aboutsummaryrefslogtreecommitdiff
path: root/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin/rpc.yppasswdd/yppasswdd_server.c')
-rw-r--r--usr.sbin/rpc.yppasswdd/yppasswdd_server.c56
1 files changed, 47 insertions, 9 deletions
diff --git a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
index 1cc5322247b6..7932753688bb 100644
--- a/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
+++ b/usr.sbin/rpc.yppasswdd/yppasswdd_server.c
@@ -448,6 +448,7 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
char *oldgecos = NULL;
char *passfile_hold;
char passfile_buf[MAXPATHLEN + 2];
+ char passfile_hold_buf[MAXPATHLEN + 2];
char *domain = yppasswd_domain;
static struct sockaddr_in clntaddr;
static struct timeval t_saved, t_test;
@@ -572,6 +573,15 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
passfile = (char *)&passfile_buf;
}
+ /*
+ * Create a filename to hold the original master.passwd
+ * so if our call to yppwupdate fails we can roll back
+ */
+ snprintf(passfile_hold_buf, sizeof(passfile_hold_buf),
+ "%s.hold", passfile);
+ passfile_hold = (char *)&passfile_hold_buf;
+
+
/* Step 5: make a new password file with the updated info. */
if (pw_init(dirname(passfile), passfile)) {
@@ -593,11 +603,38 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
yp_error("pw_copy() failed");
return &result;
}
- if (pw_mkdb(yp_password.pw_name) == -1) {
+ if (rename(passfile, passfile_hold) == -1) {
pw_fini();
- yp_error("pw_mkdb() failed");
+ yp_error("rename of %s to %s failed", passfile,
+ passfile_hold);
return &result;
}
+
+ if (strcmp(passfile, _PATH_MASTERPASSWD) == 0) {
+ /*
+ * NIS server is exporting the system's master.passwd.
+ * Call pw_mkdb to rebuild passwd and the .db files
+ */
+ if (pw_mkdb(yp_password.pw_name) == -1) {
+ pw_fini();
+ yp_error("pw_mkdb() failed");
+ rename(passfile_hold, passfile);
+ return &result;
+ }
+ } else {
+ /*
+ * NIS server is exporting a private master.passwd.
+ * Rename tempfile into final location
+ */
+ if (rename(pw_tempname(), passfile) == -1) {
+ pw_fini();
+ yp_error("rename of %s to %s failed",
+ pw_tempname(), passfile);
+ rename(passfile_hold, passfile);
+ return &result;
+ }
+ }
+
pw_fini();
if (inplace) {
@@ -633,9 +670,8 @@ yppasswdproc_update_1_svc(yppasswd *argp, struct svc_req *rqstp)
}
if (verbose) {
- yp_error("update completed for user %s (uid %d):",
- argp->newpw.pw_name,
- argp->newpw.pw_uid);
+ yp_error("update completed for user %s (uid %d) in %s:",
+ argp->newpw.pw_name, argp->newpw.pw_uid, passfile);
if (passwd_changed)
yp_error("password changed");
@@ -780,10 +816,12 @@ allow additions to be made to the password database");
yp_error("pw_copy() failed");
return &result;
}
- if (pw_mkdb(argp->newpw.pw_name) == -1) {
- pw_fini();
- yp_error("pw_mkdb() failed");
- return &result;
+ if (strcmp(passfile, _PATH_MASTERPASSWD) == 0) {
+ if (pw_mkdb(argp->newpw.pw_name) == -1) {
+ pw_fini();
+ yp_error("pw_mkdb() failed");
+ return &result;
+ }
}
pw_fini();
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-29 04:16:50 +0000