extern int id_main(int argc, char **argv) { struct passwd *p; uid_t uid; gid_t gid; unsigned long flags; short status; #ifdef CONFIG_SELINUX int is_flask_enabled_flag = is_flask_enabled(); #endif bb_opt_complementaly = "u~g:g~u"; flags = bb_getopt_ulflags(argc, argv, "rnug"); if ((flags & BB_GETOPT_ERROR) /* Don't allow -n -r -nr */ || (flags <= 3 && flags > 0) /* Don't allow more than one username */ || (argc > optind + 1)) bb_show_usage(); /* This values could be overwritten later */ uid = geteuid(); gid = getegid(); if (flags & PRINT_REAL) { uid = getuid(); gid = getgid(); } if(argv[optind]) { p=getpwnam(argv[optind]); /* my_getpwnam is needed because it exits on failure */ uid = my_getpwnam(argv[optind]); gid = p->pw_gid; /* in this case PRINT_REAL is the same */ } if(flags & (JUST_GROUP | JUST_USER)) { /* JUST_GROUP and JUST_USER are mutually exclusive */ if(flags & NAME_NOT_NUMBER) { /* my_getpwuid and my_getgrgid exit on failure so puts cannot segfault */ puts((flags & JUST_USER) ? my_getpwuid(NULL, uid, -1 ) : my_getgrgid(NULL, gid, -1 )); } else { bb_printf("%u\n",(flags & JUST_USER) ? uid : gid); } /* exit */ bb_fflush_stdout_and_exit(EXIT_SUCCESS); } /* Print full info like GNU id */ /* my_getpwuid doesn't exit on failure here */ status=printf_full(uid, my_getpwuid(NULL, uid, 0), 'u'); putchar(' '); /* my_getgrgid doesn't exit on failure here */ status|=printf_full(gid, my_getgrgid(NULL, gid, 0), 'g'); #ifdef CONFIG_SELINUX if(is_flask_enabled_flag) { security_id_t mysid = getsecsid(); char context[80]; int len = sizeof(context); context[0] = '\0'; if(security_sid_to_context(mysid, context, &len)) strcpy(context, "unknown"); bb_printf(" context=%s", context); } #endif putchar('\n'); bb_fflush_stdout_and_exit(status); }
extern int id_main(int argc, char **argv) { char user[9], group[9]; long pwnam, grnam; int uid, gid; int flags; #ifdef CONFIG_SELINUX int is_flask_enabled_flag = is_flask_enabled(); #endif flags = bb_getopt_ulflags(argc, argv, "ugrn"); if (((flags & (JUST_USER | JUST_GROUP)) == (JUST_USER | JUST_GROUP)) || (argc > optind + 1) ) { bb_show_usage(); } if (argv[optind] == NULL) { if (flags & PRINT_REAL) { uid = getuid(); gid = getgid(); } else { uid = geteuid(); gid = getegid(); } my_getpwuid(user, uid); } else { safe_strncpy(user, argv[optind], sizeof(user)); gid = my_getpwnamegid(user); } my_getgrgid(group, gid); pwnam=my_getpwnam(user); grnam=my_getgrnam(group); if (flags & (JUST_GROUP | JUST_USER)) { char *s = group; if (flags & JUST_USER) { s = user; grnam = pwnam; } if (flags & NAME_NOT_NUMBER) { puts(s); } else { printf("%ld\n", grnam); } } else { #ifdef CONFIG_SELINUX printf("uid=%ld(%s) gid=%ld(%s)", pwnam, user, grnam, group); if(is_flask_enabled_flag) { security_id_t mysid = getsecsid(); char context[80]; int len = sizeof(context); context[0] = '\0'; if(security_sid_to_context(mysid, context, &len)) strcpy(context, "unknown"); printf(" context=%s\n", context); } else printf("\n"); #else printf("uid=%ld(%s) gid=%ld(%s)\n", pwnam, user, grnam, group); #endif } bb_fflush_stdout_and_exit(0); }
extern int login_main(int argc, char **argv) { char tty[BUFSIZ]; char full_tty[200]; char fromhost[512]; char username[USERNAME_SIZE]; char *tmp; int amroot; int flag; int failed; int count=0; struct passwd *pw, pw_copy; #ifdef CONFIG_WHEEL_GROUP struct group *grp; #endif int opt_preserve = 0; int opt_fflag = 0; char *opt_host = 0; int alarmstarted = 0; #ifdef CONFIG_SELINUX int flask_enabled = is_flask_enabled(); security_id_t sid = 0, old_tty_sid, new_tty_sid; #endif username[0]=0; amroot = ( getuid ( ) == 0 ); signal ( SIGALRM, alarm_handler ); if (( argc > 1 ) && ( TIMEOUT > 0 )) { alarm ( TIMEOUT ); alarmstarted = 1; } while (( flag = getopt(argc, argv, "f:h:p")) != EOF ) { switch ( flag ) { case 'p': opt_preserve = 1; break; case 'f': /* * username must be a seperate token * (-f root, *NOT* -froot). --marekm */ if ( optarg != argv[optind-1] ) bb_show_usage( ); if ( !amroot ) /* Auth bypass only if real UID is zero */ bb_error_msg_and_die ( "-f permission denied" ); safe_strncpy(username, optarg, USERNAME_SIZE); opt_fflag = 1; break; case 'h': opt_host = optarg; break; default: bb_show_usage( ); } } if (optind < argc) // user from command line (getty) safe_strncpy(username, argv[optind], USERNAME_SIZE); if ( !isatty ( 0 ) || !isatty ( 1 ) || !isatty ( 2 )) return EXIT_FAILURE; /* Must be a terminal */ #ifdef CONFIG_FEATURE_U_W_TMP checkutmp ( !amroot ); #endif tmp = ttyname ( 0 ); if ( tmp && ( strncmp ( tmp, "/dev/", 5 ) == 0 )) safe_strncpy ( tty, tmp + 5, sizeof( tty )); else safe_strncpy ( tty, "UNKNOWN", sizeof( tty )); #ifdef CONFIG_FEATURE_U_W_TMP if ( amroot ) memset ( utent.ut_host, 0, sizeof utent.ut_host ); #endif if ( opt_host ) { #ifdef CONFIG_FEATURE_U_W_TMP safe_strncpy ( utent.ut_host, opt_host, sizeof( utent. ut_host )); #endif snprintf ( fromhost, sizeof( fromhost ) - 1, " on `%.100s' from `%.200s'", tty, opt_host ); } else snprintf ( fromhost, sizeof( fromhost ) - 1, " on `%.100s'", tty ); setpgrp(); openlog ( "login", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH ); while ( 1 ) { failed = 0; if ( !username[0] ) if(!login_prompt ( username )) return EXIT_FAILURE; if ( !alarmstarted && ( TIMEOUT > 0 )) { alarm ( TIMEOUT ); alarmstarted = 1; } if (!( pw = getpwnam ( username ))) { pw_copy.pw_name = "UNKNOWN"; pw_copy.pw_passwd = "!"; opt_fflag = 0; failed = 1; } else pw_copy = *pw; pw = &pw_copy; if (( pw-> pw_passwd [0] == '!' ) || ( pw-> pw_passwd[0] == '*' )) failed = 1; if ( opt_fflag ) { opt_fflag = 0; goto auth_ok; } if (!failed && ( pw-> pw_uid == 0 ) && ( !check_tty ( tty ))) failed = 1; /* Don't check the password if password entry is empty (!) */ if ( !pw-> pw_passwd[0] ) goto auth_ok; /* authorization takes place here */ if ( correct_password ( pw )) goto auth_ok; failed = 1; auth_ok: if ( !failed) break; { // delay next try time_t start, now; time ( &start ); now = start; while ( difftime ( now, start ) < FAIL_DELAY) { sleep ( FAIL_DELAY ); time ( &now ); } } puts("Login incorrect"); username[0] = 0; if ( ++count == 3 ) { syslog ( LOG_WARNING, "invalid password for `%s'%s\n", pw->pw_name, fromhost); return EXIT_FAILURE; } } alarm ( 0 ); if ( check_nologin ( pw-> pw_uid == 0 )) return EXIT_FAILURE; #ifdef CONFIG_FEATURE_U_W_TMP setutmp ( username, tty ); #endif #ifdef CONFIG_SELINUX if (flask_enabled) { struct stat st; if (get_default_sid(username, 0, &sid)) { fprintf(stderr, "Unable to get SID for %s\n", username); exit(1); } if (stat_secure(tty, &st, &old_tty_sid)) { fprintf(stderr, "stat_secure(%.100s) failed: %.100s\n", tty, strerror(errno)); return EXIT_FAILURE; } if (security_change_sid (sid, old_tty_sid, SECCLASS_CHR_FILE, &new_tty_sid) != 0) { fprintf(stderr, "security_change_sid(%.100s) failed: %.100s\n", tty, strerror(errno)); return EXIT_FAILURE; } if(chsid(tty, new_tty_sid) != 0) { fprintf(stderr, "chsid(%.100s, %d) failed: %.100s\n", tty, new_tty_sid, strerror(errno)); return EXIT_FAILURE; } } else sid = 0; #endif if ( *tty != '/' ) snprintf ( full_tty, sizeof( full_tty ) - 1, "/dev/%s", tty); else safe_strncpy ( full_tty, tty, sizeof( full_tty ) - 1 ); if ( !is_my_tty ( full_tty )) syslog ( LOG_ERR, "unable to determine TTY name, got %s\n", full_tty ); /* Try these, but don't complain if they fail * (for example when the root fs is read only) */ chown ( full_tty, pw-> pw_uid, pw-> pw_gid ); chmod ( full_tty, 0600 ); change_identity ( pw ); setup_environment ( pw-> pw_shell, 1, !opt_preserve, pw ); motd ( ); signal ( SIGALRM, SIG_DFL ); /* default alarm signal */ if ( pw-> pw_uid == 0 ) syslog ( LOG_INFO, "root login %s\n", fromhost ); run_shell ( pw-> pw_shell, 1, 0, 0 #ifdef CONFIG_SELINUX , sid #endif ); /* exec the shell finally. */ return EXIT_FAILURE; }
extern int ls_main(int argc, char **argv) { struct dnode **dnd; struct dnode **dnf; struct dnode **dnp; struct dnode *dn; struct dnode *cur; long opt; int nfiles = 0; int dnfiles; int dndirs; int oi; int ac; int i; char **av; #ifdef CONFIG_FEATURE_AUTOWIDTH char *tabstops_str = NULL; char *terminal_width_str = NULL; #endif #ifdef CONFIG_SELINUX is_flask_enabled_flag = is_flask_enabled(); #endif all_fmt = LIST_SHORT | DISP_NORMAL | STYLE_AUTO #ifdef CONFIG_FEATURE_LS_TIMESTAMPS | TIME_MOD #endif #ifdef CONFIG_FEATURE_LS_SORTFILES | SORT_NAME | SORT_ORDER_FORWARD #endif ; #ifdef CONFIG_FEATURE_AUTOWIDTH /* Obtain the terminal width. */ get_terminal_width_height(0, &terminal_width, NULL); /* Go one less... */ terminal_width--; #endif #ifdef CONFIG_FEATURE_LS_COLOR if (isatty(fileno(stdout))) show_color = 1; #endif /* process options */ #ifdef CONFIG_FEATURE_AUTOWIDTH opt = bb_getopt_ulflags(argc, argv, ls_options, &tabstops_str, &terminal_width_str); if (tabstops_str) { tabstops = atoi(tabstops_str); } if (terminal_width_str) { terminal_width = atoi(terminal_width_str); } #else opt = bb_getopt_ulflags(argc, argv, ls_options); #endif /* 16 = maximum options minus tabsize and screewn width */ for (i = 0; i < 16; i++) { if (opt & (1 << i)) { unsigned int flags = opt_flags[i]; if (flags & LIST_MASK_TRIGGER) { all_fmt &= ~LIST_MASK; } if (flags & STYLE_MASK_TRIGGER) { all_fmt &= ~STYLE_MASK; } #ifdef CONFIG_FEATURE_LS_SORTFILES if (flags & SORT_MASK_TRIGGER) { all_fmt &= ~SORT_MASK; } #endif if (flags & DISP_MASK_TRIGGER) { all_fmt &= ~DISP_MASK; } #ifdef CONFIG_FEATURE_LS_TIMESTAMPS if (flags & TIME_MASK_TRIGGER) { all_fmt &= ~TIME_MASK; } #endif if (flags & LIST_CONTEXT) { all_fmt |= STYLE_SINGLE; } #ifdef CONFIG_FEATURE_HUMAN_READABLE if (opt == 'l') { all_fmt &= ~LS_DISP_HR; } #endif all_fmt |= flags; } } /* sort out which command line options take precedence */ #ifdef CONFIG_FEATURE_LS_RECURSIVE if (all_fmt & DISP_NOLIST) all_fmt &= ~DISP_RECURSIVE; /* no recurse if listing only dir */ #endif #if defined (CONFIG_FEATURE_LS_TIMESTAMPS) && defined (CONFIG_FEATURE_LS_SORTFILES) if (all_fmt & TIME_CHANGE) all_fmt = (all_fmt & ~SORT_MASK) | SORT_CTIME; if (all_fmt & TIME_ACCESS) all_fmt = (all_fmt & ~SORT_MASK) | SORT_ATIME; #endif if ((all_fmt & STYLE_MASK) != STYLE_LONG) /* only for long list */ all_fmt &= ~(LIST_ID_NUMERIC|LIST_FULLTIME|LIST_ID_NAME|LIST_ID_NUMERIC); #ifdef CONFIG_FEATURE_LS_USERNAME if ((all_fmt & STYLE_MASK) == STYLE_LONG && (all_fmt & LIST_ID_NUMERIC)) all_fmt &= ~LIST_ID_NAME; /* don't list names if numeric uid */ #endif /* choose a display format */ if ((all_fmt & STYLE_MASK) == STYLE_AUTO) #if STYLE_AUTO != 0 all_fmt = (all_fmt & ~STYLE_MASK) | (isatty(fileno(stdout)) ? STYLE_COLUMNS : STYLE_SINGLE); #else all_fmt |= (isatty(fileno(stdout)) ? STYLE_COLUMNS : STYLE_SINGLE); #endif /* * when there are no cmd line args we have to supply a default "." arg. * we will create a second argv array, "av" that will hold either * our created "." arg, or the real cmd line args. The av array * just holds the pointers- we don't move the date the pointers * point to. */ ac = argc - optind; /* how many cmd line args are left */ if (ac < 1) { av = (char **) xcalloc((size_t) 1, (size_t) (sizeof(char *))); av[0] = bb_xstrdup("."); ac = 1; } else { av = (char **) xcalloc((size_t) ac, (size_t) (sizeof(char *))); for (oi = 0; oi < ac; oi++) { av[oi] = argv[optind++]; /* copy pointer to real cmd line arg */ } } /* now, everything is in the av array */ if (ac > 1) all_fmt |= DISP_DIRNAME; /* 2 or more items? label directories */ /* stuff the command line file names into an dnode array */ dn = NULL; for (oi = 0; oi < ac; oi++) { char *fullname = bb_xstrdup(av[oi]); cur = my_stat(fullname, fullname); if (!cur) continue; cur->next = dn; dn = cur; nfiles++; } /* now that we know how many files there are ** allocate memory for an array to hold dnode pointers */ dnp = dnalloc(nfiles); for (i = 0, cur = dn; i < nfiles; i++) { dnp[i] = cur; /* save pointer to node in array */ cur = cur->next; } if (all_fmt & DISP_NOLIST) { #ifdef CONFIG_FEATURE_LS_SORTFILES shellsort(dnp, nfiles); #endif if (nfiles > 0) showfiles(dnp, nfiles); } else { dnd = splitdnarray(dnp, nfiles, SPLIT_DIR); dnf = splitdnarray(dnp, nfiles, SPLIT_FILE); dndirs = countdirs(dnp, nfiles); dnfiles = nfiles - dndirs; if (dnfiles > 0) { #ifdef CONFIG_FEATURE_LS_SORTFILES shellsort(dnf, dnfiles); #endif showfiles(dnf, dnfiles); } if (dndirs > 0) { #ifdef CONFIG_FEATURE_LS_SORTFILES shellsort(dnd, dndirs); #endif showdirs(dnd, dndirs); } } return (status); }