pw_util.c revision 6972 
1/*-
2 * Copyright (c) 1990, 1993, 1994
3 *	The Regents of the University of California.  All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 *    must display the following acknowledgement:
15 *	This product includes software developed by the University of
16 *	California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 *    may be used to endorse or promote products derived from this software
19 *    without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 */
33
34#ifndef lint
35static char sccsid[] = "@(#)pw_util.c	8.3 (Berkeley) 4/2/94";
36#endif /* not lint */
37
38/*
39 * This file is used by all the "password" programs; vipw(8), chpass(1),
40 * and passwd(1).
41 */
42
43#include <sys/param.h>
44#include <sys/time.h>
45#include <sys/resource.h>
46#include <sys/stat.h>
47#include <sys/wait.h>
48
49#include <err.h>
50#include <errno.h>
51#include <fcntl.h>
52#include <paths.h>
53#include <pwd.h>
54#include <signal.h>
55#include <stdio.h>
56#include <stdlib.h>
57#include <string.h>
58#include <unistd.h>
59
60#include "pw_util.h"
61
62extern char *tempname;
63static pid_t editpid = -1;
64static int lockfd;
65
66void
67pw_cont(sig)
68	int sig;
69{
70
71	if (editpid != -1)
72		kill(editpid, sig);
73}
74
75void
76pw_init()
77{
78	struct rlimit rlim;
79
80	/* Unlimited resource limits. */
81	rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
82	(void)setrlimit(RLIMIT_CPU, &rlim);
83	(void)setrlimit(RLIMIT_FSIZE, &rlim);
84	(void)setrlimit(RLIMIT_STACK, &rlim);
85	(void)setrlimit(RLIMIT_DATA, &rlim);
86	(void)setrlimit(RLIMIT_RSS, &rlim);
87
88	/* Don't drop core (not really necessary, but GP's). */
89	rlim.rlim_cur = rlim.rlim_max = 0;
90	(void)setrlimit(RLIMIT_CORE, &rlim);
91
92	/* Turn off signals. */
93	(void)signal(SIGALRM, SIG_IGN);
94	(void)signal(SIGHUP, SIG_IGN);
95	(void)signal(SIGINT, SIG_IGN);
96	(void)signal(SIGPIPE, SIG_IGN);
97	(void)signal(SIGQUIT, SIG_IGN);
98	(void)signal(SIGTERM, SIG_IGN);
99	(void)signal(SIGCONT, pw_cont);
100
101	/* Create with exact permissions. */
102	(void)umask(0);
103}
104
105int
106pw_lock()
107{
108	/*
109	 * If the master password file doesn't exist, the system is hosed.
110	 * Might as well try to build one.  Set the close-on-exec bit so
111	 * that users can't get at the encrypted passwords while editing.
112	 * Open should allow flock'ing the file; see 4.4BSD.	XXX
113	 */
114	lockfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0);
115	if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1)
116		err(1, "%s", _PATH_MASTERPASSWD);
117	if (flock(lockfd, LOCK_EX|LOCK_NB))
118		errx(1, "the password db file is busy");
119	return (lockfd);
120}
121
122int
123pw_tmp()
124{
125	static char path[MAXPATHLEN] = _PATH_MASTERPASSWD;
126	int fd;
127	char *p;
128
129	if (p = strrchr(path, '/'))
130		++p;
131	else
132		p = path;
133	strcpy(p, "pw.XXXXXX");
134	if ((fd = mkstemp(path)) == -1)
135		err(1, "%s", path);
136	tempname = path;
137	return (fd);
138}
139
140int
141pw_mkdb()
142{
143	int pstat;
144	pid_t pid;
145
146	warnx("rebuilding the database...");
147	(void)fflush(stderr);
148	if (!(pid = vfork())) {
149		execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", tempname, NULL);
150		pw_error(_PATH_PWD_MKDB, 1, 1);
151	}
152	pid = waitpid(pid, &pstat, 0);
153	if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0)
154		return (0);
155	warnx("done");
156	return (1);
157}
158
159void
160pw_edit(notsetuid)
161	int notsetuid;
162{
163	int pstat;
164	char *p, *editor;
165
166	if (!(editor = getenv("EDITOR")))
167		editor = _PATH_VI;
168	if (p = strrchr(editor, '/'))
169		++p;
170	else
171		p = editor;
172
173	if (!(editpid = vfork())) {
174		if (notsetuid) {
175			(void)setgid(getgid());
176			(void)setuid(getuid());
177		}
178		execlp(editor, p, tempname, NULL);
179		_exit(1);
180	}
181	for (;;) {
182		editpid = waitpid(editpid, (int *)&pstat, WUNTRACED);
183		if (editpid == -1)
184			pw_error(editor, 1, 1);
185		else if (WIFSTOPPED(pstat))
186			raise(WSTOPSIG(pstat));
187		else if (WIFEXITED(pstat) && WEXITSTATUS(pstat) == 0)
188			break;
189		else
190			pw_error(editor, 1, 1);
191	}
192	editpid = -1;
193}
194
195void
196pw_prompt()
197{
198	int c;
199
200	(void)printf("re-edit the password file? [y]: ");
201	(void)fflush(stdout);
202	c = getchar();
203	if (c != EOF && c != '\n')
204		while (getchar() != '\n');
205	if (c == 'n')
206		pw_error(NULL, 0, 0);
207}
208
209void
210pw_error(name, err, eval)
211	char *name;
212	int err, eval;
213{
214	if (err)
215		warn(name);
216
217	warnx("%s: unchanged", _PATH_MASTERPASSWD);
218	(void)unlink(tempname);
219	exit(eval);
220}
221