/*
* start a new factotum and pass it the username and password
*/
void
startfactotum(char *user, char *password, char *srvname)
{
int fd;
strcpy(srvname, "/srv/factotum.XXXXXXXXXXX");
mktemp(srvname);
switch(fork()){
case -1:
sysfatal("can't start factotum: %r");
case 0:
execl("/boot/factotum", "loginfactotum", "-ns", srvname+5, nil);
sysfatal("starting factotum: %r");
break;
}
/* wait for agent to really be there */
while(access(srvname, 0) < 0)
sleep(250);
/* mount it */
mountfactotum(srvname);
/* write in new key */
fd = open("/mnt/factotum/ctl", ORDWR);
if(fd < 0)
sysfatal("opening factotum: %r");
fprint(fd, "key proto=p9sk1 dom=cs.bell-labs.com user=%q !password=%q", user, password);
close(fd);
}
void
main(int argc, char *argv[])
{
char pass[ANAMELEN];
char buf[2*ANAMELEN];
char home[2*ANAMELEN];
char srvname[2*ANAMELEN];
char *user, *sysname, *tz, *cputype, *service;
AuthInfo *ai;
ARGBEGIN{
}ARGEND;
rfork(RFENVG|RFNAMEG);
service = getenv("service");
if(strcmp(service, "cpu") == 0)
fprint(2, "login: warning: running on a cpu server!\n");
if(argc != 1){
fprint(2, "usage: login username\n");
exits("usage");
}
user = argv[0];
memset(pass, 0, sizeof(pass));
readln("Password: "******"login incorrect");
/* change uid */
chuid(ai);
/* start a new factotum and hand it a new key */
startfactotum(user, pass, srvname);
/* set up new namespace */
newns(ai->cuid, nil);
auth_freeAI(ai);
/* remount the factotum */
mountfactotum(srvname);
/* set up a new environment */
cputype = getenv("cputype");
sysname = getenv("sysname");
tz = getenv("timezone");
rfork(RFCENVG);
setenv("#e/service", "con");
setenv("#e/user", user);
snprint(home, sizeof(home), "/usr/%s", user);
setenv("#e/home", home);
setenv("#e/cputype", cputype);
setenv("#e/objtype", cputype);
if(sysname != nil)
setenv("#e/sysname", sysname);
if(tz != nil)
setenv("#e/timezone", tz);
/* go to new home directory */
snprint(buf, sizeof(buf), "/usr/%s", user);
if(chdir(buf) < 0)
chdir("/");
/* read profile and start interactive rc */
execl("/bin/rc", "rc", "-li", nil);
exits(0);
}
void
cpumain(int argc, char **argv)
{
char dat[MaxStr], buf[MaxStr], cmd[MaxStr], *err, *secstoreserver, *p, *s;
int fd, ms, data;
/* see if we should use a larger message size */
fd = open("/dev/draw", OREAD);
if(fd > 0){
ms = iounit(fd);
if(msgsize < ms+IOHDRSZ)
msgsize = ms+IOHDRSZ;
close(fd);
}
user = getenv("USER");
secstoreserver = nil;
authserver = getenv("auth");
if(authserver == nil)
authserver = "p9auth.cs.bell-labs.com";
system = getenv("cpu");
if(system == nil)
system = "plan9.bell-labs.com";
ARGBEGIN{
case 'a':
authserver = EARGF(usage());
break;
case 'c':
system = EARGF(usage());
break;
case 'd':
dbg++;
break;
case 'e':
ealgs = EARGF(usage());
if(*ealgs == 0 || strcmp(ealgs, "clear") == 0)
ealgs = nil;
break;
case 'C':
cflag++;
cmd[0] = '!';
cmd[1] = '\0';
while((p = ARGF()) != nil) {
strcat(cmd, " ");
strcat(cmd, p);
}
break;
case 'k':
keyspec = EARGF(usage());
break;
case 'r':
base = EARGF(usage());
break;
case 's':
secstoreserver = EARGF(usage());
break;
case 'u':
user = EARGF(usage());
break;
default:
usage();
}ARGEND;
if(argc != 0)
usage();
if(user == nil)
user = readcons("user", nil, 0);
if(mountfactotum() < 0){
if(secstoreserver == nil)
secstoreserver = authserver;
if(havesecstore(secstoreserver, user)){
s = secstorefetch(secstoreserver, user, nil);
if(s){
if(strlen(s) >= sizeof secstorebuf)
sysfatal("secstore data too big");
strcpy(secstorebuf, s);
}
}
}
if((err = rexcall(&data, system, srvname)))
fatal(1, "%s: %s", err, system);
/* Tell the remote side the command to execute and where our working directory is */
if(cflag)
writestr(data, cmd, "command", 0);
if(getcwd(dat, sizeof(dat)) == 0)
writestr(data, "NO", "dir", 0);
else
writestr(data, dat, "dir", 0);
/*
* Wait for the other end to execute and start our file service
* of /mnt/term
*/
if(readstr(data, buf, sizeof(buf)) < 0)
fatal(1, "waiting for FS: %r");
if(strncmp("FS", buf, 2) != 0) {
print("remote cpu: %s", buf);
exits(buf);
}
if(readstr(data, buf, sizeof buf) < 0)
fatal(1, "waiting for remote export: %r");
if(strcmp(buf, "/") != 0){
print("remote cpu: %s" , buf);
exits(buf);
}
write(data, "OK", 2);
/* Begin serving the gnot namespace */
exportfs(data, msgsize);
fatal(1, "starting exportfs");
}
