int do_rlogin (const char *remote_host, char *name, int namelen, char *term, int termlen) { struct passwd *pwd; char remote_name[32]; char *cp; int remote_speed = 9600; int speed_name = B9600; int i; TERMIO termio; get_remote_string (remote_name, sizeof remote_name); get_remote_string (name, namelen); get_remote_string (term, termlen); if ((cp = strchr (term, '/'))) { *cp++ = '\0'; if (!(remote_speed = atoi (cp))) remote_speed = 9600; } for (i = 0; speed_table[i].spd_baud != remote_speed && speed_table[i].spd_name != -1; i++); if (speed_table[i].spd_name != -1) speed_name = speed_table[i].spd_name; /* * Put the terminal in cooked mode with echo turned on. */ GTTY (0, &termio); termio.c_iflag |= ICRNL | IXON; termio.c_oflag |= OPOST | ONLCR; termio.c_lflag |= ICANON | ECHO | ECHOE; #ifdef CBAUD termio.c_cflag = (termio.c_cflag & ~CBAUD) | speed_name; #else termio.c_cflag = (termio.c_cflag) | speed_name; #endif STTY (0, &termio); if (!(pwd = getpwnam (name))) return 0; /* * ruserok() returns 0 for success on modern systems, and 1 on * older ones. If you are having trouble with people logging * in without giving a required password, THIS is the culprit - * go fix the #define in config.h. */ #ifndef RUSEROK return 0; #else return ruserok (remote_host, pwd->pw_uid == 0, remote_name, name) == RUSEROK; #endif }
/*ARGSUSED*/ int pam_sm_authenticate( pam_handle_t *pamh, int flags, int argc, const char **argv) { char *host = NULL, *lusername = NULL; struct passwd pwd; char pwd_buffer[1024]; int is_superuser; char *rusername; int i; int debug = 0; for (i = 0; i < argc; i++) { if (strcasecmp(argv[i], "debug") == 0) debug = 1; else syslog(LOG_DEBUG, "illegal option %s", argv[i]); } if (pam_get_item(pamh, PAM_USER, (void **) &lusername) != PAM_SUCCESS) return (PAM_SERVICE_ERR); if (pam_get_item(pamh, PAM_RHOST, (void **) &host) != PAM_SUCCESS) return (PAM_SERVICE_ERR); if (pam_get_item(pamh, PAM_RUSER, (void **)&rusername) != PAM_SUCCESS) return (PAM_SERVICE_ERR); if (lusername == NULL || *lusername == '\0') return (PAM_USER_UNKNOWN); if (rusername == NULL || *rusername == '\0') return (PAM_AUTH_ERR); if (host == NULL || *host == '\0') return (PAM_AUTH_ERR); if (debug) { syslog(LOG_DEBUG, "rhosts authenticate: user = %s, host = %s", lusername, host); } if (getpwnam_r(lusername, &pwd, pwd_buffer, sizeof (pwd_buffer)) == NULL) return (PAM_USER_UNKNOWN); if (pwd.pw_uid == 0) is_superuser = 1; else is_superuser = 0; return (ruserok(host, is_superuser, rusername, lusername) == -1 ? PAM_AUTH_ERR : PAM_SUCCESS); }
static char* rhostsattach(Fcall *rx, Fcall *tx) { USED(tx); if(ruserok(remotehostname, 0, rx->uname, rx->uname) < 0){ fprint(2, "ruserok(%s, %s) not okay\n", remotehostname, rx->uname); return "u9fs: rhosts authentication failed"; } return 0; }
int site_check_user_map( job *pjob, /* I */ char *luser, /* I */ char *EMsg) /* O (optional,minsize=1024) */ { char *orighost; char owner[PBS_MAXUSER + 1]; char *p1; char *p2; int rc; int ProxyAllowed = 0; int ProxyRequested = 0; int HostAllowed = 0; char *dptr; #ifdef MUNGE_AUTH char uh[PBS_MAXUSER + PBS_MAXHOSTNAME + 2]; #endif if (EMsg != NULL) EMsg[0] = '\0'; /* get just the owner name, without the "@host" */ p1 = pjob->ji_wattr[JOB_ATR_job_owner].at_val.at_str; p2 = owner; while ((*p1 != '@') && (*p1 != '\0')) *p2++ = *p1++; *p2 = '\0'; orighost = get_variable(pjob, pbs_o_host); if (orighost == NULL) { /* access denied */ log_event( PBSEVENT_JOB, PBS_EVENTCLASS_JOB, pjob->ji_qs.ji_jobid, msg_orighost); if (EMsg != NULL) strcpy(EMsg, "source host not specified"); return(-1); } if ((server.sv_attr[(int)SRV_ATR_AllowProxyUser].at_flags & ATR_VFLAG_SET) && \ (server.sv_attr[(int)SRV_ATR_AllowProxyUser].at_val.at_long == 1)) { ProxyAllowed = 1; } if (strcmp(owner, luser) != 0) { ProxyRequested = 1; } if (!strcmp(orighost, server_host) && !strcmp(owner, luser)) { /* submitting from server host, access allowed */ if ((ProxyRequested == 0) || (ProxyAllowed == 1)) { return(0); } /* host is fine, must validate proxy via ruserok() */ HostAllowed = 1; } /* make short host name */ if ((dptr = strchr(orighost, '.')) != NULL) { *dptr = '\0'; } if ((HostAllowed == 0) && (server.sv_attr[SRV_ATR_AllowNodeSubmit].at_flags & ATR_VFLAG_SET) && (server.sv_attr[SRV_ATR_AllowNodeSubmit].at_val.at_long == 1) && (find_nodebyname(orighost) != NULL)) { /* job submitted from compute host, access allowed */ if (dptr != NULL) *dptr = '.'; if ((ProxyRequested == 0) || (ProxyAllowed == 1)) { return(0); } /* host is fine, must validate proxy via ruserok() */ HostAllowed = 1; } if ((HostAllowed == 0) && (server.sv_attr[(int)SRV_ATR_SubmitHosts].at_flags & ATR_VFLAG_SET)) { struct array_strings *submithosts = NULL; char *testhost; int hostnum = 0; submithosts = server.sv_attr[(int)SRV_ATR_SubmitHosts].at_val.at_arst; for (hostnum = 0;hostnum < submithosts->as_usedptr;hostnum++) { testhost = submithosts->as_string[hostnum]; if (!strcasecmp(testhost, orighost)) { /* job submitted from host found in trusted submit host list, access allowed */ if (dptr != NULL) *dptr = '.'; if ((ProxyRequested == 0) || (ProxyAllowed == 1)) { return(0); } /* host is fine, must validate proxy via ruserok() */ HostAllowed = 1; break; } } /* END for (hostnum) */ } /* END if (SRV_ATR_SubmitHosts) */ if (dptr != NULL) *dptr = '.'; #ifdef MUNGE_AUTH sprintf(uh, "%s@%s", owner, orighost); rc = acl_check(&server.sv_attr[SRV_ATR_authusers], uh, ACL_User_Host); if(rc <= 0) { /* rc == 0 means we did not find a match. this is a failure */ if(EMsg != NULL) { snprintf(EMsg, 1024, "could not authorize user %s from %s", owner, orighost); } rc = -1; /* -1 is what set_jobexid is expecting for a failure*/ } else { /*SUCCESS*/ rc = 0; /* the call to ruserok below was in the code first. ruserok returns 0 on success but acl_check returns a positive value on success. We set rc to 0 to be consistent with the original ruserok functionality */ } #else rc = ruserok(orighost, 0, owner, luser); if (rc != 0 && EMsg != NULL) { /* Test rc so as to not fill this message in the case of success, since other * callers might not fill this message in the case of their errors and * very misleading error message will go into the logs. */ snprintf(EMsg, 1024, "ruserok failed validating %s/%s from %s", owner, luser, orighost); } #endif #ifdef sun /* broken Sun ruserok() sets process so it appears to be owned */ /* by the luser, change it back for cosmetic reasons */ setuid(0); #endif /* sun */ return(rc); } /* END site_check_user_map() */
PAM_EXTERN int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) { const char *luser = NULL; const char *ruser = NULL, *rhost = NULL; const char *opt_superuser = NULL; const void *c_void; int opt_debug = 0; int opt_silent; int as_root; int retval; opt_silent = flags & PAM_SILENT; while (argc-- > 0) { if (strcmp(*argv, "debug") == 0) opt_debug = 1; else if (strcmp (*argv, "silent") == 0 || strcmp(*argv, "suppress") == 0) opt_silent = 1; else if (strncmp(*argv, "superuser="******"superuser="******"superuser="******"unrecognized option '%s'", *argv); ++argv; } retval = pam_get_item (pamh, PAM_RHOST, &c_void); if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "could not get the remote host name"); return retval; } rhost = c_void; retval = pam_get_item(pamh, PAM_RUSER, &c_void); ruser = c_void; if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "could not get the remote username"); return retval; } retval = pam_get_user(pamh, &luser, NULL); if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_ERR, "could not determine name of local user"); return retval; } if (rhost == NULL || ruser == NULL || luser == NULL) return PAM_AUTH_ERR; if (opt_superuser && strcmp(opt_superuser, luser) == 0) as_root = 1; else { struct passwd *lpwd; lpwd = pam_modutil_getpwnam(pamh, luser); if (lpwd == NULL) { if (opt_debug) /* don't print by default, could be the user's password */ pam_syslog(pamh, LOG_DEBUG, "user '%s' unknown to this system", luser); return PAM_USER_UNKNOWN; } as_root = (lpwd->pw_uid == 0); } #ifdef HAVE_RUSEROK_AF retval = ruserok_af (rhost, as_root, ruser, luser, PF_UNSPEC); #else retval = ruserok (rhost, as_root, ruser, luser); #endif if (retval != 0) { if (!opt_silent || opt_debug) pam_syslog(pamh, LOG_WARNING, "denied access to %s@%s as %s", ruser, rhost, luser); return PAM_AUTH_ERR; } else { if (!opt_silent || opt_debug) pam_syslog(pamh, LOG_NOTICE, "allowed access to %s@%s as %s", ruser, rhost, luser); return PAM_SUCCESS; } }
int svr_chk_owner(struct batch_request *preq, job *pjob) { char owner[PBS_MAXUSER+1]; char *pu; char *ph; char rmtuser[PBS_MAXUSER+PBS_MAXHOSTNAME+2]; extern int ruserok(const char *rhost, int suser, const char *ruser, const char *luser); #ifdef WIN32 extern int user_read_password(char *user, char **cred, size_t *len); extern int read_cred(job *pjob, char **cred, size_t *len); extern int decrypt_pwd(char *crypted, size_t len, char **passwd); #endif /* Are the owner and requestor the same? */ snprintf(rmtuser, sizeof(rmtuser), "%s", pjob->ji_wattr[(int)JOB_ATR_job_owner].at_val.at_str); pu = rmtuser; ph = strchr(rmtuser, '@'); if (!ph) return -1; *ph++ = '\0'; if (strcmp(preq->rq_user, pu) == 0) { /* Avoid the lookup if they match. */ if (strcmp(preq->rq_host, ph) == 0) return 0; /* Perform the lookup. */ if (is_same_host(preq->rq_host, ph)) return 0; } /* map requestor user@host to "local" name */ pu = site_map_user(preq->rq_user, preq->rq_host); if (pu == NULL) return (-1); (void)strncpy(rmtuser, pu, PBS_MAXUSER); /* * Get job owner name without "@host" and then map to "local" name. */ get_jobowner(pjob->ji_wattr[(int)JOB_ATR_job_owner].at_val.at_str, owner); pu = site_map_user(owner, get_hostPart(pjob->ji_wattr[(int)JOB_ATR_job_owner].at_val.at_str)); if (server.sv_attr[(int)SRV_ATR_FlatUID].at_val.at_long) { /* with flatuid, all that must match is user names */ return (strcmp(rmtuser, pu)); } else { /* non-flatuid space, must validate rmtuser vs owner */ #ifdef WIN32 if ( (server.sv_attr[SRV_ATR_ssignon_enable].at_flags & \ ATR_VFLAG_SET) && \ (server.sv_attr[SRV_ATR_ssignon_enable].at_val.at_long \ == 1) ) { /* read/cache user password */ cache_usertoken_and_homedir(pu, NULL, 0, user_read_password, (char *)pu, pbs_decrypt_pwd, 0); } else { /* read/cache job password */ cache_usertoken_and_homedir(pu, NULL, 0, read_cred, (job *)pjob, pbs_decrypt_pwd, 0); } #endif return (ruserok(preq->rq_host, 0, rmtuser, pu)); } }
int site_check_user_map(void *pobj, int objtype, char *luser) { char *orighost; char owner[PBS_MAXUSER+1]; char *p1; char *objid; int event_type, event_class; int rc; /* set pointer variables etc based on object's type */ if (objtype == JOB_OBJECT) { p1 = ((job *)pobj)->ji_wattr[JOB_ATR_job_owner].at_val.at_str; objid = ((job *)pobj)->ji_qs.ji_jobid; event_type = PBSEVENT_JOB; event_class = PBS_EVENTCLASS_JOB; } else { p1 = ((resc_resv *)pobj)->ri_wattr[RESV_ATR_resv_owner].at_val.at_str; objid = ((resc_resv *)pobj)->ri_qs.ri_resvID; event_type = PBSEVENT_JOB; event_class = PBS_EVENTCLASS_JOB; } /* the owner name, without the "@host" */ cvrt_fqn_to_name(p1, owner); orighost = strchr(p1, '@'); if ((orighost == (char *)0) || (*++orighost == '\0')) { log_event(event_type, event_class, LOG_INFO, objid, msg_orighost); return (-1); } if (!strcasecmp(orighost, server_host) && !strcmp(owner, luser)) return (0); #ifdef WIN32 rc = ruserok(orighost, isAdminPrivilege(luser), owner, luser); if (rc == -2) { sprintf(log_buffer, "User %s does not exist!", luser); log_err(0, "site_check_user_map", log_buffer); rc = -1; } else if (rc == -3) { sprintf(log_buffer, "User %s's [HOMEDIR]/.rhosts is unreadable! Needs SYSTEM or Everyone access", luser); log_err(0, "site_check_user_map", log_buffer); rc = -1; } #else rc = ruserok(orighost, 0, owner, luser); #endif #ifdef sun /* broken Sun ruserok() sets process so it appears to be owned */ /* by the luser, change it back for cosmetic reasons */ if (setuid(0) == -1) { log_err(errno, "site_check_user_map", "cannot go back to root"); exit(1); } #endif /* sun */ return (rc); }
/* * check for trusted host and user */ static int check_host( struct svc_req *rqstp /* RPC stuff */ ) { struct authsys_parms *sys_credp; SVCXPRT *transp = rqstp->rq_xprt; struct netconfig *nconfp = NULL; struct nd_hostservlist *hservlistp = NULL; int i; int rval = -1; char *inplace = NULL; /* check for root */ /*LINTED*/ sys_credp = (struct authsys_parms *)rqstp->rq_clntcred; assert(sys_credp != NULL); if (sys_credp->aup_uid != 0) goto out; /* get hostnames */ if (transp->xp_netid == NULL) { md_eprintf("transp->xp_netid == NULL\n"); goto out; } if ((nconfp = getnetconfigent(transp->xp_netid)) == NULL) { #ifdef DEBUG nc_perror("getnetconfigent(transp->xp_netid)"); #endif goto out; } if ((__netdir_getbyaddr_nosrv(nconfp, &hservlistp, &transp->xp_rtaddr) != 0) || (hservlistp == NULL)) { #ifdef DEBUG netdir_perror("netdir_getbyaddr(transp->xp_rtaddr)"); #endif goto out; } /* check hostnames */ for (i = 0; (i < hservlistp->h_cnt); ++i) { struct nd_hostserv *hservp = &hservlistp->h_hostservs[i]; char *hostname = hservp->h_host; inplace = strdup(hostname); /* localhost is OK */ if (strcmp(hostname, mynode()) == 0) { rval = 0; goto out; } /* check for remote root access */ if (ruserok(hostname, 1, "root", "root") == 0) { rval = 0; goto out; } sdssc_cm_nm2nid(inplace); if (strcmp(inplace, hostname)) { /* * If the names are now different it indicates * that hostname was converted to a nodeid. This * will only occur if hostname is part of the same * cluster that the current node is in. * If the machine is not running in a cluster than * sdssc_cm_nm2nid is a noop which leaves inplace * alone. */ rval = 0; goto out; } } /* cleanup, return success */ out: if (inplace) free(inplace); if (hservlistp != NULL) netdir_free(hservlistp, ND_HOSTSERVLIST); if (nconfp != NULL) Free(nconfp); return (rval); }