]>
Commit | Line | Data |
---|---|---|
c3a08f59 A |
1 | /* $OpenBSD: pwd_mkdb.c,v 1.36 2003/06/08 21:14:55 millert Exp $ */ |
2 | ||
1815bff5 A |
3 | /*- |
4 | * Copyright (c) 1991, 1993, 1994 | |
5 | * The Regents of the University of California. All rights reserved. | |
c3a08f59 A |
6 | * Portions Copyright (c) 1994, Jason Downs. All rights reserved. |
7 | * Portions Copyright (c) 1998, Todd C. Miller. All rights reserved. | |
1815bff5 A |
8 | * |
9 | * Redistribution and use in source and binary forms, with or without | |
10 | * modification, are permitted provided that the following conditions | |
11 | * are met: | |
12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer in the | |
16 | * documentation and/or other materials provided with the distribution. | |
c3a08f59 | 17 | * 3. Neither the name of the University nor the names of its contributors |
1815bff5 A |
18 | * may be used to endorse or promote products derived from this software |
19 | * without specific prior written permission. | |
20 | * | |
21 | * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND | |
22 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
23 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
24 | * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE | |
25 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
26 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
27 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
28 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
29 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
30 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
31 | * SUCH DAMAGE. | |
32 | */ | |
33 | ||
34 | #ifndef lint | |
c3a08f59 | 35 | static const char copyright[] = |
1815bff5 A |
36 | "@(#) Copyright (c) 1991, 1993, 1994\n\ |
37 | The Regents of the University of California. All rights reserved.\n"; | |
38 | #endif /* not lint */ | |
39 | ||
40 | #ifndef lint | |
c3a08f59 A |
41 | #if 0 |
42 | static const char sccsid[] = "from: @(#)pwd_mkdb.c 8.5 (Berkeley) 4/20/94"; | |
43 | #else | |
44 | static const char rcsid[] = "$OpenBSD: pwd_mkdb.c,v 1.36 2003/06/08 21:14:55 millert Exp $"; | |
45 | #endif | |
1815bff5 A |
46 | #endif /* not lint */ |
47 | ||
48 | #include <sys/param.h> | |
49 | #include <sys/stat.h> | |
50 | ||
51 | #include <db.h> | |
52 | #include <err.h> | |
53 | #include <errno.h> | |
54 | #include <fcntl.h> | |
c3a08f59 | 55 | #include <grp.h> |
1815bff5 A |
56 | #include <limits.h> |
57 | #include <pwd.h> | |
58 | #include <signal.h> | |
59 | #include <stdio.h> | |
60 | #include <stdlib.h> | |
61 | #include <string.h> | |
62 | #include <unistd.h> | |
c3a08f59 A |
63 | #include <util.h> |
64 | #include <sys/param.h> | |
1815bff5 A |
65 | |
66 | #define INSECURE 1 | |
67 | #define SECURE 2 | |
68 | #define PERM_INSECURE (S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH) | |
69 | #define PERM_SECURE (S_IRUSR|S_IWUSR) | |
70 | ||
c3a08f59 A |
71 | #define FILE_SECURE 0x01 |
72 | #define FILE_INSECURE 0x02 | |
73 | #define FILE_ORIG 0x04 | |
74 | ||
75 | #define SHADOW_GROUP "wheel" | |
76 | ||
1815bff5 A |
77 | HASHINFO openinfo = { |
78 | 4096, /* bsize */ | |
79 | 32, /* ffactor */ | |
80 | 256, /* nelem */ | |
81 | 2048 * 1024, /* cachesize */ | |
82 | NULL, /* hash() */ | |
83 | 0 /* lorder */ | |
84 | }; | |
85 | ||
1815bff5 | 86 | static char *pname; /* password file name */ |
c3a08f59 A |
87 | static char *basedir; /* dir holding master.passwd */ |
88 | static int clean; /* what to remove on cleanup */ | |
89 | static int hasyp; /* are we running YP? */ | |
90 | ||
91 | void cleanup(void); | |
92 | void error(char *); | |
93 | void errorx(char *); | |
94 | void cp(char *, char *, mode_t); | |
95 | void mv(char *, char *); | |
96 | int scan(FILE *, struct passwd *, int *); | |
97 | void usage(void); | |
98 | char *changedir(char *path, char *dir); | |
99 | void db_store(FILE *, FILE *, DB *, DB *,struct passwd *, int, char *, uid_t); | |
1815bff5 A |
100 | |
101 | int | |
c3a08f59 | 102 | main(int argc, char **argv) |
1815bff5 A |
103 | { |
104 | DB *dp, *edp; | |
105 | DBT data, key; | |
c3a08f59 A |
106 | FILE *fp, *oldfp = NULL; |
107 | struct stat st; | |
108 | struct passwd pwd; | |
109 | struct group *grp; | |
1815bff5 | 110 | sigset_t set; |
c3a08f59 A |
111 | uid_t olduid; |
112 | gid_t shadow; | |
113 | int ch, tfd, makeold, secureonly, flags, checkonly; | |
114 | char *username, buf[MAX(MAXPATHLEN, LINE_MAX * 2)]; | |
115 | ||
116 | flags = checkonly = makeold = secureonly = 0; | |
117 | username = NULL; | |
118 | while ((ch = getopt(argc, argv, "cd:psu:v")) != -1) | |
119 | switch (ch) { | |
120 | case 'c': /* verify only */ | |
121 | checkonly = 1; | |
122 | break; | |
123 | case 'd': | |
124 | basedir = optarg; | |
125 | if (strlen(basedir) > MAXPATHLEN - 40) | |
126 | errx(1, "basedir too long"); | |
127 | break; | |
1815bff5 A |
128 | case 'p': /* create V7 "file.orig" */ |
129 | makeold = 1; | |
130 | break; | |
c3a08f59 A |
131 | case 's': /* only update spwd.db */ |
132 | secureonly = 1; | |
133 | break; | |
134 | case 'u': /* only update this record */ | |
135 | username = optarg; | |
136 | if (strlen(username) > _PW_NAME_LEN) | |
137 | errx(1, "username too long"); | |
138 | break; | |
1815bff5 A |
139 | case 'v': /* backward compatible */ |
140 | break; | |
141 | case '?': | |
142 | default: | |
143 | usage(); | |
144 | } | |
145 | argc -= optind; | |
146 | argv += optind; | |
147 | ||
c3a08f59 A |
148 | if (argc != 1 || (makeold && secureonly) || |
149 | (username && (*username == '+' || *username == '-'))) | |
1815bff5 | 150 | usage(); |
c3a08f59 A |
151 | |
152 | if ((grp = getgrnam(SHADOW_GROUP)) == NULL) | |
153 | errx(1, "cannot find `%s' in the group database, aborting", | |
154 | SHADOW_GROUP); | |
155 | shadow = grp->gr_gid; | |
1815bff5 A |
156 | |
157 | /* | |
158 | * This could be changed to allow the user to interrupt. | |
159 | * Probably not worth the effort. | |
160 | */ | |
161 | sigemptyset(&set); | |
162 | sigaddset(&set, SIGTSTP); | |
163 | sigaddset(&set, SIGHUP); | |
164 | sigaddset(&set, SIGINT); | |
165 | sigaddset(&set, SIGQUIT); | |
166 | sigaddset(&set, SIGTERM); | |
167 | (void)sigprocmask(SIG_BLOCK, &set, (sigset_t *)NULL); | |
168 | ||
169 | /* We don't care what the user wants. */ | |
170 | (void)umask(0); | |
171 | ||
c3a08f59 A |
172 | if (**argv != '/' && basedir == NULL) |
173 | errx(1, "%s must be specified as an absolute path", *argv); | |
174 | ||
175 | if ((pname = strdup(changedir(*argv, basedir))) == NULL) | |
176 | err(1, NULL); | |
1815bff5 A |
177 | /* Open the original password file */ |
178 | if (!(fp = fopen(pname, "r"))) | |
179 | error(pname); | |
180 | ||
c3a08f59 A |
181 | /* Check only if password database is valid */ |
182 | if (checkonly) { | |
183 | u_int cnt; | |
184 | ||
185 | for (cnt = 1; scan(fp, &pwd, &flags); ++cnt) | |
186 | ; | |
187 | exit(0); | |
188 | } | |
189 | ||
190 | if (fstat(fileno(fp), &st) == -1) | |
191 | error(pname); | |
192 | ||
193 | /* Tweak openinfo values for large passwd files. */ | |
194 | if (st.st_size > (off_t)100*1024) | |
195 | openinfo.cachesize = MIN(st.st_size * 20, (off_t)12*1024*1024); | |
196 | if (st.st_size / 128 > openinfo.nelem) | |
197 | openinfo.nelem = st.st_size / 128; | |
198 | ||
199 | /* If only updating a single record, stash the old uid */ | |
200 | if (username) { | |
201 | dp = dbopen(_PATH_MP_DB, O_RDONLY, 0, DB_HASH, NULL); | |
202 | if (dp == NULL) | |
203 | error(_PATH_MP_DB); | |
204 | buf[0] = _PW_KEYBYNAME; | |
205 | strlcpy(buf + 1, username, sizeof(buf) - 1); | |
206 | key.data = (u_char *)buf; | |
207 | key.size = strlen(buf + 1) + 1; | |
208 | if ((dp->get)(dp, &key, &data, 0) == 0) { | |
209 | char *p = (char *)data.data; | |
210 | /* Skip to uid field */ | |
211 | while (*p++ != '\0') | |
212 | ; | |
213 | while (*p++ != '\0') | |
214 | ; | |
215 | memcpy(&olduid, p, sizeof(olduid)); | |
216 | } else | |
217 | olduid = UID_MAX; | |
218 | (dp->close)(dp); | |
219 | } | |
220 | ||
221 | /* Open the temporary encrypted password database. */ | |
222 | (void)snprintf(buf, sizeof(buf), "%s.tmp", | |
223 | changedir(_PATH_SMP_DB, basedir)); | |
224 | if (username) { | |
225 | cp(changedir(_PATH_SMP_DB, basedir), buf, PERM_SECURE); | |
226 | edp = dbopen(buf, | |
227 | O_RDWR, PERM_SECURE, DB_HASH, &openinfo); | |
228 | } else { | |
229 | edp = dbopen(buf, | |
230 | O_RDWR|O_CREAT|O_EXCL, PERM_SECURE, DB_HASH, &openinfo); | |
231 | } | |
232 | if (!edp) | |
1815bff5 | 233 | error(buf); |
c3a08f59 A |
234 | if (fchown(edp->fd(edp), (uid_t)-1, shadow) != 0) |
235 | warn("%s: unable to set group to %s", _PATH_SMP_DB, | |
236 | SHADOW_GROUP); | |
237 | else if (fchmod(edp->fd(edp), PERM_SECURE|S_IRGRP) != 0) | |
238 | warn("%s: unable to make group readable", _PATH_SMP_DB); | |
239 | clean |= FILE_SECURE; | |
240 | ||
241 | /* Open the temporary insecure password database. */ | |
242 | if (!secureonly) { | |
243 | (void)snprintf(buf, sizeof(buf), "%s.tmp", | |
244 | changedir(_PATH_MP_DB, basedir)); | |
245 | if (username) { | |
246 | cp(changedir(_PATH_MP_DB, basedir), buf, PERM_INSECURE); | |
247 | dp = dbopen(buf, O_RDWR, PERM_INSECURE, DB_HASH, | |
248 | &openinfo); | |
249 | } else { | |
250 | dp = dbopen(buf, O_RDWR|O_CREAT|O_EXCL, PERM_INSECURE, | |
251 | DB_HASH, &openinfo); | |
252 | } | |
253 | if (dp == NULL) | |
254 | error(buf); | |
255 | clean |= FILE_INSECURE; | |
256 | } else | |
257 | dp = NULL; | |
1815bff5 A |
258 | |
259 | /* | |
260 | * Open file for old password file. Minor trickiness -- don't want to | |
261 | * chance the file already existing, since someone (stupidly) might | |
262 | * still be using this for permission checking. So, open it first and | |
263 | * fdopen the resulting fd. The resulting file should be readable by | |
264 | * everyone. | |
265 | */ | |
266 | if (makeold) { | |
267 | (void)snprintf(buf, sizeof(buf), "%s.orig", pname); | |
268 | if ((tfd = open(buf, | |
269 | O_WRONLY|O_CREAT|O_EXCL, PERM_INSECURE)) < 0) | |
270 | error(buf); | |
271 | if ((oldfp = fdopen(tfd, "w")) == NULL) | |
272 | error(buf); | |
c3a08f59 | 273 | clean |= FILE_ORIG; |
1815bff5 A |
274 | } |
275 | ||
276 | /* | |
277 | * The databases actually contain three copies of the original data. | |
278 | * Each password file entry is converted into a rough approximation | |
279 | * of a ``struct passwd'', with the strings placed inline. This | |
280 | * object is then stored as the data for three separate keys. The | |
281 | * first key * is the pw_name field prepended by the _PW_KEYBYNAME | |
282 | * character. The second key is the pw_uid field prepended by the | |
283 | * _PW_KEYBYUID character. The third key is the line number in the | |
284 | * original file prepended by the _PW_KEYBYNUM character. (The special | |
285 | * characters are prepended to ensure that the keys do not collide.) | |
c3a08f59 A |
286 | * |
287 | * If we see something go by that looks like YP, we save a special | |
288 | * pointer record, which if YP is enabled in the C lib, will speed | |
289 | * things up. | |
1815bff5 | 290 | */ |
1815bff5 | 291 | |
c3a08f59 A |
292 | /* |
293 | * Write the .db files. | |
294 | * We do this three times, one per key type (for getpw{nam,uid,ent}). | |
295 | * The first time through we also check for YP, issue warnings | |
296 | * and save the V7 format passwd file if necessary. | |
297 | */ | |
298 | db_store(fp, oldfp, edp, dp, &pwd, _PW_KEYBYNAME, username, olduid); | |
299 | db_store(fp, oldfp, edp, dp, &pwd, _PW_KEYBYUID, username, olduid); | |
300 | db_store(fp, oldfp, edp, dp, &pwd, _PW_KEYBYNUM, username, olduid); | |
1815bff5 | 301 | |
c3a08f59 A |
302 | /* Store YP token, if needed. */ |
303 | if (hasyp && !username) { | |
304 | key.data = (u_char *)_PW_YPTOKEN; | |
305 | key.size = strlen(_PW_YPTOKEN); | |
306 | data.data = (u_char *)NULL; | |
307 | data.size = 0; | |
1815bff5 | 308 | |
1815bff5 A |
309 | if ((edp->put)(edp, &key, &data, R_NOOVERWRITE) == -1) |
310 | error("put"); | |
311 | ||
c3a08f59 | 312 | if (dp && (dp->put)(dp, &key, &data, R_NOOVERWRITE) == -1) |
1815bff5 A |
313 | error("put"); |
314 | } | |
315 | ||
c3a08f59 A |
316 | if ((edp->close)(edp)) |
317 | error("close edp"); | |
318 | if (dp && (dp->close)(dp)) | |
319 | error("close dp"); | |
320 | if (makeold) { | |
321 | if (fclose(oldfp) == EOF) | |
322 | error("close old"); | |
323 | } | |
1815bff5 A |
324 | |
325 | /* Set master.passwd permissions, in case caller forgot. */ | |
326 | (void)fchmod(fileno(fp), S_IRUSR|S_IWUSR); | |
c3a08f59 A |
327 | if (fclose(fp) != 0) |
328 | error("fclose"); | |
1815bff5 A |
329 | |
330 | /* Install as the real password files. */ | |
c3a08f59 A |
331 | if (!secureonly) { |
332 | (void)snprintf(buf, sizeof(buf), "%s.tmp", | |
333 | changedir(_PATH_MP_DB, basedir)); | |
334 | mv(buf, changedir(_PATH_MP_DB, basedir)); | |
335 | } | |
336 | (void)snprintf(buf, sizeof(buf), "%s.tmp", | |
337 | changedir(_PATH_SMP_DB, basedir)); | |
338 | mv(buf, changedir(_PATH_SMP_DB, basedir)); | |
1815bff5 A |
339 | if (makeold) { |
340 | (void)snprintf(buf, sizeof(buf), "%s.orig", pname); | |
c3a08f59 | 341 | mv(buf, changedir(_PATH_PASSWD, basedir)); |
1815bff5 | 342 | } |
c3a08f59 | 343 | |
1815bff5 A |
344 | /* |
345 | * Move the master password LAST -- chpass(1), passwd(1) and vipw(8) | |
346 | * all use flock(2) on it to block other incarnations of themselves. | |
347 | * The rename means that everything is unlocked, as the original file | |
348 | * can no longer be accessed. | |
349 | */ | |
c3a08f59 | 350 | mv(pname, changedir(_PATH_MASTERPASSWD, basedir)); |
1815bff5 A |
351 | exit(0); |
352 | } | |
353 | ||
354 | int | |
c3a08f59 | 355 | scan(FILE *fp, struct passwd *pw, int *flags) |
1815bff5 A |
356 | { |
357 | static int lcnt; | |
358 | static char line[LINE_MAX]; | |
359 | char *p; | |
360 | ||
c3a08f59 | 361 | if (fgets(line, sizeof(line), fp) == NULL) |
1815bff5 | 362 | return (0); |
1815bff5 A |
363 | ++lcnt; |
364 | /* | |
365 | * ``... if I swallow anything evil, put your fingers down my | |
366 | * throat...'' | |
367 | * -- The Who | |
368 | */ | |
c3a08f59 A |
369 | p = line; |
370 | if (*p != '\0' && *(p += strlen(line) - 1) != '\n') { | |
1815bff5 A |
371 | warnx("line too long"); |
372 | goto fmt; | |
1815bff5 A |
373 | } |
374 | *p = '\0'; | |
c3a08f59 A |
375 | *flags = 0; |
376 | if (!pw_scan(line, pw, flags)) { | |
1815bff5 A |
377 | warnx("at line #%d", lcnt); |
378 | fmt: errno = EFTYPE; /* XXX */ | |
379 | error(pname); | |
380 | } | |
381 | ||
382 | return (1); | |
383 | } | |
384 | ||
c3a08f59 A |
385 | void |
386 | cp(from, to, mode) | |
387 | char *from, *to; | |
388 | mode_t mode; | |
389 | { | |
390 | static char buf[MAXBSIZE]; | |
391 | int from_fd, rcount, to_fd, wcount; | |
392 | ||
393 | if ((from_fd = open(from, O_RDONLY, 0)) < 0) | |
394 | error(from); | |
395 | if ((to_fd = open(to, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0) | |
396 | error(to); | |
397 | while ((rcount = read(from_fd, buf, MAXBSIZE)) > 0) { | |
398 | wcount = write(to_fd, buf, rcount); | |
399 | if (rcount != wcount || wcount == -1) { | |
400 | int sverrno = errno; | |
401 | ||
402 | (void)snprintf(buf, sizeof(buf), "%s to %s", from, to); | |
403 | errno = sverrno; | |
404 | error(buf); | |
405 | } | |
406 | } | |
407 | if (rcount < 0) { | |
408 | int sverrno = errno; | |
409 | ||
410 | (void)snprintf(buf, sizeof(buf), "%s to %s", from, to); | |
411 | errno = sverrno; | |
412 | error(buf); | |
413 | } | |
414 | } | |
415 | ||
1815bff5 A |
416 | void |
417 | mv(from, to) | |
418 | char *from, *to; | |
419 | { | |
c3a08f59 | 420 | char buf[MAXPATHLEN * 2]; |
1815bff5 A |
421 | |
422 | if (rename(from, to)) { | |
423 | int sverrno = errno; | |
c3a08f59 | 424 | |
1815bff5 A |
425 | (void)snprintf(buf, sizeof(buf), "%s to %s", from, to); |
426 | errno = sverrno; | |
427 | error(buf); | |
428 | } | |
429 | } | |
430 | ||
431 | void | |
432 | error(name) | |
433 | char *name; | |
434 | { | |
435 | ||
c3a08f59 A |
436 | warn("%s", name); |
437 | cleanup(); | |
438 | exit(1); | |
439 | } | |
440 | ||
441 | void | |
442 | errorx(name) | |
443 | char *name; | |
444 | { | |
445 | ||
446 | warnx("%s", name); | |
1815bff5 A |
447 | cleanup(); |
448 | exit(1); | |
449 | } | |
450 | ||
451 | void | |
452 | cleanup() | |
453 | { | |
454 | char buf[MAXPATHLEN]; | |
455 | ||
c3a08f59 | 456 | if (clean & FILE_ORIG) { |
1815bff5 A |
457 | (void)snprintf(buf, sizeof(buf), "%s.orig", pname); |
458 | (void)unlink(buf); | |
c3a08f59 A |
459 | } |
460 | if (clean & FILE_SECURE) { | |
461 | (void)snprintf(buf, sizeof(buf), "%s.tmp", | |
462 | changedir(_PATH_SMP_DB, basedir)); | |
1815bff5 | 463 | (void)unlink(buf); |
c3a08f59 A |
464 | } |
465 | if (clean & FILE_INSECURE) { | |
466 | (void)snprintf(buf, sizeof(buf), "%s.tmp", | |
467 | changedir(_PATH_MP_DB, basedir)); | |
1815bff5 A |
468 | (void)unlink(buf); |
469 | } | |
470 | } | |
471 | ||
472 | void | |
c3a08f59 | 473 | usage(void) |
1815bff5 A |
474 | { |
475 | ||
c3a08f59 A |
476 | (void)fprintf(stderr, |
477 | "usage: pwd_mkdb [-c] [-p | -s] [-d basedir] [-u username] file\n"); | |
1815bff5 A |
478 | exit(1); |
479 | } | |
c3a08f59 A |
480 | |
481 | char * | |
482 | changedir(char *path, char *dir) | |
483 | { | |
484 | static char fixed[MAXPATHLEN]; | |
485 | char *p; | |
486 | ||
487 | if (!dir) | |
488 | return (path); | |
489 | ||
490 | if ((p = strrchr(path, '/')) != NULL) | |
491 | path = p + 1; | |
492 | snprintf(fixed, sizeof(fixed), "%s/%s", dir, path); | |
493 | return (fixed); | |
494 | } | |
495 | ||
496 | void | |
497 | db_store(FILE *fp, FILE *oldfp, DB *edp, DB *dp, struct passwd *pw, | |
498 | int keytype, char *username, uid_t olduid) | |
499 | { | |
500 | int flags = 0; | |
501 | int dbmode, found = 0; | |
502 | u_int cnt; | |
503 | char *p, *t, buf[LINE_MAX * 2], tbuf[1024]; | |
504 | DBT data, key; | |
505 | size_t len; | |
506 | static int firsttime = 1; | |
507 | ||
508 | /* If given a username just add that record to the existing db. */ | |
509 | dbmode = username ? 0 : R_NOOVERWRITE; | |
510 | ||
511 | rewind(fp); | |
512 | data.data = (u_char *)buf; | |
513 | key.data = (u_char *)tbuf; | |
514 | for (cnt = 1; scan(fp, pw, &flags); ++cnt) { | |
515 | ||
83f6dbe8 A |
516 | #ifdef __APPLE__ |
517 | if (pw->pw_name == NULL) | |
518 | continue; | |
519 | #endif | |
520 | ||
c3a08f59 A |
521 | if (firsttime) { |
522 | /* Look like YP? */ | |
523 | if ((pw->pw_name[0] == '+') || (pw->pw_name[0] == '-')) | |
524 | hasyp++; | |
525 | ||
526 | /* Warn about potentially unsafe uid/gid overrides. */ | |
527 | if (pw->pw_name[0] == '+') { | |
528 | if (!(flags & _PASSWORD_NOUID) && !pw->pw_uid) | |
529 | warnx("line %d: superuser override in " | |
530 | "YP inclusion", cnt); | |
531 | if (!(flags & _PASSWORD_NOGID) && !pw->pw_gid) | |
532 | warnx("line %d: wheel override in " | |
533 | "YP inclusion", cnt); | |
534 | } | |
535 | ||
536 | /* Create V7 format password file entry. */ | |
537 | if (oldfp != NULL) | |
538 | if (fprintf(oldfp, "%s:*:%u:%u:%s:%s:%s\n", | |
539 | pw->pw_name, pw->pw_uid, pw->pw_gid, | |
540 | pw->pw_gecos, pw->pw_dir, pw->pw_shell) | |
541 | == EOF) | |
542 | error("write old"); | |
543 | } | |
544 | ||
545 | /* Are we updating a specific record? */ | |
546 | if (username) { | |
547 | if (strcmp(username, pw->pw_name) != 0) | |
548 | continue; | |
549 | found = 1; | |
550 | /* If the uid changed, remove the old record by uid. */ | |
551 | if (olduid != UID_MAX && olduid != pw->pw_uid) { | |
552 | tbuf[0] = _PW_KEYBYUID; | |
553 | memcpy(tbuf + 1, &olduid, sizeof(olduid)); | |
554 | key.size = sizeof(olduid) + 1; | |
555 | (edp->del)(edp, &key, 0); | |
556 | if (dp) | |
557 | (dp->del)(dp, &key, 0); | |
558 | } | |
559 | /* XXX - should check to see if line number changed. */ | |
560 | } | |
561 | ||
562 | /* Build the key. */ | |
563 | tbuf[0] = keytype; | |
564 | switch (keytype) { | |
565 | case _PW_KEYBYNUM: | |
566 | memmove(tbuf + 1, &cnt, sizeof(cnt)); | |
567 | key.size = sizeof(cnt) + 1; | |
568 | break; | |
569 | ||
570 | case _PW_KEYBYNAME: | |
571 | len = strlen(pw->pw_name); | |
572 | memmove(tbuf + 1, pw->pw_name, len); | |
573 | key.size = len + 1; | |
574 | break; | |
575 | ||
576 | case _PW_KEYBYUID: | |
577 | memmove(tbuf + 1, &pw->pw_uid, sizeof(pw->pw_uid)); | |
578 | key.size = sizeof(pw->pw_uid) + 1; | |
579 | break; | |
580 | } | |
581 | ||
582 | #define COMPACT(e) t = e; while ((*p++ = *t++)); | |
583 | /* Create the secure record. */ | |
584 | p = buf; | |
585 | COMPACT(pw->pw_name); | |
586 | COMPACT(pw->pw_passwd); | |
587 | memmove(p, &pw->pw_uid, sizeof(uid_t)); | |
588 | p += sizeof(uid_t); | |
589 | memmove(p, &pw->pw_gid, sizeof(gid_t)); | |
590 | p += sizeof(gid_t); | |
591 | memmove(p, &pw->pw_change, sizeof(time_t)); | |
592 | p += sizeof(time_t); | |
593 | COMPACT(pw->pw_class); | |
594 | COMPACT(pw->pw_gecos); | |
595 | COMPACT(pw->pw_dir); | |
596 | COMPACT(pw->pw_shell); | |
597 | memmove(p, &pw->pw_expire, sizeof(time_t)); | |
598 | p += sizeof(time_t); | |
599 | memmove(p, &flags, sizeof(int)); | |
600 | p += sizeof(int); | |
601 | data.size = p - buf; | |
602 | ||
603 | /* Write the secure record. */ | |
604 | if ((edp->put)(edp, &key, &data, dbmode) == -1) | |
605 | error("put"); | |
606 | ||
607 | if (dp == NULL) | |
608 | continue; | |
609 | ||
610 | /* Star out password to make insecure record. */ | |
611 | p = buf + strlen(pw->pw_name) + 1; /* skip pw_name */ | |
612 | len = strlen(pw->pw_passwd); | |
613 | memset(p, 0, len); /* zero pw_passwd */ | |
614 | t = p + len + 1; /* skip pw_passwd */ | |
615 | if (len != 0) | |
616 | *p++ = '*'; | |
617 | *p++ = '\0'; | |
618 | memmove(p, t, data.size - (t - buf)); | |
619 | data.size -= len - 1; | |
620 | ||
621 | /* Write the insecure record. */ | |
622 | if ((dp->put)(dp, &key, &data, dbmode) == -1) | |
623 | error("put"); | |
624 | } | |
625 | if (firsttime) { | |
626 | firsttime = 0; | |
627 | if (username && !found && olduid != UID_MAX) | |
628 | errorx("can't find user in master.passwd"); | |
629 | } | |
630 | } |