usr.sbin/vipw/vipw.c

21186Sdist/*
*31744Sbostic * Copyright (c) 1987 Regents of the University of California.
21186Sdist * All rights reserved.  The Berkeley software License Agreement
21186Sdist * specifies the terms and conditions for redistribution.
21186Sdist */
21186Sdist
13736Ssam#ifndef lint
21186Sdistchar copyright[] =
*31744Sbostic"@(#) Copyright (c) 1987 Regents of the University of California.\n\
21186Sdist All rights reserved.\n";
21186Sdist#endif not lint
13736Ssam
21186Sdist#ifndef lint
*31744Sbosticstatic char sccsid[] = "@(#)vipw.c	5.2 (Berkeley) 07/01/87";
21186Sdist#endif not lint
21186Sdist
13736Ssam#include <sys/types.h>
13736Ssam#include <sys/stat.h>
13736Ssam#include <sys/file.h>
13736Ssam#include <stdio.h>
13736Ssam#include <errno.h>
13736Ssam#include <signal.h>
13736Ssam
13736Ssam/*
13736Ssam * Password file editor with locking.
13736Ssam */
*31744Sbosticstatic char	*passwd = "/etc/passwd",
*31744Sbostic		buf[BUFSIZ];
13736Ssam
*31744Sbosticmain()
13736Ssam{
*31744Sbostic	register int	n, fd_passwd, fd_temp;
*31744Sbostic	static char	*temp = "/etc/ptmp";
*31744Sbostic	struct stat	s1, s2;
*31744Sbostic	char	*editor,
*31744Sbostic		*getenv();
13736Ssam
*31744Sbostic	(void)signal(SIGHUP, SIG_IGN);
*31744Sbostic	(void)signal(SIGINT, SIG_IGN);
*31744Sbostic	(void)signal(SIGQUIT, SIG_IGN);
*31744Sbostic
*31744Sbostic	setbuf(stderr, (char *)NULL);
14911Sralph	umask(0);
*31744Sbostic
*31744Sbostic	if ((fd_passwd = open(passwd, O_RDONLY, 0)) < 0) {
*31744Sbostic		fprintf(stderr, "vipw: ");
*31744Sbostic		perror(passwd);
*31744Sbostic		exit(1);
*31744Sbostic	}
*31744Sbostic	if ((fd_temp = open(temp, O_WRONLY|O_CREAT|O_EXCL, 0644)) < 0) {
*31744Sbostic		extern int errno;
*31744Sbostic
13736Ssam		if (errno == EEXIST) {
*31744Sbostic			fputs("vipw: password file busy\n", stderr);
13736Ssam			exit(1);
13736Ssam		}
*31744Sbostic		fprintf(stderr, "vipw: ");
*31744Sbostic		perror(temp);
13736Ssam		exit(1);
13736Ssam	}
*31744Sbostic	while ((n = read(fd_passwd, buf, sizeof(buf))) > 0)
*31744Sbostic		if (write(fd_temp, buf, n) != n) {
*31744Sbostic			perror("vipw: write");
*31744Sbostic			goto bad;
*31744Sbostic		}
*31744Sbostic	if (n == -1) {
*31744Sbostic		perror("vipw: read");
13736Ssam		goto bad;
13736Ssam	}
*31744Sbostic	(void)close(fd_passwd);
*31744Sbostic	if (fsync(fd_temp)) {
*31744Sbostic		perror("vipw: fsync");
13736Ssam		goto bad;
13736Ssam	}
*31744Sbostic	if (fstat(fd_temp, &s1)) {
*31744Sbostic		perror("vipw: fstat");
*31744Sbostic		goto bad;
*31744Sbostic	}
*31744Sbostic	(void)close(fd_temp);
*31744Sbostic
*31744Sbostic	if (!(editor = getenv("EDITOR")))
13736Ssam		editor = "vi";
*31744Sbostic	(void)sprintf(buf, "%s %s", editor, temp);
*31744Sbostic	if (system(buf)) {
*31744Sbostic		perror("vipw: system");
*31744Sbostic		goto bad;
*31744Sbostic	}
13736Ssam
*31744Sbostic	if (!freopen(temp, "r", stdin)) {
*31744Sbostic		fprintf(stderr, "vipw: can't reopen temp file, %s unchanged\n", passwd);
*31744Sbostic		goto bad;
*31744Sbostic	}
*31744Sbostic	if (fstat(fileno(stdin), &s2)) {
*31744Sbostic		fprintf(stderr, "vipw: can't stat temp file, %s unchanged\n", passwd);
*31744Sbostic		goto bad;
*31744Sbostic	}
*31744Sbostic	if (s1.st_mtime == s2.st_mtime) {
*31744Sbostic		fprintf(stderr, "vipw: %s unchanged\n", passwd);
*31744Sbostic		goto bad;
*31744Sbostic	}
*31744Sbostic	if (!s2.st_size) {
*31744Sbostic		fprintf(stderr, "vipw: bad temp file, %s unchanged\n", passwd);
*31744Sbostic		goto bad;
*31744Sbostic	}
*31744Sbostic	if (checkroot()) {
*31744Sbostic		static char	*temp_pag = "/etc/ptmp.pag",
*31744Sbostic				*temp_dir = "/etc/ptmp.dir",
*31744Sbostic				*passwd_pag = "/etc/passwd.pag",
*31744Sbostic				*passwd_dir = "/etc/passwd.dir";
*31744Sbostic
*31744Sbostic		if (makedb(temp) < 0)
*31744Sbostic			fputs("vipw: mkpasswd failed.\n", stderr);
*31744Sbostic		else if (rename(temp_pag, passwd_pag) < 0) {
*31744Sbostic			fprintf(stderr, "vipw: ");
*31744Sbostic			perror(temp_pag);
13736Ssam		}
*31744Sbostic		else if (rename(temp_dir, passwd_dir) < 0) {
*31744Sbostic			fprintf(stderr, "vipw: ");
*31744Sbostic			perror(temp_dir);
13736Ssam		}
*31744Sbostic		else if (rename(temp, passwd) < 0) {
*31744Sbostic			fprintf(stderr, "vipw: ");
*31744Sbostic			perror("rename");
13736Ssam		}
*31744Sbostic		else
*31744Sbostic			exit(0);
*31744Sbostic		(void)unlink(temp_pag);
*31744Sbostic		(void)unlink(temp_dir);
13736Ssam	}
*31744Sbosticbad:	(void)unlink(temp);
15166Sralph	exit(1);
13736Ssam}
15633Sralph
*31744Sbosticstatic
*31744Sbosticcheckroot()
*31744Sbostic{
*31744Sbostic	register int	cnt;
*31744Sbostic	register char	*cp, *sh;
*31744Sbostic	char	*getusershell();
*31744Sbostic
*31744Sbostic	while (gets(buf)) {
*31744Sbostic		if (strncmp(buf, "root:", sizeof("root:") - 1))
*31744Sbostic			continue;
*31744Sbostic						/* skip password */
*31744Sbostic		for (cp = buf + sizeof("root:") - 1; *cp && *cp != ':'; ++cp);
*31744Sbostic		if (!*cp || atoi(++cp))		/* uid exists && uid == 0 */
*31744Sbostic			break;			/* skip uid, gid, gcos, dir */
*31744Sbostic		for (cnt = 0; *cp && cnt < 4; ++cp)
*31744Sbostic			if (*cp == ':')
*31744Sbostic				++cnt;
*31744Sbostic		if (!*cp)
*31744Sbostic			break;
*31744Sbostic		while (sh = getusershell())
*31744Sbostic			if (!strcmp(cp, sh))
*31744Sbostic				return(1);
*31744Sbostic		fprintf(stderr, "vipw: illegal shell (%s) for root login, %s unchanged.\n", cp, passwd);
*31744Sbostic		return(0);
*31744Sbostic	}
*31744Sbostic	fprintf(stderr, "vipw: root login corrupted, %s unchanged.\n", passwd);
*31744Sbostic	return(0);
*31744Sbostic}
*31744Sbostic
*31744Sbosticstatic
15633Sralphmakedb(file)
*31744Sbostic	char	*file;
15633Sralph{
*31744Sbostic	int	status, pid, w;
15633Sralph
*31744Sbostic	if (!(pid = vfork())) {
15633Sralph		execl("/etc/mkpasswd", "mkpasswd", file, 0);
15633Sralph		_exit(127);
15633Sralph	}
*31744Sbostic	while ((w = wait(&status)) != pid && w != -1);
*31744Sbostic	if (w == -1 || status)
*31744Sbostic		return(-1);
*31744Sbostic	return(0);
15633Sralph}