git: af959792908b - stable/12 - MFC: pw(8): fix combination of modes -N and -w random
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Mon, 12 Dec 2022 03:42:32 UTC
The branch stable/12 has been updated by eugen:
URL: https://cgit.FreeBSD.org/src/commit/?id=af959792908b20209506560307904b50f5f8b3a0
commit af959792908b20209506560307904b50f5f8b3a0
Author: Eugene Grosbein <eugen@FreeBSD.org>
AuthorDate: 2022-11-28 14:22:39 +0000
Commit: Eugene Grosbein <eugen@FreeBSD.org>
CommitDate: 2022-12-12 03:42:14 +0000
MFC: pw(8): fix combination of modes -N and -w random
The command "pw usermod nobody -Nw random" (or useradd)
generates random password and prints it in encrypted form
but skips choosen random string that makes not much sense
and contradicts the manual page pw.8
Fix it by showing random password in plain text with -N and
without it equally. Add yet another example of how to generate
pw-style random password.
(cherry picked from commit 1cbe5012cfe10226dd365af325a01de5d4c15f5d)
---
usr.sbin/pw/pw.8 | 8 +++++++-
usr.sbin/pw/pw_user.c | 11 +++++------
2 files changed, 12 insertions(+), 7 deletions(-)
diff --git a/usr.sbin/pw/pw.8 b/usr.sbin/pw/pw.8
index d9072872bc2b..d305d9b2b79e 100644
--- a/usr.sbin/pw/pw.8
+++ b/usr.sbin/pw/pw.8
@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd April 3, 2022
+.Dd November 28, 2022
.Dt PW 8
.Os
.Sh NAME
@@ -988,6 +988,12 @@ in addition to the other groups jsmith is already a member of.
.Bd -literal -offset indent
pw groupmod wheel -m jsmith
.Ed
+.Pp
+Generate random password and show it in both plain text and
+encrypted form not modifying any database.
+.Bd -literal -offset indent
+pw usermod nobody -Nw random
+.Ed
.Sh EXIT STATUS
The
.Nm
diff --git a/usr.sbin/pw/pw_user.c b/usr.sbin/pw/pw_user.c
index 2eec317b5e5b..21a4c5a0c26e 100644
--- a/usr.sbin/pw/pw_user.c
+++ b/usr.sbin/pw/pw_user.c
@@ -80,8 +80,7 @@ static uid_t pw_gidpolicy(struct userconf *cnf, char *grname, char *nam,
static char *pw_homepolicy(struct userconf * cnf, char *homedir,
const char *user);
static char *pw_shellpolicy(struct userconf * cnf);
-static char *pw_password(struct userconf * cnf, char const * user,
- bool dryrun);
+static char *pw_password(struct userconf * cnf, char const * user);
static char *shell_path(char const * path, char *shells[], char *sh);
static void rmat(uid_t uid);
static void rmopie(char const * name);
@@ -511,7 +510,7 @@ pw_pwcrypt(char *password)
}
static char *
-pw_password(struct userconf * cnf, char const * user, bool dryrun)
+pw_password(struct userconf * cnf, char const * user)
{
int i, l;
char pwbuf[32];
@@ -528,7 +527,7 @@ pw_password(struct userconf * cnf, char const * user, bool dryrun)
/*
* We give this information back to the user
*/
- if (conf.fd == -1 && !dryrun) {
+ if (conf.fd == -1) {
if (isatty(STDOUT_FILENO))
printf("Password for '%s' is: ", user);
printf("%s\n", pwbuf);
@@ -1398,7 +1397,7 @@ pw_user_add(int argc, char **argv, char *arg1)
if (lc == NULL || login_setcryptfmt(lc, "sha512", NULL) == NULL)
warn("setting crypt(3) format");
login_close(lc);
- pwd->pw_passwd = pw_password(cmdcnf, pwd->pw_name, dryrun);
+ pwd->pw_passwd = pw_password(cmdcnf, pwd->pw_name);
if (pwd->pw_uid == 0 && strcmp(pwd->pw_name, "root") != 0)
warnx("WARNING: new account `%s' has a uid of 0 "
"(superuser access!)", pwd->pw_name);
@@ -1745,7 +1744,7 @@ pw_user_mod(int argc, char **argv, char *arg1)
login_close(lc);
cnf->default_password = passwd_val(passwd,
cnf->default_password);
- pwd->pw_passwd = pw_password(cnf, pwd->pw_name, dryrun);
+ pwd->pw_passwd = pw_password(cnf, pwd->pw_name);
edited = true;
}