Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 1 | /* vi: set sw=4 ts=4: */ |
"Robert P. J. Day" | 801ab14 | 2006-07-12 07:56:04 +0000 | [diff] [blame] | 2 | /* |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 3 | * Mini sulogin implementation for busybox |
| 4 | * |
Denys Vlasenko | 0ef64bd | 2010-08-16 20:14:46 +0200 | [diff] [blame] | 5 | * Licensed under GPLv2 or later, see file LICENSE in this source tree. |
"Robert P. J. Day" | 801ab14 | 2006-07-12 07:56:04 +0000 | [diff] [blame] | 6 | */ |
| 7 | |
Pere Orga | 6a3e01d | 2011-04-01 22:56:30 +0200 | [diff] [blame] | 8 | //usage:#define sulogin_trivial_usage |
| 9 | //usage: "[-t N] [TTY]" |
| 10 | //usage:#define sulogin_full_usage "\n\n" |
| 11 | //usage: "Single user login\n" |
Pere Orga | 6a3e01d | 2011-04-01 22:56:30 +0200 | [diff] [blame] | 12 | //usage: "\n -t N Timeout" |
| 13 | |
Denis Vlasenko | b6adbf1 | 2007-05-26 19:00:18 +0000 | [diff] [blame] | 14 | #include "libbb.h" |
Bernhard Reutner-Fischer | f470196 | 2008-01-27 12:50:12 +0000 | [diff] [blame] | 15 | #include <syslog.h> |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 16 | |
Denis Vlasenko | 9b49a5e | 2007-10-11 10:05:36 +0000 | [diff] [blame] | 17 | int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; |
Denis Vlasenko | a60f84e | 2008-07-05 09:18:54 +0000 | [diff] [blame] | 18 | int sulogin_main(int argc UNUSED_PARAM, char **argv) |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 19 | { |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 20 | int timeout = 0; |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 21 | struct passwd *pwd; |
Denis Vlasenko | c345d8e | 2006-10-14 11:47:02 +0000 | [diff] [blame] | 22 | const char *shell; |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 23 | |
Denis Vlasenko | 9852d5a | 2006-09-09 14:00:58 +0000 | [diff] [blame] | 24 | logmode = LOGMODE_BOTH; |
Denis Vlasenko | 8f8f268 | 2006-10-03 21:00:43 +0000 | [diff] [blame] | 25 | openlog(applet_name, 0, LOG_AUTH); |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 26 | |
Denis Vlasenko | 1d42665 | 2008-03-17 09:09:09 +0000 | [diff] [blame] | 27 | opt_complementary = "t+"; /* -t N */ |
| 28 | getopt32(argv, "t:", &timeout); |
Denis Vlasenko | 3fa36e2 | 2008-11-09 00:15:11 +0000 | [diff] [blame] | 29 | argv += optind; |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 30 | |
Denis Vlasenko | 3fa36e2 | 2008-11-09 00:15:11 +0000 | [diff] [blame] | 31 | if (argv[0]) { |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 32 | close(0); |
| 33 | close(1); |
Denis Vlasenko | 3fa36e2 | 2008-11-09 00:15:11 +0000 | [diff] [blame] | 34 | dup(xopen(argv[0], O_RDWR)); |
Rob Landley | 6967494 | 2006-09-11 00:34:01 +0000 | [diff] [blame] | 35 | close(2); |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 36 | dup(0); |
| 37 | } |
| 38 | |
Denis Vlasenko | 1d42665 | 2008-03-17 09:09:09 +0000 | [diff] [blame] | 39 | /* Malicious use like "sulogin /dev/sda"? */ |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 40 | if (!isatty(0) || !isatty(1) || !isatty(2)) { |
Denis Vlasenko | 9852d5a | 2006-09-09 14:00:58 +0000 | [diff] [blame] | 41 | logmode = LOGMODE_SYSLOG; |
| 42 | bb_error_msg_and_die("not a tty"); |
Denis Vlasenko | a980165 | 2006-09-07 16:20:03 +0000 | [diff] [blame] | 43 | } |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 44 | |
Denis Vlasenko | 5281630 | 2007-11-06 05:26:51 +0000 | [diff] [blame] | 45 | /* Clear dangerous stuff, set PATH */ |
Denis Vlasenko | c9ca0a3 | 2008-02-18 11:08:33 +0000 | [diff] [blame] | 46 | sanitize_env_if_suid(); |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 47 | |
maxwen | 27116ba | 2015-08-14 21:41:28 +0200 | [diff] [blame] | 48 | pwd = safegetpwuid(0); |
Denis Vlasenko | c345d8e | 2006-10-14 11:47:02 +0000 | [diff] [blame] | 49 | if (!pwd) { |
Denis Vlasenko | 9852d5a | 2006-09-09 14:00:58 +0000 | [diff] [blame] | 50 | goto auth_error; |
Denis Vlasenko | 9213a9e | 2006-09-17 16:28:10 +0000 | [diff] [blame] | 51 | } |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 52 | |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 53 | while (1) { |
Denis Vlasenko | fdddab0 | 2008-06-12 16:56:52 +0000 | [diff] [blame] | 54 | int r; |
| 55 | |
maxwen | 27116ba | 2015-08-14 21:41:28 +0200 | [diff] [blame] | 56 | r = ask_and_check_password_extended(pwd, timeout, |
| 57 | "Give root password for system maintenance\n" |
| 58 | "(or type Control-D for normal startup):" |
| 59 | ); |
| 60 | if (r < 0) { |
| 61 | /* ^D, ^C, timeout, or read error */ |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 62 | bb_info_msg("Normal startup"); |
Denis Vlasenko | 9852d5a | 2006-09-09 14:00:58 +0000 | [diff] [blame] | 63 | return 0; |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 64 | } |
maxwen | 27116ba | 2015-08-14 21:41:28 +0200 | [diff] [blame] | 65 | if (r > 0) { |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 66 | break; |
| 67 | } |
Denys Vlasenko | 7d4e7a2 | 2011-03-08 21:07:05 +0100 | [diff] [blame] | 68 | bb_do_delay(LOGIN_FAIL_DELAY); |
| 69 | bb_info_msg("Login incorrect"); |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 70 | } |
Rob Landley | 60158cb | 2005-05-03 06:25:50 +0000 | [diff] [blame] | 71 | |
Rob Landley | dd93abe | 2006-09-08 17:22:05 +0000 | [diff] [blame] | 72 | bb_info_msg("System Maintenance Mode"); |
Rob Landley | 60158cb | 2005-05-03 06:25:50 +0000 | [diff] [blame] | 73 | |
Denis Vlasenko | 5e34ff2 | 2009-04-21 11:09:40 +0000 | [diff] [blame] | 74 | IF_SELINUX(renew_current_security_context()); |
Rob Landley | 60158cb | 2005-05-03 06:25:50 +0000 | [diff] [blame] | 75 | |
Denis Vlasenko | c345d8e | 2006-10-14 11:47:02 +0000 | [diff] [blame] | 76 | shell = getenv("SUSHELL"); |
Denis Vlasenko | a2f6101 | 2007-09-10 13:15:28 +0000 | [diff] [blame] | 77 | if (!shell) |
| 78 | shell = getenv("sushell"); |
Ladislav Michl | a73b87e | 2010-06-27 03:23:31 +0200 | [diff] [blame] | 79 | if (!shell) |
| 80 | shell = pwd->pw_shell; |
| 81 | |
Denis Vlasenko | a2f6101 | 2007-09-10 13:15:28 +0000 | [diff] [blame] | 82 | /* Exec login shell with no additional parameters. Never returns. */ |
| 83 | run_shell(shell, 1, NULL, NULL); |
Denis Vlasenko | 9852d5a | 2006-09-09 14:00:58 +0000 | [diff] [blame] | 84 | |
Denis Vlasenko | e5387a0 | 2007-10-20 19:20:22 +0000 | [diff] [blame] | 85 | auth_error: |
| 86 | bb_error_msg_and_die("no password entry for root"); |
Eric Andersen | 27f64e1 | 2002-06-23 04:24:25 +0000 | [diff] [blame] | 87 | } |