to preconfigured values for -e, -p and -w flags.
Use non-negative symbols instead of magic values
in passwd_val/pw_password functions.
PR: 223431
Submitted by: Yuri Pankov (in part, patch for the manual)
Reported by: mav (mentor)
MFC after: 3 days
Relnotes: yes
numerics(char const * str)
{
numerics(char const * str)
{
#include <sys/cdefs.h>
__BEGIN_DECLS
#include <sys/cdefs.h>
__BEGIN_DECLS
+int numerics(char const * str);
time_t parse_date(time_t dt, char const * str);
void print_date(char *buf, time_t t, int dotime);
__END_DECLS
time_t parse_date(time_t dt, char const * str);
void print_date(char *buf, time_t t, int dotime);
__END_DECLS
A value of 0 suppresses automatic calculation of the expiry date.
.It Fl p Ar days
Set the default password expiration period in days.
A value of 0 suppresses automatic calculation of the expiry date.
.It Fl p Ar days
Set the default password expiration period in days.
+When
+.Fl D
+is used, the
+.Ar days
+argument is interpreted differently.
+It must be numeric and represents the number of days after creation
+that the account expires.
+A value of 0 suppresses automatic calculation of the expiry date.
.It Fl g Ar group
Set the default group for new users.
If a blank group is specified using
.It Fl g Ar group
Set the default group for new users.
If a blank group is specified using
+enum _passmode
+{
+ P_NO,
+ P_NONE,
+ P_RANDOM,
+ P_YES
+};
+
for (i = 0; booltrue[i]; i++)
if (strcmp(str, booltrue[i]) == 0)
for (i = 0; booltrue[i]; i++)
if (strcmp(str, booltrue[i]) == 0)
for (i = 0; boolfalse[i]; i++)
if (strcmp(str, boolfalse[i]) == 0)
for (i = 0; boolfalse[i]; i++)
if (strcmp(str, boolfalse[i]) == 0)
/*
* Special cases for defaultpassword
*/
if (strcmp(str, "random") == 0)
/*
* Special cases for defaultpassword
*/
if (strcmp(str, "random") == 0)
if (strcmp(str, "none") == 0)
if (strcmp(str, "none") == 0)
errx(1, "Invalid value for default password");
}
errx(1, "Invalid value for default password");
}
char pwbuf[32];
switch (cnf->default_password) {
char pwbuf[32];
switch (cnf->default_password) {
- case -1: /* Random password */
+ case P_NONE: /* No password at all! */
+ return "";
+ case P_RANDOM: /* Random password */
l = (arc4random() % 8 + 8); /* 8 - 16 chars */
for (i = 0; i < l; i++)
pwbuf[i] = chars[arc4random_uniform(sizeof(chars)-1)];
l = (arc4random() % 8 + 8); /* 8 - 16 chars */
for (i = 0; i < l; i++)
pwbuf[i] = chars[arc4random_uniform(sizeof(chars)-1)];
-
- case -2: /* No password at all! */
- return "";
-
- case 0: /* No login - default */
- default:
- return "*";
-
- case 1: /* user's name */
+ case P_YES: /* user's name */
strlcpy(pwbuf, user, sizeof(pwbuf));
break;
strlcpy(pwbuf, user, sizeof(pwbuf));
break;
+ case P_NO: /* No login - default */
+ /* FALLTHROUGH */
+ default:
+ return "*";
}
return pw_pwcrypt(pwbuf);
}
}
return pw_pwcrypt(pwbuf);
}
+static long
+validate_expire(char *str, int opt)
+{
+ if (!numerics(str))
+ errx(EX_DATAERR, "-%c argument must be numeric "
+ "when setting defaults: %s", (char)opt, str);
+ return strtol(str, NULL, 0);
+}
+
static void
mix_config(struct userconf *cmdcnf, struct userconf *cfg)
{
static void
mix_config(struct userconf *cmdcnf, struct userconf *cfg)
{
- if (cmdcnf->default_password == 0)
+ if (cmdcnf->default_password < 0)
cmdcnf->default_password = cfg->default_password;
if (cmdcnf->reuse_uids == 0)
cmdcnf->reuse_uids = cfg->reuse_uids;
cmdcnf->default_password = cfg->default_password;
if (cmdcnf->reuse_uids == 0)
cmdcnf->reuse_uids = cfg->reuse_uids;
cmdcnf->min_gid = cfg->min_gid;
if (cmdcnf->max_gid == 0)
cmdcnf->max_gid = cfg->max_gid;
cmdcnf->min_gid = cfg->min_gid;
if (cmdcnf->max_gid == 0)
cmdcnf->max_gid = cfg->max_gid;
- if (cmdcnf->expire_days == 0)
+ if (cmdcnf->expire_days < 0)
cmdcnf->expire_days = cfg->expire_days;
cmdcnf->expire_days = cfg->expire_days;
- if (cmdcnf->password_days == 0)
+ if (cmdcnf->password_days < 0)
cmdcnf->password_days = cfg->password_days;
}
cmdcnf->password_days = cfg->password_days;
}
if ((cmdcnf = calloc(1, sizeof(struct userconf))) == NULL)
err(EXIT_FAILURE, "calloc()");
if ((cmdcnf = calloc(1, sizeof(struct userconf))) == NULL)
err(EXIT_FAILURE, "calloc()");
+ cmdcnf->default_password = cmdcnf->expire_days = cmdcnf->password_days = -1;
+ now = time(NULL);
+
if (arg1 != NULL) {
if (arg1[strspn(arg1, "0123456789")] == '\0')
id = pw_checkid(arg1, UID_MAX);
if (arg1 != NULL) {
if (arg1[strspn(arg1, "0123456789")] == '\0')
id = pw_checkid(arg1, UID_MAX);
homedir = optarg;
break;
case 'e':
homedir = optarg;
break;
case 'e':
- now = time(NULL);
- cmdcnf->expire_days = parse_date(now, optarg);
+ if (genconf)
+ cmdcnf->expire_days = validate_expire(optarg, ch);
+ else
+ cmdcnf->expire_days = parse_date(now, optarg);
- now = time(NULL);
- cmdcnf->password_days = parse_date(now, optarg);
+ if (genconf)
+ cmdcnf->password_days = validate_expire(optarg, ch);
+ else
+ cmdcnf->password_days = parse_date(now, optarg);
break;
case 'g':
validate_grname(cmdcnf, optarg);
break;
case 'g':
validate_grname(cmdcnf, optarg);
pwd->pw_uid = pw_uidpolicy(cmdcnf, id);
pwd->pw_gid = pw_gidpolicy(cnf, grname, pwd->pw_name,
(gid_t) pwd->pw_uid, dryrun);
pwd->pw_uid = pw_uidpolicy(cmdcnf, id);
pwd->pw_gid = pw_gidpolicy(cnf, grname, pwd->pw_name,
(gid_t) pwd->pw_uid, dryrun);
- pwd->pw_change = cmdcnf->password_days;
- pwd->pw_expire = cmdcnf->expire_days;
+
+ if (cmdcnf->password_days > 0)
+ pwd->pw_change = now + cmdcnf->password_days * 86400L;
+ if (cmdcnf->expire_days > 0)
+ pwd->pw_expire = now + cmdcnf->expire_days * 86400L;
+
pwd->pw_dir = pw_homepolicy(cmdcnf, homedir, pwd->pw_name);
pwd->pw_shell = pw_shellpolicy(cmdcnf);
lc = login_getpwclass(pwd);
pwd->pw_dir = pw_homepolicy(cmdcnf, homedir, pwd->pw_name);
pwd->pw_shell = pw_shellpolicy(cmdcnf);
lc = login_getpwclass(pwd);
class = nispasswd = NULL;
quiet = createhome = pretty = dryrun = nis = precrypted = false;
edited = false;
class = nispasswd = NULL;
quiet = createhome = pretty = dryrun = nis = precrypted = false;
edited = false;
if (arg1 != NULL) {
if (arg1[strspn(arg1, "0123456789")] == '\0')
if (arg1 != NULL) {
if (arg1[strspn(arg1, "0123456789")] == '\0')
homedir = optarg;
break;
case 'e':
homedir = optarg;
break;
case 'e':
expire_days = parse_date(now, optarg);
break;
case 'p':
expire_days = parse_date(now, optarg);
break;
case 'p':
password_days = parse_date(now, optarg);
break;
case 'g':
password_days = parse_date(now, optarg);
break;
case 'g':
- if (password_days >= 0 && pwd->pw_change != password_days) {
- pwd->pw_change = password_days;
+
+ if (password_days >= 0) {
+ pwd->pw_change = now + password_days * 86400L;
- if (expire_days >= 0 && pwd->pw_expire != expire_days) {
- pwd->pw_expire = expire_days;
+ if (expire_days >= 0) {
+ pwd->pw_expire = now + expire_days * 86400L;
git.ckatri.com / pw-darwin.git / commitdiff