pw_util.c revision 41711
1204431Sraj/*- 2204431Sraj * Copyright (c) 1990, 1993, 1994 3204431Sraj * The Regents of the University of California. All rights reserved. 4204431Sraj * 5204431Sraj * Redistribution and use in source and binary forms, with or without 6204431Sraj * modification, are permitted provided that the following conditions 7204431Sraj * are met: 8204431Sraj * 1. Redistributions of source code must retain the above copyright 9204431Sraj * notice, this list of conditions and the following disclaimer. 10204431Sraj * 2. Redistributions in binary form must reproduce the above copyright 11204431Sraj * notice, this list of conditions and the following disclaimer in the 12204431Sraj * documentation and/or other materials provided with the distribution. 13204431Sraj * 3. All advertising materials mentioning features or use of this software 14204431Sraj * must display the following acknowledgement: 15204431Sraj * This product includes software developed by the University of 16204431Sraj * California, Berkeley and its contributors. 17204431Sraj * 4. Neither the name of the University nor the names of its contributors 18204431Sraj * may be used to endorse or promote products derived from this software 19204431Sraj * without specific prior written permission. 20204431Sraj * 21204431Sraj * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22204431Sraj * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23204431Sraj * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24204431Sraj * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25204431Sraj * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26204431Sraj * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27238742Simp * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28204431Sraj * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29238742Simp * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30238742Simp * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31238742Simp * SUCH DAMAGE. 32261215Simp */ 33261215Simp 34261215Simp#ifndef lint 35238742Simp#if 0 36261215Simpstatic const char sccsid[] = "@(#)pw_util.c 8.3 (Berkeley) 4/2/94"; 37238742Simp#endif 38238742Simpstatic const char rcsid[] = 39261215Simp "$Id: pw_util.c,v 1.12 1998/12/13 01:36:45 dillon Exp $"; 40238742Simp#endif /* not lint */ 41238742Simp 42238742Simp/* 43238742Simp * This file is used by all the "password" programs; vipw(8), chpass(1), 44238742Simp * and passwd(1). 45261215Simp */ 46261215Simp 47261215Simp#include <sys/param.h> 48261215Simp#include <sys/errno.h> 49261215Simp#include <sys/time.h> 50261215Simp#include <sys/resource.h> 51261215Simp#include <sys/stat.h> 52261215Simp#include <sys/wait.h> 53238742Simp 54238742Simp#include <err.h> 55204431Sraj#include <fcntl.h> 56204431Sraj#include <paths.h> 57238742Simp#include <pwd.h> 58238742Simp#include <signal.h> 59204431Sraj#include <stdio.h> 60204431Sraj#include <stdlib.h> 61204431Sraj#include <string.h> 62204431Sraj#include <unistd.h> 63204431Sraj 64204431Sraj#include "pw_util.h" 65261215Simp 66261215Simpextern char *tempname; 67261215Simpstatic pid_t editpid = -1; 68261215Simpstatic int lockfd; 69261215Simp 70261215Simpvoid 71261215Simppw_cont(sig) 72261215Simp int sig; 73261215Simp{ 74261215Simp 75261215Simp if (editpid != -1) 76261215Simp kill(editpid, sig); 77204431Sraj} 78204431Sraj 79204431Srajvoid 80204431Srajpw_init() 81204431Sraj{ 82204431Sraj struct rlimit rlim; 83204431Sraj 84204431Sraj /* Unlimited resource limits. */ 85204431Sraj rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY; 86204431Sraj (void)setrlimit(RLIMIT_CPU, &rlim); 87204431Sraj (void)setrlimit(RLIMIT_FSIZE, &rlim); 88204431Sraj (void)setrlimit(RLIMIT_STACK, &rlim); 89204431Sraj (void)setrlimit(RLIMIT_DATA, &rlim); 90204431Sraj (void)setrlimit(RLIMIT_RSS, &rlim); 91204431Sraj 92204431Sraj /* Don't drop core (not really necessary, but GP's). */ 93204431Sraj rlim.rlim_cur = rlim.rlim_max = 0; 94204431Sraj (void)setrlimit(RLIMIT_CORE, &rlim); 95204431Sraj 96204431Sraj /* Turn off signals. */ 97204431Sraj (void)signal(SIGALRM, SIG_IGN); 98204431Sraj (void)signal(SIGHUP, SIG_IGN); 99204431Sraj (void)signal(SIGINT, SIG_IGN); 100204431Sraj (void)signal(SIGPIPE, SIG_IGN); 101204431Sraj (void)signal(SIGQUIT, SIG_IGN); 102204431Sraj (void)signal(SIGTERM, SIG_IGN); 103204431Sraj (void)signal(SIGCONT, pw_cont); 104204431Sraj 105204431Sraj /* Create with exact permissions. */ 106204431Sraj (void)umask(0); 107204431Sraj} 108204431Sraj 109204431Srajint 110204431Srajpw_lock() 111204431Sraj{ 112204431Sraj /* 113204431Sraj * If the master password file doesn't exist, the system is hosed. 114204431Sraj * Might as well try to build one. Set the close-on-exec bit so 115204431Sraj * that users can't get at the encrypted passwords while editing. 116204431Sraj * Open should allow flock'ing the file; see 4.4BSD. XXX 117261215Simp */ 118261215Simp for (;;) { 119261215Simp struct stat st; 120261215Simp 121261215Simp lockfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0); 122261215Simp if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1) 123261215Simp err(1, "%s", _PATH_MASTERPASSWD); 124261215Simp if (flock(lockfd, LOCK_EX|LOCK_NB)) 125261215Simp errx(1, "the password db file is busy"); 126261215Simp 127261215Simp /* 128238742Simp * If the password file was replaced while we were trying to 129204431Sraj * get the lock, our hardlink count will be 0 and we have to 130204431Sraj * close and retry. 131204431Sraj */ 132204431Sraj if (fstat(lockfd, &st) < 0) 133204431Sraj errx(1, "fstat() failed"); 134204431Sraj if (st.st_nlink != 0) 135204431Sraj break; 136204431Sraj close(lockfd); 137238742Simp lockfd = -1; 138238742Simp } 139238742Simp return (lockfd); 140238742Simp} 141238742Simp 142238742Simpint 143261215Simppw_tmp() 144261215Simp{ 145238742Simp static char path[MAXPATHLEN] = _PATH_MASTERPASSWD; 146261215Simp int fd; 147238742Simp char *p; 148238742Simp 149238742Simp if ((p = strrchr(path, '/'))) 150238742Simp ++p; 151238742Simp else 152238742Simp p = path; 153238742Simp strcpy(p, "pw.XXXXXX"); 154238742Simp if ((fd = mkstemp(path)) == -1) 155238742Simp err(1, "%s", path); 156238742Simp tempname = path; 157261215Simp return (fd); 158261215Simp} 159261215Simp 160261215Simpint 161261215Simppw_mkdb(username) 162261215Simpchar *username; 163238742Simp{ 164261215Simp int pstat; 165238742Simp pid_t pid; 166238742Simp 167261215Simp (void)fflush(stderr); 168238742Simp if (!(pid = fork())) { 169238742Simp if(!username) { 170238742Simp warnx("rebuilding the database..."); 171261215Simp execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", tempname, NULL); 172238742Simp } else { 173238742Simp warnx("updating the database..."); 174238742Simp execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", "-u", 175238742Simp username, tempname, NULL); 176238742Simp } 177238742Simp pw_error(_PATH_PWD_MKDB, 1, 1); 178238742Simp } 179238742Simp pid = waitpid(pid, &pstat, 0); 180238742Simp if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0) 181238742Simp return (0); 182238742Simp warnx("done"); 183238742Simp return (1); 184238742Simp} 185238742Simp 186238742Simpvoid 187238742Simppw_edit(notsetuid) 188238742Simp int notsetuid; 189238742Simp{ 190238742Simp int pstat; 191238742Simp char *p, *editor; 192261215Simp 193261215Simp if (!(editor = getenv("EDITOR"))) 194261215Simp editor = _PATH_VI; 195261215Simp if ((p = strrchr(editor, '/'))) 196261215Simp ++p; 197261215Simp else 198238742Simp p = editor; 199261215Simp 200238742Simp if (!(editpid = fork())) { 201238742Simp if (notsetuid) { 202238742Simp (void)setgid(getgid()); 203238742Simp (void)setuid(getuid()); 204238742Simp } 205238742Simp errno = 0; 206238742Simp execlp(editor, p, tempname, NULL); 207238742Simp _exit(errno); 208238742Simp } 209238742Simp for (;;) { 210238742Simp editpid = waitpid(editpid, (int *)&pstat, WUNTRACED); 211238742Simp errno = WEXITSTATUS(pstat); 212238742Simp if (editpid == -1) 213238742Simp pw_error(editor, 1, 1); 214238742Simp else if (WIFSTOPPED(pstat)) 215238742Simp raise(WSTOPSIG(pstat)); 216238742Simp else if (WIFEXITED(pstat) && errno == 0) 217238742Simp break; 218238742Simp else 219204431Sraj pw_error(editor, 1, 1); 220204431Sraj } 221204431Sraj editpid = -1; 222204431Sraj} 223204431Sraj 224204431Srajvoid 225204431Srajpw_prompt() 226204431Sraj{ 227204431Sraj int c, first; 228204431Sraj 229204431Sraj (void)printf("re-edit the password file? [y]: "); 230204431Sraj (void)fflush(stdout); 231204431Sraj first = c = getchar(); 232204431Sraj while (c != '\n' && c != EOF) 233204431Sraj c = getchar(); 234204431Sraj if (first == 'n') 235204431Sraj pw_error(NULL, 0, 0); 236204431Sraj} 237204431Sraj 238204431Srajvoid 239204431Srajpw_error(name, err, eval) 240261215Simp char *name; 241261215Simp int err, eval; 242261215Simp{ 243261215Simp#ifdef YP 244261215Simp extern int _use_yp; 245261215Simp#endif /* YP */ 246261215Simp if (err) 247261215Simp warn(name); 248261215Simp#ifdef YP 249261215Simp if (_use_yp) 250261215Simp warnx("NIS information unchanged"); 251261215Simp else 252261215Simp#endif /* YP */ 253261215Simp warnx("%s: unchanged", _PATH_MASTERPASSWD); 254261215Simp (void)unlink(tempname); 255261215Simp exit(eval); 256261215Simp} 257261215Simp