2 * Copyright (c) 1987 Regents of the University of California.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * Updated Thu Oct 12 09:56:55 1995 by faith@cs.unc.edu with security
34 * patches from Zefram <A.Main@dcs.warwick.ac.uk>
36 * Updated Thu Nov 9 21:58:53 1995 by Martin Schulze
37 * <joey@finlandia.infodrom.north.de>. Support for vigr.
39 * Martin Schulze's patches adapted to Util-Linux by Nicolai Langfeldt.
41 * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL>
42 * - added Native Language Support
43 * Sun Mar 21 1999 - Arnaldo Carvalho de Melo <acme@conectiva.com.br>
44 * - fixed strerr(errno) in gettext calls
47 static char version_string
[] = "vipw 1.4";
49 #include <sys/types.h>
55 #include <sys/param.h>
58 #include <sys/resource.h>
71 #include <selinux/selinux.h>
74 #define FILENAMELEN 67
79 char orig_file
[FILENAMELEN
]; /* original file /etc/passwd or /etc/group */
80 char tmp_file
[FILENAMELEN
]; /* tmp file */
81 char tmptmp_file
[FILENAMELEN
]; /* very tmp file */
83 void pw_error
__P((char *, int, int));
86 copyfile(int from
, int to
) {
90 while ((nr
= read(from
, buf
, sizeof(buf
))) > 0)
91 for (off
= 0; off
< nr
; nr
-= nw
, off
+= nw
)
92 if ((nw
= write(to
, buf
+ off
, nr
)) < 0)
93 pw_error(tmp_file
, 1, 1);
96 pw_error(orig_file
, 1, 1);
104 /* Unlimited resource limits. */
105 rlim
.rlim_cur
= rlim
.rlim_max
= RLIM_INFINITY
;
106 (void)setrlimit(RLIMIT_CPU
, &rlim
);
107 (void)setrlimit(RLIMIT_FSIZE
, &rlim
);
108 (void)setrlimit(RLIMIT_STACK
, &rlim
);
109 (void)setrlimit(RLIMIT_DATA
, &rlim
);
110 (void)setrlimit(RLIMIT_RSS
, &rlim
);
112 /* Don't drop core (not really necessary, but GP's). */
113 rlim
.rlim_cur
= rlim
.rlim_max
= 0;
114 (void)setrlimit(RLIMIT_CORE
, &rlim
);
116 /* Turn off signals. */
117 (void)signal(SIGALRM
, SIG_IGN
);
118 (void)signal(SIGHUP
, SIG_IGN
);
119 (void)signal(SIGINT
, SIG_IGN
);
120 (void)signal(SIGPIPE
, SIG_IGN
);
121 (void)signal(SIGQUIT
, SIG_IGN
);
122 (void)signal(SIGTERM
, SIG_IGN
);
123 (void)signal(SIGTSTP
, SIG_IGN
);
124 (void)signal(SIGTTOU
, SIG_IGN
);
126 /* Create with exact permissions. */
135 * If the password file doesn't exist, the system is hosed.
136 * Might as well try to build one. Set the close-on-exec bit so
137 * that users can't get at the encrypted passwords while editing.
138 * Open should allow flock'ing the file; see 4.4BSD. XXX
140 #if 0 /* flock()ing is superfluous here, with the ptmp/ptmptmp system. */
141 if (flock(lockfd
, LOCK_EX
|LOCK_NB
)) {
143 fprintf(stderr
, _("%s: the password file is busy.\n"),
146 fprintf(stderr
, _("%s: the group file is busy.\n"),
152 if ((fd
= open(tmptmp_file
, O_WRONLY
|O_CREAT
, 0600)) == -1) {
153 (void)fprintf(stderr
,
154 "%s: %s: %s\n", progname
, tmptmp_file
, strerror(errno
));
157 ret
= link(tmptmp_file
, tmp_file
);
158 (void)unlink(tmptmp_file
);
161 (void)fprintf(stderr
,
162 _("%s: the %s file is busy (%s present)\n"),
164 program
== VIPW
? "password" : "group",
168 (void)fprintf(stderr
, _("%s: can't link %s: %s\n"), progname
,
169 tmp_file
, strerror(errsv
));
174 lockfd
= open(orig_file
, O_RDONLY
, 0);
177 (void)fprintf(stderr
, "%s: %s: %s\n",
178 progname
, orig_file
, strerror(errno
));
183 copyfile(lockfd
, fd
);
191 char tmp
[FILENAMELEN
+4];
193 sprintf(tmp
, "%s%s", orig_file
, ".OLD");
195 link(orig_file
, tmp
);
198 if (is_selinux_enabled()) {
199 security_context_t passwd_context
=NULL
;
201 if (getfilecon(orig_file
,&passwd_context
) < 0) {
202 (void) fprintf(stderr
,_("%s: Can't get context for %s"),progname
,orig_file
);
203 pw_error(orig_file
, 1, 1);
205 ret
=setfilecon(tmp_file
,passwd_context
);
206 freecon(passwd_context
);
208 (void) fprintf(stderr
,_("%s: Can't set context for %s"),progname
,tmp_file
);
209 pw_error(tmp_file
, 1, 1);
214 if (rename(tmp_file
, orig_file
) == -1) {
217 _("%s: can't unlock %s: %s (your changes are still in %s)\n"),
218 progname
, orig_file
, strerror(errsv
), tmp_file
);
226 pw_edit(int notsetuid
) {
231 if (!(editor
= getenv("EDITOR")))
232 editor
= strdup(_PATH_VI
); /* adia@egnatia.ee.auth.gr */
233 if ((p
= strrchr(strtok(editor
," \t"), '/')) != NULL
)
240 (void)fprintf(stderr
, _("%s: Cannot fork\n"), progname
);
245 (void)setgid(getgid());
246 (void)setuid(getuid());
248 execlp(editor
, p
, tmp_file
, NULL
);
252 pid
= waitpid(pid
, &pstat
, WUNTRACED
);
253 if (WIFSTOPPED(pstat
)) {
254 /* the editor suspended, so suspend us as well */
255 kill(getpid(), SIGSTOP
);
261 if (pid
== -1 || !WIFEXITED(pstat
) || WEXITSTATUS(pstat
) != 0)
262 pw_error(editor
, 1, 1);
266 pw_error(char *name
, int err
, int eval
) {
270 fprintf(stderr
, "%s: ", progname
);
272 (void)fprintf(stderr
, "%s: ", name
);
273 fprintf(stderr
, "%s\n", strerror(sverrno
));
276 _("%s: %s unchanged\n"), progname
, orig_file
);
282 edit_file(int is_shadow
)
284 struct stat begin
, end
;
289 if (stat(tmp_file
, &begin
))
290 pw_error(tmp_file
, 1, 1);
294 if (stat(tmp_file
, &end
))
295 pw_error(tmp_file
, 1, 1);
296 if (begin
.st_mtime
== end
.st_mtime
) {
297 (void)fprintf(stderr
, _("%s: no changes made\n"), progname
);
298 pw_error((char *)NULL
, 0, 0);
301 chmod(tmp_file
, 0644);
303 /* if shadow file, then mode is 0600 now */
305 chmod(tmp_file
, 0400);
310 int main(int argc
, char *argv
[]) {
312 setlocale(LC_ALL
, "");
313 bindtextdomain(PACKAGE
, LOCALEDIR
);
316 bzero(tmp_file
, FILENAMELEN
);
317 progname
= (rindex(argv
[0], '/')) ? rindex(argv
[0], '/') + 1 : argv
[0];
318 if (!strcmp(progname
, "vigr")) {
320 xstrncpy(orig_file
, GROUP_FILE
, sizeof(orig_file
));
321 xstrncpy(tmp_file
, GTMP_FILE
, sizeof(tmp_file
));
322 xstrncpy(tmptmp_file
, GTMPTMP_FILE
, sizeof(tmptmp_file
));
325 xstrncpy(orig_file
, PASSWD_FILE
, sizeof(orig_file
));
326 xstrncpy(tmp_file
, PTMP_FILE
, sizeof(tmp_file
));
327 xstrncpy(tmptmp_file
, PTMPTMP_FILE
, sizeof(tmptmp_file
));
331 (!strcmp(argv
[1], "-V") || !strcmp(argv
[1], "--version"))) {
332 printf("%s\n", version_string
);
338 if (program
== VIGR
) {
339 strncpy(orig_file
, SGROUP_FILE
, FILENAMELEN
-1);
340 strncpy(tmp_file
, SGTMP_FILE
, FILENAMELEN
-1);
341 strncpy(tmptmp_file
, SGTMPTMP_FILE
, FILENAMELEN
-1);
343 strncpy(orig_file
, SHADOW_FILE
, FILENAMELEN
-1);
344 strncpy(tmp_file
, SPTMP_FILE
, FILENAMELEN
-1);
345 strncpy(tmptmp_file
, SPTMPTMP_FILE
, FILENAMELEN
-1);
348 if (access(orig_file
, F_OK
) == 0) {
351 printf((program
== VIGR
)
352 ? _("You are using shadow groups on this system.\n")
353 : _("You are using shadow passwords on this system.\n"));
354 printf(_("Would you like to edit %s now [y/n]? "), orig_file
);
357 if (fgets(response
, sizeof(response
), stdin
)) {
358 if (response
[0] == 'y' || response
[0] == 'Y')