summaryrefslogtreecommitdiffstats
path: root/gnu
diff options
context:
space:
mode:
authorwpaul <wpaul@FreeBSD.org>1996-02-12 14:50:23 +0000
committerwpaul <wpaul@FreeBSD.org>1996-02-12 14:50:23 +0000
commit31da7a08764484c0b96352dc6ef009fd4fcee60c (patch)
tree874aae93183e05ed5873348f802c1a2f10dba3f4 /gnu
parente08314c755c768330fd6dd44397b6ec4b781639f (diff)
downloadFreeBSD-src-31da7a08764484c0b96352dc6ef009fd4fcee60c.zip
FreeBSD-src-31da7a08764484c0b96352dc6ef009fd4fcee60c.tar.gz
Toss the old yppasswdd into the attic.
Diffstat (limited to 'gnu')
-rw-r--r--gnu/usr.sbin/yppasswdd/Makefile19
-rw-r--r--gnu/usr.sbin/yppasswdd/pw_copy.c119
-rw-r--r--gnu/usr.sbin/yppasswdd/pw_util.c178
-rw-r--r--gnu/usr.sbin/yppasswdd/update.c195
-rw-r--r--gnu/usr.sbin/yppasswdd/yppasswd.h57
-rw-r--r--gnu/usr.sbin/yppasswdd/yppasswdd.8199
-rw-r--r--gnu/usr.sbin/yppasswdd/yppasswdd.c201
-rw-r--r--gnu/usr.sbin/yppasswdd/yppwupdate27
8 files changed, 0 insertions, 995 deletions
diff --git a/gnu/usr.sbin/yppasswdd/Makefile b/gnu/usr.sbin/yppasswdd/Makefile
deleted file mode 100644
index 499405f..0000000
--- a/gnu/usr.sbin/yppasswdd/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
-# $Id: Makefile,v 1.6 1995/07/19 17:44:32 wpaul Exp $
-# @(#)Makefile 8.3 (Berkeley) 4/2/94
-
-PROG= yppasswdd
-MAN8= yppasswdd.8
-
-SRCS= yppasswdd.c update.c pw_copy.c pw_util.c
-
-LDADD= -lcrypt -lrpcsvc
-CFLAGS+=-DCRYPT -I${.CURDIR} -I${.CURDIR}/../../../usr.sbin/vipw \
- -I${.CURDIR}/../../../usr.bin/chpass
-CFLAGS+=-DVERSION=\"0.7\" -DYPLIBDIR=\"/usr/libexec\" -D_GNU_SOURCE
-
-afterinstall:
- ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m ${BINMODE} \
- ${.CURDIR}/yppwupdate \
- ${DESTDIR}/usr/libexec/yppwupdate
-
-.include <bsd.prog.mk>
diff --git a/gnu/usr.sbin/yppasswdd/pw_copy.c b/gnu/usr.sbin/yppasswdd/pw_copy.c
deleted file mode 100644
index df857e3..0000000
--- a/gnu/usr.sbin/yppasswdd/pw_copy.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)pw_copy.c 8.4 (Berkeley) 4/2/94";
-#endif /* not lint */
-
-/*
- * This module is used to copy the master password file, replacing a single
- * record, by chpass(1) and passwd(1).
- */
-
-#include <err.h>
-#include <pwd.h>
-#include <stdio.h>
-#include <string.h>
-#include <syslog.h>
-
-#include <pw_util.h>
-
-int pw_copy __P((int, int, struct passwd *));
-
-extern char *tempname;
-extern char *passfile;
-
-int
-pw_copy(ffd, tfd, pw)
- int ffd, tfd;
- struct passwd *pw;
-{
- FILE *from, *to;
- int done;
- char *p, buf[8192];
-
- if (!(from = fdopen(ffd, "r"))) {
- pw_error(passfile, 1, 1);
- return(-1);
- }
- if (!(to = fdopen(tfd, "w"))) {
- pw_error(tempname, 1, 1);
- return(-1);
- }
- for (done = 0; fgets(buf, sizeof(buf), from);) {
- if (!strchr(buf, '\n')) {
- syslog(LOG_ERR, "%s: line too long", passfile);
- pw_error(NULL, 0, 1);
- goto err;
- }
- if (done) {
- (void)fprintf(to, "%s", buf);
- if (ferror(to))
- goto err;
- continue;
- }
- if (!(p = strchr(buf, ':'))) {
- syslog(LOG_ERR, "%s: corrupted entry", passfile);
- pw_error(NULL, 0, 1);
- goto err;
- }
- *p = '\0';
- if (strcmp(buf, pw->pw_name)) {
- *p = ':';
- (void)fprintf(to, "%s", buf);
- if (ferror(to))
- goto err;
- continue;
- }
- (void)fprintf(to, "%s:%s:%d:%d:%s:%ld:%ld:%s:%s:%s\n",
- pw->pw_name, pw->pw_passwd, pw->pw_uid, pw->pw_gid,
- pw->pw_class, pw->pw_change, pw->pw_expire, pw->pw_gecos,
- pw->pw_dir, pw->pw_shell);
- done = 1;
- if (ferror(to))
- goto err;
- }
- if (!done) {
- syslog(LOG_ERR, "user \"%s\" not found in %s -- NIS maps and password file possibly out of sync", pw->pw_name, passfile);
- goto err;
- }
- if (ferror(to)) {
-err: pw_error(NULL, 1, 1);
- (void)fclose(to);
- (void)fclose(from);
- return(-1);
- }
- (void)fclose(to);
- (void)fclose(from);
- return(0);
-}
diff --git a/gnu/usr.sbin/yppasswdd/pw_util.c b/gnu/usr.sbin/yppasswdd/pw_util.c
deleted file mode 100644
index 4ab3ce8..0000000
--- a/gnu/usr.sbin/yppasswdd/pw_util.c
+++ /dev/null
@@ -1,178 +0,0 @@
-/*-
- * Copyright (c) 1990, 1993, 1994
- * The Regents of the University of California. All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * This product includes software developed by the University of
- * California, Berkeley and its contributors.
- * 4. Neither the name of the University nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifndef lint
-static char sccsid[] = "@(#)pw_util.c 8.3 (Berkeley) 4/2/94";
-#endif /* not lint */
-
-/*
- * This file is used by all the "password" programs; vipw(8), chpass(1),
- * and passwd(1).
- */
-
-#include <sys/param.h>
-#include <sys/time.h>
-#include <sys/resource.h>
-#include <sys/stat.h>
-#include <sys/wait.h>
-
-#include <err.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <paths.h>
-#include <pwd.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-#include <syslog.h>
-
-#include <pw_util.h>
-
-extern void reaper __P((int));
-extern void install_reaper __P((int));
-extern char *tempname;
-extern char *passfile;
-int pstat;
-pid_t pid;
-
-void
-pw_init()
-{
- struct rlimit rlim;
-
- /* Unlimited resource limits. */
- rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
- (void)setrlimit(RLIMIT_CPU, &rlim);
- (void)setrlimit(RLIMIT_FSIZE, &rlim);
- (void)setrlimit(RLIMIT_STACK, &rlim);
- (void)setrlimit(RLIMIT_DATA, &rlim);
- (void)setrlimit(RLIMIT_RSS, &rlim);
-
- /* Don't drop core (not really necessary, but GP's). */
- rlim.rlim_cur = rlim.rlim_max = 0;
- (void)setrlimit(RLIMIT_CORE, &rlim);
-
- /* Turn off signals. */
- (void)signal(SIGALRM, SIG_IGN);
- (void)signal(SIGHUP, SIG_IGN);
- (void)signal(SIGINT, SIG_IGN);
- (void)signal(SIGPIPE, SIG_IGN);
- (void)signal(SIGQUIT, SIG_IGN);
- (void)signal(SIGTSTP, SIG_IGN);
- (void)signal(SIGTTOU, SIG_IGN);
-
- /* Create with exact permissions. */
- (void)umask(0);
-}
-
-static int lockfd;
-
-int
-pw_lock()
-{
- /*
- * If the master password file doesn't exist, the system is hosed.
- * Might as well try to build one. Set the close-on-exec bit so
- * that users can't get at the encrypted passwords while editing.
- * Open should allow flock'ing the file; see 4.4BSD. XXX
- */
- lockfd = open(passfile, O_RDONLY, 0);
- if (lockfd < 0 || fcntl(lockfd, F_SETFD, 1) == -1) {
- syslog(LOG_NOTICE, "%s: %s", passfile, strerror(errno));
- return (-1);
- }
- if (flock(lockfd, LOCK_EX|LOCK_NB)) {
- syslog(LOG_NOTICE, "%s: the password db file is busy", passfile);
- return(-1);
- }
- return (lockfd);
-}
-
-int
-pw_tmp()
-{
- static char path[MAXPATHLEN];
- int fd;
- char *p;
-
- sprintf(path,"%s",passfile);
- if ((p = strrchr(path, '/')))
- ++p;
- else
- p = path;
- strcpy(p, "pw.XXXXXX");
- if ((fd = mkstemp(path)) == -1) {
- syslog(LOG_ERR, "%s: %s", path, strerror(errno));
- return(-1);
- }
- tempname = path;
- return (fd);
-}
-
-int
-pw_mkdb()
-{
-
- syslog(LOG_NOTICE, "rebuilding the database...");
- (void)fflush(stderr);
- /* Temporarily turn off SIGCHLD catching */
- install_reaper(0);
- if (!(pid = vfork())) {
- execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", tempname, NULL);
- pw_error(_PATH_PWD_MKDB, 1, 1);
- return(-1);
- }
- /* Handle this ourselves. */
- reaper(SIGCHLD);
- /* Put the handler back. Foo. */
- install_reaper(1);
- if (pid == -1 || !WIFEXITED(pstat) || WEXITSTATUS(pstat) != 0) {
- return (-1);
- }
- syslog(LOG_NOTICE, "done");
- return (0);
-}
-
-void
-pw_error(name, err, eval)
- char *name;
- int err, eval;
-{
- if (err && name != NULL)
- syslog(LOG_ERR, "%s", name);
-
- syslog(LOG_NOTICE,"%s: unchanged", passfile);
- (void)unlink(tempname);
-}
diff --git a/gnu/usr.sbin/yppasswdd/update.c b/gnu/usr.sbin/yppasswdd/update.c
deleted file mode 100644
index a8b4f20..0000000
--- a/gnu/usr.sbin/yppasswdd/update.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/*
- * yppasswdd
- * Copyright 1994 Olaf Kirch, <okir@monad.swb.de>
- *
- * This program is covered by the GNU General Public License, version 2.
- * It is provided in the hope that it is useful. However, the author
- * disclaims ALL WARRANTIES, expressed or implied. See the GPL for details.
- */
-
-#include <sys/types.h>
-#include <sys/errno.h>
-#include <sys/stat.h>
-#include <sys/param.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <fcntl.h>
-#include <unistd.h>
-#include <ctype.h>
-#include <time.h>
-#include <pwd.h>
-
-#include <syslog.h>
-#include <stdio.h>
-#include <string.h>
-
-#include <rpc/rpc.h>
-#include <rpc/pmap_clnt.h>
-#include "yppasswd.h"
-
-char *tempname, *passfile;
-extern int *allow_chfn, *allow_chsh;
-extern int pid;
-extern int pw_copy __P((int, int, struct passwd *));
-extern int pw_lock __P((void));
-extern int pw_mkdb __P((void));
-extern int pw_tmp __P((void));
-
-#define xprt_addr(xprt) (svc_getcaller(xprt)->sin_addr)
-#define xprt_port(xprt) ntohs(svc_getcaller(xprt)->sin_port)
-void reaper( int sig );
-
-/*===============================================================*
- * Argument validation. Avoid \n... (ouch).
- * We can't use isprint, because people may use 8bit chars which
- * aren't recognized as printable in the default locale.
- *===============================================================*/
-static int
-validate_string(char *str)
-{
- while (*str && !iscntrl(*str)) str++;
- return (*str == '\0');
-}
-
-static int
-validate_args(struct xpasswd *pw)
-{
- if (pw->pw_name[0] == '-' || pw->pw_name[0] == '+') {
- syslog(LOG_ALERT, "attempt to modify NIS passwd entry \"%s\"",
- pw->pw_name);
- }
-
- return validate_string(pw->pw_passwd)
- && validate_string(pw->pw_shell)
- && validate_string(pw->pw_gecos);
-}
-
-/*===============================================================*
- * The passwd update handler
- *===============================================================*/
-int *
-yppasswdproc_pwupdate_1(yppasswd *yppw, struct svc_req *rqstp)
-{
- struct xpasswd *newpw; /* passwd struct passed by the client */
- struct passwd *pw; /* passwd struct obtained from getpwent() */
- int chsh = 0, chfn = 0;
- static int res;
- char logbuf[255];
- int pfd, tfd;
- char *passfile_hold;
- char template[] = "/tmp/yppwtmp.XXXXX";
-
- newpw = &yppw->newpw;
- res = 1;
-
- sprintf( logbuf, "update %.12s (uid=%d) from host %s",
- yppw->newpw.pw_name,
- yppw->newpw.pw_uid,
- inet_ntoa(xprt_addr(rqstp->rq_xprt)));
-
- if (!validate_args(newpw)) {
- syslog ( LOG_ALERT, "%s failed", logbuf );
- syslog ( LOG_ALERT, "Invalid characters in argument. "
- "Possible spoof attempt?" );
- return &res;
- }
-
- /* Check if the user exists
- */
- if (!(pw = getpwnam(yppw->newpw.pw_name))) {
- syslog ( LOG_WARNING, "%s failed", logbuf );
- syslog ( LOG_WARNING, "User not in password file." );
- return (&res);
- }
-
- /* Check the password.
- */
- if (strcmp(crypt(yppw->oldpass, pw->pw_passwd), pw->pw_passwd)) {
- syslog ( LOG_WARNING, "%s rejected", logbuf );
- syslog ( LOG_WARNING, "Invalid password." );
- sleep(1);
- return(&res);
- }
-
- /* set the new passwd, shell, and full name
- */
- pw->pw_change = 0;
- pw->pw_passwd = newpw->pw_passwd;
-
- if (allow_chsh) {
- chsh = (strcmp(pw->pw_shell, newpw->pw_shell) != 0);
- pw->pw_shell = newpw->pw_shell;
- }
-
- if (allow_chfn) {
- chfn = (strcmp(pw->pw_gecos, newpw->pw_gecos) != 0);
- pw->pw_gecos = newpw->pw_gecos;
- }
-
- /*
- * Bail if locking the password file or temp file creation fails.
- * (These operations should log their own failure messages if need be,
- * so we don't have to log their failures here.)
- */
- if ((pfd = pw_lock()) < 0)
- return &res;
- if ((tfd = pw_tmp()) < 0)
- return &res;
-
- /* Placeholder in case we need to put the old password file back. */
- passfile_hold = mktemp((char *)&template);
-
- /*
- * Copy the password file to the temp file,
- * inserting new passwd entry along the way.
- */
- if (pw_copy(pfd, tfd, pw) < 0) {
- syslog(LOG_ERR, "%s > %s: copy failed. Cleaning up.",
- tempname, passfile);
- unlink(tempname);
- return (&res);
- }
-
- rename(passfile, passfile_hold);
- if (strcmp(passfile, _PATH_MASTERPASSWD)) {
- rename(tempname, passfile);
- }
- else
- if (pw_mkdb() < 0) {
- syslog (LOG_WARNING, "%s failed to rebuild password database", logbuf );
- return(&res);
- }
-
- /* Fork off process to rebuild NIS passwd.* maps. If the fork
- * fails, restore old passwd file and return an error.
- */
- if ((pid = fork()) < 0) {
- syslog( LOG_ERR, "%s failed", logbuf );
- syslog( LOG_ERR, "Couldn't fork map update process: %m" );
- unlink(passfile);
- rename(passfile_hold, passfile);
- if (!strcmp(passfile, _PATH_MASTERPASSWD))
- if (pw_mkdb()) {
- syslog (LOG_WARNING, "%s failed to rebuild password database", logbuf );
- return(&res);
- }
-
- return (&res);
- }
- if (pid == 0) {
- unlink(passfile_hold);
- execlp(MAP_UPDATE_PATH, MAP_UPDATE, passfile, NULL);
- syslog( LOG_ERR, "Error: couldn't exec map update process: %m" );
- exit(1);
- }
-
- syslog (LOG_INFO, "%s successful. Password changed.", logbuf );
- if (chsh || chfn) {
- syslog ( LOG_INFO, "Shell %schanged (%s), GECOS %schanged (%s).",
- chsh? "" : "un", newpw->pw_shell,
- chfn? "" : "un", newpw->pw_gecos );
- }
-
- res = 0;
- return (&res);
-}
diff --git a/gnu/usr.sbin/yppasswdd/yppasswd.h b/gnu/usr.sbin/yppasswdd/yppasswd.h
deleted file mode 100644
index 4f879ce..0000000
--- a/gnu/usr.sbin/yppasswdd/yppasswd.h
+++ /dev/null
@@ -1,57 +0,0 @@
-/*
- * yppasswdd
- * Copyright 1994 Olaf Kirch, <okir@monad.swb.de>
- *
- * This program is covered by the GNU General Public License, version 2.
- * It is provided in the hope that it is useful. However, the author
- * disclaims ALL WARRANTIES, expressed or implied. See the GPL for details.
- *
- * This file was generated automatically by rpcgen from yppasswd.x, and
- * editied manually.
- */
-
-#ifndef _YPPASSWD_H_
-#define _YPPASSWD_H_
-
-#define YPPASSWDPROG ((u_long)100009)
-#define YPPASSWDVERS ((u_long)1)
-#define YPPASSWDPROC_UPDATE ((u_long)1)
-
-/*
- * The password struct passed by the update call. I renamed it to
- * xpasswd to avoid a type clash with the one defined in <pwd.h>.
- */
-typedef struct xpasswd {
- char *pw_name;
- char *pw_passwd;
- int pw_uid;
- int pw_gid;
- char *pw_gecos;
- char *pw_dir;
- char *pw_shell;
-} xpasswd;
-
-/* The updated password information, plus the old password.
- */
-typedef struct yppasswd {
- char *oldpass;
- xpasswd newpw;
-} yppasswd;
-
-/* XDR encoding/decoding routines */
-bool_t xdr_xpasswd (XDR *xdrs, xpasswd *objp);
-bool_t xdr_yppasswd(XDR *xdrs, yppasswd *objp);
-
-/* The server procedure invoked by the main loop. */
-void yppasswdprog_1(struct svc_req *rqstp, SVCXPRT *transp);
-
-/* Password update handler. */
-int * yppasswdproc_pwupdate_1(yppasswd *yppw, struct svc_req *rqstp);
-
-/* This command is forked to rebuild the NIS maps after a successful
- * update. MAP_UPDATE is used as argv[0].
- */
-#define MAP_UPDATE "yppwupdate"
-#define MAP_UPDATE_PATH YPLIBDIR "/yppwupdate"
-
-#endif _YPPASSWD_H_
diff --git a/gnu/usr.sbin/yppasswdd/yppasswdd.8 b/gnu/usr.sbin/yppasswdd/yppasswdd.8
deleted file mode 100644
index 7dd6c30..0000000
--- a/gnu/usr.sbin/yppasswdd/yppasswdd.8
+++ /dev/null
@@ -1,199 +0,0 @@
-.\"
-.\" Copyright 1994 Olaf Kirch, <okir@monad.swb.de>
-.\"
-.\" This program is covered by the GNU General Public License, version 2.
-.\" It is provided in the hope that it is useful. However, the author
-.\" disclaims ALL WARRANTIES, expressed or implied. See the GPL for details.
-.\"
-.Dd 12 December 1994
-.Dt YPPASSWDD 8
-.Sh NAME
-.Nm yppasswdd
-.Nd NIS password database update server
-.Sh SYNOPSIS
-.Nm yppasswdd
-.Op Ar -m master password file
-.Op Fl s
-.Op Fl f
-.Op Fl v
-.Op Fl h
-.Sh DESCRIPTION
-.Nm yppasswdd
-is the RPC server that lets users change their passwords
-in the presence of NIS (a.k.a. YP). It must be run on the NIS master
-server for that NIS domain.
-.Pp
-When a
-.Xr yppasswd 1
-client contacts the server, it sends the old user
-password along with the new one.
-.Nm yppasswdd
-will search the system's
-NIS password database file for the specified user name, verify that the
-given (old) password matches, and update the entry. If the user
-specified does not exist, or if the password, UID or GID doesn't match
-the information in the password file, the update request is rejected,
-and an error returned to the client.
-.Pp
-After updating the
-.Nm master.passwd
-file and returning a success
-notifications to the client,
-.Nm yppasswdd
-executes the
-.Nm yppwupdate
-script that updates the NIS server's
-.Nm master.passwd.*
-and
-.Nm passwd.*
-maps. This script invokes
-.Nm /var/yp/Makefile
-to rebuild the NIS password maps (and propagate them to NIS slave
-servers if there are any in the domain).
-.Sh OPTIONS
-.Bl -tag -width Ds
-The following options are available with
-.Nm yppasswdd:
-.It Fl Ar m master password file
-.Nm yppasswdd
-server needs to know the location of the
-master.passwd file that is to be used to generate updated NIS
-password maps. This file is normally kept in
-.Nm /var/yp
-(it must be owned by root and not world readable for security reasons).
-If you move it somewhere else you'll have to tell yppasswdd using the
-.Fl m
-option. The location of this file is also passed to
-.Nm /var/yp/Makefile
-when time comes to rebuild the NIS password maps. It is recommended,
-however, that you edit
-.Nm /var/yp/Makefile
-to reflect the new location as well.
-When the server is ready to change
-a password database entry, it will modify master.passwd, then
-call the yppwupdate script, which will in turn call
-.Nm /var/yp/Makefile.
-.Pp
-Without the -m option,
-.Nm yppasswdd
-expects to use the local
-.Nm /etc/master.passwd
-file on the NIS master server as the source for
-regenerating the password maps (the server will rebuild the local
-password databases in this case as well).
-.Pp
-This is less secure than
-using a seperate password database to restrict access to the NIS
-master server, but the functionality is provided in the event this
-behavior is desired and security is not paramount (such as might be
-the case on a closed local network of trusted systems).
-Note that you will have to edit
-.Nm /var/yp/Makefile
-to use
-.Nm /etc/master.passwd
-instead of
-.Nm /var/yp/master.passwd
-if you want to use yppasswdd in this way.
-.It Fl s
-When invoked with the
-.Fl s
-flag,
-.Nm yppasswdd
-will allow users to change
-the shell field of their NIS password entry. Without it,
-.Xr yppasswd 1
-will
-appear to succeed when a user tries to change shells, but yppasswdd
-will not actually alter the password database.
-.It Fl f
-This flag works just like
-.Fl s ,
-except it applies to the GECOS or
-"fullname" field of a user's NIS password entry instead of the shell field.
-Some sites may wish to restrict users' ability to change their shells or
-full names for security or administrative reasons, which is why these two
-options are provided.
-.Sh MISCELLANEOUS
-.Ss Logging
-.Nm yppasswdd
-logs all password update requests to
-.Xr syslogd 8
-auth facility. The logging information includes the originating host's
-IP address and the user name and UID contained in the request. The
-user-supplied password itself is not logged.
-.Ss Security
-Unless I've screwed up completely (as I did with versions prior to
-version 0.7),
-.Nm yppasswdd
-should be as secure or insecure as any
-program relying on simple password authentication. If you feel that
-this is not enough, you may want to protect
-.Nm yppasswdd
-from outside
-access by using the 'securenets' feature of
-.Xr portmap 8
-version 3. Better still, use Kerberos.
-.Sh NOTES
-.Ss FreeBSD changes
-Unlike the original
-.Nm yppasswdd ,
-the FreeBSD version has no support for
-John F. Haugh II's shadow password suite. It doesn't need it: 4.4BSD's
-password database system already implements shadow passwords.
-.Ss Using the yppasswdd server with non-FreeBSD clients
-FreeBSD's
-.Nm yppasswdd
-should work equally well with non-FreeBSD client machines provided a
-few small changes are made to
-.Nm /var/yp/Makefile.
-FreeBSD's passwd.byname and passwd.byuid maps do not contain actual
-encrypted passwords (just like FreeBSD's /etc/passwd file): the real
-encrypted passwords are kept in master.passwd.byname and
-master.passwd.byuid, which FreeBSD's NIS server will only serve to
-the superuser on FreeBSD NIS clients (non-privileged users are not
-permitted to access these maps). Non-FreeBSD clients will not function
-properly in this situation, since they require the password fields in
-the passwd.* maps to be valid.
-.Pp
-To use
-.Nm yppasswdd
-with non-FreeBSD clients, you will need to edit
-.Nm /var/yp/Makefile
-and uncomment the line that says 'UNSECURE=True' and run
-.Xr make 1 .
-This will cause
-.Nm /var/yp/Makefile
-to generate passwd.* maps with real passwords in them instead of
-stripping them out as it does normally.
-.Sh FILES
-.Bl -tag -width /usr/libexec/yppwupdate -compact
-.It Pa /usr/sbin/yppasswdd
-The yppasswdd daemon
-.It Pa /usr/libexec/yppwupdate
-The NIS map update script
-.It Pa /var/yp/master.passwd
-NIS password map source file
-.It Pa /etc/master.passwd
-Raw local password database (only used when
-.Fl m
-option isn't supplied)
-.Sh SEE ALSO
-.Xr passwd 1 ,
-.Xr ypcat 1 ,
-.Xr ypchsh 1 ,
-.Xr ypchfn 1 ,
-.Xr yppasswd 1 ,
-.Xr passwd 5 ,
-.Xr ypserv 8 ,
-.Xr portmap 8 .
-.Sh COPYRIGHT
-.Nm yppasswdd
-is copyright (C) Olaf Kirch. You can use and distribute it
-under the GNU General Public License Version 2.
-.Sh AUTHOR(S)
-.br
-Olaf Kirch, <okir@monad.swb.de>
-.br
-Charles Lopez, <tjarls@infm.ulst.ac.uk> (shadow support)
-.br
-Bill Paul, <wpaul@ctr.columbia.edu> (port to FreeBSD, various small changes)
diff --git a/gnu/usr.sbin/yppasswdd/yppasswdd.c b/gnu/usr.sbin/yppasswdd/yppasswdd.c
deleted file mode 100644
index b69333e..0000000
--- a/gnu/usr.sbin/yppasswdd/yppasswdd.c
+++ /dev/null
@@ -1,201 +0,0 @@
-/*
- * yppasswdd
- * Copyright 1994 Olaf Kirch, <okir@monad.swb.de>
- *
- * This program is covered by the GNU General Public License, version 2.
- * It is provided in the hope that it is useful. However, the author
- * disclaims ALL WARRANTIES, expressed or implied. See the GPL for details.
- */
-
-#include <sys/types.h>
-#include <sys/errno.h>
-#include <sys/ioctl.h>
-#include <sys/wait.h>
-#include <termios.h>
-#include <signal.h>
-#include <unistd.h>
-#include <fcntl.h>
-
-#include <stdlib.h>
-#include <syslog.h>
-#include <stdio.h>
-#include <string.h>
-#include <pwd.h>
-
-#include <rpc/rpc.h>
-#include <rpc/pmap_clnt.h>
-#include "yppasswd.h"
-
-extern char *optarg;
-extern void pw_init __P((void));
-static char *program_name = "";
-static char *version = "yppsswdd " VERSION;
-char *passfile = _PATH_MASTERPASSWD;
-int allow_chfn = 0, allow_chsh = 0;
-
-#define xprt_addr(xprt) (svc_getcaller(xprt)->sin_addr)
-#define xprt_port(xprt) ntohs(svc_getcaller(xprt)->sin_port)
-void yppasswdprog_1( struct svc_req *rqstp, SVCXPRT *transp );
-void reaper( int sig );
-
-/*==============================================================*
- * RPC dispatch function
- *==============================================================*/
-void
-yppasswdprog_1(struct svc_req *rqstp, SVCXPRT *transp)
-{
- union {
- yppasswd yppasswdproc_update_1_arg;
- } argument;
- char *result;
- xdrproc_t xdr_argument, xdr_result;
- char *(*local)();
-
- switch (rqstp->rq_proc) {
- case NULLPROC:
- (void)svc_sendreply(transp, (xdrproc_t)xdr_void, (char *)NULL);
- return;
-
- case YPPASSWDPROC_UPDATE:
- xdr_argument = (xdrproc_t) xdr_yppasswd;
- xdr_result = (xdrproc_t) xdr_int;
- local = (char *(*)()) yppasswdproc_pwupdate_1;
- break;
-
- default:
- svcerr_noproc(transp);
- return;
- }
- bzero((char *)&argument, sizeof(argument));
- if (!svc_getargs(transp, xdr_argument, &argument)) {
- svcerr_decode(transp);
- return;
- }
- result = (*local)(&argument, rqstp);
- if (result != NULL
- && !svc_sendreply(transp, (xdrproc_t)xdr_result, result)) {
- svcerr_systemerr(transp);
- }
- if (!svc_freeargs(transp, xdr_argument, &argument)) {
- (void)fprintf(stderr, "unable to free arguments\n");
- exit(1);
- }
-}
-
-static void
-usage(FILE *fp, int n)
-{
- fprintf (fp, "usage: %s [-m master password file] [-f] [-s] [-h] [-v]\n", program_name );
- exit(n);
-}
-
-void
-reaper( int sig )
-{
- extern pid_t pid;
- extern int pstat;
-
- pid = waitpid(pid, &pstat, 0);
-}
-
-void
-install_reaper( int on )
-{
- struct sigaction act, oact;
-
- if (on) {
- act.sa_handler = reaper;
- sigemptyset(&act.sa_mask);
- act.sa_flags = SA_RESTART;
- } else {
- act.sa_handler = SIG_DFL;
- sigemptyset(&act.sa_mask);
- act.sa_flags = SA_RESTART;
- }
- sigaction( SIGCHLD, &act, &oact );
-}
-
-
-int
-main(int argc, char **argv)
-{
- SVCXPRT *transp;
- char *sp;
- int opterr;
- int c;
-
- program_name = argv[0];
- if ((sp = strrchr(program_name, '/')) != NULL) {
- program_name = ++sp;
- }
-
- /* Parse the command line options and arguments. */
- opterr = 0;
- while ((c = getopt(argc, argv, "m:fshv")) != EOF)
- switch (c) {
- case 'm':
- passfile = strdup(optarg);
- break;
- case 'f':
- allow_chfn = 1;
- break;
- case 's':
- allow_chsh = 1;
- break;
- case 'h':
- usage (stdout, 0);
- break;
- case 'v':
- printf("%s\n", version);
- exit(0);
- case 0:
- break;
- case '?':
- default:
- usage(stderr, 1);
- }
-
- if (daemon(0,0)) {
- perror("fork");
- exit(1);
- }
-
- /*
- * We can call this here since it does some necessary setup
- * for us (blocking signals, setting resourse limits, etc.
- */
- pw_init();
-
- /* Initialize logging.
- */
- openlog ( "yppasswdd", LOG_PID, LOG_AUTH );
-
- /* Register a signal handler to reap children after they terminated
- */
- install_reaper(1);
-
- /*
- * Create the RPC server
- */
- (void)pmap_unset(YPPASSWDPROG, YPPASSWDVERS);
-
- transp = svcudp_create(RPC_ANYSOCK);
- if (transp == NULL) {
- (void)fprintf(stderr, "cannot create udp service.\n");
- exit(1);
- }
- if (!svc_register(transp, YPPASSWDPROG, YPPASSWDVERS, yppasswdprog_1,
- IPPROTO_UDP)) {
- (void)fprintf(stderr, "unable to register yppaswdd udp service.\n");
- exit(1);
- }
-
- /*
- * Run the server
- */
- svc_run();
- (void)fprintf(stderr, "svc_run returned\n");
-
- return 1;
-}
-
diff --git a/gnu/usr.sbin/yppasswdd/yppwupdate b/gnu/usr.sbin/yppasswdd/yppwupdate
deleted file mode 100644
index 64bd9ef..0000000
--- a/gnu/usr.sbin/yppasswdd/yppwupdate
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/sh
-#
-# This script is invoked by yppasswdd to update the password
-# maps after the master password file has been modified.
-# Comment out the LOG=yes line to disable logging.
-#
-
-LOG=yes
-LOGFILE=/var/yp/ypupdate.log
-
-umask 077
-
-if [ ! -f $LOGFILE ];
-then
- /usr/bin/touch $LOGFILE
- echo "# Edit /usr/libexec/yppwupdate to disable" >> $LOGFILE
- echo "# logging to this file from yppasswdd." >> $LOGFILE
- echo -n "# Log started on: " >> $LOGFILE
- /bin/date >> $LOGFILE
-fi
-
-if [ ! $LOG ];
-then
- cd /var/yp; /usr/bin/make MASTER_PASSWD=$1
-else
- cd /var/yp; /usr/bin/make MASTER_PASSWD=$1 >> $LOGFILE
-fi
OpenPOWER on IntegriCloud