1 /*- 2 * Copyright (c) 1990, 1993, 1994 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 */ 33 34 #ifndef lint 35 static char sccsid[] = "@(#)edit.c 8.3 (Berkeley) 4/2/94"; 36 #endif /* not lint */ 37 38 #include <sys/param.h> 39 #include <sys/stat.h> 40 41 #include <ctype.h> 42 #include <err.h> 43 #include <errno.h> 44 #include <paths.h> 45 #include <pwd.h> 46 #include <stdio.h> 47 #include <stdlib.h> 48 #include <string.h> 49 #include <unistd.h> 50 51 #include <pw_scan.h> 52 #include <pw_util.h> 53 54 #include "chpass.h" 55 #ifdef YP 56 #include "pw_yp.h" 57 #endif /* YP */ 58 59 extern char *tempname; 60 61 void 62 edit(pw) 63 struct passwd *pw; 64 { 65 struct stat begin, end; 66 67 for (;;) { 68 if (stat(tempname, &begin)) 69 pw_error(tempname, 1, 1); 70 pw_edit(1); 71 if (stat(tempname, &end)) 72 pw_error(tempname, 1, 1); 73 if (begin.st_mtime == end.st_mtime) { 74 warnx("no changes made"); 75 pw_error(NULL, 0, 0); 76 } 77 if (verify(pw)) 78 break; 79 pw_prompt(); 80 } 81 } 82 83 /* 84 * display -- 85 * print out the file for the user to edit; strange side-effect: 86 * set conditional flag if the user gets to edit the shell. 87 */ 88 void 89 display(fd, pw) 90 int fd; 91 struct passwd *pw; 92 { 93 FILE *fp; 94 char *bp, *p, *ttoa(); 95 96 if (!(fp = fdopen(fd, "w"))) 97 pw_error(tempname, 1, 1); 98 99 (void)fprintf(fp, 100 #ifdef YP 101 "#Changing %s information for %s.\n", _use_yp ? "NIS" : "user database", pw->pw_name); 102 if (!uid && (!_use_yp || suser_override)) { 103 #else 104 "#Changing user database information for %s.\n", pw->pw_name); 105 if (!uid) { 106 #endif /* YP */ 107 (void)fprintf(fp, "Login: %s\n", pw->pw_name); 108 (void)fprintf(fp, "Password: %s\n", pw->pw_passwd); 109 (void)fprintf(fp, "Uid [#]: %d\n", pw->pw_uid); 110 (void)fprintf(fp, "Gid [# or name]: %d\n", pw->pw_gid); 111 (void)fprintf(fp, "Change [month day year]: %s\n", 112 ttoa(pw->pw_change)); 113 (void)fprintf(fp, "Expire [month day year]: %s\n", 114 ttoa(pw->pw_expire)); 115 (void)fprintf(fp, "Class: %s\n", pw->pw_class); 116 (void)fprintf(fp, "Home directory: %s\n", pw->pw_dir); 117 (void)fprintf(fp, "Shell: %s\n", 118 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 119 } 120 /* Only admin can change "restricted" shells. */ 121 #ifdef 0 122 else if (ok_shell(pw->pw_shell)) 123 /* 124 * Make shell a restricted field. Ugly with a 125 * necklace, but there's not much else to do. 126 */ 127 #else 128 else if ((!list[E_SHELL].restricted && ok_shell(pw->pw_shell)) || !uid) 129 /* 130 * If change not restrict (table.c) and standard shell 131 * OR if root, then allow editing of shell. 132 */ 133 #endif 134 (void)fprintf(fp, "Shell: %s\n", 135 *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL); 136 else 137 list[E_SHELL].restricted = 1; 138 bp = pw->pw_gecos; 139 140 p = strsep(&bp, ","); 141 if (p) 142 list[E_NAME].save = strdup(p); 143 if (!list[E_NAME].restricted || !uid) 144 (void)fprintf(fp, "Full Name: %s\n", p ? p : ""); 145 146 p = strsep(&bp, ","); 147 if (p) 148 list[E_LOCATE].save = strdup(p); 149 if (!list[E_LOCATE].restricted || !uid) 150 (void)fprintf(fp, "Location: %s\n", p ? p : ""); 151 152 p = strsep(&bp, ","); 153 if (p) 154 list[E_BPHONE].save = strdup(p); 155 if (!list[E_BPHONE].restricted || !uid) 156 (void)fprintf(fp, "Office Phone: %s\n", p ? p : ""); 157 158 p = strsep(&bp, ","); 159 if (p) 160 list[E_HPHONE].save = strdup(p); 161 if (!list[E_HPHONE].restricted || !uid) 162 (void)fprintf(fp, "Home Phone: %s\n", p ? p : ""); 163 164 (void)fchown(fd, getuid(), getgid()); 165 (void)fclose(fp); 166 } 167 168 int 169 verify(pw) 170 struct passwd *pw; 171 { 172 ENTRY *ep; 173 char *p; 174 struct stat sb; 175 FILE *fp; 176 int len; 177 char buf[LINE_MAX]; 178 179 if (!(fp = fopen(tempname, "r"))) 180 pw_error(tempname, 1, 1); 181 if (fstat(fileno(fp), &sb)) 182 pw_error(tempname, 1, 1); 183 if (sb.st_size == 0) { 184 warnx("corrupted temporary file"); 185 goto bad; 186 } 187 while (fgets(buf, sizeof(buf), fp)) { 188 if (!buf[0] || buf[0] == '#') 189 continue; 190 if (!(p = strchr(buf, '\n'))) { 191 warnx("line too long"); 192 goto bad; 193 } 194 *p = '\0'; 195 for (ep = list;; ++ep) { 196 if (!ep->prompt) { 197 warnx("unrecognized field"); 198 goto bad; 199 } 200 if (!strncasecmp(buf, ep->prompt, ep->len)) { 201 if (ep->restricted && uid) { 202 warnx( 203 "you may not change the %s field", 204 ep->prompt); 205 goto bad; 206 } 207 if (!(p = strchr(buf, ':'))) { 208 warnx("line corrupted"); 209 goto bad; 210 } 211 while (isspace(*++p)); 212 if (ep->except && strpbrk(p, ep->except)) { 213 warnx( 214 "illegal character in the \"%s\" field", 215 ep->prompt); 216 goto bad; 217 } 218 if ((ep->func)(p, pw, ep)) { 219 bad: (void)fclose(fp); 220 return (0); 221 } 222 break; 223 } 224 } 225 } 226 (void)fclose(fp); 227 228 /* Build the gecos field. */ 229 len = strlen(list[E_NAME].save) + strlen(list[E_BPHONE].save) + 230 strlen(list[E_HPHONE].save) + strlen(list[E_LOCATE].save) + 4; 231 if (!(p = malloc(len))) 232 err(1, NULL); 233 (void)sprintf(pw->pw_gecos = p, "%s,%s,%s,%s", list[E_NAME].save, 234 list[E_LOCATE].save, list[E_BPHONE].save, list[E_HPHONE].save); 235 236 while ((len = strlen(pw->pw_gecos)) && pw->pw_gecos[len - 1] == ',') 237 pw->pw_gecos[len - 1] = '\0'; 238 239 if (snprintf(buf, sizeof(buf), 240 "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s", 241 pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid, pw->pw_class, 242 pw->pw_change, pw->pw_expire, pw->pw_gecos, pw->pw_dir, 243 pw->pw_shell) >= sizeof(buf)) { 244 warnx("entries too long"); 245 return (0); 246 } 247 return (pw_scan(buf, pw)); 248 } 249