lib: Remove ancient SCCS tags.

Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.

Sponsored by: Netflix

Remove $FreeBSD$: one-line .c pattern

Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/

Make vipw error message less cryptic

Unable to find an editor, vipw would give this error:
# env EDITOR=fnord vipw
vipw: pw_edit(): No such file or directory

vigr or crontab do better:
# env EDITOR=fnord crontab -e
crontab: no crontab for root - using an empty one
crontab: fnord: No such file or directory
crontab: "fnord" exited with status 1

After this change, vipw behaves more like vigr or crontab:
# env EDITOR=fnord vipw
vipw: fnord: No such file or directory
vipw: "fnord" exited with status 1

Reviewed by: rpokala, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25369

libutil: remove extraneous ": " from error messages

Each of the err() family of functions already takes care of that.

Make pw_scan(3) more compatible with getpwent(3) et. al. when processing
data from /etc/passwd rather than /etc/master.passwd.

The libc getpwent(3) and related functions automatically read master.passwd
when run by root, or passwd when run by a non-root user. When run by non-
root, getpwent() copes with the missing data by setting the corresponding
fields in the passwd struct to known values (zeroes for numbers, or a
pointer to an empty string for literals). When libutil's pw_scan(3) was
used to parse a line without the root-accessible data, it was leaving
garbage in the corresponding fields.

These changes rename the static pw_init() function used by getpwent() and
friends to __pw_initpwd(), and move it into pw_scan.c so that common init
code can be shared between libc and libutil. pw_scan(3) now calls
__pw_initpwd() before __pw_scan(), just like the getpwent() family does, so
that reading an arbitrary passwd file in either format and parsing it with
pw_scan(3) returns the same results as getpwent(3) would.

This also adds a new pw_initpwd(3) function to libutil, so that code which
creates passwd structs from scratch in some manner that doesn't involve
pw_scan() can initialize the struct to the values expected by lots of
existing code, which doesn't expect to encounter NULL pointers or garbage
values in some fields.

Use __SCCSID() for SCCS IDs.

- Define NO__SCCSID in CFLAGS to preserve existing behavior of omitting
SCCS IDs by default.
- While here, fix the $FreeBSD$ in pw_util.c to use __FBSDID.

General further adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

lib: initial use of reallocarray(3).

Make some use of reallocarray, attempting to limit it to cases where the
parameters are unsigned and there is some theoretical chance of overflow.

MFC afer: 2 weeks
Differential Revision: https://reviews.freebsd.org/D9980

Renumber copyright clause 4

Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96

Use malloc()ed buffers instead of stack buffers in gr_copy() and pw_copy().
This allows pw(8) to operate on passwd and group files with longer lines
than could be accomodated by a stack buffer. It doesn't take more than a
few hundred users to exceed 8192 bytes in /etc/group.

MFC after: 3 weeks
Sponsored by: The University of Oslo

Speed up pw operations that edit /etc/group or /etc/passwd

r285050 fixed a bug in pw that could lead to /etc/passwd or /etc/group
corruption on power loss. However, it fixed it by opening those files with
O_SYNC, which is very slow, especially on ZFS. This change replaces O_SYNC
with appropriately placed fsync()s instead, which is much faster. Using a
ZFS tmpdir, the time to run pw's kyua tests drops from 245s to 35s.

Reviewed by: allanjude, bapt, vangyzen, garga
Tested on pfSense by: garga
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D8319

Remove useless calls to basename().

There are a couple of places in the source three where we call
basename() on constant strings. This is bad, because the prototype
standardized by POSIX allows the implementation to use its argument as a
storage buffer.

This change eliminates some of these unportable calls to basename() in
cases where it was only added for cosmetical reasons, namely to trim
argv[0]. There's nothing wrong with setting argv[0] to the full path.

Reviewed by: jilles
Differential Revision: https://reviews.freebsd.org/D6093

When passwd or group information is changed (by pw, vipw, chpass, ...)
temporary file is created and then a rename() call move it to official file.
This operation didn't have any check to make sure data was written to disk
and if a power cycle happens system could end up with a 0 length passwd
or group database.

There is a pfSense bug with more infor about it:

https://redmine.pfsense.org/issues/4523

The following changes were made to protect passwd and group operations:

* lib/libutil/gr_util.c:
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
- After rename(), fsync() call on directory for faster result

* lib/libutil/pw_util.c
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file

* usr.sbin/pwd_mkdb/pwd_mkdb.c
- Added O_SYNC flag on dbopen() calls
- After rename(), fsync() call on directory for faster result

* lib/libutil/pw_util.3
- pw_lock() returns a file descriptor to master password file on success

Differential Revision: https://reviews.freebsd.org/D2978
Approved by: bapt
Sponsored by: Netgate

revert r283969,283970 not needed anymore after r283981

Add a pw_mkdb2(3) function which does the same thing as pw_mkdb(3) except
it takes a new argument allowing to specify the endianness of the database
to generate

Differential Revision: https://reviews.freebsd.org/D2730
Reviewed by: ian

Add O_CLOEXEC to flopen

Requested by: jilles

Use flopen(3) instead of open(2) + flock(2)

backout r242319, racy and not done in the right place

Reported by: Garrett Cooper <yanegomi@gmail.com>

make pw_init and gr_init fail if the specified master password or group file is
a directory.

MFC after: 1 month

Revert user comparison back to user names as some user can share uids (root/toor
for example)

get the username information from old_pw structures to still allow renaming of a
user.

Reported by: Claude Buisson <clbuisson@orange.fr>
Approved by: des (mentor)
MFC after: 3 weeks

Detect file modification properly by using tv_nsec.

POSIX 2008 standardizes st_mtim, meaning we can simply use nanosecond
precision to detect file modification.

MFC after: 2 weeks

Add new pw_make_v7 to make a passwd line (in v7 format) out of a struct passwd
while here, fix missing parentheses of the return statement of pw_make.

Approved by: des (mentor)

Modify pw_copy:
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user

add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.

Reviewed by: des
Approved by: des
MFC after: 1 month

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Old patch I had lying around: clean up and use stpcpy(3) instead of
sprintf(3).

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

MFC r199826:
sigset() is the name of function specified by SUSv4.
Replace it to avoid conflict.

sigset() is the name of function specified by SUSv4.
Replace it to avoid conflict.

MFC after: 3 weeks

- Import the HEAD csup code which is the basis for the cvsmode work.

Remove California Regent's clause 3, per letter

Minor comment fix.

(pw_copy): Handle the case of a malformed line in master.passwd
(copy it silently, do not dereference NULL pointer).

PR: bin/102848
Reviewed by: security-officer (cperciva)
MFC after: 1 week

Don't depend on NULL's expansion being a pointer, cast it before it is passed
to variadic functions.

Approved by: das (mentor)

ANSIfy, WARNSify, CONSTify. Bit of style(9)-ify.

Tidy up. Sort headers.

Brucify.

Correctly detect the case where a password entry was changed while we were
preparing to edit it.

PR: bin/50563

Apply the correct fix for bin/50679: don't mess around with process groups
or the tty, just block selected signals in the parent like system(3) does.
Many thanks to bde for his assistance in finding the correct solution.

PR: bin/50679

Band-aid for the "^C kills the editor" problem. I haven't yet found the
proper way to fix this. The way this works is to prepend "exec " to
the editor command to eliminate the "shell in the middle" which prevents
us from properly reawakening the editor after a SIGTSTP.

PR: bin/50679

Make pw_edit() use /bin/sh to interpret the EDITOR environment
variable.

PR: 48748
Reviewed by: mike (mentor)

Don't forget to '\n'-terminate new entries. This unbreaks chpass -a.

Submitted by: joerg

Be more clear in error messages.
Distinguish between a held lock and a failed lock op.

If rpc.lockd is not running on a diskless client this makes clearer
what the problem is.

If no old_pw was passed to pw_copy, compare just the name.

Sponsored by: DARPA, NAI Labs

Add passwd manipulation code based on parts of vipw and chpass.

Sponsored by: DARPA, NAI Labs

Make mppath and masterpasswd pointers instead of arrays, and initialize
them to point at static strings that contain the default paths. This
makes 'vipw -d' work again (I broke it in rev 1.21; apologies for taking
so long to fix it.)

Spotted by: Olivier Houchard <doginou@cognet.ci0.org>
Sponsored by: DARPA, NAI Labs

Remove bogus reference to _use_yp.

ANSIfy and constify.

Sponsored by: DARPA, NAI Labs

Fix the type of the NULL arg to execl()

Idea from: Theo de Raadt <deraadt@openbsd.org>

Don't pass NULL to the %s format.

Reviewed by: kris

Don't call warn() without a format string.

$Id$ -> $FreeBSD$

Move call to umask(0) back into pw_util(), because the latter
function is also used by chpass(1) and passwd(1).

Force umask to 077 (instead of 000) during the edit phase, to get
secure permissions in case the user attempts to save something to
a file of his own.

Move umask stuff out of pw_init() into main() for better visibility
of overall umask tweaking logic.

PR: misc/11797

Add -d option to vipw(8) to allow selection of an alternative directory
for the password files.

PR: 2703
Submitted by: jmg

oops. Fix indentation of the 'for' loop I just added.

Handle the race condition where vipw may lock a password file which has
just been replaced. After our lock succeeds we check if st_nlink is 0
and if it is we close the descriptor and retry our open/lock sequence.

Since vfork() was changed to fork(), we have to pass errno back from the
child to the parent somehow.

PR: 8353
Submitted by: Andrew J. Korty <ajk@purdue.edu>

Calls one or more of malloc(), warn(), err(), syslog(), execlp() or
execvp() in the child branch of a vfork(). Changed to use fork()
instead.

Some of these (mv, find, apply, xargs) might benefit greatly from
being rewritten to use vfork() properly.

PR: Loosely related to bin/8252
Approved by: jkh and bde

Statisize usage().

Changes to support full make parallelism (-j<n>) in the world
target.
Reviewed by: <many different folks>
Submitted by: Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>

Endless loop.

$ vipw
[corrupt a line in editor, exit editor]
pwd_mkdb: corrupted entry
pwd_mkdb: at line #2
pwd_mkdb:
/etc/pw.012585: Inappropriate file type or format
re-edit the password file? [y]: n^D^D
[hang]

Cosmetic: distinguish in diag message between rebuilding and updating
the database.

PR: 3397
Submitted by: taob@risc.org (Brian Tao)

Implement incremental passwd database updates. This is done by ading a '-u'
option to pwd_mkdb and adding this option to utilities invoking it.
Further, the filling of both the secure and insecure databases has been
merged into one loop giving also a performance improvemnet.
Note that I did *not* change the adduser command. I don't read perl
(it is a write only language anyway).
The change will drastically improve performance for passwd and
friends with large passwd files. Vipw's performance won't change.
In order to do that some kind of diff should be made between the
old and new master.passwd and depending the amount of changes, an
incremental or complete update of the databases should be agreed
upon.

Small NIS tweak: frob pw_error() a little so that it can say either
'NIS information unchanged' or '/etc/master.passwd unchanged'
depending on which was is being modified (conditional on -DYP).

This is to save me the trouble of writing a whole other error
routine (nis_error()?) for the upcoming changes to passwd and
chpass.

Remove trailing whitespace.

Fix suspended vipw hangs
Obtained from: NetBSD

BSD 4.4 Lite usr.sbin Sources