From 4fa365e5f68d2c3c6707044db9557cc80667ebe7 Mon Sep 17 00:00:00 2001 From: Niklas Hallqvist Date: Tue, 17 Jun 1997 10:13:15 +0000 Subject: Add a -d flag which takes the directory where the YP password files are. This change makes it possible to separate the host's passwords from the ones served to YP clients. --- libexec/rpc.yppasswdd/rpc.yppasswdd.8 | 8 +- libexec/rpc.yppasswdd/rpc.yppasswdd.c | 13 ++- libexec/rpc.yppasswdd/yppasswdd_mkpw.c | 168 ++++++++++++++++++++++----------- 3 files changed, 129 insertions(+), 60 deletions(-) (limited to 'libexec/rpc.yppasswdd') diff --git a/libexec/rpc.yppasswdd/rpc.yppasswdd.8 b/libexec/rpc.yppasswdd/rpc.yppasswdd.8 index 0516252cc31..e480178b012 100644 --- a/libexec/rpc.yppasswdd/rpc.yppasswdd.8 +++ b/libexec/rpc.yppasswdd/rpc.yppasswdd.8 @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: rpc.yppasswdd.8,v 1.5 1996/10/23 18:55:31 deraadt Exp $ +.\" $Id: rpc.yppasswdd.8,v 1.6 1997/06/17 10:13:12 niklas Exp $ .\" .Dd July 3, 1994 .Dt RPC.YPPASSWDD 8 @@ -37,6 +37,7 @@ .Nd YP update password file daemon .Sh SYNOPSIS .Nm rpc.yppasswdd +.Op Fl d Ar directory .Op Fl noshell .Op Fl nogecos .Op Fl nopw @@ -47,7 +48,7 @@ must be running on the YP master server to allow users to change information in the password file. If the user needs to change his password this is normally done with a program called .Nm yppasswd . -This program doesn't exists in OpenBSD but is integrated into +This program doesn't exist in OpenBSD but is integrated into .Xr passwd 1 . .Nm passwd will automatically determine which password database should @@ -64,6 +65,9 @@ exists then messages will be written to the file. .Pp The options are as follows: .Bl -tag -width indent +.It Fl d Ar directory +Use the specified directory to get at the password-related files instead +of /etc. .It Fl noshell Don't allow changes of the shell field in the passwd file. .It Fl nogecos diff --git a/libexec/rpc.yppasswdd/rpc.yppasswdd.c b/libexec/rpc.yppasswdd/rpc.yppasswdd.c index 9ff4879d59a..c092f50a3da 100644 --- a/libexec/rpc.yppasswdd/rpc.yppasswdd.c +++ b/libexec/rpc.yppasswdd/rpc.yppasswdd.c @@ -30,7 +30,7 @@ */ #ifndef LINT -static char rcsid[] = "$Id: rpc.yppasswdd.c,v 1.4 1997/04/23 09:33:43 deraadt Exp $"; +static char rcsid[] = "$Id: rpc.yppasswdd.c,v 1.5 1997/06/17 10:13:13 niklas Exp $"; #endif #include @@ -41,6 +41,7 @@ static char rcsid[] = "$Id: rpc.yppasswdd.c,v 1.4 1997/04/23 09:33:43 deraadt Ex #include #include #include +#include #include "yppasswd.h" @@ -51,13 +52,15 @@ int noshell, nogecos, nopw, domake; char make_arg[1024] = "make"; char *progname = "yppasswdd"; char *tempname; +char *dir; void usage() { - fprintf(stderr, "%s%s", + fprintf(stderr, "%s%s%s", "usage: rpc.yppasswdd ", - "[-noshell] [-nogecos] [-nopw] [-m arg1 arg2 ... ]\n"); + "[-d dir] [-noshell] [-nogecos] [-nopw]\n", + " [-m arg1 arg2 ... ]\n"); exit(1); } @@ -84,6 +87,10 @@ main(argc, argv) strcat(make_arg, argv[i]); i++; } + } else if (strcmp("-d", argv[i]) == 0 + && i < argc + 1) { + i++; + dir = argv[i]; } else usage(); i++; diff --git a/libexec/rpc.yppasswdd/yppasswdd_mkpw.c b/libexec/rpc.yppasswdd/yppasswdd_mkpw.c index fdcb84d082f..7c0b9c2567d 100644 --- a/libexec/rpc.yppasswdd/yppasswdd_mkpw.c +++ b/libexec/rpc.yppasswdd/yppasswdd_mkpw.c @@ -30,25 +30,30 @@ */ #ifndef LINT -static char rcsid[] = "$Id: yppasswdd_mkpw.c,v 1.12 1997/02/18 23:38:58 provos Exp $"; +static char rcsid[] = "$Id: yppasswdd_mkpw.c,v 1.13 1997/06/17 10:13:14 niklas Exp $"; #endif +#include #include #include #include #include #include #include +#include #include #include #include #include +#include +#include extern int noshell; extern int nogecos; extern int nopw; extern int make; extern char make_arg[]; +extern char *dir; int badchars(base) @@ -70,28 +75,97 @@ badchars(base) return 0; } +int +subst(s, from, to) + char *s; + char from, to; +{ + int n = 0; + + while (*s) { + if (*s == from) { + *s = to; + n++; + } + s++; + } + return (n); +} + int make_passwd(argp) yppasswd *argp; { - struct passwd *pw; + struct passwd pw; int pfd, tfd; - char buf[10], *p; - int alen; + char buf[10], *bp = NULL, *p, *t; + int n; + ssize_t cnt; + size_t resid; + struct stat st; + char *master; - pw = getpwnam(argp->newpw.pw_name); - if (!pw) - return (1); - - if (strcmp(crypt(argp->oldpass, pw->pw_passwd), pw->pw_passwd) != 0) + pw_init(); + if (dir) + pw_setdir(dir); + master = pw_file(_PATH_MASTERPASSWD); + if (!master) return (1); + pfd = open(master, O_RDONLY); + if (pfd < 0) + goto fail; + if (fstat(pfd, &st)) + goto fail; + p = bp = malloc((resid = st.st_size) + 1); + do { + cnt = read(pfd, p, resid); + if (cnt < 0) + goto fail; + p += cnt; + resid -= cnt; + } while (resid > 0); + close(pfd); + pfd = -1; + *p = '\0'; /* Buf oflow prevention */ + + p = bp; + subst(p, '\n', '\0'); + for (n = 1; p < bp + st.st_size; n++, p = t) { + t = strchr(p, '\0') + 1; + cnt = subst(p, ':', '\0'); + if (cnt != 9) { + syslog(LOG_WARNING, "bad entry at line %d of %s", n, + master); + continue; + } + + if (strcmp(p, argp->newpw.pw_name) == 0) + break; + } + if (p >= bp + st.st_size) + goto fail; + +#define EXPAND(e) e = p; while (*p++); + EXPAND(pw.pw_name); + EXPAND(pw.pw_passwd); + pw.pw_uid = atoi(p); EXPAND(t); + pw.pw_gid = atoi(p); EXPAND(t); + EXPAND(pw.pw_class); + pw.pw_change = (time_t)atol(p); EXPAND(t); + pw.pw_expire = (time_t)atol(p); EXPAND(t); + EXPAND(pw.pw_gecos); + EXPAND(pw.pw_dir); + EXPAND(pw.pw_shell); + + if (strcmp(crypt(argp->oldpass, pw.pw_passwd), pw.pw_passwd) != 0) + goto fail; if (!nopw && badchars(argp->newpw.pw_passwd)) - return (1); + goto fail; if (!nogecos && badchars(argp->newpw.pw_gecos)) - return (1); + goto fail; if (!nogecos && badchars(argp->newpw.pw_shell)) - return (1); + goto fail; /* * Get the new password. Reset passwd change time to zero; when @@ -99,64 +173,48 @@ make_passwd(argp) * class and reset the timer. */ if (!nopw) { - pw->pw_passwd = argp->newpw.pw_passwd; - pw->pw_change = 0; + pw.pw_passwd = argp->newpw.pw_passwd; + pw.pw_change = 0; } if (!nogecos) - pw->pw_gecos = argp->newpw.pw_gecos; + pw.pw_gecos = argp->newpw.pw_gecos; if (!noshell) - pw->pw_shell = argp->newpw.pw_shell; + pw.pw_shell = argp->newpw.pw_shell; - for (alen = 0, p = pw->pw_gecos; *p; p++) + for (n = 0, p = pw.pw_gecos; *p; p++) if (*p == '&') - alen = alen + strlen(pw->pw_name) - 1; - if (strlen(pw->pw_name) + 1 + strlen(pw->pw_passwd) + 1 + - strlen((sprintf(buf, "%d", pw->pw_uid), buf)) + 1 + - strlen((sprintf(buf, "%d", pw->pw_gid), buf)) + 1 + - strlen(pw->pw_gecos) + alen + 1 + strlen(pw->pw_dir) + 1 + - strlen(pw->pw_shell) >= 1023) { - return (1); + n = n + strlen(pw.pw_name) - 1; + if (strlen(pw.pw_name) + 1 + strlen(pw.pw_passwd) + 1 + + strlen((sprintf(buf, "%d", pw.pw_uid), buf)) + 1 + + strlen((sprintf(buf, "%d", pw.pw_gid), buf)) + 1 + + strlen(pw.pw_gecos) + n + 1 + strlen(pw.pw_dir) + 1 + + strlen(pw.pw_shell) >= 1023) + goto fail; + + pfd = open(master, O_RDONLY, 0); + if (pfd < 0) { + syslog(LOG_ERR, "cannot open %s", master); + goto fail; } - pfd = open(_PATH_MASTERPASSWD, O_RDONLY, 0); - if (pfd < 0) - pw_error(_PATH_MASTERPASSWD, 1, 1); - - pw_init(); tfd = pw_lock(0); - - pw_copy(pfd, tfd, pw); + pw_copy(pfd, tfd, &pw); pw_mkdb(); + free(bp); if (fork() == 0) { chdir("/var/yp"); - (void) umask(022); + (void)umask(022); system(make_arg); exit(0); } return (0); -} -/* -int -do_mkdb() -{ - int pstat; - pid_t pid; - - (void)printf("%s: rebuilding the database...\n", progname); - (void)fflush(stdout); - if (!(pid = vfork())) { - execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", tempname, NULL); - warn(_PATH_PWD_MKDB); - warnx("%s: unchanged", _PATH_MASTERPASSWD); - pw_abort(); - _exit(1); - } - pid = waitpid(pid, &pstat, 0); - if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0) - return(0); - (void)printf("%s: done\n", progname); - return(1); +fail: + if (bp) + free(bp); + if (pfd >= 0) + close(pfd); + free(master); + return (1); } -*/ -- cgit v1.2.3