Context Navigation

source: MondoRescue/branches/2.2.9/mindi-busybox/loginutils/sulogin.c@ 2725

Visit:

Last change on this file since 2725 was 2725, checked in by Bruno Cornec, 13 years ago
Update mindi-busybox to 1.18.3 to avoid problems with the tar command which is now failing on recent versions with busybox 1.7.3
File size: 2.4 KB

Rev	Line
[821]	1	/* vi: set sw=4 ts=4: */
[1765]	2	/*
	3	* Mini sulogin implementation for busybox
	4	*
[2725]	5	* Licensed under GPLv2 or later, see file LICENSE in this source tree.
[1765]	6	*/
	7
[2725]	8	#include "libbb.h"
[821]	9	#include <syslog.h>
	10
[2725]	11	//static void catchalarm(int UNUSED_PARAM junk)
	12	//{
	13	// exit(EXIT_FAILURE);
	14	//}
[821]	15
	16
[2725]	17	int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
	18	int sulogin_main(int argc UNUSED_PARAM, char **argv)
[821]	19	{
	20	char *cp;
	21	int timeout = 0;
	22	struct passwd *pwd;
[1765]	23	const char *shell;
[821]	24	#if ENABLE_FEATURE_SHADOWPASSWDS
[1765]	25	/* Using _r function to avoid pulling in static buffers */
	26	char buffer[256];
	27	struct spwd spw;
[821]	28	#endif
	29
[1765]	30	logmode = LOGMODE_BOTH;
	31	openlog(applet_name, 0, LOG_AUTH);
	32
[2725]	33	opt_complementary = "t+"; /* -t N */
	34	getopt32(argv, "t:", &timeout);
	35	argv += optind;
[1765]	36
[2725]	37	if (argv[0]) {
[1765]	38	close(0);
	39	close(1);
[2725]	40	dup(xopen(argv[0], O_RDWR));
[1765]	41	close(2);
	42	dup(0);
[821]	43	}
[1765]	44
[2725]	45	/* Malicious use like "sulogin /dev/sda"? */
[821]	46	if (!isatty(0) \|\| !isatty(1) \|\| !isatty(2)) {
[1765]	47	logmode = LOGMODE_SYSLOG;
	48	bb_error_msg_and_die("not a tty");
[821]	49	}
	50
[2725]	51	/* Clear dangerous stuff, set PATH */
	52	sanitize_env_if_suid();
[821]	53
[1765]	54	pwd = getpwuid(0);
	55	if (!pwd) {
	56	goto auth_error;
[821]	57	}
[1765]	58
[821]	59	#if ENABLE_FEATURE_SHADOWPASSWDS
[2725]	60	{
	61	/* getspnam_r may return 0 yet set result to NULL.
	62	* At least glibc 2.4 does this. Be extra paranoid here. */
	63	struct spwd *result = NULL;
	64	int r = getspnam_r(pwd->pw_name, &spw, buffer, sizeof(buffer), &result);
	65	if (r \|\| !result) {
	66	goto auth_error;
	67	}
	68	pwd->pw_passwd = result->sp_pwdp;
[821]	69	}
	70	#endif
[1765]	71
[821]	72	while (1) {
[2725]	73	char *encrypted;
	74	int r;
	75
[1765]	76	/* cp points to a static buffer that is zeroed every time */
[2725]	77	cp = bb_ask(STDIN_FILENO, timeout,
[1765]	78	"Give root password for system maintenance\n"
	79	"(or type Control-D for normal startup):");
	80
[821]	81	if (!cp \|\| !*cp) {
[1765]	82	bb_info_msg("Normal startup");
	83	return 0;
[821]	84	}
[2725]	85	encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
	86	r = strcmp(encrypted, pwd->pw_passwd);
	87	free(encrypted);
	88	if (r == 0) {
[821]	89	break;
	90	}
	91	bb_do_delay(FAIL_DELAY);
[1765]	92	bb_error_msg("login incorrect");
[821]	93	}
[1765]	94	memset(cp, 0, strlen(cp));
[2725]	95	// signal(SIGALRM, SIG_DFL);
[821]	96
[1765]	97	bb_info_msg("System Maintenance Mode");
[821]	98
[2725]	99	IF_SELINUX(renew_current_security_context());
[821]	100
[1765]	101	shell = getenv("SUSHELL");
[2725]	102	if (!shell)
	103	shell = getenv("sushell");
	104	if (!shell)
	105	shell = pwd->pw_shell;
[1765]	106
[2725]	107	/* Exec login shell with no additional parameters. Never returns. */
	108	run_shell(shell, 1, NULL, NULL);
	109
	110	auth_error:
	111	bb_error_msg_and_die("no password entry for root");
[821]	112	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: