pwd_mkdb.c revision 41697 
1164032Srwatson/*-
2164032Srwatson * Copyright (c) 1991, 1993, 1994
3189063Srwatson *	The Regents of the University of California.  All rights reserved.
4164032Srwatson *
5164032Srwatson * Redistribution and use in source and binary forms, with or without
6164032Srwatson * modification, are permitted provided that the following conditions
7164032Srwatson * are met:
8164032Srwatson * 1. Redistributions of source code must retain the above copyright
9164032Srwatson *    notice, this list of conditions and the following disclaimer.
10164032Srwatson * 2. Redistributions in binary form must reproduce the above copyright
11164032Srwatson *    notice, this list of conditions and the following disclaimer in the
12164032Srwatson *    documentation and/or other materials provided with the distribution.
13164032Srwatson * 3. All advertising materials mentioning features or use of this software
14164032Srwatson *    must display the following acknowledgement:
15164032Srwatson *	This product includes software developed by the University of
16164032Srwatson *	California, Berkeley and its contributors.
17164032Srwatson * 4. Neither the name of the University nor the names of its contributors
18164032Srwatson *    may be used to endorse or promote products derived from this software
19164032Srwatson *    without specific prior written permission.
20164032Srwatson *
21164032Srwatson * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22164032Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23164032Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24164032Srwatson * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25164032Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26164032Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27164032Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28164032Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29164032Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30164032Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31176903Srwatson * SUCH DAMAGE.
32176903Srwatson */
33176903Srwatson
34164032Srwatson#ifndef lint
35164032Srwatsonstatic const char copyright[] =
36164032Srwatson"@(#) Copyright (c) 1991, 1993, 1994\n\
37164032Srwatson	The Regents of the University of California.  All rights reserved.\n";
38164032Srwatson#endif /* not lint */
39189063Srwatson
40164032Srwatson#ifndef lint
41164032Srwatson#if 0
42164032Srwatsonstatic char sccsid[] = "@(#)pwd_mkdb.c	8.5 (Berkeley) 4/20/94";
43164032Srwatson#endif
44164032Srwatsonstatic const char rcsid[] =
45164032Srwatson	"$Id: pwd_mkdb.c,v 1.27 1998/09/29 20:01:21 dt Exp $";
46164032Srwatson#endif /* not lint */
47164032Srwatson
48164032Srwatson#include <sys/param.h>
49164032Srwatson#include <sys/stat.h>
50164032Srwatson
51164032Srwatson#include <db.h>
52164032Srwatson#include <err.h>
53250818Spjd#include <errno.h>
54164032Srwatson#include <fcntl.h>
55171156Srwatson#include <limits.h>
56267992Shselasky#include <pwd.h>
57164032Srwatson#include <signal.h>
58164032Srwatson#include <stdio.h>
59244385Szont#include <stdlib.h>
60267992Shselasky#include <string.h>
61244385Szont#include <unistd.h>
62244385Szont
63189063Srwatson#include "pw_scan.h"
64258622Savg
65258622Savg#define	INSECURE	1
66189063Srwatson#define	SECURE		2
67164032Srwatson#define	PERM_INSECURE	(S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH)
68164032Srwatson#define	PERM_SECURE	(S_IRUSR|S_IWUSR)
69164032Srwatson
70164032SrwatsonHASHINFO openinfo = {
71164032Srwatson	4096,		/* bsize */
72164032Srwatson	32,		/* ffactor */
73164032Srwatson	256,		/* nelem */
74164032Srwatson	2048 * 1024,	/* cachesize */
75164032Srwatson	NULL,		/* hash() */
76164032Srwatson	0		/* lorder */
77164032Srwatson};
78164032Srwatson
79170850Srwatsonstatic enum state { FILE_INSECURE, FILE_SECURE, FILE_ORIG } clean;
80170850Srwatsonstatic struct passwd pwd;			/* password structure */
81170850Srwatsonstatic char *pname;				/* password file name */
82170850Srwatsonstatic char prefix[MAXPATHLEN];
83164032Srwatson
84164032Srwatsonstatic int is_comment;	/* flag for comments */
85164032Srwatsonstatic char line[LINE_MAX];
86189063Srwatson
87164032Srwatsonvoid	cleanup __P((void));
88164032Srwatsonvoid	error __P((char *));
89164032Srwatsonvoid	cp __P((char *, char *, mode_t mode));
90164032Srwatsonvoid	mv __P((char *, char *));
91164032Srwatsonint	scan __P((FILE *, struct passwd *));
92164032Srwatsonstatic void	usage __P((void));
93164032Srwatson
94164032Srwatsonint
95189063Srwatsonmain(argc, argv)
96164032Srwatson	int argc;
97244385Szont	char *argv[];
98244385Szont{
99244385Szont	DB *dp, *sdp, *pw_db;
100244385Szont	DBT data, sdata, key;
101244385Szont	FILE *fp, *oldfp;
102244385Szont	sigset_t set;
103250818Spjd	int ch, cnt, ypcnt, len, makeold, tfd, yp_enabled = 0;
104250818Spjd	char *p, *t;
105250818Spjd	char buf[MAX(MAXPATHLEN, LINE_MAX * 2)], tbuf[1024];
106250818Spjd	char sbuf[MAX(MAXPATHLEN, LINE_MAX * 2)];
107244385Szont	char buf2[MAXPATHLEN];
108244385Szont	char sbuf2[MAXPATHLEN];
109244385Szont	char *username;
110164032Srwatson	u_int method, methoduid;
111164032Srwatson	int Cflag;
112170850Srwatson
113170850Srwatson	Cflag = 0;
114170850Srwatson	strcpy(prefix, _PATH_PWD);
115164032Srwatson	makeold = 0;
116164032Srwatson	username = NULL;
117170850Srwatson	while ((ch = getopt(argc, argv, "Cd:ps:u:v")) != -1)
118170850Srwatson		switch(ch) {
119170850Srwatson		case 'C':                       /* verify only */
120164032Srwatson			Cflag = 1;
121164032Srwatson			break;
122170850Srwatson		case 'd':
123170850Srwatson			strncpy(prefix, optarg, sizeof prefix - 1);
124170850Srwatson			break;
125170850Srwatson		case 'p':			/* create V7 "file.orig" */
126189063Srwatson			makeold = 1;
127189063Srwatson			break;
128189063Srwatson		case 's':			/* change default cachesize */
129189063Srwatson			openinfo.cachesize = atoi(optarg) * 1024 * 1024;
130170850Srwatson			break;
131170850Srwatson		case 'u':			/* only update this record */
132189063Srwatson			username = optarg;
133189063Srwatson			break;
134189063Srwatson		case 'v':                       /* backward compatible */
135189063Srwatson			break;
136170850Srwatson		default:
137164032Srwatson			usage();
138164032Srwatson		}
139164032Srwatson	argc -= optind;
140164032Srwatson	argv += optind;
141252855Sjamie
142252855Sjamie	if (argc != 1 || (username && (*username == '+' || *username == '-')))
143252855Sjamie		usage();
144252841Sjamie
145252841Sjamie	/*
146252841Sjamie	 * This could be changed to allow the user to interrupt.
147252841Sjamie	 * Probably not worth the effort.
148252841Sjamie	 */
149252841Sjamie	sigemptyset(&set);
150252841Sjamie	sigaddset(&set, SIGTSTP);
151164032Srwatson	sigaddset(&set, SIGHUP);
152164032Srwatson	sigaddset(&set, SIGINT);
153164032Srwatson	sigaddset(&set, SIGQUIT);
154164032Srwatson	sigaddset(&set, SIGTERM);
155189063Srwatson	(void)sigprocmask(SIG_BLOCK, &set, (sigset_t *)NULL);
156189063Srwatson
157189063Srwatson	/* We don't care what the user wants. */
158189063Srwatson	(void)umask(0);
159164032Srwatson
160189063Srwatson	pname = *argv;
161189063Srwatson	/* Open the original password file */
162189063Srwatson	if (!(fp = fopen(pname, "r")))
163189063Srwatson		error(pname);
164189063Srwatson
165189063Srwatson	/* check only if password database is valid */
166189063Srwatson	if (Cflag) {
167250817Spjd		for (cnt = 1; scan(fp, &pwd); ++cnt);
168258622Savg		exit(0);
169250817Spjd	}
170258622Savg
171189063Srwatson	/* Open the temporary insecure password database. */
172164032Srwatson	(void)snprintf(buf, sizeof(buf), "%s/%s.tmp", prefix, _MP_DB);
173164032Srwatson	(void)snprintf(sbuf, sizeof(sbuf), "%s/%s.tmp", prefix, _SMP_DB);
174164032Srwatson	if (username) {
175164032Srwatson		(void)snprintf(buf2, sizeof(buf2), "%s/%s", prefix, _MP_DB);
176164032Srwatson		(void)snprintf(sbuf2, sizeof(sbuf2), "%s/%s", prefix, _SMP_DB);
177164032Srwatson
178164032Srwatson		clean = FILE_INSECURE;
179164032Srwatson		cp(buf2, buf, PERM_INSECURE);
180164032Srwatson		dp = dbopen(buf,
181164032Srwatson		    O_RDWR|O_EXCL, PERM_INSECURE, DB_HASH, &openinfo);
182		if (dp == NULL)
183			error(buf);
184
185		clean = FILE_SECURE;
186		cp(sbuf2, sbuf, PERM_SECURE);
187		sdp = dbopen(sbuf,
188		    O_RDWR|O_EXCL, PERM_SECURE, DB_HASH, &openinfo);
189		if (sdp == NULL)
190			error(sbuf);
191
192		/*
193		 * Do some trouble to check if we should store this users
194		 * uid. Don't use getpwnam/getpwuid as that interferes
195		 * with NIS.
196		 */
197		pw_db = dbopen(_PATH_MP_DB, O_RDONLY, 0, DB_HASH, NULL);
198		if (!pw_db)
199			error(_MP_DB);
200		buf[0] = _PW_KEYBYNAME;
201		len = strlen(username);
202
203		/* Only check that username fits in buffer */
204		memmove(buf + 1, username, MIN(len, sizeof(buf) - 1));
205		key.data = (u_char *)buf;
206		key.size = len + 1;
207		if ((pw_db->get)(pw_db, &key, &data, 0) == 0) {
208			p = (char *)data.data;
209
210			/* jump over pw_name and pw_passwd, to get to pw_uid */
211			while (*p++)
212				;
213			while (*p++)
214				;
215
216			buf[0] = _PW_KEYBYUID;
217			memmove(buf + 1, p, sizeof(int));
218			key.data = (u_char *)buf;
219			key.size = sizeof(int) + 1;
220
221			if ((pw_db->get)(pw_db, &key, &data, 0) == 0) {
222				/* First field of data.data holds pw_pwname */
223				if (!strcmp(data.data, username))
224					methoduid = 0;
225				else
226					methoduid = R_NOOVERWRITE;
227			} else {
228				methoduid = R_NOOVERWRITE;
229			}
230		} else {
231			methoduid = R_NOOVERWRITE;
232		}
233		if ((pw_db->close)(pw_db))
234			error("close pw_db");
235		method = 0;
236	} else {
237		dp = dbopen(buf,
238		    O_RDWR|O_CREAT|O_EXCL, PERM_INSECURE, DB_HASH, &openinfo);
239		if (dp == NULL)
240			error(buf);
241		clean = FILE_INSECURE;
242
243		sdp = dbopen(sbuf,
244		    O_RDWR|O_CREAT|O_EXCL, PERM_SECURE, DB_HASH, &openinfo);
245		if (sdp == NULL)
246			error(sbuf);
247		clean = FILE_SECURE;
248
249		method = R_NOOVERWRITE;
250		methoduid = R_NOOVERWRITE;
251	}
252
253	/*
254	 * Open file for old password file.  Minor trickiness -- don't want to
255	 * chance the file already existing, since someone (stupidly) might
256	 * still be using this for permission checking.  So, open it first and
257	 * fdopen the resulting fd.  The resulting file should be readable by
258	 * everyone.
259	 */
260	if (makeold) {
261		(void)snprintf(buf, sizeof(buf), "%s.orig", pname);
262		if ((tfd = open(buf,
263		    O_WRONLY|O_CREAT|O_EXCL, PERM_INSECURE)) < 0)
264			error(buf);
265		if ((oldfp = fdopen(tfd, "w")) == NULL)
266			error(buf);
267		clean = FILE_ORIG;
268	}
269
270	/*
271	 * The databases actually contain three copies of the original data.
272	 * Each password file entry is converted into a rough approximation
273	 * of a ``struct passwd'', with the strings placed inline.  This
274	 * object is then stored as the data for three separate keys.  The
275	 * first key * is the pw_name field prepended by the _PW_KEYBYNAME
276	 * character.  The second key is the pw_uid field prepended by the
277	 * _PW_KEYBYUID character.  The third key is the line number in the
278	 * original file prepended by the _PW_KEYBYNUM character.  (The special
279	 * characters are prepended to ensure that the keys do not collide.)
280	 */
281	ypcnt = 1;
282	data.data = (u_char *)buf;
283	sdata.data = (u_char *)sbuf;
284	key.data = (u_char *)tbuf;
285	for (cnt = 1; scan(fp, &pwd); ++cnt) {
286		if (!is_comment &&
287		    (pwd.pw_name[0] == '+' || pwd.pw_name[0] == '-'))
288			yp_enabled = 1;
289#define	COMPACT(e)	t = e; while ((*p++ = *t++));
290#ifdef PASSWD_IGNORE_COMMENTS
291           if(is_comment)
292                --cnt;
293#endif
294		if (!is_comment &&
295		    (!username || (strcmp(username, pwd.pw_name) == 0))) {
296			/* Create insecure data. */
297			p = buf;
298			COMPACT(pwd.pw_name);
299			COMPACT("*");
300			memmove(p, &pwd.pw_uid, sizeof(int));
301			p += sizeof(int);
302			memmove(p, &pwd.pw_gid, sizeof(int));
303			p += sizeof(int);
304			memmove(p, &pwd.pw_change, sizeof(time_t));
305			p += sizeof(time_t);
306			COMPACT(pwd.pw_class);
307			COMPACT(pwd.pw_gecos);
308			COMPACT(pwd.pw_dir);
309			COMPACT(pwd.pw_shell);
310			memmove(p, &pwd.pw_expire, sizeof(time_t));
311			p += sizeof(time_t);
312			memmove(p, &pwd.pw_fields, sizeof pwd.pw_fields);
313			p += sizeof pwd.pw_fields;
314			data.size = p - buf;
315
316			/* Create secure data. */
317			p = sbuf;
318			COMPACT(pwd.pw_name);
319			COMPACT(pwd.pw_passwd);
320			memmove(p, &pwd.pw_uid, sizeof(int));
321			p += sizeof(int);
322			memmove(p, &pwd.pw_gid, sizeof(int));
323			p += sizeof(int);
324			memmove(p, &pwd.pw_change, sizeof(time_t));
325			p += sizeof(time_t);
326			COMPACT(pwd.pw_class);
327			COMPACT(pwd.pw_gecos);
328			COMPACT(pwd.pw_dir);
329			COMPACT(pwd.pw_shell);
330			memmove(p, &pwd.pw_expire, sizeof(time_t));
331			p += sizeof(time_t);
332			memmove(p, &pwd.pw_fields, sizeof pwd.pw_fields);
333			p += sizeof pwd.pw_fields;
334			sdata.size = p - sbuf;
335
336			/* Store insecure by name. */
337			tbuf[0] = _PW_KEYBYNAME;
338			len = strlen(pwd.pw_name);
339			memmove(tbuf + 1, pwd.pw_name, len);
340			key.size = len + 1;
341			if ((dp->put)(dp, &key, &data, method) == -1)
342				error("put");
343
344			/* Store insecure by number. */
345			tbuf[0] = _PW_KEYBYNUM;
346			memmove(tbuf + 1, &cnt, sizeof(cnt));
347			key.size = sizeof(cnt) + 1;
348			if ((dp->put)(dp, &key, &data, method) == -1)
349				error("put");
350
351			/* Store insecure by uid. */
352			tbuf[0] = _PW_KEYBYUID;
353			memmove(tbuf + 1, &pwd.pw_uid, sizeof(pwd.pw_uid));
354			key.size = sizeof(pwd.pw_uid) + 1;
355			if ((dp->put)(dp, &key, &data, methoduid) == -1)
356				error("put");
357
358			/* Store secure by name. */
359			tbuf[0] = _PW_KEYBYNAME;
360			len = strlen(pwd.pw_name);
361			memmove(tbuf + 1, pwd.pw_name, len);
362			key.size = len + 1;
363			if ((sdp->put)(sdp, &key, &sdata, method) == -1)
364				error("put");
365
366			/* Store secure by number. */
367			tbuf[0] = _PW_KEYBYNUM;
368			memmove(tbuf + 1, &cnt, sizeof(cnt));
369			key.size = sizeof(cnt) + 1;
370			if ((sdp->put)(sdp, &key, &sdata, method) == -1)
371				error("put");
372
373			/* Store secure by uid. */
374			tbuf[0] = _PW_KEYBYUID;
375			memmove(tbuf + 1, &pwd.pw_uid, sizeof(pwd.pw_uid));
376			key.size = sizeof(pwd.pw_uid) + 1;
377			if ((sdp->put)(sdp, &key, &sdata, methoduid) == -1)
378				error("put");
379
380			/* Store insecure and secure special plus and special minus */
381			if (pwd.pw_name[0] == '+' || pwd.pw_name[0] == '-') {
382				tbuf[0] = _PW_KEYYPBYNUM;
383				memmove(tbuf + 1, &ypcnt, sizeof(cnt));
384				ypcnt++;
385				key.size = sizeof(cnt) + 1;
386				if ((dp->put)(dp, &key, &data, method) == -1)
387					error("put");
388				if ((sdp->put)(sdp, &key, &sdata, method) == -1)
389					error("put");
390			}
391		}
392		/* Create original format password file entry */
393		if (is_comment && makeold){	/* copy comments */
394			if (fprintf(oldfp, "%s\n", line) < 0)
395				error("write old");
396		} else if (makeold) {
397			char uidstr[20];
398			char gidstr[20];
399
400			snprintf(uidstr, sizeof(uidstr), "%d", pwd.pw_uid);
401			snprintf(gidstr, sizeof(gidstr), "%d", pwd.pw_gid);
402
403			if (fprintf(oldfp, "%s:*:%s:%s:%s:%s:%s\n",
404			    pwd.pw_name, pwd.pw_fields & _PWF_UID ? uidstr : "",
405			    pwd.pw_fields & _PWF_GID ? gidstr : "",
406			    pwd.pw_gecos, pwd.pw_dir, pwd.pw_shell) < 0)
407				error("write old");
408		}
409	}
410	/* If YP enabled, set flag. */
411	if (yp_enabled) {
412		buf[0] = yp_enabled + 2;
413		data.size = 1;
414		tbuf[0] = _PW_KEYYPENABLED;
415		key.size = 1;
416		if ((dp->put)(dp, &key, &data, method) == -1)
417			error("put");
418		if ((sdp->put)(sdp, &key, &data, method) == -1)
419			error("put");
420	}
421
422	if ((dp->close)(dp) == -1)
423		error("close");
424	if ((sdp->close)(sdp) == -1)
425		error("close");
426	if (makeold) {
427		(void)fflush(oldfp);
428		if (fclose(oldfp) == EOF)
429			error("close old");
430	}
431
432	/* Set master.passwd permissions, in case caller forgot. */
433	(void)fchmod(fileno(fp), S_IRUSR|S_IWUSR);
434	if (fclose(fp) == EOF)
435		error("close fp");
436
437	/* Install as the real password files. */
438	(void)snprintf(buf, sizeof(buf), "%s/%s.tmp", prefix, _MP_DB);
439	(void)snprintf(buf2, sizeof(buf2), "%s/%s", prefix, _MP_DB);
440	mv(buf, buf2);
441	(void)snprintf(buf, sizeof(buf), "%s/%s.tmp", prefix, _SMP_DB);
442	(void)snprintf(buf2, sizeof(buf2), "%s/%s", prefix, _SMP_DB);
443	mv(buf, buf2);
444	if (makeold) {
445		(void)snprintf(buf2, sizeof(buf2), "%s/%s", prefix, _PASSWD);
446		(void)snprintf(buf, sizeof(buf), "%s.orig", pname);
447		mv(buf, buf2);
448	}
449	/*
450	 * Move the master password LAST -- chpass(1), passwd(1) and vipw(8)
451	 * all use flock(2) on it to block other incarnations of themselves.
452	 * The rename means that everything is unlocked, as the original file
453	 * can no longer be accessed.
454	 */
455	(void)snprintf(buf, sizeof(buf), "%s/%s", prefix, _MASTERPASSWD);
456	mv(pname, buf);
457	exit(0);
458}
459
460int
461scan(fp, pw)
462	FILE *fp;
463	struct passwd *pw;
464{
465	static int lcnt;
466	char *p;
467
468	if (!fgets(line, sizeof(line), fp))
469		return (0);
470	++lcnt;
471	/*
472	 * ``... if I swallow anything evil, put your fingers down my
473	 * throat...''
474	 *	-- The Who
475	 */
476	if (!(p = strchr(line, '\n'))) {
477		warnx("line too long");
478		goto fmt;
479
480	}
481	*p = '\0';
482
483#ifdef PASSWD_IGNORE_COMMENTS
484	/*
485	 * Ignore comments: ^[ \t]*#
486	 */
487	for (p = line; *p != '\0'; p++)
488		if (*p != ' ' && *p != '\t')
489			break;
490	if (*p == '#' || *p == '\0') {
491		is_comment = 1;
492		return(1);
493	} else
494		is_comment = 0;
495#endif
496
497	if (!pw_scan(line, pw)) {
498		warnx("at line #%d", lcnt);
499fmt:		errno = EFTYPE;	/* XXX */
500		error(pname);
501	}
502
503	return (1);
504}
505
506void
507cp(from, to, mode)
508	char *from, *to;
509	mode_t mode;
510{
511	static char buf[MAXBSIZE];
512	int from_fd, rcount, to_fd, wcount;
513
514	if ((from_fd = open(from, O_RDONLY, 0)) < 0)
515		error(from);
516	if ((to_fd = open(to, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0)
517		error(to);
518	while ((rcount = read(from_fd, buf, MAXBSIZE)) > 0) {
519		wcount = write(to_fd, buf, rcount);
520		if (rcount != wcount || wcount == -1) {
521			int sverrno = errno;
522
523			(void)snprintf(buf, sizeof(buf), "%s to %s", from, to);
524			errno = sverrno;
525			error(buf);
526		}
527	}
528	if (rcount < 0) {
529		int sverrno = errno;
530
531		(void)snprintf(buf, sizeof(buf), "%s to %s", from, to);
532		errno = sverrno;
533		error(buf);
534	}
535}
536
537
538void
539mv(from, to)
540	char *from, *to;
541{
542	char buf[MAXPATHLEN];
543
544	if (rename(from, to)) {
545		int sverrno = errno;
546		(void)snprintf(buf, sizeof(buf), "%s to %s", from, to);
547		errno = sverrno;
548		error(buf);
549	}
550}
551
552void
553error(name)
554	char *name;
555{
556
557	warn("%s", name);
558	cleanup();
559	exit(1);
560}
561
562void
563cleanup()
564{
565	char buf[MAXPATHLEN];
566
567	switch(clean) {
568	case FILE_ORIG:
569		(void)snprintf(buf, sizeof(buf), "%s.orig", pname);
570		(void)unlink(buf);
571		/* FALLTHROUGH */
572	case FILE_SECURE:
573		(void)snprintf(buf, sizeof(buf), "%s/%s.tmp", prefix, _SMP_DB);
574		(void)unlink(buf);
575		/* FALLTHROUGH */
576	case FILE_INSECURE:
577		(void)snprintf(buf, sizeof(buf), "%s/%s.tmp", prefix, _MP_DB);
578		(void)unlink(buf);
579	}
580}
581
582static void
583usage()
584{
585
586	(void)fprintf(stderr,
587"usage: pwd_mkdb [-C] [-p] [-d <dest dir>] [-s <cachesize>] [-u <local username>] file\n");
588	exit(1);
589}
590