2 * Unix SMB/Netbios implementation.
3 * Copyright (C) Jeremy Allison 1995-1998
4 * Copyright (C) Tim Potter 2001
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version.
11 * This program is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
16 * You should have received a copy of the GNU General Public License along with
17 * this program; if not, write to the Free Software Foundation, Inc., 675
18 * Mass Ave, Cambridge, MA 02139, USA. */
22 extern pstring global_myname;
25 * Next two lines needed for SunOS and don't
26 * hurt anything else...
31 /** forced running in root-mode **/
32 static BOOL local_mode;
35 * Print command usage on stderr and die.
37 static void usage(void)
39 printf("When run by root:\n");
40 printf(" smbpasswd [options] [username] [password]\n");
41 printf("otherwise:\n");
42 printf(" smbpasswd [options] [password]\n\n");
45 printf(" -s use stdin for password prompt\n");
46 printf(" -D LEVEL debug level\n");
47 printf(" -U USER remote username\n");
48 printf(" -r MACHINE remote machine\n");
50 printf("extra options when run by root or in local mode:\n");
51 printf(" -L local mode (must be first option)\n");
52 printf(" -R ORDER name resolve order\n");
53 printf(" -j DOMAIN join domain name\n");
54 printf(" -a add user\n");
55 printf(" -x delete user\n");
56 printf(" -d disable user\n");
57 printf(" -e enable user\n");
58 printf(" -n set no password\n");
59 printf(" -m machine trust account\n");
64 /*********************************************************
66 **********************************************************/
67 static int join_domain(char *domain, char *remote)
69 pstring remote_machine;
71 unsigned char orig_trust_passwd_hash[16];
74 pstrcpy(remote_machine, remote ? remote : "");
75 fstrcpy(trust_passwd, global_myname);
76 strlower(trust_passwd);
77 E_md4hash( (uchar *)trust_passwd, orig_trust_passwd_hash);
79 /* Ensure that we are not trying to join a
80 domain if we are locally set up as a domain
83 if(strequal(remote, global_myname)) {
84 fprintf(stderr, "Cannot join domain %s as the domain controller name is our own. We cannot be a domain controller for a domain and also be a domain member.\n", domain);
89 * Write the old machine account password.
92 if(!secrets_store_trust_account_password(domain, orig_trust_passwd_hash)) {
93 fprintf(stderr, "Unable to write the machine account password for \
94 machine %s in domain %s.\n", global_myname, domain);
99 * If we are given a remote machine assume this is the PDC.
103 pstrcpy(remote_machine, lp_passwordserver());
106 if(!*remote_machine) {
107 fprintf(stderr, "No password server list given in smb.conf - \
108 unable to join domain.\n");
112 ret = change_trust_account_password( domain, remote_machine);
115 trust_password_delete(domain);
116 fprintf(stderr,"Unable to join domain %s.\n",domain);
118 printf("Joined domain %s.\n",domain);
125 static void set_line_buffering(FILE *f)
127 setvbuf(f, NULL, _IOLBF, 0);
130 /*************************************************************
131 Utility function to prompt for passwords from stdin. Each
132 password entered must end with a newline.
133 *************************************************************/
134 static char *stdin_new_passwd(void)
136 static fstring new_passwd;
139 ZERO_ARRAY(new_passwd);
142 * if no error is reported from fgets() and string at least contains
143 * the newline that ends the password, then replace the newline with
146 if ( fgets(new_passwd, sizeof(new_passwd), stdin) != NULL) {
147 if ((len = strlen(new_passwd)) > 0) {
148 if(new_passwd[len-1] == '\n')
149 new_passwd[len - 1] = 0;
156 /*************************************************************
157 Utility function to get passwords via tty or stdin
158 Used if the '-s' option is set to silently get passwords
160 *************************************************************/
161 static char *get_pass( char *prompt, BOOL stdin_get)
165 p = stdin_new_passwd();
169 return smb_xstrdup(p);
172 /*************************************************************
173 Utility function to prompt for new password.
174 *************************************************************/
175 static char *prompt_for_new_password(BOOL stdin_get)
180 ZERO_ARRAY(new_passwd);
182 p = get_pass("New SMB password:", stdin_get);
184 fstrcpy(new_passwd, p);
187 p = get_pass("Retype new SMB password:", stdin_get);
189 if (strcmp(p, new_passwd)) {
190 fprintf(stderr, "Mismatch - password unchanged.\n");
191 ZERO_ARRAY(new_passwd);
200 /*************************************************************
201 Change a password either locally or remotely.
202 *************************************************************/
204 static BOOL password_change(const char *remote_machine, char *user_name,
205 char *old_passwd, char *new_passwd, int local_flags)
211 if (remote_machine != NULL) {
212 if (local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|
213 LOCAL_TRUST_ACCOUNT|LOCAL_SET_NO_PASSWORD)) {
214 /* these things can't be done remotely yet */
217 ret = remote_password_change(remote_machine, user_name,
218 old_passwd, new_passwd, err_str, sizeof(err_str));
220 fprintf(stderr, err_str);
224 ret = local_password_change(user_name, local_flags, new_passwd,
225 err_str, sizeof(err_str), msg_str, sizeof(msg_str));
230 fprintf(stderr, err_str);
236 /*************************************************************
237 Handle password changing for root.
238 *************************************************************/
240 static int process_root(int argc, char *argv[])
244 BOOL joining_domain = False, got_pass = False, got_username = False;
245 int local_flags = LOCAL_SET_PASSWORD;
246 BOOL stdin_passwd_get = False;
247 fstring user_name, user_password;
248 char *new_domain = NULL;
249 char *new_passwd = NULL;
250 char *old_passwd = NULL;
251 char *remote_machine = NULL;
253 ZERO_STRUCT(user_name);
254 ZERO_STRUCT(user_password);
258 while ((ch = getopt(argc, argv, "axdehmnj:r:sR:D:U:L")) != EOF) {
264 local_flags |= LOCAL_ADD_USER;
267 local_flags |= LOCAL_DELETE_USER;
268 local_flags &= ~LOCAL_SET_PASSWORD;
271 local_flags |= LOCAL_DISABLE_USER;
272 local_flags &= ~LOCAL_SET_PASSWORD;
275 local_flags |= LOCAL_ENABLE_USER;
276 local_flags &= ~LOCAL_SET_PASSWORD;
279 local_flags |= LOCAL_TRUST_ACCOUNT;
282 local_flags |= LOCAL_SET_NO_PASSWORD;
283 local_flags &= ~LOCAL_SET_PASSWORD;
287 strupper(new_domain);
288 joining_domain = True;
291 remote_machine = optarg;
294 set_line_buffering(stdin);
295 set_line_buffering(stdout);
296 set_line_buffering(stderr);
297 stdin_passwd_get = True;
300 lp_set_name_resolve_order(optarg);
303 DEBUGLEVEL = atoi(optarg);
309 fstrcpy(user_name, optarg);
311 if ((lp = strchr_m(user_name, '%'))) {
313 fstrcpy(user_password, lp + 1);
315 memset(strchr_m(optarg, '%') + 1, 'X',
316 strlen(user_password));
331 * Ensure both add/delete user are not set
332 * Ensure add/delete user and either remote machine or join domain are
335 if(((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) == (LOCAL_ADD_USER|LOCAL_DELETE_USER)) ||
336 ((local_flags & (LOCAL_ADD_USER|LOCAL_DELETE_USER)) &&
337 ((remote_machine != NULL) || joining_domain))) {
341 /* Only load interfaces if we are doing network operations. */
343 if (joining_domain || remote_machine) {
349 if (joining_domain) {
354 /* Are we joining by specifing an admin username and
359 /* Get administrator password if not specified */
362 char *pass = getpass("Password: ");
365 pstrcpy(user_password, pass);
368 d_printf("use net rpc join to do this now.\n");
373 /* Or just with the server manager? */
375 return join_domain(new_domain, remote_machine);
380 * Deal with root - can add a user, but only locally.
386 fstrcpy(user_name, "");
391 fstrcpy(user_name, argv[0]);
394 if (got_username || got_pass)
396 fstrcpy(user_name, argv[0]);
397 new_passwd = smb_xstrdup(argv[1]);
403 if (!user_name[0] && (pwd = sys_getpwuid(geteuid()))) {
404 fstrcpy(user_name, pwd->pw_name);
408 fprintf(stderr,"You must specify a username\n");
412 if (local_flags & LOCAL_TRUST_ACCOUNT) {
413 /* add the $ automatically */
417 * Remove any trailing '$' before we
418 * generate the initial machine password.
421 if (user_name[strlen(user_name)-1] == '$') {
422 user_name[strlen(user_name)-1] = 0;
425 if (local_flags & LOCAL_ADD_USER) {
426 SAFE_FREE(new_passwd);
427 new_passwd = smb_xstrdup(user_name);
428 strlower(new_passwd);
432 * Now ensure the username ends in '$' for
436 slprintf(buf, sizeof(buf)-1, "%s$", user_name);
437 fstrcpy(user_name, buf);
440 if (remote_machine != NULL) {
441 old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
444 if (!(local_flags & LOCAL_SET_PASSWORD)) {
447 * If we are trying to enable a user, first we need to find out
448 * if they are using a modern version of the smbpasswd file that
449 * disables a user by just writing a flag into the file. If so
450 * then we can re-enable a user without prompting for a new
451 * password. If not (ie. they have a no stored password in the
452 * smbpasswd file) then we need to prompt for a new password.
455 if(local_flags & LOCAL_ENABLE_USER) {
456 SAM_ACCOUNT *sampass = NULL;
459 pdb_init_sam(&sampass);
460 ret = pdb_getsampwnam(sampass, user_name);
461 if((sampass != False) && (pdb_get_lanman_passwd(sampass) == NULL)) {
462 local_flags |= LOCAL_SET_PASSWORD;
464 pdb_free_sam(&sampass);
468 if(local_flags & LOCAL_SET_PASSWORD) {
469 new_passwd = prompt_for_new_password(stdin_passwd_get);
472 fprintf(stderr, "Unable to get new password.\n");
477 if (!password_change(remote_machine, user_name, old_passwd, new_passwd, local_flags)) {
478 fprintf(stderr,"Failed to modify password entry for user %s\n", user_name);
483 if(!(local_flags & (LOCAL_ADD_USER|LOCAL_DISABLE_USER|LOCAL_ENABLE_USER|LOCAL_DELETE_USER|LOCAL_SET_NO_PASSWORD|LOCAL_SET_PASSWORD))) {
484 SAM_ACCOUNT *sampass = NULL;
487 pdb_init_sam(&sampass);
488 ret = pdb_getsampwnam(sampass, user_name);
490 printf("Password changed for user %s.", user_name );
491 if( (ret != False) && (pdb_get_acct_ctrl(sampass)&ACB_DISABLED) )
492 printf(" User has disabled flag set.");
493 if((ret != False) && (pdb_get_acct_ctrl(sampass) & ACB_PWNOTREQ) )
494 printf(" User has no password flag set.");
496 pdb_free_sam(&sampass);
500 SAFE_FREE(new_passwd);
506 handle password changing for non-root
508 static int process_nonroot(int argc, char *argv[])
510 struct passwd *pwd = NULL;
512 BOOL stdin_passwd_get = False;
513 char *old_passwd = NULL;
514 char *remote_machine = NULL;
515 char *user_name = NULL;
516 char *new_passwd = NULL;
518 while ((ch = getopt(argc, argv, "hD:r:sU:")) != EOF) {
521 DEBUGLEVEL = atoi(optarg);
524 remote_machine = optarg;
527 set_line_buffering(stdin);
528 set_line_buffering(stdout);
529 set_line_buffering(stderr);
530 stdin_passwd_get = True;
548 new_passwd = argv[0];
552 pwd = sys_getpwuid(getuid());
554 user_name = smb_xstrdup(pwd->pw_name);
556 fprintf(stderr, "smbpasswd: you don't exist - go away\n");
562 * A non-root user is always setting a password
563 * via a remote machine (even if that machine is
567 load_interfaces(); /* Delayed from main() */
569 if (remote_machine == NULL) {
570 remote_machine = "127.0.0.1";
573 if (remote_machine != NULL) {
574 old_passwd = get_pass("Old SMB password:",stdin_passwd_get);
578 new_passwd = prompt_for_new_password(stdin_passwd_get);
582 fprintf(stderr, "Unable to get new password.\n");
586 if (!password_change(remote_machine, user_name, old_passwd, new_passwd, 0)) {
587 fprintf(stderr,"Failed to change password for %s\n", user_name);
592 printf("Password changed for user %s\n", user_name);
595 SAFE_FREE(old_passwd);
596 SAFE_FREE(new_passwd);
603 /*********************************************************
605 **********************************************************/
606 int main(int argc, char **argv)
608 #if defined(HAVE_SET_AUTH_PARAMETERS)
609 set_auth_parameters(argc, argv);
610 #endif /* HAVE_SET_AUTH_PARAMETERS */
612 setup_logging("smbpasswd", True);
614 if(!initialize_password_db(True)) {
615 fprintf(stderr, "Can't setup password database vectors.\n");
619 if (!lp_load(dyn_CONFIGFILE,True,False,False)) {
620 fprintf(stderr, "Can't load %s - run testparm to debug it\n",
626 * Set the machine NETBIOS name if not already
627 * set from the config file.
630 if (!*global_myname) {
632 fstrcpy(global_myname, myhostname());
633 p = strchr_m(global_myname, '.' );
636 strupper(global_myname);
638 /* Check the effective uid - make sure we are not setuid */
639 if (is_setuid_root()) {
640 fprintf(stderr, "smbpasswd must *NOT* be setuid root.\n");
644 /* pre-check for local mode option as first option. We can't
645 do this via normal getopt as getopt can't be called
647 if (argc > 1 && strcmp(argv[1], "-L") == 0) {
651 if (local_mode || getuid() == 0) {
653 return process_root(argc, argv);
656 return process_nonroot(argc, argv);