1 /* vi: set sw=4 ts=4: */
5 * update_passwd is a common function for passwd and chpasswd applets;
6 * it is responsible for updating password file (i.e. /etc/passwd or
7 * /etc/shadow) for a given user and password.
9 * Moved from loginutils/passwd.c by Alexander Shishkin <virtuoso@slind.org>
15 static void check_selinux_update_passwd(const char *username)
17 security_context_t context;
20 if (getuid() != (uid_t)0 || is_selinux_enabled() == 0)
21 return; /* No need to check */
23 if (getprevcon_raw(&context) < 0)
24 bb_perror_msg_and_die("getprevcon failed");
25 seuser = strtok(context, ":");
27 bb_error_msg_and_die("invalid context '%s'", context);
28 if (strcmp(seuser, username) != 0) {
29 if (checkPasswdAccess(PASSWD__PASSWD) != 0)
30 bb_error_msg_and_die("SELinux: access denied");
32 if (ENABLE_FEATURE_CLEAN_UP)
36 #define check_selinux_update_passwd(username) ((void)0)
39 int update_passwd(const char *filename, const char *username,
53 int ret = -1; /* failure */
55 filename = xmalloc_follow_symlinks(filename);
59 check_selinux_update_passwd(username);
61 /* New passwd file, "/etc/passwd+" for now */
62 fnamesfx = xasprintf("%s+", filename);
63 sfx_char = &fnamesfx[strlen(fnamesfx)-1];
64 username = xasprintf("%s:", username);
65 user_len = strlen(username);
67 old_fp = fopen(filename, "r+");
70 old_fd = fileno(old_fp);
72 selinux_preserve_fcontext(old_fd);
74 /* Try to create "/etc/passwd+". Wait if it exists. */
77 // FIXME: on last iteration try w/o O_EXCL but with O_TRUNC?
78 new_fd = open(fnamesfx, O_WRONLY|O_CREAT|O_EXCL, 0600);
79 if (new_fd >= 0) goto created;
80 if (errno != EEXIST) break;
81 usleep(100000); /* 0.1 sec */
83 bb_perror_msg("cannot create '%s'", fnamesfx);
87 if (!fstat(old_fd, &sb)) {
88 fchmod(new_fd, sb.st_mode & 0777); /* ignore errors */
89 fchown(new_fd, sb.st_uid, sb.st_gid);
91 new_fp = fdopen(new_fd, "w");
97 /* Backup file is "/etc/passwd-" */
99 /* Delete old backup */
100 i = (unlink(fnamesfx) && errno != ENOENT);
101 /* Create backup as a hardlink to current */
102 if (i || link(filename, fnamesfx))
103 bb_perror_msg("warning: cannot create backup copy '%s'", fnamesfx);
106 /* Lock the password file before updating */
107 lock.l_type = F_WRLCK;
108 lock.l_whence = SEEK_SET;
111 if (fcntl(old_fd, F_SETLK, &lock) < 0)
112 bb_perror_msg("warning: cannot lock '%s'", filename);
113 lock.l_type = F_UNLCK;
115 /* Read current password file, write updated /etc/passwd+ */
117 char *line = xmalloc_fgets(old_fp);
118 if (!line) break; /* EOF/error */
119 if (strncmp(username, line, user_len) == 0) {
120 /* we have a match with "username:"... */
121 const char *cp = line + user_len;
122 /* now cp -> old passwd, skip it: */
123 cp = strchrnul(cp, ':');
124 /* now cp -> ':' after old passwd or -> "" */
125 fprintf(new_fp, "%s%s%s", username, new_pw, cp);
131 fcntl(old_fd, F_SETLK, &lock);
133 /* We do want all of them to execute, thus | instead of || */
134 if ((ferror(old_fp) | fflush(new_fp) | fsync(new_fd) | fclose(new_fp))
135 || rename(fnamesfx, filename)
137 /* At least one of those failed */
140 ret = cnt; /* whee, success! */
143 if (ret < 0) unlink(fnamesfx);
150 free((char *)filename);
151 free((char *)username);