1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
#!/bin/sh
#
# tiger - A UN*X security checking system
# Copyright (C) 1993 Douglas Lee Schales, David K. Hess, David R. Safford
#
# Please see the file `COPYING' for the complete copyright notice.
#
# check_passwd - 06/14/93
#
#-----------------------------------------------------------------------------
TigerInstallDir='.'
#
# Set default base directory.
# Order or preference:
# -B option
# TIGERHOMEDIR environment variable
# TigerInstallDir installed location
#
basedir=${TIGERHOMEDIR:=$TigerInstallDir}
for parm
do
case $parm in
-B) basedir=$2; break;;
esac
done
#
# Verify that a config file exists there, and if it does
# source it.
#
[ ! -r $basedir/config ] && {
echo "--ERROR-- [init002e] No 'config' file in \`$basedir'."
exit 1
}
. $basedir/config
. $BASEDIR/initdefs
#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
haveallcmds AWK CAT GEN_PASSWD_SETS GREP RM SORT JOIN UNIQ MV || exit 1
haveallfiles BASEDIR WORKDIR || exit 1
echo "--CONFIG-- [init003c] $0: Configuration ok..."
exit 0
}
#------------------------------------------------------------------------
echo
echo "# Performing check of passwd files..."
haveallcmds AWK CAT GEN_PASSWD_SETS GREP RM SORT JOIN UNIQ MV || exit 1
haveallfiles BASEDIR WORKDIR || exit 1
{
if [ -n "$Tiger_PasswdFiles" ]; then
$CAT $Tiger_PasswdFiles > $WORKDIR/pass.list.$$
else
$GEN_PASSWD_SETS $WORKDIR/pass.list.$$
fi
}
saveifs=$IFS
$CAT $WORKDIR/pass.list.$$ > $WORKDIR/pass2.$$
newfile=$WORKDIR/pass2new.$$
while read passwd1
do
src1=`$CAT $passwd1.src`
$SORT $passwd1 > $WORKDIR/p1name.$$
$SORT -t: +2 -3 $passwd1 > $WORKDIR/p1uid.$$
$AWK -F: '{print $1}' $WORKDIR/p1name.$$ |
$UNIQ -d |
while read username
do
times=`$GREP "$username:" $WORKDIR/p1name.$$ | $AWK 'END { print NR }'`
message WARN pass001w "" "Username \`$username' exists multiple times ($times) in $src1."
done
$AWK -F: '{print $3}' $WORKDIR/p1uid.$$ |
$UNIQ -d |
while read uid
do
times=`$GREP ":$uid:" $WORKDIR/p1uid.$$ | $AWK 'END { print NR }'`
message WARN pass002w "" "UID $uid exists multiple times ($times) in $src1."
done
$AWK -F: 'NF != 7 {print}' $WORKDIR/p1uid.$$ |
while read entry
do
message WARN pass003w "$entry" "Malformed entry in $src1:"
done
$GREP -v "^$passwd1\$" $WORKDIR/pass2.$$ |
while read passwd2
do
src2=`$CAT $passwd2.src`
$SORT $passwd2 > $WORKDIR/p2name.$$
$SORT -t: +2 -3 $passwd2 > $WORKDIR/p2uid.$$
$JOIN -t: -o 1.1 1.3 2.3 $WORKDIR/p1name.$$ $WORKDIR/p2name.$$ |
{
IFS=:
while read username uid1 uid2
do
IFS=$saveifs
[ "$uid1" != "$uid2" ] && {
message WARN pass004w "" "UID conflict for login ID \`$username' between $src1 (uid = $uid1) and $src2 (uid = $uid2)."
}
IFS=:
done
}
$JOIN -t: -j1 3 -j2 3 -o 1.3 1.1 2.1 $WORKDIR/p1uid.$$ $WORKDIR/p2uid.$$ |
$AWK -F: '$1 != 0 {print}' |
{
IFS=:
while read uid name1 name2
do
IFS=$saveifs
[ "$name1" != "$name2" ] && {
message WARN pass005w "" "Username conflict for uid $uid between $src1 (login ID $name1) and $src2 (login ID $name2)."
}
IFS=:
done
}
echo "$passwd2" >> $newfile
delete $WORKDIR/p2uid.$$ $WORKDIR/p2name.$$
done
delete $WORKDIR/p1uid.$$ $WORKDIR/p1name.$$ $WORKDIR/pass2.$$
[ -s $newfile ] && $MV $newfile $WORKDIR/pass2.$$
done < $WORKDIR/pass.list.$$ |
$OUTPUTMETHOD
[ ! -n "$Tiger_PasswdFiles" ] && {
while read file
do
delete $file $file.src
done < $WORKDIR/pass.list.$$
}
delete $WORKDIR/pass.list.$$ $WORKDIR/pass2new.$$
|
