su.c revision 1.1.1.6
1 1.1 christos /*- 2 1.1 christos * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 3 1.1 christos * Copyright (c) 2004-2011 Dag-Erling Smrgrav 4 1.1 christos * All rights reserved. 5 1.1 christos * 6 1.1 christos * This software was developed for the FreeBSD Project by ThinkSec AS and 7 1.1 christos * Network Associates Laboratories, the Security Research Division of 8 1.1 christos * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 9 1.1 christos * ("CBOSS"), as part of the DARPA CHATS research program. 10 1.1 christos * 11 1.1 christos * Redistribution and use in source and binary forms, with or without 12 1.1 christos * modification, are permitted provided that the following conditions 13 1.1 christos * are met: 14 1.1 christos * 1. Redistributions of source code must retain the above copyright 15 1.1 christos * notice, this list of conditions and the following disclaimer. 16 1.1 christos * 2. Redistributions in binary form must reproduce the above copyright 17 1.1 christos * notice, this list of conditions and the following disclaimer in the 18 1.1 christos * documentation and/or other materials provided with the distribution. 19 1.1 christos * 3. The name of the author may not be used to endorse or promote 20 1.1 christos * products derived from this software without specific prior written 21 1.1 christos * permission. 22 1.1 christos * 23 1.1 christos * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 24 1.1 christos * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 1.1 christos * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 1.1 christos * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 27 1.1 christos * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 1.1 christos * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 1.1 christos * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 1.1 christos * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 1.1 christos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 1.1 christos * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 1.1 christos * SUCH DAMAGE. 34 1.1 christos */ 35 1.1 christos 36 1.1 christos #ifdef HAVE_CONFIG_H 37 1.1 christos # include "config.h" 38 1.1 christos #endif 39 1.1 christos 40 1.1 christos #include <sys/param.h> 41 1.1 christos #include <sys/wait.h> 42 1.1 christos 43 1.1 christos #include <err.h> 44 1.1 christos #include <grp.h> 45 1.1 christos #include <pwd.h> 46 1.1 christos #include <stdio.h> 47 1.1 christos #include <stdlib.h> 48 1.1 christos #include <string.h> 49 1.1 christos #include <syslog.h> 50 1.1 christos #include <unistd.h> 51 1.1 christos 52 1.1 christos #include <security/pam_appl.h> 53 1.1 christos #include <security/openpam.h> /* for openpam_ttyconv() */ 54 1.1 christos 55 1.1 christos extern char **environ; 56 1.1 christos 57 1.1 christos static pam_handle_t *pamh; 58 1.1 christos static struct pam_conv pamc; 59 1.1 christos 60 1.1 christos static void 61 1.1 christos usage(void) 62 1.1 christos { 63 1.1 christos 64 1.1 christos fprintf(stderr, "usage: su [login [args]]\n"); 65 1.1 christos exit(1); 66 1.1 christos } 67 1.1 christos 68 1.1 christos int 69 1.1 christos main(int argc, char *argv[]) 70 1.1 christos { 71 1.1 christos char hostname[MAXHOSTNAMELEN]; 72 1.1 christos const char *user, *tty; 73 1.1 christos const void *item; 74 1.1 christos char **args, **pam_envlist, **pam_env; 75 1.1 christos struct passwd *pwd; 76 1.1 christos int o, pam_err, status; 77 1.1 christos pid_t pid; 78 1.1 christos 79 1.1 christos while ((o = getopt(argc, argv, "")) != -1) 80 1.1 christos switch (o) { 81 1.1 christos default: 82 1.1 christos usage(); 83 1.1 christos } 84 1.1 christos 85 1.1 christos argc -= optind; 86 1.1 christos argv += optind; 87 1.1 christos 88 1.1 christos if (argc > 0) { 89 1.1 christos user = *argv; 90 1.1 christos --argc; 91 1.1 christos ++argv; 92 1.1 christos } else { 93 1.1 christos user = "root"; 94 1.1 christos } 95 1.1 christos 96 1.1 christos /* initialize PAM */ 97 1.1 christos pamc.conv = &openpam_ttyconv; 98 1.1 christos pam_start("su", user, &pamc, &pamh); 99 1.1 christos 100 1.1 christos /* set some items */ 101 1.1 christos gethostname(hostname, sizeof(hostname)); 102 1.1 christos if ((pam_err = pam_set_item(pamh, PAM_RHOST, hostname)) != PAM_SUCCESS) 103 1.1 christos goto pamerr; 104 1.1 christos user = getlogin(); 105 1.1 christos if ((pam_err = pam_set_item(pamh, PAM_RUSER, user)) != PAM_SUCCESS) 106 1.1 christos goto pamerr; 107 1.1 christos tty = ttyname(STDERR_FILENO); 108 1.1 christos if ((pam_err = pam_set_item(pamh, PAM_TTY, tty)) != PAM_SUCCESS) 109 1.1 christos goto pamerr; 110 1.1 christos 111 1.1 christos /* authenticate the applicant */ 112 1.1 christos if ((pam_err = pam_authenticate(pamh, 0)) != PAM_SUCCESS) 113 1.1 christos goto pamerr; 114 1.1 christos if ((pam_err = pam_acct_mgmt(pamh, 0)) == PAM_NEW_AUTHTOK_REQD) 115 1.1 christos pam_err = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); 116 1.1 christos if (pam_err != PAM_SUCCESS) 117 1.1 christos goto pamerr; 118 1.1 christos 119 1.1 christos /* establish the requested credentials */ 120 1.1 christos if ((pam_err = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) 121 1.1 christos goto pamerr; 122 1.1 christos 123 1.1 christos /* authentication succeeded; open a session */ 124 1.1 christos if ((pam_err = pam_open_session(pamh, 0)) != PAM_SUCCESS) 125 1.1 christos goto pamerr; 126 1.1 christos 127 1.1 christos /* get mapped user name; PAM may have changed it */ 128 1.1 christos pam_err = pam_get_item(pamh, PAM_USER, &item); 129 1.1 christos if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user = item)) == NULL) 130 1.1 christos goto pamerr; 131 1.1 christos 132 1.1 christos /* export PAM environment */ 133 1.1 christos if ((pam_envlist = pam_getenvlist(pamh)) != NULL) { 134 1.1 christos for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) { 135 1.1 christos putenv(*pam_env); 136 1.1 christos free(*pam_env); 137 1.1 christos } 138 1.1 christos free(pam_envlist); 139 1.1 christos } 140 1.1 christos 141 1.1 christos /* build argument list */ 142 1.1 christos if ((args = calloc(argc + 2, sizeof *args)) == NULL) { 143 1.1 christos warn("calloc()"); 144 1.1 christos goto err; 145 1.1 christos } 146 1.1 christos *args = pwd->pw_shell; 147 1.1 christos memcpy(args + 1, argv, argc * sizeof *args); 148 1.1 christos 149 1.1 christos /* fork and exec */ 150 1.1 christos switch ((pid = fork())) { 151 1.1 christos case -1: 152 1.1 christos warn("fork()"); 153 1.1 christos goto err; 154 1.1 christos case 0: 155 1.1 christos /* child: give up privs and start a shell */ 156 1.1 christos 157 1.1 christos /* set uid and groups */ 158 1.1 christos if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { 159 1.1 christos warn("initgroups()"); 160 1.1 christos _exit(1); 161 1.1 christos } 162 1.1 christos if (setgid(pwd->pw_gid) == -1) { 163 1.1 christos warn("setgid()"); 164 1.1 christos _exit(1); 165 1.1 christos } 166 1.1 christos if (setuid(pwd->pw_uid) == -1) { 167 1.1 christos warn("setuid()"); 168 1.1 christos _exit(1); 169 1.1 christos } 170 1.1 christos execve(*args, args, environ); 171 1.1 christos warn("execve()"); 172 1.1 christos _exit(1); 173 1.1 christos default: 174 1.1 christos /* parent: wait for child to exit */ 175 1.1 christos waitpid(pid, &status, 0); 176 1.1 christos 177 1.1 christos /* close the session and release PAM resources */ 178 1.1 christos pam_err = pam_close_session(pamh, 0); 179 1.1 christos pam_end(pamh, pam_err); 180 1.1 christos 181 1.1 christos exit(WEXITSTATUS(status)); 182 1.1 christos } 183 1.1 christos 184 1.1 christos pamerr: 185 1.1 christos fprintf(stderr, "Sorry\n"); 186 1.1 christos err: 187 1.1 christos pam_end(pamh, pam_err); 188 1.1 christos exit(1); 189 1.1 christos } 190
Indexes created Tue May 19 00:24:48 UTC 2026