Remove the ypchfn/ypchsh stuff from passwd and leave just the
yppasswd support. The rest is moving into chpass.
This commit is contained in:
parent
d877befa37
commit
a3ce11a24d
@ -1,5 +1,5 @@
|
||||
# From: @(#)Makefile 8.3 (Berkeley) 4/2/94
|
||||
# $Id: Makefile,v 1.13.2.1 1995/06/07 05:52:05 jkh Exp $
|
||||
# $Id: Makefile,v 1.14 1995/06/11 19:32:12 rgrimes Exp $
|
||||
|
||||
PROG= passwd
|
||||
SRCS= local_passwd.c yp_passwd.c passwd.c pw_copy.c pw_util.c
|
||||
@ -12,9 +12,9 @@ CFLAGS+=-DCRYPT -DYP -I${.CURDIR} -I${.CURDIR}/../../usr.sbin/vipw \
|
||||
|
||||
BINOWN= root
|
||||
BINMODE=4555
|
||||
INSTALLFLAGS=-fschg
|
||||
MAN1=passwd.1 yppasswd.1
|
||||
MLINKS=yppasswd.1 ypchsh.1 yppasswd.1 ypchpass.1 yppasswd.1 ypchfn.1
|
||||
MAN1=passwd.1
|
||||
LINKS=${DESTDIR}${BINDIR}/passwd ${DESTDIR}${BINDIR}/yppasswd
|
||||
MLINKS=passwd.1 yppasswd.1
|
||||
|
||||
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_EBONES))
|
||||
SRCS+= kpasswd.c
|
||||
@ -29,10 +29,10 @@ LDADD= -lkadm -lkrb -ldes -lcrypt -lrpcsvc -lcom_err
|
||||
DISTRIBUTION= krb
|
||||
.endif
|
||||
|
||||
beforeinstall:
|
||||
[ ! -e ${DESTDIR}${BINDIR}/passwd ] || \
|
||||
chflags noschg ${DESTDIR}${BINDIR}/passwd
|
||||
afterinstall:
|
||||
ln -sf passwd ${DESTDIR}${BINDIR}/yppasswd
|
||||
ln -sf passwd ${DESTDIR}${BINDIR}/ypchsh
|
||||
ln -sf passwd ${DESTDIR}${BINDIR}/ypchfn
|
||||
ln -sf passwd ${DESTDIR}${BINDIR}/ypchpass
|
||||
chflags schg ${DESTDIR}${BINDIR}/passwd
|
||||
|
||||
.include <bsd.prog.mk>
|
||||
|
@ -82,8 +82,8 @@ getnewpasswd(pw, nis)
|
||||
char buf[_PASSWORD_LEN+1], salt[9];
|
||||
struct timeval tv;
|
||||
|
||||
(void)printf("Changing %s password for %s.\n", nis ? "YP" : "local",
|
||||
pw->pw_name);
|
||||
if (!nis)
|
||||
(void)printf("Changing local password for %s.\n", pw->pw_name);
|
||||
|
||||
if (uid && pw->pw_passwd[0] &&
|
||||
strcmp(crypt(getpass("Old password:"), pw->pw_passwd),
|
||||
|
@ -35,7 +35,7 @@
|
||||
.Dt PASSWD 1
|
||||
.Os BSD 4
|
||||
.Sh NAME
|
||||
.Nm passwd
|
||||
.Nm passwd, yppasswd
|
||||
.Nd modify a user's password
|
||||
.Sh SYNOPSIS
|
||||
.Nm passwd
|
||||
@ -77,6 +77,54 @@ followed by
|
||||
.Xr passwd 1 .
|
||||
The super-user is not required to provide a user's current password
|
||||
if only the local password is modified.
|
||||
.Sh NIS INTERACTION
|
||||
.Nm Passwd
|
||||
has built-in support for NIS. If a user exists in the NIS password
|
||||
database but does not exist locally,
|
||||
.Nm passwd
|
||||
automatically switches into ``yppasswd'' mode. If the specified
|
||||
user does not exist in either the local password database of the
|
||||
NIS password maps,
|
||||
.Nm passwd
|
||||
returns an error.
|
||||
The following additional options are supported for use with NIS:
|
||||
.Bl -tag -width flag
|
||||
.It Fl y
|
||||
The
|
||||
.Fl y
|
||||
flag overrides
|
||||
.Nm passwd 's
|
||||
checking heuristics and forces
|
||||
it into NIS mode.
|
||||
.It Fl l
|
||||
When NIS is enabled, the
|
||||
.Fl l
|
||||
flag can be used to force
|
||||
.Nm passwd
|
||||
into ``local only'' mode. This flag can be used to change the entry
|
||||
for a local user when an NIS user exists when the same login name.
|
||||
For example, you will sometimes find entries for system ``placeholder''
|
||||
users such as
|
||||
.Pa bin
|
||||
or
|
||||
.Pa daemon
|
||||
in both the NIS password maps and the local user database. By
|
||||
default,
|
||||
.Nm passwd
|
||||
will try to change the NIS password. The
|
||||
.Fl l
|
||||
flag can be used to change the local password instead.
|
||||
.El
|
||||
.Pp
|
||||
When changing an NIS password, the user is required to provide
|
||||
the old password for authentication (the
|
||||
.Xr yppasswdd 8
|
||||
daemon requires the original password before
|
||||
it will allow any changes to the NIS password maps).
|
||||
This restriction applies even to the
|
||||
super-user: the only way for an administrator to override a
|
||||
user's NIS password is by modifying the NIS password maps on
|
||||
the master NIS server.
|
||||
.Sh FILES
|
||||
.Bl -tag -width /etc/master.passwd -compact
|
||||
.It Pa /etc/master.passwd
|
||||
@ -100,6 +148,11 @@ Temporary copy of the password file
|
||||
.%A Ken Thompson
|
||||
.%T "UNIX password security"
|
||||
.Re
|
||||
.Sh NOTES
|
||||
The
|
||||
.Xr yppasswd 1
|
||||
command is really only a link to
|
||||
.Nm passwd .
|
||||
.Sh HISTORY
|
||||
A
|
||||
.Nm passwd
|
||||
|
@ -40,7 +40,7 @@ static char copyright[] =
|
||||
#ifndef lint
|
||||
static char sccsid[] = "From: @(#)passwd.c 8.3 (Berkeley) 4/2/94";
|
||||
static const char rcsid[] =
|
||||
"$Id: passwd.c,v 1.3 1995/01/31 08:34:05 wpaul Exp $";
|
||||
"$Id: passwd.c,v 1.4 1995/06/16 03:33:10 wpaul Exp $";
|
||||
#endif /* not lint */
|
||||
|
||||
#include <err.h>
|
||||
@ -72,7 +72,7 @@ int use_local_passwd = 0;
|
||||
|
||||
#ifdef YP
|
||||
#define PERM_SECURE (S_IRUSR|S_IWUSR)
|
||||
int use_yp_passwd = 0, opt_shell = 0, opt_fullname = 0;
|
||||
int _use_yp = 0;
|
||||
char *prog_name;
|
||||
HASHINFO openinfo = {
|
||||
4096, /* bsize */
|
||||
@ -114,11 +114,7 @@ main(argc, argv)
|
||||
DBT key,data;
|
||||
char bf[UT_NAMESIZE + 2];
|
||||
|
||||
if (strstr(argv[0], (prog_name = "ypchpass")))
|
||||
use_yp_passwd = opt_shell = opt_fullname = 1;
|
||||
if (strstr(argv[0], (prog_name = "ypchsh"))) opt_shell = 1;
|
||||
if (strstr(argv[0], (prog_name = "ypchfn"))) opt_fullname = 1;
|
||||
if (strstr(argv[0], (prog_name = "yppasswd"))) use_yp_passwd = 1;
|
||||
if (strstr(argv[0], (prog_name = "yppasswd"))) _use_yp = 1;
|
||||
#endif
|
||||
|
||||
while ((ch = getopt(argc, argv, OPTIONS)) != EOF) {
|
||||
@ -139,13 +135,7 @@ main(argc, argv)
|
||||
#endif /* KERBEROS */
|
||||
#ifdef YP
|
||||
case 'y': /* Change NIS password */
|
||||
use_yp_passwd = 1;
|
||||
break;
|
||||
case 's': /* Change NIS shell field */
|
||||
opt_shell = 1;
|
||||
break;
|
||||
case 'f': /* Change NIS GECOS field */
|
||||
opt_fullname = 1;
|
||||
_use_yp = 1;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
@ -231,9 +221,9 @@ usage()
|
||||
fprintf(stderr,
|
||||
"usage: passwd [-l] [-i instance] [-r realm] [-u fullname]\n");
|
||||
fprintf(stderr,
|
||||
" [-l] [-y] [-f] [-s] [user]\n");
|
||||
" [-l] [-y] [user]\n");
|
||||
#else
|
||||
(void)fprintf(stderr, "usage: passwd [-l] [-y] [-f] [-s] [user] \n");
|
||||
(void)fprintf(stderr, "usage: passwd [-l] [-y] [user] \n");
|
||||
#endif
|
||||
#else
|
||||
#ifdef KERBEROS
|
||||
|
@ -43,115 +43,11 @@
|
||||
#include <rpcsvc/ypclnt.h>
|
||||
#include <rpcsvc/yppasswd.h>
|
||||
|
||||
extern int use_yp_passwd, opt_fullname, opt_shell;
|
||||
extern char *prog_name;
|
||||
uid_t uid;
|
||||
|
||||
static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
|
||||
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
|
||||
|
||||
extern char *getnewpasswd __P(( struct passwd * , int ));
|
||||
|
||||
char *
|
||||
getfield(char *gecos, char *field, int size)
|
||||
{
|
||||
char *sp;
|
||||
|
||||
for (sp = gecos; *sp != '\0' && *sp != ','; sp++);
|
||||
if (*sp != '\0') {
|
||||
*sp++ = '\0';
|
||||
}
|
||||
strncpy (field, gecos, size-1);
|
||||
field[size-1] = '\0';
|
||||
return sp;
|
||||
}
|
||||
|
||||
int
|
||||
newfield(char *prompt, char *deflt, char *field, int size)
|
||||
{
|
||||
char *sp;
|
||||
|
||||
if (deflt == NULL) {
|
||||
deflt = "none";
|
||||
}
|
||||
|
||||
printf("%s [%s]: ", prompt, deflt);
|
||||
fflush(stdout);
|
||||
if (fgets(field, size, stdin) == NULL) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if ((sp = strchr(field, '\n')) != NULL) {
|
||||
*sp = '\0';
|
||||
}
|
||||
|
||||
if (!strcmp(field, "")) {
|
||||
strcpy(field, deflt);
|
||||
}
|
||||
if (!strcmp(field, "none")) {
|
||||
strcpy(field, "");
|
||||
}
|
||||
|
||||
if (strchr(field, ':') != NULL) {
|
||||
fprintf(stderr, "%s: no colons allowed in GECOS field... sorry.\n",
|
||||
prog_name);
|
||||
return 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
char *
|
||||
getnewfullname(struct passwd *pw)
|
||||
{
|
||||
char gecos[1024], *sp, new_gecos[1024];
|
||||
char name[254], location[254], office[254], phone[254];
|
||||
|
||||
printf ("\nChanging full name for %s.\n"
|
||||
"To accept the default, simply press return. To enter an empty\n"
|
||||
"field, type the word \"none\".\n",
|
||||
pw->pw_name);
|
||||
|
||||
strncpy (gecos, pw->pw_gecos, sizeof(gecos));
|
||||
sp = getfield(gecos, name, sizeof(name));
|
||||
if (newfield("Name", strtok(gecos, ","), name, sizeof(name))) {
|
||||
return NULL;
|
||||
}
|
||||
sp = getfield(sp, location, sizeof(location));
|
||||
if (newfield("Location", location, location, sizeof(location))) {
|
||||
return NULL;
|
||||
}
|
||||
sp = getfield(sp, office, sizeof(office));
|
||||
if (newfield("Office Phone", office, office, sizeof(office))) {
|
||||
return NULL;
|
||||
}
|
||||
sp = getfield(sp, phone, sizeof(phone));
|
||||
if (newfield("Home Phone", phone, phone, sizeof(phone))) {
|
||||
return NULL;
|
||||
}
|
||||
sprintf (new_gecos, "%s,%s,%s,%s", name, location, office, phone);
|
||||
|
||||
sp = new_gecos + strlen(new_gecos);
|
||||
while (*--sp == ',') *sp = '\0';
|
||||
|
||||
return strdup(new_gecos);
|
||||
}
|
||||
|
||||
char *
|
||||
getnewshell(struct passwd *pw)
|
||||
{
|
||||
char new_shell[PATH_MAX];
|
||||
|
||||
printf ("\nChanging login shell for %s.\n"
|
||||
"To accept the default, simply press return. To use the\n"
|
||||
"system's default shell, type the word \"none\".\n",
|
||||
pw->pw_name);
|
||||
|
||||
if (newfield("Login shell", pw->pw_shell, new_shell, sizeof(new_shell))) {
|
||||
return NULL;
|
||||
}
|
||||
return strdup(new_shell);
|
||||
}
|
||||
|
||||
char *
|
||||
getserver( void )
|
||||
{
|
||||
@ -192,13 +88,9 @@ yp_passwd(char *user)
|
||||
struct passwd *pw;
|
||||
CLIENT *clnt;
|
||||
char *master;
|
||||
char *what;
|
||||
int c, err, status;
|
||||
char *s;
|
||||
|
||||
if (use_yp_passwd + opt_fullname + opt_shell == 0)
|
||||
use_yp_passwd = 1; /* default to yppasswd behavior */
|
||||
|
||||
if ((master = getserver()) == NULL) {
|
||||
exit(1);
|
||||
}
|
||||
@ -234,27 +126,13 @@ yp_passwd(char *user)
|
||||
yppasswd.newpw.pw_shell = pw->pw_shell;
|
||||
yppasswd.oldpass = NULL;
|
||||
|
||||
switch (use_yp_passwd + (opt_fullname << 1) + (opt_shell << 2)) {
|
||||
case 1:
|
||||
what = "YP password";
|
||||
break;
|
||||
case 2:
|
||||
what = "fullname";
|
||||
break;
|
||||
case 4:
|
||||
what = "login shell";
|
||||
break;
|
||||
default:
|
||||
what = "account information";
|
||||
}
|
||||
printf("Changing %s for %s on %s.\n", what, pw->pw_name, master);
|
||||
printf("Changing NIS password for %s on %s.\n", pw->pw_name, master);
|
||||
|
||||
/* Get old password */
|
||||
if(pw->pw_passwd) {
|
||||
char prompt[40];
|
||||
|
||||
sprintf (prompt, "Please enter %spassword:", use_yp_passwd? "old " : "");
|
||||
s = getpass (prompt);
|
||||
s = getpass ("Old password: ");
|
||||
if( strcmp(crypt(s, pw->pw_passwd), pw->pw_passwd)) {
|
||||
fprintf(stderr, "Sorry.\n");
|
||||
exit (1);
|
||||
@ -262,21 +140,9 @@ yp_passwd(char *user)
|
||||
yppasswd.oldpass = strdup(s);
|
||||
}
|
||||
|
||||
if (use_yp_passwd) {
|
||||
if ((s = getnewpasswd(pw, 1)) == NULL)
|
||||
exit (1);
|
||||
yppasswd.newpw.pw_passwd = s;
|
||||
}
|
||||
if (opt_fullname) {
|
||||
if ((s = getnewfullname(pw)) == NULL)
|
||||
exit (1);
|
||||
yppasswd.newpw.pw_gecos = s;
|
||||
}
|
||||
if (opt_shell) {
|
||||
if ((s = getnewshell(pw)) == NULL)
|
||||
exit (1);
|
||||
yppasswd.newpw.pw_shell = s;
|
||||
}
|
||||
if ((s = getnewpasswd(pw, 1)) == NULL)
|
||||
exit (1);
|
||||
yppasswd.newpw.pw_passwd = s;
|
||||
|
||||
/* The yppasswd.x file said `unix authentication required',
|
||||
* so I added it. This is the only reason it is in here.
|
||||
@ -296,11 +162,11 @@ yp_passwd(char *user)
|
||||
clnt_perrno(err);
|
||||
fprintf( stderr, "\n" );
|
||||
} else if (status) {
|
||||
fprintf( stderr, "Error while changing %s.\n", what );
|
||||
fprintf( stderr, "Error while changing NIS password.\n");
|
||||
}
|
||||
|
||||
printf("\nThe %s has%s been changed on %s.\n",
|
||||
what, (err || status)? " not" : "", master);
|
||||
printf("\nNIS password has%s been changed on %s.\n",
|
||||
(err || status)? " not" : "", master);
|
||||
|
||||
auth_destroy( clnt->cl_auth );
|
||||
clnt_destroy( clnt );
|
||||
|
Loading…
Reference in New Issue
Block a user