2007-07-21 02:59:49 +05:30
|
|
|
/* vi: set sw=4 ts=4: */
|
|
|
|
/*
|
|
|
|
* update_passwd
|
|
|
|
*
|
|
|
|
* update_passwd is a common function for passwd and chpasswd applets;
|
|
|
|
* it is responsible for updating password file (i.e. /etc/passwd or
|
|
|
|
* /etc/shadow) for a given user and password.
|
|
|
|
*
|
|
|
|
* Moved from loginutils/passwd.c by Alexander Shishkin <virtuoso@slind.org>
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "libbb.h"
|
|
|
|
|
2007-10-20 07:30:49 +05:30
|
|
|
#if ENABLE_SELINUX
|
|
|
|
static void check_selinux_update_passwd(const char *username)
|
|
|
|
{
|
|
|
|
security_context_t context;
|
|
|
|
char *seuser;
|
|
|
|
|
|
|
|
if (getuid() != (uid_t)0 || is_selinux_enabled() == 0)
|
|
|
|
return; /* No need to check */
|
|
|
|
|
|
|
|
if (getprevcon_raw(&context) < 0)
|
|
|
|
bb_perror_msg_and_die("getprevcon failed");
|
|
|
|
seuser = strtok(context, ":");
|
|
|
|
if (!seuser)
|
|
|
|
bb_error_msg_and_die("invalid context '%s'", context);
|
|
|
|
if (strcmp(seuser, username) != 0) {
|
|
|
|
if (checkPasswdAccess(PASSWD__PASSWD) != 0)
|
|
|
|
bb_error_msg_and_die("SELinux: access denied");
|
|
|
|
}
|
|
|
|
if (ENABLE_FEATURE_CLEAN_UP)
|
|
|
|
freecon(context);
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
#define check_selinux_update_passwd(username) ((void)0)
|
|
|
|
#endif
|
|
|
|
|
2008-06-27 08:22:20 +05:30
|
|
|
int FAST_FUNC update_passwd(const char *filename, const char *username,
|
2007-07-21 02:59:49 +05:30
|
|
|
const char *new_pw)
|
|
|
|
{
|
|
|
|
struct stat sb;
|
|
|
|
struct flock lock;
|
|
|
|
FILE *old_fp;
|
|
|
|
FILE *new_fp;
|
2007-07-21 18:55:28 +05:30
|
|
|
char *fnamesfx;
|
|
|
|
char *sfx_char;
|
2007-07-21 02:59:49 +05:30
|
|
|
unsigned user_len;
|
|
|
|
int old_fd;
|
|
|
|
int new_fd;
|
|
|
|
int i;
|
|
|
|
int cnt = 0;
|
2007-07-21 18:55:28 +05:30
|
|
|
int ret = -1; /* failure */
|
2007-07-21 02:59:49 +05:30
|
|
|
|
2007-11-09 01:30:36 +05:30
|
|
|
filename = xmalloc_follow_symlinks(filename);
|
2007-11-08 06:42:38 +05:30
|
|
|
if (filename == NULL)
|
|
|
|
return -1;
|
|
|
|
|
2007-10-20 07:30:49 +05:30
|
|
|
check_selinux_update_passwd(username);
|
|
|
|
|
2007-07-21 02:59:49 +05:30
|
|
|
/* New passwd file, "/etc/passwd+" for now */
|
2007-07-21 18:55:28 +05:30
|
|
|
fnamesfx = xasprintf("%s+", filename);
|
|
|
|
sfx_char = &fnamesfx[strlen(fnamesfx)-1];
|
2007-07-21 02:59:49 +05:30
|
|
|
username = xasprintf("%s:", username);
|
|
|
|
user_len = strlen(username);
|
|
|
|
|
|
|
|
old_fp = fopen(filename, "r+");
|
|
|
|
if (!old_fp)
|
|
|
|
goto free_mem;
|
|
|
|
old_fd = fileno(old_fp);
|
|
|
|
|
2007-10-20 07:30:49 +05:30
|
|
|
selinux_preserve_fcontext(old_fd);
|
|
|
|
|
2007-07-21 02:59:49 +05:30
|
|
|
/* Try to create "/etc/passwd+". Wait if it exists. */
|
|
|
|
i = 30;
|
|
|
|
do {
|
|
|
|
// FIXME: on last iteration try w/o O_EXCL but with O_TRUNC?
|
2007-07-21 18:55:28 +05:30
|
|
|
new_fd = open(fnamesfx, O_WRONLY|O_CREAT|O_EXCL, 0600);
|
2007-07-21 02:59:49 +05:30
|
|
|
if (new_fd >= 0) goto created;
|
|
|
|
if (errno != EEXIST) break;
|
|
|
|
usleep(100000); /* 0.1 sec */
|
|
|
|
} while (--i);
|
2007-07-21 18:55:28 +05:30
|
|
|
bb_perror_msg("cannot create '%s'", fnamesfx);
|
2007-07-21 02:59:49 +05:30
|
|
|
goto close_old_fp;
|
|
|
|
|
|
|
|
created:
|
|
|
|
if (!fstat(old_fd, &sb)) {
|
|
|
|
fchmod(new_fd, sb.st_mode & 0777); /* ignore errors */
|
|
|
|
fchown(new_fd, sb.st_uid, sb.st_gid);
|
|
|
|
}
|
|
|
|
new_fp = fdopen(new_fd, "w");
|
|
|
|
if (!new_fp) {
|
|
|
|
close(new_fd);
|
|
|
|
goto unlink_new;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Backup file is "/etc/passwd-" */
|
2007-07-21 18:55:28 +05:30
|
|
|
*sfx_char = '-';
|
|
|
|
/* Delete old backup */
|
|
|
|
i = (unlink(fnamesfx) && errno != ENOENT);
|
|
|
|
/* Create backup as a hardlink to current */
|
|
|
|
if (i || link(filename, fnamesfx))
|
|
|
|
bb_perror_msg("warning: cannot create backup copy '%s'", fnamesfx);
|
|
|
|
*sfx_char = '+';
|
2007-07-21 02:59:49 +05:30
|
|
|
|
|
|
|
/* Lock the password file before updating */
|
|
|
|
lock.l_type = F_WRLCK;
|
|
|
|
lock.l_whence = SEEK_SET;
|
|
|
|
lock.l_start = 0;
|
|
|
|
lock.l_len = 0;
|
|
|
|
if (fcntl(old_fd, F_SETLK, &lock) < 0)
|
|
|
|
bb_perror_msg("warning: cannot lock '%s'", filename);
|
|
|
|
lock.l_type = F_UNLCK;
|
|
|
|
|
2007-07-21 18:55:28 +05:30
|
|
|
/* Read current password file, write updated /etc/passwd+ */
|
2007-07-21 02:59:49 +05:30
|
|
|
while (1) {
|
|
|
|
char *line = xmalloc_fgets(old_fp);
|
|
|
|
if (!line) break; /* EOF/error */
|
|
|
|
if (strncmp(username, line, user_len) == 0) {
|
|
|
|
/* we have a match with "username:"... */
|
|
|
|
const char *cp = line + user_len;
|
|
|
|
/* now cp -> old passwd, skip it: */
|
2007-07-21 18:55:28 +05:30
|
|
|
cp = strchrnul(cp, ':');
|
2007-07-21 02:59:49 +05:30
|
|
|
/* now cp -> ':' after old passwd or -> "" */
|
|
|
|
fprintf(new_fp, "%s%s%s", username, new_pw, cp);
|
|
|
|
cnt++;
|
|
|
|
} else
|
|
|
|
fputs(line, new_fp);
|
|
|
|
free(line);
|
|
|
|
}
|
|
|
|
fcntl(old_fd, F_SETLK, &lock);
|
|
|
|
|
|
|
|
/* We do want all of them to execute, thus | instead of || */
|
|
|
|
if ((ferror(old_fp) | fflush(new_fp) | fsync(new_fd) | fclose(new_fp))
|
2007-07-21 18:55:28 +05:30
|
|
|
|| rename(fnamesfx, filename)
|
2007-07-21 02:59:49 +05:30
|
|
|
) {
|
|
|
|
/* At least one of those failed */
|
|
|
|
goto unlink_new;
|
|
|
|
}
|
|
|
|
ret = cnt; /* whee, success! */
|
|
|
|
|
|
|
|
unlink_new:
|
2007-07-21 18:55:28 +05:30
|
|
|
if (ret < 0) unlink(fnamesfx);
|
2007-07-21 02:59:49 +05:30
|
|
|
|
|
|
|
close_old_fp:
|
|
|
|
fclose(old_fp);
|
|
|
|
|
|
|
|
free_mem:
|
2007-07-21 18:55:28 +05:30
|
|
|
free(fnamesfx);
|
2007-11-08 06:42:38 +05:30
|
|
|
free((char *)filename);
|
|
|
|
free((char *)username);
|
2007-07-21 02:59:49 +05:30
|
|
|
return ret;
|
|
|
|
}
|