source: MondoRescue/branches/3.2/mindi-busybox/loginutils/sulogin.c@ 3232

Last change on this file since 3232 was 3232, checked in by Bruno Cornec, 10 years ago
  • Update mindi-busybox to 1.21.1
File size: 2.5 KB
RevLine 
[821]1/* vi: set sw=4 ts=4: */
[1765]2/*
3 * Mini sulogin implementation for busybox
4 *
[2725]5 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
[1765]6 */
7
[3232]8//usage:#define sulogin_trivial_usage
9//usage: "[-t N] [TTY]"
10//usage:#define sulogin_full_usage "\n\n"
11//usage: "Single user login\n"
12//usage: "\n -t N Timeout"
13
[2725]14#include "libbb.h"
[821]15#include <syslog.h>
16
[2725]17//static void catchalarm(int UNUSED_PARAM junk)
18//{
19// exit(EXIT_FAILURE);
20//}
[821]21
22
[2725]23int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
24int sulogin_main(int argc UNUSED_PARAM, char **argv)
[821]25{
26 char *cp;
27 int timeout = 0;
28 struct passwd *pwd;
[1765]29 const char *shell;
[821]30#if ENABLE_FEATURE_SHADOWPASSWDS
[1765]31 /* Using _r function to avoid pulling in static buffers */
32 char buffer[256];
33 struct spwd spw;
[821]34#endif
35
[1765]36 logmode = LOGMODE_BOTH;
37 openlog(applet_name, 0, LOG_AUTH);
38
[2725]39 opt_complementary = "t+"; /* -t N */
40 getopt32(argv, "t:", &timeout);
41 argv += optind;
[1765]42
[2725]43 if (argv[0]) {
[1765]44 close(0);
45 close(1);
[2725]46 dup(xopen(argv[0], O_RDWR));
[1765]47 close(2);
48 dup(0);
[821]49 }
[1765]50
[2725]51 /* Malicious use like "sulogin /dev/sda"? */
[821]52 if (!isatty(0) || !isatty(1) || !isatty(2)) {
[1765]53 logmode = LOGMODE_SYSLOG;
54 bb_error_msg_and_die("not a tty");
[821]55 }
56
[2725]57 /* Clear dangerous stuff, set PATH */
58 sanitize_env_if_suid();
[821]59
[1765]60 pwd = getpwuid(0);
61 if (!pwd) {
62 goto auth_error;
[821]63 }
[1765]64
[821]65#if ENABLE_FEATURE_SHADOWPASSWDS
[2725]66 {
67 /* getspnam_r may return 0 yet set result to NULL.
68 * At least glibc 2.4 does this. Be extra paranoid here. */
69 struct spwd *result = NULL;
70 int r = getspnam_r(pwd->pw_name, &spw, buffer, sizeof(buffer), &result);
71 if (r || !result) {
72 goto auth_error;
73 }
74 pwd->pw_passwd = result->sp_pwdp;
[821]75 }
76#endif
[1765]77
[821]78 while (1) {
[2725]79 char *encrypted;
80 int r;
81
[1765]82 /* cp points to a static buffer that is zeroed every time */
[2725]83 cp = bb_ask(STDIN_FILENO, timeout,
[1765]84 "Give root password for system maintenance\n"
85 "(or type Control-D for normal startup):");
86
[821]87 if (!cp || !*cp) {
[1765]88 bb_info_msg("Normal startup");
89 return 0;
[821]90 }
[2725]91 encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
92 r = strcmp(encrypted, pwd->pw_passwd);
93 free(encrypted);
94 if (r == 0) {
[821]95 break;
96 }
[3232]97 bb_do_delay(LOGIN_FAIL_DELAY);
98 bb_info_msg("Login incorrect");
[821]99 }
[1765]100 memset(cp, 0, strlen(cp));
[2725]101// signal(SIGALRM, SIG_DFL);
[821]102
[1765]103 bb_info_msg("System Maintenance Mode");
[821]104
[2725]105 IF_SELINUX(renew_current_security_context());
[821]106
[1765]107 shell = getenv("SUSHELL");
[2725]108 if (!shell)
109 shell = getenv("sushell");
110 if (!shell)
111 shell = pwd->pw_shell;
[1765]112
[2725]113 /* Exec login shell with no additional parameters. Never returns. */
114 run_shell(shell, 1, NULL, NULL);
115
116 auth_error:
117 bb_error_msg_and_die("no password entry for root");
[821]118}
Note: See TracBrowser for help on using the repository browser.