source: branches/3.2/mindi-busybox/loginutils/su.c @ 3232

Last change on this file since 3232 was 3232, checked in by bruno, 5 years ago
  • Update mindi-busybox to 1.21.1
File size: 3.8 KB
Line 
1/* vi: set sw=4 ts=4: */
2/*
3 * Mini su implementation for busybox
4 *
5 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
6 */
7
8#include "libbb.h"
9#include <syslog.h>
10
11//usage:#define su_trivial_usage
12//usage:       "[OPTIONS] [-] [USER]"
13//usage:#define su_full_usage "\n\n"
14//usage:       "Run shell under USER (by default, root)\n"
15//usage:     "\n    -,-l    Clear environment, run shell as login shell"
16//usage:     "\n    -p,-m   Do not set new $HOME, $SHELL, $USER, $LOGNAME"
17//usage:     "\n    -c CMD  Command to pass to 'sh -c'"
18//usage:     "\n    -s SH   Shell to use instead of user's default"
19
20#if ENABLE_FEATURE_SU_CHECKS_SHELLS
21/* Return 1 if SHELL is a restricted shell (one not returned by
22 * getusershell), else 0, meaning it is a standard shell.  */
23static int restricted_shell(const char *shell)
24{
25    char *line;
26    int result = 1;
27
28    /*setusershell(); - getusershell does it itself*/
29    while ((line = getusershell()) != NULL) {
30        if (/* *line != '#' && */ strcmp(line, shell) == 0) {
31            result = 0;
32            break;
33        }
34    }
35    if (ENABLE_FEATURE_CLEAN_UP)
36        endusershell();
37    return result;
38}
39#endif
40
41#define SU_OPT_mp (3)
42#define SU_OPT_l  (4)
43
44int su_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
45int su_main(int argc UNUSED_PARAM, char **argv)
46{
47    unsigned flags;
48    char *opt_shell = NULL;
49    char *opt_command = NULL;
50    const char *opt_username = "root";
51    struct passwd *pw;
52    uid_t cur_uid = getuid();
53    const char *tty;
54#if ENABLE_FEATURE_UTMP
55    char user_buf[64];
56#endif
57    const char *old_user;
58
59    flags = getopt32(argv, "mplc:s:", &opt_command, &opt_shell);
60    //argc -= optind;
61    argv += optind;
62
63    if (argv[0] && LONE_DASH(argv[0])) {
64        flags |= SU_OPT_l;
65        argv++;
66    }
67
68    /* get user if specified */
69    if (argv[0]) {
70        opt_username = argv[0];
71        argv++;
72    }
73
74    if (ENABLE_FEATURE_SU_SYSLOG) {
75        /* The utmp entry (via getlogin) is probably the best way to
76         * identify the user, especially if someone su's from a su-shell.
77         * But getlogin can fail -- usually due to lack of utmp entry.
78         * in this case resort to getpwuid.  */
79#if ENABLE_FEATURE_UTMP
80        old_user = user_buf;
81        if (getlogin_r(user_buf, sizeof(user_buf)) != 0)
82#endif
83        {
84            pw = getpwuid(cur_uid);
85            old_user = pw ? xstrdup(pw->pw_name) : "";
86        }
87        tty = xmalloc_ttyname(2);
88        if (!tty) {
89            tty = "none";
90        }
91        openlog(applet_name, 0, LOG_AUTH);
92    }
93
94    pw = xgetpwnam(opt_username);
95
96    if (cur_uid == 0 || correct_password(pw)) {
97        if (ENABLE_FEATURE_SU_SYSLOG)
98            syslog(LOG_NOTICE, "%c %s %s:%s",
99                '+', tty, old_user, opt_username);
100    } else {
101        if (ENABLE_FEATURE_SU_SYSLOG)
102            syslog(LOG_NOTICE, "%c %s %s:%s",
103                '-', tty, old_user, opt_username);
104        bb_error_msg_and_die("incorrect password");
105    }
106
107    if (ENABLE_FEATURE_CLEAN_UP && ENABLE_FEATURE_SU_SYSLOG) {
108        closelog();
109    }
110
111    if (!opt_shell && (flags & SU_OPT_mp)) {
112        /* -s SHELL is not given, but "preserve env" opt is */
113        opt_shell = getenv("SHELL");
114    }
115
116#if ENABLE_FEATURE_SU_CHECKS_SHELLS
117    if (opt_shell && cur_uid != 0 && pw->pw_shell && restricted_shell(pw->pw_shell)) {
118        /* The user being su'd to has a nonstandard shell, and so is
119         * probably a uucp account or has restricted access.  Don't
120         * compromise the account by allowing access with a standard
121         * shell.  */
122        bb_error_msg("using restricted shell");
123        opt_shell = NULL; /* ignore -s PROG */
124    }
125    /* else: user can run whatever he wants via "su -s PROG USER".
126     * This is safe since PROG is run under user's uid/gid. */
127#endif
128    if (!opt_shell)
129        opt_shell = pw->pw_shell;
130
131    change_identity(pw);
132    setup_environment(opt_shell,
133            ((flags & SU_OPT_l) / SU_OPT_l * SETUP_ENV_CLEARENV)
134            + (!(flags & SU_OPT_mp) * SETUP_ENV_CHANGEENV)
135            + (!(flags & SU_OPT_l) * SETUP_ENV_NO_CHDIR),
136            pw);
137    IF_SELINUX(set_current_security_context(NULL);)
138
139    /* Never returns */
140    run_shell(opt_shell, flags & SU_OPT_l, opt_command, (const char**)argv);
141
142    /* return EXIT_FAILURE; - not reached */
143}
Note: See TracBrowser for help on using the repository browser.