1 /* $NetBSD: edit.c,v 1.14 2002/11/16 15:59:27 itojun Exp $ */ 2 3 /*- 4 * Copyright (c) 1990, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. All advertising materials mentioning features or use of this software 16 * must display the following acknowledgement: 17 * This product includes software developed by the University of 18 * California, Berkeley and its contributors. 19 * 4. Neither the name of the University nor the names of its contributors 20 * may be used to endorse or promote products derived from this software 21 * without specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 */ 35 36 #include <sys/cdefs.h> 37 #ifndef lint 38 #if 0 39 static char sccsid[] = "@(#)edit.c 8.3 (Berkeley) 4/2/94"; 40 #else 41 __RCSID("$NetBSD: edit.c,v 1.14 2002/11/16 15:59:27 itojun Exp $"); 42 #endif 43 #endif /* not lint */ 44 45 #include <sys/param.h> 46 #include <sys/stat.h> 47 48 #include <ctype.h> 49 #include <err.h> 50 #include <errno.h> 51 #include <paths.h> 52 #include <pwd.h> 53 #include <stdio.h> 54 #include <stdlib.h> 55 #include <string.h> 56 #include <unistd.h> 57 #include <util.h> 58 59 #include "chpass.h" 60 61 void 62 edit(tempname, pw) 63 char *tempname; 64 struct passwd *pw; 65 { 66 struct stat begin, end; 67 68 for (;;) { 69 if (stat(tempname, &begin)) 70 (*Pw_error)(tempname, 1, 1); 71 pw_edit(1, tempname); 72 if (stat(tempname, &end)) 73 (*Pw_error)(tempname, 1, 1); 74 if (begin.st_mtime == end.st_mtime) { 75 warnx("no changes made"); 76 (*Pw_error)(NULL, 0, 0); 77 } 78 if (verify(tempname, pw)) 79 break; 80 #ifdef YP 81 if (use_yp) 82 yppw_prompt(); 83 else 84 #endif 85 pw_prompt(); 86 } 87 } 88 89 /* 90 * display -- 91 * print out the file for the user to edit; strange side-effect: 92 * set conditional flag if the user gets to edit the shell. 93 */ 94 void 95 display(tempname, fd, pw) 96 char *tempname; 97 int fd; 98 struct passwd *pw; 99 { 100 FILE *fp; 101 char *bp, *p; 102 char chgstr[256], expstr[256]; 103 104 if (!(fp = fdopen(fd, "w"))) 105 (*Pw_error)(tempname, 1, 1); 106 107 (void)fprintf(fp, 108 "#Changing user %sdatabase information for %s.\n", 109 use_yp ? "YP " : "", pw->pw_name); 110 if (!uid) { 111 (void)fprintf(fp, "Login: %s\n", pw->pw_name); 112 (void)fprintf(fp, "Password: %s\n", pw->pw_passwd); 113 (void)fprintf(fp, "Uid [#]: %d\n", pw->pw_uid); 114 (void)fprintf(fp, "Gid [# or name]: %d\n", pw->pw_gid); 115 (void)fprintf(fp, "Change [month day year]: %s\n", 116 ttoa(chgstr, sizeof chgstr, pw->pw_change)); 117 (void)fprintf(fp, "Expire [month day year]: %s\n", 118 ttoa(expstr, sizeof expstr, pw->pw_expire)); 119 (void)fprintf(fp, "Class: %s\n", pw->pw_class); 120 (void)fprintf(fp, "Home directory: %s\n", pw->pw_dir); 121 (void)fprintf(fp, "Shell: %s\n", 122 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 123 } 124 /* Only admin can change "restricted" shells. */ 125 else if (ok_shell(pw->pw_shell)) 126 /* 127 * Make shell a restricted field. Ugly with a 128 * necklace, but there's not much else to do. 129 */ 130 (void)fprintf(fp, "Shell: %s\n", 131 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 132 else 133 list[E_SHELL].restricted = 1; 134 bp = strdup(pw->pw_gecos); 135 if (!bp) { 136 err(1, "strdup"); 137 /*NOTREACHED*/ 138 } 139 p = strsep(&bp, ","); 140 (void)fprintf(fp, "Full Name: %s\n", p ? p : ""); 141 p = strsep(&bp, ","); 142 (void)fprintf(fp, "Location: %s\n", p ? p : ""); 143 p = strsep(&bp, ","); 144 (void)fprintf(fp, "Office Phone: %s\n", p ? p : ""); 145 p = strsep(&bp, ","); 146 (void)fprintf(fp, "Home Phone: %s\n", p ? p : ""); 147 148 (void)fchown(fd, getuid(), getgid()); 149 (void)fclose(fp); 150 } 151 152 int 153 verify(tempname, pw) 154 char *tempname; 155 struct passwd *pw; 156 { 157 ENTRY *ep; 158 char *p; 159 struct stat sb; 160 FILE *fp; 161 int len; 162 static char buf[LINE_MAX]; 163 164 if (!(fp = fopen(tempname, "r"))) 165 (*Pw_error)(tempname, 1, 1); 166 if (fstat(fileno(fp), &sb)) 167 (*Pw_error)(tempname, 1, 1); 168 if (sb.st_size == 0) { 169 warnx("corrupted temporary file"); 170 goto bad; 171 } 172 while (fgets(buf, sizeof(buf), fp)) { 173 if (!buf[0] || buf[0] == '#') 174 continue; 175 if (!(p = strchr(buf, '\n'))) { 176 warnx("line too long"); 177 goto bad; 178 } 179 *p = '\0'; 180 for (ep = list;; ++ep) { 181 if (!ep->prompt) { 182 warnx("unrecognized field"); 183 goto bad; 184 } 185 if (!strncasecmp(buf, ep->prompt, ep->len)) { 186 if (ep->restricted && uid) { 187 warnx( 188 "you may not change the %s field", 189 ep->prompt); 190 goto bad; 191 } 192 if (!(p = strchr(buf, ':'))) { 193 warnx("line corrupted"); 194 goto bad; 195 } 196 while (isspace(*++p)); 197 if (ep->except && strpbrk(p, ep->except)) { 198 warnx( 199 "illegal character in the \"%s\" field", 200 ep->prompt); 201 goto bad; 202 } 203 if ((ep->func)(p, pw, ep)) { 204 bad: (void)fclose(fp); 205 return (0); 206 } 207 break; 208 } 209 } 210 } 211 (void)fclose(fp); 212 213 /* Build the gecos field. */ 214 len = strlen(list[E_NAME].save) + strlen(list[E_BPHONE].save) + 215 strlen(list[E_HPHONE].save) + strlen(list[E_LOCATE].save) + 4; 216 if (!(p = malloc(len))) 217 err(1, "malloc"); 218 (void)snprintf(p, len, "%s,%s,%s,%s", list[E_NAME].save, 219 list[E_LOCATE].save, list[E_BPHONE].save, list[E_HPHONE].save); 220 pw->pw_gecos = p; 221 222 if (snprintf(buf, sizeof(buf), 223 "%s:%s:%d:%d:%s:%lu:%lu:%s:%s:%s", 224 pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class, 225 (u_long)pw->pw_change, (u_long)pw->pw_expire, pw->pw_gecos, 226 pw->pw_dir, pw->pw_shell) >= sizeof(buf)) { 227 warnx("entries too long"); 228 return (0); 229 } 230 return (pw_scan(buf, pw, (int *)NULL)); 231 } 232