login-utils/vipw.c

   1 /*
   2  * Copyright (c) 1987 Regents of the University of California.
   3  * All rights reserved.
   4  *
   5  * Redistribution and use in source and binary forms, with or without
   6  * modification, are permitted provided that the following conditions
   7  * are met:
   8  * 1. Redistributions of source code must retain the above copyright
   9  *    notice, this list of conditions and the following disclaimer.
  10  * 2. Redistributions in binary form must reproduce the above copyright
  11  *    notice, this list of conditions and the following disclaimer in the
  12  *    documentation and/or other materials provided with the distribution.
  13  * 3. All advertising materials mentioning features or use of this software
  14  *    must display the following acknowledgement:
  15  *      This product includes software developed by the University of
  16  *      California, Berkeley and its contributors.
  17  * 4. Neither the name of the University nor the names of its contributors
  18  *    may be used to endorse or promote products derived from this software
  19  *    without specific prior written permission.
  20  *
  21  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  31  * SUCH DAMAGE.
  32  *
  33  * Updated Thu Oct 12 09:56:55 1995 by faith@cs.unc.edu with security
  34  * patches from Zefram <A.Main@dcs.warwick.ac.uk>
  35  *
  36  * Updated Thu Nov  9 21:58:53 1995 by Martin Schulze
  37  * <joey@finlandia.infodrom.north.de>.  Support for vigr.
  38  *
  39  * Martin Schulze's patches adapted to Util-Linux by Nicolai Langfeldt.
  40  *
  41  * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@misiek.eu.org>
  42  * - added Native Language Support
  43  * Sun Mar 21 1999 - Arnaldo Carvalho de Melo <acme@conectiva.com.br>
  44  * - fixed strerr(errno) in gettext calls
  45  */
  46
  47 static char version_string[] = "vipw 1.4";
  48
  49 #include <sys/types.h>
  50 #include <sys/stat.h>
  51 #include <pwd.h>
  52 #include <stdio.h>
  53 #include <stdlib.h>
  54 #include <string.h>
  55 #include <sys/param.h>
  56 #include <sys/time.h>
  57 #include <sys/wait.h>
  58 #include <sys/resource.h>
  59 #include <sys/file.h>
  60 #include <signal.h>
  61 #include <fcntl.h>
  62 #include <errno.h>
  63 #include <paths.h>
  64 #include <unistd.h>
  65
  66 #include "setpwnam.h"
  67 #include "nls.h"
  68
  69 #define FILENAMELEN 67
  70
  71 char *progname;
  72 enum { VIPW, VIGR };
  73 int program;
  74 char orig_file[FILENAMELEN];   /* original file /etc/passwd or /etc/group */
  75 char tmp_file[FILENAMELEN];    /* tmp file */
  76 char tmptmp_file[FILENAMELEN]; /* very tmp file */
  77
  78 void pw_error __P((char *, int, int));
  79
  80 static void
  81 copyfile(int from, int to) {
  82         int nr, nw, off;
  83         char buf[8*1024];
  84
  85         while ((nr = read(from, buf, sizeof(buf))) > 0)
  86                 for (off = 0; off < nr; nr -= nw, off += nw)
  87                         if ((nw = write(to, buf + off, nr)) < 0)
  88                           pw_error(tmp_file, 1, 1);
  89
  90         if (nr < 0)
  91           pw_error(orig_file, 1, 1);
  92 }
  93
  94
  95 static void
  96 pw_init(void) {
  97         struct rlimit rlim;
  98
  99         /* Unlimited resource limits. */
 100         rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
 101         (void)setrlimit(RLIMIT_CPU, &rlim);
 102         (void)setrlimit(RLIMIT_FSIZE, &rlim);
 103         (void)setrlimit(RLIMIT_STACK, &rlim);
 104         (void)setrlimit(RLIMIT_DATA, &rlim);
 105         (void)setrlimit(RLIMIT_RSS, &rlim);
 106
 107         /* Don't drop core (not really necessary, but GP's). */
 108         rlim.rlim_cur = rlim.rlim_max = 0;
 109         (void)setrlimit(RLIMIT_CORE, &rlim);
 110
 111         /* Turn off signals. */
 112         (void)signal(SIGALRM, SIG_IGN);
 113         (void)signal(SIGHUP, SIG_IGN);
 114         (void)signal(SIGINT, SIG_IGN);
 115         (void)signal(SIGPIPE, SIG_IGN);
 116         (void)signal(SIGQUIT, SIG_IGN);
 117         (void)signal(SIGTERM, SIG_IGN);
 118         (void)signal(SIGTSTP, SIG_IGN);
 119         (void)signal(SIGTTOU, SIG_IGN);
 120
 121         /* Create with exact permissions. */
 122         (void)umask(0);
 123 }
 124
 125 static int
 126 pw_lock(void) {
 127         int lockfd, fd, ret;
 128
 129         /*
 130          * If the password file doesn't exist, the system is hosed.
 131          * Might as well try to build one.  Set the close-on-exec bit so
 132          * that users can't get at the encrypted passwords while editing.
 133          * Open should allow flock'ing the file; see 4.4BSD.    XXX
 134          */
 135         lockfd = open(orig_file, O_RDONLY, 0);
 136
 137         if (lockfd < 0) {
 138                 (void)fprintf(stderr, "%s: %s: %s\n",
 139                     progname, orig_file, strerror(errno));
 140                 exit(1);
 141         }
 142 #if 0 /* flock()ing is superfluous here, with the ptmp/ptmptmp system. */
 143         if (flock(lockfd, LOCK_EX|LOCK_NB)) {
 144                 (void)fprintf(stderr,
 145                     _("%s: the %s file is busy.\n"), progname,
 146                               program == VIPW ? "password" : "group" );
 147                 exit(1);
 148         }
 149 #endif
 150
 151         if ((fd = open(tmptmp_file, O_WRONLY|O_CREAT, 0644)) == -1) {
 152           (void)fprintf(stderr,
 153                    "%s: %s: %s\n", progname, tmptmp_file, strerror(errno));
 154           exit(1);
 155         }
 156         ret = link(tmptmp_file, tmp_file);
 157         (void)unlink(tmptmp_file);
 158         if (ret == -1) {
 159             if (errno == EEXIST)
 160                 (void)fprintf(stderr,
 161                               _("%s: the %s file is busy (%s present)\n"),
 162                               progname,
 163                               program == VIPW ? "password" : "group",
 164                               tmp_file);
 165             else {
 166                 int errsv = errno;
 167                 (void)fprintf(stderr, _("%s: can't link %s: %s\n"), progname,
 168                               tmp_file, strerror(errsv));
 169             }
 170             exit(1);
 171         }
 172         copyfile(lockfd, fd);
 173         (void)close(lockfd);
 174         (void)close(fd);
 175         return(1);
 176 }
 177
 178 static void
 179 pw_unlock(void) {
 180   char tmp[FILENAMELEN];
 181
 182   sprintf(tmp, "%s%s", orig_file, ".OLD");
 183   unlink(tmp);
 184   link(orig_file, tmp);
 185   if (rename(tmp_file, orig_file) == -1) {
 186     int errsv = errno;
 187     (void)fprintf(stderr,
 188                   _("%s: can't unlock %s: %s (your changes are still in %s)\n"),
 189                   progname, orig_file, strerror(errsv), tmp_file);
 190     exit(1);
 191   }
 192   (void)unlink(tmp_file);
 193 }
 194
 195
 196 static void
 197 pw_edit(int notsetuid) {
 198         int pstat;
 199         pid_t pid;
 200         char *p, *editor;
 201
 202         if (!(editor = getenv("EDITOR")))
 203                 editor = strdup(_PATH_VI); /* adia@egnatia.ee.auth.gr */
 204         if ((p = strrchr(strtok(editor," \t"), '/')) != NULL)
 205                 ++p;
 206         else
 207                 p = editor;
 208
 209         pid = fork();
 210         if (pid < 0) {
 211                 (void)fprintf(stderr, _("%s: Cannot fork\n"), progname);
 212                 exit(1);
 213         }
 214         if (!pid) {
 215                 if (notsetuid) {
 216                         (void)setgid(getgid());
 217                         (void)setuid(getuid());
 218                 }
 219                 execlp(editor, p, tmp_file, NULL);
 220                 _exit(1);
 221         }
 222         for (;;) {
 223             pid = waitpid(pid, &pstat, WUNTRACED);
 224             if (WIFSTOPPED(pstat)) {
 225                 /* the editor suspended, so suspend us as well */
 226                 kill(getpid(), SIGSTOP);
 227                 kill(pid, SIGCONT);
 228             } else {
 229                 break;
 230             }
 231         }
 232         if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0)
 233                 pw_error(editor, 1, 1);
 234 }
 235
 236 void
 237 pw_error(name, err, eval)
 238         char *name;
 239         int err, eval;
 240 {
 241         int sverrno;
 242
 243         if (err) {
 244                 sverrno = errno;
 245                 (void)fprintf(stderr, "%s: ", progname);
 246                 if (name)
 247                         (void)fprintf(stderr, "%s: ", name);
 248                 (void)fprintf(stderr, "%s\n", strerror(sverrno));
 249         }
 250         (void)fprintf(stderr,
 251             _("%s: %s unchanged\n"), progname, orig_file);
 252         (void)unlink(tmp_file);
 253         exit(eval);
 254 }
 255
 256 int main(int argc, char *argv[])
 257 {
 258   struct stat begin, end;
 259
 260   setlocale(LC_ALL, "");
 261   bindtextdomain(PACKAGE, LOCALEDIR);
 262   textdomain(PACKAGE);
 263
 264   bzero(tmp_file, FILENAMELEN);
 265   progname = (rindex(argv[0], '/')) ? rindex(argv[0], '/') + 1 : argv[0];
 266   if (!strcmp(progname, "vigr")) {
 267     program = VIGR;
 268     strncpy(orig_file, GROUP_FILE, FILENAMELEN-1);
 269     strncpy(tmp_file, GTMP_FILE, FILENAMELEN-1);
 270     strncpy(tmptmp_file, GTMPTMP_FILE, FILENAMELEN-1);
 271   }
 272   else {
 273     program = VIPW;
 274     strncpy(orig_file, PASSWD_FILE, FILENAMELEN-1);
 275     strncpy(tmp_file, PTMP_FILE, FILENAMELEN-1);
 276     strncpy(tmptmp_file, PTMPTMP_FILE, FILENAMELEN-1);
 277   }
 278
 279   if ((argc > 1) &&
 280       (!strcmp(argv[1], "-V") || !strcmp(argv[1], "--version"))) {
 281     printf("%s\n", version_string);
 282     exit(0);
 283   }
 284
 285   pw_init();
 286   pw_lock();
 287
 288   if (stat(tmp_file, &begin))
 289     pw_error(tmp_file, 1, 1);
 290   pw_edit(0);
 291   if (stat(tmp_file, &end))
 292     pw_error(tmp_file, 1, 1);
 293   if (begin.st_mtime == end.st_mtime) {
 294     (void)fprintf(stderr, _("%s: no changes made\n"), progname);
 295     pw_error((char *)NULL, 0, 0);
 296   }
 297   pw_unlock();
 298   exit(0);
 299 }