passwd: fix bug: we are trying to update shadow even if user's record is in passwd!

getspnam is guilty, it lies that user record exists in shadow.
author: Denis Vlasenko <vda.linux@googlemail.com> 2007-07-27 11:22:34 +0000
committer: Denis Vlasenko <vda.linux@googlemail.com> 2007-07-27 11:22:34 +0000
commit: 1d10aaf11617558592b0215fe85bc42fa444e384 (patch)
tree: 033e1b9896e651a3ab1d94b255a534ff39a91845 /loginutils/passwd.c
parent: 3734b946bfef55c8f63d367422da5c7aa7b972db (diff)
download: busybox-w32-1d10aaf11617558592b0215fe85bc42fa444e384.tar.gz
busybox-w32-1d10aaf11617558592b0215fe85bc42fa444e384.tar.bz2
busybox-w32-1d10aaf11617558592b0215fe85bc42fa444e384.zip
1 files changed, 15 insertions, 5 deletions
diff --git a/loginutils/passwd.c b/loginutils/passwd.c
index a293ee926..4f7094aec 100644
--- a/loginutils/passwd.c
+++ b/loginutils/passwd.c
@@ -127,15 +127,16 @@ int passwd_main(int argc, char **argv)
                bb_error_msg_and_die("%s can't change password for %s", myname, name);
        }
-        filename = bb_path_passwd_file;
 #if ENABLE_FEATURE_SHADOWPASSWDS
-        if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) {
+        /* getspnam_r() can lie! Even if user isn't in shadow, it can
+         * return success (pwd field was seen set to "!" in this case) */
+        if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)
+         || LONE_CHAR(spw.sp_pwdp, '!')) {
                /* LOGMODE_BOTH */
                bb_error_msg("no record of %s in %s, using %s",
                                name, bb_path_shadow_file,
                                bb_path_passwd_file);
        } else {
-                filename = bb_path_shadow_file;
                pw->pw_passwd = spw.sp_pwdp;
        }
 #endif
@@ -175,8 +176,17 @@ int passwd_main(int argc, char **argv)
        signal(SIGQUIT, SIG_IGN);
        umask(077);
        xsetuid(0);
-        rc = update_passwd(filename, name, newp);
-        logmode = LOGMODE_BOTH;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+        filename = bb_path_shadow_file;
+        rc = update_passwd(bb_path_shadow_file, name, newp);
+        if (rc == 0) /* no lines updated, no errors detected */
+#endif
+        {
+                filename = bb_path_passwd_file;
+                rc = update_passwd(bb_path_passwd_file, name, newp);
+        }
+        /* LOGMODE_BOTH */
        if (rc < 0)
                bb_error_msg_and_die("cannot update password file %s",
                                filename);
author	Denis Vlasenko <vda.linux@googlemail.com>	2007-07-27 11:22:34 +0000
committer	Denis Vlasenko <vda.linux@googlemail.com>	2007-07-27 11:22:34 +0000
commit	1d10aaf11617558592b0215fe85bc42fa444e384 (patch)
tree	033e1b9896e651a3ab1d94b255a534ff39a91845 /loginutils/passwd.c
parent	3734b946bfef55c8f63d367422da5c7aa7b972db (diff)
download	busybox-w32-1d10aaf11617558592b0215fe85bc42fa444e384.tar.gz busybox-w32-1d10aaf11617558592b0215fe85bc42fa444e384.tar.bz2 busybox-w32-1d10aaf11617558592b0215fe85bc42fa444e384.zip

diff --git a/loginutils/passwd.c b/loginutils/passwd.c index a293ee926..4f7094aec 100644 --- a/loginutils/passwd.c +++ b/loginutils/passwd.c
@@ -127,15 +127,16 @@ int passwd_main(int argc, char **argv)
127	bb_error_msg_and_die("%s can't change password for %s", myname, name);	127	bb_error_msg_and_die("%s can't change password for %s", myname, name);
128	}	128	}
129		129
130	filename = bb_path_passwd_file;
131	#if ENABLE_FEATURE_SHADOWPASSWDS	130	#if ENABLE_FEATURE_SHADOWPASSWDS
132	if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)) {	131	/* getspnam_r() can lie! Even if user isn't in shadow, it can
		132	* return success (pwd field was seen set to "!" in this case) */
		133	if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)
		134	\|\| LONE_CHAR(spw.sp_pwdp, '!')) {
133	/* LOGMODE_BOTH */	135	/* LOGMODE_BOTH */
134	bb_error_msg("no record of %s in %s, using %s",	136	bb_error_msg("no record of %s in %s, using %s",
135	name, bb_path_shadow_file,	137	name, bb_path_shadow_file,
136	bb_path_passwd_file);	138	bb_path_passwd_file);
137	} else {	139	} else {
138	filename = bb_path_shadow_file;
139	pw->pw_passwd = spw.sp_pwdp;	140	pw->pw_passwd = spw.sp_pwdp;
140	}	141	}
141	#endif	142	#endif
@@ -175,8 +176,17 @@ int passwd_main(int argc, char **argv)
175	signal(SIGQUIT, SIG_IGN);	176	signal(SIGQUIT, SIG_IGN);
176	umask(077);	177	umask(077);
177	xsetuid(0);	178	xsetuid(0);
178	rc = update_passwd(filename, name, newp);	179
179	logmode = LOGMODE_BOTH;	180	#if ENABLE_FEATURE_SHADOWPASSWDS
		181	filename = bb_path_shadow_file;
		182	rc = update_passwd(bb_path_shadow_file, name, newp);
		183	if (rc == 0) /* no lines updated, no errors detected */
		184	#endif
		185	{
		186	filename = bb_path_passwd_file;
		187	rc = update_passwd(bb_path_passwd_file, name, newp);
		188	}
		189	/* LOGMODE_BOTH */
180	if (rc < 0)	190	if (rc < 0)
181	bb_error_msg_and_die("cannot update password file %s",	191	bb_error_msg_and_die("cannot update password file %s",
182	filename);	192	filename);