Remove the ypchfn/ypchsh stuff from passwd and leave just the

yppasswd support. The rest is moving into chpass.
This commit is contained in:
Bill Paul 1995-08-13 16:07:36 +00:00
parent d877befa37
commit a3ce11a24d
5 changed files with 78 additions and 169 deletions

View File

@ -1,5 +1,5 @@
# From: @(#)Makefile 8.3 (Berkeley) 4/2/94
# $Id: Makefile,v 1.13.2.1 1995/06/07 05:52:05 jkh Exp $
# $Id: Makefile,v 1.14 1995/06/11 19:32:12 rgrimes Exp $
PROG= passwd
SRCS= local_passwd.c yp_passwd.c passwd.c pw_copy.c pw_util.c
@ -12,9 +12,9 @@ CFLAGS+=-DCRYPT -DYP -I${.CURDIR} -I${.CURDIR}/../../usr.sbin/vipw \
BINOWN= root
BINMODE=4555
INSTALLFLAGS=-fschg
MAN1=passwd.1 yppasswd.1
MLINKS=yppasswd.1 ypchsh.1 yppasswd.1 ypchpass.1 yppasswd.1 ypchfn.1
MAN1=passwd.1
LINKS=${DESTDIR}${BINDIR}/passwd ${DESTDIR}${BINDIR}/yppasswd
MLINKS=passwd.1 yppasswd.1
.if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_EBONES))
SRCS+= kpasswd.c
@ -29,10 +29,10 @@ LDADD= -lkadm -lkrb -ldes -lcrypt -lrpcsvc -lcom_err
DISTRIBUTION= krb
.endif
beforeinstall:
[ ! -e ${DESTDIR}${BINDIR}/passwd ] || \
chflags noschg ${DESTDIR}${BINDIR}/passwd
afterinstall:
ln -sf passwd ${DESTDIR}${BINDIR}/yppasswd
ln -sf passwd ${DESTDIR}${BINDIR}/ypchsh
ln -sf passwd ${DESTDIR}${BINDIR}/ypchfn
ln -sf passwd ${DESTDIR}${BINDIR}/ypchpass
chflags schg ${DESTDIR}${BINDIR}/passwd
.include <bsd.prog.mk>

View File

@ -82,8 +82,8 @@ getnewpasswd(pw, nis)
char buf[_PASSWORD_LEN+1], salt[9];
struct timeval tv;
(void)printf("Changing %s password for %s.\n", nis ? "YP" : "local",
pw->pw_name);
if (!nis)
(void)printf("Changing local password for %s.\n", pw->pw_name);
if (uid && pw->pw_passwd[0] &&
strcmp(crypt(getpass("Old password:"), pw->pw_passwd),

View File

@ -35,7 +35,7 @@
.Dt PASSWD 1
.Os BSD 4
.Sh NAME
.Nm passwd
.Nm passwd, yppasswd
.Nd modify a user's password
.Sh SYNOPSIS
.Nm passwd
@ -77,6 +77,54 @@ followed by
.Xr passwd 1 .
The super-user is not required to provide a user's current password
if only the local password is modified.
.Sh NIS INTERACTION
.Nm Passwd
has built-in support for NIS. If a user exists in the NIS password
database but does not exist locally,
.Nm passwd
automatically switches into ``yppasswd'' mode. If the specified
user does not exist in either the local password database of the
NIS password maps,
.Nm passwd
returns an error.
The following additional options are supported for use with NIS:
.Bl -tag -width flag
.It Fl y
The
.Fl y
flag overrides
.Nm passwd 's
checking heuristics and forces
it into NIS mode.
.It Fl l
When NIS is enabled, the
.Fl l
flag can be used to force
.Nm passwd
into ``local only'' mode. This flag can be used to change the entry
for a local user when an NIS user exists when the same login name.
For example, you will sometimes find entries for system ``placeholder''
users such as
.Pa bin
or
.Pa daemon
in both the NIS password maps and the local user database. By
default,
.Nm passwd
will try to change the NIS password. The
.Fl l
flag can be used to change the local password instead.
.El
.Pp
When changing an NIS password, the user is required to provide
the old password for authentication (the
.Xr yppasswdd 8
daemon requires the original password before
it will allow any changes to the NIS password maps).
This restriction applies even to the
super-user: the only way for an administrator to override a
user's NIS password is by modifying the NIS password maps on
the master NIS server.
.Sh FILES
.Bl -tag -width /etc/master.passwd -compact
.It Pa /etc/master.passwd
@ -100,6 +148,11 @@ Temporary copy of the password file
.%A Ken Thompson
.%T "UNIX password security"
.Re
.Sh NOTES
The
.Xr yppasswd 1
command is really only a link to
.Nm passwd .
.Sh HISTORY
A
.Nm passwd

View File

@ -40,7 +40,7 @@ static char copyright[] =
#ifndef lint
static char sccsid[] = "From: @(#)passwd.c 8.3 (Berkeley) 4/2/94";
static const char rcsid[] =
"$Id: passwd.c,v 1.3 1995/01/31 08:34:05 wpaul Exp $";
"$Id: passwd.c,v 1.4 1995/06/16 03:33:10 wpaul Exp $";
#endif /* not lint */
#include <err.h>
@ -72,7 +72,7 @@ int use_local_passwd = 0;
#ifdef YP
#define PERM_SECURE (S_IRUSR|S_IWUSR)
int use_yp_passwd = 0, opt_shell = 0, opt_fullname = 0;
int _use_yp = 0;
char *prog_name;
HASHINFO openinfo = {
4096, /* bsize */
@ -114,11 +114,7 @@ main(argc, argv)
DBT key,data;
char bf[UT_NAMESIZE + 2];
if (strstr(argv[0], (prog_name = "ypchpass")))
use_yp_passwd = opt_shell = opt_fullname = 1;
if (strstr(argv[0], (prog_name = "ypchsh"))) opt_shell = 1;
if (strstr(argv[0], (prog_name = "ypchfn"))) opt_fullname = 1;
if (strstr(argv[0], (prog_name = "yppasswd"))) use_yp_passwd = 1;
if (strstr(argv[0], (prog_name = "yppasswd"))) _use_yp = 1;
#endif
while ((ch = getopt(argc, argv, OPTIONS)) != EOF) {
@ -139,13 +135,7 @@ main(argc, argv)
#endif /* KERBEROS */
#ifdef YP
case 'y': /* Change NIS password */
use_yp_passwd = 1;
break;
case 's': /* Change NIS shell field */
opt_shell = 1;
break;
case 'f': /* Change NIS GECOS field */
opt_fullname = 1;
_use_yp = 1;
break;
#endif
default:
@ -231,9 +221,9 @@ usage()
fprintf(stderr,
"usage: passwd [-l] [-i instance] [-r realm] [-u fullname]\n");
fprintf(stderr,
" [-l] [-y] [-f] [-s] [user]\n");
" [-l] [-y] [user]\n");
#else
(void)fprintf(stderr, "usage: passwd [-l] [-y] [-f] [-s] [user] \n");
(void)fprintf(stderr, "usage: passwd [-l] [-y] [user] \n");
#endif
#else
#ifdef KERBEROS

View File

@ -43,115 +43,11 @@
#include <rpcsvc/ypclnt.h>
#include <rpcsvc/yppasswd.h>
extern int use_yp_passwd, opt_fullname, opt_shell;
extern char *prog_name;
uid_t uid;
static unsigned char itoa64[] = /* 0 ... 63 => ascii - 64 */
"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
extern char *getnewpasswd __P(( struct passwd * , int ));
char *
getfield(char *gecos, char *field, int size)
{
char *sp;
for (sp = gecos; *sp != '\0' && *sp != ','; sp++);
if (*sp != '\0') {
*sp++ = '\0';
}
strncpy (field, gecos, size-1);
field[size-1] = '\0';
return sp;
}
int
newfield(char *prompt, char *deflt, char *field, int size)
{
char *sp;
if (deflt == NULL) {
deflt = "none";
}
printf("%s [%s]: ", prompt, deflt);
fflush(stdout);
if (fgets(field, size, stdin) == NULL) {
return 1;
}
if ((sp = strchr(field, '\n')) != NULL) {
*sp = '\0';
}
if (!strcmp(field, "")) {
strcpy(field, deflt);
}
if (!strcmp(field, "none")) {
strcpy(field, "");
}
if (strchr(field, ':') != NULL) {
fprintf(stderr, "%s: no colons allowed in GECOS field... sorry.\n",
prog_name);
return 1;
}
return 0;
}
char *
getnewfullname(struct passwd *pw)
{
char gecos[1024], *sp, new_gecos[1024];
char name[254], location[254], office[254], phone[254];
printf ("\nChanging full name for %s.\n"
"To accept the default, simply press return. To enter an empty\n"
"field, type the word \"none\".\n",
pw->pw_name);
strncpy (gecos, pw->pw_gecos, sizeof(gecos));
sp = getfield(gecos, name, sizeof(name));
if (newfield("Name", strtok(gecos, ","), name, sizeof(name))) {
return NULL;
}
sp = getfield(sp, location, sizeof(location));
if (newfield("Location", location, location, sizeof(location))) {
return NULL;
}
sp = getfield(sp, office, sizeof(office));
if (newfield("Office Phone", office, office, sizeof(office))) {
return NULL;
}
sp = getfield(sp, phone, sizeof(phone));
if (newfield("Home Phone", phone, phone, sizeof(phone))) {
return NULL;
}
sprintf (new_gecos, "%s,%s,%s,%s", name, location, office, phone);
sp = new_gecos + strlen(new_gecos);
while (*--sp == ',') *sp = '\0';
return strdup(new_gecos);
}
char *
getnewshell(struct passwd *pw)
{
char new_shell[PATH_MAX];
printf ("\nChanging login shell for %s.\n"
"To accept the default, simply press return. To use the\n"
"system's default shell, type the word \"none\".\n",
pw->pw_name);
if (newfield("Login shell", pw->pw_shell, new_shell, sizeof(new_shell))) {
return NULL;
}
return strdup(new_shell);
}
char *
getserver( void )
{
@ -192,13 +88,9 @@ yp_passwd(char *user)
struct passwd *pw;
CLIENT *clnt;
char *master;
char *what;
int c, err, status;
char *s;
if (use_yp_passwd + opt_fullname + opt_shell == 0)
use_yp_passwd = 1; /* default to yppasswd behavior */
if ((master = getserver()) == NULL) {
exit(1);
}
@ -234,27 +126,13 @@ yp_passwd(char *user)
yppasswd.newpw.pw_shell = pw->pw_shell;
yppasswd.oldpass = NULL;
switch (use_yp_passwd + (opt_fullname << 1) + (opt_shell << 2)) {
case 1:
what = "YP password";
break;
case 2:
what = "fullname";
break;
case 4:
what = "login shell";
break;
default:
what = "account information";
}
printf("Changing %s for %s on %s.\n", what, pw->pw_name, master);
printf("Changing NIS password for %s on %s.\n", pw->pw_name, master);
/* Get old password */
if(pw->pw_passwd) {
char prompt[40];
sprintf (prompt, "Please enter %spassword:", use_yp_passwd? "old " : "");
s = getpass (prompt);
s = getpass ("Old password: ");
if( strcmp(crypt(s, pw->pw_passwd), pw->pw_passwd)) {
fprintf(stderr, "Sorry.\n");
exit (1);
@ -262,21 +140,9 @@ yp_passwd(char *user)
yppasswd.oldpass = strdup(s);
}
if (use_yp_passwd) {
if ((s = getnewpasswd(pw, 1)) == NULL)
exit (1);
yppasswd.newpw.pw_passwd = s;
}
if (opt_fullname) {
if ((s = getnewfullname(pw)) == NULL)
exit (1);
yppasswd.newpw.pw_gecos = s;
}
if (opt_shell) {
if ((s = getnewshell(pw)) == NULL)
exit (1);
yppasswd.newpw.pw_shell = s;
}
if ((s = getnewpasswd(pw, 1)) == NULL)
exit (1);
yppasswd.newpw.pw_passwd = s;
/* The yppasswd.x file said `unix authentication required',
* so I added it. This is the only reason it is in here.
@ -296,11 +162,11 @@ yp_passwd(char *user)
clnt_perrno(err);
fprintf( stderr, "\n" );
} else if (status) {
fprintf( stderr, "Error while changing %s.\n", what );
fprintf( stderr, "Error while changing NIS password.\n");
}
printf("\nThe %s has%s been changed on %s.\n",
what, (err || status)? " not" : "", master);
printf("\nNIS password has%s been changed on %s.\n",
(err || status)? " not" : "", master);
auth_destroy( clnt->cl_auth );
clnt_destroy( clnt );