chpass.c revision 13274
1/*- 2 * Copyright (c) 1988, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#ifndef lint 35static char copyright[] = 36"@(#) Copyright (c) 1988, 1993, 1994\n\ 37 The Regents of the University of California. All rights reserved.\n"; 38#endif /* not lint */ 39 40#ifndef lint 41static char sccsid[] = "From: @(#)chpass.c 8.4 (Berkeley) 4/2/94"; 42static char rcsid[] = 43 "$Id: chpass.c,v 1.5 1995/09/02 03:56:17 wpaul Exp $"; 44#endif /* not lint */ 45 46#include <sys/param.h> 47#include <sys/stat.h> 48#include <sys/signal.h> 49#include <sys/time.h> 50#include <sys/resource.h> 51 52#include <ctype.h> 53#include <err.h> 54#include <errno.h> 55#include <fcntl.h> 56#include <pwd.h> 57#include <stdio.h> 58#include <stdlib.h> 59#include <string.h> 60#include <unistd.h> 61 62#include <pw_scan.h> 63#include <pw_util.h> 64#include "pw_copy.h" 65#ifdef YP 66#include "pw_yp.h" 67#endif 68 69#include "chpass.h" 70#include "pathnames.h" 71 72char *progname = "chpass"; 73char *tempname; 74uid_t uid; 75 76void baduser __P((void)); 77void usage __P((void)); 78 79int 80main(argc, argv) 81 int argc; 82 char **argv; 83{ 84 enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW } op; 85 struct passwd *pw, lpw; 86 int ch, pfd, tfd; 87 char *arg; 88#ifdef YP 89 int force_local = 0; 90 int force_yp = 0; 91#endif 92 93 op = EDITENTRY; 94#ifdef YP 95 while ((ch = getopt(argc, argv, "a:p:s:ly")) != EOF) 96#else 97 while ((ch = getopt(argc, argv, "a:p:s:")) != EOF) 98#endif 99 switch(ch) { 100 case 'a': 101 op = LOADENTRY; 102 arg = optarg; 103 break; 104 case 's': 105 op = NEWSH; 106 arg = optarg; 107 break; 108 case 'p': 109 op = NEWPW; 110 arg = optarg; 111 break; 112#ifdef YP 113 case 'l': 114 force_local = 1; 115 break; 116 case 'y': 117 force_yp = 1; 118 break; 119#endif 120 case '?': 121 default: 122 usage(); 123 } 124 argc -= optind; 125 argv += optind; 126 127 uid = getuid(); 128 129 if (op == EDITENTRY || op == NEWSH || op == NEWPW) 130 switch(argc) { 131 case 0: 132 if (!(pw = getpwuid(uid))) 133 errx(1, "unknown user: uid %u", uid); 134 break; 135 case 1: 136 if (!(pw = getpwnam(*argv))) 137 errx(1, "unknown user: %s", *argv); 138 if (uid && uid != pw->pw_uid) 139 baduser(); 140 break; 141 default: 142 usage(); 143 } 144 145#ifdef YP 146 pw->pw_name = strdup(pw->pw_name); 147 _use_yp = use_yp(pw->pw_name); 148 if (_use_yp == USER_YP_ONLY) { 149 if (!force_local) { 150 _use_yp = 1; 151 pw = (struct passwd *)&yp_password; 152 } else 153 errx(1, "unknown local user: %s.", pw->pw_name); 154 } else if (_use_yp == USER_LOCAL_ONLY) { 155 if (!force_yp) { 156 _use_yp = 0; 157 pw = (struct passwd *)&local_password; 158 } else 159 errx(1, "unknown NIS user: %s.", pw->pw_name); 160 } else if (_use_yp == USER_YP_AND_LOCAL) { 161 if (!force_local) { 162 _use_yp = 1; 163 pw = (struct passwd *)&yp_password; 164 } else { 165 _use_yp = 0; 166 pw = (struct passwd *)&local_password; 167 } 168 } 169#endif /* YP */ 170 171 if (op == NEWSH) { 172 /* protect p_shell -- it thinks NULL is /bin/sh */ 173 if (!arg[0]) 174 usage(); 175 if (p_shell(arg, pw, (ENTRY *)NULL)) 176 pw_error((char *)NULL, 0, 1); 177 } 178 179 if (op == LOADENTRY) { 180 if (uid) 181 baduser(); 182 pw = &lpw; 183 if (!pw_scan(arg, pw)) 184 exit(1); 185 } 186 187 if (op == NEWPW) { 188 if (uid) 189 baduser(); 190 191 if(strchr(arg, ':')) { 192 errx(1, "invalid format for password"); 193 } 194 pw->pw_passwd = arg; 195 } 196 197 /* 198 * The temporary file/file descriptor usage is a little tricky here. 199 * 1: We start off with two fd's, one for the master password 200 * file (used to lock everything), and one for a temporary file. 201 * 2: Display() gets an fp for the temporary file, and copies the 202 * user's information into it. It then gives the temporary file 203 * to the user and closes the fp, closing the underlying fd. 204 * 3: The user edits the temporary file some number of times. 205 * 4: Verify() gets an fp for the temporary file, and verifies the 206 * contents. It can't use an fp derived from the step #2 fd, 207 * because the user's editor may have created a new instance of 208 * the file. Once the file is verified, its contents are stored 209 * in a password structure. The verify routine closes the fp, 210 * closing the underlying fd. 211 * 5: Delete the temporary file. 212 * 6: Get a new temporary file/fd. Pw_copy() gets an fp for it 213 * file and copies the master password file into it, replacing 214 * the user record with a new one. We can't use the first 215 * temporary file for this because it was owned by the user. 216 * Pw_copy() closes its fp, flushing the data and closing the 217 * underlying file descriptor. We can't close the master 218 * password fp, or we'd lose the lock. 219 * 7: Call pw_mkdb() (which renames the temporary file) and exit. 220 * The exit closes the master passwd fp/fd. 221 */ 222 pw_init(); 223 pfd = pw_lock(); 224 tfd = pw_tmp(); 225 226 if (op == EDITENTRY) { 227 display(tfd, pw); 228 edit(pw); 229 (void)unlink(tempname); 230 tfd = pw_tmp(); 231 } 232 233#ifdef YP 234 if (_use_yp) { 235 yp_submit(pw); 236 (void)unlink(tempname); 237 } else { 238#endif /* YP */ 239 pw_copy(pfd, tfd, pw); 240 241 if (!pw_mkdb()) 242 pw_error((char *)NULL, 0, 1); 243#ifdef YP 244 } 245#endif /* YP */ 246 exit(0); 247} 248 249void 250baduser() 251{ 252 errx(1, "%s", strerror(EACCES)); 253} 254 255void 256usage() 257{ 258 259 (void)fprintf(stderr, 260#ifdef YP 261 "usage: chpass [-l] [-y] [-a list] [-p encpass] [-s shell] [user]\n"); 262#else 263 "usage: chpass [-a list] [-p encpass] [-s shell] [user]\n"); 264#endif 265 exit(1); 266} 267