search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / usr / src / lib / passwdutil / files_attr.c
bloba65e44dd368291036c2fccf1d2790c6e5c450e14
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 * Copyright (c) 2016 by Delphix. All rights reserved.
25 */
26
27 #include <sys/types.h>
28 #include <fcntl.h>
29 #include <errno.h>
30 #include <stdlib.h>
31 #include <sys/stat.h>
32 #include <pwd.h>
33 #include <shadow.h>
34 #include <string.h>
35 #include <strings.h>
36 #include <stdlib.h>
37 #include <unistd.h>
38 #include <nss_dbdefs.h>
39 #include <macros.h>
40 #include <syslog.h>
41
42 #include <limits.h> /* LOGNAME_MAX -- max Solaris user name */
43
44 #include "passwdutil.h"
45
46 int files_lock(void);
47 int files_unlock(void);
48 int files_checkhistory(char *user, char *passwd, pwu_repository_t *rep);
49 int files_getattr(char *name, attrlist *item, pwu_repository_t *rep);
50 int files_getpwnam(char *name, attrlist *items, pwu_repository_t *rep,
51 void **buf);
52 int files_update(attrlist *items, pwu_repository_t *rep, void *buf);
53 int files_putpwnam(char *name, char *oldpw, pwu_repository_t *rep, void *buf);
54 int files_user_to_authenticate(char *name, pwu_repository_t *rep,
55 char **auth_user, int *privileged);
56
57 static int files_update_history(char *name, struct spwd *spwd);
58
59 void _nss_XbyY_fgets(FILE *, nss_XbyY_args_t *);
60 int str2passwd(const char *, int, void *, char *, int);
61
62 static struct passwd *
63 fgetpwent_r(FILE *f, struct passwd *result, char *buffer, int buflen)
64 {
65 nss_XbyY_args_t arg;
66
67 /* No key to fill in */
68 NSS_XbyY_INIT(&arg, result, buffer, buflen, str2passwd);
69 _nss_XbyY_fgets(f, &arg);
70 return ((struct passwd *)NSS_XbyY_FINI(&arg));
71 }
72
73 /*
74 * files function pointer table, used by passwdutil_init to initialize
75 * the global Repository-OPerations table "rops"
76 */
77 struct repops files_repops = {
78 files_checkhistory,
79 files_getattr,
80 files_getpwnam,
81 files_update,
82 files_putpwnam,
83 files_user_to_authenticate,
84 files_lock,
85 files_unlock
86 };
87
88 /*
89 * this structure defines the buffer used to keep state between
90 * get/update/put calls
91 */
92 struct pwbuf {
93 int update_history;
94 struct passwd *pwd;
95 char *pwd_scratch;
96 struct spwd *spwd;
97 char *spwd_scratch;
98 char *new_sp_pwdp;
99 };
100
101 /*
102 * We should use sysconf, but there is no sysconf name for SHADOW
103 * so we use these from nss_dbdefs
104 */
105 #define PWD_SCRATCH_SIZE NSS_LINELEN_PASSWD
106 #define SPW_SCRATCH_SIZE NSS_LINELEN_SHADOW
107
108 /*
109 * lock functions for files repository
110 */
111 int
112 files_lock(void)
113 {
114 int res;
115
116 if (lckpwdf()) {
117 switch (errno) {
118 case EINTR:
119 res = PWU_BUSY;
120 break;
121 case EACCES:
122 res = PWU_DENIED;
123 break;
124 case 0:
125 res = PWU_SUCCESS;
126 break;
127 }
128 } else
129 res = PWU_SUCCESS;
130
131 return (res);
132 }
133
134 int
135 files_unlock(void)
136 {
137 if (ulckpwdf())
138 return (PWU_SYSTEM_ERROR);
139
140 return (PWU_SUCCESS);
141 }
142
143 /*
144 * files_privileged
145 *
146 * Are we a privileged user with regard to the files repository?
147 */
148 int
149 files_privileged(void)
150 {
151 return (getuid() == 0);
152 }
153
154 /*
155 *
156 * private_getpwnam_r()
157 *
158 * A private implementation of getpwnam_r which does *not* fall back to
159 * other services possibly defined in nsswitch.conf
160 *
161 * behaves like getpwnam_r().
162 */
163 struct passwd *
164 private_getpwnam_r(const char *name, struct passwd *result, char *buffer,
165 int buflen)
166 {
167 FILE *fp;
168 int found;
169
170 if ((fp = fopen(PASSWD, "rF")) == NULL)
171 return (NULL);
172
173 found = 0;
174 while (!found && fgetpwent_r(fp, result, buffer, buflen) != NULL) {
175 if (strcmp(name, result->pw_name) == 0)
176 found = 1;
177 }
178
179 (void) fclose(fp);
180
181 if (!found) {
182 (void) memset(buffer, 0, buflen);
183 (void) memset(result, 0, sizeof (*result));
184 return (NULL);
185 }
186
187 return (result);
188 }
189
190 /*
191 * private_getspnam_r()
192 *
193 * A private implementation of getspnam_r which does *not* fall back to
194 * other services possibly defined in nsswitch.conf.
195 *
196 * Behaves like getspnam_r(). Since we use fgetspent_t(), all numeric
197 * fields that are undefined in /etc/shadow will be set to -1.
198 *
199 */
200 struct spwd *
201 private_getspnam_r(const char *name, struct spwd *result, char *buffer,
202 int buflen)
203 {
204 FILE *fp;
205 int found;
206
207 fp = fopen(SHADOW, "rF");
208 if (fp == NULL)
209 return (NULL);
210
211 found = 0;
212 while (!found && fgetspent_r(fp, result, buffer, buflen) != NULL) {
213 if (strcmp(name, result->sp_namp) == 0)
214 found = 1;
215 }
216
217 (void) fclose(fp);
218
219 if (!found) {
220 (void) memset(buffer, 0, buflen);
221 (void) memset(result, 0, sizeof (*result));
222 return (NULL);
223 }
224 return (result);
225 }
226
227 /*
228 * files_getpwnam(name, items, rep, buf)
229 *
230 */
231 /*ARGSUSED*/
232 int
233 files_getpwnam(char *name, attrlist *items, pwu_repository_t *rep, void **buf)
234 {
235 attrlist *p;
236 struct pwbuf *pwbuf;
237 int err = PWU_SUCCESS;
238
239 *buf = calloc(1, sizeof (struct pwbuf));
240 pwbuf = (struct pwbuf *)*buf;
241 if (pwbuf == NULL)
242 return (PWU_NOMEM);
243
244 /*
245 * determine which password structure (/etc/passwd or /etc/shadow)
246 * we need for the items we need to update
247 */
248 for (p = items; p != NULL; p = p->next) {
249 switch (p->type) {
250 case ATTR_NAME:
251 case ATTR_UID:
252 case ATTR_GID:
253 case ATTR_AGE:
254 case ATTR_COMMENT:
255 case ATTR_GECOS:
256 case ATTR_HOMEDIR:
257 case ATTR_SHELL:
258 if (pwbuf->pwd == NULL) {
259 pwbuf->pwd = malloc(sizeof (struct passwd));
260 if (pwbuf->pwd == NULL) {
261 err = PWU_NOMEM;
262 goto error;
263 }
264 }
265 break;
266 case ATTR_PASSWD:
267 case ATTR_PASSWD_SERVER_POLICY:
268 case ATTR_LSTCHG:
269 case ATTR_MIN:
270 case ATTR_MAX:
271 case ATTR_WARN:
272 case ATTR_INACT:
273 case ATTR_EXPIRE:
274 case ATTR_FLAG:
275 case ATTR_LOCK_ACCOUNT:
276 case ATTR_EXPIRE_PASSWORD:
277 case ATTR_FAILED_LOGINS:
278 case ATTR_INCR_FAILED_LOGINS:
279 case ATTR_RST_FAILED_LOGINS:
280 case ATTR_NOLOGIN_ACCOUNT:
281 case ATTR_UNLOCK_ACCOUNT:
282 if (pwbuf->spwd == NULL) {
283 pwbuf->spwd = malloc(sizeof (struct spwd));
284 if (pwbuf->spwd == NULL) {
285 err = PWU_NOMEM;
286 goto error;
287 }
288 }
289 break;
290 default:
291 /*
292 * Some other repository might have different values
293 * so we ignore those.
294 */
295 break;
296 }
297 }
298
299 if (pwbuf->pwd) {
300 if ((pwbuf->pwd_scratch = malloc(PWD_SCRATCH_SIZE)) == NULL) {
301 err = PWU_NOMEM;
302 goto error;
303 }
304 if (private_getpwnam_r(name, pwbuf->pwd, pwbuf->pwd_scratch,
305 PWD_SCRATCH_SIZE) == NULL) {
306 err = PWU_NOT_FOUND;
307 goto error;
308 }
309 }
310
311 if (pwbuf->spwd) {
312 if ((pwbuf->spwd_scratch = malloc(SPW_SCRATCH_SIZE)) == NULL) {
313 err = PWU_NOMEM;
314 goto error;
315 }
316 if (private_getspnam_r(name, pwbuf->spwd, pwbuf->spwd_scratch,
317 SPW_SCRATCH_SIZE) == NULL) {
318 err = PWU_NOT_FOUND;
319 goto error;
320 }
321 }
322
323 return (PWU_SUCCESS);
324 error:
325 free(pwbuf->pwd);
326 free(pwbuf->pwd_scratch);
327 free(pwbuf->spwd);
328 free(pwbuf->spwd_scratch);
329 free(pwbuf);
330 *buf = NULL;
331
332 return (err);
333 }
334
335 /*
336 * int files_user_to_authenticate(name, rep, auth_user, privileged)
337 * Determine which user needs to be authenticated. For files, the
338 * possible return values are:
339 * PWU_NOT_FOUND
340 * PWU_SUCCESS and (auth_user == NULL || auth_user = user)
341 * PWU_DENIED
342 * PWU_NOMEM
343 */
344 /*ARGSUSED*/
345 int
346 files_user_to_authenticate(char *user, pwu_repository_t *rep,
347 char **auth_user, int *privileged)
348 {
349 struct pwbuf *pwbuf;
350 int res;
351 attrlist attr_tmp[1] = { { ATTR_UID, NULL, NULL } };
352
353 /* check to see if target user is present in files */
354 res = files_getpwnam(user, &attr_tmp[0], rep, (void **)&pwbuf);
355 if (res != PWU_SUCCESS)
356 return (res);
357
358 if (files_privileged()) {
359 *auth_user = NULL;
360 *privileged = 1;
361 res = PWU_SUCCESS;
362 } else {
363 *privileged = 0;
364 if (getuid() == pwbuf->pwd->pw_uid) {
365 if ((*auth_user = strdup(user)) == NULL) {
366 res = PWU_NOMEM;
367 } else {
368 res = PWU_SUCCESS;
369 }
370 } else {
371 res = PWU_DENIED;
372 }
373 }
374
375 free(pwbuf->pwd);
376 free(pwbuf->pwd_scratch);
377 free(pwbuf->spwd);
378 free(pwbuf->spwd_scratch);
379 free(pwbuf);
380
381 return (res);
382 }
383
384 /*
385 * Password history file format:
386 * user:crypw1: ... crypwn: such that n <= MAXHISTORY
387 */
388 #define HISTORY "/etc/security/passhistory"
389 #define HISTEMP "/etc/security/pwhistemp"
390 #define OHISTORY "/etc/security/opwhistory"
391 #define HISTMODE S_IRUSR /* mode to create history file */
392 /*
393 * XXX
394 * 3*LOGNAME_MAX just in case there are long user names.
395 * Traditionally Solaris LOGNAME_MAX (_POSIX_LOGIN_NAME_MAX) is 13,
396 * but some sites often user more.
397 * If LOGNAME_MAX ever becomes reasonable (128) and actually enforced,
398 * fix up here.
399 * XXX
400 */
401 #define MAX_LOGNAME (3 * LOGNAME_MAX)
402
403 /*
404 * files_checkhistory - check if a user's new password is in the user's
405 * old password history.
406 *
407 * Entry
408 * user = username.
409 * passwd = new clear text password.
410 *
411 * Exit
412 * PWU_SUCCESS, passwd found in user's old password history.
413 * The caller should only be interested and fail if
414 * PWU_SUCCESS is returned.
415 * PWU_NOT_FOUND, passwd not in user's old password history.
416 * PWU_errors, PWU_ errors from other routines.
417 *
418 */
419 int
420 files_checkhistory(char *user, char *passwd, pwu_repository_t *rep)
421 {
422 attrlist attr;
423 int res;
424
425 attr.type = ATTR_HISTORY;
426 attr.data.val_s = NULL;
427 attr.next = NULL;
428
429 debug("files_checkhistory(user=%s)", user);
430
431 /*
432 * XXX
433 * This depends on the underlying files_getattr implementation
434 * treating user not found in backing store or no history as
435 * an error.
436 * XXX
437 */
438
439 if ((res = files_getattr(user, &attr, rep)) == PWU_SUCCESS) {
440 char *s;
441 char *crypt_passwd;
442 int histsize;
443 char *last = attr.data.val_s;
444
445 if ((histsize = def_getint("HISTORY=", DEFHISTORY)) == 0) {
446 debug("files_checkhistory: no history requested");
447 res = PWU_NOT_FOUND;
448 goto out;
449 }
450
451 debug("files_checkhistory: histsize = %d", histsize);
452 if (histsize > MAXHISTORY)
453 histsize = MAXHISTORY;
454
455 debug("line to test\n\t%s", last);
456
457 /* compare crypt_passwd to attr.data.val_s strings. */
458 res = PWU_NOT_FOUND;
459 while ((histsize-- > 0) &&
460 (((s = strtok_r(NULL, ":", &last)) != NULL) &&
461 (*s != '\n'))) {
462
463 crypt_passwd = crypt(passwd, s);
464 debug("files_checkhistory: user_pw=%s, history_pw=%s",
465 crypt_passwd, s);
466 if (strcmp(crypt_passwd, s) == 0) {
467 res = PWU_SUCCESS;
468 break;
469 }
470 }
471 debug("files_checkhistory(%s, %s) = %d", user, crypt_passwd,
472 res);
473 }
474 out:
475 free(attr.data.val_s);
476
477 return (res);
478 }
479
480 /*
481 * files_getattr(name, items, rep)
482 *
483 * Get attributes specified in list 'items'
484 */
485 int
486 files_getattr(char *name, attrlist *items, pwu_repository_t *rep)
487 {
488 struct pwbuf *pwbuf;
489 struct passwd *pw;
490 struct spwd *spw;
491 attrlist *w;
492 int res;
493
494 res = files_getpwnam(name, items, rep, (void **)&pwbuf);
495 if (res != PWU_SUCCESS)
496 return (res);
497
498 pw = pwbuf->pwd;
499 spw = pwbuf->spwd;
500
501 for (w = items; res == PWU_SUCCESS && w != NULL; w = w->next) {
502 switch (w->type) {
503 case ATTR_NAME:
504 if ((w->data.val_s = strdup(pw->pw_name)) == NULL)
505 res = PWU_NOMEM;
506 break;
507 case ATTR_COMMENT:
508 if ((w->data.val_s = strdup(pw->pw_comment)) == NULL)
509 res = PWU_NOMEM;
510 break;
511 case ATTR_GECOS:
512 if ((w->data.val_s = strdup(pw->pw_gecos)) == NULL)
513 res = PWU_NOMEM;
514 break;
515 case ATTR_HOMEDIR:
516 if ((w->data.val_s = strdup(pw->pw_dir)) == NULL)
517 res = PWU_NOMEM;
518 break;
519 case ATTR_SHELL:
520 if ((w->data.val_s = strdup(pw->pw_shell)) == NULL)
521 res = PWU_NOMEM;
522 break;
523 /*
524 * Nothing special needs to be done for
525 * server policy
526 */
527 case ATTR_PASSWD:
528 case ATTR_PASSWD_SERVER_POLICY:
529 if ((w->data.val_s = strdup(spw->sp_pwdp)) == NULL)
530 res = PWU_NOMEM;
531 break;
532 case ATTR_AGE:
533 if ((w->data.val_s = strdup(pw->pw_age)) == NULL)
534 res = PWU_NOMEM;
535 break;
536 case ATTR_REP_NAME:
537 if ((w->data.val_s = strdup("files")) == NULL)
538 res = PWU_NOMEM;
539 break;
540 case ATTR_HISTORY: {
541 FILE *history;
542 char buf[MAX_LOGNAME + MAXHISTORY +
543 (MAXHISTORY * CRYPT_MAXCIPHERTEXTLEN)+1];
544 char *s, *s1;
545
546 debug("files_getattr: Get password history for %s ",
547 name);
548
549 if ((history = fopen(HISTORY, "rF")) == NULL) {
550 debug("files_getattr: %s not found", HISTORY);
551 res = PWU_OPEN_FAILED;
552 goto getattr_exit;
553 }
554 res = PWU_NOT_FOUND;
555 while ((s = fgets(buf, sizeof (buf), history)) !=
556 NULL) {
557 s1 = strchr(s, ':');
558 if (s1 != NULL) {
559 *s1 = '\0';
560 } else {
561 res = PWU_NOT_FOUND;
562 break;
563 }
564 #ifdef DEBUG
565 debug("got history line for %s", s);
566 #endif /* DEBUG */
567 if (strcmp(s, name) == 0) {
568 /* found user */
569 if ((items->data.val_s =
570 strdup(s1+1)) == NULL)
571 res = PWU_NOMEM;
572 else
573 res = PWU_SUCCESS;
574 break;
575 }
576 }
577 (void) fclose(history);
578 break;
579 }
580
581 /* integer values */
582 case ATTR_UID:
583 w->data.val_i = pw->pw_uid;
584 break;
585 case ATTR_GID:
586 w->data.val_i = pw->pw_gid;
587 break;
588 case ATTR_LSTCHG:
589 w->data.val_i = spw->sp_lstchg;
590 break;
591 case ATTR_MIN:
592 w->data.val_i = spw->sp_min;
593 break;
594 case ATTR_MAX:
595 w->data.val_i = spw->sp_max;
596 break;
597 case ATTR_WARN:
598 w->data.val_i = spw->sp_warn;
599 break;
600 case ATTR_INACT:
601 w->data.val_i = spw->sp_inact;
602 break;
603 case ATTR_EXPIRE:
604 w->data.val_i = spw->sp_expire;
605 break;
606 case ATTR_FLAG:
607 w->data.val_i = spw->sp_flag;
608 break;
609 case ATTR_FAILED_LOGINS:
610 w->data.val_i = spw->sp_flag & FAILCOUNT_MASK;
611 break;
612 default:
613 break;
614 }
615 }
616
617 getattr_exit:
618 free(pwbuf->pwd);
619 free(pwbuf->pwd_scratch);
620 free(pwbuf->spwd);
621 free(pwbuf->spwd_scratch);
622 free(pwbuf);
623
624 return (res);
625 }
626
627 /*
628 * max_present(list)
629 *
630 * see if attribute ATTR_MAX, with value != -1, is present in
631 * attribute-list "list".
632 *
633 * returns 1 if present, 0 otherwise.
634 */
635 static int
636 max_present(attrlist *list)
637 {
638 while (list != NULL)
639 if (list->type == ATTR_MAX && list->data.val_i != -1)
640 return (1);
641 else
642 list = list->next;
643
644 return (0);
645 }
646
647 /*
648 * files_update(items, rep, buf)
649 *
650 * update the information in buf with the attributes specified in
651 * items.
652 */
653 /*ARGSUSED*/
654 int
655 files_update(attrlist *items, pwu_repository_t *rep, void *buf)
656 {
657 struct pwbuf *pwbuf = (struct pwbuf *)buf;
658 struct passwd *pw;
659 struct spwd *spw;
660 attrlist *p;
661 int aging_needed = 0;
662 int aging_set = 0;
663 int disable_aging;
664 char *pword;
665 int len;
666
667 pw = pwbuf->pwd;
668 spw = pwbuf->spwd;
669 pwbuf->update_history = 0;
670
671 /*
672 * if sp_max==0 : disable passwd aging after updating the password
673 */
674 disable_aging = (spw != NULL && spw->sp_max == 0);
675
676 for (p = items; p != NULL; p = p->next) {
677 switch (p->type) {
678 case ATTR_NAME:
679 break; /* We are able to handle this, but... */
680 case ATTR_UID:
681 pw->pw_uid = (uid_t)p->data.val_i;
682 break;
683 case ATTR_GID:
684 pw->pw_gid = (gid_t)p->data.val_i;
685 break;
686 case ATTR_AGE:
687 pw->pw_age = p->data.val_s;
688 break;
689 case ATTR_COMMENT:
690 pw->pw_comment = p->data.val_s;
691 break;
692 case ATTR_GECOS:
693 pw->pw_gecos = p->data.val_s;
694 break;
695 case ATTR_HOMEDIR:
696 pw->pw_dir = p->data.val_s;
697 break;
698 case ATTR_SHELL:
699 pw->pw_shell = p->data.val_s;
700 break;
701
702 /*
703 * Nothing special needs to be done for
704 * server policy
705 */
706 case ATTR_PASSWD:
707 case ATTR_PASSWD_SERVER_POLICY:
708 /*
709 * There is a special case only for files: if the
710 * password is to be deleted (-d to passwd),
711 * p->data.val_s will be NULL.
712 */
713 if (p->data.val_s == NULL) {
714 spw->sp_pwdp = "";
715 } else {
716 char *salt = NULL;
717 char *hash = NULL;
718
719 salt = crypt_gensalt(spw->sp_pwdp, pw);
720
721 if (salt == NULL) {
722 if (errno == ENOMEM)
723 return (PWU_NOMEM);
724 /* algorithm problem? */
725 syslog(LOG_AUTH | LOG_ALERT,
726 "passwdutil: crypt_gensalt %m");
727 return (PWU_UPDATE_FAILED);
728 }
729 hash = crypt(p->data.val_s, salt);
730 free(salt);
731 if (hash == NULL) {
732 errno = ENOMEM;
733 return (PWU_NOMEM);
734 }
735 pword = strdup(hash);
736 if (pword == NULL) {
737 errno = ENOMEM;
738 return (PWU_NOMEM);
739 }
740
741 free(pwbuf->new_sp_pwdp);
742 pwbuf->new_sp_pwdp = pword;
743 spw->sp_pwdp = pword;
744 aging_needed = 1;
745 pwbuf->update_history = 1;
746 }
747 spw->sp_flag &= ~FAILCOUNT_MASK; /* reset count */
748 spw->sp_lstchg = DAY_NOW_32;
749 break;
750 case ATTR_LOCK_ACCOUNT:
751 if (spw->sp_pwdp == NULL) {
752 spw->sp_pwdp = LOCKSTRING;
753 } else if ((strncmp(spw->sp_pwdp, LOCKSTRING,
754 sizeof (LOCKSTRING)-1) != 0) &&
755 (strcmp(spw->sp_pwdp, NOLOGINSTRING) != 0)) {
756 len = sizeof (LOCKSTRING)-1 +
757 strlen(spw->sp_pwdp) + 1;
758 pword = malloc(len);
759 if (pword == NULL) {
760 errno = ENOMEM;
761 return (PWU_NOMEM);
762 }
763 (void) strlcpy(pword, LOCKSTRING, len);
764 (void) strlcat(pword, spw->sp_pwdp, len);
765 free(pwbuf->new_sp_pwdp);
766 pwbuf->new_sp_pwdp = pword;
767 spw->sp_pwdp = pword;
768 }
769 spw->sp_lstchg = DAY_NOW_32;
770 break;
771 case ATTR_UNLOCK_ACCOUNT:
772 if (spw->sp_pwdp != NULL &&
773 strncmp(spw->sp_pwdp, LOCKSTRING,
774 sizeof (LOCKSTRING)-1) == 0) {
775 (void) strcpy(spw->sp_pwdp, spw->sp_pwdp +
776 sizeof (LOCKSTRING)-1);
777 }
778 spw->sp_lstchg = DAY_NOW_32;
779 break;
780 case ATTR_NOLOGIN_ACCOUNT:
781 spw->sp_pwdp = NOLOGINSTRING;
782 if (pwbuf->new_sp_pwdp) {
783 free(pwbuf->new_sp_pwdp);
784 pwbuf->new_sp_pwdp = NULL;
785 }
786 spw->sp_lstchg = DAY_NOW_32;
787 break;
788 case ATTR_EXPIRE_PASSWORD:
789 spw->sp_lstchg = 0;
790 break;
791 case ATTR_LSTCHG:
792 spw->sp_lstchg = p->data.val_i;
793 break;
794 case ATTR_MIN:
795 if (spw->sp_max == -1 &&
796 p->data.val_i != -1 && max_present(p->next) == 0)
797 return (PWU_AGING_DISABLED);
798 spw->sp_min = p->data.val_i;
799 aging_set = 1;
800 break;
801 case ATTR_MAX:
802 if (p->data.val_i == -1) {
803 /* Turn aging off -> Reset min and warn too */
804
805 spw->sp_min = -1;
806 spw->sp_warn = -1;
807 } else {
808 /* Turn aging on */
809
810 if (spw->sp_min == -1) {
811 /*
812 * If minage has not been set with
813 * a command-line option, we set it
814 * to zero.
815 */
816 spw->sp_min = 0;
817 }
818
819 /*
820 * If aging was turned off, we update lstchg.
821 *
822 * We take care not to update lstchg if the
823 * user has no password, otherwise the user
824 * might not be required to provide a password
825 * the next time they log-in.
826 *
827 * Also, if lstchg != -1 (i.e., not set in
828 * /etc/shadow), we keep the old value.
829 */
830 if (spw->sp_max == -1 &&
831 spw->sp_pwdp != NULL && *spw->sp_pwdp &&
832 spw->sp_lstchg == -1) {
833 spw->sp_lstchg = DAY_NOW_32;
834 }
835 }
836
837 spw->sp_max = p->data.val_i;
838
839 aging_set = 1;
840
841 break;
842 case ATTR_WARN:
843 if (spw->sp_max == -1 && p->data.val_i != -1 &&
844 max_present(p->next) == 0)
845 return (PWU_AGING_DISABLED);
846 spw->sp_warn = p->data.val_i;
847 break;
848 case ATTR_INACT:
849 spw->sp_inact = p->data.val_i;
850 break;
851 case ATTR_EXPIRE:
852 spw->sp_expire = p->data.val_i;
853 break;
854 case ATTR_FLAG:
855 spw->sp_flag = p->data.val_i;
856 break;
857 case ATTR_INCR_FAILED_LOGINS:
858 {
859 int count = (spw->sp_flag & FAILCOUNT_MASK) + 1;
860 spw->sp_flag &= ~FAILCOUNT_MASK;
861 spw->sp_flag |= min(FAILCOUNT_MASK, count);
862 p->data.val_i = count;
863 }
864 break;
865 case ATTR_RST_FAILED_LOGINS:
866 p->data.val_i = spw->sp_flag & FAILCOUNT_MASK;
867 spw->sp_flag &= ~FAILCOUNT_MASK;
868 break;
869 default:
870 break;
871 }
872 }
873
874 /*
875 * What should the new aging values look like?
876 *
877 * There are a number of different conditions
878 *
879 * a) aging is already configured: don't touch it
880 *
881 * b) disable_aging is set: disable aging
882 *
883 * c) aging is not configured: turn on default aging;
884 *
885 * b) and c) of course only if aging_needed and !aging_set.
886 * (i.e., password changed, and aging values not changed)
887 */
888
889 if (spw != NULL && spw->sp_max <= 0) {
890 /* a) aging not yet configured */
891 if (aging_needed && !aging_set) {
892 if (disable_aging) {
893 /* b) turn off aging */
894 spw->sp_min = spw->sp_max = spw->sp_warn = -1;
895 } else {
896 /* c) */
897 turn_on_default_aging(spw);
898 }
899 }
900 }
901
902 return (PWU_SUCCESS);
903 }
904
905 /*
906 * files_update_shadow(char *name, struct spwd *spwd)
907 *
908 * update the shadow password file SHADOW to contain the spwd structure
909 * "spwd" for user "name"
910 */
911 int
912 files_update_shadow(char *name, struct spwd *spwd)
913 {
914 struct stat64 stbuf;
915 FILE *dst;
916 FILE *src;
917 struct spwd cur;
918 char buf[SPW_SCRATCH_SIZE];
919 int tempfd;
920 mode_t filemode;
921 int result = -1;
922 int err = PWU_SUCCESS;
923
924 /* Mode of the shadow file should be 400 or 000 */
925 if (stat64(SHADOW, &stbuf) < 0) {
926 err = PWU_STAT_FAILED;
927 goto shadow_exit;
928 }
929
930 /* copy mode from current shadow file (0400 or 0000) */
931 filemode = stbuf.st_mode & S_IRUSR;
932
933 /*
934 * we can't specify filemodes to fopen(), and we SHOULD NOT
935 * set umask in multi-thread safe libraries, so we use
936 * a combination of open() and fdopen()
937 */
938 tempfd = open(SHADTEMP, O_WRONLY|O_CREAT|O_TRUNC, filemode);
939 if (tempfd < 0) {
940 err = PWU_OPEN_FAILED;
941 goto shadow_exit;
942 }
943 (void) fchown(tempfd, (uid_t)0, stbuf.st_gid);
944
945 if ((dst = fdopen(tempfd, "wF")) == NULL) {
946 err = PWU_OPEN_FAILED;
947 goto shadow_exit;
948 }
949
950 if ((src = fopen(SHADOW, "rF")) == NULL) {
951 err = PWU_OPEN_FAILED;
952 (void) fclose(dst);
953 (void) unlink(SHADTEMP);
954 goto shadow_exit;
955 }
956
957 /*
958 * copy old shadow to temporary file while replacing the entry
959 * that matches "name".
960 */
961 while (fgetspent_r(src, &cur, buf, sizeof (buf)) != NULL) {
962
963 if (strcmp(cur.sp_namp, name) == 0)
964 result = putspent(spwd, dst);
965 else
966 result = putspent(&cur, dst);
967
968 if (result != 0) {
969 err = PWU_WRITE_FAILED;
970 (void) fclose(src);
971 (void) fclose(dst);
972 goto shadow_exit;
973 }
974 }
975
976 (void) fclose(src);
977
978 if (fclose(dst) != 0) {
979 /*
980 * Something went wrong (ENOSPC for example). Don't
981 * use the resulting temporary file!
982 */
983 err = PWU_CLOSE_FAILED;
984 (void) unlink(SHADTEMP);
985 goto shadow_exit;
986 }
987
988 /*
989 * Rename stmp to shadow:
990 * 1. make sure /etc/oshadow is gone
991 * 2. ln /etc/shadow /etc/oshadow
992 * 3. mv /etc/stmp /etc/shadow
993 */
994 if (unlink(OSHADOW) && access(OSHADOW, 0) == 0) {
995 err = PWU_UPDATE_FAILED;
996 (void) unlink(SHADTEMP);
997 goto shadow_exit;
998 }
999
1000 if (link(SHADOW, OSHADOW) == -1) {
1001 err = PWU_UPDATE_FAILED;
1002 (void) unlink(SHADTEMP);
1003 goto shadow_exit;
1004 }
1005
1006 if (rename(SHADTEMP, SHADOW) == -1) {
1007 err = PWU_UPDATE_FAILED;
1008 (void) unlink(SHADTEMP);
1009 goto shadow_exit;
1010 }
1011 (void) unlink(OSHADOW);
1012
1013 shadow_exit:
1014 return (err);
1015 }
1016
1017 int
1018 files_update_passwd(char *name, struct passwd *pwd)
1019 {
1020 struct stat64 stbuf;
1021 FILE *src, *dst;
1022 int tempfd;
1023 struct passwd cur;
1024 char buf[PWD_SCRATCH_SIZE];
1025 int result;
1026 int err = PWU_SUCCESS;
1027
1028 if (stat64(PASSWD, &stbuf) < 0) {
1029 err = PWU_STAT_FAILED;
1030 goto passwd_exit;
1031 }
1032
1033 /* see files_update_shadow() for open()+fdopen() rationale */
1034
1035 if ((tempfd = open(PASSTEMP, O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) {
1036 err = PWU_OPEN_FAILED;
1037 goto passwd_exit;
1038 }
1039 if ((dst = fdopen(tempfd, "wF")) == NULL) {
1040 err = PWU_OPEN_FAILED;
1041 goto passwd_exit;
1042 }
1043 if ((src = fopen(PASSWD, "rF")) == NULL) {
1044 err = PWU_OPEN_FAILED;
1045 (void) fclose(dst);
1046 (void) unlink(PASSTEMP);
1047 goto passwd_exit;
1048 }
1049
1050 /*
1051 * copy old password entries to temporary file while replacing
1052 * the entry that matches "name"
1053 */
1054 while (fgetpwent_r(src, &cur, buf, sizeof (buf)) != NULL) {
1055 if (strcmp(cur.pw_name, name) == 0)
1056 result = putpwent(pwd, dst);
1057 else
1058 result = putpwent(&cur, dst);
1059 if (result != 0) {
1060 err = PWU_WRITE_FAILED;
1061 (void) fclose(src);
1062 (void) fclose(dst);
1063 goto passwd_exit;
1064 }
1065 }
1066
1067 (void) fclose(src);
1068 if (fclose(dst) != 0) {
1069 err = PWU_CLOSE_FAILED;
1070 goto passwd_exit; /* Don't trust the temporary file */
1071 }
1072
1073 /* Rename temp to passwd */
1074 if (unlink(OPASSWD) && access(OPASSWD, 0) == 0) {
1075 err = PWU_UPDATE_FAILED;
1076 (void) unlink(PASSTEMP);
1077 goto passwd_exit;
1078 }
1079
1080 if (link(PASSWD, OPASSWD) == -1) {
1081 err = PWU_UPDATE_FAILED;
1082 (void) unlink(PASSTEMP);
1083 goto passwd_exit;
1084 }
1085
1086 if (rename(PASSTEMP, PASSWD) == -1) {
1087 err = PWU_UPDATE_FAILED;
1088 (void) unlink(PASSTEMP);
1089 goto passwd_exit;
1090 }
1091
1092 (void) chmod(PASSWD, 0644);
1093
1094 passwd_exit:
1095 return (err);
1096
1097 }
1098
1099 /*
1100 * files_putpwnam(name, oldpw, rep, buf)
1101 *
1102 * store the password attributes contained in "buf" in /etc/passwd and
1103 * /etc/shadow.
1104 */
1105 /*ARGSUSED*/
1106 int
1107 files_putpwnam(char *name, char *oldpw, pwu_repository_t *rep, void *buf)
1108 {
1109 struct pwbuf *pwbuf = (struct pwbuf *)buf;
1110 int result = PWU_SUCCESS;
1111
1112 if (pwbuf->pwd) {
1113 result = files_update_passwd(name, pwbuf->pwd);
1114 }
1115
1116 if (result == PWU_SUCCESS && pwbuf->spwd) {
1117 if (pwbuf->update_history != 0) {
1118 debug("update_history = %d", pwbuf->update_history);
1119 result = files_update_history(name, pwbuf->spwd);
1120 } else {
1121 debug("no password change");
1122 }
1123 if (result == PWU_SUCCESS) {
1124 result = files_update_shadow(name, pwbuf->spwd);
1125 }
1126 }
1127
1128 if (pwbuf->pwd) {
1129 (void) memset(pwbuf->pwd, 0, sizeof (struct passwd));
1130 (void) memset(pwbuf->pwd_scratch, 0, PWD_SCRATCH_SIZE);
1131 free(pwbuf->pwd);
1132 free(pwbuf->pwd_scratch);
1133 }
1134 if (pwbuf->spwd) {
1135 (void) memset(pwbuf->spwd, 0, sizeof (struct spwd));
1136 (void) memset(pwbuf->spwd_scratch, 0, SPW_SCRATCH_SIZE);
1137 free(pwbuf->spwd);
1138 free(pwbuf->spwd_scratch);
1139 }
1140 if (pwbuf->new_sp_pwdp) {
1141 free(pwbuf->new_sp_pwdp);
1142 }
1143
1144 return (result);
1145 }
1146
1147 /*
1148 * NOTE: This is all covered under the repository lock held for updating
1149 * passwd(4) and shadow(4).
1150 */
1151 int
1152 files_update_history(char *name, struct spwd *spwd)
1153 {
1154 int histsize;
1155 int tmpfd;
1156 FILE *src; /* history database file */
1157 FILE *dst; /* temp history database being updated */
1158 struct stat64 statbuf;
1159 char buf[MAX_LOGNAME + MAXHISTORY +
1160 (MAXHISTORY * CRYPT_MAXCIPHERTEXTLEN)+1];
1161 int found;
1162
1163 if ((histsize = def_getint("HISTORY=", DEFHISTORY)) == 0) {
1164 debug("files_update_history(%s) no history, unlinking", name);
1165 (void) unlink(HISTORY);
1166 return (PWU_SUCCESS); /* no history update defined */
1167 }
1168 debug("files_update_history(%s, %s) histsize = %d", name, spwd->sp_pwdp,
1169 histsize);
1170
1171 if (histsize > MAXHISTORY)
1172 histsize = MAXHISTORY;
1173 if ((tmpfd = open(HISTEMP, O_WRONLY|O_CREAT|O_TRUNC, HISTMODE)) < 0) {
1174 return (PWU_OPEN_FAILED);
1175 }
1176 (void) fchown(tmpfd, (uid_t)0, (gid_t)0);
1177
1178 /* get ready to copy */
1179 if (((src = fopen(HISTORY, "rF")) == NULL) &&
1180 (errno != ENOENT)) {
1181 (void) unlink(HISTEMP);
1182 return (PWU_OPEN_FAILED);
1183 }
1184 if ((dst = fdopen(tmpfd, "wF")) == NULL) {
1185 (void) fclose(src);
1186 (void) unlink(HISTEMP);
1187 return (PWU_OPEN_FAILED);
1188 }
1189
1190 /* Copy and update if found. Add if not found. */
1191
1192 found = 0;
1193
1194 while ((src != NULL) &&
1195 (fgets(buf, sizeof (buf), src) != NULL)) {
1196 char *user;
1197 char *last;
1198
1199 /* get username field */
1200 user = strtok_r(buf, ":", &last);
1201
1202 #ifdef DEBUG
1203 debug("files_update_history: read=\"%s\"", user);
1204 #endif /* DEBUG */
1205
1206 if (strcmp(user, name) == 0) {
1207 char *crypt;
1208 int i;
1209
1210 /* found user, update */
1211 found++;
1212 (void) fprintf(dst, "%s:%s:", name, spwd->sp_pwdp);
1213 debug("files_update_history: update user\n"
1214 "\t%s:%s:", name, spwd->sp_pwdp);
1215
1216 /* get old crypted password history */
1217 for (i = 0; i < MAXHISTORY-1; i++) {
1218 crypt = strtok_r(NULL, ":", &last);
1219 if (crypt == NULL ||
1220 *crypt == '\n') {
1221 break;
1222 }
1223 (void) fprintf(dst, "%s:", crypt);
1224 debug("\t%d = %s:", i+1, crypt);
1225 }
1226 (void) fprintf(dst, "\n");
1227 } else {
1228
1229 /* copy other users to updated file */
1230 (void) fprintf(dst, "%s:%s", user, last);
1231 #ifdef DEBUG
1232 debug("files_update_history: copy line %s",
1233 user);
1234 #endif /* DEBUG */
1235 }
1236 }
1237
1238 if (found == 0) {
1239
1240 /* user not found, add to history file */
1241 (void) fprintf(dst, "%s:%s:\n", name, spwd->sp_pwdp);
1242 debug("files_update_history: add line\n"
1243 "\t%s:%s:", name, spwd->sp_pwdp);
1244 }
1245
1246 (void) fclose(src);
1247
1248 /* If something messed up in file system, loose the update */
1249 if (fclose(dst) != 0) {
1250
1251 debug("files_update_history: update file close failed %d",
1252 errno);
1253 (void) unlink(HISTEMP);
1254 return (PWU_CLOSE_FAILED);
1255 }
1256
1257 /*
1258 * rename history to ohistory,
1259 * rename tmp to history,
1260 * unlink ohistory.
1261 */
1262
1263 (void) unlink(OHISTORY);
1264
1265 if (stat64(OHISTORY, &statbuf) == 0 ||
1266 ((src != NULL) && (link(HISTORY, OHISTORY) != 0)) ||
1267 rename(HISTEMP, HISTORY) != 0) {
1268
1269 /* old history won't go away, loose the update */
1270 debug("files_update_history: update file rename failed %d",
1271 errno);
1272 (void) unlink(HISTEMP);
1273 return (PWU_UPDATE_FAILED);
1274 }
1275
1276 (void) unlink(OHISTORY);
1277 return (PWU_SUCCESS);
1278 }
unleashed repo fork