Add a `-p' option, allowing the super-user to directly set a user's

encrypted password.  Kerberized `login' might use this, if I get around
to implementing the complete Allspice System behavior.
This commit is contained in:
Garrett Wollman 1995-01-14 23:14:25 +00:00
parent 758f3a64bd
commit 0e10ef2ea0
2 changed files with 31 additions and 7 deletions

View File

@ -40,10 +40,13 @@
.Sh SYNOPSIS
chpass
.Op Fl a Ar list
.Op Fl p Ar encpass
.Op Fl s Ar newshell
.Op user
.Sh DESCRIPTION
.Nm Chpass
The
.Nm chpass
program
allows editing of the user database information associated
with
.Ar user
@ -61,6 +64,11 @@ entry, in the format specified by
as an argument.
This argument must be a colon (``:'') separated list of all the
user database fields, although they may be empty.
.It Fl p
The super-user is allowed to directly supply an encrypted password field,
in the format used by
.Xr crypt 3 ,
as an argument.
.It Fl s
The
.Fl s

View File

@ -38,7 +38,9 @@ static char copyright[] =
#endif /* not lint */
#ifndef lint
static char sccsid[] = "@(#)chpass.c 8.4 (Berkeley) 4/2/94";
static char sccsid[] = "From: @(#)chpass.c 8.4 (Berkeley) 4/2/94";
static char rcsid[] =
"$Id$";
#endif /* not lint */
#include <sys/param.h>
@ -76,13 +78,13 @@ main(argc, argv)
int argc;
char **argv;
{
enum { NEWSH, LOADENTRY, EDITENTRY } op;
enum { NEWSH, LOADENTRY, EDITENTRY, NEWPW } op;
struct passwd *pw, lpw;
int ch, pfd, tfd;
char *arg;
op = EDITENTRY;
while ((ch = getopt(argc, argv, "a:s:")) != EOF)
while ((ch = getopt(argc, argv, "a:p:s:")) != EOF)
switch(ch) {
case 'a':
op = LOADENTRY;
@ -92,6 +94,10 @@ main(argc, argv)
op = NEWSH;
arg = optarg;
break;
case 'p':
op = NEWPW;
arg = optarg;
break;
case '?':
default:
usage();
@ -101,7 +107,7 @@ main(argc, argv)
uid = getuid();
if (op == EDITENTRY || op == NEWSH)
if (op == EDITENTRY || op == NEWSH || op == NEWPW)
switch(argc) {
case 0:
if (!(pw = getpwuid(uid)))
@ -133,6 +139,16 @@ main(argc, argv)
exit(1);
}
if (op == NEWPW) {
if (uid)
baduser();
if(strchr(arg, ':')) {
errx(1, "invalid format for password");
}
pw->pw_passwd = arg;
}
/*
* The temporary file/file descriptor usage is a little tricky here.
* 1: We start off with two fd's, one for the master password
@ -179,7 +195,6 @@ main(argc, argv)
void
baduser()
{
errx(1, "%s", strerror(EACCES));
}
@ -187,6 +202,7 @@ void
usage()
{
(void)fprintf(stderr, "usage: chpass [-a list] [-s shell] [user]\n");
(void)fprintf(stderr,
"usage: chpass [-a list] [-p encpass] [-s shell] [user]\n");
exit(1);
}