login.c revision 1.88
1 /* $NetBSD: login.c,v 1.88 2006/03/08 02:49:18 jnemeth Exp $ */ 2 3 /*- 4 * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/cdefs.h> 33 #ifndef lint 34 __COPYRIGHT( 35 "@(#) Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994\n\ 36 The Regents of the University of California. All rights reserved.\n"); 37 #endif /* not lint */ 38 39 #ifndef lint 40 #if 0 41 static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; 42 #endif 43 __RCSID("$NetBSD: login.c,v 1.88 2006/03/08 02:49:18 jnemeth Exp $"); 44 #endif /* not lint */ 45 46 /* 47 * login [ name ] 48 * login -h hostname (for telnetd, etc.) 49 * login -f name (for pre-authenticated login: datakit, xterm, etc.) 50 */ 51 52 #include <sys/param.h> 53 #include <sys/stat.h> 54 #include <sys/time.h> 55 #include <sys/resource.h> 56 #include <sys/file.h> 57 #include <sys/wait.h> 58 #include <sys/socket.h> 59 60 #include <err.h> 61 #include <errno.h> 62 #include <grp.h> 63 #include <pwd.h> 64 #include <setjmp.h> 65 #include <signal.h> 66 #include <stdio.h> 67 #include <stdlib.h> 68 #include <string.h> 69 #include <syslog.h> 70 #include <time.h> 71 #include <ttyent.h> 72 #include <tzfile.h> 73 #include <unistd.h> 74 #ifdef SUPPORT_UTMP 75 #include <utmp.h> 76 #endif 77 #ifdef SUPPORT_UTMPX 78 #include <utmpx.h> 79 #endif 80 #include <util.h> 81 #ifdef SKEY 82 #include <skey.h> 83 #endif 84 #ifdef KERBEROS5 85 #include <krb5/krb5.h> 86 #include <com_err.h> 87 #endif 88 #ifdef LOGIN_CAP 89 #include <login_cap.h> 90 #endif 91 #include <vis.h> 92 93 #include "pathnames.h" 94 95 #ifdef KERBEROS5 96 int login_krb5_get_tickets = 1; 97 int login_krb4_get_tickets = 0; 98 int login_krb5_forwardable_tgt = 0; 99 int login_krb5_retain_ccache = 0; 100 #endif 101 102 void badlogin(char *); 103 void checknologin(char *); 104 #ifdef SUPPORT_UTMP 105 static void doutmp(void); 106 static void dolastlog(int); 107 #endif 108 #ifdef SUPPORT_UTMPX 109 static void doutmpx(void); 110 static void dolastlogx(int); 111 #endif 112 static void update_db(int); 113 void getloginname(void); 114 void motd(char *); 115 int rootterm(char *); 116 void sigint(int); 117 void sleepexit(int); 118 const char *stypeof(const char *); 119 void timedout(int); 120 #if defined(KERBEROS) 121 int klogin(struct passwd *, char *, char *, char *); 122 void kdestroy(void); 123 #endif 124 #ifdef KERBEROS5 125 int k5login(struct passwd *, char *, char *, char *); 126 void k5destroy(void); 127 int k5_read_creds(char*); 128 int k5_write_creds(void); 129 #endif 130 #if defined(KERBEROS) || defined(KERBEROS5) 131 void dofork(void); 132 #endif 133 void decode_ss(const char *); 134 void usage(void); 135 136 #define TTYGRPNAME "tty" /* name of group to own ttys */ 137 138 #define DEFAULT_BACKOFF 3 139 #define DEFAULT_RETRIES 10 140 141 /* 142 * This bounds the time given to login. Not a define so it can 143 * be patched on machines where it's too small. 144 */ 145 u_int timeout = 300; 146 147 #if defined(KERBEROS) || defined(KERBEROS5) 148 int notickets = 1; 149 char *instance; 150 int has_ccache = 0; 151 #endif 152 #ifdef KERBEROS 153 extern char *krbtkfile_env; 154 extern int krb_configured; 155 #endif 156 #ifdef KERBEROS5 157 extern krb5_context kcontext; 158 extern int have_forward; 159 extern char *krb5tkfile_env; 160 extern int krb5_configured; 161 #endif 162 163 #if defined(KERBEROS) && defined(KERBEROS5) 164 #define KERBEROS_CONFIGURED (krb_configured || krb5_configured) 165 #elif defined(KERBEROS) 166 #define KERBEROS_CONFIGURED krb_configured 167 #elif defined(KERBEROS5) 168 #define KERBEROS_CONFIGURED krb5_configured 169 #endif 170 171 struct passwd *pwd; 172 int failures, have_ss; 173 char term[64], *envinit[1], *hostname, *username, *tty, *nested; 174 struct timeval now; 175 struct sockaddr_storage ss; 176 177 extern const char copyrightstr[]; 178 179 int 180 main(int argc, char *argv[]) 181 { 182 extern char **environ; 183 struct group *gr; 184 struct stat st; 185 int ask, ch, cnt, fflag, hflag, pflag, sflag, quietlog, rootlogin, rval; 186 int Fflag; 187 uid_t uid, saved_uid; 188 gid_t saved_gid, saved_gids[NGROUPS_MAX]; 189 int nsaved_gids; 190 char *domain, *p, *ttyn, *pwprompt; 191 const char *salt; 192 char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; 193 char localhost[MAXHOSTNAMELEN + 1]; 194 int need_chpass, require_chpass; 195 int login_retries = DEFAULT_RETRIES, 196 login_backoff = DEFAULT_BACKOFF; 197 time_t pw_warntime = _PASSWORD_WARNDAYS * SECSPERDAY; 198 #ifdef KERBEROS5 199 krb5_error_code kerror; 200 #endif 201 #if defined(KERBEROS) || defined(KERBEROS5) 202 int got_tickets = 0; 203 #endif 204 #ifdef LOGIN_CAP 205 char *shell = NULL; 206 login_cap_t *lc = NULL; 207 #endif 208 209 tbuf[0] = '\0'; 210 rval = 0; 211 pwprompt = NULL; 212 nested = NULL; 213 need_chpass = require_chpass = 0; 214 215 (void)signal(SIGALRM, timedout); 216 (void)alarm(timeout); 217 (void)signal(SIGQUIT, SIG_IGN); 218 (void)signal(SIGINT, SIG_IGN); 219 (void)setpriority(PRIO_PROCESS, 0, 0); 220 221 openlog("login", 0, LOG_AUTH); 222 223 /* 224 * -p is used by getty to tell login not to destroy the environment 225 * -f is used to skip a second login authentication 226 * -h is used by other servers to pass the name of the remote host to 227 * login so that it may be placed in utmp/utmpx and wtmp/wtmpx 228 * -a in addition to -h, a server may supply -a to pass the actual 229 * server address. 230 * -s is used to force use of S/Key or equivalent. 231 */ 232 domain = NULL; 233 if (gethostname(localhost, sizeof(localhost)) < 0) 234 syslog(LOG_ERR, "couldn't get local hostname: %m"); 235 else 236 domain = strchr(localhost, '.'); 237 localhost[sizeof(localhost) - 1] = '\0'; 238 239 Fflag = fflag = hflag = pflag = sflag = 0; 240 have_ss = 0; 241 #ifdef KERBEROS5 242 have_forward = 0; 243 #endif 244 uid = getuid(); 245 while ((ch = getopt(argc, argv, "a:Ffh:ps")) != -1) 246 switch (ch) { 247 case 'a': 248 if (uid) 249 errx(1, "-a option: %s", strerror(EPERM)); 250 decode_ss(optarg); 251 #ifdef notdef 252 (void)sockaddr_snprintf(optarg, 253 sizeof(struct sockaddr_storage), "%a", (void *)&ss); 254 #endif 255 break; 256 case 'F': 257 Fflag = 1; 258 /* FALLTHROUGH */ 259 case 'f': 260 fflag = 1; 261 break; 262 case 'h': 263 if (uid) 264 errx(1, "-h option: %s", strerror(EPERM)); 265 hflag = 1; 266 #ifdef notdef 267 if (domain && (p = strchr(optarg, '.')) != NULL && 268 strcasecmp(p, domain) == 0) 269 *p = '\0'; 270 #endif 271 hostname = optarg; 272 break; 273 case 'p': 274 pflag = 1; 275 break; 276 case 's': 277 sflag = 1; 278 break; 279 default: 280 case '?': 281 usage(); 282 break; 283 } 284 285 setproctitle(NULL); 286 argc -= optind; 287 argv += optind; 288 289 if (*argv) { 290 username = *argv; 291 ask = 0; 292 } else 293 ask = 1; 294 295 #ifdef F_CLOSEM 296 (void)fcntl(3, F_CLOSEM, 0); 297 #else 298 for (cnt = getdtablesize(); cnt > 2; cnt--) 299 (void)close(cnt); 300 #endif 301 302 ttyn = ttyname(STDIN_FILENO); 303 if (ttyn == NULL || *ttyn == '\0') { 304 (void)snprintf(tname, sizeof(tname), "%s??", _PATH_TTY); 305 ttyn = tname; 306 } 307 if ((tty = strstr(ttyn, "/pts/")) != NULL) 308 ++tty; 309 else if ((tty = strrchr(ttyn, '/')) != NULL) 310 ++tty; 311 else 312 tty = ttyn; 313 314 if (issetugid()) { 315 nested = strdup(user_from_uid(getuid(), 0)); 316 if (nested == NULL) { 317 syslog(LOG_ERR, "strdup: %m"); 318 sleepexit(1); 319 } 320 } 321 322 #ifdef LOGIN_CAP 323 /* Get "login-retries" and "login-backoff" from default class */ 324 if ((lc = login_getclass(NULL)) != NULL) { 325 login_retries = (int)login_getcapnum(lc, "login-retries", 326 DEFAULT_RETRIES, DEFAULT_RETRIES); 327 login_backoff = (int)login_getcapnum(lc, "login-backoff", 328 DEFAULT_BACKOFF, DEFAULT_BACKOFF); 329 login_close(lc); 330 lc = NULL; 331 } 332 #endif 333 334 #ifdef KERBEROS5 335 kerror = krb5_init_context(&kcontext); 336 if (kerror) { 337 /* 338 * If Kerberos is not configured, that is, we are 339 * not using Kerberos, do not log the error message. 340 * However, if Kerberos is configured, and the 341 * context init fails for some other reason, we need 342 * to issue a no tickets warning to the user when the 343 * login succeeds. 344 */ 345 if (kerror != ENXIO) { /* XXX NetBSD-local Heimdal hack */ 346 syslog(LOG_NOTICE, 347 "%s when initializing Kerberos context", 348 error_message(kerror)); 349 krb5_configured = 1; 350 } 351 login_krb5_get_tickets = 0; 352 } 353 #endif /* KERBEROS5 */ 354 355 for (cnt = 0;; ask = 1) { 356 #if defined(KERBEROS) 357 kdestroy(); 358 #endif 359 #if defined(KERBEROS5) 360 if (login_krb5_get_tickets) 361 k5destroy(); 362 #endif 363 if (ask) { 364 fflag = 0; 365 getloginname(); 366 } 367 rootlogin = 0; 368 #ifdef KERBEROS 369 if ((instance = strchr(username, '.')) != NULL) 370 *instance++ = '\0'; 371 else 372 instance = ""; 373 #endif 374 #ifdef KERBEROS5 375 if ((instance = strchr(username, '/')) != NULL) 376 *instance++ = '\0'; 377 else 378 instance = ""; 379 #endif 380 if (strlen(username) > MAXLOGNAME) 381 username[MAXLOGNAME] = '\0'; 382 383 /* 384 * Note if trying multiple user names; log failures for 385 * previous user name, but don't bother logging one failure 386 * for nonexistent name (mistyped username). 387 */ 388 if (failures && strcmp(tbuf, username)) { 389 if (failures > (pwd ? 0 : 1)) 390 badlogin(tbuf); 391 failures = 0; 392 } 393 (void)strlcpy(tbuf, username, sizeof(tbuf)); 394 395 if ((pwd = getpwnam(username)) != NULL) 396 salt = pwd->pw_passwd; 397 else 398 salt = "xx"; 399 400 #ifdef LOGIN_CAP 401 /* 402 * Establish the class now, before we might goto 403 * within the next block. pwd can be NULL since it 404 * falls back to the "default" class if it is. 405 */ 406 lc = login_getclass(pwd ? pwd->pw_class : NULL); 407 #endif 408 /* 409 * if we have a valid account name, and it doesn't have a 410 * password, or the -f option was specified and the caller 411 * is root or the caller isn't changing their uid, don't 412 * authenticate. 413 */ 414 if (pwd) { 415 if (pwd->pw_uid == 0) 416 rootlogin = 1; 417 418 if (fflag && (uid == 0 || uid == pwd->pw_uid)) { 419 /* already authenticated */ 420 #ifdef KERBEROS5 421 if (login_krb5_get_tickets && Fflag) 422 k5_read_creds(username); 423 #endif 424 break; 425 } else if (pwd->pw_passwd[0] == '\0') { 426 /* pretend password okay */ 427 rval = 0; 428 goto ttycheck; 429 } 430 } 431 432 fflag = 0; 433 434 (void)setpriority(PRIO_PROCESS, 0, -4); 435 436 #ifdef SKEY 437 if (skey_haskey(username) == 0) { 438 static char skprompt[80]; 439 const char *skinfo = skey_keyinfo(username); 440 441 (void)snprintf(skprompt, sizeof(skprompt), 442 "Password [ %s ]:", 443 skinfo ? skinfo : "error getting challenge"); 444 pwprompt = skprompt; 445 } else 446 #endif 447 pwprompt = "Password:"; 448 449 p = getpass(pwprompt); 450 451 if (pwd == NULL) { 452 rval = 1; 453 goto skip; 454 } 455 #ifdef KERBEROS 456 if ( 457 #ifdef KERBEROS5 458 /* allow a user to get both krb4 and krb5 tickets, if 459 * desired. If krb5 is compiled in, the default action 460 * is to ignore krb4 and get krb5 tickets, but the user 461 * can override this in the krb5.conf. */ 462 login_krb4_get_tickets && 463 #endif 464 klogin(pwd, instance, localhost, p) == 0) { 465 rval = 0; 466 got_tickets = 1; 467 } 468 #endif 469 #ifdef KERBEROS5 470 if (login_krb5_get_tickets && 471 k5login(pwd, instance, localhost, p) == 0) { 472 rval = 0; 473 got_tickets = 1; 474 } 475 #endif 476 #if defined(KERBEROS) || defined(KERBEROS5) 477 if (got_tickets) 478 goto skip; 479 #endif 480 #ifdef SKEY 481 if (skey_haskey(username) == 0 && 482 skey_passcheck(username, p) != -1) { 483 rval = 0; 484 goto skip; 485 } 486 #endif 487 if (!sflag && *pwd->pw_passwd != '\0' && 488 !strcmp(crypt(p, pwd->pw_passwd), pwd->pw_passwd)) { 489 rval = 0; 490 require_chpass = 1; 491 goto skip; 492 } 493 rval = 1; 494 495 skip: 496 memset(p, 0, strlen(p)); 497 498 (void)setpriority(PRIO_PROCESS, 0, 0); 499 500 ttycheck: 501 /* 502 * If trying to log in as root without Kerberos, 503 * but with insecure terminal, refuse the login attempt. 504 */ 505 if (pwd && !rval && rootlogin && !rootterm(tty)) { 506 (void)printf("Login incorrect or refused on this " 507 "terminal.\n"); 508 if (hostname) 509 syslog(LOG_NOTICE, 510 "LOGIN %s REFUSED FROM %s ON TTY %s", 511 pwd->pw_name, hostname, tty); 512 else 513 syslog(LOG_NOTICE, 514 "LOGIN %s REFUSED ON TTY %s", 515 pwd->pw_name, tty); 516 continue; 517 } 518 519 if (pwd && !rval) 520 break; 521 522 (void)printf("Login incorrect or refused on this " 523 "terminal.\n"); 524 failures++; 525 cnt++; 526 /* 527 * We allow login_retries tries, but after login_backoff 528 * we start backing off. These default to 10 and 3 529 * respectively. 530 */ 531 if (cnt > login_backoff) { 532 if (cnt >= login_retries) { 533 badlogin(username); 534 sleepexit(1); 535 } 536 sleep((u_int)((cnt - login_backoff) * 5)); 537 } 538 } 539 540 /* committed to login -- turn off timeout */ 541 (void)alarm((u_int)0); 542 543 endpwent(); 544 545 /* if user not super-user, check for disabled logins */ 546 #ifdef LOGIN_CAP 547 if (!login_getcapbool(lc, "ignorenologin", rootlogin)) 548 checknologin(login_getcapstr(lc, "nologin", NULL, NULL)); 549 #else 550 if (!rootlogin) 551 checknologin(NULL); 552 #endif 553 554 #ifdef LOGIN_CAP 555 quietlog = login_getcapbool(lc, "hushlogin", 0); 556 #else 557 quietlog = 0; 558 #endif 559 /* Temporarily give up special privileges so we can change */ 560 /* into NFS-mounted homes that are exported for non-root */ 561 /* access and have mode 7x0 */ 562 saved_uid = geteuid(); 563 saved_gid = getegid(); 564 nsaved_gids = getgroups(NGROUPS_MAX, saved_gids); 565 566 (void)setegid(pwd->pw_gid); 567 initgroups(username, pwd->pw_gid); 568 (void)seteuid(pwd->pw_uid); 569 570 if (chdir(pwd->pw_dir) < 0) { 571 #ifdef LOGIN_CAP 572 if (login_getcapbool(lc, "requirehome", 0)) { 573 (void)printf("Home directory %s required\n", 574 pwd->pw_dir); 575 sleepexit(1); 576 } 577 #endif 578 (void)printf("No home directory %s!\n", pwd->pw_dir); 579 if (chdir("/")) 580 exit(0); 581 pwd->pw_dir = "/"; 582 (void)printf("Logging in with home = \"/\".\n"); 583 } 584 585 if (!quietlog) 586 quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; 587 588 /* regain special privileges */ 589 (void)seteuid(saved_uid); 590 setgroups(nsaved_gids, saved_gids); 591 (void)setegid(saved_gid); 592 593 #ifdef LOGIN_CAP 594 pw_warntime = login_getcaptime(lc, "password-warn", 595 _PASSWORD_WARNDAYS * SECSPERDAY, 596 _PASSWORD_WARNDAYS * SECSPERDAY); 597 #endif 598 599 (void)gettimeofday(&now, (struct timezone *)NULL); 600 if (pwd->pw_expire) { 601 if (now.tv_sec >= pwd->pw_expire) { 602 (void)printf("Sorry -- your account has expired.\n"); 603 sleepexit(1); 604 } else if (pwd->pw_expire - now.tv_sec < pw_warntime && 605 !quietlog) 606 (void)printf("Warning: your account expires on %s", 607 ctime(&pwd->pw_expire)); 608 } 609 if (pwd->pw_change) { 610 if (pwd->pw_change == _PASSWORD_CHGNOW) 611 need_chpass = 1; 612 else if (now.tv_sec >= pwd->pw_change) { 613 (void)printf("Sorry -- your password has expired.\n"); 614 sleepexit(1); 615 } else if (pwd->pw_change - now.tv_sec < pw_warntime && 616 !quietlog) 617 (void)printf("Warning: your password expires on %s", 618 ctime(&pwd->pw_change)); 619 620 } 621 /* Nothing else left to fail -- really log in. */ 622 update_db(quietlog); 623 624 (void)chown(ttyn, pwd->pw_uid, 625 (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); 626 627 if (ttyaction(ttyn, "login", pwd->pw_name)) 628 (void)printf("Warning: ttyaction failed.\n"); 629 630 #if defined(KERBEROS) || defined(KERBEROS5) 631 /* Fork so that we can call kdestroy */ 632 if ( 633 #ifdef KERBEROS5 634 ! login_krb5_retain_ccache && 635 #endif 636 has_ccache) 637 dofork(); 638 #endif 639 640 /* Destroy environment unless user has requested its preservation. */ 641 if (!pflag) 642 environ = envinit; 643 644 #ifdef LOGIN_CAP 645 if (nested == NULL && setusercontext(lc, pwd, pwd->pw_uid, 646 LOGIN_SETLOGIN) != 0) { 647 syslog(LOG_ERR, "setusercontext failed"); 648 exit(1); 649 } 650 if (setusercontext(lc, pwd, pwd->pw_uid, 651 (LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETLOGIN))) != 0) { 652 syslog(LOG_ERR, "setusercontext failed"); 653 exit(1); 654 } 655 #else 656 (void)setgid(pwd->pw_gid); 657 658 initgroups(username, pwd->pw_gid); 659 660 if (nested == NULL && setlogin(pwd->pw_name) < 0) 661 syslog(LOG_ERR, "setlogin() failure: %m"); 662 663 /* Discard permissions last so can't get killed and drop core. */ 664 if (rootlogin) 665 (void)setuid(0); 666 else 667 (void)setuid(pwd->pw_uid); 668 #endif 669 670 if (*pwd->pw_shell == '\0') 671 pwd->pw_shell = _PATH_BSHELL; 672 #ifdef LOGIN_CAP 673 if ((shell = login_getcapstr(lc, "shell", NULL, NULL)) != NULL) { 674 if ((shell = strdup(shell)) == NULL) { 675 syslog(LOG_ERR, "Cannot alloc mem"); 676 sleepexit(1); 677 } 678 pwd->pw_shell = shell; 679 } 680 #endif 681 682 (void)setenv("HOME", pwd->pw_dir, 1); 683 (void)setenv("SHELL", pwd->pw_shell, 1); 684 if (term[0] == '\0') { 685 char *tt = (char *)stypeof(tty); 686 #ifdef LOGIN_CAP 687 if (tt == NULL) 688 tt = login_getcapstr(lc, "term", NULL, NULL); 689 #endif 690 /* unknown term -> "su" */ 691 (void)strlcpy(term, tt != NULL ? tt : "su", sizeof(term)); 692 } 693 (void)setenv("TERM", term, 0); 694 (void)setenv("LOGNAME", pwd->pw_name, 1); 695 (void)setenv("USER", pwd->pw_name, 1); 696 697 #ifdef LOGIN_CAP 698 setusercontext(lc, pwd, pwd->pw_uid, LOGIN_SETPATH); 699 #else 700 (void)setenv("PATH", _PATH_DEFPATH, 0); 701 #endif 702 703 #ifdef KERBEROS 704 if (krbtkfile_env) 705 (void)setenv("KRBTKFILE", krbtkfile_env, 1); 706 #endif 707 #ifdef KERBEROS5 708 if (krb5tkfile_env) 709 (void)setenv("KRB5CCNAME", krb5tkfile_env, 1); 710 #endif 711 712 if (tty[sizeof("tty")-1] == 'd') 713 syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); 714 715 /* If fflag is on, assume caller/authenticator has logged root login. */ 716 if (rootlogin && fflag == 0) { 717 if (hostname) 718 syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", 719 username, tty, hostname); 720 else 721 syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", 722 username, tty); 723 } 724 725 #if defined(KERBEROS) || defined(KERBEROS5) 726 if (KERBEROS_CONFIGURED && !quietlog && notickets == 1) 727 (void)printf("Warning: no Kerberos tickets issued.\n"); 728 #endif 729 730 if (!quietlog) { 731 char *fname; 732 #ifdef LOGIN_CAP 733 fname = login_getcapstr(lc, "copyright", NULL, NULL); 734 if (fname != NULL && access(fname, F_OK) == 0) 735 motd(fname); 736 else 737 #endif 738 (void)printf("%s", copyrightstr); 739 740 #ifdef LOGIN_CAP 741 fname = login_getcapstr(lc, "welcome", NULL, NULL); 742 if (fname == NULL || access(fname, F_OK) != 0) 743 #endif 744 fname = _PATH_MOTDFILE; 745 motd(fname); 746 747 (void)snprintf(tbuf, 748 sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pwd->pw_name); 749 if (stat(tbuf, &st) == 0 && st.st_size != 0) 750 (void)printf("You have %smail.\n", 751 (st.st_mtime > st.st_atime) ? "new " : ""); 752 } 753 754 #ifdef LOGIN_CAP 755 login_close(lc); 756 #endif 757 758 (void)signal(SIGALRM, SIG_DFL); 759 (void)signal(SIGQUIT, SIG_DFL); 760 (void)signal(SIGINT, SIG_DFL); 761 (void)signal(SIGTSTP, SIG_IGN); 762 763 tbuf[0] = '-'; 764 (void)strlcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ? 765 p + 1 : pwd->pw_shell, sizeof(tbuf) - 1); 766 767 /* Wait to change password until we're unprivileged */ 768 if (need_chpass) { 769 if (!require_chpass) 770 (void)printf( 771 "Warning: your password has expired. Please change it as soon as possible.\n"); 772 else { 773 int status; 774 775 (void)printf( 776 "Your password has expired. Please choose a new one.\n"); 777 switch (fork()) { 778 case -1: 779 warn("fork"); 780 sleepexit(1); 781 case 0: 782 execl(_PATH_BINPASSWD, "passwd", 0); 783 _exit(1); 784 default: 785 if (wait(&status) == -1 || 786 WEXITSTATUS(status)) 787 sleepexit(1); 788 } 789 } 790 } 791 792 #ifdef KERBEROS5 793 if (login_krb5_get_tickets) 794 k5_write_creds(); 795 #endif 796 execlp(pwd->pw_shell, tbuf, 0); 797 err(1, "%s", pwd->pw_shell); 798 } 799 800 #if defined(KERBEROS) || defined(KERBEROS5) 801 #define NBUFSIZ (MAXLOGNAME + 1 + 5) /* .root suffix */ 802 #else 803 #define NBUFSIZ (MAXLOGNAME + 1) 804 #endif 805 806 #if defined(KERBEROS) || defined(KERBEROS5) 807 /* 808 * This routine handles cleanup stuff, and the like. 809 * It exists only in the child process. 810 */ 811 #include <sys/wait.h> 812 void 813 dofork(void) 814 { 815 int child; 816 817 if (!(child = fork())) 818 return; /* Child process */ 819 820 /* 821 * Setup stuff? This would be things we could do in parallel 822 * with login 823 */ 824 (void)chdir("/"); /* Let's not keep the fs busy... */ 825 826 /* If we're the parent, watch the child until it dies */ 827 while (wait(0) != child) 828 ; 829 830 /* Cleanup stuff */ 831 /* Run kdestroy to destroy tickets */ 832 #ifdef KERBEROS 833 kdestroy(); 834 #endif 835 #ifdef KERBEROS5 836 if (login_krb5_get_tickets) 837 k5destroy(); 838 #endif 839 840 /* Leave */ 841 exit(0); 842 } 843 #endif 844 845 void 846 getloginname(void) 847 { 848 int ch; 849 char *p; 850 static char nbuf[NBUFSIZ]; 851 852 for (;;) { 853 (void)printf("login: "); 854 for (p = nbuf; (ch = getchar()) != '\n'; ) { 855 if (ch == EOF) { 856 badlogin(username); 857 exit(0); 858 } 859 if (p < nbuf + (NBUFSIZ - 1)) 860 *p++ = ch; 861 } 862 if (p > nbuf) { 863 if (nbuf[0] == '-') 864 (void)fprintf(stderr, 865 "login names may not start with '-'.\n"); 866 else { 867 *p = '\0'; 868 username = nbuf; 869 break; 870 } 871 } 872 } 873 } 874 875 int 876 rootterm(char *ttyn) 877 { 878 struct ttyent *t; 879 880 return ((t = getttynam(ttyn)) && t->ty_status & TTY_SECURE); 881 } 882 883 jmp_buf motdinterrupt; 884 885 void 886 motd(char *fname) 887 { 888 int fd, nchars; 889 sig_t oldint; 890 char tbuf[8192]; 891 892 if ((fd = open(fname ? fname : _PATH_MOTDFILE, O_RDONLY, 0)) < 0) 893 return; 894 oldint = signal(SIGINT, sigint); 895 if (setjmp(motdinterrupt) == 0) 896 while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 897 (void)write(fileno(stdout), tbuf, nchars); 898 (void)signal(SIGINT, oldint); 899 (void)close(fd); 900 } 901 902 /* ARGSUSED */ 903 void 904 sigint(int signo) 905 { 906 907 longjmp(motdinterrupt, 1); 908 } 909 910 /* ARGSUSED */ 911 void 912 timedout(int signo) 913 { 914 915 (void)fprintf(stderr, "Login timed out after %d seconds\n", timeout); 916 exit(0); 917 } 918 919 void 920 checknologin(char *fname) 921 { 922 int fd, nchars; 923 char tbuf[8192]; 924 925 if ((fd = open(fname ? fname : _PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { 926 while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) 927 (void)write(fileno(stdout), tbuf, nchars); 928 sleepexit(0); 929 } 930 } 931 932 static void 933 update_db(int quietlog) 934 { 935 if (nested != NULL) { 936 if (hostname != NULL) 937 syslog(LOG_NOTICE, "%s to %s on tty %s from %s", 938 nested, pwd->pw_name, tty, hostname); 939 else 940 syslog(LOG_NOTICE, "%s to %s on tty %s", nested, 941 pwd->pw_name, tty); 942 943 return; 944 } 945 if (hostname != NULL && have_ss == 0) { 946 socklen_t len = sizeof(ss); 947 have_ss = getpeername(STDIN_FILENO, (struct sockaddr *)&ss, 948 &len) != -1; 949 } 950 (void)gettimeofday(&now, NULL); 951 #ifdef SUPPORT_UTMPX 952 doutmpx(); 953 dolastlogx(quietlog); 954 quietlog = 1; 955 #endif 956 #ifdef SUPPORT_UTMP 957 doutmp(); 958 dolastlog(quietlog); 959 #endif 960 } 961 962 #ifdef SUPPORT_UTMPX 963 static void 964 doutmpx(void) 965 { 966 struct utmpx utmpx; 967 char *t; 968 969 memset((void *)&utmpx, 0, sizeof(utmpx)); 970 utmpx.ut_tv = now; 971 (void)strncpy(utmpx.ut_name, username, sizeof(utmpx.ut_name)); 972 if (hostname) { 973 (void)strncpy(utmpx.ut_host, hostname, sizeof(utmpx.ut_host)); 974 utmpx.ut_ss = ss; 975 } 976 (void)strncpy(utmpx.ut_line, tty, sizeof(utmpx.ut_line)); 977 utmpx.ut_type = USER_PROCESS; 978 utmpx.ut_pid = getpid(); 979 t = tty + strlen(tty); 980 if (t - tty >= sizeof(utmpx.ut_id)) { 981 (void)strncpy(utmpx.ut_id, t - sizeof(utmpx.ut_id), 982 sizeof(utmpx.ut_id)); 983 } else { 984 (void)strncpy(utmpx.ut_id, tty, sizeof(utmpx.ut_id)); 985 } 986 if (pututxline(&utmpx) == NULL) 987 syslog(LOG_NOTICE, "Cannot update utmpx: %m"); 988 endutxent(); 989 if (updwtmpx(_PATH_WTMPX, &utmpx) != 0) 990 syslog(LOG_NOTICE, "Cannot update wtmpx: %m"); 991 } 992 993 static void 994 dolastlogx(int quiet) 995 { 996 struct lastlogx ll; 997 if (!quiet && getlastlogx(_PATH_LASTLOGX, pwd->pw_uid, &ll) != NULL) { 998 time_t t = (time_t)ll.ll_tv.tv_sec; 999 (void)printf("Last login: %.24s ", ctime(&t)); 1000 if (*ll.ll_host != '\0') 1001 (void)printf("from %.*s ", 1002 (int)sizeof(ll.ll_host), 1003 ll.ll_host); 1004 (void)printf("on %.*s\n", 1005 (int)sizeof(ll.ll_line), 1006 ll.ll_line); 1007 } 1008 ll.ll_tv = now; 1009 (void)strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 1010 if (hostname) 1011 (void)strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); 1012 else 1013 (void)memset(ll.ll_host, '\0', sizeof(ll.ll_host)); 1014 if (have_ss) 1015 ll.ll_ss = ss; 1016 else 1017 (void)memset(&ll.ll_ss, 0, sizeof(ll.ll_ss)); 1018 if (updlastlogx(_PATH_LASTLOGX, pwd->pw_uid, &ll) != 0) 1019 syslog(LOG_NOTICE, "Cannot update lastlogx: %m"); 1020 } 1021 #endif 1022 1023 #ifdef SUPPORT_UTMP 1024 static void 1025 doutmp(void) 1026 { 1027 struct utmp utmp; 1028 1029 (void)memset((void *)&utmp, 0, sizeof(utmp)); 1030 utmp.ut_time = now.tv_sec; 1031 (void)strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); 1032 if (hostname) 1033 (void)strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); 1034 (void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); 1035 login(&utmp); 1036 } 1037 1038 static void 1039 dolastlog(int quiet) 1040 { 1041 struct lastlog ll; 1042 int fd; 1043 1044 if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { 1045 (void)lseek(fd, (off_t)(pwd->pw_uid * sizeof(ll)), SEEK_SET); 1046 if (!quiet) { 1047 if (read(fd, (char *)&ll, sizeof(ll)) == sizeof(ll) && 1048 ll.ll_time != 0) { 1049 (void)printf("Last login: %.24s ", 1050 ctime(&ll.ll_time)); 1051 if (*ll.ll_host != '\0') 1052 (void)printf("from %.*s ", 1053 (int)sizeof(ll.ll_host), 1054 ll.ll_host); 1055 (void)printf("on %.*s\n", 1056 (int)sizeof(ll.ll_line), ll.ll_line); 1057 } 1058 (void)lseek(fd, (off_t)(pwd->pw_uid * sizeof(ll)), 1059 SEEK_SET); 1060 } 1061 memset((void *)&ll, 0, sizeof(ll)); 1062 ll.ll_time = now.tv_sec; 1063 (void)strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); 1064 if (hostname) 1065 (void)strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); 1066 (void)write(fd, (char *)&ll, sizeof(ll)); 1067 (void)close(fd); 1068 } 1069 } 1070 #endif 1071 1072 void 1073 badlogin(char *name) 1074 { 1075 1076 if (failures == 0) 1077 return; 1078 if (hostname) { 1079 syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s", 1080 failures, failures > 1 ? "S" : "", hostname); 1081 syslog(LOG_AUTHPRIV|LOG_NOTICE, 1082 "%d LOGIN FAILURE%s FROM %s, %s", 1083 failures, failures > 1 ? "S" : "", hostname, name); 1084 } else { 1085 syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s", 1086 failures, failures > 1 ? "S" : "", tty); 1087 syslog(LOG_AUTHPRIV|LOG_NOTICE, 1088 "%d LOGIN FAILURE%s ON %s, %s", 1089 failures, failures > 1 ? "S" : "", tty, name); 1090 } 1091 } 1092 1093 const char * 1094 stypeof(const char *ttyid) 1095 { 1096 struct ttyent *t; 1097 1098 return (ttyid && (t = getttynam(ttyid)) ? t->ty_type : NULL); 1099 } 1100 1101 void 1102 sleepexit(int eval) 1103 { 1104 1105 (void)sleep(5); 1106 exit(eval); 1107 } 1108 1109 void 1110 decode_ss(const char *arg) 1111 { 1112 struct sockaddr_storage *ssp; 1113 size_t len = strlen(arg); 1114 1115 if (len > sizeof(*ssp) * 4 + 1 || len < sizeof(*ssp)) 1116 errx(1, "Bad argument"); 1117 1118 if ((ssp = malloc(len)) == NULL) 1119 err(1, NULL); 1120 1121 if (strunvis((char *)ssp, arg) != sizeof(*ssp)) 1122 errx(1, "Decoding error"); 1123 1124 (void)memcpy(&ss, ssp, sizeof(ss)); 1125 have_ss = 1; 1126 } 1127 1128 void 1129 usage(void) 1130 { 1131 (void)fprintf(stderr, 1132 "Usage: %s [-Ffps] [-a address] [-h hostname] [username]\n", 1133 getprogname()); 1134 exit(1); 1135 } 1136
Indexes created Tue Sep 30 20:09:53 GMT 2025