1 /*- 2 * Copyright (c) 1988 The Regents of the University of California. 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef lint 35 char copyright[] = 36 "@(#) Copyright (c) 1988 The Regents of the University of California.\n\ 37 All rights reserved.\n"; 38 #endif /* not lint */ 39 40 #ifndef lint 41 static char sccsid[] = "@(#)chpass.c 5.17 (Berkeley) 3/3/91"; 42 #endif /* not lint */ 43 44 #include <sys/param.h> 45 #include <sys/stat.h> 46 #include <sys/signal.h> 47 #include <sys/time.h> 48 #include <sys/resource.h> 49 #include <fcntl.h> 50 #include <pwd.h> 51 #include <errno.h> 52 #include <stdio.h> 53 #include <ctype.h> 54 #include <string.h> 55 #include "chpass.h" 56 #include "pathnames.h" 57 58 char *progname = "chpass"; 59 char *tempname; 60 uid_t uid; 61 62 main(argc, argv) 63 int argc; 64 char **argv; 65 { 66 extern int optind; 67 extern char *optarg; 68 register enum { NEWSH, LOADENTRY, EDITENTRY } op; 69 register struct passwd *pw; 70 struct passwd lpw; 71 int ch, pfd, tfd; 72 char *arg; 73 74 op = EDITENTRY; 75 while ((ch = getopt(argc, argv, "a:s:")) != EOF) 76 switch(ch) { 77 case 'a': 78 op = LOADENTRY; 79 arg = optarg; 80 break; 81 case 's': 82 op = NEWSH; 83 arg = optarg; 84 break; 85 case '?': 86 default: 87 usage(); 88 } 89 argc -= optind; 90 argv += optind; 91 92 uid = getuid(); 93 94 if (op == EDITENTRY || op == NEWSH) 95 switch(argc) { 96 case 0: 97 if (!(pw = getpwuid(uid))) { 98 (void)fprintf(stderr, 99 "chpass: unknown user: uid %u\n", uid); 100 exit(1); 101 } 102 break; 103 case 1: 104 if (!(pw = getpwnam(*argv))) { 105 (void)fprintf(stderr, 106 "chpass: unknown user %s.\n", *argv); 107 exit(1); 108 } 109 if (uid && uid != pw->pw_uid) 110 baduser(); 111 break; 112 default: 113 usage(); 114 } 115 116 if (op == NEWSH) { 117 /* protect p_shell -- it thinks NULL is /bin/sh */ 118 if (!arg[0]) 119 usage(); 120 if (p_shell(arg, pw, (ENTRY *)NULL)) 121 pw_error((char *)NULL, 0, 1); 122 } 123 124 if (op == LOADENTRY) { 125 if (uid) 126 baduser(); 127 pw = &lpw; 128 if (!pw_scan(arg, pw)) 129 exit(1); 130 } 131 132 /* 133 * The temporary file/file descriptor usage is a little tricky here. 134 * 1: We start off with two fd's, one for the master password 135 * file (used to lock everything), and one for a temporary file. 136 * 2: Display() gets an fp for the temporary file, and copies the 137 * user's information into it. It then gives the temporary file 138 * to the user and closes the fp, closing the underlying fd. 139 * 3: The user edits the temporary file some number of times. 140 * 4: Verify() gets an fp for the temporary file, and verifies the 141 * contents. It can't use an fp derived from the step #2 fd, 142 * because the user's editor may have created a new instance of 143 * the file. Once the file is verified, its contents are stored 144 * in a password structure. The verify routine closes the fp, 145 * closing the underlying fd. 146 * 5: Delete the temporary file. 147 * 6: Get a new temporary file/fd. Pw_copy() gets an fp for it 148 * file and copies the master password file into it, replacing 149 * the user record with a new one. We can't use the first 150 * temporary file for this because it was owned by the user. 151 * Pw_copy() closes its fp, flushing the data and closing the 152 * underlying file descriptor. We can't close the master 153 * password fp, or we'd lose the lock. 154 * 7: Call pw_mkdb() (which renames the temporary file) and exit. 155 * The exit closes the master passwd fp/fd. 156 */ 157 pw_init(); 158 pfd = pw_lock(); 159 tfd = pw_tmp(); 160 161 if (op == EDITENTRY) { 162 display(tfd, pw); 163 edit(pw); 164 (void)unlink(tempname); 165 tfd = pw_tmp(); 166 } 167 168 pw_copy(pfd, tfd, pw); 169 170 if (!pw_mkdb()) 171 pw_error((char *)NULL, 0, 1); 172 exit(0); 173 } 174 175 baduser() 176 { 177 (void)fprintf(stderr, "chpass: %s\n", strerror(EACCES)); 178 exit(1); 179 } 180 181 usage() 182 { 183 (void)fprintf(stderr, "usage: chpass [-a list] [-s shell] [user]\n"); 184 exit(1); 185 } 186