loginutils/chpasswd.c

   1 /* vi: set sw=4 ts=4: */
   2 /*
   3  * chpasswd.c
   4  *
   5  * Written for SLIND (from passwd.c) by Alexander Shishkin <virtuoso@slind.org>
   6  * Licensed under GPLv2 or later, see file LICENSE in this source tree.
   7  */
   8 #include "libbb.h"
   9
  10 //usage:#define chpasswd_trivial_usage
  11 //usage:        IF_LONG_OPTS("[--md5|--encrypted]") IF_NOT_LONG_OPTS("[-m|-e]")
  12 //usage:#define chpasswd_full_usage "\n\n"
  13 //usage:       "Read user:password from stdin and update /etc/passwd\n"
  14 //usage:        IF_LONG_OPTS(
  15 //usage:     "\n        -e,--encrypted  Supplied passwords are in encrypted form"
  16 //usage:     "\n        -m,--md5        Use MD5 encryption instead of DES"
  17 //usage:        )
  18 //usage:        IF_NOT_LONG_OPTS(
  19 //usage:     "\n        -e      Supplied passwords are in encrypted form"
  20 //usage:     "\n        -m      Use MD5 encryption instead of DES"
  21 //usage:        )
  22
  23 #if ENABLE_LONG_OPTS
  24 static const char chpasswd_longopts[] ALIGN1 =
  25         "encrypted\0" No_argument "e"
  26         "md5\0"       No_argument "m"
  27         ;
  28 #endif
  29
  30 #define OPT_ENC  1
  31 #define OPT_MD5  2
  32
  33 int chpasswd_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
  34 int chpasswd_main(int argc UNUSED_PARAM, char **argv)
  35 {
  36         char *name, *pass;
  37         char salt[sizeof("$N$XXXXXXXX")];
  38         int opt, rc;
  39
  40         if (getuid() != 0)
  41                 bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
  42
  43         opt_complementary = "m--e:e--m";
  44         IF_LONG_OPTS(applet_long_options = chpasswd_longopts;)
  45         opt = getopt32(argv, "em");
  46
  47         while ((name = xmalloc_fgetline(stdin)) != NULL) {
  48                 pass = strchr(name, ':');
  49                 if (!pass)
  50                         bb_error_msg_and_die("missing new password");
  51                 *pass++ = '\0';
  52
  53                 xuname2uid(name); /* dies if there is no such user */
  54
  55                 if (!(opt & OPT_ENC)) {
  56                         crypt_make_salt(salt, 1);
  57                         if (opt & OPT_MD5) {
  58                                 salt[0] = '$';
  59                                 salt[1] = '1';
  60                                 salt[2] = '$';
  61                                 crypt_make_salt(salt + 3, 4);
  62                         }
  63                         pass = pw_encrypt(pass, salt, 0);
  64                 }
  65
  66                 /* This is rather complex: if user is not found in /etc/shadow,
  67                  * we try to find & change his passwd in /etc/passwd */
  68 #if ENABLE_FEATURE_SHADOWPASSWDS
  69                 rc = update_passwd(bb_path_shadow_file, name, pass, NULL);
  70                 if (rc > 0) /* password in /etc/shadow was updated */
  71                         pass = (char*)"x";
  72                 if (rc >= 0)
  73                         /* 0 = /etc/shadow missing (not an error), >0 = passwd changed in /etc/shadow */
  74 #endif
  75                         rc = update_passwd(bb_path_passwd_file, name, pass, NULL);
  76                 /* LOGMODE_BOTH logs to syslog also */
  77                 logmode = LOGMODE_BOTH;
  78                 if (rc < 0)
  79                         bb_error_msg_and_die("an error occurred updating password for %s", name);
  80                 if (rc)
  81                         bb_info_msg("Password for '%s' changed", name);
  82                 logmode = LOGMODE_STDIO;
  83                 free(name);
  84                 if (!(opt & OPT_ENC))
  85                         free(pass);
  86         }
  87         return EXIT_SUCCESS;
  88 }