| From a7d995228491ad5255ad86c1f04ba071f6880897 Mon Sep 17 00:00:00 2001 |
| From: Chen Qi <Qi.Chen@windriver.com> |
| Date: Sat, 16 Nov 2013 15:27:47 +0800 |
| Subject: [PATCH] Allow for setting password in clear text |
| |
| Upstream-Status: Inappropriate [OE specific] |
| |
| Signed-off-by: Chen Qi <Qi.Chen@windriver.com> |
| |
| --- |
| src/Makefile.am | 8 ++++---- |
| src/groupadd.c | 20 +++++++++++++++----- |
| src/groupmod.c | 20 +++++++++++++++----- |
| src/useradd.c | 21 +++++++++++++++------ |
| src/usermod.c | 20 +++++++++++++++----- |
| 5 files changed, 64 insertions(+), 25 deletions(-) |
| |
| diff --git a/src/Makefile.am b/src/Makefile.am |
| index f31fd7a..4a317a3 100644 |
| --- a/src/Makefile.am |
| +++ b/src/Makefile.am |
| @@ -103,10 +103,10 @@ chsh_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM) |
| chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF) |
| expiry_LDADD = $(LDADD) $(LIBECONF) |
| gpasswd_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF) |
| -groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| +groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT) |
| groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| -groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| +groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT) |
| grpck_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| grpconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| grpunconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| @@ -127,9 +127,9 @@ su_SOURCES = \ |
| suauth.c |
| su_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF) |
| sulogin_LDADD = $(LDADD) $(LIBCRYPT) $(LIBECONF) |
| -useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) |
| +useradd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT) |
| userdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBECONF) |
| -usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) |
| +usermod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT) |
| vipw_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) |
| |
| install-am: all-am |
| diff --git a/src/groupadd.c b/src/groupadd.c |
| index e9c4bb7..d572c00 100644 |
| --- a/src/groupadd.c |
| +++ b/src/groupadd.c |
| @@ -127,9 +127,10 @@ static /*@noreturn@*/void usage (int status) |
| (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" |
| " (non-unique) GID\n"), usageout); |
| (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); |
| + (void) fputs (_(" -P, --clear-password PASSWORD use this clear password for the new group\n"), usageout); |
| (void) fputs (_(" -r, --system create a system account\n"), usageout); |
| (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
| - (void) fputs (_(" -P, --prefix PREFIX_DIR directory prefix\n"), usageout); |
| + (void) fputs (_(" -A, --prefix PREFIX_DIR directory prefix\n"), usageout); |
| (void) fputs ("\n", usageout); |
| exit (status); |
| } |
| @@ -391,13 +392,14 @@ static void process_flags (int argc, char **argv) |
| {"key", required_argument, NULL, 'K'}, |
| {"non-unique", no_argument, NULL, 'o'}, |
| {"password", required_argument, NULL, 'p'}, |
| + {"clear-password", required_argument, NULL, 'P'}, |
| {"system", no_argument, NULL, 'r'}, |
| {"root", required_argument, NULL, 'R'}, |
| - {"prefix", required_argument, NULL, 'P'}, |
| + {"prefix", required_argument, NULL, 'A'}, |
| {NULL, 0, NULL, '\0'} |
| }; |
| |
| - while ((c = getopt_long (argc, argv, "fg:hK:op:rR:P:", |
| + while ((c = getopt_long (argc, argv, "fg:hK:op:P:rR:A:", |
| long_options, NULL)) != -1) { |
| switch (c) { |
| case 'f': |
| @@ -449,12 +451,20 @@ static void process_flags (int argc, char **argv) |
| pflg = true; |
| group_passwd = optarg; |
| break; |
| + case 'P': |
| + pflg = true; |
| + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
| + break; |
| case 'r': |
| rflg = true; |
| break; |
| case 'R': /* no-op, handled in process_root_flag () */ |
| break; |
| - case 'P': /* no-op, handled in process_prefix_flag () */ |
| + case 'A': /* no-op, handled in process_prefix_flag () */ |
| + fprintf (stderr, |
| + _("%s: -A is deliberately not supported \n"), |
| + Prog); |
| + exit (E_BAD_ARG); |
| break; |
| default: |
| usage (E_USAGE); |
| @@ -588,7 +598,7 @@ int main (int argc, char **argv) |
| (void) textdomain (PACKAGE); |
| |
| process_root_flag ("-R", argc, argv); |
| - prefix = process_prefix_flag ("-P", argc, argv); |
| + prefix = process_prefix_flag ("-A", argc, argv); |
| |
| OPENLOG ("groupadd"); |
| #ifdef WITH_AUDIT |
| diff --git a/src/groupmod.c b/src/groupmod.c |
| index bc14438..25ccb44 100644 |
| --- a/src/groupmod.c |
| +++ b/src/groupmod.c |
| @@ -138,8 +138,9 @@ static void usage (int status) |
| (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); |
| (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" |
| " PASSWORD\n"), usageout); |
| + (void) fputs (_(" -P, --clear-password PASSWORD change the password to this clear PASSWORD\n"), usageout); |
| (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
| - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); |
| + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); |
| (void) fputs ("\n", usageout); |
| exit (status); |
| } |
| @@ -387,11 +388,12 @@ static void process_flags (int argc, char **argv) |
| {"new-name", required_argument, NULL, 'n'}, |
| {"non-unique", no_argument, NULL, 'o'}, |
| {"password", required_argument, NULL, 'p'}, |
| + {"clear-password", required_argument, NULL, 'P'}, |
| {"root", required_argument, NULL, 'R'}, |
| - {"prefix", required_argument, NULL, 'P'}, |
| + {"prefix", required_argument, NULL, 'A'}, |
| {NULL, 0, NULL, '\0'} |
| }; |
| - while ((c = getopt_long (argc, argv, "g:hn:op:R:P:", |
| + while ((c = getopt_long (argc, argv, "g:hn:op:P:R:A:", |
| long_options, NULL)) != -1) { |
| switch (c) { |
| case 'g': |
| @@ -418,9 +420,17 @@ static void process_flags (int argc, char **argv) |
| group_passwd = optarg; |
| pflg = true; |
| break; |
| + case 'P': |
| + group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
| + pflg = true; |
| + break; |
| case 'R': /* no-op, handled in process_root_flag () */ |
| break; |
| - case 'P': /* no-op, handled in process_prefix_flag () */ |
| + case 'A': /* no-op, handled in process_prefix_flag () */ |
| + fprintf (stderr, |
| + _("%s: -A is deliberately not supported \n"), |
| + Prog); |
| + exit (E_BAD_ARG); |
| break; |
| default: |
| usage (E_USAGE); |
| @@ -761,7 +771,7 @@ int main (int argc, char **argv) |
| (void) textdomain (PACKAGE); |
| |
| process_root_flag ("-R", argc, argv); |
| - prefix = process_prefix_flag ("-P", argc, argv); |
| + prefix = process_prefix_flag ("-A", argc, argv); |
| |
| OPENLOG ("groupmod"); |
| #ifdef WITH_AUDIT |
| diff --git a/src/useradd.c b/src/useradd.c |
| index 1b7bf06..44f09e2 100644 |
| --- a/src/useradd.c |
| +++ b/src/useradd.c |
| @@ -853,9 +853,10 @@ static void usage (int status) |
| (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" |
| " (non-unique) UID\n"), usageout); |
| (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); |
| + (void) fputs (_(" -P, --clear-password PASSWORD clear password of the new account\n"), usageout); |
| (void) fputs (_(" -r, --system create a system account\n"), usageout); |
| (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
| - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); |
| + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); |
| (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); |
| (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); |
| (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); |
| @@ -1133,9 +1134,10 @@ static void process_flags (int argc, char **argv) |
| {"no-user-group", no_argument, NULL, 'N'}, |
| {"non-unique", no_argument, NULL, 'o'}, |
| {"password", required_argument, NULL, 'p'}, |
| + {"clear-password", required_argument, NULL, 'P'}, |
| {"system", no_argument, NULL, 'r'}, |
| {"root", required_argument, NULL, 'R'}, |
| - {"prefix", required_argument, NULL, 'P'}, |
| + {"prefix", required_argument, NULL, 'A'}, |
| {"shell", required_argument, NULL, 's'}, |
| {"uid", required_argument, NULL, 'u'}, |
| {"user-group", no_argument, NULL, 'U'}, |
| @@ -1146,9 +1148,9 @@ static void process_flags (int argc, char **argv) |
| }; |
| while ((c = getopt_long (argc, argv, |
| #ifdef WITH_SELINUX |
| - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:UZ:", |
| + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:UZ:", |
| #else /* !WITH_SELINUX */ |
| - "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U", |
| + "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:U", |
| #endif /* !WITH_SELINUX */ |
| long_options, NULL)) != -1) { |
| switch (c) { |
| @@ -1320,12 +1322,19 @@ static void process_flags (int argc, char **argv) |
| } |
| user_pass = optarg; |
| break; |
| + case 'P': /* set clear text password */ |
| + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
| + break; |
| case 'r': |
| rflg = true; |
| break; |
| case 'R': /* no-op, handled in process_root_flag () */ |
| break; |
| - case 'P': /* no-op, handled in process_prefix_flag () */ |
| + case 'A': /* no-op, handled in process_prefix_flag () */ |
| + fprintf (stderr, |
| + _("%s: -A is deliberately not supported \n"), |
| + Prog); |
| + exit (E_BAD_ARG); |
| break; |
| case 's': |
| if ( ( !VALID (optarg) ) |
| @@ -2257,7 +2266,7 @@ int main (int argc, char **argv) |
| |
| process_root_flag ("-R", argc, argv); |
| |
| - prefix = process_prefix_flag("-P", argc, argv); |
| + prefix = process_prefix_flag("-A", argc, argv); |
| |
| OPENLOG ("useradd"); |
| #ifdef WITH_AUDIT |
| diff --git a/src/usermod.c b/src/usermod.c |
| index 21c6da9..cffdb3e 100644 |
| --- a/src/usermod.c |
| +++ b/src/usermod.c |
| @@ -431,8 +431,9 @@ static /*@noreturn@*/void usage (int status) |
| " new location (use only with -d)\n"), usageout); |
| (void) fputs (_(" -o, --non-unique allow using duplicate (non-unique) UID\n"), usageout); |
| (void) fputs (_(" -p, --password PASSWORD use encrypted password for the new password\n"), usageout); |
| + (void) fputs (_(" -P, --clear-password PASSWORD use clear password for the new password\n"), usageout); |
| (void) fputs (_(" -R, --root CHROOT_DIR directory to chroot into\n"), usageout); |
| - (void) fputs (_(" -P, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); |
| + (void) fputs (_(" -A, --prefix PREFIX_DIR prefix directory where are located the /etc/* files\n"), usageout); |
| (void) fputs (_(" -s, --shell SHELL new login shell for the user account\n"), usageout); |
| (void) fputs (_(" -u, --uid UID new UID for the user account\n"), usageout); |
| (void) fputs (_(" -U, --unlock unlock the user account\n"), usageout); |
| @@ -1010,8 +1011,9 @@ static void process_flags (int argc, char **argv) |
| {"move-home", no_argument, NULL, 'm'}, |
| {"non-unique", no_argument, NULL, 'o'}, |
| {"password", required_argument, NULL, 'p'}, |
| + {"clear-password", required_argument, NULL, 'P'}, |
| {"root", required_argument, NULL, 'R'}, |
| - {"prefix", required_argument, NULL, 'P'}, |
| + {"prefix", required_argument, NULL, 'A'}, |
| {"shell", required_argument, NULL, 's'}, |
| {"uid", required_argument, NULL, 'u'}, |
| {"unlock", no_argument, NULL, 'U'}, |
| @@ -1027,7 +1029,7 @@ static void process_flags (int argc, char **argv) |
| {NULL, 0, NULL, '\0'} |
| }; |
| while ((c = getopt_long (argc, argv, |
| - "abc:d:e:f:g:G:hl:Lmop:R:s:u:UP:" |
| + "abc:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:" |
| #ifdef ENABLE_SUBIDS |
| "v:w:V:W:" |
| #endif /* ENABLE_SUBIDS */ |
| @@ -1130,9 +1132,17 @@ static void process_flags (int argc, char **argv) |
| user_pass = optarg; |
| pflg = true; |
| break; |
| + case 'P': |
| + user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL)); |
| + pflg = true; |
| + break; |
| case 'R': /* no-op, handled in process_root_flag () */ |
| break; |
| - case 'P': /* no-op, handled in process_prefix_flag () */ |
| + case 'A': /* no-op, handled in process_prefix_flag () */ |
| + fprintf (stderr, |
| + _("%s: -A is deliberately not supported \n"), |
| + Prog); |
| + exit (E_BAD_ARG); |
| break; |
| case 's': |
| if (!VALID (optarg)) { |
| @@ -2127,7 +2137,7 @@ int main (int argc, char **argv) |
| (void) textdomain (PACKAGE); |
| |
| process_root_flag ("-R", argc, argv); |
| - prefix = process_prefix_flag ("-P", argc, argv); |
| + prefix = process_prefix_flag ("-A", argc, argv); |
| |
| OPENLOG ("usermod"); |
| #ifdef WITH_AUDIT |