Use O_EXLOCK option of open(2) to open /etc/ptmp with an exclusive

lock.  This fixes a DOS bug where a user could run passwd(1) and
send it a SIGKILL, thus leaving /etc/ptmp in place.

src/lib/libutil/passwd.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $	*/
+/*	$OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $	*/
 
 /*
  * Copyright (c) 1987, 1993, 1994, 1995
@@ -34,7 +34,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char rcsid[] = "$OpenBSD: passwd.c,v 1.10 1997/06/17 10:10:42 niklas Exp $";
+static char rcsid[] = "$OpenBSD: passwd.c,v 1.11 1997/06/22 23:57:23 millert Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/types.h>
@@ -252,10 +252,10 @@ pw_lock(retries)
 		return (-1);
 	/* Acquire the lock file. */
 	old_mode = umask(0);
-	fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600);
-	for (i = 0; i < retries && fd < 0 && errno == EEXIST; i++) {
+	fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600);
+	for (i = 0; i < retries && fd < 0 && errno == EAGAIN; i++) {
 		sleep(1);
-		fd = open(pw_lck, O_WRONLY|O_CREAT|O_EXCL, 0600);
+		fd = open(pw_lck, O_WRONLY|O_CREAT|O_TRUNC|O_NONBLOCK|O_EXLOCK, 0600);
 	}
 	umask(old_mode);
 	return (fd);

src/lib/libutil/pw_lock.3

@@ -60,8 +60,10 @@ functions allow a program to update the system passwd database.
 The
 .Fn pw_lock
 function attempts to lock the passwd database by creating the file
-.Pa /etc/ptmp ,
-and returns the file descriptor of that file.  If
+.Pa /etc/ptmp
+with an exclusive lock (using
+.Xr flock 2
+semantics) and returns the file descriptor of that file.  If
 .Fa retries
 is greater than zero,
 .Fn pw_lock
@@ -102,4 +104,5 @@ functions return -1 if they are unable to complete properly.
 .It Pa /etc/ptmp
 .El
 .Sh SEE ALSO
+.Xr flock 2 ,
 .Xr pw_init 3