Remove the ypchfn/ypchsh stuff from passwd and leave just the

yppasswd support. The rest is moving into chpass.

5 files changed, 78 insertions, 169 deletions

diff --git a/usr.bin/passwd/Makefile b/usr.bin/passwd/Makefile
index fccf4ea..068f9f5 100644
--- a/usr.bin/passwd/Makefile
+++ b/usr.bin/passwd/Makefile
@@ -1,5 +1,5 @@
 # From:	@(#)Makefile	8.3 (Berkeley) 4/2/94
-# $Id: Makefile,v 1.13.2.1 1995/06/07 05:52:05 jkh Exp $
+# $Id: Makefile,v 1.14 1995/06/11 19:32:12 rgrimes Exp $
 
 PROG=	passwd
 SRCS=	local_passwd.c yp_passwd.c passwd.c pw_copy.c pw_util.c
@@ -12,9 +12,9 @@ CFLAGS+=-DCRYPT -DYP -I${.CURDIR} -I${.CURDIR}/../../usr.sbin/vipw \
 
 BINOWN=	root
 BINMODE=4555
-INSTALLFLAGS=-fschg
-MAN1=passwd.1 yppasswd.1
-MLINKS=yppasswd.1 ypchsh.1 yppasswd.1 ypchpass.1 yppasswd.1 ypchfn.1
+MAN1=passwd.1
+LINKS=${DESTDIR}${BINDIR}/passwd ${DESTDIR}${BINDIR}/yppasswd
+MLINKS=passwd.1 yppasswd.1
 
 .if exists(${DESTDIR}/usr/lib/libkrb.a) && (defined(MAKE_EBONES))
 SRCS+=	kpasswd.c
@@ -29,10 +29,10 @@ LDADD=	-lkadm -lkrb -ldes -lcrypt -lrpcsvc -lcom_err
 DISTRIBUTION=	krb
 .endif
 
+beforeinstall:
+	[ ! -e ${DESTDIR}${BINDIR}/passwd ] || \
+		chflags noschg ${DESTDIR}${BINDIR}/passwd
 afterinstall:
-	ln -sf passwd ${DESTDIR}${BINDIR}/yppasswd
-	ln -sf passwd ${DESTDIR}${BINDIR}/ypchsh
-	ln -sf passwd ${DESTDIR}${BINDIR}/ypchfn
-	ln -sf passwd ${DESTDIR}${BINDIR}/ypchpass
+	chflags schg ${DESTDIR}${BINDIR}/passwd
 
 .include <bsd.prog.mk>
diff --git a/usr.bin/passwd/local_passwd.c b/usr.bin/passwd/local_passwd.c
index 0cbafeb..44c8ffe 100644
--- a/usr.bin/passwd/local_passwd.c
+++ b/usr.bin/passwd/local_passwd.c
@@ -82,8 +82,8 @@ getnewpasswd(pw, nis)
 	char buf[_PASSWORD_LEN+1], salt[9];
 	struct timeval tv;
 
-	(void)printf("Changing %s password for %s.\n", nis ? "YP" : "local",
-								pw->pw_name);
+	if (!nis)
+		(void)printf("Changing local password for %s.\n", pw->pw_name);
 
 	if (uid && pw->pw_passwd[0] &&
 	    strcmp(crypt(getpass("Old password:"), pw->pw_passwd),
diff --git a/usr.bin/passwd/passwd.1 b/usr.bin/passwd/passwd.1
index 4b07f93..c88216e 100644
--- a/usr.bin/passwd/passwd.1
+++ b/usr.bin/passwd/passwd.1
@@ -35,7 +35,7 @@
 .Dt PASSWD 1
 .Os BSD 4
 .Sh NAME
-.Nm passwd
+.Nm passwd, yppasswd
 .Nd modify a user's password
 .Sh SYNOPSIS
 .Nm passwd
@@ -77,6 +77,54 @@ followed by
 .Xr passwd 1 .
 The super-user is not required to provide a user's current password
 if only the local password is modified.
+.Sh NIS INTERACTION
+.Nm Passwd
+has built-in support for NIS. If a user exists in the NIS password
+database but does not exist locally,
+.Nm passwd
+automatically switches into ``yppasswd'' mode. If the specified
+user does not exist in either the local password database of the
+NIS password maps,
+.Nm passwd
+returns an error.
+The following additional options are supported for use with NIS:
+.Bl -tag -width flag
+.It Fl y
+The
+.Fl y
+flag overrides
+.Nm passwd 's
+checking heuristics and forces
+it into NIS mode.
+.It Fl l
+When NIS is enabled, the
+.Fl l
+flag can be used to force
+.Nm passwd
+into ``local only'' mode. This flag can be used to change the entry
+for a local user when an NIS user exists when the same login name.
+For example, you will sometimes find entries for system ``placeholder''
+users such as
+.Pa bin
+or
+.Pa daemon
+in both the NIS password maps and the local user database. By
+default,
+.Nm passwd
+will try to change the NIS password. The
+.Fl l
+flag can be used to change the local password instead.
+.El
+.Pp
+When changing an NIS password, the user is required to provide
+the old password for authentication (the
+.Xr yppasswdd 8
+daemon requires the original password before
+it will allow any changes to the NIS password maps).
+This restriction applies even to the
+super-user: the only way for an administrator to override a
+user's NIS password is by modifying the NIS password maps on
+the master NIS server.
 .Sh FILES
 .Bl -tag -width /etc/master.passwd -compact
 .It Pa /etc/master.passwd
@@ -100,6 +148,11 @@ Temporary copy of the password file
 .%A Ken Thompson
 .%T "UNIX password security"
 .Re
+.Sh NOTES
+The
+.Xr yppasswd 1
+command is really only a link to
+.Nm passwd .
 .Sh HISTORY
 A
 .Nm passwd
diff --git a/usr.bin/passwd/passwd.c b/usr.bin/passwd/passwd.c
index 54f7dc0..aee2e6e 100644
--- a/usr.bin/passwd/passwd.c
+++ b/usr.bin/passwd/passwd.c
@@ -40,7 +40,7 @@ static char copyright[] =
 #ifndef lint
 static char sccsid[] = "From: @(#)passwd.c	8.3 (Berkeley) 4/2/94";
 static const char rcsid[] =
-	"$Id: passwd.c,v 1.3 1995/01/31 08:34:05 wpaul Exp $";
+	"$Id: passwd.c,v 1.4 1995/06/16 03:33:10 wpaul Exp $";
 #endif /* not lint */
 
 #include <err.h>
@@ -72,7 +72,7 @@ int use_local_passwd = 0;
 
 #ifdef YP
 #define PERM_SECURE (S_IRUSR|S_IWUSR)
-int use_yp_passwd = 0, opt_shell = 0, opt_fullname = 0;
+int _use_yp = 0;
 char *prog_name;
 HASHINFO openinfo = {
         4096,           /* bsize */
@@ -114,11 +114,7 @@ main(argc, argv)
 	DBT key,data;
 	char bf[UT_NAMESIZE + 2];
 
-	if (strstr(argv[0], (prog_name = "ypchpass")))
-		use_yp_passwd = opt_shell = opt_fullname = 1;
-	if (strstr(argv[0], (prog_name = "ypchsh"))) opt_shell = 1;
-	if (strstr(argv[0], (prog_name = "ypchfn"))) opt_fullname = 1;
-	if (strstr(argv[0], (prog_name = "yppasswd"))) use_yp_passwd = 1;
+	if (strstr(argv[0], (prog_name = "yppasswd"))) _use_yp = 1;
 #endif
 
 	while ((ch = getopt(argc, argv, OPTIONS)) != EOF) {
@@ -139,13 +135,7 @@ main(argc, argv)
 #endif /* KERBEROS */
 #ifdef	YP
 		case 'y':			/* Change NIS password */
-			use_yp_passwd = 1;
-			break;
-		case 's':			/* Change NIS shell field */
-			opt_shell = 1;
-			break;
-		case 'f':			/* Change NIS GECOS field */
-			opt_fullname = 1;
+			_use_yp = 1;
 			break;
 #endif
 		default:
@@ -231,9 +221,9 @@ usage()
 	fprintf(stderr,
 	 "usage: passwd [-l] [-i instance] [-r realm] [-u fullname]\n");
 	fprintf(stderr,
-	"        [-l] [-y] [-f] [-s] [user]\n");
+	"        [-l] [-y] [user]\n");
 #else
-	(void)fprintf(stderr, "usage: passwd [-l] [-y] [-f] [-s] [user] \n");
+	(void)fprintf(stderr, "usage: passwd [-l] [-y] [user] \n");
 #endif
 #else
 #ifdef	KERBEROS
diff --git a/usr.bin/passwd/yp_passwd.c b/usr.bin/passwd/yp_passwd.c
index 7dd3756..f6e7d6f 100644
--- a/usr.bin/passwd/yp_passwd.c
+++ b/usr.bin/passwd/yp_passwd.c
@@ -43,116 +43,12 @@
 #include <rpcsvc/ypclnt.h>
 #include <rpcsvc/yppasswd.h>
 
-extern int    use_yp_passwd, opt_fullname, opt_shell;
 extern char *prog_name;
 uid_t	uid;
 
-static unsigned char itoa64[] =		/* 0 ... 63 => ascii - 64 */
-"./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
-
 extern char *getnewpasswd __P(( struct passwd * , int ));
 
 char *
-getfield(char *gecos, char *field, int size)
-{
-    char *sp;
-
-    for (sp = gecos; *sp != '\0' && *sp != ','; sp++);
-    if (*sp != '\0') {
-    	*sp++ = '\0';
-    }
-    strncpy (field, gecos, size-1);
-    field[size-1] = '\0';
-    return sp;
-}
-
-int
-newfield(char *prompt, char *deflt, char *field, int size)
-{
-    char	*sp;
-
-    if (deflt == NULL) {
-        deflt = "none";
-    }
-
-    printf("%s [%s]: ", prompt, deflt);
-    fflush(stdout);
-    if (fgets(field, size, stdin) == NULL) {
-    	return 1;
-    }
-
-    if ((sp = strchr(field, '\n')) != NULL) {
-    	*sp = '\0';
-    }
-
-    if (!strcmp(field, "")) {
-    	strcpy(field, deflt);
-    }
-    if (!strcmp(field, "none")) {
-    	strcpy(field, "");
-    }
-
-    if (strchr(field, ':') != NULL) {
-    	fprintf(stderr, "%s: no colons allowed in GECOS field... sorry.\n",
-    				prog_name);
-    	return 1;
-    }
-    return 0;
-}
-
-char *
-getnewfullname(struct passwd *pw)
-{
-    char	gecos[1024], *sp, new_gecos[1024];
-    char	name[254], location[254], office[254], phone[254];
-
-    printf ("\nChanging full name for %s.\n"
-    	    "To accept the default, simply press return. To enter an empty\n"
-    	    "field, type the word \"none\".\n",
-    	    pw->pw_name);
-
-    strncpy (gecos, pw->pw_gecos, sizeof(gecos));
-    sp = getfield(gecos, name, sizeof(name));
-    if (newfield("Name", strtok(gecos, ","), name, sizeof(name))) {
-    	return NULL;
-    }
-    sp = getfield(sp, location, sizeof(location));
-    if (newfield("Location", location, location, sizeof(location))) {
-    	return NULL;
-    }
-    sp = getfield(sp, office, sizeof(office));
-    if (newfield("Office Phone", office, office, sizeof(office))) {
-    	return NULL;
-    }
-    sp = getfield(sp, phone, sizeof(phone));
-    if (newfield("Home Phone", phone, phone, sizeof(phone))) {
-    	return NULL;
-    }
-    sprintf (new_gecos, "%s,%s,%s,%s", name, location, office, phone);
-
-    sp = new_gecos + strlen(new_gecos);
-    while (*--sp == ',') *sp = '\0';
-
-    return strdup(new_gecos);
-}
-
-char *
-getnewshell(struct passwd *pw)
-{
-    char    new_shell[PATH_MAX];
-
-    printf ("\nChanging login shell for %s.\n"
-    	    "To accept the default, simply press return. To use the\n"
-    	    "system's default shell, type the word \"none\".\n",
-    	    pw->pw_name);
-
-    if (newfield("Login shell", pw->pw_shell, new_shell, sizeof(new_shell))) {
-        return NULL;
-    }
-    return strdup(new_shell);
-}
-
-char *
 getserver( void )
 {
   char  *domainname, *master;
@@ -192,13 +88,9 @@ yp_passwd(char *user)
   struct passwd *pw;
   CLIENT *clnt;
   char   *master;
-  char   *what;
   int    c, err, status;
   char   *s;
 
-  if (use_yp_passwd + opt_fullname + opt_shell == 0)
-      use_yp_passwd = 1;	/* default to yppasswd behavior */
-
   if ((master = getserver()) == NULL) {
       exit(1);
   }
@@ -234,27 +126,13 @@ yp_passwd(char *user)
   yppasswd.newpw.pw_shell = pw->pw_shell;
   yppasswd.oldpass = NULL;
 
-  switch (use_yp_passwd + (opt_fullname << 1) + (opt_shell << 2)) {
-  case 1:
-      what = "YP password";
-      break;
-  case 2:
-      what = "fullname";
-      break;
-  case 4:
-      what = "login shell";
-      break;
-  default:
-      what = "account information";
-  }
-  printf("Changing %s for %s on %s.\n",  what, pw->pw_name, master);
+  printf("Changing NIS password for %s on %s.\n", pw->pw_name, master);
 
   /* Get old password */
   if(pw->pw_passwd) {
     char prompt[40];
 
-    sprintf (prompt, "Please enter %spassword:", use_yp_passwd? "old " : "");
-    s = getpass (prompt);
+    s = getpass ("Old password: ");
     if( strcmp(crypt(s, pw->pw_passwd), pw->pw_passwd)) {
         fprintf(stderr, "Sorry.\n");
         exit (1);
@@ -262,21 +140,9 @@ yp_passwd(char *user)
     yppasswd.oldpass = strdup(s);
   }
 
-  if (use_yp_passwd) {
-      if ((s = getnewpasswd(pw, 1)) == NULL)
-      	  exit (1);
-      yppasswd.newpw.pw_passwd = s;
-  }
-  if (opt_fullname) {
-      if ((s = getnewfullname(pw)) == NULL)
-      	  exit (1);
-      yppasswd.newpw.pw_gecos = s;
-  }
-  if (opt_shell) {
-      if ((s = getnewshell(pw)) == NULL)
-      	  exit (1);
-      yppasswd.newpw.pw_shell = s;
-  }
+  if ((s = getnewpasswd(pw, 1)) == NULL)
+	exit (1);
+  yppasswd.newpw.pw_passwd = s;
 
   /* The yppasswd.x file said `unix authentication required',
    * so I added it. This is the only reason it is in here.
@@ -296,11 +162,11 @@ yp_passwd(char *user)
       clnt_perrno(err);
       fprintf( stderr, "\n" );
   } else if (status) {
-      fprintf( stderr, "Error while changing %s.\n", what );
+      fprintf( stderr, "Error while changing NIS password.\n");
   }
 
-  printf("\nThe %s has%s been changed on %s.\n",
-  		what, (err || status)? " not" : "", master);
+  printf("\nNIS password has%s been changed on %s.\n",
+  		(err || status)? " not" : "", master);
 
   auth_destroy( clnt->cl_auth );
   clnt_destroy( clnt );