Update sample program from OpenPAM repo.
This commit is contained in:
Dag-Erling Smørgrav
parent
02087b4190
commit
39009f9582
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=17077
1 changed files with 26 additions and 20 deletions
|
|
@ -1,5 +1,5 @@
|
|||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002,2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
|
|
@ -31,7 +31,7 @@
|
|||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/bin/su/su.c#7 $
|
||||
* $P4: //depot/projects/openpam/bin/su/su.c#10 $
|
||||
* $FreeBSD$
|
||||
*/
|
||||
|
||||
|
|
@ -82,9 +82,17 @@ main(int argc, char *argv[])
|
|||
argc -= optind;
|
||||
argv += optind;
|
||||
|
||||
if (argc > 0) {
|
||||
user = *argv;
|
||||
--argc;
|
||||
++argv;
|
||||
} else {
|
||||
user = "root";
|
||||
}
|
||||
|
||||
/* initialize PAM */
|
||||
pamc.conv = &openpam_ttyconv;
|
||||
pam_start("su", argc ? *argv : "root", &pamc, &pamh);
|
||||
pam_start("su", user, &pamc, &pamh);
|
||||
|
||||
/* set some items */
|
||||
gethostname(hostname, sizeof(hostname));
|
||||
|
|
@ -118,20 +126,6 @@ main(int argc, char *argv[])
|
|||
if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user)) == NULL)
|
||||
goto pamerr;
|
||||
|
||||
/* set uid and groups */
|
||||
if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
|
||||
warn("initgroups()");
|
||||
goto err;
|
||||
}
|
||||
if (setgid(pwd->pw_gid) == -1) {
|
||||
warn("setgid()");
|
||||
goto err;
|
||||
}
|
||||
if (setuid(pwd->pw_uid) == -1) {
|
||||
warn("setuid()");
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* export PAM environment */
|
||||
if ((pam_envlist = pam_getenvlist(pamh)) != NULL) {
|
||||
for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) {
|
||||
|
|
@ -155,7 +149,21 @@ main(int argc, char *argv[])
|
|||
warn("fork()");
|
||||
goto err;
|
||||
case 0:
|
||||
/* child: start a shell */
|
||||
/* child: give up privs and start a shell */
|
||||
|
||||
/* set uid and groups */
|
||||
if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
|
||||
warn("initgroups()");
|
||||
_exit(1);
|
||||
}
|
||||
if (setgid(pwd->pw_gid) == -1) {
|
||||
warn("setgid()");
|
||||
_exit(1);
|
||||
}
|
||||
if (setuid(pwd->pw_uid) == -1) {
|
||||
warn("setuid()");
|
||||
_exit(1);
|
||||
}
|
||||
execve(*args, args, environ);
|
||||
warn("execve()");
|
||||
_exit(1);
|
||||
|
|
@ -171,9 +179,7 @@ main(int argc, char *argv[])
|
|||
}
|
||||
|
||||
pamerr:
|
||||
pam_end(pamh, pam_err);
|
||||
fprintf(stderr, "Sorry\n");
|
||||
exit(1);
|
||||
err:
|
||||
pam_end(pamh, pam_err);
|
||||
exit(1);
|
||||
|
|
|
|||
Loading…
Reference in a new issue