/*
 * This is a hack, but until libc and glibc both include this function
 * by default (libc only includes it if nys is not being used, at the
 * moment, and glibc doesn't appear to have it at all) we need to have
 * it here, too.  :-(
 *
 * This should not become an official part of PAM.
 *
 * BEGIN_HACK
 */

/*
 * lckpwdf.c -- prevent simultaneous updates of password files
 *
 * Before modifying any of the password files, call lckpwdf().  It may block
 * for up to 15 seconds trying to get the lock.  Return value is 0 on success
 * or -1 on failure.  When you are done, call ulckpwdf() to release the lock.
 * The lock is also released automatically when the process exits.  Only one
 * process at a time may hold the lock.
 *
 * These functions are supposed to be conformant with AT&T SVID Issue 3.
 *
 * Written by Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>,
 * public domain.
 */

#include <fcntl.h>
#include <signal.h>
#ifdef WITH_SELINUX
#include <selinux/selinux.h>
#endif

#define LOCKFILE "/etc/.pwd.lock"
#define TIMEOUT 15

static int lockfd = -1;

static int set_close_on_exec(int fd)
{
	int flags = fcntl(fd, F_GETFD, 0);
	if (flags == -1)
		return -1;
	flags |= FD_CLOEXEC;
	return fcntl(fd, F_SETFD, flags);
}

static int do_lock(int fd)
{
	struct flock fl;

	memset(&fl, 0, sizeof fl);
	fl.l_type = F_WRLCK;
	fl.l_whence = SEEK_SET;
	return fcntl(fd, F_SETLKW, &fl);
}

static void alarm_catch(int sig)
{
/* does nothing, but fcntl F_SETLKW will fail with EINTR */
}

static int lckpwdf(void)
{
	struct sigaction act, oldact;
	sigset_t set, oldset;

	if (lockfd != -1)
		return -1;

#ifdef WITH_SELINUX
	if(is_selinux_enabled()>0)
	{
		lockfd = open(LOCKFILE, O_WRONLY);
		if(lockfd == -1 && errno == ENOENT)
		{
			security_context_t create_context;
			int rc;

			if(getfilecon("/etc/passwd", &create_context))
				return -1;
			rc = setfscreatecon(create_context);
			freecon(create_context);
			if(rc)
				return -1;
			lockfd = open(LOCKFILE, O_CREAT | O_WRONLY, 0600);
			if(setfscreatecon(NULL))
				return -1;
		}
	}
	else
#endif
	lockfd = open(LOCKFILE, O_CREAT | O_WRONLY, 0600);
	if (lockfd == -1)
		return -1;
	if (set_close_on_exec(lockfd) == -1)
		goto cleanup_fd;

	memset(&act, 0, sizeof act);
	act.sa_handler = alarm_catch;
	act.sa_flags = 0;
	sigfillset(&act.sa_mask);
	if (sigaction(SIGALRM, &act, &oldact) == -1)
		goto cleanup_fd;

	sigemptyset(&set);
	sigaddset(&set, SIGALRM);
	if (sigprocmask(SIG_UNBLOCK, &set, &oldset) == -1)
		goto cleanup_sig;

	alarm(TIMEOUT);
	if (do_lock(lockfd) == -1)
		goto cleanup_alarm;
	alarm(0);
	sigprocmask(SIG_SETMASK, &oldset, NULL);
	sigaction(SIGALRM, &oldact, NULL);
	return 0;

      cleanup_alarm:
	alarm(0);
	sigprocmask(SIG_SETMASK, &oldset, NULL);
      cleanup_sig:
	sigaction(SIGALRM, &oldact, NULL);
      cleanup_fd:
	close(lockfd);
	lockfd = -1;
	return -1;
}

static int ulckpwdf(void)
{
	unlink(LOCKFILE);
	if (lockfd == -1)
		return -1;

	if (close(lockfd) == -1) {
		lockfd = -1;
		return -1;
	}
	lockfd = -1;
	return 0;
}
/* END_HACK */