/* mkpasswd.c:
- Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2005, 2006,
- 2008 Red Hat, Inc.
-
This file is part of Cygwin.
This software is a copyrighted work licensed under the terms of the
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
details. */
+#define _WIN32_WINNT 0x0a00
+#include <errno.h>
#include <ctype.h>
#include <stdlib.h>
#include <wchar.h>
+#include <wctype.h>
+#include <locale.h>
#include <stdio.h>
-#include <windows.h>
-#include <io.h>
#include <unistd.h>
-#include <sys/cygwin.h>
+#include <inttypes.h>
#include <getopt.h>
-#include <lmaccess.h>
-#include <lmapibuf.h>
+#include <io.h>
+#include <pwd.h>
#include <sys/fcntl.h>
-#include <lmerr.h>
-#include <lmcons.h>
+#include <sys/cygwin.h>
+#include <cygwin/version.h>
+#include <windows.h>
+#include <lm.h>
#include <iptypes.h>
+#include <wininet.h>
+#include <ntsecapi.h>
+#include <dsgetdc.h>
+#include <ntdef.h>
#define print_win_error(x) _print_win_error(x, __LINE__)
-#define MAX_SID_LEN 40
-
-static const char version[] = "$Revision$";
-
SID_IDENTIFIER_AUTHORITY sid_world_auth = {SECURITY_WORLD_SID_AUTHORITY};
SID_IDENTIFIER_AUTHORITY sid_nt_auth = {SECURITY_NT_AUTHORITY};
-typedef struct {
- LPWSTR DomainControllerName;
- LPWSTR DomainControllerAddress;
- ULONG DomainControllerAddressType;
- GUID DomainGuid;
- LPWSTR DomainName;
- LPWSTR DnsForestName;
- ULONG Flags;
- LPWSTR DcSiteName;
- LPWSTR ClientSiteName;
-} *PDOMAIN_CONTROLLER_INFOW;
-
-NET_API_STATUS WINAPI (*dsgetdcname)(LPWSTR,LPWSTR,GUID*,LPWSTR,ULONG,PDOMAIN_CONTROLLER_INFOW*);
-
#ifndef min
#define min(a,b) (((a)<(b))?(a):(b))
#endif
-void
-load_netapi ()
+typedef struct
{
- HANDLE h = LoadLibrary ("netapi32.dll");
+ char *str;
+ BOOL domain;
+ BOOL with_dom;
+} domlist_t;
- if (h)
- dsgetdcname = (void *) GetProcAddress (h, "DsGetDcNameW");
+static void
+_print_win_error(DWORD code, int line)
+{
+ char buf[4096];
+
+ if (FormatMessage (FORMAT_MESSAGE_FROM_SYSTEM
+ | FORMAT_MESSAGE_IGNORE_INSERTS,
+ NULL,
+ code,
+ MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
+ (LPTSTR) buf, sizeof (buf), NULL))
+ fprintf (stderr, "mkpasswd (%d): [%" PRIu32 "] %s",
+ line, (unsigned int) code, buf);
+ else
+ fprintf (stderr, "mkpasswd (%d): error %" PRIu32,
+ line, (unsigned int) code);
}
-char *
+static char *
put_sid (PSID sid)
{
static char s[512];
strcat (s, t);
for (i = 0; i < *GetSidSubAuthorityCount (sid); ++i)
{
- sprintf(t, "-%lu", *GetSidSubAuthority (sid, i));
+ sprintf(t, "-%" PRIu32, (unsigned int) *GetSidSubAuthority (sid, i));
strcat (s, t);
}
return s;
}
-void
-psx_dir (char *in, char *out)
-{
- if (isalpha (in[0]) && in[1] == ':')
- {
- sprintf (out, "/cygdrive/%c", in[0]);
- in += 2;
- out += strlen (out);
- }
-
- while (*in)
- {
- if (*in == '\\')
- *out = '/';
- else
- *out = *in;
- in++;
- out++;
- }
-
- *out = '\0';
-}
-
-void
+static void
uni2ansi (LPWSTR wcs, char *mbs, int size)
{
if (wcs)
*mbs = '\0';
}
-void
-_print_win_error(DWORD code, int line)
-{
- char buf[4096];
+typedef struct {
+ PSID psid;
+ int buffer[10];
+} sidbuf;
- if (FormatMessage (FORMAT_MESSAGE_FROM_SYSTEM
- | FORMAT_MESSAGE_IGNORE_INSERTS,
- NULL,
- code,
- MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT),
- (LPTSTR) buf, sizeof (buf), NULL))
- fprintf (stderr, "mkpasswd (%d): [%lu] %s", line, code, buf);
- else
- fprintf (stderr, "mkpasswd (%d): error %lu", line, code);
-}
+static sidbuf curr_user;
+static sidbuf curr_pgrp;
+static BOOL got_curr_user = FALSE;
-void
-current_user (int print_sids, int print_cygpath,
- const char * passed_home_path, int id_offset, const char * disp_username)
+static void
+fetch_current_user_sid ()
{
- char name[UNLEN + 1], *envname, *envdomain;
DWORD len;
HANDLE ptok;
- int errpos = 0;
- struct {
- PSID psid;
- int buffer[10];
- } tu, tg;
-
-
- if ((!GetUserName (name, (len = sizeof (name), &len)) && (errpos = __LINE__))
- || !name[0]
- || !(envname = getenv("USERNAME"))
- || strcasecmp (envname, name)
- || (disp_username && strcasecmp(envname, disp_username))
- || (!GetComputerName (name, (len = sizeof (name), &len))
- && (errpos = __LINE__))
- || !(envdomain = getenv("USERDOMAIN"))
- || !envdomain[0]
- || !strcasecmp (envdomain, name)
- || (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok)
- && (errpos = __LINE__))
- || (!GetTokenInformation (ptok, TokenUser, &tu, sizeof tu, &len)
- && (errpos = __LINE__))
- || (!GetTokenInformation (ptok, TokenPrimaryGroup, &tg, sizeof tg, &len)
- && (errpos = __LINE__))
- || (!CloseHandle (ptok) && (errpos = __LINE__)))
+
+ if (!OpenProcessToken (GetCurrentProcess (), TOKEN_QUERY, &ptok)
+ || !GetTokenInformation (ptok, TokenUser, &curr_user, sizeof curr_user,
+ &len)
+ || !GetTokenInformation (ptok, TokenPrimaryGroup, &curr_pgrp,
+ sizeof curr_pgrp, &len)
+ || !CloseHandle (ptok))
{
- if (errpos)
- _print_win_error (GetLastError (), errpos);
+ print_win_error (GetLastError ());
return;
}
+}
- int uid = *GetSidSubAuthority (tu.psid, *GetSidSubAuthorityCount(tu.psid) - 1);
- int gid = *GetSidSubAuthority (tg.psid, *GetSidSubAuthorityCount(tg.psid) - 1);
- char homedir_psx[MAX_PATH] = {0}, homedir_w32[MAX_PATH] = {0};
+static void
+enum_unix_users (domlist_t *mach, const char *sep, DWORD id_offset,
+ char *unix_user_list)
+{
+ WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1];
+ SID_IDENTIFIER_AUTHORITY auth = { { 0, 0, 0, 0, 0, 22 } };
+ char *ustr, *user_list;
+ WCHAR user[UNLEN + sizeof ("Unix User\\") + 1];
+ WCHAR dom[MAX_DOMAIN_NAME_LEN + 1];
+ DWORD ulen, dlen, sidlen;
+ PSID psid;
+ PSID numeric_psid;
+ char psid_buffer[SECURITY_MAX_SID_SIZE];
+ SID_NAME_USE acc_type;
+
+ int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1);
+ if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1)
+ {
+ fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n",
+ program_invocation_short_name, mach->str);
+ return;
+ }
- char *envhomedrive = getenv ("HOMEDRIVE");
- char *envhomepath = getenv ("HOMEPATH");
+ if (!AllocateAndInitializeSid (&auth, 2, 1, 0, 0, 0, 0, 0, 0, 0,
+ &numeric_psid))
+ return;
- if (passed_home_path[0] == '\0')
+ if (!(user_list = strdup (unix_user_list)))
{
- if (envhomepath && envhomepath[0])
- {
- if (envhomedrive)
- strlcpy (homedir_w32, envhomedrive, sizeof (homedir_w32));
- if (envhomepath[0] != '\\')
- strlcat (homedir_w32, "\\", sizeof (homedir_w32));
- strlcat (homedir_w32, envhomepath, sizeof (homedir_w32));
- if (print_cygpath)
- cygwin_conv_path (CCP_WIN_A_TO_POSIX | CCP_ABSOLUTE, homedir_w32,
- homedir_psx, MAX_PATH);
- else
- psx_dir (homedir_w32, homedir_psx);
+ FreeSid (numeric_psid);
+ return;
+ }
+
+ for (ustr = strtok (user_list, ","); ustr; ustr = strtok (NULL, ","))
+ {
+ if (!isdigit ((unsigned char) ustr[0]) && ustr[0] != '-')
+ {
+ PWCHAR p = wcpcpy (user, L"Unix User\\");
+ ret = mbstowcs (p, ustr, UNLEN + 1);
+ if (ret < 1 || ret >= UNLEN + 1)
+ {
+ fprintf (stderr, "%s: Invalid user name '%s'. Skipping...\n",
+ program_invocation_short_name, ustr);
+ continue;
+ }
+ psid = (PSID) psid_buffer;
+ sidlen = SECURITY_MAX_SID_SIZE;
+ dlen = MAX_DOMAIN_NAME_LEN + 1;
+ if (LookupAccountNameW (machine, user, psid, &sidlen,
+ dom, &dlen, &acc_type))
+ printf ("%s%s%ls:*:%" PRIu32 ":99999:,%s::\n",
+ "Unix_User",
+ sep,
+ user + 10,
+ (unsigned int) (id_offset +
+ *GetSidSubAuthority (psid,
+ *GetSidSubAuthorityCount(psid) - 1)),
+ put_sid (psid));
}
else
- {
- strlcpy (homedir_psx, "/home/", sizeof (homedir_psx));
- strlcat (homedir_psx, envname, sizeof (homedir_psx));
+ {
+ DWORD start, stop;
+ char *p = ustr;
+ if (*p == '-')
+ start = 0;
+ else
+ start = strtol (p, &p, 10);
+ if (!*p)
+ stop = start;
+ else if (*p++ != '-' || !isdigit ((unsigned char) *p)
+ || (stop = strtol (p, &p, 10)) < start || *p)
+ {
+ fprintf (stderr, "%s: Malformed unix user list entry '%s'. "
+ "Skipping...\n",
+ program_invocation_short_name, ustr);
+ continue;
+ }
+ for (; start <= stop; ++ start)
+ {
+ psid = numeric_psid;
+ *GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1)
+ = start;
+ ulen = GNLEN + 1;
+ dlen = MAX_DOMAIN_NAME_LEN + 1;
+ if (LookupAccountSidW (machine, psid, user, &ulen,
+ dom, &dlen, &acc_type)
+ && !iswdigit (user[0]))
+ printf ("%s%s%ls:*:%" PRIu32 ":99999:,%s::\n",
+ "Unix_User",
+ sep,
+ user,
+ (unsigned int) (id_offset + start),
+ put_sid (psid));
+ }
}
}
- else
- {
- strlcpy (homedir_psx, passed_home_path, sizeof (homedir_psx));
- strlcat (homedir_psx, envname, sizeof (homedir_psx));
- }
- printf ("%s:unused:%u:%u:%s%s%s%s%s%s%s%s:%s:/bin/bash\n",
- envname,
- uid + id_offset,
- gid + id_offset,
- envname,
- print_sids ? "," : "",
- print_sids ? "U-" : "",
- print_sids ? envdomain : "",
- print_sids ? "\\" : "",
- print_sids ? envname : "",
- print_sids ? "," : "",
- print_sids ? put_sid (tu.psid) : "",
- homedir_psx);
+ free (user_list);
+ FreeSid (numeric_psid);
}
-int
-enum_users (LPWSTR servername, int print_sids, int print_cygpath,
- const char * passed_home_path, int id_offset, char *disp_username)
+static int
+enum_users (domlist_t *mach, const char *sep, const char *passed_home_path,
+ DWORD id_offset, char *disp_username, int print_current)
{
+ WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1];
USER_INFO_3 *buffer;
DWORD entriesread = 0;
DWORD totalentries = 0;
DWORD rc;
WCHAR uni_name[UNLEN + 1];
+ int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1);
+ if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1)
+ {
+ fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n",
+ program_invocation_short_name, mach->str);
+ return 1;
+ }
+
do
{
DWORD i;
if (disp_username != NULL)
{
mbstowcs (uni_name, disp_username, UNLEN + 1);
- rc = NetUserGetInfo (servername, (LPWSTR) &uni_name, 3,
+ rc = NetUserGetInfo (machine, (LPWSTR) &uni_name, 3,
(void *) &buffer);
entriesread = 1;
+ /* Avoid annoying error messages just because the user hasn't been
+ found. */
+ if (rc == NERR_UserNotFound)
+ return 0;
}
- else
- rc = NetUserEnum (servername, 3, FILTER_NORMAL_ACCOUNT,
+ else
+ rc = NetUserEnum (machine, 3, FILTER_NORMAL_ACCOUNT,
(void *) &buffer, MAX_PREFERRED_LENGTH,
&entriesread, &totalentries, &resume_handle);
switch (rc)
{
case ERROR_ACCESS_DENIED:
print_win_error(rc);
- exit (1);
+ return 1;
case ERROR_MORE_DATA:
case ERROR_SUCCESS:
default:
print_win_error(rc);
- exit (1);
+ return 1;
}
for (i = 0; i < entriesread; i++)
{
char homedir_psx[PATH_MAX];
- char homedir_w32[MAX_PATH];
WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1];
DWORD domname_len = MAX_DOMAIN_NAME_LEN + 1;
- char psid_buffer[MAX_SID_LEN];
+ char psid_buffer[SECURITY_MAX_SID_SIZE];
PSID psid = (PSID) psid_buffer;
- DWORD sid_length = MAX_SID_LEN;
+ DWORD sid_length = SECURITY_MAX_SID_SIZE;
SID_NAME_USE acc_type;
int uid = buffer[i].usri3_user_id;
int gid = buffer[i].usri3_primary_group_id;
- homedir_w32[0] = homedir_psx[0] = '\0';
+ homedir_psx[0] = '\0';
if (passed_home_path[0] == '\0')
{
- uni2ansi (buffer[i].usri3_home_dir, homedir_w32,
- sizeof (homedir_w32));
- if (homedir_w32[0] != '\0')
- {
- if (print_cygpath)
- cygwin_conv_path (CCP_WIN_A_TO_POSIX | CCP_ABSOLUTE,
- homedir_w32, homedir_psx, PATH_MAX);
- else
- psx_dir (homedir_w32, homedir_psx);
- }
+ if (buffer[i].usri3_home_dir[0] != L'\0')
+ cygwin_conv_path (CCP_WIN_W_TO_POSIX | CCP_ABSOLUTE,
+ buffer[i].usri3_home_dir, homedir_psx,
+ PATH_MAX);
else
uni2ansi (buffer[i].usri3_name,
stpcpy (homedir_psx, "/home/"), PATH_MAX - 6);
stpcpy (homedir_psx, passed_home_path),
PATH_MAX - strlen (passed_home_path));
- if (print_sids)
- {
- if (!LookupAccountNameW (servername, buffer[i].usri3_name,
- psid, &sid_length, domain_name,
- &domname_len, &acc_type))
- {
- print_win_error(GetLastError ());
- fprintf(stderr, " (%ls)\n", buffer[i].usri3_name);
- continue;
- }
- else if (acc_type == SidTypeDomain)
- {
- WCHAR domname[MAX_DOMAIN_NAME_LEN + UNLEN + 2];
-
- wcscpy (domname, domain_name);
- wcscat (domname, L"\\");
- wcscat (domname, buffer[i].usri3_name);
- sid_length = MAX_SID_LEN;
- domname_len = sizeof (domname);
- if (!LookupAccountNameW (servername, domname, psid,
- &sid_length, domain_name,
- &domname_len, &acc_type))
- {
- print_win_error(GetLastError ());
- fprintf(stderr, " (%ls)\n", domname);
- continue;
- }
- }
- }
- printf ("%ls:unused:%u:%u:%ls%s%s%ls%s%ls%s%s:%s:/bin/bash\n",
- buffer[i].usri3_name,
- uid + id_offset,
- gid + id_offset,
- buffer[i].usri3_full_name ?: L"",
- print_sids && buffer[i].usri3_full_name
- && buffer[i].usri3_full_name[0] ? "," : "",
- print_sids ? "U-" : "",
- print_sids ? domain_name : L"",
- print_sids && domain_name[0] ? "\\" : "",
- print_sids ? buffer[i].usri3_full_name : L"",
- print_sids ? "," : "",
- print_sids ? put_sid (psid) : "",
- homedir_psx);
- }
-
- NetApiBufferFree (buffer);
-
- }
- while (rc == ERROR_MORE_DATA);
-
- return 0;
-}
-
-int
-enum_local_groups (int print_sids)
-{
- LOCALGROUP_INFO_0 *buffer;
- DWORD entriesread = 0;
- DWORD totalentries = 0;
- DWORD resume_handle = 0;
- DWORD rc ;
-
- do
- {
- DWORD i;
-
- rc = NetLocalGroupEnum (NULL, 0, (void *) &buffer, 1024,
- &entriesread, &totalentries, &resume_handle);
- switch (rc)
- {
- case ERROR_ACCESS_DENIED:
- print_win_error(rc);
- exit (1);
-
- case ERROR_MORE_DATA:
- case ERROR_SUCCESS:
- break;
-
- default:
- print_win_error(rc);
- exit (1);
- }
-
- for (i = 0; i < entriesread; i++)
- {
- WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1];
- DWORD domname_len = MAX_DOMAIN_NAME_LEN + 1;
- char psid_buffer[MAX_SID_LEN];
- PSID psid = (PSID) psid_buffer;
- DWORD sid_length = MAX_SID_LEN;
- DWORD gid;
- SID_NAME_USE acc_type;
-
- if (!LookupAccountNameW (NULL, buffer[i].lgrpi0_name, psid,
- &sid_length, domain_name, &domname_len,
- &acc_type))
+ if (!LookupAccountNameW (machine, buffer[i].usri3_name,
+ psid, &sid_length, domain_name,
+ &domname_len, &acc_type))
{
print_win_error(GetLastError ());
- fprintf(stderr, " (%ls)\n", buffer[i].lgrpi0_name);
+ fprintf(stderr, " (%ls)\n", buffer[i].usri3_name);
continue;
}
else if (acc_type == SidTypeDomain)
{
- WCHAR domname[MAX_DOMAIN_NAME_LEN + GNLEN + 2];
-
- wcscpy (domname, domain_name);
- wcscat (domname, L"\\");
- wcscat (domname, buffer[i].lgrpi0_name);
- sid_length = MAX_SID_LEN;
- domname_len = MAX_DOMAIN_NAME_LEN + 1;
- if (!LookupAccountNameW (NULL, domname, psid, &sid_length,
- domain_name, &domname_len, &acc_type))
+ WCHAR domname[MAX_DOMAIN_NAME_LEN + UNLEN + 2];
+ PWCHAR p;
+
+ p = wcpcpy (domname, machine);
+ p = wcpcpy (p, L"\\");
+ p = wcpncpy (p, buffer[i].usri3_name, UNLEN);
+ *p = L'\0';
+ sid_length = SECURITY_MAX_SID_SIZE;
+ domname_len = sizeof (domname);
+ if (!LookupAccountNameW (machine, domname, psid,
+ &sid_length, domain_name,
+ &domname_len, &acc_type))
{
print_win_error(GetLastError ());
fprintf(stderr, " (%ls)\n", domname);
continue;
}
}
-
- gid = *GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1);
-
- printf ("%ls:*:%ld:%ld:%s%s::\n", buffer[i].lgrpi0_name, gid, gid,
- print_sids ? "," : "",
- print_sids ? put_sid (psid) : "");
+ if (!print_current)
+ /* fall through */;
+ else if (EqualSid (curr_user.psid, psid))
+ got_curr_user = TRUE;
+
+ printf ("%ls%s%ls:*:%" PRIu32 ":%" PRIu32
+ ":%ls%sU-%ls\\%ls,%s:%s:/bin/bash\n",
+ mach->with_dom ? domain_name : L"",
+ mach->with_dom ? sep : "",
+ buffer[i].usri3_name,
+ (unsigned int) (id_offset + uid),
+ (unsigned int) (id_offset + gid),
+ buffer[i].usri3_full_name ?: L"",
+ buffer[i].usri3_full_name
+ && buffer[i].usri3_full_name[0] ? "," : "",
+ domain_name,
+ buffer[i].usri3_name,
+ put_sid (psid),
+ homedir_psx);
}
NetApiBufferFree (buffer);
return 0;
}
-void
-print_special (int print_sids,
- PSID_IDENTIFIER_AUTHORITY auth, BYTE cnt,
- DWORD sub1, DWORD sub2, DWORD sub3, DWORD sub4,
- DWORD sub5, DWORD sub6, DWORD sub7, DWORD sub8)
-{
- char name[UNLEN + 1], dom[MAX_DOMAIN_NAME_LEN + 1];
- DWORD len, len2, rid;
- PSID sid;
- SID_NAME_USE use;
-
- if (AllocateAndInitializeSid (auth, cnt, sub1, sub2, sub3, sub4,
- sub5, sub6, sub7, sub8, &sid))
- {
- if (LookupAccountSid (NULL, sid,
- name, (len = UNLEN + 1, &len),
- dom, (len2 = MAX_DOMAIN_NAME_LEN + 1, &len),
- &use))
- {
- if (sub8)
- rid = sub8;
- else if (sub7)
- rid = sub7;
- else if (sub6)
- rid = sub6;
- else if (sub5)
- rid = sub5;
- else if (sub4)
- rid = sub4;
- else if (sub3)
- rid = sub3;
- else if (sub2)
- rid = sub2;
- else
- rid = sub1;
- printf ("%s:*:%lu:%lu:%s%s::\n",
- name, rid, rid == 18 ? 544 : rid, /* SYSTEM hack */
- print_sids ? "," : "",
- print_sids ? put_sid (sid) : "");
- }
- FreeSid (sid);
- }
-}
-
-int
-usage (FILE * stream, int isNT)
+static int __attribute__ ((__noreturn__))
+usage (FILE * stream)
{
- fprintf (stream, "Usage: mkpasswd [OPTION]... [domain]...\n"
- "Print /etc/passwd file to stdout\n\n"
- "Options:\n");
- if (isNT)
- fprintf (stream, " -l,--local print local user accounts\n"
- " -c,--current print current account, if a domain account\n"
- " -d,--domain print domain accounts (from current domain\n"
- " if no domains specified)\n"
- " -o,--id-offset offset change the default offset (10000) added to uids\n"
- " in domain accounts.\n"
- " -g,--local-groups print local group information too\n"
- " if no domain specified\n"
- " -m,--no-mount don't use mount points for home dir\n"
- " -s,--no-sids don't print SIDs in GCOS field\n"
- " (this affects ntsec)\n");
- fprintf (stream, " -p,--path-to-home path use specified path and not user account home dir or /home\n"
- " -u,--username username only return information for the specified user\n"
- " -h,--help displays this message\n"
- " -v,--version version information and exit\n\n");
- if (isNT)
- fprintf (stream, "One of '-l', '-d' or '-g' must be given.\n");
- return 1;
+ fprintf (stream,
+"Usage: %s [OPTIONS]...\n"
+"\n"
+"Write /etc/passwd-like output to stdout\n"
+"\n"
+"Don't use this command to generate a local /etc/passwd file, unless you\n"
+"really need one. See the Cygwin User's Guide for more information.\n"
+"\n"
+"Options:\n"
+"\n"
+" -l,--local [machine] Print local user accounts of \"machine\",\n"
+" from local machine if no machine specified.\n"
+" Automatically adding machine prefix for local\n"
+" machine depends on settings in /etc/nsswitch.conf.\n"
+" -L,--Local machine Ditto, but generate username with machine prefix.\n"
+" -d,--domain [domain] Print domain accounts,\n"
+" from current domain if no domain specified.\n"
+" -c,--current Print current user.\n"
+" -S,--separator char For -L use character char as domain\\user\n"
+" separator in username instead of the default '%s'.\n"
+" -o,--id-offset offset Change the default offset (0x10000) added to uids\n"
+" of foreign local machine accounts. Use with -l/-L.\n"
+" -u,--username username Only return information for the specified user.\n"
+" One of -l, -d must be specified, too\n"
+" -b,--no-builtin Don't print BUILTIN users.\n"
+" -p,--path-to-home path Use specified path instead of user account home dir\n"
+" or /home prefix.\n"
+" -U,--unix userlist Print UNIX users when using -l on a UNIX Samba\n"
+" server. Userlist is a comma-separated list of\n"
+" usernames or uid ranges (root,-25,50-100).\n"
+" Enumerating large ranges can take a long time!\n"
+" -h,--help Displays this message.\n"
+" -V,--version Version information and exit.\n"
+"\n"
+"Default is to print local accounts on stand-alone machines, domain accounts\n"
+"on domain controllers and domain member machines.\n"
+"\n", program_invocation_short_name,
+ (const char *) cygwin_internal (CW_GETNSSSEP));
+ exit (stream == stdout ? 0 : 1);
}
-struct option longopts[] = {
- {"local", no_argument, NULL, 'l'},
+static struct option longopts[] = {
+ {"no-builtin", no_argument, NULL, 'b'},
{"current", no_argument, NULL, 'c'},
- {"domain", no_argument, NULL, 'd'},
- {"id-offset", required_argument, NULL, 'o'},
+ {"Current", no_argument, NULL, 'C'},
+ {"domain", optional_argument, NULL, 'd'},
+ {"Domain", optional_argument, NULL, 'D'},
{"local-groups", no_argument, NULL, 'g'},
+ {"help", no_argument, NULL, 'h'},
+ {"local", optional_argument, NULL, 'l'},
+ {"Local", optional_argument, NULL, 'L'},
{"no-mount", no_argument, NULL, 'm'},
- {"no-sids", no_argument, NULL, 's'},
+ {"id-offset", required_argument, NULL, 'o'},
{"path-to-home", required_argument, NULL, 'p'},
+ {"no-sids", no_argument, NULL, 's'},
+ {"separator", required_argument, NULL, 'S'},
{"username", required_argument, NULL, 'u'},
- {"help", no_argument, NULL, 'h'},
- {"version", no_argument, NULL, 'v'},
+ {"unix", required_argument, NULL, 'U'},
+ {"version", no_argument, NULL, 'V'},
{0, no_argument, NULL, 0}
};
-char opts[] = "lcdo:gsmhp:u:v";
+static char opts[] = "bcCd::D::ghl::L::mo:sS:p:u:U:V";
static void
print_version ()
{
- const char *v = strchr (version, ':');
- int len;
- if (!v)
- {
- v = "?";
- len = 1;
- }
- else
- {
- v += 2;
- len = strchr (v, ' ') - v;
- }
- printf ("\
-mkpasswd (cygwin) %.*s\n\
-passwd File Generator\n\
-Copyright 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2005, 2006, 2008 Red Hat, Inc.\n\
-Compiled on %s\n\
-", len, v, __DATE__);
+ printf ("mkpasswd (cygwin) %d.%d.%d\n"
+ "Passwd File Generator\n"
+ "Copyright (C) 1997 - %s Cygwin Authors\n"
+ "This is free software; see the source for copying conditions. There is NO\n"
+ "warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n",
+ CYGWIN_VERSION_DLL_MAJOR / 1000,
+ CYGWIN_VERSION_DLL_MAJOR % 1000,
+ CYGWIN_VERSION_DLL_MINOR,
+ strrchr (__DATE__, ' ') + 1);
}
int
main (int argc, char **argv)
{
- LPWSTR servername = NULL;
- DWORD rc = ERROR_SUCCESS;
- WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1];
- int print_local = 0;
+ int print_domlist = 0;
+ domlist_t domlist[32];
+ char cname[1024];
+ char *opt, *p, *ep;
int print_current = 0;
- int print_domain = 0;
- int print_local_groups = 0;
- int domain_specified = 0;
- int print_sids = 1;
- int print_cygpath = 1;
- int id_offset = 10000;
- int i;
- int isNT;
+ int print_builtin = 1;
+ char *print_unix = NULL;
+ const char *nss_sep = (const char *) cygwin_internal (CW_GETNSSSEP);
+ const char *sep_char = nss_sep;
+ DWORD id_offset = 0x10000, off;
+ int c, i;
char *disp_username = NULL;
- char name[256], passed_home_path[MAX_PATH];
- DWORD len;
+ char passed_home_path[PATH_MAX];
+ int optional_args = 0;
+ uintptr_t nss_src = cygwin_internal (CW_GETNSS_PWD_SRC);
- isNT = (GetVersion () < 0x80000000);
passed_home_path[0] = '\0';
if (!isatty (1))
setmode (1, O_BINARY);
- if (isNT && argc == 1)
- return usage (stderr, isNT);
- else
+ /* Use locale from environment. If not set or set to "C", use UTF-8. */
+ setlocale (LC_CTYPE, "");
+ if (!strcmp (setlocale (LC_CTYPE, NULL), "C"))
+ setlocale (LC_CTYPE, "en_US.UTF-8");
+ fetch_current_user_sid ();
+
+ if (argc == 1)
{
- while ((i = getopt_long (argc, argv, opts, longopts, NULL)) != EOF)
- switch (i)
+ int enums = ENUM_PRIMARY | ENUM_LOCAL | ENUM_BUILTIN;
+ uintptr_t ticket = cygwin_internal (CW_SETENT, FALSE, enums, NULL);
+ if (ticket)
+ {
+ struct passwd *pwd;
+
+ while ((pwd = (struct passwd *) cygwin_internal (CW_GETENT, FALSE,
+ ticket)))
+ printf ("%s:%s:%u:%u:%s:%s:%s\n", pwd->pw_name, pwd->pw_passwd,
+ pwd->pw_uid, pwd->pw_gid, pwd->pw_gecos, pwd->pw_dir,
+ pwd->pw_shell);
+ cygwin_internal (CW_ENDENT, FALSE, ticket);
+ }
+ return 0;
+ }
+
+ unsetenv ("POSIXLY_CORRECT"); /* To get optional arg processing right. */
+ while ((c = getopt_long (argc, argv, opts, longopts, NULL)) != EOF)
+ switch (c)
+ {
+ case 'd':
+ case 'D':
+ case 'l':
+ case 'L':
+ if (print_domlist >= 32)
{
- case 'l':
- print_local = 1;
- break;
- case 'c':
- print_current = 1;
- break;
- case 'd':
- print_domain = 1;
- break;
- case 'o':
- id_offset = strtol (optarg, NULL, 10);
- break;
- case 'g':
- print_local_groups = 1;
- break;
- case 's':
- print_sids = 0;
- break;
- case 'm':
- print_cygpath = 0;
- break;
- case 'p':
- if (optarg[0] != '/')
+ fprintf (stderr, "%s: Can not enumerate from more than 32 "
+ "domains and machines.\n",
+ program_invocation_short_name);
+ return 1;
+ }
+ domlist[print_domlist].domain = (c == 'd' || c == 'D');
+ opt = optarg ?:
+ argv[optind] && argv[optind][0] != '-' ? argv[optind] : NULL;
+ if (argv[optind] && opt == argv[optind])
+ ++optional_args;
+ for (i = 0; i < print_domlist; ++i)
+ if (domlist[i].domain == domlist[print_domlist].domain
+ && ((!domlist[i].str && !opt)
+ || (domlist[i].str && opt
+ && (off = strlen (domlist[i].str))
+ && !strncmp (domlist[i].str, opt, off)
+ && (!opt[off] || opt[off] == ','))))
{
- fprintf (stderr, "%s: '%s' is not a fully qualified path.\n",
- argv[0], optarg);
- return 1;
+ fprintf (stderr, "%s: Duplicate %s '%s'. Skipping...\n",
+ program_invocation_short_name,
+ domlist[i].domain ? "domain" : "machine",
+ domlist[i].str);
+ break;
}
- strcpy (passed_home_path, optarg);
- if (optarg[strlen (optarg)-1] != '/')
- strcat (passed_home_path, "/");
- break;
- case 'u':
- disp_username = optarg;
- break;
- case 'h':
- usage (stdout, isNT);
- return 0;
- case 'v':
- print_version ();
- return 0;
- default:
- fprintf (stderr, "Try '%s --help' for more information.\n", argv[0]);
+ domlist[print_domlist].str = opt;
+ if (opt && (p = strchr (opt, ',')))
+ {
+ if (p == opt)
+ {
+ fprintf (stderr, "%s: Malformed domain string '%s'. "
+ "Skipping...\n", program_invocation_short_name, opt);
+ break;
+ }
+ *p = '\0';
+ }
+ if (c == 'l' || c == 'L')
+ {
+ DWORD csize = sizeof cname;
+
+ domlist[print_domlist].with_dom = (c == 'L');
+ if (!opt)
+ {
+ /* If the system uses /etc/passwd exclusively as account DB,
+ create local group names the old fashioned way. */
+ if (nss_src == NSS_SRC_FILES)
+ {
+ GetComputerNameExA (ComputerNameNetBIOS, cname, &csize);
+ domlist[print_domlist].str = cname;
+ }
+ }
+ else if (nss_src != NSS_SRC_FILES)
+ {
+ /* If the system uses Windows account DBs, check if machine
+ name is local machine. If so, remove the domain name to
+ enforce system naming convention. */
+ if (GetComputerNameExA (strchr (opt, '.')
+ ? ComputerNameDnsFullyQualified
+ : ComputerNameNetBIOS,
+ cname, &csize)
+ && strcasecmp (opt, cname) == 0)
+ domlist[print_domlist].str = NULL;
+ }
+ }
+ ++print_domlist;
+ break;
+ case 'S':
+ sep_char = optarg;
+ if (strlen (sep_char) > 1)
+ {
+ fprintf (stderr, "%s: Only one ASCII character allowed as "
+ "domain\\user separator character.\n",
+ program_invocation_short_name);
return 1;
}
- }
- if (!isNT)
- {
- /* This takes Windows 9x/ME into account. */
- if (passed_home_path[0] == '\0')
- strcpy (passed_home_path, "/home/");
- if (!disp_username)
- {
- printf ("admin:use_crypt:%lu:%lu:Administrator:%sadmin:/bin/bash\n",
- DOMAIN_USER_RID_ADMIN,
- DOMAIN_ALIAS_RID_ADMINS,
- passed_home_path);
- if (GetUserName (name, (len = 256, &len)))
- disp_username = name;
- }
- if (disp_username && disp_username[0])
- {
- /* Create a pseudo random uid */
- unsigned long uid = 0, i;
- for (i = 0; disp_username[i]; i++)
- uid += toupper (disp_username[i]) << ((6 * i) % 25);
- uid = (uid % (1000 - DOMAIN_USER_RID_ADMIN - 1))
- + DOMAIN_USER_RID_ADMIN + 1;
-
- printf ("%s:use_crypt:%lu:%lu:%s:%s%s:/bin/bash\n",
- disp_username,
- uid,
- DOMAIN_ALIAS_RID_ADMINS,
- disp_username,
- passed_home_path,
- disp_username);
+ if (*sep_char == ':')
+ {
+ fprintf (stderr, "%s: Colon not allowed as domain\\user separator "
+ "character.\n", program_invocation_short_name);
+ return 1;
+ }
+ break;
+ case 'U':
+ print_unix = optarg;
+ break;
+ case 'c':
+ case 'C':
+ print_current = 1;
+ break;
+ case 'o':
+ id_offset = strtoul (optarg, &ep, 10);
+ break;
+ case 'b':
+ print_builtin = 0;
+ break;
+ case 'p':
+ if (optarg[0] != '/')
+ {
+ fprintf (stderr, "%s: '%s' is not a fully qualified path.\n",
+ program_invocation_short_name, optarg);
+ return 1;
}
- return 0;
+ strcpy (passed_home_path, optarg);
+ if (optarg[strlen (optarg)-1] != '/')
+ strcat (passed_home_path, "/");
+ break;
+ case 'u':
+ disp_username = optarg;
+ break;
+ case 'h':
+ usage (stdout);
+ case 'V':
+ print_version ();
+ return 0;
+ case 'g': /* deprecated */
+ case 's': /* deprecated */
+ case 'm': /* deprecated */
+ break;
+ default:
+ fprintf (stderr, "Try `%s --help' for more information.\n",
+ program_invocation_short_name);
+ return 1;
+ }
+
+ optind += optional_args;
+ if (argv[optind])
+ {
+ fprintf (stderr,
+ "mkpasswd: non-option command line argument `%s' is not allowed.\n"
+ "Try `mkpasswd --help' for more information.\n", argv[optind]);
+ exit (1);
}
- if (!print_local && !print_domain && !print_local_groups)
+
+ struct passwd *ppwd = NULL;
+ const char *ppwd_sid = NULL;
+ if (print_current)
{
- fprintf (stderr, "%s: Specify one of '-l', '-d' or '-g'\n", argv[0]);
- return 1;
+ ppwd = (struct passwd *) cygwin_internal (CW_GETPWSID, TRUE,
+ curr_user.psid);
+ if (ppwd)
+ ppwd_sid = strrchr (ppwd->pw_gecos, ',');
}
- if (optind < argc)
+
+ int enums = ENUM_NONE;
+ WCHAR tdoms[print_domlist * 258];
+ PWCHAR t = tdoms;
+ if (!disp_username && print_builtin && print_domlist)
+ enums |= ENUM_BUILTIN;
+ for (i = 0; i < print_domlist; ++i)
{
- if (!print_domain)
+ if (domlist[i].domain)
{
- fprintf (stderr, "%s: A domain name is only accepted "
- "when '-d' is given.\n", argv[0]);
- return 1;
- }
- domain_specified = 1;
+ if (domlist[i].str)
+ {
+ enums |= ENUM_TDOMS;
+ t += mbstowcs (t, domlist[i].str, 257);
+ *t++ = L'\0';
+ }
+ else
+ enums |= ENUM_PRIMARY;
+ }
+ else if (!domlist[i].str)
+ enums |= ENUM_LOCAL;
}
- load_netapi ();
-
- if (disp_username == NULL)
+ if (t > tdoms)
+ *t++ = L'\0';
+ if (enums)
{
- if (print_local)
+ uintptr_t ticket = cygwin_internal (CW_SETENT, FALSE, enums,
+ t > tdoms ? tdoms : NULL);
+ if (ticket)
{
- /* Generate service starter account entries. */
- printf ("SYSTEM:*:18:544:,S-1-5-18::\n");
- printf ("LocalService:*:19:544:U-NT AUTHORITY\\LocalService,S-1-5-19::\n");
- printf ("NetworkService:*:20:544:U-NT AUTHORITY\\NetworkService,S-1-5-20::\n");
- /* Get 'administrators' group (has localized name). */
- if (!print_local_groups)
- print_special (print_sids, &sid_nt_auth, 2, SECURITY_BUILTIN_DOMAIN_RID,
- DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0);
- }
- if (print_local_groups)
- enum_local_groups (print_sids);
+ struct passwd *pwd;
+
+ while ((pwd = (struct passwd *)
+ cygwin_internal (CW_GETENT, FALSE, ticket)))
+ {
+ p = NULL;
+ if (disp_username
+ && strcasecmp (disp_username, pwd->pw_name) != 0
+ && (!(p = strchr (pwd->pw_name, nss_sep[0]))
+ || strcasecmp (disp_username, p + 1) != 0))
+ continue;
+ printf ("%s:%s:%u:%u:%s:%s%s:%s\n", pwd->pw_name, pwd->pw_passwd,
+ pwd->pw_uid, pwd->pw_gid, pwd->pw_gecos,
+ passed_home_path[0] ? passed_home_path : "",
+ passed_home_path[0] ? (p ? p + 1 : pwd->pw_name)
+ : pwd->pw_dir,
+ pwd->pw_shell);
+ const char *pwd_sid = strrchr (pwd->pw_gecos, ',');
+ if (ppwd && ppwd_sid && pwd_sid && !strcmp (pwd_sid, ppwd_sid))
+ got_curr_user = TRUE;
+ }
+ cygwin_internal (CW_ENDENT, FALSE, ticket);
+ }
}
- if (print_local)
- enum_users (NULL, print_sids, print_cygpath, passed_home_path, 0,
- disp_username);
-
- i = 1;
- if (print_domain)
- do
- {
- PDOMAIN_CONTROLLER_INFOW pdci = NULL;
-
- if (dsgetdcname)
- {
- if (domain_specified)
- {
- mbstowcs (domain_name, argv[optind], strlen (argv[optind]) + 1);
- rc = dsgetdcname (NULL, domain_name, NULL, NULL, 0, &pdci);
- }
- else
- rc = dsgetdcname (NULL, NULL, NULL, NULL, 0, &pdci);
- if (rc != ERROR_SUCCESS)
- {
- print_win_error(rc);
- return 1;
- }
- servername = pdci->DomainControllerName;
- }
- else
- {
- rc = NetGetDCName (NULL, NULL, (void *) &servername);
- if (rc == ERROR_SUCCESS && domain_specified)
- {
- LPWSTR server = servername;
- mbstowcs (domain_name, argv[optind], strlen (argv[optind]) + 1);
- rc = NetGetDCName (server, domain_name, (void *) &servername);
- NetApiBufferFree (server);
- }
- if (rc != ERROR_SUCCESS)
- {
- print_win_error(rc);
- return 1;
- }
- }
- enum_users (servername, print_sids, print_cygpath, passed_home_path,
- id_offset * i++, disp_username);
- NetApiBufferFree (pdci ? (PVOID) pdci : (PVOID) servername);
- }
- while (++optind < argc);
+ if (print_current && !got_curr_user)
+ {
+ p = strchr (ppwd->pw_name, nss_sep[0]);
+ printf ("%s:%s:%u:%u:%s:%s%s:%s\n", ppwd->pw_name, ppwd->pw_passwd,
+ ppwd->pw_uid, ppwd->pw_gid, ppwd->pw_gecos,
+ passed_home_path[0] ? passed_home_path : "",
+ passed_home_path[0] ? (p ? p + 1 : ppwd->pw_name) : ppwd->pw_dir,
+ ppwd->pw_shell);
+ }
- if (print_current && !print_domain)
- current_user(print_sids, print_cygpath, passed_home_path,
- id_offset, disp_username);
+ off = 0xfd000000;
+ for (i = 0; i < print_domlist; ++i)
+ {
+ if (domlist[i].domain || !domlist[i].str)
+ continue;
+ enum_users (domlist + i, sep_char, passed_home_path,
+ (nss_src == NSS_SRC_FILES) ? 0x30000 : off,
+ disp_username, print_current);
+ if (!domlist[i].domain && domlist[i].str && print_unix)
+ enum_unix_users (domlist + i, sep_char, 0xff000000, print_unix);
+ off += id_offset;
+ }
return 0;
}
git://sourceware.org / newlib-cygwin.git / blobdiff