1 /* 2 * Copyright (c) 1988, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * Copyright (c) 2002 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * Portions of this software were developed for the FreeBSD Project by 8 * ThinkSec AS and NAI Labs, the Security Research Division of Network 9 * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 10 * ("CBOSS"), as part of the DARPA CHATS research program. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 * 36 * @(#)field.c 8.4 (Berkeley) 4/2/94 37 * $FreeBSD: src/usr.bin/chpass/field.c,v 1.9 2004/01/18 21:46:39 charnier Exp $ 38 * $DragonFly: src/usr.bin/chpass/field.c,v 1.3 2003/10/02 17:42:26 hmp Exp $ 39 */ 40 41 #include <sys/param.h> 42 #include <sys/stat.h> 43 44 #include <ctype.h> 45 #include <err.h> 46 #include <errno.h> 47 #include <grp.h> 48 #include <paths.h> 49 #include <pwd.h> 50 #include <stdlib.h> 51 #include <string.h> 52 53 #include "chpass.h" 54 55 /* ARGSUSED */ 56 int 57 p_login(char *p, struct passwd *pw, ENTRY *ep __unused) 58 { 59 if (!*p) { 60 warnx("empty login field"); 61 return (-1); 62 } 63 if (*p == '-') { 64 warnx("login names may not begin with a hyphen"); 65 return (-1); 66 } 67 if (!(pw->pw_name = strdup(p))) { 68 warnx("can't save entry"); 69 return (-1); 70 } 71 if (strchr(p, '.')) 72 warnx("\'.\' is dangerous in a login name"); 73 for (; *p; ++p) 74 if (isupper(*p)) { 75 warnx("upper-case letters are dangerous in a login name"); 76 break; 77 } 78 return (0); 79 } 80 81 /* ARGSUSED */ 82 int 83 p_passwd(char *p, struct passwd *pw, ENTRY *ep __unused) 84 { 85 if (!(pw->pw_passwd = strdup(p))) { 86 warnx("can't save password entry"); 87 return (-1); 88 } 89 90 return (0); 91 } 92 93 /* ARGSUSED */ 94 int 95 p_uid(char *p, struct passwd *pw, ENTRY *ep __unused) 96 { 97 uid_t id; 98 char *np; 99 100 if (!*p) { 101 warnx("empty uid field"); 102 return (-1); 103 } 104 if (!isdigit(*p)) { 105 warnx("illegal uid"); 106 return (-1); 107 } 108 errno = 0; 109 id = strtoul(p, &np, 10); 110 if (*np || (id == (uid_t)ULONG_MAX && errno == ERANGE)) { 111 warnx("illegal uid"); 112 return (-1); 113 } 114 pw->pw_uid = id; 115 return (0); 116 } 117 118 /* ARGSUSED */ 119 int 120 p_gid(char *p, struct passwd *pw, ENTRY *ep __unused) 121 { 122 struct group *gr; 123 gid_t id; 124 char *np; 125 126 if (!*p) { 127 warnx("empty gid field"); 128 return (-1); 129 } 130 if (!isdigit(*p)) { 131 if (!(gr = getgrnam(p))) { 132 warnx("unknown group %s", p); 133 return (-1); 134 } 135 pw->pw_gid = gr->gr_gid; 136 return (0); 137 } 138 errno = 0; 139 id = strtoul(p, &np, 10); 140 if (*np || (id == (uid_t)ULONG_MAX && errno == ERANGE)) { 141 warnx("illegal gid"); 142 return (-1); 143 } 144 pw->pw_gid = id; 145 return (0); 146 } 147 148 /* ARGSUSED */ 149 int 150 p_class(char *p, struct passwd *pw, ENTRY *ep __unused) 151 { 152 if (!(pw->pw_class = strdup(p))) { 153 warnx("can't save entry"); 154 return (-1); 155 } 156 157 return (0); 158 } 159 160 /* ARGSUSED */ 161 int 162 p_change(char *p, struct passwd *pw, ENTRY *ep __unused) 163 { 164 if (!atot(p, &pw->pw_change)) 165 return (0); 166 warnx("illegal date for change field"); 167 return (-1); 168 } 169 170 /* ARGSUSED */ 171 int 172 p_expire(char *p, struct passwd *pw, ENTRY *ep __unused) 173 { 174 if (!atot(p, &pw->pw_expire)) 175 return (0); 176 warnx("illegal date for expire field"); 177 return (-1); 178 } 179 180 /* ARGSUSED */ 181 int 182 p_gecos(char *p, struct passwd *pw __unused, ENTRY *ep) 183 { 184 if (!(ep->save = strdup(p))) { 185 warnx("can't save entry"); 186 return (-1); 187 } 188 return (0); 189 } 190 191 /* ARGSUSED */ 192 int 193 p_hdir(char *p, struct passwd *pw, ENTRY *ep __unused) 194 { 195 if (!*p) { 196 warnx("empty home directory field"); 197 return (-1); 198 } 199 if (!(pw->pw_dir = strdup(p))) { 200 warnx("can't save entry"); 201 return (-1); 202 } 203 return (0); 204 } 205 206 /* ARGSUSED */ 207 int 208 p_shell(char *p, struct passwd *pw, ENTRY *ep __unused) 209 { 210 struct stat sbuf; 211 212 if (!*p) { 213 pw->pw_shell = strdup(_PATH_BSHELL); 214 return (0); 215 } 216 /* only admin can change from or to "restricted" shells */ 217 if (!master_mode && pw->pw_shell && !ok_shell(pw->pw_shell)) { 218 warnx("%s: current shell non-standard", pw->pw_shell); 219 return (-1); 220 } 221 if (!ok_shell(p)) { 222 if (!master_mode) { 223 warnx("%s: non-standard shell", p); 224 return (-1); 225 } 226 pw->pw_shell = strdup(p); 227 } 228 else 229 pw->pw_shell = dup_shell(p); 230 if (!pw->pw_shell) { 231 warnx("can't save entry"); 232 return (-1); 233 } 234 if (stat(pw->pw_shell, &sbuf) < 0) { 235 if (errno == ENOENT) 236 warnx("WARNING: shell '%s' does not exist", 237 pw->pw_shell); 238 else 239 warn("WARNING: can't stat shell '%s'", pw->pw_shell); 240 return (0); 241 } 242 if (!S_ISREG(sbuf.st_mode)) { 243 warnx("WARNING: shell '%s' is not a regular file", 244 pw->pw_shell); 245 return (0); 246 } 247 if ((sbuf.st_mode & (S_IXOTH | S_IXGRP | S_IXUSR)) == 0) { 248 warnx("WARNING: shell '%s' is not executable", pw->pw_shell); 249 return (0); 250 } 251 return (0); 252 } 253