2009-10-07 08:11:44 +00:00
|
|
|
diff -urNp coreutils-8.0-orig/configure.ac coreutils-8.0/configure.ac
|
|
|
|
--- coreutils-8.0-orig/configure.ac 2009-09-29 15:27:11.000000000 +0200
|
|
|
|
+++ coreutils-8.0/configure.ac 2009-10-07 10:04:27.000000000 +0200
|
|
|
|
@@ -115,6 +115,13 @@ if test "$gl_gcc_warnings" = yes; then
|
|
|
|
AC_DEFINE([GNULIB_PORTCHECK], [1], [enable some gnulib portability checks])
|
|
|
|
fi
|
|
|
|
|
|
|
|
+dnl Give the chance to enable PAM
|
|
|
|
+AC_ARG_ENABLE(pam, dnl
|
|
|
|
+[ --enable-pam Enable use of the PAM libraries],
|
|
|
|
+[AC_DEFINE(USE_PAM, 1, [Define if you want to use PAM])
|
|
|
|
+LIB_PAM="-ldl -lpam -lpam_misc"
|
|
|
|
+AC_SUBST(LIB_PAM)])
|
|
|
|
+
|
|
|
|
AC_FUNC_FORK
|
|
|
|
|
|
|
|
optional_bin_progs=
|
|
|
|
diff -urNp coreutils-8.0-orig/doc/coreutils.texi coreutils-8.0/doc/coreutils.texi
|
|
|
|
--- coreutils-8.0-orig/doc/coreutils.texi 2009-09-29 15:27:54.000000000 +0200
|
|
|
|
+++ coreutils-8.0/doc/coreutils.texi 2009-10-07 10:04:27.000000000 +0200
|
|
|
|
@@ -14742,8 +14742,11 @@ to certain shells, etc.).
|
|
|
|
@findex syslog
|
|
|
|
@command{su} can optionally be compiled to use @code{syslog} to report
|
2009-11-18 14:48:00 +00:00
|
|
|
failed, and optionally successful, @command{su} attempts. (If the system
|
|
|
|
-supports @code{syslog}.) However, GNU @command{su} does not check if the
|
|
|
|
-user is a member of the @code{wheel} group; see below.
|
|
|
|
+supports @code{syslog}.)
|
2009-10-07 08:11:44 +00:00
|
|
|
+
|
2009-11-18 14:48:00 +00:00
|
|
|
+This version of @command{su} has support for using PAM for
|
|
|
|
+authentication. You can edit @file{/etc/pam.d/su} to customize its
|
|
|
|
+behaviour.
|
|
|
|
|
|
|
|
The program accepts the following options. Also see @ref{Common options}.
|
|
|
|
|
|
|
|
@@ -14785,6 +14788,8 @@ environment variables except @env{TERM},
|
|
|
|
@env{PATH} to a compiled-in default value. Change to @var{user}'s home
|
|
|
|
directory. Prepend @samp{-} to the shell's name, intended to make it
|
|
|
|
read its login startup file(s).
|
|
|
|
+Additionaly @env{DISPLAY} and @env{XAUTHORITY} environment variables
|
|
|
|
+are preserved as well for PAM functionality.
|
|
|
|
|
|
|
|
@item -m
|
|
|
|
@itemx -p
|
|
|
|
@@ -14824,33 +14829,6 @@ Exit status:
|
|
|
|
the exit status of the subshell otherwise
|
|
|
|
@end display
|
|
|
|
|
|
|
|
-@cindex wheel group, not supported
|
|
|
|
-@cindex group wheel, not supported
|
|
|
|
-@cindex fascism
|
|
|
|
-@subsection Why GNU @command{su} does not support the @samp{wheel} group
|
|
|
|
-
|
|
|
|
-(This section is by Richard Stallman.)
|
|
|
|
-
|
|
|
|
-@cindex Twenex
|
|
|
|
-@cindex MIT AI lab
|
|
|
|
-Sometimes a few of the users try to hold total power over all the
|
|
|
|
-rest. For example, in 1984, a few users at the MIT AI lab decided to
|
|
|
|
-seize power by changing the operator password on the Twenex system and
|
|
|
|
-keeping it secret from everyone else. (I was able to thwart this coup
|
|
|
|
-and give power back to the users by patching the kernel, but I
|
|
|
|
-wouldn't know how to do that in Unix.)
|
|
|
|
-
|
|
|
|
-However, occasionally the rulers do tell someone. Under the usual
|
|
|
|
-@command{su} mechanism, once someone learns the root password who
|
|
|
|
-sympathizes with the ordinary users, he or she can tell the rest. The
|
|
|
|
-``wheel group'' feature would make this impossible, and thus cement the
|
|
|
|
-power of the rulers.
|
|
|
|
-
|
|
|
|
-I'm on the side of the masses, not that of the rulers. If you are
|
|
|
|
-used to supporting the bosses and sysadmins in whatever they do, you
|
|
|
|
-might find this idea strange at first.
|
|
|
|
-
|
|
|
|
-
|
|
|
|
@node timeout invocation
|
|
|
|
@section @command{timeout}: Run a command with a time limit
|
|
|
|
|
2009-10-07 08:11:44 +00:00
|
|
|
diff -urNp coreutils-8.0-orig/src/Makefile.am coreutils-8.0/src/Makefile.am
|
|
|
|
--- coreutils-8.0-orig/src/Makefile.am 2009-09-21 14:29:33.000000000 +0200
|
|
|
|
+++ coreutils-8.0/src/Makefile.am 2009-10-07 10:04:27.000000000 +0200
|
|
|
|
@@ -154,7 +154,7 @@ tail_LDADD = $(nanosec_libs)
|
2007-01-09 19:29:30 +00:00
|
|
|
# If necessary, add -lm to resolve use of pow in lib/strtod.c.
|
|
|
|
uptime_LDADD = $(LDADD) $(POW_LIB) $(GETLOADAVG_LIBS)
|
2004-09-09 03:58:39 +00:00
|
|
|
|
2007-01-09 19:29:30 +00:00
|
|
|
-su_LDADD = $(LDADD) $(LIB_CRYPT)
|
|
|
|
+su_LDADD = $(LDADD) $(LIB_CRYPT) @LIB_PAM@
|
2004-09-09 03:58:39 +00:00
|
|
|
|
2007-01-09 19:29:30 +00:00
|
|
|
dir_LDADD += $(LIB_ACL)
|
|
|
|
ls_LDADD += $(LIB_ACL)
|
2009-10-07 08:11:44 +00:00
|
|
|
diff -urNp coreutils-8.0-orig/src/su.c coreutils-8.0/src/su.c
|
|
|
|
--- coreutils-8.0-orig/src/su.c 2009-10-07 10:03:29.000000000 +0200
|
|
|
|
+++ coreutils-8.0/src/su.c 2009-10-07 10:04:27.000000000 +0200
|
|
|
|
@@ -37,6 +37,16 @@
|
2004-09-09 03:58:39 +00:00
|
|
|
restricts who can su to UID 0 accounts. RMS considers that to
|
|
|
|
be fascist.
|
|
|
|
|
|
|
|
+#ifdef USE_PAM
|
|
|
|
+
|
|
|
|
+ Actually, with PAM, su has nothing to do with whether or not a
|
|
|
|
+ wheel group is enforced by su. RMS tries to restrict your access
|
|
|
|
+ to a su which implements the wheel group, but PAM considers that
|
|
|
|
+ to be fascist, and gives the user/sysadmin the opportunity to
|
|
|
|
+ enforce a wheel group by proper editing of /etc/pam.conf
|
|
|
|
+
|
|
|
|
+#endif
|
|
|
|
+
|
2007-01-09 19:29:30 +00:00
|
|
|
Compile-time options:
|
|
|
|
-DSYSLOG_SUCCESS Log successful su's (by default, to root) with syslog.
|
|
|
|
-DSYSLOG_FAILURE Log failed su's (by default, to root) with syslog.
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -53,6 +63,15 @@
|
|
|
|
#include <pwd.h>
|
|
|
|
#include <grp.h>
|
2004-09-09 03:58:39 +00:00
|
|
|
|
|
|
|
+#ifdef USE_PAM
|
|
|
|
+# include <signal.h>
|
|
|
|
+# include <sys/wait.h>
|
|
|
|
+# include <sys/fsuid.h>
|
2005-04-15 16:46:39 +00:00
|
|
|
+# include <unistd.h>
|
2005-03-15 13:52:17 +00:00
|
|
|
+# include <security/pam_appl.h>
|
|
|
|
+# include <security/pam_misc.h>
|
2004-09-09 03:58:39 +00:00
|
|
|
+#endif /* USE_PAM */
|
|
|
|
+
|
|
|
|
#include "system.h"
|
2007-01-09 19:29:30 +00:00
|
|
|
#include "getpass.h"
|
2004-09-09 03:58:39 +00:00
|
|
|
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -120,12 +139,19 @@
|
2004-09-09 03:58:39 +00:00
|
|
|
/* The user to become if none is specified. */
|
|
|
|
#define DEFAULT_USER "root"
|
|
|
|
|
|
|
|
+#ifndef USE_PAM
|
2009-02-24 11:53:38 +00:00
|
|
|
char *crypt (char const *key, char const *salt);
|
2004-09-09 03:58:39 +00:00
|
|
|
+#endif
|
|
|
|
|
|
|
|
extern char **environ;
|
|
|
|
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
-static void run_shell (char const *, char const *, char **, size_t)
|
|
|
|
+static void run_shell (char const *, char const *, char **, size_t,
|
|
|
|
+ const struct passwd *)
|
2004-09-09 03:58:39 +00:00
|
|
|
+#ifdef USE_PAM
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
+ ;
|
2004-09-09 03:58:39 +00:00
|
|
|
+#else
|
|
|
|
ATTRIBUTE_NORETURN;
|
|
|
|
+#endif
|
|
|
|
|
2008-11-11 16:03:49 +00:00
|
|
|
/* If true, pass the `-f' option to the subshell. */
|
|
|
|
static bool fast_startup;
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -211,7 +237,26 @@ log_su (struct passwd const *pw, bool su
|
2004-09-09 03:58:39 +00:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
+#ifdef USE_PAM
|
|
|
|
+static pam_handle_t *pamh = NULL;
|
|
|
|
+static int retval;
|
|
|
|
+static struct pam_conv conv = {
|
|
|
|
+ misc_conv,
|
|
|
|
+ NULL
|
|
|
|
+};
|
|
|
|
+
|
|
|
|
+#define PAM_BAIL_P if (retval) { \
|
|
|
|
+ pam_end(pamh, PAM_SUCCESS); \
|
|
|
|
+ return 0; \
|
|
|
|
+}
|
2006-08-24 16:05:51 +00:00
|
|
|
+#define PAM_BAIL_P_VOID if (retval) { \
|
|
|
|
+ pam_end(pamh, PAM_SUCCESS); \
|
|
|
|
+return; \
|
|
|
|
+}
|
2004-09-09 03:58:39 +00:00
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
/* Ask the user for a password.
|
|
|
|
+ If PAM is in use, let PAM ask for the password if necessary.
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
Return true if the user gives the correct password for entry PW,
|
|
|
|
false if not. Return true without asking for a password if run by UID 0
|
2004-09-09 03:58:39 +00:00
|
|
|
or if PW has an empty password. */
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -219,6 +264,44 @@ log_su (struct passwd const *pw, bool su
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
static bool
|
2004-09-09 03:58:39 +00:00
|
|
|
correct_password (const struct passwd *pw)
|
|
|
|
{
|
|
|
|
+#ifdef USE_PAM
|
|
|
|
+ struct passwd *caller;
|
2005-04-15 16:46:39 +00:00
|
|
|
+ char *tty_name, *ttyn;
|
2004-09-09 03:58:39 +00:00
|
|
|
+ retval = pam_start(PROGRAM_NAME, pw->pw_name, &conv, &pamh);
|
|
|
|
+ PAM_BAIL_P;
|
|
|
|
+
|
|
|
|
+ if (getuid() != 0 && !isatty(0)) {
|
|
|
|
+ fprintf(stderr, "standard in must be a tty\n");
|
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ caller = getpwuid(getuid());
|
|
|
|
+ if(caller != NULL && caller->pw_name != NULL) {
|
|
|
|
+ retval = pam_set_item(pamh, PAM_RUSER, caller->pw_name);
|
|
|
|
+ PAM_BAIL_P;
|
|
|
|
+ }
|
|
|
|
+
|
2005-04-15 16:46:39 +00:00
|
|
|
+ ttyn = ttyname(0);
|
2005-05-20 12:10:24 +00:00
|
|
|
+ if (ttyn) {
|
|
|
|
+ if (strncmp(ttyn, "/dev/", 5) == 0)
|
2005-04-15 16:46:39 +00:00
|
|
|
+ tty_name = ttyn+5;
|
2005-05-20 12:10:24 +00:00
|
|
|
+ else
|
2005-04-15 16:46:39 +00:00
|
|
|
+ tty_name = ttyn;
|
2005-05-20 12:10:24 +00:00
|
|
|
+ retval = pam_set_item(pamh, PAM_TTY, tty_name);
|
|
|
|
+ PAM_BAIL_P;
|
|
|
|
+ }
|
2004-09-09 03:58:39 +00:00
|
|
|
+ retval = pam_authenticate(pamh, 0);
|
|
|
|
+ PAM_BAIL_P;
|
|
|
|
+ retval = pam_acct_mgmt(pamh, 0);
|
|
|
|
+ if (retval == PAM_NEW_AUTHTOK_REQD) {
|
|
|
|
+ /* password has expired. Offer option to change it. */
|
|
|
|
+ retval = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
|
|
|
|
+ PAM_BAIL_P;
|
|
|
|
+ }
|
|
|
|
+ PAM_BAIL_P;
|
|
|
|
+ /* must be authenticated if this point was reached */
|
|
|
|
+ return 1;
|
|
|
|
+#else /* !USE_PAM */
|
|
|
|
char *unencrypted, *encrypted, *correct;
|
|
|
|
#if HAVE_GETSPNAM && HAVE_STRUCT_SPWD_SP_PWDP
|
|
|
|
/* Shadow passwd stuff for SVR3 and maybe other systems. */
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -243,6 +326,7 @@ correct_password (const struct passwd *p
|
2004-09-09 03:58:39 +00:00
|
|
|
encrypted = crypt (unencrypted, correct);
|
|
|
|
memset (unencrypted, 0, strlen (unencrypted));
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
return STREQ (encrypted, correct);
|
2004-09-09 03:58:39 +00:00
|
|
|
+#endif /* !USE_PAM */
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Update `environ' for the new shell based on PW, with SHELL being
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -256,12 +340,18 @@ modify_environment (const struct passwd
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
/* Leave TERM unchanged. Set HOME, SHELL, USER, LOGNAME, PATH.
|
2004-09-09 03:58:39 +00:00
|
|
|
Unset all other environment variables. */
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
char const *term = getenv ("TERM");
|
|
|
|
+ char const *display = getenv ("DISPLAY");
|
|
|
|
+ char const *xauthority = getenv ("XAUTHORITY");
|
|
|
|
if (term)
|
2009-09-12 09:28:49 +00:00
|
|
|
term = xstrdup (term);
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
environ = xmalloc ((6 + !!term) * sizeof (char *));
|
|
|
|
environ[0] = NULL;
|
2004-09-09 03:58:39 +00:00
|
|
|
if (term)
|
2009-09-12 09:28:49 +00:00
|
|
|
xsetenv ("TERM", term);
|
2004-09-09 03:58:39 +00:00
|
|
|
+ if (display)
|
2009-09-12 09:28:49 +00:00
|
|
|
+ xsetenv ("DISPLAY", display);
|
2004-09-09 03:58:39 +00:00
|
|
|
+ if (xauthority)
|
2009-09-12 09:28:49 +00:00
|
|
|
+ xsetenv ("XAUTHORITY", xauthority);
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
xsetenv ("HOME", pw->pw_dir);
|
|
|
|
xsetenv ("SHELL", shell);
|
|
|
|
xsetenv ("USER", pw->pw_name);
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -294,8 +384,13 @@ change_identity (const struct passwd *pw
|
2005-04-15 16:46:39 +00:00
|
|
|
{
|
|
|
|
#ifdef HAVE_INITGROUPS
|
|
|
|
errno = 0;
|
|
|
|
- if (initgroups (pw->pw_name, pw->pw_gid) == -1)
|
|
|
|
+ if (initgroups (pw->pw_name, pw->pw_gid) == -1) {
|
|
|
|
+#ifdef USE_PAM
|
|
|
|
+ pam_close_session(pamh, 0);
|
|
|
|
+ pam_end(pamh, PAM_ABORT);
|
|
|
|
+#endif
|
2008-01-25 17:48:11 +00:00
|
|
|
error (EXIT_FAILURE, errno, _("cannot set groups"));
|
2005-04-15 16:46:39 +00:00
|
|
|
+ }
|
2004-09-09 03:58:39 +00:00
|
|
|
endgrent ();
|
|
|
|
#endif
|
|
|
|
if (setgid (pw->pw_gid))
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -304,6 +399,31 @@ change_identity (const struct passwd *pw
|
2008-01-25 17:48:11 +00:00
|
|
|
error (EXIT_FAILURE, errno, _("cannot set user id"));
|
2004-09-09 03:58:39 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
+#ifdef USE_PAM
|
|
|
|
+static int caught=0;
|
|
|
|
+/* Signal handler for parent process later */
|
|
|
|
+static void su_catch_sig(int sig)
|
|
|
|
+{
|
|
|
|
+ ++caught;
|
|
|
|
+}
|
|
|
|
+
|
|
|
|
+int
|
|
|
|
+pam_copyenv (pam_handle_t *pamh)
|
|
|
|
+{
|
|
|
|
+ char **env;
|
|
|
|
+
|
|
|
|
+ env = pam_getenvlist(pamh);
|
|
|
|
+ if(env) {
|
|
|
|
+ while(*env) {
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
+ if (putenv (*env))
|
|
|
|
+ xalloc_die ();
|
2004-09-09 03:58:39 +00:00
|
|
|
+ env++;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ return(0);
|
|
|
|
+}
|
|
|
|
+#endif
|
|
|
|
+
|
|
|
|
/* Run SHELL, or DEFAULT_SHELL if SHELL is empty.
|
|
|
|
If COMMAND is nonzero, pass it to the shell with the -c option.
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
Pass ADDITIONAL_ARGS to the shell as more arguments; there
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -311,17 +431,49 @@ change_identity (const struct passwd *pw
|
2004-09-09 03:58:39 +00:00
|
|
|
|
|
|
|
static void
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
run_shell (char const *shell, char const *command, char **additional_args,
|
2009-09-12 09:28:49 +00:00
|
|
|
- size_t n_additional_args)
|
|
|
|
+ size_t n_additional_args, const struct passwd *pw)
|
2004-09-09 03:58:39 +00:00
|
|
|
{
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
size_t n_args = 1 + fast_startup + 2 * !!command + n_additional_args + 1;
|
|
|
|
char const **args = xnmalloc (n_args, sizeof *args);
|
|
|
|
size_t argno = 1;
|
2004-09-09 03:58:39 +00:00
|
|
|
+#ifdef USE_PAM
|
|
|
|
+ int child;
|
|
|
|
+ sigset_t ourset;
|
|
|
|
+ int status;
|
|
|
|
+
|
|
|
|
+ retval = pam_open_session(pamh,0);
|
|
|
|
+ if (retval != PAM_SUCCESS) {
|
|
|
|
+ fprintf (stderr, "could not open session\n");
|
|
|
|
+ exit (1);
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+/* do this at the last possible moment, because environment variables may
|
|
|
|
+ be passed even in the session phase
|
|
|
|
+*/
|
|
|
|
+ if(pam_copyenv(pamh) != PAM_SUCCESS)
|
|
|
|
+ fprintf (stderr, "error copying PAM environment\n");
|
|
|
|
+
|
2005-04-15 16:46:39 +00:00
|
|
|
+ /* Credentials should be set in the parent */
|
|
|
|
+ if (pam_setcred(pamh, PAM_ESTABLISH_CRED) != PAM_SUCCESS) {
|
|
|
|
+ pam_close_session(pamh, 0);
|
|
|
|
+ fprintf(stderr, "could not set PAM credentials\n");
|
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
+
|
2004-09-09 03:58:39 +00:00
|
|
|
+ child = fork();
|
|
|
|
+ if (child == 0) { /* child shell */
|
|
|
|
+ change_identity (pw);
|
|
|
|
+ pam_end(pamh, 0);
|
|
|
|
+#endif
|
|
|
|
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
if (simulate_login)
|
|
|
|
{
|
2004-09-09 03:58:39 +00:00
|
|
|
char *arg0;
|
|
|
|
char *shell_basename;
|
|
|
|
|
|
|
|
+ if(chdir(pw->pw_dir))
|
|
|
|
+ error(0, errno, _("warning: cannot change directory to %s"), pw->pw_dir);
|
|
|
|
+
|
2007-01-09 19:29:30 +00:00
|
|
|
shell_basename = last_component (shell);
|
2004-09-09 03:58:39 +00:00
|
|
|
arg0 = xmalloc (strlen (shell_basename) + 2);
|
|
|
|
arg0[0] = '-';
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -346,6 +498,66 @@ run_shell (char const *shell, char const
|
2004-09-09 03:58:39 +00:00
|
|
|
error (0, errno, "%s", shell);
|
|
|
|
exit (exit_status);
|
|
|
|
}
|
|
|
|
+#ifdef USE_PAM
|
|
|
|
+ } else if (child == -1) {
|
|
|
|
+ fprintf(stderr, "can not fork user shell: %s", strerror(errno));
|
2005-04-15 16:46:39 +00:00
|
|
|
+ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
|
|
|
|
+ pam_close_session(pamh, 0);
|
|
|
|
+ pam_end(pamh, PAM_ABORT);
|
2004-09-09 03:58:39 +00:00
|
|
|
+ exit(1);
|
|
|
|
+ }
|
|
|
|
+ /* parent only */
|
|
|
|
+ sigfillset(&ourset);
|
|
|
|
+ if (sigprocmask(SIG_BLOCK, &ourset, NULL)) {
|
|
|
|
+ fprintf(stderr, "%s: signal malfunction\n", PROGRAM_NAME);
|
|
|
|
+ caught = 1;
|
|
|
|
+ }
|
|
|
|
+ if (!caught) {
|
|
|
|
+ struct sigaction action;
|
|
|
|
+ action.sa_handler = su_catch_sig;
|
|
|
|
+ sigemptyset(&action.sa_mask);
|
|
|
|
+ action.sa_flags = 0;
|
|
|
|
+ sigemptyset(&ourset);
|
|
|
|
+ if (sigaddset(&ourset, SIGTERM)
|
|
|
|
+ || sigaddset(&ourset, SIGALRM)
|
|
|
|
+ || sigaction(SIGTERM, &action, NULL)
|
|
|
|
+ || sigprocmask(SIG_UNBLOCK, &ourset, NULL)) {
|
|
|
|
+ fprintf(stderr, "%s: signal masking malfunction\n", PROGRAM_NAME);
|
|
|
|
+ caught = 1;
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ if (!caught) {
|
|
|
|
+ do {
|
|
|
|
+ int pid;
|
|
|
|
+
|
|
|
|
+ pid = waitpid(-1, &status, WUNTRACED);
|
|
|
|
+
|
|
|
|
+ if (WIFSTOPPED(status)) {
|
|
|
|
+ kill(getpid(), SIGSTOP);
|
|
|
|
+ /* once we get here, we must have resumed */
|
|
|
|
+ kill(pid, SIGCONT);
|
|
|
|
+ }
|
|
|
|
+ } while (WIFSTOPPED(status));
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
+ if (caught) {
|
|
|
|
+ fprintf(stderr, "\nSession terminated, killing shell...");
|
|
|
|
+ kill (child, SIGTERM);
|
|
|
|
+ }
|
2005-04-15 16:46:39 +00:00
|
|
|
+ /* Not checking retval on this because we need to call close session */
|
|
|
|
+ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
|
2004-09-09 03:58:39 +00:00
|
|
|
+ retval = pam_close_session(pamh, 0);
|
2006-08-24 16:05:51 +00:00
|
|
|
+ PAM_BAIL_P_VOID;
|
2004-09-09 03:58:39 +00:00
|
|
|
+ retval = pam_end(pamh, PAM_SUCCESS);
|
2006-08-24 16:05:51 +00:00
|
|
|
+ PAM_BAIL_P_VOID;
|
2004-09-09 03:58:39 +00:00
|
|
|
+ if (caught) {
|
|
|
|
+ sleep(2);
|
|
|
|
+ kill(child, SIGKILL);
|
|
|
|
+ fprintf(stderr, " ...killed.\n");
|
|
|
|
+ exit(-1);
|
|
|
|
+ }
|
|
|
|
+ exit (WEXITSTATUS(status));
|
|
|
|
+#endif /* USE_PAM */
|
|
|
|
}
|
|
|
|
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
/* Return true if SHELL is a restricted shell (one not returned by
|
2009-10-07 08:11:44 +00:00
|
|
|
@@ -513,9 +725,9 @@ main (int argc, char **argv)
|
2007-01-09 19:29:30 +00:00
|
|
|
shell = xstrdup (shell ? shell : pw->pw_shell);
|
|
|
|
modify_environment (pw, shell);
|
2004-09-09 03:58:39 +00:00
|
|
|
|
2004-12-06 15:51:03 +00:00
|
|
|
+#ifndef USE_PAM
|
2004-09-09 03:58:39 +00:00
|
|
|
change_identity (pw);
|
2006-08-23 09:56:42 +00:00
|
|
|
- if (simulate_login && chdir (pw->pw_dir) != 0)
|
|
|
|
- error (0, errno, _("warning: cannot change directory to %s"), pw->pw_dir);
|
2004-09-09 03:58:39 +00:00
|
|
|
+#endif
|
|
|
|
|
- 5.92.
- No longer need afs, dircolors, utmp, gcc4, brokentest, dateseconds,
chown, rmaccess, copy, stale-utmp, no-sign-extend, fchown patches.
- Updated acl, dateman, pam, langinfo, i18n, getgrouplist, selinux patches.
- Dropped printf-ll, allow_old_options, jday, zh_CN patches.
- NOTE: i18n patch not ported for sort(1) yet.
2005-10-27 15:05:08 +00:00
|
|
|
- run_shell (shell, command, argv + optind, MAX (0, argc - optind));
|
|
|
|
+ run_shell (shell, command, argv + optind, MAX (0, argc - optind), pw);
|
2004-09-09 03:58:39 +00:00
|
|
|
}
|
2009-11-18 14:48:00 +00:00
|
|
|
|