diff options
| author |   Ian Lepore <ian@FreeBSD.org> | 2018-07-22 23:41:40 +0000 |
|---|---|---|
| committer | Ian Lepore <ian@FreeBSD.org> | 2018-07-22 23:41:40 +0000 |
| commit | a97b359809759494438052dd4984a4f77b4bfd5d (patch) | |
| tree | c0e691eb8cf951a316c781a55d99c6820fd39065 | |
| parent | 5d9f253bb5e0cfe6848f6ceb730fe13e9494b460 (diff) | |
| download | pw-darwin-a97b359809759494438052dd4984a4f77b4bfd5d.tar.gz pw-darwin-a97b359809759494438052dd4984a4f77b4bfd5d.tar.zst pw-darwin-a97b359809759494438052dd4984a4f77b4bfd5d.zip | |
Make pw(8) showuser work the same with or without -R <path> for non-root
users. Without -R, pw(8) uses getpwnam(3), which will open master.passwd
for the root user or passwd for non-root users. With -R <path> pw(8) was
always opening <path>/master.passwd, which would fail for a non-root user,
then falsely claim the userid you're trying to show doesn't exist.
Now for a non-root user it opens <path>/passwd and zeroes out the 3 fields
that aren't available in the passwd file, which duplicates the behavior of
getpwnam(3). The net effect is that the showuser output is identical
whether using -R or not.
| -rw-r--r-- | pw/pw_vpw.c | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/pw/pw_vpw.c b/pw/pw_vpw.c index ea87f71..4517a74 100644 --- a/pw/pw_vpw.c +++ b/pw/pw_vpw.c @@ -39,10 +39,13 @@ static const char rcsid[] = #include <string.h> #include <stdlib.h> #include <err.h> +#include <unistd.h> #include "pwupd.h" static FILE * pwd_fp = NULL; +static int pwd_scanflag; +static const char *pwd_filename; void vendpwent(void) @@ -71,7 +74,18 @@ vnextpwent(char const *nam, uid_t uid, int doclose) line = NULL; linecap = 0; - if (pwd_fp != NULL || (pwd_fp = fopen(getpwpath(_MASTERPASSWD), "r")) != NULL) { + if (pwd_fp == NULL) { + if (geteuid() == 0) { + pwd_filename = _MASTERPASSWD; + pwd_scanflag = PWSCAN_MASTER; + } else { + pwd_filename = _PASSWD; + pwd_scanflag = 0; + } + pwd_fp = fopen(getpwpath(pwd_filename), "r"); + } + + if (pwd_fp != NULL) { while ((linelen = getline(&line, &linecap, pwd_fp)) > 0) { /* Skip comments and empty lines */ if (*line == '\n' || *line == '#') @@ -79,10 +93,10 @@ vnextpwent(char const *nam, uid_t uid, int doclose) /* trim latest \n */ if (line[linelen - 1 ] == '\n') line[linelen - 1] = '\0'; - pw = pw_scan(line, PWSCAN_MASTER); + pw = pw_scan(line, pwd_scanflag); if (pw == NULL) errx(EXIT_FAILURE, "Invalid user entry in '%s':" - " '%s'", getpwpath(_MASTERPASSWD), line); + " '%s'", getpwpath(pwd_filename), line); if (uid != (uid_t)-1) { if (uid == pw->pw_uid) break; @@ -99,6 +113,18 @@ vnextpwent(char const *nam, uid_t uid, int doclose) } free(line); + /* + * If we read the non-master passwd, some fields may not have been + * populated. Clean them up so that the output looks the same as that + * generated using getpwnam() which also inits them to these values. + */ + if (!(pw->pw_fields & _PWF_CLASS)) + pw->pw_class = ""; + if (!(pw->pw_fields & _PWF_CHANGE)) + pw->pw_change = 0; + if (!(pw->pw_fields & _PWF_EXPIRE)) + pw->pw_expire = 0; + return (pw); } |