3136de6a23dd44ed05f5757c68a64e5914ebb53e
[metze/samba/wip.git] / source3 / utils / smbpasswd.c
1 /*
2  * Unix SMB/CIFS implementation. 
3  * Copyright (C) Jeremy Allison 1995-1998
4  * Copyright (C) Tim Potter     2001
5  * 
6  * This program is free software; you can redistribute it and/or modify it
7  * under the terms of the GNU General Public License as published by the
8  * Free Software Foundation; either version 3 of the License, or (at your
9  * option) any later version.
10  * 
11  * This program is distributed in the hope that it will be useful, but WITHOUT
12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
14  * more details.
15  * 
16  * You should have received a copy of the GNU General Public License along with
17  * this program; if not, see <http://www.gnu.org/licenses/>.  */
18
19 #include "includes.h"
20 #include "system/passwd.h"
21 #include "secrets.h"
22 #include "../librpc/gen_ndr/samr.h"
23 #include "../lib/util/util_pw.h"
24 #include "libsmb/proto.h"
25 #include "passdb.h"
26
27 /*
28  * Next two lines needed for SunOS and don't
29  * hurt anything else...
30  */
31 extern char *optarg;
32 extern int optind;
33
34 /* forced running in root-mode */
35 static bool got_username = False;
36 static bool stdin_passwd_get = False;
37 static fstring user_name;
38 static char *new_passwd = NULL;
39 static const char *remote_machine = NULL;
40
41 static fstring ldap_secret;
42
43
44 /*********************************************************
45  Print command usage on stderr and die.
46 **********************************************************/
47 static void usage(void)
48 {
49         printf("When run by root:\n");
50         printf("    smbpasswd [options] [username]\n");
51         printf("otherwise:\n");
52         printf("    smbpasswd [options]\n\n");
53
54         printf("options:\n");
55         printf("  -L                   local mode (must be first option)\n");
56         printf("  -h                   print this usage message\n");
57         printf("  -s                   use stdin for password prompt\n");
58         printf("  -c smb.conf file     Use the given path to the smb.conf file\n");
59         printf("  -D LEVEL             debug level\n");
60         printf("  -r MACHINE           remote machine\n");
61         printf("  -U USER              remote username (e.g. SAM/user)\n");
62
63         printf("extra options when run by root or in local mode:\n");
64         printf("  -a                   add user\n");
65         printf("  -d                   disable user\n");
66         printf("  -e                   enable user\n");
67         printf("  -i                   interdomain trust account\n");
68         printf("  -m                   machine trust account\n");
69         printf("  -n                   set no password\n");
70         printf("  -W                   use stdin ldap admin password\n");
71         printf("  -w PASSWORD          ldap admin password\n");
72         printf("  -x                   delete user\n");
73         printf("  -R ORDER             name resolve order\n");
74
75         exit(1);
76 }
77
78 static void set_line_buffering(FILE *f)
79 {
80         setvbuf(f, NULL, _IOLBF, 0);
81 }
82
83 /*******************************************************************
84  Process command line options
85  ******************************************************************/
86
87 static int process_options(int argc, char **argv, int local_flags)
88 {
89         int ch;
90         const char *configfile = get_dyn_CONFIGFILE();
91
92         local_flags |= LOCAL_SET_PASSWORD;
93
94         ZERO_STRUCT(user_name);
95
96         user_name[0] = '\0';
97
98         while ((ch = getopt(argc, argv, "c:axdehminjr:sw:R:D:U:LWS:")) != EOF) {
99                 switch(ch) {
100                 case 'L':
101                         if (getuid() != 0) {
102                                 fprintf(stderr, "smbpasswd -L can only be used by root.\n");
103                                 exit(1);
104                         }
105                         local_flags |= LOCAL_AM_ROOT;
106                         break;
107                 case 'c':
108                         configfile = optarg;
109                         set_dyn_CONFIGFILE(optarg);
110                         break;
111                 case 'a':
112                         local_flags |= LOCAL_ADD_USER;
113                         break;
114                 case 'x':
115                         local_flags |= LOCAL_DELETE_USER;
116                         local_flags &= ~LOCAL_SET_PASSWORD;
117                         break;
118                 case 'd':
119                         local_flags |= LOCAL_DISABLE_USER;
120                         local_flags &= ~LOCAL_SET_PASSWORD;
121                         break;
122                 case 'e':
123                         local_flags |= LOCAL_ENABLE_USER;
124                         local_flags &= ~LOCAL_SET_PASSWORD;
125                         break;
126                 case 'm':
127                         local_flags |= LOCAL_TRUST_ACCOUNT;
128                         break;
129                 case 'i':
130                         local_flags |= LOCAL_INTERDOM_ACCOUNT;
131                         break;
132                 case 'j':
133                         d_printf("See 'net join' for this functionality\n");
134                         exit(1);
135                         break;
136                 case 'n':
137                         local_flags |= LOCAL_SET_NO_PASSWORD;
138                         local_flags &= ~LOCAL_SET_PASSWORD;
139                         SAFE_FREE(new_passwd);
140                         new_passwd = smb_xstrdup("NO PASSWORD");
141                         break;
142                 case 'r':
143                         remote_machine = optarg;
144                         break;
145                 case 's':
146                         set_line_buffering(stdin);
147                         set_line_buffering(stdout);
148                         set_line_buffering(stderr);
149                         stdin_passwd_get = True;
150                         break;
151                 case 'w':
152                         local_flags |= LOCAL_SET_LDAP_ADMIN_PW;
153                         fstrcpy(ldap_secret, optarg);
154                         break;
155                 case 'R':
156                         lp_set_cmdline("name resolve order", optarg);
157                         break;
158                 case 'D':
159                         lp_set_cmdline("log level", optarg);
160                         break;
161                 case 'U': {
162                         got_username = True;
163                         fstrcpy(user_name, optarg);
164                         break;
165                 case 'W':
166                         local_flags |= LOCAL_SET_LDAP_ADMIN_PW;
167                         *ldap_secret = '\0';
168                         break;
169                 }
170                 case 'h':
171                 default:
172                         usage();
173                 }
174         }
175
176         argc -= optind;
177         argv += optind;
178
179         switch(argc) {
180         case 0:
181                 if (!got_username)
182                         fstrcpy(user_name, "");
183                 break;
184         case 1:
185                 if (!(local_flags & LOCAL_AM_ROOT)) {
186                         usage();
187                 } else {
188                         if (got_username) {
189                                 usage();
190                         } else {
191                                 fstrcpy(user_name, argv[0]);
192                         }
193                 }
194                 break;
195         default:
196                 usage();
197         }
198
199         if (!lp_load_global(configfile)) {
200                 fprintf(stderr, "Can't load %s - run testparm to debug it\n", 
201                         configfile);
202                 exit(1);
203         }
204
205         return local_flags;
206 }
207
208 /*************************************************************
209  Utility function to prompt for new password.
210 *************************************************************/
211 static char *prompt_for_new_password(bool stdin_get)
212 {
213         char *p;
214         fstring new_pw;
215
216         ZERO_ARRAY(new_pw);
217
218         p = get_pass("New SMB password:", stdin_get);
219         if (p == NULL) {
220                 return NULL;
221         }
222
223         fstrcpy(new_pw, p);
224         SAFE_FREE(p);
225
226         p = get_pass("Retype new SMB password:", stdin_get);
227         if (p == NULL) {
228                 return NULL;
229         }
230
231         if (strcmp(p, new_pw)) {
232                 fprintf(stderr, "Mismatch - password unchanged.\n");
233                 ZERO_ARRAY(new_pw);
234                 SAFE_FREE(p);
235                 return NULL;
236         }
237
238         return p;
239 }
240
241
242 /*************************************************************
243  Change a password either locally or remotely.
244 *************************************************************/
245
246 static NTSTATUS password_change(const char *remote_mach,
247                                 const char *domain, const char *username,
248                                 const char *old_passwd, const char *new_pw,
249                                 int local_flags)
250 {
251         NTSTATUS ret;
252         char *err_str = NULL;
253         char *msg_str = NULL;
254
255         if (remote_mach != NULL) {
256                 if (local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER|
257                                    LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|
258                                    LOCAL_TRUST_ACCOUNT|LOCAL_SET_NO_PASSWORD)) {
259                         /* these things can't be done remotely yet */
260                         fprintf(stderr, "Invalid remote operation!\n");
261                         return NT_STATUS_UNSUCCESSFUL;
262                 }
263                 ret = remote_password_change(remote_mach,
264                                              domain, username,
265                                              old_passwd, new_pw, &err_str);
266         } else {
267                 ret = local_password_change(username, local_flags, new_pw,
268                                             &err_str, &msg_str);
269         }
270
271         if (msg_str) {
272                 printf("%s", msg_str);
273         }
274         if (err_str) {
275                 fprintf(stderr, "%s", err_str);
276         }
277         if (!NT_STATUS_IS_OK(ret) && !err_str) {
278                 fprintf(stderr, "Failed to change password!\n");
279         }
280
281         SAFE_FREE(msg_str);
282         SAFE_FREE(err_str);
283         return ret;
284 }
285
286 /*******************************************************************
287  Store the LDAP admin password in secrets.tdb
288  ******************************************************************/
289 static bool store_ldap_admin_pw (char* pw)
290 {       
291         if (!pw) 
292                 return False;
293
294         if (!secrets_init())
295                 return False;
296
297         return secrets_store_ldap_pw(lp_ldap_admin_dn(talloc_tos()), pw);
298 }
299
300
301 /*************************************************************
302  Handle password changing for root.
303 *************************************************************/
304
305 static int process_root(int local_flags)
306 {
307         struct passwd  *pwd;
308         int result = 0;
309         char *old_passwd = NULL;
310
311         if (local_flags & LOCAL_SET_LDAP_ADMIN_PW) {
312                 char *ldap_admin_dn = lp_ldap_admin_dn(talloc_tos());
313                 if ( ! *ldap_admin_dn ) {
314                         DEBUG(0,("ERROR: 'ldap admin dn' not defined! Please check your smb.conf\n"));
315                         goto done;
316                 }
317
318                 printf("Setting stored password for \"%s\" in secrets.tdb\n", ldap_admin_dn);
319                 if ( ! *ldap_secret ) {
320                         new_passwd = prompt_for_new_password(stdin_passwd_get);
321                         if (new_passwd == NULL) {
322                                 fprintf(stderr, "Failed to read new password!\n");
323                                 exit(1);
324                         }
325                         fstrcpy(ldap_secret, new_passwd);
326                 }
327                 if (!store_ldap_admin_pw(ldap_secret)) {
328                         DEBUG(0,("ERROR: Failed to store the ldap admin password!\n"));
329                 }
330                 goto done;
331         }
332
333         /* Ensure passdb startup(). */
334         if(!initialize_password_db(False, NULL)) {
335                 DEBUG(0, ("Failed to open passdb!\n"));
336                 exit(1);
337         }
338
339         /* Ensure we have a SAM sid. */
340         get_global_sam_sid();
341
342         /*
343          * Ensure both add/delete user are not set
344          * Ensure add/delete user and either remote machine or join domain are
345          * not both set.
346          */     
347         if(((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) == (LOCAL_ADD_USER|LOCAL_DELETE_USER)) || 
348            ((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) && 
349                 (remote_machine != NULL))) {
350                 usage();
351         }
352
353         /* Only load interfaces if we are doing network operations. */
354
355         if (remote_machine) {
356                 load_interfaces();
357         }
358
359         if (!user_name[0] && (pwd = getpwuid_alloc(talloc_tos(), geteuid()))) {
360                 fstrcpy(user_name, pwd->pw_name);
361                 TALLOC_FREE(pwd);
362         } 
363
364         if (!user_name[0]) {
365                 fprintf(stderr,"You must specify a username\n");
366                 exit(1);
367         }
368
369         if (local_flags & LOCAL_TRUST_ACCOUNT) {
370                 /* add the $ automatically */
371                 static fstring buf;
372
373                 /*
374                  * Remove any trailing '$' before we
375                  * generate the initial machine password.
376                  */
377
378                 if (user_name[strlen(user_name)-1] == '$') {
379                         user_name[strlen(user_name)-1] = 0;
380                 }
381
382                 if (local_flags & LOCAL_ADD_USER) {
383                         SAFE_FREE(new_passwd);
384                         new_passwd = smb_xstrdup(user_name);
385                         if (!strlower_m(new_passwd)) {
386                                 fprintf(stderr, "strlower_m %s failed\n",
387                                         new_passwd);
388                                 exit(1);
389                         }
390                 }
391
392                 /*
393                  * Now ensure the username ends in '$' for
394                  * the machine add.
395                  */
396
397                 slprintf(buf, sizeof(buf)-1, "%s$", user_name);
398                 strlcpy(user_name, buf, sizeof(user_name));
399         } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) {
400                 static fstring buf;
401
402                 if ((local_flags & LOCAL_ADD_USER) && (new_passwd == NULL)) {
403                         /*
404                          * Prompt for trusting domain's account password
405                          */
406                         new_passwd = prompt_for_new_password(stdin_passwd_get);
407                         if(!new_passwd) {
408                                 fprintf(stderr, "Unable to get newpassword.\n");
409                                 exit(1);
410                         }
411                 }
412
413                 /* prepare uppercased and '$' terminated username */
414                 slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
415                 strlcpy(user_name, buf, sizeof(user_name));
416
417         } else {
418
419                 if (remote_machine != NULL) {
420                         old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
421                         if(!old_passwd) {
422                                 fprintf(stderr, "Unable to get old password.\n");
423                                 exit(1);
424                         }
425                 }
426
427                 if (!(local_flags & LOCAL_SET_PASSWORD)) {
428
429                         /*
430                          * If we are trying to enable a user, first we need to find out
431                          * if they are using a modern version of the smbpasswd file that
432                          * disables a user by just writing a flag into the file. If so
433                          * then we can re-enable a user without prompting for a new
434                          * password. If not (ie. they have a no stored password in the
435                          * smbpasswd file) then we need to prompt for a new password.
436                          */
437
438                         if(local_flags & LOCAL_ENABLE_USER) {
439                                 struct samu *sampass = NULL;
440
441                                 sampass = samu_new( NULL );
442                                 if (!sampass) {
443                                         fprintf(stderr, "talloc fail for struct samu.\n");
444                                         exit(1);
445                                 }
446                                 if (!pdb_getsampwnam(sampass, user_name)) {
447                                         fprintf(stderr, "Failed to find user %s in passdb backend.\n",
448                                                 user_name );
449                                         exit(1);
450                                 }
451
452                                 if(pdb_get_nt_passwd(sampass) == NULL) {
453                                         local_flags |= LOCAL_SET_PASSWORD;
454                                 }
455                                 TALLOC_FREE(sampass);
456                         }
457                 }
458
459                 if((local_flags & LOCAL_SET_PASSWORD) && (new_passwd == NULL)) {
460
461                         new_passwd = prompt_for_new_password(stdin_passwd_get);
462                         if(!new_passwd) {
463                                 fprintf(stderr, "Unable to get new password.\n");
464                                 exit(1);
465                         }
466                 }
467         }
468
469         if (!NT_STATUS_IS_OK(password_change(remote_machine,
470                                              NULL, user_name,
471                                              old_passwd, new_passwd,
472                                              local_flags))) {
473                 result = 1;
474                 goto done;
475         } 
476
477         if(remote_machine) {
478                 printf("Password changed for user %s on %s.\n", user_name, remote_machine );
479         } else if(!(local_flags & (LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|LOCAL_DELETE_USER|LOCAL_SET_NO_PASSWORD|LOCAL_SET_PASSWORD))) {
480                 struct samu *sampass = NULL;
481
482                 sampass = samu_new( NULL );
483                 if (!sampass) {
484                         fprintf(stderr, "talloc fail for struct samu.\n");
485                         exit(1);
486                 }
487
488                 if (!pdb_getsampwnam(sampass, user_name)) {
489                         fprintf(stderr, "Failed to find user %s in passdb backend.\n",
490                                 user_name );
491                         exit(1);
492                 }
493
494                 printf("Password changed for user %s.", user_name );
495                 if(pdb_get_acct_ctrl(sampass)&ACB_DISABLED) {
496                         printf(" User has disabled flag set.");
497                 }
498                 if(pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) {
499                         printf(" User has no password flag set.");
500                 }
501                 printf("\n");
502                 TALLOC_FREE(sampass);
503         }
504
505  done:
506         SAFE_FREE(old_passwd);
507         SAFE_FREE(new_passwd);
508         return result;
509 }
510
511
512 /*************************************************************
513  Handle password changing for non-root.
514 *************************************************************/
515
516 static int process_nonroot(int local_flags)
517 {
518         struct passwd  *pwd = NULL;
519         int result = 0;
520         char *old_pw = NULL;
521         char *new_pw = NULL;
522         const char *username = user_name;
523         const char *domain = NULL;
524         char *p = NULL;
525
526         if (local_flags & ~(LOCAL_AM_ROOT | LOCAL_SET_PASSWORD)) {
527                 /* Extra flags that we can't honor non-root */
528                 usage();
529         }
530
531         if (!user_name[0]) {
532                 pwd = getpwuid_alloc(talloc_tos(), getuid());
533                 if (pwd) {
534                         fstrcpy(user_name,pwd->pw_name);
535                         TALLOC_FREE(pwd);
536                 } else {
537                         fprintf(stderr, "smbpasswd: cannot lookup user name for uid %u\n", (unsigned int)getuid());
538                         exit(1);
539                 }
540         }
541
542         /* Allow domain as part of the username */
543         if ((p = strchr_m(user_name, '\\')) ||
544             (p = strchr_m(user_name, '/')) ||
545             (p = strchr_m(user_name, *lp_winbind_separator()))) {
546                 *p = '\0';
547                 username = p + 1;
548                 domain = user_name;
549         }
550
551         /*
552          * A non-root user is always setting a password
553          * via a remote machine (even if that machine is
554          * localhost).
555          */     
556
557         load_interfaces(); /* Delayed from main() */
558
559         if (remote_machine != NULL) {
560                 if (!is_ipaddress(remote_machine)) {
561                         domain = remote_machine;
562                 }
563         } else {
564                 remote_machine = "127.0.0.1";
565
566                 /*
567                  * If we deal with a local user, change the password for the
568                  * user in our SAM.
569                  */
570                 domain = get_global_sam_name();
571         }
572
573         old_pw = get_pass("Old SMB password:",stdin_passwd_get);
574         if (old_pw == NULL) {
575                 fprintf(stderr, "Unable to get old password.\n");
576                 exit(1);
577         }
578
579         if (!new_passwd) {
580                 new_pw = prompt_for_new_password(stdin_passwd_get);
581         }
582         else
583                 new_pw = smb_xstrdup(new_passwd);
584
585         if (!new_pw) {
586                 fprintf(stderr, "Unable to get new password.\n");
587                 exit(1);
588         }
589
590         if (!NT_STATUS_IS_OK(password_change(remote_machine,
591                                              domain, username,
592                                              old_pw, new_pw, 0))) {
593                 result = 1;
594                 goto done;
595         }
596
597         printf("Password changed for user %s\n", username);
598
599  done:
600         SAFE_FREE(old_pw);
601         SAFE_FREE(new_pw);
602
603         return result;
604 }
605
606
607
608 /*********************************************************
609  Start here.
610 **********************************************************/
611 int main(int argc, char **argv)
612 {       
613         TALLOC_CTX *frame = talloc_stackframe();
614         struct messaging_context *msg_ctx = NULL;
615         int local_flags = 0;
616         int ret;
617
618 #if defined(HAVE_SET_AUTH_PARAMETERS)
619         set_auth_parameters(argc, argv);
620 #endif /* HAVE_SET_AUTH_PARAMETERS */
621
622         if (getuid() == 0) {
623                 local_flags = LOCAL_AM_ROOT;
624         }
625
626         smb_init_locale();
627
628         local_flags = process_options(argc, argv, local_flags);
629
630         setup_logging("smbpasswd", DEBUG_STDERR);
631
632         msg_ctx = server_messaging_context();
633         if (msg_ctx == NULL) {
634                 if (geteuid() != 0) {
635                         DBG_NOTICE("Unable to initialize messaging context. "
636                                    "Must be root to do that.\n");
637                 } else {
638                         fprintf(stderr,
639                                 "smbpasswd is not able to initialize the "
640                                 "messaging context!\n");
641                         return 1;
642                 }
643         }
644
645         /*
646          * Set the machine NETBIOS name if not already
647          * set from the config file. 
648          */ 
649
650         if (!init_names())
651                 return 1;
652
653         /* Check the effective uid - make sure we are not setuid */
654         if (is_setuid_root()) {
655                 fprintf(stderr, "smbpasswd must *NOT* be setuid root.\n");
656                 exit(1);
657         }
658
659         if (local_flags & LOCAL_AM_ROOT) {
660                 bool ok;
661
662                 ok = secrets_init();
663                 if (!ok) {
664                         return 1;
665                 }
666                 ret = process_root(local_flags);
667         } else {
668                 ret = process_nonroot(local_flags);
669         }
670         TALLOC_FREE(frame);
671         return ret;
672 }