Changeset 1770 in MondoRescue for branches/stable/mindi-busybox/loginutils/login.c

Timestamp:

Nov 6, 2007, 11:01:53 AM (16 years ago)

Author:

Bruno Cornec

Message:

• Better output for mindi-busybox revision
• Remove dummy file created on NFS - report from Arnaud Tiger <arnaud.tiger_at_hp.com>
• strace useful for debug
• fix new versions for pb (2.0.0 for mindi and 1.7.2 for mindi-busybox)
• fix build process for mindi-busybox + options used in that version (dd for label-partitions-as-necessary)
• fix typo in label-partitions-as-necessary which doesn't seem to work
• Update to busybox 1.7.2
• perl is now required at restore time to support uuid swap partitions (and will be used for many other thigs

in the future for sure)

• next mindi version will be 2.0.0 due to all the changes made in it (udev may break working distros)
• small optimization in mindi on keyboard handling (one single find instead of multiple)
• better interaction for USB device when launching mindi manually
• attempt to automatically guess block disk size for ramdisk
• fix typos in bkphw
• Fix the remaining problem with UUID support for swap partitions
• Updates mondoarchive man page for USB support
• Adds preliminary Hardware support to mindi (Proliant SSSTK)
• Tries to add udev support also for rhel4
• Fix UUID support which was still broken.
• Be conservative in test for the start-nfs script
• Update config file for mindi-busybox for 1.7.2 migration
• Try to run around a busybox bug (1.2.2 pb on inexistant links)
• Add build content for mindi-busybox in pb
• Remove distributions content for mindi-busybox
• Fix a warning on inexistant raidtab
• Solve problem on tmpfs in restore init (Problem of inexistant symlink and busybox)
• Create MONDO_CACHE and use it everywhere + creation at start
• Really never try to eject a USB device
• Fix a issue with &> usage (replaced with 1> and 2>)
• Adds magic file to depllist in order to have file working + ldd which helps for debugging issues
• tty modes correct to avoid sh error messages
• Use ext3 normally and not ext2 instead
• USB device should be corrected after reading (take 1st part)
• Adds a mount_USB_here function derived from mount_CDROM_here
• usb detection place before /dev detection in device name at restore time
• Fix when restoring from USB: media is asked in interactive mode
• Adds USB support for mondorestore
• mount_cdrom => mount_media
• elilo.efi is now searched throughout /boot/efi and not in a fixed place as there is no standard
• untar-and-softlink => untar (+ interface change)
• suppress useless softlinks creation/removal in boot process
• avoids udevd messages on groups
• Increase # of disks to 99 as in mindi at restore time (should be a conf file parameter)
• skip existing big file creation
• seems to work correctly for USB mindi boot
• Adds group and tty link to udev conf
• Always load usb-torage (even 2.6) to initiate USB bus discovery
• Better printing of messages
• Attempt to fix a bug in supporting OpenSusE 10.3 kernel for initramfs (mindi may now use multiple regex for kernel initrd detection)
• Links were not correctly done as non relative for modules in mindi
• exclusion of modules denied now works
• Also create modules in their ordinary place, so that classical modprobe works + copy modules.dep
• Fix bugs for DENY_MODS handling
• Add device /dev/console for udev
• ide-generic should now really be excluded
• Fix a bug in major number for tty
• If udev then adds modprobe/insmod to rootfs
• tty0 is also cretaed with udev
• ide-generic put rather in DENY_MODS
• udevd remove from deplist s handled in mindi directly
• better default for mindi when using --usb
• Handles dynamically linked busybox (in case we want to use it soon ;-)
• Adds fixed devices to create for udev
• ide-generic should not be part of the initrd when using libata v2
• support a dynamically linked udev (case on Ubuntu 7.10 and Mandriva 2008.0 so should be quite generic) This will give incitation to move to dyn. linked binaries in the initrd which will help for other tasks (ia6 4)
• Improvement in udev support (do not use cl options not available in busybox)
• Udev in mindi
  • auto creation of the right links at boot time with udev-links.conf(from Mandriva 2008.0)
  • rework startup of udev as current makes kernel crash (from Mandriva 2008.0)
  • add support for 64 bits udev
• Try to render MyInsmod silent at boot time
• Adds udev support (mandatory for newest distributions to avoid remapping of devices in a different way as on the original system)
• We also need vaft format support for USB boot
• Adds libusual support (Ubuntu 7.10 needs it for USB)
• Improve Ubuntu/Debian keyboard detection and support
• pbinit adapted to new pb (0.8.10). Filtering of docs done in it
• Suppress some mondo warnings and errors on USB again
• Tries to fix lack of files in deb mindi package
• Verify should now work for USB devices
• More log/mesages improvement for USB support
• - Supress g_erase_tmpdir_and_scratchdir
• Improve some log messages for USB support
• Try to improve install in mindi to avoid issues with isolinux.cfg not installed vene if in the pkg :-(
• Improve mindi-busybox build
• In conformity with pb 0.8.9
• Add support for Ubuntu 7.10 in build process
• Add USB Key button to Menu UI (CD streamer removed)
• Attempt to fix error messages on tmp/scratch files at the end by removing those dir at the latest possible.
• Fix a bug linked to the size of the -E param which could be used (Arnaud Tiger/René Ribaud).
• Integrate ~/.pbrc content into mondorescue.pb (required project-builder >= 0.8.7)
• Put mondorescue in conformity with new pb filtering rules
• Add USB support at restore time (no test done yet). New start-usb script PB varibale added where useful
• Unmounting USB device before removal of temporary scratchdir
• Stil refining USB copy back to mondo (one command was not executed)
• No need to have the image subdor in the csratchdir when USB.
• umount the USB partition before attempting to use it
• Remove useless copy from mindi to mondo at end of USB handling

(risky merge, we are raising the limits of 2 diverging branches. The status of stable is not completely sure as such. Will need lots of tests, but it's not yet done :-()
(merge -r1692:1769 $SVN_M/branches/2.2.5)

File:

• branches/stable/mindi-busybox/loginutils/login.c (modified) (3 diffs)

branches/stable/mindi-busybox/loginutils/login.c

@@ -1 +1 @@
 /* vi: set sw=4 ts=4: */
-#include <fcntl.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <syslog.h>
-#include <termios.h>
-#include <unistd.h>
+/*
+ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ */
+
+#include "libbb.h"
 #include <utmp.h>
 #include <sys/resource.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <ctype.h>
-#include <time.h>
-
-#include "busybox.h"
-#ifdef CONFIG_SELINUX
+#include <syslog.h>
+
+#if ENABLE_SELINUX
 #include <selinux/selinux.h>  /* for is_selinux_enabled()  */
 #include <selinux/get_context_list.h> /* for get_default_context() */
 #include <selinux/flask.h> /* for security class definitions  */
-#include <errno.h>
-#endif
-
-#ifdef CONFIG_FEATURE_UTMP
-// import from utmp.c
-static void checkutmp(int picky);
-static void setutmp(const char *name, const char *line);
-/* Stuff global to this file */
-static struct utmp utent;
-#endif
-
-// login defines
-#define TIMEOUT       60
-#define EMPTY_USERNAME_COUNT    10
-#define USERNAME_SIZE 32
-
-
-static int check_nologin ( int amroot );
-
-#if defined CONFIG_FEATURE_SECURETTY
-static int check_tty ( const char *tty );
-
-#else
-static inline int check_tty ( const char *tty )  { return 1; }
-
-#endif
-
-static int is_my_tty ( const char *tty );
-static int login_prompt ( char *buf_name );
-static void motd ( void );
-
-
-static void alarm_handler ( int sig ATTRIBUTE_UNUSED)
-{
-    fprintf (stderr, "\nLogin timed out after %d seconds.\n", TIMEOUT );
-    exit ( EXIT_SUCCESS );
-}
-
-
-int login_main(int argc, char **argv)
-{
-    char tty[BUFSIZ];
-    char full_tty[200];
-    char fromhost[512];
-    char username[USERNAME_SIZE];
-    const char *tmp;
-    int amroot;
-    int flag;
-    int failed;
-    int count=0;
-    struct passwd *pw, pw_copy;
-#ifdef CONFIG_WHEEL_GROUP
-    struct group *grp;
-#endif
-    int opt_preserve = 0;
-    int opt_fflag = 0;
-    char *opt_host = 0;
-    int alarmstarted = 0;
-#ifdef CONFIG_SELINUX
-    security_context_t user_sid = NULL;
-#endif
-
-    username[0]=0;
-    amroot = ( getuid ( ) == 0 );
-    signal ( SIGALRM, alarm_handler );
-    alarm ( TIMEOUT );
-    alarmstarted = 1;
-
-    while (( flag = getopt(argc, argv, "f:h:p")) != EOF ) {
-        switch ( flag ) {
-        case 'p':
-            opt_preserve = 1;
-            break;
-        case 'f':
-            /*
-             * username must be a separate token
-             * (-f root, *NOT* -froot). --marekm
-             */
-            if ( optarg != argv[optind-1] )
-                bb_show_usage( );
-
-            if ( !amroot )      /* Auth bypass only if real UID is zero */
-                bb_error_msg_and_die ( "-f permission denied" );
-
-            safe_strncpy(username, optarg, USERNAME_SIZE);
-            opt_fflag = 1;
-            break;
-        case 'h':
-            opt_host = optarg;
-            break;
-        default:
-            bb_show_usage( );
-        }
-    }
-
-    if (optind < argc)             // user from command line (getty)
-        safe_strncpy(username, argv[optind], USERNAME_SIZE);
-
-    if ( !isatty ( 0 ) || !isatty ( 1 ) || !isatty ( 2 ))
-        return EXIT_FAILURE;        /* Must be a terminal */
-
-#ifdef CONFIG_FEATURE_UTMP
-    checkutmp ( !amroot );
-#endif
-
-    tmp = ttyname ( 0 );
-    if ( tmp && ( strncmp ( tmp, "/dev/", 5 ) == 0 ))
-        safe_strncpy ( tty, tmp + 5, sizeof( tty ));
-    else if ( tmp && *tmp == '/' )
-        safe_strncpy ( tty, tmp, sizeof( tty ));
-    else
-        safe_strncpy ( tty, "UNKNOWN", sizeof( tty ));
-
-#ifdef CONFIG_FEATURE_UTMP
-    if ( amroot )
-        memset ( utent.ut_host, 0, sizeof utent.ut_host );
-#endif
-
-    if ( opt_host ) {
-#ifdef CONFIG_FEATURE_UTMP
-        safe_strncpy ( utent.ut_host, opt_host, sizeof( utent. ut_host ));
-#endif
-        snprintf ( fromhost, sizeof( fromhost ) - 1, " on `%.100s' from `%.200s'", tty, opt_host );
-    }
-    else
-        snprintf ( fromhost, sizeof( fromhost ) - 1, " on `%.100s'", tty );
-
-    bb_setpgrp;
-
-    openlog ( "login", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH );
-
-    while ( 1 ) {
-        failed = 0;
-
-        if ( !username[0] )
-            if(!login_prompt ( username ))
-                return EXIT_FAILURE;
-
-        if ( !alarmstarted && ( TIMEOUT > 0 )) {
-            alarm ( TIMEOUT );
-            alarmstarted = 1;
-        }
-
-        if (!( pw = getpwnam ( username ))) {
-            pw_copy.pw_name   = "UNKNOWN";
-            pw_copy.pw_passwd = "!";
-            opt_fflag = 0;
-            failed = 1;
-        } else
-            pw_copy = *pw;
-
-        pw = &pw_copy;
-
-        if (( pw-> pw_passwd [0] == '!' ) || ( pw-> pw_passwd[0] == '*' ))
-            failed = 1;
-
-        if ( opt_fflag ) {
-            opt_fflag = 0;
-            goto auth_ok;
-        }
-
-        if (!failed && ( pw-> pw_uid == 0 ) && ( !check_tty ( tty )))
-            failed = 1;
-
-        /* Don't check the password if password entry is empty (!) */
-        if ( !pw-> pw_passwd[0] )
-            goto auth_ok;
-
-        /* authorization takes place here */
-        if ( correct_password ( pw ))
-            goto auth_ok;
-
-        failed = 1;
-
-auth_ok:
-        if ( !failed)
-            break;
-
-        bb_do_delay(FAIL_DELAY);
-        puts("Login incorrect");
-        username[0] = 0;
-        if ( ++count == 3 ) {
-            syslog ( LOG_WARNING, "invalid password for `%s'%s\n", pw->pw_name, fromhost);
-            return EXIT_FAILURE;
-    }
-    }
-
-    alarm ( 0 );
-    if ( check_nologin ( pw-> pw_uid == 0 ))
-        return EXIT_FAILURE;
-
-#ifdef CONFIG_FEATURE_UTMP
-    setutmp ( username, tty );
-#endif
-
-    if ( *tty != '/' )
-        snprintf ( full_tty, sizeof( full_tty ) - 1, "/dev/%s", tty);
-    else
-        safe_strncpy ( full_tty, tty, sizeof( full_tty ) - 1 );
-
-#ifdef CONFIG_SELINUX
-    if (is_selinux_enabled())
-    {
-        security_context_t old_tty_sid, new_tty_sid;
-
-        if (get_default_context(username, NULL, &user_sid))
-        {
-            fprintf(stderr, "Unable to get SID for %s\n", username);
-            exit(1);
-        }
-        if (getfilecon(full_tty, &old_tty_sid) < 0)
-        {
-            fprintf(stderr, "getfilecon(%.100s) failed: %.100s\n", full_tty, strerror(errno));
-            return EXIT_FAILURE;
-        }
-        if (security_compute_relabel(user_sid, old_tty_sid, SECCLASS_CHR_FILE, &new_tty_sid) != 0)
-        {
-            fprintf(stderr, "security_change_sid(%.100s) failed: %.100s\n", full_tty, strerror(errno));
-            return EXIT_FAILURE;
-        }
-        if(setfilecon(full_tty, new_tty_sid) != 0)
-        {
-            fprintf(stderr, "chsid(%.100s, %s) failed: %.100s\n", full_tty, new_tty_sid, strerror(errno));
-            return EXIT_FAILURE;
-        }
-    }
-#endif
-    if ( !is_my_tty ( full_tty ))
-        syslog ( LOG_ERR, "unable to determine TTY name, got %s\n", full_tty );
-
-    /* Try these, but don't complain if they fail
-     * (for example when the root fs is read only) */
-    chown ( full_tty, pw-> pw_uid, pw-> pw_gid );
-    chmod ( full_tty, 0600 );
-
-    change_identity ( pw );
-    tmp = pw-> pw_shell;
-    if(!tmp || !*tmp)
-        tmp = DEFAULT_SHELL;
-    setup_environment ( tmp, 1, !opt_preserve, pw );
-
-    motd ( );
-    signal ( SIGALRM, SIG_DFL );    /* default alarm signal */
-
-    if ( pw-> pw_uid == 0 )
-        syslog ( LOG_INFO, "root login %s\n", fromhost );
-#ifdef CONFIG_SELINUX
-    /* well, a simple setexeccon() here would do the job as well,
-     * but let's play the game for now */
-    set_current_security_context(user_sid);
-#endif
-    run_shell ( tmp, 1, 0, 0);  /* exec the shell finally. */
-
-    return EXIT_FAILURE;
-}
-
-
-
-static int login_prompt ( char *buf_name )
-{
-    char buf [1024];
-    char *sp, *ep;
-    int i;
-
-    for(i=0; i<EMPTY_USERNAME_COUNT; i++) {
-        print_login_prompt();
-
-        if ( !fgets ( buf, sizeof( buf ) - 1, stdin ))
-            return 0;
-
-        if ( !strchr ( buf, '\n' ))
-            return 0;
-
-        for ( sp = buf; isspace ( *sp ); sp++ ) { }
-        for ( ep = sp; isgraph ( *ep ); ep++ ) { }
-
-        *ep = 0;
-        safe_strncpy(buf_name, sp, USERNAME_SIZE);
-        if(buf_name[0])
-            return 1;
-    }
-    return 0;
-}
-
-
-static int check_nologin ( int amroot )
-{
-    if ( access ( bb_path_nologin_file, F_OK ) == 0 ) {
-        FILE *fp;
-        int c;
-
-        if (( fp = fopen ( bb_path_nologin_file, "r" ))) {
-            while (( c = getc ( fp )) != EOF )
-                putchar (( c == '\n' ) ? '\r' : c );
-
-            fflush ( stdout );
-            fclose ( fp );
-        } else {
-            puts ( "\r\nSystem closed for routine maintenance.\r" );
-        }
-        if ( !amroot )
-            return 1;
-
-        puts ( "\r\n[Disconnect bypassed -- root login allowed.]\r" );
-    }
-    return 0;
-}
-
-#ifdef CONFIG_FEATURE_SECURETTY
-
-static int check_tty ( const char *tty )
-{
-    FILE *fp;
-    int i;
-    char buf[BUFSIZ];
-
-    if (( fp = fopen ( bb_path_securetty_file, "r" ))) {
-        while ( fgets ( buf, sizeof( buf ) - 1, fp )) {
-            for ( i = strlen( buf ) - 1; i >= 0; --i ) {
-                if ( !isspace ( buf[i] ))
-                    break;
-            }
-            buf[++i] = '\0';
-            if (( buf [0] == '\0' ) || ( buf [0] == '#' ))
-                continue;
-
-            if ( strcmp ( buf, tty ) == 0 ) {
-                fclose ( fp );
-                return 1;
-            }
-        }
-        fclose(fp);
-        return 0;
-    }
-    /* A missing securetty file is not an error. */
-    return 1;
-}
-
-#endif
-
-/* returns 1 if true */
-static int is_my_tty ( const char *tty )
-{
-    struct stat by_name, by_fd;
-
-    if ( stat ( tty, &by_name ) || fstat ( 0, &by_fd ))
-        return 0;
-
-    if ( by_name. st_rdev != by_fd. st_rdev )
-        return 0;
-    else
-        return 1;
-}
-
-
-static void motd (void)
-{
-    FILE *fp;
-    register int c;
-
-    if (( fp = fopen ( bb_path_motd_file, "r" ))) {
-        while (( c = getc ( fp )) != EOF )
-            putchar ( c );
-        fclose ( fp );
-    }
-}
-
-
-#ifdef CONFIG_FEATURE_UTMP
-// vv  Taken from tinylogin utmp.c  vv
-
-#define NO_UTENT \
-    "No utmp entry.  You must exec \"login\" from the lowest level \"sh\""
-#define NO_TTY \
-    "Unable to determine your tty name."
-
+#endif
+
+#if ENABLE_PAM
+/* PAM may include <locale.h>. We may need to undefine bbox's stub define: */
+#undef setlocale
+/* For some obscure reason, PAM is not in pam/xxx, but in security/xxx.
+ * Apparently they like to confuse people. */
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+static const struct pam_conv conv = {
+    misc_conv,
+    NULL
+};
+#endif
+
+enum {
+    TIMEOUT = 60,
+    EMPTY_USERNAME_COUNT = 10,
+    USERNAME_SIZE = 32,
+    TTYNAME_SIZE = 32,
+};
+
+static char* short_tty;
+
+#if ENABLE_FEATURE_UTMP
+/* vv  Taken from tinylogin utmp.c  vv */
 /*
- * checkutmp - see if utmp file is correct for this process
+ * read_or_build_utent - see if utmp file is correct for this process
  *
  *  System V is very picky about the contents of the utmp file
@@ -410 +53 @@
  */
 
-static void checkutmp(int picky)
-{
-    char *line;
+static void read_or_build_utent(struct utmp *utptr, int picky)
+{
     struct utmp *ut;
     pid_t pid = getpid();
@@ -421 +63 @@
     while ((ut = getutent()))
         if (ut->ut_pid == pid && ut->ut_line[0] && ut->ut_id[0] &&
-            (ut->ut_type == LOGIN_PROCESS || ut->ut_type == USER_PROCESS))
+        (ut->ut_type == LOGIN_PROCESS || ut->ut_type == USER_PROCESS))
             break;
 
     /* If there is one, just use it, otherwise create a new one.  */
     if (ut) {
-        utent = *ut;
+        *utptr = *ut;
     } else {
-        time_t t_tmp;
-        
-        if (picky) {
-            puts(NO_UTENT);
-            exit(1);
-        }
-        line = ttyname(0);
-        if (!line) {
-            puts(NO_TTY);
-            exit(1);
-        }
-        if (strncmp(line, "/dev/", 5) == 0)
-            line += 5;
-        memset((void *) &utent, 0, sizeof utent);
-        utent.ut_type = LOGIN_PROCESS;
-        utent.ut_pid = pid;
-        strncpy(utent.ut_line, line, sizeof utent.ut_line);
-        /* XXX - assumes /dev/tty?? */
-        strncpy(utent.ut_id, utent.ut_line + 3, sizeof utent.ut_id);
-        strncpy(utent.ut_user, "LOGIN", sizeof utent.ut_user);
-        t_tmp = (time_t)utent.ut_time;
-        time(&t_tmp);
-    }
+        if (picky)
+            bb_error_msg_and_die("no utmp entry found");
+
+        memset(utptr, 0, sizeof(*utptr));
+        utptr->ut_type = LOGIN_PROCESS;
+        utptr->ut_pid = pid;
+        strncpy(utptr->ut_line, short_tty, sizeof(utptr->ut_line));
+        /* This one is only 4 chars wide. Try to fit something
+         * remotely meaningful by skipping "tty"... */
+        strncpy(utptr->ut_id, short_tty + 3, sizeof(utptr->ut_id));
+        strncpy(utptr->ut_user, "LOGIN", sizeof(utptr->ut_user));
+        utptr->ut_time = time(NULL);
+    }
+    if (!picky) /* root login */
+        memset(utptr->ut_host, 0, sizeof(utptr->ut_host));
 }
 
 /*
- * setutmp - put a USER_PROCESS entry in the utmp file
+ * write_utent - put a USER_PROCESS entry in the utmp file
  *
- *  setutmp changes the type of the current utmp entry to
+ *  write_utent changes the type of the current utmp entry to
  *  USER_PROCESS.  the wtmp file will be updated as well.
  */
-
-static void setutmp(const char *name, const char *line ATTRIBUTE_UNUSED)
-{
-    time_t t_tmp = (time_t)utent.ut_time;
-
-    utent.ut_type = USER_PROCESS;
-    strncpy(utent.ut_user, name, sizeof utent.ut_user);
-    time(&t_tmp);
-    /* other fields already filled in by checkutmp above */
+static void write_utent(struct utmp *utptr, const char *username)
+{
+    utptr->ut_type = USER_PROCESS;
+    strncpy(utptr->ut_user, username, sizeof(utptr->ut_user));
+    utptr->ut_time = time(NULL);
+    /* other fields already filled in by read_or_build_utent above */
     setutent();
-    pututline(&utent);
+    pututline(utptr);
     endutent();
-#ifdef CONFIG_FEATURE_WTMP
+#if ENABLE_FEATURE_WTMP
     if (access(bb_path_wtmp_file, R_OK|W_OK) == -1) {
         close(creat(bb_path_wtmp_file, 0664));
     }
-    updwtmp(bb_path_wtmp_file, &utent);
-#endif
-}
-#endif /* CONFIG_FEATURE_UTMP */
+    updwtmp(bb_path_wtmp_file, utptr);
+#endif
+}
+#else /* !ENABLE_FEATURE_UTMP */
+#define read_or_build_utent(utptr, picky) ((void)0)
+#define write_utent(utptr, username) ((void)0)
+#endif /* !ENABLE_FEATURE_UTMP */
+
+#if ENABLE_FEATURE_NOLOGIN
+static void die_if_nologin_and_non_root(int amroot)
+{
+    FILE *fp;
+    int c;
+
+    if (access("/etc/nologin", F_OK))
+        return;
+
+    fp = fopen("/etc/nologin", "r");
+    if (fp) {
+        while ((c = getc(fp)) != EOF)
+            putchar((c=='\n') ? '\r' : c);
+        fflush(stdout);
+        fclose(fp);
+    } else
+        puts("\r\nSystem closed for routine maintenance\r");
+    if (!amroot)
+        exit(1);
+    puts("\r\n[Disconnect bypassed -- root login allowed]\r");
+}
+#else
+static ALWAYS_INLINE void die_if_nologin_and_non_root(int amroot) {}
+#endif
+
+#if ENABLE_FEATURE_SECURETTY && !ENABLE_PAM
+static int check_securetty(void)
+{
+    FILE *fp;
+    int i;
+    char buf[256];
+
+    fp = fopen("/etc/securetty", "r");
+    if (!fp) {
+        /* A missing securetty file is not an error. */
+        return 1;
+    }
+    while (fgets(buf, sizeof(buf)-1, fp)) {
+        for (i = strlen(buf)-1; i >= 0; --i) {
+            if (!isspace(buf[i]))
+                break;
+        }
+        buf[++i] = '\0';
+        if (!buf[0] || (buf[0] == '#'))
+            continue;
+        if (strcmp(buf, short_tty) == 0) {
+            fclose(fp);
+            return 1;
+        }
+    }
+    fclose(fp);
+    return 0;
+}
+#else
+static ALWAYS_INLINE int check_securetty(void) { return 1; }
+#endif
+
+static void get_username_or_die(char *buf, int size_buf)
+{
+    int c, cntdown;
+
+    cntdown = EMPTY_USERNAME_COUNT;
+ prompt:
+    print_login_prompt();
+    /* skip whitespace */
+    do {
+        c = getchar();
+        if (c == EOF) exit(1);
+        if (c == '\n') {
+            if (!--cntdown) exit(1);
+            goto prompt;
+        }
+    } while (isspace(c));
+
+    *buf++ = c;
+    if (!fgets(buf, size_buf-2, stdin))
+        exit(1);
+    if (!strchr(buf, '\n'))
+        exit(1);
+    while (isgraph(*buf)) buf++;
+    *buf = '\0';
+}
+
+static void motd(void)
+{
+    int fd;
+
+    fd = open(bb_path_motd_file, O_RDONLY);
+    if (fd) {
+        fflush(stdout);
+        bb_copyfd_eof(fd, STDOUT_FILENO);
+        close(fd);
+    }
+}
+
+static void alarm_handler(int sig ATTRIBUTE_UNUSED)
+{
+    /* This is the escape hatch!  Poor serial line users and the like
+     * arrive here when their connection is broken.
+     * We don't want to block here */
+    ndelay_on(1);
+    ndelay_on(2);
+    printf("\r\nLogin timed out after %d seconds\r\n", TIMEOUT);
+    exit(EXIT_SUCCESS);
+}
+
+int login_main(int argc, char **argv);
+int login_main(int argc, char **argv)
+{
+    enum {
+        LOGIN_OPT_f = (1<<0),
+        LOGIN_OPT_h = (1<<1),
+        LOGIN_OPT_p = (1<<2),
+    };
+    char *fromhost;
+    char username[USERNAME_SIZE];
+    const char *tmp;
+    int amroot;
+    unsigned opt;
+    int count = 0;
+    struct passwd *pw;
+    char *opt_host = NULL;
+    char *opt_user = NULL;
+    char full_tty[TTYNAME_SIZE];
+    USE_SELINUX(security_context_t user_sid = NULL;)
+    USE_FEATURE_UTMP(struct utmp utent;)
+    USE_PAM(pam_handle_t *pamh;)
+    USE_PAM(int pamret;)
+    USE_PAM(const char *failed_msg;)
+
+    short_tty = full_tty;
+    username[0] = '\0';
+    amroot = (getuid() == 0);
+    signal(SIGALRM, alarm_handler);
+    alarm(TIMEOUT);
+
+    /* Mandatory paranoia for suid applet:
+     * ensure that fd# 0,1,2 are opened (at least to /dev/null)
+     * and any extra open fd's are closed.
+     * (The name of the function is misleading. Not daemonizing here.) */
+    bb_daemonize_or_rexec(DAEMON_ONLY_SANITIZE | DAEMON_CLOSE_EXTRA_FDS, NULL);
+
+    opt = getopt32(argv, "f:h:p", &opt_user, &opt_host);
+    if (opt & LOGIN_OPT_f) {
+        if (!amroot)
+            bb_error_msg_and_die("-f is for root only");
+        safe_strncpy(username, opt_user, sizeof(username));
+    }
+    if (optind < argc) /* user from command line (getty) */
+        safe_strncpy(username, argv[optind], sizeof(username));
+
+    /* Let's find out and memorize our tty */
+    if (!isatty(0) || !isatty(1) || !isatty(2))
+        return EXIT_FAILURE;        /* Must be a terminal */
+    safe_strncpy(full_tty, "UNKNOWN", sizeof(full_tty));
+    tmp = ttyname(0);
+    if (tmp) {
+        safe_strncpy(full_tty, tmp, sizeof(full_tty));
+        if (strncmp(full_tty, "/dev/", 5) == 0)
+            short_tty = full_tty + 5;
+    }
+
+    read_or_build_utent(&utent, !amroot);
+
+    if (opt_host) {
+        USE_FEATURE_UTMP(
+            safe_strncpy(utent.ut_host, opt_host, sizeof(utent.ut_host));
+        )
+        fromhost = xasprintf(" on '%s' from '%s'", short_tty, opt_host);
+    } else
+        fromhost = xasprintf(" on '%s'", short_tty);
+
+    /* Was breaking "login <username>" from shell command line: */
+    /*bb_setpgrp();*/
+
+    openlog(applet_name, LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
+
+    while (1) {
+        if (!username[0])
+            get_username_or_die(username, sizeof(username));
+
+#if ENABLE_PAM
+        pamret = pam_start("login", username, &conv, &pamh);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "pam_start";
+            goto pam_auth_failed;
+        }
+        /* set TTY (so things like securetty work) */
+        pamret = pam_set_item(pamh, PAM_TTY, short_tty);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "pam_set_item(TTY)";
+            goto pam_auth_failed;
+        }
+        pamret = pam_authenticate(pamh, 0);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "pam_authenticate";
+            goto pam_auth_failed;
+            /* TODO: or just "goto auth_failed"
+             * since user seems to enter wrong password
+             * (in this case pamret == 7)
+             */
+        }
+        /* check that the account is healthy */
+        pamret = pam_acct_mgmt(pamh, 0);
+        if (pamret != PAM_SUCCESS) {
+            failed_msg = "account setup";
+            goto pam_auth_failed;
+        }
+        /* read user back */
+        {
+            const char *pamuser;
+            /* gcc: "dereferencing type-punned pointer breaks aliasing rules..."
+             * thus we cast to (void*) */
+            if (pam_get_item(pamh, PAM_USER, (void*)&pamuser) != PAM_SUCCESS) {
+                failed_msg = "pam_get_item(USER)";
+                goto pam_auth_failed;
+            }
+            safe_strncpy(username, pamuser, sizeof(username));
+        }
+        /* If we get here, the user was authenticated, and is
+         * granted access. */
+        pw = getpwnam(username);
+        if (pw)
+            break;
+        goto auth_failed;
+ pam_auth_failed:
+        bb_error_msg("%s failed: %s (%d)", failed_msg, pam_strerror(pamh, pamret), pamret);
+        safe_strncpy(username, "UNKNOWN", sizeof(username));
+#else /* not PAM */
+        pw = getpwnam(username);
+        if (!pw) {
+            strcpy(username, "UNKNOWN");
+            goto fake_it;
+        }
+
+        if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*')
+            goto auth_failed;
+
+        if (opt & LOGIN_OPT_f)
+            break; /* -f USER: success without asking passwd */
+
+        if (pw->pw_uid == 0 && !check_securetty())
+            goto auth_failed;
+
+        /* Don't check the password if password entry is empty (!) */
+        if (!pw->pw_passwd[0])
+            break;
+ fake_it:
+        /* authorization takes place here */
+        if (correct_password(pw))
+            break;
+#endif /* ENABLE_PAM */
+ auth_failed:
+        opt &= ~LOGIN_OPT_f;
+        bb_do_delay(FAIL_DELAY);
+        /* TODO: doesn't sound like correct English phrase to me */
+        puts("Login incorrect");
+        if (++count == 3) {
+            syslog(LOG_WARNING, "invalid password for '%s'%s",
+                        username, fromhost);
+            return EXIT_FAILURE;
+        }
+        username[0] = '\0';
+    }
+
+    alarm(0);
+    die_if_nologin_and_non_root(pw->pw_uid == 0);
+
+    write_utent(&utent, username);
+
+#if ENABLE_SELINUX
+    if (is_selinux_enabled()) {
+        security_context_t old_tty_sid, new_tty_sid;
+
+        if (get_default_context(username, NULL, &user_sid)) {
+            bb_error_msg_and_die("cannot get SID for %s",
+                    username);
+        }
+        if (getfilecon(full_tty, &old_tty_sid) < 0) {
+            bb_perror_msg_and_die("getfilecon(%s) failed",
+                    full_tty);
+        }
+        if (security_compute_relabel(user_sid, old_tty_sid,
+                    SECCLASS_CHR_FILE, &new_tty_sid) != 0) {
+            bb_perror_msg_and_die("security_change_sid(%s) failed",
+                    full_tty);
+        }
+        if (setfilecon(full_tty, new_tty_sid) != 0) {
+            bb_perror_msg_and_die("chsid(%s, %s) failed",
+                    full_tty, new_tty_sid);
+        }
+    }
+#endif
+    /* Try these, but don't complain if they fail.
+     * _f_chown is safe wrt race t=ttyname(0);...;chown(t); */
+    fchown(0, pw->pw_uid, pw->pw_gid);
+    fchmod(0, 0600);
+
+    if (ENABLE_LOGIN_SCRIPTS) {
+        char *t_argv[2];
+
+        t_argv[0] = getenv("LOGIN_PRE_SUID_SCRIPT");
+        if (t_argv[0]) {
+            t_argv[1] = NULL;
+            xsetenv("LOGIN_TTY", full_tty);
+            xsetenv("LOGIN_USER", pw->pw_name);
+            xsetenv("LOGIN_UID", utoa(pw->pw_uid));
+            xsetenv("LOGIN_GID", utoa(pw->pw_gid));
+            xsetenv("LOGIN_SHELL", pw->pw_shell);
+            xspawn(t_argv); /* NOMMU-friendly */
+            /* All variables are unset by setup_environment */
+            wait(NULL);
+        }
+    }
+
+    change_identity(pw);
+    tmp = pw->pw_shell;
+    if (!tmp || !*tmp)
+        tmp = DEFAULT_SHELL;
+    /* setup_environment params: shell, loginshell, changeenv, pw */
+    setup_environment(tmp, 1, !(opt & LOGIN_OPT_p), pw);
+    /* FIXME: login shell = 1 -> 3rd parameter is ignored! */
+
+    motd();
+
+    if (pw->pw_uid == 0)
+        syslog(LOG_INFO, "root login%s", fromhost);
+#if ENABLE_SELINUX
+    /* well, a simple setexeccon() here would do the job as well,
+     * but let's play the game for now */
+    set_current_security_context(user_sid);
+#endif
+
+    // util-linux login also does:
+    // /* start new session */
+    // setsid();
+    // /* TIOCSCTTY: steal tty from other process group */
+    // if (ioctl(0, TIOCSCTTY, 1)) error_msg...
+    // BBox login used to do this (see above):
+    // bb_setpgrp();
+    // If this stuff is really needed, add it and explain why!
+
+    /* set signals to defaults */
+    signal(SIGALRM, SIG_DFL);
+    /* Is this correct? This way user can ctrl-c out of /etc/profile,
+     * potentially creating security breach (tested with bash 3.0).
+     * But without this, bash 3.0 will not enable ctrl-c either.
+     * Maybe bash is buggy?
+     * Need to find out what standards say about /bin/login -
+     * should it leave SIGINT etc enabled or disabled? */
+    signal(SIGINT, SIG_DFL);
+
+    /* Exec login shell with no additional parameters */
+    run_shell(tmp, 1, NULL, NULL);
+
+    /* return EXIT_FAILURE; - not reached */
+}