Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 505 lines (449 sloc) 14.067 kb
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
1 /* vi: set sw=4 ts=4: */
801ab14 Add one-line GPL boilerplate to numerous (but not all yet) source files.
"Robert P. J. Day" authored
2 /*
3 * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
4 */
5
b6adbf1 usage.c: remove reference to busybox.h
Denis Vlasenko authored
6 #include "libbb.h"
f470196 aldot - fix conflicting decls of syslog related facilitynames and priorityname...
aldot authored
7 #include <syslog.h>
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
8 #include <utmp.h>
9 #include <sys/resource.h>
10
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
11 #if ENABLE_SELINUX
60158cb landley A patch from Takeharu KATO to update/fix SE-Linux support.
landley authored
12 #include <selinux/selinux.h> /* for is_selinux_enabled() */
13 #include <selinux/get_context_list.h> /* for get_default_context() */
14 #include <selinux/flask.h> /* for security class definitions */
9e48045 Patch from Russell Coker:
Eric Andersen authored
15 #endif
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
16
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
17 #if ENABLE_PAM
c6c2345 login: fixes for PAM build
Denis Vlasenko authored
18 /* PAM may include <locale.h>. We may need to undefine bbox's stub define: */
19 #undef setlocale
20 /* For some obscure reason, PAM is not in pam/xxx, but in security/xxx.
21 * Apparently they like to confuse people. */
22 #include <security/pam_appl.h>
23 #include <security/pam_misc.h>
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
24 static const struct pam_conv conv = {
25 misc_conv,
26 NULL
27 };
28 #endif
29
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
30 enum {
31 TIMEOUT = 60,
32 EMPTY_USERNAME_COUNT = 10,
33 USERNAME_SIZE = 32,
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
34 TTYNAME_SIZE = 32,
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
35 };
0fbff13 Several login cleanups from vodz
Eric Andersen authored
36
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
37 static char* short_tty;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
38
39 #if ENABLE_FEATURE_UTMP
40 /* vv Taken from tinylogin utmp.c vv */
41 /*
42 * read_or_build_utent - see if utmp file is correct for this process
43 *
44 * System V is very picky about the contents of the utmp file
45 * and requires that a slot for the current process exist.
46 * The utmp file is scanned for an entry with the same process
47 * ID. If no entry exists the process exits with a message.
48 *
49 * The "picky" flag is for network and other logins that may
50 * use special flags. It allows the pid checks to be overridden.
51 * This means that getty should never invoke login with any
52 * command line flags.
53 */
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
54
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
55 static void read_or_build_utent(struct utmp *utptr, int run_by_root)
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
56 {
57 struct utmp *ut;
58 pid_t pid = getpid();
59
60 setutent();
61
62 /* First, try to find a valid utmp entry for this process. */
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
63 /* If there is one, just use it. */
64 while ((ut = getutent()) != NULL)
65 if (ut->ut_pid == pid && ut->ut_line[0] && ut->ut_id[0]
66 && (ut->ut_type == LOGIN_PROCESS || ut->ut_type == USER_PROCESS)
67 ) {
68 *utptr = *ut; /* struct copy */
69 if (run_by_root) /* why only for root? */
70 memset(utptr->ut_host, 0, sizeof(utptr->ut_host));
71 return;
72 }
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
73
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
74 // Why? Do we require non-root to exec login from another
75 // former login process (e.g. login shell)? Some login's have
76 // login shells as children, so it won't work...
77 // if (!run_by_root)
78 // bb_error_msg_and_die("no utmp entry found");
79
80 /* Otherwise create a new one. */
81 memset(utptr, 0, sizeof(*utptr));
82 utptr->ut_type = LOGIN_PROCESS;
83 utptr->ut_pid = pid;
84 strncpy(utptr->ut_line, short_tty, sizeof(utptr->ut_line));
85 /* This one is only 4 chars wide. Try to fit something
86 * remotely meaningful by skipping "tty"... */
87 strncpy(utptr->ut_id, short_tty + 3, sizeof(utptr->ut_id));
88 strncpy(utptr->ut_user, "LOGIN", sizeof(utptr->ut_user));
89 utptr->ut_tv.tv_sec = time(NULL);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
90 }
91
92 /*
93 * write_utent - put a USER_PROCESS entry in the utmp file
94 *
95 * write_utent changes the type of the current utmp entry to
96 * USER_PROCESS. the wtmp file will be updated as well.
97 */
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
98 static void write_utent(struct utmp *utptr, const char *username)
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
99 {
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
100 utptr->ut_type = USER_PROCESS;
101 strncpy(utptr->ut_user, username, sizeof(utptr->ut_user));
62d8503 aldot - use ut_user rather than ut_name (Cristian Ionescu-Idbohrn)
aldot authored
102 utptr->ut_tv.tv_sec = time(NULL);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
103 /* other fields already filled in by read_or_build_utent above */
104 setutent();
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
105 pututline(utptr);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
106 endutent();
107 #if ENABLE_FEATURE_WTMP
108 if (access(bb_path_wtmp_file, R_OK|W_OK) == -1) {
109 close(creat(bb_path_wtmp_file, 0664));
110 }
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
111 updwtmp(bb_path_wtmp_file, utptr);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
112 #endif
113 }
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
114 #else /* !ENABLE_FEATURE_UTMP */
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
115 #define read_or_build_utent(utptr, run_by_root) ((void)0)
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
116 #define write_utent(utptr, username) ((void)0)
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
117 #endif /* !ENABLE_FEATURE_UTMP */
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
118
f312e32 login: make /etc/nologin support configurable. -240 bytes if not selecte...
Denis Vlasenko authored
119 #if ENABLE_FEATURE_NOLOGIN
68404f1 *: add -Wunused-parameter; fix resulting breakage
Denis Vlasenko authored
120 static void die_if_nologin(void)
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
121 {
122 FILE *fp;
123 int c;
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
124 int empty = 1;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
125
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
126 fp = fopen_for_read("/etc/nologin");
127 if (!fp) /* assuming it does not exist */
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
128 return;
129
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
130 while ((c = getc(fp)) != EOF) {
131 if (c == '\n')
132 bb_putchar('\r');
133 bb_putchar(c);
134 empty = 0;
135 }
136 if (empty)
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
137 puts("\r\nSystem closed for routine maintenance\r");
694b514 login: fix /etc/nologin support
Denis Vlasenko authored
138
139 fclose(fp);
140 fflush(NULL);
141 /* Users say that they do need this prior to exit: */
142 tcdrain(STDOUT_FILENO);
636a1f8 aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
143 exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
144 }
f312e32 login: make /etc/nologin support configurable. -240 bytes if not selecte...
Denis Vlasenko authored
145 #else
68404f1 *: add -Wunused-parameter; fix resulting breakage
Denis Vlasenko authored
146 static ALWAYS_INLINE void die_if_nologin(void) {}
f312e32 login: make /etc/nologin support configurable. -240 bytes if not selecte...
Denis Vlasenko authored
147 #endif
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
148
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
149 #if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
150 static int check_securetty(void)
151 {
084266e fix several problems with config parser:
Denis Vlasenko authored
152 char *buf = (char*)"/etc/securetty"; /* any non-NULL is ok */
5415c85 libbb: [x]fopen_for_{read,write} introduced and used.
Denis Vlasenko authored
153 parser_t *parser = config_open2("/etc/securetty", fopen_for_read);
084266e fix several problems with config parser:
Denis Vlasenko authored
154 while (config_read(parser, &buf, 1, 1, "# \t", PARSE_NORMAL)) {
155 if (strcmp(buf, short_tty) == 0)
156 break;
157 buf = NULL;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
158 }
084266e fix several problems with config parser:
Denis Vlasenko authored
159 config_close(parser);
160 /* buf != NULL here if config file was not found, empty
161 * or line was found which equals short_tty */
162 return buf != NULL;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
163 }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
164 #else
f312e32 login: make /etc/nologin support configurable. -240 bytes if not selecte...
Denis Vlasenko authored
165 static ALWAYS_INLINE int check_securetty(void) { return 1; }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
166 #endif
167
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
168 static void get_username_or_die(char *buf, int size_buf)
169 {
170 int c, cntdown;
d8540f7 init: make sure fd 0,1,2 are not closed, + related optimizations.
Denis Vlasenko authored
171
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
172 cntdown = EMPTY_USERNAME_COUNT;
d8540f7 init: make sure fd 0,1,2 are not closed, + related optimizations.
Denis Vlasenko authored
173 prompt:
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
174 print_login_prompt();
d8540f7 init: make sure fd 0,1,2 are not closed, + related optimizations.
Denis Vlasenko authored
175 /* skip whitespace */
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
176 do {
177 c = getchar();
636a1f8 aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
178 if (c == EOF) exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
179 if (c == '\n') {
636a1f8 aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
180 if (!--cntdown) exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
181 goto prompt;
182 }
183 } while (isspace(c));
184
185 *buf++ = c;
186 if (!fgets(buf, size_buf-2, stdin))
636a1f8 aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
187 exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
188 if (!strchr(buf, '\n'))
636a1f8 aldot - use EXIT_{SUCCESS,FAILURE}. No object-code changes
aldot authored
189 exit(EXIT_FAILURE);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
190 while (isgraph(*buf)) buf++;
191 *buf = '\0';
192 }
193
194 static void motd(void)
195 {
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
196 int fd;
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
197
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
198 fd = open(bb_path_motd_file, O_RDONLY);
5281630 login: clear dangerous environment variables if started by non-root
Denis Vlasenko authored
199 if (fd >= 0) {
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
200 fflush(stdout);
201 bb_copyfd_eof(fd, STDOUT_FILENO);
202 close(fd);
7ccf5cc login: eliminate forward decls and #ifdefs
Denis Vlasenko authored
203 }
204 }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
205
a60f84e *: rename ATTRIBUTE_XXX to just XXX.
Denis Vlasenko authored
206 static void alarm_handler(int sig UNUSED_PARAM)
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
207 {
2f50aa4 login: use some ideas from util-linux's login.
Denis Vlasenko authored
208 /* This is the escape hatch! Poor serial line users and the like
209 * arrive here when their connection is broken.
210 * We don't want to block here */
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
211 ndelay_on(1);
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
212 printf("\r\nLogin timed out after %d seconds\r\n", TIMEOUT);
400d8bb less,klogd,syslogd,nc,tcpudp: exit on signal by killing itself, not exit...
Denis Vlasenko authored
213 fflush(stdout);
5281630 login: clear dangerous environment variables if started by non-root
Denis Vlasenko authored
214 /* unix API is brain damaged regarding O_NONBLOCK,
215 * we should undo it, or else we can affect other processes */
216 ndelay_off(1);
400d8bb less,klogd,syslogd,nc,tcpudp: exit on signal by killing itself, not exit...
Denis Vlasenko authored
217 _exit(EXIT_SUCCESS);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
218 }
219
9b49a5e add -fvisibility=hidden to CC flags, mark XXX_main functions
Denis Vlasenko authored
220 int login_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
a60f84e *: rename ATTRIBUTE_XXX to just XXX.
Denis Vlasenko authored
221 int login_main(int argc UNUSED_PARAM, char **argv)
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
222 {
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
223 enum {
224 LOGIN_OPT_f = (1<<0),
225 LOGIN_OPT_h = (1<<1),
226 LOGIN_OPT_p = (1<<2),
227 };
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
228 char *fromhost;
0fbff13 Several login cleanups from vodz
Eric Andersen authored
229 char username[USERNAME_SIZE];
dc4e75e move all "-/bin/sh" "/bin/sh" and "sh" to libbb/messages.c file as one
Glenn L McGrath authored
230 const char *tmp;
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
231 int run_by_root;
67b23e6 getopt_ulflags -> getopt32.
Denis Vlasenko authored
232 unsigned opt;
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
233 int count = 0;
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
234 struct passwd *pw;
cdf6277 dos2unix: tiny shrink
Denis Vlasenko authored
235 char *opt_host = opt_host; /* for compiler */
236 char *opt_user = opt_user; /* for compiler */
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
237 char full_tty[TTYNAME_SIZE];
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
238 USE_SELINUX(security_context_t user_sid = NULL;)
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
239 USE_FEATURE_UTMP(struct utmp utent;)
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
240 #if ENABLE_PAM
241 int pamret;
242 pam_handle_t *pamh;
243 const char *pamuser;
244 const char *failed_msg;
245 struct passwd pwdstruct;
246 char pwdbuf[256];
247 #endif
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
248
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
249 short_tty = full_tty;
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
250 username[0] = '\0';
251 signal(SIGALRM, alarm_handler);
252 alarm(TIMEOUT);
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
253
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
254 /* More of suid paranoia if called by non-root: */
255 /* Clear dangerous stuff, set PATH */
256 run_by_root = !sanitize_env_if_suid();
c9ca0a3 mount: recognize "dirsync" (closes bug 835)
Denis Vlasenko authored
257
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
258 /* Mandatory paranoia for suid applet:
259 * ensure that fd# 0,1,2 are opened (at least to /dev/null)
260 * and any extra open fd's are closed.
261 * (The name of the function is misleading. Not daemonizing here.) */
262 bb_daemonize_or_rexec(DAEMON_ONLY_SANITIZE | DAEMON_CLOSE_EXTRA_FDS, NULL);
263
fe7cd64 don't pass argc in getopt32, it's superfluous
Denis Vlasenko authored
264 opt = getopt32(argv, "f:h:p", &opt_user, &opt_host);
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
265 if (opt & LOGIN_OPT_f) {
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
266 if (!run_by_root)
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
267 bb_error_msg_and_die("-f is for root only");
22f6dcb login: fix getopt_ulflags fallout (wasn't taking username supplied by ge...
Denis Vlasenko authored
268 safe_strncpy(username, opt_user, sizeof(username));
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
269 }
1d42665 *: shrink: use Vladimir's "o+" specifier instead of xatou(opt_param)
Denis Vlasenko authored
270 argv += optind;
271 if (argv[0]) /* user from command line (getty) */
272 safe_strncpy(username, argv[0], sizeof(username));
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
273
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
274 /* Let's find out and memorize our tty */
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
275 if (!isatty(0) || !isatty(1) || !isatty(2))
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
276 return EXIT_FAILURE; /* Must be a terminal */
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
277 safe_strncpy(full_tty, "UNKNOWN", sizeof(full_tty));
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
278 tmp = ttyname(0);
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
279 if (tmp) {
280 safe_strncpy(full_tty, tmp, sizeof(full_tty));
281 if (strncmp(full_tty, "/dev/", 5) == 0)
282 short_tty = full_tty + 5;
283 }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
284
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
285 read_or_build_utent(&utent, run_by_root);
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
286
cdf6277 dos2unix: tiny shrink
Denis Vlasenko authored
287 if (opt & LOGIN_OPT_h) {
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
288 USE_FEATURE_UTMP(
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
289 safe_strncpy(utent.ut_host, opt_host, sizeof(utent.ut_host));
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
290 )
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
291 fromhost = xasprintf(" on '%s' from '%s'", short_tty, opt_host);
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
292 } else
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
293 fromhost = xasprintf(" on '%s'", short_tty);
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
294
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
295 /* Was breaking "login <username>" from shell command line: */
296 /*bb_setpgrp();*/
0fbff13 Several login cleanups from vodz
Eric Andersen authored
297
8f8f268 bb_applet_name -> applet_name
Denis Vlasenko authored
298 openlog(applet_name, LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
299
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
300 while (1) {
6e1b62b flush typeahead before prompt
Paul Fox authored
301 /* flush away any type-ahead (as getty does) */
abbd363 xreadlink: code shrink
Denis Vlasenko authored
302 ioctl(0, TCFLSH, TCIFLUSH);
6e1b62b flush typeahead before prompt
Paul Fox authored
303
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
304 if (!username[0])
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
305 get_username_or_die(username, sizeof(username));
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
306
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
307 #if ENABLE_PAM
308 pamret = pam_start("login", username, &conv, &pamh);
309 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
310 failed_msg = "start";
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
311 goto pam_auth_failed;
312 }
313 /* set TTY (so things like securetty work) */
314 pamret = pam_set_item(pamh, PAM_TTY, short_tty);
315 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
316 failed_msg = "set_item(TTY)";
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
317 goto pam_auth_failed;
318 }
319 pamret = pam_authenticate(pamh, 0);
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
320 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
321 failed_msg = "authenticate";
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
322 goto pam_auth_failed;
323 /* TODO: or just "goto auth_failed"
324 * since user seems to enter wrong password
325 * (in this case pamret == 7)
326 */
327 }
328 /* check that the account is healthy */
329 pamret = pam_acct_mgmt(pamh, 0);
330 if (pamret != PAM_SUCCESS) {
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
331 failed_msg = "acct_mgmt";
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
332 goto pam_auth_failed;
333 }
334 /* read user back */
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
335 pamuser = NULL;
336 /* gcc: "dereferencing type-punned pointer breaks aliasing rules..."
337 * thus we cast to (void*) */
338 if (pam_get_item(pamh, PAM_USER, (void*)&pamuser) != PAM_SUCCESS) {
339 failed_msg = "get_item(USER)";
340 goto pam_auth_failed;
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
341 }
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
342 if (!pamuser || !pamuser[0])
343 goto auth_failed;
344 safe_strncpy(username, pamuser, sizeof(username));
345 /* Don't use "pw = getpwnam(username);",
346 * PAM is said to be capable of destroying static storage
347 * used by getpwnam(). We are using safe(r) function */
348 pw = NULL;
349 getpwnam_r(username, &pwdstruct, pwdbuf, sizeof(pwdbuf), &pw);
350 if (!pw)
351 goto auth_failed;
352 pamret = pam_open_session(pamh, 0);
353 if (pamret != PAM_SUCCESS) {
354 failed_msg = "open_session";
355 goto pam_auth_failed;
356 }
357 pamret = pam_setcred(pamh, PAM_ESTABLISH_CRED);
358 if (pamret != PAM_SUCCESS) {
359 failed_msg = "setcred";
360 goto pam_auth_failed;
361 }
362 break; /* success, continue login process */
363
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
364 pam_auth_failed:
a29a5e4 login: fix PAM login (was unable to complete Kerberos login)
Denis Vlasenko authored
365 bb_error_msg("pam_%s call failed: %s (%d)", failed_msg,
366 pam_strerror(pamh, pamret), pamret);
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
367 safe_strncpy(username, "UNKNOWN", sizeof(username));
368 #else /* not PAM */
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
369 pw = getpwnam(username);
370 if (!pw) {
65e14b4 login: ask passwords even for wrong usernames.
Denis Vlasenko authored
371 strcpy(username, "UNKNOWN");
372 goto fake_it;
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
373 }
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
374
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
375 if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*')
376 goto auth_failed;
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
377
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
378 if (opt & LOGIN_OPT_f)
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
379 break; /* -f USER: success without asking passwd */
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
380
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
381 if (pw->pw_uid == 0 && !check_securetty())
382 goto auth_failed;
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
383
384 /* Don't check the password if password entry is empty (!) */
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
385 if (!pw->pw_passwd[0])
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
386 break;
65e14b4 login: ask passwords even for wrong usernames.
Denis Vlasenko authored
387 fake_it:
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
388 /* authorization takes place here */
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
389 if (correct_password(pw))
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
390 break;
d6e81c7 login: optional support for PAM
Denis Vlasenko authored
391 #endif /* ENABLE_PAM */
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
392 auth_failed:
66fabdb login: apply fixes + getopt_ulflag'ification by Bernhard
Denis Vlasenko authored
393 opt &= ~LOGIN_OPT_f;
84cb767 landley patch from tito: consolidate delay functions as bb_do_delay()
landley authored
394 bb_do_delay(FAIL_DELAY);
82f3b16 login: do reject wrong passwords with PAM auth
Denis Vlasenko authored
395 /* TODO: doesn't sound like correct English phrase to me */
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
396 puts("Login incorrect");
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
397 if (++count == 3) {
89f0b34 rodata cleanup. "unable to" == "cannot". -300 bytes
Denis Vlasenko authored
398 syslog(LOG_WARNING, "invalid password for '%s'%s",
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
399 username, fromhost);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
400 return EXIT_FAILURE;
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
401 }
9a9edf2 login: make it saner and smaller by ~0.5k.
Denis Vlasenko authored
402 username[0] = '\0';
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
403 } /* while (1) */
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
404
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
405 alarm(0);
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
406 /* We can ignore /etc/nologin if we are logging in as root,
407 * it doesn't matter whether we are run by root or not */
408 if (pw->pw_uid != 0)
68404f1 *: add -Wunused-parameter; fix resulting breakage
Denis Vlasenko authored
409 die_if_nologin();
60158cb landley A patch from Takeharu KATO to update/fix SE-Linux support.
landley authored
410
c0415a9 login: nuke nonblock() - we have it in libbb; -400 bytes bss.
Denis Vlasenko authored
411 write_utent(&utent, username);
60158cb landley A patch from Takeharu KATO to update/fix SE-Linux support.
landley authored
412
f312e32 login: make /etc/nologin support configurable. -240 bytes if not selecte...
Denis Vlasenko authored
413 #if ENABLE_SELINUX
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
414 if (is_selinux_enabled()) {
d1f8c1c landley From Jan Kiszka: This patch fixes the security labelling of the login te...
landley authored
415 security_context_t old_tty_sid, new_tty_sid;
9e48045 Patch from Russell Coker:
Eric Andersen authored
416
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
417 if (get_default_context(username, NULL, &user_sid)) {
89f0b34 rodata cleanup. "unable to" == "cannot". -300 bytes
Denis Vlasenko authored
418 bb_error_msg_and_die("cannot get SID for %s",
6bbd174 login: small fixes like \n removal, bb_error_msg'ification, etc.
Denis Vlasenko authored
419 username);
9e48045 Patch from Russell Coker:
Eric Andersen authored
420 }
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
421 if (getfilecon(full_tty, &old_tty_sid) < 0) {
4a5cf16 login: use %s - we know that string is not too long there
Denis Vlasenko authored
422 bb_perror_msg_and_die("getfilecon(%s) failed",
6bbd174 login: small fixes like \n removal, bb_error_msg'ification, etc.
Denis Vlasenko authored
423 full_tty);
9e48045 Patch from Russell Coker:
Eric Andersen authored
424 }
6bbd174 login: small fixes like \n removal, bb_error_msg'ification, etc.
Denis Vlasenko authored
425 if (security_compute_relabel(user_sid, old_tty_sid,
426 SECCLASS_CHR_FILE, &new_tty_sid) != 0) {
4a5cf16 login: use %s - we know that string is not too long there
Denis Vlasenko authored
427 bb_perror_msg_and_die("security_change_sid(%s) failed",
6bbd174 login: small fixes like \n removal, bb_error_msg'ification, etc.
Denis Vlasenko authored
428 full_tty);
9e48045 Patch from Russell Coker:
Eric Andersen authored
429 }
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
430 if (setfilecon(full_tty, new_tty_sid) != 0) {
4a5cf16 login: use %s - we know that string is not too long there
Denis Vlasenko authored
431 bb_perror_msg_and_die("chsid(%s, %s) failed",
6bbd174 login: small fixes like \n removal, bb_error_msg'ification, etc.
Denis Vlasenko authored
432 full_tty, new_tty_sid);
9e48045 Patch from Russell Coker:
Eric Andersen authored
433 }
434 }
435 #endif
2f50aa4 login: use some ideas from util-linux's login.
Denis Vlasenko authored
436 /* Try these, but don't complain if they fail.
437 * _f_chown is safe wrt race t=ttyname(0);...;chown(t); */
438 fchown(0, pw->pw_uid, pw->pw_gid);
439 fchmod(0, 0600);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
440
5281630 login: clear dangerous environment variables if started by non-root
Denis Vlasenko authored
441 /* We trust environment only if we run by root */
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
442 if (ENABLE_LOGIN_SCRIPTS && run_by_root) {
53091ec Attempt to get more applets compile for NOMMU.
Denis Vlasenko authored
443 char *t_argv[2];
444
445 t_argv[0] = getenv("LOGIN_PRE_SUID_SCRIPT");
446 if (t_argv[0]) {
447 t_argv[1] = NULL;
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
448 xsetenv("LOGIN_TTY", full_tty);
449 xsetenv("LOGIN_USER", pw->pw_name);
450 xsetenv("LOGIN_UID", utoa(pw->pw_uid));
451 xsetenv("LOGIN_GID", utoa(pw->pw_gid));
452 xsetenv("LOGIN_SHELL", pw->pw_shell);
cdf6277 dos2unix: tiny shrink
Denis Vlasenko authored
453 spawn_and_wait(t_argv); /* NOMMU-friendly */
454 unsetenv("LOGIN_TTY" );
455 unsetenv("LOGIN_USER" );
456 unsetenv("LOGIN_UID" );
457 unsetenv("LOGIN_GID" );
458 unsetenv("LOGIN_SHELL");
2e50291 login: style fixes
Denis Vlasenko authored
459 }
460 }
461
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
462 change_identity(pw);
463 tmp = pw->pw_shell;
464 if (!tmp || !*tmp)
dc4e75e move all "-/bin/sh" "/bin/sh" and "sh" to libbb/messages.c file as one
Glenn L McGrath authored
465 tmp = DEFAULT_SHELL;
cdf6277 dos2unix: tiny shrink
Denis Vlasenko authored
466 /* setup_environment params: shell, clear_env, change_env, pw */
467 setup_environment(tmp, !(opt & LOGIN_OPT_p), 1, pw);
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
468
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
469 motd();
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
470
942e429 login: previous commit comment was wrong :)
Denis Vlasenko authored
471 if (pw->pw_uid == 0)
2f50aa4 login: use some ideas from util-linux's login.
Denis Vlasenko authored
472 syslog(LOG_INFO, "root login%s", fromhost);
f312e32 login: make /etc/nologin support configurable. -240 bytes if not selecte...
Denis Vlasenko authored
473 #if ENABLE_SELINUX
d1f8c1c landley From Jan Kiszka: This patch fixes the security labelling of the login te...
landley authored
474 /* well, a simple setexeccon() here would do the job as well,
475 * but let's play the game for now */
476 set_current_security_context(user_sid);
9e48045 Patch from Russell Coker:
Eric Andersen authored
477 #endif
6ae8079 login: re-enable Ctrl-^C before execing shell.
Denis Vlasenko authored
478
479 // util-linux login also does:
480 // /* start new session */
481 // setsid();
482 // /* TIOCSCTTY: steal tty from other process group */
483 // if (ioctl(0, TIOCSCTTY, 1)) error_msg...
0de3c55 login: remove setpgrp call (makes it work from shell prompt again).
Denis Vlasenko authored
484 // BBox login used to do this (see above):
485 // bb_setpgrp();
486 // If this stuff is really needed, add it and explain why!
6ae8079 login: re-enable Ctrl-^C before execing shell.
Denis Vlasenko authored
487
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
488 /* Set signals to defaults */
3fa36e2 *: a bit of code shrink
Denis Vlasenko authored
489 /* Non-ignored signals revert to SIG_DFL on exec anyway */
490 /*signal(SIGALRM, SIG_DFL);*/
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
491
8c76487 login: add big fat comment about SIGINT - prevent
Denis Vlasenko authored
492 /* Is this correct? This way user can ctrl-c out of /etc/profile,
493 * potentially creating security breach (tested with bash 3.0).
494 * But without this, bash 3.0 will not enable ctrl-c either.
495 * Maybe bash is buggy?
496 * Need to find out what standards say about /bin/login -
2ec94a7 login: fix /etc/nologin handling (should prohibit non-root LOGINS,
Denis Vlasenko authored
497 * should we leave SIGINT etc enabled or disabled? */
6ae8079 login: re-enable Ctrl-^C before execing shell.
Denis Vlasenko authored
498 signal(SIGINT, SIG_DFL);
499
a2f6101 setup_environment: code shrink
Denis Vlasenko authored
500 /* Exec login shell with no additional parameters */
501 run_shell(tmp, 1, NULL, NULL);
c7bda1c Remove trailing whitespace. Update copyright to include 2004.
Eric Andersen authored
502
a2f6101 setup_environment: code shrink
Denis Vlasenko authored
503 /* return EXIT_FAILURE; - not reached */
1fca558 Bigger patch for (partial) tinylogin integration
Robert Griebl authored
504 }
Something went wrong with that request. Please try again.