* Copyright (c) 1990 - 1994, Julianne Frances Haugh
* Copyright (c) 2006 , Tomasz Kłoczko
* Copyright (c) 2006 , Jonas Meurer
- * Copyright (c) 2007 - 2008, Nicolas François
+ * Copyright (c) 2007 - 2011, Nicolas François
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
+#ifdef ACCT_TOOLS_SETUID
#ifdef USE_PAM
#include "pam_defs.h"
#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
#include "defines.h"
#include "nscd.h"
#include "prototypes.h"
#ifdef SHADOWGRP
#include "sgroupio.h"
#endif
+/*@-exitarg@*/
+#include "exitcodes.h"
+
/*
* Global variables
*/
-static char *Prog;
-static bool cflg = false;
+const char *Prog;
static bool eflg = false;
static bool md5flg = false;
+#ifdef USE_SHA_CRYPT
static bool sflg = false;
+#endif
-static const char *crypt_method = NULL;
+static /*@null@*//*@observer@*/const char *crypt_method = NULL;
+#define cflg (NULL != crypt_method)
+#ifdef USE_SHA_CRYPT
static long sha_rounds = 5000;
+#endif
#ifdef SHADOWGRP
static bool is_shadow_grp;
+static bool sgr_locked = false;
#endif
-
-#ifdef USE_PAM
-static pam_handle_t *pamh = NULL;
-#endif
+static bool gr_locked = false;
/* local function prototypes */
-static void usage (void);
+static void fail_exit (int code);
+static /*@noreturn@*/void usage (int status);
static void process_flags (int argc, char **argv);
static void check_flags (void);
static void check_perms (void);
static void open_files (void);
static void close_files (void);
+/*
+ * fail_exit - exit with a failure code after unlocking the files
+ */
+static void fail_exit (int code)
+{
+ if (gr_locked) {
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
+ }
+ }
+
+#ifdef SHADOWGRP
+ if (sgr_locked) {
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
+ }
+ }
+#endif
+
+ exit (code);
+}
+
/*
* usage - display usage message and exit
*/
-static void usage (void)
+static /*@noreturn@*/void usage (int status)
{
- fprintf (stderr, _("Usage: %s [options]\n"
- "\n"
- "Options:\n"
- " -c, --crypt-method the crypt method (one of %s)\n"
- " -e, --encrypted supplied passwords are encrypted\n"
- " -h, --help display this help message and exit\n"
- " -m, --md5 encrypt the clear text password using\n"
- " the MD5 algorithm\n"
- "%s"
- "\n"),
- Prog,
+ FILE *usageout = (E_SUCCESS != status) ? stderr : stdout;
+ (void) fprintf (usageout,
+ _("Usage: %s [options]\n"
+ "\n"
+ "Options:\n"),
+ Prog);
+ (void) fprintf (usageout,
+ _(" -c, --crypt-method <METHOD> the crypt method (one of %s)\n"),
#ifndef USE_SHA_CRYPT
- "NONE DES MD5", ""
-#else
- "NONE DES MD5 SHA256 SHA512",
- _(" -s, --sha-rounds number of SHA rounds for the SHA*\n"
- " crypt algorithms\n")
-#endif
- );
- exit (1);
+ "NONE DES MD5"
+#else /* USE_SHA_CRYPT */
+ "NONE DES MD5 SHA256 SHA512"
+#endif /* USE_SHA_CRYPT */
+ );
+ (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout);
+ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout);
+ (void) fputs (_(" -m, --md5 encrypt the clear text password using\n"
+ " the MD5 algorithm\n"),
+ usageout);
+ (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout);
+#ifdef USE_SHA_CRYPT
+ (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n"
+ " crypt algorithms\n"),
+ usageout);
+#endif /* USE_SHA_CRYPT */
+ (void) fputs ("\n", usageout);
+
+ exit (status);
}
/*
*/
static void process_flags (int argc, char **argv)
{
- int option_index = 0;
int c;
static struct option long_options[] = {
{"crypt-method", required_argument, NULL, 'c'},
{"encrypted", no_argument, NULL, 'e'},
{"help", no_argument, NULL, 'h'},
{"md5", no_argument, NULL, 'm'},
+ {"root", required_argument, NULL, 'R'},
#ifdef USE_SHA_CRYPT
{"sha-rounds", required_argument, NULL, 's'},
#endif
while ((c = getopt_long (argc, argv,
#ifdef USE_SHA_CRYPT
- "c:ehms:",
+ "c:ehmR:s:",
#else
- "c:ehm",
+ "c:ehmR:",
#endif
- long_options, &option_index)) != -1) {
+ long_options, NULL)) != -1) {
switch (c) {
case 'c':
- cflg = true;
crypt_method = optarg;
break;
case 'e':
eflg = true;
break;
case 'h':
- usage ();
- break;
+ usage (E_SUCCESS);
+ /*@notreached@*/break;
case 'm':
md5flg = true;
break;
+ case 'R': /* no-op, handled in process_root_flag () */
+ break;
#ifdef USE_SHA_CRYPT
case 's':
sflg = true;
- if (getlong(optarg, &sha_rounds) != 0) {
+ if (getlong(optarg, &sha_rounds) == 0) {
fprintf (stderr,
_("%s: invalid numeric argument '%s'\n"),
Prog, optarg);
- usage ();
+ usage (E_USAGE);
}
break;
#endif
- case 0:
- /* long option */
- break;
default:
- usage ();
- break;
+ usage (E_USAGE);
+ /*@notreached@*/break;
}
}
*/
static void check_flags (void)
{
+#ifdef USE_SHA_CRYPT
if (sflg && !cflg) {
fprintf (stderr,
_("%s: %s flag is only allowed with the %s flag\n"),
Prog, "-s", "-c");
- usage ();
+ usage (E_USAGE);
}
+#endif
if ((eflg && (md5flg || cflg)) ||
(md5flg && cflg)) {
fprintf (stderr,
_("%s: the -c, -e, and -m flags are exclusive\n"),
Prog);
- usage ();
+ usage (E_USAGE);
}
if (cflg) {
- if ( 0 != strcmp (crypt_method, "DES")
- && 0 != strcmp (crypt_method, "MD5")
- && 0 != strcmp (crypt_method, "NONE")
+ if ( (0 != strcmp (crypt_method, "DES"))
+ && (0 != strcmp (crypt_method, "MD5"))
+ && (0 != strcmp (crypt_method, "NONE"))
#ifdef USE_SHA_CRYPT
- && 0 != strcmp (crypt_method, "SHA256")
- && 0 != strcmp (crypt_method, "SHA512")
+ && (0 != strcmp (crypt_method, "SHA256"))
+ && (0 != strcmp (crypt_method, "SHA512"))
#endif
) {
fprintf (stderr,
_("%s: unsupported crypt method: %s\n"),
Prog, crypt_method);
- usage ();
+ usage (E_USAGE);
}
}
}
*/
static void check_perms (void)
{
+#ifdef ACCT_TOOLS_SETUID
#ifdef USE_PAM
- int retval = PAM_SUCCESS;
+ pam_handle_t *pamh = NULL;
+ int retval;
struct passwd *pampw;
pampw = getpwuid (getuid ()); /* local, no need for xgetpwuid */
- if (pampw == NULL) {
- retval = PAM_USER_UNKNOWN;
+ if (NULL == pampw) {
+ fprintf (stderr,
+ _("%s: Cannot determine your user name.\n"),
+ Prog);
+ exit (1);
}
- if (retval == PAM_SUCCESS) {
- retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
- }
+ retval = pam_start ("chgpasswd", pampw->pw_name, &conv, &pamh);
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_authenticate (pamh, 0);
- if (retval != PAM_SUCCESS) {
- pam_end (pamh, retval);
- }
}
- if (retval == PAM_SUCCESS) {
+ if (PAM_SUCCESS == retval) {
retval = pam_acct_mgmt (pamh, 0);
- if (retval != PAM_SUCCESS) {
- pam_end (pamh, retval);
- }
}
- if (retval != PAM_SUCCESS) {
+ if (NULL != pamh) {
+ (void) pam_end (pamh, retval);
+ }
+ if (PAM_SUCCESS != retval) {
fprintf (stderr, _("%s: PAM authentication failed\n"), Prog);
exit (1);
}
#endif /* USE_PAM */
+#endif /* ACCT_TOOLS_SETUID */
}
/*
*/
if (gr_lock () == 0) {
fprintf (stderr,
- _("%s: cannot lock %s\n"), Prog, gr_dbname ());
- exit (1);
+ _("%s: cannot lock %s; try again later.\n"),
+ Prog, gr_dbname ());
+ fail_exit (1);
}
+ gr_locked = true;
if (gr_open (O_RDWR) == 0) {
fprintf (stderr,
_("%s: cannot open %s\n"), Prog, gr_dbname ());
- gr_unlock ();
- exit (1);
+ fail_exit (1);
}
#ifdef SHADOWGRP
/* Do the same for the shadowed database, if it exist */
if (is_shadow_grp) {
if (sgr_lock () == 0) {
- fprintf (stderr, _("%s: cannot lock %s\n"),
+ fprintf (stderr,
+ _("%s: cannot lock %s; try again later.\n"),
Prog, sgr_dbname ());
- gr_unlock ();
- exit (1);
+ fail_exit (1);
}
+ sgr_locked = true;
if (sgr_open (O_RDWR) == 0) {
fprintf (stderr, _("%s: cannot open %s\n"),
Prog, sgr_dbname ());
- gr_unlock ();
- sgr_unlock ();
- exit (1);
+ fail_exit (1);
}
}
#endif
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, sgr_dbname ());
- gr_unlock ();
- exit (1);
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", sgr_dbname ()));
+ fail_exit (1);
+ }
+ if (sgr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, sgr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", sgr_dbname ()));
+ /* continue */
}
- sgr_unlock ();
+ sgr_locked = false;
}
#endif
fprintf (stderr,
_("%s: failure while writing changes to %s\n"),
Prog, gr_dbname ());
- exit (1);
+ SYSLOG ((LOG_ERR, "failure while writing changes to %s", gr_dbname ()));
+ fail_exit (1);
+ }
+ if (gr_unlock () == 0) {
+ fprintf (stderr, _("%s: failed to unlock %s\n"), Prog, gr_dbname ());
+ SYSLOG ((LOG_ERR, "failed to unlock %s", gr_dbname ()));
+ /* continue */
}
- gr_unlock ();
+ gr_locked = false;
}
int main (int argc, char **argv)
struct group newgr;
int errors = 0;
int line = 0;
- int ok;
Prog = Basename (argv[0]);
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);
- process_flags(argc, argv);
+ process_root_flag ("-R", argc, argv);
+
+ process_flags (argc, argv);
+
+ OPENLOG ("chgpasswd");
check_perms ();
continue;
}
newpwd = cp;
- if (!eflg &&
- (NULL == crypt_method ||
- 0 != strcmp(crypt_method, "NONE"))) {
+ if ( (!eflg)
+ && ( (NULL == crypt_method)
+ || (0 != strcmp (crypt_method, "NONE")))) {
void *arg = NULL;
if (md5flg) {
crypt_method = "MD5";
- } else if (crypt_method != NULL) {
- if (sflg) {
- arg = &sha_rounds;
- }
- } else {
- crypt_method = NULL;
}
+#ifdef USE_SHA_CRYPT
+ if (sflg) {
+ arg = &sha_rounds;
+ }
+#endif
cp = pw_encrypt (newpwd,
- crypt_make_salt(crypt_method, arg));
+ crypt_make_salt (crypt_method, arg));
}
/*
}
#ifdef SHADOWGRP
if (is_shadow_grp) {
+ /* The gshadow entry should be updated if the
+ * group entry has a password set to 'x'.
+ * But on the other hand, if there is already both
+ * a group and a gshadow password, it's preferable
+ * to update both.
+ */
sg = sgr_locate (name);
+
+ if ( (NULL == sg)
+ && (strcmp (gr->gr_passwd,
+ SHADOW_PASSWD_STRING) == 0)) {
+ static char *empty = NULL;
+ /* If the password is set to 'x' in
+ * group, but there are no entries in
+ * gshadow, create one.
+ */
+ newsg.sg_name = name;
+ /* newsg.sg_passwd = NULL; will be set later */
+ newsg.sg_adm = ∅
+ newsg.sg_mem = dup_list (gr->gr_mem);
+ sg = &newsg;
+ }
} else {
sg = NULL;
}
if (NULL != sg) {
newsg = *sg;
newsg.sg_passwd = cp;
- } else
+ }
+ if ( (NULL == sg)
+ || (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0))
#endif
{
newgr = *gr;
*/
#ifdef SHADOWGRP
if (NULL != sg) {
- ok = sgr_update (&newsg);
- } else
+ if (sgr_update (&newsg) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+ Prog, line, sgr_dbname (), newsg.sg_name);
+ errors++;
+ continue;
+ }
+ }
+ if ( (NULL == sg)
+ || (strcmp (gr->gr_passwd, SHADOW_PASSWD_STRING) != 0))
#endif
{
- ok = gr_update (&newgr);
- }
-
- if (0 == ok) {
- fprintf (stderr,
- _
- ("%s: line %d: cannot update group entry\n"),
- Prog, line);
- errors++;
- continue;
+ if (gr_update (&newgr) == 0) {
+ fprintf (stderr,
+ _("%s: line %d: failed to prepare the new %s entry '%s'\n"),
+ Prog, line, gr_dbname (), newgr.gr_name);
+ errors++;
+ continue;
+ }
}
}
if (0 != errors) {
fprintf (stderr,
_("%s: error detected, changes ignored\n"), Prog);
-#ifdef SHADOWGRP
- if (is_shadow_grp) {
- sgr_unlock ();
- }
-#endif
- gr_unlock ();
- exit (1);
+ fail_exit (1);
}
close_files ();
nscd_flush_cache ("group");
-#ifdef USE_PAM
- pam_end (pamh, PAM_SUCCESS);
-#endif /* USE_PAM */
-
return (0);
}