login.c revision 1.99
1 1.99 christos /* $NetBSD: login.c,v 1.99 2012/04/22 23:26:19 christos Exp $ */ 2 1.12 jtc 3 1.1 cgd /*- 4 1.12 jtc * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 5 1.10 brezak * The Regents of the University of California. All rights reserved. 6 1.1 cgd * 7 1.1 cgd * Redistribution and use in source and binary forms, with or without 8 1.1 cgd * modification, are permitted provided that the following conditions 9 1.1 cgd * are met: 10 1.1 cgd * 1. Redistributions of source code must retain the above copyright 11 1.1 cgd * notice, this list of conditions and the following disclaimer. 12 1.1 cgd * 2. Redistributions in binary form must reproduce the above copyright 13 1.1 cgd * notice, this list of conditions and the following disclaimer in the 14 1.1 cgd * documentation and/or other materials provided with the distribution. 15 1.73 agc * 3. Neither the name of the University nor the names of its contributors 16 1.1 cgd * may be used to endorse or promote products derived from this software 17 1.1 cgd * without specific prior written permission. 18 1.1 cgd * 19 1.1 cgd * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 1.1 cgd * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 1.1 cgd * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 1.1 cgd * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 1.1 cgd * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 1.1 cgd * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 1.1 cgd * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 1.1 cgd * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 1.1 cgd * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 1.1 cgd * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 1.1 cgd * SUCH DAMAGE. 30 1.1 cgd */ 31 1.1 cgd 32 1.24 lukem #include <sys/cdefs.h> 33 1.1 cgd #ifndef lint 34 1.96 lukem __COPYRIGHT("@(#) Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994\ 35 1.96 lukem The Regents of the University of California. All rights reserved."); 36 1.1 cgd #endif /* not lint */ 37 1.1 cgd 38 1.1 cgd #ifndef lint 39 1.12 jtc #if 0 40 1.12 jtc static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; 41 1.12 jtc #endif 42 1.99 christos __RCSID("$NetBSD: login.c,v 1.99 2012/04/22 23:26:19 christos Exp $"); 43 1.1 cgd #endif /* not lint */ 44 1.1 cgd 45 1.1 cgd /* 46 1.1 cgd * login [ name ] 47 1.1 cgd * login -h hostname (for telnetd, etc.) 48 1.1 cgd * login -f name (for pre-authenticated login: datakit, xterm, etc.) 49 1.1 cgd */ 50 1.1 cgd 51 1.1 cgd #include <sys/param.h> 52 1.1 cgd #include <sys/stat.h> 53 1.1 cgd #include <sys/time.h> 54 1.1 cgd #include <sys/resource.h> 55 1.1 cgd #include <sys/file.h> 56 1.38 mrg #include <sys/wait.h> 57 1.67 christos #include <sys/socket.h> 58 1.1 cgd 59 1.12 jtc #include <err.h> 60 1.5 cgd #include <errno.h> 61 1.1 cgd #include <grp.h> 62 1.1 cgd #include <pwd.h> 63 1.12 jtc #include <setjmp.h> 64 1.12 jtc #include <signal.h> 65 1.19 veego #include <stdio.h> 66 1.5 cgd #include <stdlib.h> 67 1.1 cgd #include <string.h> 68 1.12 jtc #include <syslog.h> 69 1.36 kleink #include <time.h> 70 1.12 jtc #include <ttyent.h> 71 1.12 jtc #include <tzfile.h> 72 1.12 jtc #include <unistd.h> 73 1.95 christos #include <sysexits.h> 74 1.67 christos #ifdef SUPPORT_UTMP 75 1.12 jtc #include <utmp.h> 76 1.66 christos #endif 77 1.67 christos #ifdef SUPPORT_UTMPX 78 1.66 christos #include <utmpx.h> 79 1.66 christos #endif 80 1.13 jtc #include <util.h> 81 1.29 mycroft #ifdef SKEY 82 1.29 mycroft #include <skey.h> 83 1.29 mycroft #endif 84 1.25 mycroft #ifdef KERBEROS5 85 1.45 christos #include <krb5/krb5.h> 86 1.99 christos #include <krb5/com_err.h> 87 1.25 mycroft #endif 88 1.48 mjl #ifdef LOGIN_CAP 89 1.48 mjl #include <login_cap.h> 90 1.48 mjl #endif 91 1.79 christos #include <vis.h> 92 1.25 mycroft 93 1.1 cgd #include "pathnames.h" 94 1.97 christos #include "common.h" 95 1.1 cgd 96 1.57 aidan #ifdef KERBEROS5 97 1.57 aidan int login_krb5_forwardable_tgt = 0; 98 1.97 christos static int login_krb5_get_tickets = 1; 99 1.97 christos static int login_krb5_retain_ccache = 0; 100 1.57 aidan #endif 101 1.57 aidan 102 1.97 christos static void checknologin(char *); 103 1.44 aidan #ifdef KERBEROS5 104 1.81 xtraeme int k5login(struct passwd *, char *, char *, char *); 105 1.81 xtraeme void k5destroy(void); 106 1.99 christos int k5_read_creds(const char *); 107 1.81 xtraeme int k5_write_creds(void); 108 1.57 aidan #endif 109 1.89 wiz #if defined(KERBEROS5) 110 1.97 christos static void dofork(void); 111 1.44 aidan #endif 112 1.97 christos static void usage(void); 113 1.12 jtc 114 1.1 cgd #define TTYGRPNAME "tty" /* name of group to own ttys */ 115 1.1 cgd 116 1.50 mjl #define DEFAULT_BACKOFF 3 117 1.50 mjl #define DEFAULT_RETRIES 10 118 1.48 mjl 119 1.89 wiz #if defined(KERBEROS5) 120 1.57 aidan int has_ccache = 0; 121 1.97 christos static int notickets = 1; 122 1.97 christos static char *instance; 123 1.25 mycroft extern krb5_context kcontext; 124 1.44 aidan extern int have_forward; 125 1.57 aidan extern char *krb5tkfile_env; 126 1.60 thorpej extern int krb5_configured; 127 1.60 thorpej #endif 128 1.60 thorpej 129 1.89 wiz #if defined(KERBEROS5) 130 1.60 thorpej #define KERBEROS_CONFIGURED krb5_configured 131 1.25 mycroft #endif 132 1.1 cgd 133 1.97 christos extern char **environ; 134 1.34 thorpej 135 1.5 cgd int 136 1.80 xtraeme main(int argc, char *argv[]) 137 1.1 cgd { 138 1.5 cgd struct group *gr; 139 1.5 cgd struct stat st; 140 1.29 mycroft int ask, ch, cnt, fflag, hflag, pflag, sflag, quietlog, rootlogin, rval; 141 1.44 aidan int Fflag; 142 1.33 hubertf uid_t uid, saved_uid; 143 1.35 hubertf gid_t saved_gid, saved_gids[NGROUPS_MAX]; 144 1.35 hubertf int nsaved_gids; 145 1.99 christos char *domain, *p, *ttyn; 146 1.99 christos const char *pwprompt; 147 1.1 cgd char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 148 1.37 mrg char localhost[MAXHOSTNAMELEN + 1]; 149 1.29 mycroft int need_chpass, require_chpass; 150 1.48 mjl int login_retries = DEFAULT_RETRIES, 151 1.48 mjl login_backoff = DEFAULT_BACKOFF; 152 1.48 mjl time_t pw_warntime = _PASSWORD_WARNDAYS * SECSPERDAY; 153 1.25 mycroft #ifdef KERBEROS5 154 1.25 mycroft krb5_error_code kerror; 155 1.25 mycroft #endif 156 1.89 wiz #if defined(KERBEROS5) 157 1.57 aidan int got_tickets = 0; 158 1.57 aidan #endif 159 1.48 mjl #ifdef LOGIN_CAP 160 1.49 mjl char *shell = NULL; 161 1.48 mjl login_cap_t *lc = NULL; 162 1.48 mjl #endif 163 1.1 cgd 164 1.20 lukem tbuf[0] = '\0'; 165 1.20 lukem rval = 0; 166 1.20 lukem pwprompt = NULL; 167 1.70 itojun nested = NULL; 168 1.29 mycroft need_chpass = require_chpass = 0; 169 1.20 lukem 170 1.1 cgd (void)signal(SIGALRM, timedout); 171 1.12 jtc (void)alarm(timeout); 172 1.1 cgd (void)signal(SIGQUIT, SIG_IGN); 173 1.1 cgd (void)signal(SIGINT, SIG_IGN); 174 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, 0); 175 1.1 cgd 176 1.63 lukem openlog("login", 0, LOG_AUTH); 177 1.1 cgd 178 1.1 cgd /* 179 1.1 cgd * -p is used by getty to tell login not to destroy the environment 180 1.5 cgd * -f is used to skip a second login authentication 181 1.66 christos * -h is used by other servers to pass the name of the remote host to 182 1.66 christos * login so that it may be placed in utmp/utmpx and wtmp/wtmpx 183 1.87 jnemeth * -a in addition to -h, a server may supply -a to pass the actual 184 1.79 christos * server address. 185 1.20 lukem * -s is used to force use of S/Key or equivalent. 186 1.1 cgd */ 187 1.1 cgd domain = NULL; 188 1.1 cgd if (gethostname(localhost, sizeof(localhost)) < 0) 189 1.1 cgd syslog(LOG_ERR, "couldn't get local hostname: %m"); 190 1.1 cgd else 191 1.12 jtc domain = strchr(localhost, '.'); 192 1.37 mrg localhost[sizeof(localhost) - 1] = '\0'; 193 1.1 cgd 194 1.44 aidan Fflag = fflag = hflag = pflag = sflag = 0; 195 1.79 christos have_ss = 0; 196 1.44 aidan #ifdef KERBEROS5 197 1.44 aidan have_forward = 0; 198 1.44 aidan #endif 199 1.1 cgd uid = getuid(); 200 1.79 christos while ((ch = getopt(argc, argv, "a:Ffh:ps")) != -1) 201 1.1 cgd switch (ch) { 202 1.79 christos case 'a': 203 1.79 christos if (uid) 204 1.95 christos errx(EXIT_FAILURE, "-a option: %s", strerror(EPERM)); 205 1.79 christos decode_ss(optarg); 206 1.82 christos #ifdef notdef 207 1.82 christos (void)sockaddr_snprintf(optarg, 208 1.82 christos sizeof(struct sockaddr_storage), "%a", (void *)&ss); 209 1.82 christos #endif 210 1.79 christos break; 211 1.44 aidan case 'F': 212 1.44 aidan Fflag = 1; 213 1.44 aidan /* FALLTHROUGH */ 214 1.1 cgd case 'f': 215 1.1 cgd fflag = 1; 216 1.1 cgd break; 217 1.1 cgd case 'h': 218 1.12 jtc if (uid) 219 1.95 christos errx(EXIT_FAILURE, "-h option: %s", strerror(EPERM)); 220 1.1 cgd hflag = 1; 221 1.79 christos #ifdef notdef 222 1.23 mikel if (domain && (p = strchr(optarg, '.')) != NULL && 223 1.1 cgd strcasecmp(p, domain) == 0) 224 1.79 christos *p = '\0'; 225 1.79 christos #endif 226 1.1 cgd hostname = optarg; 227 1.1 cgd break; 228 1.1 cgd case 'p': 229 1.1 cgd pflag = 1; 230 1.1 cgd break; 231 1.20 lukem case 's': 232 1.29 mycroft sflag = 1; 233 1.20 lukem break; 234 1.29 mycroft default: 235 1.1 cgd case '?': 236 1.79 christos usage(); 237 1.79 christos break; 238 1.1 cgd } 239 1.82 christos 240 1.82 christos setproctitle(NULL); 241 1.1 cgd argc -= optind; 242 1.1 cgd argv += optind; 243 1.5 cgd 244 1.1 cgd if (*argv) { 245 1.99 christos username = instance = *argv; 246 1.1 cgd ask = 0; 247 1.1 cgd } else 248 1.1 cgd ask = 1; 249 1.1 cgd 250 1.82 christos #ifdef F_CLOSEM 251 1.82 christos (void)fcntl(3, F_CLOSEM, 0); 252 1.82 christos #else 253 1.1 cgd for (cnt = getdtablesize(); cnt > 2; cnt--) 254 1.5 cgd (void)close(cnt); 255 1.82 christos #endif 256 1.1 cgd 257 1.5 cgd ttyn = ttyname(STDIN_FILENO); 258 1.1 cgd if (ttyn == NULL || *ttyn == '\0') { 259 1.5 cgd (void)snprintf(tname, sizeof(tname), "%s??", _PATH_TTY); 260 1.1 cgd ttyn = tname; 261 1.1 cgd } 262 1.82 christos if ((tty = strstr(ttyn, "/pts/")) != NULL) 263 1.82 christos ++tty; 264 1.82 christos else if ((tty = strrchr(ttyn, '/')) != NULL) 265 1.1 cgd ++tty; 266 1.1 cgd else 267 1.1 cgd tty = ttyn; 268 1.25 mycroft 269 1.70 itojun if (issetugid()) { 270 1.70 itojun nested = strdup(user_from_uid(getuid(), 0)); 271 1.70 itojun if (nested == NULL) { 272 1.93 isaki syslog(LOG_ERR, "strdup: %m"); 273 1.95 christos sleepexit(EXIT_FAILURE); 274 1.70 itojun } 275 1.70 itojun } 276 1.70 itojun 277 1.48 mjl #ifdef LOGIN_CAP 278 1.48 mjl /* Get "login-retries" and "login-backoff" from default class */ 279 1.55 enami if ((lc = login_getclass(NULL)) != NULL) { 280 1.55 enami login_retries = (int)login_getcapnum(lc, "login-retries", 281 1.55 enami DEFAULT_RETRIES, DEFAULT_RETRIES); 282 1.55 enami login_backoff = (int)login_getcapnum(lc, "login-backoff", 283 1.55 enami DEFAULT_BACKOFF, DEFAULT_BACKOFF); 284 1.48 mjl login_close(lc); 285 1.48 mjl lc = NULL; 286 1.55 enami } 287 1.48 mjl #endif 288 1.48 mjl 289 1.25 mycroft #ifdef KERBEROS5 290 1.25 mycroft kerror = krb5_init_context(&kcontext); 291 1.25 mycroft if (kerror) { 292 1.61 thorpej /* 293 1.61 thorpej * If Kerberos is not configured, that is, we are 294 1.61 thorpej * not using Kerberos, do not log the error message. 295 1.61 thorpej * However, if Kerberos is configured, and the 296 1.61 thorpej * context init fails for some other reason, we need 297 1.61 thorpej * to issue a no tickets warning to the user when the 298 1.61 thorpej * login succeeds. 299 1.61 thorpej */ 300 1.61 thorpej if (kerror != ENXIO) { /* XXX NetBSD-local Heimdal hack */ 301 1.61 thorpej syslog(LOG_NOTICE, 302 1.61 thorpej "%s when initializing Kerberos context", 303 1.61 thorpej error_message(kerror)); 304 1.61 thorpej krb5_configured = 1; 305 1.61 thorpej } 306 1.57 aidan login_krb5_get_tickets = 0; 307 1.58 aidan } 308 1.64 cgd #endif /* KERBEROS5 */ 309 1.1 cgd 310 1.1 cgd for (cnt = 0;; ask = 1) { 311 1.99 christos char *ptr; 312 1.57 aidan #if defined(KERBEROS5) 313 1.57 aidan if (login_krb5_get_tickets) 314 1.57 aidan k5destroy(); 315 1.57 aidan #endif 316 1.1 cgd if (ask) { 317 1.1 cgd fflag = 0; 318 1.99 christos instance = getloginname(); 319 1.1 cgd } 320 1.5 cgd rootlogin = 0; 321 1.99 christos ptr = instance; 322 1.10 brezak #ifdef KERBEROS5 323 1.99 christos if ((instance = strchr(instance, '/')) != NULL) 324 1.10 brezak *instance++ = '\0'; 325 1.29 mycroft else 326 1.99 christos instance = __UNCONST(""); 327 1.10 brezak #endif 328 1.99 christos username = trimloginname(ptr); 329 1.1 cgd /* 330 1.1 cgd * Note if trying multiple user names; log failures for 331 1.1 cgd * previous user name, but don't bother logging one failure 332 1.1 cgd * for nonexistent name (mistyped username). 333 1.1 cgd */ 334 1.1 cgd if (failures && strcmp(tbuf, username)) { 335 1.1 cgd if (failures > (pwd ? 0 : 1)) 336 1.1 cgd badlogin(tbuf); 337 1.1 cgd failures = 0; 338 1.1 cgd } 339 1.71 itojun (void)strlcpy(tbuf, username, sizeof(tbuf)); 340 1.1 cgd 341 1.90 hubertf pwd = getpwnam(username); 342 1.1 cgd 343 1.48 mjl #ifdef LOGIN_CAP 344 1.48 mjl /* 345 1.48 mjl * Establish the class now, before we might goto 346 1.48 mjl * within the next block. pwd can be NULL since it 347 1.52 mjl * falls back to the "default" class if it is. 348 1.52 mjl */ 349 1.52 mjl lc = login_getclass(pwd ? pwd->pw_class : NULL); 350 1.48 mjl #endif 351 1.1 cgd /* 352 1.1 cgd * if we have a valid account name, and it doesn't have a 353 1.1 cgd * password, or the -f option was specified and the caller 354 1.1 cgd * is root or the caller isn't changing their uid, don't 355 1.1 cgd * authenticate. 356 1.1 cgd */ 357 1.7 mycroft if (pwd) { 358 1.7 mycroft if (pwd->pw_uid == 0) 359 1.7 mycroft rootlogin = 1; 360 1.7 mycroft 361 1.8 mycroft if (fflag && (uid == 0 || uid == pwd->pw_uid)) { 362 1.7 mycroft /* already authenticated */ 363 1.44 aidan #ifdef KERBEROS5 364 1.57 aidan if (login_krb5_get_tickets && Fflag) 365 1.44 aidan k5_read_creds(username); 366 1.44 aidan #endif 367 1.7 mycroft break; 368 1.7 mycroft } else if (pwd->pw_passwd[0] == '\0') { 369 1.7 mycroft /* pretend password okay */ 370 1.7 mycroft rval = 0; 371 1.7 mycroft goto ttycheck; 372 1.7 mycroft } 373 1.7 mycroft } 374 1.7 mycroft 375 1.1 cgd fflag = 0; 376 1.1 cgd 377 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, -4); 378 1.1 cgd 379 1.27 mycroft #ifdef SKEY 380 1.29 mycroft if (skey_haskey(username) == 0) { 381 1.29 mycroft static char skprompt[80]; 382 1.59 thorpej const char *skinfo = skey_keyinfo(username); 383 1.20 lukem 384 1.75 itojun (void)snprintf(skprompt, sizeof(skprompt), 385 1.83 tron "Password [ %s ]:", 386 1.29 mycroft skinfo ? skinfo : "error getting challenge"); 387 1.29 mycroft pwprompt = skprompt; 388 1.29 mycroft } else 389 1.27 mycroft #endif 390 1.29 mycroft pwprompt = "Password:"; 391 1.27 mycroft 392 1.29 mycroft p = getpass(pwprompt); 393 1.1 cgd 394 1.29 mycroft if (pwd == NULL) { 395 1.29 mycroft rval = 1; 396 1.29 mycroft goto skip; 397 1.29 mycroft } 398 1.29 mycroft #ifdef KERBEROS5 399 1.57 aidan if (login_krb5_get_tickets && 400 1.57 aidan k5login(pwd, instance, localhost, p) == 0) { 401 1.29 mycroft rval = 0; 402 1.57 aidan got_tickets = 1; 403 1.57 aidan } 404 1.57 aidan #endif 405 1.89 wiz #if defined(KERBEROS5) 406 1.57 aidan if (got_tickets) 407 1.29 mycroft goto skip; 408 1.29 mycroft #endif 409 1.20 lukem #ifdef SKEY 410 1.29 mycroft if (skey_haskey(username) == 0 && 411 1.29 mycroft skey_passcheck(username, p) != -1) { 412 1.29 mycroft rval = 0; 413 1.29 mycroft goto skip; 414 1.29 mycroft } 415 1.20 lukem #endif 416 1.29 mycroft if (!sflag && *pwd->pw_passwd != '\0' && 417 1.29 mycroft !strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd)) { 418 1.29 mycroft rval = 0; 419 1.29 mycroft require_chpass = 1; 420 1.29 mycroft goto skip; 421 1.29 mycroft } 422 1.29 mycroft rval = 1; 423 1.29 mycroft 424 1.29 mycroft skip: 425 1.29 mycroft memset(p, 0, strlen(p)); 426 1.1 cgd 427 1.1 cgd (void)setpriority(PRIO_PROCESS, 0, 0); 428 1.1 cgd 429 1.7 mycroft ttycheck: 430 1.1 cgd /* 431 1.1 cgd * If trying to log in as root without Kerberos, 432 1.1 cgd * but with insecure terminal, refuse the login attempt. 433 1.1 cgd */ 434 1.7 mycroft if (pwd && !rval && rootlogin && !rootterm(tty)) { 435 1.87 jnemeth (void)printf("Login incorrect or refused on this " 436 1.87 jnemeth "terminal.\n"); 437 1.1 cgd if (hostname) 438 1.1 cgd syslog(LOG_NOTICE, 439 1.1 cgd "LOGIN %s REFUSED FROM %s ON TTY %s", 440 1.1 cgd pwd->pw_name, hostname, tty); 441 1.1 cgd else 442 1.1 cgd syslog(LOG_NOTICE, 443 1.1 cgd "LOGIN %s REFUSED ON TTY %s", 444 1.1 cgd pwd->pw_name, tty); 445 1.1 cgd continue; 446 1.1 cgd } 447 1.1 cgd 448 1.1 cgd if (pwd && !rval) 449 1.1 cgd break; 450 1.1 cgd 451 1.87 jnemeth (void)printf("Login incorrect or refused on this " 452 1.87 jnemeth "terminal.\n"); 453 1.1 cgd failures++; 454 1.48 mjl cnt++; 455 1.88 jnemeth /* 456 1.88 jnemeth * We allow login_retries tries, but after login_backoff 457 1.88 jnemeth * we start backing off. These default to 10 and 3 458 1.88 jnemeth * respectively. 459 1.88 jnemeth */ 460 1.50 mjl if (cnt > login_backoff) { 461 1.48 mjl if (cnt >= login_retries) { 462 1.1 cgd badlogin(username); 463 1.95 christos sleepexit(EXIT_FAILURE); 464 1.1 cgd } 465 1.88 jnemeth sleep((u_int)((cnt - login_backoff) * 5)); 466 1.1 cgd } 467 1.1 cgd } 468 1.1 cgd 469 1.1 cgd /* committed to login -- turn off timeout */ 470 1.1 cgd (void)alarm((u_int)0); 471 1.1 cgd 472 1.1 cgd endpwent(); 473 1.1 cgd 474 1.1 cgd /* if user not super-user, check for disabled logins */ 475 1.48 mjl #ifdef LOGIN_CAP 476 1.93 isaki if (!login_getcapbool(lc, "ignorenologin", rootlogin)) 477 1.52 mjl checknologin(login_getcapstr(lc, "nologin", NULL, NULL)); 478 1.48 mjl #else 479 1.93 isaki if (!rootlogin) 480 1.93 isaki checknologin(NULL); 481 1.48 mjl #endif 482 1.1 cgd 483 1.48 mjl #ifdef LOGIN_CAP 484 1.93 isaki quietlog = login_getcapbool(lc, "hushlogin", 0); 485 1.48 mjl #else 486 1.93 isaki quietlog = 0; 487 1.48 mjl #endif 488 1.33 hubertf /* Temporarily give up special privileges so we can change */ 489 1.33 hubertf /* into NFS-mounted homes that are exported for non-root */ 490 1.33 hubertf /* access and have mode 7x0 */ 491 1.33 hubertf saved_uid = geteuid(); 492 1.35 hubertf saved_gid = getegid(); 493 1.35 hubertf nsaved_gids = getgroups(NGROUPS_MAX, saved_gids); 494 1.35 hubertf 495 1.35 hubertf (void)setegid(pwd->pw_gid); 496 1.35 hubertf initgroups(username, pwd->pw_gid); 497 1.35 hubertf (void)seteuid(pwd->pw_uid); 498 1.33 hubertf 499 1.1 cgd if (chdir(pwd->pw_dir) < 0) { 500 1.48 mjl #ifdef LOGIN_CAP 501 1.93 isaki if (login_getcapbool(lc, "requirehome", 0)) { 502 1.55 enami (void)printf("Home directory %s required\n", 503 1.55 enami pwd->pw_dir); 504 1.95 christos sleepexit(EXIT_FAILURE); 505 1.48 mjl } 506 1.48 mjl #endif 507 1.1 cgd (void)printf("No home directory %s!\n", pwd->pw_dir); 508 1.95 christos if (chdir("/") == -1) 509 1.95 christos exit(EXIT_FAILURE); 510 1.99 christos pwd->pw_dir = __UNCONST("/"); 511 1.1 cgd (void)printf("Logging in with home = \"/\".\n"); 512 1.1 cgd } 513 1.1 cgd 514 1.55 enami if (!quietlog) 515 1.48 mjl quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 516 1.33 hubertf 517 1.33 hubertf /* regain special privileges */ 518 1.33 hubertf (void)seteuid(saved_uid); 519 1.35 hubertf setgroups(nsaved_gids, saved_gids); 520 1.35 hubertf (void)setegid(saved_gid); 521 1.1 cgd 522 1.48 mjl #ifdef LOGIN_CAP 523 1.93 isaki pw_warntime = login_getcaptime(lc, "password-warn", 524 1.93 isaki _PASSWORD_WARNDAYS * SECSPERDAY, 525 1.93 isaki _PASSWORD_WARNDAYS * SECSPERDAY); 526 1.48 mjl #endif 527 1.48 mjl 528 1.98 plunky (void)gettimeofday(&now, NULL); 529 1.40 ross if (pwd->pw_expire) { 530 1.66 christos if (now.tv_sec >= pwd->pw_expire) { 531 1.1 cgd (void)printf("Sorry -- your account has expired.\n"); 532 1.95 christos sleepexit(EXIT_FAILURE); 533 1.66 christos } else if (pwd->pw_expire - now.tv_sec < pw_warntime && 534 1.55 enami !quietlog) 535 1.1 cgd (void)printf("Warning: your account expires on %s", 536 1.1 cgd ctime(&pwd->pw_expire)); 537 1.40 ross } 538 1.40 ross if (pwd->pw_change) { 539 1.30 mycroft if (pwd->pw_change == _PASSWORD_CHGNOW) 540 1.30 mycroft need_chpass = 1; 541 1.66 christos else if (now.tv_sec >= pwd->pw_change) { 542 1.31 mycroft (void)printf("Sorry -- your password has expired.\n"); 543 1.95 christos sleepexit(EXIT_FAILURE); 544 1.66 christos } else if (pwd->pw_change - now.tv_sec < pw_warntime && 545 1.55 enami !quietlog) 546 1.30 mycroft (void)printf("Warning: your password expires on %s", 547 1.30 mycroft ctime(&pwd->pw_change)); 548 1.1 cgd 549 1.40 ross } 550 1.5 cgd /* Nothing else left to fail -- really log in. */ 551 1.97 christos update_db(quietlog, rootlogin, fflag); 552 1.1 cgd 553 1.1 cgd (void)chown(ttyn, pwd->pw_uid, 554 1.1 cgd (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 555 1.15 gwr 556 1.15 gwr if (ttyaction(ttyn, "login", pwd->pw_name)) 557 1.15 gwr (void)printf("Warning: ttyaction failed.\n"); 558 1.15 gwr 559 1.89 wiz #if defined(KERBEROS5) 560 1.10 brezak /* Fork so that we can call kdestroy */ 561 1.89 wiz if (! login_krb5_retain_ccache && has_ccache) 562 1.29 mycroft dofork(); 563 1.10 brezak #endif 564 1.53 mjl 565 1.53 mjl /* Destroy environment unless user has requested its preservation. */ 566 1.53 mjl if (!pflag) 567 1.53 mjl environ = envinit; 568 1.53 mjl 569 1.48 mjl #ifdef LOGIN_CAP 570 1.70 itojun if (nested == NULL && setusercontext(lc, pwd, pwd->pw_uid, 571 1.70 itojun LOGIN_SETLOGIN) != 0) { 572 1.70 itojun syslog(LOG_ERR, "setusercontext failed"); 573 1.95 christos exit(EXIT_FAILURE); 574 1.70 itojun } 575 1.70 itojun if (setusercontext(lc, pwd, pwd->pw_uid, 576 1.70 itojun (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETLOGIN))) != 0) { 577 1.52 mjl syslog(LOG_ERR, "setusercontext failed"); 578 1.95 christos exit(EXIT_FAILURE); 579 1.48 mjl } 580 1.52 mjl #else 581 1.1 cgd (void)setgid(pwd->pw_gid); 582 1.1 cgd 583 1.1 cgd initgroups(username, pwd->pw_gid); 584 1.48 mjl 585 1.70 itojun if (nested == NULL && setlogin(pwd->pw_name) < 0) 586 1.48 mjl syslog(LOG_ERR, "setlogin() failure: %m"); 587 1.48 mjl 588 1.48 mjl /* Discard permissions last so can't get killed and drop core. */ 589 1.48 mjl if (rootlogin) 590 1.48 mjl (void)setuid(0); 591 1.48 mjl else 592 1.48 mjl (void)setuid(pwd->pw_uid); 593 1.52 mjl #endif 594 1.1 cgd 595 1.1 cgd if (*pwd->pw_shell == '\0') 596 1.99 christos pwd->pw_shell = __UNCONST(_PATH_BSHELL); 597 1.48 mjl #ifdef LOGIN_CAP 598 1.55 enami if ((shell = login_getcapstr(lc, "shell", NULL, NULL)) != NULL) { 599 1.55 enami if ((shell = strdup(shell)) == NULL) { 600 1.93 isaki syslog(LOG_ERR, "Cannot alloc mem"); 601 1.95 christos sleepexit(EXIT_FAILURE); 602 1.48 mjl } 603 1.48 mjl pwd->pw_shell = shell; 604 1.48 mjl } 605 1.48 mjl #endif 606 1.48 mjl 607 1.1 cgd (void)setenv("HOME", pwd->pw_dir, 1); 608 1.1 cgd (void)setenv("SHELL", pwd->pw_shell, 1); 609 1.48 mjl if (term[0] == '\0') { 610 1.99 christos const char *tt = stypeof(tty); 611 1.48 mjl #ifdef LOGIN_CAP 612 1.55 enami if (tt == NULL) 613 1.48 mjl tt = login_getcapstr(lc, "term", NULL, NULL); 614 1.48 mjl #endif 615 1.48 mjl /* unknown term -> "su" */ 616 1.71 itojun (void)strlcpy(term, tt != NULL ? tt : "su", sizeof(term)); 617 1.55 enami } 618 1.1 cgd (void)setenv("TERM", term, 0); 619 1.1 cgd (void)setenv("LOGNAME", pwd->pw_name, 1); 620 1.1 cgd (void)setenv("USER", pwd->pw_name, 1); 621 1.51 mjl 622 1.48 mjl #ifdef LOGIN_CAP 623 1.52 mjl setusercontext(lc, pwd, pwd->pw_uid, LOGIN_SETPATH); 624 1.48 mjl #else 625 1.1 cgd (void)setenv("PATH", _PATH_DEFPATH, 0); 626 1.48 mjl #endif 627 1.51 mjl 628 1.10 brezak #ifdef KERBEROS5 629 1.57 aidan if (krb5tkfile_env) 630 1.57 aidan (void)setenv("KRB5CCNAME", krb5tkfile_env, 1); 631 1.10 brezak #endif 632 1.1 cgd 633 1.12 jtc if (tty[sizeof("tty")-1] == 'd') 634 1.12 jtc syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 635 1.12 jtc 636 1.5 cgd /* If fflag is on, assume caller/authenticator has logged root login. */ 637 1.40 ross if (rootlogin && fflag == 0) { 638 1.1 cgd if (hostname) 639 1.1 cgd syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 640 1.1 cgd username, tty, hostname); 641 1.1 cgd else 642 1.55 enami syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", 643 1.55 enami username, tty); 644 1.40 ross } 645 1.1 cgd 646 1.89 wiz #if defined(KERBEROS5) 647 1.60 thorpej if (KERBEROS_CONFIGURED && !quietlog && notickets == 1) 648 1.1 cgd (void)printf("Warning: no Kerberos tickets issued.\n"); 649 1.1 cgd #endif 650 1.1 cgd 651 1.1 cgd if (!quietlog) { 652 1.99 christos const char *fname; 653 1.48 mjl #ifdef LOGIN_CAP 654 1.48 mjl fname = login_getcapstr(lc, "copyright", NULL, NULL); 655 1.55 enami if (fname != NULL && access(fname, F_OK) == 0) 656 1.48 mjl motd(fname); 657 1.48 mjl else 658 1.55 enami #endif 659 1.69 itojun (void)printf("%s", copyrightstr); 660 1.48 mjl 661 1.48 mjl #ifdef LOGIN_CAP 662 1.93 isaki fname = login_getcapstr(lc, "welcome", NULL, NULL); 663 1.93 isaki if (fname == NULL || access(fname, F_OK) != 0) 664 1.48 mjl #endif 665 1.93 isaki fname = _PATH_MOTDFILE; 666 1.93 isaki motd(fname); 667 1.48 mjl 668 1.5 cgd (void)snprintf(tbuf, 669 1.5 cgd sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pwd->pw_name); 670 1.1 cgd if (stat(tbuf, &st) == 0 && st.st_size != 0) 671 1.1 cgd (void)printf("You have %smail.\n", 672 1.1 cgd (st.st_mtime > st.st_atime) ? "new " : ""); 673 1.1 cgd } 674 1.1 cgd 675 1.48 mjl #ifdef LOGIN_CAP 676 1.48 mjl login_close(lc); 677 1.48 mjl #endif 678 1.48 mjl 679 1.1 cgd (void)signal(SIGALRM, SIG_DFL); 680 1.1 cgd (void)signal(SIGQUIT, SIG_DFL); 681 1.1 cgd (void)signal(SIGINT, SIG_DFL); 682 1.1 cgd (void)signal(SIGTSTP, SIG_IGN); 683 1.1 cgd 684 1.1 cgd tbuf[0] = '-'; 685 1.71 itojun (void)strlcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ? 686 1.71 itojun p + 1 : pwd->pw_shell, sizeof(tbuf) - 1); 687 1.1 cgd 688 1.24 lukem /* Wait to change password until we're unprivileged */ 689 1.24 lukem if (need_chpass) { 690 1.29 mycroft if (!require_chpass) 691 1.24 lukem (void)printf( 692 1.24 lukem "Warning: your password has expired. Please change it as soon as possible.\n"); 693 1.29 mycroft else { 694 1.38 mrg int status; 695 1.38 mrg 696 1.29 mycroft (void)printf( 697 1.24 lukem "Your password has expired. Please choose a new one.\n"); 698 1.38 mrg switch (fork()) { 699 1.38 mrg case -1: 700 1.38 mrg warn("fork"); 701 1.95 christos sleepexit(EXIT_FAILURE); 702 1.38 mrg case 0: 703 1.92 mrg execl(_PATH_BINPASSWD, "passwd", NULL); 704 1.95 christos _exit(EXIT_FAILURE); 705 1.38 mrg default: 706 1.38 mrg if (wait(&status) == -1 || 707 1.38 mrg WEXITSTATUS(status)) 708 1.95 christos sleepexit(EXIT_FAILURE); 709 1.38 mrg } 710 1.29 mycroft } 711 1.24 lukem } 712 1.1 cgd 713 1.44 aidan #ifdef KERBEROS5 714 1.57 aidan if (login_krb5_get_tickets) 715 1.57 aidan k5_write_creds(); 716 1.44 aidan #endif 717 1.92 mrg execlp(pwd->pw_shell, tbuf, NULL); 718 1.95 christos err(EXIT_FAILURE, "%s", pwd->pw_shell); 719 1.1 cgd } 720 1.57 aidan 721 1.89 wiz #if defined(KERBEROS5) 722 1.10 brezak /* 723 1.10 brezak * This routine handles cleanup stuff, and the like. 724 1.10 brezak * It exists only in the child process. 725 1.10 brezak */ 726 1.97 christos static void 727 1.80 xtraeme dofork(void) 728 1.10 brezak { 729 1.95 christos pid_t child, wchild; 730 1.38 mrg 731 1.95 christos switch (child = fork()) { 732 1.95 christos case 0: 733 1.38 mrg return; /* Child process */ 734 1.95 christos case -1: 735 1.95 christos err(EXIT_FAILURE, "Can't fork"); 736 1.95 christos /*NOTREACHED*/ 737 1.95 christos default: 738 1.95 christos break; 739 1.95 christos } 740 1.38 mrg 741 1.55 enami /* 742 1.55 enami * Setup stuff? This would be things we could do in parallel 743 1.55 enami * with login 744 1.55 enami */ 745 1.95 christos if (chdir("/") == -1) /* Let's not keep the fs busy... */ 746 1.95 christos err(EXIT_FAILURE, "Can't chdir to `/'"); 747 1.10 brezak 748 1.38 mrg /* If we're the parent, watch the child until it dies */ 749 1.95 christos while ((wchild = wait(NULL)) != child) 750 1.95 christos if (wchild == -1) 751 1.95 christos err(EXIT_FAILURE, "Can't wait"); 752 1.10 brezak 753 1.38 mrg /* Cleanup stuff */ 754 1.38 mrg /* Run kdestroy to destroy tickets */ 755 1.57 aidan if (login_krb5_get_tickets) 756 1.57 aidan k5destroy(); 757 1.10 brezak 758 1.38 mrg /* Leave */ 759 1.95 christos exit(EXIT_SUCCESS); 760 1.10 brezak } 761 1.1 cgd #endif 762 1.1 cgd 763 1.97 christos static void 764 1.80 xtraeme checknologin(char *fname) 765 1.1 cgd { 766 1.12 jtc int fd, nchars; 767 1.1 cgd char tbuf[8192]; 768 1.1 cgd 769 1.48 mjl if ((fd = open(fname ? fname : _PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 770 1.1 cgd while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 771 1.1 cgd (void)write(fileno(stdout), tbuf, nchars); 772 1.95 christos sleepexit(EXIT_SUCCESS); 773 1.1 cgd } 774 1.1 cgd } 775 1.1 cgd 776 1.66 christos static void 777 1.80 xtraeme usage(void) 778 1.79 christos { 779 1.79 christos (void)fprintf(stderr, 780 1.79 christos "Usage: %s [-Ffps] [-a address] [-h hostname] [username]\n", 781 1.79 christos getprogname()); 782 1.95 christos exit(EXIT_FAILURE); 783 1.79 christos } 784
Indexes created Tue Sep 30 20:09:53 GMT 2025