int main(int argc, char **argv) { struct passwd *p; int i, ecode; init_defaults(basename(argv[0]), "passwd"); while ((i=getopt(argc,argv,"c")) != EOF) { switch (i) { case 'c': if (getuid() != 0) { fprintf(stderr,"%s: must be root to set chroot option\n", argv[0]); return EXIT_FAILURE; } passwd_stub = CHROOTED_PASSWD; break; default: fprintf(stderr,"%s: bad option %c\n", argv[0], i); return EXIT_FAILURE; } } if (optind == argc) { if (!(p = getpwuid(getuid()))) { fprintf(stderr, "%s: cannot locate your password entry\n", argv[0]); return EXIT_FAILURE; } return change_passwd(p); } /* passwd should use getopt to support -- syntax */ ecode = Success; for (i = optind; i < argc; i++) { if (!(p = getpwnam(argv[i]))) { if (getuid() != 0) { fprintf(stderr, "%s: must be root to create new accounts\n", argv[0]); return EXIT_FAILURE; } if (strlen(argv[i]) > LOGIN_NAME_MAX) { fprintf(stderr,"%s: username exceeds maximum length of %d characters\n", argv[0], LOGIN_NAME_MAX); return EXIT_FAILURE; } if (strchr(argv[i], ':')) { fprintf(stderr, "%s: username cannot contain ':' character\n", argv[0]); return EXIT_FAILURE; } if ((ecode=create_account(argv[i])) != Success) { return ecode; } } else if (p->pw_uid != getuid() && getuid() != 0) { fprintf(stderr, "%s: sorry, only root may change another user's password\n", argv[0]); } else if ((ecode=change_passwd(p)) != Success) { return ecode; } } return ecode; }
int main(int argc, char *argv[]) { char account_id[ACCOUNT_LEN+1]; menu_options_e current_option; /* Initian account_id. */ memset(account_id, '\0', sizeof(account_id)); current_option = mo_login; /* make sure current_option not equal mo_exit. */ announce(); database_initialize(); /* Now we wait for user to input command. */ while (current_option != mo_exit) { current_option = show_menu(account_id); switch(current_option) { case mo_new: create_new_account(); break; case mo_reset: reset_passwd(); break; case mo_loss: report_loss(); break; case mo_login: login(account_id); break; case mo_query: query(account_id); break; case mo_store: store_money(account_id); break; case mo_draw: draw_money(account_id); break; case mo_renewal: renewal(account_id); break; case mo_change_passwd: change_passwd(account_id); break; case mo_logout: logout(account_id); break; case mo_exit: case mo_invalid: default: break; } /* switch */ } /* while */ database_close(); exit(EXIT_SUCCESS); }
/* * gpasswd - administer the /etc/group file */ int main (int argc, char **argv) { struct group grent; #ifdef SHADOWGRP struct sgrp sgent; #endif struct passwd *pw = NULL; #ifdef WITH_AUDIT audit_help_open (); #endif sanitize_env (); (void) setlocale (LC_ALL, ""); (void) bindtextdomain (PACKAGE, LOCALEDIR); (void) textdomain (PACKAGE); /* * Make a note of whether or not this command was invoked by root. * This will be used to bypass certain checks later on. Also, set * the real user ID to match the effective user ID. This will * prevent the invoker from issuing signals which would interfere * with this command. */ bywho = getuid (); Prog = Basename (argv[0]); OPENLOG ("gpasswd"); setbuf (stdout, NULL); setbuf (stderr, NULL); #ifdef SHADOWGRP is_shadowgrp = sgr_file_present (); #endif /* * Determine the name of the user that invoked this command. This * is really hit or miss because there are so many ways that command * can be executed and so many ways to trip up the routines that * report the user name. */ pw = get_my_pwent (); if (NULL == pw) { fprintf (stderr, _("%s: Cannot determine your user name.\n"), Prog); SYSLOG ((LOG_WARN, "Cannot determine the user name of the caller (UID %lu)", (unsigned long) getuid ())); exit (E_NOPERM); } myname = xstrdup (pw->pw_name); /* * Register an exit function to warn for any inconsistency that we * could create. */ if (atexit (do_cleanups) != 0) { fprintf(stderr, "%s: cannot set exit function\n", Prog); exit (1); } /* Parse the options */ process_flags (argc, argv); /* * Replicate the group so it can be modified later on. */ #ifdef SHADOWGRP get_group (&grent, &sgent); #else get_group (&grent); #endif /* * Check if the user is allowed to change the password of this group. */ #ifdef SHADOWGRP check_perms (&grent, &sgent); #else check_perms (&grent); #endif /* * Removing a password is straight forward. Just set the password * field to a "". */ if (rflg) { grent.gr_passwd = ""; /* XXX warning: const */ #ifdef SHADOWGRP sgent.sg_passwd = ""; /* XXX warning: const */ #endif goto output; } else if (Rflg) { /* * Same thing for restricting the group. Set the password * field to "!". */ grent.gr_passwd = "!"; /* XXX warning: const */ #ifdef SHADOWGRP sgent.sg_passwd = "!"; /* XXX warning: const */ #endif goto output; } /* * Adding a member to a member list is pretty straightforward as * well. Call the appropriate routine and split. */ if (aflg) { printf (_("Adding user %s to group %s\n"), user, group); grent.gr_mem = add_list (grent.gr_mem, user); #ifdef SHADOWGRP if (is_shadowgrp) { sgent.sg_mem = add_list (sgent.sg_mem, user); } #endif goto output; } /* * Removing a member from the member list is the same deal as adding * one, except the routine is different. */ if (dflg) { bool removed = false; printf (_("Removing user %s from group %s\n"), user, group); if (is_on_list (grent.gr_mem, user)) { removed = true; grent.gr_mem = del_list (grent.gr_mem, user); } #ifdef SHADOWGRP if (is_shadowgrp) { if (is_on_list (sgent.sg_mem, user)) { removed = true; sgent.sg_mem = del_list (sgent.sg_mem, user); } } #endif if (!removed) { fprintf (stderr, _("%s: user '%s' is not a member of '%s'\n"), Prog, user, group); exit (E_BAD_ARG); } goto output; } #ifdef SHADOWGRP /* * Replacing the entire list of administrators is simple. Check the * list to make sure everyone is a real user. Then slap the new list * in place. */ if (Aflg) { sgent.sg_adm = comma_to_list (admins); if (!Mflg) { goto output; } } #endif /* SHADOWGRP */ /* * Replacing the entire list of members is simple. Check the list to * make sure everyone is a real user. Then slap the new list in * place. */ if (Mflg) { #ifdef SHADOWGRP sgent.sg_mem = comma_to_list (members); #endif grent.gr_mem = comma_to_list (members); goto output; } /* * If the password is being changed, the input and output must both * be a tty. The typical keyboard signals are caught so the termio * modes can be restored. */ if ((isatty (0) == 0) || (isatty (1) == 0)) { fprintf (stderr, _("%s: Not a tty\n"), Prog); exit (E_NOPERM); } catch_signals (0); /* save tty modes */ (void) signal (SIGHUP, catch_signals); (void) signal (SIGINT, catch_signals); (void) signal (SIGQUIT, catch_signals); (void) signal (SIGTERM, catch_signals); #ifdef SIGTSTP (void) signal (SIGTSTP, catch_signals); #endif /* Prompt for the new password */ #ifdef SHADOWGRP change_passwd (&grent, &sgent); #else change_passwd (&grent); #endif /* * This is the common arrival point to output the new group file. * The freshly crafted entry is in allocated space. The group file * will be locked and opened for writing. The new entry will be * output, etc. */ output: if (setuid (0) != 0) { fputs (_("Cannot change ID to root.\n"), stderr); SYSLOG ((LOG_ERR, "can't setuid(0)")); closelog (); exit (E_NOPERM); } pwd_init (); open_files (); #ifdef SHADOWGRP update_group (&grent, &sgent); #else update_group (&grent); #endif close_files (); nscd_flush_cache ("group"); exit (E_SUCCESS); }