diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2002-11-21 21:25:20 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2002-11-21 21:25:20 +0000 |
| commit | 2386d041ffdf7328f29f13e26f6e934109cae29e (patch) | |
| tree | 110d855f9e2fef44139f6dff3b233a9d078b3638 /usr.sbin/pwd_mkdb | |
| parent | e45b5605a588b8dc925887830f0dbb33b7fd38be (diff) | |
Add a "shadow" group and make the shadow passwd db readable by that
group. This changes getpw* to always try the shadow db first and
then fall back to the db w/o password hashes. In the future,
/usr/libexec/auth/login_passwd (and others) will be setgid shadow
instead of setuid root. OK deraadt@
If you track -current you should do the following:
o add group shadow to /etc/group
o chgrp shadow /etc/spwd.db
o chmod 640 /etc/spwd.db
o rebuild and install src/usr.sbin/pwd_mkdb
You do not need to rebuild libc yet, but it would't hurt to do so.
Diffstat (limited to 'usr.sbin/pwd_mkdb')
| -rw-r--r-- | usr.sbin/pwd_mkdb/pwd_mkdb.c | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/usr.sbin/pwd_mkdb/pwd_mkdb.c b/usr.sbin/pwd_mkdb/pwd_mkdb.c index 6148b4441b1..728ad2505ec 100644 --- a/usr.sbin/pwd_mkdb/pwd_mkdb.c +++ b/usr.sbin/pwd_mkdb/pwd_mkdb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Exp $ */ +/* $OpenBSD: pwd_mkdb.c,v 1.31 2002/11/21 21:25:19 millert Exp $ */ /*- * Copyright (c) 1991, 1993, 1994 @@ -45,7 +45,7 @@ static char copyright[] = #if 0 static char sccsid[] = "from: @(#)pwd_mkdb.c 8.5 (Berkeley) 4/20/94"; #else -static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Exp $"; +static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.31 2002/11/21 21:25:19 millert Exp $"; #endif #endif /* not lint */ @@ -56,6 +56,7 @@ static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Ex #include <err.h> #include <errno.h> #include <fcntl.h> +#include <grp.h> #include <limits.h> #include <pwd.h> #include <signal.h> @@ -74,6 +75,8 @@ static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Ex #define FILE_INSECURE 0x02 #define FILE_ORIG 0x04 +#define SHADOW_GROUP "shadow" + HASHINFO openinfo = { 4096, /* bsize */ 32, /* ffactor */ @@ -108,8 +111,10 @@ main(argc, argv) FILE *fp, *oldfp = NULL; struct stat st; struct passwd pwd; + struct group *grp; sigset_t set; uid_t olduid; + gid_t shadow; int ch, tfd, makeold, secureonly, flags, checkonly; char *username, buf[MAX(MAXPATHLEN, LINE_MAX * 2)]; @@ -146,6 +151,11 @@ main(argc, argv) if (argc != 1 || (makeold && secureonly) || (username && (*username == '+' || *username == '-'))) usage(); + + if ((grp = getgrnam(SHADOW_GROUP)) == NULL) + errx(1, "cannot find `%s' in the group database, aborting", + SHADOW_GROUP); + shadow = grp->gr_gid; /* * This could be changed to allow the user to interrupt. @@ -223,6 +233,11 @@ main(argc, argv) } if (!edp) error(buf); + if (fchown(edp->fd(edp), (uid_t)-1, shadow) != 0) + warn("%s: unable to set group to %s", _PATH_SMP_DB, + SHADOW_GROUP); + else if (fchmod(edp->fd(edp), PERM_SECURE|S_IRGRP) != 0) + warn("%s: unable to make group readable", _PATH_SMP_DB); clean |= FILE_SECURE; /* Open the temporary insecure password database. */ |