source3/utils/smbpasswd.c

   1 /*
   2  * Unix SMB/CIFS implementation.
   3  * Copyright (C) Jeremy Allison 1995-1998
   4  * Copyright (C) Tim Potter     2001
   5  *
   6  * This program is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 3 of the License, or (at your
   9  * option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  14  * more details.
  15  *
  16  * You should have received a copy of the GNU General Public License along with
  17  * this program; if not, see <http://www.gnu.org/licenses/>.  */
  18
  19 #include "includes.h"
  20 #include "system/passwd.h"
  21 #include "secrets.h"
  22 #include "../librpc/gen_ndr/samr.h"
  23 #include "../lib/util/util_pw.h"
  24 #include "passdb.h"
  25
  26 /*
  27  * Next two lines needed for SunOS and don't
  28  * hurt anything else...
  29  */
  30 extern char *optarg;
  31 extern int optind;
  32
  33 /* forced running in root-mode */
  34 static bool got_username = False;
  35 static bool stdin_passwd_get = False;
  36 static fstring user_name;
  37 static char *new_passwd = NULL;
  38 static const char *remote_machine = NULL;
  39
  40 static fstring ldap_secret;
  41
  42
  43 /*********************************************************
  44  Print command usage on stderr and die.
  45 **********************************************************/
  46 static void usage(void)
  47 {
  48         printf("When run by root:\n");
  49         printf("    smbpasswd [options] [username]\n");
  50         printf("otherwise:\n");
  51         printf("    smbpasswd [options]\n\n");
  52
  53         printf("options:\n");
  54         printf("  -L                   local mode (must be first option)\n");
  55         printf("  -h                   print this usage message\n");
  56         printf("  -s                   use stdin for password prompt\n");
  57         printf("  -c smb.conf file     Use the given path to the smb.conf file\n");
  58         printf("  -D LEVEL             debug level\n");
  59         printf("  -r MACHINE           remote machine\n");
  60         printf("  -U USER              remote username\n");
  61
  62         printf("extra options when run by root or in local mode:\n");
  63         printf("  -a                   add user\n");
  64         printf("  -d                   disable user\n");
  65         printf("  -e                   enable user\n");
  66         printf("  -i                   interdomain trust account\n");
  67         printf("  -m                   machine trust account\n");
  68         printf("  -n                   set no password\n");
  69         printf("  -W                   use stdin ldap admin password\n");
  70         printf("  -w PASSWORD          ldap admin password\n");
  71         printf("  -x                   delete user\n");
  72         printf("  -R ORDER             name resolve order\n");
  73
  74         exit(1);
  75 }
  76
  77 static void set_line_buffering(FILE *f)
  78 {
  79         setvbuf(f, NULL, _IOLBF, 0);
  80 }
  81
  82 /*******************************************************************
  83  Process command line options
  84  ******************************************************************/
  85
  86 static int process_options(int argc, char **argv, int local_flags)
  87 {
  88         int ch;
  89         const char *configfile = get_dyn_CONFIGFILE();
  90
  91         local_flags |= LOCAL_SET_PASSWORD;
  92
  93         ZERO_STRUCT(user_name);
  94
  95         user_name[0] = '\0';
  96
  97         while ((ch = getopt(argc, argv, "c:axdehminjr:sw:R:D:U:LW")) != EOF) {
  98                 switch(ch) {
  99                 case 'L':
 100 #if !defined(NSS_WRAPPER)
 101                         if (getuid() != 0) {
 102                                 fprintf(stderr, "smbpasswd -L can only be used by root.\n");
 103                                 exit(1);
 104                         }
 105 #endif
 106                         local_flags |= LOCAL_AM_ROOT;
 107                         break;
 108                 case 'c':
 109                         configfile = optarg;
 110                         break;
 111                 case 'a':
 112                         local_flags |= LOCAL_ADD_USER;
 113                         break;
 114                 case 'x':
 115                         local_flags |= LOCAL_DELETE_USER;
 116                         local_flags &= ~LOCAL_SET_PASSWORD;
 117                         break;
 118                 case 'd':
 119                         local_flags |= LOCAL_DISABLE_USER;
 120                         local_flags &= ~LOCAL_SET_PASSWORD;
 121                         break;
 122                 case 'e':
 123                         local_flags |= LOCAL_ENABLE_USER;
 124                         local_flags &= ~LOCAL_SET_PASSWORD;
 125                         break;
 126                 case 'm':
 127                         local_flags |= LOCAL_TRUST_ACCOUNT;
 128                         break;
 129                 case 'i':
 130                         local_flags |= LOCAL_INTERDOM_ACCOUNT;
 131                         break;
 132                 case 'j':
 133                         d_printf("See 'net join' for this functionality\n");
 134                         exit(1);
 135                         break;
 136                 case 'n':
 137                         local_flags |= LOCAL_SET_NO_PASSWORD;
 138                         local_flags &= ~LOCAL_SET_PASSWORD;
 139                         new_passwd = smb_xstrdup("NO PASSWORD");
 140                         break;
 141                 case 'r':
 142                         remote_machine = optarg;
 143                         break;
 144                 case 's':
 145                         set_line_buffering(stdin);
 146                         set_line_buffering(stdout);
 147                         set_line_buffering(stderr);
 148                         stdin_passwd_get = True;
 149                         break;
 150                 case 'w':
 151                         local_flags |= LOCAL_SET_LDAP_ADMIN_PW;
 152                         fstrcpy(ldap_secret, optarg);
 153                         break;
 154                 case 'R':
 155                         lp_set_name_resolve_order(optarg);
 156                         break;
 157                 case 'D':
 158                         lp_set_cmdline("log level", optarg);
 159                         break;
 160                 case 'U': {
 161                         got_username = True;
 162                         fstrcpy(user_name, optarg);
 163                         break;
 164                 case 'W':
 165                         local_flags |= LOCAL_SET_LDAP_ADMIN_PW;
 166                         *ldap_secret = '\0';
 167                         break;
 168                 }
 169                 case 'h':
 170                 default:
 171                         usage();
 172                 }
 173         }
 174
 175         argc -= optind;
 176         argv += optind;
 177
 178         switch(argc) {
 179         case 0:
 180                 if (!got_username)
 181                         fstrcpy(user_name, "");
 182                 break;
 183         case 1:
 184                 if (!(local_flags & LOCAL_AM_ROOT)) {
 185                         usage();
 186                 } else {
 187                         if (got_username) {
 188                                 usage();
 189                         } else {
 190                                 fstrcpy(user_name, argv[0]);
 191                         }
 192                 }
 193                 break;
 194         default:
 195                 usage();
 196         }
 197
 198         if (!lp_load(configfile,True,False,False,True)) {
 199                 fprintf(stderr, "Can't load %s - run testparm to debug it\n",
 200                         configfile);
 201                 exit(1);
 202         }
 203
 204         return local_flags;
 205 }
 206
 207 /*************************************************************
 208  Utility function to prompt for new password.
 209 *************************************************************/
 210 static char *prompt_for_new_password(bool stdin_get)
 211 {
 212         char *p;
 213         fstring new_pw;
 214
 215         ZERO_ARRAY(new_pw);
 216
 217         p = get_pass("New SMB password:", stdin_get);
 218
 219         fstrcpy(new_pw, p);
 220         SAFE_FREE(p);
 221
 222         p = get_pass("Retype new SMB password:", stdin_get);
 223
 224         if (strcmp(p, new_pw)) {
 225                 fprintf(stderr, "Mismatch - password unchanged.\n");
 226                 ZERO_ARRAY(new_pw);
 227                 SAFE_FREE(p);
 228                 return NULL;
 229         }
 230
 231         return p;
 232 }
 233
 234
 235 /*************************************************************
 236  Change a password either locally or remotely.
 237 *************************************************************/
 238
 239 static NTSTATUS password_change(const char *remote_mach, char *username,
 240                                 char *old_passwd, char *new_pw,
 241                                 int local_flags)
 242 {
 243         NTSTATUS ret;
 244         char *err_str = NULL;
 245         char *msg_str = NULL;
 246
 247         if (remote_mach != NULL) {
 248                 if (local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER|
 249                                    LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|
 250                                    LOCAL_TRUST_ACCOUNT|LOCAL_SET_NO_PASSWORD)) {
 251                         /* these things can't be done remotely yet */
 252                         fprintf(stderr, "Invalid remote operation!\n");
 253                         return NT_STATUS_UNSUCCESSFUL;
 254                 }
 255                 ret = remote_password_change(remote_mach, username,
 256                                              old_passwd, new_pw, &err_str);
 257         } else {
 258                 ret = local_password_change(username, local_flags, new_pw,
 259                                             &err_str, &msg_str);
 260         }
 261
 262         if (msg_str) {
 263                 printf("%s", msg_str);
 264         }
 265         if (err_str) {
 266                 fprintf(stderr, "%s", err_str);
 267         }
 268         if (!NT_STATUS_IS_OK(ret) && !err_str) {
 269                 fprintf(stderr, "Failed to change password!\n");
 270         }
 271
 272         SAFE_FREE(msg_str);
 273         SAFE_FREE(err_str);
 274         return ret;
 275 }
 276
 277 /*******************************************************************
 278  Store the LDAP admin password in secrets.tdb
 279  ******************************************************************/
 280 static bool store_ldap_admin_pw (char* pw)
 281 {
 282         if (!pw)
 283                 return False;
 284
 285         if (!secrets_init())
 286                 return False;
 287
 288         return secrets_store_ldap_pw(lp_ldap_admin_dn(), pw);
 289 }
 290
 291
 292 /*************************************************************
 293  Handle password changing for root.
 294 *************************************************************/
 295
 296 static int process_root(int local_flags)
 297 {
 298         struct passwd  *pwd;
 299         int result = 0;
 300         char *old_passwd = NULL;
 301
 302         if (local_flags & LOCAL_SET_LDAP_ADMIN_PW) {
 303                 char *ldap_admin_dn = lp_ldap_admin_dn();
 304                 if ( ! *ldap_admin_dn ) {
 305                         DEBUG(0,("ERROR: 'ldap admin dn' not defined! Please check your smb.conf\n"));
 306                         goto done;
 307                 }
 308
 309                 printf("Setting stored password for \"%s\" in secrets.tdb\n", ldap_admin_dn);
 310                 if ( ! *ldap_secret ) {
 311                         new_passwd = prompt_for_new_password(stdin_passwd_get);
 312                         fstrcpy(ldap_secret, new_passwd);
 313                 }
 314                 if (!store_ldap_admin_pw(ldap_secret)) {
 315                         DEBUG(0,("ERROR: Failed to store the ldap admin password!\n"));
 316                 }
 317                 goto done;
 318         }
 319
 320         /* Ensure passdb startup(). */
 321         if(!initialize_password_db(False, NULL)) {
 322                 DEBUG(0, ("Failed to open passdb!\n"));
 323                 exit(1);
 324         }
 325
 326         /* Ensure we have a SAM sid. */
 327         get_global_sam_sid();
 328
 329         /*
 330          * Ensure both add/delete user are not set
 331          * Ensure add/delete user and either remote machine or join domain are
 332          * not both set.
 333          */
 334         if(((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) == (LOCAL_ADD_USER|LOCAL_DELETE_USER)) ||
 335            ((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) &&
 336                 (remote_machine != NULL))) {
 337                 usage();
 338         }
 339
 340         /* Only load interfaces if we are doing network operations. */
 341
 342         if (remote_machine) {
 343                 load_interfaces();
 344         }
 345
 346         if (!user_name[0] && (pwd = getpwuid_alloc(talloc_tos(), geteuid()))) {
 347                 fstrcpy(user_name, pwd->pw_name);
 348                 TALLOC_FREE(pwd);
 349         }
 350
 351         if (!user_name[0]) {
 352                 fprintf(stderr,"You must specify a username\n");
 353                 exit(1);
 354         }
 355
 356         if (local_flags & LOCAL_TRUST_ACCOUNT) {
 357                 /* add the $ automatically */
 358                 static fstring buf;
 359
 360                 /*
 361                  * Remove any trailing '$' before we
 362                  * generate the initial machine password.
 363                  */
 364
 365                 if (user_name[strlen(user_name)-1] == '$') {
 366                         user_name[strlen(user_name)-1] = 0;
 367                 }
 368
 369                 if (local_flags & LOCAL_ADD_USER) {
 370                         SAFE_FREE(new_passwd);
 371                         new_passwd = smb_xstrdup(user_name);
 372                         strlower_m(new_passwd);
 373                 }
 374
 375                 /*
 376                  * Now ensure the username ends in '$' for
 377                  * the machine add.
 378                  */
 379
 380                 slprintf(buf, sizeof(buf)-1, "%s$", user_name);
 381                 fstrcpy(user_name, buf);
 382         } else if (local_flags & LOCAL_INTERDOM_ACCOUNT) {
 383                 static fstring buf;
 384
 385                 if ((local_flags & LOCAL_ADD_USER) && (new_passwd == NULL)) {
 386                         /*
 387                          * Prompt for trusting domain's account password
 388                          */
 389                         new_passwd = prompt_for_new_password(stdin_passwd_get);
 390                         if(!new_passwd) {
 391                                 fprintf(stderr, "Unable to get newpassword.\n");
 392                                 exit(1);
 393                         }
 394                 }
 395
 396                 /* prepare uppercased and '$' terminated username */
 397                 slprintf(buf, sizeof(buf) - 1, "%s$", user_name);
 398                 fstrcpy(user_name, buf);
 399
 400         } else {
 401
 402                 if (remote_machine != NULL) {
 403                         old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
 404                         if(!old_passwd) {
 405                                 fprintf(stderr, "Unable to get old password.\n");
 406                                 exit(1);
 407                         }
 408                 }
 409
 410                 if (!(local_flags & LOCAL_SET_PASSWORD)) {
 411
 412                         /*
 413                          * If we are trying to enable a user, first we need to find out
 414                          * if they are using a modern version of the smbpasswd file that
 415                          * disables a user by just writing a flag into the file. If so
 416                          * then we can re-enable a user without prompting for a new
 417                          * password. If not (ie. they have a no stored password in the
 418                          * smbpasswd file) then we need to prompt for a new password.
 419                          */
 420
 421                         if(local_flags & LOCAL_ENABLE_USER) {
 422                                 struct samu *sampass = NULL;
 423
 424                                 sampass = samu_new( NULL );
 425                                 if (!sampass) {
 426                                         fprintf(stderr, "talloc fail for struct samu.\n");
 427                                         exit(1);
 428                                 }
 429                                 if (!pdb_getsampwnam(sampass, user_name)) {
 430                                         fprintf(stderr, "Failed to find user %s in passdb backend.\n",
 431                                                 user_name );
 432                                         exit(1);
 433                                 }
 434
 435                                 if(pdb_get_nt_passwd(sampass) == NULL) {
 436                                         local_flags |= LOCAL_SET_PASSWORD;
 437                                 }
 438                                 TALLOC_FREE(sampass);
 439                         }
 440                 }
 441
 442                 if((local_flags & LOCAL_SET_PASSWORD) && (new_passwd == NULL)) {
 443
 444                         new_passwd = prompt_for_new_password(stdin_passwd_get);
 445                         if(!new_passwd) {
 446                                 fprintf(stderr, "Unable to get new password.\n");
 447                                 exit(1);
 448                         }
 449                 }
 450         }
 451
 452         if (!NT_STATUS_IS_OK(password_change(remote_machine, user_name,
 453                                              old_passwd, new_passwd,
 454                                              local_flags))) {
 455                 result = 1;
 456                 goto done;
 457         }
 458
 459         if(remote_machine) {
 460                 printf("Password changed for user %s on %s.\n", user_name, remote_machine );
 461         } else if(!(local_flags & (LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|LOCAL_DELETE_USER|LOCAL_SET_NO_PASSWORD|LOCAL_SET_PASSWORD))) {
 462                 struct samu *sampass = NULL;
 463
 464                 sampass = samu_new( NULL );
 465                 if (!sampass) {
 466                         fprintf(stderr, "talloc fail for struct samu.\n");
 467                         exit(1);
 468                 }
 469
 470                 if (!pdb_getsampwnam(sampass, user_name)) {
 471                         fprintf(stderr, "Failed to find user %s in passdb backend.\n",
 472                                 user_name );
 473                         exit(1);
 474                 }
 475
 476                 printf("Password changed for user %s.", user_name );
 477                 if(pdb_get_acct_ctrl(sampass)&ACB_DISABLED) {
 478                         printf(" User has disabled flag set.");
 479                 }
 480                 if(pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) {
 481                         printf(" User has no password flag set.");
 482                 }
 483                 printf("\n");
 484                 TALLOC_FREE(sampass);
 485         }
 486
 487  done:
 488         SAFE_FREE(old_passwd);
 489         SAFE_FREE(new_passwd);
 490         return result;
 491 }
 492
 493
 494 /*************************************************************
 495  Handle password changing for non-root.
 496 *************************************************************/
 497
 498 static int process_nonroot(int local_flags)
 499 {
 500         struct passwd  *pwd = NULL;
 501         int result = 0;
 502         char *old_pw = NULL;
 503         char *new_pw = NULL;
 504
 505         if (local_flags & ~(LOCAL_AM_ROOT | LOCAL_SET_PASSWORD)) {
 506                 /* Extra flags that we can't honor non-root */
 507                 usage();
 508         }
 509
 510         if (!user_name[0]) {
 511                 pwd = getpwuid_alloc(talloc_tos(), getuid());
 512                 if (pwd) {
 513                         fstrcpy(user_name,pwd->pw_name);
 514                         TALLOC_FREE(pwd);
 515                 } else {
 516                         fprintf(stderr, "smbpasswd: cannot lookup user name for uid %u\n", (unsigned int)getuid());
 517                         exit(1);
 518                 }
 519         }
 520
 521         /*
 522          * A non-root user is always setting a password
 523          * via a remote machine (even if that machine is
 524          * localhost).
 525          */
 526
 527         load_interfaces(); /* Delayed from main() */
 528
 529         if (remote_machine == NULL) {
 530                 remote_machine = "127.0.0.1";
 531         }
 532
 533         if (remote_machine != NULL) {
 534                 old_pw = get_pass("Old SMB password:",stdin_passwd_get);
 535         }
 536
 537         if (!new_passwd) {
 538                 new_pw = prompt_for_new_password(stdin_passwd_get);
 539         }
 540         else
 541                 new_pw = smb_xstrdup(new_passwd);
 542
 543         if (!new_pw) {
 544                 fprintf(stderr, "Unable to get new password.\n");
 545                 exit(1);
 546         }
 547
 548         if (!NT_STATUS_IS_OK(password_change(remote_machine, user_name, old_pw,
 549                                              new_pw, 0))) {
 550                 result = 1;
 551                 goto done;
 552         }
 553
 554         printf("Password changed for user %s\n", user_name);
 555
 556  done:
 557         SAFE_FREE(old_pw);
 558         SAFE_FREE(new_pw);
 559
 560         return result;
 561 }
 562
 563
 564
 565 /*********************************************************
 566  Start here.
 567 **********************************************************/
 568 int main(int argc, char **argv)
 569 {
 570         TALLOC_CTX *frame = talloc_stackframe();
 571         int local_flags = 0;
 572         int ret;
 573
 574 #if defined(HAVE_SET_AUTH_PARAMETERS)
 575         set_auth_parameters(argc, argv);
 576 #endif /* HAVE_SET_AUTH_PARAMETERS */
 577
 578         if (getuid() == 0) {
 579                 local_flags = LOCAL_AM_ROOT;
 580         }
 581
 582         load_case_tables();
 583
 584         local_flags = process_options(argc, argv, local_flags);
 585
 586         setup_logging("smbpasswd", DEBUG_STDERR);
 587
 588         /*
 589          * Set the machine NETBIOS name if not already
 590          * set from the config file.
 591          */
 592
 593         if (!init_names())
 594                 return 1;
 595
 596         /* Check the effective uid - make sure we are not setuid */
 597         if (is_setuid_root()) {
 598                 fprintf(stderr, "smbpasswd must *NOT* be setuid root.\n");
 599                 exit(1);
 600         }
 601
 602         if (local_flags & LOCAL_AM_ROOT) {
 603                 secrets_init();
 604                 return process_root(local_flags);
 605         }
 606
 607         ret = process_nonroot(local_flags);
 608         TALLOC_FREE(frame);
 609         return ret;
 610 }