usr.sbin/vipw/vipw.c

21186Sdist/*
31744Sbostic * Copyright (c) 1987 Regents of the University of California.
21186Sdist * All rights reserved.  The Berkeley software License Agreement
21186Sdist * specifies the terms and conditions for redistribution.
21186Sdist */
21186Sdist
13736Ssam#ifndef lint
21186Sdistchar copyright[] =
31744Sbostic"@(#) Copyright (c) 1987 Regents of the University of California.\n\
21186Sdist All rights reserved.\n";
*32668Sbostic#endif /* !lint */
13736Ssam
21186Sdist#ifndef lint
*32668Sbosticstatic char sccsid[] = "@(#)vipw.c	5.3 (Berkeley) 11/23/87";
*32668Sbostic#endif /* !lint */
21186Sdist
*32668Sbostic#include <machine/machparam.h>
13736Ssam#include <sys/types.h>
13736Ssam#include <sys/stat.h>
*32668Sbostic#include <sys/signal.h>
13736Ssam#include <sys/file.h>
13736Ssam#include <stdio.h>
13736Ssam#include <errno.h>
13736Ssam
13736Ssam/*
13736Ssam * Password file editor with locking.
13736Ssam */
*32668Sbosticstatic char	*passwd = "/etc/passwd", buf[BUFSIZ];
13736Ssam
31744Sbosticmain()
13736Ssam{
*32668Sbostic	register int n, fd_passwd, fd_temp;
*32668Sbostic	static char *temp = "/etc/ptmp";
*32668Sbostic	struct stat s1, s2;
*32668Sbostic	char	*editor, *getenv();
13736Ssam
31744Sbostic	(void)signal(SIGHUP, SIG_IGN);
31744Sbostic	(void)signal(SIGINT, SIG_IGN);
31744Sbostic	(void)signal(SIGQUIT, SIG_IGN);
31744Sbostic
31744Sbostic	setbuf(stderr, (char *)NULL);
*32668Sbostic	(void)umask(0);
31744Sbostic
31744Sbostic	if ((fd_passwd = open(passwd, O_RDONLY, 0)) < 0) {
*32668Sbostic		fputs("vipw: ", stderr);
31744Sbostic		perror(passwd);
31744Sbostic		exit(1);
31744Sbostic	}
31744Sbostic	if ((fd_temp = open(temp, O_WRONLY|O_CREAT|O_EXCL, 0644)) < 0) {
31744Sbostic		extern int errno;
31744Sbostic
13736Ssam		if (errno == EEXIST) {
*32668Sbostic			fputs("vipw: password file busy.\n", stderr);
13736Ssam			exit(1);
13736Ssam		}
*32668Sbostic		fputs("vipw: ", stderr);
31744Sbostic		perror(temp);
13736Ssam		exit(1);
13736Ssam	}
31744Sbostic	while ((n = read(fd_passwd, buf, sizeof(buf))) > 0)
31744Sbostic		if (write(fd_temp, buf, n) != n) {
31744Sbostic			perror("vipw: write");
31744Sbostic			goto bad;
31744Sbostic		}
31744Sbostic	if (n == -1) {
31744Sbostic		perror("vipw: read");
13736Ssam		goto bad;
13736Ssam	}
31744Sbostic	(void)close(fd_passwd);
31744Sbostic	if (fsync(fd_temp)) {
31744Sbostic		perror("vipw: fsync");
13736Ssam		goto bad;
13736Ssam	}
31744Sbostic	if (fstat(fd_temp, &s1)) {
31744Sbostic		perror("vipw: fstat");
31744Sbostic		goto bad;
31744Sbostic	}
31744Sbostic	(void)close(fd_temp);
31744Sbostic
31744Sbostic	if (!(editor = getenv("EDITOR")))
13736Ssam		editor = "vi";
31744Sbostic	(void)sprintf(buf, "%s %s", editor, temp);
31744Sbostic	if (system(buf)) {
31744Sbostic		perror("vipw: system");
31744Sbostic		goto bad;
31744Sbostic	}
13736Ssam
31744Sbostic	if (!freopen(temp, "r", stdin)) {
*32668Sbostic		fprintf(stderr, "vipw: can't reopen temp file; %s unchanged.\n", passwd);
31744Sbostic		goto bad;
31744Sbostic	}
31744Sbostic	if (fstat(fileno(stdin), &s2)) {
*32668Sbostic		fprintf(stderr, "vipw: can't stat temp file; %s unchanged.\n", passwd);
31744Sbostic		goto bad;
31744Sbostic	}
31744Sbostic	if (s1.st_mtime == s2.st_mtime) {
*32668Sbostic		fprintf(stderr, "vipw: %s unchanged.\n", passwd);
31744Sbostic		goto bad;
31744Sbostic	}
31744Sbostic	if (!s2.st_size) {
*32668Sbostic		fprintf(stderr, "vipw: bad temp file; %s unchanged.\n", passwd);
31744Sbostic		goto bad;
31744Sbostic	}
*32668Sbostic	if (check()) {
31744Sbostic		static char	*temp_pag = "/etc/ptmp.pag",
31744Sbostic				*temp_dir = "/etc/ptmp.dir",
31744Sbostic				*passwd_pag = "/etc/passwd.pag",
31744Sbostic				*passwd_dir = "/etc/passwd.dir";
31744Sbostic
31744Sbostic		if (makedb(temp) < 0)
31744Sbostic			fputs("vipw: mkpasswd failed.\n", stderr);
31744Sbostic		else if (rename(temp_pag, passwd_pag) < 0) {
31744Sbostic			fprintf(stderr, "vipw: ");
31744Sbostic			perror(temp_pag);
13736Ssam		}
31744Sbostic		else if (rename(temp_dir, passwd_dir) < 0) {
31744Sbostic			fprintf(stderr, "vipw: ");
31744Sbostic			perror(temp_dir);
13736Ssam		}
31744Sbostic		else if (rename(temp, passwd) < 0) {
31744Sbostic			fprintf(stderr, "vipw: ");
31744Sbostic			perror("rename");
13736Ssam		}
31744Sbostic		else
31744Sbostic			exit(0);
31744Sbostic		(void)unlink(temp_pag);
31744Sbostic		(void)unlink(temp_dir);
13736Ssam	}
31744Sbosticbad:	(void)unlink(temp);
15166Sralph	exit(1);
13736Ssam}
15633Sralph
*32668Sbostic#define	CHN	((char *)NULL)
31744Sbosticstatic
*32668Sbosticcheck()
31744Sbostic{
*32668Sbostic	register char *cp, *sh;
*32668Sbostic	register long id;
*32668Sbostic	register int root;
*32668Sbostic	long atol();
*32668Sbostic	char *token(), *getusershell();
31744Sbostic
*32668Sbostic	for (root = 0; gets(buf); root = 0) {
*32668Sbostic		if (!*buf) {
*32668Sbostic			fputs("vipw: empty line.\n", stderr);
31744Sbostic			continue;
*32668Sbostic		}
*32668Sbostic		if (!(cp = token(buf)) || !*cp)		/* login */
*32668Sbostic			goto bad;
*32668Sbostic		if (!strcmp(cp, "root"))
*32668Sbostic			root = 1;
*32668Sbostic		(void)token(CHN);			/* passwd */
*32668Sbostic		if (!(cp = token(CHN)) || !*cp)		/* uid */
*32668Sbostic			goto bad;
*32668Sbostic		id = atol(cp);
*32668Sbostic		if (root && id) {
*32668Sbostic			fprintf(stderr, "vipw: root uid should be 0; %s unchanged.\n", passwd);
*32668Sbostic			return(0);
*32668Sbostic		}
*32668Sbostic		if (id > USHRT_MAX) {
*32668Sbostic			fprintf(stderr, "vipw: %s > max uid value (%u); %s unchanged.\n", cp, USHRT_MAX, passwd);
*32668Sbostic			return(0);
*32668Sbostic		}
*32668Sbostic		if (!(cp = token(CHN)) || !*cp)		/* gid */
*32668Sbostic			goto bad;
*32668Sbostic		id = atol(cp);
*32668Sbostic		if (id > USHRT_MAX) {
*32668Sbostic			fprintf(stderr, "vipw: %s > max gid value (%u); %s unchanged.\n", cp, USHRT_MAX, passwd);
*32668Sbostic			return(0);
*32668Sbostic		}
*32668Sbostic		(void)token(CHN);			/* gcos */
*32668Sbostic		if (!token(CHN))			/* home directory */
*32668Sbostic			goto bad;
*32668Sbostic		if (!(cp = token(CHN)))			/* shell */
*32668Sbostic			goto bad;
*32668Sbostic		if (root && *cp)			/* empty == /bin/sh */
*32668Sbostic			for (;;)
*32668Sbostic				if (!(sh = getusershell())) {
*32668Sbostic					fprintf(stderr, "vipw: illegal shell (%s) for root; %s unchanged.\n", cp, passwd);
*32668Sbostic					return(0);
*32668Sbostic				}
*32668Sbostic				else if (!strcmp(cp, sh))
*32668Sbostic					break;
*32668Sbostic		if (token(CHN)) {			/* too many fields */
*32668Sbosticbad:			fprintf(stderr, "vipw: corrupted entry; %s unchanged.\n", passwd);
*32668Sbostic			return(0);
*32668Sbostic		}
31744Sbostic	}
*32668Sbostic	return(1);
31744Sbostic}
31744Sbostic
31744Sbosticstatic
15633Sralphmakedb(file)
*32668Sbostic	char *file;
15633Sralph{
*32668Sbostic	int status, pid, w;
15633Sralph
31744Sbostic	if (!(pid = vfork())) {
15633Sralph		execl("/etc/mkpasswd", "mkpasswd", file, 0);
15633Sralph		_exit(127);
15633Sralph	}
31744Sbostic	while ((w = wait(&status)) != pid && w != -1);
31744Sbostic	if (w == -1 || status)
31744Sbostic		return(-1);
31744Sbostic	return(0);
15633Sralph}
*32668Sbostic
*32668Sbosticstatic char *
*32668Sbostictoken(bfr)
*32668Sbostic	char *bfr;
*32668Sbostic{
*32668Sbostic	static char *cp;
*32668Sbostic	char *start;
*32668Sbostic
*32668Sbostic	if (bfr)			/* re-init string */
*32668Sbostic		cp = bfr;
*32668Sbostic	else if (!cp)			/* check if hit EOS last time */
*32668Sbostic		return(CHN);
*32668Sbostic	else if (!bfr)			/* start at next char after ':' */
*32668Sbostic		++cp;
*32668Sbostic	for (start = cp;; ++cp)
*32668Sbostic		if (!*cp) {		/* found EOS; mark it for next time */
*32668Sbostic			cp = CHN;
*32668Sbostic			break;
*32668Sbostic		}
*32668Sbostic		else if (*cp == ':') {	/* found ':'; end token */
*32668Sbostic			*cp = '\0';
*32668Sbostic			break;
*32668Sbostic		}
*32668Sbostic	return(start);			/* return token */
*32668Sbostic}