17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*622200adScf46844 * Common Development and Distribution License (the "License"). 6*622200adScf46844 * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*622200adScf46844 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */ 277c478bd9Sstevel@tonic-gate /* All Rights Reserved */ 287c478bd9Sstevel@tonic-gate 297c478bd9Sstevel@tonic-gate /* 307c478bd9Sstevel@tonic-gate * Portions of this source code were derived from Berkeley 4.3 BSD 317c478bd9Sstevel@tonic-gate * under license from the Regents of the University of California. 327c478bd9Sstevel@tonic-gate */ 337c478bd9Sstevel@tonic-gate 34956e8222Scf46844 #pragma ident "%Z%%M% %I% %E% SMI" 357c478bd9Sstevel@tonic-gate 367c478bd9Sstevel@tonic-gate #include <sys/types.h> 377c478bd9Sstevel@tonic-gate #include <sys/stat.h> 387c478bd9Sstevel@tonic-gate #include <sys/file.h> 397c478bd9Sstevel@tonic-gate #include <sys/fcntl.h> 407c478bd9Sstevel@tonic-gate 417c478bd9Sstevel@tonic-gate #include <stdio.h> 427c478bd9Sstevel@tonic-gate #include <errno.h> 437c478bd9Sstevel@tonic-gate #include <signal.h> 44956e8222Scf46844 #include <stdlib.h> 45956e8222Scf46844 #include <strings.h> 467c478bd9Sstevel@tonic-gate 477c478bd9Sstevel@tonic-gate /* 487c478bd9Sstevel@tonic-gate * Password file editor with locking. 497c478bd9Sstevel@tonic-gate */ 507c478bd9Sstevel@tonic-gate 517c478bd9Sstevel@tonic-gate #define DEFAULT_EDITOR "/usr/bin/vi" 527c478bd9Sstevel@tonic-gate 53956e8222Scf46844 static int copyfile(char *, char *); 54956e8222Scf46844 static int editfile(char *, char *, char *, time_t *); 55956e8222Scf46844 static int sanity_check(char *, time_t *, char *); 56956e8222Scf46844 static int validsh(char *); 57956e8222Scf46844 587c478bd9Sstevel@tonic-gate char *ptemp = "/etc/ptmp"; 597c478bd9Sstevel@tonic-gate char *stemp = "/etc/stmp"; 607c478bd9Sstevel@tonic-gate char *passwd = "/etc/passwd"; 617c478bd9Sstevel@tonic-gate char *shadow = "/etc/shadow"; 627c478bd9Sstevel@tonic-gate char buf[BUFSIZ]; 637c478bd9Sstevel@tonic-gate 64956e8222Scf46844 int 65956e8222Scf46844 main(void) 667c478bd9Sstevel@tonic-gate { 677c478bd9Sstevel@tonic-gate int fd; 687c478bd9Sstevel@tonic-gate FILE *ft, *fp; 697c478bd9Sstevel@tonic-gate char *editor; 707c478bd9Sstevel@tonic-gate int ok = 0; 717c478bd9Sstevel@tonic-gate time_t o_mtime, n_mtime; 727c478bd9Sstevel@tonic-gate struct stat osbuf, sbuf, oshdbuf, shdbuf; 737c478bd9Sstevel@tonic-gate char c; 747c478bd9Sstevel@tonic-gate 757c478bd9Sstevel@tonic-gate (void)signal(SIGINT, SIG_IGN); 767c478bd9Sstevel@tonic-gate (void)signal(SIGQUIT, SIG_IGN); 777c478bd9Sstevel@tonic-gate (void)signal(SIGHUP, SIG_IGN); 787c478bd9Sstevel@tonic-gate setbuf(stderr, (char *)NULL); 797c478bd9Sstevel@tonic-gate 807c478bd9Sstevel@tonic-gate editor = getenv("VISUAL"); 817c478bd9Sstevel@tonic-gate if (editor == 0) 827c478bd9Sstevel@tonic-gate editor = getenv("EDITOR"); 837c478bd9Sstevel@tonic-gate if (editor == 0) 847c478bd9Sstevel@tonic-gate editor = DEFAULT_EDITOR; 857c478bd9Sstevel@tonic-gate 867c478bd9Sstevel@tonic-gate (void)umask(0077); 877c478bd9Sstevel@tonic-gate if (stat(passwd, &osbuf) < 0) { 887c478bd9Sstevel@tonic-gate (void)fprintf(stderr,"vipw: can't stat passwd file.\n"); 897c478bd9Sstevel@tonic-gate goto bad; 907c478bd9Sstevel@tonic-gate } 917c478bd9Sstevel@tonic-gate 927c478bd9Sstevel@tonic-gate if (copyfile(passwd, ptemp)) 937c478bd9Sstevel@tonic-gate goto bad; 947c478bd9Sstevel@tonic-gate 957c478bd9Sstevel@tonic-gate if (stat(ptemp, &sbuf) < 0) { 967c478bd9Sstevel@tonic-gate (void)fprintf(stderr, 977c478bd9Sstevel@tonic-gate "vipw: can't stat ptemp file, %s unchanged\n", 987c478bd9Sstevel@tonic-gate passwd); 997c478bd9Sstevel@tonic-gate goto bad; 1007c478bd9Sstevel@tonic-gate } 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate o_mtime = sbuf.st_mtime; 1037c478bd9Sstevel@tonic-gate 1047c478bd9Sstevel@tonic-gate if (editfile(editor, ptemp, passwd, &n_mtime)) { 1057c478bd9Sstevel@tonic-gate if (sanity_check(ptemp, &n_mtime, passwd)) 1067c478bd9Sstevel@tonic-gate goto bad; 1077c478bd9Sstevel@tonic-gate if (o_mtime >= n_mtime) 1087c478bd9Sstevel@tonic-gate goto bad; 1097c478bd9Sstevel@tonic-gate } 1107c478bd9Sstevel@tonic-gate 1117c478bd9Sstevel@tonic-gate ok++; 1127c478bd9Sstevel@tonic-gate if (o_mtime < n_mtime) { 1137c478bd9Sstevel@tonic-gate fprintf(stdout, "\nYou have modified the password file.\n"); 1147c478bd9Sstevel@tonic-gate fprintf(stdout, 1157c478bd9Sstevel@tonic-gate "Press 'e' to edit the shadow file for consistency,\n 'q' to quit: "); 1167c478bd9Sstevel@tonic-gate if ((c = getchar()) == 'q') { 1177c478bd9Sstevel@tonic-gate if (chmod(ptemp, (osbuf.st_mode & 0644)) < 0) { 1187c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s: ", ptemp); 1197c478bd9Sstevel@tonic-gate perror("chmod"); 1207c478bd9Sstevel@tonic-gate goto bad; 1217c478bd9Sstevel@tonic-gate } 1227c478bd9Sstevel@tonic-gate if (rename(ptemp, passwd) < 0) { 1237c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s: ", ptemp); 1247c478bd9Sstevel@tonic-gate perror("rename"); 1257c478bd9Sstevel@tonic-gate goto bad; 1267c478bd9Sstevel@tonic-gate } 1277c478bd9Sstevel@tonic-gate if (((osbuf.st_gid != sbuf.st_gid) || 1287c478bd9Sstevel@tonic-gate (osbuf.st_uid != sbuf.st_uid)) && 1297c478bd9Sstevel@tonic-gate (chown(passwd, osbuf.st_uid, osbuf.st_gid) < 0)) { 1307c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s ", ptemp); 1317c478bd9Sstevel@tonic-gate perror("chown"); 1327c478bd9Sstevel@tonic-gate } 1337c478bd9Sstevel@tonic-gate goto bad; 1347c478bd9Sstevel@tonic-gate } else if (c == 'e') { 1357c478bd9Sstevel@tonic-gate if (stat(shadow, &oshdbuf) < 0) { 1367c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1377c478bd9Sstevel@tonic-gate "vipw: can't stat shadow file.\n"); 1387c478bd9Sstevel@tonic-gate goto bad; 1397c478bd9Sstevel@tonic-gate } 1407c478bd9Sstevel@tonic-gate 1417c478bd9Sstevel@tonic-gate if (copyfile(shadow, stemp)) 1427c478bd9Sstevel@tonic-gate goto bad; 1437c478bd9Sstevel@tonic-gate if (stat(stemp, &shdbuf) < 0) { 1447c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1457c478bd9Sstevel@tonic-gate "vipw: can't stat stmp file.\n"); 1467c478bd9Sstevel@tonic-gate goto bad; 1477c478bd9Sstevel@tonic-gate } 1487c478bd9Sstevel@tonic-gate 1497c478bd9Sstevel@tonic-gate if (editfile(editor, stemp, shadow, &o_mtime)) 1507c478bd9Sstevel@tonic-gate goto bad; 1517c478bd9Sstevel@tonic-gate ok++; 1527c478bd9Sstevel@tonic-gate if (chmod(ptemp, (osbuf.st_mode & 0644)) < 0) { 1537c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s: ", ptemp); 1547c478bd9Sstevel@tonic-gate perror("chmod"); 1557c478bd9Sstevel@tonic-gate goto bad; 1567c478bd9Sstevel@tonic-gate } 1577c478bd9Sstevel@tonic-gate if (chmod(stemp, (oshdbuf.st_mode & 0400)) < 0) { 1587c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s: ", stemp); 1597c478bd9Sstevel@tonic-gate perror("chmod"); 1607c478bd9Sstevel@tonic-gate goto bad; 1617c478bd9Sstevel@tonic-gate } 1627c478bd9Sstevel@tonic-gate if (rename(ptemp, passwd) < 0) { 1637c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s: ", ptemp); 1647c478bd9Sstevel@tonic-gate perror("rename"); 1657c478bd9Sstevel@tonic-gate goto bad; 1667c478bd9Sstevel@tonic-gate } 1677c478bd9Sstevel@tonic-gate if (((osbuf.st_gid != sbuf.st_gid) || 1687c478bd9Sstevel@tonic-gate (osbuf.st_uid != sbuf.st_uid)) && 1697c478bd9Sstevel@tonic-gate (chown(passwd, osbuf.st_uid, osbuf.st_gid) < 0)) { 1707c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s ", ptemp); 1717c478bd9Sstevel@tonic-gate perror("chown"); 1727c478bd9Sstevel@tonic-gate } 1737c478bd9Sstevel@tonic-gate if (rename(stemp, shadow) < 0) { 1747c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s: ", stemp); 1757c478bd9Sstevel@tonic-gate perror("rename"); 1767c478bd9Sstevel@tonic-gate goto bad; 1777c478bd9Sstevel@tonic-gate } else if (((oshdbuf.st_gid != shdbuf.st_gid) || 1787c478bd9Sstevel@tonic-gate (oshdbuf.st_uid != shdbuf.st_uid)) && 1797c478bd9Sstevel@tonic-gate (chown(shadow, oshdbuf.st_uid, oshdbuf.st_gid) < 0)) { 1807c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s ", stemp); 1817c478bd9Sstevel@tonic-gate perror("chown"); 1827c478bd9Sstevel@tonic-gate } 1837c478bd9Sstevel@tonic-gate } 1847c478bd9Sstevel@tonic-gate } 1857c478bd9Sstevel@tonic-gate bad: 1867c478bd9Sstevel@tonic-gate (void) unlink(ptemp); 1877c478bd9Sstevel@tonic-gate (void) unlink(stemp); 188956e8222Scf46844 return (ok ? 0 : 1); 1897c478bd9Sstevel@tonic-gate /* NOTREACHED */ 1907c478bd9Sstevel@tonic-gate } 1917c478bd9Sstevel@tonic-gate 1927c478bd9Sstevel@tonic-gate 193956e8222Scf46844 int 194956e8222Scf46844 copyfile(char *from, char *to) 1957c478bd9Sstevel@tonic-gate { 1967c478bd9Sstevel@tonic-gate int fd; 1977c478bd9Sstevel@tonic-gate FILE *fp, *ft; 1987c478bd9Sstevel@tonic-gate 1997c478bd9Sstevel@tonic-gate fd = open(to, O_WRONLY|O_CREAT|O_EXCL, 0600); 2007c478bd9Sstevel@tonic-gate if (fd < 0) { 2017c478bd9Sstevel@tonic-gate if (errno == EEXIST) { 2027c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: %s file busy\n", from); 2037c478bd9Sstevel@tonic-gate exit(1); 2047c478bd9Sstevel@tonic-gate } 2057c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: "); perror(to); 2067c478bd9Sstevel@tonic-gate exit(1); 2077c478bd9Sstevel@tonic-gate } 2087c478bd9Sstevel@tonic-gate ft = fdopen(fd, "w"); 2097c478bd9Sstevel@tonic-gate if (ft == NULL) { 2107c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: "); perror(to); 2117c478bd9Sstevel@tonic-gate return( 1 ); 2127c478bd9Sstevel@tonic-gate } 2137c478bd9Sstevel@tonic-gate fp = fopen(from, "r"); 2147c478bd9Sstevel@tonic-gate if (fp == NULL) { 2157c478bd9Sstevel@tonic-gate (void) fprintf(stderr, "vipw: "); perror(from); 2167c478bd9Sstevel@tonic-gate return( 1 ); 2177c478bd9Sstevel@tonic-gate } 2187c478bd9Sstevel@tonic-gate while (fgets(buf, sizeof (buf) - 1, fp) != NULL) 2197c478bd9Sstevel@tonic-gate fputs(buf, ft); 2207c478bd9Sstevel@tonic-gate (void) fclose(ft); 2217c478bd9Sstevel@tonic-gate (void) fclose(fp); 2227c478bd9Sstevel@tonic-gate return( 0 ); 2237c478bd9Sstevel@tonic-gate } 2247c478bd9Sstevel@tonic-gate 225956e8222Scf46844 int 226956e8222Scf46844 editfile(char *editor, char *temp, char *orig, time_t *mtime) 2277c478bd9Sstevel@tonic-gate { 2287c478bd9Sstevel@tonic-gate (void)sprintf(buf, "%s %s", editor, temp); 2297c478bd9Sstevel@tonic-gate if (system(buf) == 0) { 2307c478bd9Sstevel@tonic-gate return (sanity_check(temp, mtime, orig)); 2317c478bd9Sstevel@tonic-gate } 2327c478bd9Sstevel@tonic-gate return(1); 2337c478bd9Sstevel@tonic-gate } 2347c478bd9Sstevel@tonic-gate 2357c478bd9Sstevel@tonic-gate 236956e8222Scf46844 int 237956e8222Scf46844 validsh(char *rootsh) 2387c478bd9Sstevel@tonic-gate { 2397c478bd9Sstevel@tonic-gate 2407c478bd9Sstevel@tonic-gate char *sh, *getusershell(); 2417c478bd9Sstevel@tonic-gate int ret = 0; 2427c478bd9Sstevel@tonic-gate 2437c478bd9Sstevel@tonic-gate setusershell(); 2447c478bd9Sstevel@tonic-gate while((sh = getusershell()) != NULL ) { 2457c478bd9Sstevel@tonic-gate if( strcmp( rootsh, sh) == 0 ) { 2467c478bd9Sstevel@tonic-gate ret = 1; 2477c478bd9Sstevel@tonic-gate break; 2487c478bd9Sstevel@tonic-gate } 2497c478bd9Sstevel@tonic-gate } 2507c478bd9Sstevel@tonic-gate endusershell(); 2517c478bd9Sstevel@tonic-gate return(ret); 2527c478bd9Sstevel@tonic-gate } 2537c478bd9Sstevel@tonic-gate 2547c478bd9Sstevel@tonic-gate /* 2557c478bd9Sstevel@tonic-gate * sanity checks 2567c478bd9Sstevel@tonic-gate * return 0 if ok, 1 otherwise 2577c478bd9Sstevel@tonic-gate */ 258956e8222Scf46844 int 259956e8222Scf46844 sanity_check(char *temp, time_t *mtime, char *orig) 2607c478bd9Sstevel@tonic-gate { 2617c478bd9Sstevel@tonic-gate int i, ok = 0; 2627c478bd9Sstevel@tonic-gate FILE *ft; 263*622200adScf46844 struct stat sbuf, statbuf; 264*622200adScf46844 char *ldir; 2657c478bd9Sstevel@tonic-gate int isshadow = 0; 2667c478bd9Sstevel@tonic-gate 2677c478bd9Sstevel@tonic-gate if (!strcmp(orig, shadow)) 2687c478bd9Sstevel@tonic-gate isshadow = 1; 2697c478bd9Sstevel@tonic-gate 2707c478bd9Sstevel@tonic-gate /* sanity checks */ 2717c478bd9Sstevel@tonic-gate if (stat(temp, &sbuf) < 0) { 2727c478bd9Sstevel@tonic-gate (void)fprintf(stderr, 2737c478bd9Sstevel@tonic-gate "vipw: can't stat %s file, %s unchanged\n", 2747c478bd9Sstevel@tonic-gate temp, orig); 2757c478bd9Sstevel@tonic-gate return(1); 2767c478bd9Sstevel@tonic-gate } 2777c478bd9Sstevel@tonic-gate *mtime = sbuf.st_mtime; 2787c478bd9Sstevel@tonic-gate if (sbuf.st_size == 0) { 2797c478bd9Sstevel@tonic-gate (void)fprintf(stderr, "vipw: bad %s file, %s unchanged\n", 2807c478bd9Sstevel@tonic-gate temp, orig); 2817c478bd9Sstevel@tonic-gate return(1); 2827c478bd9Sstevel@tonic-gate } 2837c478bd9Sstevel@tonic-gate ft = fopen(temp, "r"); 2847c478bd9Sstevel@tonic-gate if (ft == NULL) { 2857c478bd9Sstevel@tonic-gate (void)fprintf(stderr, 2867c478bd9Sstevel@tonic-gate "vipw: can't reopen %s file, %s unchanged\n", 2877c478bd9Sstevel@tonic-gate temp, orig); 2887c478bd9Sstevel@tonic-gate return(1); 2897c478bd9Sstevel@tonic-gate } 2907c478bd9Sstevel@tonic-gate 2917c478bd9Sstevel@tonic-gate while (fgets(buf, sizeof (buf) - 1, ft) != NULL) { 292956e8222Scf46844 char *cp; 2937c478bd9Sstevel@tonic-gate 2947c478bd9Sstevel@tonic-gate cp = index(buf, '\n'); 2957c478bd9Sstevel@tonic-gate if (cp == 0) 2967c478bd9Sstevel@tonic-gate continue; /* ??? allow very long lines 2977c478bd9Sstevel@tonic-gate * and passwd files that do 2987c478bd9Sstevel@tonic-gate * not end in '\n' ??? 2997c478bd9Sstevel@tonic-gate */ 3007c478bd9Sstevel@tonic-gate *cp = '\0'; 3017c478bd9Sstevel@tonic-gate 3027c478bd9Sstevel@tonic-gate cp = index(buf, ':'); 3037c478bd9Sstevel@tonic-gate if (cp == 0) /* lines without colon 3047c478bd9Sstevel@tonic-gate * separated fields 3057c478bd9Sstevel@tonic-gate */ 3067c478bd9Sstevel@tonic-gate continue; 3077c478bd9Sstevel@tonic-gate *cp = '\0'; 3087c478bd9Sstevel@tonic-gate 3097c478bd9Sstevel@tonic-gate if (strcmp(buf, "root")) 3107c478bd9Sstevel@tonic-gate continue; 3117c478bd9Sstevel@tonic-gate 3127c478bd9Sstevel@tonic-gate /* root password */ 3137c478bd9Sstevel@tonic-gate *cp = ':'; 3147c478bd9Sstevel@tonic-gate cp = index(cp + 1, ':'); 3157c478bd9Sstevel@tonic-gate if (cp == 0) 3167c478bd9Sstevel@tonic-gate goto bad_root; 3177c478bd9Sstevel@tonic-gate 3187c478bd9Sstevel@tonic-gate /* root uid for password */ 3197c478bd9Sstevel@tonic-gate if (!isshadow) 3207c478bd9Sstevel@tonic-gate if (atoi(cp + 1) != 0) { 3217c478bd9Sstevel@tonic-gate 3227c478bd9Sstevel@tonic-gate (void)fprintf(stderr, "root UID != 0:\n%s\n", 3237c478bd9Sstevel@tonic-gate buf); 3247c478bd9Sstevel@tonic-gate break; 3257c478bd9Sstevel@tonic-gate } 3267c478bd9Sstevel@tonic-gate /* root uid for passwd and sp_lstchg for shadow */ 3277c478bd9Sstevel@tonic-gate cp = index(cp + 1, ':'); 3287c478bd9Sstevel@tonic-gate if (cp == 0) 3297c478bd9Sstevel@tonic-gate goto bad_root; 3307c478bd9Sstevel@tonic-gate 3317c478bd9Sstevel@tonic-gate /* root's gid for passwd and sp_min for shadow*/ 3327c478bd9Sstevel@tonic-gate cp = index(cp + 1, ':'); 3337c478bd9Sstevel@tonic-gate if (cp == 0) 3347c478bd9Sstevel@tonic-gate goto bad_root; 3357c478bd9Sstevel@tonic-gate 3367c478bd9Sstevel@tonic-gate /* root's gecos for passwd and sp_max for shadow*/ 3377c478bd9Sstevel@tonic-gate cp = index(cp + 1, ':'); 3387c478bd9Sstevel@tonic-gate if (isshadow) { 3397c478bd9Sstevel@tonic-gate for (i=0; i<3; i++) 3407c478bd9Sstevel@tonic-gate if ((cp = index(cp + 1, ':')) == 0) 3417c478bd9Sstevel@tonic-gate goto bad_root; 3427c478bd9Sstevel@tonic-gate } else { 3437c478bd9Sstevel@tonic-gate if (cp == 0) { 3447c478bd9Sstevel@tonic-gate bad_root: (void)fprintf(stderr, 3457c478bd9Sstevel@tonic-gate "Missing fields in root entry:\n%s\n", buf); 3467c478bd9Sstevel@tonic-gate break; 3477c478bd9Sstevel@tonic-gate } 3487c478bd9Sstevel@tonic-gate } 3497c478bd9Sstevel@tonic-gate if (!isshadow) { 3507c478bd9Sstevel@tonic-gate /* root's login directory */ 351*622200adScf46844 ldir = ++cp; 352*622200adScf46844 cp = index(cp, ':'); 353*622200adScf46844 if (cp == 0) 354*622200adScf46844 goto bad_root; 355*622200adScf46844 *cp = '\0'; 356*622200adScf46844 if (stat(ldir, &statbuf) < 0) { 357*622200adScf46844 *cp = ':'; 3587c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 359*622200adScf46844 "root login dir doesn't exist:\n%s\n", 360*622200adScf46844 buf); 361*622200adScf46844 break; 362*622200adScf46844 } else if (!S_ISDIR(statbuf.st_mode)) { 363*622200adScf46844 *cp = ':'; 364*622200adScf46844 (void) fprintf(stderr, 365*622200adScf46844 "root login dir is not a directory:\n%s\n", 366*622200adScf46844 buf); 3677c478bd9Sstevel@tonic-gate break; 3687c478bd9Sstevel@tonic-gate } 3697c478bd9Sstevel@tonic-gate 370*622200adScf46844 *cp = ':'; 3717c478bd9Sstevel@tonic-gate /* root's login shell */ 372*622200adScf46844 ++cp; 3737c478bd9Sstevel@tonic-gate if (*cp && ! validsh(cp)) { 3747c478bd9Sstevel@tonic-gate (void)fprintf(stderr, 3757c478bd9Sstevel@tonic-gate "Invalid root shell:\n%s\n", buf); 3767c478bd9Sstevel@tonic-gate break; 3777c478bd9Sstevel@tonic-gate } 3787c478bd9Sstevel@tonic-gate } 3797c478bd9Sstevel@tonic-gate 3807c478bd9Sstevel@tonic-gate ok++; 3817c478bd9Sstevel@tonic-gate } 3827c478bd9Sstevel@tonic-gate (void)fclose(ft); 3837c478bd9Sstevel@tonic-gate if (ok) 3847c478bd9Sstevel@tonic-gate return(0); 3857c478bd9Sstevel@tonic-gate else { 3867c478bd9Sstevel@tonic-gate (void)fprintf(stderr, 3877c478bd9Sstevel@tonic-gate "vipw: you mangled the %s file, %s unchanged\n", 3887c478bd9Sstevel@tonic-gate temp, orig); 3897c478bd9Sstevel@tonic-gate return(1); 3907c478bd9Sstevel@tonic-gate } 3917c478bd9Sstevel@tonic-gate } 392