bool eclcc(StringBuffer &out)
{
StringBuffer cmdLine;
buildCmd(cmdLine);
Owned<IPipeProcess> pipe = createPipeProcess();
bool hasInput = streq(cmd.optObj.value.sget(), "stdin");
pipe->run(cmd.optVerbose ? "EXEC" : NULL, cmdLine.str(), NULL, hasInput, true, true);
StringBuffer errors;
Owned<EclCmdErrorReader> errorReader = new EclCmdErrorReader(pipe, errors);
errorReader->start();
if (pipe->hasInput())
{
pipe->write(cmd.optObj.mb.length(), cmd.optObj.mb.toByteArray());
pipe->closeInput();
}
if (pipe->hasOutput())
{
byte buf[4096];
loop
{
size32_t read = pipe->read(sizeof(buf),buf);
if (!read)
break;
out.append(read, (const char *) buf);
}
}
int
execv(const char *path, char * const *argv) {
char *comd;
/* BUG BUG BUG BUG! -- this should be using <path> ! */
/* build the command line */
if ((comd = buildCmd (argv)) == NULL) return -1;
/* execute it */
return (Kexecve(path, comd, &errno));
}
int
execve (const char *path, char * const *argv, char * const *envp) {
char *comd;
/* build the command line */
if ((comd = buildCmd (argv)) == NULL) return -1;
/* build the environment */
if (buildEnv(envp) == -1) return -1;
/* execute it */
return(Kexecve(path, comd, &errno));
}
int
execvp(const char *file, char * const *argv) {
char *comd;
char *path;
/* build the path name, if necessary */
path = buildPath (file);
/* build the command line */
if ((comd = buildCmd (argv)) == NULL) return -1;
/* execute it */
return(Kexecve(path, comd, &errno));
}
int execBuyWithName(char* snack) {
char* cwd = buildCmd(SNACKCMD);
int len = strlen(cwd) + MAXLENGTH;
char* cmd = malloc(len);
snprintf(cmd, len,"%s %s -s %s", cwd, BUYCMD, snack);
int status = popenAction(cmd);
free(cwd);
free(cmd);
return status;
}
int execBuy(int id) {
printf("Buy snack with id: %d\n", id);
//do some magic
char* cwd = buildCmd(SNACKCMD);
int len = strlen(cwd) + MAXLENGTH;
char* cmd = malloc(len);
snprintf(cmd, len,"%s %s %d", cwd, BUYCMD, id);
int status = popenAction(cmd);
free(cwd);
free(cmd);
return status;
}
void execShowCmd(const Args &... args)
{
std::ostringstream strm;
buildCmd(strm, args...);
execShowCmd(strm.str());
}
void buildCmd(std::ostringstream &strm, const T &value, const Args &... args)
{
strm << value << " ";
buildCmd(strm, args...);
}
PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh,
int flags, int argc, const char **argv)
{
const char *user = NULL, *passwd = NULL;
struct passwd *pwd;
int rval, status;
pid_t pid;
// For checking mount paths: (mount from + target)
char path[PATH_MAX];
char targetpath[PATH_MAX];
char encfs_options[USERNAME_MAX];
char fuse_options[USERNAME_MAX];
char *targetpath_store;
strcpy(default_encfs_options, "");
strcpy(default_fuse_options, "");
// For execing:
char *arg[USERNAME_MAX];
int arg_pos = 0;
int i;
int inpipe[2], outpipe[2];
rval = pam_get_user(pamh, &user, NULL);
if ((rval != PAM_SUCCESS) || (!user))
{
_pam_log(LOG_ERR, "can't get username: %s", pam_strerror(pamh, rval));
return PAM_AUTH_ERR;
}
rval = pam_get_item(pamh, PAM_AUTHTOK, (const void **) (void *) &passwd);
if (rval != PAM_SUCCESS)
{
_pam_log(LOG_ERR, "Could not retrieve user's password");
return PAM_AUTH_ERR;
}
if (!passwd)
{
rval = _set_auth_tok(pamh, flags, argc, argv);
if (rval != PAM_SUCCESS)
{
return rval;
}
rval =
pam_get_item(pamh, PAM_AUTHTOK, (const void **) (void *) &passwd);
if (rval != PAM_SUCCESS || passwd == NULL)
{
_pam_log(LOG_ERR, "Could not retrieve user's password");
return PAM_AUTH_ERR;
}
}
if ((pwd = getpwnam(user)) == NULL)
{
_pam_log(LOG_ERR, "Could not getpwnam");
return PAM_AUTH_ERR;
}
// Read configfile
if (!readconfig
(pwd, pamh, pwd->pw_name, path, targetpath, encfs_options,
fuse_options))
{
// DEBUG _pam_log(LOG_ERR,"No entry for user found in log");
return PAM_IGNORE;
}
//DEBUG _pam_log(LOG_ERR,"Username : %s, Encpath : %s, Targetmount : %s",pwd->pw_name,path,targetpath);
//Store targetpath
targetpath_store = strdup(targetpath);
if ((i =
pam_set_data(pamh, "encfs_targetpath", targetpath_store,
targetpath_cleanup)) != PAM_SUCCESS)
{
_pam_log(LOG_ERR, "Storing targetpath FAIL");
free(targetpath_store);
return i;
}
// Check if we're mounted already.
if (checkmnt(targetpath))
{
//DEBUG _pam_log(LOG_ERR,"Already mounted");
return PAM_IGNORE;
}
/* _pam_log(LOG_ERR,"Config output for %s:",user);
_pam_log(LOG_ERR," path : %s",path);
_pam_log(LOG_ERR," targetpath : %s",targetpath);
_pam_log(LOG_ERR," encfs : %s %s",default_encfs_options,encfs_options);
_pam_log(LOG_ERR," fuse : %s %s",default_fuse_options,fuse_options); */
arg_pos += buildCmd(arg, arg_pos, "encfs");
arg_pos += buildCmd(arg, arg_pos, "-S");
arg_pos += buildCmd(arg, arg_pos, default_encfs_options);
arg_pos += buildCmd(arg, arg_pos, encfs_options);
arg_pos += buildCmd(arg, arg_pos, path);
arg_pos += buildCmd(arg, arg_pos, targetpath);
if (strlen(default_fuse_options) > 0 && strlen(fuse_options) > 0)
strcat(fuse_options, ",");
strcat(fuse_options,default_fuse_options);
if (strlen(fuse_options) > 0) {
arg_pos += buildCmd(arg, arg_pos, "--");
arg_pos += buildCmd(arg, arg_pos, "-o");
arg_pos += buildCmd(arg, arg_pos, fuse_options);
}
arg[arg_pos] = NULL;
/* printf("Arguments : ");
for (i = 0; i < arg_pos+1;i++) {
_pam_log(LOG_ERR,"Data : %s",arg[i]);
}
_pam_log(LOG_ERR,"Number of arguments : %d",arg_pos); */
/* arg[0] = cmd;
arg[1] = params;
// arg[2] = params2;
arg[2] = params3;
arg[3] = path;
arg[4] = targetpath;
arg[5] = fuseparams;
arg[6] = fuseparams2;
arg[7] = NULL; */
if (pipe(inpipe) || pipe(outpipe))
{
_pam_log(LOG_ERR, "Failed to create pipe");
return PAM_IGNORE;
}
// Execute
switch (pid = fork())
{
case -1:
_pam_log(LOG_ERR, "Fork failed");
return PAM_SERVICE_ERR;
case 0:
if (drop_permissions == 1)
if ((initgroups(pwd->pw_name, pwd->pw_gid) == -1)
|| (setgid(pwd->pw_gid) == -1)
|| (setuid(pwd->pw_uid) == -1))
{
_pam_log(LOG_ERR, "Dropping permissions failed");
return PAM_SERVICE_ERR;
}
close(outpipe[WRITE_END]);
dup2(outpipe[READ_END], fileno(stdin));
close(outpipe[READ_END]);
close(inpipe[READ_END]);
dup2(inpipe[WRITE_END], fileno(stdout));
close(inpipe[WRITE_END]);
// For some reason the current directory has to be set to targetpath (or path?) before exec'ing encfs through gdm
chdir(targetpath);
execvp("encfs", arg);
char errstr[128];
snprintf(errstr, 127, "%d - %s", errno, strerror(errno));
_pam_log(LOG_ERR, "Exec failed - %s", errstr);
exit(127);
}
int len;
close(inpipe[WRITE_END]);
close(outpipe[READ_END]);
if (waitpid(pid, &status, WNOHANG) == 0)
{
len = write(outpipe[WRITE_END], passwd, (size_t) strlen(passwd));
if ((len != (size_t) strlen(passwd))
|| (write(outpipe[WRITE_END], "\n", 1) != 1))
_pam_log(LOG_ERR, "Did not send password to pipe (%d sent)", len);
close(outpipe[WRITE_END]);
}
if (waitpid_timeout(pid, &status, 0))
{
_pam_log(LOG_ERR, "Timed out waiting for encfs, killing\n");
kill(pid, SIGKILL);
}
int exitstatus = WEXITSTATUS(status);
char buff[512];
len = read(inpipe[READ_END], &buff, 511);
close(inpipe[READ_END]);
buff[len] = 0;
if (!checkmnt(targetpath) && (len > 0 || exitstatus > 0))
{
_pam_log(LOG_ERR, "exitcode : %d, errorstring : %s", exitstatus,
buff);
return PAM_AUTH_ERR;
}
else
{
return PAM_IGNORE;
}
return PAM_AUTH_ERR;
}
