int cray_setup (uid_t uid, char *username, const char *command) { extern struct udb *getudb(); extern char *setlimits(); int err; /* error return */ time_t system_time; /* current system clock */ time_t expiration_time; /* password expiration time */ int maxattempts; /* maximum no. of failed login attempts */ int SecureSys; /* unicos security flag */ int minslevel = 0; /* system minimum security level */ int i, j; int valid_acct = -1; /* flag for reading valid acct */ char acct_name[MAXACID] = { "" }; /* used to read acct name */ struct jtab jtab; /* Job table struct */ struct udb ue; /* udb entry for logging-in user */ struct udb *up; /* pointer to UDB entry */ struct secstat secinfo; /* file security attributes */ struct servprov init_info; /* used for sesscntl() call */ int jid; /* job ID */ int pid; /* process ID */ char *sr; /* status return from setlimits() */ char *ttyn = NULL; /* ttyname or command name*/ char hostname[MAXHOSTNAMELEN]; passwd_t pwdacm, pwddialup, pwdudb, pwdwal, pwddce; /* passwd stuff for ia_user */ ia_user_ret_t uret; /* stuff returned from ia_user */ ia_user_t usent; /* ia_user main structure */ int ia_rcode; /* ia_user return code */ ia_failure_t fsent; /* ia_failure structure */ ia_failure_ret_t fret; /* ia_failure return stuff */ ia_success_t ssent; /* ia_success structure */ ia_success_ret_t sret; /* ia_success return stuff */ int ia_mlsrcode; /* ia_mlsuser return code */ int secstatrc; /* [f]secstat return code */ if (SecureSys = (int)sysconf(_SC_CRAY_SECURE_SYS)) { getsysv(&sysv, sizeof(struct sysv)); minslevel = sysv.sy_minlvl; if (getusrv(&usrv) < 0) { debug("getusrv() failed, errno = %d",errno); exit(1); } } hostname[0] = '\0'; strncpy(hostname, (char *)get_canonical_hostname(options.verify_reverse_mapping), MAXHOSTNAMELEN); /* * Fetch user's UDB entry. */ getsysudb(); if ((up = getudbnam(username)) == UDB_NULL) { debug("cannot fetch user's UDB entry"); exit(1); } /* * Prevent any possible fudging so perform a data * safety check and compare the supplied uid against * the udb's uid. */ if (up->ue_uid != uid) { debug("IA uid missmatch"); exit(1); } endudb(); if ((jid = getjtab (&jtab)) < 0) { debug("getjtab"); return -1; } pid = getpid(); ttyn = ttyname(0); if (SecureSys) { if (ttyn) { secstatrc = secstat(ttyn, &secinfo); } else { secstatrc = fsecstat(1, &secinfo); } if (secstatrc == 0) { debug("[f]secstat() successful"); } else { debug("[f]secstat() error, rc = %d", secstatrc); exit(1); } } if ((ttyn == NULL) && ((char *)command != NULL)) ttyn = (char *)command; /* * Initialize all structures to call ia_user */ usent.revision = 0; usent.uname = username; usent.host = hostname; usent.ttyn = ttyn; usent.caller = IA_SSHD; usent.pswdlist = &pwdacm; usent.ueptr = &ue; usent.flags = IA_INTERACTIVE | IA_FFLAG; pwdacm.atype = IA_SECURID; pwdacm.pwdp = NULL; pwdacm.next = &pwdudb; pwdudb.atype = IA_UDB; pwdudb.pwdp = NULL; pwdudb.next = &pwddce; pwddce.atype = IA_DCE; pwddce.pwdp = NULL; pwddce.next = &pwddialup; pwddialup.atype = IA_DIALUP; pwddialup.pwdp = NULL; /* pwddialup.next = &pwdwal; */ pwddialup.next = NULL; pwdwal.atype = IA_WAL; pwdwal.pwdp = NULL; pwdwal.next = NULL; uret.revision = 0; uret.pswd = NULL; uret.normal = 0; ia_rcode = ia_user(&usent, &uret); switch (ia_rcode) { /* * These are acceptable return codes from ia_user() */ case IA_UDBWEEK: /* Password Expires in 1 week */ expiration_time = ue.ue_pwage.time + ue.ue_pwage.maxage; printf ("WARNING - your current password will expire %s\n", ctime((const time_t *)&expiration_time)); break; case IA_UDBEXPIRED: if (ttyname(0) != NULL) { /* Force a password change */ printf("Your password has expired; Choose a new one.\n"); execl("/bin/passwd", "passwd", username, 0); exit(9); } break; case IA_NORMAL: /* Normal Return Code */ break; case IA_BACKDOOR: strcpy(ue.ue_name, "root"); strcpy(ue.ue_passwd, ""); strcpy(ue.ue_dir, "/"); strcpy(ue.ue_shell, "/bin/sh"); strcpy(ue.ue_age, ""); strcpy(ue.ue_comment, ""); strcpy(ue.ue_loghost, ""); strcpy(ue.ue_logline, ""); ue.ue_uid=-1; ue.ue_nice[UDBRC_INTER]=0; for (i=0;i<MAXVIDS;i++) ue.ue_gids[i]=0; ue.ue_logfails=0; ue.ue_minlvl=minslevel; ue.ue_maxlvl=minslevel; ue.ue_deflvl=minslevel; ue.ue_defcomps=0; ue.ue_comparts=0; ue.ue_permits=0; ue.ue_trap=0; ue.ue_disabled=0; ue.ue_logtime=0; break; case IA_CONSOLE: /* Superuser not from Console */ case IA_TRUSTED: /* Trusted user */ if (options.permit_root_login > PERMIT_NO) break; /* Accept root login */ default: /* * These are failed return codes from ia_user() */ switch (ia_rcode) { case IA_BADAUTH: printf ("Bad authorization, access denied.\n"); break; case IA_DIALUPERR: break; case IA_DISABLED: printf ("Your login has been disabled. Contact the system "); printf ("administrator for assistance.\n"); break; case IA_GETSYSV: printf ("getsysv() failed - errno = %d\n", errno); break; case IA_LOCALHOST: break; case IA_MAXLOGS: printf ("Maximum number of failed login attempts exceeded.\n"); printf ("Access denied.\n"); break; case IA_NOPASS: break; case IA_PUBLIC: break; case IA_SECURIDERR: break; case IA_CONSOLE: break; case IA_TRUSTED: break; case IA_UDBERR: break; case IA_UDBPWDNULL: /* * NULL password not allowed on MLS systems */ if (SecureSys) { printf("NULL Password not allowed on MLS systems.\n"); } break; case IA_UNKNOWN: break; case IA_UNKNOWNYP: break; case IA_WALERR: break; default: /* nothing special */ ; } /* 2. switch (ia_rcode) */ /* * Authentication failed. */ printf("sshd: Login incorrect, (0%o)\n", ia_rcode-IA_ERRORCODE); /* * Initialize structure for ia_failure * which will exit. */ fsent.revision = 0; fsent.uname = username; fsent.host = hostname; fsent.ttyn = ttyn; fsent.caller = IA_SSHD; fsent.flags = IA_INTERACTIVE; fsent.ueptr = &ue; fsent.jid = jid; fsent.errcode = ia_rcode; fsent.pwdp = uret.pswd; fsent.exitcode = 1; fret.revision = 0; fret.normal = 0; /* * Call ia_failure because of an IA failure. * There is no return because ia_failure exits. */ ia_failure(&fsent,&fret); exit(1); } /* 1. switch (ia_rcode) */ ia_mlsrcode = IA_NORMAL; if (SecureSys) { debug("calling ia_mlsuser()"); ia_mlsrcode = ia_mlsuser (&ue, &secinfo, &usrv, NULL, 0); } if (ia_mlsrcode != IA_NORMAL) { printf("sshd: Login incorrect, (0%o)\n", ia_mlsrcode-IA_ERRORCODE); /* * Initialize structure for ia_failure * which will exit. */ fsent.revision = 0; fsent.uname = username; fsent.host = hostname; fsent.ttyn = ttyn; fsent.caller = IA_SSHD; fsent.flags = IA_INTERACTIVE; fsent.ueptr = &ue; fsent.jid = jid; fsent.errcode = ia_mlsrcode; fsent.pwdp = uret.pswd; fsent.exitcode = 1; fret.revision = 0; fret.normal = 0; /* * Call ia_failure because of an IA failure. * There is no return because ia_failure exits. */ ia_failure(&fsent,&fret); exit(1); } /* Provide login status information */ if (options.print_lastlog && ue.ue_logtime != 0) { printf("Last successful login was : %.*s ", 19, (char *)ctime(&ue.ue_logtime)); if (*ue.ue_loghost != '\0') printf("from %.*s\n", sizeof(ue.ue_loghost), ue.ue_loghost); else printf("on %.*s\n", sizeof(ue.ue_logline), ue.ue_logline); if ( SecureSys && (ue.ue_logfails != 0)) printf(" followed by %d failed attempts\n", ue.ue_logfails); } /* * Call ia_success to process successful I/A. */ ssent.revision = 0; ssent.uname = username; ssent.host = hostname; ssent.ttyn = ttyn; ssent.caller = IA_SSHD; ssent.flags = IA_INTERACTIVE; ssent.ueptr = &ue; ssent.jid = jid; ssent.errcode = ia_rcode; ssent.us = NULL; ssent.time = 1; /* Set ue_logtime */ sret.revision = 0; sret.normal = 0; ia_success(&ssent,&sret); /* * Query for account, iff > 1 valid acid & askacid permbit */ if (((ue.ue_permbits & PERMBITS_ACCTID) || (ue.ue_acids[0] >= 0) && (ue.ue_acids[1] >= 0)) && ue.ue_permbits & PERMBITS_ASKACID) { if (ttyname(0) != NULL) { debug("cray_setup: ttyname true case, %.100s", ttyname); while (valid_acct == -1) { printf("Account (? for available accounts)" " [%s]: ", acid2nam(ue.ue_acids[0])); gets(acct_name); switch (acct_name[0]) { case EOF: exit(0); break; case '\0': valid_acct = ue.ue_acids[0]; strcpy(acct_name, acid2nam(valid_acct)); break; case '?': /* Print the list 3 wide */ for (i = 0, j = 0; i < MAXVIDS; i++) { if (ue.ue_acids[i] == -1) { printf("\n"); break; } if (++j == 4) { j = 1; printf("\n"); } printf(" %s", acid2nam(ue.ue_acids[i])); } if (ue.ue_permbits & PERMBITS_ACCTID) printf("\"acctid\" permbit also allows" " you to select any valid " "account name.\n"); printf("\n"); break; default: if ((valid_acct = nam2acid(acct_name)) == -1) printf("Account id not found for" " account name \"%s\"\n\n", acct_name); break; } /* * If an account was given, search the user's * acids array to verify they can use this account. */ if ((valid_acct != -1) && !(ue.ue_permbits & PERMBITS_ACCTID)) { for (i = 0; i < MAXVIDS; i++) { if (ue.ue_acids[i] == -1) break; if (valid_acct == ue.ue_acids[i]) break; } if (i == MAXVIDS || ue.ue_acids[i] == -1) { fprintf(stderr, "Cannot set" " account name to " "\"%s\", permission " "denied\n\n", acct_name); valid_acct = -1; } } } } else { /* * The client isn't connected to a terminal and can't * respond to an acid prompt. Use default acid. */ debug("cray_setup: ttyname false case, %.100s", ttyname); valid_acct = ue.ue_acids[0]; } } else { /* * The user doesn't have the askacid permbit set or * only has one valid account to use. */ valid_acct = ue.ue_acids[0]; } if (acctid(0, valid_acct) < 0) { printf ("Bad account id: %d\n", valid_acct); exit(1); } /* set up shares and quotas */ /* Now set shares, quotas, limits, including CPU time for the (interactive) * job and process, and set up permissions (for chown etc), etc. */ if (setshares(ue.ue_uid, valid_acct, printf, 0, 0)) { printf("Unable to give %d shares to <%s>(%d/%d)\n", ue.ue_shares, ue.ue_name, ue.ue_uid, valid_acct); exit(1); } sr = setlimits(username, C_PROC, pid, UDBRC_INTER); if (sr != NULL) { debug("%.200s", sr); exit(1); } sr = setlimits(username, C_JOB, jid, UDBRC_INTER); if (sr != NULL) { debug("%.200s", sr); exit(1); } /* * Place the service provider information into * the session table (Unicos) or job table (Unicos/mk). * There exist double defines for the job/session table in * unicos/mk (jtab.h) so no need for a compile time switch. */ bzero((char *)&init_info, sizeof(struct servprov)); init_info.s_sessinit.si_id = URM_SPT_LOGIN; init_info.s_sessinit.si_pid = getpid(); init_info.s_sessinit.si_sid = jid; init_info.s_routing.seqno = 0; init_info.s_routing.iadrs = 0; sesscntl(0, S_SETSERVPO, (int)&init_info); /* * Set user and controlling tty security attributes. */ if (SecureSys) { if (setusrv(&usrv) == -1) { debug("setusrv() failed, errno = %d",errno); exit(1); } } return(0); }
int set_jobexid( job *pjob, /* I */ pbs_attribute *attrry, /* I */ char *EMsg) /* O (optional,minsize=1024) */ { int addflags = 0; pbs_attribute *pattr; char **pmem; struct group *gpent; int free_puser = FALSE; char *puser = NULL; char *at; char *usr_at_host = NULL; int len; struct passwd *pwent = NULL; char *pgrpn; int free_pgrpn = TRUE; char gname[PBS_MAXGRPN + 1]; #ifdef _CRAY struct udb *pudb; #endif char tmpLine[1024 + 1]; char log_buf[LOCAL_LOG_BUF_SIZE]; long disable_id_check = 0; int CheckID; /* boolean */ if (EMsg != NULL) EMsg[0] = '\0'; /* use the passed User_List if set, may be a newly modified one */ /* if not set, fall back to the job's actual User_List, may be same */ if (get_svr_attr_l(SRV_ATR_DisableServerIdCheck, &disable_id_check) != PBSE_NONE) CheckID = 1; else CheckID = !disable_id_check; if (CheckID == 0) { /* NOTE: use owner, not userlist - should this be changed? */ /* Yes, changed 10/17/2007 */ if (pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str != NULL) { /* start of change to use userlist instead of owner 10/17/2007 */ if ((attrry + JOB_ATR_userlst)->at_flags & ATR_VFLAG_SET) pattr = attrry + JOB_ATR_userlst; else pattr = &pjob->ji_wattr[JOB_ATR_userlst]; if (pjob->ji_wattr[JOB_ATR_proxy_user].at_flags & ATR_VFLAG_SET) { puser = pjob->ji_wattr[JOB_ATR_proxy_user].at_val.at_str; /* set the job's owner as the new user, appending @host if * the job's owner has that */ at = strchr(pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str,'@'); len = strlen(puser) + 1; if (at != NULL) { len += strlen(at); usr_at_host = (char *)calloc(len, sizeof(char)); snprintf(usr_at_host,len,"%s%s", puser, at); } else { usr_at_host = (char *)calloc(len, sizeof(char)); snprintf(usr_at_host,len,"%s", puser); } free(pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str); pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str = usr_at_host; } else if ((puser = geteusernam(pjob, pattr)) == NULL) { if (EMsg != NULL) snprintf(EMsg, 1024, "cannot locate user name in job"); return(PBSE_BADUSER); } free_puser = TRUE; sprintf(tmpLine, "%s", puser); /* end of change to use userlist instead of owner 10/17/2007 */ } else { strcpy(tmpLine, "???"); } } /* END if (CheckID == 0) */ else { int perm; if ((attrry + JOB_ATR_userlst)->at_flags & ATR_VFLAG_SET) pattr = attrry + JOB_ATR_userlst; else pattr = &pjob->ji_wattr[JOB_ATR_userlst]; free_puser = TRUE; if ((puser = geteusernam(pjob, pattr)) == NULL) { if (EMsg != NULL) snprintf(EMsg, 1024, "cannot locate user name in job"); return(PBSE_BADUSER); } pwent = getpwnam_ext(puser); perm = svr_get_privilege(puser,get_variable(pjob,(char *)"PBS_O_HOST")); if (pwent == NULL) { snprintf(log_buf,sizeof(log_buf), "User %s does not exist in server password file\n", puser); log_err(errno, __func__, log_buf); if (EMsg != NULL) snprintf(EMsg,1024,"%s",log_buf); free(puser); return(PBSE_BADUSER); } if ((pwent->pw_uid == 0) || (perm & ATR_DFLAG_MGWR)) { struct array_strings *pas = NULL; get_svr_attr_arst(SRV_ATR_AclRoot, &pas); /* add check here for virtual user */ if (pjob->ji_wattr[JOB_ATR_proxy_user].at_flags & ATR_VFLAG_SET) { free(puser); free_puser = FALSE; puser = pjob->ji_wattr[JOB_ATR_proxy_user].at_val.at_str; pwent = getpwnam_ext(puser); if (pwent == NULL) { snprintf(log_buf,sizeof(log_buf), "User %s does not exist in server password file\n", puser); log_err(errno, __func__, log_buf); if (EMsg != NULL) snprintf(EMsg,1024,"%s",log_buf); return(PBSE_BADUSER); } /* set the job's owner as the new user */ at = strchr(pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str,'@'); len = strlen(puser) + 1; if (at != NULL) { len += strlen(at); usr_at_host = (char *)calloc(len, sizeof(char)); snprintf(usr_at_host,len,"%s%s", puser, at); } else { usr_at_host = (char *)calloc(len, sizeof(char)); snprintf(usr_at_host,len,"%s", puser); } free(pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str); pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str = usr_at_host; } else if (get_svr_attr_arst(SRV_ATR_AclRoot, &pas) == PBSE_NONE) { if (acl_check_my_array_string(pas, pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str, ACL_User) == 0) { if (EMsg != NULL) snprintf(EMsg, 1024, "root user %s fails ACL check", puser); if (free_puser == TRUE) free(puser); return(PBSE_BADUSER); /* root not allowed */ } } else if (pwent->pw_uid == 0) { if (EMsg != NULL) snprintf(EMsg, 1024, "root user %s not allowed", puser); if (free_puser == TRUE) free(puser); return(PBSE_BADUSER); /* root not allowed */ } } /* END if (pwent->pw_uid == 0) */ else if (pjob->ji_wattr[JOB_ATR_proxy_user].at_flags & ATR_VFLAG_SET) { /* cannot submit a proxy job if not root or a manager */ if (EMsg != NULL) { snprintf(EMsg, 1024, "User '%s' is attempting to submit a proxy job for user '%s' but is not a manager", puser, pjob->ji_wattr[JOB_ATR_proxy_user].at_val.at_str); } snprintf(log_buf, 1024, "User '%s' is attempting to submit a proxy job for user '%s' but is not a manager", puser, pjob->ji_wattr[JOB_ATR_proxy_user].at_val.at_str); log_err(PBSE_BADUSER, __func__, log_buf); if (free_puser == TRUE) free(puser); return(PBSE_BADUSER); } if (site_check_user_map(pjob, puser, EMsg, LOGLEVEL) == -1) { if (free_puser == TRUE) free(puser); return(PBSE_BADUSER); } snprintf(tmpLine, sizeof(tmpLine), "%s", puser); } /* END else (CheckID == 0) */ pattr = attrry + JOB_ATR_euser; job_attr_def[JOB_ATR_euser].at_free(pattr); job_attr_def[JOB_ATR_euser].at_decode(pattr, NULL, NULL, tmpLine, 0); #ifdef _CRAY /* on cray check UDB (user data base) for permission to batch it */ if ((pwent != NULL) && (puser != NULL)) { pudb = getudbuid(pwent->pw_uid); endudb(); if (pudb == UDB_NULL) { if (EMsg != NULL) snprintf(EMsg, 1024, "user %s not located in user data base", puser); if (free_puser == TRUE) free(puser); return(PBSE_BADUSER); } if (pudb->ue_permbits & (PERMBITS_NOBATCH | PERMBITS_RESTRICTED)) { if (free_puser == TRUE) free(puser); return(PBSE_QACESS); } /* if account (qsub -A) not specified, set default from UDB */ pattr = attrry + JOB_ATR_account; if ((pattr->at_flags & ATR_VFLAG_SET) == 0) { job_attr_def[JOB_ATR_account].at_decode( pattr, NULL, NULL, (char *)acid2nam(pudb->ue_acids[0])); } } /* END if ((pwent != NULL) && (puser != NULL)) */ #endif /* _CRAY */ /* * now figure out the group name under which the job should execute * PBS requires that each group have an entry in the group file, * see the admin guide for the reason why... * * use the passed group_list if set, may be a newly modified one * if not set, fall back to the job's actual group_list, may be same */ if ((attrry + JOB_ATR_grouplst)->at_flags & ATR_VFLAG_SET) pattr = attrry + JOB_ATR_grouplst; else pattr = &pjob->ji_wattr[JOB_ATR_grouplst]; /* extract user-specified egroup if it exists */ pgrpn = getegroup(pjob, pattr); if (pgrpn == NULL) { free_pgrpn = FALSE; if ((pwent != NULL) || ((pwent = getpwnam_ext(puser)) != NULL)) { /* egroup not specified - use user login group */ gpent = getgrgid(pwent->pw_gid); if (gpent != NULL) { pgrpn = gpent->gr_name; /* use group name */ } else { sprintf(gname, "%ld", (long)pwent->pw_gid); pgrpn = gname; /* turn gid into string */ } } else if (CheckID == 0) { strcpy(gname, "???"); pgrpn = gname; } else { log_err(errno, __func__, (char *)"getpwnam failed"); if (EMsg != NULL) snprintf(EMsg, 1024, "user does not exist in server password file"); if (free_puser == TRUE) free(puser); return(PBSE_BADUSER); } /* * setting the DEFAULT flag is a "kludgy" way to keep MOM from * having to do an unneeded look up of the group file. * We needed to have JOB_ATR_egroup set for the server but * MOM only wants it if it is not the login group, so there! */ addflags = ATR_VFLAG_DEFLT; } /* END if ((pgrpn = getegroup(pjob,pattr))) */ else if (CheckID == 0) { /* egroup specified - do not validate group within server */ /* NO-OP */ } else { /* user specified a group, group must exist and either */ /* must be user's primary group or the user must be in it */ gpent = getgrnam_ext(pgrpn); if (gpent == NULL) { if (CheckID == 0) { strcpy(gname, "???"); pgrpn = gname; } else if (EMsg != NULL) snprintf(EMsg, 1024, "cannot locate group %s in server group file", pgrpn); if (free_puser == TRUE) free(puser); free(pgrpn); return(PBSE_BADGRP); /* no such group */ } if (gpent->gr_gid != pwent->pw_gid) { /* not primary group */ pmem = gpent->gr_mem; while (*pmem != NULL) { if (!strcmp(puser, *pmem)) break; ++pmem; } if (*pmem == NULL) { /* requested group not allowed */ snprintf(log_buf,sizeof(log_buf), "user %s is not a member of group %s in server password file", puser, pgrpn); log_err(-1, __func__, log_buf); if (EMsg != NULL) snprintf(EMsg, 1024, "%s",log_buf); if (free_puser == TRUE) free(puser); free(pgrpn); return(PBSE_BADGRP); /* user not in group */ } } } /* END if ((pgrpn = getegroup(pjob,pattr))) */ /* set new group */ pattr = attrry + JOB_ATR_egroup; job_attr_def[JOB_ATR_egroup].at_free(pattr); job_attr_def[JOB_ATR_egroup].at_decode(pattr, NULL, NULL, pgrpn, 0); pattr->at_flags |= addflags; /* SUCCESS */ if (free_puser == TRUE) free(puser); if (free_pgrpn == TRUE) free(pgrpn); return(0); } /* END set_jobexid() */