login.c revision 1.103
1 1.103 wiz /* $NetBSD: login.c,v 1.103 2012/04/29 01:26:56 wiz Exp $ */ 2 1.12 jtc 3 1.1 cgd /*- 4 1.12 jtc * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 5 1.10 brezak * The Regents of the University of California. All rights reserved. 6 1.1 cgd * 7 1.1 cgd * Redistribution and use in source and binary forms, with or without 8 1.1 cgd * modification, are permitted provided that the following conditions 9 1.1 cgd * are met: 10 1.1 cgd * 1. Redistributions of source code must retain the above copyright 11 1.1 cgd * notice, this list of conditions and the following disclaimer. 12 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 cgd * notice, this list of conditions and the following disclaimer in the 14 1.1 cgd * documentation and/or other materials provided with the distribution. 15 1.73 agc * 3. Neither the name of the University nor the names of its contributors 16 1.1 cgd * may be used to endorse or promote products derived from this software 17 1.1 cgd * without specific prior written permission. 18 1.1 cgd * 19 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 1.1 cgd * SUCH DAMAGE. 30 1.1 cgd */ 31 1.1 cgd 32 1.24 lukem #include <sys/cdefs.h> 33 1.1 cgd #ifndef lint 34 1.96 lukem __COPYRIGHT("@(#) Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994\ 35 1.96 lukem The Regents of the University of California. All rights reserved."); 36 1.1 cgd #endif /* not lint */ 37 1.1 cgd 38 1.1 cgd #ifndef lint 39 1.12 jtc #if 0 40 1.12 jtc static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; 41 1.12 jtc #endif 42 1.103 wiz __RCSID("$NetBSD: login.c,v 1.103 2012/04/29 01:26:56 wiz Exp $"); 43 1.1 cgd #endif /* not lint */ 44 1.1 cgd 45 1.1 cgd /* 46 1.1 cgd * login [ name ] 47 1.1 cgd * login -h hostname (for telnetd, etc.) 48 1.1 cgd * login -f name (for pre-authenticated login: datakit, xterm, etc.) 49 1.1 cgd */ 50 1.1 cgd 51 1.1 cgd #include <sys/param.h> 52 1.1 cgd #include <sys/stat.h> 53 1.1 cgd #include <sys/time.h> 54 1.1 cgd #include <sys/resource.h> 55 1.1 cgd #include <sys/file.h> 56 1.38 mrg #include <sys/wait.h> 57 1.67 christos #include <sys/socket.h> 58 1.1 cgd 59 1.12 jtc #include <err.h> 60 1.5 cgd #include <errno.h> 61 1.1 cgd #include <grp.h> 62 1.1 cgd #include <pwd.h> 63 1.12 jtc #include <setjmp.h> 64 1.12 jtc #include <signal.h> 65 1.19 veego #include <stdio.h> 66 1.5 cgd #include <stdlib.h> 67 1.1 cgd #include <string.h> 68 1.12 jtc #include <syslog.h> 69 1.36 kleink #include <time.h> 70 1.12 jtc #include <ttyent.h> 71 1.12 jtc #include <tzfile.h> 72 1.12 jtc #include <unistd.h> 73 1.95 christos #include <sysexits.h> 74 1.67 christos #ifdef SUPPORT_UTMP 75 1.12 jtc #include <utmp.h> 76 1.66 christos #endif 77 1.67 christos #ifdef SUPPORT_UTMPX 78 1.66 christos #include <utmpx.h> 79 1.66 christos #endif 80 1.13 jtc #include <util.h> 81 1.29 mycroft #ifdef SKEY 82 1.29 mycroft #include <skey.h> 83 1.29 mycroft #endif 84 1.25 mycroft #ifdef KERBEROS5 85 1.45 christos #include <krb5/krb5.h> 86 1.99 christos #include <krb5/com_err.h> 87 1.25 mycroft #endif 88 1.48 mjl #ifdef LOGIN_CAP 89 1.48 mjl #include <login_cap.h> 90 1.48 mjl #endif 91 1.79 christos #include <vis.h> 92 1.25 mycroft 93 1.1 cgd #include "pathnames.h" 94 1.97 christos #include "common.h" 95 1.1 cgd 96 1.57 aidan #ifdef KERBEROS5 97 1.57 aidan int login_krb5_forwardable_tgt = 0; 98 1.97 christos static int login_krb5_get_tickets = 1; 99 1.97 christos static int login_krb5_retain_ccache = 0; 100 1.57 aidan #endif 101 1.57 aidan 102 1.97 christos static void checknologin(char *); 103 1.44 aidan #ifdef KERBEROS5 104 1.81 xtraeme int k5login(struct passwd *, char *, char *, char *); 105 1.81 xtraeme void k5destroy(void); 106 1.99 christos int k5_read_creds(const char *); 107 1.81 xtraeme int k5_write_creds(void); 108 1.57 aidan #endif 109 1.89 wiz #if defined(KERBEROS5) 110 1.97 christos static void dofork(void); 111 1.44 aidan #endif 112 1.103 wiz static void usage(void) __attribute__((__noreturn__)); 113 1.12 jtc 114 1.1 cgd #define TTYGRPNAME "tty" /* name of group to own ttys */ 115 1.1 cgd 116 1.50 mjl #define DEFAULT_BACKOFF 3 117 1.50 mjl #define DEFAULT_RETRIES 10 118 1.48 mjl 119 1.89 wiz #if defined(KERBEROS5) 120 1.57 aidan int has_ccache = 0; 121 1.101 christos int notickets = 1; 122 1.25 mycroft extern krb5_context kcontext; 123 1.44 aidan extern int have_forward; 124 1.102 christos static char *instance; 125 1.57 aidan extern char *krb5tkfile_env; 126 1.60 thorpej extern int krb5_configured; 127 1.60 thorpej #endif 128 1.60 thorpej 129 1.89 wiz #if defined(KERBEROS5) 130 1.60 thorpej #define KERBEROS_CONFIGURED krb5_configured 131 1.25 mycroft #endif 132 1.1 cgd 133 1.97 christos extern char **environ; 134 1.34 thorpej 135 1.5 cgd int 136 1.80 xtraeme main(int argc, char *argv[]) 137 1.1 cgd { 138 1.5 cgd struct group *gr; 139 1.5 cgd struct stat st; 140 1.29 mycroft int ask, ch, cnt, fflag, hflag, pflag, sflag, quietlog, rootlogin, rval; 141 1.44 aidan int Fflag; 142 1.33 hubertf uid_t uid, saved_uid; 143 1.35 hubertf gid_t saved_gid, saved_gids[NGROUPS_MAX]; 144 1.35 hubertf int nsaved_gids; 145 1.99 christos char *domain, *p, *ttyn; 146 1.99 christos const char *pwprompt; 147 1.1 cgd char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 148 1.37 mrg char localhost[MAXHOSTNAMELEN + 1]; 149 1.29 mycroft int need_chpass, require_chpass; 150 1.48 mjl int login_retries = DEFAULT_RETRIES, 151 1.48 mjl login_backoff = DEFAULT_BACKOFF; 152 1.48 mjl time_t pw_warntime = _PASSWORD_WARNDAYS * SECSPERDAY; 153 1.102 christos char *loginname = NULL; 154 1.25 mycroft #ifdef KERBEROS5 155 1.25 mycroft krb5_error_code kerror; 156 1.25 mycroft #endif 157 1.89 wiz #if defined(KERBEROS5) 158 1.57 aidan int got_tickets = 0; 159 1.57 aidan #endif 160 1.48 mjl #ifdef LOGIN_CAP 161 1.49 mjl char *shell = NULL; 162 1.48 mjl login_cap_t *lc = NULL; 163 1.48 mjl #endif 164 1.1 cgd 165 1.20 lukem tbuf[0] = '\0'; 166 1.20 lukem rval = 0; 167 1.20 lukem pwprompt = NULL; 168 1.70 itojun nested = NULL; 169 1.29 mycroft need_chpass = require_chpass = 0; 170 1.20 lukem 171 1.1 cgd (void)signal(SIGALRM, timedout); 172 1.12 jtc (void)alarm(timeout); 173 1.1 cgd (void)signal(SIGQUIT, SIG_IGN); 174 1.1 cgd (void)signal(SIGINT, SIG_IGN); 175 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, 0); 176 1.1 cgd 177 1.63 lukem openlog("login", 0, LOG_AUTH); 178 1.1 cgd 179 1.1 cgd /* 180 1.1 cgd * -p is used by getty to tell login not to destroy the environment 181 1.5 cgd * -f is used to skip a second login authentication 182 1.66 christos * -h is used by other servers to pass the name of the remote host to 183 1.66 christos * login so that it may be placed in utmp/utmpx and wtmp/wtmpx 184 1.87 jnemeth * -a in addition to -h, a server may supply -a to pass the actual 185 1.79 christos * server address. 186 1.20 lukem * -s is used to force use of S/Key or equivalent. 187 1.1 cgd */ 188 1.1 cgd domain = NULL; 189 1.1 cgd if (gethostname(localhost, sizeof(localhost)) < 0) 190 1.1 cgd syslog(LOG_ERR, "couldn't get local hostname: %m"); 191 1.1 cgd else 192 1.12 jtc domain = strchr(localhost, '.'); 193 1.37 mrg localhost[sizeof(localhost) - 1] = '\0'; 194 1.1 cgd 195 1.44 aidan Fflag = fflag = hflag = pflag = sflag = 0; 196 1.79 christos have_ss = 0; 197 1.44 aidan #ifdef KERBEROS5 198 1.44 aidan have_forward = 0; 199 1.44 aidan #endif 200 1.1 cgd uid = getuid(); 201 1.79 christos while ((ch = getopt(argc, argv, "a:Ffh:ps")) != -1) 202 1.1 cgd switch (ch) { 203 1.79 christos case 'a': 204 1.79 christos if (uid) 205 1.95 christos errx(EXIT_FAILURE, "-a option: %s", strerror(EPERM)); 206 1.79 christos decode_ss(optarg); 207 1.82 christos #ifdef notdef 208 1.82 christos (void)sockaddr_snprintf(optarg, 209 1.82 christos sizeof(struct sockaddr_storage), "%a", (void *)&ss); 210 1.82 christos #endif 211 1.79 christos break; 212 1.44 aidan case 'F': 213 1.44 aidan Fflag = 1; 214 1.44 aidan /* FALLTHROUGH */ 215 1.1 cgd case 'f': 216 1.1 cgd fflag = 1; 217 1.1 cgd break; 218 1.1 cgd case 'h': 219 1.12 jtc if (uid) 220 1.95 christos errx(EXIT_FAILURE, "-h option: %s", strerror(EPERM)); 221 1.1 cgd hflag = 1; 222 1.79 christos #ifdef notdef 223 1.23 mikel if (domain && (p = strchr(optarg, '.')) != NULL && 224 1.1 cgd strcasecmp(p, domain) == 0) 225 1.79 christos *p = '\0'; 226 1.79 christos #endif 227 1.1 cgd hostname = optarg; 228 1.1 cgd break; 229 1.1 cgd case 'p': 230 1.1 cgd pflag = 1; 231 1.1 cgd break; 232 1.20 lukem case 's': 233 1.29 mycroft sflag = 1; 234 1.20 lukem break; 235 1.29 mycroft default: 236 1.1 cgd case '?': 237 1.79 christos usage(); 238 1.79 christos break; 239 1.1 cgd } 240 1.82 christos 241 1.82 christos setproctitle(NULL); 242 1.1 cgd argc -= optind; 243 1.1 cgd argv += optind; 244 1.5 cgd 245 1.1 cgd if (*argv) { 246 1.102 christos username = loginname = *argv; 247 1.1 cgd ask = 0; 248 1.1 cgd } else 249 1.1 cgd ask = 1; 250 1.1 cgd 251 1.82 christos #ifdef F_CLOSEM 252 1.82 christos (void)fcntl(3, F_CLOSEM, 0); 253 1.82 christos #else 254 1.1 cgd for (cnt = getdtablesize(); cnt > 2; cnt--) 255 1.5 cgd (void)close(cnt); 256 1.82 christos #endif 257 1.1 cgd 258 1.5 cgd ttyn = ttyname(STDIN_FILENO); 259 1.1 cgd if (ttyn == NULL || *ttyn == '\0') { 260 1.5 cgd (void)snprintf(tname, sizeof(tname), "%s??", _PATH_TTY); 261 1.1 cgd ttyn = tname; 262 1.1 cgd } 263 1.82 christos if ((tty = strstr(ttyn, "/pts/")) != NULL) 264 1.82 christos ++tty; 265 1.82 christos else if ((tty = strrchr(ttyn, '/')) != NULL) 266 1.1 cgd ++tty; 267 1.1 cgd else 268 1.1 cgd tty = ttyn; 269 1.25 mycroft 270 1.70 itojun if (issetugid()) { 271 1.70 itojun nested = strdup(user_from_uid(getuid(), 0)); 272 1.70 itojun if (nested == NULL) { 273 1.93 isaki syslog(LOG_ERR, "strdup: %m"); 274 1.95 christos sleepexit(EXIT_FAILURE); 275 1.70 itojun } 276 1.70 itojun } 277 1.70 itojun 278 1.48 mjl #ifdef LOGIN_CAP 279 1.48 mjl /* Get "login-retries" and "login-backoff" from default class */ 280 1.55 enami if ((lc = login_getclass(NULL)) != NULL) { 281 1.55 enami login_retries = (int)login_getcapnum(lc, "login-retries", 282 1.55 enami DEFAULT_RETRIES, DEFAULT_RETRIES); 283 1.55 enami login_backoff = (int)login_getcapnum(lc, "login-backoff", 284 1.55 enami DEFAULT_BACKOFF, DEFAULT_BACKOFF); 285 1.48 mjl login_close(lc); 286 1.48 mjl lc = NULL; 287 1.55 enami } 288 1.48 mjl #endif 289 1.48 mjl 290 1.25 mycroft #ifdef KERBEROS5 291 1.25 mycroft kerror = krb5_init_context(&kcontext); 292 1.25 mycroft if (kerror) { 293 1.61 thorpej /* 294 1.61 thorpej * If Kerberos is not configured, that is, we are 295 1.61 thorpej * not using Kerberos, do not log the error message. 296 1.61 thorpej * However, if Kerberos is configured, and the 297 1.61 thorpej * context init fails for some other reason, we need 298 1.61 thorpej * to issue a no tickets warning to the user when the 299 1.61 thorpej * login succeeds. 300 1.61 thorpej */ 301 1.61 thorpej if (kerror != ENXIO) { /* XXX NetBSD-local Heimdal hack */ 302 1.61 thorpej syslog(LOG_NOTICE, 303 1.61 thorpej "%s when initializing Kerberos context", 304 1.61 thorpej error_message(kerror)); 305 1.61 thorpej krb5_configured = 1; 306 1.61 thorpej } 307 1.57 aidan login_krb5_get_tickets = 0; 308 1.58 aidan } 309 1.64 cgd #endif /* KERBEROS5 */ 310 1.1 cgd 311 1.1 cgd for (cnt = 0;; ask = 1) { 312 1.57 aidan #if defined(KERBEROS5) 313 1.57 aidan if (login_krb5_get_tickets) 314 1.57 aidan k5destroy(); 315 1.57 aidan #endif 316 1.1 cgd if (ask) { 317 1.1 cgd fflag = 0; 318 1.102 christos loginname = getloginname(); 319 1.1 cgd } 320 1.5 cgd rootlogin = 0; 321 1.10 brezak #ifdef KERBEROS5 322 1.102 christos if ((instance = strchr(loginname, '/')) != NULL) 323 1.10 brezak *instance++ = '\0'; 324 1.29 mycroft else 325 1.99 christos instance = __UNCONST(""); 326 1.10 brezak #endif 327 1.102 christos username = trimloginname(loginname); 328 1.1 cgd /* 329 1.1 cgd * Note if trying multiple user names; log failures for 330 1.1 cgd * previous user name, but don't bother logging one failure 331 1.1 cgd * for nonexistent name (mistyped username). 332 1.1 cgd */ 333 1.1 cgd if (failures && strcmp(tbuf, username)) { 334 1.1 cgd if (failures > (pwd ? 0 : 1)) 335 1.1 cgd badlogin(tbuf); 336 1.1 cgd failures = 0; 337 1.1 cgd } 338 1.71 itojun (void)strlcpy(tbuf, username, sizeof(tbuf)); 339 1.1 cgd 340 1.90 hubertf pwd = getpwnam(username); 341 1.1 cgd 342 1.48 mjl #ifdef LOGIN_CAP 343 1.48 mjl /* 344 1.48 mjl * Establish the class now, before we might goto 345 1.48 mjl * within the next block. pwd can be NULL since it 346 1.52 mjl * falls back to the "default" class if it is. 347 1.52 mjl */ 348 1.52 mjl lc = login_getclass(pwd ? pwd->pw_class : NULL); 349 1.48 mjl #endif 350 1.1 cgd /* 351 1.1 cgd * if we have a valid account name, and it doesn't have a 352 1.1 cgd * password, or the -f option was specified and the caller 353 1.1 cgd * is root or the caller isn't changing their uid, don't 354 1.1 cgd * authenticate. 355 1.1 cgd */ 356 1.7 mycroft if (pwd) { 357 1.7 mycroft if (pwd->pw_uid == 0) 358 1.7 mycroft rootlogin = 1; 359 1.7 mycroft 360 1.8 mycroft if (fflag && (uid == 0 || uid == pwd->pw_uid)) { 361 1.7 mycroft /* already authenticated */ 362 1.44 aidan #ifdef KERBEROS5 363 1.57 aidan if (login_krb5_get_tickets && Fflag) 364 1.44 aidan k5_read_creds(username); 365 1.44 aidan #endif 366 1.7 mycroft break; 367 1.7 mycroft } else if (pwd->pw_passwd[0] == '\0') { 368 1.7 mycroft /* pretend password okay */ 369 1.7 mycroft rval = 0; 370 1.7 mycroft goto ttycheck; 371 1.7 mycroft } 372 1.7 mycroft } 373 1.7 mycroft 374 1.1 cgd fflag = 0; 375 1.1 cgd 376 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, -4); 377 1.1 cgd 378 1.27 mycroft #ifdef SKEY 379 1.29 mycroft if (skey_haskey(username) == 0) { 380 1.29 mycroft static char skprompt[80]; 381 1.59 thorpej const char *skinfo = skey_keyinfo(username); 382 1.20 lukem 383 1.75 itojun (void)snprintf(skprompt, sizeof(skprompt), 384 1.83 tron "Password [ %s ]:", 385 1.29 mycroft skinfo ? skinfo : "error getting challenge"); 386 1.29 mycroft pwprompt = skprompt; 387 1.29 mycroft } else 388 1.27 mycroft #endif 389 1.29 mycroft pwprompt = "Password:"; 390 1.27 mycroft 391 1.29 mycroft p = getpass(pwprompt); 392 1.1 cgd 393 1.29 mycroft if (pwd == NULL) { 394 1.29 mycroft rval = 1; 395 1.29 mycroft goto skip; 396 1.29 mycroft } 397 1.29 mycroft #ifdef KERBEROS5 398 1.57 aidan if (login_krb5_get_tickets && 399 1.57 aidan k5login(pwd, instance, localhost, p) == 0) { 400 1.29 mycroft rval = 0; 401 1.57 aidan got_tickets = 1; 402 1.57 aidan } 403 1.57 aidan #endif 404 1.89 wiz #if defined(KERBEROS5) 405 1.57 aidan if (got_tickets) 406 1.29 mycroft goto skip; 407 1.29 mycroft #endif 408 1.20 lukem #ifdef SKEY 409 1.29 mycroft if (skey_haskey(username) == 0 && 410 1.29 mycroft skey_passcheck(username, p) != -1) { 411 1.29 mycroft rval = 0; 412 1.29 mycroft goto skip; 413 1.29 mycroft } 414 1.20 lukem #endif 415 1.29 mycroft if (!sflag && *pwd->pw_passwd != '\0' && 416 1.29 mycroft !strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd)) { 417 1.29 mycroft rval = 0; 418 1.29 mycroft require_chpass = 1; 419 1.29 mycroft goto skip; 420 1.29 mycroft } 421 1.29 mycroft rval = 1; 422 1.29 mycroft 423 1.29 mycroft skip: 424 1.29 mycroft memset(p, 0, strlen(p)); 425 1.1 cgd 426 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, 0); 427 1.1 cgd 428 1.7 mycroft ttycheck: 429 1.1 cgd /* 430 1.1 cgd * If trying to log in as root without Kerberos, 431 1.1 cgd * but with insecure terminal, refuse the login attempt. 432 1.1 cgd */ 433 1.7 mycroft if (pwd && !rval && rootlogin && !rootterm(tty)) { 434 1.87 jnemeth (void)printf("Login incorrect or refused on this " 435 1.87 jnemeth "terminal.\n"); 436 1.1 cgd if (hostname) 437 1.1 cgd syslog(LOG_NOTICE, 438 1.1 cgd "LOGIN %s REFUSED FROM %s ON TTY %s", 439 1.1 cgd pwd->pw_name, hostname, tty); 440 1.1 cgd else 441 1.1 cgd syslog(LOG_NOTICE, 442 1.1 cgd "LOGIN %s REFUSED ON TTY %s", 443 1.1 cgd pwd->pw_name, tty); 444 1.1 cgd continue; 445 1.1 cgd } 446 1.1 cgd 447 1.1 cgd if (pwd && !rval) 448 1.1 cgd break; 449 1.1 cgd 450 1.87 jnemeth (void)printf("Login incorrect or refused on this " 451 1.87 jnemeth "terminal.\n"); 452 1.1 cgd failures++; 453 1.48 mjl cnt++; 454 1.88 jnemeth /* 455 1.88 jnemeth * We allow login_retries tries, but after login_backoff 456 1.88 jnemeth * we start backing off. These default to 10 and 3 457 1.88 jnemeth * respectively. 458 1.88 jnemeth */ 459 1.50 mjl if (cnt > login_backoff) { 460 1.48 mjl if (cnt >= login_retries) { 461 1.1 cgd badlogin(username); 462 1.95 christos sleepexit(EXIT_FAILURE); 463 1.1 cgd } 464 1.88 jnemeth sleep((u_int)((cnt - login_backoff) * 5)); 465 1.1 cgd } 466 1.1 cgd } 467 1.1 cgd 468 1.1 cgd /* committed to login -- turn off timeout */ 469 1.1 cgd (void)alarm((u_int)0); 470 1.1 cgd 471 1.1 cgd endpwent(); 472 1.1 cgd 473 1.1 cgd /* if user not super-user, check for disabled logins */ 474 1.48 mjl #ifdef LOGIN_CAP 475 1.93 isaki if (!login_getcapbool(lc, "ignorenologin", rootlogin)) 476 1.52 mjl checknologin(login_getcapstr(lc, "nologin", NULL, NULL)); 477 1.48 mjl #else 478 1.93 isaki if (!rootlogin) 479 1.93 isaki checknologin(NULL); 480 1.48 mjl #endif 481 1.1 cgd 482 1.48 mjl #ifdef LOGIN_CAP 483 1.93 isaki quietlog = login_getcapbool(lc, "hushlogin", 0); 484 1.48 mjl #else 485 1.93 isaki quietlog = 0; 486 1.48 mjl #endif 487 1.33 hubertf /* Temporarily give up special privileges so we can change */ 488 1.33 hubertf /* into NFS-mounted homes that are exported for non-root */ 489 1.33 hubertf /* access and have mode 7x0 */ 490 1.33 hubertf saved_uid = geteuid(); 491 1.35 hubertf saved_gid = getegid(); 492 1.35 hubertf nsaved_gids = getgroups(NGROUPS_MAX, saved_gids); 493 1.35 hubertf 494 1.35 hubertf (void)setegid(pwd->pw_gid); 495 1.35 hubertf initgroups(username, pwd->pw_gid); 496 1.35 hubertf (void)seteuid(pwd->pw_uid); 497 1.33 hubertf 498 1.1 cgd if (chdir(pwd->pw_dir) < 0) { 499 1.48 mjl #ifdef LOGIN_CAP 500 1.93 isaki if (login_getcapbool(lc, "requirehome", 0)) { 501 1.55 enami (void)printf("Home directory %s required\n", 502 1.55 enami pwd->pw_dir); 503 1.95 christos sleepexit(EXIT_FAILURE); 504 1.48 mjl } 505 1.48 mjl #endif 506 1.1 cgd (void)printf("No home directory %s!\n", pwd->pw_dir); 507 1.95 christos if (chdir("/") == -1) 508 1.95 christos exit(EXIT_FAILURE); 509 1.99 christos pwd->pw_dir = __UNCONST("/"); 510 1.1 cgd (void)printf("Logging in with home = \"/\".\n"); 511 1.1 cgd } 512 1.1 cgd 513 1.55 enami if (!quietlog) 514 1.48 mjl quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 515 1.33 hubertf 516 1.33 hubertf /* regain special privileges */ 517 1.33 hubertf (void)seteuid(saved_uid); 518 1.35 hubertf setgroups(nsaved_gids, saved_gids); 519 1.35 hubertf (void)setegid(saved_gid); 520 1.1 cgd 521 1.48 mjl #ifdef LOGIN_CAP 522 1.93 isaki pw_warntime = login_getcaptime(lc, "password-warn", 523 1.93 isaki _PASSWORD_WARNDAYS * SECSPERDAY, 524 1.93 isaki _PASSWORD_WARNDAYS * SECSPERDAY); 525 1.48 mjl #endif 526 1.48 mjl 527 1.98 plunky (void)gettimeofday(&now, NULL); 528 1.40 ross if (pwd->pw_expire) { 529 1.66 christos if (now.tv_sec >= pwd->pw_expire) { 530 1.1 cgd (void)printf("Sorry -- your account has expired.\n"); 531 1.95 christos sleepexit(EXIT_FAILURE); 532 1.66 christos } else if (pwd->pw_expire - now.tv_sec < pw_warntime && 533 1.55 enami !quietlog) 534 1.1 cgd (void)printf("Warning: your account expires on %s", 535 1.1 cgd ctime(&pwd->pw_expire)); 536 1.40 ross } 537 1.40 ross if (pwd->pw_change) { 538 1.30 mycroft if (pwd->pw_change == _PASSWORD_CHGNOW) 539 1.30 mycroft need_chpass = 1; 540 1.66 christos else if (now.tv_sec >= pwd->pw_change) { 541 1.31 mycroft (void)printf("Sorry -- your password has expired.\n"); 542 1.95 christos sleepexit(EXIT_FAILURE); 543 1.66 christos } else if (pwd->pw_change - now.tv_sec < pw_warntime && 544 1.55 enami !quietlog) 545 1.30 mycroft (void)printf("Warning: your password expires on %s", 546 1.30 mycroft ctime(&pwd->pw_change)); 547 1.1 cgd 548 1.40 ross } 549 1.5 cgd /* Nothing else left to fail -- really log in. */ 550 1.97 christos update_db(quietlog, rootlogin, fflag); 551 1.1 cgd 552 1.1 cgd (void)chown(ttyn, pwd->pw_uid, 553 1.1 cgd (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 554 1.15 gwr 555 1.15 gwr if (ttyaction(ttyn, "login", pwd->pw_name)) 556 1.15 gwr (void)printf("Warning: ttyaction failed.\n"); 557 1.15 gwr 558 1.89 wiz #if defined(KERBEROS5) 559 1.10 brezak /* Fork so that we can call kdestroy */ 560 1.89 wiz if (! login_krb5_retain_ccache && has_ccache) 561 1.29 mycroft dofork(); 562 1.10 brezak #endif 563 1.53 mjl 564 1.53 mjl /* Destroy environment unless user has requested its preservation. */ 565 1.53 mjl if (!pflag) 566 1.53 mjl environ = envinit; 567 1.53 mjl 568 1.48 mjl #ifdef LOGIN_CAP 569 1.70 itojun if (nested == NULL && setusercontext(lc, pwd, pwd->pw_uid, 570 1.70 itojun LOGIN_SETLOGIN) != 0) { 571 1.70 itojun syslog(LOG_ERR, "setusercontext failed"); 572 1.95 christos exit(EXIT_FAILURE); 573 1.70 itojun } 574 1.70 itojun if (setusercontext(lc, pwd, pwd->pw_uid, 575 1.70 itojun (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETLOGIN))) != 0) { 576 1.52 mjl syslog(LOG_ERR, "setusercontext failed"); 577 1.95 christos exit(EXIT_FAILURE); 578 1.48 mjl } 579 1.52 mjl #else 580 1.1 cgd (void)setgid(pwd->pw_gid); 581 1.1 cgd 582 1.1 cgd initgroups(username, pwd->pw_gid); 583 1.48 mjl 584 1.70 itojun if (nested == NULL && setlogin(pwd->pw_name) < 0) 585 1.48 mjl syslog(LOG_ERR, "setlogin() failure: %m"); 586 1.48 mjl 587 1.48 mjl /* Discard permissions last so can't get killed and drop core. */ 588 1.48 mjl if (rootlogin) 589 1.48 mjl (void)setuid(0); 590 1.48 mjl else 591 1.48 mjl (void)setuid(pwd->pw_uid); 592 1.52 mjl #endif 593 1.1 cgd 594 1.1 cgd if (*pwd->pw_shell == '\0') 595 1.99 christos pwd->pw_shell = __UNCONST(_PATH_BSHELL); 596 1.48 mjl #ifdef LOGIN_CAP 597 1.55 enami if ((shell = login_getcapstr(lc, "shell", NULL, NULL)) != NULL) { 598 1.55 enami if ((shell = strdup(shell)) == NULL) { 599 1.93 isaki syslog(LOG_ERR, "Cannot alloc mem"); 600 1.95 christos sleepexit(EXIT_FAILURE); 601 1.48 mjl } 602 1.48 mjl pwd->pw_shell = shell; 603 1.48 mjl } 604 1.48 mjl #endif 605 1.48 mjl 606 1.1 cgd (void)setenv("HOME", pwd->pw_dir, 1); 607 1.1 cgd (void)setenv("SHELL", pwd->pw_shell, 1); 608 1.48 mjl if (term[0] == '\0') { 609 1.99 christos const char *tt = stypeof(tty); 610 1.48 mjl #ifdef LOGIN_CAP 611 1.55 enami if (tt == NULL) 612 1.48 mjl tt = login_getcapstr(lc, "term", NULL, NULL); 613 1.48 mjl #endif 614 1.48 mjl /* unknown term -> "su" */ 615 1.71 itojun (void)strlcpy(term, tt != NULL ? tt : "su", sizeof(term)); 616 1.55 enami } 617 1.1 cgd (void)setenv("TERM", term, 0); 618 1.1 cgd (void)setenv("LOGNAME", pwd->pw_name, 1); 619 1.1 cgd (void)setenv("USER", pwd->pw_name, 1); 620 1.51 mjl 621 1.48 mjl #ifdef LOGIN_CAP 622 1.52 mjl setusercontext(lc, pwd, pwd->pw_uid, LOGIN_SETPATH); 623 1.48 mjl #else 624 1.1 cgd (void)setenv("PATH", _PATH_DEFPATH, 0); 625 1.48 mjl #endif 626 1.51 mjl 627 1.10 brezak #ifdef KERBEROS5 628 1.57 aidan if (krb5tkfile_env) 629 1.57 aidan (void)setenv("KRB5CCNAME", krb5tkfile_env, 1); 630 1.10 brezak #endif 631 1.1 cgd 632 1.12 jtc if (tty[sizeof("tty")-1] == 'd') 633 1.12 jtc syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 634 1.12 jtc 635 1.5 cgd /* If fflag is on, assume caller/authenticator has logged root login. */ 636 1.40 ross if (rootlogin && fflag == 0) { 637 1.1 cgd if (hostname) 638 1.1 cgd syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 639 1.1 cgd username, tty, hostname); 640 1.1 cgd else 641 1.55 enami syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", 642 1.55 enami username, tty); 643 1.40 ross } 644 1.1 cgd 645 1.89 wiz #if defined(KERBEROS5) 646 1.60 thorpej if (KERBEROS_CONFIGURED && !quietlog && notickets == 1) 647 1.1 cgd (void)printf("Warning: no Kerberos tickets issued.\n"); 648 1.1 cgd #endif 649 1.1 cgd 650 1.1 cgd if (!quietlog) { 651 1.99 christos const char *fname; 652 1.48 mjl #ifdef LOGIN_CAP 653 1.48 mjl fname = login_getcapstr(lc, "copyright", NULL, NULL); 654 1.55 enami if (fname != NULL && access(fname, F_OK) == 0) 655 1.48 mjl motd(fname); 656 1.48 mjl else 657 1.55 enami #endif 658 1.69 itojun (void)printf("%s", copyrightstr); 659 1.48 mjl 660 1.48 mjl #ifdef LOGIN_CAP 661 1.93 isaki fname = login_getcapstr(lc, "welcome", NULL, NULL); 662 1.93 isaki if (fname == NULL || access(fname, F_OK) != 0) 663 1.48 mjl #endif 664 1.93 isaki fname = _PATH_MOTDFILE; 665 1.93 isaki motd(fname); 666 1.48 mjl 667 1.5 cgd (void)snprintf(tbuf, 668 1.5 cgd sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pwd->pw_name); 669 1.1 cgd if (stat(tbuf, &st) == 0 && st.st_size != 0) 670 1.1 cgd (void)printf("You have %smail.\n", 671 1.1 cgd (st.st_mtime > st.st_atime) ? "new " : ""); 672 1.1 cgd } 673 1.1 cgd 674 1.48 mjl #ifdef LOGIN_CAP 675 1.48 mjl login_close(lc); 676 1.48 mjl #endif 677 1.48 mjl 678 1.1 cgd (void)signal(SIGALRM, SIG_DFL); 679 1.1 cgd (void)signal(SIGQUIT, SIG_DFL); 680 1.1 cgd (void)signal(SIGINT, SIG_DFL); 681 1.1 cgd (void)signal(SIGTSTP, SIG_IGN); 682 1.1 cgd 683 1.1 cgd tbuf[0] = '-'; 684 1.71 itojun (void)strlcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ? 685 1.71 itojun p + 1 : pwd->pw_shell, sizeof(tbuf) - 1); 686 1.1 cgd 687 1.24 lukem /* Wait to change password until we're unprivileged */ 688 1.24 lukem if (need_chpass) { 689 1.29 mycroft if (!require_chpass) 690 1.24 lukem (void)printf( 691 1.24 lukem "Warning: your password has expired. Please change it as soon as possible.\n"); 692 1.29 mycroft else { 693 1.38 mrg int status; 694 1.38 mrg 695 1.29 mycroft (void)printf( 696 1.24 lukem "Your password has expired. Please choose a new one.\n"); 697 1.38 mrg switch (fork()) { 698 1.38 mrg case -1: 699 1.38 mrg warn("fork"); 700 1.95 christos sleepexit(EXIT_FAILURE); 701 1.38 mrg case 0: 702 1.92 mrg execl(_PATH_BINPASSWD, "passwd", NULL); 703 1.95 christos _exit(EXIT_FAILURE); 704 1.38 mrg default: 705 1.38 mrg if (wait(&status) == -1 || 706 1.38 mrg WEXITSTATUS(status)) 707 1.95 christos sleepexit(EXIT_FAILURE); 708 1.38 mrg } 709 1.29 mycroft } 710 1.24 lukem } 711 1.1 cgd 712 1.44 aidan #ifdef KERBEROS5 713 1.57 aidan if (login_krb5_get_tickets) 714 1.57 aidan k5_write_creds(); 715 1.44 aidan #endif 716 1.92 mrg execlp(pwd->pw_shell, tbuf, NULL); 717 1.95 christos err(EXIT_FAILURE, "%s", pwd->pw_shell); 718 1.1 cgd } 719 1.57 aidan 720 1.89 wiz #if defined(KERBEROS5) 721 1.10 brezak /* 722 1.10 brezak * This routine handles cleanup stuff, and the like. 723 1.10 brezak * It exists only in the child process. 724 1.10 brezak */ 725 1.97 christos static void 726 1.80 xtraeme dofork(void) 727 1.10 brezak { 728 1.95 christos pid_t child, wchild; 729 1.38 mrg 730 1.95 christos switch (child = fork()) { 731 1.95 christos case 0: 732 1.38 mrg return; /* Child process */ 733 1.95 christos case -1: 734 1.95 christos err(EXIT_FAILURE, "Can't fork"); 735 1.95 christos /*NOTREACHED*/ 736 1.95 christos default: 737 1.95 christos break; 738 1.95 christos } 739 1.38 mrg 740 1.55 enami /* 741 1.55 enami * Setup stuff? This would be things we could do in parallel 742 1.55 enami * with login 743 1.55 enami */ 744 1.95 christos if (chdir("/") == -1) /* Let's not keep the fs busy... */ 745 1.95 christos err(EXIT_FAILURE, "Can't chdir to `/'"); 746 1.10 brezak 747 1.38 mrg /* If we're the parent, watch the child until it dies */ 748 1.95 christos while ((wchild = wait(NULL)) != child) 749 1.95 christos if (wchild == -1) 750 1.95 christos err(EXIT_FAILURE, "Can't wait"); 751 1.10 brezak 752 1.38 mrg /* Cleanup stuff */ 753 1.38 mrg /* Run kdestroy to destroy tickets */ 754 1.57 aidan if (login_krb5_get_tickets) 755 1.57 aidan k5destroy(); 756 1.10 brezak 757 1.38 mrg /* Leave */ 758 1.95 christos exit(EXIT_SUCCESS); 759 1.10 brezak } 760 1.1 cgd #endif 761 1.1 cgd 762 1.97 christos static void 763 1.80 xtraeme checknologin(char *fname) 764 1.1 cgd { 765 1.12 jtc int fd, nchars; 766 1.1 cgd char tbuf[8192]; 767 1.1 cgd 768 1.48 mjl if ((fd = open(fname ? fname : _PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 769 1.1 cgd while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 770 1.1 cgd (void)write(fileno(stdout), tbuf, nchars); 771 1.95 christos sleepexit(EXIT_SUCCESS); 772 1.1 cgd } 773 1.1 cgd } 774 1.1 cgd 775 1.66 christos static void 776 1.80 xtraeme usage(void) 777 1.79 christos { 778 1.79 christos (void)fprintf(stderr, 779 1.79 christos "Usage: %s [-Ffps] [-a address] [-h hostname] [username]\n", 780 1.79 christos getprogname()); 781 1.95 christos exit(EXIT_FAILURE); 782 1.79 christos } 783
Indexes created Tue Sep 30 20:09:53 GMT 2025