2 * Unix SMB/Netbios implementation. Version 1.9. smbpasswd module. Copyright
3 * (C) Jeremy Allison 1995-1998
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free
7 * Software Foundation; either version 2 of the License, or (at your option)
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 675
17 * Mass Ave, Cambridge, MA 02139, USA.
22 extern pstring myhostname;
23 extern pstring global_myname;
24 extern fstring global_myworkgroup;
26 static char *prog_name;
28 /*********************************************************
29 Print command usage on stderr and die.
30 **********************************************************/
32 static void usage(char *name, BOOL is_root)
35 fprintf(stderr, "Usage is : %s [-D DEBUGLEVEL] [-a] [-d] [-m] [-n] [username] [password]\n\
36 %s: [-R <name resolve order>] [-D DEBUGLEVEL] [-j DOMAINNAME] [-r machine] [-U remote_username] [username] [password]\n%s: [-h]\n", name, name, name);
38 fprintf(stderr, "Usage is : %s [-h] [-D DEBUGLEVEL] [-r machine] [-U remote_username] [password]\n", name);
42 /*********************************************************
44 **********************************************************/
46 static int join_domain( char *domain, char *remote)
48 pstring remote_machine;
50 unsigned char orig_trust_passwd_hash[16];
53 pstrcpy(remote_machine, remote ? remote : "");
54 fstrcpy(trust_passwd, global_myname);
55 strlower(trust_passwd);
56 E_md4hash( (uchar *)trust_passwd, orig_trust_passwd_hash);
58 /* Ensure that we are not trying to join a
59 domain if we are locally set up as a domain
62 if(lp_domain_controller() && strequal(lp_workgroup(), domain)) {
63 fprintf(stderr, "%s: Cannot join domain %s as we already configured as \
64 domain controller for that domain.\n", prog_name, domain);
69 * Create the machine account password file.
71 if(!trust_password_lock( domain, global_myname, True)) {
72 fprintf(stderr, "%s: unable to open the machine account password file for \
73 machine %s in domain %s.\n", prog_name, global_myname, domain);
78 * Write the old machine account password.
81 if(!set_trust_account_password( orig_trust_passwd_hash)) {
82 fprintf(stderr, "%s: unable to write the machine account password for \
83 machine %s in domain %s.\n", prog_name, global_myname, domain);
84 trust_password_unlock();
89 * If we are given a remote machine assume this is the PDC.
93 pstrcpy(remote_machine, lp_passwordserver());
95 if(!*remote_machine) {
96 fprintf(stderr, "%s: No password server list given in smb.conf - \
97 unable to join domain.\n", prog_name);
98 trust_password_unlock();
102 ret = change_trust_account_password( domain, remote_machine);
103 trust_password_unlock();
106 trust_password_delete( domain, global_myname);
107 fprintf(stderr,"%s: Unable to join domain %s.\n", prog_name, domain);
109 printf("%s: Joined domain %s.\n", prog_name, domain);
115 /*********************************************************
117 **********************************************************/
119 int main(int argc, char **argv)
123 extern int DEBUGLEVEL;
129 uchar new_nt_p16[16];
131 struct smb_passwd *smb_pwent;
135 BOOL is_root = False;
137 BOOL remote_user_name = False;
138 char *remote_machine = NULL;
139 BOOL add_user = False;
140 BOOL got_new_pass = False;
141 BOOL trust_account = False;
142 BOOL disable_user = False;
143 BOOL set_no_password = False;
144 BOOL joining_domain = False;
145 char *new_domain = NULL;
146 pstring servicesf = CONFIGFILE;
149 new_passwd[0] = '\0';
152 memset(old_passwd, '\0', sizeof(old_passwd));
153 memset(new_passwd, '\0', sizeof(new_passwd));
159 setup_logging(prog_name,True);
161 charset_initialise();
163 if(!initialize_password_db()) {
164 fprintf(stderr, "%s: Can't setup password database vectors.\n", prog_name);
168 if (!lp_load(servicesf,True,False,False)) {
169 fprintf(stderr, "%s: Can't load %s - run testparm to debug it\n", prog_name, servicesf);
173 if(!get_myname(myhostname,NULL)) {
174 fprintf(stderr, "%s: unable to get my hostname.\n", prog_name );
179 * Set the machine NETBIOS name if not already
180 * set from the config file.
185 fstrcpy( global_myname, myhostname );
186 p = strchr( global_myname, '.' );
190 strupper( global_myname );
192 codepage_initialise(lp_client_code_page());
194 /* Get the real uid */
197 /* Check the effective uid */
198 if ((geteuid() == 0) && (real_uid != 0)) {
199 fprintf(stderr, "%s: Must *NOT* be setuid root.\n", prog_name);
203 is_root = (real_uid == 0);
205 while ((ch = getopt(argc, argv, "adhmnj:r:R:D:U:")) != EOF) {
211 usage(prog_name, is_root);
217 fstrcpy(new_passwd, "XXXXXX");
219 usage(prog_name, is_root);
222 DEBUGLEVEL = atoi(optarg);
226 set_no_password = True;
228 fstrcpy(new_passwd, "NO PASSWORD");
230 usage(prog_name, is_root);
232 remote_machine = optarg;
236 lp_set_name_resolve_order(optarg);
239 usage(prog_name, is_root);
242 trust_account = True;
244 usage(prog_name, is_root);
249 strupper(new_domain);
250 joining_domain = True;
252 usage(prog_name, is_root);
255 remote_user_name = True;
256 pstrcpy(user_name, optarg);
260 usage(prog_name, is_root);
267 if (!is_root && remote_user_name && !remote_machine) {
268 fprintf(stderr, "%s: You can only use -U with -r.\n", prog_name);
269 usage(prog_name, False);
273 * Ensure add_user and either remote machine or join domain are
277 if(add_user && ((remote_machine != NULL) || joining_domain))
278 usage(prog_name, True);
281 * Deal with joining a domain.
283 if(joining_domain && argc != 0)
284 usage(prog_name, True);
287 return join_domain( new_domain, remote_machine);
293 * Deal with root - can add a user, but only locally.
300 /* If we are root we can change another's password. */
301 pstrcpy(user_name, argv[0]);
304 pstrcpy(user_name, argv[0]);
305 fstrcpy(new_passwd, argv[1]);
309 usage(prog_name, True);
315 int username_len = strlen(user_name);
316 if(username_len >= sizeof(pstring) - 1) {
317 fprintf(stderr, "%s: machine account name too long.\n", user_name);
321 if(user_name[username_len-1] != '$') {
322 user_name[username_len] = '$';
323 user_name[username_len+1] = '\0';
327 if(!remote_machine && ((pwd = Get_Pwnam(user_name, True)) == NULL)) {
328 fprintf(stderr, "%s: User \"%s\" was not found in system password file.\n",
329 prog_name, user_name);
333 if((pwd = getpwuid(real_uid)) != NULL)
334 pstrcpy( user_name, pwd->pw_name);
340 fprintf(stderr, "%s: Only root can set anothers password.\n", prog_name);
341 usage(prog_name, False);
345 usage(prog_name, False);
348 fstrcpy(new_passwd, argv[0]);
352 if(!remote_user_name && ((pwd = getpwuid(real_uid)) != NULL))
353 pstrcpy( user_name, pwd->pw_name);
356 * A non-root user is always setting a password
357 * via a remote machine (even if that machine is
361 if(remote_machine == NULL)
362 remote_machine = "127.0.0.1";
365 if (*user_name == '\0') {
366 fprintf(stderr, "%s: Unable to get a user name for password change.\n", prog_name);
371 * If we are adding a machine account then pretend
372 * we already have the new password, we will be using
373 * the machinename as the password.
376 if(add_user && trust_account) {
378 strncpy(new_passwd, user_name, sizeof(fstring));
379 new_passwd[sizeof(fstring)-1] = '\0';
380 strlower(new_passwd);
381 if(new_passwd[strlen(new_passwd)-1] == '$')
382 new_passwd[strlen(new_passwd)-1] = '\0';
386 * If we are root we don't ask for the old password (unless it's on a
390 if (remote_machine != NULL) {
391 p = getpass("Old SMB password:");
392 fstrcpy(old_passwd, p);
396 new_passwd[0] = '\0';
398 p = getpass("New SMB password:");
400 strncpy(new_passwd, p, sizeof(fstring));
401 new_passwd[sizeof(fstring)-1] = '\0';
403 p = getpass("Retype new SMB password:");
405 if (strncmp(p, new_passwd, sizeof(fstring)-1))
407 fprintf(stderr, "%s: Mismatch - password unchanged.\n", prog_name);
412 if (new_passwd[0] == '\0') {
413 printf("Password not set\n");
418 * Now do things differently depending on if we're changing the
419 * password on a remote machine. Remember - a normal user is
420 * always using this code, looping back to the local smbd.
423 if(remote_machine != NULL) {
424 struct cli_state cli;
427 if(!resolve_name( remote_machine, &ip)) {
428 fprintf(stderr, "%s: unable to find an IP address for machine %s.\n",
429 prog_name, remote_machine );
435 if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) {
436 fprintf(stderr, "%s: unable to connect to SMB server on machine %s. Error was : %s.\n",
437 prog_name, remote_machine, cli_errstr(&cli) );
441 if (!cli_session_request(&cli, remote_machine, 0x20, global_myname)) {
442 fprintf(stderr, "%s: machine %s rejected the session setup. Error was : %s.\n",
443 prog_name, remote_machine, cli_errstr(&cli) );
448 cli.protocol = PROTOCOL_NT1;
450 if (!cli_negprot(&cli)) {
451 fprintf(stderr, "%s: machine %s rejected the negotiate protocol. Error was : %s.\n",
452 prog_name, remote_machine, cli_errstr(&cli) );
457 if (!cli_session_setup(&cli, user_name, old_passwd, strlen(old_passwd),
459 fprintf(stderr, "%s: machine %s rejected the session setup. Error was : %s.\n",
460 prog_name, remote_machine, cli_errstr(&cli) );
465 if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
466 fprintf(stderr, "%s: machine %s rejected the tconX on the IPC$ share. Error was : %s.\n",
467 prog_name, remote_machine, cli_errstr(&cli) );
472 if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) {
473 fprintf(stderr, "%s: machine %s rejected the password change: Error was : %s.\n",
474 prog_name, remote_machine, cli_errstr(&cli) );
484 * Check for a machine account.
487 if(trust_account && !pwd) {
488 fprintf(stderr, "%s: User %s does not exist in system password file \
489 (usually /etc/passwd). Cannot add machine account without a valid system user.\n",
490 prog_name, user_name);
494 /* Calculate the MD4 hash (NT compatible) of the new password. */
496 memset(new_nt_p16, '\0', 16);
497 E_md4hash((uchar *) new_passwd, new_nt_p16);
499 /* Mangle the password into Lanman format */
500 new_passwd[14] = '\0';
501 strupper(new_passwd);
504 * Calculate the SMB (lanman) hash functions of the new password.
507 memset(new_p16, '\0', 16);
508 E_P16((uchar *) new_passwd, new_p16);
511 * Open the smbpaswd file.
513 vp = startsmbpwent(True);
514 if (!vp && errno == ENOENT) {
515 fp = fopen(lp_smb_passwd_file(), "w");
517 fprintf(fp, "# Samba SMB password file\n");
519 vp = startsmbpwent(True);
524 fprintf(stderr, "%s: Failed to open password file %s.\n",
525 prog_name, lp_smb_passwd_file());
531 /* Get the smb passwd entry for this user */
532 smb_pwent = getsmbpwnam(user_name);
533 if (smb_pwent == NULL) {
534 if(add_user == False) {
535 fprintf(stderr, "%s: Failed to find entry for user %s.\n",
536 prog_name, pwd->pw_name);
541 /* Create a new smb passwd entry and set it to the given password. */
543 struct smb_passwd new_smb_pwent;
545 new_smb_pwent.smb_userid = pwd->pw_uid;
546 new_smb_pwent.smb_name = pwd->pw_name;
547 new_smb_pwent.smb_passwd = NULL;
548 new_smb_pwent.smb_nt_passwd = NULL;
549 new_smb_pwent.acct_ctrl = (trust_account ? ACB_WSTRUST : ACB_NORMAL);
552 new_smb_pwent.acct_ctrl |= ACB_DISABLED;
553 } else if (set_no_password) {
554 new_smb_pwent.acct_ctrl |= ACB_PWNOTREQ;
556 new_smb_pwent.smb_passwd = new_p16;
557 new_smb_pwent.smb_nt_passwd = new_nt_p16;
560 if(add_smbpwd_entry(&new_smb_pwent) == False) {
561 fprintf(stderr, "%s: Failed to add entry for user %s.\n",
562 prog_name, pwd->pw_name);
568 printf("%s: Added user %s.\n", prog_name, user_name);
572 /* the entry already existed */
577 * We are root - just write the new password
578 * and the valid last change time.
583 * This currently won't work as it means changing
584 * the length of the record. JRA.
586 smb_pwent->acct_ctrl |= ACB_DISABLED;
587 smb_pwent->smb_passwd = NULL;
588 smb_pwent->smb_nt_passwd = NULL;
589 } else if (set_no_password) {
591 * This currently won't work as it means changing
592 * the length of the record. JRA.
594 smb_pwent->acct_ctrl |= ACB_PWNOTREQ;
595 smb_pwent->smb_passwd = NULL;
596 smb_pwent->smb_nt_passwd = NULL;
598 smb_pwent->smb_passwd = new_p16;
599 smb_pwent->smb_nt_passwd = new_nt_p16;
602 if(mod_smbpwd_entry(smb_pwent,True) == False) {
603 fprintf(stderr, "%s: Failed to modify entry for user %s.\n",
604 prog_name, pwd->pw_name);
611 printf("User %s disabled.\n", user_name);
612 else if (set_no_password)
613 printf("User %s - set to no password.\n", user_name);
615 printf("Password changed for user %s.\n", user_name);