33 Commits

Author SHA1 Message Date
Pedro F. Giffuni
5e53a4f90f lib: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-26 02:00:33 +00:00
Pedro F. Giffuni
efa8af7c73 lib: initial use of reallocarray(3).
Make some use of reallocarray, attempting to limit it to cases where the
parameters are unsigned and there is some theoretical chance of overflow.

MFC afer:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D9980
2017-04-21 19:27:33 +00:00
Dag-Erling Smørgrav
e68bca507d Use malloc()ed buffers instead of stack buffers in gr_copy() and pw_copy().
This allows pw(8) to operate on passwd and group files with longer lines
than could be accomodated by a stack buffer.  It doesn't take more than a
few hundred users to exceed 8192 bytes in /etc/group.

MFC after:	3 weeks
Sponsored by:	The University of Oslo
2016-11-28 21:00:19 +00:00
Alan Somers
cbaba16b23 Speed up pw operations that edit /etc/group or /etc/passwd
r285050 fixed a bug in pw that could lead to /etc/passwd or /etc/group
corruption on power loss. However, it fixed it by opening those files with
O_SYNC, which is very slow, especially on ZFS. This change replaces O_SYNC
with appropriately placed fsync()s instead, which is much faster. Using a
ZFS tmpdir, the time to run pw's kyua tests drops from 245s to 35s.

Reviewed by:	allanjude, bapt, vangyzen, garga
Tested on pfSense by:	garga
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D8319
2016-11-18 16:07:08 +00:00
Renato Botelho
d32a66b2a2 When passwd or group information is changed (by pw, vipw, chpass, ...)
temporary file is created and then a rename() call move it to official file.
This operation didn't have any check to make sure data was written to disk
and if a power cycle happens system could end up with a 0 length passwd
or group database.

There is a pfSense bug with more infor about it:

https://redmine.pfsense.org/issues/4523

The following changes were made to protect passwd and group operations:

* lib/libutil/gr_util.c:
 - Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
 - After rename(), fsync() call on directory for faster result

* lib/libutil/pw_util.c
 - Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file

* usr.sbin/pwd_mkdb/pwd_mkdb.c
 - Added O_SYNC flag on dbopen() calls
 - After rename(), fsync() call on directory for faster result

* lib/libutil/pw_util.3
 - pw_lock() returns a file descriptor to master password file on success

Differential Revision:	https://reviews.freebsd.org/D2978
Approved by:	bapt
Sponsored by:	Netgate
2015-07-02 17:30:59 +00:00
Mark Johnston
f8c8839091 gr_equal(): Fix a crash that could occur if the first group's member list
was longer than the second's. There is no need to compute and compare the
member list lengths in a separate pass, since we now just return false when
comparing member names if the list lengths are not equal.

MFC after:	2 weeks
2015-01-25 00:47:06 +00:00
Baptiste Daroussin
6e6c53f063 Fix renaming a group via the gr_copy function
Add a regression test to pw(8) because the bug was discovered via using:
pw groupmod

PR:		187189
Reported by:	mcdouga9@egr.msu.edu
Tested by:	mcdouga9@egr.msu.edu
Patch by:	Marc de la Gueronniere
2014-10-28 16:27:29 +00:00
Diane Bruce
5e87983769 commit correct tested fix for gr_util.c
Approved by:	theraven
2013-03-09 13:30:06 +00:00
Diane Bruce
86e2f99d40 Cleanup gr_add() so it does not leak mem
This is part of ongoing work on sbin/pw

M    libutil.h
M    gr_util.c

Approved by:	theraven
2013-03-07 19:00:00 +00:00
Mateusz Guzik
08ecf0cc41 libutil: fix typo in comment for gr_fini.
Submitted by:	Christoph Mallon <christoph.mallon gmx.de>
2013-01-13 22:08:18 +00:00
Mateusz Guzik
49013fb476 libutil: utilize strsep instead of strcat in a loop in gr_make
Submitted by:	Christoph Mallon <christoph.mallon gmx.de>
2013-01-13 21:28:47 +00:00
Mateusz Guzik
fe75b0f0e5 libutil: move group_line_format into the scop of its only user.
Submitted by:	Christoph Mallon <christoph.mallon gmx.de>
2013-01-13 21:26:57 +00:00
Mateusz Guzik
29365f023a libutil: eliminate 'found' variable in gr_equal
Submitted by:	Christoph Mallon <christoph.mallon gmx.de>
2013-01-13 21:25:43 +00:00
Baptiste Daroussin
7780953ee4 Simplify pointing dst after the end of all the gr_mem pointers in newgr
Submitted by:	pjd
Reviewed by:	db
2012-12-28 20:44:10 +00:00
Baptiste Daroussin
fe390747e4 errno = ENOMEM was supposed to be removed not return (NULL);
Submitted by:	gcooper
2012-12-28 20:30:04 +00:00
Baptiste Daroussin
d00489b70f malloc() sets errno to ENOMEM already.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
2012-12-28 20:21:14 +00:00
Baptiste Daroussin
167145a17d Do not leave parts of the new group uninitialized in gr_dup().
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
Reported by:	pjd
2012-12-28 20:19:54 +00:00
Baptiste Daroussin
5019747579 avoid arithmetic on uintptr_t
Submitted by:	pjd
Reviewed by:	jilles
2012-12-27 20:47:34 +00:00
Baptiste Daroussin
7d90019877 cast to uintptr_t to properly calculate offset
Reported by:	mdf
Submitted by:	db
2012-12-27 20:31:12 +00:00
Baptiste Daroussin
ede89d5db2 Add O_CLOEXEC to flopen
Requested by:	jilles
2012-12-27 20:24:44 +00:00
Baptiste Daroussin
1067c64a19 gr_dup: simplify duplication of group
Submitted by:	db
2012-12-27 19:33:43 +00:00
Baptiste Daroussin
2bfeb4fe75 - Clean up previous gr_add use malloc instead of calloc
- Fix tinderbox error

Submitted by:	db
2012-12-27 16:51:29 +00:00
Baptiste Daroussin
be49c83011 New gr_add function to provide a clean and safe method to append a new member
into an existing group.

Submitted by:	db
2012-12-27 14:30:19 +00:00
Baptiste Daroussin
98e79fb122 Use flopen(3) instead of open(2) + flock(2) 2012-12-27 14:09:50 +00:00
Baptiste Daroussin
09259e6c48 only rename(2) after chmod(2) has succeed
report error if chmod(2) fails

Reported by:	jh
2012-11-20 14:03:09 +00:00
Baptiste Daroussin
2d2b6ad74d change mode the group file to 0644 after a successfull rename(2) 2012-11-20 07:22:07 +00:00
Baptiste Daroussin
b3d9795c98 backout r242319, racy and not done in the right place
Reported by:	Garrett Cooper  <yanegomi@gmail.com>
2012-10-29 18:06:09 +00:00
Baptiste Daroussin
29e575503c make pw_init and gr_init fail if the specified master password or group file is
a directory.

MFC after:	1 month
2012-10-29 17:19:43 +00:00
Baptiste Daroussin
1926f2f6fa Modify pw_copy:
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user

add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.

Reviewed by:	des
Approved by:	des
MFC after:	1 month
2011-12-15 22:07:36 +00:00
Sean Farley
0dd84a53d7 Remove a dead store.
MFC after:	5 days
2009-12-12 00:11:40 +00:00
Sean Farley
805da51abd Fixed style issues with variable ordering and naming, spacing and
parentheses.

Fixed alignment issue in gr_dup() in its assignment of gr_mem using a
struct to force alignment without performing alignment mathematics.  This
was noticed recently with libutil was built with WARNS=6 on platform such
as sparc64.

Added checks to gr_dup(), gr_equal() and gr_make() to prevent segfaults
when examining struct group's with the struct members pointing to NULL's.

With fix of alignment issue, restore WARNS?=6.

Reviewed by:	des
MFC after:	1 week
2008-11-23 23:26:12 +00:00
Sean Farley
a06717238c style(9) fixes.
MFC after:	1 week
2008-11-11 00:32:55 +00:00
Sean Farley
0b5e889911 Add four utility functions related to struct grp processing modeled in-part
after similar calls related to struct pwd in libutil/pw_util.c:
  - gr_equal()
    Perform a deep comparison of two struct grp's.  It does a thorough, yet
    unoptimized comparison of all the members regardless of order.

  - gr_make()
    Create a string (see group(5)) from a struct grp.

  - gr_dup()
    Duplicate a struct grp.  Returns a value that is a single contiguous
    block of memory.

  - gr_scan()
    Create a struct grp from a string (as produced by gr_make()).

MFC after:	3 weeks
2008-04-23 00:49:13 +00:00