pw_util.c revision 1553 
1321369Sdim/*-
2283625Sdim * Copyright (c) 1990, 1993, 1994
3353358Sdim *	The Regents of the University of California.  All rights reserved.
4353358Sdim *
5353358Sdim * Redistribution and use in source and binary forms, with or without
6283625Sdim * modification, are permitted provided that the following conditions
7283625Sdim * are met:
8283625Sdim * 1. Redistributions of source code must retain the above copyright
9321369Sdim *    notice, this list of conditions and the following disclaimer.
10321369Sdim * 2. Redistributions in binary form must reproduce the above copyright
11283625Sdim *    notice, this list of conditions and the following disclaimer in the
12314564Sdim *    documentation and/or other materials provided with the distribution.
13321369Sdim * 3. All advertising materials mentioning features or use of this software
14321369Sdim *    must display the following acknowledgement:
15321369Sdim *	This product includes software developed by the University of
16314564Sdim *	California, Berkeley and its contributors.
17321369Sdim * 4. Neither the name of the University nor the names of its contributors
18283625Sdim *    may be used to endorse or promote products derived from this software
19360784Sdim *    without specific prior written permission.
20283625Sdim *
21341825Sdim * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22314564Sdim * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23321369Sdim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24283625Sdim * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25283625Sdim * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26296417Sdim * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27321369Sdim * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28321369Sdim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29321369Sdim * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30321369Sdim * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31321369Sdim * SUCH DAMAGE.
32321369Sdim */
33321369Sdim
34321369Sdim#ifndef lint
35283625Sdimstatic char sccsid[] = "@(#)pw_util.c	8.3 (Berkeley) 4/2/94";
36283625Sdim#endif /* not lint */
37283625Sdim
38283625Sdim/*
39321369Sdim * This file is used by all the "password" programs; vipw(8), chpass(1),
40283625Sdim * and passwd(1).
41283625Sdim */
42283625Sdim
43283625Sdim#include <sys/param.h>
44341825Sdim#include <sys/time.h>
45341825Sdim#include <sys/resource.h>
46341825Sdim#include <sys/stat.h>
47341825Sdim#include <sys/wait.h>
48341825Sdim
49360784Sdim#include <err.h>
50341825Sdim#include <errno.h>
51341825Sdim#include <fcntl.h>
52353358Sdim#include <paths.h>
53341825Sdim#include <pwd.h>
54341825Sdim#include <signal.h>
55341825Sdim#include <stdio.h>
56341825Sdim#include <stdlib.h>
57341825Sdim#include <string.h>
58341825Sdim#include <unistd.h>
59341825Sdim
60360784Sdim#include "pw_util.h"
61341825Sdim
62341825Sdimextern char *tempname;
63341825Sdim
64341825Sdimvoid
65341825Sdimpw_init()
66341825Sdim{
67341825Sdim	struct rlimit rlim;
68341825Sdim
69341825Sdim	/* Unlimited resource limits. */
70341825Sdim	rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
71341825Sdim	(void)setrlimit(RLIMIT_CPU, &rlim);
72341825Sdim	(void)setrlimit(RLIMIT_FSIZE, &rlim);
73341825Sdim	(void)setrlimit(RLIMIT_STACK, &rlim);
74360784Sdim	(void)setrlimit(RLIMIT_DATA, &rlim);
75344779Sdim	(void)setrlimit(RLIMIT_RSS, &rlim);
76344779Sdim
77360784Sdim	/* Don't drop core (not really necessary, but GP's). */
78341825Sdim	rlim.rlim_cur = rlim.rlim_max = 0;
79341825Sdim	(void)setrlimit(RLIMIT_CORE, &rlim);
80341825Sdim
81341825Sdim	/* Turn off signals. */
82341825Sdim	(void)signal(SIGALRM, SIG_IGN);
83341825Sdim	(void)signal(SIGHUP, SIG_IGN);
84341825Sdim	(void)signal(SIGINT, SIG_IGN);
85341825Sdim	(void)signal(SIGPIPE, SIG_IGN);
86353358Sdim	(void)signal(SIGQUIT, SIG_IGN);
87341825Sdim	(void)signal(SIGTERM, SIG_IGN);
88341825Sdim	(void)signal(SIGTSTP, SIG_IGN);
89341825Sdim	(void)signal(SIGTTOU, SIG_IGN);
90341825Sdim
91341825Sdim	/* Create with exact permissions. */
92341825Sdim	(void)umask(0);
93341825Sdim}
94341825Sdim
95360784Sdimstatic int lockfd;
96341825Sdim
97341825Sdimint
98341825Sdimpw_lock()
99341825Sdim{
100341825Sdim	/*
101360784Sdim	 * If the master password file doesn't exist, the system is hosed.
102360784Sdim	 * Might as well try to build one.  Set the close-on-exec bit so
103353358Sdim	 * that users can't get at the encrypted passwords while editing.
104360784Sdim	 * Open should allow flock'ing the file; see 4.4BSD.	XXX
105360784Sdim	 */
106360784Sdim	lockfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0);
107341825Sdim	if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1)
108341825Sdim		err(1, "%s", _PATH_MASTERPASSWD);
109296417Sdim	if (flock(lockfd, LOCK_EX|LOCK_NB))
110296417Sdim		errx(1, "the password db file is busy");
111296417Sdim	return (lockfd);
112344779Sdim}
113344779Sdim
114344779Sdimint
115360784Sdimpw_tmp()
116344779Sdim{
117344779Sdim	static char path[MAXPATHLEN] = _PATH_MASTERPASSWD;
118344779Sdim	int fd;
119344779Sdim	char *p;
120283625Sdim
121283625Sdim	if (p = strrchr(path, '/'))
122344779Sdim		++p;
123321369Sdim	else
124321369Sdim		p = path;
125283625Sdim	strcpy(p, "pw.XXXXXX");
126360784Sdim	if ((fd = mkstemp(path)) == -1)
127344779Sdim		err(1, "%s", path);
128283625Sdim	tempname = path;
129344779Sdim	return (fd);
130344779Sdim}
131344779Sdim
132344779Sdimint
133344779Sdimpw_mkdb()
134344779Sdim{
135344779Sdim	int pstat;
136344779Sdim	pid_t pid;
137344779Sdim
138344779Sdim	warnx("rebuilding the database...");
139344779Sdim	(void)fflush(stderr);
140344779Sdim	if (!(pid = vfork())) {
141344779Sdim		execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", tempname, NULL);
142327952Sdim		pw_error(_PATH_PWD_MKDB, 1, 1);
143344779Sdim	}
144344779Sdim	pid = waitpid(pid, &pstat, 0);
145344779Sdim	if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0)
146327952Sdim		return (0);
147344779Sdim	warnx("done");
148344779Sdim	return (1);
149344779Sdim}
150344779Sdim
151344779Sdimvoid
152327952Sdimpw_edit(notsetuid)
153344779Sdim	int notsetuid;
154344779Sdim{
155344779Sdim	int pstat;
156344779Sdim	pid_t pid;
157344779Sdim	char *p, *editor;
158327952Sdim
159283625Sdim	if (!(editor = getenv("EDITOR")))
160344779Sdim		editor = _PATH_VI;
161344779Sdim	if (p = strrchr(editor, '/'))
162344779Sdim		++p;
163344779Sdim	else
164344779Sdim		p = editor;
165344779Sdim
166283625Sdim	if (!(pid = vfork())) {
167283625Sdim		if (notsetuid) {
168327952Sdim			(void)setgid(getgid());
169327952Sdim			(void)setuid(getuid());
170327952Sdim		}
171327952Sdim		execlp(editor, p, tempname, NULL);
172341825Sdim		_exit(1);
173327952Sdim	}
174327952Sdim	pid = waitpid(pid, (int *)&pstat, 0);
175341825Sdim	if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0)
176327952Sdim		pw_error(editor, 1, 1);
177327952Sdim}
178327952Sdim
179327952Sdimvoid
180353358Sdimpw_prompt()
181327952Sdim{
182327952Sdim	int c;
183327952Sdim
184327952Sdim	(void)printf("re-edit the password file? [y]: ");
185327952Sdim	(void)fflush(stdout);
186327952Sdim	c = getchar();
187327952Sdim	if (c != EOF && c != '\n')
188327952Sdim		while (getchar() != '\n');
189327952Sdim	if (c == 'n')
190353358Sdim		pw_error(NULL, 0, 0);
191327952Sdim}
192327952Sdim
193327952Sdimvoid
194283625Sdimpw_error(name, err, eval)
195283625Sdim	char *name;
196321369Sdim	int err, eval;
197283625Sdim{
198283625Sdim	if (err)
199341825Sdim		warn(name);
200283625Sdim
201321369Sdim	warnx("%s: unchanged", _PATH_MASTERPASSWD);
202360784Sdim	(void)unlink(tempname);
203360784Sdim	exit(eval);
204360784Sdim}
205360784Sdim