10Sstevel@tonic-gate /*
20Sstevel@tonic-gate * CDDL HEADER START
30Sstevel@tonic-gate *
40Sstevel@tonic-gate * The contents of this file are subject to the terms of the
5*1536Sas198278 * Common Development and Distribution License (the "License").
6*1536Sas198278 * You may not use this file except in compliance with the License.
70Sstevel@tonic-gate *
80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
100Sstevel@tonic-gate * See the License for the specific language governing permissions
110Sstevel@tonic-gate * and limitations under the License.
120Sstevel@tonic-gate *
130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
180Sstevel@tonic-gate *
190Sstevel@tonic-gate * CDDL HEADER END
200Sstevel@tonic-gate */
21*1536Sas198278
220Sstevel@tonic-gate /*
23*1536Sas198278 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
240Sstevel@tonic-gate * Use is subject to license terms.
250Sstevel@tonic-gate */
260Sstevel@tonic-gate
270Sstevel@tonic-gate /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
280Sstevel@tonic-gate /* All Rights Reserved */
290Sstevel@tonic-gate
300Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI"
310Sstevel@tonic-gate
320Sstevel@tonic-gate /* pwconv.c */
330Sstevel@tonic-gate /* Conversion aid to copy appropriate fields from the */
340Sstevel@tonic-gate /* password file to the shadow file. */
350Sstevel@tonic-gate
360Sstevel@tonic-gate #include <pwd.h>
370Sstevel@tonic-gate #include <fcntl.h>
380Sstevel@tonic-gate #include <stdio.h>
390Sstevel@tonic-gate #include <sys/types.h>
400Sstevel@tonic-gate #include <sys/stat.h>
410Sstevel@tonic-gate #include <time.h>
420Sstevel@tonic-gate #include <shadow.h>
430Sstevel@tonic-gate #include <grp.h>
440Sstevel@tonic-gate #include <signal.h>
450Sstevel@tonic-gate #include <errno.h>
460Sstevel@tonic-gate #include <unistd.h>
470Sstevel@tonic-gate #include <stdlib.h>
480Sstevel@tonic-gate #include <locale.h>
49*1536Sas198278 #include <string.h>
500Sstevel@tonic-gate
510Sstevel@tonic-gate #define PRIVILEGED 0 /* priviledged id */
520Sstevel@tonic-gate
530Sstevel@tonic-gate /* exit code */
540Sstevel@tonic-gate #define SUCCESS 0 /* succeeded */
550Sstevel@tonic-gate #define NOPERM 1 /* No permission */
560Sstevel@tonic-gate #define BADSYN 2 /* Incorrect syntax */
570Sstevel@tonic-gate #define FMERR 3 /* File manipulation error */
580Sstevel@tonic-gate #define FATAL 4 /* Old file can not be recover */
590Sstevel@tonic-gate #define FBUSY 5 /* Lock file busy */
600Sstevel@tonic-gate #define BADSHW 6 /* Bad entry in shadow file */
610Sstevel@tonic-gate
620Sstevel@tonic-gate #define DELPTMP() (void) unlink(PASSTEMP)
630Sstevel@tonic-gate #define DELSHWTMP() (void) unlink(SHADTEMP)
640Sstevel@tonic-gate
650Sstevel@tonic-gate char pwdflr[] = "x"; /* password filler */
660Sstevel@tonic-gate char *prognamp;
67108Sbasabi void f_err(void), f_miss(void), f_bdshw(void);
680Sstevel@tonic-gate
690Sstevel@tonic-gate /*
700Sstevel@tonic-gate * getspnan routine that ONLY looks at the local shadow file
710Sstevel@tonic-gate */
720Sstevel@tonic-gate struct spwd *
local_getspnam(char * name)73108Sbasabi local_getspnam(char *name)
740Sstevel@tonic-gate {
750Sstevel@tonic-gate FILE *shadf;
76*1536Sas198278 struct spwd *sp;
770Sstevel@tonic-gate
780Sstevel@tonic-gate
790Sstevel@tonic-gate if ((shadf = fopen("/etc/shadow", "r")) == NULL)
800Sstevel@tonic-gate return (NULL);
810Sstevel@tonic-gate
820Sstevel@tonic-gate while ((sp = fgetspent(shadf)) != NULL) {
830Sstevel@tonic-gate if (strcmp(sp->sp_namp, name) == 0)
840Sstevel@tonic-gate break;
850Sstevel@tonic-gate }
860Sstevel@tonic-gate
87*1536Sas198278 (void) fclose(shadf);
880Sstevel@tonic-gate
890Sstevel@tonic-gate return (sp);
900Sstevel@tonic-gate }
910Sstevel@tonic-gate
92108Sbasabi int
main(int argc,char ** argv)93108Sbasabi main(int argc, char **argv)
940Sstevel@tonic-gate {
950Sstevel@tonic-gate extern int errno;
96108Sbasabi void no_recover(void), no_convert(void);
970Sstevel@tonic-gate struct passwd *pwdp;
980Sstevel@tonic-gate struct spwd *sp, sp_pwd; /* default entry */
990Sstevel@tonic-gate struct stat buf;
1000Sstevel@tonic-gate FILE *tp_fp, *tsp_fp;
101108Sbasabi time_t when, minweeks, maxweeks;
1020Sstevel@tonic-gate int file_exist = 1;
1030Sstevel@tonic-gate int end_of_file = 0;
1040Sstevel@tonic-gate mode_t mode;
105*1536Sas198278 mode_t pwd_mode;
1060Sstevel@tonic-gate int pwerr = 0;
107*1536Sas198278 ushort_t i;
1080Sstevel@tonic-gate gid_t pwd_gid, sp_gid;
1090Sstevel@tonic-gate uid_t pwd_uid, sp_uid;
1100Sstevel@tonic-gate FILE *pwf;
1110Sstevel@tonic-gate int black_magic = 0;
1120Sstevel@tonic-gate int count;
1130Sstevel@tonic-gate
1140Sstevel@tonic-gate (void) setlocale(LC_ALL, "");
1150Sstevel@tonic-gate
1160Sstevel@tonic-gate #if !defined(TEXT_DOMAIN) /* Should be defined by cc -D */
1170Sstevel@tonic-gate #define TEXT_DOMAIN "SYS_TEST"
1180Sstevel@tonic-gate #endif
1190Sstevel@tonic-gate (void) textdomain(TEXT_DOMAIN);
1200Sstevel@tonic-gate
1210Sstevel@tonic-gate prognamp = argv[0];
1220Sstevel@tonic-gate /* only PRIVILEGED can execute this command */
1230Sstevel@tonic-gate if (getuid() != PRIVILEGED) {
124*1536Sas198278 (void) fprintf(stderr, gettext("%s: Permission denied.\n"),
125*1536Sas198278 prognamp);
1260Sstevel@tonic-gate exit(NOPERM);
1270Sstevel@tonic-gate }
1280Sstevel@tonic-gate
1290Sstevel@tonic-gate /* No argument can be passed to the command */
1300Sstevel@tonic-gate if (argc > 1) {
1310Sstevel@tonic-gate (void) fprintf(stderr,
1320Sstevel@tonic-gate gettext("%s: Invalid command syntax.\n"),
1330Sstevel@tonic-gate prognamp);
134*1536Sas198278 (void) fprintf(stderr, gettext("Usage: pwconv\n"));
1350Sstevel@tonic-gate exit(BADSYN);
1360Sstevel@tonic-gate }
1370Sstevel@tonic-gate
1380Sstevel@tonic-gate /* lock file so that only one process can read or write at a time */
1390Sstevel@tonic-gate if (lckpwdf() < 0) {
1400Sstevel@tonic-gate (void) fprintf(stderr,
1410Sstevel@tonic-gate gettext("%s: Password file(s) busy. Try again later.\n"),
1420Sstevel@tonic-gate prognamp);
1430Sstevel@tonic-gate exit(FBUSY);
1440Sstevel@tonic-gate }
1450Sstevel@tonic-gate
1460Sstevel@tonic-gate /* All signals will be ignored during the execution of pwconv */
1470Sstevel@tonic-gate for (i = 1; i < NSIG; i++)
148*1536Sas198278 (void) sigset(i, SIG_IGN);
1490Sstevel@tonic-gate
1500Sstevel@tonic-gate /* reset errno to avoid side effects of a failed */
1510Sstevel@tonic-gate /* sigset (e.g., SIGKILL) */
1520Sstevel@tonic-gate errno = 0;
1530Sstevel@tonic-gate
1540Sstevel@tonic-gate /* check the file status of the password file */
1550Sstevel@tonic-gate /* get the gid of the password file */
1560Sstevel@tonic-gate if (stat(PASSWD, &buf) < 0) {
1570Sstevel@tonic-gate (void) f_miss();
1580Sstevel@tonic-gate exit(FATAL);
1590Sstevel@tonic-gate }
1600Sstevel@tonic-gate pwd_gid = buf.st_gid;
1610Sstevel@tonic-gate pwd_uid = buf.st_uid;
162*1536Sas198278 pwd_mode = buf.st_mode;
1630Sstevel@tonic-gate
1640Sstevel@tonic-gate /* mode for the password file should be read-only or less */
165*1536Sas198278 (void) umask(S_IAMB & ~(buf.st_mode & (S_IRUSR|S_IRGRP|S_IROTH)));
1660Sstevel@tonic-gate
1670Sstevel@tonic-gate /* open temporary password file */
1680Sstevel@tonic-gate if ((tp_fp = fopen(PASSTEMP, "w")) == NULL) {
1690Sstevel@tonic-gate (void) f_err();
1700Sstevel@tonic-gate exit(FMERR);
1710Sstevel@tonic-gate }
1720Sstevel@tonic-gate
1730Sstevel@tonic-gate if (chown(PASSTEMP, pwd_uid, pwd_gid) < 0) {
1740Sstevel@tonic-gate DELPTMP();
1750Sstevel@tonic-gate (void) f_err();
1760Sstevel@tonic-gate exit(FMERR);
1770Sstevel@tonic-gate }
1780Sstevel@tonic-gate /* default mode mask of the shadow file */
1790Sstevel@tonic-gate mode = S_IAMB & ~(S_IRUSR);
1800Sstevel@tonic-gate
1810Sstevel@tonic-gate /* check the existence of shadow file */
1820Sstevel@tonic-gate /* if the shadow file exists, get mode mask and group id of the file */
1830Sstevel@tonic-gate /* if file does not exist, the default group name will be the group */
1840Sstevel@tonic-gate /* name of the password file. */
1850Sstevel@tonic-gate
1860Sstevel@tonic-gate if (access(SHADOW, F_OK) == 0) {
1870Sstevel@tonic-gate if (stat(SHADOW, &buf) == 0) {
1880Sstevel@tonic-gate mode = S_IAMB & ~(buf.st_mode & S_IRUSR);
1890Sstevel@tonic-gate sp_gid = buf.st_gid;
1900Sstevel@tonic-gate sp_uid = buf.st_uid;
1910Sstevel@tonic-gate } else {
1920Sstevel@tonic-gate DELPTMP();
1930Sstevel@tonic-gate (void) f_err();
1940Sstevel@tonic-gate exit(FMERR);
1950Sstevel@tonic-gate }
1960Sstevel@tonic-gate } else {
1970Sstevel@tonic-gate sp_gid = pwd_gid;
1980Sstevel@tonic-gate sp_uid = pwd_uid;
1990Sstevel@tonic-gate file_exist = 0;
2000Sstevel@tonic-gate }
2010Sstevel@tonic-gate /*
2020Sstevel@tonic-gate * get the mode of shadow password file -- mode of the file should
2030Sstevel@tonic-gate * be read-only for user or less.
2040Sstevel@tonic-gate */
205*1536Sas198278 (void) umask(mode);
2060Sstevel@tonic-gate
2070Sstevel@tonic-gate /* open temporary shadow file */
2080Sstevel@tonic-gate if ((tsp_fp = fopen(SHADTEMP, "w")) == NULL) {
2090Sstevel@tonic-gate DELPTMP();
2100Sstevel@tonic-gate (void) f_err();
2110Sstevel@tonic-gate exit(FMERR);
2120Sstevel@tonic-gate }
2130Sstevel@tonic-gate
2140Sstevel@tonic-gate /* change the group of the temporary shadow password file */
2150Sstevel@tonic-gate if (chown(SHADTEMP, sp_uid, sp_gid) < 0) {
2160Sstevel@tonic-gate (void) no_convert();
2170Sstevel@tonic-gate exit(FMERR);
2180Sstevel@tonic-gate }
2190Sstevel@tonic-gate
2200Sstevel@tonic-gate /* Reads the password file. */
2210Sstevel@tonic-gate /* If the shadow password file not exists, or */
2220Sstevel@tonic-gate /* if an entry doesn't have a corresponding entry in */
2230Sstevel@tonic-gate /* the shadow file, entries/entry will be created. */
2240Sstevel@tonic-gate
2250Sstevel@tonic-gate if ((pwf = fopen("/etc/passwd", "r")) == NULL) {
2260Sstevel@tonic-gate no_recover();
2270Sstevel@tonic-gate exit(FATAL);
2280Sstevel@tonic-gate }
2290Sstevel@tonic-gate
2300Sstevel@tonic-gate count = 0;
2310Sstevel@tonic-gate while (!end_of_file) {
2320Sstevel@tonic-gate count++;
2330Sstevel@tonic-gate if ((pwdp = fgetpwent(pwf)) != NULL) {
2340Sstevel@tonic-gate if (!file_exist ||
2350Sstevel@tonic-gate (sp = local_getspnam(pwdp->pw_name)) == NULL) {
2360Sstevel@tonic-gate if (errno == EINVAL) {
2370Sstevel@tonic-gate /* Bad entry in shadow exit */
2380Sstevel@tonic-gate DELSHWTMP();
2390Sstevel@tonic-gate DELPTMP();
2400Sstevel@tonic-gate (void) f_bdshw();
2410Sstevel@tonic-gate exit(BADSHW);
2420Sstevel@tonic-gate }
2430Sstevel@tonic-gate sp = &sp_pwd;
2440Sstevel@tonic-gate sp->sp_namp = pwdp->pw_name;
2450Sstevel@tonic-gate if (!pwdp->pw_passwd ||
2460Sstevel@tonic-gate (pwdp->pw_passwd &&
2470Sstevel@tonic-gate *pwdp->pw_passwd == NULL)) {
2480Sstevel@tonic-gate (void) fprintf(stderr,
2490Sstevel@tonic-gate gettext("%s: WARNING user %s has no password\n"),
2500Sstevel@tonic-gate prognamp, sp->sp_namp);
2510Sstevel@tonic-gate }
2520Sstevel@tonic-gate /*
2530Sstevel@tonic-gate * copy the password field in the password
2540Sstevel@tonic-gate * file to the shadow file.
2550Sstevel@tonic-gate * replace the password field with an 'x'.
2560Sstevel@tonic-gate */
2570Sstevel@tonic-gate sp->sp_pwdp = pwdp->pw_passwd;
2580Sstevel@tonic-gate pwdp->pw_passwd = pwdflr;
2590Sstevel@tonic-gate /*
2600Sstevel@tonic-gate * if aging, split the aging info
2610Sstevel@tonic-gate * into age, max and min
2620Sstevel@tonic-gate * convert aging info from weeks to days
2630Sstevel@tonic-gate */
2640Sstevel@tonic-gate if (pwdp->pw_age && *pwdp->pw_age != NULL) {
265*1536Sas198278 when = (long)a64l(pwdp->pw_age);
2660Sstevel@tonic-gate maxweeks = when & 077;
2670Sstevel@tonic-gate minweeks = (when >> 6) & 077;
2680Sstevel@tonic-gate when >>= 12;
2690Sstevel@tonic-gate sp->sp_lstchg = when * 7;
2700Sstevel@tonic-gate sp->sp_min = minweeks * 7;
2710Sstevel@tonic-gate sp->sp_max = maxweeks * 7;
2720Sstevel@tonic-gate sp->sp_warn = -1;
2730Sstevel@tonic-gate sp->sp_inact = -1;
2740Sstevel@tonic-gate sp->sp_expire = -1;
2750Sstevel@tonic-gate sp->sp_flag = 0;
2760Sstevel@tonic-gate pwdp->pw_age = ""; /* do we care? */
2770Sstevel@tonic-gate } else {
2780Sstevel@tonic-gate /*
2790Sstevel@tonic-gate * if !aging, last_changed will be the day the
2800Sstevel@tonic-gate * conversion is done, min and max fields will
2810Sstevel@tonic-gate * be null - use timezone to get local time
2820Sstevel@tonic-gate */
2830Sstevel@tonic-gate sp->sp_lstchg = DAY_NOW;
2840Sstevel@tonic-gate sp->sp_min = -1;
2850Sstevel@tonic-gate sp->sp_max = -1;
2860Sstevel@tonic-gate sp->sp_warn = -1;
2870Sstevel@tonic-gate sp->sp_inact = -1;
2880Sstevel@tonic-gate sp->sp_expire = -1;
2890Sstevel@tonic-gate sp->sp_flag = 0;
2900Sstevel@tonic-gate }
2910Sstevel@tonic-gate } else {
2920Sstevel@tonic-gate /*
2930Sstevel@tonic-gate * if the passwd field has a string other than 'x',
2940Sstevel@tonic-gate * the entry will be written into the shadow file
2950Sstevel@tonic-gate * and the character 'x' is re-written as the passwd
2960Sstevel@tonic-gate * if !aging, last_changed as above
2970Sstevel@tonic-gate */
2980Sstevel@tonic-gate
2990Sstevel@tonic-gate /*
3000Sstevel@tonic-gate * with NIS, only warn about password missing if entry
3010Sstevel@tonic-gate * is not a NIS-lookup entry ("+" or "-")
3020Sstevel@tonic-gate * black_magic from getpwnam_r.c
3030Sstevel@tonic-gate */
3040Sstevel@tonic-gate black_magic = (*pwdp->pw_name == '+' ||
3050Sstevel@tonic-gate *pwdp->pw_name == '-');
3060Sstevel@tonic-gate /*
3070Sstevel@tonic-gate * moan about absence of non "+/-" passwd
3080Sstevel@tonic-gate * we could do more, but what?
3090Sstevel@tonic-gate */
3100Sstevel@tonic-gate if ((!pwdp->pw_passwd ||
3110Sstevel@tonic-gate (pwdp->pw_passwd && *pwdp->pw_passwd == NULL)) &&
3120Sstevel@tonic-gate !black_magic) {
3130Sstevel@tonic-gate (void) fprintf(stderr,
3140Sstevel@tonic-gate gettext("%s: WARNING user %s has no password\n"),
3150Sstevel@tonic-gate prognamp, sp->sp_namp);
3160Sstevel@tonic-gate }
3170Sstevel@tonic-gate if (pwdp->pw_passwd && *pwdp->pw_passwd) {
3180Sstevel@tonic-gate if (strcmp(pwdp->pw_passwd, pwdflr)) {
3190Sstevel@tonic-gate sp->sp_pwdp = pwdp->pw_passwd;
3200Sstevel@tonic-gate pwdp->pw_passwd = pwdflr;
3210Sstevel@tonic-gate if (!pwdp->pw_age ||
3220Sstevel@tonic-gate (pwdp->pw_age &&
3230Sstevel@tonic-gate *pwdp->pw_age == NULL)) {
3240Sstevel@tonic-gate sp->sp_lstchg = DAY_NOW;
3250Sstevel@tonic-gate sp->sp_min = -1;
3260Sstevel@tonic-gate sp->sp_max = -1;
3270Sstevel@tonic-gate sp->sp_warn = -1;
3280Sstevel@tonic-gate sp->sp_inact = -1;
3290Sstevel@tonic-gate sp->sp_expire = -1;
3300Sstevel@tonic-gate sp->sp_flag = 0;
3310Sstevel@tonic-gate }
3320Sstevel@tonic-gate }
3330Sstevel@tonic-gate } else {
3340Sstevel@tonic-gate /*
3350Sstevel@tonic-gate * black_magic needs a non-null passwd
3360Sstevel@tonic-gate * and pwdflr seem appropriate here
3370Sstevel@tonic-gate * clear garbage if any
3380Sstevel@tonic-gate */
3390Sstevel@tonic-gate sp->sp_pwdp = "";
3400Sstevel@tonic-gate pwdp->pw_passwd = pwdflr;
3410Sstevel@tonic-gate sp->sp_lstchg = sp->sp_min = sp->sp_max = -1;
3420Sstevel@tonic-gate sp->sp_warn = sp->sp_inact = sp->sp_expire = -1;
3430Sstevel@tonic-gate sp->sp_flag = 0;
3440Sstevel@tonic-gate }
3450Sstevel@tonic-gate /*
3460Sstevel@tonic-gate * if aging, split the aging info
3470Sstevel@tonic-gate * into age, max and min
3480Sstevel@tonic-gate * convert aging info from weeks to days
3490Sstevel@tonic-gate */
3500Sstevel@tonic-gate if (pwdp->pw_age && *pwdp->pw_age != NULL) {
351*1536Sas198278 when = (long)a64l(pwdp->pw_age);
3520Sstevel@tonic-gate maxweeks = when & 077;
3530Sstevel@tonic-gate minweeks = (when >> 6) & 077;
3540Sstevel@tonic-gate when >>= 12;
3550Sstevel@tonic-gate sp->sp_lstchg = when * 7;
3560Sstevel@tonic-gate sp->sp_min = minweeks * 7;
3570Sstevel@tonic-gate sp->sp_max = maxweeks * 7;
3580Sstevel@tonic-gate sp->sp_warn = -1;
3590Sstevel@tonic-gate sp->sp_inact = -1;
3600Sstevel@tonic-gate sp->sp_expire = -1;
3610Sstevel@tonic-gate sp->sp_flag = 0;
3620Sstevel@tonic-gate pwdp->pw_age = ""; /* do we care? */
3630Sstevel@tonic-gate }
3640Sstevel@tonic-gate }
3650Sstevel@tonic-gate
3660Sstevel@tonic-gate /* write an entry to temporary password file */
3670Sstevel@tonic-gate if ((putpwent(pwdp, tp_fp)) != 0) {
3680Sstevel@tonic-gate (void) no_convert();
3690Sstevel@tonic-gate exit(FMERR);
3700Sstevel@tonic-gate }
3710Sstevel@tonic-gate
3720Sstevel@tonic-gate /* write an entry to temporary shadow password file */
3730Sstevel@tonic-gate if (putspent(sp, tsp_fp) != 0) {
3740Sstevel@tonic-gate (void) no_convert();
3750Sstevel@tonic-gate exit(FMERR);
3760Sstevel@tonic-gate }
3770Sstevel@tonic-gate } else {
3780Sstevel@tonic-gate if (feof(pwf)) {
3790Sstevel@tonic-gate end_of_file = 1;
3800Sstevel@tonic-gate } else {
3810Sstevel@tonic-gate errno = 0;
3820Sstevel@tonic-gate pwerr = 1;
3830Sstevel@tonic-gate (void) fprintf(stderr,
384*1536Sas198278 gettext("%s: ERROR: bad entry or blank "
385*1536Sas198278 "line at line %d in /etc/passwd\n"),
386*1536Sas198278 prognamp, count);
3870Sstevel@tonic-gate }
3880Sstevel@tonic-gate }
3890Sstevel@tonic-gate } /* end of while */
3900Sstevel@tonic-gate
3910Sstevel@tonic-gate (void) fclose(pwf);
3920Sstevel@tonic-gate (void) fclose(tsp_fp);
3930Sstevel@tonic-gate (void) fclose(tp_fp);
3940Sstevel@tonic-gate if (pwerr) {
3950Sstevel@tonic-gate (void) no_convert();
3960Sstevel@tonic-gate exit(FMERR);
3970Sstevel@tonic-gate }
3980Sstevel@tonic-gate
3990Sstevel@tonic-gate /* delete old password file if it exists */
4000Sstevel@tonic-gate if (unlink(OPASSWD) && (access(OPASSWD, F_OK) == 0)) {
4010Sstevel@tonic-gate (void) no_convert();
4020Sstevel@tonic-gate exit(FMERR);
4030Sstevel@tonic-gate }
4040Sstevel@tonic-gate
4050Sstevel@tonic-gate /* rename the password file to old password file */
4060Sstevel@tonic-gate if (rename(PASSWD, OPASSWD) == -1) {
4070Sstevel@tonic-gate (void) no_convert();
4080Sstevel@tonic-gate exit(FMERR);
4090Sstevel@tonic-gate }
4100Sstevel@tonic-gate
4110Sstevel@tonic-gate /* rename temporary password file to password file */
4120Sstevel@tonic-gate if (rename(PASSTEMP, PASSWD) == -1) {
4130Sstevel@tonic-gate /* link old password file to password file */
4140Sstevel@tonic-gate if (link(OPASSWD, PASSWD) < 0) {
4150Sstevel@tonic-gate (void) no_recover();
4160Sstevel@tonic-gate exit(FATAL);
4170Sstevel@tonic-gate }
4180Sstevel@tonic-gate (void) no_convert();
4190Sstevel@tonic-gate exit(FMERR);
4200Sstevel@tonic-gate }
4210Sstevel@tonic-gate
4220Sstevel@tonic-gate /* delete old shadow password file if it exists */
4230Sstevel@tonic-gate if (unlink(OSHADOW) && (access(OSHADOW, R_OK) == 0)) {
4240Sstevel@tonic-gate /* link old password file to password file */
4250Sstevel@tonic-gate if (unlink(PASSWD) || link(OPASSWD, PASSWD)) {
4260Sstevel@tonic-gate (void) no_recover();
4270Sstevel@tonic-gate exit(FATAL);
4280Sstevel@tonic-gate }
4290Sstevel@tonic-gate (void) no_convert();
4300Sstevel@tonic-gate exit(FMERR);
4310Sstevel@tonic-gate }
4320Sstevel@tonic-gate
4330Sstevel@tonic-gate /* link shadow password file to old shadow password file */
4340Sstevel@tonic-gate if (file_exist && rename(SHADOW, OSHADOW)) {
4350Sstevel@tonic-gate /* link old password file to password file */
4360Sstevel@tonic-gate if (unlink(PASSWD) || link(OPASSWD, PASSWD)) {
4370Sstevel@tonic-gate (void) no_recover();
4380Sstevel@tonic-gate exit(FATAL);
4390Sstevel@tonic-gate }
4400Sstevel@tonic-gate (void) no_convert();
4410Sstevel@tonic-gate exit(FMERR);
4420Sstevel@tonic-gate }
4430Sstevel@tonic-gate
4440Sstevel@tonic-gate
4450Sstevel@tonic-gate /* link temporary shadow password file to shadow password file */
4460Sstevel@tonic-gate if (rename(SHADTEMP, SHADOW) == -1) {
4470Sstevel@tonic-gate /* link old shadow password file to shadow password file */
4480Sstevel@tonic-gate if (file_exist && (link(OSHADOW, SHADOW))) {
4490Sstevel@tonic-gate (void) no_recover();
4500Sstevel@tonic-gate exit(FATAL);
4510Sstevel@tonic-gate }
4520Sstevel@tonic-gate if (unlink(PASSWD) || link(OPASSWD, PASSWD)) {
4530Sstevel@tonic-gate (void) no_recover();
4540Sstevel@tonic-gate exit(FATAL);
4550Sstevel@tonic-gate }
4560Sstevel@tonic-gate (void) no_convert();
4570Sstevel@tonic-gate exit(FMERR);
4580Sstevel@tonic-gate }
4590Sstevel@tonic-gate
460*1536Sas198278 /* Make new mode same as old */
461*1536Sas198278 (void) chmod(PASSWD, pwd_mode);
462*1536Sas198278
4630Sstevel@tonic-gate /* Change old password file to read only by owner */
4640Sstevel@tonic-gate /* If chmod fails, delete the old password file so that */
4650Sstevel@tonic-gate /* the password fields can not be read by others */
4660Sstevel@tonic-gate if (chmod(OPASSWD, S_IRUSR) < 0)
4670Sstevel@tonic-gate (void) unlink(OPASSWD);
4680Sstevel@tonic-gate
4690Sstevel@tonic-gate (void) ulckpwdf();
470108Sbasabi return (0);
4710Sstevel@tonic-gate }
4720Sstevel@tonic-gate
4730Sstevel@tonic-gate void
no_recover(void)474108Sbasabi no_recover(void)
4750Sstevel@tonic-gate {
4760Sstevel@tonic-gate DELPTMP();
4770Sstevel@tonic-gate DELSHWTMP();
4780Sstevel@tonic-gate (void) f_miss();
4790Sstevel@tonic-gate }
4800Sstevel@tonic-gate
4810Sstevel@tonic-gate void
no_convert(void)482108Sbasabi no_convert(void)
4830Sstevel@tonic-gate {
4840Sstevel@tonic-gate DELPTMP();
4850Sstevel@tonic-gate DELSHWTMP();
4860Sstevel@tonic-gate (void) f_err();
4870Sstevel@tonic-gate }
4880Sstevel@tonic-gate
4890Sstevel@tonic-gate void
f_err(void)490108Sbasabi f_err(void)
4910Sstevel@tonic-gate {
492*1536Sas198278 (void) fprintf(stderr,
4930Sstevel@tonic-gate gettext("%s: Unexpected failure. Conversion not done.\n"),
4940Sstevel@tonic-gate prognamp);
4950Sstevel@tonic-gate (void) ulckpwdf();
4960Sstevel@tonic-gate }
4970Sstevel@tonic-gate
4980Sstevel@tonic-gate void
f_miss(void)499108Sbasabi f_miss(void)
5000Sstevel@tonic-gate {
501*1536Sas198278 (void) fprintf(stderr,
5020Sstevel@tonic-gate gettext("%s: Unexpected failure. Password file(s) missing.\n"),
5030Sstevel@tonic-gate prognamp);
5040Sstevel@tonic-gate (void) ulckpwdf();
5050Sstevel@tonic-gate }
5060Sstevel@tonic-gate
5070Sstevel@tonic-gate void
f_bdshw(void)508108Sbasabi f_bdshw(void)
5090Sstevel@tonic-gate {
510*1536Sas198278 (void) fprintf(stderr,
5110Sstevel@tonic-gate gettext("%s: Bad entry in /etc/shadow. Conversion not done.\n"),
5120Sstevel@tonic-gate prognamp);
5130Sstevel@tonic-gate (void) ulckpwdf();
5140Sstevel@tonic-gate }
515