[apple/system_cmds.git] / passwd.tproj / file_passwd.c

/*
 * Copyright (c) 1999-2010 Apple Inc. All rights reserved.
 *
 * @APPLE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this
 * file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_LICENSE_HEADER_END@
 */
#include <ctype.h>
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <pwd.h>
#include <signal.h>
#include <stdbool.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sysexits.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/stat.h>

#define _PASSWD_FILE "/etc/master.passwd"
#define _COMPAT_FILE "/etc/passwd"
#define _PASSWD_FIELDS 10
#define BUFSIZE 8192

void getpasswd(char *, int, int, int, int, char *, char **, char**, char **);

static struct passwd *
parse_user(char *line, size_t len)
{
	static struct passwd pw;
	int i,j;
	char *tokens[_PASSWD_FIELDS];
	char *token = NULL;
	bool comment = true;

	free(pw.pw_name);
	free(pw.pw_passwd);
	free(pw.pw_class);
	free(pw.pw_gecos);
	free(pw.pw_dir);
	free(pw.pw_shell);
	memset(&pw, 0, sizeof(pw));

	if (line == NULL) return NULL;

	memset(&tokens, 0, sizeof(char *) * _PASSWD_FIELDS);

	for (i = 0, j = 0; i < len && j < _PASSWD_FIELDS; ++i) {
		int c = line[i];
		if (!isspace(c) && c != '#') {
			comment = false;
		}
		if (!comment && token == NULL) {
			// start a new token
			token = &line[i];
		} else if (token && (c == ':' || c == '\n')) {
			// end the current token
			// special case for empty token
			while (token[0] == ':' && token < &line[i]) {
				tokens[j++] = strdup("");
				++token;
			}
			tokens[j++] = strndup(token, &line[i] - token);
			token = NULL;
		}
	}

	if (comment || j != _PASSWD_FIELDS) return NULL;

	j = 0;
	pw.pw_name = tokens[j++];
	pw.pw_passwd = tokens[j++];
	pw.pw_uid = atoi(tokens[j]);
	free(tokens[j++]);
	pw.pw_gid = atoi(tokens[j]);
	free(tokens[j++]);
	pw.pw_class = tokens[j++];
	pw.pw_change = atoi(tokens[j]);
	free(tokens[j++]);
	pw.pw_expire = atoi(tokens[j]);
	free(tokens[j++]);
	pw.pw_gecos = tokens[j++];
	pw.pw_dir = tokens[j++];
	pw.pw_shell = tokens[j++];

	return &pw;
}

static struct passwd *
find_user(FILE *fp, char *uname)
{
	size_t len;
	char *line;

	rewind(fp);

	while ((line = fgetln(fp, &len)) != NULL) {
		struct passwd *pw = parse_user(line, len);
		if (pw && strcmp(uname, pw->pw_name) == 0) {
			return pw;
		}
	}
	return NULL;
}

static void
rewrite_file(char *path, FILE *fp, struct passwd *newpw)
{
	int fd;
	char *line;
	size_t len;
	FILE *tfp = NULL;
	char *tempname = NULL; // temporary master.passwd file

	asprintf(&tempname, "%s.XXXXXX", path);
	
	fd = mkstemp(tempname);
	if (fd == -1) {
		err(EXIT_FAILURE, "%s", tempname);
	}
	tfp = fdopen(fd, "w+");
	if (tfp == NULL || fchmod(fd, S_IRUSR | S_IWUSR) != 0) {
		int save = errno;
		unlink(tempname);
		errno = save;
		err(EXIT_FAILURE, "%s", tempname);
	}
	
	while ((line = fgetln(fp, &len)) != NULL) {
		struct passwd *pw = parse_user(line, len);

		// if this is not the entry we're looking for or if parsing
		// failed (likely a comment) then print the entry as is.
		if (pw == NULL || strcmp(newpw->pw_name, pw->pw_name) != 0) {
			fwrite(line, sizeof(char), len, tfp);
		} else {
			fprintf(tfp, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n",
				newpw->pw_name,
				newpw->pw_passwd,
				newpw->pw_uid,
				newpw->pw_gid,
				newpw->pw_class,
				newpw->pw_change,
				newpw->pw_expire,
				newpw->pw_gecos,
				newpw->pw_dir,
				newpw->pw_shell);
		}
	}

	// Move the temporary file into place.
	if (fclose(tfp) != 0 || rename(tempname, path) != 0) {
		int save = errno;
		unlink(tempname);
		errno = save;
		err(EXIT_FAILURE, "%s", tempname);
	}

	free(tempname);
}

int
file_passwd(char *uname, char *locn)
{
	char *ne, *oc, *nc;
	int fd;
	FILE *fp;
	uid_t uid;
	char *fname;
	struct passwd *pw;
	struct passwd newpw;
	
	fname = _PASSWD_FILE;
	if (locn != NULL) fname = locn;
	
	fd = open(fname, O_RDONLY | O_EXLOCK);
	if (fd == -1) {
		err(EXIT_FAILURE, "%s", fname);
	}

	fp = fdopen(fd, "r");
	if (fp == NULL) {
		err(EXIT_FAILURE, "%s", fname);
	}

	pw = find_user(fp, uname);
	if (pw == NULL) {
		errx(EXIT_FAILURE, "user %s not found in %s", uname, fname);
	}

	uid = getuid();
	if (uid != 0 && uid != pw->pw_uid) {
		errno = EACCES;
		err(EXIT_FAILURE, "%s", uname);
	}

	// Get the password
	getpasswd(uname, (uid == 0), 5, 0, 0, pw->pw_passwd, &ne, &oc, &nc);

	newpw.pw_name = strdup(pw->pw_name);
	newpw.pw_passwd = strdup(ne);
	newpw.pw_uid = pw->pw_uid;
	newpw.pw_gid = pw->pw_gid;
	newpw.pw_class = strdup(pw->pw_class);
	newpw.pw_change = pw->pw_change;
	newpw.pw_expire = pw->pw_expire;
	newpw.pw_gecos = strdup(pw->pw_gecos);
	newpw.pw_dir = strdup(pw->pw_dir);
	newpw.pw_shell = strdup(pw->pw_shell);

	// Rewrite the file
	rewind(fp);
	rewrite_file(fname, fp, &newpw);

	fclose(fp);

	return 0;
}
Commit	Line	Data
1815bff5	1	/*
8459d725	2	* Copyright (c) 1999-2010 Apple Inc. All rights reserved.
1815bff5 A	3	*
	4	* @APPLE_LICENSE_HEADER_START@
	5	*
8459d725 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. Please obtain a copy of the License at
	10	* http://www.opensource.apple.com/apsl/ and read it before using this
	11	* file.
1815bff5 A	12	*
	13	* The Original Code and all software distributed under the License are
	14	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	15	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	16	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
8459d725 A	17	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	18	* Please see the License for the specific language governing rights and
	19	* limitations under the License.
1815bff5 A	20	*
	21	* @APPLE_LICENSE_HEADER_END@
	22	*/
8459d725 A	23	#include <ctype.h>
	24	#include <err.h>
	25	#include <errno.h>
	26	#include <fcntl.h>
	27	#include <pwd.h>
ef8ad44b	28	#include <signal.h>
8459d725 A	29	#include <stdbool.h>
8459d725 A	30	#include <stdlib.h>
1815bff5	31	#include <stdio.h>
20e66415	32	#include <string.h>
1376a029	33	#include <sysexits.h>
8459d725	34	#include <unistd.h>
1376a029	35	#include <sys/time.h>
1376a029	36	#include <sys/stat.h>
1815bff5 A	37
	38	#define _PASSWD_FILE "/etc/master.passwd"
	39	#define _COMPAT_FILE "/etc/passwd"
	40	#define _PASSWD_FIELDS 10
	41	#define BUFSIZE 8192
	42
8459d725	43	void getpasswd(char , int, int, int, int, char , char , char, char **);
1815bff5	44
8459d725 A	45	static struct passwd *
8459d725 A	46	parse_user(char *line, size_t len)
1815bff5	47	{
8459d725 A	48	static struct passwd pw;
	49	int i,j;
	50	char *tokens[_PASSWD_FIELDS];
	51	char *token = NULL;
	52	bool comment = true;
	53
	54	free(pw.pw_name);
	55	free(pw.pw_passwd);
	56	free(pw.pw_class);
	57	free(pw.pw_gecos);
	58	free(pw.pw_dir);
	59	free(pw.pw_shell);
	60	memset(&pw, 0, sizeof(pw));
	61
	62	if (line == NULL) return NULL;
	63
	64	memset(&tokens, 0, sizeof(char ) _PASSWD_FIELDS);
	65
	66	for (i = 0, j = 0; i < len && j < _PASSWD_FIELDS; ++i) {
	67	int c = line[i];
	68	if (!isspace(c) && c != '#') {
	69	comment = false;
	70	}
	71	if (!comment && token == NULL) {
	72	// start a new token
	73	token = &line[i];
	74	} else if (token && (c == ':' \|\| c == '\n')) {
	75	// end the current token
	76	// special case for empty token
	77	while (token[0] == ':' && token < &line[i]) {
	78	tokens[j++] = strdup("");
	79	++token;
	80	}
	81	tokens[j++] = strndup(token, &line[i] - token);
	82	token = NULL;
	83	}
1815bff5 A	84	}
1815bff5 A	85
8459d725 A	86	if (comment \|\| j != _PASSWD_FIELDS) return NULL;
	87
	88	j = 0;
	89	pw.pw_name = tokens[j++];
	90	pw.pw_passwd = tokens[j++];
	91	pw.pw_uid = atoi(tokens[j]);
	92	free(tokens[j++]);
	93	pw.pw_gid = atoi(tokens[j]);
	94	free(tokens[j++]);
	95	pw.pw_class = tokens[j++];
	96	pw.pw_change = atoi(tokens[j]);
	97	free(tokens[j++]);
	98	pw.pw_expire = atoi(tokens[j]);
	99	free(tokens[j++]);
	100	pw.pw_gecos = tokens[j++];
	101	pw.pw_dir = tokens[j++];
	102	pw.pw_shell = tokens[j++];
1815bff5 A	103
	104	return &pw;
	105	}
	106
8459d725 A	107	static struct passwd *
8459d725 A	108	find_user(FILE fp, char uname)
1815bff5	109	{
8459d725	110	size_t len;
1815bff5	111	char *line;
1815bff5 A	112
	113	rewind(fp);
	114
8459d725 A	115	while ((line = fgetln(fp, &len)) != NULL) {
	116	struct passwd *pw = parse_user(line, len);
	117	if (pw && strcmp(uname, pw->pw_name) == 0) {
	118	return pw;
	119	}
1815bff5	120	}
8459d725	121	return NULL;
1815bff5 A	122	}
1815bff5 A	123
8459d725 A	124	static void
8459d725 A	125	rewrite_file(char path, FILE fp, struct passwd *newpw)
1815bff5	126	{
1376a029	127	int fd;
8459d725 A	128	char *line;
	129	size_t len;
	130	FILE *tfp = NULL;
	131	char *tempname = NULL; // temporary master.passwd file
	132
	133	asprintf(&tempname, "%s.XXXXXX", path);
1815bff5	134
8459d725 A	135	fd = mkstemp(tempname);
	136	if (fd == -1) {
	137	err(EXIT_FAILURE, "%s", tempname);
1376a029 A	138	}
1376a029 A	139	tfp = fdopen(fd, "w+");
8459d725 A	140	if (tfp == NULL \|\| fchmod(fd, S_IRUSR \| S_IWUSR) != 0) {
	141	int save = errno;
	142	unlink(tempname);
	143	errno = save;
	144	err(EXIT_FAILURE, "%s", tempname);
	145	}
	146
	147	while ((line = fgetln(fp, &len)) != NULL) {
	148	struct passwd *pw = parse_user(line, len);
	149
	150	// if this is not the entry we're looking for or if parsing
	151	// failed (likely a comment) then print the entry as is.
	152	if (pw == NULL \|\| strcmp(newpw->pw_name, pw->pw_name) != 0) {
	153	fwrite(line, sizeof(char), len, tfp);
	154	} else {
	155	fprintf(tfp, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n",
	156	newpw->pw_name,
	157	newpw->pw_passwd,
	158	newpw->pw_uid,
	159	newpw->pw_gid,
	160	newpw->pw_class,
	161	newpw->pw_change,
	162	newpw->pw_expire,
	163	newpw->pw_gecos,
	164	newpw->pw_dir,
	165	newpw->pw_shell);
1815bff5 A	166	}
	167	}
	168
8459d725 A	169	// Move the temporary file into place.
	170	if (fclose(tfp) != 0 \|\| rename(tempname, path) != 0) {
	171	int save = errno;
	172	unlink(tempname);
	173	errno = save;
	174	err(EXIT_FAILURE, "%s", tempname);
1815bff5	175	}
1815bff5	176
8459d725	177	free(tempname);
1815bff5 A	178	}
	179
	180	int
8459d725	181	file_passwd(char uname, char locn)
1815bff5 A	182	{
1815bff5 A	183	char ne, oc, *nc;
8459d725	184	int fd;
1815bff5	185	FILE *fp;
8459d725	186	uid_t uid;
1815bff5 A	187	char *fname;
	188	struct passwd *pw;
	189	struct passwd newpw;
1376a029	190
1815bff5 A	191	fname = _PASSWD_FILE;
1815bff5 A	192	if (locn != NULL) fname = locn;
1376a029	193
8459d725 A	194	fd = open(fname, O_RDONLY \| O_EXLOCK);
	195	if (fd == -1) {
	196	err(EXIT_FAILURE, "%s", fname);
1376a029	197	}
8459d725 A	198
	199	fp = fdopen(fd, "r");
	200	if (fp == NULL) {
	201	err(EXIT_FAILURE, "%s", fname);
1376a029	202	}
8459d725 A	203
	204	pw = find_user(fp, uname);
	205	if (pw == NULL) {
	206	errx(EXIT_FAILURE, "user %s not found in %s", uname, fname);
1815bff5 A	207	}
	208
	209	uid = getuid();
8459d725 A	210	if (uid != 0 && uid != pw->pw_uid) {
	211	errno = EACCES;
	212	err(EXIT_FAILURE, "%s", uname);
1815bff5 A	213	}
1815bff5 A	214
8459d725	215	// Get the password
1815bff5 A	216	getpasswd(uname, (uid == 0), 5, 0, 0, pw->pw_passwd, &ne, &oc, &nc);
1815bff5 A	217
8459d725 A	218	newpw.pw_name = strdup(pw->pw_name);
8459d725 A	219	newpw.pw_passwd = strdup(ne);
1815bff5 A	220	newpw.pw_uid = pw->pw_uid;
1815bff5 A	221	newpw.pw_gid = pw->pw_gid;
8459d725	222	newpw.pw_class = strdup(pw->pw_class);
1815bff5 A	223	newpw.pw_change = pw->pw_change;
1815bff5 A	224	newpw.pw_expire = pw->pw_expire;
8459d725 A	225	newpw.pw_gecos = strdup(pw->pw_gecos);
	226	newpw.pw_dir = strdup(pw->pw_dir);
	227	newpw.pw_shell = strdup(pw->pw_shell);
1815bff5	228
8459d725 A	229	// Rewrite the file
	230	rewind(fp);
	231	rewrite_file(fname, fp, &newpw);
1815bff5 A	232
	233	fclose(fp);
	234
	235	return 0;
	236	}