Ignore:
Timestamp:
Feb 25, 2011, 9:26:54 PM (9 years ago)
Author:
bruno
Message:
  • Update mindi-busybox to 1.18.3 to avoid problems with the tar command which is now failing on recent versions with busybox 1.7.3
File:
1 edited

Legend:

Unmodified
Added
Removed
  • branches/2.2.9/mindi-busybox/loginutils/sulogin.c

    r1765 r2725  
    33 * Mini sulogin implementation for busybox
    44 *
    5  * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
     5 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
    66 */
    77
     8#include "libbb.h"
    89#include <syslog.h>
    910
    10 #include "libbb.h"
    11 
    12 static const char *const forbid[] = {
    13     "ENV",
    14     "BASH_ENV",
    15     "HOME",
    16     "IFS",
    17     "PATH",
    18     "SHELL",
    19     "LD_LIBRARY_PATH",
    20     "LD_PRELOAD",
    21     "LD_TRACE_LOADED_OBJECTS",
    22     "LD_BIND_NOW",
    23     "LD_AOUT_LIBRARY_PATH",
    24     "LD_AOUT_PRELOAD",
    25     "LD_NOWARN",
    26     "LD_KEEPDIR",
    27     (char *) 0
    28 };
     11//static void catchalarm(int UNUSED_PARAM junk)
     12//{
     13//  exit(EXIT_FAILURE);
     14//}
    2915
    3016
    31 static void catchalarm(int ATTRIBUTE_UNUSED junk)
    32 {
    33     exit(EXIT_FAILURE);
    34 }
    35 
    36 
    37 int sulogin_main(int argc, char **argv);
    38 int sulogin_main(int argc, char **argv)
     17int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
     18int sulogin_main(int argc UNUSED_PARAM, char **argv)
    3919{
    4020    char *cp;
    4121    int timeout = 0;
    42     char *timeout_arg;
    43     const char *const *p;
    4422    struct passwd *pwd;
    4523    const char *shell;
     
    4826    char buffer[256];
    4927    struct spwd spw;
    50     struct spwd *result;
    5128#endif
    5229
     
    5431    openlog(applet_name, 0, LOG_AUTH);
    5532
    56     if (getopt32(argv, "t:", &timeout_arg)) {
    57         timeout = xatoi_u(timeout_arg);
    58     }
     33    opt_complementary = "t+"; /* -t N */
     34    getopt32(argv, "t:", &timeout);
     35    argv += optind;
    5936
    60     if (argv[optind]) {
     37    if (argv[0]) {
    6138        close(0);
    6239        close(1);
    63         dup(xopen(argv[optind], O_RDWR));
     40        dup(xopen(argv[0], O_RDWR));
    6441        close(2);
    6542        dup(0);
    6643    }
    6744
     45    /* Malicious use like "sulogin /dev/sda"? */
    6846    if (!isatty(0) || !isatty(1) || !isatty(2)) {
    6947        logmode = LOGMODE_SYSLOG;
     
    7149    }
    7250
    73     /* Clear out anything dangerous from the environment */
    74     for (p = forbid; *p; p++)
    75         unsetenv(*p);
    76 
    77     signal(SIGALRM, catchalarm);
     51    /* Clear dangerous stuff, set PATH */
     52    sanitize_env_if_suid();
    7853
    7954    pwd = getpwuid(0);
     
    8358
    8459#if ENABLE_FEATURE_SHADOWPASSWDS
    85     if (getspnam_r(pwd->pw_name, &spw, buffer, sizeof(buffer), &result)) {
    86         goto auth_error;
     60    {
     61        /* getspnam_r may return 0 yet set result to NULL.
     62         * At least glibc 2.4 does this. Be extra paranoid here. */
     63        struct spwd *result = NULL;
     64        int r = getspnam_r(pwd->pw_name, &spw, buffer, sizeof(buffer), &result);
     65        if (r || !result) {
     66            goto auth_error;
     67        }
     68        pwd->pw_passwd = result->sp_pwdp;
    8769    }
    88     pwd->pw_passwd = spw.sp_pwdp;
    8970#endif
    9071
    9172    while (1) {
     73        char *encrypted;
     74        int r;
     75
    9276        /* cp points to a static buffer that is zeroed every time */
    93         cp = bb_askpass(timeout,
     77        cp = bb_ask(STDIN_FILENO, timeout,
    9478                "Give root password for system maintenance\n"
    9579                "(or type Control-D for normal startup):");
     
    9983            return 0;
    10084        }
    101         if (strcmp(pw_encrypt(cp, pwd->pw_passwd), pwd->pw_passwd) == 0) {
     85        encrypted = pw_encrypt(cp, pwd->pw_passwd, 1);
     86        r = strcmp(encrypted, pwd->pw_passwd);
     87        free(encrypted);
     88        if (r == 0) {
    10289            break;
    10390        }
     
    10693    }
    10794    memset(cp, 0, strlen(cp));
    108     signal(SIGALRM, SIG_DFL);
     95//  signal(SIGALRM, SIG_DFL);
    10996
    11097    bb_info_msg("System Maintenance Mode");
    11198
    112     USE_SELINUX(renew_current_security_context());
     99    IF_SELINUX(renew_current_security_context());
    113100
    114101    shell = getenv("SUSHELL");
    115     if (!shell) shell = getenv("sushell");
    116     if (!shell) {
    117         shell = "/bin/sh";
    118         if (pwd->pw_shell[0])
    119             shell = pwd->pw_shell;
    120     }
    121     run_shell(shell, 1, 0, 0);
    122     /* never returns */
     102    if (!shell)
     103        shell = getenv("sushell");
     104    if (!shell)
     105        shell = pwd->pw_shell;
    123106
    124 auth_error:
    125     bb_error_msg_and_die("no password entry for 'root'");
     107    /* Exec login shell with no additional parameters. Never returns. */
     108    run_shell(shell, 1, NULL, NULL);
     109
     110 auth_error:
     111    bb_error_msg_and_die("no password entry for root");
    126112}
Note: See TracChangeset for help on using the changeset viewer.