1 /* $OpenBSD: edit.c,v 1.36 2023/08/11 04:45:05 guenther Exp $ */ 2 /* $NetBSD: edit.c,v 1.6 1996/05/15 21:50:45 jtc Exp $ */ 3 4 /*- 5 * Copyright (c) 1990, 1993, 1994 6 * The Regents of the University of California. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 3. Neither the name of the University nor the names of its contributors 17 * may be used to endorse or promote products derived from this software 18 * without specific prior written permission. 19 * 20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30 * SUCH DAMAGE. 31 */ 32 33 #include <sys/stat.h> 34 35 #include <ctype.h> 36 #include <err.h> 37 #include <errno.h> 38 #include <fcntl.h> 39 #include <paths.h> 40 #include <pwd.h> 41 #include <stdio.h> 42 #include <stdlib.h> 43 #include <string.h> 44 #include <unistd.h> 45 #include <limits.h> 46 #include <util.h> 47 48 #include "chpass.h" 49 50 int 51 edit(char *tempname, struct passwd *pw) 52 { 53 struct stat begin, end; 54 55 for (;;) { 56 if (lstat(tempname, &begin) == -1 || S_ISLNK(begin.st_mode)) 57 return (EDIT_ERROR); 58 pw_edit(1, tempname); 59 if (lstat(tempname, &end) == -1 || S_ISLNK(end.st_mode)) 60 return (EDIT_ERROR); 61 if (!timespeccmp(&begin.st_mtim, &end.st_mtim, -) && 62 begin.st_size == end.st_size) { 63 warnx("no changes made"); 64 return (EDIT_NOCHANGE); 65 } 66 if (verify(tempname, pw)) 67 break; 68 pw_prompt(); 69 } 70 return(EDIT_OK); 71 } 72 73 /* 74 * display -- 75 * print out the file for the user to edit; strange side-effect: 76 * set conditional flag if the user gets to edit the shell. 77 */ 78 void 79 display(char *tempname, int fd, struct passwd *pw) 80 { 81 FILE *fp; 82 char *bp, *p; 83 char chngstr[256]; 84 85 if (!(fp = fdopen(fd, "w"))) 86 pw_error(tempname, 1, 1); 87 88 (void)fprintf(fp, 89 "# Changing user database information for %s.\n", pw->pw_name); 90 if (!uid) { 91 (void)fprintf(fp, "Login: %s\n", pw->pw_name); 92 (void)fprintf(fp, "Encrypted password: %s\n", pw->pw_passwd); 93 (void)fprintf(fp, "Uid [#]: %u\n", pw->pw_uid); 94 (void)fprintf(fp, "Gid [# or name]: %u\n", pw->pw_gid); 95 (void)fprintf(fp, "Change [month day year]: %s\n", 96 ttoa(chngstr, sizeof(chngstr), pw->pw_change)); 97 (void)fprintf(fp, "Expire [month day year]: %s\n", 98 ttoa(chngstr, sizeof(chngstr), pw->pw_expire)); 99 (void)fprintf(fp, "Class: %s\n", pw->pw_class); 100 (void)fprintf(fp, "Home directory: %s\n", pw->pw_dir); 101 (void)fprintf(fp, "Shell: %s\n", 102 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 103 } 104 /* Only admin can change "restricted" shells. */ 105 else if (ok_shell(pw->pw_shell, NULL)) 106 /* 107 * Make shell a restricted field. Ugly with a 108 * necklace, but there's not much else to do. 109 */ 110 (void)fprintf(fp, "Shell: %s\n", 111 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 112 else 113 list[E_SHELL].restricted = 1; 114 bp = pw->pw_gecos; 115 p = strsep(&bp, ","); 116 (void)fprintf(fp, "Full Name: %s\n", p ? p : ""); 117 p = strsep(&bp, ","); 118 (void)fprintf(fp, "Office Location: %s\n", p ? p : ""); 119 p = strsep(&bp, ","); 120 (void)fprintf(fp, "Office Phone: %s\n", p ? p : ""); 121 p = strsep(&bp, ","); 122 (void)fprintf(fp, "Home Phone: %s\n", p ? p : ""); 123 124 (void)fchown(fd, getuid(), getgid()); 125 (void)fclose(fp); 126 } 127 128 int 129 verify(char *tempname, struct passwd *pw) 130 { 131 unsigned int line; 132 size_t alen; 133 static char buf[LINE_MAX]; 134 struct stat sb; 135 char *p, *q; 136 ENTRY *ep; 137 FILE *fp; 138 int fd; 139 140 if ((fd = open(tempname, O_RDONLY|O_NOFOLLOW)) == -1 || 141 (fp = fdopen(fd, "r")) == NULL) 142 pw_error(tempname, 1, 1); 143 if (fstat(fd, &sb)) 144 pw_error(tempname, 1, 1); 145 if (sb.st_size == 0 || sb.st_nlink != 1 || sb.st_uid != uid) { 146 warnx("corrupted temporary file"); 147 goto bad; 148 } 149 line = 0; 150 while (fgets(buf, sizeof(buf), fp)) { 151 line++; 152 if (!buf[0] || buf[0] == '#') 153 continue; 154 if ((p = strchr(buf, '\n')) != NULL) 155 *p = '\0'; 156 else if (!feof(fp)) { 157 warnx("line %u too long", line); 158 goto bad; 159 } 160 for (ep = list;; ++ep) { 161 if (!ep->prompt) { 162 warnx("unrecognized field on line %u", line); 163 goto bad; 164 } 165 if (!strncasecmp(buf, ep->prompt, ep->len)) { 166 if (ep->restricted && uid) { 167 warnx( 168 "you may not change the %s field", 169 ep->prompt); 170 goto bad; 171 } 172 if (!(p = strchr(buf, ':'))) { 173 warnx("line %u corrupted", line); 174 goto bad; 175 } 176 while (isspace((unsigned char)*++p)) 177 ; 178 for (q = p; isprint((unsigned char)*q); q++) { 179 if (ep->except && strchr(ep->except,*q)) 180 break; 181 } 182 if (*q) { 183 warnx( 184 "illegal character in the \"%s\" field", 185 ep->prompt); 186 goto bad; 187 } 188 if ((ep->func)(p, pw, ep)) { 189 bad: (void)fclose(fp); 190 return (0); 191 } 192 break; 193 } 194 } 195 } 196 (void)fclose(fp); 197 198 if (list[E_NAME].save == NULL) 199 list[E_NAME].save = ""; 200 if (list[E_BPHONE].save == NULL) 201 list[E_BPHONE].save = ""; 202 if (list[E_HPHONE].save == NULL) 203 list[E_HPHONE].save = ""; 204 if (list[E_LOCATE].save == NULL) 205 list[E_LOCATE].save = ""; 206 207 /* Build the gecos field. */ 208 for (alen = 0, p = list[E_NAME].save; *p; p++) 209 if (*p == '&') 210 alen = alen + strlen(pw->pw_name) - 1; 211 if (asprintf(&p, "%s,%s,%s,%s", list[E_NAME].save, 212 list[E_LOCATE].save, list[E_BPHONE].save, list[E_HPHONE].save) == -1) 213 err(1, NULL); 214 pw->pw_gecos = p; 215 216 if (snprintf(buf, sizeof(buf), 217 "%s:%s:%u:%u:%s:%ld:%ld:%s:%s:%s", 218 pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class, 219 (long)pw->pw_change, (long)pw->pw_expire, pw->pw_gecos, pw->pw_dir, 220 pw->pw_shell) >= 1023 || 221 strlen(buf) + alen >= 1023) { 222 warnx("entries too long"); 223 free(p); 224 return (0); 225 } 226 free(p); 227 228 return (pw_scan(buf, pw, NULL)); 229 } 230