2 * Unix SMB/Netbios implementation. Version 1.9. smbpasswd module. Copyright
3 * (C) Jeremy Allison 1995-1998
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free
7 * Software Foundation; either version 2 of the License, or (at your option)
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 675
17 * Mass Ave, Cambridge, MA 02139, USA.
23 extern pstring myhostname;
24 extern pstring global_myname;
25 extern fstring global_myworkgroup;
27 static char *prog_name;
29 /*********************************************************
30 Print command usage on stderr and die.
31 **********************************************************/
33 static void usage(char *name, BOOL is_root)
36 fprintf(stderr, "Usage is : %s [-D DEBUGLEVEL] [-h] [-a] [-d] [-e] [-m] [-n] [-s] [username] [password]\n\
37 %s: [-R <name resolve order>] [-D DEBUGLEVEL] [-j DOMAINNAME] [-r machine] [-U remote_username] [username] [password]\n%s: [-h]\n", name, name, name);
39 fprintf(stderr, "Usage is : %s [-h] [-s] [-D DEBUGLEVEL] [-r machine] [-U remote_username] [password]\n", name);
43 /*********************************************************
45 **********************************************************/
47 static int join_domain( char *domain, char *remote)
49 pstring remote_machine;
51 unsigned char orig_trust_passwd_hash[16];
54 pstrcpy(remote_machine, remote ? remote : "");
55 fstrcpy(trust_passwd, global_myname);
56 strlower(trust_passwd);
57 E_md4hash( (uchar *)trust_passwd, orig_trust_passwd_hash);
59 /* Ensure that we are not trying to join a
60 domain if we are locally set up as a domain
63 if(strequal(remote, global_myname)) {
64 fprintf(stderr, "%s: Cannot join domain %s as the domain controller name is our own. \
65 We cannot be a domain controller for a domain and also be a domain member.\n", prog_name, domain);
70 * Create the machine account password file.
72 if(!trust_password_lock( domain, global_myname, True)) {
73 fprintf(stderr, "%s: unable to open the machine account password file for \
74 machine %s in domain %s.\n", prog_name, global_myname, domain);
79 * Write the old machine account password.
82 if(!set_trust_account_password( orig_trust_passwd_hash)) {
83 fprintf(stderr, "%s: unable to write the machine account password for \
84 machine %s in domain %s.\n", prog_name, global_myname, domain);
85 trust_password_unlock();
90 * If we are given a remote machine assume this is the PDC.
94 pstrcpy(remote_machine, lp_passwordserver());
96 if(!*remote_machine) {
97 fprintf(stderr, "%s: No password server list given in smb.conf - \
98 unable to join domain.\n", prog_name);
99 trust_password_unlock();
103 ret = change_trust_account_password( domain, remote_machine);
104 trust_password_unlock();
107 trust_password_delete( domain, global_myname);
108 fprintf(stderr,"%s: Unable to join domain %s.\n", prog_name, domain);
110 printf("%s: Joined domain %s.\n", prog_name, domain);
116 /*************************************************************
117 Utility function to prompt for passwords from stdin. Each
118 password entered must end with a newline.
119 *************************************************************/
121 static char *stdin_new_passwd(void)
123 static fstring new_passwd;
126 memset( new_passwd, '\0', sizeof(new_passwd));
129 * if no error is reported from fgets() and string at least contains
130 * the newline that ends the password, then replace the newline with
133 if ( fgets(new_passwd, sizeof(new_passwd), stdin) != NULL) {
134 if ((len = strlen(new_passwd)) > 0) {
135 if(new_passwd[len-1] == '\n')
136 new_passwd[len - 1] = 0;
142 /*************************************************************
143 Utility function to get passwords via tty or stdin
144 Used if the '-s' option is set to silently get passwords
146 *************************************************************/
148 static char *get_pass( char *prompt, BOOL stdin_get)
151 return( stdin_new_passwd());
153 return( getpass( prompt));
156 /*************************************************************
157 Utility function to prompt for new password.
158 *************************************************************/
160 static void prompt_for_new_password(char *new_passwd, BOOL stdin_get)
164 new_passwd[0] = '\0';
166 p = get_pass("New SMB password:", stdin_get);
168 strncpy(new_passwd, p, sizeof(fstring));
169 new_passwd[sizeof(fstring)-1] = '\0';
171 p = get_pass("Retype new SMB password:", stdin_get);
173 if (strncmp(p, new_passwd, sizeof(fstring)-1))
175 fprintf(stderr, "%s: Mismatch - password unchanged.\n", prog_name);
179 if (new_passwd[0] == '\0') {
180 printf("Password not set\n");
185 /*********************************************************
187 **********************************************************/
189 int main(int argc, char **argv)
193 extern int DEBUGLEVEL;
196 struct passwd *pwd = NULL;
200 uchar new_nt_p16[16];
202 struct smb_passwd *smb_pwent;
206 BOOL is_root = False;
208 BOOL remote_user_name = False;
209 char *remote_machine = NULL;
210 BOOL add_user = False;
211 BOOL got_new_pass = False;
212 BOOL trust_account = False;
213 BOOL disable_user = False;
214 BOOL enable_user = False;
215 BOOL set_no_password = False;
216 BOOL joining_domain = False;
217 BOOL stdin_passwd_get = False;
218 char *new_domain = NULL;
219 pstring servicesf = CONFIGFILE;
221 struct nmb_name calling, called;
224 new_passwd[0] = '\0';
227 memset(old_passwd, '\0', sizeof(old_passwd));
228 memset(new_passwd, '\0', sizeof(new_passwd));
234 setup_logging(prog_name,True);
236 charset_initialise();
238 if(!initialize_password_db()) {
239 fprintf(stderr, "%s: Can't setup password database vectors.\n", prog_name);
243 if (!lp_load(servicesf,True,False,False)) {
244 fprintf(stderr, "%s: Can't load %s - run testparm to debug it\n", prog_name, servicesf);
248 if(!get_myname(myhostname,NULL)) {
249 fprintf(stderr, "%s: unable to get my hostname.\n", prog_name );
254 * Set the machine NETBIOS name if not already
255 * set from the config file.
260 fstrcpy( global_myname, myhostname );
261 p = strchr( global_myname, '.' );
265 strupper( global_myname );
267 codepage_initialise(lp_client_code_page());
269 /* Get the real and effective uids */
273 /* Check the effective uid */
274 if ((eff_uid == (uid_t)0) && (real_uid != (uid_t)0)) {
275 fprintf(stderr, "%s: Must *NOT* be setuid root.\n", prog_name);
279 is_root = (eff_uid == (uid_t)0);
281 while ((ch = getopt(argc, argv, "adehmnj:r:sR:D:U:")) != EOF) {
287 usage(prog_name, is_root);
293 fstrcpy(new_passwd, "XXXXXX");
295 usage(prog_name, is_root);
301 fstrcpy(new_passwd, "XXXXXX");
303 usage(prog_name, is_root);
306 DEBUGLEVEL = atoi(optarg);
310 set_no_password = True;
312 fstrcpy(new_passwd, "NO PASSWORD");
314 usage(prog_name, is_root);
316 remote_machine = optarg;
320 * Ensure stdin/stdout are line buffered.
322 if (setvbuf( stdin, NULL, _IOLBF, 0) != 0) {
323 fprintf(stderr, "%s: setvbuf error on stdin. Error was %s\n", prog_name, strerror(errno));
327 if (setvbuf( stdout, NULL, _IOLBF, 0) != 0) {
328 fprintf(stderr, "%s: setvbuf error on stdout. Error was %s\n", prog_name, strerror(errno));
332 if (setvbuf( stderr, NULL, _IOLBF, 0) != 0) {
333 fprintf(stderr, "%s: setvbuf error on stderr. Error was %s\n", prog_name, strerror(errno));
334 perror("setvbuf error on stdout");
338 stdin_passwd_get = True;
342 lp_set_name_resolve_order(optarg);
345 usage(prog_name, is_root);
348 trust_account = True;
350 usage(prog_name, is_root);
355 strupper(new_domain);
356 joining_domain = True;
358 usage(prog_name, is_root);
361 remote_user_name = True;
362 pstrcpy(user_name, optarg);
366 usage(prog_name, is_root);
373 if (!is_root && remote_user_name && !remote_machine) {
374 fprintf(stderr, "%s: You can only use -U with -r.\n", prog_name);
375 usage(prog_name, False);
379 * Ensure add_user and either remote machine or join domain are
383 if(add_user && ((remote_machine != NULL) || joining_domain))
384 usage(prog_name, True);
387 * Deal with joining a domain.
389 if(joining_domain && argc != 0)
390 usage(prog_name, True);
393 return join_domain( new_domain, remote_machine);
399 * Deal with root - can add a user, but only locally.
406 /* If we are root we can change another's password. */
407 pstrcpy(user_name, argv[0]);
410 pstrcpy(user_name, argv[0]);
411 fstrcpy(new_passwd, argv[1]);
415 usage(prog_name, True);
421 int username_len = strlen(user_name);
422 if(username_len >= sizeof(pstring) - 1) {
423 fprintf(stderr, "%s: machine account name too long.\n", user_name);
427 if(user_name[username_len-1] != '$') {
428 user_name[username_len] = '$';
429 user_name[username_len+1] = '\0';
433 if(!remote_machine && ((pwd = Get_Pwnam(user_name, True)) == NULL)) {
434 fprintf(stderr, "%s: User \"%s\" was not found in system password file.\n",
435 prog_name, user_name);
439 if((pwd = getpwuid(eff_uid)) != NULL)
440 pstrcpy( user_name, pwd->pw_name);
446 fprintf(stderr, "%s: Only root can add a user.\n", prog_name);
447 usage(prog_name, False);
451 fprintf(stderr, "%s: Only root can disable a user.\n", prog_name);
452 usage(prog_name, False);
456 fprintf(stderr, "%s: Only root can enable a user.\n", prog_name);
457 usage(prog_name, False);
461 usage(prog_name, False);
464 fstrcpy(new_passwd, argv[0]);
468 if(!remote_user_name && ((pwd = getpwuid(eff_uid)) != NULL))
469 pstrcpy( user_name, pwd->pw_name);
472 * A non-root user is always setting a password
473 * via a remote machine (even if that machine is
477 if(remote_machine == NULL)
478 remote_machine = "127.0.0.1";
481 if (*user_name == '\0') {
482 fprintf(stderr, "%s: Unable to get a user name for password change.\n", prog_name);
487 * If we are adding a machine account then pretend
488 * we already have the new password, we will be using
489 * the machinename as the password.
492 if(add_user && trust_account) {
494 strncpy(new_passwd, user_name, sizeof(fstring));
495 new_passwd[sizeof(fstring)-1] = '\0';
496 strlower(new_passwd);
497 if(new_passwd[strlen(new_passwd)-1] == '$')
498 new_passwd[strlen(new_passwd)-1] = '\0';
502 * If we are root we don't ask for the old password (unless it's on a
506 if (remote_machine != NULL) {
507 p = get_pass("Old SMB password:",stdin_passwd_get);
508 fstrcpy(old_passwd, p);
512 prompt_for_new_password(new_passwd,stdin_passwd_get);
514 if (new_passwd[0] == '\0') {
515 printf("Password not set\n");
520 * Now do things differently depending on if we're changing the
521 * password on a remote machine. Remember - a normal user is
522 * always using this code, looping back to the local smbd.
525 if(remote_machine != NULL) {
526 struct cli_state cli;
529 if(!resolve_name( remote_machine, &ip, 0x20)) {
530 fprintf(stderr, "%s: unable to find an IP address for machine %s.\n",
531 prog_name, remote_machine );
537 if (!cli_initialise(&cli) || !cli_connect(&cli, remote_machine, &ip)) {
538 fprintf(stderr, "%s: unable to connect to SMB server on machine %s. Error was : %s.\n",
539 prog_name, remote_machine, cli_errstr(&cli) );
543 make_nmb_name(&calling, global_myname , 0x0 , scope);
544 make_nmb_name(&called , remote_machine, 0x20, scope);
546 if (!cli_session_request(&cli, &calling, &called))
548 fprintf(stderr, "%s: machine %s rejected the session setup. Error was : %s.\n",
549 prog_name, remote_machine, cli_errstr(&cli) );
554 cli.protocol = PROTOCOL_NT1;
556 if (!cli_negprot(&cli)) {
557 fprintf(stderr, "%s: machine %s rejected the negotiate protocol. Error was : %s.\n",
558 prog_name, remote_machine, cli_errstr(&cli) );
564 * We should connect as the anonymous user here, in case
565 * the server has "must change password" checked...
566 * Thanks to <Nicholas.S.Jenkins@cdc.com> for this fix.
569 if (!cli_session_setup(&cli, "", "", 0, "", 0, "")) {
570 fprintf(stderr, "%s: machine %s rejected the session setup. Error was : %s.\n",
571 prog_name, remote_machine, cli_errstr(&cli) );
576 if (!cli_send_tconX(&cli, "IPC$", "IPC", "", 1)) {
577 fprintf(stderr, "%s: machine %s rejected the tconX on the IPC$ share. Error was : %s.\n",
578 prog_name, remote_machine, cli_errstr(&cli) );
583 if(!cli_oem_change_password(&cli, user_name, new_passwd, old_passwd)) {
584 fprintf(stderr, "%s: machine %s rejected the password change: Error was : %s.\n",
585 prog_name, remote_machine, cli_errstr(&cli) );
595 * Check for a machine account.
598 if(trust_account && !pwd) {
599 fprintf(stderr, "%s: User %s does not exist in system password file \
600 (usually /etc/passwd). Cannot add machine account without a valid system user.\n",
601 prog_name, user_name);
605 /* Calculate the MD4 hash (NT compatible) of the new password. */
607 nt_lm_owf_gen( new_passwd, new_nt_p16, new_p16);
610 * Open the smbpaswd file.
612 vp = startsmbpwent(True);
613 if (!vp && errno == ENOENT) {
614 fprintf(stderr,"%s: smbpasswd file did not exist - attempting to create it.\n", prog_name);
615 fp = fopen(lp_smb_passwd_file(), "w");
617 fprintf(fp, "# Samba SMB password file\n");
619 vp = startsmbpwent(True);
624 fprintf(stderr, "%s: Failed to open password file %s.\n",
625 prog_name, lp_smb_passwd_file());
631 /* Get the smb passwd entry for this user */
632 smb_pwent = getsmbpwnam(user_name);
633 if (smb_pwent == NULL) {
634 if(add_user == False) {
635 fprintf(stderr, "%s: Failed to find entry for user %s.\n",
636 prog_name, pwd->pw_name);
641 /* Create a new smb passwd entry and set it to the given password. */
643 struct smb_passwd new_smb_pwent;
645 new_smb_pwent.smb_userid = pwd->pw_uid;
646 new_smb_pwent.smb_name = pwd->pw_name;
647 new_smb_pwent.smb_passwd = NULL;
648 new_smb_pwent.smb_nt_passwd = NULL;
649 new_smb_pwent.acct_ctrl = (trust_account ? ACB_WSTRUST : ACB_NORMAL);
652 new_smb_pwent.acct_ctrl |= ACB_DISABLED;
653 } else if (set_no_password) {
654 new_smb_pwent.acct_ctrl |= ACB_PWNOTREQ;
656 new_smb_pwent.smb_passwd = new_p16;
657 new_smb_pwent.smb_nt_passwd = new_nt_p16;
660 if(add_smbpwd_entry(&new_smb_pwent) == False) {
661 fprintf(stderr, "%s: Failed to add entry for user %s.\n",
662 prog_name, pwd->pw_name);
668 printf("%s: Added user %s.\n", prog_name, user_name);
672 /* the entry already existed */
677 * We are root - just write the new password
678 * and the valid last change time.
682 smb_pwent->acct_ctrl |= ACB_DISABLED;
683 else if (enable_user) {
684 if(smb_pwent->smb_passwd == NULL) {
685 prompt_for_new_password(new_passwd,stdin_passwd_get);
686 nt_lm_owf_gen( new_passwd, new_nt_p16, new_p16);
687 smb_pwent->smb_passwd = new_p16;
688 smb_pwent->smb_nt_passwd = new_nt_p16;
690 smb_pwent->acct_ctrl &= ~ACB_DISABLED;
691 } else if (set_no_password) {
692 smb_pwent->acct_ctrl |= ACB_PWNOTREQ;
693 /* This is needed to preserve ACB_PWNOTREQ in mod_smbfilepwd_entry */
694 smb_pwent->smb_passwd = NULL;
695 smb_pwent->smb_nt_passwd = NULL;
697 smb_pwent->acct_ctrl &= ~ACB_PWNOTREQ;
698 smb_pwent->smb_passwd = new_p16;
699 smb_pwent->smb_nt_passwd = new_nt_p16;
702 if(mod_smbpwd_entry(smb_pwent,True) == False) {
703 fprintf(stderr, "%s: Failed to modify entry for user %s.\n",
704 prog_name, pwd->pw_name);
711 printf("User %s disabled.\n", user_name);
713 printf("User %s enabled.\n", user_name);
714 else if (set_no_password)
715 printf("User %s - set to no password.\n", user_name);
717 printf("Password changed for user %s.\n", user_name);