emo/sysvinit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sulogin: try to detect the real device(s) used for the system console

Browse Source 
/dev/console if but only if /dev/console is used.  On Linux this can
be more than one device, e.g. a serial line as well as a virtual
console as well as a simple printer.
This commit is contained in:
Werner Fink 2011-04-04 13:57:54 +00:00
parent 4201d1d42f
commit 4301a57e89
4 changed files with 611 additions and 198 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/Changelog
View File

@ -1,6 +1,10 @@
sysvinit (2.89dsf) UNRELEASED; urgency=low sysvinit (2.89dsf) UNRELEASED; urgency=low
[ Werner Fink ] [ Werner Fink ]
* Sulogin: try to detect the real device(s) used for the system console
/dev/console if but only if /dev/console is used. On Linux this can
be more than one device, e.g. a serial line as well as a virtual
console as well as a simple printer.
* Fix counting message lines in wall. Patch from Petr Lautrbach. * Fix counting message lines in wall. Patch from Petr Lautrbach.
* Fix bad printf conversion specifier in wall. Patch from Sébastien Luttringer. * Fix bad printf conversion specifier in wall. Patch from Sébastien Luttringer.
* Add patches from Openwall project. Thanks goes to Solar Designer. * Add patches from Openwall project. Thanks goes to Solar Designer.

2
src/Makefile
View File

@ -105,7 +105,7 @@ utmpdump: utmpdump.o
runlevel: runlevel.o runlevel: runlevel.o
sulogin: LDLIBS += $(SULOGINLIBS) $(STATIC) sulogin: LDLIBS += $(SULOGINLIBS) $(STATIC)
sulogin: sulogin.o sulogin: sulogin.o consoles.o
wall: dowall.o wall.o wall: dowall.o wall.o

28
src/consoles.c
View File

@ -85,8 +85,8 @@ err:
#ifdef __linux__ #ifdef __linux__
/* /*
* Read and determine active attribute for tty, * Read and determine active attribute for tty below
* the caller has to free the result. * /sys/class/tty, the caller has to free the result.
*/ */
static static
__attribute__((__malloc__)) __attribute__((__malloc__))
@ -109,7 +109,10 @@ err:
return ret; return ret;
} }
/* Read and determine device attribute for tty */ /*
* Read and determine device attribute for tty below
* /sys/class/tty.
*/
static static
dev_t devattr(const char *tty) dev_t devattr(const char *tty)
{ {
@ -136,6 +139,10 @@ err:
} }
#endif /* __linux__ */ #endif /* __linux__ */
/*
* Search below /dev for the characer device in
* the local `dev_t comparedev' variable.
*/
static dev_t comparedev; static dev_t comparedev;
static static
#ifdef __GNUC__ #ifdef __GNUC__
@ -166,6 +173,9 @@ char* scandev(DIR *dir)
return name; return name;
} }
/*
* Default control characters for an unknown terminal line.
*/
static static
struct chardata initcp = { struct chardata initcp = {
CERASE, CERASE,
@ -174,6 +184,12 @@ struct chardata initcp = {
0 0
}; };
/*
* Allocate an aligned `struct console' memory area,
* initialize its default values, and append it to
* the global linked list.
*/
static int concount; /* Counter for console IDs */ static int concount; /* Counter for console IDs */
static static
@ -204,6 +220,12 @@ void consalloc(char * name)
consoles->next = tail; consoles->next = tail;
} }
/*
* Try to detect the real device(s) used for the system console
* /dev/console if but only if /dev/console is used. On Linux
* this can be more than one device, e.g. a serial line as well
* as a virtual console as well as a simple printer.
*/
void detect_consoles(const char *device, int fallback) void detect_consoles(const char *device, int fallback)
{ {
int fd; int fd;

775
src/sulogin.c
View File

@ -28,8 +28,10 @@
* *
*/ */
#include <sys/mman.h>
#include <sys/types.h> #include <sys/types.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <sys/wait.h>
#include <stdio.h> #include <stdio.h>
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
@ -44,13 +46,34 @@
#include <sys/ioctl.h> #include <sys/ioctl.h>
#if defined(__GLIBC__) #if defined(__GLIBC__)
# include <crypt.h> # include <crypt.h>
# define dovoid(f) if ((f)){}
#endif #endif
#ifdef __linux__
# include <sys/statfs.h>
# include <sys/mount.h>
# include <linux/fs.h>
# include <linux/magic.h>
# include <linux/major.h>
# ifndef TMPFS_MAGIC
# define TMPFS_MAGIC 0x01021994
# endif
# ifndef MNT_DETACH
# define MNT_DETACH 2
# endif
#endif
#define BS CTRL('h')
#define NL CTRL('j')
#define CR CTRL('m')
#ifdef WITH_SELINUX #ifdef WITH_SELINUX
# include <selinux/selinux.h> # include <selinux/selinux.h>
# include <selinux/get_context_list.h> # include <selinux/get_context_list.h>
#endif #endif
#include "consoles.h"
#define CONMAX 16
#define CHECK_DES 1 #define CHECK_DES 1
#define CHECK_MD5 1 #define CHECK_MD5 1
@ -63,102 +86,245 @@ char *Version = "@(#)sulogin 2.85-3 23-Apr-2003 miquels@cistron.nl";
static int timeout; static int timeout;
static int profile; static int profile;
static volatile uint32_t openfd; /* Remember higher file descriptors */
static volatile uint32_t *usemask;
static void (*saved_sigint) = SIG_DFL; static sighandler_t saved_sigint = SIG_DFL;
static void (*saved_sigtstp) = SIG_DFL; static sighandler_t saved_sigtstp = SIG_DFL;
static void (*saved_sigquit) = SIG_DFL; static sighandler_t saved_sigquit = SIG_DFL;
static sighandler_t saved_sighup = SIG_DFL;
static volatile sig_atomic_t alarm_rised; static volatile sig_atomic_t alarm_rised;
static volatile sig_atomic_t sigchild;
#ifndef IUCLC #ifndef IUCLC
# define IUCLC 0 # define IUCLC 0
#endif #endif
#if defined(SANE_TIO) && (SANE_TIO == 1)
/* /*
* Fix the tty modes and set reasonable defaults. * Fix the tty modes and set reasonable defaults.
* (I'm not sure if this is needed under Linux, but..)
*/ */
static static
void fixtty(void) void tcinit(struct console *con)
{ {
struct termios tty; int serial, flags;
int serial; struct termios *tio = &con->tio;
int fd = con->fd;
/* Skip serial console */
if (ioctl (0, TIOCMGET, (char*)&serial) == 0)
goto out;
/* Expected error */ /* Expected error */
serial = errno = 0; serial = errno = 0;
tcgetattr(0, &tty); /* Get line attributes */
if (tcgetattr(fd, tio) < 0) {
con->flags |= CON_NOTTY;
return;
}
/* Use defaults of <sys/ttydefaults.h> for base settings */ /* Handle serial lines here */
tty.c_iflag |= TTYDEF_IFLAG; if (ioctl (fd, TIOCMGET, (char*)&serial) == 0) {
tty.c_oflag |= TTYDEF_OFLAG; speed_t ispeed, ospeed;
tty.c_lflag |= TTYDEF_LFLAG; struct winsize ws;
tty.c_cflag |= (TTYDEF_SPEED | TTYDEF_CFLAG);
/* this is a modem line */
con->flags |= CON_SERIAL;
/* Flush input and output queues on modem lines */
(void) tcflush(fd, TCIOFLUSH);
ispeed = cfgetispeed(tio);
ospeed = cfgetospeed(tio);
if (!ispeed) ispeed = TTYDEF_SPEED;
if (!ospeed) ospeed = TTYDEF_SPEED;
tio->c_iflag = tio->c_lflag = tio->c_oflag = 0;
tio->c_cflag = CREAD | CS8 | HUPCL | (tio->c_cflag & CLOCAL);
cfsetispeed(tio, ispeed);
cfsetospeed(tio, ospeed);
tio->c_line = 0;
tio->c_cc[VTIME] = 0;
tio->c_cc[VMIN] = 1;
if (ioctl(fd, TIOCGWINSZ, &ws) == 0) {
int set = 0;
if (ws.ws_row == 0) {
ws.ws_row = 24;
set++;
}
if (ws.ws_col == 0) {
ws.ws_col = 80;
set++;
}
(void)ioctl(fd, TIOCSWINSZ, &ws);
}
goto setattr;
}
#if defined(SANE_TIO) && (SANE_TIO == 1)
/*
* Use defaults of <sys/ttydefaults.h> for base settings
* of a local terminal line like a virtual console.
*/
tio->c_iflag |= TTYDEF_IFLAG;
tio->c_oflag |= TTYDEF_OFLAG;
tio->c_lflag |= TTYDEF_LFLAG;
# ifdef CBAUD
tio->c_lflag &= ~CBAUD;
# endif
tio->c_cflag |= (B38400 | TTYDEF_CFLAG);
/* Sane setting, allow eight bit characters, no carriage return delay /* Sane setting, allow eight bit characters, no carriage return delay
* the same result as `stty sane cr0 pass8' * the same result as `stty sane cr0 pass8'
*/ */
tty.c_iflag |= (BRKINT | ICRNL | IMAXBEL); tio->c_iflag |= (BRKINT | ICRNL | IMAXBEL);
tty.c_iflag &= ~(IGNBRK | INLCR | IGNCR | IXOFF | IUCLC | IXANY | ISTRIP); tio->c_iflag &= ~(IGNBRK | INLCR | IGNCR | IXOFF | IUCLC | IXANY | INPCK | ISTRIP);
tty.c_oflag |= (OPOST | ONLCR | NL0 | CR0 | TAB0 | BS0 | VT0 | FF0); tio->c_oflag |= (OPOST | ONLCR | NL0 | CR0 | TAB0 | BS0 | VT0 | FF0);
tty.c_oflag &= ~(OLCUC | OCRNL | ONOCR | ONLRET | OFILL | OFDEL |\ tio->c_oflag &= ~(OLCUC | OCRNL | ONOCR | ONLRET | OFILL | OFDEL |\
NLDLY|CRDLY|TABDLY|BSDLY|VTDLY|FFDLY); NLDLY|CRDLY|TABDLY|BSDLY|VTDLY|FFDLY);
tty.c_lflag |= (ISIG | ICANON | IEXTEN | ECHO|ECHOE|ECHOK|ECHOCTL|ECHOKE); tio->c_lflag |= (ISIG | ICANON | IEXTEN | ECHO|ECHOE|ECHOK|ECHOKE);
tty.c_lflag &= ~(ECHONL | NOFLSH | XCASE | TOSTOP | ECHOPRT); tio->c_lflag &= ~(ECHONL|ECHOCTL|ECHOPRT | NOFLSH | XCASE | TOSTOP);
tty.c_cflag |= (CREAD | CS8 | B9600); tio->c_cflag |= (CREAD | CS8 | HUPCL);
tty.c_cflag &= ~(PARENB); tio->c_cflag &= ~(PARODD | PARENB);
/* VTIME and VMIN can overlap with VEOF and VEOL since they are /*
* VTIME and VMIN can overlap with VEOF and VEOL since they are
* only used for non-canonical mode. We just set the at the * only used for non-canonical mode. We just set the at the
* beginning, so nothing bad should happen. * beginning, so nothing bad should happen.
*/ */
tty.c_cc[VTIME] = 0; tio->c_cc[VTIME] = 0;
tty.c_cc[VMIN] = 1; tio->c_cc[VMIN] = CMIN;
tty.c_cc[VINTR] = CINTR; tio->c_cc[VINTR] = CINTR;
tty.c_cc[VQUIT] = CQUIT; tio->c_cc[VQUIT] = CQUIT;
tty.c_cc[VERASE] = CERASE; /* ASCII DEL (0177) */ tio->c_cc[VERASE] = CERASE; /* ASCII DEL (0177) */
tty.c_cc[VKILL] = CKILL; tio->c_cc[VKILL] = CKILL;
tty.c_cc[VEOF] = CEOF; tio->c_cc[VEOF] = CEOF;
tty.c_cc[VSWTC] = _POSIX_VDISABLE; # ifdef VSWTC
tty.c_cc[VSTART] = CSTART; tio->c_cc[VSWTC] = _POSIX_VDISABLE;
tty.c_cc[VSTOP] = CSTOP; # else
tty.c_cc[VSUSP] = CSUSP; tio->c_cc[VSWTCH] = _POSIX_VDISABLE;
tty.c_cc[VEOL] = _POSIX_VDISABLE; # endif
tty.c_cc[VREPRINT] = CREPRINT; tio->c_cc[VSTART] = CSTART;
tty.c_cc[VDISCARD] = CDISCARD; tio->c_cc[VSTOP] = CSTOP;
tty.c_cc[VWERASE] = CWERASE; tio->c_cc[VSUSP] = CSUSP;
tty.c_cc[VLNEXT] = CLNEXT; tio->c_cc[VEOL] = _POSIX_VDISABLE;
tty.c_cc[VEOL2] = _POSIX_VDISABLE; tio->c_cc[VREPRINT] = CREPRINT;
tio->c_cc[VDISCARD] = CDISCARD;
tcsetattr(0, TCSANOW, &tty); tio->c_cc[VWERASE] = CWERASE;
out: tio->c_cc[VLNEXT] = CLNEXT;
return; tio->c_cc[VEOL2] = _POSIX_VDISABLE;
}
#endif #endif
setattr:
/* Set line attributes */
tcsetattr(fd, TCSANOW, tio);
/* Enable blocking mode for read and write */
if ((flags = fcntl(fd, F_GETFL, 0)) != -1)
(void)fcntl(fd, F_SETFL, flags & ~O_NONBLOCK);
}
/*
* Finalize the tty modes on modem lines.
*/
static
void tcfinal(struct console *con)
{
int serial;
struct termios *tio = &con->tio;
int fd = con->fd;
/* Expected error */
serial = errno = 0;
if ((con->flags & CON_SERIAL) == 0) {
#ifdef __linux__
setenv("TERM", "linux", 1);
#else
setenv("TERM", "vt100", 1);
#endif
return;
}
if (con->flags & CON_NOTTY)
return;
setenv("TERM", "vt100", 1);
tio->c_iflag |= (IXON | IXOFF);
tio->c_lflag |= (ICANON | ISIG | ECHO|ECHOE|ECHOK|ECHOKE);
tio->c_oflag |= OPOST;
tio->c_cc[VINTR] = CINTR;
tio->c_cc[VQUIT] = CQUIT;
tio->c_cc[VERASE] = con->cp.erase;
tio->c_cc[VKILL] = con->cp.kill;
tio->c_cc[VEOF] = CEOF;
#ifdef VSWTC
tio->c_cc[VSWTC] = _POSIX_VDISABLE;
#else
tio->c_cc[VSWTCH] = _POSIX_VDISABLE;
#endif
tio->c_cc[VSTART] = CSTART;
tio->c_cc[VSTOP] = CSTOP;
tio->c_cc[VSUSP] = CSUSP;
tio->c_cc[VEOL] = _POSIX_VDISABLE;
if (con->cp.eol == CR) {
tio->c_iflag |= ICRNL;
tio->c_iflag &= ~(INLCR|IGNCR);
tio->c_oflag |= ONLCR;
tio->c_oflag &= ~(OCRNL|ONLRET);
}
switch (con->cp.parity) {
default:
case 0:
tio->c_cflag &= ~(PARODD | PARENB);
tio->c_iflag &= ~(INPCK | ISTRIP);
break;
case 1: /* odd parity */
tio->c_cflag |= PARODD;
/* fall through */
case 2: /* even parity */
tio->c_cflag |= PARENB;
tio->c_iflag |= (INPCK | ISTRIP);
/* fall through */
case (1 | 2): /* no parity bit */
tio->c_cflag &= ~CSIZE;
tio->c_cflag |= CS7;
break;
}
/* Set line attributes */
(void)tcsetattr(fd, TCSANOW, tio);
}
/* /*
* Called at timeout. * Called at timeout.
*/ */
static static
# ifdef __GNUC__ # ifdef __GNUC__
__attribute__((__noinline__))
void alrm_handler(int sig __attribute__((unused))) void alrm_handler(int sig __attribute__((unused)))
# else # else
void alrm_handler(int sig) void alrm_handler(int sig)
# endif # endif
{ {
/* Timeout expired */
alarm_rised++; alarm_rised++;
}
signal(SIGINT, saved_sigint); /*
signal(SIGTSTP, saved_sigtstp); * Called at timeout.
signal(SIGQUIT, saved_sigquit); */
static
/* Never use exit(3) or stdio(3) within a signal handler */ # ifdef __GNUC__
__attribute__((__noinline__))
void chld_handler(int sig __attribute__((unused)))
# else
void chld_handler(int sig)
# endif
{
sigchild++;
} }
/* /*
@ -305,7 +471,7 @@ struct passwd *getrootpwent(int try_manually)
* or not found, return. * or not found, return.
*/ */
if (p == NULL) { if (p == NULL) {
fprintf(stderr, "%s: no entry for root\n", F_PASSWD); fprintf(stderr, "sulogin: %s: no entry for root\n\r", F_PASSWD);
return &pwd; return &pwd;
} }
if (valid(pwd.pw_passwd)) return &pwd; if (valid(pwd.pw_passwd)) return &pwd;
@ -316,7 +482,7 @@ struct passwd *getrootpwent(int try_manually)
*/ */
strcpy(pwd.pw_passwd, ""); strcpy(pwd.pw_passwd, "");
if ((fp = fopen(F_SHADOW, "r")) == NULL) { if ((fp = fopen(F_SHADOW, "r")) == NULL) {
fprintf(stderr, "%s: root password garbled\n", F_PASSWD); fprintf(stderr, "sulogin: %s: root password garbled\n\r", F_PASSWD);
return &pwd; return &pwd;
} }
while((p = fgets(sline, 256, fp)) != NULL) { while((p = fgets(sline, 256, fp)) != NULL) {
@ -333,67 +499,212 @@ struct passwd *getrootpwent(int try_manually)
* NULL it, and return. * NULL it, and return.
*/ */
if (p == NULL) { if (p == NULL) {
fprintf(stderr, "%s: no entry for root\n", F_SHADOW); fprintf(stderr, "sulogin: %s: no entry for root\n\r", F_SHADOW);
strcpy(pwd.pw_passwd, ""); strcpy(pwd.pw_passwd, "");
} }
if (!valid(pwd.pw_passwd)) { if (!valid(pwd.pw_passwd)) {
fprintf(stderr, "%s: root password garbled\n", F_SHADOW); fprintf(stderr, "sulogin: %s: root password garbled\n\r", F_SHADOW);
strcpy(pwd.pw_passwd, ""); } strcpy(pwd.pw_passwd, ""); }
return &pwd; return &pwd;
} }
/* /*
* Ask for the password. Note that there is no * Ask by prompt for the password.
*/
static
void doprompt(const char *crypted, struct console *con)
{
struct termios tty;
if (con->flags & CON_SERIAL) {
tty = con->tio;
/*
* For prompting: map NL in output to CR-NL
* otherwise we may see stairs in the output.
*/
tty.c_oflag |= (ONLCR | OPOST);
(void) tcsetattr(con->fd, TCSADRAIN, &tty);
}
if (con->file == (FILE*)0) {
if ((con->file = fdopen(con->fd, "r+")) == (FILE*)0)
goto err;
}
#if defined(USE_ONELINE)
if (crypted[0])
fprintf(con->file, "Give root password for login: ");
else
fprintf(con->file, "Press enter for login: ");
#else
if (crypted[0])
fprintf(con->file, "Give root password for maintenance\n\r");
else
fprintf(con->file, "Press enter for maintenance");
fprintf(con->file, "(or type Control-D to continue): ");
#endif
fflush(con->file);
err:
if (con->flags & CON_SERIAL)
(void) tcsetattr(con->fd, TCSADRAIN, &con->tio);
}
/*
* Make sure to have an own session and controlling terminal
*/
static
void setup(struct console *con)
{
pid_t pid, pgrp, ppgrp, ttypgrp;
int fd;
if (con->flags & CON_NOTTY)
return;
fd = con->fd;
/*
* Only go through this trouble if the new
* tty doesn't fall in this process group.
*/
pid = getpid();
pgrp = getpgid(0);
ppgrp = getpgid(getppid());
ttypgrp = tcgetpgrp(fd);
if (pgrp != ttypgrp && ppgrp != ttypgrp) {
if (pid != getsid(0)) {
if (pid == getpgid(0))
setpgid(0, getpgid(getppid()));
setsid();
}
signal(SIGHUP, SIG_IGN);
if (ttypgrp > 0)
ioctl(0, TIOCNOTTY, (char *)1);
signal(SIGHUP, saved_sighup);
if (fd > 0) close(0);
if (fd > 1) close(1);
if (fd > 2) close(2);
ioctl(fd, TIOCSCTTY, (char *)1);
tcsetpgrp(fd, ppgrp);
}
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
con->fd = 0;
for (fd = 3; fd < 32; fd++) {
if (openfd & (1<<fd)) {
close(fd);
openfd &= ~(1<<fd);
}
}
}
/*
* Fetch the password. Note that there is no
* default timeout as we normally skip this during boot. * default timeout as we normally skip this during boot.
*/ */
static static
char *getpasswd(char *crypted) char *getpasswd(struct console *con)
{ {
static char pass[128], *ptr;
struct sigaction sa; struct sigaction sa;
struct termios old, tty; struct chardata *cp;
static char pass[128]; struct termios tty;
char *ret = pass; char *ret = pass;
int i; unsigned char tc;
#if defined(USE_ONELINE) char ascval;
if (crypted[0]) int eightbit;
printf("Give root password for login: "); int c, fd;
else
printf("Press enter for login: ");
#else
if (crypted[0])
printf("Give root password for maintenance\n");
else
printf("Press enter for maintenance");
printf("(or type Control-D to continue): ");
#endif
fflush(stdout);
tcgetattr(0, &old); if (con->flags & CON_NOTTY)
tcgetattr(0, &tty); goto out;
fd = con->fd;
cp = &con->cp;
tty = con->tio;
tty.c_iflag &= ~(IUCLC|IXON|IXOFF|IXANY); tty.c_iflag &= ~(IUCLC|IXON|IXOFF|IXANY);
tty.c_lflag &= ~(ECHO|ECHOE|ECHOK|ECHONL|TOSTOP); tty.c_lflag &= ~(ECHO|ECHOE|ECHOK|ECHONL|TOSTOP|ISIG);
tcsetattr(0, TCSANOW, &tty); tc = (tcsetattr(fd, TCSAFLUSH, &tty) == 0);
pass[sizeof(pass) - 1] = 0;
sa.sa_handler = alrm_handler; sa.sa_handler = alrm_handler;
sa.sa_flags = 0; sa.sa_flags = 0;
sigaction(SIGALRM, &sa, NULL); sigaction(SIGALRM, &sa, NULL);
if (timeout) alarm(timeout); if (timeout) alarm(timeout);
if (read(0, pass, sizeof(pass) - 1) <= 0) ptr = &pass[0];
ret = NULL; cp->eol = *ptr = '\0';
else {
for(i = 0; i < (int)sizeof(pass) && pass[i]; i++) eightbit = ((con->flags & CON_SERIAL) == 0 || (tty.c_cflag & (PARODD|PARENB)) == 0);
if (pass[i] == '\r' || pass[i] == '\n') { while (cp->eol == 0) {
pass[i] = 0; if (read(fd, &c, 1) < 1) {
if (errno == EINTR || errno == EAGAIN) {
usleep(1000);
continue;
}
ret = (char*)0;
switch (errno) {
case 0:
case EIO:
case ESRCH:
case EINVAL:
case ENOENT:
break;
default:
fprintf(stderr, "sulogin: read(%s): %m\n\r", con->tty);
break; break;
} }
} goto quit;
alarm(0); }
tcsetattr(0, TCSANOW, &old);
printf("\n");
if (eightbit)
ascval = c;
else if (c != (ascval = (c & 0177))) {
uint32_t bits, mask;
for (bits = 1, mask = 1; mask & 0177; mask <<= 1) {
if (mask & ascval)
bits++;
}
cp->parity |= ((bits & 1) ? 1 : 2);
}
switch (ascval) {
case CR:
case NL:
*ptr = '\0';
cp->eol = ascval;
break;
case BS:
case CERASE:
cp->erase = ascval;
if (ptr > &pass[0])
ptr--;
break;
case CKILL:
cp->kill = ascval;
while (ptr > &pass[0])
ptr--;
break;
case CEOF:
goto quit;
default:
if ((size_t)(ptr - &pass[0]) >= (sizeof(pass) -1 )) {
fprintf(stderr, "sulogin: input overrun at %s\n\r", con->tty);
ret = (char*)0;
goto quit;
}
*ptr++ = ascval;
break;
}
}
quit:
alarm(0);
if (tc)
(void)tcsetattr(fd, TCSAFLUSH, &con->tio);
if (ret && *ret != '\0')
tcfinal(con);
printf("\r\n");
out:
return ret; return ret;
} }
@ -411,7 +722,10 @@ void sushell(struct passwd *pwd)
/* /*
* Set directory and shell. * Set directory and shell.
*/ */
(void)chdir(pwd->pw_dir); if (chdir(pwd->pw_dir) < 0) {
if (chdir("/") < 0)
fprintf(stderr, "sulogin: change of working directory failed: %m\n\r");
}
if ((p = getenv("SUSHELL")) != NULL) if ((p = getenv("SUSHELL")) != NULL)
sushell = p; sushell = p;
else if ((p = getenv("sushell")) != NULL) else if ((p = getenv("sushell")) != NULL)
@ -431,7 +745,8 @@ void sushell(struct passwd *pwd)
/* /*
* Set some important environment variables. * Set some important environment variables.
*/ */
getcwd(home, sizeof(home)); if (getcwd(home, sizeof(home)) == (char*)0)
strcpy(home, "/");
setenv("HOME", home, 1); setenv("HOME", home, 1);
setenv("LOGNAME", "root", 1); setenv("LOGNAME", "root", 1);
setenv("USER", "root", 1); setenv("USER", "root", 1);
@ -445,17 +760,18 @@ void sushell(struct passwd *pwd)
signal(SIGINT, saved_sigint); signal(SIGINT, saved_sigint);
signal(SIGTSTP, saved_sigtstp); signal(SIGTSTP, saved_sigtstp);
signal(SIGQUIT, saved_sigquit); signal(SIGQUIT, saved_sigquit);
signal(SIGHUP, SIG_DFL);
#ifdef WITH_SELINUX #ifdef WITH_SELINUX
if (is_selinux_enabled() > 0) { if (is_selinux_enabled() > 0) {
security_context_t scon=NULL; security_context_t scon=NULL;
char *seuser=NULL; char *seuser=NULL;
char *level=NULL; char *level=NULL;
if (getseuserbyname("root", &seuser, &level) == 0) if (getseuserbyname("root", &seuser, &level) == 0)
if (get_default_context_with_level(seuser, level, 0, &scon) == 0) { if (get_default_context_with_level(seuser, level, 0, &scon) == 0) {
if (setexeccon(scon) != 0) if (setexeccon(scon) != 0)
fprintf(stderr, "setexeccon faile\n"); fprintf(stderr, "sulogin: setexeccon failed\n\r");
freecon(scon); freecon(scon);
} }
free(seuser); free(seuser);
free(level); free(level);
} }
@ -474,20 +790,68 @@ void sushell(struct passwd *pwd)
perror(STATICSH); perror(STATICSH);
} }
#ifdef __linux__
/*
* Make C library standard calls like ttyname(3) work.
*/
static uint32_t mounts;
#define MNT_PROCFS 0x0001
#define MNT_DEVTMPFS 0x0002
static __attribute__((__noinline__))
void putmounts(void)
{
if (mounts & MNT_DEVTMPFS)
umount2("/dev", MNT_DETACH);
if (mounts & MNT_PROCFS)
umount2("/proc", MNT_DETACH);
}
static __attribute__((__constructor__))
void getmounts(void)
{
struct statfs st;
if (statfs("/proc", &st) == 0 && st.f_type != PROC_SUPER_MAGIC) {
if (mount("proc", "/proc", "proc", MS_RELATIME, NULL) == 0)
mounts |= MNT_PROCFS;
}
if (statfs("/dev", &st) == 0 && st.f_type != TMPFS_MAGIC) {
if (mount("devtmpfs", "/dev", "devtmpfs", MS_RELATIME, "mode=0755,nr_inodes=0") == 0) {
mounts |= MNT_DEVTMPFS;
(void)mknod("/dev/console", S_IFCHR|S_IRUSR|S_IWUSR, makedev(TTYAUX_MAJOR, 1));
if (symlink("/proc/self/fd", "/dev/fd") == 0) {
dovoid(symlink("fd/0", "/dev/stdin"));
dovoid(symlink("fd/1", "/dev/stdout"));
dovoid(symlink("fd/2", "/dev/stderr"));
}
}
}
if (mounts) atexit(putmounts);
}
#endif
static static
void usage(void) void usage(void)
{ {
fprintf(stderr, "Usage: sulogin [-e] [-p] [-t timeout] [tty device]\n"); fprintf(stderr, "Usage: sulogin [-e] [-p] [-t timeout] [tty device]\n\r");
} }
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
char *tty = NULL; char *tty = NULL;
char *p;
struct passwd *pwd; struct passwd *pwd;
int c, fd = -1; int c, status = 0;
int opt_e = 0; int opt_e = 0;
pid_t pid, pgrp, ppgrp, ttypgrp; struct console *con;
pid_t pid;
/*
* We are init. We hence need to set uo a session.
*/
if ((pid = getpid()) == 1) {
setsid();
(void)ioctl(0, TIOCSCTTY, (char *)1);
}
/* /*
* See if we have a timeout flag. * See if we have a timeout flag.
@ -510,115 +874,138 @@ int main(int argc, char **argv)
} }
if (geteuid() != 0) { if (geteuid() != 0) {
fprintf(stderr, "sulogin: only root can run sulogin.\n"); fprintf(stderr, "sulogin: only root can run sulogin.\n\r");
exit(1); exit(1);
} }
saved_sigint = signal(SIGINT, SIG_IGN);
saved_sigquit = signal(SIGQUIT, SIG_IGN);
saved_sigtstp = signal(SIGTSTP, SIG_IGN);
saved_sighup = signal(SIGHUP, SIG_IGN);
/* /*
* See if we need to open an other tty device. * See if we need to open an other tty device.
*/ */
saved_sigint = signal(SIGINT, SIG_IGN); if (optind < argc)
saved_sigquit = signal(SIGQUIT, SIG_IGN); tty = argv[optind];
saved_sigtstp = signal(SIGTSTP, SIG_IGN); if (!tty || *tty == '\0')
if (optind < argc) tty = argv[optind]; tty = getenv("CONSOLE");
if (tty || (tty = getenv("CONSOLE"))) { /*
* Detect possible consoles, use stdin as fallback.
*/
detect_consoles(tty, 0);
if ((fd = open(tty, O_RDWR)) < 0) { /*
perror(tty); * Should not happen
fd = dup(0); */
} if (!consoles) {
if (!errno)
if (!isatty(fd)) { errno = ENOMEM;
fprintf(stderr, "%s: not a tty\n", tty); fprintf(stderr, "sulogin: cannot open console: %m\n\r");
close(fd); exit(1);
} else {
/*
* Only go through this trouble if the new
* tty doesn't fall in this process group.
*/
pid = getpid();
pgrp = getpgid(0);
ppgrp = getpgid(getppid());
ttypgrp = tcgetpgrp(fd);
if (pgrp != ttypgrp && ppgrp != ttypgrp) {
if (pid != getsid(0)) {
if (pid == getpgid(0))
setpgid(0, getpgid(getppid()));
setsid();
}
signal(SIGHUP, SIG_IGN);
if (ttypgrp > 0)
ioctl(0, TIOCNOTTY, (char *)1);
signal(SIGHUP, SIG_DFL);
close(0);
close(1);
close(2);
if (fd > 2)
close(fd);
if ((fd = open(tty, O_RDWR|O_NOCTTY)) < 0) {
perror(tty);
} else {
ioctl(0, TIOCSCTTY, (char *)1);
tcsetpgrp(fd, ppgrp);
dup2(fd, 0);
dup2(fd, 1);
dup2(fd, 2);
if (fd > 2)
close(fd);
}
} else
if (fd > 2)
close(fd);
}
} else if (getpid() == 1) {
/* We are init. We hence need to set a session anyway */
setsid();
if (ioctl(0, TIOCSCTTY, (char *)1))
perror("ioctl(TIOCSCTTY)");
} }
#if defined(SANE_TIO) && (SANE_TIO == 1)
fixtty();
#endif
/* /*
* Get the root password. * Get the root password.
*/ */
if ((pwd = getrootpwent(opt_e)) == NULL) { if ((pwd = getrootpwent(opt_e)) == NULL) {
fprintf(stderr, "sulogin: cannot open password database!\n"); fprintf(stderr, "sulogin: cannot open password database!\n\r");
sleep(2); sleep(2);
} }
/* /*
* Ask for the password. * Prompt for input on the consoles
*/ */
while(pwd) { for (con = consoles; con && con->id < CONMAX; con = con->next) {
int failed = 0; if (con->fd >= 0) {
if ((p = getpasswd(pwd->pw_passwd)) == NULL) break; openfd |= (1<<con->fd);
if (pwd->pw_passwd[0] == 0 || tcinit(con);
strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd) == 0) { continue;
sushell(pwd);
failed++;
} }
signal(SIGQUIT, SIG_IGN); if ((con->fd = open(con->tty, O_RDWR | O_NOCTTY | O_NONBLOCK)) < 0)
signal(SIGTSTP, SIG_IGN); continue;
signal(SIGINT, SIG_IGN); openfd |= (1<<con->fd);
if (failed) { tcinit(con);
printf("Can not execute su shell.\n");
break;
} else
printf("Login incorrect.\n");
} }
con = consoles;
usemask = (uint32_t*)mmap(NULL, sizeof(uint32_t), PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_SHARED, -1, 0);
if (alarm_rised) if (con->next == (struct console*)0)
printf("Timed out.\n"); goto nofork;
signal(SIGCHLD, chld_handler);
do {
switch ((con->pid = fork())) {
case 0:
signal(SIGCHLD, SIG_DFL);
/* fall through */
nofork:
setup(con);
while (1) {
char *passwd = pwd->pw_passwd;
char *answer;
int failed = 0;
doprompt(passwd, con);
if ((answer = getpasswd(con)) == NULL)
break;
if (passwd[0] == '\0' ||
strcmp(crypt(answer, passwd), passwd) == 0) {
*usemask |= (1<<con->id);
sushell(pwd);
*usemask &= ~(1<<con->id);
failed++;
}
signal(SIGQUIT, SIG_IGN);
signal(SIGTSTP, SIG_IGN);
signal(SIGINT, SIG_IGN);
if (failed) {
fprintf(stderr, "sulogin: can not execute su shell.\n\r");
break;
}
fprintf(stderr, "Login incorrect.\n\r");
}
if (alarm_rised) {
tcfinal(con);
printf("Timed out.\n\r");
}
/*
* User may pressed Control-D.
*/
exit(0);
case -1:
fprintf(stderr, "sulogin: can not fork: %m\n\r");
/* fall through */
default:
break;
}
} while ((con = con->next) && (con->id < CONMAX));
while ((pid = wait(&status))) {
if (errno == ECHILD)
break;
if (pid < 0)
continue;
for (con = consoles; con && con->id < CONMAX; con = con->next) {
if (con->pid == pid) {
*usemask &= ~(1<<con->id);
continue;
}
if (kill(con->pid, 0) < 0) {
*usemask &= ~(1<<con->id);
continue;
}
if (*usemask & (1<<con->id))
continue;
kill(con->pid, SIGHUP);
usleep(5000);
kill(con->pid, SIGKILL);
}
}
signal(SIGCHLD, SIG_DFL);
/*
* User may pressed Control-D.
*/
return 0; return 0;
} }