[1765] | 1 | /* vi: set sw=4 ts=4: */
|
---|
| 2 | /*
|
---|
| 3 | * chpasswd.c
|
---|
| 4 | *
|
---|
| 5 | * Written for SLIND (from passwd.c) by Alexander Shishkin <virtuoso@slind.org>
|
---|
[2725] | 6 | * Licensed under GPLv2 or later, see file LICENSE in this source tree.
|
---|
[1765] | 7 | */
|
---|
| 8 | #include "libbb.h"
|
---|
| 9 |
|
---|
[3232] | 10 | //usage:#define chpasswd_trivial_usage
|
---|
| 11 | //usage: IF_LONG_OPTS("[--md5|--encrypted]") IF_NOT_LONG_OPTS("[-m|-e]")
|
---|
| 12 | //usage:#define chpasswd_full_usage "\n\n"
|
---|
| 13 | //usage: "Read user:password from stdin and update /etc/passwd\n"
|
---|
| 14 | //usage: IF_LONG_OPTS(
|
---|
| 15 | //usage: "\n -e,--encrypted Supplied passwords are in encrypted form"
|
---|
| 16 | //usage: "\n -m,--md5 Use MD5 encryption instead of DES"
|
---|
| 17 | //usage: )
|
---|
| 18 | //usage: IF_NOT_LONG_OPTS(
|
---|
| 19 | //usage: "\n -e Supplied passwords are in encrypted form"
|
---|
| 20 | //usage: "\n -m Use MD5 encryption instead of DES"
|
---|
| 21 | //usage: )
|
---|
| 22 |
|
---|
| 23 | //TODO: implement -c ALGO
|
---|
| 24 |
|
---|
[2725] | 25 | #if ENABLE_LONG_OPTS
|
---|
[1765] | 26 | static const char chpasswd_longopts[] ALIGN1 =
|
---|
| 27 | "encrypted\0" No_argument "e"
|
---|
| 28 | "md5\0" No_argument "m"
|
---|
| 29 | ;
|
---|
| 30 | #endif
|
---|
| 31 |
|
---|
[2725] | 32 | #define OPT_ENC 1
|
---|
| 33 | #define OPT_MD5 2
|
---|
[1765] | 34 |
|
---|
[2725] | 35 | int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
|
---|
| 36 | int chpasswd_main(int argc UNUSED_PARAM, char **argv)
|
---|
[1765] | 37 | {
|
---|
[3232] | 38 | char *name;
|
---|
| 39 | int opt;
|
---|
[1765] | 40 |
|
---|
[3232] | 41 | if (getuid() != 0)
|
---|
[1765] | 42 | bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
|
---|
| 43 |
|
---|
| 44 | opt_complementary = "m--e:e--m";
|
---|
[2725] | 45 | IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
|
---|
[1765] | 46 | opt = getopt32(argv, "em");
|
---|
| 47 |
|
---|
[2725] | 48 | while ((name = xmalloc_fgetline(stdin)) != NULL) {
|
---|
[3232] | 49 | char *free_me;
|
---|
| 50 | char *pass;
|
---|
| 51 | int rc;
|
---|
| 52 |
|
---|
[1765] | 53 | pass = strchr(name, ':');
|
---|
| 54 | if (!pass)
|
---|
| 55 | bb_error_msg_and_die("missing new password");
|
---|
| 56 | *pass++ = '\0';
|
---|
| 57 |
|
---|
| 58 | xuname2uid(name); /* dies if there is no such user */
|
---|
| 59 |
|
---|
[3232] | 60 | free_me = NULL;
|
---|
[1765] | 61 | if (!(opt & OPT_ENC)) {
|
---|
[3232] | 62 | char salt[sizeof("$N$XXXXXXXX")];
|
---|
| 63 |
|
---|
| 64 | crypt_make_salt(salt, 1);
|
---|
[1765] | 65 | if (opt & OPT_MD5) {
|
---|
[3232] | 66 | salt[0] = '$';
|
---|
| 67 | salt[1] = '1';
|
---|
| 68 | salt[2] = '$';
|
---|
| 69 | crypt_make_salt(salt + 3, 4);
|
---|
[1765] | 70 | }
|
---|
[3232] | 71 | free_me = pass = pw_encrypt(pass, salt, 0);
|
---|
[1765] | 72 | }
|
---|
| 73 |
|
---|
| 74 | /* This is rather complex: if user is not found in /etc/shadow,
|
---|
| 75 | * we try to find & change his passwd in /etc/passwd */
|
---|
| 76 | #if ENABLE_FEATURE_SHADOWPASSWDS
|
---|
[2725] | 77 | rc = update_passwd(bb_path_shadow_file, name, pass, NULL);
|
---|
[3232] | 78 | if (rc > 0) /* password in /etc/shadow was updated */
|
---|
| 79 | pass = (char*)"x";
|
---|
| 80 | if (rc >= 0)
|
---|
| 81 | /* 0 = /etc/shadow missing (not an error), >0 = passwd changed in /etc/shadow */
|
---|
[1765] | 82 | #endif
|
---|
[2725] | 83 | rc = update_passwd(bb_path_passwd_file, name, pass, NULL);
|
---|
[1765] | 84 | /* LOGMODE_BOTH logs to syslog also */
|
---|
| 85 | logmode = LOGMODE_BOTH;
|
---|
| 86 | if (rc < 0)
|
---|
| 87 | bb_error_msg_and_die("an error occurred updating password for %s", name);
|
---|
| 88 | if (rc)
|
---|
| 89 | bb_info_msg("Password for '%s' changed", name);
|
---|
| 90 | logmode = LOGMODE_STDIO;
|
---|
| 91 | free(name);
|
---|
[3232] | 92 | free(free_me);
|
---|
[1765] | 93 | }
|
---|
[2725] | 94 | return EXIT_SUCCESS;
|
---|
[1765] | 95 | }
|
---|