Context Navigation

← Previous Change
Next Change →

loginutils

Timestamp:

Nov 6, 2007, 11:01:53 AM (16 years ago)

Author:

Bruno Cornec

Message:

Better output for mindi-busybox revision
Remove dummy file created on NFS - report from Arnaud Tiger <arnaud.tiger_at_hp.com>
strace useful for debug
fix new versions for pb (2.0.0 for mindi and 1.7.2 for mindi-busybox)
fix build process for mindi-busybox + options used in that version (dd for label-partitions-as-necessary)
fix typo in label-partitions-as-necessary which doesn't seem to work
Update to busybox 1.7.2
perl is now required at restore time to support uuid swap partitions (and will be used for many other thigs

in the future for sure)

next mindi version will be 2.0.0 due to all the changes made in it (udev may break working distros)
small optimization in mindi on keyboard handling (one single find instead of multiple)
better interaction for USB device when launching mindi manually
attempt to automatically guess block disk size for ramdisk
fix typos in bkphw
Fix the remaining problem with UUID support for swap partitions
Updates mondoarchive man page for USB support
Adds preliminary Hardware support to mindi (Proliant SSSTK)
Tries to add udev support also for rhel4
Fix UUID support which was still broken.
Be conservative in test for the start-nfs script
Update config file for mindi-busybox for 1.7.2 migration
Try to run around a busybox bug (1.2.2 pb on inexistant links)
Add build content for mindi-busybox in pb
Remove distributions content for mindi-busybox
Fix a warning on inexistant raidtab
Solve problem on tmpfs in restore init (Problem of inexistant symlink and busybox)
Create MONDO_CACHE and use it everywhere + creation at start
Really never try to eject a USB device
Fix a issue with &> usage (replaced with 1> and 2>)
Adds magic file to depllist in order to have file working + ldd which helps for debugging issues
tty modes correct to avoid sh error messages
Use ext3 normally and not ext2 instead
USB device should be corrected after reading (take 1st part)
Adds a mount_USB_here function derived from mount_CDROM_here
usb detection place before /dev detection in device name at restore time
Fix when restoring from USB: media is asked in interactive mode
Adds USB support for mondorestore
mount_cdrom => mount_media
elilo.efi is now searched throughout /boot/efi and not in a fixed place as there is no standard
untar-and-softlink => untar (+ interface change)
suppress useless softlinks creation/removal in boot process
avoids udevd messages on groups
Increase # of disks to 99 as in mindi at restore time (should be a conf file parameter)
skip existing big file creation
seems to work correctly for USB mindi boot
Adds group and tty link to udev conf
Always load usb-torage (even 2.6) to initiate USB bus discovery
Better printing of messages
Attempt to fix a bug in supporting OpenSusE 10.3 kernel for initramfs (mindi may now use multiple regex for kernel initrd detection)
Links were not correctly done as non relative for modules in mindi
exclusion of modules denied now works
Also create modules in their ordinary place, so that classical modprobe works + copy modules.dep
Fix bugs for DENY_MODS handling
Add device /dev/console for udev
ide-generic should now really be excluded
Fix a bug in major number for tty
If udev then adds modprobe/insmod to rootfs
tty0 is also cretaed with udev
ide-generic put rather in DENY_MODS
udevd remove from deplist s handled in mindi directly
better default for mindi when using --usb
Handles dynamically linked busybox (in case we want to use it soon ;-)
Adds fixed devices to create for udev
ide-generic should not be part of the initrd when using libata v2
support a dynamically linked udev (case on Ubuntu 7.10 and Mandriva 2008.0 so should be quite generic) This will give incitation to move to dyn. linked binaries in the initrd which will help for other tasks (ia6 4)
Improvement in udev support (do not use cl options not available in busybox)
Udev in mindi
- auto creation of the right links at boot time with udev-links.conf(from Mandriva 2008.0)
- rework startup of udev as current makes kernel crash (from Mandriva 2008.0)
- add support for 64 bits udev
Try to render MyInsmod silent at boot time
Adds udev support (mandatory for newest distributions to avoid remapping of devices in a different way as on the original system)
We also need vaft format support for USB boot
Adds libusual support (Ubuntu 7.10 needs it for USB)
Improve Ubuntu/Debian keyboard detection and support
pbinit adapted to new pb (0.8.10). Filtering of docs done in it
Suppress some mondo warnings and errors on USB again
Tries to fix lack of files in deb mindi package
Verify should now work for USB devices
More log/mesages improvement for USB support
- Supress g_erase_tmpdir_and_scratchdir
Improve some log messages for USB support
Try to improve install in mindi to avoid issues with isolinux.cfg not installed vene if in the pkg :-(
Improve mindi-busybox build
In conformity with pb 0.8.9
Add support for Ubuntu 7.10 in build process
Add USB Key button to Menu UI (CD streamer removed)
Attempt to fix error messages on tmp/scratch files at the end by removing those dir at the latest possible.
Fix a bug linked to the size of the -E param which could be used (Arnaud Tiger/René Ribaud).
Integrate ~/.pbrc content into mondorescue.pb (required project-builder >= 0.8.7)
Put mondorescue in conformity with new pb filtering rules
Add USB support at restore time (no test done yet). New start-usb script PB varibale added where useful
Unmounting USB device before removal of temporary scratchdir
Stil refining USB copy back to mondo (one command was not executed)
No need to have the image subdor in the csratchdir when USB.
umount the USB partition before attempting to use it
Remove useless copy from mindi to mondo at end of USB handling

(risky merge, we are raising the limits of 2 diverging branches. The status of stable is not completely sure as such. Will need lots of tests, but it's not yet done :-()
(merge -r1692:1769 $SVN_M/branches/2.2.5)

Location:

branches/stable/mindi-busybox/loginutils

Files:

: 2 deleted
: 10 edited
: 3 copied

Config.in (modified) (11 diffs)
Kbuild (copied) (copied from branches/2.2.5/mindi-busybox/loginutils/Kbuild )
Makefile (deleted)
Makefile.in (deleted)
addgroup.c (modified) (3 diffs)
adduser.c (modified) (11 diffs)
chpasswd.c (copied) (copied from branches/2.2.5/mindi-busybox/loginutils/chpasswd.c )
cryptpw.c (copied) (copied from branches/2.2.5/mindi-busybox/loginutils/cryptpw.c )
deluser.c (modified) (1 diff)
getty.c (modified) (48 diffs)
login.c (modified) (3 diffs)
passwd.c (modified) (2 diffs)
su.c (modified) (1 diff)
sulogin.c (modified) (4 diffs)
vlock.c (modified) (7 diffs)

Legend:

: Unmodified
: Added
: Removed

branches/stable/mindi-busybox/loginutils/Config.in

-              r902
+              r1770
 menu "Login/Password Management Utilities"
 config CONFIG_FEATURE_SHADOWPASSWDS
+config FEATURE_SHADOWPASSWDS
     bool "Support for shadow passwords"
     default n
 …
       publicly readable.
 config CONFIG_USE_BB_SHADOW
+config USE_BB_SHADOW
     bool "  Use busybox shadow password functions"
     default y
     depends on CONFIG_USE_BB_PWD_GRP && CONFIG_FEATURE_SHADOWPASSWDS
+    depends on USE_BB_PWD_GRP && FEATURE_SHADOWPASSWDS
     help
         If you leave this disabled, busybox will use the system's shadow
 …
         password servers and whatnot.
 config CONFIG_USE_BB_PWD_GRP
+config USE_BB_PWD_GRP
     bool "Use internal password and group functions rather than system functions"
     default n
 …
         If you enable this option, it will add about 1.5k to busybox.
 config CONFIG_ADDGROUP
+config ADDGROUP
     bool "addgroup"
     default n
 …
       Utility for creating a new group account.
+config CONFIG_DELGROUP
+config FEATURE_ADDUSER_TO_GROUP
+    bool "Support for adding users to groups"
+    default n
+    depends on ADDGROUP
+    help
+      If  called  with two non-option arguments,
+      addgroup will add an existing user to an
+      existing group.
+config DELGROUP
     bool "delgroup"
     default n
 …
       Utility for deleting a group account.
+config CONFIG_ADDUSER
+config FEATURE_DEL_USER_FROM_GROUP
+    bool "Support for removing users from groups."
+    default n
+    depends on DELGROUP
+    help
+      If called with two non-option arguments, deluser
+      or delgroup will remove an user from a specified group.
+config ADDUSER
     bool "adduser"
     default n
 …
       Utility for creating a new user account.
 config CONFIG_DELUSER
+config DELUSER
     bool "deluser"
     default n
 …
       Utility for deleting a user account.
 config CONFIG_GETTY
+config GETTY
     bool "getty"
     default n
+    select FEATURE_SYSLOG
     help
       getty lets you log in on a tty, it is normally invoked by init.
 config CONFIG_FEATURE_UTMP
+config FEATURE_UTMP
     bool "Support utmp file"
     depends on CONFIG_GETTY || CONFIG_LOGIN || CONFIG_SU || CONFIG_WHO
+    depends on GETTY || LOGIN || SU || WHO
     default n
     help
       The file /var/run/utmp is used to track who is currently logged in.
 config CONFIG_FEATURE_WTMP
+config FEATURE_WTMP
     bool "Support wtmp file"
     depends on CONFIG_GETTY || CONFIG_LOGIN || CONFIG_SU || CONFIG_LAST
     default n
     select CONFIG_FEATURE_UTMP
+    depends on GETTY || LOGIN || SU || LAST
+    default n
+    select FEATURE_UTMP
     help
       The file /var/run/wtmp is used to track when user's have logged into
       and logged out of the system.
 config CONFIG_LOGIN
+config LOGIN
     bool "login"
     default n
+    select CONFIG_FEATURE_SUID
+    select FEATURE_SUID
+    select FEATURE_SYSLOG
     help
       login is used when signing onto a system.
 …
       work properly.
+config CONFIG_FEATURE_SECURETTY
+config PAM
+    bool "Support for PAM (Pluggable Authentication Modules)"
+    default n
+    depends on LOGIN
+    help
+      Use PAM in login(1) instead of direct access to password database.
+config LOGIN_SCRIPTS
+    bool "Support for login scripts"
+    depends on LOGIN
+    default n
+    help
+      Enable this if you want login to execute $LOGIN_PRE_SUID_SCRIPT
+      just prior to switching from root to logged-in user.
+config FEATURE_NOLOGIN
+    bool "Support for /etc/nologin"
+    default y
+    depends on LOGIN
+    help
+      The file /etc/nologin is used by (some versions of) login(1).
+      If it exists, non-root logins are prohibited.
+config FEATURE_SECURETTY
     bool "Support for /etc/securetty"
     default y
     depends on CONFIG_LOGIN
     help
       The file  /etc/securetty  is used by (some versions of) login(1).
+    depends on LOGIN
+    help
+      The file /etc/securetty is used by (some versions of) login(1).
       The file contains the device names of tty lines (one per line,
       without leading /dev/) on which root is allowed to login.
 config CONFIG_PASSWD
+config PASSWD
     bool "passwd"
     default n
+    select CONFIG_FEATURE_SUID
+    select FEATURE_SUID
+    select FEATURE_SYSLOG
     help
       passwd changes passwords for user and group accounts.  A normal user
 …
       work properly.
+config CONFIG_SU
+config FEATURE_PASSWD_WEAK_CHECK
+    bool "Check new passwords for weakness"
+    default y
+    depends on PASSWD
+    help
+      With this option passwd will refuse new passwords which are "weak".
+config CRYPTPW
+    bool "cryptpw"
+    default n
+    help
+      Applet for crypting a string.
+config CHPASSWD
+       bool "chpasswd"
+       default n
+       help
+         chpasswd  reads  a  file  of user name and password pairs from
+         standard input and uses this information to update a group of
+         existing users.
+config SU
     bool "su"
     default n
+    select CONFIG_FEATURE_SUID
+    select FEATURE_SUID
+    select FEATURE_SYSLOG
     help
       su is used to become another user during a login session.
 …
       work properly.
+config CONFIG_SULOGIN
+config FEATURE_SU_SYSLOG
+    bool "Enable su to write to syslog"
+    default y
+    depends on SU
+config FEATURE_SU_CHECKS_SHELLS
+    bool "Enable su to check user's shell to be listed in /etc/shells"
+    depends on SU
+    default y
+config SULOGIN
     bool "sulogin"
     default n
+    select FEATURE_SYSLOG
     help
       sulogin is invoked when the system goes into single user
       mode (this is done through an entry in inittab).
 config CONFIG_VLOCK
+config VLOCK
     bool "vlock"
     default n
     select CONFIG_FEATURE_SUID
+    select FEATURE_SUID
     help
       Build the "vlock" applet which allows you to lock (virtual) terminals.

branches/stable/mindi-busybox/loginutils/addgroup.c

-              r821
+              r1770
 /* vi: set sw=4 ts=4: */
 /*
  * addgroup - add users to /etc/passwd and /etc/shadow
+ * addgroup - add groups to /etc/group and /etc/gshadow
+ *
  * Copyright (C) 1999 by Lineo, inc. and John Beppu
  * Copyright (C) 1999,2000,2001 by John Beppu <beppu@codepoet.org>
+ * Copyright (C) 2007 by Tito Ragusa <farmatito@tiscali.it>
+ *
  * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
 …
  */
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include "libbb.h"
+#include "busybox.h"
+static void xgroup_study(struct group *g)
+{
+    /* Make sure gr_name is unused */
+    if (getgrnam(g->gr_name)) {
+        goto error;
+    }
+/* make sure gr_name isn't taken, make sure gid is kosher
+ * return 1 on failure */
+static int group_study(struct group *g)
+{
+    FILE *etc_group;
+    gid_t desired;
+    struct group *grp;
+    const int max = 65000;
+    etc_group = bb_xfopen(bb_path_group_file, "r");
+    /* make sure gr_name isn't taken, make sure gid is kosher */
+    desired = g->gr_gid;
+    while ((grp = fgetgrent(etc_group))) {
+        if ((strcmp(grp->gr_name, g->gr_name)) == 0) {
+            bb_error_msg_and_die("%s: group already in use", g->gr_name);
+    /* Check if the desired gid is free
+     * or find the first free one */
+    while (1) {
+        if (!getgrgid(g->gr_gid)) {
+            return; /* found free group: return */
+        }
+        if ((desired) && grp->gr_gid == desired) {
+            bb_error_msg_and_die("%d: gid already in use",
+                              desired);
+        if (option_mask32) {
+            /* -g N, cannot pick gid other than N: error */
+            g->gr_name = itoa(g->gr_gid);
+            goto error;
+        }
+        if ((grp->gr_gid > g->gr_gid) && (grp->gr_gid < max)) {
+            g->gr_gid = grp->gr_gid;
+        g->gr_gid++;
+        if (g->gr_gid <= 0) {
+            /* overflowed: error */
+            bb_error_msg_and_die("no gids left");
+        }
+    }
-    fclose(etc_group);
+    /* gid */
+    if (desired) {
+        g->gr_gid = desired;
+    } else {
+        g->gr_gid++;
+    }
+    /* return 1; */
+    return 0;
+ error:
+    /* exit */
+    bb_error_msg_and_die("group %s already exists", g->gr_name);
+}
 /* append a new user to the passwd file */
 static int addgroup(char *group, gid_t gid, const char *user)
+static void new_group(char *group, gid_t gid)
+{
     FILE *file;
 …
     gr.gr_gid = gid;
     gr.gr_name = group;
+    if (group_study(&gr))
+        return 1;
+    xgroup_study(&gr);
     /* add entry to group */
     file = bb_xfopen(bb_path_group_file, "a");
+    file = xfopen(bb_path_group_file, "a");
     /* group:passwd:gid:userlist */
+    fprintf(file, "%s:%s:%d:%s\n", group, "x", gr.gr_gid, user);
+    fclose(file);
+    fprintf(file, "%s:x:%d:\n", group, gr.gr_gid);
+    if (ENABLE_FEATURE_CLEAN_UP)
+        fclose(file);
+#if ENABLE_FEATURE_SHADOWPASSWDS
+    file = fopen_or_warn(bb_path_gshadow_file, "a");
+    if (file) {
+        fprintf(file, "%s:!::\n", group);
+        if (ENABLE_FEATURE_CLEAN_UP)
+            fclose(file);
+    }
+#endif
+}
+#if ENABLE_FEATURE_SHADOWPASSWDS
+    file = bb_xfopen(bb_path_gshadow_file, "a");
+    fprintf(file, "%s:!::\n", group);
+    fclose(file);
+#if ENABLE_FEATURE_ADDUSER_TO_GROUP
+static void add_user_to_group(char **args,
+        const char *path,
+        FILE *(*fopen_func)(const char *fileName, const char *mode))
+{
+    char *line;
+    int len = strlen(args[1]);
+    llist_t *plist = NULL;
+    FILE *group_file;
+    group_file = fopen_func(path, "r");
+    if (!group_file) return;
+    while ((line = xmalloc_getline(group_file))) {
+        /* Find the group */
+        if (!strncmp(line, args[1], len)
+         && line[len] == ':'
+        ) {
+            /* Add the new user */
+            line = xasprintf("%s%s%s", line,
+                        last_char_is(line, ':') ? "" : ",",
+                        args[0]);
+        }
+        llist_add_to_end(&plist, line);
+    }
+    if (ENABLE_FEATURE_CLEAN_UP) {
+        fclose(group_file);
+        group_file = fopen_func(path, "w");
+        while ((line = llist_pop(&plist))) {
+            if (group_file)
+                fprintf(group_file, "%s\n", line);
+            free(line);
+        }
+        if (group_file)
+            fclose(group_file);
+    } else {
+        group_file = fopen_func(path, "w");
+        if (group_file)
+            while ((line = llist_pop(&plist)))
+                fprintf(group_file, "%s\n", line);
+    }
+}
 #endif
-    /* return 1; */
-    return 0;
+}
 /*
  * addgroup will take a login_name as its first parameter.
+ *
+ * gid
+ *
+ * can be customized via command-line parameters.
+ * ________________________________________________________________________ */
+ * gid can be customized via command-line parameters.
+ * If called with two non-option arguments, addgroup
+ * will add an existing user to an existing group.
+ */
+int addgroup_main(int argc, char **argv);
 int addgroup_main(int argc, char **argv)
+{
     char *group;
     gid_t gid = 0;
-    /* check for min, max and missing args and exit on error */
-    bb_opt_complementally = "-1:?2:?";
+    if (bb_getopt_ulflags(argc, argv, "g:", &group)) {
+        gid = bb_xgetlarg(group, 10, 0, LONG_MAX);
+    /* need to be root */
+    if (geteuid()) {
+        bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+    }
+    /* Syntax:
+     *  addgroup group
+     *  addgroup -g num group
+     *  addgroup user group
+     * Check for min, max and missing args */
+    opt_complementary = "-1:?2";
+    if (getopt32(argv, "g:", &group)) {
+        gid = xatoul_range(group, 0, ((unsigned long)(gid_t)ULONG_MAX) >> 1);
+    }
     /* move past the commandline options */
     argv += optind;
+    argc -= optind;
+    /* need to be root */
+    if(geteuid()) {
+        bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+    }
+#if ENABLE_FEATURE_ADDUSER_TO_GROUP
+    if (argc == 2) {
+        struct group *gr;
+    /* werk */
+    return addgroup(argv[0], gid, (argv[1]) ? argv[1] : "");
+        if (option_mask32) {
+            /* -g was there, but "addgroup -g num user group"
+             * is a no-no */
+            bb_show_usage();
+        }
+        /* check if group and user exist */
+        xuname2uid(argv[0]); /* unknown user: exit */
+        xgroup2gid(argv[1]); /* unknown group: exit */
+        /* check if user is already in this group */
+        gr = getgrnam(argv[1]);
+        for (; *(gr->gr_mem) != NULL; (gr->gr_mem)++) {
+            if (!strcmp(argv[0], *(gr->gr_mem))) {
+                /* user is already in group: do nothing */
+                return EXIT_SUCCESS;
+            }
+        }
+        add_user_to_group(argv, bb_path_group_file, xfopen);
+#if ENABLE_FEATURE_SHADOWPASSWDS
+        add_user_to_group(argv, bb_path_gshadow_file, fopen_or_warn);
+#endif /* ENABLE_FEATURE_SHADOWPASSWDS */
+    } else
+#endif /* ENABLE_FEATURE_ADDUSER_TO_GROUP */
+        new_group(argv[0], gid);
+    /* Reached only on success */
+    return EXIT_SUCCESS;
+}

branches/stable/mindi-busybox/loginutils/adduser.c

-              r821
+              r1770
  */
+#include <stdio.h>
+#include <sys/types.h>
+#include <string.h>
+#include <unistd.h>
+#include <time.h>
+#include <getopt.h>
+#include <sys/stat.h>
+#include "busybox.h"
+#define DONT_SET_PASS           (1 << 4)
+#define DONT_MAKE_HOME          (1 << 6)
+#include "libbb.h"
+#define OPT_DONT_SET_PASS  (1 << 4)
+#define OPT_DONT_MAKE_HOME (1 << 6)
 …
 static int passwd_study(const char *filename, struct passwd *p)
+{
     struct passwd *pw;
+    enum { min = 500, max = 65000 };
     FILE *passwd;
+    const int min = 500;
+    const int max = 65000;
+    passwd = bb_xfopen(filename, "r");
+    /* We are using reentrant fgetpwent_r() in order to avoid
+     * pulling in static buffers from libc (think static build here) */
+    char buffer[256];
+    struct passwd pw;
+    struct passwd *result;
+    passwd = xfopen(filename, "r");
     /* EDR if uid is out of bounds, set to min */
 …
      * find free uid and gid;
      */
     while ((pw = fgetpwent(passwd))) {
         if (strcmp(pw->pw_name, p->pw_name) == 0) {
+    while (!fgetpwent_r(passwd, &pw, buffer, sizeof(buffer), &result)) {
+        if (strcmp(pw.pw_name, p->pw_name) == 0) {
             /* return 0; */
             return 1;
+        }
         if ((pw->pw_uid >= p->pw_uid) && (pw->pw_uid < max)
             && (pw->pw_uid >= min)) {
             p->pw_uid = pw->pw_uid + 1;
+        if ((pw.pw_uid >= p->pw_uid) && (pw.pw_uid < max)
+            && (pw.pw_uid >= min)) {
+            p->pw_uid = pw.pw_uid + 1;
+        }
+    }
 …
     char *cmd;
     cmd = bb_xasprintf("addgroup -g %d \"%s\"", p->pw_gid, p->pw_name);
+    cmd = xasprintf("addgroup -g %d \"%s\"", p->pw_gid, p->pw_name);
     system(cmd);
     free(cmd);
 …
 static void passwd_wrapper(const char *login)
+{
+    static const char prog[] = "passwd";
+    execlp(prog, prog, login, NULL);
+    bb_error_msg_and_die("Failed to execute '%s', you must set the password for '%s' manually", prog, login);
+    static const char prog[] ALIGN1 = "passwd";
+    BB_EXECLP(prog, prog, login, NULL);
+    bb_error_msg_and_die("failed to execute '%s', you must set the password for '%s' manually", prog, login);
+}
 /* putpwent(3) remix */
 static int adduser(struct passwd *p, unsigned long flags)
+static int adduser(struct passwd *p)
+{
     FILE *file;
 …
     /* make sure everything is kosher and setup uid && gid */
     file = bb_xfopen(bb_path_passwd_file, "a");
+    file = xfopen(bb_path_passwd_file, "a");
     fseek(file, 0, SEEK_END);
 …
         case 3:
             bb_error_msg_and_die("%s: group name already in use", p->pw_name);
+    }
+    }
     /* add to passwd */
 …
         bb_perror_nomsg_and_die();
+    }
+    /* Do fclose even if !ENABLE_FEATURE_CLEAN_UP.
+     * We will exec passwd, files must be flushed & closed before that! */
     fclose(file);
 #if ENABLE_FEATURE_SHADOWPASSWDS
     /* add to shadow if necessary */
+    file = bb_xfopen(bb_path_shadow_file, "a");
+    fseek(file, 0, SEEK_END);
+    fprintf(file, "%s:!:%ld:%d:%d:%d:::\n",
+                    p->pw_name,             /* username */
+                    time(NULL) / 86400,     /* sp->sp_lstchg */
+,                      /* sp->sp_min */
+,                  /* sp->sp_max */
+);                     /* sp->sp_warn */
+    fclose(file);
+    file = fopen_or_warn(bb_path_shadow_file, "a");
+    if (file) {
+        fseek(file, 0, SEEK_END);
+        fprintf(file, "%s:!:%ld:%d:%d:%d:::\n",
+                p->pw_name,             /* username */
+                time(NULL) / 86400,     /* sp->sp_lstchg */
+,                      /* sp->sp_min */
+,                  /* sp->sp_max */
+);                     /* sp->sp_warn */
+        fclose(file);
+    }
 #endif
 …
     /* Clear the umask for this process so it doesn't
      * * screw up the permissions on the mkdir and chown. */
+     * screw up the permissions on the mkdir and chown. */
     umask(0);
     if (!(flags & DONT_MAKE_HOME)) {
+    if (!(option_mask32 & OPT_DONT_MAKE_HOME)) {
         /* Set the owner and group so it is owned by the new user,
            then fix up the permissions to 2755. Can't do it before
 …
         || chown(p->pw_dir, p->pw_uid, p->pw_gid)
         || chmod(p->pw_dir, 02755)) {
             bb_perror_msg("%s", p->pw_dir);
+        }
+    }
     if (!(flags & DONT_SET_PASS)) {
+            bb_perror_msg("%s", p->pw_dir);
+        }
+    }
+    if (!(option_mask32 & OPT_DONT_SET_PASS)) {
         /* interactively set passwd */
         passwd_wrapper(p->pw_name);
 …
+ *
  * can be customized via command-line parameters.
+ * ________________________________________________________________________ */
+ */
+int adduser_main(int argc, char **argv);
 int adduser_main(int argc, char **argv)
+{
     struct passwd pw;
     const char *usegroup = NULL;
+    unsigned long flags;
+    pw.pw_gecos = "Linux User,,,";
+    /* got root? */
+    if (geteuid()) {
+        bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+    }
+    pw.pw_gecos = (char *)"Linux User,,,";
     pw.pw_shell = (char *)DEFAULT_SHELL;
     pw.pw_dir = NULL;
+    /* check for min, max and missing args and exit on error */
+    bb_opt_complementally = "-1:?1:?";
+    flags = bb_getopt_ulflags(argc, argv, "h:g:s:G:DSH", &pw.pw_dir, &pw.pw_gecos, &pw.pw_shell, &usegroup);
+    /* got root? */
+    if(geteuid()) {
+        bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+    }
+    /* create string for $HOME if not specified already */
+    /* exactly one non-option arg */
+    opt_complementary = "=1";
+    getopt32(argv, "h:g:s:G:DSH", &pw.pw_dir, &pw.pw_gecos, &pw.pw_shell, &usegroup);
+    argv += optind;
+    /* create a passwd struct */
+    pw.pw_name = argv[0];
     if (!pw.pw_dir) {
+        snprintf(bb_common_bufsiz1, BUFSIZ, "/home/%s", argv[optind]);
+        pw.pw_dir =  &bb_common_bufsiz1[0];
+    }
+    /* create a passwd struct */
+    pw.pw_name = argv[optind];
+    pw.pw_passwd = "x";
+        /* create string for $HOME if not specified already */
+        pw.pw_dir = xasprintf("/home/%s", argv[0]);
+    }
+    pw.pw_passwd = (char *)"x";
     pw.pw_uid = 0;
     pw.pw_gid = (usegroup) ? bb_xgetgrnam(usegroup) : 0; /* exits on failure */
+    pw.pw_gid = usegroup ? xgroup2gid(usegroup) : 0; /* exits on failure */
     /* grand finale */
     return adduser(&pw, flags);
+}
+    return adduser(&pw);
+}

branches/stable/mindi-busybox/loginutils/deluser.c

-              r821
+              r1770
 /* vi: set sw=4 ts=4: */
 /*
  * deluser (remove lusers from the system ;) for TinyLogin
+ * deluser/delgroup implementation for busybox
+ *
  * Copyright (C) 1999 by Lineo, inc. and John Beppu
  * Copyright (C) 1999,2000,2001 by John Beppu <beppu@codepoet.org>
  * Unified with delgroup by Tito Ragusa <farmatito@tiscali.it>
+ * Copyright (C) 2007 by Tito Ragusa <farmatito@tiscali.it>
+ *
  * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ * Licensed under GPL version 2, see file LICENSE in this tarball for details.
+ *
  */
+#include <sys/stat.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "busybox.h"
+#include "libbb.h"
+/* where to start and stop deletion */
+typedef struct {
+    size_t start;
+    size_t stop;
+} Bounds;
+/* Status */
+#define STATUS_OK            0
+#define NAME_NOT_FOUND       1
+#define MEMBER_NOT_FOUND     2
+/* An interesting side-effect of boundary()'s
+ * implementation is that the first user (typically root)
+ * cannot be removed.  Let's call it a feature. */
+static inline Bounds boundary(const char *buffer, const char *login)
+static void del_line_matching(char **args,
+        const char *filename,
+        FILE *(*fopen_func)(const char *fileName, const char *mode))
+{
+    char needle[256];
+    char *start;
+    char *stop;
+    Bounds b;
+    FILE *passwd;
+    smallint error = NAME_NOT_FOUND;
+    char *name = (ENABLE_FEATURE_DEL_USER_FROM_GROUP && args[2]) ? args[2] : args[1];
+    char *line, *del;
+    char *new = xzalloc(1);
+    snprintf(needle, 256, "\n%s:", login);
+    needle[255] = 0;
+    start = strstr(buffer, needle);
+    if (!start) {
+        b.start = 0;
+        b.stop = 0;
+        return b;
+    passwd = fopen_func(filename, "r");
+    if (passwd) {
+        while ((line = xmalloc_fgets(passwd))) {
+            int len = strlen(name);
+            if (strncmp(line, name, len) == 0
+             && line[len] == ':'
+            ) {
+                error = STATUS_OK;
+                if (ENABLE_FEATURE_DEL_USER_FROM_GROUP) {
+                    struct group *gr;
+                    char *p;
+                    if (args[2]
+                     /* There were two args on commandline */
+                     && (gr = getgrnam(name))
+                     /* The group was not deleted in the meanwhile */
+                     && (p = strrchr(line, ':'))
+                     /* We can find a pointer to the last ':' */
+                    ) {
+                        error = MEMBER_NOT_FOUND;
+                        /* Move past ':' (worst case to '\0') and cut the line */
+                        p[1] = '\0';
+                        /* Reuse p */
+                        for (p = xzalloc(1); *gr->gr_mem != NULL; gr->gr_mem++) {
+                            /* Add all the other group members */
+                            if (strcmp(args[1], *gr->gr_mem) != 0) {
+                                del = p;
+                                p = xasprintf("%s%s%s", p, p[0] ? "," : "", *gr->gr_mem);
+                                free(del);
+                            } else
+                                error = STATUS_OK;
+                        }
+                        /* Recompose the line */
+                        line = xasprintf("%s%s\n", line, p);
+                        if (ENABLE_FEATURE_CLEAN_UP) free(p);
+                    } else
+                        goto skip;
+                }
+            }
+            del = new;
+            new = xasprintf("%s%s", new, line);
+            free(del);
+ skip:
+            free(line);
+        }
+        if (ENABLE_FEATURE_CLEAN_UP) fclose(passwd);
+        if (error) {
+            if (ENABLE_FEATURE_DEL_USER_FROM_GROUP && error == MEMBER_NOT_FOUND) {
+                /* Set the correct values for error message */
+                filename = name;
+                name = args[1];
+            }
+            bb_error_msg("can't find %s in %s", name, filename);
+        } else {
+            passwd = fopen_func(filename, "w");
+            if (passwd) {
+                fputs(new, passwd);
+                if (ENABLE_FEATURE_CLEAN_UP) fclose(passwd);
+            }
+        }
+    }
+    start++;
+    stop = strchr(start, '\n');
+    b.start = start - buffer;
+    b.stop = stop - buffer;
+    return b;
+    free(new);
+}
+/* grep -v ^login (except it only deletes the first match) */
+/* ...in fact, I think I'm going to simplify this later */
+static void del_line_matching(const char *login, const char *filename)
+{
+    char *buffer;
+    FILE *passwd;
+    Bounds b;
+    struct stat statbuf;
+    if ((passwd = bb_wfopen(filename, "r"))) {
+        xstat(filename, &statbuf);
+        buffer = (char *) xmalloc(statbuf.st_size * sizeof(char));
+        fread(buffer, statbuf.st_size, sizeof(char), passwd);
+        fclose(passwd);
+        /* find the user to remove */
+        b = boundary(buffer, login);
+        if (b.stop != 0) {
+            /* write the file w/o the user */
+            if ((passwd = bb_wfopen(filename, "w"))) {
+                fwrite(buffer, (b.start - 1), sizeof(char), passwd);
+                fwrite(&buffer[b.stop], (statbuf.st_size - b.stop), sizeof(char), passwd);
+                fclose(passwd);
+            }
+        } else {
+            bb_error_msg("Can't find '%s' in '%s'", login, filename);
+        }
+        free(buffer);
+    }
+}
+int deluser_main(int argc, char **argv);
 int deluser_main(int argc, char **argv)
+{
+    if (argc != 2) {
+    if (argc == 2
+     || (ENABLE_FEATURE_DEL_USER_FROM_GROUP
+        && (applet_name[3] == 'g' && argc == 3))
+    ) {
+        if (geteuid())
+            bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+        if ((ENABLE_FEATURE_DEL_USER_FROM_GROUP && argc != 3)
+         || ENABLE_DELUSER
+         || (ENABLE_DELGROUP && ENABLE_DESKTOP)
+        ) {
+            if (ENABLE_DELUSER
+             && (!ENABLE_DELGROUP || applet_name[3] == 'u')
+            ) {
+                del_line_matching(argv, bb_path_passwd_file, xfopen);
+                if (ENABLE_FEATURE_SHADOWPASSWDS)
+                    del_line_matching(argv, bb_path_shadow_file, fopen_or_warn);
+            } else if (ENABLE_DESKTOP && ENABLE_DELGROUP && getpwnam(argv[1]))
+                bb_error_msg_and_die("can't remove primary group of user %s", argv[1]);
+        }
+        del_line_matching(argv, bb_path_group_file, xfopen);
+        if (ENABLE_FEATURE_SHADOWPASSWDS)
+            del_line_matching(argv, bb_path_gshadow_file, fopen_or_warn);
+        return EXIT_SUCCESS;
+    } else
         bb_show_usage();
-    } else {
-        if (ENABLE_DELUSER && bb_applet_name[3] == 'u') {
-            del_line_matching(argv[1], bb_path_passwd_file);
-            if (ENABLE_FEATURE_SHADOWPASSWDS)
-                del_line_matching(argv[1], bb_path_shadow_file);
+        }
-        del_line_matching(argv[1], bb_path_group_file);
-        if (ENABLE_FEATURE_SHADOWPASSWDS)
-            del_line_matching(argv[1], bb_path_gshadow_file);
+    }
-    return (EXIT_SUCCESS);
+}
-/* $Id: deluser.c,v 1.4 2003/07/14 20:20:45 andersen Exp $ */

branches/stable/mindi-busybox/loginutils/getty.c

-              r902
+              r1770
 /* vi: set sw=4 ts=4: */
 /* agetty.c - another getty program for Linux. By W. Z. Venema 1989
+   Ported to Linux by Peter Orbaek <poe@daimi.aau.dk>
+   This program is freely distributable. The entire man-page used to
+   be here. Now read the real man-page agetty.8 instead.
+   -f option added by Eric Rasmussen <ear@usfirst.org> - 12/28/95
+-02-22 Arkadiusz Mi¶kiewicz <misiek@misiek.eu.org>
+   - added Native Language Support
+-05-05 Thorsten Kranzkowski <dl8bcu@gmx.net>
+   - enable hardware flow control before displaying /etc/issue
+*/
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <sys/ioctl.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <signal.h>
+#include <fcntl.h>
+#include <stdarg.h>
+#include <ctype.h>
+#include <getopt.h>
+#include <termios.h>
+#include "busybox.h"
+#ifdef CONFIG_FEATURE_UTMP
+ * Ported to Linux by Peter Orbaek <poe@daimi.aau.dk>
+ * This program is freely distributable. The entire man-page used to
+ * be here. Now read the real man-page agetty.8 instead.
+ *
+ * option added by Eric Rasmussen <ear@usfirst.org> - 12/28/95
+ *
+ * 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@misiek.eu.org>
+ * - added Native Language Support
+ * 1999-05-05 Thorsten Kranzkowski <dl8bcu@gmx.net>
+ * - enable hardware flow control before displaying /etc/issue
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ *
+ */
+#include "libbb.h"
+#include <syslog.h>
+#if ENABLE_FEATURE_UTMP
 #include <utmp.h>
 #endif
+#define _PATH_LOGIN     "/bin/login"
+ /* If USE_SYSLOG is undefined all diagnostics go directly to /dev/console. */
+#ifdef CONFIG_SYSLOGD
+#include <sys/param.h>
+#include <syslog.h>
+#endif
+ /*
+  * Some heuristics to find out what environment we are in: if it is not
+  * System V, assume it is SunOS 4.
+  */
+/*
+ * Some heuristics to find out what environment we are in: if it is not
+ * System V, assume it is SunOS 4.
+ */
 #ifdef LOGIN_PROCESS                    /* defined in System V utmp.h */
 #define SYSV_STYLE                      /* select System V style getty */
-#ifdef CONFIG_FEATURE_WTMP
-extern void updwtmp(const char *filename, const struct utmp *ut);
-#endif
-#endif  /* LOGIN_PROCESS */
- /*
-  * Things you may want to modify.
+  *
-  * You may disagree with the default line-editing etc. characters defined
-  * below. Note, however, that DEL cannot be used for interrupt generation
-  * and for line editing at the same time.
-  */
-#ifdef  SYSV_STYLE
 #include <sys/utsname.h>
 #include <time.h>
+#endif
+ /* If ISSUE is not defined, agetty will never display the contents of the
+  * /etc/issue file. You will not want to spit out large "issue" files at the
+  * wrong baud rate.
+  */
+#if ENABLE_FEATURE_WTMP
+extern void updwtmp(const char *filename, const struct utmp *ut);
+static void update_utmp(const char *line);
+#endif
+#endif  /* LOGIN_PROCESS */
+/*
+ * Things you may want to modify.
+ *
+ * You may disagree with the default line-editing etc. characters defined
+ * below. Note, however, that DEL cannot be used for interrupt generation
+ * and for line editing at the same time.
+ */
+/* I doubt there are systems which still need this */
+#undef HANDLE_ALLCAPS
+#define _PATH_LOGIN "/bin/login"
+/* If ISSUE is not defined, getty will never display the contents of the
+ * /etc/issue file. You will not want to spit out large "issue" files at the
+ * wrong baud rate.
+ */
 #define ISSUE "/etc/issue"              /* displayed before the login prompt */
 /* Some shorthands for control characters. */
 #define CTL(x)          (x ^ 0100)      /* Assumes ASCII dialect */
 #define CR              CTL('M')        /* carriage return */
 …
 /* Defaults for line-editing etc. characters; you may want to change this. */
 #define DEF_ERASE       DEL             /* default erase character */
 #define DEF_INTR        CTL('C')        /* default interrupt character */
 …
 #define DEF_SWITCH      0               /* default switch char */
+ /*
+  * SunOS 4.1.1 termio is broken. We must use the termios stuff instead,
+  * because the termio -> termios translation does not clear the termios
+  * CIBAUD bits. Therefore, the tty driver would sometimes report that input
+  * baud rate != output baud rate. I did not notice that problem with SunOS
+  * 4.1. We will use termios where available, and termio otherwise.
+  */
+/* linux 0.12 termio is broken too, if we use it c_cc[VERASE] isn't set
+   properly, but all is well if we use termios?! */
+#ifdef  TCGETS
+#undef  TCGETA
+#undef  TCSETA
+#undef  TCSETAW
+#define termio  termios
+#define TCGETA  TCGETS
+#define TCSETA  TCSETS
+#define TCSETAW TCSETSW
+#endif
+ /*
+  * When multiple baud rates are specified on the command line, the first one
+  * we will try is the first one specified.
+  */
+/*
+ * When multiple baud rates are specified on the command line, the first one
+ * we will try is the first one specified.
+ */
 #define FIRST_SPEED     0
 …
 struct options {
     int flags;                      /* toggle switches, see below */
     int timeout;                    /* time-out period */
     char *login;                    /* login program */
     char *tty;                      /* name of tty */
     char *initstring;               /* modem init string */
     char *issue;                    /* alternative issue file */
+    unsigned timeout;               /* time-out period */
+    const char *login;                    /* login program */
+    const char *tty;                      /* name of tty */
+    const char *initstring;               /* modem init string */
+    const char *issue;                    /* alternative issue file */
     int numspeed;                   /* number of baud rates to try */
     int speeds[MAX_SPEED];          /* baud rates to be tried */
 };
 static const char opt_string[] = "I:LH:f:hil:mt:wn";
+static const char opt_string[] ALIGN1 = "I:LH:f:hil:mt:wn";
 #define F_INITSTRING    (1<<0)          /* initstring is set */
 #define F_LOCAL         (1<<1)          /* force local */
 …
 /* Storage for things detected while the login name was read. */
 struct chardata {
+    int erase;                      /* erase character */
+    int kill;                       /* kill character */
+    int eol;                        /* end-of-line character */
+    int parity;                     /* what parity did we see */
+    int capslock;                   /* upper case without lower case */
+    unsigned char erase;    /* erase character */
+    unsigned char kill;     /* kill character */
+    unsigned char eol;      /* end-of-line character */
+    unsigned char parity;   /* what parity did we see */
+#ifdef HANDLE_ALLCAPS
+    unsigned char capslock; /* upper case without lower case */
+#endif
 };
 /* Initial values for the above. */
+static struct chardata init_chardata = {
+static const struct chardata init_chardata = {
     DEF_ERASE,                              /* default erase character */
     DEF_KILL,                               /* default kill character */
 ,                                     /* default eol char */
 ,                                      /* space parity */
+#ifdef HANDLE_ALLCAPS
 ,                                      /* no capslock */
+#endif
 };
-#if 0
-struct Speedtab {
-    long speed;
-    int code;
-};
-static struct Speedtab speedtab[] = {
-    {50, B50},
-    {75, B75},
-    {110, B110},
-    {134, B134},
-    {150, B150},
-    {200, B200},
-    {300, B300},
-    {600, B600},
-    {1200, B1200},
-    {1800, B1800},
-    {2400, B2400},
-    {4800, B4800},
-    {9600, B9600},
-#ifdef  B19200
-    {19200, B19200},
-#endif
-#ifdef  B38400
-    {38400, B38400},
-#endif
-#ifdef  EXTA
-    {19200, EXTA},
-#endif
-#ifdef  EXTB
-    {38400, EXTB},
-#endif
-#ifdef B57600
-    {57600, B57600},
-#endif
-#ifdef B115200
-    {115200, B115200},
-#endif
-#ifdef B230400
-    {230400, B230400},
-#endif
-    {0, 0},
-};
-#endif
-#ifdef  SYSV_STYLE
-#ifdef CONFIG_FEATURE_UTMP
-static void update_utmp(char *line);
-#endif
-#endif
 /* The following is used for understandable diagnostics. */
 …
 #define debug(s) fprintf(dbf,s); fflush(dbf)
 #define DEBUGTERM "/dev/ttyp0"
 FILE *dbf;
+static FILE *dbf;
 #else
+#define debug(s)                                /* nothing */
+#endif
+/*
+ * output error messages
+ */
+static void error(const char *fmt, ...) ATTRIBUTE_NORETURN;
+static void error(const char *fmt, ...)
+{
+    va_list va_alist;
+    char buf[256];
+#ifdef CONFIG_SYSLOGD
+    va_start(va_alist, fmt);
+    vsnprintf(buf, sizeof(buf), fmt, va_alist);
+    openlog(bb_applet_name, 0, LOG_AUTH);
+    syslog(LOG_ERR, "%s", buf);
+    closelog();
+#else
+    int fd;
+    size_t l;
+    snprintf(buf, sizeof(buf), "%s: ", bb_applet_name);
+    l = strlen(buf);
+    va_start(va_alist, fmt);
+    vsnprintf(buf + l, sizeof(buf) - l, fmt, va_alist);
+    l = strlen(buf);
+    /* truncate if need */
+    if((l + 3) > sizeof(buf))
+        l = sizeof(buf) - 3;
+    /* add \r\n always */
+    buf[l++] = '\r';
+    buf[l++] = '\n';
+    buf[l] = 0;
+    if ((fd = open("/dev/console", 1)) >= 0) {
+        write(fd, buf, l);
+        close(fd);
+    }
+#endif
+    va_end(va_alist);
+    (void) sleep((unsigned) 10);    /* be kind to init(8) */
+    exit(1);
+}
+#define debug(s) /* nothing */
+#endif
 …
+{
     int r;
     unsigned long value;
     if (safe_strtoul((char *)s, &value)) {
+    unsigned value = bb_strtou(s, NULL, 10);
+    if (errno) {
         return -1;
+    }
+    if ((r = tty_value_to_baud(value)) > 0) {
+    r = tty_value_to_baud(value);
+    if (r > 0) {
         return r;
+    }
 …
     for (cp = strtok(arg, ","); cp != 0; cp = strtok((char *) 0, ",")) {
         if ((op->speeds[op->numspeed++] = bcode(cp)) <= 0)
             error("bad speed: %s", cp);
+            bb_error_msg_and_die("bad speed: %s", cp);
         if (op->numspeed > MAX_SPEED)
             error("too many alternate speeds");
+            bb_error_msg_and_die("too many alternate speeds");
+    }
     debug("exiting parsespeeds\n");
 …
 /* parse-args - parse command-line arguments */
+/* parse_args - parse command-line arguments */
 static void parse_args(int argc, char **argv, struct options *op)
+{
     char *ts;
     op->flags = bb_getopt_ulflags(argc, argv, opt_string,
+    op->flags = getopt32(argv, opt_string,
         &(op->initstring), &fakehost, &(op->issue),
         &(op->login), &ts);
     if(op->flags & F_INITSTRING) {
+    if (op->flags & F_INITSTRING) {
         const char *p = op->initstring;
         char *q;
         q = op->initstring = bb_xstrdup(op->initstring);
+        op->initstring = q = xstrdup(op->initstring);
         /* copy optarg into op->initstring decoding \ddd
            octal codes into chars */
 …
+    }
     op->flags ^= F_ISSUE;           /* revert flag show /etc/issue */
+    if(op->flags & F_TIMEOUT) {
+        if ((op->timeout = atoi(ts)) <= 0)
+            error("bad timeout value: %s", ts);
+    }
+    if (op->flags & F_TIMEOUT) {
+        op->timeout = xatoul_range(ts, 1, INT_MAX);
+    }
+    argv += optind;
+    argc -= optind;
     debug("after getopt loop\n");
     if (argc < optind + 2)          /* check parameter count */
+    if (argc < 2)          /* check parameter count */
         bb_show_usage();
     /* we loosen up a bit and accept both "baudrate tty" and "tty baudrate" */
     if ('0' <= argv[optind][0] && argv[optind][0] <= '9') {
+    if (isdigit(argv[0][0])) {
         /* a number first, assume it's a speed (BSD style) */
         parse_speeds(op, argv[optind++]);       /* baud rate(s) */
         op->tty = argv[optind]; /* tty name */
+        parse_speeds(op, argv[0]);       /* baud rate(s) */
+        op->tty = argv[1]; /* tty name */
     } else {
+        op->tty = argv[optind++];       /* tty name */
+        parse_speeds(op, argv[optind]); /* baud rate(s) */
+    }
+    optind++;
+    if (argc > optind && argv[optind])
+        setenv("TERM", argv[optind], 1);
+        op->tty = argv[0];       /* tty name */
+        parse_speeds(op, argv[1]); /* baud rate(s) */
+    }
+    if (argv[2])
+        setenv("TERM", argv[2], 1);
     debug("exiting parseargs\n");
 …
 /* open_tty - set up tty as standard { input, output, error } */
 static void open_tty(char *tty, struct termio *tp, int local)
+static void open_tty(const char *tty, struct termios *tp, int local)
+{
     int chdir_to_root = 0;
     /* Set up new standard input, unless we are given an already opened port. */
+    if (strcmp(tty, "-")) {
+    if (NOT_LONE_DASH(tty)) {
         struct stat st;
         int fd;
         /* Sanity checks... */
+        if (chdir("/dev"))
+            error("/dev: chdir() failed: %m");
+        xchdir("/dev");
         chdir_to_root = 1;
+        if (stat(tty, &st) < 0)
+            error("/dev/%s: %m", tty);
+        xstat(tty, &st);
         if ((st.st_mode & S_IFMT) != S_IFCHR)
             error("/dev/%s: not a character device", tty);
+            bb_error_msg_and_die("%s: not a character device", tty);
         /* Open the tty as standard input. */
-        close(0);
         debug("open(2)\n");
+        fd = open(tty, O_RDWR | O_NONBLOCK, 0);
+        if (fd != 0)
+            error("/dev/%s: cannot open as standard input: %m", tty);
+        fd = xopen(tty, O_RDWR | O_NONBLOCK);
+        xdup2(fd, 0);
+        while (fd > 2)
+            close(fd--);
     } else {
         /*
          * Standard input should already be connected to an open port. Make
          * sure it is open for read/write.
          */
+        if ((fcntl(0, F_GETFL, 0) & O_RDWR) != O_RDWR)
+            error("%s: not open for read/write", tty);
+        if ((fcntl(0, F_GETFL) & O_RDWR) != O_RDWR)
+            bb_error_msg_and_die("stdin is not open for read/write");
+    }
     /* Replace current standard output/error fd's with new ones */
     debug("duping\n");
+    if (dup2(STDIN_FILENO, STDOUT_FILENO) == -1 ||
+        dup2(STDIN_FILENO, STDERR_FILENO) == -1)
+        error("%s: dup problem: %m", tty);      /* we have a problem */
+    xdup2(0, 1);
+    xdup2(0, 2);
     /*
 …
      * 5 seconds seems to be a good value.
      */
+    if (ioctl(0, TCGETA, tp) < 0)
+        error("%s: ioctl: %m", tty);
+    ioctl_or_perror_and_die(0, TCGETS, tp, "%s: TCGETS", tty);
     /*
 …
 #ifdef DEBIAN
+#warning Debian /dev/vcs[a]NN hack is deprecated and will be removed
+    {
         /* tty to root.dialout 660 */
 …
         int id;
+        id = (gr = getgrnam("dialout")) ? gr->gr_gid : 0;
+        gr = getgrnam("dialout");
+        id = gr ? gr->gr_gid : 0;
         chown(tty, 0, id);
         chmod(tty, 0660);
 …
             char *vcs, *vcsa;
+            if (!(vcs = strdup(tty)))
+                error("Can't malloc for vcs");
+            if (!(vcsa = malloc(strlen(tty) + 2)))
+                error("Can't malloc for vcsa");
+            vcs = xstrdup(tty);
+            vcsa = xmalloc(strlen(tty) + 2);
             strcpy(vcs, "vcs");
             strcpy(vcs + 3, tty + 3);
 …
             strcpy(vcsa + 4, tty + 3);
+            id = (gr = getgrnam("sys")) ? gr->gr_gid : 0;
+            gr = getgrnam("sys");
+            id = gr ? gr->gr_gid : 0;
             chown(vcs, 0, id);
             chmod(vcs, 0600);
 …
+    }
 #else
+    (void) chown(tty, 0, 0);        /* root, sys */
+    (void) chmod(tty, 0622);        /* crw--w--w- */
+#endif
+    if(chdir_to_root && chdir("/"))
+        error("chdir to / failed: %m");
+}
+/* termio_init - initialize termio settings */
+static void termio_init(struct termio *tp, int speed, struct options *op)
+    if (NOT_LONE_DASH(tty)) {
+        chown(tty, 0, 0);        /* 0:0 */
+        chmod(tty, 0622);        /* crw--w--w- */
+    }
+#endif
+    if (chdir_to_root)
+        xchdir("/");
+}
+/* termios_init - initialize termios settings */
+static void termios_init(struct termios *tp, int speed, struct options *op)
+{
     /*
      * Initial termio settings: 8-bit characters, raw-mode, blocking i/o.
+     * Initial termios settings: 8-bit characters, raw-mode, blocking i/o.
      * Special characters are set after we have read the login name; all
      * reads will be done in raw mode anyway. Errors will be dealt with
      * lateron.
+     * later on.
      */
 #ifdef __linux__
     /* flush input and output queues, important for modems! */
     (void) ioctl(0, TCFLSH, TCIOFLUSH);
+    ioctl(0, TCFLSH, TCIOFLUSH);
 #endif
 …
 #endif
     (void) ioctl(0, TCSETA, tp);
+    ioctl(0, TCSETS, tp);
     /* go to blocking input even in local mode */
     fcntl(0, F_SETFL, fcntl(0, F_GETFL, 0) & ~O_NONBLOCK);
+    ndelay_off(0);
     debug("term_io 2\n");
 …
 /* auto_baud - extract baud rate from modem status message */
 static void auto_baud(struct termio *tp)
+static void auto_baud(char *buf, unsigned size_buf, struct termios *tp)
+{
     int speed;
     int vmin;
     unsigned iflag;
-    char buf[BUFSIZ];
     char *bp;
     int nread;
 …
     /*
      * Use 7-bit characters, don't block if input queue is empty. Errors will
      * be dealt with lateron.
+     * be dealt with later on.
      */
 …
     vmin = tp->c_cc[VMIN];
     tp->c_cc[VMIN] = 0;                     /* don't block if queue empty */
     (void) ioctl(0, TCSETA, tp);
+    ioctl(0, TCSETS, tp);
     /*
 …
      */
+    (void) sleep(1);
+    if ((nread = read(0, buf, sizeof(buf) - 1)) > 0) {
+    sleep(1);
+    nread = read(0, buf, size_buf - 1);
+    if (nread > 0) {
         buf[nread] = '\0';
         for (bp = buf; bp < buf + nread; bp++) {
             if (isascii(*bp) && isdigit(*bp)) {
+                if ((speed = bcode(bp))) {
+                speed = bcode(bp);
+                if (speed) {
                     tp->c_cflag &= ~CBAUD;
                     tp->c_cflag |= speed;
 …
+        }
+    }
     /* Restore terminal settings. Errors will be dealt with lateron. */
+    /* Restore terminal settings. Errors will be dealt with later on. */
     tp->c_iflag = iflag;
     tp->c_cc[VMIN] = vmin;
     (void) ioctl(0, TCSETA, tp);
+    ioctl(0, TCSETS, tp);
+}
 /* next_speed - select next baud rate */
 static void next_speed(struct termio *tp, struct options *op)
+static void next_speed(struct termios *tp, struct options *op)
+{
     static int baud_index = FIRST_SPEED;    /* current speed index */
 …
     tp->c_cflag &= ~CBAUD;
     tp->c_cflag |= op->speeds[baud_index];
     (void) ioctl(0, TCSETA, tp);
+    ioctl(0, TCSETS, tp);
+}
 /* do_prompt - show login prompt, optionally preceded by /etc/issue contents */
 static void do_prompt(struct options *op, struct termio *tp)
+{
 #ifdef  ISSUE                                   /* optional: show /etc/issue */
+static void do_prompt(struct options *op, struct termios *tp)
+{
+#ifdef ISSUE
     print_login_issue(op->issue, op->tty);
 #endif
 …
+}
+#ifdef HANDLE_ALLCAPS
 /* caps_lock - string contains upper case without lower case */
 /* returns 1 if true, 0 if false */
 static int caps_lock(const char *s)
+{
+    int capslock;
+    for (capslock = 0; *s; s++) {
+        if (islower(*s))
+            return (0);
+        if (capslock == 0)
+            capslock = isupper(*s);
+    }
+    return (capslock);
+}
+#define logname bb_common_bufsiz1
+    while (*s)
+        if (islower(*s++))
+            return 0;
+    return 1;
+}
+#endif
 /* get_logname - get user name, establish parity, speed, erase, kill, eol */
 /* return NULL on failure, logname on success */
+static char *get_logname(struct options *op, struct chardata *cp, struct termio *tp)
+static char *get_logname(char *logname, unsigned size_logname,
+        struct options *op, struct chardata *cp, struct termios *tp)
+{
     char *bp;
 …
     int bits;                       /* # of "1" bits per character */
     int mask;                       /* mask with 1 bit up */
     static char *erase[] = {        /* backspace-space-backspace */
+    static const char erase[][3] = {    /* backspace-space-backspace */
         "\010\040\010",                 /* space parity */
         "\010\040\010",                 /* odd parity */
 …
     /* Flush pending input (esp. after parsing or switching the baud rate). */
     (void) sleep(1);
     (void) ioctl(0, TCFLSH, TCIFLUSH);
+    sleep(1);
+    ioctl(0, TCFLSH, TCIFLUSH);
     /* Prompt for and read a login name. */
+    for (*logname = 0; *logname == 0; /* void */ ) {
+    logname[0] = '\0';
+    while (!logname[0]) {
         /* Write issue file and prompt, with "parity" bit == 0. */
 …
         /* Read name, watch for break, parity, erase, kill, end-of-line. */
+        for (bp = logname, cp->eol = 0; cp->eol == 0; /* void */ ) {
+        bp = logname;
+        cp->eol = '\0';
+        while (cp->eol == '\0') {
             /* Do not report trivial EINTR/EIO errors. */
             if (read(0, &c, 1) < 1) {
                 if (errno == EINTR || errno == EIO)
                     exit(0);
                 error("%s: read: %m", op->tty);
+                bb_perror_msg_and_die("%s: read", op->tty);
+            }
             /* Do BREAK handling elsewhere. */
+            if ((c == 0) && op->numspeed > 1)
+                /* return (0); */
+            if (c == '\0' && op->numspeed > 1)
                 return NULL;
             /* Do parity bit handling. */
+            if (c != (ascval = (c & 0177))) {       /* "parity" bit on ? */
+                for (bits = 1, mask = 1; mask & 0177; mask <<= 1)
+            ascval = c & 0177;
+            if (c != ascval) {       /* "parity" bit on ? */
+                bits = 1;
+                mask = 1;
+                while (mask & 0177) {
                     if (mask & ascval)
                         bits++; /* count "1" bits */
+                cp->parity |= ((bits & 1) ? 1 : 2);
+                    mask <<= 1;
+                }
+                /* ... |= 2 - even, 1 - odd */
+                cp->parity |= 2 - (bits & 1);
+            }
             /* Do erase, kill and end-of-line processing. */
             switch (ascval) {
             case CR:
             case NL:
                 *bp = 0;                /* terminate logname */
+                *bp = '\0';             /* terminate logname */
                 cp->eol = ascval;       /* set end-of-line char */
                 break;
 …
                 cp->erase = ascval;     /* set erase character */
                 if (bp > logname) {
                     (void) write(1, erase[cp->parity], 3);
+                    write(1, erase[cp->parity], 3);
                     bp--;
+                }
 …
                 cp->kill = ascval;      /* set kill character */
                 while (bp > logname) {
                     (void) write(1, erase[cp->parity], 3);
+                    write(1, erase[cp->parity], 3);
                     bp--;
+                }
 …
             default:
                 if (!isascii(ascval) || !isprint(ascval)) {
                     /* ignore garbage characters */ ;
                 } else if (bp - logname >= sizeof(logname) - 1) {
                     error("%s: input overrun", op->tty);
+                    /* ignore garbage characters */
+                } else if (bp - logname >= size_logname - 1) {
+                    bb_error_msg_and_die("%s: input overrun", op->tty);
                 } else {
                     (void) write(1, &c, 1); /* echo the character */
+                    write(1, &c, 1); /* echo the character */
                     *bp++ = ascval; /* and store it */
+                }
 …
     /* Handle names with upper case and no lower case. */
+    if ((cp->capslock = caps_lock(logname))) {
+#ifdef HANDLE_ALLCAPS
+    cp->capslock = caps_lock(logname);
+    if (cp->capslock) {
         for (bp = logname; *bp; bp++)
             if (isupper(*bp))
                 *bp = tolower(*bp);     /* map name to lower case */
+    }
+    return (logname);
+}
+/* termio_final - set the final tty mode bits */
+static void termio_final(struct options *op, struct termio *tp, struct chardata *cp)
+#endif
+    return logname;
+}
+/* termios_final - set the final tty mode bits */
+static void termios_final(struct options *op, struct termios *tp, struct chardata *cp)
+{
     /* General terminal-independent stuff. */
 …
         break;
+    }
     /* Account for upper case without lower case. */
+#ifdef HANDLE_ALLCAPS
     if (cp->capslock) {
         tp->c_iflag |= IUCLC;
 …
         tp->c_oflag |= OLCUC;
+    }
+#endif
     /* Optionally enable hardware flow control */
 …
     /* Finally, make the new settings effective */
+    if (ioctl(0, TCSETA, tp) < 0)
+        error("%s: ioctl: TCSETA: %m", op->tty);
+}
+#ifdef  SYSV_STYLE
+#ifdef CONFIG_FEATURE_UTMP
+    ioctl_or_perror_and_die(0, TCSETS, tp, "%s: TCSETS", op->tty);
+}
+#ifdef SYSV_STYLE
+#if ENABLE_FEATURE_UTMP
 /* update_utmp - update our utmp entry */
 static void update_utmp(char *line)
+static void update_utmp(const char *line)
+{
     struct utmp ut;
 …
     time_t t;
     int mypid = getpid();
-#if ! (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 1))
-    struct flock lock;
-#endif
     /*
 …
     setutent();
     while ((utp = getutent())
            && !(utp->ut_type == INIT_PROCESS && utp->ut_pid == mypid))  /* nothing */
+        ;
+           && !(utp->ut_type == INIT_PROCESS && utp->ut_pid == mypid))
+        /* nothing */;
     if (utp) {
 …
         safe_strncpy(ut.ut_id, line + 3, sizeof(ut.ut_id));
+    }
     /*endutent(); */
+    /* endutent(); */
     strcpy(ut.ut_user, "LOGIN");
 …
     endutent();
 #ifdef CONFIG_FEATURE_WTMP
+#if ENABLE_FEATURE_WTMP
     if (access(bb_path_wtmp_file, R_OK|W_OK) == -1)
         close(creat(bb_path_wtmp_file, 0664));
 …
+#undef logname
+int getty_main(int argc, char **argv);
 int getty_main(int argc, char **argv)
+{
+    int nullfd;
     char *logname = NULL;           /* login name, given to /bin/login */
+    /* Merging these into "struct local" may _seem_ to reduce
+     * parameter passing, but today's gcc will inline
+     * statics which are called once anyway, so don't do that */
     struct chardata chardata;       /* set by get_logname() */
     struct termio termio;           /* terminal mode bits */
     static struct options options = {
+    struct termios termios;           /* terminal mode bits */
+    struct options options = {
 ,                      /* show /etc/issue (SYSV_STYLE) */
 ,                      /* no timeout */
 …
     };
+    /* Already too late because of theoretical
+     * possibility of getty --help somehow triggered
+     * inadvertently before we reach this. Oh well. */
+    logmode = LOGMODE_NONE;
+    setsid();
+    nullfd = xopen(bb_dev_null, O_RDWR);
+    /* dup2(nullfd, 0); - no, because of possible "getty - 9600" */
+    /* open_tty() will take care of fd# 0 anyway */
+    dup2(nullfd, 1);
+    dup2(nullfd, 2);
+    while (nullfd > 2) close(nullfd--);
+    /* We want special flavor of error_msg_and_die */
+    die_sleep = 10;
+    msg_eol = "\r\n";
+    openlog(applet_name, LOG_PID, LOG_AUTH);
+    logmode = LOGMODE_BOTH;
 #ifdef DEBUGGING
     dbf = bb_xfopen(DEBUGTERM, "w");
+    dbf = xfopen(DEBUGTERM, "w");
+    {
 …
     /* Parse command-line arguments. */
     parse_args(argc, argv, &options);
+#ifdef __linux__
+    setsid();
+#endif
+#ifdef SYSV_STYLE
+#if ENABLE_FEATURE_UTMP
     /* Update the utmp file. */
-#ifdef  SYSV_STYLE
-#ifdef CONFIG_FEATURE_UTMP
     update_utmp(options.tty);
 #endif
 …
     debug("calling open_tty\n");
     /* Open the tty as standard { input, output, error }. */
     open_tty(options.tty, &termio, options.flags & F_LOCAL);
+    open_tty(options.tty, &termios, options.flags & F_LOCAL);
 #ifdef __linux__
 …
+    }
 #endif
     /* Initialize the termio settings (raw mode, eight-bit, blocking i/o). */
     debug("calling termio_init\n");
     termio_init(&termio, options.speeds[FIRST_SPEED], &options);
+    /* Initialize the termios settings (raw mode, eight-bit, blocking i/o). */
+    debug("calling termios_init\n");
+    termios_init(&termios, options.speeds[FIRST_SPEED], &options);
     /* write the modem init string and DON'T flush the buffers */
 …
     if (!(options.flags & F_LOCAL)) {
         /* go to blocking write mode unless -L is specified */
         fcntl(1, F_SETFL, fcntl(1, F_GETFL, 0) & ~O_NONBLOCK);
+        ndelay_off(1);
+    }
 …
     debug("before autobaud\n");
     if (options.flags & F_PARSE)
         auto_baud(&termio);
+        auto_baud(bb_common_bufsiz1, sizeof(bb_common_bufsiz1), &termios);
     /* Set the optional timer. */
     if (options.timeout)
         (void) alarm((unsigned) options.timeout);
+        alarm(options.timeout);
     /* optionally wait for CR or LF before writing /etc/issue */
 …
         /* Read the login name. */
         debug("reading login name\n");
+        /* while ((logname = get_logname(&options, &chardata, &termio)) == 0) */
+        while ((logname = get_logname(&options, &chardata, &termio)) ==
+               NULL) next_speed(&termio, &options);
+        logname = get_logname(bb_common_bufsiz1, sizeof(bb_common_bufsiz1),
+                &options, &chardata, &termios);
+        while (logname == NULL)
+            next_speed(&termios, &options);
+    }
 …
     if (options.timeout)
         (void) alarm(0);
     /* Finalize the termio settings. */
     termio_final(&options, &termio, &chardata);
+        alarm(0);
+    /* Finalize the termios settings. */
+    termios_final(&options, &termios, &chardata);
     /* Now the newline character should be properly written. */
     (void) write(1, "\n", 1);
+    write(1, "\n", 1);
     /* Let the login program take care of password validation. */
+    (void) execl(options.login, options.login, "--", logname, (char *) 0);
+    error("%s: can't exec %s: %m", options.tty, options.login);
+}
+    execl(options.login, options.login, "--", logname, (char *) 0);
+    bb_error_msg_and_die("%s: can't exec %s", options.tty, options.login);
+}

branches/stable/mindi-busybox/loginutils/login.c

-              r821
+              r1770
 /* vi: set sw=4 ts=4: */
+#include <fcntl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <syslog.h>
+#include <termios.h>
+#include <unistd.h>
+/*
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ */
+#include "libbb.h"
 #include <utmp.h>
 #include <sys/resource.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <ctype.h>
+#include <time.h>
+#include "busybox.h"
+#ifdef CONFIG_SELINUX
+#include <syslog.h>
+#if ENABLE_SELINUX
 #include <selinux/selinux.h>  /* for is_selinux_enabled()  */
 #include <selinux/get_context_list.h> /* for get_default_context() */
 #include <selinux/flask.h> /* for security class definitions  */
+#include <errno.h>
+#endif
+#ifdef CONFIG_FEATURE_UTMP
+// import from utmp.c
+static void checkutmp(int picky);
+static void setutmp(const char *name, const char *line);
+/* Stuff global to this file */
+static struct utmp utent;
+#endif
+// login defines
+#define TIMEOUT       60
+#define EMPTY_USERNAME_COUNT    10
+#define USERNAME_SIZE 32
+static int check_nologin ( int amroot );
+#if defined CONFIG_FEATURE_SECURETTY
+static int check_tty ( const char *tty );
+#else
+static inline int check_tty ( const char *tty )  { return 1; }
+#endif
+static int is_my_tty ( const char *tty );
+static int login_prompt ( char *buf_name );
+static void motd ( void );
+static void alarm_handler ( int sig ATTRIBUTE_UNUSED)
+{
+    fprintf (stderr, "\nLogin timed out after %d seconds.\n", TIMEOUT );
+    exit ( EXIT_SUCCESS );
+}
+int login_main(int argc, char **argv)
+{
+    char tty[BUFSIZ];
+    char full_tty[200];
+    char fromhost[512];
+    char username[USERNAME_SIZE];
+    const char *tmp;
+    int amroot;
+    int flag;
+    int failed;
+    int count=0;
+    struct passwd *pw, pw_copy;
+#ifdef CONFIG_WHEEL_GROUP
+    struct group *grp;
+#endif
+    int opt_preserve = 0;
+    int opt_fflag = 0;
+    char *opt_host = 0;
+    int alarmstarted = 0;
+#ifdef CONFIG_SELINUX
+    security_context_t user_sid = NULL;
+#endif
+    username[0]=0;
+    amroot = ( getuid ( ) == 0 );
+    signal ( SIGALRM, alarm_handler );
+    alarm ( TIMEOUT );
+    alarmstarted = 1;
+    while (( flag = getopt(argc, argv, "f:h:p")) != EOF ) {
+        switch ( flag ) {
+        case 'p':
+            opt_preserve = 1;
+            break;
+        case 'f':
+            /*
+             * username must be a separate token
+             * (-f root, *NOT* -froot). --marekm
+             */
+            if ( optarg != argv[optind-1] )
+                bb_show_usage( );
+            if ( !amroot )      /* Auth bypass only if real UID is zero */
+                bb_error_msg_and_die ( "-f permission denied" );
+            safe_strncpy(username, optarg, USERNAME_SIZE);
+            opt_fflag = 1;
+            break;
+        case 'h':
+            opt_host = optarg;
+            break;
+        default:
+            bb_show_usage( );
+        }
+    }
+    if (optind < argc)             // user from command line (getty)
+        safe_strncpy(username, argv[optind], USERNAME_SIZE);
+    if ( !isatty ( 0 ) || !isatty ( 1 ) || !isatty ( 2 ))
+        return EXIT_FAILURE;        /* Must be a terminal */
+#ifdef CONFIG_FEATURE_UTMP
+    checkutmp ( !amroot );
+#endif
+    tmp = ttyname ( 0 );
+    if ( tmp && ( strncmp ( tmp, "/dev/", 5 ) == 0 ))
+        safe_strncpy ( tty, tmp + 5, sizeof( tty ));
+    else if ( tmp && *tmp == '/' )
+        safe_strncpy ( tty, tmp, sizeof( tty ));
+    else
+        safe_strncpy ( tty, "UNKNOWN", sizeof( tty ));
+#ifdef CONFIG_FEATURE_UTMP
+    if ( amroot )
+        memset ( utent.ut_host, 0, sizeof utent.ut_host );
+#endif
+    if ( opt_host ) {
+#ifdef CONFIG_FEATURE_UTMP
+        safe_strncpy ( utent.ut_host, opt_host, sizeof( utent. ut_host ));
+#endif
+        snprintf ( fromhost, sizeof( fromhost ) - 1, " on `%.100s' from `%.200s'", tty, opt_host );
+    }
+    else
+        snprintf ( fromhost, sizeof( fromhost ) - 1, " on `%.100s'", tty );
+    bb_setpgrp;
+    openlog ( "login", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH );
+    while ( 1 ) {
+        failed = 0;
+        if ( !username[0] )
+            if(!login_prompt ( username ))
+                return EXIT_FAILURE;
+        if ( !alarmstarted && ( TIMEOUT > 0 )) {
+            alarm ( TIMEOUT );
+            alarmstarted = 1;
+        }
+        if (!( pw = getpwnam ( username ))) {
+            pw_copy.pw_name   = "UNKNOWN";
+            pw_copy.pw_passwd = "!";
+            opt_fflag = 0;
+            failed = 1;
+        } else
+            pw_copy = *pw;
+        pw = &pw_copy;
+        if (( pw-> pw_passwd [0] == '!' ) || ( pw-> pw_passwd[0] == '*' ))
+            failed = 1;
+        if ( opt_fflag ) {
+            opt_fflag = 0;
+            goto auth_ok;
+        }
+        if (!failed && ( pw-> pw_uid == 0 ) && ( !check_tty ( tty )))
+            failed = 1;
+        /* Don't check the password if password entry is empty (!) */
+        if ( !pw-> pw_passwd[0] )
+            goto auth_ok;
+        /* authorization takes place here */
+        if ( correct_password ( pw ))
+            goto auth_ok;
+        failed = 1;
+auth_ok:
+        if ( !failed)
+            break;
+        bb_do_delay(FAIL_DELAY);
+        puts("Login incorrect");
+        username[0] = 0;
+        if ( ++count == 3 ) {
+            syslog ( LOG_WARNING, "invalid password for `%s'%s\n", pw->pw_name, fromhost);
+            return EXIT_FAILURE;
+    }
+    }
+    alarm ( 0 );
+    if ( check_nologin ( pw-> pw_uid == 0 ))
+        return EXIT_FAILURE;
+#ifdef CONFIG_FEATURE_UTMP
+    setutmp ( username, tty );
+#endif
+    if ( *tty != '/' )
+        snprintf ( full_tty, sizeof( full_tty ) - 1, "/dev/%s", tty);
+    else
+        safe_strncpy ( full_tty, tty, sizeof( full_tty ) - 1 );
+#ifdef CONFIG_SELINUX
+    if (is_selinux_enabled())
+    {
+        security_context_t old_tty_sid, new_tty_sid;
+        if (get_default_context(username, NULL, &user_sid))
+        {
+            fprintf(stderr, "Unable to get SID for %s\n", username);
+            exit(1);
+        }
+        if (getfilecon(full_tty, &old_tty_sid) < 0)
+        {
+            fprintf(stderr, "getfilecon(%.100s) failed: %.100s\n", full_tty, strerror(errno));
+            return EXIT_FAILURE;
+        }
+        if (security_compute_relabel(user_sid, old_tty_sid, SECCLASS_CHR_FILE, &new_tty_sid) != 0)
+        {
+            fprintf(stderr, "security_change_sid(%.100s) failed: %.100s\n", full_tty, strerror(errno));
+            return EXIT_FAILURE;
+        }
+        if(setfilecon(full_tty, new_tty_sid) != 0)
+        {
+            fprintf(stderr, "chsid(%.100s, %s) failed: %.100s\n", full_tty, new_tty_sid, strerror(errno));
+            return EXIT_FAILURE;
+        }
+    }
+#endif
+    if ( !is_my_tty ( full_tty ))
+        syslog ( LOG_ERR, "unable to determine TTY name, got %s\n", full_tty );
+    /* Try these, but don't complain if they fail
+     * (for example when the root fs is read only) */
+    chown ( full_tty, pw-> pw_uid, pw-> pw_gid );
+    chmod ( full_tty, 0600 );
+    change_identity ( pw );
+    tmp = pw-> pw_shell;
+    if(!tmp || !*tmp)
+        tmp = DEFAULT_SHELL;
+    setup_environment ( tmp, 1, !opt_preserve, pw );
+    motd ( );
+    signal ( SIGALRM, SIG_DFL );    /* default alarm signal */
+    if ( pw-> pw_uid == 0 )
+        syslog ( LOG_INFO, "root login %s\n", fromhost );
+#ifdef CONFIG_SELINUX
+    /* well, a simple setexeccon() here would do the job as well,
+     * but let's play the game for now */
+    set_current_security_context(user_sid);
+#endif
+    run_shell ( tmp, 1, 0, 0);  /* exec the shell finally. */
+    return EXIT_FAILURE;
+}
+static int login_prompt ( char *buf_name )
+{
+    char buf [1024];
+    char *sp, *ep;
+    int i;
+    for(i=0; i<EMPTY_USERNAME_COUNT; i++) {
+        print_login_prompt();
+        if ( !fgets ( buf, sizeof( buf ) - 1, stdin ))
+            return 0;
+        if ( !strchr ( buf, '\n' ))
+            return 0;
+        for ( sp = buf; isspace ( *sp ); sp++ ) { }
+        for ( ep = sp; isgraph ( *ep ); ep++ ) { }
+        *ep = 0;
+        safe_strncpy(buf_name, sp, USERNAME_SIZE);
+        if(buf_name[0])
+            return 1;
+    }
+    return 0;
+}
+static int check_nologin ( int amroot )
+{
+    if ( access ( bb_path_nologin_file, F_OK ) == 0 ) {
+        FILE *fp;
+        int c;
+        if (( fp = fopen ( bb_path_nologin_file, "r" ))) {
+            while (( c = getc ( fp )) != EOF )
+                putchar (( c == '\n' ) ? '\r' : c );
+            fflush ( stdout );
+            fclose ( fp );
+        } else {
+            puts ( "\r\nSystem closed for routine maintenance.\r" );
+        }
+        if ( !amroot )
+            return 1;
+        puts ( "\r\n[Disconnect bypassed -- root login allowed.]\r" );
+    }
+    return 0;
+}
+#ifdef CONFIG_FEATURE_SECURETTY
+static int check_tty ( const char *tty )
+{
+    FILE *fp;
+    int i;
+    char buf[BUFSIZ];
+    if (( fp = fopen ( bb_path_securetty_file, "r" ))) {
+        while ( fgets ( buf, sizeof( buf ) - 1, fp )) {
+            for ( i = strlen( buf ) - 1; i >= 0; --i ) {
+                if ( !isspace ( buf[i] ))
+                    break;
+            }
+            buf[++i] = '\0';
+            if (( buf [0] == '\0' ) || ( buf [0] == '#' ))
+                continue;
+            if ( strcmp ( buf, tty ) == 0 ) {
+                fclose ( fp );
+                return 1;
+            }
+        }
+        fclose(fp);
+        return 0;
+    }
+    /* A missing securetty file is not an error. */
+    return 1;
+}
+#endif
+/* returns 1 if true */
+static int is_my_tty ( const char *tty )
+{
+    struct stat by_name, by_fd;
+    if ( stat ( tty, &by_name ) || fstat ( 0, &by_fd ))
+        return 0;
+    if ( by_name. st_rdev != by_fd. st_rdev )
+        return 0;
+    else
+        return 1;
+}
+static void motd (void)
+{
+    FILE *fp;
+    register int c;
+    if (( fp = fopen ( bb_path_motd_file, "r" ))) {
+        while (( c = getc ( fp )) != EOF )
+            putchar ( c );
+        fclose ( fp );
+    }
+}
+#ifdef CONFIG_FEATURE_UTMP
+// vv  Taken from tinylogin utmp.c  vv
+#define NO_UTENT \
+    "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
+#define NO_TTY \
+    "Unable to determine your tty name."
+#endif
+#if ENABLE_PAM
+/* PAM may include <locale.h>. We may need to undefine bbox's stub define: */
+#undef setlocale
+/* For some obscure reason, PAM is not in pam/xxx, but in security/xxx.
+ * Apparently they like to confuse people. */
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+static const struct pam_conv conv = {
+    misc_conv,
+    NULL
+};
+#endif
+enum {
+    TIMEOUT = 60,
+    EMPTY_USERNAME_COUNT = 10,
+    USERNAME_SIZE = 32,
+    TTYNAME_SIZE = 32,
+};
+static char* short_tty;
+#if ENABLE_FEATURE_UTMP
+/* vv  Taken from tinylogin utmp.c  vv */
 /*
  * checkutmp - see if utmp file is correct for this process
+ * read_or_build_utent - see if utmp file is correct for this process
+ *
  *  System V is very picky about the contents of the utmp file
 …
  */
+static void checkutmp(int picky)
+{
+    char *line;
+static void read_or_build_utent(struct utmp *utptr, int picky)
+{
     struct utmp *ut;
     pid_t pid = getpid();
 …
     while ((ut = getutent()))
         if (ut->ut_pid == pid && ut->ut_line[0] && ut->ut_id[0] &&
             (ut->ut_type == LOGIN_PROCESS || ut->ut_type == USER_PROCESS))
+        (ut->ut_type == LOGIN_PROCESS || ut->ut_type == USER_PROCESS))
             break;
     /* If there is one, just use it, otherwise create a new one.  */
     if (ut) {
         utent = *ut;
+        *utptr = *ut;
     } else {
+        time_t t_tmp;
+        if (picky) {
+            puts(NO_UTENT);
+            exit(1);
+        }
+        line = ttyname(0);
+        if (!line) {
+            puts(NO_TTY);
+            exit(1);
+        }
+        if (strncmp(line, "/dev/", 5) == 0)
+            line += 5;
+        memset((void *) &utent, 0, sizeof utent);
+        utent.ut_type = LOGIN_PROCESS;
+        utent.ut_pid = pid;
+        strncpy(utent.ut_line, line, sizeof utent.ut_line);
+        /* XXX - assumes /dev/tty?? */
+        strncpy(utent.ut_id, utent.ut_line + 3, sizeof utent.ut_id);
+        strncpy(utent.ut_user, "LOGIN", sizeof utent.ut_user);
+        t_tmp = (time_t)utent.ut_time;
+        time(&t_tmp);
+    }
+        if (picky)
+            bb_error_msg_and_die("no utmp entry found");
+        memset(utptr, 0, sizeof(*utptr));
+        utptr->ut_type = LOGIN_PROCESS;
+        utptr->ut_pid = pid;
+        strncpy(utptr->ut_line, short_tty, sizeof(utptr->ut_line));
+        /* This one is only 4 chars wide. Try to fit something
+         * remotely meaningful by skipping "tty"... */
+        strncpy(utptr->ut_id, short_tty + 3, sizeof(utptr->ut_id));
+        strncpy(utptr->ut_user, "LOGIN", sizeof(utptr->ut_user));
+        utptr->ut_time = time(NULL);
+    }
+    if (!picky) /* root login */
+        memset(utptr->ut_host, 0, sizeof(utptr->ut_host));
+}
 /*
  * setutmp - put a USER_PROCESS entry in the utmp file
+ * write_utent - put a USER_PROCESS entry in the utmp file
+ *
  *  setutmp changes the type of the current utmp entry to
+ *  write_utent changes the type of the current utmp entry to
  *  USER_PROCESS.  the wtmp file will be updated as well.
  */
+static void setutmp(const char *name, const char *line ATTRIBUTE_UNUSED)
+{
+    time_t t_tmp = (time_t)utent.ut_time;
+    utent.ut_type = USER_PROCESS;
+    strncpy(utent.ut_user, name, sizeof utent.ut_user);
+    time(&t_tmp);
+    /* other fields already filled in by checkutmp above */
+static void write_utent(struct utmp *utptr, const char *username)
+{
+    utptr->ut_type = USER_PROCESS;
+    strncpy(utptr->ut_user, username, sizeof(utptr->ut_user));
+    utptr->ut_time = time(NULL);
+    /* other fields already filled in by read_or_build_utent above */
     setutent();
     pututline(&utent);
+    pututline(utptr);
     endutent();
 #ifdef CONFIG_FEATURE_WTMP
+#if ENABLE_FEATURE_WTMP
     if (access(bb_path_wtmp_file, R_OK|W_OK) == -1) {
         close(creat(bb_path_wtmp_file, 0664));
+    }
+    updwtmp(bb_path_wtmp_file, &utent);
+#endif
+}
+#endif /* CONFIG_FEATURE_UTMP */
+    updwtmp(bb_path_wtmp_file, utptr);
+#endif
+}
+#else /* !ENABLE_FEATURE_UTMP */
+#define read_or_build_utent(utptr, picky) ((void)0)
+#define write_utent(utptr, username) ((void)0)
+#endif /* !ENABLE_FEATURE_UTMP */
+#if ENABLE_FEATURE_NOLOGIN
+static void die_if_nologin_and_non_root(int amroot)
+{
+    FILE *fp;
+    int c;
+    if (access("/etc/nologin", F_OK))
+        return;
+    fp = fopen("/etc/nologin", "r");
+    if (fp) {
+        while ((c = getc(fp)) != EOF)
+            putchar((c=='\n') ? '\r' : c);
+        fflush(stdout);
+        fclose(fp);
+    } else
+        puts("\r\nSystem closed for routine maintenance\r");
+    if (!amroot)
+        exit(1);
+    puts("\r\n[Disconnect bypassed -- root login allowed]\r");
+}
+#else
+static ALWAYS_INLINE void die_if_nologin_and_non_root(int amroot) {}
+#endif
+#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
+static int check_securetty(void)
+{
+    FILE *fp;
+    int i;
+    char buf[256];
+    fp = fopen("/etc/securetty", "r");
+    if (!fp) {
+        /* A missing securetty file is not an error. */
+        return 1;
+    }
+    while (fgets(buf, sizeof(buf)-1, fp)) {
+        for (i = strlen(buf)-1; i >= 0; --i) {
+            if (!isspace(buf[i]))
+                break;
+        }
+        buf[++i] = '\0';
+        if (!buf[0] || (buf[0] == '#'))
+            continue;
+        if (strcmp(buf, short_tty) == 0) {
+            fclose(fp);
+            return 1;
+        }
+    }
+    fclose(fp);
+    return 0;
+}
+#else
+static ALWAYS_INLINE int check_securetty(void) { return 1; }
+#endif
+static void get_username_or_die(char *buf, int size_buf)
+{
+    int c, cntdown;
+    cntdown = EMPTY_USERNAME_COUNT;
+ prompt:
+    print_login_prompt();
+    /* skip whitespace */
+    do {
+        c = getchar();
+        if (c == EOF) exit(1);
+        if (c == '\n') {
+            if (!--cntdown) exit(1);
+            goto prompt;
+        }
+    } while (isspace(c));
+    *buf++ = c;
+    if (!fgets(buf, size_buf-2, stdin))
+        exit(1);
+    if (!strchr(buf, '\n'))
+        exit(1);
+    while (isgraph(*buf)) buf++;
+    *buf = '\0';
+}
+static void motd(void)
+{
+    int fd;
+    fd = open(bb_path_motd_file, O_RDONLY);
+    if (fd) {
+        fflush(stdout);
+        bb_copyfd_eof(fd, STDOUT_FILENO);
+        close(fd);
+    }
+}
+static void alarm_handler(int sig ATTRIBUTE_UNUSED)
+{
+    /* This is the escape hatch!  Poor serial line users and the like
+     * arrive here when their connection is broken.
+     * We don't want to block here */
+    ndelay_on(1);
+    ndelay_on(2);
+    printf("\r\nLogin timed out after %d seconds\r\n", TIMEOUT);
+    exit(EXIT_SUCCESS);
+}
+int login_main(int argc, char **argv);
+int login_main(int argc, char **argv)
+{
+    enum {
+        LOGIN_OPT_f = (1<<0),
+        LOGIN_OPT_h = (1<<1),
+        LOGIN_OPT_p = (1<<2),
+    };
+    char *fromhost;
+    char username[USERNAME_SIZE];
+    const char *tmp;
+    int amroot;
+    unsigned opt;
+    int count = 0;
+    struct passwd *pw;
+    char *opt_host = NULL;
+    char *opt_user = NULL;
+    char full_tty[TTYNAME_SIZE];
+    USE_SELINUX(security_context_t user_sid = NULL;)
+    USE_FEATURE_UTMP(struct utmp utent;)
+    USE_PAM(pam_handle_t *pamh;)
+    USE_PAM(int pamret;)
+    USE_PAM(const char *failed_msg;)
+    short_tty = full_tty;
+    username[0] = '\0';
+    amroot = (getuid() == 0);
+    signal(SIGALRM, alarm_handler);
+    alarm(TIMEOUT);
+    /* Mandatory paranoia for suid applet:
+     * ensure that fd# 0,1,2 are opened (at least to /dev/null)
+     * and any extra open fd's are closed.
+     * (The name of the function is misleading. Not daemonizing here.) */
+    bb_daemonize_or_rexec(DAEMON_ONLY_SANITIZE | DAEMON_CLOSE_EXTRA_FDS, NULL);
+    opt = getopt32(argv, "f:h:p", &opt_user, &opt_host);
+    if (opt & LOGIN_OPT_f) {
+        if (!amroot)
+            bb_error_msg_and_die("-f is for root only");
+        safe_strncpy(username, opt_user, sizeof(username));
+    }
+    if (optind < argc) /* user from command line (getty) */
+        safe_strncpy(username, argv[optind], sizeof(username));
+    /* Let's find out and memorize our tty */
+    if (!isatty(0) || !isatty(1) || !isatty(2))
+        return EXIT_FAILURE;        /* Must be a terminal */
+    safe_strncpy(full_tty, "UNKNOWN", sizeof(full_tty));
+    tmp = ttyname(0);
+    if (tmp) {
+        safe_strncpy(full_tty, tmp, sizeof(full_tty));
+        if (strncmp(full_tty, "/dev/", 5) == 0)
+            short_tty = full_tty + 5;
+    }
+    read_or_build_utent(&utent, !amroot);
+    if (opt_host) {
+        USE_FEATURE_UTMP(
+            safe_strncpy(utent.ut_host, opt_host, sizeof(utent.ut_host));
+        )
+        fromhost = xasprintf(" on '%s' from '%s'", short_tty, opt_host);
+    } else
+        fromhost = xasprintf(" on '%s'", short_tty);
+    /* Was breaking "login <username>" from shell command line: */
+    /*bb_setpgrp();*/
+    openlog(applet_name, LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
+    while (1) {
+        if (!username[0])
+            get_username_or_die(username, sizeof(username));
+#if ENABLE_PAM
+        pamret = pam_start("login", username, &conv, &pamh);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "pam_start";
+            goto pam_auth_failed;
+        }
+        /* set TTY (so things like securetty work) */
+        pamret = pam_set_item(pamh, PAM_TTY, short_tty);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "pam_set_item(TTY)";
+            goto pam_auth_failed;
+        }
+        pamret = pam_authenticate(pamh, 0);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "pam_authenticate";
+            goto pam_auth_failed;
+            /* TODO: or just "goto auth_failed"
+             * since user seems to enter wrong password
+             * (in this case pamret == 7)
+             */
+        }
+        /* check that the account is healthy */
+        pamret = pam_acct_mgmt(pamh, 0);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "account setup";
+            goto pam_auth_failed;
+        }
+        /* read user back */
+        {
+            const char *pamuser;
+            /* gcc: "dereferencing type-punned pointer breaks aliasing rules..."
+             * thus we cast to (void*) */
+            if (pam_get_item(pamh, PAM_USER, (void*)&pamuser) != PAM_SUCCESS) {
+                failed_msg = "pam_get_item(USER)";
+                goto pam_auth_failed;
+            }
+            safe_strncpy(username, pamuser, sizeof(username));
+        }
+        /* If we get here, the user was authenticated, and is
+         * granted access. */
+        pw = getpwnam(username);
+        if (pw)
+            break;
+        goto auth_failed;
+ pam_auth_failed:
+        bb_error_msg("%s failed: %s (%d)", failed_msg, pam_strerror(pamh, pamret), pamret);
+        safe_strncpy(username, "UNKNOWN", sizeof(username));
+#else /* not PAM */
+        pw = getpwnam(username);
+        if (!pw) {
+            strcpy(username, "UNKNOWN");
+            goto fake_it;
+        }
+        if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*')
+            goto auth_failed;
+        if (opt & LOGIN_OPT_f)
+            break; /* -f USER: success without asking passwd */
+        if (pw->pw_uid == 0 && !check_securetty())
+            goto auth_failed;
+        /* Don't check the password if password entry is empty (!) */
+        if (!pw->pw_passwd[0])
+            break;
+ fake_it:
+        /* authorization takes place here */
+        if (correct_password(pw))
+            break;
+#endif /* ENABLE_PAM */
+ auth_failed:
+        opt &= ~LOGIN_OPT_f;
+        bb_do_delay(FAIL_DELAY);
+        /* TODO: doesn't sound like correct English phrase to me */
+        puts("Login incorrect");
+        if (++count == 3) {
+            syslog(LOG_WARNING, "invalid password for '%s'%s",
+                        username, fromhost);
+            return EXIT_FAILURE;
+        }
+        username[0] = '\0';
+    }
+    alarm(0);
+    die_if_nologin_and_non_root(pw->pw_uid == 0);
+    write_utent(&utent, username);
+#if ENABLE_SELINUX
+    if (is_selinux_enabled()) {
+        security_context_t old_tty_sid, new_tty_sid;
+        if (get_default_context(username, NULL, &user_sid)) {
+            bb_error_msg_and_die("cannot get SID for %s",
+                    username);
+        }
+        if (getfilecon(full_tty, &old_tty_sid) < 0) {
+            bb_perror_msg_and_die("getfilecon(%s) failed",
+                    full_tty);
+        }
+        if (security_compute_relabel(user_sid, old_tty_sid,
+                    SECCLASS_CHR_FILE, &new_tty_sid) != 0) {
+            bb_perror_msg_and_die("security_change_sid(%s) failed",
+                    full_tty);
+        }
+        if (setfilecon(full_tty, new_tty_sid) != 0) {
+            bb_perror_msg_and_die("chsid(%s, %s) failed",
+                    full_tty, new_tty_sid);
+        }
+    }
+#endif
+    /* Try these, but don't complain if they fail.
+     * _f_chown is safe wrt race t=ttyname(0);...;chown(t); */
+    fchown(0, pw->pw_uid, pw->pw_gid);
+    fchmod(0, 0600);
+    if (ENABLE_LOGIN_SCRIPTS) {
+        char *t_argv[2];
+        t_argv[0] = getenv("LOGIN_PRE_SUID_SCRIPT");
+        if (t_argv[0]) {
+            t_argv[1] = NULL;
+            xsetenv("LOGIN_TTY", full_tty);
+            xsetenv("LOGIN_USER", pw->pw_name);
+            xsetenv("LOGIN_UID", utoa(pw->pw_uid));
+            xsetenv("LOGIN_GID", utoa(pw->pw_gid));
+            xsetenv("LOGIN_SHELL", pw->pw_shell);
+            xspawn(t_argv); /* NOMMU-friendly */
+            /* All variables are unset by setup_environment */
+            wait(NULL);
+        }
+    }
+    change_identity(pw);
+    tmp = pw->pw_shell;
+    if (!tmp || !*tmp)
+        tmp = DEFAULT_SHELL;
+    /* setup_environment params: shell, loginshell, changeenv, pw */
+    setup_environment(tmp, 1, !(opt & LOGIN_OPT_p), pw);
+    /* FIXME: login shell = 1 -> 3rd parameter is ignored! */
+    motd();
+    if (pw->pw_uid == 0)
+        syslog(LOG_INFO, "root login%s", fromhost);
+#if ENABLE_SELINUX
+    /* well, a simple setexeccon() here would do the job as well,
+     * but let's play the game for now */
+    set_current_security_context(user_sid);
+#endif
+    // util-linux login also does:
+    // /* start new session */
+    // setsid();
+    // /* TIOCSCTTY: steal tty from other process group */
+    // if (ioctl(0, TIOCSCTTY, 1)) error_msg...
+    // BBox login used to do this (see above):
+    // bb_setpgrp();
+    // If this stuff is really needed, add it and explain why!
+    /* set signals to defaults */
+    signal(SIGALRM, SIG_DFL);
+    /* Is this correct? This way user can ctrl-c out of /etc/profile,
+     * potentially creating security breach (tested with bash 3.0).
+     * But without this, bash 3.0 will not enable ctrl-c either.
+     * Maybe bash is buggy?
+     * Need to find out what standards say about /bin/login -
+     * should it leave SIGINT etc enabled or disabled? */
+    signal(SIGINT, SIG_DFL);
+    /* Exec login shell with no additional parameters */
+    run_shell(tmp, 1, NULL, NULL);
+    /* return EXIT_FAILURE; - not reached */
+}

branches/stable/mindi-busybox/loginutils/passwd.c

-              r821
+              r1770
 /* vi: set sw=4 ts=4: */
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
+#include <signal.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <utime.h>
+/*
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ */
+#include "libbb.h"
 #include <syslog.h>
+#include <time.h>
+#include <sys/resource.h>
+#include <errno.h>
+#include "busybox.h"
+static char crypt_passwd[128];
+static int create_backup(const char *backup, FILE * fp);
+static int new_password(const struct passwd *pw, int amroot, int algo);
+static void set_filesize_limit(int blocks);
+static int get_algo(char *a)
+static void nuke_str(char *str)
+{
+    int x = 1;                  /* standard: MD5 */
+    if (strcasecmp(a, "des") == 0)
+        x = 0;
+    return x;
+    if (str) memset(str, 0, strlen(str));
+}
+static int update_passwd(const struct passwd *pw, const char *crypt_pw)
+static char* new_password(const struct passwd *pw, uid_t myuid, int algo)
+{
+    char filename[1024];
+    char buf[1025];
+    char buffer[80];
+    char username[32];
+    char *pw_rest;
+    int mask;
+    int continued;
+    FILE *fp;
+    FILE *out_fp;
+    struct stat sb;
+    struct flock lock;
+#if ENABLE_FEATURE_SHADOWPASSWDS
+    if (access(bb_path_shadow_file, F_OK) == 0) {
+        snprintf(filename, sizeof filename, "%s", bb_path_shadow_file);
+    } else
+#endif
+    {
+        snprintf(filename, sizeof filename, "%s", bb_path_passwd_file);
+    }
+    if (((fp = fopen(filename, "r+")) == 0) || (fstat(fileno(fp), &sb))) {
+        /* return 0; */
+        return 1;
+    }
+    /* Lock the password file before updating */
+    lock.l_type = F_WRLCK;
+    lock.l_whence = SEEK_SET;
+    lock.l_start = 0;
+    lock.l_len = 0;
+    if (fcntl(fileno(fp), F_SETLK, &lock) < 0) {
+        fprintf(stderr, "%s: %s\n", filename, strerror(errno));
+        return 1;
+    }
+    lock.l_type = F_UNLCK;
+    snprintf(buf, sizeof buf, "%s-", filename);
+    if (create_backup(buf, fp)) {
+        fcntl(fileno(fp), F_SETLK, &lock);
+        fclose(fp);
+        return 1;
+    }
+    snprintf(buf, sizeof buf, "%s+", filename);
+    mask = umask(0777);
+    out_fp = fopen(buf, "w");
+    umask(mask);
+    if ((!out_fp) || (fchmod(fileno(out_fp), sb.st_mode & 0777))
+        || (fchown(fileno(out_fp), sb.st_uid, sb.st_gid))) {
+        fcntl(fileno(fp), F_SETLK, &lock);
+        fclose(fp);
+        fclose(out_fp);
+        return 1;
+    }
+    continued = 0;
+    snprintf(username, sizeof username, "%s:", pw->pw_name);
+    rewind(fp);
+    while (!feof(fp)) {
+        fgets(buffer, sizeof buffer, fp);
+        if (!continued) { /* Check to see if we're updating this line.  */
+            if (strncmp(username, buffer, strlen(username)) == 0) {
+                /* we have a match. */
+                pw_rest = strchr(buffer, ':');
+                *pw_rest++ = '\0';
+                pw_rest = strchr(pw_rest, ':');
+                fprintf(out_fp, "%s:%s%s", buffer, crypt_pw, pw_rest);
+            } else {
+                fputs(buffer, out_fp);
+            }
+        } else {
+            fputs(buffer, out_fp);
+    char salt[sizeof("$N$XXXXXXXX")]; /* "$N$XXXXXXXX" or "XX" */
+    char *orig = (char*)"";
+    char *newp = NULL;
+    char *cipher = NULL;
+    char *cp = NULL;
+    char *ret = NULL; /* failure so far */
+    if (myuid && pw->pw_passwd[0]) {
+        orig = bb_askpass(0, "Old password:"); /* returns ptr to static */
+        if (!orig)
+            goto err_ret;
+        cipher = pw_encrypt(orig, pw->pw_passwd); /* returns ptr to static */
+        if (strcmp(cipher, pw->pw_passwd) != 0) {
+            syslog(LOG_WARNING, "incorrect password for '%s'",
+                pw->pw_name);
+            bb_do_delay(FAIL_DELAY);
+            puts("Incorrect password");
+            goto err_ret;
+        }
+        if (buffer[strlen(buffer) - 1] == '\n') {
+            continued = 0;
+        } else {
+            continued = 1;
+        }
+        memset(buffer, 0, sizeof buffer);
+    }
+    if (fflush(out_fp) || fsync(fileno(out_fp)) || fclose(out_fp)) {
+        unlink(buf);
+        fcntl(fileno(fp), F_SETLK, &lock);
+        fclose(fp);
+        return 1;
+    }
+    if (rename(buf, filename) < 0) {
+        fcntl(fileno(fp), F_SETLK, &lock);
+        fclose(fp);
+        return 1;
+    } else {
+        fcntl(fileno(fp), F_SETLK, &lock);
+        fclose(fp);
+        return 0;
+    }
+    }
+    orig = xstrdup(orig); /* or else bb_askpass() will destroy it */
+    newp = bb_askpass(0, "New password:"); /* returns ptr to static */
+    if (!newp)
+        goto err_ret;
+    newp = xstrdup(newp); /* we are going to bb_askpass() again, so save it */
+    if (ENABLE_FEATURE_PASSWD_WEAK_CHECK
+     && obscure(orig, newp, pw) && myuid)
+        goto err_ret; /* non-root is not allowed to have weak passwd */
+    cp = bb_askpass(0, "Retype password:");
+    if (!cp)
+        goto err_ret;
+    if (strcmp(cp, newp)) {
+        puts("Passwords don't match");
+        goto err_ret;
+    }
+    crypt_make_salt(salt, 1, 0); /* des */
+    if (algo) { /* MD5 */
+        strcpy(salt, "$1$");
+        crypt_make_salt(salt + 3, 4, 0);
+    }
+    /* pw_encrypt returns ptr to static */
+    ret = xstrdup(pw_encrypt(newp, salt));
+    /* whee, success! */
+ err_ret:
+    nuke_str(orig);
+    if (ENABLE_FEATURE_CLEAN_UP) free(orig);
+    nuke_str(newp);
+    if (ENABLE_FEATURE_CLEAN_UP) free(newp);
+    nuke_str(cipher);
+    nuke_str(cp);
+    return ret;
+}
+int passwd_main(int argc, char **argv);
 int passwd_main(int argc, char **argv)
+{
+    int amroot;
+    char *cp;
+    char *np;
+    enum {
+        OPT_algo = 0x1, /* -a - password algorithm */
+        OPT_lock = 0x2, /* -l - lock account */
+        OPT_unlock = 0x4, /* -u - unlock account */
+        OPT_delete = 0x8, /* -d - delete password */
+        OPT_lud = 0xe,
+        STATE_ALGO_md5 = 0x10,
+        //STATE_ALGO_des = 0x20, not needed yet
+    };
+    unsigned opt;
+    int rc;
+    const char *opt_a = "";
+    const char *filename;
+    char *myname;
     char *name;
+    char *myname;
+    int flag;
+    int algo = 1;               /* -a - password algorithm */
+    int lflg = 0;               /* -l - lock account */
+    int uflg = 0;               /* -u - unlock account */
+    int dflg = 0;               /* -d - delete password */
+    const struct passwd *pw;
+    char *newp;
+    struct passwd *pw;
+    uid_t myuid;
+    struct rlimit rlimit_fsize;
+    char c;
 #if ENABLE_FEATURE_SHADOWPASSWDS
+    const struct spwd *sp;
+    /* Using _r function to avoid pulling in static buffers */
+    struct spwd spw;
+    struct spwd *result;
+    char buffer[256];
 #endif
+    amroot = (getuid() == 0);
+    openlog("passwd", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
+    while ((flag = getopt(argc, argv, "a:dlu")) != EOF) {
+        switch (flag) {
+        case 'a':
+            algo = get_algo(optarg);
+            break;
+        case 'd':
+            dflg++;
+            break;
+        case 'l':
+            lflg++;
+            break;
+        case 'u':
+            uflg++;
+            break;
+        default:
+            bb_show_usage();
+        }
+    }
+    myname = (char *) bb_xstrdup(bb_getpwuid(NULL, getuid(), -1));
+    /* exits on error */
+    if (optind < argc) {
+        name = argv[optind];
+    logmode = LOGMODE_BOTH;
+    openlog(applet_name, LOG_NOWAIT, LOG_AUTH);
+    opt = getopt32(argv, "a:lud", &opt_a);
+    //argc -= optind;
+    argv += optind;
+    if (strcasecmp(opt_a, "des") != 0) /* -a */
+        opt |= STATE_ALGO_md5;
+    //else
+    //  opt |= STATE_ALGO_des;
+    myuid = getuid();
+    /* -l, -u, -d require root priv and username argument */
+    if ((opt & OPT_lud) && (myuid || !argv[0]))
+        bb_show_usage();
+    /* Will complain and die if username not found */
+    myname = xstrdup(bb_getpwuid(NULL, -1, myuid));
+    name = argv[0] ? argv[0] : myname;
+    pw = getpwnam(name);
+    if (!pw) bb_error_msg_and_die("unknown user %s", name);
+    if (myuid && pw->pw_uid != myuid) {
+        /* LOGMODE_BOTH */
+        bb_error_msg_and_die("%s can't change password for %s", myname, name);
+    }
+#if ENABLE_FEATURE_SHADOWPASSWDS
+    /* getspnam_r() can lie! Even if user isn't in shadow, it can
+     * return success (pwd field was seen set to "!" in this case) */
+    if (getspnam_r(pw->pw_name, &spw, buffer, sizeof(buffer), &result)
+     || LONE_CHAR(spw.sp_pwdp, '!')) {
+        /* LOGMODE_BOTH */
+        bb_error_msg("no record of %s in %s, using %s",
+                name, bb_path_shadow_file,
+                bb_path_passwd_file);
     } else {
+        name = myname;
+    }
+    if ((lflg || uflg || dflg) && (optind >= argc || !amroot)) {
+        bb_show_usage();
+    }
+    pw = getpwnam(name);
+    if (!pw) {
+        bb_error_msg_and_die("Unknown user %s\n", name);
+    }
+    if (!amroot && pw->pw_uid != getuid()) {
+        syslog(LOG_WARNING, "can't change pwd for `%s'", name);
+        bb_error_msg_and_die("Permission denied.\n");
+    }
+#if ENABLE_FEATURE_SHADOWPASSWDS
+    sp = getspnam(name);
+    if (!sp) {
+        sp = (struct spwd *) pwd_to_spwd(pw);
+    }
+    cp = sp->sp_pwdp;
+    np = sp->sp_namp;
+#else
+    cp = pw->pw_passwd;
+    np = name;
+        pw->pw_passwd = spw.sp_pwdp;
+    }
 #endif
+    safe_strncpy(crypt_passwd, cp, sizeof(crypt_passwd));
+    if (!(dflg || lflg || uflg)) {
+        if (!amroot) {
+            if (cp[0] == '!') {
+                syslog(LOG_WARNING, "password locked for `%s'", np);
+                bb_error_msg_and_die( "The password for `%s' cannot be changed.\n", np);
+            }
+    /* Decide what the new password will be */
+    newp = NULL;
+    c = pw->pw_passwd[0] - '!';
+    if (!(opt & OPT_lud)) {
+        if (myuid && !c) { /* passwd starts with '!' */
+            /* LOGMODE_BOTH */
+            bb_error_msg_and_die("cannot change "
+                    "locked password for %s", name);
+        }
         printf("Changing password for %s\n", name);
+        if (new_password(pw, amroot, algo)) {
+            bb_error_msg_and_die( "The password for %s is unchanged.\n", name);
+        newp = new_password(pw, myuid, opt & STATE_ALGO_md5);
+        if (!newp) {
+            logmode = LOGMODE_STDIO;
+            bb_error_msg_and_die("password for %s is unchanged", name);
+        }
+    } else if (lflg) {
+        if (crypt_passwd[0] != '!') {
+            memmove(&crypt_passwd[1], crypt_passwd,
+                    sizeof crypt_passwd - 1);
+            crypt_passwd[sizeof crypt_passwd - 1] = '\0';
+            crypt_passwd[0] = '!';
+        }
+    } else if (uflg) {
+        if (crypt_passwd[0] == '!') {
+            memmove(crypt_passwd, &crypt_passwd[1],
+                    sizeof crypt_passwd - 1);
+        }
+    } else if (dflg) {
+        crypt_passwd[0] = '\0';
+    }
+    set_filesize_limit(30000);
+    } else if (opt & OPT_lock) {
+        if (!c) goto skip; /* passwd starts with '!' */
+        newp = xasprintf("!%s", pw->pw_passwd);
+    } else if (opt & OPT_unlock) {
+        if (c) goto skip; /* not '!' */
+        /* pw->pw_passwd pints to static storage,
+         * strdup'ing to avoid nasty surprizes */
+        newp = xstrdup(&pw->pw_passwd[1]);
+    } else if (opt & OPT_delete) {
+        //newp = xstrdup("");
+        newp = (char*)"";
+    }
+    rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * 30000;
+    setrlimit(RLIMIT_FSIZE, &rlimit_fsize);
     signal(SIGHUP, SIG_IGN);
     signal(SIGINT, SIG_IGN);
 …
     umask(077);
     xsetuid(0);
+    if (!update_passwd(pw, crypt_passwd)) {
+        syslog(LOG_INFO, "password for `%s' changed by user `%s'", name,
+               myname);
+        printf("Password changed.\n");
+    } else {
+        syslog(LOG_WARNING, "an error occurred updating the password file");
+        bb_error_msg_and_die("An error occurred updating the password file.\n");
+    }
+    return (0);
+}
+static int create_backup(const char *backup, FILE * fp)
+{
+    struct stat sb;
+    struct utimbuf ub;
+    FILE *bkfp;
+    int c, mask;
+    if (fstat(fileno(fp), &sb))
+        /* return -1; */
+        return 1;
+    mask = umask(077);
+    bkfp = fopen(backup, "w");
+    umask(mask);
+    if (!bkfp)
+        /* return -1; */
+        return 1;
+    /* TODO: faster copy, not one-char-at-a-time.  --marekm */
+    rewind(fp);
+    while ((c = getc(fp)) != EOF) {
+        if (putc(c, bkfp) == EOF)
+            break;
+    }
+    if (c != EOF || fflush(bkfp)) {
+        fclose(bkfp);
+        /* return -1; */
+        return 1;
+    }
+    if (fclose(bkfp))
+        /* return -1; */
+        return 1;
+    ub.actime = sb.st_atime;
+    ub.modtime = sb.st_mtime;
+    utime(backup, &ub);
+#if ENABLE_FEATURE_SHADOWPASSWDS
+    filename = bb_path_shadow_file;
+    rc = update_passwd(bb_path_shadow_file, name, newp);
+    if (rc == 0) /* no lines updated, no errors detected */
+#endif
+    {
+        filename = bb_path_passwd_file;
+        rc = update_passwd(bb_path_passwd_file, name, newp);
+    }
+    /* LOGMODE_BOTH */
+    if (rc < 0)
+        bb_error_msg_and_die("cannot update password file %s",
+                filename);
+    bb_info_msg("Password for %s changed by %s", name, myname);
+    //if (ENABLE_FEATURE_CLEAN_UP) free(newp);
+ skip:
+    if (!newp) {
+        bb_error_msg_and_die("password for %s is already %slocked",
+            name, (opt & OPT_unlock) ? "un" : "");
+    }
+    if (ENABLE_FEATURE_CLEAN_UP) free(myname);
     return 0;
+}
-static int i64c(int i)
+{
-    if (i <= 0)
-        return ('.');
-    if (i == 1)
-        return ('/');
-    if (i >= 2 && i < 12)
-        return ('0' - 2 + i);
-    if (i >= 12 && i < 38)
-        return ('A' - 12 + i);
-    if (i >= 38 && i < 63)
-        return ('a' - 38 + i);
-    return ('z');
+}
-static char *crypt_make_salt(void)
+{
-    time_t now;
-    static unsigned long x;
-    static char result[3];
-    time(&now);
-    x += now + getpid() + clock();
-    result[0] = i64c(((x >> 18) ^ (x >> 6)) & 077);
-    result[1] = i64c(((x >> 12) ^ x) & 077);
-    result[2] = '\0';
-    return result;
+}
-static int new_password(const struct passwd *pw, int amroot, int algo)
+{
-    char *clear;
-    char *cipher;
-    char *cp;
-    char salt[12]; /* "$N$XXXXXXXX" or "XX" */
-    char orig[200];
-    char pass[200];
-    if (!amroot && crypt_passwd[0]) {
-        if (!(clear = bb_askpass(0, "Old password:"))) {
-            /* return -1; */
-            return 1;
+        }
-        cipher = pw_encrypt(clear, crypt_passwd);
-        if (strcmp(cipher, crypt_passwd) != 0) {
-            syslog(LOG_WARNING, "incorrect password for `%s'",
-                   pw->pw_name);
-            bb_do_delay(FAIL_DELAY);
-            fprintf(stderr, "Incorrect password.\n");
-            /* return -1; */
-            return 1;
+        }
-        safe_strncpy(orig, clear, sizeof(orig));
-        memset(clear, 0, strlen(clear));
-        memset(cipher, 0, strlen(cipher));
-    } else {
-        orig[0] = '\0';
+    }
-    if (! (cp=bb_askpass(0, "Enter the new password (minimum of 5, maximum of 8 characters)\n"
-                      "Please use a combination of upper and lower case letters and numbers.\n"
-                      "Enter new password: ")))
+    {
-        memset(orig, 0, sizeof orig);
-        /* return -1; */
-        return 1;
+    }
-    safe_strncpy(pass, cp, sizeof(pass));
-    memset(cp, 0, strlen(cp));
-    /* if (!obscure(orig, pass, pw)) { */
-    if (obscure(orig, pass, pw)) {
-        if (amroot) {
-            printf("\nWarning: weak password (continuing).\n");
-        } else {
-            /* return -1; */
-            return 1;
+        }
+    }
-    if (!(cp = bb_askpass(0, "Re-enter new password: "))) {
-        memset(orig, 0, sizeof orig);
-        /* return -1; */
-        return 1;
+    }
-    if (strcmp(cp, pass)) {
-        fprintf(stderr, "Passwords do not match.\n");
-        /* return -1; */
-        return 1;
+    }
-    memset(cp, 0, strlen(cp));
-    memset(orig, 0, sizeof(orig));
-    memset(salt, 0, sizeof(salt));
-    if (algo == 1) {
-        strcpy(salt, "$1$");
-        strcat(salt, crypt_make_salt());
-        strcat(salt, crypt_make_salt());
-        strcat(salt, crypt_make_salt());
+    }
-    strcat(salt, crypt_make_salt());
-    cp = pw_encrypt(pass, salt);
-    memset(pass, 0, sizeof pass);
-    safe_strncpy(crypt_passwd, cp, sizeof(crypt_passwd));
-    return 0;
+}
-static void set_filesize_limit(int blocks)
+{
-    struct rlimit rlimit_fsize;
-    rlimit_fsize.rlim_cur = rlimit_fsize.rlim_max = 512L * blocks;
-    setrlimit(RLIMIT_FSIZE, &rlimit_fsize);
+}

branches/stable/mindi-busybox/loginutils/su.c

-              r821
+              r1770
 /* vi: set sw=4 ts=4: */
 /*
+   Licensed under the GPL v2, see the file LICENSE in this tarball.
+*/
+ *  Mini su implementation for busybox
+ *
+ *  Licensed under the GPL v2 or later, see the file LICENSE in this tarball.
+ */
+#include <fcntl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "libbb.h"
 #include <syslog.h>
-#include <termios.h>
-#include <unistd.h>
-#include <utmp.h>
-#include <sys/resource.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <ctype.h>
-#include <time.h>
+#include "busybox.h"
+#define SU_OPT_mp (3)
+#define SU_OPT_l (4)
+/* The shell to run if none is given in the user's passwd entry.  */
+#ifndef DEFAULT_SHELL
+#define DEFAULT_SHELL "/bin/sh"
+#endif
+/* Default user.  */
+#define DEFAULT_USER  "root"
+/* #define SYSLOG_SUCCESS */
+#define SYSLOG_FAILURE
+#if defined( SYSLOG_SUCCESS ) || defined( SYSLOG_FAILURE )
+/* Log the fact that someone has run su */
+# if defined( SYSLOG_SUCCESS ) && defined( SYSLOG_FAILURE )
+static void log_su (const char *successful, const char *old_user,
+                    const char *tty)
+int su_main(int argc, char **argv);
+int su_main(int argc, char **argv)
+{
+    syslog ( LOG_NOTICE, "%s%s on %s", successful, old_user, tty);
+}
+#  define log_su_successful(cu, u, tty) if(!cu) log_su("", u, tty)
+#  define log_su_failure(cu, u, tty)    if(!cu) log_su("FAILED SU ", u, tty)
+# else
+    /* partial logging */
+#  if !defined( SYSLOG_SUCESS )
+#   define log_su_successful(cu, u, tty)
+#   define log_su_failure(cu, u, t) if(!cu) \
+            syslog(LOG_NOTICE, "FAILED SU %s on %s", u, t)
+#  else
+#   define log_su_successful(cu, u, t) if(!cu) \
+            syslog(LOG_NOTICE, "%s on %s", u, t)
+#   define log_su_failure(cu, u, tty)
+#  endif
+# endif
+#else
+    /* logging not used */
+# define log_su_successful(cu, u, tty)
+# define log_su_failure(cu, u, tty)
+#endif
+int su_main ( int argc, char **argv )
+{
+    unsigned long flags;
+    char *opt_shell = 0;
+    char *opt_command = 0;
+    char *opt_username = DEFAULT_USER;
+    char **opt_args = 0;
+    unsigned flags;
+    char *opt_shell = NULL;
+    char *opt_command = NULL;
+    const char *opt_username = "root";
     struct passwd *pw;
     uid_t cur_uid = getuid();
+    const char *tty;
+    char *old_user;
+#if defined( SYSLOG_SUCCESS ) || defined( SYSLOG_FAILURE )
+    const char *tty;
+    const char *old_user;
+#endif
+    flags = getopt32(argv, "mplc:s:", &opt_command, &opt_shell);
+    argc -= optind;
+    argv += optind;
+    flags = bb_getopt_ulflags(argc, argv, "mplc:s:",
+                          &opt_command, &opt_shell);
+#define SU_OPT_m (3)
+#define SU_OPT_p (3)
+#define SU_OPT_l (4)
+    if (optind < argc  && argv[optind][0] == '-' && argv[optind][1] == 0) {
+    if (argc && LONE_DASH(argv[0])) {
         flags |= SU_OPT_l;
+        ++optind;
+    }
+        argc--;
+        argv++;
+    }
     /* get user if specified */
+    if ( optind < argc )
+        opt_username = argv [optind++];
+    if (argc) {
+        opt_username = argv[0];
+//      argc--;
+        argv++;
+    }
+    if ( optind < argc )
+        opt_args = argv + optind;
+    if (ENABLE_FEATURE_SU_SYSLOG) {
+        /* The utmp entry (via getlogin) is probably the best way to identify
+        the user, especially if someone su's from a su-shell.
+        But getlogin can fail -- usually due to lack of utmp entry.
+        in this case resort to getpwuid.  */
+        old_user = xstrdup(USE_FEATURE_UTMP(getlogin() ? : ) (pw = getpwuid(cur_uid)) ? pw->pw_name : "");
+        tty = ttyname(2) ? : "none";
+        openlog(applet_name, 0, LOG_AUTH);
+    }
+#if defined( SYSLOG_SUCCESS ) || defined( SYSLOG_FAILURE )
+#ifdef CONFIG_FEATURE_UTMP
+    /* The utmp entry (via getlogin) is probably the best way to identify
+       the user, especially if someone su's from a su-shell.  */
+    old_user = getlogin ( );
+    if ( !old_user )
+#endif
+        {
+        /* getlogin can fail -- usually due to lack of utmp entry.
+           Resort to getpwuid.  */
+        pw = getpwuid ( cur_uid );
+        old_user = ( pw ? pw->pw_name : "" );
+    }
+    tty = ttyname ( 2 );
+    if(!tty)
+        tty = "none";
+    openlog ( bb_applet_name, 0, LOG_AUTH );
+#endif
+    pw = getpwnam ( opt_username );
+    if ( !pw )
+        bb_error_msg_and_die ( "user %s does not exist", opt_username );
+    pw = getpwnam(opt_username);
+    if (!pw)
+        bb_error_msg_and_die("unknown id: %s", opt_username);
     /* Make sure pw->pw_shell is non-NULL.  It may be NULL when NEW_USER
        is a username that is retrieved via NIS (YP), but that doesn't have
        a default shell listed.  */
     if ( !pw->pw_shell || !pw->pw_shell [0] )
         pw->pw_shell = (char *) DEFAULT_SHELL;
+    if (!pw->pw_shell || !pw->pw_shell[0])
+        pw->pw_shell = (char *)DEFAULT_SHELL;
+    if ((( cur_uid == 0 ) || correct_password ( pw ))) {
+        log_su_successful(pw->pw_uid, old_user, tty );
+    if ((cur_uid == 0) || correct_password(pw)) {
+        if (ENABLE_FEATURE_SU_SYSLOG)
+            syslog(LOG_NOTICE, "%c %s %s:%s",
+                '+', tty, old_user, opt_username);
     } else {
+        log_su_failure (pw->pw_uid, old_user, tty );
+        bb_error_msg_and_die ( "incorrect password" );
+        if (ENABLE_FEATURE_SU_SYSLOG)
+            syslog(LOG_NOTICE, "%c %s %s:%s",
+                '-', tty, old_user, opt_username);
+        bb_error_msg_and_die("incorrect password");
+    }
+#if defined( SYSLOG_SUCCESS ) || defined( SYSLOG_FAILURE )
+    closelog();
+#endif
+    if (ENABLE_FEATURE_CLEAN_UP && ENABLE_FEATURE_SU_SYSLOG) {
+        closelog();
+        free(old_user);
+    }
     if ( !opt_shell && (flags & SU_OPT_p))
         opt_shell = getenv ( "SHELL" );
+    if (!opt_shell && (flags & SU_OPT_mp))
+        opt_shell = getenv("SHELL");
+    if ( opt_shell && cur_uid && restricted_shell ( pw->pw_shell )) {
+#if ENABLE_FEATURE_SU_CHECKS_SHELLS
+    if (opt_shell && cur_uid && restricted_shell(pw->pw_shell)) {
         /* The user being su'd to has a nonstandard shell, and so is
            probably a uucp account or has restricted access.  Don't
            compromise the account by allowing access with a standard
            shell.  */
         fputs ( "using restricted shell\n", stderr );
+        bb_error_msg("using restricted shell");
         opt_shell = 0;
+    }
     if ( !opt_shell )
+#endif
+    if (!opt_shell)
         opt_shell = pw->pw_shell;
     change_identity ( pw );
     setup_environment(opt_shell, flags & SU_OPT_l, !(flags & SU_OPT_p), pw);
+#if ENABLE_SELINUX
+       set_current_security_context(NULL);
+#endif
     run_shell(opt_shell, flags & SU_OPT_l, opt_command, (const char**)opt_args);
+    change_identity(pw);
+    setup_environment(opt_shell, flags & SU_OPT_l, !(flags & SU_OPT_mp), pw);
+    USE_SELINUX(set_current_security_context(NULL);)
+    /* Never returns */
+    run_shell(opt_shell, flags & SU_OPT_l, opt_command, (const char**)argv);
     return EXIT_FAILURE;

branches/stable/mindi-busybox/loginutils/sulogin.c

-              r902
+              r1770
 /* vi: set sw=4 ts=4: */
+#include <fcntl.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+/*
+ * Mini sulogin implementation for busybox
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ */
 #include <syslog.h>
-#include <unistd.h>
-#include <utmp.h>
-#include <sys/resource.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <ctype.h>
-#include <time.h>
 #include "busybox.h"
+#include "libbb.h"
+#define SULOGIN_PROMPT "\nGive root password for system maintenance\n" \
+    "(or type Control-D for normal startup):"
+static const char * const forbid[] = {
+static const char *const forbid[] = {
     "ENV",
     "BASH_ENV",
 …
 static void catchalarm(int ATTRIBUTE_UNUSED junk)
+{
 …
+int sulogin_main(int argc, char **argv);
 int sulogin_main(int argc, char **argv)
+{
     char *cp;
-    char *device = NULL;
-    const char *name = "root";
     int timeout = 0;
+#define pass bb_common_bufsiz1
+    struct passwd pwent;
+    char *timeout_arg;
+    const char *const *p;
     struct passwd *pwd;
     const char * const *p;
+    const char *shell;
 #if ENABLE_FEATURE_SHADOWPASSWDS
+    struct spwd *spwd = NULL;
+    /* Using _r function to avoid pulling in static buffers */
+    char buffer[256];
+    struct spwd spw;
+    struct spwd *result;
 #endif
+    openlog("sulogin", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
+    if (argc > 1) {
+        if (strncmp(argv[1], "-t", 2) == 0) {
+            if (argv[1][2] == '\0') { /* -t NN */
+                if (argc > 2) {
+                    timeout = atoi(argv[2]);
+                    if (argc > 3) {
+                        device = argv[3];
+                    }
+                }
+            } else { /* -tNNN */
+                timeout = atoi(&argv[1][2]);
+                if (argc > 2) {
+                    device = argv[2];
+                }
+            }
+        } else {
+            device = argv[1];
+        }
+        if (device) {
+            close(0);
+            close(1);
+            close(2);
+            if (open(device, O_RDWR) == 0) {
+                dup(0);
+                dup(0);
+            } else {
+                syslog(LOG_WARNING, "cannot open %s\n", device);
+                exit(EXIT_FAILURE);
+            }
+        }
+    }
+    if (access(bb_path_passwd_file, 0) == -1) {
+        syslog(LOG_WARNING, "No password file\n");
+        bb_error_msg_and_die("No password file\n");
+    }
+    if (!isatty(0) || !isatty(1) || !isatty(2)) {
+        exit(EXIT_FAILURE);
+    logmode = LOGMODE_BOTH;
+    openlog(applet_name, 0, LOG_AUTH);
+    if (getopt32(argv, "t:", &timeout_arg)) {
+        timeout = xatoi_u(timeout_arg);
+    }
+    if (argv[optind]) {
+        close(0);
+        close(1);
+        dup(xopen(argv[optind], O_RDWR));
+        close(2);
+        dup(0);
+    }
+    if (!isatty(0) || !isatty(1) || !isatty(2)) {
+        logmode = LOGMODE_SYSLOG;
+        bb_error_msg_and_die("not a tty");
+    }
     /* Clear out anything dangerous from the environment */
 …
         unsetenv(*p);
+    signal(SIGALRM, catchalarm);
+    signal(SIGALRM, catchalarm);
+    if (!(pwd = getpwnam(name))) {
+        syslog(LOG_WARNING, "No password entry for `root'\n");
+        bb_error_msg_and_die("No password entry for `root'\n");
+    pwd = getpwuid(0);
+    if (!pwd) {
+        goto auth_error;
+    }
+    pwent = *pwd;
 #if ENABLE_FEATURE_SHADOWPASSWDS
+    spwd = NULL;
+    if (pwd && ((strcmp(pwd->pw_passwd, "x") == 0)
+                || (strcmp(pwd->pw_passwd, "*") == 0))) {
+        endspent();
+        spwd = getspnam(name);
+        if (spwd) {
+            pwent.pw_passwd = spwd->sp_pwdp;
+    if (getspnam_r(pwd->pw_name, &spw, buffer, sizeof(buffer), &result)) {
+        goto auth_error;
+    }
+    pwd->pw_passwd = spw.sp_pwdp;
+#endif
+    while (1) {
+        /* cp points to a static buffer that is zeroed every time */
+        cp = bb_askpass(timeout,
+                "Give root password for system maintenance\n"
+                "(or type Control-D for normal startup):");
+        if (!cp || !*cp) {
+            bb_info_msg("Normal startup");
+            return 0;
+        }
+    }
+#endif
+    while (1) {
+        cp = bb_askpass(timeout, SULOGIN_PROMPT);
+        if (!cp || !*cp) {
+            puts("\n");
+            fflush(stdout);
+            syslog(LOG_INFO, "Normal startup\n");
+            exit(EXIT_SUCCESS);
+        } else {
+            safe_strncpy(pass, cp, sizeof(pass));
+            memset(cp, 0, strlen(cp));
+        }
+        if (strcmp(pw_encrypt(pass, pwent.pw_passwd), pwent.pw_passwd) == 0) {
+        if (strcmp(pw_encrypt(cp, pwd->pw_passwd), pwd->pw_passwd) == 0) {
             break;
+        }
         bb_do_delay(FAIL_DELAY);
+        puts("Login incorrect");
+        fflush(stdout);
+        syslog(LOG_WARNING, "Incorrect root password\n");
+        bb_error_msg("login incorrect");
+    }
     memset(pass, 0, strlen(pass));
+    memset(cp, 0, strlen(cp));
     signal(SIGALRM, SIG_DFL);
-    puts("Entering System Maintenance Mode\n");
-    fflush(stdout);
-    syslog(LOG_INFO, "System Maintenance Mode\n");
+#if ENABLE_SELINUX
+    renew_current_security_context();
+#endif
+    bb_info_msg("System Maintenance Mode");
     run_shell(pwent.pw_shell, 1, 0, 0);
+    USE_SELINUX(renew_current_security_context());
+    return (0);
+    shell = getenv("SUSHELL");
+    if (!shell) shell = getenv("sushell");
+    if (!shell) {
+        shell = "/bin/sh";
+        if (pwd->pw_shell[0])
+            shell = pwd->pw_shell;
+    }
+    run_shell(shell, 1, 0, 0);
+    /* never returns */
+auth_error:
+    bb_error_msg_and_die("no password entry for 'root'");
+}

branches/stable/mindi-busybox/loginutils/vlock.c

-              r821
+              r1770
 /* vi: set sw=4 ts=4: */
 /*
  * vlock implementation for busybox
 …
  * It now works with md5, sha1, etc passwords. */
+#include <stdio.h>
+#include <stdlib.h>
+#include "libbb.h"
 #include <sys/vt.h>
-#include <signal.h>
-#include <string.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <sys/ioctl.h>
-#include <termios.h>
-#include "busybox.h"
 static struct passwd *pw;
 …
 static void release_vt(int signo)
+{
+    if (!o_lock_all)
+        ioctl(vfd, VT_RELDISP, 1);
+    else
+        ioctl(vfd, VT_RELDISP, 0);
+    ioctl(vfd, VT_RELDISP, !o_lock_all);
+}
 …
+}
+int vlock_main(int argc, char **argv);
 int vlock_main(int argc, char **argv)
+{
 …
     struct vt_mode vtm;
     struct termios term;
+    uid_t uid = getuid();
+    pw = getpwuid(uid);
+    if (pw == NULL)
+        bb_error_msg_and_die("unknown uid %d", uid);
     if (argc > 2) {
 …
+    }
     o_lock_all = bb_getopt_ulflags (argc, argv, "a");
+    o_lock_all = getopt32(argv, "a");
+    if((pw = getpwuid(getuid())) == NULL) {
+        bb_error_msg_and_die("Unknown uid %d", getuid());
+    }
+    vfd = xopen(CURRENT_TTY, O_RDWR);
+    vfd = bb_xopen(CURRENT_TTY, O_RDWR);
+    if (ioctl(vfd, VT_GETMODE, &vtm) < 0) {
+        bb_perror_msg_and_die("VT_GETMODE");
+    }
+    xioctl(vfd, VT_GETMODE, &vtm);
     /* mask a bunch of signals */
 …
     do {
+        printf("Virtual Console%s locked.\n%s's ", (o_lock_all) ? "s" : "", pw->pw_name);
+        fflush(stdout);
+        if (correct_password (pw)) {
+        printf("Virtual Console%s locked by %s.\n", (o_lock_all) ? "s" : "", pw->pw_name);
+        if (correct_password(pw)) {
             break;
+        }
         bb_do_delay(FAIL_DELAY);
         puts("Password incorrect.");
+        puts("Password incorrect");
     } while (1);
     restore_terminal();
     return 0;
+    fflush_stdout_and_exit(0);
+}

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 1770 in MondoRescue for branches/stable/mindi-busybox/loginutils

Legend:

Download in other formats: