Add new 'secureonly' arg to pw_mkdb() to correspond to pwd_mkdb's new -s

flag and crank the library major due to the interface change.

src/lib/libutil/passwd.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: passwd.c,v 1.26 2001/07/11 16:11:10 aaron Exp $	*/
+/*	$OpenBSD: passwd.c,v 1.27 2001/08/16 18:24:32 millert Exp $	*/
 
 /*
  * Copyright (c) 1987, 1993, 1994, 1995
@@ -34,7 +34,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: passwd.c,v 1.26 2001/07/11 16:11:10 aaron Exp $";
+static char rcsid[] = "$OpenBSD: passwd.c,v 1.27 2001/08/16 18:24:32 millert Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -273,33 +273,45 @@ pw_lock(retries)
 }
 
 int
-pw_mkdb(username)
+pw_mkdb(username, secureonly)
 	char *username;
+	int secureonly;
 {
-	int pstat;
+	int pstat, ac;
 	pid_t pid;
+	char *av[8];
 	struct stat sb;
 
+	if (pw_lck == NULL)
+		return(-1);
+
 	/* A zero length passwd file is never ok */
-	if (pw_lck && stat(pw_lck, &sb) == 0) {
-		if (sb.st_size == 0) {
-			warnx("%s is zero length", pw_lck);
-			return (-1);
-		}
+	if (stat(pw_lck, &sb) == 0 && sb.st_size == 0) {
+		warnx("%s is zero length", pw_lck);
+		return (-1);
 	}
 
+	ac = 0;
+	av[ac++] = "pwd_mkdb";
+	av[ac++] = "-d";
+	av[ac++] = pw_dir;
+	if (secureonly)
+		av[ac++] = "-s";
+	else
+		av[ac++] = "-p";
+	if (username) {
+		av[ac++] = "-u";
+		av[ac++] = username;
+	}
+	av[ac++] = pw_lck;
+	av[ac] = NULL;
+
 	pid = vfork();
 	if (pid == -1)
 		return (-1);
 	if (pid == 0) {
-		if (pw_lck) {
-			if (username)
-				execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", "-d",
-				    pw_dir, "-u", username, pw_lck, (char *)NULL);
-			else
-				execl(_PATH_PWD_MKDB, "pwd_mkdb", "-p", "-d",
-				    pw_dir, pw_lck, (char *)NULL);
-		}
+		if (pw_lck)
+			execv(_PATH_PWD_MKDB, av);
 		_exit(1);
 	}
 	pid = waitpid(pid, &pstat, 0);

src/lib/libutil/pw_lock.3

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: pw_lock.3,v 1.6 2000/11/26 01:25:33 millert Exp $
+.\"	$OpenBSD: pw_lock.3,v 1.7 2001/08/16 18:24:32 millert Exp $
 .\"
 .\" Copyright (c) 1995
 .\"	The Regents of the University of California.  All rights reserved.
@@ -48,7 +48,7 @@
 .Ft int
 .Fn pw_lock "int retries"
 .Ft int
-.Fn pw_mkdb "char *username"
+.Fn pw_mkdb "char *username" "int secureonly"
 .Ft void
 .Fn pw_abort
 .Sh DESCRIPTION
@@ -78,10 +78,19 @@ will also hold the contents of the new passwd file.
 The
 .Fn pw_mkdb
 function updates the passwd file from the contents of
-.Pa /etc/ptmp .
+.Pa /etc/ptmp
+via
+.Xr pwd_mkdb 8 .
 If a
 .Fa username
 is specified, only the record for the specified user will be updated.
+If the
+.Fa secureonly
+argument is non-zero, only the secure database file,
+.Pa /etc/spwd.db ,
+will be updated.
+This is useful for cases when the password field is the only part of the
+entry that has been modified.
 You should finish writing to and close the file descriptor returned by
 .Fn pw_lock
 before calling
@@ -106,8 +115,17 @@ functions return \-1 if they are unable to complete properly.
 .Sh FILES
 .Bl -tag -width /etc/master.passwd -compact
 .It Pa /etc/master.passwd
+current password file
 .It Pa /etc/ptmp
+password lock file
+.It Pa /etc/passwd
+a Version 7 format password file
+.It Pa /etc/pwd.db
+insecure password database file
+.It Pa /etc/spwd.db
+secure password database file
 .El
 .Sh SEE ALSO
 .Xr flock 2 ,
-.Xr pw_init 3
+.Xr pw_init 3 ,
+.Xr pwd_mkdb 8

src/lib/libutil/shlib_version

@@ -1,2 +1,2 @@
-major=6
+major=7
 minor=0

src/lib/libutil/util.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: util.h,v 1.14 2001/08/12 22:00:34 millert Exp $	*/
+/*	$OpenBSD: util.h,v 1.15 2001/08/16 18:24:32 millert Exp $	*/
 /*	$NetBSD: util.h,v 1.2 1996/05/16 07:00:22 thorpej Exp $	*/
 
 /*-
@@ -90,7 +90,7 @@ int	opendev __P((char *, int, int, char **));
 void	pw_setdir __P((const char *));
 char   *pw_file __P((const char *));
 int	pw_lock __P((int retries));
-int	pw_mkdb __P((char *));
+int	pw_mkdb __P((char *, int));
 int	pw_abort __P((void));
 void	pw_init __P((void));
 void	pw_edit __P((int, const char *));