]> git.ipfire.org Git - thirdparty/util-linux.git/blob - login-utils/vipw.c
projects / thirdparty / util-linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
translation: unify file open error messages
[thirdparty/util-linux.git] / login-utils / vipw.c
1 /*
2 * Copyright (c) 1987 Regents of the University of California.
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 * Updated Thu Oct 12 09:56:55 1995 by faith@cs.unc.edu with security
34 * patches from Zefram <A.Main@dcs.warwick.ac.uk>
35 *
36 * Updated Thu Nov 9 21:58:53 1995 by Martin Schulze
37 * <joey@finlandia.infodrom.north.de>. Support for vigr.
38 *
39 * Martin Schulze's patches adapted to Util-Linux by Nicolai Langfeldt.
40 *
41 * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL>
42 * - added Native Language Support
43 * Sun Mar 21 1999 - Arnaldo Carvalho de Melo <acme@conectiva.com.br>
44 * - fixed strerr(errno) in gettext calls
45 */
46
47 /*
48 * This command is deprecated. The utility is in maintenance mode,
49 * meaning we keep them in source tree for backward compatibility
50 * only. Do not waste time making this command better, unless the
51 * fix is about security or other very critical issue.
52 *
53 * See Documentation/deprecated.txt for more information.
54 */
55
56 #include <errno.h>
57 #include <fcntl.h>
58 #include <paths.h>
59 #include <pwd.h>
60 #include <shadow.h>
61 #include <signal.h>
62 #include <stdio.h>
63 #include <stdlib.h>
64 #include <string.h>
65 #include <sys/file.h>
66 #include <sys/param.h>
67 #include <sys/resource.h>
68 #include <sys/stat.h>
69 #include <sys/time.h>
70 #include <sys/types.h>
71 #include <sys/wait.h>
72 #include <unistd.h>
73
74 #include "c.h"
75 #include "fileutils.h"
76 #include "closestream.h"
77 #include "nls.h"
78 #include "setpwnam.h"
79 #include "strutils.h"
80 #include "xalloc.h"
81
82 #ifdef HAVE_LIBSELINUX
83 # include <selinux/selinux.h>
84 #endif
85
86 #define FILENAMELEN 67
87
88 enum {
89 VIPW,
90 VIGR
91 };
92 int program;
93 char orig_file[FILENAMELEN]; /* original file /etc/passwd or /etc/group */
94 char *tmp_file; /* tmp file */
95
96 void pw_error __P((char *, int, int));
97
98 static void copyfile(int from, int to)
99 {
100 int nr, nw, off;
101 char buf[8 * 1024];
102
103 while ((nr = read(from, buf, sizeof(buf))) > 0)
104 for (off = 0; off < nr; nr -= nw, off += nw)
105 if ((nw = write(to, buf + off, nr)) < 0)
106 pw_error(tmp_file, 1, 1);
107
108 if (nr < 0)
109 pw_error(orig_file, 1, 1);
110 }
111
112 static void pw_init(void)
113 {
114 struct rlimit rlim;
115
116 /* Unlimited resource limits. */
117 rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
118 (void)setrlimit(RLIMIT_CPU, &rlim);
119 (void)setrlimit(RLIMIT_FSIZE, &rlim);
120 (void)setrlimit(RLIMIT_STACK, &rlim);
121 (void)setrlimit(RLIMIT_DATA, &rlim);
122 (void)setrlimit(RLIMIT_RSS, &rlim);
123
124 /* Don't drop core (not really necessary, but GP's). */
125 rlim.rlim_cur = rlim.rlim_max = 0;
126 (void)setrlimit(RLIMIT_CORE, &rlim);
127
128 /* Turn off signals. */
129 (void)signal(SIGALRM, SIG_IGN);
130 (void)signal(SIGHUP, SIG_IGN);
131 (void)signal(SIGINT, SIG_IGN);
132 (void)signal(SIGPIPE, SIG_IGN);
133 (void)signal(SIGQUIT, SIG_IGN);
134 (void)signal(SIGTERM, SIG_IGN);
135 (void)signal(SIGTSTP, SIG_IGN);
136 (void)signal(SIGTTOU, SIG_IGN);
137
138 /* Create with exact permissions. */
139 (void)umask(0);
140 }
141
142 static FILE * pw_tmpfile(int lockfd)
143 {
144 FILE *fd;
145 char *tmpname = NULL;
146 char *dir = "/etc";
147
148 if ((fd = xfmkstemp(&tmpname, dir)) == NULL) {
149 ulckpwdf();
150 err(EXIT_FAILURE, _("can't open temporary file"));
151 }
152
153 copyfile(lockfd, fileno(fd));
154 tmp_file = tmpname;
155 return fd;
156 }
157
158 static void pw_write(void)
159 {
160 char tmp[FILENAMELEN + 4];
161
162 sprintf(tmp, "%s%s", orig_file, ".OLD");
163 unlink(tmp);
164
165 if (link(orig_file, tmp))
166 warn(_("%s: create a link to %s failed"), orig_file, tmp);
167
168 #ifdef HAVE_LIBSELINUX
169 if (is_selinux_enabled() > 0) {
170 security_context_t passwd_context = NULL;
171 int ret = 0;
172 if (getfilecon(orig_file, &passwd_context) < 0) {
173 warnx(_("Can't get context for %s"), orig_file);
174 pw_error(orig_file, 1, 1);
175 }
176 ret = setfilecon(tmp_file, passwd_context);
177 freecon(passwd_context);
178 if (ret != 0) {
179 warnx(_("Can't set context for %s"), tmp_file);
180 pw_error(tmp_file, 1, 1);
181 }
182 }
183 #endif
184
185 if (rename(tmp_file, orig_file) == -1) {
186 int errsv = errno;
187 errx(EXIT_FAILURE,
188 ("cannot write %s: %s (your changes are still in %s)"),
189 orig_file, strerror(errsv), tmp_file);
190 }
191 unlink(tmp_file);
192 free(tmp_file);
193 }
194
195 static void pw_edit(int notsetuid)
196 {
197 int pstat;
198 pid_t pid;
199 char *p, *editor, *tk;
200
201 editor = getenv("EDITOR");
202 editor = xstrdup(editor ? editor : _PATH_VI);
203
204 tk = strtok(editor, " \t");
205 if (tk && (p = strrchr(tk, '/')) != NULL)
206 ++p;
207 else
208 p = editor;
209
210 pid = fork();
211 if (pid < 0)
212 err(EXIT_FAILURE, _("fork failed"));
213
214 if (!pid) {
215 if (notsetuid) {
216 (void)setgid(getgid());
217 (void)setuid(getuid());
218 }
219 execlp(editor, p, tmp_file, NULL);
220 /* Shouldn't get here */
221 _exit(EXIT_FAILURE);
222 }
223 for (;;) {
224 pid = waitpid(pid, &pstat, WUNTRACED);
225 if (WIFSTOPPED(pstat)) {
226 /* the editor suspended, so suspend us as well */
227 kill(getpid(), SIGSTOP);
228 kill(pid, SIGCONT);
229 } else {
230 break;
231 }
232 }
233 if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0)
234 pw_error(editor, 1, 1);
235
236 free(editor);
237 }
238
239 void pw_error(char *name, int err, int eval)
240 {
241 if (err) {
242 if (name)
243 warn("%s: ", name);
244 else
245 warn(NULL);
246 }
247 warnx(_("%s unchanged"), orig_file);
248 unlink(tmp_file);
249 ulckpwdf();
250 exit(eval);
251 }
252
253 static void edit_file(int is_shadow)
254 {
255 struct stat begin, end;
256 int passwd_file, ch_ret;
257 FILE *tmp_fd;
258
259 pw_init();
260
261 /* acquire exclusive lock */
262 if (lckpwdf() < 0)
263 err(EXIT_FAILURE, _("cannot get lock"));
264
265 passwd_file = open(orig_file, O_RDONLY, 0);
266 if (passwd_file < 0)
267 err(EXIT_FAILURE, _("cannot open %s"), orig_file);
268 tmp_fd = pw_tmpfile(passwd_file);
269
270 if (fstat(fileno(tmp_fd), &begin))
271 pw_error(tmp_file, 1, 1);
272
273 pw_edit(0);
274
275 if (fstat(fileno(tmp_fd), &end))
276 pw_error(tmp_file, 1, 1);
277 if (begin.st_mtime == end.st_mtime) {
278 warnx(_("no changes made"));
279 pw_error((char *)NULL, 0, 0);
280 }
281 /* pw_tmpfile() will create the file with mode 600 */
282 if (!is_shadow)
283 ch_ret = fchmod(fileno(tmp_fd), 0644);
284 else
285 ch_ret = fchmod(fileno(tmp_fd), 0400);
286 if (ch_ret < 0)
287 err(EXIT_FAILURE, "%s: %s", _("cannot chmod file"), orig_file);
288 if (close_stream(tmp_fd) != 0)
289 err(EXIT_FAILURE, _("write error"));
290 pw_write();
291 close(passwd_file);
292 ulckpwdf();
293 }
294
295 int main(int argc, char *argv[])
296 {
297 setlocale(LC_ALL, "");
298 bindtextdomain(PACKAGE, LOCALEDIR);
299 textdomain(PACKAGE);
300 atexit(close_stdout);
301
302 if (!strcmp(program_invocation_short_name, "vigr")) {
303 program = VIGR;
304 xstrncpy(orig_file, GROUP_FILE, sizeof(orig_file));
305 } else {
306 program = VIPW;
307 xstrncpy(orig_file, PASSWD_FILE, sizeof(orig_file));
308 }
309
310 if ((argc > 1) &&
311 (!strcmp(argv[1], "-V") || !strcmp(argv[1], "--version"))) {
312 printf(UTIL_LINUX_VERSION);
313 exit(EXIT_SUCCESS);
314 }
315
316 edit_file(0);
317
318 if (program == VIGR) {
319 strncpy(orig_file, SGROUP_FILE, FILENAMELEN - 1);
320 } else {
321 strncpy(orig_file, SHADOW_FILE, FILENAMELEN - 1);
322 }
323
324 if (access(orig_file, F_OK) == 0) {
325 char response[80];
326
327 printf((program == VIGR)
328 ? _("You are using shadow groups on this system.\n")
329 : _("You are using shadow passwords on this system.\n"));
330 /* TRANSLATORS: this program uses for y and n rpmatch(3),
331 * which means they can be translated. */
332 printf(_("Would you like to edit %s now [y/n]? "), orig_file);
333
334 if (fgets(response, sizeof(response), stdin)) {
335 if (rpmatch(response) == 1)
336 edit_file(1);
337 }
338 }
339 exit(EXIT_SUCCESS);
340 }
Unnamed repository; edit this file 'description' to name the repository.