summaryrefslogtreecommitdiffstats
path: root/libutil/pw_util.c
Commit message (Collapse)AuthorAgeFilesLines
* When passwd or group information is changed (by pw, vipw, chpass, ...)Renato Botelho2015-07-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | temporary file is created and then a rename() call move it to official file. This operation didn't have any check to make sure data was written to disk and if a power cycle happens system could end up with a 0 length passwd or group database. There is a pfSense bug with more infor about it: https://redmine.pfsense.org/issues/4523 The following changes were made to protect passwd and group operations: * lib/libutil/gr_util.c: - Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file - After rename(), fsync() call on directory for faster result * lib/libutil/pw_util.c - Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file * usr.sbin/pwd_mkdb/pwd_mkdb.c - Added O_SYNC flag on dbopen() calls - After rename(), fsync() call on directory for faster result * lib/libutil/pw_util.3 - pw_lock() returns a file descriptor to master password file on success Differential Revision: https://reviews.freebsd.org/D2978 Approved by: bapt Sponsored by: Netgate
* revert r283969,283970 not needed anymore after r283981Baptiste Daroussin2015-06-041-25/+3
|
* Add a pw_mkdb2(3) function which does the same thing as pw_mkdb(3) exceptBaptiste Daroussin2015-06-031-3/+25
| | | | | | | | it takes a new argument allowing to specify the endianness of the database to generate Differential Revision: https://reviews.freebsd.org/D2730 Reviewed by: ian
* Add O_CLOEXEC to flopenBaptiste Daroussin2012-12-271-1/+1
| | | | Requested by: jilles
* Use flopen(3) instead of open(2) + flock(2)Baptiste Daroussin2012-12-271-5/+2
|
* backout r242319, racy and not done in the right placeBaptiste Daroussin2012-10-291-9/+0
| | | | Reported by: Garrett Cooper <yanegomi@gmail.com>
* make pw_init and gr_init fail if the specified master password or group file isBaptiste Daroussin2012-10-291-0/+9
| | | | | | a directory. MFC after: 1 month
* Revert user comparison back to user names as some user can share uids (root/toorBaptiste Daroussin2012-06-191-6/+13
| | | | | | | | | | | for example) get the username information from old_pw structures to still allow renaming of a user. Reported by: Claude Buisson <clbuisson@orange.fr> Approved by: des (mentor) MFC after: 3 weeks
* Detect file modification properly by using tv_nsec.Ed Schouten2012-02-101-1/+2
| | | | | | | POSIX 2008 standardizes st_mtim, meaning we can simply use nanosecond precision to detect file modification. MFC after: 2 weeks
* Add new pw_make_v7 to make a passwd line (in v7 format) out of a struct passwdBaptiste Daroussin2012-01-051-1/+15
| | | | | | while here, fix missing parentheses of the return statement of pw_make. Approved by: des (mentor)
* Modify pw_copy:Baptiste Daroussin2011-12-151-0/+645
| | | | | | | | | | | | | - if pw is NULL and oldpw is not NULL then the oldpw is deleted - if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid then it renames the user add new gr_* functions so now gr_util API is similar to pw_util API, this allow to manipulate groups in a safe way. Reviewed by: des Approved by: des MFC after: 1 month
* Create the altix project branch. The altix project will add supportMarcel Moolenaar2010-03-101-621/+0
| | | | | | | for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
* sigset() is the name of function specified by SUSv4.Konstantin Belousov2009-11-261-4/+4
| | | | | | Replace it to avoid conflict. MFC after: 3 weeks
* Remove California Regent's clause 3, per letterWarner Losh2007-01-091-4/+0
|
* Minor comment fix.Thomas Quinot2006-09-081-1/+1
|
* (pw_copy): Handle the case of a malformed line in master.passwdThomas Quinot2006-09-041-2/+11
| | | | | | | | (copy it silently, do not dereference NULL pointer). PR: bin/102848 Reviewed by: security-officer (cperciva) MFC after: 1 week
* Don't depend on NULL's expansion being a pointer, cast it before it is passedStefan Farfeleder2004-05-181-3/+4
| | | | | | to variadic functions. Approved by: das (mentor)
* ANSIfy, WARNSify, CONSTify. Bit of style(9)-ify.Mark Murray2003-10-181-29/+36
|
* Tidy up. Sort headers.Mark Murray2003-06-141-1/+1
|
* Brucify.Dag-Erling Smørgrav2003-04-101-4/+8
|
* Correctly detect the case where a password entry was changed while we wereDag-Erling Smørgrav2003-04-091-2/+7
| | | | | | preparing to edit it. PR: bin/50563
* Apply the correct fix for bin/50679: don't mess around with process groupsDag-Erling Smørgrav2003-04-091-13/+19
| | | | | | | or the tty, just block selected signals in the parent like system(3) does. Many thanks to bde for his assistance in finding the correct solution. PR: bin/50679
* Band-aid for the "^C kills the editor" problem. I haven't yet found theDag-Erling Smørgrav2003-04-081-10/+6
| | | | | | | | proper way to fix this. The way this works is to prepend "exec " to the editor command to eliminate the "shell in the middle" which prevents us from properly reawakening the editor after a SIGTSTP. PR: bin/50679
* Make pw_edit() use /bin/sh to interpret the EDITOR environmentDavid Schultz2003-03-171-2/+12
| | | | | | | variable. PR: 48748 Reviewed by: mike (mentor)
* Don't forget to '\n'-terminate new entries. This unbreaks chpass -a.Dag-Erling Smørgrav2002-10-291-1/+2
| | | | Submitted by: joerg
* Be more clear in error messages.Nick Hibma2002-06-231-4/+9
| | | | | | | Distinguish between a held lock and a failed lock op. If rpc.lockd is not running on a diskless client this makes clearer what the problem is.
* If no old_pw was passed to pw_copy, compare just the name.Dag-Erling Smørgrav2002-05-081-1/+2
| | | | Sponsored by: DARPA, NAI Labs
* Add passwd manipulation code based on parts of vipw and chpass.Dag-Erling Smørgrav2002-05-081-82/+404
| | | | Sponsored by: DARPA, NAI Labs
* Make mppath and masterpasswd pointers instead of arrays, and initializeDag-Erling Smørgrav2002-04-171-2/+4
| | | | | | | | | them to point at static strings that contain the default paths. This makes 'vipw -d' work again (I broke it in rev 1.21; apologies for taking so long to fix it.) Spotted by: Olivier Houchard <doginou@cognet.ci0.org> Sponsored by: DARPA, NAI Labs
* Remove bogus reference to _use_yp.Dag-Erling Smørgrav2002-04-151-9/+1
|
* ANSIfy and constify.Dag-Erling Smørgrav2002-02-051-17/+15
| | | | Sponsored by: DARPA, NAI Labs
* Fix the type of the NULL arg to execl()Brian Somers2001-07-091-3/+3
| | | | Idea from: Theo de Raadt <deraadt@openbsd.org>
* Don't pass NULL to the %s format.Dima Dorfman2001-04-221-2/+6
| | | | Reviewed by: kris
* Don't call warn() without a format string.Kris Kennaway2000-07-121-1/+1
|
* $Id$ -> $FreeBSD$Peter Wemm1999-08-281-1/+1
|
* Move call to umask(0) back into pw_util(), because the latterPierre Beyssac1999-06-291-1/+4
| | | | function is also used by chpass(1) and passwd(1).
* Force umask to 077 (instead of 000) during the edit phase, to getPierre Beyssac1999-06-261-4/+1
| | | | | | | | | | secure permissions in case the user attempts to save something to a file of his own. Move umask stuff out of pw_init() into main() for better visibility of overall umask tweaking logic. PR: misc/11797
* Add -d option to vipw(8) to allow selection of an alternative directorySheldon Hearn1999-06-261-8/+14
| | | | | | | for the password files. PR: 2703 Submitted by: jmg
* oops. Fix indentation of the 'for' loop I just added.Matthew Dillon1998-12-131-18/+18
|
* Handle the race condition where vipw may lock a password file which hasMatthew Dillon1998-12-131-6/+22
| | | | | just been replaced. After our lock succeeds we check if st_nlink is 0 and if it is we close the descriptor and retry our open/lock sequence.
* Since vfork() was changed to fork(), we have to pass errno back from theDag-Erling Smørgrav1998-10-201-3/+6
| | | | | | | child to the parent somehow. PR: 8353 Submitted by: Andrew J. Korty <ajk@purdue.edu>
* Calls one or more of malloc(), warn(), err(), syslog(), execlp() orDag-Erling Smørgrav1998-10-131-3/+3
| | | | | | | | | | | execvp() in the child branch of a vfork(). Changed to use fork() instead. Some of these (mv, find, apply, xargs) might benefit greatly from being rewritten to use vfork() properly. PR: Loosely related to bin/8252 Approved by: jkh and bde
* Statisize usage().Philippe Charnier1997-10-271-1/+4
|
* Changes to support full make parallelism (-j<n>) in the worldJordan K. Hubbard1997-10-051-3/+3
| | | | | | target. Reviewed by: <many different folks> Submitted by: Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>
* Endless loop.Wolfram Schneider1997-09-291-5/+5
| | | | | | | | | | | $ vipw [corrupt a line in editor, exit editor] pwd_mkdb: corrupted entry pwd_mkdb: at line #2 pwd_mkdb: /etc/pw.012585: Inappropriate file type or format re-edit the password file? [y]: n^D^D [hang]
* Cosmetic: distinguish in diag message between rebuilding and updatingJoerg Wunsch1997-08-241-1/+2
| | | | | | | the database. PR: 3397 Submitted by: taob@risc.org (Brian Tao)
* Implement incremental passwd database updates. This is done by ading a '-u'Guido van Rooij1996-07-011-2/+8
| | | | | | | | | | | | | | option to pwd_mkdb and adding this option to utilities invoking it. Further, the filling of both the secure and insecure databases has been merged into one loop giving also a performance improvemnet. Note that I did *not* change the adduser command. I don't read perl (it is a write only language anyway). The change will drastically improve performance for passwd and friends with large passwd files. Vipw's performance won't change. In order to do that some kind of diff should be made between the old and new master.passwd and depending the amount of changes, an incremental or complete update of the databases should be agreed upon.
* Small NIS tweak: frob pw_error() a little so that it can say eitherBill Paul1995-08-131-1/+8
| | | | | | | | | 'NIS information unchanged' or '/etc/master.passwd unchanged' depending on which was is being modified (conditional on -DYP). This is to save me the trouble of writing a whole other error routine (nis_error()?) for the upcoming changes to passwd and chpass.
* Remove trailing whitespace.Rodney W. Grimes1995-05-301-2/+2
|
* Fix suspended vipw hangsAndrey A. Chernov1995-03-091-9/+25
| | | | Obtained from: NetBSD
generated by cgit v1.2.3-56-ge451 (git 2.39.0) at 2024-06-03 06:42:51 +0000