![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to ksu.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / old / athena / ksu|
Return to ksu.c CVS log | Up to [CSRG BSD Unix] / 43BSDReno / old / athena / ksu |
1.1 ! root 1: /* ! 2: * $Source: /mit/kerberos/src/kuser/RCS/ksu.c,v $ ! 3: * $Author: jtkohl $ ! 4: */ ! 5: ! 6: /* ! 7: * Copyright (c) 1988 The Regents of the University of California. ! 8: * All rights reserved. ! 9: * ! 10: * Redistribution and use in source and binary forms are permitted ! 11: * provided that the above copyright notice and this paragraph are ! 12: * duplicated in all such forms and that any documentation, ! 13: * advertising materials, and other materials related to such ! 14: * distribution and use acknowledge that the software was developed ! 15: * by the University of California, Berkeley. The name of the ! 16: * University may not be used to endorse or promote products derived ! 17: * from this software without specific prior written permission. ! 18: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR ! 19: * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED ! 20: * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. ! 21: */ ! 22: ! 23: /* ! 24: * Kerberos additions Copyright 1987, 1988 by the Massachusetts Institute ! 25: * of Technology. For copying and distribution information, please see ! 26: * the file <mit-copyright.h>. ! 27: */ ! 28: ! 29: #ifndef lint ! 30: static char rcsid_ksu_c[] = ! 31: "$Header: ksu.c,v 4.0 89/01/23 10:00:28 jtkohl Exp $"; ! 32: #endif lint ! 33: ! 34: #ifndef lint ! 35: char copyright[] = ! 36: "@(#) Copyright (c) 1988 The Regents of the University of California.\n\ ! 37: All rights reserved.\n"; ! 38: #endif /* not lint */ ! 39: ! 40: #ifndef lint ! 41: static char sccsid[] = "@(#)su.c 5.11 (Berkeley) 12/7/88"; ! 42: #endif /* not lint */ ! 43: ! 44: #include <kerberos/mit-copyright.h> ! 45: #include <sys/param.h> ! 46: #include <sys/time.h> ! 47: #include <sys/resource.h> ! 48: #include <syslog.h> ! 49: #include <stdio.h> ! 50: #include <pwd.h> ! 51: #include <grp.h> ! 52: #include <kerberos/krb.h> ! 53: #include <netdb.h> ! 54: #include <sys/ioctl.h> ! 55: ! 56: #ifndef LOG_AUTH ! 57: #define LOG_AUTH 0 ! 58: #endif /* LOG_AUTH */ ! 59: ! 60: /* for Ultrix and friends ... */ ! 61: #ifndef MAXHOSTNAMELEN ! 62: #define MAXHOSTNAMELEN 64 ! 63: #endif ! 64: ! 65: extern char *krb_err_txt[]; ! 66: int kerno; ! 67: char lrealm[REALM_SZ]; ! 68: char krbtkfile[128]; ! 69: ! 70: #define MAXPWSIZE 128 /* Biggest string we accept for a password ! 71: (includes space for null terminator) */ ! 72: ! 73: main(argc, argv) ! 74: int argc; ! 75: char **argv; ! 76: { ! 77: extern char **environ; ! 78: extern int errno, optind; ! 79: register struct passwd *pwd; ! 80: register char *p, **g; ! 81: struct group *gr; ! 82: uid_t ruid, getuid(); ! 83: #ifdef NO_GETUSERSHELL ! 84: int ch, fulllogin, fastlogin, prio; ! 85: #else ! 86: int asme, ch, fulllogin, fastlogin, prio; ! 87: #endif /* NO_GETUSERSHELL */ ! 88: enum { UNSET, YES, NO } iscsh = UNSET; ! 89: char *user, *shell, *username, *cleanenv[2], *nargv[4], **np; ! 90: char namebuf[50], shellbuf[MAXPATHLEN]; ! 91: char *crypt(), *getpass(), *getenv(), *getlogin(), *rindex(), *strcpy(); ! 92: #ifdef NOENCRYPTION ! 93: #define read_long_pw_string placebo_read_pw_string ! 94: #else ! 95: #define read_long_pw_string des_read_pw_string ! 96: #endif ! 97: int read_long_pw_string(); ! 98: char pw_buf[MAXPWSIZE]; ! 99: char *mytty; ! 100: ! 101: mytty = isatty(2) ? (char *) ttyname(2) : "(no tty)"; ! 102: ! 103: np = &nargv[3]; ! 104: *np-- = NULL; ! 105: #ifdef NO_GETUSERSHELL ! 106: fulllogin = fastlogin = 0; ! 107: #define GETOPTARG "-flm" ! 108: #else ! 109: asme = fulllogin = fastlogin = 0; ! 110: #define GETOPTARG "-fl" ! 111: #endif ! 112: while ((ch = getopt(argc, argv, GETOPTARG)) != EOF) ! 113: switch((char)ch) { ! 114: case 'f': ! 115: fastlogin = 1; ! 116: break; ! 117: case '-': ! 118: case 'l': ! 119: fulllogin = 1; ! 120: break; ! 121: #ifndef NO_GETUSERSHELL ! 122: case 'm': ! 123: asme = 1; ! 124: break; ! 125: #endif ! 126: case '?': ! 127: default: ! 128: #ifdef NO_GETUSERSHELL ! 129: fprintf(stderr, "usage: ksu [-fl] [login]\n"); ! 130: #else ! 131: fprintf(stderr, "usage: ksu [-flm] [login]\n"); ! 132: #endif /* NO_GETUSERSHELL */ ! 133: exit(1); ! 134: } ! 135: argv += optind; ! 136: ! 137: errno = 0; ! 138: prio = getpriority(PRIO_PROCESS, 0); ! 139: if (errno) ! 140: prio = 0; ! 141: (void)setpriority(PRIO_PROCESS, 0, -2); ! 142: ! 143: /* get current login name and shell */ ! 144: if ((pwd = getpwuid(ruid = getuid())) == NULL) { ! 145: fprintf(stderr, "ksu: who are you?\n"); ! 146: exit(1); ! 147: } ! 148: username = strcpy(namebuf, pwd->pw_name); ! 149: #ifndef NO_GETUSERSHELL ! 150: if (asme) ! 151: if (pwd->pw_shell && *pwd->pw_shell) ! 152: shell = strcpy(shellbuf, pwd->pw_shell); ! 153: else { ! 154: shell = "/bin/sh"; ! 155: iscsh = NO; ! 156: } ! 157: #endif ! 158: ! 159: /* get target login information */ ! 160: user = *argv ? *argv : "root"; ! 161: if ((pwd = getpwnam(user)) == NULL) { ! 162: fprintf(stderr, "ksu: unknown login %s\n", user); ! 163: exit(1); ! 164: } ! 165: ! 166: /* ! 167: * Only allow those with kerberos root instances in the /.klogin ! 168: * file to su to root. ! 169: */ ! 170: if (pwd->pw_uid == 0) { ! 171: KTEXT_ST ticket; ! 172: AUTH_DAT authdata; ! 173: char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN]; ! 174: unsigned long faddr; ! 175: struct hostent *hp; ! 176: ! 177: /* First lets see if he has a chance! */ ! 178: if (krb_get_lrealm(lrealm, 1) != KSUCCESS) { ! 179: fprintf(stderr,"Unable to get local realm\n"); ! 180: exit(1); ! 181: } ! 182: if (koktologin(username, lrealm)) { ! 183: fprintf(stderr,"You are not allowed to ksu to root\n"); ! 184: exit(1); ! 185: } ! 186: sprintf(krbtkfile, "/tmp/tkt_root_%d", getuid()); ! 187: setuid(0); /* so ticket file has good protection */ ! 188: if (read_long_pw_string(pw_buf, sizeof(pw_buf)-1, ! 189: "Your root instance password: ", 0)) { ! 190: fprintf(stderr,"Error reading password.\n"); ! 191: exit(1); ! 192: } ! 193: p = pw_buf; ! 194: setenv("KRBTKFILE", krbtkfile, 1); ! 195: kerno = krb_get_pw_in_tkt(username, "root", lrealm, "krbtgt", ! 196: lrealm, 2, p); ! 197: bzero(p, strlen(p)); ! 198: if (kerno != KSUCCESS) { ! 199: printf("Unable to ksu: %s\n", krb_err_txt[kerno]); ! 200: syslog(LOG_NOTICE|LOG_AUTH, "ksu: BAD SU %s on %s: %s", ! 201: username, mytty, krb_err_txt[kerno]); ! 202: exit(1); ! 203: } ! 204: setpriority(PRIO_PROCESS, 0, -2); ! 205: /* ! 206: * Now use the ticket for something useful, to make sure ! 207: * it is valid. ! 208: */ ! 209: if (gethostname(hostname, sizeof(hostname)) == -1) { ! 210: perror("cannot retrieve hostname"); ! 211: dest_tkt(); ! 212: exit(1); ! 213: } ! 214: (void) strncpy(savehost, krb_get_phost(hostname), ! 215: sizeof(savehost)); ! 216: savehost[sizeof(savehost)-1] = 0; ! 217: ! 218: kerno = krb_mk_req(&ticket, "rcmd", savehost, lrealm, 33); ! 219: if (kerno == KDC_PR_UNKNOWN) { ! 220: printf("Warning: tgt not verified\n"); ! 221: syslog(LOG_NOTICE|LOG_AUTH, "ksu: %s on %s: tgt not verified", ! 222: username, mytty); ! 223: } else if (kerno != KSUCCESS) { ! 224: printf("Unable to use tgt: %s\n", krb_err_txt[kerno]); ! 225: syslog(LOG_NOTICE|LOG_AUTH, "ksu: failed su: %s on %s: %s", ! 226: username, mytty, krb_err_txt[kerno]); ! 227: dest_tkt(); ! 228: exit(1); ! 229: } else { ! 230: if (!(hp = gethostbyname(hostname))) { ! 231: printf("Unable to get address of %s\n",hostname); ! 232: dest_tkt(); ! 233: exit(1); ! 234: } ! 235: bcopy((char *)hp->h_addr, (char *) &faddr, sizeof(faddr)); ! 236: if ((kerno = krb_rd_req(&ticket, "rcmd", savehost, ! 237: faddr, &authdata, "")) != KSUCCESS) { ! 238: printf("Unable to verify rcmd ticket: %s\n", ! 239: krb_err_txt[kerno]); ! 240: syslog(LOG_NOTICE|LOG_AUTH, "ksu: failed su: %s on %s: %s", ! 241: username, mytty, krb_err_txt[kerno]); ! 242: dest_tkt(); ! 243: exit(1); ! 244: } ! 245: } ! 246: printf("Don't forget to kdestroy before exiting the root shell.\n"); ! 247: } else ! 248: /* if target requires a password, verify it */ ! 249: if (ruid && *pwd->pw_passwd) { ! 250: p = getpass("Password:"); ! 251: if (strcmp(pwd->pw_passwd, crypt(p, pwd->pw_passwd))) { ! 252: fprintf(stderr, "Sorry\n"); ! 253: if (pwd->pw_uid == 0) ! 254: syslog(LOG_CRIT|LOG_AUTH, "ksu: BAD SU %s on %s", username, mytty); ! 255: exit(1); ! 256: } ! 257: } ! 258: ! 259: #ifndef NO_GETUSERSHELL ! 260: if (asme) { ! 261: /* if asme and non-standard target shell, must be root */ ! 262: if (!chshell(pwd->pw_shell) && ruid) { ! 263: fprintf(stderr, "ksu: Permission denied.\n"); ! 264: dest_tkt(); ! 265: exit(1); ! 266: } ! 267: } ! 268: else ! 269: #endif ! 270: if (pwd->pw_shell && *pwd->pw_shell) { ! 271: shell = pwd->pw_shell; ! 272: iscsh = UNSET; ! 273: } else { ! 274: shell = "/bin/sh"; ! 275: iscsh = NO; ! 276: } ! 277: ! 278: /* if we're forking a csh, we want to slightly muck the args */ ! 279: if (iscsh == UNSET) { ! 280: if (p = rindex(shell, '/')) ! 281: ++p; ! 282: else ! 283: p = shell; ! 284: iscsh = strcmp(p, "csh") ? NO : YES; ! 285: } ! 286: ! 287: /* set permissions */ ! 288: if (setgid(pwd->pw_gid) < 0) { ! 289: perror("ksu: setgid"); ! 290: dest_tkt(); ! 291: exit(1); ! 292: } ! 293: if (initgroups(user, pwd->pw_gid)) { ! 294: fprintf(stderr, "ksu: initgroups failed\n"); ! 295: dest_tkt(); ! 296: exit(1); ! 297: } ! 298: if (setuid(pwd->pw_uid) < 0) { ! 299: perror("ksu: setuid"); ! 300: dest_tkt(); ! 301: exit(1); ! 302: } ! 303: ! 304: #ifndef NO_GETUSERSHELL ! 305: if (!asme) { ! 306: #endif ! 307: if (fulllogin) { ! 308: p = getenv("TERM"); ! 309: cleanenv[0] = "PATH=:/usr/ucb:/bin:/usr/bin"; ! 310: cleanenv[1] = NULL; ! 311: environ = cleanenv; ! 312: (void)setenv("TERM", p, 1); ! 313: if (chdir(pwd->pw_dir) < 0) { ! 314: fprintf(stderr, "ksu: no directory\n"); ! 315: dest_tkt(); ! 316: exit(1); ! 317: } ! 318: } ! 319: if (fulllogin || pwd->pw_uid) ! 320: (void)setenv("USER", pwd->pw_name, 1); ! 321: (void)setenv("HOME", pwd->pw_dir, 1); ! 322: (void)setenv("SHELL", shell, 1); ! 323: #ifndef NO_GETUSERSHELL ! 324: } ! 325: #endif ! 326: ! 327: if (iscsh == YES) { ! 328: if (fastlogin) ! 329: *np-- = "-f"; ! 330: #ifndef NO_GETUSERSHELL ! 331: if (asme) ! 332: *np-- = "-m"; ! 333: #endif ! 334: } ! 335: ! 336: /* csh strips the first character... */ ! 337: *np = fulllogin ? "-ksu" : iscsh == YES ? "_ksu" : "ksu"; ! 338: ! 339: if (pwd->pw_uid == 0) ! 340: syslog(LOG_NOTICE|LOG_AUTH, "ksu: %s on %s", ! 341: username, mytty); ! 342: ! 343: (void)setpriority(PRIO_PROCESS, 0, prio); ! 344: ! 345: execv(shell, np); ! 346: fprintf(stderr, "ksu: no shell.\n"); ! 347: dest_tkt(); ! 348: exit(1); ! 349: } ! 350: ! 351: #ifndef NO_GETUSERSHELL ! 352: chshell(sh) ! 353: char *sh; ! 354: { ! 355: char *cp, *getusershell(); ! 356: ! 357: while ((cp = getusershell()) != NULL) ! 358: if (!strcmp(cp, sh)) ! 359: return(1); ! 360: return(0); ! 361: } ! 362: #endif /* NO_GETUSERSHELL */ ! 363: ! 364: koktologin(name, realm) ! 365: char *name; ! 366: char *realm; ! 367: { ! 368: struct auth_dat kdata_st; ! 369: AUTH_DAT *kdata = &kdata_st; ! 370: /* Cons together an AUTH_DAT structure for kuserok */ ! 371: bzero((caddr_t) kdata, sizeof(*kdata)); ! 372: strcpy(kdata->pname, name); ! 373: strcpy(kdata->pinst, "root"); ! 374: strcpy(kdata->prealm, realm); ! 375: return (kuserok(kdata, "root")); ! 376: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.