chpass.c revision 92920
1/*- 2 * Copyright (c) 1988, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34#ifndef lint 35static const char copyright[] = 36"@(#) Copyright (c) 1988, 1993, 1994\n\ 37 The Regents of the University of California. All rights reserved.\n"; 38#endif /* not lint */ 39 40#ifndef lint 41static const char sccsid[] = "From: @(#)chpass.c 8.4 (Berkeley) 4/2/94"; 42static const char rcsid[] = 43 "$FreeBSD: head/usr.bin/chpass/chpass.c 92920 2002-03-22 01:22:50Z imp $"; 44#endif /* not lint */ 45 46#include <sys/param.h> 47#include <sys/stat.h> 48#include <sys/signal.h> 49#include <sys/time.h> 50#include <sys/resource.h> 51 52#include <ctype.h> 53#include <err.h> 54#include <errno.h> 55#include <fcntl.h> 56#include <pwd.h> 57#include <stdio.h> 58#include <stdlib.h> 59#include <string.h> 60#include <unistd.h> 61 62#include <pw_scan.h> 63#include <pw_util.h> 64#include "pw_copy.h" 65#ifdef YP 66#include <rpcsvc/yp.h> 67int yp_errno = YP_TRUE; 68#include "pw_yp.h" 69#endif 70 71#include "chpass.h" 72#include "pathnames.h" 73 74char *tempname; 75uid_t uid; 76 77void baduser(void); 78void usage(void); 79 80int 81main(argc, argv) 82 int argc; 83 char **argv; 84{ 85 enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW, NEWEXP } op; 86 struct passwd *pw = NULL, lpw, old_pw; 87 char *username = NULL; 88 int ch, pfd, tfd; 89 char *arg = NULL; 90#ifdef YP 91 int force_local = 0; 92 int force_yp = 0; 93#endif 94 95 op = EDITENTRY; 96#ifdef YP 97 while ((ch = getopt(argc, argv, "a:p:s:e:d:h:oly")) != -1) 98#else 99 while ((ch = getopt(argc, argv, "a:p:s:e:")) != -1) 100#endif 101 switch(ch) { 102 case 'a': 103 op = LOADENTRY; 104 arg = optarg; 105 break; 106 case 's': 107 op = NEWSH; 108 arg = optarg; 109 break; 110 case 'p': 111 op = NEWPW; 112 arg = optarg; 113 break; 114 case 'e': 115 op = NEWEXP; 116 arg = optarg; 117 break; 118#ifdef YP 119 case 'h': 120#ifdef PARANOID 121 if (getuid()) { 122 warnx("Only the superuser can use the -h flag"); 123 } else { 124#endif 125 yp_server = optarg; 126#ifdef PARANOID 127 } 128#endif 129 break; 130 case 'd': 131#ifdef PARANOID 132 if (getuid()) { 133 warnx("Only the superuser can use the -d flag"); 134 } else { 135#endif 136 yp_domain = optarg; 137 if (yp_server == NULL) 138 yp_server = "localhost"; 139#ifdef PARANOID 140 } 141#endif 142 break; 143 case 'l': 144 _use_yp = 0; 145 force_local = 1; 146 break; 147 case 'y': 148 _use_yp = force_yp = 1; 149 break; 150 case 'o': 151 force_old++; 152 break; 153#endif 154 case '?': 155 default: 156 usage(); 157 } 158 argc -= optind; 159 argv += optind; 160 161 uid = getuid(); 162 163 if (op == EDITENTRY || op == NEWSH || op == NEWPW || op == NEWEXP) { 164 switch(argc) { 165#ifdef YP 166 case 0: 167 GETPWUID(uid) 168 get_yp_master(1); /* XXX just to set the suser flag */ 169 break; 170 case 1: 171 GETPWNAM(*argv) 172 get_yp_master(1); /* XXX just to set the suser flag */ 173#else 174 case 0: 175 if (!(pw = getpwuid(uid))) 176 errx(1, "unknown user: uid %lu", 177 (unsigned long)uid); 178 break; 179 case 1: 180 if (!(pw = getpwnam(*argv))) 181 errx(1, "unknown user: %s", *argv); 182#endif 183 if (uid && uid != pw->pw_uid) 184 baduser(); 185 break; 186 default: 187 usage(); 188 } 189 190 /* Make a copy for later verification */ 191 old_pw = *pw; 192 old_pw.pw_gecos = strdup(old_pw.pw_gecos); 193 } 194 195 if (op == NEWSH) { 196 /* protect p_shell -- it thinks NULL is /bin/sh */ 197 if (!arg[0]) 198 usage(); 199 if (p_shell(arg, pw, (ENTRY *)NULL)) 200 pw_error((char *)NULL, 0, 1); 201 } 202 203 if (op == NEWEXP) { 204 if (uid) /* only root can change expire */ 205 baduser(); 206 if (p_expire(arg, pw, (ENTRY *)NULL)) 207 pw_error((char *)NULL, 0, 1); 208 } 209 210 if (op == LOADENTRY) { 211 if (uid) 212 baduser(); 213 pw = &lpw; 214 if (!__pw_scan(arg, pw, _PWSCAN_WARN|_PWSCAN_MASTER)) 215 exit(1); 216 } 217 username = pw->pw_name; 218 219 if (op == NEWPW) { 220 if (uid) 221 baduser(); 222 223 if(strchr(arg, ':')) { 224 errx(1, "invalid format for password"); 225 } 226 pw->pw_passwd = arg; 227 } 228 229 /* 230 * The temporary file/file descriptor usage is a little tricky here. 231 * 1: Create a temporary file called tempname, get descriptor tfd. 232 * 2: Display() gets an fp for the temporary file, and copies the 233 * user's information into it. It then gives the temporary file 234 * to the user and closes the fp, closing the underlying fd. 235 * 3: The user edits the temporary file some number of times. 236 * The results are stored in pw by edit(). 237 * 4: Delete the temporary file. 238 * 5: Make a new temporary file, descriptor tfd. 239 * 6: Get a descriptor for the master.passwd file, pfd, and 240 * lock master.passwd. 241 * 7: Pw_copy() gets descriptors for master.passwd and the 242 * temporary file and copies the master password file into it, 243 * replacing the modified user's record with a new one. We can't 244 * use the first temporary file for this because it was owned 245 * by the user. Pass the new and old user info. Check the 246 * entry for our user has not been changed by someone else by 247 * while the user was editing by comparing the old info to 248 * the entry freshly read from master.passwd. Pw_copy() closes 249 * its fp, flushing the data and closing the underlying file 250 * descriptor. We can't close the master password fp, or we'd 251 * lose the lock. 252 * 8: Call pw_mkdb() (which renames the temporary file) and exit. 253 * The exit closes the master passwd fp/fd. 254 */ 255 pw_init(); 256 tfd = pw_tmp(); 257 258 if (op == EDITENTRY) { 259 display(tfd, pw); 260 edit(pw); 261 (void)unlink(tempname); 262 tfd = pw_tmp(); 263 } 264 265#ifdef YP 266 if (_use_yp) { 267 yp_submit(pw); 268 (void)unlink(tempname); 269 } else { 270#endif /* YP */ 271 pfd = pw_lock(); 272 pw_copy(pfd, tfd, pw, (op == LOADENTRY) ? NULL : &old_pw); 273 274 if (!pw_mkdb(username)) 275 pw_error((char *)NULL, 0, 1); 276#ifdef YP 277 } 278#endif /* YP */ 279 exit(0); 280} 281 282void 283baduser() 284{ 285 errx(1, "%s", strerror(EACCES)); 286} 287 288void 289usage() 290{ 291 292 (void)fprintf(stderr, 293#ifdef YP 294 "usage: chpass [-l] [-y] [-d domain [-h host]] [-a list] [-p encpass] [-s shell] [-e mmm dd yy] [user]\n"); 295#else 296 "usage: chpass [-a list] [-p encpass] [-s shell] [-e mmm dd yy] [user]\n"); 297#endif 298 exit(1); 299} 300