From e773096e9049d4fb494d9ea86a862cd89d62bdfc Mon Sep 17 00:00:00 2001 From: Baptiste Daroussin Date: Sun, 2 Aug 2015 12:47:50 +0000 Subject: Rewrite parsing subcommands arguments of pw(8) Now each subcommands checks its arguments in a dedicated functions. This helps improving input validation, code readability/maintainability While here: - Add a -y option to pw userdel/usermod so it can maintain NIS servers if nispasswd is not defined in pw.conf(5) - Allow pw -r to remove directory with userdel -r - Fix bug when renaming a user which was not renaming the user name it groups it is a member of. - Only parse pw.conf(5) when needed. --- pw/Makefile | 3 +- pw/pw.c | 296 +------ pw/pw.h | 28 +- pw/pw_conf.c | 61 +- pw/pw_group.c | 757 ++++++++++++------ pw/pw_nis.c | 1 + pw/pw_user.c | 2431 ++++++++++++++++++++++++++++++++------------------------ pw/pw_utils.c | 97 +++ pw/pwupd.h | 17 +- pw/strtounum.c | 2 +- 10 files changed, 2081 insertions(+), 1612 deletions(-) create mode 100644 pw/pw_utils.c diff --git a/pw/Makefile b/pw/Makefile index 87bb5f6..f26c9de 100644 --- a/pw/Makefile +++ b/pw/Makefile @@ -3,7 +3,8 @@ PROG= pw MAN= pw.conf.5 pw.8 SRCS= pw.c pw_conf.c pw_user.c pw_group.c pw_log.c pw_nis.c pw_vpw.c \ - grupd.c pwupd.c psdate.c bitmap.c cpdir.c rm_r.c strtounum.c + grupd.c pwupd.c psdate.c bitmap.c cpdir.c rm_r.c strtounum.c \ + pw_utils.c WARNS?= 3 diff --git a/pw/pw.c b/pw/pw.c index 88c83db..b13db70 100644 --- a/pw/pw.c +++ b/pw/pw.c @@ -37,9 +37,6 @@ static const char rcsid[] = #include #include "pw.h" -#if !defined(_PATH_YP) -#define _PATH_YP "/var/yp/" -#endif const char *Modes[] = { "add", "del", "mod", "show", "next", NULL}; @@ -85,55 +82,39 @@ struct pwf VPWF = vgetgrnam, }; -struct pwconf conf; - -static struct cargs arglist; +static int (*cmdfunc[W_NUM][M_NUM])(int argc, char **argv, char *_name) = { + { /* user */ + pw_user_add, + pw_user_del, + pw_user_mod, + pw_user_show, + pw_user_next, + pw_user_lock, + pw_user_unlock, + }, + { /* group */ + pw_group_add, + pw_group_del, + pw_group_mod, + pw_group_show, + pw_group_next, + } +}; -static int getindex(const char *words[], const char *word); -static void cmdhelp(int mode, int which); +struct pwconf conf; +static int getindex(const char *words[], const char *word); +static void cmdhelp(int mode, int which); int main(int argc, char *argv[]) { - int ch; - int mode = -1; - int which = -1; - long id = -1; - char *config = NULL; + int mode = -1, which = -1, tmp; struct stat st; - const char *errstr; - char arg, *name; + char arg, *arg1; bool relocated, nis; - static const char *opts[W_NUM][M_NUM] = - { - { /* user */ - "R:V:C:qn:u:c:d:e:p:g:G:mM:k:s:oL:i:w:h:H:Db:NPy:Y", - "R:V:C:qn:u:rY", - "R:V:C:qn:u:c:d:e:p:g:G:mM:l:k:s:w:L:h:H:FNPY", - "R:V:C:qn:u:FPa7", - "R:V:C:q", - "R:V:C:q", - "R:V:C:q" - }, - { /* grp */ - "R:V:C:qn:g:h:H:M:opNPY", - "R:V:C:qn:g:Y", - "R:V:C:qn:d:g:l:h:H:FM:m:NPY", - "R:V:C:qn:g:FPa", - "R:V:C:q" - } - }; - - static int (*funcs[W_NUM]) (int _mode, char *_name, long _id, - struct cargs * _args) = - { /* Request handlers */ - pw_user, - pw_group - }; - - name = NULL; + arg1 = NULL; relocated = nis = false; memset(&conf, 0, sizeof(conf)); strlcpy(conf.rootdir, "/", sizeof(conf.rootdir)); @@ -141,17 +122,13 @@ main(int argc, char *argv[]) conf.fd = -1; conf.checkduplicate = true; - LIST_INIT(&arglist); - - (void)setlocale(LC_ALL, ""); + setlocale(LC_ALL, ""); /* * Break off the first couple of words to determine what exactly * we're being asked to do */ while (argc > 1) { - int tmp; - if (*argv[1] == '-') { /* * Special case, allow pw -V [args] for scripts etc. @@ -197,15 +174,9 @@ main(int argc, char *argv[]) mode = tmp % M_NUM; } else if (strcmp(argv[1], "help") == 0 && argv[2] == NULL) cmdhelp(mode, which); - else if (which != -1 && mode != -1) { - if (strspn(argv[1], "0123456789") == strlen(argv[1])) { - id = strtounum(argv[1], 0, UID_MAX, &errstr); - if (errstr != NULL) - errx(EX_USAGE, "Bad id '%s': %s", - argv[1], errstr); - } else - name = argv[1]; - } else + else if (which != -1 && mode != -1) + arg1 = argv[1]; + else errx(EX_USAGE, "unknown keyword `%s'", argv[1]); ++argv; --argc; @@ -220,193 +191,22 @@ main(int argc, char *argv[]) conf.rootfd = open(conf.rootdir, O_DIRECTORY|O_CLOEXEC); if (conf.rootfd == -1) errx(EXIT_FAILURE, "Unable to open '%s'", conf.rootdir); - conf.which = which; - /* - * We know which mode we're in and what we're about to do, so now - * let's dispatch the remaining command line args in a genric way. - */ - optarg = NULL; - - while ((ch = getopt(argc, argv, opts[which][mode])) != -1) { - switch (ch) { - case '?': - errx(EX_USAGE, "unknown switch"); - break; - case '7': - conf.v7 = true; - break; - case 'C': - conf.config = optarg; - config = conf.config; - break; - case 'F': - conf.force = true; - break; - case 'N': - conf.dryrun = true; - break; - case 'l': - if (strlen(optarg) >= MAXLOGNAME) - errx(EX_USAGE, "new name too long: %s", optarg); - conf.newname = optarg; - break; - case 'P': - conf.pretty = true; - break; - case 'Y': - nis = true; - break; - case 'a': - conf.all = true; - break; - case 'c': - conf.gecos = pw_checkname(optarg, 1); - break; - case 'g': - if (which == 0) { /* for user* */ - addarg(&arglist, 'g', optarg); - break; - } - if (strspn(optarg, "0123456789") != strlen(optarg)) - errx(EX_USAGE, "-g expects a number"); - id = strtounum(optarg, 0, GID_MAX, &errstr); - if (errstr != NULL) - errx(EX_USAGE, "Bad id '%s': %s", optarg, - errstr); - break; - case 'u': - if (strspn(optarg, "0123456789,") != strlen(optarg)) - errx(EX_USAGE, "-u expects a number"); - if (strchr(optarg, ',') != NULL) { - addarg(&arglist, 'u', optarg); - break; - } - id = strtounum(optarg, 0, UID_MAX, &errstr); - if (errstr != NULL) - errx(EX_USAGE, "Bad id '%s': %s", optarg, - errstr); - break; - case 'n': - name = optarg; - break; - case 'H': - if (conf.fd != -1) - errx(EX_USAGE, "'-h' and '-H' are mutually " - "exclusive options"); - conf.precrypted = true; - if (strspn(optarg, "0123456789") != strlen(optarg)) - errx(EX_USAGE, "'-H' expects a file descriptor"); - - conf.fd = strtonum(optarg, 0, INT_MAX, &errstr); - if (errstr != NULL) - errx(EX_USAGE, "Bad file descriptor '%s': %s", - optarg, errstr); - break; - case 'h': - if (conf.fd != -1) - errx(EX_USAGE, "'-h' and '-H' are mutually " - "exclusive options"); - - if (strcmp(optarg, "-") == 0) - conf.fd = '-'; - else if (strspn(optarg, "0123456789") == strlen(optarg)) { - conf.fd = strtonum(optarg, 0, INT_MAX, &errstr); - if (errstr != NULL) - errx(EX_USAGE, "'-h' expects a " - "file descriptor or '-'"); - } else - errx(EX_USAGE, "'-h' expects a file " - "descriptor or '-'"); - break; - case 'o': - conf.checkduplicate = false; - break; - case 'q': - conf.quiet = true; - break; - case 'r': - conf.deletehome = true; - break; - default: - addarg(&arglist, ch, optarg); - break; - } - optarg = NULL; - } - - if (name != NULL && strlen(name) >= MAXLOGNAME) - errx(EX_USAGE, "name too long: %s", name); - - /* - * Must be root to attempt an update - */ - if (geteuid() != 0 && mode != M_PRINT && mode != M_NEXT && !conf.dryrun) - errx(EX_NOPERM, "you must be root to run this program"); - /* - * We should immediately look for the -q 'quiet' switch so that we - * don't bother with extraneous errors - */ - if (conf.quiet) - freopen(_PATH_DEVNULL, "w", stderr); - - /* - * Set our base working path if not overridden - */ - - if (config == NULL) { /* Only override config location if -C not specified */ - asprintf(&config, "%s/pw.conf", conf.etcpath); - if (config == NULL) - errx(EX_OSERR, "out of memory"); - } - - /* - * Now, let's do the common initialisation - */ - conf.userconf = read_userconfig(config); - - ch = funcs[which] (mode, name, id, &arglist); - - /* - * If everything went ok, and we've been asked to update - * the NIS maps, then do it now - */ - if (ch == EXIT_SUCCESS && nis) { - pid_t pid; - - fflush(NULL); - if (chdir(_PATH_YP) == -1) - warn("chdir(" _PATH_YP ")"); - else if ((pid = fork()) == -1) - warn("fork()"); - else if (pid == 0) { - /* Is make anywhere else? */ - execlp("/usr/bin/make", "make", (char *)NULL); - _exit(1); - } else { - int i; - waitpid(pid, &i, 0); - if ((i = WEXITSTATUS(i)) != 0) - errx(ch, "make exited with status %d", i); - else - pw_log(conf.userconf, mode, which, "NIS maps updated"); - } - } - return ch; + return (cmdfunc[which][mode](argc, argv, arg1)); } static int getindex(const char *words[], const char *word) { - int i = 0; + int i = 0; while (words[i]) { if (strcmp(words[i], word) == 0) - return i; + return (i); i++; } - return -1; + return (-1); } @@ -456,7 +256,7 @@ cmdhelp(int mode, int which) " Setting defaults:\n" "\t-V etcdir alternate /etc location\n" "\t-R rootir alternate root directory\n" - "\t-D set user defaults\n" + "\t-D set user defaults\n" "\t-b dir default home root dir\n" "\t-e period default expiry period\n" "\t-p period default password change period\n" @@ -476,6 +276,7 @@ cmdhelp(int mode, int which) "\t-n name login name\n" "\t-u uid user id\n" "\t-Y update NIS maps\n" + "\t-y path set NIS passwd file path\n" "\t-r remove home & contents\n", "usage: pw usermod [uid|name] [switches]\n" "\t-V etcdir alternate /etc location\n" @@ -500,6 +301,7 @@ cmdhelp(int mode, int which) "\t-h fd read password on fd\n" "\t-H fd read encrypted password on fd\n" "\t-Y update NIS maps\n" + "\t-y path set NIS passwd file path\n" "\t-N no update\n", "usage: pw usershow [uid|name] [switches]\n" "\t-V etcdir alternate /etc location\n" @@ -576,31 +378,3 @@ cmdhelp(int mode, int which) } exit(EXIT_FAILURE); } - -struct carg * -getarg(struct cargs * _args, int ch) -{ - struct carg *c; - - if (_args == NULL) - return (NULL); - - c = LIST_FIRST(_args); - - while (c != NULL && c->ch != ch) - c = LIST_NEXT(c, list); - return c; -} - -struct carg * -addarg(struct cargs * _args, int ch, char *argstr) -{ - struct carg *ca = malloc(sizeof(struct carg)); - - if (ca == NULL) - errx(EX_OSERR, "out of memory"); - ca->ch = ch; - ca->val = argstr; - LIST_INSERT_HEAD(_args, ca, list); - return ca; -} diff --git a/pw/pw.h b/pw/pw.h index a22572e..b6e2ccf 100644 --- a/pw/pw.h +++ b/pw/pw.h @@ -78,21 +78,41 @@ LIST_HEAD(cargs, carg); #define _UC_MAXLINE 1024 #define _UC_MAXSHELLS 32 +struct userconf *get_userconfig(const char *cfg); struct userconf *read_userconfig(char const * file); -int write_userconfig(char const * file); +int write_userconfig(struct userconf *cnf, char const * file); struct carg *addarg(struct cargs * _args, int ch, char *argstr); struct carg *getarg(struct cargs * _args, int ch); -int pw_user(int mode, char *name, long id, struct cargs * _args); -int pw_usernext(struct userconf *cnf, bool quiet); -int pw_group(int mode, char *name, long id, struct cargs * _args); +int pw_group_add(int argc, char **argv, char *name); +int pw_group_del(int argc, char **argv, char *name); +int pw_group_mod(int argc, char **argv, char *name); +int pw_group_next(int argc, char **argv, char *name); +int pw_group_show(int argc, char **argv, char *name); +int pw_user_add(int argc, char **argv, char *name); +int pw_user_add(int argc, char **argv, char *name); +int pw_user_add(int argc, char **argv, char *name); +int pw_user_add(int argc, char **argv, char *name); +int pw_user_del(int argc, char **argv, char *name); +int pw_user_lock(int argc, char **argv, char *name); +int pw_user_mod(int argc, char **argv, char *name); +int pw_user_next(int argc, char **argv, char *name); +int pw_user_show(int argc, char **argv, char *name); +int pw_user_unlock(int argc, char **argv, char *name); int pw_groupnext(struct userconf *cnf, bool quiet); char *pw_checkname(char *name, int gecos); +uintmax_t pw_checkid(char *nptr, uintmax_t maxval); +int pw_checkfd(char *nptr); int addnispwent(const char *path, struct passwd *pwd); int delnispwent(const char *path, const char *login); int chgnispwent(const char *path, const char *login, struct passwd *pwd); +int groupadd(struct userconf *, char *name, gid_t id, char *members, int fd, + bool dryrun, bool pretty, bool precrypted); + +int nis_update(void); + int boolean_val(char const * str, int dflt); char const *boolean_str(int val); char *newstr(char const * p); diff --git a/pw/pw_conf.c b/pw/pw_conf.c index b723c31..41ab79b 100644 --- a/pw/pw_conf.c +++ b/pw/pw_conf.c @@ -235,9 +235,6 @@ read_userconfig(char const * file) buf = NULL; linecap = 0; - config.groups = sl_init(); - if (config.groups == NULL) - err(1, "sl_init()"); if (file == NULL) file = _PATH_PW_CONF; @@ -316,8 +313,11 @@ read_userconfig(char const * file) ? NULL : newstr(q); break; case _UC_EXTRAGROUPS: - for (i = 0; q != NULL; q = strtok(NULL, toks)) + for (i = 0; q != NULL; q = strtok(NULL, toks)) { + if (config.groups == NULL) + config.groups = sl_init(); sl_add(config.groups, newstr(q)); + } break; case _UC_DEFAULTCLASS: config.default_class = (q == NULL || !boolean_val(q, 1)) @@ -391,7 +391,7 @@ read_userconfig(char const * file) int -write_userconfig(char const * file) +write_userconfig(struct userconf *cnf, const char *file) { int fd; int i, j; @@ -416,40 +416,39 @@ write_userconfig(char const * file) sbuf_clear(buf); switch (i) { case _UC_DEFAULTPWD: - sbuf_cat(buf, boolean_str(config.default_password)); + sbuf_cat(buf, boolean_str(cnf->default_password)); break; case _UC_REUSEUID: - sbuf_cat(buf, boolean_str(config.reuse_uids)); + sbuf_cat(buf, boolean_str(cnf->reuse_uids)); break; case _UC_REUSEGID: - sbuf_cat(buf, boolean_str(config.reuse_gids)); + sbuf_cat(buf, boolean_str(cnf->reuse_gids)); break; case _UC_NISPASSWD: - sbuf_cat(buf, config.nispasswd ? config.nispasswd : - ""); + sbuf_cat(buf, cnf->nispasswd ? cnf->nispasswd : ""); quote = 0; break; case _UC_DOTDIR: - sbuf_cat(buf, config.dotdir ? config.dotdir : + sbuf_cat(buf, cnf->dotdir ? cnf->dotdir : boolean_str(0)); break; case _UC_NEWMAIL: - sbuf_cat(buf, config.newmail ? config.newmail : + sbuf_cat(buf, cnf->newmail ? cnf->newmail : boolean_str(0)); break; case _UC_LOGFILE: - sbuf_cat(buf, config.logfile ? config.logfile : + sbuf_cat(buf, cnf->logfile ? cnf->logfile : boolean_str(0)); break; case _UC_HOMEROOT: - sbuf_cat(buf, config.home); + sbuf_cat(buf, cnf->home); break; case _UC_HOMEMODE: - sbuf_printf(buf, "%04o", config.homemode); + sbuf_printf(buf, "%04o", cnf->homemode); quote = 0; break; case _UC_SHELLPATH: - sbuf_cat(buf, config.shelldir); + sbuf_cat(buf, cnf->shelldir); break; case _UC_SHELLS: for (j = 0; j < _UC_MAXSHELLS && @@ -459,46 +458,46 @@ write_userconfig(char const * file) quote = 0; break; case _UC_DEFAULTSHELL: - sbuf_cat(buf, config.shell_default ? - config.shell_default : bourne_shell); + sbuf_cat(buf, cnf->shell_default ? + cnf->shell_default : bourne_shell); break; case _UC_DEFAULTGROUP: - sbuf_cat(buf, config.default_group ? - config.default_group : ""); + sbuf_cat(buf, cnf->default_group ? + cnf->default_group : ""); break; case _UC_EXTRAGROUPS: - for (j = 0; config.groups != NULL && - j < (int)config.groups->sl_cur; j++) + for (j = 0; cnf->groups != NULL && + j < (int)cnf->groups->sl_cur; j++) sbuf_printf(buf, "%s\"%s\"", j ? - "," : "", config.groups->sl_str[j]); + "," : "", cnf->groups->sl_str[j]); quote = 0; break; case _UC_DEFAULTCLASS: - sbuf_cat(buf, config.default_class ? - config.default_class : ""); + sbuf_cat(buf, cnf->default_class ? + cnf->default_class : ""); break; case _UC_MINUID: - sbuf_printf(buf, "%ju", (uintmax_t)config.min_uid); + sbuf_printf(buf, "%ju", (uintmax_t)cnf->min_uid); quote = 0; break; case _UC_MAXUID: - sbuf_printf(buf, "%ju", (uintmax_t)config.max_uid); + sbuf_printf(buf, "%ju", (uintmax_t)cnf->max_uid); quote = 0; break; case _UC_MINGID: - sbuf_printf(buf, "%ju", (uintmax_t)config.min_gid); + sbuf_printf(buf, "%ju", (uintmax_t)cnf->min_gid); quote = 0; break; case _UC_MAXGID: - sbuf_printf(buf, "%ju", (uintmax_t)config.max_gid); + sbuf_printf(buf, "%ju", (uintmax_t)cnf->max_gid); quote = 0; break; case _UC_EXPIRE: - sbuf_printf(buf, "%d", config.expire_days); + sbuf_printf(buf, "%ld", cnf->expire_days); quote = 0; break; case _UC_PASSWORD: - sbuf_printf(buf, "%d", config.password_days); + sbuf_printf(buf, "%ld", cnf->password_days); quote = 0; break; case _UC_NONE: diff --git a/pw/pw_group.c b/pw/pw_group.c index 3d5e70a..5ba5e39 100644 --- a/pw/pw_group.c +++ b/pw/pw_group.c @@ -31,47 +31,50 @@ static const char rcsid[] = #include #include +#include #include -#include +#include +#include #include +#include #include -#include -#include #include "pw.h" #include "bitmap.h" - static struct passwd *lookup_pwent(const char *user); static void delete_members(struct group *grp, char *list); -static int print_group(struct group * grp); -static gid_t gr_gidpolicy(struct userconf * cnf, long id); +static int print_group(struct group * grp, bool pretty); +static gid_t gr_gidpolicy(struct userconf * cnf, intmax_t id); static void -set_passwd(struct group *grp, bool update) +grp_set_passwd(struct group *grp, bool update, int fd, bool precrypted) { int b; int istty; struct termios t, n; char *p, line[256]; - if (conf.fd == '-') { + if (fd == -1) + return; + + if (fd == '-') { grp->gr_passwd = "*"; /* No access */ return; } - if ((istty = isatty(conf.fd))) { + if ((istty = isatty(fd))) { n = t; /* Disable echo */ n.c_lflag &= ~(ECHO); - tcsetattr(conf.fd, TCSANOW, &n); + tcsetattr(fd, TCSANOW, &n); printf("%sassword for group %s:", update ? "New p" : "P", grp->gr_name); fflush(stdout); } - b = read(conf.fd, line, sizeof(line) - 1); + b = read(fd, line, sizeof(line) - 1); if (istty) { /* Restore state */ - tcsetattr(conf.fd, TCSANOW, &t); + tcsetattr(fd, TCSANOW, &t); fputc('\n', stdout); fflush(stdout); } @@ -83,7 +86,7 @@ set_passwd(struct group *grp, bool update) if (!*line) errx(EX_DATAERR, "empty password read on file descriptor %d", conf.fd); - if (conf.precrypted) { + if (precrypted) { if (strchr(line, ':') != 0) errx(EX_DATAERR, "wrong encrypted passwrd"); grp->gr_passwd = line; @@ -103,193 +106,24 @@ pw_groupnext(struct userconf *cnf, bool quiet) return (EXIT_SUCCESS); } -static int -pw_groupshow(const char *name, long id, struct group *fakegroup) -{ - struct group *grp = NULL; - - if (id < 0 && name == NULL && !conf.all) - errx(EX_DATAERR, "groupname or id or '-a' required"); - - if (conf.all) { - SETGRENT(); - while ((grp = GETGRENT()) != NULL) - print_group(grp); - ENDGRENT(); - - return (EXIT_SUCCESS); - } - - grp = (name != NULL) ? GETGRNAM(name) : GETGRGID(id); - if (grp == NULL) { - if (conf.force) { - grp = fakegroup; - } else { - if (name == NULL) - errx(EX_DATAERR, "unknown gid `%ld'", id); - errx(EX_DATAERR, "unknown group `%s'", name); - } - } - - return (print_group(grp)); -} - -static int -pw_groupdel(const char *name, long id) +static struct group * +getgroup(char *name, intmax_t id, bool fatal) { - struct group *grp = NULL; - int rc; + struct group *grp; + if (id < 0 && name == NULL) + errx(EX_DATAERR, "groupname or id required"); grp = (name != NULL) ? GETGRNAM(name) : GETGRGID(id); if (grp == NULL) { + if (!fatal) + return (NULL); if (name == NULL) - errx(EX_DATAERR, "unknown gid `%ld'", id); + errx(EX_DATAERR, "unknown gid `%ju'", id); errx(EX_DATAERR, "unknown group `%s'", name); } - - rc = delgrent(grp); - if (rc == -1) - err(EX_IOERR, "group '%s' not available (NIS?)", name); - else if (rc != 0) - err(EX_IOERR, "group update"); - pw_log(conf.userconf, M_DELETE, W_GROUP, "%s(%ld) removed", name, id); - - return (EXIT_SUCCESS); + return (grp); } -int -pw_group(int mode, char *name, long id, struct cargs * args) -{ - int rc; - struct carg *arg; - struct group *grp = NULL; - struct userconf *cnf = conf.userconf; - - static struct group fakegroup = - { - "nogroup", - "*", - -1, - NULL - }; - - if (mode == M_NEXT) - return (pw_groupnext(cnf, conf.quiet)); - - if (mode == M_PRINT) - return (pw_groupshow(name, id, &fakegroup)); - - if (mode == M_DELETE) - return (pw_groupdel(name, id)); - - if (mode == M_LOCK || mode == M_UNLOCK) - errx(EX_USAGE, "'lock' command is not available for groups"); - - if (id < 0 && name == NULL) - errx(EX_DATAERR, "group name or id required"); - - grp = (name != NULL) ? GETGRNAM(name) : GETGRGID(id); - - if (mode == M_UPDATE) { - if (name == NULL && grp == NULL) /* Try harder */ - grp = GETGRGID(id); - - if (grp == NULL) { - if (name == NULL) - errx(EX_DATAERR, "unknown group `%s'", name); - else - errx(EX_DATAERR, "unknown group `%ld'", id); - } - if (name == NULL) /* Needed later */ - name = grp->gr_name; - - if (id > 0) - grp->gr_gid = (gid_t) id; - - if (conf.newname != NULL) - grp->gr_name = pw_checkname(conf.newname, 0); - } else { - if (name == NULL) /* Required */ - errx(EX_DATAERR, "group name required"); - else if (grp != NULL) /* Exists */ - errx(EX_DATAERR, "group name `%s' already exists", name); - - grp = &fakegroup; - grp->gr_name = pw_checkname(name, 0); - grp->gr_passwd = "*"; - grp->gr_gid = gr_gidpolicy(cnf, id); - grp->gr_mem = NULL; - } - - /* - * This allows us to set a group password Group passwords is an - * antique idea, rarely used and insecure (no secure database) Should - * be discouraged, but it is apparently still supported by some - * software. - */ - - if (conf.which == W_GROUP && conf.fd != -1) - set_passwd(grp, mode == M_UPDATE); - - if (((arg = getarg(args, 'M')) != NULL || - (arg = getarg(args, 'd')) != NULL || - (arg = getarg(args, 'm')) != NULL) && arg->val) { - char *p; - struct passwd *pwd; - - /* Make sure this is not stay NULL with -M "" */ - if (arg->ch == 'd') - delete_members(grp, arg->val); - else if (arg->ch == 'M') - grp->gr_mem = NULL; - - for (p = strtok(arg->val, ", \t"); arg->ch != 'd' && p != NULL; - p = strtok(NULL, ", \t")) { - int j; - - /* - * Check for duplicates - */ - pwd = lookup_pwent(p); - for (j = 0; grp->gr_mem != NULL && grp->gr_mem[j] != NULL; j++) { - if (strcmp(grp->gr_mem[j], pwd->pw_name) == 0) - break; - } - if (grp->gr_mem != NULL && grp->gr_mem[j] != NULL) - continue; - grp = gr_add(grp, pwd->pw_name); - } - } - - if (conf.dryrun) - return print_group(grp); - - if (mode == M_ADD && (rc = addgrent(grp)) != 0) { - if (rc == -1) - errx(EX_IOERR, "group '%s' already exists", - grp->gr_name); - else - err(EX_IOERR, "group update"); - } else if (mode == M_UPDATE && (rc = chggrent(name, grp)) != 0) { - if (rc == -1) - errx(EX_IOERR, "group '%s' not available (NIS?)", - grp->gr_name); - else - err(EX_IOERR, "group update"); - } - - if (conf.newname != NULL) - name = conf.newname; - /* grp may have been invalidated */ - if ((grp = GETGRNAM(name)) == NULL) - errx(EX_SOFTWARE, "group disappeared during update"); - - pw_log(cnf, mode, W_GROUP, "%s(%ju)", grp->gr_name, (uintmax_t)grp->gr_gid); - - return EXIT_SUCCESS; -} - - /* * Lookup a passwd entry using a name or UID. */ @@ -332,11 +166,11 @@ delete_members(struct group *grp, char *list) } } - -static gid_t -gr_gidpolicy(struct userconf * cnf, long id) +static gid_t +gr_gidpolicy(struct userconf * cnf, intmax_t id) { struct group *grp; + struct bitmap bm; gid_t gid = (gid_t) - 1; /* @@ -347,66 +181,59 @@ gr_gidpolicy(struct userconf * cnf, long id) if ((grp = GETGRGID(gid)) != NULL && conf.checkduplicate) errx(EX_DATAERR, "gid `%ju' has already been allocated", (uintmax_t)grp->gr_gid); - } else { - struct bitmap bm; - - /* - * We need to allocate the next available gid under one of - * two policies a) Grab the first unused gid b) Grab the - * highest possible unused gid - */ - if (cnf->min_gid >= cnf->max_gid) { /* Sanity claus^H^H^H^Hheck */ - cnf->min_gid = 1000; - cnf->max_gid = 32000; - } - bm = bm_alloc(cnf->max_gid - cnf->min_gid + 1); + return (gid); + } - /* - * Now, let's fill the bitmap from the password file - */ - SETGRENT(); - while ((grp = GETGRENT()) != NULL) - if ((gid_t)grp->gr_gid >= (gid_t)cnf->min_gid && - (gid_t)grp->gr_gid <= (gid_t)cnf->max_gid) - bm_setbit(&bm, grp->gr_gid - cnf->min_gid); - ENDGRENT(); + /* + * We need to allocate the next available gid under one of + * two policies a) Grab the first unused gid b) Grab the + * highest possible unused gid + */ + if (cnf->min_gid >= cnf->max_gid) { /* Sanity claus^H^H^H^Hheck */ + cnf->min_gid = 1000; + cnf->max_gid = 32000; + } + bm = bm_alloc(cnf->max_gid - cnf->min_gid + 1); - /* - * Then apply the policy, with fallback to reuse if necessary - */ - if (cnf->reuse_gids) - gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid); - else { - gid = (gid_t) (bm_lastset(&bm) + 1); - if (!bm_isset(&bm, gid)) - gid += cnf->min_gid; - else - gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid); - } + /* + * Now, let's fill the bitmap from the password file + */ + SETGRENT(); + while ((grp = GETGRENT()) != NULL) + if ((gid_t)grp->gr_gid >= (gid_t)cnf->min_gid && + (gid_t)grp->gr_gid <= (gid_t)cnf->max_gid) + bm_setbit(&bm, grp->gr_gid - cnf->min_gid); + ENDGRENT(); - /* - * Another sanity check - */ - if (gid < cnf->min_gid || gid > cnf->max_gid) - errx(EX_SOFTWARE, "unable to allocate a new gid - range fully used"); - bm_dealloc(&bm); + /* + * Then apply the policy, with fallback to reuse if necessary + */ + if (cnf->reuse_gids) + gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid); + else { + gid = (gid_t) (bm_lastset(&bm) + 1); + if (!bm_isset(&bm, gid)) + gid += cnf->min_gid; + else + gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid); } - return gid; -} + /* + * Another sanity check + */ + if (gid < cnf->min_gid || gid > cnf->max_gid) + errx(EX_SOFTWARE, "unable to allocate a new gid - range fully used"); + bm_dealloc(&bm); + return (gid); +} static int -print_group(struct group * grp) +print_group(struct group * grp, bool pretty) { - if (!conf.pretty) { - char *buf = NULL; - - buf = gr_make(grp); - printf("%s\n", buf); - free(buf); - } else { - int i; + char *buf = NULL; + int i; + if (pretty) { printf("Group Name: %-15s #%lu\n" " Members: ", grp->gr_name, (long) grp->gr_gid); @@ -415,6 +242,444 @@ print_group(struct group * grp) printf("%s%s", i ? "," : "", grp->gr_mem[i]); } fputs("\n\n", stdout); + return (EXIT_SUCCESS); + } + + buf = gr_make(grp); + printf("%s\n", buf); + free(buf); + return (EXIT_SUCCESS); +} + +int +pw_group_next(int argc, char **argv, char *arg1 __unused) +{ + struct userconf *cnf; + const char *cfg = NULL; + int ch; + bool quiet; + + while ((ch = getopt(argc, argv, "Cq")) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet = true; + break; + } } - return EXIT_SUCCESS; + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + cnf = get_userconfig(cfg); + return (pw_groupnext(cnf, quiet)); +} + +int +pw_group_show(int argc, char **argv, char *arg1) +{ + struct group *grp = NULL; + char *name; + intmax_t id = -1; + int ch; + bool all, force, quiet, pretty; + + all = force = quiet = pretty = false; + + struct group fakegroup = { + "nogroup", + "*", + -1, + NULL + }; + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, GID_MAX); + else + name = arg1; + } + + while ((ch = getopt(argc, argv, "C:qn:g:FPa")) != -1) { + switch (ch) { + case 'C': + /* ignore compatibility */ + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'g': + id = pw_checkid(optarg, GID_MAX); + break; + case 'F': + force = true; + break; + case 'P': + pretty = true; + break; + case 'a': + all = true; + break; + } + } + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + + if (all) { + SETGRENT(); + while ((grp = GETGRENT()) != NULL) + print_group(grp, pretty); + ENDGRENT(); + return (EXIT_SUCCESS); + } + + grp = getgroup(name, id, !force); + if (grp == NULL) + grp = &fakegroup; + + return (print_group(grp, pretty)); +} + +int +pw_group_del(int argc, char **argv, char *arg1) +{ + struct userconf *cnf = NULL; + struct group *grp = NULL; + char *name; + const char *cfg = NULL; + intmax_t id = -1; + int ch, rc; + bool quiet = false; + bool nis = false; + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, GID_MAX); + else + name = arg1; + } + + while ((ch = getopt(argc, argv, "C:qn:g:Y")) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'g': + id = pw_checkid(optarg, GID_MAX); + break; + case 'Y': + nis = true; + break; + } + } + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + grp = getgroup(name, id, true); + cnf = get_userconfig(cfg); + rc = delgrent(grp); + if (rc == -1) + err(EX_IOERR, "group '%s' not available (NIS?)", name); + else if (rc != 0) + err(EX_IOERR, "group update"); + pw_log(cnf, M_DELETE, W_GROUP, "%s(%ju) removed", name, + (uintmax_t)id); + + if (nis && nis_update() == 0) + pw_log(cnf, M_DELETE, W_GROUP, "NIS maps updated"); + + return (EXIT_SUCCESS); +} + +static bool +grp_has_member(struct group *grp, const char *name) +{ + int j; + + for (j = 0; grp->gr_mem != NULL && grp->gr_mem[j] != NULL; j++) + if (strcmp(grp->gr_mem[j], name) == 0) + return (true); + return (false); +} + +static void +grp_add_members(struct group **grp, char *members) +{ + struct passwd *pwd; + char *p; + char tok[] = ", \t"; + + if (members == NULL) + return; + for (p = strtok(members, tok); p != NULL; p = strtok(NULL, tok)) { + pwd = lookup_pwent(p); + if (grp_has_member(*grp, pwd->pw_name)) + continue; + *grp = gr_add(*grp, pwd->pw_name); + } +} + +int +groupadd(struct userconf *cnf, char *name, gid_t id, char *members, int fd, + bool dryrun, bool pretty, bool precrypted) +{ + struct group *grp; + int rc; + + struct group fakegroup = { + "nogroup", + "*", + -1, + NULL + }; + + grp = &fakegroup; + grp->gr_name = pw_checkname(name, 0); + grp->gr_passwd = "*"; + grp->gr_gid = gr_gidpolicy(cnf, id); + grp->gr_mem = NULL; + + /* + * This allows us to set a group password Group passwords is an + * antique idea, rarely used and insecure (no secure database) Should + * be discouraged, but it is apparently still supported by some + * software. + */ + grp_set_passwd(grp, false, fd, precrypted); + grp_add_members(&grp, members); + if (dryrun) + return (print_group(grp, pretty)); + + if ((rc = addgrent(grp)) != 0) { + if (rc == -1) + errx(EX_IOERR, "group '%s' already exists", + grp->gr_name); + else + err(EX_IOERR, "group update"); + } + + pw_log(cnf, M_ADD, W_GROUP, "%s(%ju)", grp->gr_name, + (uintmax_t)grp->gr_gid); + + return (EXIT_SUCCESS); +} + +int +pw_group_add(int argc, char **argv, char *arg1) +{ + struct userconf *cnf = NULL; + char *name = NULL; + char *members = NULL; + const char *cfg = NULL; + intmax_t id = -1; + int ch, rc, fd = -1; + bool quiet, precrypted, dryrun, pretty, nis; + + quiet = precrypted = dryrun = pretty = nis = false; + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, GID_MAX); + else + name = arg1; + } + + while ((ch = getopt(argc, argv, "C:qn:g:h:H:M:oNPY")) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'g': + id = pw_checkid(optarg, GID_MAX); + break; + case 'H': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + precrypted = true; + if (fd == '-') + errx(EX_USAGE, "-H expects a file descriptor"); + break; + case 'h': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + break; + case 'M': + members = optarg; + break; + case 'o': + conf.checkduplicate = false; + break; + case 'N': + dryrun = true; + break; + case 'P': + pretty = true; + break; + case 'Y': + nis = true; + break; + } + } + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + if (name == NULL) + errx(EX_DATAERR, "group name required"); + cnf = get_userconfig(cfg); + rc = groupadd(cnf, name, gr_gidpolicy(cnf, id), members, fd, dryrun, + pretty, precrypted); + if (nis && rc == EXIT_SUCCESS && nis_update() == 0) + pw_log(cnf, M_ADD, W_GROUP, "NIS maps updated"); + + return (rc); +} + +int +pw_group_mod(int argc, char **argv, char *arg1) +{ + struct userconf *cnf; + struct group *grp = NULL; + const char *cfg = NULL; + char *oldmembers = NULL; + char *members = NULL; + char *newmembers = NULL; + char *newname = NULL; + char *name = NULL; + intmax_t id = -1; + int ch, rc, fd = -1; + bool quiet, pretty, dryrun, nis, precrypted; + + quiet = pretty = dryrun = nis = precrypted = false; + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, GID_MAX); + else + name = arg1; + } + + while ((ch = getopt(argc, argv, "C:qn:d:g:l:h:H:M:m:NPY")) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'g': + id = pw_checkid(optarg, GID_MAX); + break; + case 'd': + oldmembers = optarg; + break; + case 'l': + newname = optarg; + break; + case 'H': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + precrypted = true; + if (fd == '-') + errx(EX_USAGE, "-H expects a file descriptor"); + break; + case 'h': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + break; + case 'M': + members = optarg; + break; + case 'm': + newmembers = optarg; + break; + case 'N': + dryrun = true; + break; + case 'P': + pretty = true; + break; + case 'Y': + nis = true; + break; + } + } + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + cnf = get_userconfig(cfg); + grp = getgroup(name, id, true); + if (name == NULL) + name = grp->gr_name; + if (id > 0) + grp->gr_gid = id; + + if (newname != NULL) + grp->gr_name = pw_checkname(newname, 0); + + grp_set_passwd(grp, true, fd, precrypted); + /* + * Keep the same logic as old code for now: + * if -M is passed, -d and -m are ignored + * then id -d, -m is ignored + * last is -m + */ + + if (members) { + grp->gr_mem = NULL; + grp_add_members(&grp, members); + } else if (oldmembers) { + delete_members(grp, oldmembers); + } else if (newmembers) { + grp_add_members(&grp, newmembers); + } + + if ((rc = chggrent(name, grp)) != 0) { + if (rc == -1) + errx(EX_IOERR, "group '%s' not available (NIS?)", + grp->gr_name); + else + err(EX_IOERR, "group update"); + } + + if (newname) + name = newname; + + /* grp may have been invalidated */ + if ((grp = GETGRNAM(name)) == NULL) + errx(EX_SOFTWARE, "group disappeared during update"); + + pw_log(cnf, M_UPDATE, W_GROUP, "%s(%ju)", grp->gr_name, + (uintmax_t)grp->gr_gid); + + if (nis && nis_update() == 0) + pw_log(cnf, M_UPDATE, W_GROUP, "NIS maps updated"); + + return (EXIT_SUCCESS); } diff --git a/pw/pw_nis.c b/pw/pw_nis.c index c786cc7..6697835 100644 --- a/pw/pw_nis.c +++ b/pw/pw_nis.c @@ -43,6 +43,7 @@ pw_nisupdate(const char * path, struct passwd * pwd, char const * user) struct passwd *pw = NULL; struct passwd *old_pw = NULL; + printf("===> %s\n", path); if (pwd != NULL) pw = pw_dup(pwd); diff --git a/pw/pw_user.c b/pw/pw_user.c index eca8235..8ff4159 100644 --- a/pw/pw_user.c +++ b/pw/pw_user.c @@ -52,42 +52,53 @@ static const char rcsid[] = static char locked_str[] = "*LOCKED*"; -static int pw_userdel(char *name, long id); -static int print_user(struct passwd * pwd); -static uid_t pw_uidpolicy(struct userconf * cnf, long id); -static uid_t pw_gidpolicy(struct cargs * args, char *nam, gid_t prefer); -static time_t pw_pwdpolicy(struct userconf * cnf, struct cargs * args); -static time_t pw_exppolicy(struct userconf * cnf, struct cargs * args); -static char *pw_homepolicy(struct userconf * cnf, struct cargs * args, char const * user); -static char *pw_shellpolicy(struct userconf * cnf, struct cargs * args, char *newshell); -static char *pw_password(struct userconf * cnf, char const * user); -static char *shell_path(char const * path, char *shells[], char *sh); -static void rmat(uid_t uid); -static void rmopie(char const * name); +static struct passwd fakeuser = { + "nouser", + "*", + -1, + -1, + 0, + "", + "User &", + "/nonexistent", + "/bin/sh", + 0, + 0 +}; + +static int print_user(struct passwd *pwd, bool pretty, bool v7); +static uid_t pw_uidpolicy(struct userconf *cnf, intmax_t id); +static uid_t pw_gidpolicy(struct userconf *cnf, char *grname, char *nam, + gid_t prefer, bool dryrun); +static char *pw_homepolicy(struct userconf * cnf, char *homedir, + const char *user); +static char *pw_shellpolicy(struct userconf * cnf); +static char *pw_password(struct userconf * cnf, char const * user, + bool dryrun); +static char *shell_path(char const * path, char *shells[], char *sh); +static void rmat(uid_t uid); +static void rmopie(char const * name); static void -create_and_populate_homedir(struct passwd *pwd) +create_and_populate_homedir(struct userconf *cnf, struct passwd *pwd, + const char *skeldir, mode_t homemode, bool update) { - struct userconf *cnf = conf.userconf; - const char *skeldir; int skelfd = -1; - skeldir = cnf->dotdir; - if (skeldir != NULL && *skeldir != '\0') { if (*skeldir == '/') skeldir++; skelfd = openat(conf.rootfd, skeldir, O_DIRECTORY|O_CLOEXEC); } - copymkdir(conf.rootfd, pwd->pw_dir, skelfd, cnf->homemode, pwd->pw_uid, + copymkdir(conf.rootfd, pwd->pw_dir, skelfd, homemode, pwd->pw_uid, pwd->pw_gid, 0); - pw_log(cnf, M_ADD, W_USER, "%s(%ju) home %s made", pwd->pw_name, - (uintmax_t)pwd->pw_uid, pwd->pw_dir); + pw_log(cnf, update ? M_UPDATE : M_ADD, W_USER, "%s(%ju) home %s made", + pwd->pw_name, (uintmax_t)pwd->pw_uid, pwd->pw_dir); } static int -set_passwd(struct passwd *pwd, bool update) +pw_set_passwd(struct passwd *pwd, int fd, bool precrypted, bool update) { int b, istty; struct termios t, n; @@ -95,7 +106,7 @@ set_passwd(struct passwd *pwd, bool update) char line[_PASSWORD_LEN+1]; char *p; - if (conf.fd == '-') { + if (fd == '-') { if (!pwd->pw_passwd || *pwd->pw_passwd != '*') { pwd->pw_passwd = "*"; /* No access */ return (1); @@ -103,40 +114,40 @@ set_passwd(struct passwd *pwd, bool update) return (0); } - if ((istty = isatty(conf.fd))) { - if (tcgetattr(conf.fd, &t) == -1) + if ((istty = isatty(fd))) { + if (tcgetattr(fd, &t) == -1) istty = 0; else { n = t; n.c_lflag &= ~(ECHO); - tcsetattr(conf.fd, TCSANOW, &n); + tcsetattr(fd, TCSANOW, &n); printf("%s%spassword for user %s:", update ? "new " : "", - conf.precrypted ? "encrypted " : "", + precrypted ? "encrypted " : "", pwd->pw_name); fflush(stdout); } } - b = read(conf.fd, line, sizeof(line) - 1); + b = read(fd, line, sizeof(line) - 1); if (istty) { /* Restore state */ - tcsetattr(conf.fd, TCSANOW, &t); + tcsetattr(fd, TCSANOW, &t); fputc('\n', stdout); fflush(stdout); } if (b < 0) err(EX_IOERR, "-%c file descriptor", - conf.precrypted ? 'H' : 'h'); + precrypted ? 'H' : 'h'); line[b] = '\0'; if ((p = strpbrk(line, "\r\n")) != NULL) *p = '\0'; if (!*line) errx(EX_DATAERR, "empty password read on file descriptor %d", - conf.fd); - if (conf.precrypted) { + fd); + if (precrypted) { if (strchr(line, ':') != NULL) errx(EX_DATAERR, "bad encrypted password"); - pwd->pw_passwd = line; + pwd->pw_passwd = strdup(line); } else { lc = login_getpwclass(pwd); if (lc == NULL || @@ -148,54 +159,15 @@ set_passwd(struct passwd *pwd, bool update) return (1); } -int -pw_usernext(struct userconf *cnf, bool quiet) -{ - uid_t next = pw_uidpolicy(cnf, -1); - - if (quiet) - return (next); - - printf("%ju:", (uintmax_t)next); - pw_groupnext(cnf, quiet); - - return (EXIT_SUCCESS); -} - -static int -pw_usershow(char *name, long id, struct passwd *fakeuser) -{ - struct passwd *pwd = NULL; - - if (id < 0 && name == NULL && !conf.all) - errx(EX_DATAERR, "username or id or '-a' required"); - - if (conf.all) { - SETPWENT(); - while ((pwd = GETPWENT()) != NULL) - print_user(pwd); - ENDPWENT(); - return (EXIT_SUCCESS); - } - - pwd = (name != NULL) ? GETPWNAM(pw_checkname(name, 0)) : GETPWUID(id); - if (pwd == NULL) { - if (conf.force) { - pwd = fakeuser; - } else { - if (name == NULL) - errx(EX_NOUSER, "no such uid `%ld'", id); - errx(EX_NOUSER, "no such user `%s'", name); - } - } - - return (print_user(pwd)); -} - static void -perform_chgpwent(const char *name, struct passwd *pwd) +perform_chgpwent(const char *name, struct passwd *pwd, char *nispasswd) { int rc; + struct passwd *nispwd; + + /* duplicate for nis so that chgpwent is not modifying before NIS */ + if (nispasswd && *nispasswd == '/') + nispwd = pw_dup(pwd); rc = chgpwent(name, pwd); if (rc == -1) @@ -203,8 +175,8 @@ perform_chgpwent(const char *name, struct passwd *pwd) else if (rc != 0) err(EX_IOERR, "passwd file update"); - if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/') { - rc = chgnispwent(conf.userconf->nispasswd, name, pwd); + if (nispasswd && *nispasswd == '/') { + rc = chgnispwent(nispasswd, name, nispwd); if (rc == -1) warn("User '%s' not found in NIS passwd", pwd->pw_name); else if (rc != 0) @@ -223,19 +195,29 @@ perform_chgpwent(const char *name, struct passwd *pwd) * that is a known limitation. */ static int -pw_userlock(char *name, long id, int mode) +pw_userlock(char *arg1, int mode) { struct passwd *pwd = NULL; char *passtmp = NULL; + char *name; bool locked = false; + uid_t id; - if (id < 0 && name == NULL) + if (geteuid() != 0) + errx(EX_NOPERM, "you must be root"); + + if (arg1 == NULL) errx(EX_DATAERR, "username or id required"); + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, UID_MAX); + else + name = arg1; + pwd = (name != NULL) ? GETPWNAM(pw_checkname(name, 0)) : GETPWUID(id); if (pwd == NULL) { if (name == NULL) - errx(EX_NOUSER, "no such uid `%ld'", id); + errx(EX_NOUSER, "no such uid `%ju'", (uintmax_t) id); errx(EX_NOUSER, "no such user `%s'", name); } @@ -258,470 +240,1088 @@ pw_userlock(char *name, long id, int mode) pwd->pw_passwd += sizeof(locked_str)-1; } - perform_chgpwent(name, pwd); + perform_chgpwent(name, pwd, NULL); free(passtmp); return (EXIT_SUCCESS); } -/*- - * -C config configuration file - * -q quiet operation - * -n name login name - * -u uid user id - * -c comment user name/comment - * -d directory home directory - * -e date account expiry date - * -p date password expiry date - * -g grp primary group - * -G grp1,grp2 additional groups - * -m [ -k dir ] create and set up home - * -s shell name of login shell - * -o duplicate uid ok - * -L class user class - * -l name new login name - * -h fd password filehandle - * -H fd encrypted password filehandle - * -F force print or add - * Setting defaults: - * -D set user defaults - * -b dir default home root dir - * -e period default expiry period - * -p period default password change period - * -g group default group - * -G grp1,grp2.. default additional groups - * -L class default login class - * -k dir default home skeleton - * -s shell default shell - * -w method default password method - */ - -int -pw_user(int mode, char *name, long id, struct cargs * args) +static uid_t +pw_uidpolicy(struct userconf * cnf, intmax_t id) { - int rc, edited = 0; - char *p = NULL; - struct carg *arg; - struct passwd *pwd = NULL; - struct group *grp; - struct stat st; - struct userconf *cnf; - char line[_PASSWORD_LEN+1]; - char path[MAXPATHLEN]; - FILE *fp; - char *dmode_c; - void *set = NULL; - int valid_type = _PWF_FILES; - - static struct passwd fakeuser = - { - "nouser", - "*", - -1, - -1, - 0, - "", - "User &", - "/nonexistent", - "/bin/sh", - 0 -#if defined(__FreeBSD__) - ,0 -#endif - }; - - cnf = conf.userconf; - - if (mode == M_NEXT) - return (pw_usernext(cnf, conf.quiet)); - - if (mode == M_PRINT) - return (pw_usershow(name, id, &fakeuser)); - - if (mode == M_DELETE) - return (pw_userdel(name, id)); - - if (mode == M_LOCK || mode == M_UNLOCK) - return (pw_userlock(name, id, mode)); + struct passwd *pwd; + struct bitmap bm; + uid_t uid = (uid_t) - 1; /* - * We can do all of the common legwork here + * Check the given uid, if any */ + if (id >= 0) { + uid = (uid_t) id; - if ((arg = getarg(args, 'b')) != NULL) { - cnf->home = arg->val; + if ((pwd = GETPWUID(uid)) != NULL && conf.checkduplicate) + errx(EX_DATAERR, "uid `%ju' has already been allocated", + (uintmax_t)pwd->pw_uid); + return (uid); } - - if ((arg = getarg(args, 'M')) != NULL) { - dmode_c = arg->val; - if ((set = setmode(dmode_c)) == NULL) - errx(EX_DATAERR, "invalid directory creation mode '%s'", - dmode_c); - cnf->homemode = getmode(set, _DEF_DIRMODE); - free(set); + /* + * We need to allocate the next available uid under one of + * two policies a) Grab the first unused uid b) Grab the + * highest possible unused uid + */ + if (cnf->min_uid >= cnf->max_uid) { /* Sanity + * claus^H^H^H^Hheck */ + cnf->min_uid = 1000; + cnf->max_uid = 32000; } + bm = bm_alloc(cnf->max_uid - cnf->min_uid + 1); /* - * If we'll need to use it or we're updating it, - * then create the base home directory if necessary + * Now, let's fill the bitmap from the password file */ - if (arg != NULL || getarg(args, 'm') != NULL) { - int l = strlen(cnf->home); + SETPWENT(); + while ((pwd = GETPWENT()) != NULL) + if (pwd->pw_uid >= (uid_t) cnf->min_uid && pwd->pw_uid <= (uid_t) cnf->max_uid) + bm_setbit(&bm, pwd->pw_uid - cnf->min_uid); + ENDPWENT(); - if (l > 1 && cnf->home[l-1] == '/') /* Shave off any trailing path delimiter */ - cnf->home[--l] = '\0'; + /* + * Then apply the policy, with fallback to reuse if necessary + */ + if (cnf->reuse_uids || (uid = (uid_t) (bm_lastset(&bm) + cnf->min_uid + 1)) > cnf->max_uid) + uid = (uid_t) (bm_firstunset(&bm) + cnf->min_uid); - if (l < 2 || *cnf->home != '/') /* Check for absolute path name */ - errx(EX_DATAERR, "invalid base directory for home '%s'", cnf->home); + /* + * Another sanity check + */ + if (uid < cnf->min_uid || uid > cnf->max_uid) + errx(EX_SOFTWARE, "unable to allocate a new uid - range fully used"); + bm_dealloc(&bm); + return (uid); +} - if (stat(cnf->home, &st) == -1) { - char dbuf[MAXPATHLEN]; +static uid_t +pw_gidpolicy(struct userconf *cnf, char *grname, char *nam, gid_t prefer, bool dryrun) +{ + struct group *grp; + gid_t gid = (uid_t) - 1; - /* - * This is a kludge especially for Joerg :) - * If the home directory would be created in the root partition, then - * we really create it under /usr which is likely to have more space. - * But we create a symlink from cnf->home -> "/usr" -> cnf->home - */ - if (strchr(cnf->home+1, '/') == NULL) { - snprintf(dbuf, MAXPATHLEN, "/usr%s", cnf->home); - if (mkdir(dbuf, _DEF_DIRMODE) != -1 || errno == EEXIST) { - chown(dbuf, 0, 0); - /* - * Skip first "/" and create symlink: - * /home -> usr/home - */ - symlink(dbuf+1, cnf->home); - } - /* If this falls, fall back to old method */ - } - strlcpy(dbuf, cnf->home, sizeof(dbuf)); - p = dbuf; - if (stat(dbuf, &st) == -1) { - while ((p = strchr(p + 1, '/')) != NULL) { - *p = '\0'; - if (stat(dbuf, &st) == -1) { - if (mkdir(dbuf, _DEF_DIRMODE) == -1) - err(EX_OSFILE, "mkdir '%s'", dbuf); - chown(dbuf, 0, 0); - } else if (!S_ISDIR(st.st_mode)) - errx(EX_OSFILE, "'%s' (root home parent) is not a directory", dbuf); - *p = '/'; - } - } - if (stat(dbuf, &st) == -1) { - if (mkdir(dbuf, _DEF_DIRMODE) == -1) - err(EX_OSFILE, "mkdir '%s'", dbuf); - chown(dbuf, 0, 0); - } - } else if (!S_ISDIR(st.st_mode)) - errx(EX_OSFILE, "root home `%s' is not a directory", cnf->home); + /* + * Check the given gid, if any + */ + SETGRENT(); + if (grname) { + if ((grp = GETGRNAM(grname)) == NULL) { + gid = pw_checkid(grname, GID_MAX); + grp = GETGRGID(gid); + } + gid = grp->gr_gid; + } else if ((grp = GETGRNAM(nam)) != NULL && + (grp->gr_mem == NULL || grp->gr_mem[0] == NULL)) { + gid = grp->gr_gid; /* Already created? Use it anyway... */ + } else { + intmax_t grid = -1; + + /* + * We need to auto-create a group with the user's name. We + * can send all the appropriate output to our sister routine + * bit first see if we can create a group with gid==uid so we + * can keep the user and group ids in sync. We purposely do + * NOT check the gid range if we can force the sync. If the + * user's name dups an existing group, then the group add + * function will happily handle that case for us and exit. + */ + if (GETGRGID(prefer) == NULL) + grid = prefer; + if (dryrun) { + gid = pw_groupnext(cnf, true); + } else { + if (grid == -1) + grid = pw_groupnext(cnf, true); + groupadd(cnf, nam, grid, NULL, -1, false, false, false); + if ((grp = GETGRNAM(nam)) != NULL) + gid = grp->gr_gid; + } } + ENDGRENT(); + return (gid); +} - if ((arg = getarg(args, 'e')) != NULL) - cnf->expire_days = atoi(arg->val); +static char * +pw_homepolicy(struct userconf * cnf, char *homedir, const char *user) +{ + static char home[128]; - if ((arg = getarg(args, 'y')) != NULL) - cnf->nispasswd = arg->val; + if (homedir) + return (homedir); - if ((arg = getarg(args, 'p')) != NULL && arg->val) - cnf->password_days = atoi(arg->val); + if (cnf->home == NULL || *cnf->home == '\0') + errx(EX_CONFIG, "no base home directory set"); + snprintf(home, sizeof(home), "%s/%s", cnf->home, user); - if ((arg = getarg(args, 'g')) != NULL) { - if (!*(p = arg->val)) /* Handle empty group list specially */ - cnf->default_group = ""; - else { - if ((grp = GETGRNAM(p)) == NULL) { - if (!isdigit((unsigned char)*p) || (grp = GETGRGID((gid_t) atoi(p))) == NULL) - errx(EX_NOUSER, "group `%s' does not exist", p); - } - cnf->default_group = newstr(grp->gr_name); - } - } - if ((arg = getarg(args, 'L')) != NULL) - cnf->default_class = pw_checkname(arg->val, 0); + return (home); +} - if ((arg = getarg(args, 'G')) != NULL && arg->val) { - for (p = strtok(arg->val, ", \t"); p != NULL; p = strtok(NULL, ", \t")) { - if ((grp = GETGRNAM(p)) == NULL) { - if (!isdigit((unsigned char)*p) || (grp = GETGRGID((gid_t) atoi(p))) == NULL) - errx(EX_NOUSER, "group `%s' does not exist", p); - } - sl_add(cnf->groups, newstr(grp->gr_name)); - } - } +static char * +shell_path(char const * path, char *shells[], char *sh) +{ + if (sh != NULL && (*sh == '/' || *sh == '\0')) + return sh; /* specified full path or forced none */ + else { + char *p; + char paths[_UC_MAXLINE]; + + /* + * We need to search paths + */ + strlcpy(paths, path, sizeof(paths)); + for (p = strtok(paths, ": \t\r\n"); p != NULL; p = strtok(NULL, ": \t\r\n")) { + int i; + static char shellpath[256]; - if ((arg = getarg(args, 'k')) != NULL) { - char *tmp = cnf->dotdir = arg->val; - if (*tmp == '/') - tmp++; - if ((fstatat(conf.rootfd, tmp, &st, 0) == -1) || - !S_ISDIR(st.st_mode)) - errx(EX_OSFILE, "skeleton `%s' is not a directory or " - "does not exist", cnf->dotdir); + if (sh != NULL) { + snprintf(shellpath, sizeof(shellpath), "%s/%s", p, sh); + if (access(shellpath, X_OK) == 0) + return shellpath; + } else + for (i = 0; i < _UC_MAXSHELLS && shells[i] != NULL; i++) { + snprintf(shellpath, sizeof(shellpath), "%s/%s", p, shells[i]); + if (access(shellpath, X_OK) == 0) + return shellpath; + } + } + if (sh == NULL) + errx(EX_OSFILE, "can't find shell `%s' in shell paths", sh); + errx(EX_CONFIG, "no default shell available or defined"); + return NULL; } +} - if ((arg = getarg(args, 's')) != NULL) - cnf->shell_default = arg->val; +static char * +pw_shellpolicy(struct userconf * cnf) +{ - if ((arg = getarg(args, 'w')) != NULL) - cnf->default_password = boolean_val(arg->val, cnf->default_password); - if (mode == M_ADD && getarg(args, 'D')) { - if (name != NULL) - errx(EX_DATAERR, "can't combine `-D' with `-n name'"); - if ((arg = getarg(args, 'u')) != NULL && (p = strtok(arg->val, ", \t")) != NULL) { - if ((cnf->min_uid = (uid_t) atoi(p)) == 0) - cnf->min_uid = 1000; - if ((p = strtok(NULL, " ,\t")) == NULL || (cnf->max_uid = (uid_t) atoi(p)) < cnf->min_uid) - cnf->max_uid = 32000; - } - if ((arg = getarg(args, 'i')) != NULL && (p = strtok(arg->val, ", \t")) != NULL) { - if ((cnf->min_gid = (gid_t) atoi(p)) == 0) - cnf->min_gid = 1000; - if ((p = strtok(NULL, " ,\t")) == NULL || (cnf->max_gid = (gid_t) atoi(p)) < cnf->min_gid) - cnf->max_gid = 32000; - } + return shell_path(cnf->shelldir, cnf->shells, cnf->shell_default); +} - if (write_userconfig(conf.config)) - return (EXIT_SUCCESS); - err(EX_IOERR, "config udpate"); - } +#define SALTSIZE 32 - if (name != NULL) - pwd = GETPWNAM(pw_checkname(name, 0)); +static char const chars[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ./"; - if (id < 0 && name == NULL) - errx(EX_DATAERR, "user name or id required"); +char * +pw_pwcrypt(char *password) +{ + int i; + char salt[SALTSIZE + 1]; + char *cryptpw; + static char buf[256]; /* - * Update require that the user exists + * Calculate a salt value */ - if (mode == M_UPDATE) { - - if (name == NULL && pwd == NULL) /* Try harder */ - pwd = GETPWUID(id); - - if (pwd == NULL) { - if (name == NULL) - errx(EX_NOUSER, "no such uid `%ld'", id); - errx(EX_NOUSER, "no such user `%s'", name); - } + for (i = 0; i < SALTSIZE; i++) + salt[i] = chars[arc4random_uniform(sizeof(chars) - 1)]; + salt[SALTSIZE] = '\0'; - if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/') - valid_type = _PWF_NIS; + cryptpw = crypt(password, salt); + if (cryptpw == NULL) + errx(EX_CONFIG, "crypt(3) failure"); + return strcpy(buf, cryptpw); +} - if (PWF._altdir == PWF_REGULAR && - ((pwd->pw_fields & _PWF_SOURCE) != valid_type)) - errx(EX_NOUSER, "no such %s user `%s'", - valid_type == _PWF_FILES ? "local" : "NIS" , name); +static char * +pw_password(struct userconf * cnf, char const * user, bool dryrun) +{ + int i, l; + char pwbuf[32]; - if (name == NULL) - name = pwd->pw_name; + switch (cnf->default_password) { + case -1: /* Random password */ + l = (arc4random() % 8 + 8); /* 8 - 16 chars */ + for (i = 0; i < l; i++) + pwbuf[i] = chars[arc4random_uniform(sizeof(chars)-1)]; + pwbuf[i] = '\0'; /* - * The rest is edit code + * We give this information back to the user */ - if (conf.newname != NULL) { - if (strcmp(pwd->pw_name, "root") == 0) - errx(EX_DATAERR, "can't rename `root' account"); - pwd->pw_name = pw_checkname(conf.newname, 0); - edited = 1; - } - - if (id > 0 && isdigit((unsigned char)*arg->val)) { - pwd->pw_uid = (uid_t)id; - edited = 1; - if (pwd->pw_uid != 0 && strcmp(pwd->pw_name, "root") == 0) - errx(EX_DATAERR, "can't change uid of `root' account"); - if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0) - warnx("WARNING: account `%s' will have a uid of 0 (superuser access!)", pwd->pw_name); + if (conf.fd == -1 && !dryrun) { + if (isatty(STDOUT_FILENO)) + printf("Password for '%s' is: ", user); + printf("%s\n", pwbuf); + fflush(stdout); } + break; - if ((arg = getarg(args, 'g')) != NULL && pwd->pw_uid != 0) { /* Already checked this */ - gid_t newgid = (gid_t) GETGRNAM(cnf->default_group)->gr_gid; - if (newgid != pwd->pw_gid) { - edited = 1; - pwd->pw_gid = newgid; - } - } + case -2: /* No password at all! */ + return ""; - if ((arg = getarg(args, 'p')) != NULL) { - if (*arg->val == '\0' || strcmp(arg->val, "0") == 0) { - if (pwd->pw_change != 0) { - pwd->pw_change = 0; - edited = 1; - } - } - else { - time_t now = time(NULL); - time_t expire = parse_date(now, arg->val); + case 0: /* No login - default */ + default: + return "*"; - if (pwd->pw_change != expire) { - pwd->pw_change = expire; - edited = 1; - } - } - } + case 1: /* user's name */ + strlcpy(pwbuf, user, sizeof(pwbuf)); + break; + } + return pw_pwcrypt(pwbuf); +} - if ((arg = getarg(args, 'e')) != NULL) { - if (*arg->val == '\0' || strcmp(arg->val, "0") == 0) { - if (pwd->pw_expire != 0) { - pwd->pw_expire = 0; - edited = 1; - } - } - else { - time_t now = time(NULL); - time_t expire = parse_date(now, arg->val); +static int +print_user(struct passwd * pwd, bool pretty, bool v7) +{ + int j; + char *p; + struct group *grp = GETGRGID(pwd->pw_gid); + char uname[60] = "User &", office[60] = "[None]", + wphone[60] = "[None]", hphone[60] = "[None]"; + char acexpire[32] = "[None]", pwexpire[32] = "[None]"; + struct tm * tptr; + + if (!pretty) { + p = v7 ? pw_make_v7(pwd) : pw_make(pwd); + printf("%s\n", p); + free(p); + return (EXIT_SUCCESS); + } - if (pwd->pw_expire != expire) { - pwd->pw_expire = expire; - edited = 1; + if ((p = strtok(pwd->pw_gecos, ",")) != NULL) { + strlcpy(uname, p, sizeof(uname)); + if ((p = strtok(NULL, ",")) != NULL) { + strlcpy(office, p, sizeof(office)); + if ((p = strtok(NULL, ",")) != NULL) { + strlcpy(wphone, p, sizeof(wphone)); + if ((p = strtok(NULL, "")) != NULL) { + strlcpy(hphone, p, sizeof(hphone)); } } } - - if ((arg = getarg(args, 's')) != NULL) { - char *shell = shell_path(cnf->shelldir, cnf->shells, arg->val); - if (shell == NULL) - shell = ""; - if (strcmp(shell, pwd->pw_shell) != 0) { - pwd->pw_shell = shell; - edited = 1; - } - } - - if (getarg(args, 'L')) { - if (cnf->default_class == NULL) - cnf->default_class = ""; - if (strcmp(pwd->pw_class, cnf->default_class) != 0) { - pwd->pw_class = cnf->default_class; - edited = 1; - } - } - - if ((arg = getarg(args, 'd')) != NULL) { - if (strcmp(pwd->pw_dir, arg->val)) - edited = 1; - if (stat(pwd->pw_dir = arg->val, &st) == -1) { - if (getarg(args, 'm') == NULL && strcmp(pwd->pw_dir, "/nonexistent") != 0) - warnx("WARNING: home `%s' does not exist", pwd->pw_dir); - } else if (!S_ISDIR(st.st_mode)) - warnx("WARNING: home `%s' is not a directory", pwd->pw_dir); - } - - if ((arg = getarg(args, 'w')) != NULL && conf.fd == -1) { - login_cap_t *lc; - - lc = login_getpwclass(pwd); - if (lc == NULL || - login_setcryptfmt(lc, "sha512", NULL) == NULL) - warn("setting crypt(3) format"); - login_close(lc); - pwd->pw_passwd = pw_password(cnf, pwd->pw_name); - edited = 1; - } - - } else { - login_cap_t *lc; - - /* - * Add code - */ - - if (name == NULL) /* Required */ - errx(EX_DATAERR, "login name required"); - else if ((pwd = GETPWNAM(name)) != NULL) /* Exists */ - errx(EX_DATAERR, "login name `%s' already exists", name); - - /* - * Now, set up defaults for a new user - */ - pwd = &fakeuser; - pwd->pw_name = name; - pwd->pw_class = cnf->default_class ? cnf->default_class : ""; - pwd->pw_uid = pw_uidpolicy(cnf, id); - pwd->pw_gid = pw_gidpolicy(args, pwd->pw_name, (gid_t) pwd->pw_uid); - pwd->pw_change = pw_pwdpolicy(cnf, args); - pwd->pw_expire = pw_exppolicy(cnf, args); - pwd->pw_dir = pw_homepolicy(cnf, args, pwd->pw_name); - pwd->pw_shell = pw_shellpolicy(cnf, args, NULL); - lc = login_getpwclass(pwd); - if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL) - warn("setting crypt(3) format"); - login_close(lc); - pwd->pw_passwd = pw_password(cnf, pwd->pw_name); - edited = 1; - - if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0) - warnx("WARNING: new account `%s' has a uid of 0 (superuser access!)", pwd->pw_name); } - /* - * Shared add/edit code + * Handle '&' in gecos field */ - if (conf.gecos != NULL) { - if (strcmp(pwd->pw_gecos, conf.gecos) != 0) { - pwd->pw_gecos = conf.gecos; - edited = 1; + if ((p = strchr(uname, '&')) != NULL) { + int l = strlen(pwd->pw_name); + int m = strlen(p); + + memmove(p + l, p + 1, m); + memmove(p, pwd->pw_name, l); + *p = (char) toupper((unsigned char)*p); + } + if (pwd->pw_expire > (time_t)0 && (tptr = localtime(&pwd->pw_expire)) != NULL) + strftime(acexpire, sizeof acexpire, "%c", tptr); + if (pwd->pw_change > (time_t)0 && (tptr = localtime(&pwd->pw_change)) != NULL) + strftime(pwexpire, sizeof pwexpire, "%c", tptr); + printf("Login Name: %-15s #%-12ju Group: %-15s #%ju\n" + " Full Name: %s\n" + " Home: %-26.26s Class: %s\n" + " Shell: %-26.26s Office: %s\n" + "Work Phone: %-26.26s Home Phone: %s\n" + "Acc Expire: %-26.26s Pwd Expire: %s\n", + pwd->pw_name, (uintmax_t)pwd->pw_uid, + grp ? grp->gr_name : "(invalid)", (uintmax_t)pwd->pw_gid, + uname, pwd->pw_dir, pwd->pw_class, + pwd->pw_shell, office, wphone, hphone, + acexpire, pwexpire); + SETGRENT(); + j = 0; + while ((grp=GETGRENT()) != NULL) { + int i = 0; + if (grp->gr_mem != NULL) { + while (grp->gr_mem[i] != NULL) { + if (strcmp(grp->gr_mem[i], pwd->pw_name)==0) { + printf(j++ == 0 ? " Groups: %s" : ",%s", grp->gr_name); + break; + } + ++i; + } } } + ENDGRENT(); + printf("%s", j ? "\n" : ""); + return (EXIT_SUCCESS); +} - if (conf.fd != -1) - edited = set_passwd(pwd, mode == M_UPDATE); - +char * +pw_checkname(char *name, int gecos) +{ + char showch[8]; + const char *badchars, *ch, *showtype; + int reject; + + ch = name; + reject = 0; + if (gecos) { + /* See if the name is valid as a gecos (comment) field. */ + badchars = ":!@"; + showtype = "gecos field"; + } else { + /* See if the name is valid as a userid or group. */ + badchars = " ,\t:+&#%$^()!@~*?<>=|\\/\""; + showtype = "userid/group name"; + /* Userids and groups can not have a leading '-'. */ + if (*ch == '-') + reject = 1; + } + if (!reject) { + while (*ch) { + if (strchr(badchars, *ch) != NULL || *ch < ' ' || + *ch == 127) { + reject = 1; + break; + } + /* 8-bit characters are only allowed in GECOS fields */ + if (!gecos && (*ch & 0x80)) { + reject = 1; + break; + } + ch++; + } + } + /* + * A `$' is allowed as the final character for userids and groups, + * mainly for the benefit of samba. + */ + if (reject && !gecos) { + if (*ch == '$' && *(ch + 1) == '\0') { + reject = 0; + ch++; + } + } + if (reject) { + snprintf(showch, sizeof(showch), (*ch >= ' ' && *ch < 127) + ? "`%c'" : "0x%02x", *ch); + errx(EX_DATAERR, "invalid character %s at position %td in %s", + showch, (ch - name), showtype); + } + if (!gecos && (ch - name) > LOGNAMESIZE) + errx(EX_USAGE, "name too long `%s' (max is %d)", name, + LOGNAMESIZE); + + return (name); +} + +static void +rmat(uid_t uid) +{ + DIR *d = opendir("/var/at/jobs"); + + if (d != NULL) { + struct dirent *e; + + while ((e = readdir(d)) != NULL) { + struct stat st; + + if (strncmp(e->d_name, ".lock", 5) != 0 && + stat(e->d_name, &st) == 0 && + !S_ISDIR(st.st_mode) && + st.st_uid == uid) { + char tmp[MAXPATHLEN]; + + snprintf(tmp, sizeof(tmp), "/usr/bin/atrm %s", e->d_name); + system(tmp); + } + } + closedir(d); + } +} + +static void +rmopie(char const * name) +{ + char tmp[1014]; + FILE *fp; + int fd; + size_t len; + off_t atofs = 0; + + if ((fd = openat(conf.rootfd, "etc/opiekeys", O_RDWR)) == -1) + return; + + fp = fdopen(fd, "r+"); + len = strlen(name); + + while (fgets(tmp, sizeof(tmp), fp) != NULL) { + if (strncmp(name, tmp, len) == 0 && tmp[len]==' ') { + /* Comment username out */ + if (fseek(fp, atofs, SEEK_SET) == 0) + fwrite("#", 1, 1, fp); + break; + } + atofs = ftell(fp); + } /* - * Special case: -N only displays & exits + * If we got an error of any sort, don't update! */ - if (conf.dryrun) - return print_user(pwd); + fclose(fp); +} + +int +pw_user_next(int argc, char **argv, char *name __unused) +{ + struct userconf *cnf = NULL; + const char *cfg = NULL; + int ch; + bool quiet = false; + uid_t next; + + while ((ch = getopt(argc, argv, "Cq")) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet; + break; + } + } + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + + cnf = get_userconfig(cfg); + + next = pw_uidpolicy(cnf, -1); + + printf("%ju:", (uintmax_t)next); + pw_groupnext(cnf, quiet); + + return (EXIT_SUCCESS); +} + +int +pw_user_show(int argc, char **argv, char *arg1) +{ + struct passwd *pwd = NULL; + char *name = NULL; + uid_t id = -1; + int ch; + bool all = false; + bool pretty = false; + bool force = false; + bool v7 = false; + bool quiet = false; + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, UID_MAX); + else + name = arg1; + } + + while ((ch = getopt(argc, argv, "C:qn:u:FPa7")) != -1) { + switch (ch) { + case 'C': + /* ignore compatibility */ + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'u': + id = pw_checkid(optarg, UID_MAX); + break; + case 'F': + force = true; + break; + case 'P': + pretty = true; + break; + case 'a': + all = true; + break; + case 7: + v7 = true; + break; + } + } + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + + if (all) { + SETPWENT(); + while ((pwd = GETPWENT()) != NULL) + print_user(pwd, pretty, v7); + ENDPWENT(); + return (EXIT_SUCCESS); + } + + if (id < 0 && name == NULL) + errx(EX_DATAERR, "username or id required"); + + pwd = (name != NULL) ? GETPWNAM(pw_checkname(name, 0)) : GETPWUID(id); + if (pwd == NULL) { + if (force) { + pwd = &fakeuser; + } else { + if (name == NULL) + errx(EX_NOUSER, "no such uid `%ju'", + (uintmax_t) id); + errx(EX_NOUSER, "no such user `%s'", name); + } + } + + return (print_user(pwd, pretty, v7)); +} + +int +pw_user_del(int argc, char **argv, char *arg1) +{ + struct userconf *cnf = NULL; + struct passwd *pwd = NULL; + struct group *gr, *grp; + char *name = NULL; + char grname[MAXLOGNAME]; + char *nispasswd = NULL; + char file[MAXPATHLEN]; + char home[MAXPATHLEN]; + const char *cfg = NULL; + struct stat st; + uid_t id; + int ch, rc; + bool nis = false; + bool deletehome = false; + bool quiet = false; + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, UID_MAX); + else + name = arg1; + } + + while ((ch = getopt(argc, argv, "C:qn:u:rYy:")) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'u': + id = pw_checkid(optarg, UID_MAX); + break; + case 'r': + deletehome = true; + break; + case 'y': + nispasswd = optarg; + break; + case 'Y': + nis = true; + break; + } + } + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + + if (id < 0 && name == NULL) + errx(EX_DATAERR, "username or id required"); + + cnf = get_userconfig(cfg); + + if (nispasswd == NULL) + nispasswd = cnf->nispasswd; + + pwd = (name != NULL) ? GETPWNAM(pw_checkname(name, 0)) : GETPWUID(id); + if (pwd == NULL) { + if (name == NULL) + errx(EX_NOUSER, "no such uid `%ju'", (uintmax_t) id); + errx(EX_NOUSER, "no such user `%s'", name); + } + + if (PWF._altdir == PWF_REGULAR && + ((pwd->pw_fields & _PWF_SOURCE) != _PWF_FILES)) { + if ((pwd->pw_fields & _PWF_SOURCE) == _PWF_NIS) { + if (!nis && nispasswd && *nispasswd != '/') + errx(EX_NOUSER, "Cannot remove NIS user `%s'", + name); + } else { + errx(EX_NOUSER, "Cannot remove non local user `%s'", + name); + } + } + + id = pwd->pw_uid; + if (name == NULL) + name = pwd->pw_name; + + if (strcmp(pwd->pw_name, "root") == 0) + errx(EX_DATAERR, "cannot remove user 'root'"); + + /* Remove opie record from /etc/opiekeys */ + if (PWALTDIR() != PWF_ALT) + rmopie(pwd->pw_name); + + if (!PWALTDIR()) { + /* Remove crontabs */ + snprintf(file, sizeof(file), "/var/cron/tabs/%s", pwd->pw_name); + if (access(file, F_OK) == 0) { + snprintf(file, sizeof(file), "crontab -u %s -r", pwd->pw_name); + system(file); + } + } + + /* + * Save these for later, since contents of pwd may be + * invalidated by deletion + */ + snprintf(file, sizeof(file), "%s/%s", _PATH_MAILDIR, pwd->pw_name); + strlcpy(home, pwd->pw_dir, sizeof(home)); + gr = GETGRGID(pwd->pw_gid); + if (gr != NULL) + strlcpy(grname, gr->gr_name, LOGNAMESIZE); + else + grname[0] = '\0'; + + rc = delpwent(pwd); + if (rc == -1) + err(EX_IOERR, "user '%s' does not exist", pwd->pw_name); + else if (rc != 0) + err(EX_IOERR, "passwd update"); + + if (nis && nispasswd && *nispasswd=='/') { + rc = delnispwent(nispasswd, name); + if (rc == -1) + warnx("WARNING: user '%s' does not exist in NIS passwd", + pwd->pw_name); + else if (rc != 0) + warn("WARNING: NIS passwd update"); + } + + grp = GETGRNAM(name); + if (grp != NULL && + (grp->gr_mem == NULL || *grp->gr_mem == NULL) && + strcmp(name, grname) == 0) + delgrent(GETGRNAM(name)); + SETGRENT(); + while ((grp = GETGRENT()) != NULL) { + int i, j; + char group[MAXLOGNAME]; + if (grp->gr_mem == NULL) + continue; + + for (i = 0; grp->gr_mem[i] != NULL; i++) { + if (strcmp(grp->gr_mem[i], name) != 0) + continue; + + for (j = i; grp->gr_mem[j] != NULL; j++) + grp->gr_mem[j] = grp->gr_mem[j+1]; + strlcpy(group, grp->gr_name, MAXLOGNAME); + chggrent(group, grp); + } + } + ENDGRENT(); + + pw_log(cnf, M_DELETE, W_USER, "%s(%ju) account removed", name, + (uintmax_t)id); + + /* Remove mail file */ + if (PWALTDIR() != PWF_ALT) + unlinkat(conf.rootfd, file + 1, 0); + + /* Remove at jobs */ + if (!PWALTDIR() && getpwuid(id) == NULL) + rmat(id); + + /* Remove home directory and contents */ + if (PWALTDIR() != PWF_ALT && deletehome && *home == '/' && + GETPWUID(id) == NULL && + fstatat(conf.rootfd, home + 1, &st, 0) != -1) { + rm_r(conf.rootfd, home, id); + pw_log(cnf, M_DELETE, W_USER, "%s(%ju) home '%s' %s" + "removed", name, (uintmax_t)id, home, + fstatat(conf.rootfd, home + 1, &st, 0) == -1 ? "" : "not " + "completely "); + } + + return (EXIT_SUCCESS); +} + +int +pw_user_lock(int argc, char **argv, char *arg1) +{ + int ch; + + while ((ch = getopt(argc, argv, "Cq")) != -1) { + switch (ch) { + case 'C': + case 'q': + /* compatibility */ + break; + } + } + + return (pw_userlock(arg1, M_LOCK)); +} + +int +pw_user_unlock(int argc, char **argv, char *arg1) +{ + int ch; + + while ((ch = getopt(argc, argv, "Cq")) != -1) { + switch (ch) { + case 'C': + case 'q': + /* compatibility */ + break; + } + } + + return (pw_userlock(arg1, M_UNLOCK)); +} + +static struct group * +group_from_name_or_id(char *name) +{ + const char *errstr = NULL; + struct group *grp; + uintmax_t id; + + if ((grp = GETGRNAM(name)) == NULL) { + id = strtounum(name, 0, GID_MAX, &errstr); + if (errstr) + errx(EX_NOUSER, "group `%s' does not exist", name); + grp = GETGRGID(id); + if (grp == NULL) + errx(EX_NOUSER, "group `%s' does not exist", name); + } + + return (grp); +} + +static void +split_groups(StringList **groups, char *groupsstr) +{ + struct group *grp; + char *p; + char tok[] = ", \t"; + + for (p = strtok(groupsstr, tok); p != NULL; p = strtok(NULL, tok)) { + grp = group_from_name_or_id(p); + if (*groups == NULL) + *groups = sl_init(); + sl_add(*groups, newstr(grp->gr_name)); + } +} + +static void +validate_grname(struct userconf *cnf, char *group) +{ + struct group *grp; + + if (group == NULL || *group == '\0') { + cnf->default_group = ""; + return; + } + grp = group_from_name_or_id(group); + cnf->default_group = newstr(grp->gr_name); +} + +static mode_t +validate_mode(char *mode) +{ + mode_t m; + void *set; + + if ((set = setmode(mode)) == NULL) + errx(EX_DATAERR, "invalid directory creation mode '%s'", mode); + + m = getmode(set, _DEF_DIRMODE); + free(set); + return (m); +} + +static void +mix_config(struct userconf *cmdcnf, struct userconf *cfg) +{ + + if (cmdcnf->default_password == 0) + cmdcnf->default_password = cfg->default_password; + if (cmdcnf->reuse_uids == 0) + cmdcnf->reuse_uids = cfg->reuse_uids; + if (cmdcnf->reuse_gids == 0) + cmdcnf->reuse_gids = cfg->reuse_gids; + if (cmdcnf->nispasswd == NULL) + cmdcnf->nispasswd = cfg->nispasswd; + if (cmdcnf->dotdir == NULL) + cmdcnf->dotdir = cfg->dotdir; + if (cmdcnf->newmail == NULL) + cmdcnf->newmail = cfg->newmail; + if (cmdcnf->logfile == NULL) + cmdcnf->logfile = cfg->logfile; + if (cmdcnf->home == NULL) + cmdcnf->home = cfg->home; + if (cmdcnf->homemode == 0) + cmdcnf->homemode = cfg->homemode; + if (cmdcnf->shelldir == NULL) + cmdcnf->shelldir = cfg->shelldir; + if (cmdcnf->shells == NULL) + cmdcnf->shells = cfg->shells; + if (cmdcnf->shell_default == NULL) + cmdcnf->shell_default = cfg->shell_default; + if (cmdcnf->default_group == NULL) + cmdcnf->default_group = cfg->default_group; + if (cmdcnf->groups == NULL) + cmdcnf->groups = cfg->groups; + if (cmdcnf->default_class == NULL) + cmdcnf->default_class = cfg->default_class; + if (cmdcnf->min_uid == 0) + cmdcnf->min_uid = cfg->min_uid; + if (cmdcnf->max_uid == 0) + cmdcnf->max_uid = cfg->max_uid; + if (cmdcnf->min_gid == 0) + cmdcnf->min_gid = cfg->min_gid; + if (cmdcnf->max_gid == 0) + cmdcnf->max_gid = cfg->max_gid; + if (cmdcnf->expire_days == 0) + cmdcnf->expire_days = cfg->expire_days; + if (cmdcnf->password_days == 0) + cmdcnf->password_days = cfg->password_days; +} + +int +pw_user_add(int argc, char **argv, char *arg1) +{ + struct userconf *cnf, *cmdcnf; + struct passwd *pwd; + struct group *grp; + struct stat st; + char args[] = "C:qn:u:c:d:e:p:g:G:mM:k:s:oL:i:w:h:H:Db:NPy:Y"; + char line[_PASSWORD_LEN+1], path[MAXPATHLEN]; + char *gecos, *homedir, *skel, *walk, *userid, *groupid, *grname; + char *default_passwd, *name, *p; + const char *cfg; + login_cap_t *lc; + FILE *pfp, *fp; + intmax_t id = -1; + time_t now; + int rc, ch, fd = -1; + size_t i; + bool dryrun, nis, pretty, quiet, createhome, precrypted, genconf; + + dryrun = nis = pretty = quiet = createhome = precrypted = false; + genconf = false; + gecos = homedir = skel = userid = groupid = default_passwd = NULL; + grname = name = NULL; + + if ((cmdcnf = calloc(1, sizeof(struct userconf))) == NULL) + err(EXIT_FAILURE, "calloc()"); + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, UID_MAX); + else + name = arg1; + } + + while ((ch = getopt(argc, argv, args)) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'u': + userid = optarg; + break; + case 'c': + gecos = pw_checkname(optarg, 1); + break; + case 'd': + homedir = optarg; + break; + case 'e': + now = time(NULL); + cmdcnf->expire_days = parse_date(now, optarg); + break; + case 'p': + now = time(NULL); + cmdcnf->password_days = parse_date(now, optarg); + break; + case 'g': + validate_grname(cmdcnf, optarg); + grname = optarg; + break; + case 'G': + split_groups(&cmdcnf->groups, optarg); + break; + case 'm': + createhome = true; + break; + case 'M': + cmdcnf->homemode = validate_mode(optarg); + break; + case 'k': + walk = skel = optarg; + if (*walk == '/') + walk++; + if (fstatat(conf.rootfd, walk, &st, 0) == -1) + errx(EX_OSFILE, "skeleton `%s' does not " + "exists", skel); + if (!S_ISDIR(st.st_mode)) + errx(EX_OSFILE, "skeleton `%s' is not a " + "directory", skel); + cmdcnf->dotdir = skel; + break; + case 's': + cmdcnf->shell_default = optarg; + break; + case 'o': + conf.checkduplicate = false; + break; + case 'L': + cmdcnf->default_class = pw_checkname(optarg, 0); + break; + case 'i': + groupid = optarg; + break; + case 'w': + default_passwd = optarg; + break; + case 'H': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + precrypted = true; + if (fd == '-') + errx(EX_USAGE, "-H expects a file descriptor"); + break; + case 'h': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + break; + case 'D': + genconf = true; + break; + case 'b': + cmdcnf->home = optarg; + break; + case 'N': + dryrun = true; + break; + case 'P': + pretty = true; + break; + case 'y': + cmdcnf->nispasswd = optarg; + break; + case 'Y': + nis = true; + break; + } + } + + if (geteuid() != 0 && ! dryrun) + errx(EX_NOPERM, "you must be root"); + + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); + + cnf = get_userconfig(cfg); + + mix_config(cmdcnf, cnf); + if (default_passwd) + cmdcnf->default_password = boolean_val(default_passwd, + cnf->default_password); + if (genconf) { + if (name != NULL) + errx(EX_DATAERR, "can't combine `-D' with `-n name'"); + if (userid != NULL) { + if ((p = strtok(userid, ", \t")) != NULL) + cmdcnf->min_uid = pw_checkid(p, UID_MAX); + if (cmdcnf->min_uid == 0) + cmdcnf->min_uid = 1000; + if ((p = strtok(NULL, " ,\t")) != NULL) + cmdcnf->max_uid = pw_checkid(p, UID_MAX); + if (cmdcnf->max_uid == 0) + cmdcnf->max_uid = 32000; + } + if (groupid != NULL) { + if ((p = strtok(groupid, ", \t")) != NULL) + cmdcnf->min_gid = pw_checkid(p, GID_MAX); + if (cmdcnf->min_gid == 0) + cmdcnf->min_gid = 1000; + if ((p = strtok(NULL, " ,\t")) != NULL) + cmdcnf->max_gid = pw_checkid(p, GID_MAX); + if (cmdcnf->max_gid == 0) + cmdcnf->max_gid = 32000; + } + if (write_userconfig(cmdcnf, cfg)) + return (EXIT_SUCCESS); + err(EX_IOERR, "config update"); + } + + if (userid) + id = pw_checkid(userid, UID_MAX); + if (id < 0 && name == NULL) + errx(EX_DATAERR, "user name or id required"); - if (mode == M_ADD) { - edited = 1; /* Always */ - rc = addpwent(pwd); + if (name == NULL) + errx(EX_DATAERR, "login name required"); + + pwd = &fakeuser; + pwd->pw_name = name; + pwd->pw_class = cmdcnf->default_class ? cmdcnf->default_class : ""; + pwd->pw_uid = pw_uidpolicy(cmdcnf, id); + pwd->pw_gid = pw_gidpolicy(cnf, grname, pwd->pw_name, + (gid_t) pwd->pw_uid, dryrun); + pwd->pw_change = cmdcnf->password_days; + pwd->pw_expire = cmdcnf->expire_days; + pwd->pw_dir = pw_homepolicy(cmdcnf, homedir, pwd->pw_name); + pwd->pw_shell = pw_shellpolicy(cmdcnf); + lc = login_getpwclass(pwd); + if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); + pwd->pw_passwd = pw_password(cmdcnf, pwd->pw_name, dryrun); + if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0) + warnx("WARNING: new account `%s' has a uid of 0 " + "(superuser access!)", pwd->pw_name); + if (gecos) + pwd->pw_gecos = gecos; + + if (fd != -1) + pw_set_passwd(pwd, fd, precrypted, false); + + if (dryrun) + return (print_user(pwd, pretty, false)); + + if ((rc = addpwent(pwd)) != 0) { if (rc == -1) errx(EX_IOERR, "user '%s' already exists", pwd->pw_name); else if (rc != 0) err(EX_IOERR, "passwd file update"); - if (cnf->nispasswd && *cnf->nispasswd=='/') { - rc = addnispwent(cnf->nispasswd, pwd); - if (rc == -1) - warnx("User '%s' already exists in NIS passwd", pwd->pw_name); - else if (rc != 0) - warn("NIS passwd update"); - /* NOTE: we treat NIS-only update errors as non-fatal */ - } - } else if (mode == M_UPDATE && edited) /* Only updated this if required */ - perform_chgpwent(name, pwd); - - /* - * Ok, user is created or changed - now edit group file - */ - - if (mode == M_ADD || getarg(args, 'G') != NULL) { - int j; - size_t i; - /* First remove the user from all group */ - SETGRENT(); - while ((grp = GETGRENT()) != NULL) { - char group[MAXLOGNAME]; - if (grp->gr_mem == NULL) - continue; - for (i = 0; grp->gr_mem[i] != NULL; i++) { - if (strcmp(grp->gr_mem[i] , pwd->pw_name) != 0) - continue; - for (j = i; grp->gr_mem[j] != NULL ; j++) - grp->gr_mem[j] = grp->gr_mem[j+1]; - strlcpy(group, grp->gr_name, MAXLOGNAME); - chggrent(group, grp); - } - } - ENDGRENT(); + } + if (nis && cmdcnf->nispasswd && *cmdcnf->nispasswd == '/') { + printf("%s\n", cmdcnf->nispasswd); + rc = addnispwent(cmdcnf->nispasswd, pwd); + if (rc == -1) + warnx("User '%s' already exists in NIS passwd", pwd->pw_name); + else if (rc != 0) + warn("NIS passwd update"); + /* NOTE: we treat NIS-only update errors as non-fatal */ + } - /* now add to group where needed */ - for (i = 0; i < cnf->groups->sl_cur; i++) { - grp = GETGRNAM(cnf->groups->sl_str[i]); + if (cmdcnf->groups != NULL) { + for (i = 0; i < cmdcnf->groups->sl_cur; i++) { + grp = GETGRNAM(cmdcnf->groups->sl_str[i]); grp = gr_add(grp, pwd->pw_name); /* * grp can only be NULL in 2 cases: @@ -736,39 +1336,28 @@ pw_user(int mode, char *name, long id, struct cargs * args) } } - - /* go get a current version of pwd */ pwd = GETPWNAM(name); - if (pwd == NULL) { - /* This will fail when we rename, so special case that */ - if (mode == M_UPDATE && conf.newname != NULL) { - name = conf.newname; /* update new name */ - pwd = GETPWNAM(name); /* refetch renamed rec */ - } - } - if (pwd == NULL) /* can't go on without this */ + if (pwd == NULL) errx(EX_NOUSER, "user '%s' disappeared during update", name); grp = GETGRGID(pwd->pw_gid); - pw_log(cnf, mode, W_USER, "%s(%ju):%s(%ju):%s:%s:%s", + pw_log(cnf, M_ADD, W_USER, "%s(%ju):%s(%ju):%s:%s:%s", pwd->pw_name, (uintmax_t)pwd->pw_uid, grp ? grp->gr_name : "unknown", (uintmax_t)(grp ? grp->gr_gid : (uid_t)-1), pwd->pw_gecos, pwd->pw_dir, pwd->pw_shell); /* - * If adding, let's touch and chown the user's mail file. This is not + * let's touch and chown the user's mail file. This is not * strictly necessary under BSD with a 0755 maildir but it also * doesn't hurt anything to create the empty mailfile */ - if (mode == M_ADD) { - if (PWALTDIR() != PWF_ALT) { - snprintf(path, sizeof(path), "%s/%s", _PATH_MAILDIR, - pwd->pw_name); - close(openat(conf.rootfd, path +1, O_RDWR | O_CREAT, - 0600)); /* Preserve contents & mtime */ - fchownat(conf.rootfd, path + 1, pwd->pw_uid, - pwd->pw_gid, AT_SYMLINK_NOFOLLOW); - } + if (PWALTDIR() != PWF_ALT) { + snprintf(path, sizeof(path), "%s/%s", _PATH_MAILDIR, + pwd->pw_name); + /* Preserve contents & mtime */ + close(openat(conf.rootfd, path +1, O_RDWR | O_CREAT, 0600)); + fchownat(conf.rootfd, path + 1, pwd->pw_uid, pwd->pw_gid, + AT_SYMLINK_NOFOLLOW); } /* @@ -776,318 +1365,170 @@ pw_user(int mode, char *name, long id, struct cargs * args) * that this also `works' for editing users if -m is used, but * existing files will *not* be overwritten. */ - if (PWALTDIR() != PWF_ALT && getarg(args, 'm') != NULL && pwd->pw_dir && + if (PWALTDIR() != PWF_ALT && createhome && pwd->pw_dir && *pwd->pw_dir == '/' && pwd->pw_dir[1]) - create_and_populate_homedir(pwd); + create_and_populate_homedir(cmdcnf, pwd, cmdcnf->dotdir, + cmdcnf->homemode, false); - /* - * Finally, send mail to the new user as well, if we are asked to - */ - if (mode == M_ADD && !PWALTDIR() && cnf->newmail && *cnf->newmail && (fp = fopen(cnf->newmail, "r")) != NULL) { - FILE *pfp = popen(_PATH_SENDMAIL " -t", "w"); - - if (pfp == NULL) + if (!PWALTDIR() && cmdcnf->newmail && *cmdcnf->newmail && + (fp = fopen(cnf->newmail, "r")) != NULL) { + if ((pfp = popen(_PATH_SENDMAIL " -t", "w")) == NULL) warn("sendmail"); else { - fprintf(pfp, "From: root\n" "To: %s\n" "Subject: Welcome!\n\n", pwd->pw_name); + fprintf(pfp, "From: root\n" "To: %s\n" + "Subject: Welcome!\n\n", pwd->pw_name); while (fgets(line, sizeof(line), fp) != NULL) { /* Do substitutions? */ fputs(line, pfp); } pclose(pfp); - pw_log(cnf, mode, W_USER, "%s(%ju) new user mail sent", + pw_log(cnf, M_ADD, W_USER, "%s(%ju) new user mail sent", pwd->pw_name, (uintmax_t)pwd->pw_uid); } fclose(fp); } - return EXIT_SUCCESS; -} - - -static uid_t -pw_uidpolicy(struct userconf * cnf, long id) -{ - struct passwd *pwd; - uid_t uid = (uid_t) - 1; - - /* - * Check the given uid, if any - */ - if (id >= 0) { - uid = (uid_t) id; - - if ((pwd = GETPWUID(uid)) != NULL && conf.checkduplicate) - errx(EX_DATAERR, "uid `%ju' has already been allocated", - (uintmax_t)pwd->pw_uid); - } else { - struct bitmap bm; - - /* - * We need to allocate the next available uid under one of - * two policies a) Grab the first unused uid b) Grab the - * highest possible unused uid - */ - if (cnf->min_uid >= cnf->max_uid) { /* Sanity - * claus^H^H^H^Hheck */ - cnf->min_uid = 1000; - cnf->max_uid = 32000; - } - bm = bm_alloc(cnf->max_uid - cnf->min_uid + 1); - - /* - * Now, let's fill the bitmap from the password file - */ - SETPWENT(); - while ((pwd = GETPWENT()) != NULL) - if (pwd->pw_uid >= (uid_t) cnf->min_uid && pwd->pw_uid <= (uid_t) cnf->max_uid) - bm_setbit(&bm, pwd->pw_uid - cnf->min_uid); - ENDPWENT(); - - /* - * Then apply the policy, with fallback to reuse if necessary - */ - if (cnf->reuse_uids || (uid = (uid_t) (bm_lastset(&bm) + cnf->min_uid + 1)) > cnf->max_uid) - uid = (uid_t) (bm_firstunset(&bm) + cnf->min_uid); - - /* - * Another sanity check - */ - if (uid < cnf->min_uid || uid > cnf->max_uid) - errx(EX_SOFTWARE, "unable to allocate a new uid - range fully used"); - bm_dealloc(&bm); - } - return uid; -} - - -static uid_t -pw_gidpolicy(struct cargs * args, char *nam, gid_t prefer) -{ - struct group *grp; - gid_t gid = (uid_t) - 1; - struct carg *a_gid = getarg(args, 'g'); - struct userconf *cnf = conf.userconf; - - /* - * If no arg given, see if default can help out - */ - if (a_gid == NULL && cnf->default_group && *cnf->default_group) - a_gid = addarg(args, 'g', cnf->default_group); - - /* - * Check the given gid, if any - */ - SETGRENT(); - if (a_gid != NULL) { - if ((grp = GETGRNAM(a_gid->val)) == NULL) { - gid = (gid_t) atol(a_gid->val); - if ((gid == 0 && !isdigit((unsigned char)*a_gid->val)) || (grp = GETGRGID(gid)) == NULL) - errx(EX_NOUSER, "group `%s' is not defined", a_gid->val); - } - gid = grp->gr_gid; - } else if ((grp = GETGRNAM(nam)) != NULL && - (grp->gr_mem == NULL || grp->gr_mem[0] == NULL)) { - gid = grp->gr_gid; /* Already created? Use it anyway... */ - } else { - gid_t grid = -1; - - /* - * We need to auto-create a group with the user's name. We - * can send all the appropriate output to our sister routine - * bit first see if we can create a group with gid==uid so we - * can keep the user and group ids in sync. We purposely do - * NOT check the gid range if we can force the sync. If the - * user's name dups an existing group, then the group add - * function will happily handle that case for us and exit. - */ - if (GETGRGID(prefer) == NULL) - grid = prefer; - if (conf.dryrun) { - gid = pw_groupnext(cnf, true); - } else { - pw_group(M_ADD, nam, grid, NULL); - if ((grp = GETGRNAM(nam)) != NULL) - gid = grp->gr_gid; - } - } - ENDGRENT(); - return gid; -} - - -static time_t -pw_pwdpolicy(struct userconf * cnf, struct cargs * args) -{ - time_t result = 0; - time_t now = time(NULL); - struct carg *arg = getarg(args, 'p'); - - if (arg != NULL) { - if ((result = parse_date(now, arg->val)) == now) - errx(EX_DATAERR, "invalid date/time `%s'", arg->val); - } else if (cnf->password_days > 0) - result = now + ((long) cnf->password_days * 86400L); - return result; -} - - -static time_t -pw_exppolicy(struct userconf * cnf, struct cargs * args) -{ - time_t result = 0; - time_t now = time(NULL); - struct carg *arg = getarg(args, 'e'); - - if (arg != NULL) { - if ((result = parse_date(now, arg->val)) == now) - errx(EX_DATAERR, "invalid date/time `%s'", arg->val); - } else if (cnf->expire_days > 0) - result = now + ((long) cnf->expire_days * 86400L); - return result; -} - - -static char * -pw_homepolicy(struct userconf * cnf, struct cargs * args, char const * user) -{ - struct carg *arg = getarg(args, 'd'); - static char home[128]; - - if (arg) - return (arg->val); - - if (cnf->home == NULL || *cnf->home == '\0') - errx(EX_CONFIG, "no base home directory set"); - snprintf(home, sizeof(home), "%s/%s", cnf->home, user); + if (nis && nis_update() == 0) + pw_log(cnf, M_ADD, W_USER, "NIS maps updated"); - return (home); + return (EXIT_SUCCESS); } -static char * -shell_path(char const * path, char *shells[], char *sh) +int +pw_user_mod(int argc, char **argv, char *arg1) { - if (sh != NULL && (*sh == '/' || *sh == '\0')) - return sh; /* specified full path or forced none */ - else { - char *p; - char paths[_UC_MAXLINE]; - - /* - * We need to search paths - */ - strlcpy(paths, path, sizeof(paths)); - for (p = strtok(paths, ": \t\r\n"); p != NULL; p = strtok(NULL, ": \t\r\n")) { - int i; - static char shellpath[256]; - - if (sh != NULL) { - snprintf(shellpath, sizeof(shellpath), "%s/%s", p, sh); - if (access(shellpath, X_OK) == 0) - return shellpath; - } else - for (i = 0; i < _UC_MAXSHELLS && shells[i] != NULL; i++) { - snprintf(shellpath, sizeof(shellpath), "%s/%s", p, shells[i]); - if (access(shellpath, X_OK) == 0) - return shellpath; - } - } - if (sh == NULL) - errx(EX_OSFILE, "can't find shell `%s' in shell paths", sh); - errx(EX_CONFIG, "no default shell available or defined"); - return NULL; + struct userconf *cnf; + struct passwd *pwd; + struct group *grp; + StringList *groups = NULL; + char args[] = "C:qn:u:c:d:e:p:g:G:mM:l:k:s:w:L:h:H:NPYy:"; + const char *cfg; + char *gecos, *homedir, *grname, *name, *newname, *walk, *skel, *shell; + char *passwd, *class, *nispasswd; + login_cap_t *lc; + struct stat st; + intmax_t id = -1; + int ch, fd = -1; + size_t i, j; + bool quiet, createhome, pretty, dryrun, nis, edited, docreatehome; + mode_t homemode = 0; + time_t expire_days, password_days, now, precrypted; + + expire_days = password_days = -1; + gecos = homedir = grname = name = newname = skel = shell =NULL; + passwd = NULL; + class = nispasswd = NULL; + quiet = createhome = pretty = dryrun = nis = precrypted = false; + edited = docreatehome = false; + + if (arg1 != NULL) { + if (strspn(arg1, "0123456789") == strlen(arg1)) + id = pw_checkid(arg1, UID_MAX); + else + name = arg1; } -} - -static char * -pw_shellpolicy(struct userconf * cnf, struct cargs * args, char *newshell) -{ - char *sh = newshell; - struct carg *arg = getarg(args, 's'); - - if (newshell == NULL && arg != NULL) - sh = arg->val; - return shell_path(cnf->shelldir, cnf->shells, sh ? sh : cnf->shell_default); -} - -#define SALTSIZE 32 - -static char const chars[] = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ./"; - -char * -pw_pwcrypt(char *password) -{ - int i; - char salt[SALTSIZE + 1]; - char *cryptpw; - - static char buf[256]; - - /* - * Calculate a salt value - */ - for (i = 0; i < SALTSIZE; i++) - salt[i] = chars[arc4random_uniform(sizeof(chars) - 1)]; - salt[SALTSIZE] = '\0'; - - cryptpw = crypt(password, salt); - if (cryptpw == NULL) - errx(EX_CONFIG, "crypt(3) failure"); - return strcpy(buf, cryptpw); -} - - -static char * -pw_password(struct userconf * cnf, char const * user) -{ - int i, l; - char pwbuf[32]; - - switch (cnf->default_password) { - case -1: /* Random password */ - l = (arc4random() % 8 + 8); /* 8 - 16 chars */ - for (i = 0; i < l; i++) - pwbuf[i] = chars[arc4random_uniform(sizeof(chars)-1)]; - pwbuf[i] = '\0'; - - /* - * We give this information back to the user - */ - if (conf.fd == -1 && !conf.dryrun) { - if (isatty(STDOUT_FILENO)) - printf("Password for '%s' is: ", user); - printf("%s\n", pwbuf); - fflush(stdout); + while ((ch = getopt(argc, argv, args)) != -1) { + switch (ch) { + case 'C': + cfg = optarg; + break; + case 'q': + quiet = true; + break; + case 'n': + name = optarg; + break; + case 'u': + id = pw_checkid(optarg, UID_MAX); + break; + case 'c': + gecos = pw_checkname(optarg, 1); + break; + case 'd': + homedir = optarg; + break; + case 'e': + now = time(NULL); + expire_days = parse_date(now, optarg); + break; + case 'p': + now = time(NULL); + password_days = parse_date(now, optarg); + break; + case 'g': + group_from_name_or_id(optarg); + grname = optarg; + break; + case 'G': + split_groups(&groups, optarg); + break; + case 'm': + createhome = true; + break; + case 'M': + homemode = validate_mode(optarg); + break; + case 'l': + newname = optarg; + break; + case 'k': + walk = skel = optarg; + if (*walk == '/') + walk++; + if (fstatat(conf.rootfd, walk, &st, 0) == -1) + errx(EX_OSFILE, "skeleton `%s' does not " + "exists", skel); + if (!S_ISDIR(st.st_mode)) + errx(EX_OSFILE, "skeleton `%s' is not a " + "directory", skel); + break; + case 's': + shell = optarg; + break; + case 'w': + passwd = optarg; + break; + case 'L': + class = pw_checkname(optarg, 0); + break; + case 'H': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + precrypted = true; + if (fd == '-') + errx(EX_USAGE, "-H expects a file descriptor"); + break; + case 'h': + if (fd != -1) + errx(EX_USAGE, "'-h' and '-H' are mutually " + "exclusive options"); + fd = pw_checkfd(optarg); + break; + case 'N': + dryrun = true; + break; + case 'P': + pretty = true; + break; + case 'y': + nispasswd = optarg; + break; + case 'Y': + nis = true; + break; } - break; - - case -2: /* No password at all! */ - return ""; + } - case 0: /* No login - default */ - default: - return "*"; + if (geteuid() != 0 && ! dryrun) + errx(EX_NOPERM, "you must be root"); - case 1: /* user's name */ - strlcpy(pwbuf, user, sizeof(pwbuf)); - break; - } - return pw_pwcrypt(pwbuf); -} + if (quiet) + freopen(_PATH_DEVNULL, "w", stderr); -static int -pw_userdel(char *name, long id) -{ - struct passwd *pwd = NULL; - char file[MAXPATHLEN]; - char home[MAXPATHLEN]; - uid_t uid; - struct group *gr, *grp; - char grname[LOGNAMESIZE]; - int rc; - struct stat st; - int valid_type = _PWF_FILES; + cnf = get_userconfig(cfg); if (id < 0 && name == NULL) errx(EX_DATAERR, "username or id required"); @@ -1095,306 +1536,190 @@ pw_userdel(char *name, long id) pwd = (name != NULL) ? GETPWNAM(pw_checkname(name, 0)) : GETPWUID(id); if (pwd == NULL) { if (name == NULL) - errx(EX_NOUSER, "no such uid `%ld'", id); + errx(EX_NOUSER, "no such uid `%ju'", + (uintmax_t) id); errx(EX_NOUSER, "no such user `%s'", name); } - if (conf.userconf->nispasswd && *conf.userconf->nispasswd == '/') - valid_type = _PWF_NIS; - - if (PWF._altdir == PWF_REGULAR && - ((pwd->pw_fields & _PWF_SOURCE) != valid_type)) - errx(EX_NOUSER, "no such %s user `%s'", - valid_type == _PWF_FILES ? "local" : "NIS" , name); - - uid = pwd->pw_uid; if (name == NULL) name = pwd->pw_name; - if (strcmp(pwd->pw_name, "root") == 0) - errx(EX_DATAERR, "cannot remove user 'root'"); - - /* Remove opie record from /etc/opiekeys */ + if (nis && nispasswd == NULL) + nispasswd = cnf->nispasswd; - if (PWALTDIR() != PWF_ALT) - rmopie(pwd->pw_name); + if (PWF._altdir == PWF_REGULAR && + ((pwd->pw_fields & _PWF_SOURCE) != _PWF_FILES)) { + if ((pwd->pw_fields & _PWF_SOURCE) == _PWF_NIS) { + if (!nis && nispasswd && *nispasswd != '/') + errx(EX_NOUSER, "Cannot modify NIS user `%s'", + name); + } else { + errx(EX_NOUSER, "Cannot modify non local user `%s'", + name); + } + } - if (!PWALTDIR()) { - /* Remove crontabs */ - snprintf(file, sizeof(file), "/var/cron/tabs/%s", pwd->pw_name); - if (access(file, F_OK) == 0) { - snprintf(file, sizeof(file), "crontab -u %s -r", pwd->pw_name); - system(file); + if (newname) { + if (strcmp(pwd->pw_name, "root") == 0) + errx(EX_DATAERR, "can't rename `root' account"); + if (strcmp(pwd->pw_name, newname) != 0) { + pwd->pw_name = pw_checkname(newname, 0); + edited = true; } } - /* - * Save these for later, since contents of pwd may be - * invalidated by deletion - */ - snprintf(file, sizeof(file), "%s/%s", _PATH_MAILDIR, pwd->pw_name); - strlcpy(home, pwd->pw_dir, sizeof(home)); - gr = GETGRGID(pwd->pw_gid); - if (gr != NULL) - strlcpy(grname, gr->gr_name, LOGNAMESIZE); - else - grname[0] = '\0'; - rc = delpwent(pwd); - if (rc == -1) - err(EX_IOERR, "user '%s' does not exist", pwd->pw_name); - else if (rc != 0) - err(EX_IOERR, "passwd update"); + if (id > 0 && pwd->pw_uid != id) { + pwd->pw_uid = id; + edited = true; + if (pwd->pw_uid != 0 && strcmp(pwd->pw_name, "root") == 0) + errx(EX_DATAERR, "can't change uid of `root' account"); + if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0) + warnx("WARNING: account `%s' will have a uid of 0 (superuser access!)", pwd->pw_name); + } - if (conf.userconf->nispasswd && *conf.userconf->nispasswd=='/') { - rc = delnispwent(conf.userconf->nispasswd, name); - if (rc == -1) - warnx("WARNING: user '%s' does not exist in NIS passwd", - pwd->pw_name); - else if (rc != 0) - warn("WARNING: NIS passwd update"); - /* non-fatal */ + if (grname && pwd->pw_uid != 0) { + grp = GETGRNAM(grname); + if (grp == NULL) + grp = GETGRGID(pw_checkid(grname, GID_MAX)); + if (grp->gr_gid != pwd->pw_gid) { + pwd->pw_gid = grp->gr_gid; + edited = true; + } } - grp = GETGRNAM(name); - if (grp != NULL && - (grp->gr_mem == NULL || *grp->gr_mem == NULL) && - strcmp(name, grname) == 0) - delgrent(GETGRNAM(name)); - SETGRENT(); - while ((grp = GETGRENT()) != NULL) { - int i, j; - char group[MAXLOGNAME]; - if (grp->gr_mem == NULL) - continue; + if (password_days >= 0 && pwd->pw_change != password_days) { + pwd->pw_change = password_days; + edited = true; + } - for (i = 0; grp->gr_mem[i] != NULL; i++) { - if (strcmp(grp->gr_mem[i], name) != 0) - continue; + if (expire_days >= 0 && pwd->pw_expire != expire_days) { + pwd->pw_expire = expire_days; + edited = true; + } - for (j = i; grp->gr_mem[j] != NULL; j++) - grp->gr_mem[j] = grp->gr_mem[j+1]; - strlcpy(group, grp->gr_name, MAXLOGNAME); - chggrent(group, grp); + if (shell) { + shell = shell_path(cnf->shelldir, cnf->shells, shell); + if (shell == NULL) + shell = ""; + if (strcmp(shell, pwd->pw_shell) != 0) { + pwd->pw_shell = shell; + edited = true; } } - ENDGRENT(); - - pw_log(conf.userconf, M_DELETE, W_USER, "%s(%ju) account removed", name, - (uintmax_t)uid); - /* Remove mail file */ - if (PWALTDIR() != PWF_ALT) - unlinkat(conf.rootfd, file + 1, 0); + if (class && strcmp(pwd->pw_class, class) != 0) { + pwd->pw_class = class; + edited = true; + } - /* Remove at jobs */ - if (!PWALTDIR() && getpwuid(uid) == NULL) - rmat(uid); + if (homedir && strcmp(pwd->pw_dir, homedir) != 0) { + pwd->pw_dir = homedir; + if (fstatat(conf.rootfd, pwd->pw_dir, &st, 0) == -1) { + if (!createhome) + warnx("WARNING: home `%s' does not exist", + pwd->pw_dir); + else + docreatehome = true; + } else if (!S_ISDIR(st.st_mode)) { + warnx("WARNING: home `%s' is not a directory", + pwd->pw_dir); + } + } - /* Remove home directory and contents */ - if (PWALTDIR() != PWF_ALT && conf.deletehome && *home == '/' && - getpwuid(uid) == NULL && - fstatat(conf.rootfd, home + 1, &st, 0) != -1) { - rm_r(conf.rootfd, home, uid); - pw_log(conf.userconf, M_DELETE, W_USER, "%s(%ju) home '%s' %s" - "removed", name, (uintmax_t)uid, home, - fstatat(conf.rootfd, home + 1, &st, 0) == -1 ? "" : "not " - "completely "); + if (passwd && conf.fd == -1) { + lc = login_getpwclass(pwd); + if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL) + warn("setting crypt(3) format"); + login_close(lc); + pwd->pw_passwd = pw_password(cnf, pwd->pw_name, dryrun); + edited = true; } - return (EXIT_SUCCESS); -} + if (gecos && strcmp(pwd->pw_gecos, gecos) != 0) { + pwd->pw_gecos = gecos; + edited = true; + } -static int -print_user(struct passwd * pwd) -{ - if (!conf.pretty) { - char *buf; + if (fd != -1) + edited = pw_set_passwd(pwd, fd, precrypted, true); - buf = conf.v7 ? pw_make_v7(pwd) : pw_make(pwd); - printf("%s\n", buf); - free(buf); - } else { - int j; - char *p; - struct group *grp = GETGRGID(pwd->pw_gid); - char uname[60] = "User &", office[60] = "[None]", - wphone[60] = "[None]", hphone[60] = "[None]"; - char acexpire[32] = "[None]", pwexpire[32] = "[None]"; - struct tm * tptr; - - if ((p = strtok(pwd->pw_gecos, ",")) != NULL) { - strlcpy(uname, p, sizeof(uname)); - if ((p = strtok(NULL, ",")) != NULL) { - strlcpy(office, p, sizeof(office)); - if ((p = strtok(NULL, ",")) != NULL) { - strlcpy(wphone, p, sizeof(wphone)); - if ((p = strtok(NULL, "")) != NULL) { - strlcpy(hphone, p, - sizeof(hphone)); - } - } - } - } - /* - * Handle '&' in gecos field - */ - if ((p = strchr(uname, '&')) != NULL) { - int l = strlen(pwd->pw_name); - int m = strlen(p); + if (dryrun) + return (print_user(pwd, pretty, false)); - memmove(p + l, p + 1, m); - memmove(p, pwd->pw_name, l); - *p = (char) toupper((unsigned char)*p); - } - if (pwd->pw_expire > (time_t)0 && (tptr = localtime(&pwd->pw_expire)) != NULL) - strftime(acexpire, sizeof acexpire, "%c", tptr); - if (pwd->pw_change > (time_t)0 && (tptr = localtime(&pwd->pw_change)) != NULL) - strftime(pwexpire, sizeof pwexpire, "%c", tptr); - printf("Login Name: %-15s #%-12ju Group: %-15s #%ju\n" - " Full Name: %s\n" - " Home: %-26.26s Class: %s\n" - " Shell: %-26.26s Office: %s\n" - "Work Phone: %-26.26s Home Phone: %s\n" - "Acc Expire: %-26.26s Pwd Expire: %s\n", - pwd->pw_name, (uintmax_t)pwd->pw_uid, - grp ? grp->gr_name : "(invalid)", (uintmax_t)pwd->pw_gid, - uname, pwd->pw_dir, pwd->pw_class, - pwd->pw_shell, office, wphone, hphone, - acexpire, pwexpire); - SETGRENT(); - j = 0; - while ((grp=GETGRENT()) != NULL) - { - int i = 0; - if (grp->gr_mem != NULL) { - while (grp->gr_mem[i] != NULL) - { - if (strcmp(grp->gr_mem[i], pwd->pw_name)==0) - { - printf(j++ == 0 ? " Groups: %s" : ",%s", grp->gr_name); - break; - } - ++i; - } + if (edited) /* Only updated this if required */ + perform_chgpwent(name, pwd, nis ? nispasswd : NULL); + /* Now perform the needed changes concern groups */ + if (groups != NULL) { + /* Delete User from groups using old name */ + SETGRENT(); + while ((grp = GETGRENT()) != NULL) { + if (grp->gr_mem == NULL) + continue; + for (i = 0; grp->gr_mem[i] != NULL; i++) { + if (strcmp(grp->gr_mem[i] , name) != 0) + continue; + for (j = i; grp->gr_mem[j] != NULL ; j++) + grp->gr_mem[j] = grp->gr_mem[j+1]; + chggrent(grp->gr_name, grp); + break; } } ENDGRENT(); - printf("%s", j ? "\n" : ""); - } - return EXIT_SUCCESS; -} - -char * -pw_checkname(char *name, int gecos) -{ - char showch[8]; - const char *badchars, *ch, *showtype; - int reject; - - ch = name; - reject = 0; - if (gecos) { - /* See if the name is valid as a gecos (comment) field. */ - badchars = ":!@"; - showtype = "gecos field"; - } else { - /* See if the name is valid as a userid or group. */ - badchars = " ,\t:+&#%$^()!@~*?<>=|\\/\""; - showtype = "userid/group name"; - /* Userids and groups can not have a leading '-'. */ - if (*ch == '-') - reject = 1; + /* Add the user to the needed groups */ + for (i = 0; i < groups->sl_cur; i++) { + grp = GETGRNAM(groups->sl_str[i]); + grp = gr_add(grp, pwd->pw_name); + if (grp == NULL) + continue; + chggrent(grp->gr_name, grp); + free(grp); + } } - if (!reject) { - while (*ch) { - if (strchr(badchars, *ch) != NULL || *ch < ' ' || - *ch == 127) { - reject = 1; - break; - } - /* 8-bit characters are only allowed in GECOS fields */ - if (!gecos && (*ch & 0x80)) { - reject = 1; + /* In case of rename we need to walk over the different groups */ + if (newname) { + SETGRENT(); + while ((grp = GETGRENT()) != NULL) { + if (grp->gr_mem == NULL) + continue; + for (i = 0; grp->gr_mem[i] != NULL; i++) { + if (strcmp(grp->gr_mem[i], name) != 0) + continue; + grp->gr_mem[i] = newname; + chggrent(grp->gr_name, grp); break; } - ch++; - } - } - /* - * A `$' is allowed as the final character for userids and groups, - * mainly for the benefit of samba. - */ - if (reject && !gecos) { - if (*ch == '$' && *(ch + 1) == '\0') { - reject = 0; - ch++; } } - if (reject) { - snprintf(showch, sizeof(showch), (*ch >= ' ' && *ch < 127) - ? "`%c'" : "0x%02x", *ch); - errx(EX_DATAERR, "invalid character %s at position %td in %s", - showch, (ch - name), showtype); - } - if (!gecos && (ch - name) > LOGNAMESIZE) - errx(EX_DATAERR, "name too long `%s' (max is %d)", name, - LOGNAMESIZE); - - return (name); -} - - -static void -rmat(uid_t uid) -{ - DIR *d = opendir("/var/at/jobs"); - - if (d != NULL) { - struct dirent *e; - - while ((e = readdir(d)) != NULL) { - struct stat st; - if (strncmp(e->d_name, ".lock", 5) != 0 && - stat(e->d_name, &st) == 0 && - !S_ISDIR(st.st_mode) && - st.st_uid == uid) { - char tmp[MAXPATHLEN]; + /* go get a current version of pwd */ + if (newname) + name = newname; + pwd = GETPWNAM(name); + if (pwd == NULL) + errx(EX_NOUSER, "user '%s' disappeared during update", name); + grp = GETGRGID(pwd->pw_gid); + pw_log(cnf, M_UPDATE, W_USER, "%s(%ju):%s(%ju):%s:%s:%s", + pwd->pw_name, (uintmax_t)pwd->pw_uid, + grp ? grp->gr_name : "unknown", + (uintmax_t)(grp ? grp->gr_gid : (uid_t)-1), + pwd->pw_gecos, pwd->pw_dir, pwd->pw_shell); - snprintf(tmp, sizeof(tmp), "/usr/bin/atrm %s", e->d_name); - system(tmp); - } - } - closedir(d); + /* + * Let's create and populate the user's home directory. Note + * that this also `works' for editing users if -m is used, but + * existing files will *not* be overwritten. + */ + if (PWALTDIR() != PWF_ALT && docreatehome && pwd->pw_dir && + *pwd->pw_dir == '/' && pwd->pw_dir[1]) { + if (!skel) + skel = cnf->dotdir; + if (homemode == 0) + homemode = cnf->homemode; + create_and_populate_homedir(cnf, pwd, skel, homemode, true); } -} - -static void -rmopie(char const * name) -{ - char tmp[1014]; - FILE *fp; - int fd; - size_t len; - off_t atofs = 0; - - if ((fd = openat(conf.rootfd, "etc/opiekeys", O_RDWR)) == -1) - return; - fp = fdopen(fd, "r+"); - len = strlen(name); + if (nis && nis_update() == 0) + pw_log(cnf, M_UPDATE, W_USER, "NIS maps updated"); - while (fgets(tmp, sizeof(tmp), fp) != NULL) { - if (strncmp(name, tmp, len) == 0 && tmp[len]==' ') { - /* Comment username out */ - if (fseek(fp, atofs, SEEK_SET) == 0) - fwrite("#", 1, 1, fp); - break; - } - atofs = ftell(fp); - } - /* - * If we got an error of any sort, don't update! - */ - fclose(fp); + return (EXIT_SUCCESS); } diff --git a/pw/pw_utils.c b/pw/pw_utils.c new file mode 100644 index 0000000..31b79c0 --- /dev/null +++ b/pw/pw_utils.c @@ -0,0 +1,97 @@ +/*- + * Copyright (C) 2015 Baptiste Daroussin + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer + * in this position and unchanged. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include + +#include +#include +#include +#include +#include + +#include "pw.h" + +int +pw_checkfd(char *nptr) +{ + const char *errstr; + int fd = -1; + + if (strcmp(nptr, "-") == 0) + return '-'; + fd = strtonum(nptr, 0, INT_MAX, &errstr); + if (errstr != NULL) + errx(EX_USAGE, "Bad file descriptor '%s': %s", + nptr, errstr); + return (fd); +} + +uintmax_t +pw_checkid(char *nptr, uintmax_t maxval) +{ + const char *errstr = NULL; + uintmax_t id; + + id = strtounum(nptr, 0, maxval, &errstr); + if (errstr) + errx(EX_USAGE, "Bad id '%s': %s", nptr, errstr); + return (id); +} + +struct userconf * +get_userconfig(const char *config) +{ + char defaultcfg[MAXPATHLEN]; + + if (config != NULL) + return (read_userconfig(config)); + snprintf(defaultcfg, sizeof(defaultcfg), "%s/pw.conf", conf.etcpath); + return (read_userconfig(defaultcfg)); +} + +int +nis_update(void) { + pid_t pid; + int i; + + fflush(NULL); + if ((pid = fork()) == -1) { + warn("fork()"); + return (1); + } + if (pid == 0) { + execlp("/usr/bin/make", "make", "-C", "/var/yp/", (char*) NULL); + _exit(1); + } + waitpid(pid, &i, 0); + if ((i = WEXITSTATUS(i)) != 0) + errx(i, "make exited with status %d", i); + return (i); +} diff --git a/pw/pwupd.h b/pw/pwupd.h index 054c5a5..7fecffb 100644 --- a/pw/pwupd.h +++ b/pw/pwupd.h @@ -76,29 +76,16 @@ struct userconf { char *default_class; /* Default user class */ uid_t min_uid, max_uid; /* Allowed range of uids */ gid_t min_gid, max_gid; /* Allowed range of gids */ - int expire_days; /* Days to expiry */ - int password_days; /* Days to password expiry */ + time_t expire_days; /* Days to expiry */ + time_t password_days; /* Days to password expiry */ }; struct pwconf { char rootdir[MAXPATHLEN]; char etcpath[MAXPATHLEN]; - char *newname; - char *config; - char *gecos; int fd; int rootfd; - int which; - bool quiet; - bool force; - bool all; - bool dryrun; - bool pretty; - bool v7; bool checkduplicate; - bool deletehome; - bool precrypted; - struct userconf *userconf; }; extern struct pwf PWF; diff --git a/pw/strtounum.c b/pw/strtounum.c index 8d83470..be57276 100644 --- a/pw/strtounum.c +++ b/pw/strtounum.c @@ -1,5 +1,5 @@ /*- - * Copyright (C) Baptiste Daroussin + * Copyright (C) 2015 Baptiste Daroussin * All rights reserved. * * Redistribution and use in source and binary forms, with or without -- cgit v1.2.3-56-ge451