Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 452 lines (396 sloc) 11.961 kb
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
1 /* vi: set sw=4 ts=4: */
801ab14 Add one-line GPL boilerplate to numerous (but not all yet) source files.
"Robert P. J. Day" authored
2 /*
0ef64bd *: make GNU licensing statement forms more regular
Denys Vlasenko authored
3 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
801ab14 Add one-line GPL boilerplate to numerous (but not all yet) source files.
"Robert P. J. Day" authored
4 */
b6adbf1 usage.c: remove reference to busybox.h
Denis Vlasenko authored
5 #include "libbb.h"
f470196 @aldot - fix conflicting decls of syslog related facilitynames and priorityn…
aldot authored
6 #include <syslog.h>
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
7 #if ENABLE_FEATURE_UTMP
8 # include <utmp.h> /* USER_PROCESS */
9 #endif
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
10 #include <sys/resource.h>
11
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
12 #if ENABLE_SELINUX
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
13 # include <selinux/selinux.h> /* for is_selinux_enabled() */
14 # include <selinux/get_context_list.h> /* for get_default_context() */
15 # include <selinux/flask.h> /* for security class definitions */
9e48045 Patch from Russell Coker:
Eric Andersen authored
16 #endif
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
17
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
18 #if ENABLE_PAM
c6c2345 login: fixes for PAM build
Denis Vlasenko authored
19 /* PAM may include <locale.h>. We may need to undefine bbox's stub define: */
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
20 # undef setlocale
c6c2345 login: fixes for PAM build
Denis Vlasenko authored
21 /* For some obscure reason, PAM is not in pam/xxx, but in security/xxx.
22 * Apparently they like to confuse people. */
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
23 # include <security/pam_appl.h>
24 # include <security/pam_misc.h>
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
25 static const struct pam_conv conv = {
26 misc_conv,
27 NULL
28 };
29 #endif
30
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
31 enum {
32 TIMEOUT = 60,
33 EMPTY_USERNAME_COUNT = 10,
34 USERNAME_SIZE = 32,
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
35 TTYNAME_SIZE = 32,
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
36 };
0fbff13 Several login cleanups from vodz
Eric Andersen authored
37
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
38 static char* short_tty;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
39
f312e32 login: make /etc/nologin support configurable. -240 bytes if not sele…
Denis Vlasenko authored
40 #if ENABLE_FEATURE_NOLOGIN
68404f1 *: add -Wunused-parameter; fix resulting breakage
Denis Vlasenko authored
41 static void die_if_nologin(void)
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
42 {
43 FILE *fp;
44 int c;
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
45 int empty = 1;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
46
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
47 fp = fopen_for_read("/etc/nologin");
48 if (!fp) /* assuming it does not exist */
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
49 return;
50
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
51 while ((c = getc(fp)) != EOF) {
52 if (c == '\n')
53 bb_putchar('\r');
54 bb_putchar(c);
55 empty = 0;
56 }
57 if (empty)
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
58 puts("\r\nSystem closed for routine maintenance\r");
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
59
60 fclose(fp);
8131eea *: introduce and use ffulsh_all()
Denys Vlasenko authored
61 fflush_all();
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
62 /* Users say that they do need this prior to exit: */
63 tcdrain(STDOUT_FILENO);
636a1f8 @aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
64 exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
65 }
f312e32 login: make /etc/nologin support configurable. -240 bytes if not sele…
Denis Vlasenko authored
66 #else
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
67 # define die_if_nologin() ((void)0)
f312e32 login: make /etc/nologin support configurable. -240 bytes if not sele…
Denis Vlasenko authored
68 #endif
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
69
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
70 #if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
71 static int check_securetty(void)
72 {
084266e fix several problems with config parser:
Denis Vlasenko authored
73 char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
5415c85 libbb: [x]fopen_for_{read,write} introduced and used.
Denis Vlasenko authored
74 parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
084266e fix several problems with config parser:
Denis Vlasenko authored
75 while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
76 if (strcmp(buf, short_tty) == 0)
77 break;
78 buf = NULL;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
79 }
084266e fix several problems with config parser:
Denis Vlasenko authored
80 config_close(parser);
81 /* buf != NULL here if config file was not found, empty
82 * or line was found which equals short_tty */
83 return buf != NULL;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
84 }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
85 #else
f312e32 login: make /etc/nologin support configurable. -240 bytes if not sele…
Denis Vlasenko authored
86 static ALWAYS_INLINE int check_securetty(void) { return 1; }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
87 #endif
88
4eff8ef login: cleanup work by Walter Harms. No logic changes.
Denis Vlasenko authored
89 #if ENABLE_SELINUX
90 static void initselinux(char *username, char *full_tty,
91 security_context_t *user_sid)
92 {
93 security_context_t old_tty_sid, new_tty_sid;
94
95 if (!is_selinux_enabled())
96 return;
97
98 if (get_default_context(username, NULL, user_sid)) {
6331cf0 *: use "can't" instead of "cannot"
Denys Vlasenko authored
99 bb_error_msg_and_die("can't get SID for %s", username);
4eff8ef login: cleanup work by Walter Harms. No logic changes.
Denis Vlasenko authored
100 }
101 if (getfilecon(full_tty, &old_tty_sid) < 0) {
102 bb_perror_msg_and_die("getfilecon(%s) failed", full_tty);
103 }
8e5de2a login: fix buglet introduced by "simplification"
Denis Vlasenko authored
104 if (security_compute_relabel(*user_sid, old_tty_sid,
4eff8ef login: cleanup work by Walter Harms. No logic changes.
Denis Vlasenko authored
105 SECCLASS_CHR_FILE, &new_tty_sid) != 0) {
106 bb_perror_msg_and_die("security_change_sid(%s) failed", full_tty);
107 }
108 if (setfilecon(full_tty, new_tty_sid) != 0) {
109 bb_perror_msg_and_die("chsid(%s, %s) failed", full_tty, new_tty_sid);
110 }
111 }
112 #endif
113
114 #if ENABLE_LOGIN_SCRIPTS
115 static void run_login_script(struct passwd *pw, char *full_tty)
116 {
117 char *t_argv[2];
118
119 t_argv[0] = getenv("LOGIN_PRE_SUID_SCRIPT");
120 if (t_argv[0]) {
121 t_argv[1] = NULL;
122 xsetenv("LOGIN_TTY", full_tty);
123 xsetenv("LOGIN_USER", pw->pw_name);
124 xsetenv("LOGIN_UID", utoa(pw->pw_uid));
125 xsetenv("LOGIN_GID", utoa(pw->pw_gid));
126 xsetenv("LOGIN_SHELL", pw->pw_shell);
e4dcba1 *: whitespace fixes
Denys Vlasenko authored
127 spawn_and_wait(t_argv); /* NOMMU-friendly */
4eff8ef login: cleanup work by Walter Harms. No logic changes.
Denis Vlasenko authored
128 unsetenv("LOGIN_TTY");
129 unsetenv("LOGIN_USER");
130 unsetenv("LOGIN_UID");
131 unsetenv("LOGIN_GID");
132 unsetenv("LOGIN_SHELL");
133 }
134 }
135 #else
136 void run_login_script(struct passwd *pw, char *full_tty);
137 #endif
138
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
139 static void get_username_or_die(char *buf, int size_buf)
140 {
141 int c, cntdown;
d8540f7 init: make sure fd 0,1,2 are not closed, + related optimizations.
Denis Vlasenko authored
142
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
143 cntdown = EMPTY_USERNAME_COUNT;
d8540f7 init: make sure fd 0,1,2 are not closed, + related optimizations.
Denis Vlasenko authored
144 prompt:
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
145 print_login_prompt();
d8540f7 init: make sure fd 0,1,2 are not closed, + related optimizations.
Denis Vlasenko authored
146 /* skip whitespace */
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
147 do {
148 c = getchar();
f2cbb03 *: optimize most of isXXXXX() macros
Denys Vlasenko authored
149 if (c == EOF)
150 exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
151 if (c == '\n') {
f2cbb03 *: optimize most of isXXXXX() macros
Denys Vlasenko authored
152 if (!--cntdown)
153 exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
154 goto prompt;
155 }
f2cbb03 *: optimize most of isXXXXX() macros
Denys Vlasenko authored
156 } while (isspace(c)); /* maybe isblank? */
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
157
158 *buf++ = c;
159 if (!fgets(buf, size_buf-2, stdin))
636a1f8 @aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
160 exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
161 if (!strchr(buf, '\n'))
636a1f8 @aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
162 exit(EXIT_FAILURE);
f2cbb03 *: optimize most of isXXXXX() macros
Denys Vlasenko authored
163 while ((unsigned char)*buf > ' ')
164 buf++;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
165 *buf = '\0';
166 }
167
168 static void motd(void)
169 {
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
170 int fd;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
171
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
172 fd = open(bb_path_motd_file, O_RDONLY);
5281630 login: clear dangerous environment variables if started by non-root
Denis Vlasenko authored
173 if (fd >= 0) {
8131eea *: introduce and use ffulsh_all()
Denys Vlasenko authored
174 fflush_all();
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
175 bb_copyfd_eof(fd, STDOUT_FILENO);
176 close(fd);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
177 }
178 }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
179
a60f84e *: rename ATTRIBUTE_XXX to just XXX.
Denis Vlasenko authored
180 static void alarm_handler(int sig UNUSED_PARAM)
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
181 {
2f50aa4 login: use some ideas from util-linux's login.
Denis Vlasenko authored
182 /* This is the escape hatch! Poor serial line users and the like
183 * arrive here when their connection is broken.
184 * We don't want to block here */
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
185 ndelay_on(1);
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
186 printf("\r\nLogin timed out after %d seconds\r\n", TIMEOUT);
8131eea *: introduce and use ffulsh_all()
Denys Vlasenko authored
187 fflush_all();
5281630 login: clear dangerous environment variables if started by non-root
Denis Vlasenko authored
188 /* unix API is brain damaged regarding O_NONBLOCK,
189 * we should undo it, or else we can affect other processes */
190 ndelay_off(1);
400d8bb less,klogd,syslogd,nc,tcpudp: exit on signal by killing itself, not e…
Denis Vlasenko authored
191 _exit(EXIT_SUCCESS);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
192 }
193
9b49a5e add -fvisibility=hidden to CC flags, mark XXX_main functions
Denis Vlasenko authored
194 int login_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
a60f84e *: rename ATTRIBUTE_XXX to just XXX.
Denis Vlasenko authored
195 int login_main(int argc UNUSED_PARAM, char **argv)
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
196 {
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
197 enum {
198 LOGIN_OPT_f = (1<<0),
199 LOGIN_OPT_h = (1<<1),
200 LOGIN_OPT_p = (1<<2),
201 };
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
202 char *fromhost;
0fbff13 Several login cleanups from vodz
Eric Andersen authored
203 char username[USERNAME_SIZE];
a73b87e *: s/"/bin/sh"/DEFAULT_SHELL, run_shell() API fix, remove unneeded st…
Ladislav Michl authored
204 const char *shell;
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
205 int run_by_root;
67b23e6 getopt_ulflags -> getopt32.
Denis Vlasenko authored
206 unsigned opt;
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
207 int count = 0;
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
208 struct passwd *pw;
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
209 char *opt_host = NULL;
cdf6277 dos2unix: tiny shrink
Denis Vlasenko authored
210 char *opt_user = opt_user; /* for compiler */
512c8ae login: small simplification by Walter Harms. -10 bytes
Denis Vlasenko authored
211 char *full_tty;
5e34ff2 *: mass renaming of USE_XXXX to IF_XXXX
Denis Vlasenko authored
212 IF_SELINUX(security_context_t user_sid = NULL;)
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
213 #if ENABLE_PAM
214 int pamret;
215 pam_handle_t *pamh;
216 const char *pamuser;
217 const char *failed_msg;
218 struct passwd pwdstruct;
219 char pwdbuf[256];
260fb55 login: apply PAM environment
Ian Wienand authored
220 char **pamenv;
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
221 #endif
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
222
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
223 username[0] = '\0';
224 signal(SIGALRM, alarm_handler);
225 alarm(TIMEOUT);
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
226
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
227 /* More of suid paranoia if called by non-root: */
228 /* Clear dangerous stuff, set PATH */
229 run_by_root = !sanitize_env_if_suid();
c9ca0a3 mount: recognize "dirsync" (closes bug 835)
Denis Vlasenko authored
230
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
231 /* Mandatory paranoia for suid applet:
232 * ensure that fd# 0,1,2 are opened (at least to /dev/null)
233 * and any extra open fd's are closed.
234 * (The name of the function is misleading. Not daemonizing here.) */
235 bb_daemonize_or_rexec(DAEMON_ONLY_SANITIZE | DAEMON_CLOSE_EXTRA_FDS, NULL);
236
fe7cd64 don't pass argc in getopt32, it's superfluous
Denis Vlasenko authored
237 opt = getopt32(argv, "f:h:p", &opt_user, &opt_host);
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
238 if (opt & LOGIN_OPT_f) {
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
239 if (!run_by_root)
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
240 bb_error_msg_and_die("-f is for root only");
22f6dcb login: fix getopt_ulflags fallout (wasn't taking username supplied by…
Denis Vlasenko authored
241 safe_strncpy(username, opt_user, sizeof(username));
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
242 }
1d42665 *: shrink: use Vladimir's "o+" specifier instead of xatou(opt_param)
Denis Vlasenko authored
243 argv += optind;
244 if (argv[0]) /* user from command line (getty) */
245 safe_strncpy(username, argv[0], sizeof(username));
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
246
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
247 /* Let's find out and memorize our tty */
512c8ae login: small simplification by Walter Harms. -10 bytes
Denis Vlasenko authored
248 if (!isatty(STDIN_FILENO) || !isatty(STDOUT_FILENO) || !isatty(STDERR_FILENO))
e4dcba1 *: whitespace fixes
Denys Vlasenko authored
249 return EXIT_FAILURE; /* Must be a terminal */
512c8ae login: small simplification by Walter Harms. -10 bytes
Denis Vlasenko authored
250 full_tty = xmalloc_ttyname(STDIN_FILENO);
251 if (!full_tty)
252 full_tty = xstrdup("UNKNOWN");
f8d8aa1 libbb: add skip_dev_pfx()
Denys Vlasenko authored
253 short_tty = skip_dev_pfx(full_tty);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
254
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
255 if (opt_host) {
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
256 fromhost = xasprintf(" on '%s' from '%s'", short_tty, opt_host);
4e12b1a libbb: introduce and use xmalloc_ttyname (-32 in bss).
Denis Vlasenko authored
257 } else {
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
258 fromhost = xasprintf(" on '%s'", short_tty);
4e12b1a libbb: introduce and use xmalloc_ttyname (-32 in bss).
Denis Vlasenko authored
259 }
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
260
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
261 /* Was breaking "login <username>" from shell command line: */
262 /*bb_setpgrp();*/
0fbff13 Several login cleanups from vodz
Eric Andersen authored
263
54ac03a *: remove LOG_NOWAIT
Denis Vlasenko authored
264 openlog(applet_name, LOG_PID | LOG_CONS, LOG_AUTH);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
265
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
266 while (1) {
6e1b62b flush typeahead before prompt
Paul Fox authored
267 /* flush away any type-ahead (as getty does) */
f812eac @jeremie-koenig init,loginutils: termios portability fixes
jeremie-koenig authored
268 tcflush(0, TCIFLUSH);
6e1b62b flush typeahead before prompt
Paul Fox authored
269
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
270 if (!username[0])
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
271 get_username_or_die(username, sizeof(username));
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
272
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
273 #if ENABLE_PAM
274 pamret = pam_start("login", username, &conv, &pamh);
275 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
276 failed_msg = "start";
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
277 goto pam_auth_failed;
278 }
279 /* set TTY (so things like securetty work) */
280 pamret = pam_set_item(pamh, PAM_TTY, short_tty);
281 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
282 failed_msg = "set_item(TTY)";
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
283 goto pam_auth_failed;
284 }
285 pamret = pam_authenticate(pamh, 0);
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
286 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
287 failed_msg = "authenticate";
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
288 goto pam_auth_failed;
289 /* TODO: or just "goto auth_failed"
290 * since user seems to enter wrong password
291 * (in this case pamret == 7)
292 */
293 }
294 /* check that the account is healthy */
295 pamret = pam_acct_mgmt(pamh, 0);
296 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
297 failed_msg = "acct_mgmt";
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
298 goto pam_auth_failed;
299 }
300 /* read user back */
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
301 pamuser = NULL;
302 /* gcc: "dereferencing type-punned pointer breaks aliasing rules..."
303 * thus we cast to (void*) */
304 if (pam_get_item(pamh, PAM_USER, (void*)&pamuser) != PAM_SUCCESS) {
305 failed_msg = "get_item(USER)";
306 goto pam_auth_failed;
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
307 }
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
308 if (!pamuser || !pamuser[0])
309 goto auth_failed;
310 safe_strncpy(username, pamuser, sizeof(username));
311 /* Don't use "pw = getpwnam(username);",
312 * PAM is said to be capable of destroying static storage
313 * used by getpwnam(). We are using safe(r) function */
314 pw = NULL;
315 getpwnam_r(username, &pwdstruct, pwdbuf, sizeof(pwdbuf), &pw);
316 if (!pw)
317 goto auth_failed;
318 pamret = pam_open_session(pamh, 0);
319 if (pamret != PAM_SUCCESS) {
320 failed_msg = "open_session";
321 goto pam_auth_failed;
322 }
323 pamret = pam_setcred(pamh, PAM_ESTABLISH_CRED);
324 if (pamret != PAM_SUCCESS) {
325 failed_msg = "setcred";
326 goto pam_auth_failed;
327 }
328 break; /* success, continue login process */
329
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
330 pam_auth_failed:
c297ea9 login: log PAM errors to syslog, not stderr
Denys Vlasenko authored
331 /* syslog, because we don't want potential attacker
332 * to know _why_ login failed */
333 syslog(LOG_WARNING, "pam_%s call failed: %s (%d)", failed_msg,
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
334 pam_strerror(pamh, pamret), pamret);
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
335 safe_strncpy(username, "UNKNOWN", sizeof(username));
336 #else /* not PAM */
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
337 pw = getpwnam(username);
338 if (!pw) {
65e14b4 login: ask passwords even for wrong usernames.
Denis Vlasenko authored
339 strcpy(username, "UNKNOWN");
340 goto fake_it;
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
341 }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
342
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
343 if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*')
344 goto auth_failed;
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
345
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
346 if (opt & LOGIN_OPT_f)
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
347 break; /* -f USER: success without asking passwd */
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
348
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
349 if (pw->pw_uid == 0 && !check_securetty())
350 goto auth_failed;
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
351
352 /* Don't check the password if password entry is empty (!) */
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
353 if (!pw->pw_passwd[0])
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
354 break;
65e14b4 login: ask passwords even for wrong usernames.
Denis Vlasenko authored
355 fake_it:
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
356 /* authorization takes place here */
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
357 if (correct_password(pw))
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
358 break;
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
359 #endif /* ENABLE_PAM */
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
360 auth_failed:
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
361 opt &= ~LOGIN_OPT_f;
84cb767 @landley patch from tito: consolidate delay functions as bb_do_delay()
landley authored
362 bb_do_delay(FAIL_DELAY);
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
363 /* TODO: doesn't sound like correct English phrase to me */
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
364 puts("Login incorrect");
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
365 if (++count == 3) {
89f0b34 rodata cleanup. "unable to" == "cannot". -300 bytes
Denis Vlasenko authored
366 syslog(LOG_WARNING, "invalid password for '%s'%s",
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
367 username, fromhost);
78b286f @virtuoso login: free fromhost upon cleaning up
virtuoso authored
368
369 if (ENABLE_FEATURE_CLEAN_UP)
370 free(fromhost);
371
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
372 return EXIT_FAILURE;
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
373 }
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
374 username[0] = '\0';
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
375 } /* while (1) */
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
376
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
377 alarm(0);
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
378 /* We can ignore /etc/nologin if we are logging in as root,
379 * it doesn't matter whether we are run by root or not */
380 if (pw->pw_uid != 0)
68404f1 *: add -Wunused-parameter; fix resulting breakage
Denis Vlasenko authored
381 die_if_nologin();
60158cb @landley A patch from Takeharu KATO to update/fix SE-Linux support.
landley authored
382
5e34ff2 *: mass renaming of USE_XXXX to IF_XXXX
Denis Vlasenko authored
383 IF_SELINUX(initselinux(username, full_tty, &user_sid));
9e48045 Patch from Russell Coker:
Eric Andersen authored
384
2f50aa4 login: use some ideas from util-linux's login.
Denis Vlasenko authored
385 /* Try these, but don't complain if they fail.
386 * _f_chown is safe wrt race t=ttyname(0);...;chown(t); */
387 fchown(0, pw->pw_uid, pw->pw_gid);
388 fchmod(0, 0600);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
389
3a41611 telnetd: write LOGIN/DEAD_PROCESS utmp records. Closes bug 1363
Denys Vlasenko authored
390 update_utmp(getpid(), USER_PROCESS, short_tty, username, run_by_root ? opt_host : NULL);
37f5bef libbb: split update_utmp from login/getty in preparation to use it fo…
Denys Vlasenko authored
391
5281630 login: clear dangerous environment variables if started by non-root
Denis Vlasenko authored
392 /* We trust environment only if we run by root */
3266aa9 trailing whitespace removal
Denis Vlasenko authored
393 if (ENABLE_LOGIN_SCRIPTS && run_by_root)
4eff8ef login: cleanup work by Walter Harms. No logic changes.
Denis Vlasenko authored
394 run_login_script(pw, full_tty);
2e50291 login: style fixes
Denis Vlasenko authored
395
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
396 change_identity(pw);
a73b87e *: s/"/bin/sh"/DEFAULT_SHELL, run_shell() API fix, remove unneeded st…
Ladislav Michl authored
397 shell = pw->pw_shell;
398 if (!shell || !shell[0])
399 shell = DEFAULT_SHELL;
400 setup_environment(shell,
fd686a2 setup_environment(): eliminate one parameter
Denys Vlasenko authored
401 (!(opt & LOGIN_OPT_p) * SETUP_ENV_CLEARENV) + SETUP_ENV_CHANGEENV,
402 pw);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
403
260fb55 login: apply PAM environment
Ian Wienand authored
404 #if ENABLE_PAM
405 /* Modules such as pam_env will setup the PAM environment,
406 * which should be copied into the new environment. */
407 pamenv = pam_getenvlist(pamh);
408 if (pamenv) while (*pamenv) {
409 putenv(*pamenv);
410 pamenv++;
411 }
412 #endif
413
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
414 motd();
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
415
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
416 if (pw->pw_uid == 0)
2f50aa4 login: use some ideas from util-linux's login.
Denis Vlasenko authored
417 syslog(LOG_INFO, "root login%s", fromhost);
4eff8ef login: cleanup work by Walter Harms. No logic changes.
Denis Vlasenko authored
418
78b286f @virtuoso login: free fromhost upon cleaning up
virtuoso authored
419 if (ENABLE_FEATURE_CLEAN_UP)
420 free(fromhost);
421
d1f8c1c @landley From Jan Kiszka: This patch fixes the security labelling of the login…
landley authored
422 /* well, a simple setexeccon() here would do the job as well,
423 * but let's play the game for now */
5e34ff2 *: mass renaming of USE_XXXX to IF_XXXX
Denis Vlasenko authored
424 IF_SELINUX(set_current_security_context(user_sid);)
6ae8079 login: re-enable Ctrl-^C before execing shell.
Denis Vlasenko authored
425
426 // util-linux login also does:
427 // /* start new session */
428 // setsid();
429 // /* TIOCSCTTY: steal tty from other process group */
430 // if (ioctl(0, TIOCSCTTY, 1)) error_msg...
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
431 // BBox login used to do this (see above):
432 // bb_setpgrp();
433 // If this stuff is really needed, add it and explain why!
6ae8079 login: re-enable Ctrl-^C before execing shell.
Denis Vlasenko authored
434
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
435 /* Set signals to defaults */
3fa36e2 *: a bit of code shrink
Denis Vlasenko authored
436 /* Non-ignored signals revert to SIG_DFL on exec anyway */
437 /*signal(SIGALRM, SIG_DFL);*/
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
438
8c76487 login: add big fat comment about SIGINT - prevent
Denis Vlasenko authored
439 /* Is this correct? This way user can ctrl-c out of /etc/profile,
440 * potentially creating security breach (tested with bash 3.0).
441 * But without this, bash 3.0 will not enable ctrl-c either.
442 * Maybe bash is buggy?
443 * Need to find out what standards say about /bin/login -
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
444 * should we leave SIGINT etc enabled or disabled? */
6ae8079 login: re-enable Ctrl-^C before execing shell.
Denis Vlasenko authored
445 signal(SIGINT, SIG_DFL);
446
a2f6101 setup_environment: code shrink
Denis Vlasenko authored
447 /* Exec login shell with no additional parameters */
a73b87e *: s/"/bin/sh"/DEFAULT_SHELL, run_shell() API fix, remove unneeded st…
Ladislav Michl authored
448 run_shell(shell, 1, NULL, NULL);
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
449
a2f6101 setup_environment: code shrink
Denis Vlasenko authored
450 /* return EXIT_FAILURE; - not reached */
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
451 }
Something went wrong with that request. Please try again.