From a7d995228491ad5255ad86c1f04ba071f6880897 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Sat, 16 Nov 2013 15:27:47 +0800
Subject: [PATCH] Allow for setting password in clear text

Upstream-Status: Inappropriate [OE specific]

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>

---
 src/Makefile.am |  8 ++++----
 src/groupadd.c  | 20 +++++++++++++++-----
 src/groupmod.c  | 20 +++++++++++++++-----
 src/useradd.c   | 21 +++++++++++++++------
 src/usermod.c   | 20 +++++++++++++++-----
 5 files changed, 64 insertions(+), 25 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index f31fd7a..4a317a3 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -103,10 +103,10 @@ chsh_LDADD     = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT_NOPAM)
 chpasswd_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
 expiry_LDADD = $(LDADD) $(LIBECONF)
 gpasswd_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBCRYPT) $(LIBECONF)
-groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
+groupadd_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT)
 groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
 groupmems_LDADD = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
-groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
+groupmod_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF) $(LIBCRYPT)
 grpck_LDADD    = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
 grpconv_LDADD  = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
 grpunconv_LDADD = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
@@ -127,9 +127,9 @@ su_SOURCES     = \
 	suauth.c
 su_LDADD       = $(LDADD) $(LIBPAM) $(LIBAUDIT) $(LIBCRYPT_NOPAM) $(LIBSKEY) $(LIBMD) $(LIBECONF)
 sulogin_LDADD  = $(LDADD) $(LIBCRYPT) $(LIBECONF)
-useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF)
+useradd_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT)
 userdel_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBECONF)
-usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF)
+usermod_LDADD  = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX) $(LIBSEMANAGE) $(LIBACL) $(LIBATTR) $(LIBECONF) $(LIBCRYPT)
 vipw_LDADD     = $(LDADD) $(LIBAUDIT) $(LIBSELINUX) $(LIBECONF)
 
 install-am: all-am
diff --git a/src/groupadd.c b/src/groupadd.c
index e9c4bb7..d572c00 100644
--- a/src/groupadd.c
+++ b/src/groupadd.c
@@ -127,9 +127,10 @@ static /*@noreturn@*/void usage (int status)
 	(void) fputs (_("  -o, --non-unique              allow to create groups with duplicate\n"
 	                "                                (non-unique) GID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       use this encrypted password for the new group\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD use this clear password for the new group\n"), usageout);
 	(void) fputs (_("  -r, --system                  create a system account\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       directory prefix\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       directory prefix\n"), usageout);
 	(void) fputs ("\n", usageout);
 	exit (status);
 }
@@ -391,13 +392,14 @@ static void process_flags (int argc, char **argv)
 		{"key",        required_argument, NULL, 'K'},
 		{"non-unique", no_argument,       NULL, 'o'},
 		{"password",   required_argument, NULL, 'p'},
+		{"clear-password", required_argument, NULL, 'P'},
 		{"system",     no_argument,       NULL, 'r'},
 		{"root",       required_argument, NULL, 'R'},
-		{"prefix",     required_argument, NULL, 'P'},
+		{"prefix",     required_argument, NULL, 'A'},
 		{NULL, 0, NULL, '\0'}
 	};
 
-	while ((c = getopt_long (argc, argv, "fg:hK:op:rR:P:",
+	while ((c = getopt_long (argc, argv, "fg:hK:op:P:rR:A:",
 		                 long_options, NULL)) != -1) {
 		switch (c) {
 		case 'f':
@@ -449,12 +451,20 @@ static void process_flags (int argc, char **argv)
 			pflg = true;
 			group_passwd = optarg;
 			break;
+		case 'P':
+			pflg = true;
+			group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+			break;
 		case 'r':
 			rflg = true;
 			break;
 		case 'R': /* no-op, handled in process_root_flag () */
 			break;
-		case 'P': /* no-op, handled in process_prefix_flag () */
+		case 'A': /* no-op, handled in process_prefix_flag () */
+			fprintf (stderr,
+				 _("%s: -A is deliberately not supported \n"),
+				 Prog);
+			exit (E_BAD_ARG);
 			break;
 		default:
 			usage (E_USAGE);
@@ -588,7 +598,7 @@ int main (int argc, char **argv)
 	(void) textdomain (PACKAGE);
 
 	process_root_flag ("-R", argc, argv);
-	prefix = process_prefix_flag ("-P", argc, argv);
+	prefix = process_prefix_flag ("-A", argc, argv);
 
 	OPENLOG ("groupadd");
 #ifdef WITH_AUDIT
diff --git a/src/groupmod.c b/src/groupmod.c
index bc14438..25ccb44 100644
--- a/src/groupmod.c
+++ b/src/groupmod.c
@@ -138,8 +138,9 @@ static void usage (int status)
 	(void) fputs (_("  -o, --non-unique              allow to use a duplicate (non-unique) GID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       change the password to this (encrypted)\n"
 	                "                                PASSWORD\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD change the password to this clear PASSWORD\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
 	(void) fputs ("\n", usageout);
 	exit (status);
 }
@@ -387,11 +388,12 @@ static void process_flags (int argc, char **argv)
 		{"new-name",   required_argument, NULL, 'n'},
 		{"non-unique", no_argument,       NULL, 'o'},
 		{"password",   required_argument, NULL, 'p'},
+		{"clear-password", required_argument, NULL, 'P'},
 		{"root",       required_argument, NULL, 'R'},
-		{"prefix",     required_argument, NULL, 'P'},
+		{"prefix",     required_argument, NULL, 'A'},
 		{NULL, 0, NULL, '\0'}
 	};
-	while ((c = getopt_long (argc, argv, "g:hn:op:R:P:",
+	while ((c = getopt_long (argc, argv, "g:hn:op:P:R:A:",
 		                 long_options, NULL)) != -1) {
 		switch (c) {
 		case 'g':
@@ -418,9 +420,17 @@ static void process_flags (int argc, char **argv)
 			group_passwd = optarg;
 			pflg = true;
 			break;
+		case 'P':
+			group_passwd = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+			pflg = true;
+			break;
 		case 'R': /* no-op, handled in process_root_flag () */
 			break;
-		case 'P': /* no-op, handled in process_prefix_flag () */
+		case 'A': /* no-op, handled in process_prefix_flag () */
+			fprintf (stderr,
+				 _("%s: -A is deliberately not supported \n"),
+				 Prog);
+			exit (E_BAD_ARG);
 			break;
 		default:
 			usage (E_USAGE);
@@ -761,7 +771,7 @@ int main (int argc, char **argv)
 	(void) textdomain (PACKAGE);
 
 	process_root_flag ("-R", argc, argv);
-	prefix = process_prefix_flag ("-P", argc, argv);
+	prefix = process_prefix_flag ("-A", argc, argv);
 
 	OPENLOG ("groupmod");
 #ifdef WITH_AUDIT
diff --git a/src/useradd.c b/src/useradd.c
index 1b7bf06..44f09e2 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -853,9 +853,10 @@ static void usage (int status)
 	(void) fputs (_("  -o, --non-unique              allow to create users with duplicate\n"
 	                "                                (non-unique) UID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       encrypted password of the new account\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD clear password of the new account\n"), usageout);
 	(void) fputs (_("  -r, --system                  create a system account\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
 	(void) fputs (_("  -s, --shell SHELL             login shell of the new account\n"), usageout);
 	(void) fputs (_("  -u, --uid UID                 user ID of the new account\n"), usageout);
 	(void) fputs (_("  -U, --user-group              create a group with the same name as the user\n"), usageout);
@@ -1133,9 +1134,10 @@ static void process_flags (int argc, char **argv)
 			{"no-user-group",  no_argument,       NULL, 'N'},
 			{"non-unique",     no_argument,       NULL, 'o'},
 			{"password",       required_argument, NULL, 'p'},
+			{"clear-password", required_argument, NULL, 'P'},
 			{"system",         no_argument,       NULL, 'r'},
 			{"root",           required_argument, NULL, 'R'},
-			{"prefix",         required_argument, NULL, 'P'},
+			{"prefix",         required_argument, NULL, 'A'},
 			{"shell",          required_argument, NULL, 's'},
 			{"uid",            required_argument, NULL, 'u'},
 			{"user-group",     no_argument,       NULL, 'U'},
@@ -1146,9 +1148,9 @@ static void process_flags (int argc, char **argv)
 		};
 		while ((c = getopt_long (argc, argv,
 #ifdef WITH_SELINUX
-		                         "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:UZ:",
+		                         "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:UZ:",
 #else				/* !WITH_SELINUX */
-		                         "b:c:d:De:f:g:G:hk:K:lmMNop:rR:P:s:u:U",
+		                         "b:c:d:De:f:g:G:hk:K:lmMNop:P:rR:A:s:u:U",
 #endif				/* !WITH_SELINUX */
 		                         long_options, NULL)) != -1) {
 			switch (c) {
@@ -1320,12 +1322,19 @@ static void process_flags (int argc, char **argv)
 				}
 				user_pass = optarg;
 				break;
+			case 'P': /* set clear text password */
+				user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+				break;
 			case 'r':
 				rflg = true;
 				break;
 			case 'R': /* no-op, handled in process_root_flag () */
 				break;
-			case 'P': /* no-op, handled in process_prefix_flag () */
+			case 'A': /* no-op, handled in process_prefix_flag () */
+				fprintf (stderr,
+					 _("%s: -A is deliberately not supported \n"),
+					 Prog);
+				exit (E_BAD_ARG);
 				break;
 			case 's':
 				if (   ( !VALID (optarg) )
@@ -2257,7 +2266,7 @@ int main (int argc, char **argv)
 
 	process_root_flag ("-R", argc, argv);
 
-	prefix = process_prefix_flag("-P", argc, argv);
+	prefix = process_prefix_flag("-A", argc, argv);
 
 	OPENLOG ("useradd");
 #ifdef WITH_AUDIT
diff --git a/src/usermod.c b/src/usermod.c
index 21c6da9..cffdb3e 100644
--- a/src/usermod.c
+++ b/src/usermod.c
@@ -431,8 +431,9 @@ static /*@noreturn@*/void usage (int status)
 	                "                                new location (use only with -d)\n"), usageout);
 	(void) fputs (_("  -o, --non-unique              allow using duplicate (non-unique) UID\n"), usageout);
 	(void) fputs (_("  -p, --password PASSWORD       use encrypted password for the new password\n"), usageout);
+	(void) fputs (_("  -P, --clear-password PASSWORD use clear password for the new password\n"), usageout);
 	(void) fputs (_("  -R, --root CHROOT_DIR         directory to chroot into\n"), usageout);
-	(void) fputs (_("  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
+	(void) fputs (_("  -A, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files\n"), usageout);
 	(void) fputs (_("  -s, --shell SHELL             new login shell for the user account\n"), usageout);
 	(void) fputs (_("  -u, --uid UID                 new UID for the user account\n"), usageout);
 	(void) fputs (_("  -U, --unlock                  unlock the user account\n"), usageout);
@@ -1010,8 +1011,9 @@ static void process_flags (int argc, char **argv)
 			{"move-home",    no_argument,       NULL, 'm'},
 			{"non-unique",   no_argument,       NULL, 'o'},
 			{"password",     required_argument, NULL, 'p'},
+			{"clear-password", required_argument, NULL, 'P'},
 			{"root",         required_argument, NULL, 'R'},
-			{"prefix",       required_argument, NULL, 'P'},
+			{"prefix",       required_argument, NULL, 'A'},
 			{"shell",        required_argument, NULL, 's'},
 			{"uid",          required_argument, NULL, 'u'},
 			{"unlock",       no_argument,       NULL, 'U'},
@@ -1027,7 +1029,7 @@ static void process_flags (int argc, char **argv)
 			{NULL, 0, NULL, '\0'}
 		};
 		while ((c = getopt_long (argc, argv,
-		                         "abc:d:e:f:g:G:hl:Lmop:R:s:u:UP:"
+		                         "abc:d:e:f:g:G:hl:Lmop:P:R:s:u:UA:"
 #ifdef ENABLE_SUBIDS
 		                         "v:w:V:W:"
 #endif				/* ENABLE_SUBIDS */
@@ -1130,9 +1132,17 @@ static void process_flags (int argc, char **argv)
 				user_pass = optarg;
 				pflg = true;
 				break;
+			case 'P':
+				user_pass = pw_encrypt (optarg, crypt_make_salt (NULL, NULL));
+				pflg = true;
+				break;
 			case 'R': /* no-op, handled in process_root_flag () */
 				break;
-			case 'P': /* no-op, handled in process_prefix_flag () */
+			case 'A': /* no-op, handled in process_prefix_flag () */
+				fprintf (stderr,
+					 _("%s: -A is deliberately not supported \n"),
+					 Prog);
+				exit (E_BAD_ARG);
 				break;
 			case 's':
 				if (!VALID (optarg)) {
@@ -2127,7 +2137,7 @@ int main (int argc, char **argv)
 	(void) textdomain (PACKAGE);
 
 	process_root_flag ("-R", argc, argv);
-	prefix = process_prefix_flag ("-P", argc, argv);
+	prefix = process_prefix_flag ("-A", argc, argv);
 
 	OPENLOG ("usermod");
 #ifdef WITH_AUDIT