su.c revision 1.8
1 1.8 christos /* $NetBSD: su.c,v 1.8 2023/06/30 21:46:20 christos Exp $ */ 2 1.1 christos 3 1.1 christos /*- 4 1.1 christos * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 5 1.1 christos * Copyright (c) 2004-2011 Dag-Erling Smrgrav 6 1.1 christos * All rights reserved. 7 1.1 christos * 8 1.1 christos * This software was developed for the FreeBSD Project by ThinkSec AS and 9 1.1 christos * Network Associates Laboratories, the Security Research Division of 10 1.1 christos * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 11 1.1 christos * ("CBOSS"), as part of the DARPA CHATS research program. 12 1.1 christos * 13 1.1 christos * Redistribution and use in source and binary forms, with or without 14 1.1 christos * modification, are permitted provided that the following conditions 15 1.1 christos * are met: 16 1.1 christos * 1. Redistributions of source code must retain the above copyright 17 1.1 christos * notice, this list of conditions and the following disclaimer. 18 1.1 christos * 2. Redistributions in binary form must reproduce the above copyright 19 1.1 christos * notice, this list of conditions and the following disclaimer in the 20 1.1 christos * documentation and/or other materials provided with the distribution. 21 1.1 christos * 3. The name of the author may not be used to endorse or promote 22 1.1 christos * products derived from this software without specific prior written 23 1.1 christos * permission. 24 1.1 christos * 25 1.1 christos * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 26 1.1 christos * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 1.1 christos * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 1.1 christos * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 29 1.1 christos * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 1.1 christos * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 1.1 christos * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 1.1 christos * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 1.1 christos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 1.1 christos * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 1.1 christos * SUCH DAMAGE. 36 1.1 christos */ 37 1.1 christos 38 1.1 christos #ifdef HAVE_CONFIG_H 39 1.1 christos # include "config.h" 40 1.1 christos #endif 41 1.1 christos 42 1.1 christos #include <sys/param.h> 43 1.1 christos #include <sys/wait.h> 44 1.1 christos 45 1.1 christos #include <err.h> 46 1.1 christos #include <grp.h> 47 1.1 christos #include <pwd.h> 48 1.1 christos #include <stdio.h> 49 1.1 christos #include <stdlib.h> 50 1.1 christos #include <string.h> 51 1.1 christos #include <syslog.h> 52 1.1 christos #include <unistd.h> 53 1.1 christos 54 1.1 christos #include <security/pam_appl.h> 55 1.1 christos #include <security/openpam.h> /* for openpam_ttyconv() */ 56 1.1 christos 57 1.1 christos extern char **environ; 58 1.1 christos 59 1.1 christos static pam_handle_t *pamh; 60 1.1 christos static struct pam_conv pamc; 61 1.1 christos 62 1.1 christos static void 63 1.1 christos usage(void) 64 1.1 christos { 65 1.1 christos 66 1.1 christos fprintf(stderr, "usage: su [login [args]]\n"); 67 1.1 christos exit(1); 68 1.1 christos } 69 1.1 christos 70 1.1 christos int 71 1.1 christos main(int argc, char *argv[]) 72 1.1 christos { 73 1.1 christos char hostname[MAXHOSTNAMELEN]; 74 1.1 christos const char *user, *tty; 75 1.1 christos const void *item; 76 1.1 christos char **args, **pam_envlist, **pam_env; 77 1.1 christos struct passwd *pwd; 78 1.1 christos int o, pam_err, status; 79 1.1 christos pid_t pid; 80 1.1 christos 81 1.1 christos while ((o = getopt(argc, argv, "")) != -1) 82 1.1 christos switch (o) { 83 1.1 christos default: 84 1.1 christos usage(); 85 1.1 christos } 86 1.1 christos 87 1.1 christos argc -= optind; 88 1.1 christos argv += optind; 89 1.1 christos 90 1.1 christos if (argc > 0) { 91 1.1 christos user = *argv; 92 1.1 christos --argc; 93 1.1 christos ++argv; 94 1.1 christos } else { 95 1.1 christos user = "root"; 96 1.1 christos } 97 1.1 christos 98 1.1 christos /* initialize PAM */ 99 1.1 christos pamc.conv = &openpam_ttyconv; 100 1.1 christos pam_start("su", user, &pamc, &pamh); 101 1.1 christos 102 1.1 christos /* set some items */ 103 1.1 christos gethostname(hostname, sizeof(hostname)); 104 1.1 christos if ((pam_err = pam_set_item(pamh, PAM_RHOST, hostname)) != PAM_SUCCESS) 105 1.1 christos goto pamerr; 106 1.1 christos user = getlogin(); 107 1.1 christos if ((pam_err = pam_set_item(pamh, PAM_RUSER, user)) != PAM_SUCCESS) 108 1.1 christos goto pamerr; 109 1.1 christos tty = ttyname(STDERR_FILENO); 110 1.1 christos if ((pam_err = pam_set_item(pamh, PAM_TTY, tty)) != PAM_SUCCESS) 111 1.1 christos goto pamerr; 112 1.1 christos 113 1.1 christos /* authenticate the applicant */ 114 1.1 christos if ((pam_err = pam_authenticate(pamh, 0)) != PAM_SUCCESS) 115 1.1 christos goto pamerr; 116 1.1 christos if ((pam_err = pam_acct_mgmt(pamh, 0)) == PAM_NEW_AUTHTOK_REQD) 117 1.1 christos pam_err = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); 118 1.1 christos if (pam_err != PAM_SUCCESS) 119 1.1 christos goto pamerr; 120 1.1 christos 121 1.1 christos /* establish the requested credentials */ 122 1.1 christos if ((pam_err = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) 123 1.1 christos goto pamerr; 124 1.1 christos 125 1.1 christos /* authentication succeeded; open a session */ 126 1.1 christos if ((pam_err = pam_open_session(pamh, 0)) != PAM_SUCCESS) 127 1.1 christos goto pamerr; 128 1.1 christos 129 1.1 christos /* get mapped user name; PAM may have changed it */ 130 1.1 christos pam_err = pam_get_item(pamh, PAM_USER, &item); 131 1.1 christos if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user = item)) == NULL) 132 1.1 christos goto pamerr; 133 1.1 christos 134 1.1 christos /* export PAM environment */ 135 1.1 christos if ((pam_envlist = pam_getenvlist(pamh)) != NULL) { 136 1.1 christos for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) { 137 1.1 christos putenv(*pam_env); 138 1.1 christos free(*pam_env); 139 1.1 christos } 140 1.1 christos free(pam_envlist); 141 1.1 christos } 142 1.1 christos 143 1.1 christos /* build argument list */ 144 1.1 christos if ((args = calloc(argc + 2, sizeof *args)) == NULL) { 145 1.1 christos warn("calloc()"); 146 1.1 christos goto err; 147 1.1 christos } 148 1.1 christos *args = pwd->pw_shell; 149 1.1 christos memcpy(args + 1, argv, argc * sizeof *args); 150 1.1 christos 151 1.1 christos /* fork and exec */ 152 1.1 christos switch ((pid = fork())) { 153 1.1 christos case -1: 154 1.1 christos warn("fork()"); 155 1.1 christos goto err; 156 1.1 christos case 0: 157 1.1 christos /* child: give up privs and start a shell */ 158 1.1 christos 159 1.1 christos /* set uid and groups */ 160 1.1 christos if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { 161 1.1 christos warn("initgroups()"); 162 1.1 christos _exit(1); 163 1.1 christos } 164 1.1 christos if (setgid(pwd->pw_gid) == -1) { 165 1.1 christos warn("setgid()"); 166 1.1 christos _exit(1); 167 1.1 christos } 168 1.1 christos if (setuid(pwd->pw_uid) == -1) { 169 1.1 christos warn("setuid()"); 170 1.1 christos _exit(1); 171 1.1 christos } 172 1.1 christos execve(*args, args, environ); 173 1.1 christos warn("execve()"); 174 1.1 christos _exit(1); 175 1.1 christos default: 176 1.1 christos /* parent: wait for child to exit */ 177 1.1 christos waitpid(pid, &status, 0); 178 1.1 christos 179 1.1 christos /* close the session and release PAM resources */ 180 1.1 christos pam_err = pam_close_session(pamh, 0); 181 1.1 christos pam_end(pamh, pam_err); 182 1.1 christos 183 1.1 christos exit(WEXITSTATUS(status)); 184 1.1 christos } 185 1.1 christos 186 1.1 christos pamerr: 187 1.1 christos fprintf(stderr, "Sorry\n"); 188 1.1 christos err: 189 1.1 christos pam_end(pamh, pam_err); 190 1.1 christos exit(1); 191 1.1 christos } 192
Indexes created Tue May 19 00:24:48 UTC 2026