![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to login.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSD / bin|
Return to login.c CVS log | Up to [CSRG BSD Unix] / 43BSD / bin |
1.1 ! root 1: /* ! 2: * Copyright (c) 1980 Regents of the University of California. ! 3: * All rights reserved. The Berkeley software License Agreement ! 4: * specifies the terms and conditions for redistribution. ! 5: */ ! 6: ! 7: #ifndef lint ! 8: char copyright[] = ! 9: "@(#) Copyright (c) 1980 Regents of the University of California.\n\ ! 10: All rights reserved.\n"; ! 11: #endif not lint ! 12: ! 13: #ifndef lint ! 14: static char sccsid[] = "@(#)login.c 5.15 (Berkeley) 4/12/86"; ! 15: #endif not lint ! 16: ! 17: /* ! 18: * login [ name ] ! 19: * login -r hostname (for rlogind) ! 20: * login -h hostname (for telnetd, etc.) ! 21: */ ! 22: ! 23: #include <sys/param.h> ! 24: #include <sys/quota.h> ! 25: #include <sys/stat.h> ! 26: #include <sys/time.h> ! 27: #include <sys/resource.h> ! 28: #include <sys/file.h> ! 29: ! 30: #include <sgtty.h> ! 31: #include <utmp.h> ! 32: #include <signal.h> ! 33: #include <pwd.h> ! 34: #include <stdio.h> ! 35: #include <lastlog.h> ! 36: #include <errno.h> ! 37: #include <ttyent.h> ! 38: #include <syslog.h> ! 39: #include <grp.h> ! 40: ! 41: #define TTYGRPNAME "tty" /* name of group to own ttys */ ! 42: #define TTYGID(gid) tty_gid(gid) /* gid that owns all ttys */ ! 43: ! 44: #define SCMPN(a, b) strncmp(a, b, sizeof(a)) ! 45: #define SCPYN(a, b) strncpy(a, b, sizeof(a)) ! 46: ! 47: #define NMAX sizeof(utmp.ut_name) ! 48: #define HMAX sizeof(utmp.ut_host) ! 49: ! 50: #define FALSE 0 ! 51: #define TRUE -1 ! 52: ! 53: char nolog[] = "/etc/nologin"; ! 54: char qlog[] = ".hushlogin"; ! 55: char maildir[30] = "/usr/spool/mail/"; ! 56: char lastlog[] = "/usr/adm/lastlog"; ! 57: struct passwd nouser = {"", "nope", -1, -1, -1, "", "", "", "" }; ! 58: struct sgttyb ttyb; ! 59: struct utmp utmp; ! 60: char minusnam[16] = "-"; ! 61: char *envinit[] = { 0 }; /* now set by setenv calls */ ! 62: /* ! 63: * This bounds the time given to login. We initialize it here ! 64: * so it can be patched on machines where it's too small. ! 65: */ ! 66: int timeout = 60; ! 67: ! 68: char term[64]; ! 69: ! 70: struct passwd *pwd; ! 71: char *strcat(), *rindex(), *index(), *malloc(), *realloc(); ! 72: int timedout(); ! 73: char *ttyname(); ! 74: char *crypt(); ! 75: char *getpass(); ! 76: char *stypeof(); ! 77: extern char **environ; ! 78: extern int errno; ! 79: ! 80: struct tchars tc = { ! 81: CINTR, CQUIT, CSTART, CSTOP, CEOT, CBRK ! 82: }; ! 83: struct ltchars ltc = { ! 84: CSUSP, CDSUSP, CRPRNT, CFLUSH, CWERASE, CLNEXT ! 85: }; ! 86: ! 87: struct winsize win = { 0, 0, 0, 0 }; ! 88: ! 89: int rflag; ! 90: int usererr = -1; ! 91: char rusername[NMAX+1], lusername[NMAX+1]; ! 92: char rpassword[NMAX+1]; ! 93: char name[NMAX+1]; ! 94: char *rhost; ! 95: ! 96: main(argc, argv) ! 97: char *argv[]; ! 98: { ! 99: register char *namep; ! 100: int pflag = 0, hflag = 0, t, f, c; ! 101: int invalid, quietlog; ! 102: FILE *nlfd; ! 103: char *ttyn, *tty; ! 104: int ldisc = 0, zero = 0, i; ! 105: char **envnew; ! 106: ! 107: signal(SIGALRM, timedout); ! 108: alarm(timeout); ! 109: signal(SIGQUIT, SIG_IGN); ! 110: signal(SIGINT, SIG_IGN); ! 111: setpriority(PRIO_PROCESS, 0, 0); ! 112: quota(Q_SETUID, 0, 0, 0); ! 113: /* ! 114: * -p is used by getty to tell login not to destroy the environment ! 115: * -r is used by rlogind to cause the autologin protocol; ! 116: * -h is used by other servers to pass the name of the ! 117: * remote host to login so that it may be placed in utmp and wtmp ! 118: */ ! 119: while (argc > 1) { ! 120: if (strcmp(argv[1], "-r") == 0) { ! 121: if (rflag || hflag) { ! 122: printf("Only one of -r and -h allowed\n"); ! 123: exit(1); ! 124: } ! 125: rflag = 1; ! 126: usererr = doremotelogin(argv[2]); ! 127: SCPYN(utmp.ut_host, argv[2]); ! 128: argc -= 2; ! 129: argv += 2; ! 130: continue; ! 131: } ! 132: if (strcmp(argv[1], "-h") == 0 && getuid() == 0) { ! 133: if (rflag || hflag) { ! 134: printf("Only one of -r and -h allowed\n"); ! 135: exit(1); ! 136: } ! 137: hflag = 1; ! 138: SCPYN(utmp.ut_host, argv[2]); ! 139: argc -= 2; ! 140: argv += 2; ! 141: continue; ! 142: } ! 143: if (strcmp(argv[1], "-p") == 0) { ! 144: argc--; ! 145: argv++; ! 146: pflag = 1; ! 147: continue; ! 148: } ! 149: break; ! 150: } ! 151: ioctl(0, TIOCLSET, &zero); ! 152: ioctl(0, TIOCNXCL, 0); ! 153: ioctl(0, FIONBIO, &zero); ! 154: ioctl(0, FIOASYNC, &zero); ! 155: ioctl(0, TIOCGETP, &ttyb); ! 156: /* ! 157: * If talking to an rlogin process, ! 158: * propagate the terminal type and ! 159: * baud rate across the network. ! 160: */ ! 161: if (rflag) ! 162: doremoteterm(term, &ttyb); ! 163: ttyb.sg_erase = CERASE; ! 164: ttyb.sg_kill = CKILL; ! 165: ioctl(0, TIOCSLTC, <c); ! 166: ioctl(0, TIOCSETC, &tc); ! 167: ioctl(0, TIOCSETP, &ttyb); ! 168: for (t = getdtablesize(); t > 2; t--) ! 169: close(t); ! 170: ttyn = ttyname(0); ! 171: if (ttyn == (char *)0 || *ttyn == '\0') ! 172: ttyn = "/dev/tty??"; ! 173: tty = rindex(ttyn, '/'); ! 174: if (tty == NULL) ! 175: tty = ttyn; ! 176: else ! 177: tty++; ! 178: openlog("login", LOG_ODELAY, LOG_AUTH); ! 179: t = 0; ! 180: invalid = FALSE; ! 181: do { ! 182: ldisc = 0; ! 183: ioctl(0, TIOCSETD, &ldisc); ! 184: SCPYN(utmp.ut_name, ""); ! 185: /* ! 186: * Name specified, take it. ! 187: */ ! 188: if (argc > 1) { ! 189: SCPYN(utmp.ut_name, argv[1]); ! 190: argc = 0; ! 191: } ! 192: /* ! 193: * If remote login take given name, ! 194: * otherwise prompt user for something. ! 195: */ ! 196: if (rflag && !invalid) ! 197: SCPYN(utmp.ut_name, lusername); ! 198: else ! 199: getloginname(&utmp); ! 200: invalid = FALSE; ! 201: if (!strcmp(pwd->pw_shell, "/bin/csh")) { ! 202: ldisc = NTTYDISC; ! 203: ioctl(0, TIOCSETD, &ldisc); ! 204: } ! 205: /* ! 206: * If no remote login authentication and ! 207: * a password exists for this user, prompt ! 208: * for one and verify it. ! 209: */ ! 210: if (usererr == -1 && *pwd->pw_passwd != '\0') { ! 211: char *pp; ! 212: ! 213: setpriority(PRIO_PROCESS, 0, -4); ! 214: pp = getpass("Password:"); ! 215: namep = crypt(pp, pwd->pw_passwd); ! 216: setpriority(PRIO_PROCESS, 0, 0); ! 217: if (strcmp(namep, pwd->pw_passwd)) ! 218: invalid = TRUE; ! 219: } ! 220: /* ! 221: * If user not super-user, check for logins disabled. ! 222: */ ! 223: if (pwd->pw_uid != 0 && (nlfd = fopen(nolog, "r")) > 0) { ! 224: while ((c = getc(nlfd)) != EOF) ! 225: putchar(c); ! 226: fflush(stdout); ! 227: sleep(5); ! 228: exit(0); ! 229: } ! 230: /* ! 231: * If valid so far and root is logging in, ! 232: * see if root logins on this terminal are permitted. ! 233: */ ! 234: if (!invalid && pwd->pw_uid == 0 && !rootterm(tty)) { ! 235: if (utmp.ut_host[0]) ! 236: syslog(LOG_CRIT, ! 237: "ROOT LOGIN REFUSED ON %s FROM %.*s", ! 238: tty, HMAX, utmp.ut_host); ! 239: else ! 240: syslog(LOG_CRIT, ! 241: "ROOT LOGIN REFUSED ON %s", tty); ! 242: invalid = TRUE; ! 243: } ! 244: if (invalid) { ! 245: printf("Login incorrect\n"); ! 246: if (++t >= 5) { ! 247: if (utmp.ut_host[0]) ! 248: syslog(LOG_CRIT, ! 249: "REPEATED LOGIN FAILURES ON %s FROM %.*s, %.*s", ! 250: tty, HMAX, utmp.ut_host, ! 251: NMAX, utmp.ut_name); ! 252: else ! 253: syslog(LOG_CRIT, ! 254: "REPEATED LOGIN FAILURES ON %s, %.*s", ! 255: tty, NMAX, utmp.ut_name); ! 256: ioctl(0, TIOCHPCL, (struct sgttyb *) 0); ! 257: close(0), close(1), close(2); ! 258: sleep(10); ! 259: exit(1); ! 260: } ! 261: } ! 262: if (*pwd->pw_shell == '\0') ! 263: pwd->pw_shell = "/bin/sh"; ! 264: if (chdir(pwd->pw_dir) < 0 && !invalid ) { ! 265: if (chdir("/") < 0) { ! 266: printf("No directory!\n"); ! 267: invalid = TRUE; ! 268: } else { ! 269: printf("No directory! %s\n", ! 270: "Logging in with home=/"); ! 271: pwd->pw_dir = "/"; ! 272: } ! 273: } ! 274: /* ! 275: * Remote login invalid must have been because ! 276: * of a restriction of some sort, no extra chances. ! 277: */ ! 278: if (!usererr && invalid) ! 279: exit(1); ! 280: } while (invalid); ! 281: /* committed to login turn off timeout */ ! 282: alarm(0); ! 283: ! 284: if (quota(Q_SETUID, pwd->pw_uid, 0, 0) < 0 && errno != EINVAL) { ! 285: if (errno == EUSERS) ! 286: printf("%s.\n%s.\n", ! 287: "Too many users logged on already", ! 288: "Try again later"); ! 289: else if (errno == EPROCLIM) ! 290: printf("You have too many processes running.\n"); ! 291: else ! 292: perror("quota (Q_SETUID)"); ! 293: sleep(5); ! 294: exit(0); ! 295: } ! 296: time(&utmp.ut_time); ! 297: t = ttyslot(); ! 298: if (t > 0 && (f = open("/etc/utmp", O_WRONLY)) >= 0) { ! 299: lseek(f, (long)(t*sizeof(utmp)), 0); ! 300: SCPYN(utmp.ut_line, tty); ! 301: write(f, (char *)&utmp, sizeof(utmp)); ! 302: close(f); ! 303: } ! 304: if ((f = open("/usr/adm/wtmp", O_WRONLY|O_APPEND)) >= 0) { ! 305: write(f, (char *)&utmp, sizeof(utmp)); ! 306: close(f); ! 307: } ! 308: quietlog = access(qlog, F_OK) == 0; ! 309: if ((f = open(lastlog, O_RDWR)) >= 0) { ! 310: struct lastlog ll; ! 311: ! 312: lseek(f, (long)pwd->pw_uid * sizeof (struct lastlog), 0); ! 313: if (read(f, (char *) &ll, sizeof ll) == sizeof ll && ! 314: ll.ll_time != 0 && !quietlog) { ! 315: printf("Last login: %.*s ", ! 316: 24-5, (char *)ctime(&ll.ll_time)); ! 317: if (*ll.ll_host != '\0') ! 318: printf("from %.*s\n", ! 319: sizeof (ll.ll_host), ll.ll_host); ! 320: else ! 321: printf("on %.*s\n", ! 322: sizeof (ll.ll_line), ll.ll_line); ! 323: } ! 324: lseek(f, (long)pwd->pw_uid * sizeof (struct lastlog), 0); ! 325: time(&ll.ll_time); ! 326: SCPYN(ll.ll_line, tty); ! 327: SCPYN(ll.ll_host, utmp.ut_host); ! 328: write(f, (char *) &ll, sizeof ll); ! 329: close(f); ! 330: } ! 331: chown(ttyn, pwd->pw_uid, TTYGID(pwd->pw_gid)); ! 332: if (!hflag && !rflag) /* XXX */ ! 333: ioctl(0, TIOCSWINSZ, &win); ! 334: chmod(ttyn, 0620); ! 335: setgid(pwd->pw_gid); ! 336: strncpy(name, utmp.ut_name, NMAX); ! 337: name[NMAX] = '\0'; ! 338: initgroups(name, pwd->pw_gid); ! 339: quota(Q_DOWARN, pwd->pw_uid, (dev_t)-1, 0); ! 340: setuid(pwd->pw_uid); ! 341: /* destroy environment unless user has asked to preserve it */ ! 342: if (!pflag) ! 343: environ = envinit; ! 344: ! 345: /* set up environment, this time without destruction */ ! 346: /* copy the environment before setenving */ ! 347: i = 0; ! 348: while (environ[i] != NULL) ! 349: i++; ! 350: envnew = (char **) malloc(sizeof (char *) * (i + 1)); ! 351: for (; i >= 0; i--) ! 352: envnew[i] = environ[i]; ! 353: environ = envnew; ! 354: ! 355: setenv("HOME=", pwd->pw_dir, 1); ! 356: setenv("SHELL=", pwd->pw_shell, 1); ! 357: if (term[0] == '\0') ! 358: strncpy(term, stypeof(tty), sizeof(term)); ! 359: setenv("TERM=", term, 0); ! 360: setenv("USER=", pwd->pw_name, 1); ! 361: setenv("PATH=", ":/usr/ucb:/bin:/usr/bin", 0); ! 362: ! 363: if ((namep = rindex(pwd->pw_shell, '/')) == NULL) ! 364: namep = pwd->pw_shell; ! 365: else ! 366: namep++; ! 367: strcat(minusnam, namep); ! 368: if (tty[sizeof("tty")-1] == 'd') ! 369: syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); ! 370: if (pwd->pw_uid == 0) ! 371: if (utmp.ut_host[0]) ! 372: syslog(LOG_NOTICE, "ROOT LOGIN %s FROM %.*s", ! 373: tty, HMAX, utmp.ut_host); ! 374: else ! 375: syslog(LOG_NOTICE, "ROOT LOGIN %s", tty); ! 376: if (!quietlog) { ! 377: struct stat st; ! 378: ! 379: showmotd(); ! 380: strcat(maildir, pwd->pw_name); ! 381: if (stat(maildir, &st) == 0 && st.st_size != 0) ! 382: printf("You have %smail.\n", ! 383: (st.st_mtime > st.st_atime) ? "new " : ""); ! 384: } ! 385: signal(SIGALRM, SIG_DFL); ! 386: signal(SIGQUIT, SIG_DFL); ! 387: signal(SIGINT, SIG_DFL); ! 388: signal(SIGTSTP, SIG_IGN); ! 389: execlp(pwd->pw_shell, minusnam, 0); ! 390: perror(pwd->pw_shell); ! 391: printf("No shell\n"); ! 392: exit(0); ! 393: } ! 394: ! 395: getloginname(up) ! 396: register struct utmp *up; ! 397: { ! 398: register char *namep; ! 399: char c; ! 400: ! 401: while (up->ut_name[0] == '\0') { ! 402: namep = up->ut_name; ! 403: printf("login: "); ! 404: while ((c = getchar()) != '\n') { ! 405: if (c == ' ') ! 406: c = '_'; ! 407: if (c == EOF) ! 408: exit(0); ! 409: if (namep < up->ut_name+NMAX) ! 410: *namep++ = c; ! 411: } ! 412: } ! 413: strncpy(lusername, up->ut_name, NMAX); ! 414: lusername[NMAX] = 0; ! 415: if ((pwd = getpwnam(lusername)) == NULL) ! 416: pwd = &nouser; ! 417: } ! 418: ! 419: timedout() ! 420: { ! 421: ! 422: printf("Login timed out after %d seconds\n", timeout); ! 423: exit(0); ! 424: } ! 425: ! 426: int stopmotd; ! 427: catch() ! 428: { ! 429: ! 430: signal(SIGINT, SIG_IGN); ! 431: stopmotd++; ! 432: } ! 433: ! 434: rootterm(tty) ! 435: char *tty; ! 436: { ! 437: register struct ttyent *t; ! 438: ! 439: if ((t = getttynam(tty)) != NULL) { ! 440: if (t->ty_status & TTY_SECURE) ! 441: return (1); ! 442: } ! 443: return (0); ! 444: } ! 445: ! 446: showmotd() ! 447: { ! 448: FILE *mf; ! 449: register c; ! 450: ! 451: signal(SIGINT, catch); ! 452: if ((mf = fopen("/etc/motd", "r")) != NULL) { ! 453: while ((c = getc(mf)) != EOF && stopmotd == 0) ! 454: putchar(c); ! 455: fclose(mf); ! 456: } ! 457: signal(SIGINT, SIG_IGN); ! 458: } ! 459: ! 460: #undef UNKNOWN ! 461: #define UNKNOWN "su" ! 462: ! 463: char * ! 464: stypeof(ttyid) ! 465: char *ttyid; ! 466: { ! 467: register struct ttyent *t; ! 468: ! 469: if (ttyid == NULL || (t = getttynam(ttyid)) == NULL) ! 470: return (UNKNOWN); ! 471: return (t->ty_type); ! 472: } ! 473: ! 474: doremotelogin(host) ! 475: char *host; ! 476: { ! 477: getstr(rusername, sizeof (rusername), "remuser"); ! 478: getstr(lusername, sizeof (lusername), "locuser"); ! 479: getstr(term, sizeof(term), "Terminal type"); ! 480: if (getuid()) { ! 481: pwd = &nouser; ! 482: return(-1); ! 483: } ! 484: pwd = getpwnam(lusername); ! 485: if (pwd == NULL) { ! 486: pwd = &nouser; ! 487: return(-1); ! 488: } ! 489: return(ruserok(host, (pwd->pw_uid == 0), rusername, lusername)); ! 490: } ! 491: ! 492: getstr(buf, cnt, err) ! 493: char *buf; ! 494: int cnt; ! 495: char *err; ! 496: { ! 497: char c; ! 498: ! 499: do { ! 500: if (read(0, &c, 1) != 1) ! 501: exit(1); ! 502: if (--cnt < 0) { ! 503: printf("%s too long\r\n", err); ! 504: exit(1); ! 505: } ! 506: *buf++ = c; ! 507: } while (c != 0); ! 508: } ! 509: ! 510: char *speeds[] = ! 511: { "0", "50", "75", "110", "134", "150", "200", "300", ! 512: "600", "1200", "1800", "2400", "4800", "9600", "19200", "38400" }; ! 513: #define NSPEEDS (sizeof (speeds) / sizeof (speeds[0])) ! 514: ! 515: doremoteterm(term, tp) ! 516: char *term; ! 517: struct sgttyb *tp; ! 518: { ! 519: register char *cp = index(term, '/'), **cpp; ! 520: char *speed; ! 521: ! 522: if (cp) { ! 523: *cp++ = '\0'; ! 524: speed = cp; ! 525: cp = index(speed, '/'); ! 526: if (cp) ! 527: *cp++ = '\0'; ! 528: for (cpp = speeds; cpp < &speeds[NSPEEDS]; cpp++) ! 529: if (strcmp(*cpp, speed) == 0) { ! 530: tp->sg_ispeed = tp->sg_ospeed = cpp-speeds; ! 531: break; ! 532: } ! 533: } ! 534: tp->sg_flags = ECHO|CRMOD|ANYP|XTABS; ! 535: } ! 536: ! 537: /* ! 538: * Set the value of var to be arg in the Unix 4.2 BSD environment env. ! 539: * Var should end with '='. ! 540: * (bindings are of the form "var=value") ! 541: * This procedure assumes the memory for the first level of environ ! 542: * was allocated using malloc. ! 543: */ ! 544: setenv(var, value, clobber) ! 545: char *var, *value; ! 546: { ! 547: extern char **environ; ! 548: int index = 0; ! 549: int varlen = strlen(var); ! 550: int vallen = strlen(value); ! 551: ! 552: for (index = 0; environ[index] != NULL; index++) { ! 553: if (strncmp(environ[index], var, varlen) == 0) { ! 554: /* found it */ ! 555: if (!clobber) ! 556: return; ! 557: environ[index] = malloc(varlen + vallen + 1); ! 558: strcpy(environ[index], var); ! 559: strcat(environ[index], value); ! 560: return; ! 561: } ! 562: } ! 563: environ = (char **) realloc(environ, sizeof (char *) * (index + 2)); ! 564: if (environ == NULL) { ! 565: fprintf(stderr, "login: malloc out of memory\n"); ! 566: exit(1); ! 567: } ! 568: environ[index] = malloc(varlen + vallen + 1); ! 569: strcpy(environ[index], var); ! 570: strcat(environ[index], value); ! 571: environ[++index] = NULL; ! 572: } ! 573: ! 574: tty_gid(default_gid) ! 575: int default_gid; ! 576: { ! 577: struct group *getgrnam(), *gr; ! 578: int gid = default_gid; ! 579: ! 580: gr = getgrnam(TTYGRPNAME); ! 581: if (gr != (struct group *) 0) ! 582: gid = gr->gr_gid; ! 583: ! 584: endgrent(); ! 585: ! 586: return (gid); ! 587: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.