From 79f27a4275347c208ef4d968b6d2c60e528e4a7f Mon Sep 17 00:00:00 2001
From: millert <millert@openbsd.org>
Date: Thu, 21 Nov 2002 21:25:19 +0000
Subject: Add a "shadow" group and make the shadow passwd db readable by that
 group.  This changes getpw* to always try the shadow db first and then fall
 back to the db w/o password hashes.  In the future,
 /usr/libexec/auth/login_passwd (and others) will be setgid shadow instead of
 setuid root.  OK deraadt@

If you track -current you should do the following:
 o add group shadow to /etc/group
 o chgrp shadow /etc/spwd.db
 o chmod 640 /etc/spwd.db
 o rebuild and install src/usr.sbin/pwd_mkdb

You do not need to rebuild libc yet, but it would't hurt to do so.
---
 usr.sbin/pwd_mkdb/pwd_mkdb.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

(limited to 'usr.sbin/pwd_mkdb')

diff --git a/usr.sbin/pwd_mkdb/pwd_mkdb.c b/usr.sbin/pwd_mkdb/pwd_mkdb.c
index 6148b4441b1..728ad2505ec 100644
--- a/usr.sbin/pwd_mkdb/pwd_mkdb.c
+++ b/usr.sbin/pwd_mkdb/pwd_mkdb.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Exp $	*/
+/*	$OpenBSD: pwd_mkdb.c,v 1.31 2002/11/21 21:25:19 millert Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993, 1994
@@ -45,7 +45,7 @@ static char copyright[] =
 #if 0
 static char sccsid[] = "from: @(#)pwd_mkdb.c	8.5 (Berkeley) 4/20/94";
 #else
-static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Exp $";
+static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.31 2002/11/21 21:25:19 millert Exp $";
 #endif
 #endif /* not lint */
 
@@ -56,6 +56,7 @@ static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Ex
 #include <err.h>
 #include <errno.h>
 #include <fcntl.h>
+#include <grp.h>
 #include <limits.h>
 #include <pwd.h>
 #include <signal.h>
@@ -74,6 +75,8 @@ static char *rcsid = "$OpenBSD: pwd_mkdb.c,v 1.30 2002/06/02 06:42:29 deraadt Ex
 #define FILE_INSECURE	0x02
 #define FILE_ORIG	0x04
 
+#define	SHADOW_GROUP	"shadow"
+
 HASHINFO openinfo = {
 	4096,		/* bsize */
 	32,		/* ffactor */
@@ -108,8 +111,10 @@ main(argc, argv)
 	FILE *fp, *oldfp = NULL;
 	struct stat st;
 	struct passwd pwd;
+	struct group *grp;
 	sigset_t set;
 	uid_t olduid;
+	gid_t shadow;
 	int ch, tfd, makeold, secureonly, flags, checkonly;
 	char *username, buf[MAX(MAXPATHLEN, LINE_MAX * 2)];
 
@@ -146,6 +151,11 @@ main(argc, argv)
 	if (argc != 1 || (makeold && secureonly) ||
 	    (username && (*username == '+' || *username == '-')))
 		usage();
+	
+	if ((grp = getgrnam(SHADOW_GROUP)) == NULL)
+		errx(1, "cannot find `%s' in the group database, aborting",
+		    SHADOW_GROUP);
+	shadow = grp->gr_gid;
 
 	/*
 	 * This could be changed to allow the user to interrupt.
@@ -223,6 +233,11 @@ main(argc, argv)
 	}
 	if (!edp)
 		error(buf);
+	if (fchown(edp->fd(edp), (uid_t)-1, shadow) != 0)
+		warn("%s: unable to set group to %s", _PATH_SMP_DB,
+		    SHADOW_GROUP);
+	else if (fchmod(edp->fd(edp), PERM_SECURE|S_IRGRP) != 0)
+		warn("%s: unable to make group readable", _PATH_SMP_DB);
 	clean |= FILE_SECURE;
 
 	/* Open the temporary insecure password database. */
-- 
cgit v1.2.3-59-g8ed1b