Obtained from: The NYS project

This is the first round of changes to incorporate YP server functionality
into FreeBSD. This particular change allows passwd to change either the
local or NIS password, as well as the NIS GECOS and shell information.

Essentially, I've taken passwd(1) and yppasswd from the yppasswd-0.5
distribution (which is part of the NYS project -- a project to provide
a GNU GPL'ed suite of NIS tools) and rammed them into each other
at high speed. I've tried my best to make this co-exist with the
Kerberos stuff, but since I don't run Kerberos I don't have an easy
way to verify that it all works. If you choose any Kerberos flags
then the YP checks should be bypassed, but that may not be enough.
I'll modify it some more if it turns out I broke something. For now,
support for localand NIS passwords is pretty solid:

- If you simply type 'passwd,' the program checks to see if you exist
  in the local pwd.db database. If not, you get bounced to YP.

- If you try to force local functionality with the -l flag and you
  don't exist locally, you get an error.

The -y flag can be used to force YP functionality. -f and -s let you
change your full name and shell (respectively). -f *and* -s let you
change all of your 'account information.'

ypchfn, ypchsh, yppasswd and ypchpass are all links to passwd.

1 files changed, 102 insertions, 2 deletions

diff --git a/usr.bin/passwd/passwd.c b/usr.bin/passwd/passwd.c
index 49f762d..c892f5b 100644
--- a/usr.bin/passwd/passwd.c
+++ b/usr.bin/passwd/passwd.c
@@ -40,7 +40,7 @@ static char copyright[] =
 #ifndef lint
 static char sccsid[] = "From: @(#)passwd.c	8.3 (Berkeley) 4/2/94";
 static const char rcsid[] =
-	"$Id$";
+	"$Id: passwd.c,v 1.2 1995/01/20 22:03:36 wollman Exp $";
 #endif /* not lint */
 
 #include <err.h>
@@ -49,6 +49,17 @@ static const char rcsid[] =
 #include <stdlib.h>
 #include <unistd.h>
 
+#ifdef YP
+#include <pwd.h>
+#include <limits.h>
+#include <db.h>
+#include <fcntl.h>
+#include <utmp.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/param.h>
+#endif
+
 #ifdef KERBEROS
 #include "krb.h"
 #endif
@@ -59,6 +70,20 @@ void	usage __P((void));
 
 int use_local_passwd = 0;
 
+#ifdef YP
+#define PERM_SECURE (S_IRUSR|S_IWUSR)
+int use_yp_passwd = 0, opt_shell = 0, opt_fullname = 0;
+char *prog_name;
+HASHINFO openinfo = {
+        4096,           /* bsize */
+        32,             /* ffactor */
+        256,            /* nelem */
+        2048 * 1024,    /* cachesize */
+        NULL,           /* hash */
+        0,              /* lorder */
+};
+#endif
+
 int
 main(argc, argv)
 	int argc;
@@ -68,12 +93,34 @@ main(argc, argv)
 	char *uname;
 	char *iflag = 0, *rflag = 0, *uflag = 0;
 
+#ifdef YP
+#ifdef KERBEROS
+	char realm[REALM_SZ];
+#define OPTIONS "lysfi:r:u:"
+#else
+#define OPTIONS "lysf"
+#endif
+#else
 #ifdef KERBEROS
 	char realm[REALM_SZ];
 #define OPTIONS "li:r:u:"
 #else
 #define OPTIONS "l"
 #endif
+#endif
+
+#ifdef YP
+	DB *dbp;
+	DBT key,data;
+	char bf[UT_NAMESIZE + 2];
+
+	if (strstr(argv[0], (prog_name = "ypchpass")))
+		use_yp_passwd = opt_shell = opt_fullname = 1;
+	if (strstr(argv[0], (prog_name = "ypchsh"))) opt_shell = 1;
+	if (strstr(argv[0], (prog_name = "ypchfn"))) opt_fullname = 1;
+	if (strstr(argv[0], (prog_name = "yppasswd"))) use_yp_passwd = 1;
+#endif
+
 	while ((ch = getopt(argc, argv, OPTIONS)) != EOF) {
 		switch (ch) {
 		case 'l':		/* change local password file */
@@ -90,7 +137,17 @@ main(argc, argv)
 			uflag = optarg;
 			break;
 #endif /* KERBEROS */
-
+#ifdef	YP
+		case 'y':			/* Change NIS password */
+			use_yp_passwd = 1;
+			break;
+		case 's':			/* Change NIS shell field */
+			opt_shell = 1;
+			break;
+		case 'f':			/* Change NIS GECOS field */
+			opt_fullname = 1;
+			break;
+#endif
 		default:
 		case '?':
 			usage();
@@ -113,6 +170,34 @@ main(argc, argv)
 		usage();
 	}
 
+#ifdef YP
+	/*
+	 * If the user isn't in the local database file, he must
+	 * be in the NIS database.
+	 */
+#ifdef KERBEROS
+	if (!use_yp_passwd && !opt_shell && !opt_fullname &&
+		iflag == NULL && rflag == NULL && uflag == NULL) {
+#else
+	if (!use_yp_passwd && !opt_shell && !opt_fullname) {
+#endif
+		if ((dbp = dbopen(_PATH_MP_DB, O_RDONLY, PERM_SECURE,
+				DB_HASH, &openinfo)) == NULL)
+			errx(1, "error opening database: %s.", _PATH_MP_DB);
+
+		bf[0] = _PW_KEYBYNAME;
+		bcopy(uname, bf + 1, MIN(strlen(uname), UT_NAMESIZE));
+		key.data = (u_char *)bf;
+		key.size = strlen(uname) + 1;
+		if ((dbp->get)(dbp,&key,&data,0))
+			use_yp_passwd = 1;
+		(dbp->close)(dbp);
+	}
+
+	if (!use_local_passwd && (use_yp_passwd || opt_shell || opt_fullname))
+		exit(yp_passwd(uname));
+#endif
+
 	if (!use_local_passwd) {
 #ifdef	KERBEROS
 		if(krb_get_lrealm(realm, 0) == KSUCCESS) {
@@ -121,6 +206,10 @@ main(argc, argv)
 		}
 #endif
 	}
+#ifdef YP
+	if (use_local_passwd && use_yp_passwd)
+		errx(1,"unknown local user: %s.",uname);
+#endif
 	exit(local_passwd(uname));
 }
 
@@ -128,11 +217,22 @@ void
 usage()
 {
 
+#ifdef	YP
+#ifdef	KERBEROS
+	fprintf(stderr,
+	 "usage: passwd [-l] [-i instance] [-r realm] [-u fullname]\n");
+	fprintf(stderr,
+	"        [-l] [-y] [-f] [-s] [user]\n");
+#else
+	(void)fprintf(stderr, "usage: passwd [-y] [-f] [-s] [user] \n");
+#endif
+#else
 #ifdef	KERBEROS
 	fprintf(stderr,
 	 "usage: passwd [-l] [-i instance] [-r realm] [-u fullname] [user]\n");
 #else
 	(void)fprintf(stderr, "usage: passwd user\n");
 #endif
+#endif
 	exit(1);
 }