Usenet 1994 October

home *** CD-ROM | disk | FTP | other *** search

/ Usenet 1994 October / usenetsourcesnewsgroupsinfomagicoctober1994disk2.iso / misc / volume26 / shadow / part06 < prev next >

Wrap

Text File | 1991-11-24 | 53.9 KB | 2,495 lines

Newsgroups: comp.sources.misc From: jfh@rpp386.Cactus.ORG (John F Haugh II) Subject: v26i059: shadow - Shadow Password Suite, Part06/11 Message-ID: <1991Nov24.185105.20381@sparky.imd.sterling.com> X-Md4-Signature: 1c7fb7964010082151c3240166cbfc12 Date: Sun, 24 Nov 1991 18:51:05 GMT Approved: kent@sparky.imd.sterling.com Submitted-by: jfh@rpp386.Cactus.ORG (John F Haugh II) Posting-number: Volume 26, Issue 59 Archive-name: shadow/part06 Environment: UNIX Supersedes: shadow-2: Volume 06, Issue 22-24 #! /bin/sh # into a shell via "sh file" or similar. To overwrite existing files, # type "sh file -c". # The tool that generated this appeared in the comp.sources.unix newsgroup; # send mail to comp-sources-unix@uunet.uu.net if you want that tool. # Contents: chsh.c grent.c pwent.c smain.c userdel.c # Wrapped by kent@sparky on Sun Nov 24 11:03:42 1991 PATH=/bin:/usr/bin:/usr/ucb ; export PATH echo If this archive is complete, you will see the following message: echo ' "shar: End of archive 6 (of 11)."' if test -f 'chsh.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'chsh.c'\" else echo shar: Extracting \"'chsh.c'\" $10059 characters$ sed "s/^X//" >'chsh.c' <<'END_OF_FILE' X/* X * Copyright 1989, 1990, 1991, John F. Haugh II X * All rights reserved. X * X * Permission is granted to copy and create derivative works for any X * non-commercial purpose, provided this copyright notice is preserved X * in all copies of source code, or included in human readable form X * and conspicuously displayed on all copies of object code or X * distribution media. X */ X X#include <sys/types.h> X#include <stdio.h> X#include <fcntl.h> X#include <signal.h> X X#ifndef lint Xstatic char sccsid[] = "@(#)chsh.c 3.6 20:58:54 8/15/91"; X#endif X X/* X * Set up some BSD defines so that all the BSD ifdef's are X * kept right here X */ X X#ifndef BSD X#include <string.h> X#include <memory.h> X#else X#include <strings.h> X#define strchr index X#define strrchr rindex X#endif X X#include "config.h" X#include "pwd.h" X X#ifdef USE_SYSLOG X#include <syslog.h> X X#ifndef LOG_WARN X#define LOG_WARN LOG_WARNING X#endif X#endif X X/* X * Global variables. X */ X Xchar *Progname; /* Program name */ Xint amroot; /* Real UID is root */ Xchar loginsh[BUFSIZ]; /* Name of new login shell */ X X/* X * External identifiers X */ X Xextern struct passwd *getpwuid (); Xextern struct passwd *getpwnam (); Xextern void change_field (); Xextern int optind; Xextern char *optarg; Xextern char *getlogin (); X#ifdef NDBM Xextern int pw_dbm_mode; X#endif X X/* X * #defines for messages. This facilities foreign language conversion X * since all messages are defined right here. X */ X X#define USAGE "Usage: %s [ -s shell ] [ name ]\n" X#define WHOAREYOU "%s: Cannot determine you user name.\n" X#define UNKUSER "%s: Unknown user %s\n" X#define NOPERM "You may not change the shell for %s.\n" X#define NOPERM2 "can't change shell for `%s'\n" X#define NEWSHELLMSG "Changing the login shell for %s\n" X#define NEWSHELL "Login Shell" X#define NEWSHELLMSG2 \ X "Enter the new value, or press return for the default\n\n" X#define BADSHELL "%s is an invalid shell.\n" X#define BADFIELD "%s: Invalid entry: %s\n" X#define PWDBUSY "Cannot lock the password file; try again later.\n" X#define PWDBUSY2 "can't lock /etc/passwd\n" X#define OPNERROR "Cannot open the password file.\n" X#define OPNERROR2 "can't open /etc/passwd\n" X#define UPDERROR "Error updating the password entry.\n" X#define UPDERROR2 "error updating passwd entry\n" X#define DBMERROR "Error updating the DBM password entry.\n" X#define DBMERROR2 "error updating DBM passwd entry.\n" X#define NOTROOT "Cannot change ID to root.\n" X#define NOTROOT2 "can't setuid(0).\n" X#define CLSERROR "Cannot commit password file changes.\n" X#define CLSERROR2 "can't rewrite /etc/passwd.\n" X#define UNLKERROR "Cannot unlock the password file.\n" X#define UNLKERROR2 "can't unlock /etc/passwd.\n" X#define CHGSHELL "changed user `%s' shell to `%s'\n" X X/* X * usage - print command line syntax and exit X */ X Xvoid Xusage () X{ X fprintf (stderr, USAGE, Progname); X exit (1); X} X X/* X * new_fields - change the user's login shell information interactively X * X * prompt the user for the login shell and change it according to the X * response, or leave it alone if nothing was entered. X */ X Xnew_fields () X{ X printf (NEWSHELLMSG2); X change_field (loginsh, NEWSHELL); X} X X/* X * check_shell - see if the user's login shell is listed in /etc/shells X * X * The /etc/shells file is read for valid names of login shells. If the X * /etc/shells file does not exist the user cannot set any shell unless X * they are root. X */ X Xcheck_shell (shell) Xchar *shell; X{ X char buf[BUFSIZ]; X char *cp; X int found = 0; X FILE *fp; X X if (amroot) X return 1; X X if ((fp = fopen ("/etc/shells", "r")) == (FILE *) 0) X return 0; X X while (fgets (buf, BUFSIZ, fp) && ! found) { X if (cp = strrchr (buf, '\n')) X *cp = '\0'; X X if (strcmp (buf, shell) == 0) X found = 1; X } X fclose (fp); X X return found; X} X X/* X * restricted_shell - return true if the named shell begins with 'r' or 'R' X * X * If the first letter of the filename is 'r' or 'R', the shell is X * considered to be restricted. X */ X Xint Xrestricted_shell (shell) Xchar *shell; X{ X char *cp; X X if (cp = strrchr (shell, '/')) X cp++; X else X cp = shell; X X return *cp == 'r' || *cp == 'R'; X} X X/* X * chsh - this command controls changes to the user's shell X * X * The only suppoerted option is -s which permits the X * the login shell to be set from the command line. X */ X Xint Xmain (argc, argv) Xint argc; Xchar **argv; X{ X char user[BUFSIZ]; /* User name */ X int flag; /* Current command line flag */ X int sflg = 0; /* -s - set shell from command line */ X int i; /* Loop control variable */ X char *cp; /* Miscellaneous character pointer */ X struct passwd *pw; /* Password entry from /etc/passwd */ X struct passwd pwent; /* New password entry */ X X /* X * This command behaves different for root and non-root X * users. X */ X X amroot = getuid () == 0; X#ifdef NDBM X pw_dbm_mode = O_RDWR; X#endif X X /* X * Get the program name. The program name is used as a X * prefix to most error messages. It is also used as input X * to the openlog() function for error logging. X */ X X if (Progname = strrchr (argv[0], '/')) X Progname++; X else X Progname = argv[0]; X X#ifdef USE_SYSLOG X openlog (Progname, LOG_PID, LOG_AUTH); X#endif X X /* X * There is only one option, but use getopt() anyway to X * keep things consistent. X */ X X while ((flag = getopt (argc, argv, "s:")) != EOF) { X switch (flag) { X case 's': X sflg++; X strcpy (loginsh, optarg); X break; X default: X usage (); X } X } X X /* X * There should be only one remaining argument at most X * and it should be the user's name. X */ X X if (argc > optind + 1) X usage (); X X /* X * Get the name of the user to check. It is either X * the command line name, or the name getlogin() X * returns. X */ X X if (optind < argc) { X strncpy (user, argv[optind], sizeof user); X pw = getpwnam (user); X } else if (cp = getlogin ()) { X strncpy (user, cp, sizeof user); X pw = getpwnam (user); X } else { X fprintf (stderr, WHOAREYOU, Progname); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X X /* X * Make certain there was a password entry for the X * user. X */ X X if (! pw) { X fprintf (stderr, UNKUSER, Progname, user); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X X /* X * Non-privileged users are only allowed to change the X * shell if the UID of the user matches the current X * real UID. X */ X X if (! amroot && pw->pw_uid != getuid ()) { X fprintf (stderr, NOPERM, user); X#ifdef USE_SYSLOG X syslog (LOG_WARN, NOPERM2, user); X closelog (); X#endif X exit (1); X } X X /* X * Non-privileged users are only allowed to change the X * shell if it is not a restricted one. X */ X X if (! amroot && restricted_shell (pw->pw_shell)) { X fprintf (stderr, NOPERM, user); X#ifdef USE_SYSLOG X syslog (LOG_WARN, NOPERM2, user); X closelog (); X#endif X exit (1); X } X X /* X * Make a copy of the user's password file entry so it X * can be modified without worrying about it be modified X * elsewhere. X */ X X pwent = *pw; X pwent.pw_name = strdup (pw->pw_name); X pwent.pw_passwd = strdup (pw->pw_passwd); X#ifdef ATT_AGE X pwent.pw_age = strdup (pw->pw_age); X#endif X#ifdef ATT_COMMENT X pwent.pw_comment = strdup (pw->pw_comment); X#endif X pwent.pw_dir = strdup (pw->pw_dir); X pwent.pw_gecos = strdup (pw->pw_gecos); X X /* X * Now get the login shell. Either get it from the password X * file, or use the value from the command line. X */ X X if (! sflg) X strcpy (loginsh, pw->pw_shell); X X /* X * If the login shell was not set on the command line, X * let the user interactively change it. X */ X X if (! sflg) { X printf (NEWSHELLMSG, user); X new_fields (); X } X X /* X * Check all of the fields for valid information. The shell X * field may not contain any illegal characters. Non-privileged X * users are restricted to using the shells in /etc/shells. X */ X X if (valid_field (loginsh, ":,=")) { X fprintf (stderr, BADFIELD, Progname, loginsh); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X if (! check_shell (loginsh)) { X fprintf (stderr, BADSHELL, loginsh); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X pwent.pw_shell = loginsh; X pw = &pwent; X X /* X * Before going any further, raise the ulimit to prevent X * colliding into a lowered ulimit, and set the real UID X * to root to protect against unexpected signals. Any X * keyboard signals are set to be ignored. X */ X X ulimit (2, 30000); X if (setuid (0)) { X fprintf (stderr, NOTROOT); X#ifdef USE_SYSLOG X syslog (LOG_ERR, NOTROOT2); X closelog (); X#endif X exit (1); X } X signal (SIGHUP, SIG_IGN); X signal (SIGINT, SIG_IGN); X signal (SIGQUIT, SIG_IGN); X#ifdef SIGTSTP X signal (SIGTSTP, SIG_IGN); X#endif X X /* X * The passwd entry is now ready to be committed back to X * the password file. Get a lock on the file and open it. X */ X X for (i = 0;i < 30;i++) X if (pw_lock ()) X break; X X if (i == 30) { X fprintf (stderr, PWDBUSY); X#ifdef USE_SYSLOG X syslog (LOG_WARN, PWDBUSY2); X closelog (); X#endif X exit (1); X } X if (! pw_open (O_RDWR)) { X fprintf (stderr, OPNERROR); X (void) pw_unlock (); X#ifdef USE_SYSLOG X syslog (LOG_ERR, OPNERROR2); X closelog (); X#endif X exit (1); X } X X /* X * Update the passwd file entry. If there is a DBM file, X * update that entry as well. X */ X X if (! pw_update (pw)) { X fprintf (stderr, UPDERROR); X (void) pw_unlock (); X#ifdef USE_SYSLOG X syslog (LOG_ERR, UPDERROR2); X closelog (); X#endif X exit (1); X } X#if defined(DBM) || defined(NDBM) X if (access ("/etc/passwd.pag", 0) == 0 && ! pw_dbm_update (pw)) { X fprintf (stderr, DBMERROR); X (void) pw_unlock (); X#ifdef USE_SYSLOG X syslog (LOG_ERR, DBMERROR2); X closelog (); X#endif X exit (1); X } X endpwent (); X#endif X X /* X * Changes have all been made, so commit them and unlock the X * file. X */ X X if (! pw_close ()) { X fprintf (stderr, CLSERROR); X (void) pw_unlock (); X#ifdef USE_SYSLOG X syslog (LOG_ERR, CLSERROR2); X closelog (); X#endif X exit (1); X } X if (! pw_unlock ()) { X fprintf (stderr, UNLKERROR); X#ifdef USE_SYSLOG X syslog (LOG_ERR, UNLKERROR2); X closelog (); X#endif X exit (1); X } X#ifdef USE_SYSLOG X syslog (LOG_INFO, CHGSHELL, user, pwent.pw_shell); X closelog (); X#endif X exit (0); X} END_OF_FILE if test 10059 -ne `wc -c <'chsh.c'`; then echo shar: \"'chsh.c'\" unpacked with wrong size! fi # end of 'chsh.c' fi if test -f 'grent.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'grent.c'\" else echo shar: Extracting \"'grent.c'\" $9510 characters$ sed "s/^X//" >'grent.c' <<'END_OF_FILE' X/* X * Copyright 1990, 1991, John F. Haugh II X * All rights reserved. X * X * Permission is granted to copy and create derivative works for any X * non-commercial purpose, provided this copyright notice is preserved X * in all copies of source code, or included in human readable form X * and conspicuously displayed on all copies of object code or X * distribution media. X */ X X#include <stdio.h> X#include <grp.h> X#ifdef BSD X#include <strings.h> X#define strchr index X#define strrchr rindex X#else /* !BSD */ X#include <string.h> X#endif /* BSD */ X#include "config.h" X X#ifdef AUTOSHADOW X#include "shadow.h" X#endif /* AUTOSHADOW */ X X#ifdef NDBM X#include <ndbm.h> X#include <fcntl.h> XDBM *gr_dbm; Xint gr_dbm_mode = -1; X#endif /* NDBM */ X X#ifndef lint Xstatic char sccsid[] = "@(#)grent.c 3.10 08:45:25 9/12/91"; X#endif /* !lint */ X X#define NFIELDS 4 X#define MAXMEM 1024 X Xstatic char grpbuf[4*BUFSIZ]; Xstatic char *grpfields[NFIELDS]; Xstatic char *members[MAXMEM+1]; Xstatic struct group grent; X Xstatic FILE *grpfp; Xstatic char *grpfile = GRPFILE; X#ifdef NDBM Xstatic int dbmopened; Xstatic int dbmerror; X#endif /* NDBM */ X Xchar * Xfgetsx (buf, cnt, f) Xchar *buf; Xint cnt; XFILE *f; X{ X char *cp = buf; X char *ep; X X while (cnt > 0) { X if (fgets (cp, cnt, f) == 0) X if (cp == buf) X return 0; X else X break; X X if ((ep = strrchr (cp, '\\')) && *(ep + 1) == '\n') { X if ((cnt -= ep - cp) > 0) X *(cp = ep) = '\0'; X } else X break; X } X return buf; X} X Xint Xfputsx (s, stream) Xchar *s; XFILE *stream; X{ X int i; X X for (i = 0;*s;i++, s++) { X if (putc (*s, stream) == EOF) X return EOF; X X if (i > (BUFSIZ/2)) { X if (putc ('\\', stream) == EOF || X putc ('\n', stream) == EOF) X return EOF; X X i = 0; X } X } X return 0; X} X Xstatic char ** Xlist (s) Xchar *s; X{ X int nmembers = 0; X X while (s && *s) { X members[nmembers++] = s; X if (s = strchr (s, ',')) X *s++ = '\0'; X } X members[nmembers] = (char *) 0; X return members; X} X Xstruct group *sgetgrent (buf) Xchar *buf; X{ X int i; X char *cp; X X strncpy (grpbuf, buf, sizeof grpbuf); X grpbuf[sizeof grpbuf - 1] = '\0'; X if (cp = strrchr (grpbuf, '\n')) X *cp = '\0'; X X for (cp = grpbuf, i = 0;i < NFIELDS && cp;i++) { X grpfields[i] = cp; X if (cp = strchr (cp, ':')) X *cp++ = 0; X } X if (i < (NFIELDS-1) || *grpfields[2] == '\0') X return ((struct group *) 0); X X grent.gr_name = grpfields[0]; X grent.gr_passwd = grpfields[1]; X grent.gr_gid = atoi (grpfields[2]); X grent.gr_mem = list (grpfields[3]); X X return (&grent); X} X Xint Xputgrent (g, f) Xstruct group *g; XFILE *f; X{ X int i; X char *cp; X char buf[BUFSIZ*4]; X X if (! g || ! f) X return -1; X X sprintf (buf, "%s:%s:%d:", g->gr_name, g->gr_passwd, g->gr_gid); X if (g->gr_mem) { X cp = strchr (buf, '\0'); X for (i = 0;g->gr_mem[i];i++) { X if ((cp - buf) + strlen (g->gr_mem[i]) + 2 X >= sizeof buf) X return -1; X X if (i > 0) { X strcpy (cp, ","); X cp++; X } X strcpy (cp, g->gr_mem[i]); X cp = strchr (cp, '\0'); X } X strcat (cp, "\n"); X } else X strcat (buf, "\n"); X X if (fputsx (buf, f) == EOF || ferror (f)) X return -1; X X return 0; X} X X/* X * fgetgrent - get a group file entry from a stream X * X * fgetgrent() reads the next line from a group file formatted stream X * and returns a pointer to the group structure for that line. X */ X Xstruct group *fgetgrent (fp) XFILE *fp; X{ X char buf[BUFSIZ*4]; X char *cp; X X if (fgetsx (buf, sizeof buf, fp) != (char *) 0) { X if (cp = strchr (buf, '\n')) X *cp = '\0'; X X return (sgetgrent (buf)); X } X return 0; X} X X/* X * endgrent - close a group file X * X * endgrent() closes the group file if open. X */ X Xint endgrent () X{ X if (grpfp) X if (fclose (grpfp)) X return -1; X X grpfp = 0; X#ifdef NDBM X if (dbmopened && gr_dbm) { X dbm_close (gr_dbm); X gr_dbm = 0; X } X dbmopened = 0; X dbmerror = 0; X#endif /* NDBM */ X return 0; X} X X/* X * getgrent - get a group entry from the group file X * X * getgrent() opens the group file, if not already opened, and reads X * a single entry. NULL is returned if any errors are encountered reading X * the group file. X */ X Xstruct group *getgrent () X{ X if (! grpfp && setgrent ()) X return 0; X X return fgetgrent (grpfp); X} X X/* X * getgrgid - locate the group entry for a given GID X * X * getgrgid() locates the first group file entry for the given GID. X * If there is a valid DBM file, the DBM files are queried first for X * the entry. Otherwise, a linear search is begun of the group file X * searching for an entry which matches the provided GID. X */ X Xstruct group *getgrgid (gid) Xint gid; X{ X struct group *grp; X#ifdef NDBM X datum key; X datum content; X int cnt; X int i; X char *cp; X char grpkey[64]; X#endif /* NDBM */ X#ifdef AUTOSHADOW X struct sgrp *sgrp; X#endif /* AUTOSHADOW */ X X if (setgrent ()) X return 0; X X#ifdef NDBM X X /* X * If the DBM file are now open, create a key for this GID and X * try to fetch the entry from the database. A matching record X * will be unpacked into a static structure and returned to X * the user. X */ X X if (dbmopened) { X grent.gr_gid = gid; X key.dsize = sizeof grent.gr_gid; X key.dptr = (char *) &grent.gr_gid; X content = dbm_fetch (gr_dbm, key); X if (content.dptr == 0) X return 0; X X if (content.dsize == sizeof (int)) { X memcpy ((char *) &cnt, content.dptr, content.dsize); X for (cp = grpbuf, i = 0;i < cnt;i++) { X memcpy (grpkey, (char *) &i, (int) sizeof i); X memcpy (grpkey + sizeof i, X (char *) &grent.gr_gid, X (int) sizeof grent.gr_gid); X X key.dsize = sizeof i + sizeof grent.gr_gid; X key.dptr = grpkey; X X content = dbm_fetch (gr_dbm, key); X if (content.dptr == 0) X return 0; X X memcpy (cp, content.dptr, content.dsize); X cp += content.dsize; X } X grent.gr_mem = members; X gr_unpack (grpbuf, cp - grpbuf, &grent); X#ifdef AUTOSHADOW X if (sgrp = getsgnam (grent.gr_name)) { X grent.gr_passwd = sgrp->sg_passwd; X grent.gr_mem = sgrp->sg_mem; X } X#endif /* AUTOSHADOW */ X return &grent; X } else { X grent.gr_mem = members; X memcpy (grpbuf, content.dptr, content.dsize); X gr_unpack (grpbuf, content.dsize, &grent); X#ifdef AUTOSHADOW X if (sgrp = getsgnam (grent.gr_name)) { X grent.gr_passwd = sgrp->sg_passwd; X grent.gr_mem = sgrp->sg_mem; X } X#endif /* AUTOSHADOW */ X return &grent; X } X } X#endif /* NDBM */ X /* X * Search for an entry which matches the GID. Return the X * entry when a match is found. X */ X X while (grp = getgrent ()) X if (grp->gr_gid == gid) X break; X X#ifdef AUTOSHADOW X if (grp) { X if (sgrp = getsgnam (grent.gr_name)) { X grp->gr_passwd = sgrp->sg_passwd; X grp->gr_mem = sgrp->sg_mem; X } X } X#endif /* AUTOSHADOW */ X return grp; X} X Xstruct group *getgrnam (name) Xchar *name; X{ X struct group *grp; X#ifdef NDBM X datum key; X datum content; X int cnt; X int i; X char *cp; X char grpkey[64]; X#endif /* NDBM */ X#ifdef AUTOSHADOW X struct sgrp *sgrp; X#endif /* AUTOSHADOW */ X X if (setgrent ()) X return 0; X X#ifdef NDBM X X /* X * If the DBM file are now open, create a key for this GID and X * try to fetch the entry from the database. A matching record X * will be unpacked into a static structure and returned to X * the user. X */ X X if (dbmopened) { X key.dsize = strlen (name); X key.dptr = name; X content = dbm_fetch (gr_dbm, key); X if (content.dptr == 0) X return 0; X X if (content.dsize == sizeof (int)) { X memcpy ((char *) &cnt, content.dptr, content.dsize); X for (cp = grpbuf, i = 0;i < cnt;i++) { X memcpy (grpkey, (char *) &i, (int) sizeof i); X strcpy (grpkey + sizeof i, name); X X key.dsize = sizeof i + strlen (name); X key.dptr = grpkey; X X content = dbm_fetch (gr_dbm, key); X if (content.dptr == 0) X return 0; X X memcpy (cp, content.dptr, content.dsize); X cp += content.dsize; X } X grent.gr_mem = members; X gr_unpack (grpbuf, cp - grpbuf, &grent); X#ifdef AUTOSHADOW X if (sgrp = getsgnam (grent.gr_name)) { X grent.gr_passwd = sgrp->sg_passwd; X grent.gr_mem = sgrp->sg_mem; X } X#endif /* AUTOSHADOW */ X return &grent; X } else { X grent.gr_mem = members; X memcpy (grpbuf, content.dptr, content.dsize); X gr_unpack (grpbuf, content.dsize, &grent); X#ifdef AUTOSHADOW X if (sgrp = getsgnam (grent.gr_name)) { X grent.gr_passwd = sgrp->sg_passwd; X grent.gr_mem = sgrp->sg_mem; X } X#endif /* AUTOSHADOW */ X return &grent; X } X } X#endif /* NDBM */ X /* X * Search for an entry which matches the name. Return the X * entry when a match is found. X */ X X while (grp = getgrent ()) X if (strcmp (grp->gr_name, name) == 0) X break; X X#ifdef AUTOSHADOW X if (grp) { X if (sgrp = getsgnam (grent.gr_name)) { X grp->gr_passwd = sgrp->sg_passwd; X grp->gr_mem = sgrp->sg_mem; X } X } X#endif /* AUTOSHADOW */ X return grp; X} X X/* X * setgrent - open the group file X * X * setgrent() opens the system group file, and the DBM group files X * if they are present. The system group file is rewound if it was X * open already. X */ X Xint Xsetgrent () X{ X#ifdef NDBM X int mode; X#endif /* NDBM */ X X if (! grpfp) { X if (! (grpfp = fopen (grpfile, "r"))) X return -1; X } else { X if (fseek (grpfp, 0L, 0) != 0) X return -1; X } X X /* X * Attempt to open the DBM files if they have never been opened X * and an error has never been returned. X */ X X#ifdef NDBM X if (! dbmerror && ! dbmopened) { X char dbmfiles[BUFSIZ]; X X strcpy (dbmfiles, grpfile); X strcat (dbmfiles, ".pag"); X if (gr_dbm_mode == -1) X mode = O_RDONLY; X else X mode = (gr_dbm_mode == O_RDONLY || X gr_dbm_mode == O_RDWR) ? gr_dbm_mode:O_RDONLY; X X if (access (dbmfiles, 0) || X (! (gr_dbm = dbm_open (grpfile, mode, 0)))) X dbmerror = 1; X else X dbmopened = 1; X } X#endif /* NDBM */ X return 0; X} END_OF_FILE if test 9510 -ne `wc -c <'grent.c'`; then echo shar: \"'grent.c'\" unpacked with wrong size! fi # end of 'grent.c' fi if test -f 'pwent.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'pwent.c'\" else echo shar: Extracting \"'pwent.c'\" $10165 characters$ sed "s/^X//" >'pwent.c' <<'END_OF_FILE' X/* X * Copyright 1989, 1990, 1991 John F. Haugh II X * All rights reserved. X * X * Permission is granted to copy and create derivative works for any X * non-commercial purpose, provided this copyright notice is preserved X * in all copies of source code, or included in human readable form X * and conspicuously displayed on all copies of object code or X * distribution media. X */ X X#include <stdio.h> X#include "pwd.h" X#ifdef BSD X#include <strings.h> X#define strchr index X#define strrchr rindex X#else X#include <string.h> X#endif X#include "config.h" X X/* X * If AUTOSHADOW is enable, the getpwnam and getpwuid calls will X * fill in the pw_passwd and pw_age fields from the passwd and X * shadow files. X */ X X#if defined(AUTOSHADOW) && !defined(SHADOWPWD) X#undef AUTOSHADOW X#endif X#ifdef AUTOSHADOW X#include "shadow.h" X#endif X X/* X * If DBM or NDBM is enabled, the getpwnam and getpwuid calls will X * go to the database files to look for the requested entries. X */ X X#ifdef DBM X#include <dbm.h> X#endif X#ifdef NDBM X#include <ndbm.h> X#include <fcntl.h> XDBM *pw_dbm; Xint pw_dbm_mode = -1; X#endif X X/* X * ITI-style aging uses time_t's as the time fields, while X * AT&T-style aging uses long numbers of days. X */ X X#ifdef ITI_AGING X#define WEEK (7L*24L*3600L) X#else X#define WEEK 7 X#endif X X#ifndef lint Xstatic char sccsid[] = "@(#)pwent.c 3.6 08:09:35 7/15/91"; X#endif X X#define SBUFSIZ 64 X#define NFIELDS 7 X Xstatic FILE *pwdfp; Xstatic char pwdbuf[BUFSIZ]; Xstatic char *pwdfile = PWDFILE; X#if defined(DBM) || defined(NDBM) Xstatic int dbmopened; Xstatic int dbmerror; X#endif Xstatic char *pwdfields[NFIELDS]; Xstatic struct passwd pwent; X X#if defined(AUTOSHADOW) && defined(ATT_AGE) X/* X * sptopwage - convert shadow ages to AT&T-style pw_age ages X * X * sptopwage() converts the values in the shadow password X * entry to the format used in the old-style password X * entry. X */ X Xstatic char * Xsptopwage (spwd) Xstruct spwd *spwd; X{ X static char age[5]; X long min; X long max; X long last; X X if ((min = (spwd->sp_min / WEEK)) < 0) X min = 0; X else if (min >= 64) X min = 63; X X if ((max = (spwd->sp_max / WEEK)) < 0) X max = 0; X else if (max >= 64) X max = 63; X X if ((last = (spwd->sp_lstchg / WEEK)) < 0) X last = 0; X else if (last >= 4096) X last = 4095; X X age[0] = i64c (max); X age[1] = i64c (min); X age[2] = i64c (last % 64); X age[3] = i64c (last / 64); X age[4] = '\0'; X return age; X} X#endif X X/* X * sgetpwent - convert a string to a (struct passwd) X * X * sgetpwent() parses a string into the parts required for a password X * structure. Strict checking is made for the UID and GID fields and X * presence of the correct number of colons. Any failing tests result X * in a NULL pointer being returned. X */ X Xstruct passwd * Xsgetpwent (buf) Xchar *buf; X{ X int i; X char *cp; X X /* X * Copy the string to a static buffer so the pointers into X * the password structure remain valid. X */ X X strncpy (pwdbuf, buf, BUFSIZ); X pwdbuf[BUFSIZ-1] = '\0'; X X /* X * Save a pointer to the start of each colon separated X * field. The fields are converted into NUL terminated strings. X */ X X for (cp = pwdbuf, i = 0;i < NFIELDS && cp;i++) { X pwdfields[i] = cp; X if (cp = strchr (cp, ':')) X *cp++ = 0; X } X X /* X * There must be exactly NFIELDS colon separated fields or X * the entry is invalid. Also, the UID and GID must be non-blank. X */ X X if (i != NFIELDS || *pwdfields[2] == '\0' || *pwdfields[3] == '\0') X return 0; X X /* X * Each of the fields is converted the appropriate data type X * and the result assigned to the password structure. If the X * UID or GID does not convert to an integer value, a NULL X * pointer is returned. X */ X X pwent.pw_name = pwdfields[0]; X pwent.pw_passwd = pwdfields[1]; X if ((pwent.pw_uid = strtol (pwdfields[2], &cp, 10)) == 0 && *cp) X return 0; X X if ((pwent.pw_gid = strtol (pwdfields[3], &cp, 10)) == 0 && *cp) X return 0; X#ifdef ATT_AGE X if (cp = strchr (pwent.pw_passwd, ',')) { X pwent.pw_age = cp + 1; X *cp = '\0'; X } else X pwent.pw_age = ""; X#endif X pwent.pw_gecos = pwdfields[4]; X#ifdef ATT_COMMENT X pwent.pw_comment = ""; X#endif X pwent.pw_dir = pwdfields[5]; X pwent.pw_shell = pwdfields[6]; X X return (&pwent); X} X X/* X * fgetpwent - get a password file entry from a stream X * X * fgetpwent() reads the next line from a password file formatted stream X * and returns a pointer to the password structure for that line. X */ X Xstruct passwd * Xfgetpwent (fp) XFILE *fp; X{ X char buf[BUFSIZ]; X X while (fgets (buf, BUFSIZ, fp) != (char *) 0) { X buf[strlen (buf) - 1] = '\0'; X return (sgetpwent (buf)); X } X return 0; X} X X/* X * endpwent - close a password file X * X * endpwent() closes the password file if open. if autoshadowing is X * enabled the system must also end access to the shadow files since X * the user is probably unaware it was ever accessed. X */ X Xint Xendpwent () X{ X if (pwdfp) X if (fclose (pwdfp)) X return -1; X X pwdfp = 0; X#ifdef NDBM X if (dbmopened && pw_dbm) { X dbm_close (pw_dbm); X dbmopened = 0; X dbmerror = 0; X pw_dbm = 0; X } X#endif X#ifdef AUTOSHADOW X endspent (); X#endif X return 0; X} X X/* X * getpwent - get a password entry from the password file X * X * getpwent() opens the password file, if not already opened, and reads X * a single entry. NULL is returned if any errors are encountered reading X * the password file. X */ X Xstruct passwd * Xgetpwent () X{ X if (! pwdfp && setpwent ()) X return 0; X X return fgetpwent (pwdfp); X} X X/* X * getpwuid - locate the password entry for a given UID X * X * getpwuid() locates the first password file entry for the given UID. X * If there is a valid DBM file, the DBM files are queried first for X * the entry. Otherwise, a linear search is begun of the password file X * searching for an entry which matches the provided UID. X */ X Xstruct passwd * Xgetpwuid (uid) Xint uid; X{ X struct passwd *pwd; X#if defined(DBM) || defined(NDBM) X datum key; X datum content; X#endif X#ifdef AUTOSHADOW X struct spwd *spwd; X#endif X X if (setpwent ()) X return 0; X X#if defined(DBM) || defined(NDBM) X X /* X * If the DBM file are now open, create a key for this UID and X * try to fetch the entry from the database. A matching record X * will be unpacked into a static structure and returned to X * the user. X */ X X if (dbmopened) { X pwent.pw_uid = uid; X key.dsize = sizeof pwent.pw_uid; X key.dptr = (char *) &pwent.pw_uid; X#ifdef DBM X content = fetch (key); X#endif X#ifdef NDBM X content = dbm_fetch (pw_dbm, key); X#endif X if (content.dptr != 0) { X memcpy (pwdbuf, content.dptr, content.dsize); X pw_unpack (pwdbuf, content.dsize, &pwent); X#ifdef AUTOSHADOW X if (spwd = getspnam (pwent.pw_name)) { X pwent.pw_passwd = spwd->sp_pwdp; X#ifdef ATT_AGE X pwent.pw_age = sptopwage (spwd); X#endif X } X#endif X return &pwent; X } X } X#endif X /* X * Search for an entry which matches the UID. Return the X * entry when a match is found. X */ X X while (pwd = getpwent ()) X if (pwd->pw_uid == uid) X break; X X#ifdef AUTOSHADOW X if (pwd && (spwd = getspnam (pwd->pw_name))) { X pwd->pw_passwd = spwd->sp_pwdp; X#ifdef ATT_AGE X pwd->pw_age = sptopwage (spwd); X#endif X } X#endif X return pwd; X} X X/* X * getpwnam - locate the password entry for a given name X * X * getpwnam() locates the first password file entry for the given name. X * If there is a valid DBM file, the DBM files are queried first for X * the entry. Otherwise, a linear search is begun of the password file X * searching for an entry which matches the provided name. X */ X Xstruct passwd * Xgetpwnam (name) Xchar *name; X{ X struct passwd *pwd; X#if defined(DBM) || defined(NDBM) X datum key; X datum content; X#endif X#ifdef AUTOSHADOW X struct spwd *spwd; X#endif X X if (setpwent ()) X return 0; X X#if defined(DBM) || defined(NDBM) X X /* X * If the DBM file are now open, create a key for this UID and X * try to fetch the entry from the database. A matching record X * will be unpacked into a static structure and returned to X * the user. X */ X X if (dbmopened) { X key.dsize = strlen (name); X key.dptr = name; X#ifdef DBM X content = fetch (key); X#endif X#ifdef NDBM X content = dbm_fetch (pw_dbm, key); X#endif X if (content.dptr != 0) { X memcpy (pwdbuf, content.dptr, content.dsize); X pw_unpack (pwdbuf, content.dsize, &pwent); X#ifdef AUTOSHADOW X if (spwd = getspnam (pwent.pw_name)) { X pwent.pw_passwd = spwd->sp_pwdp; X#ifdef ATT_AGE X pwent.pw_age = sptopwage (spwd); X#endif X } X#endif X return &pwent; X } X } X#endif X /* X * Search for an entry which matches the name. Return the X * entry when a match is found. X */ X X while (pwd = getpwent ()) X if (strcmp (pwd->pw_name, name) == 0) X break; X X#ifdef AUTOSHADOW X if (pwd && (spwd = getspnam (pwd->pw_name))) { X pwd->pw_passwd = spwd->sp_pwdp; X#ifdef ATT_AGE X pwd->pw_age = sptopwage (spwd); X#endif X } X#endif X return pwd; X} X X/* X * setpwent - open the password file X * X * setpwent() opens the system password file, and the DBM password files X * if they are present. The system password file is rewound if it was X * open already. X */ X Xint Xsetpwent () X{ X#ifdef NDBM X int mode; X#endif X X if (! pwdfp) { X if (! (pwdfp = fopen (pwdfile, "r"))) X return -1; X } else { X if (fseek (pwdfp, 0L, 0) != 0) X return -1; X } X X /* X * Attempt to open the DBM files if they have never been opened X * and an error has never been returned. X */ X X#if defined (DBM) || defined (NDBM) X if (! dbmerror && ! dbmopened) { X char dbmfiles[BUFSIZ]; X X strcpy (dbmfiles, pwdfile); X strcat (dbmfiles, ".pag"); X#ifdef NDBM X if (pw_dbm_mode == -1) X mode = O_RDONLY; X else X mode = (pw_dbm_mode == O_RDONLY || X pw_dbm_mode == O_RDWR) ? pw_dbm_mode:O_RDONLY; X#endif X#ifdef DBM X if (access (dbmfiles, 0) || dbminit (pwdfile)) X#endif X#ifdef NDBM X if (access (dbmfiles, 0) || X (! (pw_dbm = dbm_open (pwdfile, mode, 0)))) X#endif X dbmerror = 1; X else X dbmopened = 1; X } X#endif X return 0; X} X X#ifdef SUN X X/* X * putpwent - Output a (struct passwd) in character format X * X * putpwent() writes out a (struct passwd) in the format it appears X * in in flat ASCII files. X * X * (Author: Dr. Micheal Newberry) X */ X Xint Xputpwent (p, f) Xstruct passwd *p; XFILE *f; X{ X return (fprintf (f, "%s:%s:%d:%d:%s,%s:%s:%s\n", X p->pw_name, p->pw_passwd, p->pw_uid, p->pw_gid, X p->pw_gecos, p->pw_comment, p->pw_dir, p->pw_shell) == EOF); X} X#endif /* SUN */ END_OF_FILE if test 10165 -ne `wc -c <'pwent.c'`; then echo shar: \"'pwent.c'\" unpacked with wrong size! fi # end of 'pwent.c' fi if test -f 'smain.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'smain.c'\" else echo shar: Extracting \"'smain.c'\" $9918 characters$ sed "s/^X//" >'smain.c' <<'END_OF_FILE' X/* X * Copyright 1989, 1990, 1991, John F. Haugh II X * All rights reserved. X * X * Permission is granted to copy and create derivative works for any X * non-commercial purpose, provided this copyright notice is preserved X * in all copies of source code, or included in human readable form X * and conspicuously displayed on all copies of object code or X * distribution media. X */ X X#include <sys/types.h> X#include <stdio.h> X X#ifndef lint Xstatic char sccsid[] = "@(#)smain.c 3.9 08:27:43 10/31/91"; X#endif X X/* X * Set up some BSD defines so that all the BSD ifdef's are X * kept right here X */ X X#ifdef USG X#include <string.h> X#include <memory.h> X#define bzero(a,n) memset(a, 0, n) X#include <termio.h> X#else X#include <strings.h> X#include <sgtty.h> X#define strchr index X#define strrchr rindex X#endif X X#include <signal.h> X#include "config.h" X#include "lastlog.h" X#include "pwd.h" X#include "shadow.h" X X#ifdef USE_SYSLOG X#include <syslog.h> X X/*VARARGS*/ int syslog(); X X#ifndef LOG_WARN X#define LOG_WARN LOG_WARNING X#endif /* !LOG_WARN */ X#endif /* USE_SYSLOG */ X X/* X * Password aging constants X * X * DAY - seconds in a day X * WEEK - seconds in a week X * SCALE - convert from clock to aging units X */ X X#define DAY (24L*3600L) X#define WEEK (7L*DAY) X X#ifdef ITI_AGING X#define SCALE (1) X#else X#define SCALE DAY X#endif X X/* X * Assorted #defines to control su's behavior X */ X X#ifndef MAXENV X#define MAXENV 128 X#endif X X/* X * Global variables X */ X Xchar hush[BUFSIZ]; Xchar name[BUFSIZ]; Xchar pass[BUFSIZ]; Xchar home[BUFSIZ]; Xchar prog[BUFSIZ]; Xchar mail[BUFSIZ]; Xchar oldname[BUFSIZ]; Xchar *newenvp[MAXENV]; Xchar *Prog; Xint newenvc = 0; Xint maxenv = MAXENV; Xstruct passwd pwent; X X/* X * External identifiers X */ X Xextern void addenv (); Xextern void entry (); Xextern void sulog (); Xextern void subsystem (); Xextern void setup (); Xextern void motd (); Xextern void mailcheck (); Xextern void shell (); Xextern char *ttyname (); Xextern char *getenv (); Xextern char *getpass (); Xextern char *tz (); Xextern char *pw_encrypt(); Xextern struct passwd *getpwuid (); Xextern struct passwd *getpwnam (); Xextern struct spwd *getspnam (); Xextern char *getdef_str(); Xextern int getdef_bool(); Xextern char **environ; X X/* X * die - set or reset termio modes. X * X * die() is called before processing begins. signal() is then X * called with die() as the signal handler. If signal later X * calls die() with a signal number, the terminal modes are X * then reset. X */ X Xvoid die (killed) Xint killed; X{ X#ifdef BSD X static struct sgtty sgtty; X X if (killed) X stty (0, &sgtty); X else X gtty (0, &sgtty); X#else X static struct termio sgtty; X X if (killed) X ioctl (0, TCSETA, &sgtty); X else X ioctl (0, TCGETA, &sgtty); X#endif X if (killed) { X#ifdef USE_SYSLOG X closelog (); X#endif X exit (killed); X } X} X X/* X * su - switch user id X * X * su changes the user's ids to the values for the specified user. X * if no new user name is specified, "root" is used by default. X * X * The only valid option is a "-" character, which is interpreted X * as requiring a new login session to be simulated. X * X * Any additional arguments are passed to the user's shell. In X * particular, the argument "-c" will cause the next argument to X * be interpreted as a command by the common shell programs. X */ X Xint main (argc, argv, envp) Xint argc; Xchar **argv; Xchar **envp; X{ X SIGTYPE (*oldsig)(); X char *cp; X char *tty = 0; /* Name of tty SU is run from */ X int doshell = 0; X int fakelogin = 0; X int amroot = 0; X struct passwd *pw = 0; X struct spwd *spwd = 0; X X /* X * Get the program name. The program name is used as a X * prefix to most error messages. It is also used as input X * to the openlog() function for error logging. X */ X X if (Prog = strrchr (argv[0], '/')) X Prog++; X else X Prog = argv[0]; X X#ifdef USE_SYSLOG X openlog (Prog, LOG_PID|LOG_CONS|LOG_NOWAIT, LOG_AUTH); X#endif X X /* X * Get the tty name. Entries will be logged indicating that X * the user tried to change to the named new user from the X * current terminal. X */ X X if (isatty (0) && (cp = ttyname (0))) { X if (strncmp (cp, "/dev/", 5) == 0) X tty = cp + 5; X else X tty = cp; X } else X tty = "???"; X X /* X * Process the command line arguments. X */ X X argc--; argv++; /* shift out command name */ X X if (argc > 0 && argv[0][0] == '-' && argv[0][1] == '\0') { X fakelogin = 1; X argc--; argv++; /* shift ... */ X } X X /* X * If a new login is being set up, the old environment will X * be ignored and a new one created later on. X */ X X if (! fakelogin) X while (*envp) X addenv (*envp++); X X if (fakelogin && (cp=getdef_str("ENV_TZ"))) X addenv (*cp == '/' ? tz(cp) : cp); X X /* X * The clock frequency will be reset to the login value if required X */ X X if (fakelogin && (cp=getdef_str("ENV_HZ")) ) X addenv (cp); /* set the default $HZ, if one */ X X /* X * The next argument must be either a user ID, or some flag to X * a subshell. Pretty sticky since you can't have an argument X * which doesn't start with a "-" unless you specify the new user X * name. Any remaining arguments will be passed to the user's X * login shell. X */ X X if (argc > 0 && argv[0][0] != '-') { X (void) strcpy (name, argv[0]); /* use this login id */ X argc--; argv++; /* shift ... */ X } X if (! name[0]) /* use default user ID */ X (void) strcpy (name, "root"); X X doshell = argc == 0; /* any arguments remaining? */ X X /* X * Get the user's real name. The current UID is used to determine X * who has executed su. That user ID must exist. X */ X X if (pw = getpwuid (getuid ())) /* need old user name */ X (void) strcpy (oldname, pw->pw_name); X else { /* user ID MUST exist */ X#ifdef USE_SYSLOG X syslog (LOG_CRIT, "Unknown UID: %d\n", getuid ()); X#endif X goto failure; X } X amroot = getuid () == 0; /* currently am super user */ X Xtop: X /* X * This is the common point for validating a user whose name X * is known. It will be reached either by normal processing, X * or if the user is to be logged into a subsystem root. X * X * The password file entries for the user is gotten and the X * accont validated. X */ X X if (pw = getpwnam (name)) { X if (spwd = getspnam (name)) X pw->pw_passwd = spwd->sp_pwdp; X } else { X (void) fprintf (stderr, "Unknown id: %s\n", name); X#ifdef USE_SYSLOG X closelog (); X#endif X exit (1); X } X pwent = *pw; X X /* X * See if the account is usable for anything but login. X */ X X cp = getdef_str("NOLOGIN_STR"); X if (cp != NULL && strcmp (pwent.pw_shell, cp) == 0) X pwent.pw_shell = getenv ("SHELL"); X X /* X * Set the default shell. X */ X X if (pwent.pw_shell == 0 || pwent.pw_shell[0] == '\0') X pwent.pw_shell = "/bin/sh"; X X /* X * Set up a signal handler in case the user types QUIT. X */ X X die (0); X oldsig = signal (SIGQUIT, die); X X /* X * Get the password from the invoker X */ X X if (! amroot && pwent.pw_passwd[0]) { X if (! (cp = getpass ("Password:"))) { X#ifdef USE_SYSLOG X syslog (pwent.pw_uid ? LOG_WARN:LOG_CRIT, X "Unable to get password for %s\n", name); X#endif X goto failure; X } else X (void) strncpy (pass, cp, sizeof pass); X } else X bzero (pass, sizeof pass); X X /* X * check encrypted passwords ... X */ X X if (! amroot && ((pass[0] != '\0' || pwent.pw_passwd[0] != '\0') && X strcmp (pwent.pw_passwd, X pw_encrypt (pass, pwent.pw_passwd)) != 0)) { X#ifdef USE_SYSLOG X syslog (pwent.pw_uid ? LOG_WARN:LOG_CRIT, X "Invalid password for %s\n", name); X#endif Xfailure: sulog (0); /* log failed attempt */ X puts ("Sorry."); X#ifdef USE_SYSLOG X if ( getdef_bool("SYSLOG_SU_ENAB") ) X syslog (pwent.pw_uid ? LOG_INFO:LOG_CRIT, X "- %s %s-%s\n", tty ? tty:"???", X oldname[0] ? oldname:"???", X name[0] ? name:"???"); X closelog (); X#endif X exit (1); X } X (void) signal (SIGQUIT, oldsig); X X /* X * Check to see if the account is expired. root gets to X * ignore any expired accounts, but normal users can't become X * a user with an expired password. X */ X X if (! amroot) { X if (spwd) { X if (isexpired (&pwent, spwd)) { X#ifdef USE_SYSLOG X syslog (pwent.pw_uid ? LOG_WARN:LOG_CRIT, X "Expired account %s\n", name); X#endif X goto failure; X } X } X#ifdef ATT_AGE X else if (pwent.pw_age[0] && X isexpired (&pwent, (struct spwd *) 0)) { X#ifdef USE_SYSLOG X syslog (pwent.pw_uid ? LOG_WARN:LOG_CRIT, X "Expired account %s\n", name); X#endif X goto failure; X } X#endif /* ATT_AGE */ X } X X cp = getdef_str( pwent.pw_uid == 0 ? "ENV_SUPATH" : "ENV_PATH" ); X addenv( cp != NULL ? cp : "PATH=/bin:/usr/bin" ); X X environ = newenvp; /* make new environment active */ X X if (getenv ("IFS")) /* don't export user IFS ... */ X addenv ("IFS= \t\n"); /* ... instead, set a safe IFS */ X X if (doshell && pwent.pw_shell[0] == '*') { /* subsystem root required */ X subsystem (&pwent); /* figure out what to execute */ X endpwent (); X endspent (); X goto top; X } X X sulog (1); /* save SU information */ X#ifdef USE_SYSLOG X if ( getdef_bool("SYSLOG_SU_ENAB") ) X syslog (LOG_INFO, "+ %s %s-%s\n", tty ? tty:"???", X oldname[0] ? oldname:"???", name[0] ? name:"???"); X#endif X if (fakelogin) X setup (&pwent); /* set UID, GID, HOME, etc ... */ X else { X if (setgid (pwent.pw_gid) || setuid (pwent.pw_uid)) { X perror ("Can't set ID"); X#ifdef USE_SYSLOG X syslog (LOG_CRIT, "Unable to set uid = %d, gid = %d\n", X pwent.pw_uid, pwent.pw_gid); X closelog (); X#endif X exit (1); X } X } X if (! doshell) { /* execute arguments as command */ X if (cp = getenv ("SHELL")) X pwent.pw_shell = cp; X argv[-1] = pwent.pw_shell; X (void) execv (pwent.pw_shell, &argv[-1]); X (void) fprintf (stderr, "No shell\n"); X#ifdef USE_SYSLOG X syslog (LOG_WARN, "Cannot execute %s\n", pwent.pw_shell); X closelog (); X#endif X exit (1); X } X if (fakelogin) { X if (! hushed (&pwent)) { X motd (); X mailcheck (); X } X cp = "-su"; X } else if (cp = strrchr (pwent.pw_shell, '/')) X cp++; X else X cp = pwent.pw_shell; X X shell (pwent.pw_shell, cp); X#ifdef USE_SYSLOG X syslog (LOG_WARN, "Cannot execute %s\n", pwent.pw_shell); X closelog (); X#endif X exit (1); X X /*NOTREACHED*/ X} END_OF_FILE if test 9918 -ne `wc -c <'smain.c'`; then echo shar: \"'smain.c'\" unpacked with wrong size! fi # end of 'smain.c' fi if test -f 'userdel.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'userdel.c'\" else echo shar: Extracting \"'userdel.c'\" $9890 characters$ sed "s/^X//" >'userdel.c' <<'END_OF_FILE' X/* X * Copyright 1991, John F. Haugh II X * All rights reserved. X * X * Permission is granted to copy and create derivative works for any X * non-commercial purpose, provided this copyright notice is preserved X * in all copies of source code, or included in human readable form X * and conspicuously displayed on all copies of object code or X * distribution media. X */ X X#ifndef lint Xstatic char sccsid[] = "@(#)userdel.c 3.9 14:38:36 10/27/91"; X#endif X X#include <sys/types.h> X#include <sys/stat.h> X#include <stdio.h> X#include <errno.h> X#include "pwd.h" X#include <grp.h> X#include <ctype.h> X#include <fcntl.h> X#include <time.h> X X#ifdef BSD X#include <strings.h> X#else X#include <string.h> X#endif X X#include "config.h" X#include "shadow.h" X X#ifdef USE_SYSLOG X#include <syslog.h> X X#ifndef LOG_WARN X#define LOG_WARN LOG_WARNING X#endif X#endif X Xgid_t default_group; Xchar default_home[BUFSIZ]; Xchar default_shell[BUFSIZ]; Xlong default_inactive; Xlong default_expire; Xchar default_file[] = "/etc/default/useradd"; X X#ifndef NGROUPS_MAX X#define NGROUPS_MAX 64 X#endif X Xchar user_name[BUFSIZ]; Xuid_t user_id; Xgid_t user_group; Xchar user_comment[BUFSIZ]; Xchar user_home[BUFSIZ]; Xchar user_shell[BUFSIZ]; Xint user_ngroups; Xint user_expire; Xgid_t user_groups[NGROUPS_MAX]; X Xchar *Prog; Xint rflg; X X#ifdef NDBM Xextern int pw_dbm_mode; Xextern int sp_dbm_mode; Xextern int gr_dbm_mode; X#ifdef SHADOWGRP Xextern int sg_dbm_mode; X#endif X#endif Xextern struct group *getgrnam(); Xextern struct group *getgrgid(); Xextern struct group *gr_next(); Xextern struct passwd *getpwnam(); Xextern struct passwd *pw_next(); X X#ifdef SHADOWGRP Xextern int sgr_lock(); Xextern int sgr_unlock(); Xextern int sgr_open(); Xextern int sgr_close(); Xextern struct sgrp *sgr_next(); X#endif X Xextern char *malloc(); X X/* X * del_list - delete a member from a list of group members X * X * the array of member names is searched for the old member X * name, and if present it is deleted from a freshly allocated X * list of users. X */ X Xchar ** Xdel_list (list, member) Xchar **list; Xchar *member; X{ X int i, j; X char **tmp; X X /* X * Scan the list for the new name. Return the original list X * pointer if it is present. X */ X X for (i = j = 0;list[i] != (char *) 0;i++) X if (strcmp (list[i], member)) X j++; X X if (j == i) X return list; X X /* X * Allocate a new list pointer large enough to hold all the X * old entries, and the new entries as well. X */ X X if (! (tmp = (char **) malloc ((j + 2) * sizeof member))) X return 0; X X /* X * Copy the original list to the new list, then append the X * new member and NULL terminate the result. This new list X * is returned to the invoker. X */ X X for (i = j = 0;list[i] != (char *) 0;i++) X if (strcmp (list[i], member)) X tmp[j++] = list[i]; X X tmp[j] = (char *) 0; X X return tmp; X} X X/* X * usage - display usage message and exit X */ X Xusage () X{ X fprintf (stderr, "usage: %s [-r] name\n", Prog); X exit (2); X} X X/* X * update_groups - delete user from secondary group set X * X * update_groups() takes the user name that was given and searches X * the group files for membership in any group. X */ X Xvoid Xupdate_groups () X{ X int i; X struct group *grp; X#ifdef SHADOWGRP X struct sgrp *sgrp; X#endif X X /* X * Scan through the entire group file looking for the groups that X * the user is a member of. X */ X X for (gr_rewind (), grp = gr_next ();grp;grp = gr_next ()) { X X /* X * See if the user specified this group as one of their X * concurrent groups. X */ X X for (i = 0;grp->gr_mem[i];i++) X if (strcmp (grp->gr_mem[i], user_name) == 0) X break; X X if (grp->gr_mem[i] == (char *) 0) X continue; X X /* X * Delete the username from the list of group members and X * update the group entry to reflect the change. X */ X X grp->gr_mem = del_list (grp->gr_mem, user_name); X if (! gr_update (grp)) { X fprintf (stderr, "%s: error updating group entry\n", X Prog); X exit (1); X } X /* X * Update the DBM group file with the new entry as well. X */ X X#ifdef NDBM X if (! gr_dbm_update (grp)) { X fprintf (stderr, "%s: cannot update dbm group entry\n", X Prog); X exit (1); X } X endgrent (); X#endif /* NDBM */ X#ifdef USE_SYSLOG X syslog (LOG_INFO, "delete `%s' from group `%s'\n", X user_name, grp->gr_name); X#endif X } X X#ifdef SHADOWGRP X /* X * Scan through the entire shadow group file looking for the groups X * that the user is a member of. Both the administrative list and X * the ordinary membership list is checked. X */ X X for (sgr_rewind (), sgrp = sgr_next ();sgrp;sgrp = sgr_next ()) { X int group_changed = 0; X X /* X * See if the user specified this group as one of their X * concurrent groups. X */ X X for (i = 0;sgrp->sg_mem[i];i++) X if (strcmp (sgrp->sg_mem[i], user_name) == 0) X break; X X if (sgrp->sg_mem[i]) { X sgrp->sg_mem = del_list (sgrp->sg_mem, user_name); X group_changed = 1; X } X for (i = 0;sgrp->sg_adm[i];i++) X if (strcmp (sgrp->sg_adm[i], user_name) == 0) X break; X X if (sgrp->sg_adm[i]) { X sgrp->sg_adm = del_list (sgrp->sg_adm, user_name); X group_changed = 1; X } X if (! group_changed) X continue; X X if (! sgr_update (sgrp)) { X fprintf (stderr, "%s: error updating group entry\n", X Prog); X exit (1); X } X#ifdef NDBM X /* X * Update the DBM group file with the new entry as well. X */ X X if (! sgr_dbm_update (sgrp)) { X fprintf (stderr, "%s: cannot update dbm group entry\n", X Prog); X exit (1); X } X endsgent (); X#endif X#ifdef USE_SYSLOG X syslog (LOG_INFO, "delete `%s' from shadow group `%s'\n", X user_name, sgrp->sg_name); X#endif X } X#endif X} X X/* X * close_files - close all of the files that were opened X * X * close_files() closes all of the files that were opened for this X * new user. This causes any modified entries to be written out. X */ X Xclose_files () X{ X if (! pw_close ()) { X fprintf (stderr, "%s: cannot rewrite password file\n", Prog); X exit (1); X } X if (! spw_close ()) { X fprintf (stderr, "%s: cannot rewrite shadow password file\n", X Prog); X exit (1); X } X if (! gr_close ()) { X fprintf (stderr, "%s: cannot rewrite group file\n", X Prog); X exit (10); X } X (void) gr_unlock (); X#ifdef SHADOWGRP X if (! sgr_close ()) { X fprintf (stderr, "%s: cannot rewrite shadow group file\n", X Prog); X exit (10); X } X (void) sgr_unlock (); X#endif X (void) spw_unlock (); X (void) pw_unlock (); X} X X/* X * open_files - lock and open the password files X * X * open_files() opens the two password files. X */ X Xopen_files () X{ X if (! pw_lock ()) { X fprintf (stderr, "%s: unable to lock password file\n", Prog); X exit (1); X } X if (! pw_open (O_RDWR)) { X fprintf (stderr, "%s: unable to open password file\n", Prog); X exit (1); X } X if (! spw_lock ()) { X fprintf (stderr, "%s: cannot lock shadow password file\n", Prog); X exit (1); X } X if (! spw_open (O_RDWR)) { X fprintf (stderr, "%s: cannot open shadow password file\n", Prog); X exit (1); X } X if (! gr_lock ()) { X fprintf (stderr, "%s: unable to lock group file\n", Prog); X exit (1); X } X if (! gr_open (O_RDWR)) { X fprintf (stderr, "%s: cannot open group file\n", Prog); X exit (1); X } X#ifdef SHADOWGRP X if (! sgr_lock ()) { X fprintf (stderr, "%s: unable to lock shadow group file\n", Prog); X exit (1); X } X if (! sgr_open (O_RDWR)) { X fprintf (stderr, "%s: cannot open shadow group file\n", Prog); X exit (1); X } X#endif X} X X/* X * update_user - delete the user entries X * X * update_user() deletes the password file entries for this user X * and will update the group entries as required. X */ X Xupdate_user () X{ X struct passwd *pwd; X X if (! pw_remove (user_name)) X fprintf (stderr, "%s: error deleting password entry\n", Prog); X X if (! spw_remove (user_name)) X fprintf (stderr, "%s: error deleting shadow password entry\n", X Prog); X X#if defined(DBM) || defined(NDBM) X if (access ("/etc/passwd.pag", 0) == 0) { X if ((pwd = getpwnam (user_name)) && ! pw_dbm_remove (pwd)) X fprintf (stderr, X "%s: error deleting password dbm entry\n", X Prog); X X endpwent (); X } X X /* X * If the user's UID is a duplicate the duplicated entry needs X * to be updated so that a UID match can be found in the DBM X * files. X */ X X for (pw_rewind (), pwd = pw_next ();pwd;pwd = pw_next ()) { X if (pwd->pw_uid == user_id) { X pw_dbm_update (pwd); X endpwent (); X break; X } X } X#endif X#ifdef NDBM X if (access ("/etc/shadow.pag", 0) == 0 && ! sp_dbm_remove (user_name)) X fprintf (stderr, "%s: error deleting shadow passwd dbm entry\n", X Prog); X X endspent (); X#endif X#ifdef USE_SYSLOG X syslog (LOG_INFO, "delete user `%s'\n", user_name); X#endif X} X X/* X * main - useradd command X */ X Xmain (argc, argv) Xint argc; Xchar **argv; X{ X struct passwd *pwd; X int arg; X int errors = 0; X extern int optind; X extern char *optarg; X X /* X * Get my name so that I can use it to report errors. X */ X X if (Prog = strrchr (argv[0], '/')) X Prog++; X else X Prog = argv[0]; X X#ifdef USE_SYSLOG X openlog (Prog, LOG_PID|LOG_CONS|LOG_NOWAIT, LOG_AUTH); X#endif X X /* X * The open routines for the DBM files don't use read-write X * as the mode, so we have to clue them in. X */ X X#if defined(DBM) || defined(NDBM) X pw_dbm_mode = O_RDWR; X#endif X#ifdef NDBM X sp_dbm_mode = O_RDWR; X gr_dbm_mode = O_RDWR; X#ifdef SHADOWGRP X sg_dbm_mode = O_RDWR; X#endif X#endif X while ((arg = getopt (argc, argv, "r")) != EOF) X if (arg != 'r') X usage (); X else X rflg++; X X if (optind == argc) X usage (); X X /* X * Start with a quick check to see if the user exists. X */ X X strncpy (user_name, argv[argc - 1], BUFSIZ); X X if (! (pwd = getpwnam (user_name))) { X fprintf (stderr, "%s: user %s does not exist\n", X Prog, user_name); X exit (6); X } X user_id = pwd->pw_uid; X strcpy (user_home, pwd->pw_dir); X X /* X * Do the hard stuff - open the files, create the user entries, X * create the home directory, then close and update the files. X */ X X open_files (); X X update_user (); X update_groups (); X X if (rflg) { X if (remove_tree (user_home) || rmdir (user_home)) X errors++; X } X close_files (); X exit (errors ? 12:0); X /*NOTREACHED*/ X} END_OF_FILE if test 9890 -ne `wc -c <'userdel.c'`; then echo shar: \"'userdel.c'\" unpacked with wrong size! fi # end of 'userdel.c' fi echo shar: End of archive 6 $of 11$. cp /dev/null ark6isdone MISSING="" for I in 1 2 3 4 5 6 7 8 9 10 11 ; do if test ! -f ark${I}isdone ; then MISSING="${MISSING} ${I}" fi done if test "${MISSING}" = "" ; then echo You have unpacked all 11 archives. rm -f ark[1-9]isdone ark[1-9][0-9]isdone else echo You still must unpack the following archives: echo " " ${MISSING} fi exit 0 exit 0 # Just in case...