O_RDONLY, 0); - if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1) - err(1, "%s", masterpasswd); - /* XXX vulnerable to race conditions */ - if (flock(lockfd, LOCK_EX|LOCK_NB) == -1) { + lockfd = flopen(masterpasswd, O_RDONLY|O_NONBLOCK|O_CLOEXEC, 0); + if (lockfd == -1) { if (errno == EWOULDBLOCK) { errx(1, "the password db file is busy"); } else { @@ -229,7 +225,7 @@ pw_tmp(int mfd) errno = ENAMETOOLONG; return (-1); } - if ((tfd = mkstemp(tempname)) == -1) + if ((tfd = mkostemp(tempname, 0)) == -1) return (-1); if (mfd != -1) { while ((nr = read(mfd, buf, sizeof(buf))) > 0) @@ -318,7 +314,7 @@ pw_edit(int notsetuid) (void)setuid(getuid()); } errno = 0; - execlp(editor, basename(editor), tempname, (char *)NULL); + execlp(editor, editor, tempname, (char *)NULL); _exit(errno); default: /* parent */ @@ -347,7 +343,8 @@ pw_edit(int notsetuid) sigprocmask(SIG_SETMASK, &oldsigset, NULL); if (stat(tempname, &st2) == -1) return (-1); - return (st1.st_mtime != st2.st_mtime); + return (st1.st_mtim.tv_sec != st2.st_mtim.tv_sec || + st1.st_mtim.tv_nsec != st2.st_mtim.tv_nsec); } /* @@ -406,23 +403,56 @@ pw_make(const struct passwd *pw) pw->pw_passwd, (uintmax_t)pw->pw_uid, (uintmax_t)pw->pw_gid, pw->pw_class, (uintmax_t)pw->pw_change, (uintmax_t)pw->pw_expire, pw->pw_gecos, pw->pw_dir, pw->pw_shell); - return line; + return (line); } /* - * Copy password file from one descriptor to another, replacing or adding - * a single record on the way. + * Make a passwd line (in v7 format) out of a struct passwd + */ +char * +pw_make_v7(const struct passwd *pw) +{ + char *line; + + asprintf(&line, "%s:*:%ju:%ju:%s:%s:%s", pw->pw_name, + (uintmax_t)pw->pw_uid, (uintmax_t)pw->pw_gid, + pw->pw_gecos, pw->pw_dir, pw->pw_shell); + return (line); +} + +/* + * Copy password file from one descriptor to another, replacing, deleting + * or adding a single record on the way. */ int pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) { - char buf[8192], *end, *line, *p, *q, *r, t; + char *buf, *end, *line, *p, *q, *r, *tmp; struct passwd *fpw; - size_t len; + const struct passwd *spw; + size_t len, size; int eof, readlen; + char t; - if ((line = pw_make(pw)) == NULL) - return (-1); + if (old_pw == NULL && pw == NULL) + return (-1); + + spw = old_pw; + /* deleting a user */ + if (pw == NULL) { + line = NULL; + } else { + if ((line = pw_make(pw)) == NULL) + return (-1); + } + + /* adding a user */ + if (spw == NULL) + spw = pw; + + /* initialize the buffer */ + if ((buf = malloc(size = 1024)) == NULL) + goto err; eof = 0; len = 0; @@ -437,10 +467,16 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) if (q >= end) { if (eof) break; - if ((size_t)(q - p) >= sizeof(buf)) { - warnx("passwd line too long"); - errno = EINVAL; /* hack */ - goto err; + while ((size_t)(q - p) >= size) { + if ((tmp = realloc(buf, size * 2)) == NULL) { + warnx("passwd line too long"); + goto err; + } + p = tmp + (p - buf); + q = tmp + (q - buf); + end = tmp + (end - buf); + buf = tmp; + size = size * 2; } if (p < end) { q = memmove(buf, p, end - p); @@ -448,7 +484,7 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) } else { p = q = end = buf; } - readlen = read(ffd, end, sizeof(buf) - (end - buf)); + readlen = read(ffd, end, size - (end - buf)); if (readlen == -1) goto err; else @@ -457,7 +493,7 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) break; end += len; len = end - buf; - if (len < (ssize_t)sizeof(buf)) { + if (len < size) { eof = 1; if (len > 0 && buf[len - 1] != '\n') ++len, *end++ = '\n'; @@ -489,7 +525,7 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) */ *q = t; - if (fpw == NULL || strcmp(fpw->pw_name, pw->pw_name) != 0) { + if (fpw == NULL || strcmp(fpw->pw_name, spw->pw_name) != 0) { /* nope */ if (fpw != NULL) free(fpw); @@ -506,17 +542,21 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) } free(fpw); - /* it is, replace it */ - len = strlen(line); - if (write(tfd, line, len) != (int)len) - goto err; - + /* it is, replace or remove it */ + if (line != NULL) { + len = strlen(line); + if (write(tfd, line, len) != (int)len) + goto err; + } else { + /* when removed, avoid the \n */ + q++; + } /* we're done, just copy the rest over */ for (;;) { if (write(tfd, q, end - q) != end - q) goto err; q = buf; - readlen = read(ffd, buf, sizeof(buf)); + readlen = read(ffd, buf, size); if (readlen == 0) break; else @@ -528,16 +568,22 @@ pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw) goto done; } - /* if we got here, we have a new entry */ + /* if we got here, we didn't find the old entry */ + if (line == NULL) { + errno = ENOENT; + goto err; + } len = strlen(line); if ((size_t)write(tfd, line, len) != len || write(tfd, "\n", 1) != 1) goto err; done: free(line); + free(buf); return (0); err: free(line); + free(buf); return (-1); }