static int
ypgetpwnam(const char *nam, struct passwd *pwd)
{
char *val;
int reason, vallen, namlen = (int)strlen(nam);
int flags;
int ok;
flags = ok = 0;
val = NULL;
reason = yp_match(domain, "master.passwd.byname", nam, namlen,
&val, &vallen);
if (reason == YPERR_MAP) {
reason = yp_match(domain, "passwd.byname", nam, namlen,
&val, &vallen);
flags = _PASSWORD_OLDFMT;
}
if (reason != 0)
goto out;
if (pw_scan(val, pwd, &flags) == 0)
goto out;
ok = 1;
val = NULL; /* Don't free the memory, it is still in use */
out:
if (val)
free(val);
return ok;
}
static struct passwd *
vnextpwent(char const *nam, uid_t uid, int doclose)
{
struct passwd *pw;
char *line;
size_t linecap;
ssize_t linelen;
pw = NULL;
line = NULL;
linecap = 0;
linelen = 0;
if (pwd_fp != NULL || (pwd_fp = fopen(getpwpath(_MASTERPASSWD), "r")) != NULL) {
while ((linelen = getline(&line, &linecap, pwd_fp)) > 0) {
/* Skip comments and empty lines */
if (*line == '\n' || *line == '#')
continue;
/* trim latest \n */
if (line[linelen - 1 ] == '\n')
line[linelen - 1] = '\0';
pw = pw_scan(line, PWSCAN_MASTER);
if (uid != (uid_t)-1) {
if (uid == pw->pw_uid)
break;
} else if (nam != NULL) {
if (strcmp(nam, pw->pw_name) == 0)
break;
} else
break;
free(pw);
pw = NULL;
}
if (doclose)
vendpwent();
}
free(line);
return (pw);
}
/*
* Copy password file from one descriptor to another, replacing or adding
* a single record on the way.
*/
int
pw_copy(int ffd, int tfd, const struct passwd *pw, struct passwd *old_pw)
{
char buf[8192], *end, *line, *p, *q, *r, t;
struct passwd *fpw;
size_t len;
int eof, readlen;
if ((line = pw_make(pw)) == NULL)
return (-1);
eof = 0;
len = 0;
p = q = end = buf;
for (;;) {
/* find the end of the current line */
for (p = q; q < end && *q != '\0'; ++q)
if (*q == '\n')
break;
/* if we don't have a complete line, fill up the buffer */
if (q >= end) {
if (eof)
break;
if ((size_t)(q - p) >= sizeof(buf)) {
warnx("passwd line too long");
errno = EINVAL; /* hack */
goto err;
}
if (p < end) {
q = memmove(buf, p, end - p);
end -= p - buf;
} else {
p = q = end = buf;
}
readlen = read(ffd, end, sizeof(buf) - (end - buf));
if (readlen == -1)
goto err;
else
len = (size_t)readlen;
if (len == 0 && p == buf)
break;
end += len;
len = end - buf;
if (len < (ssize_t)sizeof(buf)) {
eof = 1;
if (len > 0 && buf[len - 1] != '\n')
++len, *end++ = '\n';
}
continue;
}
/* is it a blank line or a comment? */
for (r = p; r < q && isspace(*r); ++r)
/* nothing */ ;
if (r == q || *r == '#') {
/* yep */
if (write(tfd, p, q - p + 1) != q - p + 1)
goto err;
++q;
continue;
}
/* is it the one we're looking for? */
t = *q;
*q = '\0';
fpw = pw_scan(r, PWSCAN_MASTER);
/*
* fpw is either the struct passwd for the current line,
* or NULL if the line is malformed.
*/
*q = t;
if (fpw == NULL || strcmp(fpw->pw_name, pw->pw_name) != 0) {
/* nope */
if (fpw != NULL)
free(fpw);
if (write(tfd, p, q - p + 1) != q - p + 1)
goto err;
++q;
continue;
}
if (old_pw && !pw_equal(fpw, old_pw)) {
warnx("entry inconsistent");
free(fpw);
errno = EINVAL; /* hack */
goto err;
}
free(fpw);
/* it is, replace it */
len = strlen(line);
if (write(tfd, line, len) != (int)len)
goto err;
/* we're done, just copy the rest over */
for (;;) {
if (write(tfd, q, end - q) != end - q)
goto err;
q = buf;
readlen = read(ffd, buf, sizeof(buf));
if (readlen == 0)
break;
else
len = (size_t)readlen;
if (readlen == -1)
goto err;
end = buf + len;
}
goto done;
}
/* if we got here, we have a new entry */
len = strlen(line);
if ((size_t)write(tfd, line, len) != len ||
write(tfd, "\n", 1) != 1)
goto err;
done:
free(line);
return (0);
err:
free(line);
return (-1);
}
int
main(int argc, char *argv[])
{
struct passwd *pw = NULL, *opw = NULL, lpw;
int i, ch, pfd, tfd, dfd;
char *tz, *arg = NULL;
sigset_t fullset;
#ifdef YP
use_yp = _yp_check(NULL);
#endif
/* We need to use the system timezone for date conversions. */
if ((tz = getenv("TZ")) != NULL) {
unsetenv("TZ");
tzset();
setenv("TZ", tz, 1);
}
op = EDITENTRY;
while ((ch = getopt(argc, argv, "a:s:ly")) != -1)
switch(ch) {
case 'a':
op = LOADENTRY;
arg = optarg;
break;
case 's':
op = NEWSH;
arg = optarg;
break;
#ifdef YP
case 'l':
use_yp = 0;
break;
case 'y':
if (!use_yp) {
warnx("YP not in use.");
usage();
}
force_yp = 1;
break;
#endif
case '?':
default:
usage();
}
argc -= optind;
argv += optind;
#ifdef YP
if (op == LOADENTRY && use_yp)
errx(1, "cannot load using YP, use -l to load local.");
#endif
uid = getuid();
if (op == EDITENTRY || op == NEWSH)
switch(argc) {
case 0:
pw = getpwuid(uid);
#ifdef YP
if (pw && !force_yp)
use_yp = 0;
else if (use_yp)
pw = ypgetpwuid(uid);
#endif /* YP */
if (!pw)
errx(1, "unknown user: uid %u", uid);
break;
case 1:
pw = getpwnam(*argv);
#ifdef YP
if (pw && !force_yp)
use_yp = 0;
else if (use_yp)
pw = ypgetpwnam(*argv);
#endif /* YP */
if (!pw)
errx(1, "unknown user: %s", *argv);
if (uid && uid != pw->pw_uid)
baduser();
break;
default:
usage();
}
if (op == LOADENTRY) {
if (argc != 0)
errx(1, "option -a does not accept user argument");
if (uid)
baduser();
pw = &lpw;
if (!pw_scan(arg, pw, NULL))
exit(1);
opw = getpwnam(pw->pw_name);
}
if (opw == NULL && (opw = pw_dup(pw)) == NULL)
err(1, NULL);
/* Edit the user passwd information if requested. */
if (op == EDITENTRY) {
char tempname[] = _PATH_VARTMP "pw.XXXXXXXXXX";
int edit_status;
if ((pw = pw_dup(pw)) == NULL)
pw_error(NULL, 1, 1);
dfd = mkstemp(tempname);
if (dfd == -1 || fcntl(dfd, F_SETFD, 1) == -1)
pw_error(tempname, 1, 1);
display(tempname, dfd, pw);
edit_status = edit(tempname, pw);
close(dfd);
unlink(tempname);
switch (edit_status) {
case EDIT_OK:
break;
case EDIT_NOCHANGE:
pw_error(NULL, 0, 0);
break;
case EDIT_ERROR:
default:
pw_error(tempname, 1, 1);
break;
}
}
if (op == NEWSH) {
/* protect p_shell -- it thinks NULL is /bin/sh */
if (!arg[0])
usage();
if (p_shell(arg, pw, NULL))
pw_error(NULL, 0, 1);
}
/* Drop user's real uid and block all signals to avoid a DoS. */
setuid(0);
sigfillset(&fullset);
sigdelset(&fullset, SIGINT);
sigprocmask(SIG_BLOCK, &fullset, NULL);
/* Get the passwd lock file and open the passwd file for reading. */
pw_init();
for (i = 1; (tfd = pw_lock(0)) == -1; i++) {
if (i == 4)
(void)fputs("Attempting to lock password file, "
"please wait or press ^C to abort", stderr);
(void)signal(SIGINT, kbintr);
if (i % 16 == 0)
fputc('.', stderr);
usleep(250000);
(void)signal(SIGINT, SIG_IGN);
}
if (i >= 4)
fputc('\n', stderr);
pfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0);
if (pfd == -1 || fcntl(pfd, F_SETFD, 1) == -1)
pw_error(_PATH_MASTERPASSWD, 1, 1);
#ifdef YP
if (use_yp) {
if (pw_yp(pw, uid))
pw_error(NULL, 0, 1);
else {
pw_abort();
exit(0);
}
} else
#endif /* YP */
{
/* Copy the passwd file to the lock file, updating pw. */
pw_copy(pfd, tfd, pw, opw);
/* If username changed we need to rebuild the entire db. */
arg = !strcmp(opw->pw_name, pw->pw_name) ? pw->pw_name : NULL;
/* Now finish the passwd file update. */
if (pw_mkdb(arg, 0) == -1)
pw_error(NULL, 0, 1);
}
exit(0);
}
static struct passwd *
verify(const char *tfn, struct passwd *pw)
{
struct passwd *npw;
ENTRY *ep;
char *buf, *p, *val;
struct stat sb;
FILE *fp;
int line;
size_t len;
if ((pw = pw_dup(pw)) == NULL)
return (NULL);
if ((fp = fopen(tfn, "r")) == NULL ||
fstat(fileno(fp), &sb) == -1) {
warn("%s", tfn);
free(pw);
return (NULL);
}
if (sb.st_size == 0) {
warnx("corrupted temporary file");
fclose(fp);
free(pw);
return (NULL);
}
val = NULL;
for (line = 1; (buf = fgetln(fp, &len)) != NULL; ++line) {
if (*buf == '\0' || *buf == '#')
continue;
while (len > 0 && isspace(buf[len - 1]))
--len;
for (ep = list;; ++ep) {
if (!ep->prompt) {
warnx("%s: unrecognized field on line %d",
tfn, line);
goto bad;
}
if (ep->len > len)
continue;
if (strncasecmp(buf, ep->prompt, ep->len) != 0)
continue;
if (ep->restricted && !master_mode) {
warnx("%s: you may not change the %s field",
tfn, ep->prompt);
goto bad;
}
for (p = buf; p < buf + len && *p != ':'; ++p)
/* nothing */ ;
if (*p != ':') {
warnx("%s: line %d corrupted", tfn, line);
goto bad;
}
while (++p < buf + len && isspace(*p))
/* nothing */ ;
free(val);
asprintf(&val, "%.*s", (int)(buf + len - p), p);
if (val == NULL)
goto bad;
if (ep->except && strpbrk(val, ep->except)) {
warnx("%s: invalid character in \"%s\" field '%s'",
tfn, ep->prompt, val);
goto bad;
}
if ((ep->func)(val, pw, ep))
goto bad;
break;
}
}
free(val);
fclose(fp);
/* Build the gecos field. */
len = asprintf(&p, "%s,%s,%s,%s,%s", list[E_NAME].save,
list[E_LOCATE].save, list[E_BPHONE].save,
list[E_HPHONE].save, list[E_OTHER].save);
if (p == NULL) {
warn("asprintf()");
free(pw);
return (NULL);
}
while (len > 0 && p[len - 1] == ',')
p[--len] = '\0';
pw->pw_gecos = p;
buf = pw_make(pw);
free(pw);
free(p);
if (buf == NULL) {
warn("pw_make()");
return (NULL);
}
npw = pw_scan(buf, PWSCAN_WARN|PWSCAN_MASTER);
free(buf);
return (npw);
bad:
free(pw);
free(val);
fclose(fp);
return (NULL);
}
int
main(int argc, char **argv)
{
enum { NEWSH, LOADENTRY, EDITENTRY } op;
struct passwd *pw, lpw, old_pw;
int ch, dfd, pfd, tfd;
#ifdef YP
int yflag = 0;
#endif
char *arg, *username = NULL;
#ifdef __GNUC__
pw = NULL; /* XXX gcc -Wuninitialized */
arg = NULL;
#endif
#ifdef YP
use_yp = _yp_check(NULL);
#endif
op = EDITENTRY;
while ((ch = getopt(argc, argv, "a:s:ly")) != -1)
switch (ch) {
case 'a':
op = LOADENTRY;
arg = optarg;
break;
case 's':
op = NEWSH;
arg = optarg;
break;
case 'l':
use_yp = 0;
break;
case 'y':
#ifdef YP
if (!use_yp)
errx(1, "YP not in use.");
yflag = 1;
#else
errx(1, "YP support not compiled in.");
#endif
break;
default:
usage();
}
argc -= optind;
argv += optind;
uid = getuid();
switch (argc) {
case 0:
/* nothing */
break;
case 1:
username = argv[0];
break;
default:
usage();
}
#ifdef YP
/*
* We need to determine if we _really_ want to use YP.
* If we defaulted to YP (i.e. were not given the -y flag),
* and the master is not running rpc.yppasswdd, we check
* to see if the user exists in the local passwd database.
* If so, we use it, otherwise we error out.
*/
if (use_yp && yflag == 0) {
if (check_yppasswdd()) {
/*
* We weren't able to contact rpc.yppasswdd.
* Check to see if we're in the local
* password database. If we are, use it.
*/
if (username != NULL)
pw = getpwnam(username);
else
pw = getpwuid(uid);
if (pw != NULL)
use_yp = 0;
else {
warnx("master YP server not running yppasswd"
" daemon.");
errx(1, "Can't change password.");
}
}
}
#endif
#ifdef YP
if (use_yp)
Pw_error = yppw_error;
else
#endif
Pw_error = pw_error;
#ifdef YP
if (op == LOADENTRY && use_yp)
errx(1, "cannot load entry using YP.\n"
"\tUse the -l flag to load local.");
#endif
if (op == EDITENTRY || op == NEWSH) {
if (username != NULL) {
pw = getpwnam(username);
if (pw == NULL)
errx(1, "unknown user: %s", username);
if (uid && uid != pw->pw_uid)
baduser();
} else {
pw = getpwuid(uid);
if (pw == NULL)
errx(1, "unknown user: uid %u", uid);
}
/* Make a copy for later verification */
old_pw = *pw;
old_pw.pw_gecos = strdup(old_pw.pw_gecos);
if (!old_pw.pw_gecos) {
err(1, "strdup");
/*NOTREACHED*/
}
}
if (op == NEWSH) {
/* protect p_shell -- it thinks NULL is /bin/sh */
if (!arg[0])
usage();
if (p_shell(arg, pw, NULL))
(*Pw_error)(NULL, 0, 1);
}
if (op == LOADENTRY) {
if (uid)
baduser();
pw = &lpw;
if (!pw_scan(arg, pw, NULL))
exit(1);
}
/* Edit the user passwd information if requested. */
if (op == EDITENTRY) {
struct stat sb;
dfd = mkstemp(tempname);
if (dfd < 0 || fcntl(dfd, F_SETFD, 1) < 0)
(*Pw_error)(tempname, 1, 1);
if (atexit(cleanup)) {
cleanup();
errx(1, "couldn't register cleanup");
}
if (stat(dirname(tempname), &sb) == -1)
err(1, "couldn't stat `%s'", dirname(tempname));
if (!(sb.st_mode & S_ISTXT))
errx(1, "temporary directory `%s' is not sticky",
dirname(tempname));
display(tempname, dfd, pw);
edit(tempname, pw);
}
#ifdef YP
if (use_yp) {
if (pw_yp(pw, uid))
yppw_error(NULL, 0, 1);
else
exit(0);
/* Will not exit from this if. */
}
#endif /* YP */
/*
* Get the passwd lock file and open the passwd file for
* reading.
*/
pw_init();
tfd = pw_lock(0);
if (tfd < 0) {
if (errno != EEXIST)
err(1, "%s", _PATH_MASTERPASSWD_LOCK);
warnx("The passwd file is busy, waiting...");
tfd = pw_lock(10);
if (tfd < 0) {
if (errno != EEXIST)
err(1, "%s", _PATH_MASTERPASSWD_LOCK);
errx(1, "The passwd file is still busy, "
"try again later.");
}
}
if (fcntl(tfd, F_SETFD, 1) < 0)
pw_error(_PATH_MASTERPASSWD_LOCK, 1, 1);
pfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0);
if (pfd < 0 || fcntl(pfd, F_SETFD, 1) < 0)
pw_error(_PATH_MASTERPASSWD, 1, 1);
/* Copy the passwd file to the lock file, updating pw. */
pw_copy(pfd, tfd, pw, (op == LOADENTRY) ? NULL : &old_pw);
close(pfd);
close(tfd);
/* Now finish the passwd file update. */
if (pw_mkdb(username, 0) < 0)
pw_error(NULL, 0, 1);
exit(0);
}
int
verify(char *tempname, struct passwd *pw)
{
ENTRY *ep;
char *p;
struct stat sb;
FILE *fp = NULL;
int len, fd;
static char buf[LINE_MAX];
#ifdef __minix
if ((fd = open(tempname, O_RDONLY)) == -1 ||
(fp = fdopen(fd, "r")) == NULL)
#else
if ((fd = open(tempname, O_RDONLY|O_NOFOLLOW)) == -1 ||
(fp = fdopen(fd, "r")) == NULL)
#endif
(*Pw_error)(tempname, 1, 1);
if (fstat(fd, &sb))
(*Pw_error)(tempname, 1, 1);
if (sb.st_size == 0 || sb.st_nlink != 1) {
warnx("corrupted temporary file");
goto bad;
}
while (fgets(buf, sizeof(buf), fp)) {
if (!buf[0] || buf[0] == '#')
continue;
if (!(p = strchr(buf, '\n'))) {
warnx("line too long");
goto bad;
}
*p = '\0';
for (ep = list;; ++ep) {
if (!ep->prompt) {
warnx("unrecognized field");
goto bad;
}
if (!strncasecmp(buf, ep->prompt, ep->len)) {
if (ep->restricted && uid) {
warnx(
"you may not change the %s field",
ep->prompt);
goto bad;
}
if (!(p = strchr(buf, ':'))) {
warnx("line corrupted");
goto bad;
}
while (isspace((unsigned char)*++p));
if (ep->except && strpbrk(p, ep->except)) {
warnx(
"illegal character in the \"%s\" field",
ep->prompt);
goto bad;
}
if ((ep->func)(p, pw, ep)) {
bad: (void)fclose(fp);
return (0);
}
break;
}
}
}
(void)fclose(fp);
/* Build the gecos field. */
len = strlen(list[E_NAME].save) + strlen(list[E_BPHONE].save) +
strlen(list[E_HPHONE].save) + strlen(list[E_LOCATE].save) + 4;
if (!(p = malloc(len)))
err(1, "malloc");
(void)snprintf(p, len, "%s,%s,%s,%s", list[E_NAME].save,
list[E_LOCATE].save, list[E_BPHONE].save, list[E_HPHONE].save);
pw->pw_gecos = p;
if (snprintf(buf, sizeof(buf),
"%s:%s:%d:%d:%s:%lu:%lu:%s:%s:%s",
pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class,
(u_long)pw->pw_change, (u_long)pw->pw_expire, pw->pw_gecos,
pw->pw_dir, pw->pw_shell) >= (int)sizeof(buf)) {
warnx("entries too long");
return (0);
}
return (pw_scan(buf, pw, (int *)NULL));
}
