pw userdel: destroy home dataset if empty

When removing a user's home directory, if the directory is a ZFS
dataset, it cannot be removed. If the directory has been emptied,
use "zfs destroy" to destroy it. This complements the automatic
dataset creation in adduser. Note that datasets within the directory
and snapshots are not handled, as the complete path is not constructed.

While here, add waitpid() calls to rmat() and pw_user_del().

Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D45348

pw: Don't silently ignore unparsed command line arguments.

MFC after: 3 days
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D45097

pw: Rename some enums.

Rename `M_PRINT` and `M_UPDATE` to `M_SHOW` and `M_MODIFY` to match the
names of the commands they represent. No functional change intended.

MFC after: 3 days
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D45096

Purge more stray embedded $FreeBSD$ strings

These do not use __FBSDID but instead use bare char arrays.

Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D41957

pw: Use existing group entry, even if it already has members

Fix the following problem:

1. A nonexistent user, someuser, is added to /etc/group as
someuser:*:12345:someuser.
2. someuser is then created with the default login group.

A second group entry for someuser will be created.

someuser:*:12345:someuser
someuser:*:12346:

With this fix, the existing group entry will be used.

PR: 238995
Reviewed by: bapt, jrm
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41057

pw: Ensure group membership is not duplicated

Fix the following problem:

1. A nonexistent user, someuser, is added to somegroup in /etc/group.
2. someuser is then created with membership in somegroup.

The entry for somegroup in /etc/group will then contain

somegroup:*:12345:someuser,someuser

With this fix, the entry will be

somegroup:*:12345:someuser

PR: 238995
Reviewed by: bapt, jrm
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41076

pw: do not move /home/$user to /usr/home

When adding a user, pw will create the path to the home directory
if needed. However, if creating a path with just one component,
i.e. that appears to be in the root directory, pw would create the
directory in /usr, and create a symlink from the root directory.
Most commonly, this meant that the default of /home/$user would turn
into /usr/home/$user. This was added in a self-described kludge 26
years ago. It made (some) sense when root was generally a small
partition, with most of the space in /usr. However, the default is
now one large partition. /home really doesn't belong under /usr,
and anyone who wants to use /usr/home can specify it explicitly.
Remove the kludge to move /home under /usr and create the symlink,
and just use the specified path. Note that this operation was
done only on the first invocation for a path, and this happened most
commonly when adding a user during the install.

Modify the test that checked for the creation of the symlink to
verify that the symlink is *not* made, but rather a directory.
Add a test that intermediate directories are still created.

Reviewed by: rgrimes, bapt
Differential Revision: https://reviews.freebsd.org/D40085

pw: The pw_checkname function has added ';' checking.

The pw_checkname function forgot to include a ';'
when checking usernames, causing shell commands
to be executed when a username with a ';' is deleted.

PR: 271427
MFC After: 3 days

pw: do not call system()

Calling system makes pw(8) spawn a shell, which can then be abused.

MFC After: 3 days

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

pw(8): fix combination of modes -N and -w random

The command "pw usermod nobody -Nw random" (or useradd)
generates random password and prints it in encrypted form
but skips choosen random string that makes not much sense
and contradicts the manual page pw.8

Fix it by showing random password in plain text with -N and
without it equally. Add yet another example of how to generate
pw-style random password.

MFC after: 2 weeks

pw: exit with an error in case of using an illegal option

PR: 263188
Reported by: Dennis Clarke <dclarke@blastwave.org>
MFC After: 1 week

Put OPIE to rest.

Differential Revision: https://reviews.freebsd.org/D36592

pw: Handle errors from ftell() when removing records from /etc/opiekeys.

Reported by: Coverity
MFC after: 1 week
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.

Remove an uneeded indentation introduced in r286196 to silence gcc warnging

MFC after: 3 days
Sponsored by: The FreeBSD Foundation

Allow the "@" and "!" characters in passwd file GECOS fields.

Two PRs (152084 & 210187) request allowing the "@" and/or "!"
characters in the passwd file GECOS field. The man page for pw does
not mention that those characters are disallowed, Linux supports those
characters in this field, and the "@" character in particular would be
useful for storing email addresses in that field.

PR: 152084, 210187
Submitted by: jschauma@netmeister.org, Dave Cottlehuber <dch@freebsd.org>
Reported by: jschauma@netmeister.org, Dave Cottlehuber <dch@freebsd.org>
Reviewed by: delphij (secteam), vangyzen
MFC after: 1 week
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D14519

pw(8): r326738 broke expiration arithmetic in case of `-D' flag not supplied.

Fix it and rename misnamed time_t variables `expire_days, password_days'
(always holding absolute time) to `expire_time, password_time'.

Add a comment for a case of overloading `cmdcnf->password_days'
and `cmdcnf->expire_days' with absolute time.

Reported by: markj
Approved by: mav (mentor)
MFC after: 1 week

pw(8): correct expiration period handling and command line overrides
to preconfigured values for -e, -p and -w flags.

Use non-negative symbols instead of magic values
in passwd_val/pw_password functions.

PR: 223431
Submitted by: Yuri Pankov (in part, patch for the manual)
Reported by: mav (mentor)
MFC after: 3 days
Relnotes: yes

various: general adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.

pw useradd: Validate the user name before creating the entry

Previouly it was possible to create users with spaces in the name with:
pw useradd -u 1234 -g 1234 -n 'test user'

The "-g 1234" is relevant, without it the name was already rejected
as expected:

[fk@test ~]$ sudo pw useradd -u 1234 -n 'test user'
pw: invalid character ` ' at position 4 in userid/group name

Bug unintentionally found with a salt config without explicit name entry:

test user:
user.present:
- uid: 1234
- gid: 1234
- fullname: Test user
- shell: /usr/local/bin/bash
- home: /home/test
- groups:
- wheel
- salt

"Luckily" salt modules rarely bother with input validation either ...

PR: 221416
Submitted by: Fabian Keil
Obtained from: ElectroBSD
MFC after: 1 week

pw usermod: Properly deal with empty secondary group lists (-G '')

"pw usermod someuser -G ''" is supposed make sure that someuser
doesn't have any secondary group memberships.

Previouly it was a nop because split_groups() only intitialised
"groups" if at least one group was specified. As a result the
existing secondary group memberships were kept.

PR: 221417
Submitted by: Fabian Keil
Obtained from: ElectroBSD
MFC after: 1 week
Relnotes: yes

Don't depend on assert(3) getting evaluated

Reported by: imp
MFC after: 3 weeks
X-MFC-With: 318141, 318143
Sponsored by: Spectra Logic Corp

strcpy => strlcpy

Reported by: Coverity
CID: 1006715
MFC after: 3 weeks
Sponsored by: Spectra Logic Corp

Properly initialise with content of pw.conf(5) that was mistakenly ignored.
Also, respect "defaultgroup" if specified there.

PR: 217934
Reported by: Victor Sudakov <vas@mpeks.tomsk.su>
Reviewed by: bapt
Approved by: bapt, vsevolod (mentor)
MFC after: 1 week

Really restore the old behaviour for pw usermod -m

It again reinstall missing skel files without overwriting changed one
Add a regression test about it

Reported by: ae
MFC after: 3 days

Readd a feature lost in pw(8) refactoring

pw usermod foo -m

It used to be able to (re)create the home directory if it didn't exists

PR: 216224
Reported by: ae
MFC after: 3 days

pw should sanitize the argument of -w.

Otherwise, it will silently disable the login for the selected account if
the argument is unrecognizable.

usr.sbin/pw/pw.h
usr.sbin/pw/pw_conf.c
usr.sbin/pw/pw_user.c
Use separate rules to validate boolean parameters and passwd
parameters. Error out if a password parameter cannot be parsed.

usr.sbin/pw/tests/Makefile
usr.sbin/pw/tests/crypt.c
usr.sbin/pw/tests/pw_useradd.sh
usr.sbin/pw/tests/pw_usermod.sh
Add tests for the validation. Also, enhance existing
password-related tests to actually validate that the correct hash is
written to master.passwd.

Reviewed by: bapt
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6840

Fix typo preventing pw {user,group}next -C from working as expected

Reported by: Mike Selnet via forums.freebsd.org
MFC after: 3 days

Remove some unneeded headers

Found by 'include-what-you-use'

Fix a typo that prevented pw(8) from setting a user's UID to 0.

MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division

pw_checkname since the beginning if too strict on GECOS field,
relax it a bit so gecos can be used to store multibytes data.

This was unseen before FreeBSD 10.2 as this validation function was motly unused
since FreeBSD 10.2 the usage of this function has been generalized to improve
validation.

Reported by: des
MFC after: 1 week

Fix handling of numeric-only names with pw lock
Add a regression test about it

PR: 204968
MFC after: 1 week

In pw_userlock, set 'name' to NULL when we encounter an all number string
because it is also used as an indicator of whether a name or an UID is
being used and we may have undefined results as 'name' may contain
uninitialized stack contents.

MFC after: 2 weeks

Fix unlikely memory leak.

It is unlikely since the first check in the function is that dir[0] is '/',
but later code changes may make it real.

Coverity CID: 1332104

Regression: fix usershow -7

Submitted by: Dan McGregor (via IRC)
MFC after: 2 days

Regression: fix pw usermod -d

Mark the user has having been edited if -d option is passed to usermod and
so the request change of home directory actually happen

PR: 203052
Reported by: lenzi.sergio@gmail.com
MFC after: 2 days

Fix /home symlink creation

Add regression test about it

Fix useradd regression:

Readd the function to create the parents home directory if it does not exists.
if it is only a directory at the top level of the hierarchy symlink it into /usr
as it used to be done before.

Reported by: kevlo, adrian

Regression: fix pw usermod -w xxx

Reported by: gjb

Avoid calling strlen() where we can use the strspn() return value.

Fix bugs spotted by gcc

Reported by: adrian

Actually set quiet to something.

/usr/home/adrian/work/freebsd/head-embedded-2/src/usr.sbin/pw/pw_user.c: In function 'pw_user_next':
/usr/home/adrian/work/freebsd/head-embedded-2/src/usr.sbin/pw/pw_user.c:680: warning: statement with no effect

Split some extra long lines

Cleanup a bit includes

Fix regression: report again if a username already exists when creating it

Rewrite parsing subcommands arguments of pw(8)

Now each subcommands checks its arguments in a dedicated functions.

This helps improving input validation, code readability/maintainability
While here:
- Add a -y option to pw userdel/usermod so it can maintain NIS servers if
nispasswd is not defined in pw.conf(5)
- Allow pw -r <rootdir> to remove directory with userdel -r
- Fix bug when renaming a user which was not renaming the user name it groups
it is a member of.
- Only parse pw.conf(5) when needed.

Partial revert of r286152

More work needed on the cli validation

Validate expiration days and password days from commmand line and pw.conf

Cast uid/git to uintmax_t when using printf-like functions so the size of
uid/gid size remains a implementation detail

Reject usermod and userdel if the user concerned is not on the user database
supposed to be manipulated

This prevent pw usermod creating a new local user when requesting to usermod on
a username is defined in LDAP.

This issue only happens when modifying the local user database (not inpacting
commands when -V or -R are used).

PR: 187653
Submitted by: tmwalaszek@gmail.com

Fix wrong warning printed after changing or updating NIS users

PR: 37672
Submitted by: chris+freebsd@chrullrich.de

Regression fix: allow to create users with uid0

Reported by: Jan Mikkelsen <janm@transactionware.com>

Ensure skeldir is abolute path (relatively to the rootdir)

pw -R <rootdir> userdel can now cleanup installation

Rewrite rm_r to use *at function, allowing to remove home directories along with
users. only crontabs and at(1) installation are not removed

Relnotes: yes

Rework the home directory creation and copy or the skel content to use *at
functions

This allows to simplify the code a bit for -R by not having to keep modifying
path and also prepare the code to improve support -R in userdel

While here, add regression tests for the functionality

Make getarg return NULL if args is NULL

Fix regression: ensure when try to create the group and the user with the same
id if possible and nothing in particular was specified

Replace custom string array with stringlist(3)

Remove unused argument from pm_passwd

check the gecos format early: at the moment the -c option is parsed

Remove useless use of goto

Isolate pw lock/unlock into a separate function

homedir can only be populate during useradd

Make a separate groupdel/userdel from the main function

Make separate functions to show users and groups

Move the quiet flag into the configuration structure

Separate usernext/groupnext from the main functions

Fix validation of crypted password
Small cleanups

Validate input of pw usermod -h and pwusermod -H

Push the code that set the password into a separate function to improve
readability

Add regression tests about pw usermod -h and pw usermod -H

backout remove of -q option for pw [user|group] next

While the return code is broken, some corner case usage depends on the
functionnality, so backout until we get better regression tests covering those
corner case usage.

Remove '-q' support for pw [user|group] next

the intent of -q in this command is to return as exit status the value of the
next group/user id, which does not make sense given exit status are limited to
values between 0 and 255.

Fix generating configuration file

Fix duplicate checking

Remove uneeded code (already done by pw_make_v7)

In case of rename validate the length of the new name

Check early that the new name fits MAXLOGNAME and store it in pwconf

Refactor input validation

Mutualize code to validate inputs of both 'user' and 'group' command
Test that the input name fits into MAXLOGNAME

Finish converting -7 to pwconf

Handle -7 via gloval pwconf

Handle pretty print (-P) via global pwconf

Handle dryrun (-N) via global pwconf

Add a new global struct pwconf to store etcpath, rootdir and struct userconf

Do not add anymore -R and -V to arglist
Add an error message if both -V and -R are set in arguments

Fix pw userdel -r not deleting homedir

Test explicitly the result of strcmp to be consistent with the rest of the code

Improve readability by reducing indentations levels

Remove one level of indentation

Move user deletion code into a separate function to improve readability

Instead of always casting the pw_checkname input to u_char * and casting it back
to char *, change pw_checkname to directly take char * in input

New pw -R rootdir option

This allows to set an alternate root directory in which the users/groups will be
manipulated

Requested by: gjb, ian
Tested by: gjb

Remove useless cast in printf and printf-like functions:
use %u for uid_t and gid_t

Cast -1 to uid_t and bump WARNING level to 3

Make pw_user()/pw_group() more consitent about errors

Some of errors were returned to the main function, some others caused a direct
exit via err(3).

The main function is only interested in EXIT_SUCCESS, so in all other cases
replace warn(3) + return err by err(3)

Replace sprintf(3) with snprintf(3)

Use snprintf(3) instead of sprintf(3)
Remove useless "else"

Remove some uneeded headers

Replace malloc(3) + strcpy(3) + strcat(3) by asprintf(3)

Use snprintf(3) instead of strcpy(3) + strncat(3)

Revert r277652

uid and gid are never and should never be negative. The pw(8) manpage clearly
states the -u and -g arguments are for uids/gids, hence using negative values is
abusing a bug in former versions of pw(8)

Allow negative numbers in -u and -g options

PR: 196514
MFC after: 1 week

Ensure pw userdel -u <invalid> do not try to remove root

Check the uid passed is actually a number as early as possible

MFC after: 1 week

Fix a regression in pw usermod -G list

The user was perperly adding the to different groups from "list" but was not
removed from the other groups it could have belong to.
While here add a regression test about this bug

PR: 185666
Reported by: sub.mesa@gmail.com
MFC after: 1 week

Two more places where login_setcryptfmt() defaults to MD5 were missed
in r252688.

MFC after: 3 days

pw: fix up deletion of users from groups

Previuosly given 'foo,bar' members, removing 'foo' would result in an
infinite loop.

PR: 191427
Submitted by: Voradesh Yenbut <yenbut cs.washington.edu>
MFC after: 1 week

Fix pw(8) deletion of group "username" on userdel even if group "username"
is not associated with user "username". E.g., user "foo" has primary group
"wheel" and is unassociated with group "foo", yet userdel would delete the
group "foo" when deleting user "foo" (despite the fact that user "foo" is
not associated with group "foo" in any way).

Patch committed with minor style(9) changes.

PR: bin/169471
Submitted by: Alexander Pyhalov <apyhalov@gmail.com>

Part 2 of bug 187310.. had to commit separately due to local confusion.
Don't let pw crash when give certain input.

PR: 187310
Submitted by: Kim Shrier
MFC after: 1 week

Fall back to sha512 if passwd_format is not set.

MFC after: 3 days

There is no reason to disallow setting the password or account expiry
date to the current date.

MFC after: 3 days

Fix -Wunsequenced warning

Submitted by: dt71@gmx.com

Prevent a null pointer dereference in pw userdel when deleting
a user whose group != username.

pw: free group returned by gr_add

Simplify the code by using the new gr_add function

Simplify copying of group members by using memcpy

Submitted by: Christoph Mallon <christoph.mallon@gmx.de>

Fix off-by-one error in memory allocation: j entries, one new and a null
terminator is j + 2.

Submitted by: Christoph Mallon <christoph.mallon@gmx.de>

Fix creating a user and adding it to a group

Reported by: "Sam Fourman Jr." <sfourman@gmail.com>, dim

Avoid overflow of file buffer

Submitted by: db
Approved by: cperciva
MFC after: 2 weeks

Teach pw(8) about how to use pw/gr API to reduce code duplication

MFC after: 2 months

Do not treat empty name as an uid 0

Reported by: Robert Bonomi <bonomi@mail.r-bonomi.com>

Remove useless atoi(3), previous strspn(3) makes sure that a_name->val is a
number.
This also allow pw user show to work as expected.

PR: bin/172112
Submitted by: "Ilya A. Arkhipov" <rum1cro@yandex.ru>
MFC after: 1 month

Handle NULL return from crypt(3). Mostly from DragonFly

In usr.sbin/pw/pw_user.c, use the correct printf length modifier for a
ptrdiff_t.

MFC after: 1 week

Backout r223115 which potentially caused a POLA violation, by restoring
historic behavior (create the default base directory in pw.conf) before
I came up with a better fix for this.

Requested by: nwhitehorn
Approved by: re (kib)

Don't attempt to create the base directory when -d is specified.

MFC after: 1 month

Stop hard-coding default directory mode as 0777.

Do not let pw.conf(5) or -M option affect creation of basehome, e.g., /home.
When the basehome does not exist, it creates all intermediate directories as
required, which is logically equivalent to mkdir(1) with -m and -p options.
However, it modifies all intermediate directories, not just the final home
directory unlike mkdir. This problem was introduced in two revisions, i.e.,
r1.59 (SVN r167919) and r1.60 (SVN r168044).

MFC after: 1 month

A new jail(8) with a configuration file, to replace the work currently done
by /etc/rc.d/jail.

Revert the unrelated patch crept in the previous commit.

Prefer pmap_unmapbios() over pmap_unmapdev(). The binary does not change
after this because pmap_unmapbios() is a macro for pmap_unmapdev() on amd64.

Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.

Make pw(8) build without <utmp.h>.

The size of the username record in utmp files should not influence the
maximum username length. Right now ut_user/ut_name is big enough, so in
this case it's dead code anyway.

- Import the HEAD csup code which is the basis for the cvsmode work.

Use arc4random_uniform() to avoid "modulo bias"

Remove pw_getrand() unneded now: arc4random_uniform() is stronger then
pw_getrand()'s MD5 tricks (inactive) and its active version, mixing
arc4random() bytes in one, not make things better at all.

- Increase the size of the salt in pw(8) from 8 to 32 (same as in pam_unix(8)).
This makes blowfish password hashes look normal when set using
pw(8)/adduser(8). [1]
- Make it possible to have a '/' in the salt.

PR: 121146 [1]
Submitted by: Jaakko Heinonen [1]
Approved by: rwatson (mentor)
MFC after: 1 month

Accept passwords which contain whitespace.

PR: bin/53434

Add home directory creation mode to pw.conf(5) and be a bit
more specific about the effect of the current umask on -M.

Introduce the new option -M to allow to set the permissions of
the user's newly created home directory. If omitted, it's derived
from the current umask.

PR: bin/16880, bin/83253 (partially), bin/104248
MFC in: 1 month

Change /home symbolic link, so it will point to usr/home instead of /usr/home.

Previous symlink was confusing:

# cd /jails/virtual_system_1/home
# realpath .
/usr/home

...and slower.

OK'ed by: rwatson, phk

Use strlcpy(3) to replace the idiomatic

strncpy(d, s, l);
d[l - 1] = '\0';

statements.

Fix a bug which occurred when the home directory given by the
-d option was equal to the one already saved and which caused
the pw utility to avoid updating values passed by other options
processed before the -d option in the code path.

Spotted by: Richard Caley <rjc@interactive.co.uk>

Add a `-H <fd>' option that is like `-h <fd>', but accepts an already
encrypted password on the specified file descriptor.

PR: bin/22033
MFC after: 2 weeks

There is no sense to use random random() and arc4random() in the same program.
Switch to arc4random() completely.

Changes so the 'pw' command will allow '$' as the last character in a userid
or group name (mainly for the benefit of samba). This pretty much rewrites
he pw_checkname() routine, but should work exactly the same except for the
above change, and that error messages are somewhat more informative.

PR: 28733 46890
Inspired by: example patch written by Terry Lambert
Reviewed by: no objections on freebsd-arch and freebsd-current
MFC plans: no plans, but will do if people want it in stable.

Print a long with %ld not %d. (We possibly should be using %j here, but
that can be fixed when the many other warnings here are being fixed.)

PR: 39741
Submitted by: Dan Lukes <dan@obluda.cz>
MFC after: 1 week

Change rmskey() to rmopie() - we don't have skey anymore

For new users, create the home directory before sending the welcome
mail, if configured to do so. Some sites have setups where the user's
mail is delivered to their home directory, so sending mail before is
exists didn't work.

PR: 29892

Properly initialize the random number generator in pw_getpass().
Right now, the automatically generated passwords have been rather
predictable. :-(

MFC after: 1 day

Fix a typo in a variable name that made pw(8) coredump when using
USE_MD5RAND.

MFC after: 2 days

Use %c for expire/change dates

Switch from using rand() or random() to a stronger, more appropriate PRNG
(random() or arc4random())

Reviewed by: bde

Convert to use the <sys/queue.h> macros rather than fiddling with the queue
structure internals.

Reviewed by: markm

Add working and easy crypt(3)-switching. Yes, we need a whole new API
for crypt(3) by now. In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by: peter

Move test for -w flag outside of the code dealing with -D (defaults).
This should cause -w's argument not to be ignored in the usermod case,
so it will affect modification of the user's password instead of using
the pw.conf (or internal default=no '*') password method.
PR: bin/11168

Allow -g with an empty argument in the -D case. This allows -g "" to set
no default group (and thus fall back to user-based groups instead).
PR: bin/5717

Fix another missed case where usermod would not set the "modified" flag:
-h - to set no password. But only mark modified if the account is not
already locked (i.e. first char of crypt password field is '*').
PR: bin/19999

Fix breakage introduced by bypassing update for additional 'mod'
functionality when nothing had actually changed; -d changes would
not set the 'something had changed flag'. Actually test for a
change in homedir.
PR: bin/19649

Localize ctype too.
Add weekday to showuser expired fields

Localize time/date.
Use ISO 8601 date in logs.
Fix wrong argument type in ctype functions.

Fix obvious braino in assignment statement. usermod -g should work again.
PR: 17877
Submitted by: pius@zyan.com

Fix a long-standing bug in the rename case previously masked by another bug
just fixed in .db file updating.

Portability fixes for other bsd4.4 derivatives.

Don't try updating the passwd file if no data has changed. This allows things
like "pw usermod <name> -m" to work for non-local NIS users; since no attempt
is made to update the password entry, the home directory will be created and
populated as expected without error.

Add new functionality "lock" and "unlock" to provide a simple password
locking mechanism for users. This works by prepending the string
"*LOCKED*" to the password field in master.passwd to prevent successful
decoding.

Clean up error handling in fileupdate(), which now returns 0 on success
instead of a boolean. This replicated through he front-end sub-functions
relating to add, delete, modify entries in passwd & group files
Errno is now preserved so output of errc()/warnc() will be less obfuscated
by subsequent errors when reporting the problem.

Add more intelligent error handling when attempting to modify/delete NIS
entries with no corresponding local database entry.

[MFC to stable in a couple of weeks to keep both in sync]

$Id$ -> $FreeBSD$

Remove some more warnings.

Add the ability to print user records in unix version 7 (old) format.

1) Do not blindly ignore file update errors which may occur due to concurrent
updating
2) Add -V <etcdir>, which allows maintaining user/group database in alternate
locations other than /etc.

Don't assume a_name is a number just because the first character
is a digit.

PR: bin/9484
Submitted by: Matthew D. Fuller <fullermd@futuresouth.com>

-Clarification of last commit-
The char that the random letters and numbers are being pulled from is
ended with a '\0'. Using sizeof() includes this '\0' in the 'pool' of
possible characters. This patch decrements by one the size so we don't
accidently end the new password prematurly.

Let's make sure we're at the end of the password string before we apply a \0
and terminate it. This patch ensures passwords will be the correct length of 8,
which is what is implied in the source (but not reflected in the man page).

PR: bin/7817
Reviewed by: Alfred Perlstein <bright@hotjobs.com>
Submitted by: Hiroshi Nishikawa <nis@pluto.dti.ne.jp>

Use err(3) instead of local redefinition. Add rcsid string.

Fix -p switch.

Remove srandomdev fallback code

Fixes skeleton directory test-it-is-a-directory logic.
PR: 3666
Reviewed by:
Submitted by: iaint@css.tuu.utas.edu.au
Obtained from:

Initialize RNG only once
Use srandomdev() now

Fix srandom arg according to Lite2

Back out MAXLOGNAME fix, Bruce points that copyinstr require NUL

Fix MAXLOGNAME usage, the code has wrong assumption that
it must be NUL terminated

Revert $FreeBSD$ to $Id$

Fix useage of MAXLOGNAME to include terminating NUL, by using
max(MAXLOGNAME-1,UT_NAMESIZE).
Tidy up "pretty" printing format for longer usernames.

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Adds optional NIS passwd file updating and optionally rebuilding
NIS maps.

Suggested by: Peter Wemm

Implemented /home -> /usr/home symlink kludge.
If home basedir would be created in the root partition, create
it under /usr instead, and symlink /basedir -> /usr/basedir.

1) Base home directory is created if it does not already exist if
useradd -m or useradd -D -b are used.
2) Hyphen allowed in username if not first character. Fix trivial
bug in error fmt string.
3) /etc/skeykeys updating changed to do 'inplace' update, commenting
out a username rather than removing it completely.

Correct file modes on updated /etc/skeykeys.

1) 200 users per group limitation removed and pw
will handle lines of any length in /etc/group.
2) Fixed bug with usermod -d not updating user's home
directory.
3) Minor formatting display changes/fixes with *show -P.

Bugfix (cosmetic) for output of generated passwords.

Allow 8-bit characters in the passwd gecos field, and adds a paragraph
to the mangpage explaining the consequences (to be updated at a later
date after login class conf support is added).

Changes to password generator: fallback to MD5 generator disabled
(/dev/urandom used by default under FreeBSD), and implemented a
"portable" but less secure generator for other systems.
Add display of expiry/password change dates in -P user display.

Submitted by: proff@iq.org
Minor fix for security patch.

Reviewed by: davidn@blaze.net.au
Submitted by: proff@iq.org
Security patch for better random password generation.

Update from David, reflecting Wolfram's wishes regarding limitation of
the allowable character set.

Submitted by: David Nugent

Copyright update by the author, to be more in line with our sample
copyright.

Submitted by: David Nugent

Upgrade from the author, reflecting all my wishes resulting out of the
sysinstall use of this tool (plus some bug fixes).

2.2 candidate...

Submitted by: David Nugent <davidn@nserver.usn.blaze.net.au>

pw(8) -- a backend utility to manage the user and group databases.

sysinstall's new User&group menu will use it, hence it's a 2.2
candidate despite of providing new functionality.

Submitted by: David L. Nugent, <davidn@blaze.net.au>