aboutsummaryrefslogtreecommitdiff
path: root/libbb/update_passwd.c
diff options
context:
space:
mode:
Diffstat (limited to 'libbb/update_passwd.c')
-rw-r--r--libbb/update_passwd.c153
1 files changed, 153 insertions, 0 deletions
diff --git a/libbb/update_passwd.c b/libbb/update_passwd.c
new file mode 100644
index 0000000..88bc28c
--- /dev/null
+++ b/libbb/update_passwd.c
@@ -0,0 +1,153 @@
+/* vi: set sw=4 ts=4: */
+/*
+ * update_passwd
+ *
+ * update_passwd is a common function for passwd and chpasswd applets;
+ * it is responsible for updating password file (i.e. /etc/passwd or
+ * /etc/shadow) for a given user and password.
+ *
+ * Moved from loginutils/passwd.c by Alexander Shishkin <virtuoso@slind.org>
+ */
+
+#include "libbb.h"
+
+#if ENABLE_SELINUX
+static void check_selinux_update_passwd(const char *username)
+{
+ security_context_t context;
+ char *seuser;
+
+ if (getuid() != (uid_t)0 || is_selinux_enabled() == 0)
+ return; /* No need to check */
+
+ if (getprevcon_raw(&context) < 0)
+ bb_perror_msg_and_die("getprevcon failed");
+ seuser = strtok(context, ":");
+ if (!seuser)
+ bb_error_msg_and_die("invalid context '%s'", context);
+ if (strcmp(seuser, username) != 0) {
+ if (checkPasswdAccess(PASSWD__PASSWD) != 0)
+ bb_error_msg_and_die("SELinux: access denied");
+ }
+ if (ENABLE_FEATURE_CLEAN_UP)
+ freecon(context);
+}
+#else
+#define check_selinux_update_passwd(username) ((void)0)
+#endif
+
+int FAST_FUNC update_passwd(const char *filename, const char *username,
+ const char *new_pw)
+{
+ struct stat sb;
+ struct flock lock;
+ FILE *old_fp;
+ FILE *new_fp;
+ char *fnamesfx;
+ char *sfx_char;
+ unsigned user_len;
+ int old_fd;
+ int new_fd;
+ int i;
+ int cnt = 0;
+ int ret = -1; /* failure */
+
+ filename = xmalloc_follow_symlinks(filename);
+ if (filename == NULL)
+ return -1;
+
+ check_selinux_update_passwd(username);
+
+ /* New passwd file, "/etc/passwd+" for now */
+ fnamesfx = xasprintf("%s+", filename);
+ sfx_char = &fnamesfx[strlen(fnamesfx)-1];
+ username = xasprintf("%s:", username);
+ user_len = strlen(username);
+
+ old_fp = fopen(filename, "r+");
+ if (!old_fp)
+ goto free_mem;
+ old_fd = fileno(old_fp);
+
+ selinux_preserve_fcontext(old_fd);
+
+ /* Try to create "/etc/passwd+". Wait if it exists. */
+ i = 30;
+ do {
+ // FIXME: on last iteration try w/o O_EXCL but with O_TRUNC?
+ new_fd = open(fnamesfx, O_WRONLY|O_CREAT|O_EXCL, 0600);
+ if (new_fd >= 0) goto created;
+ if (errno != EEXIST) break;
+ usleep(100000); /* 0.1 sec */
+ } while (--i);
+ bb_perror_msg("cannot create '%s'", fnamesfx);
+ goto close_old_fp;
+
+ created:
+ if (!fstat(old_fd, &sb)) {
+ fchmod(new_fd, sb.st_mode & 0777); /* ignore errors */
+ fchown(new_fd, sb.st_uid, sb.st_gid);
+ }
+ new_fp = fdopen(new_fd, "w");
+ if (!new_fp) {
+ close(new_fd);
+ goto unlink_new;
+ }
+
+ /* Backup file is "/etc/passwd-" */
+ *sfx_char = '-';
+ /* Delete old backup */
+ i = (unlink(fnamesfx) && errno != ENOENT);
+ /* Create backup as a hardlink to current */
+ if (i || link(filename, fnamesfx))
+ bb_perror_msg("warning: cannot create backup copy '%s'", fnamesfx);
+ *sfx_char = '+';
+
+ /* Lock the password file before updating */
+ lock.l_type = F_WRLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = 0;
+ lock.l_len = 0;
+ if (fcntl(old_fd, F_SETLK, &lock) < 0)
+ bb_perror_msg("warning: cannot lock '%s'", filename);
+ lock.l_type = F_UNLCK;
+
+ /* Read current password file, write updated /etc/passwd+ */
+ while (1) {
+ char *line = xmalloc_fgets(old_fp);
+ if (!line) break; /* EOF/error */
+ if (strncmp(username, line, user_len) == 0) {
+ /* we have a match with "username:"... */
+ const char *cp = line + user_len;
+ /* now cp -> old passwd, skip it: */
+ cp = strchrnul(cp, ':');
+ /* now cp -> ':' after old passwd or -> "" */
+ fprintf(new_fp, "%s%s%s", username, new_pw, cp);
+ cnt++;
+ } else
+ fputs(line, new_fp);
+ free(line);
+ }
+ fcntl(old_fd, F_SETLK, &lock);
+
+ /* We do want all of them to execute, thus | instead of || */
+ if ((ferror(old_fp) | fflush(new_fp) | fsync(new_fd) | fclose(new_fp))
+ || rename(fnamesfx, filename)
+ ) {
+ /* At least one of those failed */
+ goto unlink_new;
+ }
+ ret = cnt; /* whee, success! */
+
+ unlink_new:
+ if (ret < 0) unlink(fnamesfx);
+
+ close_old_fp:
+ fclose(old_fp);
+
+ free_mem:
+ free(fnamesfx);
+ free((char *)filename);
+ free((char *)username);
+ return ret;
+}