7 files changed, 543 insertions, 110 deletions
diff --git a/adduser/adduser.conf.5 b/adduser/adduser.conf.5
new file mode 100644
index 0000000..c7c4f5d
--- /dev/null
+++ b/adduser/adduser.conf.5
@@ -0,0 +1,221 @@
+.\"
+.\" Copyright (c) 2004 Tom Rhodes
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd April 12, 2007
+.Dt ADDUSER.CONF 5
+.Os
+.Sh NAME
+.Nm adduser.conf
+.Nd
+.Xr adduser 8
+configuration file
+.Sh DESCRIPTION
+The
+.Pa /etc/adduser.conf
+file is automatically generated by the
+.Xr adduser 8
+utility when invoked with the
+.Fl C
+command-line option.
+It is not meant to be edited by hand.
+.Pp
+The
+.Pa /etc/adduser.conf
+file is used to pre-set certain configuration options for
+the
+.Xr adduser 8
+utility.
+When
+.Xr adduser 8
+is invoked, it will check to see if this file exists, and
+if so, the configuration will be used or offered as the
+default settings.
+The
+.Nm
+file offers three types of configuration:
+.Bl -bullet
+.It
+Default settings offered by
+.Xr adduser 8 .
+These options are specified in the configuration file and offered
+as the default during every invocation of the
+.Xr adduser 8
+utility.
+.It
+Configuration options which can be set in
+.Nm ,
+but overridden by passing a flag to
+.Xr adduser 8 .
+.It
+Configuration supported by
+.Xr adduser 8
+but not offered by a flag or during initial invocation.
+.El
+.Pp
+In the first case, these options can be set in
+.Nm
+but will still be offered when
+.Xr adduser 8
+is invoked.
+In the second case,
+.Xr adduser 8
+will read the configuration data unless a flag
+has been passed to override it.
+For example, the
+.Va defaultshell
+option.
+In the third case, the configuration will be utilized, but the
+user will never be prompted to modify the default setting by
+either a flag or an
+.Xr adduser 8
+prompt.
+For example, the
+.Va upwexpire
+setting.
+.Pp
+The following configuration options can be set in
+.Nm :
+.Bl -tag -width ".Va defaultgroups" -offset indent
+.It Va defaultLgroup
+The default group new users will be added to.
+.It Va defaultclass
+The default class to place users in as described in
+.Xr login.conf 5 .
+.It Va defaultgroups
+This option is used to specify what other groups the new account
+should be added to.
+.It Va passwdtype
+May be one of
+.Cm no , none , random ,
+or
+.Cm yes ,
+as described in
+.Xr adduser 8 .
+As such, the text is not duplicated here and may be
+read in
+.Xr adduser 8 .
+.It Va homeprefix
+The default home directory prefix, usually
+.Pa /home .
+.It Va defaultshell
+The user's default shell which may be any of the shells listed in
+.Xr shells 5 .
+.It Va udotdir
+Defines the location of the default shell and environment
+configuration files.
+.It Va msgfile
+Location of the default new user message file.
+This message will be sent to all new users if specified
+here or at the
+.Xr adduser 8
+prompt.
+.It Va disableflag
+The default message enclosed in brackets for the
+lock account prompt.
+.It Va upwexpire
+The default password expiration time.
+Format of the date is either a
+.Ux
+time in decimal, or a date in
+.Sm off
+.Ar dd No - Ar mmm No - Ar yy Op Ar yy
+.Sm on
+format, where
+.Ar dd
+is the day,
+.Ar mmm
+is the month in either numeric or
+alphabetic format, and
+.Ar yy Ns Op Ar yy
+is either a two or four digit year.
+This option also accepts a relative date in the form of
+.Sm off
+.Ar n Op Ar m h d w o y
+.Sm on
+where
+.Ar n
+is a decimal, octal (leading 0) or hexadecimal (leading 0x) digit
+followed by the number of Minutes, Hours, Days, Weeks, Months or
+Years from the current date at
+which the expiration time is to be set.
+.It Va uexpire
+The default account expire time.
+The format is similar to the
+.Va upwexpire
+option.
+.It Va ugecos
+The default information to be held in the GECOS field of
+.Pa /etc/master.passwd .
+.It Va uidstart
+The default user ID setting.
+This must be a number above 1000 and fewer than 65534.
+.El
+.Sh EXAMPLES
+The following is an example
+.Nm
+file created with the
+.Fl C
+.Xr adduser 8
+flag and modified.
+.Bd -literal -offset indent
+# Configuration file for adduser(8).
+# NOTE: only *some* variables are saved.
+# Last Modified on Fri Mar 30 14:04:05 EST 2004.
+
+defaultLgroup=
+defaultclass=
+defaultgroups=
+passwdtype=yes
+homeprefix=/home
+defaultshell=/bin/csh
+udotdir=/usr/share/skel
+msgfile=/etc/adduser.msg
+disableflag=
+upwexpire=91d # Expire passwords 91 days after creation.
+.Ed
+.Sh SEE ALSO
+.Xr group 5 ,
+.Xr passwd 5 ,
+.Xr adduser 8 ,
+.Xr pw 8 ,
+.Xr rmuser 8
+.Sh HISTORY
+The
+.Nm
+manual page first appeared in
+.Fx 5.3 .
+.Sh AUTHORS
+This manual page was written by
+.An Tom Rhodes Aq trhodes@FreeBSD.org .
+.Sh BUGS
+The internal variables documented here may change without notice.
+Do not rely on them.
+To modify this file invoke
+.Xr adduser 8
+with the
+.Fl C
+option instead.
diff --git a/adduser/adduser.sh b/adduser/adduser.sh
index f645f59..4b0a6f6 100644
--- a/adduser/adduser.sh
+++ b/adduser/adduser.sh
@@ -488,6 +488,7 @@ get_uid() {
 	_prompt=
 
 	if [ -n "$uuid" ]; then
+		uuid=`get_nextuid $uuid`
 		_prompt="Uid [$uuid]: "
 	else
 		_prompt="Uid (Leave empty for default): "
diff --git a/chpass/util.c b/chpass/util.c
new file mode 100644
index 0000000..baf160e
--- /dev/null
+++ b/chpass/util.c
@@ -0,0 +1,182 @@
+/*-
+ * Copyright (c) 1988, 1993, 1994
+ *	The Regents of the University of California.  All rights reserved.
+ * Copyright (c) 2002 Networks Associates Technology, Inc.
+ * All rights reserved.
+ *
+ * Portions of this software were developed for the FreeBSD Project by
+ * ThinkSec AS and NAI Labs, the Security Research Division of Network
+ * Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
+ * ("CBOSS"), as part of the DARPA CHATS research program.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef lint
+#if 0
+static char sccsid[] = "@(#)util.c	8.4 (Berkeley) 4/2/94";
+#endif
+#endif /* not lint */
+#include <sys/cdefs.h>
+__FBSDID("$FreeBSD$");
+
+#include <sys/types.h>
+
+#include <ctype.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <unistd.h>
+
+#include "chpass.h"
+
+static const char *months[] =
+	{ "January", "February", "March", "April", "May", "June",
+	  "July", "August", "September", "October", "November",
+	  "December", NULL };
+
+char *
+ttoa(time_t tval)
+{
+	struct tm *tp;
+	static char tbuf[50];
+
+	if (tval) {
+		tp = localtime(&tval);
+		(void)sprintf(tbuf, "%s %d, %d", months[tp->tm_mon],
+		    tp->tm_mday, tp->tm_year + 1900);
+	}
+	else
+		*tbuf = '\0';
+	return (tbuf);
+}
+
+int
+atot(char *p, time_t *store)
+{
+	static struct tm *lt;
+	char *t;
+	const char **mp;
+	time_t tval;
+	int day, month, year;
+
+	if (!*p) {
+		*store = 0;
+		return (0);
+	}
+	if (!lt) {
+		unsetenv("TZ");
+		(void)time(&tval);
+		lt = localtime(&tval);
+	}
+	if (!(t = strtok(p, " \t")))
+		goto bad;
+	if (isdigit(*t)) {
+		month = atoi(t);
+	} else {
+		for (mp = months;; ++mp) {
+			if (!*mp)
+				goto bad;
+			if (!strncasecmp(*mp, t, 3)) {
+				month = mp - months + 1;
+				break;
+			}
+		}
+	}
+	if (!(t = strtok(NULL, " \t,")) || !isdigit(*t))
+		goto bad;
+	day = atoi(t);
+	if (!(t = strtok(NULL, " \t,")) || !isdigit(*t))
+		goto bad;
+	year = atoi(t);
+	if (day < 1 || day > 31 || month < 1 || month > 12)
+		goto bad;
+	/* Allow two digit years 1969-2068 */
+	if (year < 69)
+		year += 2000;
+	else if (year < 100)
+		year += 1900;
+	if (year < 1969)
+bad:		return (1);
+	lt->tm_year = year - 1900;
+	lt->tm_mon = month - 1;
+	lt->tm_mday = day;
+	lt->tm_hour = 0;
+	lt->tm_min = 0;
+	lt->tm_sec = 0;
+	lt->tm_isdst = -1;
+	if ((tval = mktime(lt)) < 0)
+		return (1);
+	*store = tval;
+	return (0);
+}
+
+int
+ok_shell(char *name)
+{
+	char *p, *sh;
+
+	setusershell();
+	while ((sh = getusershell())) {
+		if (!strcmp(name, sh)) {
+			endusershell();
+			return (1);
+		}
+		/* allow just shell name, but use "real" path */
+		if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) {
+			endusershell();
+			return (1);
+		}
+	}
+	endusershell();
+	return (0);
+}
+
+char *
+dup_shell(char *name)
+{
+	char *p, *sh, *ret;
+
+	setusershell();
+	while ((sh = getusershell())) {
+		if (!strcmp(name, sh)) {
+			endusershell();
+			return (strdup(name));
+		}
+		/* allow just shell name, but use "real" path */
+		if ((p = strrchr(sh, '/')) && strcmp(name, p + 1) == 0) {
+			ret = strdup(sh);
+			endusershell();
+			return (ret);
+		}
+	}
+	endusershell();
+	return (NULL);
+}
diff --git a/libutil/libutil.h b/libutil/libutil.h
index dea14cf..bf42766 100644
--- a/libutil/libutil.h
+++ b/libutil/libutil.h
@@ -48,6 +48,11 @@ typedef	__gid_t		gid_t;
 #define	_GID_T_DECLARED
 #endif
 
+#ifndef _MODE_T_DECLARED
+typedef	__mode_t	mode_t;
+#define	_MODE_T_DECLARED
+#endif
+
 #ifndef _PID_T_DECLARED
 typedef	__pid_t		pid_t;
 #define	_PID_T_DECLARED
@@ -63,66 +68,36 @@ typedef	__uid_t		uid_t;
 #define	_UID_T_DECLARED
 #endif
 
-#define PROPERTY_MAX_NAME	64
-#define PROPERTY_MAX_VALUE	512
+#define	PROPERTY_MAX_NAME	64
+#define	PROPERTY_MAX_VALUE	512
 
-/* for properties.c */
+/* For properties.c. */
 typedef struct _property {
 	struct _property *next;
-	char *name;
-	char *value;
+	char	*name;
+	char	*value;
 } *properties;
 
-#ifdef _SYS_PARAM_H_
-/* for pidfile.c */
-struct pidfh {
-	int	pf_fd;
-	char	pf_path[MAXPATHLEN + 1];
-	__dev_t	pf_dev;
-	ino_t	pf_ino;
-};
-#endif
-
-/* Avoid pulling in all the include files for no need */
+/* Avoid pulling in all the include files for no need. */
+struct in_addr;
+struct pidfh;
+struct sockaddr;
 struct termios;
 struct winsize;
-struct in_addr;
-struct kinfo_file;
-struct kinfo_proc;
-struct kinfo_vmentry;
 
 __BEGIN_DECLS
+char	*auth_getval(const char *_name);
 void	clean_environment(const char * const *_white,
 	    const char * const *_more_white);
+int	expand_number(const char *_buf, uint64_t *_num);
 int	extattr_namespace_to_string(int _attrnamespace, char **_string);
 int	extattr_string_to_namespace(const char *_string, int *_attrnamespace);
 int	flopen(const char *_path, int _flags, ...);
-void	hexdump(const void *ptr, int length, const char *hdr, int flags);
-int	login_tty(int _fd);
-void	trimdomain(char *_fullhost, int _hostsize);
-int	openpty(int *_amaster, int *_aslave, char *_name,
-		     struct termios *_termp, struct winsize *_winp);
 int	forkpty(int *_amaster, char *_name,
-		     struct termios *_termp, struct winsize *_winp);
+	    struct termios *_termp, struct winsize *_winp);
+void	hexdump(const void *_ptr, int _length, const char *_hdr, int _flags);
 int	humanize_number(char *_buf, size_t _len, int64_t _number,
 	    const char *_suffix, int _scale, int _flags);
-int	expand_number(const char *_buf, uint64_t *_num);
-const char *uu_lockerr(int _uu_lockresult);
-int	uu_lock(const char *_ttyname);
-int	uu_unlock(const char *_ttyname);
-int	uu_lock_txfr(const char *_ttyname, pid_t _pid);
-int	_secure_path(const char *_path, uid_t _uid, gid_t _gid);
-properties properties_read(int fd);
-void	properties_free(properties list);
-char	*property_find(properties list, const char *name);
-char	*auth_getval(const char *name);
-int	realhostname(char *host, size_t hsize, const struct in_addr *ip);
-struct sockaddr;
-int	realhostname_sa(char *host, size_t hsize, struct sockaddr *addr,
-			     int addrlen);
-
-int	kld_isloaded(const char *name);
-int	kld_load(const char *name);
 struct kinfo_file *
 	kinfo_getfile(pid_t _pid, int *_cntp);
 struct kinfo_vmentry *
@@ -131,81 +106,99 @@ struct kinfo_proc *
 	kinfo_getallproc(int *_cntp);
 struct kinfo_proc *
 	kinfo_getproc(pid_t _pid);
+int	kld_isloaded(const char *_name);
+int	kld_load(const char *_name);
+int	login_tty(int _fd);
+int	openpty(int *_amaster, int *_aslave, char *_name,
+	    struct termios *_termp, struct winsize *_winp);
+int	pidfile_close(struct pidfh *_pfh);
+int	pidfile_fileno(const struct pidfh *_pfh);
+struct pidfh *
+	pidfile_open(const char *_path, mode_t _mode, pid_t *_pidptr);
+int	pidfile_remove(struct pidfh *_pfh);
+int	pidfile_write(struct pidfh *_pfh);
+void	properties_free(properties _list);
+char	*property_find(properties _list, const char *_name);
+properties
+	properties_read(int _fd);
+int	realhostname(char *_host, size_t _hsize, const struct in_addr *_ip);
+int	realhostname_sa(char *_host, size_t _hsize, struct sockaddr *_addr,
+	    int _addrlen);
+int	_secure_path(const char *_path, uid_t _uid, gid_t _gid);
+void	trimdomain(char *_fullhost, int _hostsize);
+const char *
+	uu_lockerr(int _uu_lockresult);
+int	uu_lock(const char *_ttyname);
+int	uu_unlock(const char *_ttyname);
+int	uu_lock_txfr(const char *_ttyname, pid_t _pid);
 
-#ifdef _STDIO_H_	/* avoid adding new includes */
-char   *fparseln(FILE *, size_t *, size_t *, const char[3], int);
+/*
+ * Conditionally prototype the following functions if the include
+ * files upon which they depend have been included.
+ */
+#ifdef _STDIO_H_
+char	*fparseln(FILE *_fp, size_t *_len, size_t *_lineno,
+	    const char _delim[3], int _flags);
 #endif
 
 #ifdef _PWD_H_
-int	pw_copy(int _ffd, int _tfd, const struct passwd *_pw, struct passwd *_old_pw);
-struct passwd *pw_dup(const struct passwd *_pw);
+int	pw_copy(int _ffd, int _tfd, const struct passwd *_pw,
+	    struct passwd *_old_pw);
+struct passwd
+	*pw_dup(const struct passwd *_pw);
 int	pw_edit(int _notsetuid);
 int	pw_equal(const struct passwd *_pw1, const struct passwd *_pw2);
 void	pw_fini(void);
 int	pw_init(const char *_dir, const char *_master);
 char	*pw_make(const struct passwd *_pw);
+char	*pw_make_v7(const struct passwd *_pw);
 int	pw_mkdb(const char *_user);
 int	pw_lock(void);
-struct passwd *pw_scan(const char *_line, int _flags);
-const char *pw_tempname(void);
+struct passwd *
+	pw_scan(const char *_line, int _flags);
+const char *
+	pw_tempname(void);
 int	pw_tmp(int _mfd);
 #endif
 
 #ifdef _GRP_H_
-int 	gr_copy(int __ffd, int _tfd, const struct group *_gr, struct group *_old_gr);
-struct group *gr_dup(const struct group *gr);
-int	gr_equal(const struct group *gr1, const struct group *gr2);
+int 	gr_copy(int __ffd, int _tfd, const struct group *_gr,
+	    struct group *_old_gr);
+struct group *
+	gr_dup(const struct group *_gr);
+int	gr_equal(const struct group *_gr1, const struct group *_gr2);
 void	gr_fini(void);
 int	gr_init(const char *_dir, const char *_master);
 int	gr_lock(void);
-char	*gr_make(const struct group *gr);
+char	*gr_make(const struct group *_gr);
 int	gr_mkdb(void);
+struct group *
+	gr_scan(const char *_line);
 int	gr_tmp(int _mdf);
-struct group *gr_scan(const char *line);
-#endif
-
-#ifdef _SYS_PARAM_H_
-struct pidfh *pidfile_open(const char *path, mode_t mode, pid_t *pidptr);
-int pidfile_write(struct pidfh *pfh);
-int pidfile_close(struct pidfh *pfh);
-int pidfile_remove(struct pidfh *pfh);
 #endif
 
 #ifdef _UFS_UFS_QUOTA_H_
-struct quotafile;
 struct fstab;
-struct quotafile *quota_open(struct fstab *, int, int);
-void quota_close(struct quotafile *);
-int quota_on(struct quotafile *);
-int quota_off(struct quotafile *);
-const char *quota_fsname(const struct quotafile *);
-const char *quota_qfname(const struct quotafile *);
-int quota_maxid(struct quotafile *);
-int quota_check_path(const struct quotafile *, const char *path);
-int quota_read(struct quotafile *, struct dqblk *, int);
-int quota_write_limits(struct quotafile *, struct dqblk *, int);
-int quota_write_usage(struct quotafile *, struct dqblk *, int);
-int quota_convert(struct quotafile *, int);
+struct quotafile;
+int	quota_check_path(const struct quotafile *_qf, const char *_path);
+void	quota_close(struct quotafile *_qf);
+int	quota_convert(struct quotafile *_qf, int _wordsize);
+const char *
+	quota_fsname(const struct quotafile *_qf);
+int	quota_maxid(struct quotafile *_qf);
+int	quota_off(struct quotafile *_qf);
+int	quota_on(struct quotafile *_qf);
+struct quotafile *
+	quota_open(struct fstab *_fs, int _quotatype, int _openflags);
+const char *
+	quota_qfname(const struct quotafile *_qf);
+int	quota_read(struct quotafile *_qf, struct dqblk *_dqb, int _id);
+int	quota_write_limits(struct quotafile *_qf, struct dqblk *_dqb, int _id);
+int	quota_write_usage(struct quotafile *_qf, struct dqblk *_dqb, int _id);
 #endif
 
 __END_DECLS
 
-#define UU_LOCK_INUSE (1)
-#define UU_LOCK_OK (0)
-#define UU_LOCK_OPEN_ERR (-1)
-#define UU_LOCK_READ_ERR (-2)
-#define UU_LOCK_CREAT_ERR (-3)
-#define UU_LOCK_WRITE_ERR (-4)
-#define UU_LOCK_LINK_ERR (-5)
-#define UU_LOCK_TRY_ERR (-6)
-#define UU_LOCK_OWNER_ERR (-7)
-
-/* return values from realhostname() */
-#define HOSTNAME_FOUND		(0)
-#define HOSTNAME_INCORRECTNAME	(1)
-#define HOSTNAME_INVALIDADDR	(2)
-#define HOSTNAME_INVALIDNAME	(3)
-
 /* fparseln(3) */
 #define	FPARSELN_UNESCESC	0x01
 #define	FPARSELN_UNESCCONT	0x02
@@ -213,26 +206,43 @@ __END_DECLS
 #define	FPARSELN_UNESCREST	0x08
 #define	FPARSELN_UNESCALL	0x0f
 
-/* pw_scan() */
-#define PWSCAN_MASTER		0x01
-#define PWSCAN_WARN		0x02
-
-/* humanize_number(3) */
-#define HN_DECIMAL		0x01
-#define HN_NOSPACE		0x02
-#define HN_B			0x04
-#define HN_DIVISOR_1000		0x08
-#define HN_IEC_PREFIXES		0x10
-
-/* maxscale = 0x07 */
-#define HN_GETSCALE		0x10
-#define HN_AUTOSCALE		0x20
-
-/* hexdump(3) */
+/* Flags for hexdump(3). */
 #define	HD_COLUMN_MASK		0xff
 #define	HD_DELIM_MASK		0xff00
 #define	HD_OMIT_COUNT		(1 << 16)
 #define	HD_OMIT_HEX		(1 << 17)
 #define	HD_OMIT_CHARS		(1 << 18)
 
+/* Values for humanize_number(3)'s flags parameter. */
+#define	HN_DECIMAL		0x01
+#define	HN_NOSPACE		0x02
+#define	HN_B			0x04
+#define	HN_DIVISOR_1000		0x08
+#define	HN_IEC_PREFIXES		0x10
+
+/* Values for humanize_number(3)'s scale parameter. */
+#define	HN_GETSCALE		0x10
+#define	HN_AUTOSCALE		0x20
+
+/* Return values from realhostname(). */
+#define	HOSTNAME_FOUND		0
+#define	HOSTNAME_INCORRECTNAME	1
+#define	HOSTNAME_INVALIDADDR	2
+#define	HOSTNAME_INVALIDNAME	3
+
+/* Flags for pw_scan(). */
+#define	PWSCAN_MASTER		0x01
+#define	PWSCAN_WARN		0x02
+
+/* Return values from uu_lock(). */
+#define	UU_LOCK_INUSE		1
+#define	UU_LOCK_OK		0
+#define	UU_LOCK_OPEN_ERR	(-1)
+#define	UU_LOCK_READ_ERR	(-2)
+#define	UU_LOCK_CREAT_ERR	(-3)
+#define	UU_LOCK_WRITE_ERR	(-4)
+#define	UU_LOCK_LINK_ERR	(-5)
+#define	UU_LOCK_TRY_ERR		(-6)
+#define	UU_LOCK_OWNER_ERR	(-7)
+
 #endif /* !_LIBUTIL_H_ */
diff --git a/libutil/pw_util.c b/libutil/pw_util.c
index 1068eff..63c63de 100644
--- a/libutil/pw_util.c
+++ b/libutil/pw_util.c
@@ -347,7 +347,8 @@ pw_edit(int notsetuid)
 	sigprocmask(SIG_SETMASK, &oldsigset, NULL);
 	if (stat(tempname, &st2) == -1)
 		return (-1);
-	return (st1.st_mtime != st2.st_mtime);
+	return (st1.st_mtim.tv_sec != st2.st_mtim.tv_sec ||
+	    st1.st_mtim.tv_nsec != st2.st_mtim.tv_nsec);
 }
 
 /*
@@ -406,7 +407,21 @@ pw_make(const struct passwd *pw)
 	    pw->pw_passwd, (uintmax_t)pw->pw_uid, (uintmax_t)pw->pw_gid,
 	    pw->pw_class, (uintmax_t)pw->pw_change, (uintmax_t)pw->pw_expire,
 	    pw->pw_gecos, pw->pw_dir, pw->pw_shell);
-	return line;
+	return (line);
+}
+
+/*
+ * Make a passwd line (in v7 format) out of a struct passwd
+ */
+char *
+pw_make_v7(const struct passwd *pw)
+{
+	char *line;
+
+	asprintf(&line, "%s:*:%ju:%ju:%s:%s:%s", pw->pw_name,
+	    (uintmax_t)pw->pw_uid, (uintmax_t)pw->pw_gid,
+	    pw->pw_gecos, pw->pw_dir, pw->pw_shell);
+	return (line);
 }
 
 /*
diff --git a/pw/cpdir.c b/pw/cpdir.c
index c5534e5..0fd671b 100644
--- a/pw/cpdir.c
+++ b/pw/cpdir.c
@@ -84,7 +84,7 @@ copymkdir(char const * dir, char const * skel, mode_t mode, uid_t uid, gid_t gid
 							if (strcmp(e->d_name, ".") != 0 && strcmp(e->d_name, "..") != 0)
 								copymkdir(dst, src, st.st_mode & _DEF_DIRMODE, uid, gid);
 								chflags(dst, st.st_flags);	/* propagate flags */
-						    } else if (S_ISLNK(st.st_mode) && (len = readlink(src, lnk, sizeof(lnk))) != -1) {
+						    } else if (S_ISLNK(st.st_mode) && (len = readlink(src, lnk, sizeof(lnk) - 1)) != -1) {
 							lnk[len] = '\0';
 							symlink(lnk, dst);
 							lchown(dst, uid, gid);
diff --git a/pw/pw_user.c b/pw/pw_user.c
index 0001a41..b59789c 100644
--- a/pw/pw_user.c
+++ b/pw/pw_user.c
@@ -1028,6 +1028,7 @@ pw_pwcrypt(char *password)
 {
 	int             i;
 	char            salt[SALTSIZE + 1];
+	char		*cryptpw;
 
 	static char     buf[256];
 
@@ -1038,7 +1039,10 @@ pw_pwcrypt(char *password)
 		salt[i] = chars[arc4random_uniform(sizeof(chars) - 1)];
 	salt[SALTSIZE] = '\0';
 
-	return strcpy(buf, crypt(password, salt));
+	cryptpw = crypt(password, salt);
+	if (cryptpw == NULL)
+		errx(EX_CONFIG, "crypt(3) failure");
+	return strcpy(buf, cryptpw);
 }