toybox: toys/login.c annotate

annotate toys/login.c @ 633:98bde84a888c

toys/login.c: make use of the read_passwd function offered by the passwd library.

author	Elie De Brauwer <eliedebrauwer@gmail.com>
date	Fri, 20 Jul 2012 08:42:44 +0200
parents	8a88a9e3c30b
children	9aeea680acc7

rev	line source
572 8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	1 /* vi: set sw=4 ts=4:
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	2 *
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	3 * login.c - Start a session on the system.
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	4 *
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	5 * Copyright 2012 Elie De Brauwer <eliedebrauwer@gmail.com>
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	6 *
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	7 * Not in SUSv4.
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	8 * No support for PAM/securetty/selinux/login script/issue/utmp
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	9 * Relies on libcrypt for hash calculation.
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	10
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	11 USE_LOGIN(NEWTOY(login, ">1fph:", TOYFLAG_BIN))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	12
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	13 config LOGIN
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	14 bool "login"
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	15 default y
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	16 help
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	17 usage: login [-p] [-h host] [[-f] username]
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	18
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	19 Establish a new session with the system.
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	20 -p Preserve environment
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	21 -h The name of the remote host for this login
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	22 -f Do not perform authentication
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	23 */
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	24
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	25 #include "toys.h"
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	26
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	27 #define LOGIN_TIMEOUT 60
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	28 #define LOGIN_FAIL_TIMEOUT 3
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	29 #define USER_NAME_MAX_SIZE 32
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	30 #define HOSTNAME_SIZE 32
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	31
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	32 DEFINE_GLOBALS(
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	33 char * hostname;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	34 )
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	35 #define TT this.login
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	36
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	37 static void login_timeout_handler(int sig __attribute__((unused)))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	38 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	39 printf("\nLogin timed out after %d seconds.\n", LOGIN_TIMEOUT);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	40 exit(0);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	41 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	42
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	43 static const char *forbid[] = {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	44 "BASH_ENV",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	45 "ENV",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	46 "HOME",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	47 "IFS",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	48 "LD_LIBRARY_PATH",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	49 "LD_PRELOAD",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	50 "LD_TRACE_LOADED_OBJECTS",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	51 "LD_BIND_NOW",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	52 "LD_AOUT_LIBRARY_PATH",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	53 "LD_AOUT_PRELOAD",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	54 "LD_NOWARN",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	55 "LD_KEEPDIR",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	56 "SHELL",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	57 NULL
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	58 };
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	59
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	60 // Unset dangerous environment variables.
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	61 void sanitize_env()
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	62 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	63 const char **p = forbid;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	64 do {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	65 unsetenv(*p);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	66 p++;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	67 } while (*p);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	68 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	69
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	70 int verify_password(char * pwd)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	71 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	72 char * pass;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	73
633 98bde84a888c toys/login.c: make use of the read_passwd function offered by the passwd library. Elie De Brauwer <eliedebrauwer@gmail.com> parents: 572 diff changeset	74 if (read_passwd(toybuf, sizeof(toybuf), "Password: "))
572 8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	75 return 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	76 if (!pwd)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	77 return 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	78 if (pwd[0] == '!' \|\| pwd[0] == '*')
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	79 return 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	80
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	81 pass = crypt(toybuf, pwd);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	82 if (pass != NULL && strcmp(pass, pwd)==0)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	83 return 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	84
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	85 return 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	86 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	87
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	88 void read_user(char * buff, int size)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	89 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	90 char hostname[HOSTNAME_SIZE+1];
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	91 int i = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	92 hostname[HOSTNAME_SIZE] = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	93 if(!gethostname(hostname, HOSTNAME_SIZE))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	94 fputs(hostname, stdout);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	95
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	96 fputs(" login: ", stdout);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	97 fflush(stdout);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	98
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	99 do {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	100 buff[0] = getchar();
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	101 if (buff[0] == EOF)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	102 exit(EXIT_FAILURE);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	103 } while (isblank(buff[0]));
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	104
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	105 if (buff[0] != '\n')
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	106 if(!fgets(&buff[1], HOSTNAME_SIZE-1, stdin))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	107 _exit(1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	108
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	109 while(i<HOSTNAME_SIZE-1 && isgraph(buff[i]))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	110 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	111 i++;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	112 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	113 buff[i] = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	114 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	115
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	116 void handle_nologin(void)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	117 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	118 int fd = open("/etc/nologin", O_RDONLY);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	119 int size;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	120 if (fd == -1)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	121 return;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	122
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	123 size = readall(fd, toybuf,sizeof(toybuf)-1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	124 toybuf[size] = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	125 if (!size)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	126 puts("System closed for routine maintenance\n");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	127 else
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	128 puts(toybuf);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	129
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	130 close(fd);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	131 fflush(stdout);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	132 exit(EXIT_FAILURE);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	133 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	134
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	135 void handle_motd(void)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	136 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	137 int fd = open("/etc/motd", O_RDONLY);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	138 int size;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	139 if (fd == -1)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	140 return;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	141
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	142 size = readall(fd, toybuf,sizeof(toybuf)-1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	143 toybuf[size] = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	144 puts(toybuf);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	145
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	146 close(fd);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	147 fflush(stdout);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	148 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	149
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	150 int change_identity(const struct passwd *pwd)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	151 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	152 if (initgroups(pwd->pw_name,pwd->pw_gid))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	153 return 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	154 if (setgid(pwd->pw_uid))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	155 return 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	156 if (setuid(pwd->pw_uid))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	157 return 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	158
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	159 return 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	160 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	161
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	162 void spawn_shell(const char *shell)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	163 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	164 const char * exec_name = strrchr(shell,'/');
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	165 if (exec_name)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	166 exec_name++;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	167 else
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	168 exec_name = shell;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	169
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	170 snprintf(toybuf,sizeof(toybuf)-1, "-%s", shell);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	171 execl(shell, toybuf, NULL);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	172 error_exit("Failed to spawn shell");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	173 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	174
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	175 void setup_environment(const struct passwd *pwd, int clear_env)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	176 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	177 if (chdir(pwd->pw_dir))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	178 printf("can't chdir to home directory: %s\n", pwd->pw_dir);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	179
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	180 if (clear_env)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	181 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	182 const char * term = getenv("TERM");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	183 clearenv();
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	184 if (term) setenv("TERM", term, 1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	185 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	186
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	187 setenv("USER", pwd->pw_name, 1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	188 setenv("LOGNAME", pwd->pw_name, 1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	189 setenv("HOME", pwd->pw_dir, 1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	190 setenv("SHELL", pwd->pw_shell, 1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	191 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	192
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	193 void login_main(void)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	194 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	195 int f_flag = (toys.optflags & 4) >> 2;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	196 int p_flag = (toys.optflags & 2) >> 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	197 int h_flag = toys.optflags & 1;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	198 char username[USER_NAME_MAX_SIZE+1];
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	199 struct passwd * pwd = NULL;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	200 struct spwd * spwd = NULL;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	201 char *pass = NULL;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	202 int auth_fail_cnt = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	203
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	204 if (f_flag && toys.optc != 1)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	205 error_exit("-f requires username");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	206
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	207 if (geteuid() != 0 )
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	208 error_exit("Cannot possibly work without effective root");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	209
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	210 if (!isatty(0) \|\| !isatty(1) \|\| !isatty(2))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	211 error_exit("Not connected to a tty");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	212
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	213 openlog("login", LOG_PID \| LOG_CONS, LOG_AUTH);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	214 signal(SIGALRM, login_timeout_handler);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	215 alarm(LOGIN_TIMEOUT);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	216 sanitize_env();
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	217
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	218 while (1) {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	219 tcflush(0, TCIFLUSH);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	220
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	221 username[USER_NAME_MAX_SIZE] = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	222 if (toys.optargs[0])
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	223 strncpy(username, toys.optargs[0], USER_NAME_MAX_SIZE);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	224 else {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	225 read_user(username, USER_NAME_MAX_SIZE+1);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	226 if (username[0] == 0)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	227 continue;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	228 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	229
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	230 pwd = getpwnam(username);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	231 if (!pwd)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	232 goto query_pass; // Non-existing user
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	233
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	234 if (pwd->pw_passwd[0] == '!' \|\| pwd->pw_passwd[0] == '*')
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	235 goto query_pass; // Locked account
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	236
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	237 if (f_flag)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	238 break; // Pre-authenticated
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	239
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	240 if (pwd->pw_passwd[0] == '\0')
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	241 break; // Password-less account
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	242
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	243 pass = pwd->pw_passwd;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	244 if (pwd->pw_passwd[0] == 'x') {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	245 spwd = getspnam (username);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	246 if (spwd)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	247 pass = spwd->sp_pwdp;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	248 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	249
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	250 query_pass:
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	251 if (!verify_password(pass))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	252 break;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	253
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	254 f_flag = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	255 syslog(LOG_WARNING, "invalid password for '%s' on %s %s %s", username,
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	256 ttyname(0),
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	257 (h_flag)?"from":"",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	258 (h_flag)?TT.hostname:"");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	259
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	260 sleep(LOGIN_FAIL_TIMEOUT);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	261 puts("Login incorrect");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	262
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	263 if (++auth_fail_cnt == 3)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	264 {
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	265 error_exit("Maximum number of tries exceeded (%d)\n", auth_fail_cnt);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	266 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	267
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	268 username[0] = 0;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	269 pwd = NULL;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	270 spwd = NULL;
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	271 }
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	272
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	273 alarm(0);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	274
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	275 if (pwd->pw_uid)
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	276 handle_nologin();
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	277
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	278 if (change_identity(pwd))
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	279 error_exit("Failed to change identity");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	280
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	281 setup_environment(pwd, !p_flag);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	282
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	283 handle_motd();
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	284
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	285 syslog(LOG_INFO, "%s logged in on %s %s %s", pwd->pw_name,
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	286 ttyname(0),
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	287 (h_flag)?"from":"",
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	288 (h_flag)?TT.hostname:"");
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	289
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	290 spawn_shell(pwd->pw_shell);
8a88a9e3c30b Adding initial version of login.c Elie De Brauwer <eliedebrauwer@gmail.com> parents: diff changeset	291 }

Mercurial > hg > toybox

annotate toys/login.c @ 633:98bde84a888c