* add functionality to `force password change at next login'. to use,

set the pw_change field of the user to -1 (defined in <pwd.h> as
  _PASSWORD_CHGNOW). based on [bin/936] by Simon Gerraty <sjg@quick.com.au>
* clean up for WARNS?=1
This commit is contained in:
lukem 1997-08-16 13:50:43 +00:00
parent 04a72f75d1
commit 049da32c75
5 changed files with 39 additions and 15 deletions

View File

@ -1,4 +1,4 @@
# $NetBSD: Makefile,v 1.11 1997/06/23 12:47:45 lukem Exp $
# $NetBSD: Makefile,v 1.12 1997/08/16 13:50:43 lukem Exp $
# @(#)Makefile 8.1 (Berkeley) 7/19/93
PROG= login
@ -7,6 +7,7 @@ DPADD= ${LIBUTIL} ${LIBCRYPT} ${LIBSKEY}
LDADD= -lutil -lcrypt -lskey
CFLAGS+= -DSKEY
LDSTATIC= -static
WARNS?= 1
.if defined(KERBEROS5)
SRCS+= k5login.c

View File

@ -1,4 +1,4 @@
/* $NetBSD: k5login.c,v 1.3 1997/02/11 08:15:08 mrg Exp $ */
/* $NetBSD: k5login.c,v 1.4 1997/08/16 13:50:44 lukem Exp $ */
/*-
* Copyright (c) 1990 The Regents of the University of California.
@ -33,11 +33,12 @@
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#ifndef lint
#if 0
static char sccsid[] = "@(#)klogin.c 5.11 (Berkeley) 7/12/92";
#endif
static char rcsid[] = "$NetBSD: k5login.c,v 1.3 1997/02/11 08:15:08 mrg Exp $";
__RCSID("$NetBSD: k5login.c,v 1.4 1997/08/16 13:50:44 lukem Exp $");
#endif /* not lint */
#ifdef KERBEROS5

View File

@ -1,4 +1,4 @@
/* $NetBSD: klogin.c,v 1.9 1997/06/21 04:41:27 mellon Exp $ */
/* $NetBSD: klogin.c,v 1.10 1997/08/16 13:50:44 lukem Exp $ */
/*-
* Copyright (c) 1990, 1993, 1994
@ -34,12 +34,11 @@
*/
#include <sys/cdefs.h>
#ifndef lint
#if 0
static char sccsid[] = "@(#)klogin.c 8.3 (Berkeley) 4/2/94";
#endif
__RCSID ("$NetBSD: klogin.c,v 1.9 1997/06/21 04:41:27 mellon Exp $");
__RCSID("$NetBSD: klogin.c,v 1.10 1997/08/16 13:50:44 lukem Exp $");
#endif /* not lint */
#ifdef KERBEROS

View File

@ -1,4 +1,4 @@
/* $NetBSD: login.c,v 1.23 1997/07/11 03:47:53 mikel Exp $ */
/* $NetBSD: login.c,v 1.24 1997/08/16 13:50:46 lukem Exp $ */
/*-
* Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
@ -33,17 +33,18 @@
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
#ifndef lint
static char copyright[] =
__COPYRIGHT(
"@(#) Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994\n\
The Regents of the University of California. All rights reserved.\n";
The Regents of the University of California. All rights reserved.\n");
#endif /* not lint */
#ifndef lint
#if 0
static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94";
#endif
static char rcsid[] = "$NetBSD: login.c,v 1.23 1997/07/11 03:47:53 mikel Exp $";
__RCSID("$NetBSD: login.c,v 1.24 1997/08/16 13:50:46 lukem Exp $");
#endif /* not lint */
/*
@ -81,6 +82,7 @@ void badlogin __P((char *));
void checknologin __P((void));
void dolastlog __P((int));
void getloginname __P((void));
int main __P((int, char *[]));
void motd __P((void));
int rootterm __P((char *));
void sigint __P((int));
@ -135,10 +137,12 @@ main(argc, argv)
char *domain, *p, *salt, *ttyn, *pwprompt;
char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10];
char localhost[MAXHOSTNAMELEN];
int need_chpass;
tbuf[0] = '\0';
rval = 0;
pwprompt = NULL;
need_chpass = 0;
(void)signal(SIGALRM, timedout);
(void)alarm(timeout);
@ -301,7 +305,6 @@ main(argc, argv)
if (require_skey > 0) /* -s */
p = skeypw;
else {
extern char *skey_keyinfo();
static char skprompt[80];
char *skinfo = skey_keyinfo(username);
@ -397,7 +400,9 @@ main(argc, argv)
if (pwd->pw_change || pwd->pw_expire)
(void)gettimeofday(&tp, (struct timezone *)NULL);
if (pwd->pw_change)
if (tp.tv_sec >= pwd->pw_change) {
if (pwd->pw_change == _PASSWORD_CHGNOW)
need_chpass = 1;
else if (tp.tv_sec >= pwd->pw_change) {
(void)printf("Sorry -- your password has expired.\n");
sleepexit(1);
} else if (pwd->pw_change - tp.tv_sec <
@ -505,9 +510,26 @@ main(argc, argv)
/* Discard permissions last so can't get killed and drop core. */
if (rootlogin)
(void) setuid(0);
(void)setuid(0);
else
(void) setuid(pwd->pw_uid);
(void)setuid(pwd->pw_uid);
/* Wait to change password until we're unprivileged */
if (need_chpass) {
#ifdef SKEY
/* If the user logged on using S/Key, don't force
* a password change
*/
if (used_skey) {
(void)printf(
"Warning: your password has expired. Please change it as soon as possible.\n");
} else
#endif
(void)printf(
"Your password has expired. Please choose a new one.\n");
if (system(_PATH_BINPASSWD) != 0)
sleepexit(1);
}
execlp(pwd->pw_shell, tbuf, 0);
err(1, "%s", pwd->pw_shell);

View File

@ -1,4 +1,4 @@
/* $NetBSD: pathnames.h,v 1.4 1994/12/23 06:53:03 jtc Exp $ */
/* $NetBSD: pathnames.h,v 1.5 1997/08/16 13:50:47 lukem Exp $ */
/*-
* Copyright (c) 1989, 1993
@ -39,3 +39,4 @@
#define _PATH_HUSHLOGIN ".hushlogin"
#define _PATH_MOTDFILE "/etc/motd"
#define _PATH_BINPASSWD "/usr/bin/passwd"