pw_util.c revision 41711 
1204431Sraj/*-
2204431Sraj * Copyright (c) 1990, 1993, 1994
3204431Sraj *	The Regents of the University of California.  All rights reserved.
4204431Sraj *
5204431Sraj * Redistribution and use in source and binary forms, with or without
6204431Sraj * modification, are permitted provided that the following conditions
7204431Sraj * are met:
8204431Sraj * 1. Redistributions of source code must retain the above copyright
9204431Sraj *    notice, this list of conditions and the following disclaimer.
10204431Sraj * 2. Redistributions in binary form must reproduce the above copyright
11204431Sraj *    notice, this list of conditions and the following disclaimer in the
12204431Sraj *    documentation and/or other materials provided with the distribution.
13204431Sraj * 3. All advertising materials mentioning features or use of this software
14204431Sraj *    must display the following acknowledgement:
15204431Sraj *	This product includes software developed by the University of
16204431Sraj *	California, Berkeley and its contributors.
17204431Sraj * 4. Neither the name of the University nor the names of its contributors
18204431Sraj *    may be used to endorse or promote products derived from this software
19204431Sraj *    without specific prior written permission.
20204431Sraj *
21204431Sraj * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22204431Sraj * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23204431Sraj * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24204431Sraj * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25204431Sraj * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26204431Sraj * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27238742Simp * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28204431Sraj * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29238742Simp * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30238742Simp * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31238742Simp * SUCH DAMAGE.
32261215Simp */
33261215Simp
34261215Simp#ifndef lint
35238742Simp#if 0
36261215Simpstatic const char sccsid[] = "@(#)pw_util.c	8.3 (Berkeley) 4/2/94";
37238742Simp#endif
38238742Simpstatic const char rcsid[] =
39261215Simp	"$Id: pw_util.c,v 1.12 1998/12/13 01:36:45 dillon Exp $";
40238742Simp#endif /* not lint */
41238742Simp
42238742Simp/*
43238742Simp * This file is used by all the "password" programs; vipw(8), chpass(1),
44238742Simp * and passwd(1).
45261215Simp */
46261215Simp
47261215Simp#include <sys/param.h>
48261215Simp#include <sys/errno.h>
49261215Simp#include <sys/time.h>
50261215Simp#include <sys/resource.h>
51261215Simp#include <sys/stat.h>
52261215Simp#include <sys/wait.h>
53238742Simp
54238742Simp#include <err.h>
55204431Sraj#include <fcntl.h>
56204431Sraj#include <paths.h>
57238742Simp#include <pwd.h>
58238742Simp#include <signal.h>
59204431Sraj#include <stdio.h>
60204431Sraj#include <stdlib.h>
61204431Sraj#include <string.h>
62204431Sraj#include <unistd.h>
63204431Sraj
64204431Sraj#include "pw_util.h"
65261215Simp
66261215Simpextern char *tempname;
67261215Simpstatic pid_t editpid = -1;
68261215Simpstatic int lockfd;
69261215Simp
70261215Simpvoid
71261215Simppw_cont(sig)
72261215Simp	int sig;
73261215Simp{
74261215Simp
75261215Simp	if (editpid != -1)
76261215Simp		kill(editpid, sig);
77204431Sraj}
78204431Sraj
79204431Srajvoid
80204431Srajpw_init()
81204431Sraj{
82204431Sraj	struct rlimit rlim;
83204431Sraj
84204431Sraj	/* Unlimited resource limits. */
85204431Sraj	rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
86204431Sraj	(void)setrlimit(RLIMIT_CPU, &rlim);
87204431Sraj	(void)setrlimit(RLIMIT_FSIZE, &rlim);
88204431Sraj	(void)setrlimit(RLIMIT_STACK, &rlim);
89204431Sraj	(void)setrlimit(RLIMIT_DATA, &rlim);
90204431Sraj	(void)setrlimit(RLIMIT_RSS, &rlim);
91204431Sraj
92204431Sraj	/* Don't drop core (not really necessary, but GP's). */
93204431Sraj	rlim.rlim_cur = rlim.rlim_max = 0;
94204431Sraj	(void)setrlimit(RLIMIT_CORE, &rlim);
95204431Sraj
96204431Sraj	/* Turn off signals. */
97204431Sraj	(void)signal(SIGALRM, SIG_IGN);
98204431Sraj	(void)signal(SIGHUP, SIG_IGN);
99204431Sraj	(void)signal(SIGINT, SIG_IGN);
100204431Sraj	(void)signal(SIGPIPE, SIG_IGN);
101204431Sraj	(void)signal(SIGQUIT, SIG_IGN);
102204431Sraj	(void)signal(SIGTERM, SIG_IGN);
103204431Sraj	(void)signal(SIGCONT, pw_cont);
104204431Sraj
105204431Sraj	/* Create with exact permissions. */
106204431Sraj	(void)umask(0);
107204431Sraj}
108204431Sraj
109204431Srajint
110204431Srajpw_lock()
111204431Sraj{
112204431Sraj	/*
113204431Sraj	 * If the master password file doesn't exist, the system is hosed.
114204431Sraj	 * Might as well try to build one.  Set the close-on-exec bit so
115204431Sraj	 * that users can't get at the encrypted passwords while editing.
116204431Sraj	 * Open should allow flock'ing the file; see 4.4BSD.	XXX
117261215Simp	 */
118261215Simp	for (;;) {
119261215Simp		struct stat st;
120261215Simp
121261215Simp		lockfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0);
122261215Simp		if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1)
123261215Simp			err(1, "%s", _PATH_MASTERPASSWD);
124261215Simp		if (flock(lockfd, LOCK_EX|LOCK_NB))
125261215Simp			errx(1, "the password db file is busy");
126261215Simp
127261215Simp		/*
128238742Simp		 * If the password file was replaced while we were trying to
129204431Sraj		 * get the lock, our hardlink count will be 0 and we have to
130204431Sraj		 * close and retry.
131204431Sraj		 */
132204431Sraj		if (fstat(lockfd, &st) < 0)
133204431Sraj			errx(1, "fstat() failed");
134204431Sraj		if (st.st_nlink != 0)
135204431Sraj			break;
136204431Sraj		close(lockfd);
137238742Simp		lockfd = -1;
138238742Simp	}
139238742Simp	return (lockfd);
140238742Simp}
141238742Simp
142238742Simpint
143261215Simppw_tmp()
144261215Simp{
145238742Simp	static char path[MAXPATHLEN] = _PATH_MASTERPASSWD;
146261215Simp	int fd;
147238742Simp	char *p;
148238742Simp
149238742Simp	if ((p = strrchr(path, '/')))
150238742Simp		++p;
151238742Simp	else
152238742Simp		p = path;
153238742Simp	strcpy(p, "pw.XXXXXX");
154238742Simp	if ((fd = mkstemp(path)) == -1)
155238742Simp		err(1, "%s", path);
156238742Simp	tempname = path;
157261215Simp	return (fd);
158261215Simp}
159261215Simp
160261215Simpint
161261215Simppw_mkdb(username)
162261215Simpchar *username;
163238742Simp{
164261215Simp	int pstat;
165238742Simp	pid_t pid;
166238742Simp
167261215Simp	(void)fflush(stderr);
168238742Simp	if (!(pid = fork())) {
169238742Simp		if(!username) {
170238742Simp			warnx("rebuilding the database...");
171261215Simp			execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", tempname, NULL);
172238742Simp		} else {
173238742Simp			warnx("updating the database...");
174238742Simp			execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", "-u",
175238742Simp					username, tempname, NULL);
176238742Simp		}
177238742Simp		pw_error(_PATH_PWD_MKDB, 1, 1);
178238742Simp	}
179238742Simp	pid = waitpid(pid, &pstat, 0);
180238742Simp	if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0)
181238742Simp		return (0);
182238742Simp	warnx("done");
183238742Simp	return (1);
184238742Simp}
185238742Simp
186238742Simpvoid
187238742Simppw_edit(notsetuid)
188238742Simp	int notsetuid;
189238742Simp{
190238742Simp	int pstat;
191238742Simp	char *p, *editor;
192261215Simp
193261215Simp	if (!(editor = getenv("EDITOR")))
194261215Simp		editor = _PATH_VI;
195261215Simp	if ((p = strrchr(editor, '/')))
196261215Simp		++p;
197261215Simp	else
198238742Simp		p = editor;
199261215Simp
200238742Simp	if (!(editpid = fork())) {
201238742Simp		if (notsetuid) {
202238742Simp			(void)setgid(getgid());
203238742Simp			(void)setuid(getuid());
204238742Simp		}
205238742Simp		errno = 0;
206238742Simp		execlp(editor, p, tempname, NULL);
207238742Simp		_exit(errno);
208238742Simp	}
209238742Simp	for (;;) {
210238742Simp		editpid = waitpid(editpid, (int *)&pstat, WUNTRACED);
211238742Simp		errno = WEXITSTATUS(pstat);
212238742Simp		if (editpid == -1)
213238742Simp			pw_error(editor, 1, 1);
214238742Simp		else if (WIFSTOPPED(pstat))
215238742Simp			raise(WSTOPSIG(pstat));
216238742Simp		else if (WIFEXITED(pstat) && errno == 0)
217238742Simp			break;
218238742Simp		else
219204431Sraj			pw_error(editor, 1, 1);
220204431Sraj	}
221204431Sraj	editpid = -1;
222204431Sraj}
223204431Sraj
224204431Srajvoid
225204431Srajpw_prompt()
226204431Sraj{
227204431Sraj	int c, first;
228204431Sraj
229204431Sraj	(void)printf("re-edit the password file? [y]: ");
230204431Sraj	(void)fflush(stdout);
231204431Sraj	first = c = getchar();
232204431Sraj	while (c != '\n' && c != EOF)
233204431Sraj		c = getchar();
234204431Sraj	if (first == 'n')
235204431Sraj		pw_error(NULL, 0, 0);
236204431Sraj}
237204431Sraj
238204431Srajvoid
239204431Srajpw_error(name, err, eval)
240261215Simp	char *name;
241261215Simp	int err, eval;
242261215Simp{
243261215Simp#ifdef YP
244261215Simp	extern int _use_yp;
245261215Simp#endif /* YP */
246261215Simp	if (err)
247261215Simp		warn(name);
248261215Simp#ifdef YP
249261215Simp	if (_use_yp)
250261215Simp		warnx("NIS information unchanged");
251261215Simp	else
252261215Simp#endif /* YP */
253261215Simp	warnx("%s: unchanged", _PATH_MASTERPASSWD);
254261215Simp	(void)unlink(tempname);
255261215Simp	exit(eval);
256261215Simp}
257261215Simp