Annotation of src/usr.bin/chpass/chpass.c, Revision 1.41
1.41 ! deraadt 1: /* $OpenBSD: chpass.c,v 1.40 2014/10/26 20:38:13 guenther Exp $ */
1.2 deraadt 2: /* $NetBSD: chpass.c,v 1.8 1996/05/15 21:50:43 jtc Exp $ */
1.1 deraadt 3:
4: /*-
5: * Copyright (c) 1988, 1993, 1994
6: * The Regents of the University of California. All rights reserved.
7: *
8: * Redistribution and use in source and binary forms, with or without
9: * modification, are permitted provided that the following conditions
10: * are met:
11: * 1. Redistributions of source code must retain the above copyright
12: * notice, this list of conditions and the following disclaimer.
13: * 2. Redistributions in binary form must reproduce the above copyright
14: * notice, this list of conditions and the following disclaimer in the
15: * documentation and/or other materials provided with the distribution.
1.27 millert 16: * 3. Neither the name of the University nor the names of its contributors
1.1 deraadt 17: * may be used to endorse or promote products derived from this software
18: * without specific prior written permission.
19: *
20: * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23: * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30: * SUCH DAMAGE.
31: */
32:
1.17 millert 33: #include <sys/resource.h>
1.1 deraadt 34: #include <sys/stat.h>
35: #include <sys/time.h>
1.17 millert 36: #include <sys/uio.h>
1.1 deraadt 37:
38: #include <err.h>
39: #include <errno.h>
40: #include <fcntl.h>
1.28 avsm 41: #include <paths.h>
1.1 deraadt 42: #include <pwd.h>
1.17 millert 43: #include <signal.h>
1.1 deraadt 44: #include <stdio.h>
45: #include <stdlib.h>
46: #include <string.h>
47: #include <unistd.h>
1.2 deraadt 48: #include <util.h>
1.1 deraadt 49:
50: #include "chpass.h"
51:
1.25 deraadt 52: extern char *__progname;
53:
1.17 millert 54: enum { NEWSH, LOADENTRY, EDITENTRY } op;
1.1 deraadt 55: uid_t uid;
56: #ifdef YP
1.25 deraadt 57: int use_yp;
58: int force_yp = 0;
1.1 deraadt 59: #endif
60:
1.21 millert 61: void baduser(void);
62: void kbintr(int);
63: void usage(void);
1.1 deraadt 64:
65: int
1.23 deraadt 66: main(int argc, char *argv[])
1.1 deraadt 67: {
1.33 otto 68: struct passwd *pw = NULL, *opw = NULL, lpw;
1.20 millert 69: int i, ch, pfd, tfd, dfd;
1.35 tobias 70: char *tz, *arg = NULL;
1.17 millert 71: sigset_t fullset;
1.1 deraadt 72:
73: #ifdef YP
74: use_yp = _yp_check(NULL);
75: #endif
1.35 tobias 76: /* We need to use the system timezone for date conversions. */
77: if ((tz = getenv("TZ")) != NULL) {
78: unsetenv("TZ");
79: tzset();
80: setenv("TZ", tz, 1);
81: }
1.1 deraadt 82:
83: op = EDITENTRY;
1.7 millert 84: while ((ch = getopt(argc, argv, "a:s:ly")) != -1)
1.1 deraadt 85: switch(ch) {
86: case 'a':
87: op = LOADENTRY;
88: arg = optarg;
89: break;
90: case 's':
91: op = NEWSH;
92: arg = optarg;
93: break;
94: #ifdef YP
95: case 'l':
96: use_yp = 0;
97: break;
98: case 'y':
99: if (!use_yp) {
100: warnx("YP not in use.");
101: usage();
102: }
103: force_yp = 1;
104: break;
105: #endif
106: case '?':
107: default:
108: usage();
109: }
110: argc -= optind;
111: argv += optind;
112:
113: #ifdef YP
114: if (op == LOADENTRY && use_yp)
1.23 deraadt 115: errx(1, "cannot load using YP, use -l to load local.");
1.1 deraadt 116: #endif
117: uid = getuid();
118:
119: if (op == EDITENTRY || op == NEWSH)
120: switch(argc) {
121: case 0:
122: pw = getpwuid(uid);
123: #ifdef YP
124: if (pw && !force_yp)
125: use_yp = 0;
126: else if (use_yp)
127: pw = ypgetpwuid(uid);
128: #endif /* YP */
129: if (!pw)
1.22 mpech 130: errx(1, "unknown user: uid %u", uid);
1.1 deraadt 131: break;
132: case 1:
133: pw = getpwnam(*argv);
134: #ifdef YP
135: if (pw && !force_yp)
136: use_yp = 0;
137: else if (use_yp)
138: pw = ypgetpwnam(*argv);
139: #endif /* YP */
140: if (!pw)
141: errx(1, "unknown user: %s", *argv);
142: if (uid && uid != pw->pw_uid)
143: baduser();
144: break;
145: default:
146: usage();
147: }
148:
149: if (op == LOADENTRY) {
1.33 otto 150: if (argc != 0)
151: errx(1, "option -a does not accept user argument");
1.1 deraadt 152: if (uid)
153: baduser();
154: pw = &lpw;
1.9 kstailey 155: if (!pw_scan(arg, pw, NULL))
1.1 deraadt 156: exit(1);
1.33 otto 157: opw = getpwnam(pw->pw_name);
1.1 deraadt 158: }
1.33 otto 159: if (opw == NULL && (opw = pw_dup(pw)) == NULL)
1.30 millert 160: err(1, NULL);
1.1 deraadt 161:
1.2 deraadt 162: /* Edit the user passwd information if requested. */
1.1 deraadt 163: if (op == EDITENTRY) {
1.29 espie 164: char tempname[] = _PATH_VARTMP "pw.XXXXXXXXXX";
1.26 millert 165: int edit_status;
1.24 millert 166:
1.30 millert 167: if ((pw = pw_dup(pw)) == NULL)
168: pw_error(NULL, 1, 1);
1.40 guenther 169: dfd = mkostemp(tempname, O_CLOEXEC);
170: if (dfd == -1)
1.2 deraadt 171: pw_error(tempname, 1, 1);
172: display(tempname, dfd, pw);
1.26 millert 173: edit_status = edit(tempname, pw);
1.24 millert 174: close(dfd);
175: unlink(tempname);
1.26 millert 176:
177: switch (edit_status) {
178: case EDIT_OK:
179: break;
180: case EDIT_NOCHANGE:
181: pw_error(NULL, 0, 0);
182: break;
183: case EDIT_ERROR:
184: default:
185: pw_error(tempname, 1, 1);
186: break;
187: }
1.31 wilfried 188: }
189:
190: if (op == NEWSH) {
191: /* protect p_shell -- it thinks NULL is /bin/sh */
192: if (!arg[0])
193: usage();
194: if (p_shell(arg, pw, NULL))
195: pw_error(NULL, 0, 1);
1.1 deraadt 196: }
1.2 deraadt 197:
1.17 millert 198: /* Drop user's real uid and block all signals to avoid a DoS. */
199: setuid(0);
200: sigfillset(&fullset);
201: sigdelset(&fullset, SIGINT);
202: sigprocmask(SIG_BLOCK, &fullset, NULL);
203:
204: /* Get the passwd lock file and open the passwd file for reading. */
205: pw_init();
1.20 millert 206: for (i = 1; (tfd = pw_lock(0)) == -1; i++) {
207: if (i == 4)
1.38 schwarze 208: (void)fputs("Attempting to lock password file, "
1.20 millert 209: "please wait or press ^C to abort", stderr);
210: (void)signal(SIGINT, kbintr);
211: if (i % 16 == 0)
1.17 millert 212: fputc('.', stderr);
1.20 millert 213: usleep(250000);
1.17 millert 214: (void)signal(SIGINT, SIG_IGN);
215: }
1.20 millert 216: if (i >= 4)
217: fputc('\n', stderr);
1.39 okan 218: pfd = open(_PATH_MASTERPASSWD, O_RDONLY|O_CLOEXEC, 0);
219: if (pfd == -1)
1.17 millert 220: pw_error(_PATH_MASTERPASSWD, 1, 1);
221:
1.1 deraadt 222: #ifdef YP
223: if (use_yp) {
1.17 millert 224: if (pw_yp(pw, uid))
1.9 kstailey 225: pw_error(NULL, 0, 1);
1.17 millert 226: else {
1.5 deraadt 227: pw_abort();
1.1 deraadt 228: exit(0);
1.5 deraadt 229: }
1.4 deraadt 230: } else
1.1 deraadt 231: #endif /* YP */
1.8 deraadt 232: {
233: /* Copy the passwd file to the lock file, updating pw. */
1.30 millert 234: pw_copy(pfd, tfd, pw, opw);
235:
236: /* If username changed we need to rebuild the entire db. */
237: arg = !strcmp(opw->pw_name, pw->pw_name) ? pw->pw_name : NULL;
1.2 deraadt 238:
1.8 deraadt 239: /* Now finish the passwd file update. */
1.30 millert 240: if (pw_mkdb(arg, 0) == -1)
1.9 kstailey 241: pw_error(NULL, 0, 1);
1.8 deraadt 242: }
1.1 deraadt 243:
244: exit(0);
245: }
246:
247: void
1.23 deraadt 248: baduser(void)
1.1 deraadt 249: {
250:
251: errx(1, "%s", strerror(EACCES));
1.14 millert 252: }
253:
1.32 deraadt 254: /* ARGSUSED */
1.14 millert 255: void
1.23 deraadt 256: kbintr(int signo)
1.17 millert 257: {
258: struct iovec iv[5];
259:
260: iv[0].iov_base = "\n";
261: iv[0].iov_len = 1;
262: iv[1].iov_base = __progname;
263: iv[1].iov_len = strlen(__progname);
264: iv[2].iov_base = ": ";
265: iv[2].iov_len = 2;
266: iv[3].iov_base = _PATH_MASTERPASSWD;
267: iv[3].iov_len = sizeof(_PATH_MASTERPASSWD) - 1;
268: iv[4].iov_base = " unchanged\n";
269: iv[4].iov_len = 11;
270: writev(STDERR_FILENO, iv, 5);
271:
272: _exit(1);
1.1 deraadt 273: }
274:
275: void
1.23 deraadt 276: usage(void)
1.1 deraadt 277: {
278:
279: #ifdef YP
1.15 aaron 280: (void)fprintf(stderr,
1.34 jmc 281: "usage: %s [-l%s] [-s newshell] [user]\n",
1.15 aaron 282: __progname, use_yp ? "y" : "");
1.34 jmc 283: (void)fprintf(stderr,
1.36 sobrado 284: " %s [-l] -a list\n", __progname);
1.1 deraadt 285: #else
1.34 jmc 286: (void)fprintf(stderr, "usage: %s [-s newshell] [user]\n", __progname);
1.36 sobrado 287: (void)fprintf(stderr, " %s -a list\n", __progname);
1.1 deraadt 288: #endif
289: exit(1);
290: }