2 * Copyright (c) 1987 Regents of the University of California.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * Updated Thu Oct 12 09:56:55 1995 by faith@cs.unc.edu with security
34 * patches from Zefram <A.Main@dcs.warwick.ac.uk>
36 * Updated Thu Nov 9 21:58:53 1995 by Martin Schulze
37 * <joey@finlandia.infodrom.north.de>. Support for vigr.
39 * Martin Schulze's patches adapted to Util-Linux by Nicolai Langfeldt.
41 * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL>
42 * - added Native Language Support
43 * Sun Mar 21 1999 - Arnaldo Carvalho de Melo <acme@conectiva.com.br>
44 * - fixed strerr(errno) in gettext calls
47 static char version_string[] = "vipw 1.4";
49 #include <sys/types.h>
55 #include <sys/param.h>
58 #include <sys/resource.h>
70 #ifdef HAVE_LIBSELINUX
71 #include <selinux/selinux.h>
74 #define FILENAMELEN 67
79 char orig_file[FILENAMELEN]; /* original file /etc/passwd or /etc/group */
80 char tmp_file[FILENAMELEN]; /* tmp file */
81 char tmptmp_file[FILENAMELEN]; /* very tmp file */
83 void pw_error __P((char *, int, int));
86 copyfile(int from, int to) {
90 while ((nr = read(from, buf, sizeof(buf))) > 0)
91 for (off = 0; off < nr; nr -= nw, off += nw)
92 if ((nw = write(to, buf + off, nr)) < 0)
93 pw_error(tmp_file, 1, 1);
96 pw_error(orig_file, 1, 1);
104 /* Unlimited resource limits. */
105 rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
106 (void)setrlimit(RLIMIT_CPU, &rlim);
107 (void)setrlimit(RLIMIT_FSIZE, &rlim);
108 (void)setrlimit(RLIMIT_STACK, &rlim);
109 (void)setrlimit(RLIMIT_DATA, &rlim);
110 (void)setrlimit(RLIMIT_RSS, &rlim);
112 /* Don't drop core (not really necessary, but GP's). */
113 rlim.rlim_cur = rlim.rlim_max = 0;
114 (void)setrlimit(RLIMIT_CORE, &rlim);
116 /* Turn off signals. */
117 (void)signal(SIGALRM, SIG_IGN);
118 (void)signal(SIGHUP, SIG_IGN);
119 (void)signal(SIGINT, SIG_IGN);
120 (void)signal(SIGPIPE, SIG_IGN);
121 (void)signal(SIGQUIT, SIG_IGN);
122 (void)signal(SIGTERM, SIG_IGN);
123 (void)signal(SIGTSTP, SIG_IGN);
124 (void)signal(SIGTTOU, SIG_IGN);
126 /* Create with exact permissions. */
135 * If the password file doesn't exist, the system is hosed.
136 * Might as well try to build one. Set the close-on-exec bit so
137 * that users can't get at the encrypted passwords while editing.
138 * Open should allow flock'ing the file; see 4.4BSD. XXX
140 #if 0 /* flock()ing is superfluous here, with the ptmp/ptmptmp system. */
141 if (flock(lockfd, LOCK_EX|LOCK_NB)) {
143 fprintf(stderr, _("%s: the password file is busy.\n"),
146 fprintf(stderr, _("%s: the group file is busy.\n"),
152 if ((fd = open(tmptmp_file, O_WRONLY|O_CREAT, 0600)) == -1) {
153 (void)fprintf(stderr,
154 "%s: %s: %s\n", progname, tmptmp_file, strerror(errno));
157 ret = link(tmptmp_file, tmp_file);
158 (void)unlink(tmptmp_file);
161 (void)fprintf(stderr,
162 _("%s: the %s file is busy (%s present)\n"),
164 program == VIPW ? "password" : "group",
168 (void)fprintf(stderr, _("%s: can't link %s: %s\n"), progname,
169 tmp_file, strerror(errsv));
174 lockfd = open(orig_file, O_RDONLY, 0);
177 (void)fprintf(stderr, "%s: %s: %s\n",
178 progname, orig_file, strerror(errno));
183 copyfile(lockfd, fd);
191 char tmp[FILENAMELEN+4];
193 sprintf(tmp, "%s%s", orig_file, ".OLD");
195 link(orig_file, tmp);
197 #ifdef HAVE_LIBSELINUX
198 if (is_selinux_enabled() > 0) {
199 security_context_t passwd_context=NULL;
201 if (getfilecon(orig_file,&passwd_context) < 0) {
202 (void) fprintf(stderr,_("%s: Can't get context for %s"),progname,orig_file);
203 pw_error(orig_file, 1, 1);
205 ret=setfilecon(tmp_file,passwd_context);
206 freecon(passwd_context);
208 (void) fprintf(stderr,_("%s: Can't set context for %s"),progname,tmp_file);
209 pw_error(tmp_file, 1, 1);
214 if (rename(tmp_file, orig_file) == -1) {
217 _("%s: can't unlock %s: %s (your changes are still in %s)\n"),
218 progname, orig_file, strerror(errsv), tmp_file);
226 pw_edit(int notsetuid) {
231 if (!(editor = getenv("EDITOR")))
232 editor = strdup(_PATH_VI); /* adia@egnatia.ee.auth.gr */
233 if ((p = strrchr(strtok(editor," \t"), '/')) != NULL)
240 (void)fprintf(stderr, _("%s: Cannot fork\n"), progname);
245 (void)setgid(getgid());
246 (void)setuid(getuid());
248 execlp(editor, p, tmp_file, NULL);
252 pid = waitpid(pid, &pstat, WUNTRACED);
253 if (WIFSTOPPED(pstat)) {
254 /* the editor suspended, so suspend us as well */
255 kill(getpid(), SIGSTOP);
261 if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0)
262 pw_error(editor, 1, 1);
266 pw_error(char *name, int err, int eval) {
270 fprintf(stderr, "%s: ", progname);
272 (void)fprintf(stderr, "%s: ", name);
273 fprintf(stderr, "%s\n", strerror(sverrno));
276 _("%s: %s unchanged\n"), progname, orig_file);
282 edit_file(int is_shadow)
284 struct stat begin, end;
289 if (stat(tmp_file, &begin))
290 pw_error(tmp_file, 1, 1);
294 if (stat(tmp_file, &end))
295 pw_error(tmp_file, 1, 1);
296 if (begin.st_mtime == end.st_mtime) {
297 (void)fprintf(stderr, _("%s: no changes made\n"), progname);
298 pw_error((char *)NULL, 0, 0);
300 /* see pw_lock() where we create the file with mode 600 */
302 chmod(tmp_file, 0644);
304 chmod(tmp_file, 0400);
308 int main(int argc, char *argv[]) {
310 setlocale(LC_ALL, "");
311 bindtextdomain(PACKAGE, LOCALEDIR);
314 memset(tmp_file, '\0', FILENAMELEN);
315 progname = (strrchr(argv[0], '/')) ? strrchr(argv[0], '/') + 1 : argv[0];
316 if (!strcmp(progname, "vigr")) {
318 xstrncpy(orig_file, GROUP_FILE, sizeof(orig_file));
319 xstrncpy(tmp_file, GTMP_FILE, sizeof(tmp_file));
320 xstrncpy(tmptmp_file, GTMPTMP_FILE, sizeof(tmptmp_file));
323 xstrncpy(orig_file, PASSWD_FILE, sizeof(orig_file));
324 xstrncpy(tmp_file, PTMP_FILE, sizeof(tmp_file));
325 xstrncpy(tmptmp_file, PTMPTMP_FILE, sizeof(tmptmp_file));
329 (!strcmp(argv[1], "-V") || !strcmp(argv[1], "--version"))) {
330 printf("%s\n", version_string);
336 if (program == VIGR) {
337 strncpy(orig_file, SGROUP_FILE, FILENAMELEN-1);
338 strncpy(tmp_file, SGTMP_FILE, FILENAMELEN-1);
339 strncpy(tmptmp_file, SGTMPTMP_FILE, FILENAMELEN-1);
341 strncpy(orig_file, SHADOW_FILE, FILENAMELEN-1);
342 strncpy(tmp_file, SPTMP_FILE, FILENAMELEN-1);
343 strncpy(tmptmp_file, SPTMPTMP_FILE, FILENAMELEN-1);
346 if (access(orig_file, F_OK) == 0) {
349 printf((program == VIGR)
350 ? _("You are using shadow groups on this system.\n")
351 : _("You are using shadow passwords on this system.\n"));
352 printf(_("Would you like to edit %s now [y/n]? "), orig_file);
355 if (fgets(response, sizeof(response), stdin)) {
356 if (response[0] == 'y' || response[0] == 'Y')