1 /*- 2 * Copyright (c) 1990, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef lint 35 static char sccsid[] = "@(#)pw_scan.c 8.3 (Berkeley) 4/2/94"; 36 #endif /* not lint */ 37 38 /* 39 * This module is used to "verify" password entries by chpass(1) and 40 * pwd_mkdb(8). 41 */ 42 43 #include <sys/param.h> 44 45 #include <err.h> 46 #include <fcntl.h> 47 #include <pwd.h> 48 #include <errno.h> 49 #include <stdio.h> 50 #include <string.h> 51 #include <stdlib.h> 52 #include <unistd.h> 53 54 #include "pw_scan.h" 55 56 int 57 pw_scan(bp, pw) 58 char *bp; 59 struct passwd *pw; 60 { 61 long id; 62 int root; 63 char *p, *sh; 64 65 if (!(pw->pw_name = strsep(&bp, ":"))) /* login */ 66 goto fmt; 67 root = !strcmp(pw->pw_name, "root"); 68 69 if (!(pw->pw_passwd = strsep(&bp, ":"))) /* passwd */ 70 goto fmt; 71 72 if (!(p = strsep(&bp, ":"))) /* uid */ 73 goto fmt; 74 id = atol(p); 75 if (root && id) { 76 warnx("root uid should be 0"); 77 return (0); 78 } 79 if (id > USHRT_MAX) { 80 warnx("%s > max uid value (%d)", p, USHRT_MAX); 81 return (0); 82 } 83 pw->pw_uid = id; 84 85 if (!(p = strsep(&bp, ":"))) /* gid */ 86 goto fmt; 87 id = atol(p); 88 if (id > USHRT_MAX) { 89 warnx("%s > max gid value (%d)", p, USHRT_MAX); 90 return (0); 91 } 92 pw->pw_gid = id; 93 94 pw->pw_class = strsep(&bp, ":"); /* class */ 95 if (!(p = strsep(&bp, ":"))) /* change */ 96 goto fmt; 97 pw->pw_change = atol(p); 98 if (!(p = strsep(&bp, ":"))) /* expire */ 99 goto fmt; 100 pw->pw_expire = atol(p); 101 pw->pw_gecos = strsep(&bp, ":"); /* gecos */ 102 pw->pw_dir = strsep(&bp, ":"); /* directory */ 103 if (!(pw->pw_shell = strsep(&bp, ":"))) /* shell */ 104 goto fmt; 105 106 p = pw->pw_shell; 107 if (root && *p) /* empty == /bin/sh */ 108 for (setusershell();;) { 109 if (!(sh = getusershell())) { 110 warnx("warning, unknown root shell"); 111 break; 112 } 113 if (!strcmp(p, sh)) 114 break; 115 } 116 117 if (p = strsep(&bp, ":")) { /* too many */ 118 fmt: warnx("corrupted entry"); 119 return (0); 120 } 121 return (1); 122 } 123