void do_id(char *username) { int flags, i, ngroups, cmd_groups = toys.which->name[0] == 'g'; struct passwd *pw; struct group *grp; uid_t uid = getuid(), euid = geteuid(); gid_t gid = getgid(), egid = getegid(), *groups; if (cmd_groups) toys.optflags |= FLAG_G | FLAG_n; flags = toys.optflags; // check if a username is given if (username) { pw = xgetpwnam(username); uid = euid = pw->pw_uid; gid = egid = pw->pw_gid; if (cmd_groups) printf("%s : ", pw->pw_name); } i = flags & FLAG_r; pw = xgetpwuid(i ? uid : euid); if (flags & FLAG_u) s_or_u(pw->pw_name, pw->pw_uid, 1); grp = xgetgrgid(i ? gid : egid); if (flags & FLAG_g) s_or_u(grp->gr_name, grp->gr_gid, 1); if (!(flags & FLAG_G)) { showid("uid=", pw->pw_uid, pw->pw_name); showid(" gid=", grp->gr_gid, grp->gr_name); if (!i) { if (uid != euid) { pw = xgetpwuid(euid); showid(" euid=", pw->pw_uid, pw->pw_name); } if (gid != egid) { grp = xgetgrgid(egid); showid(" egid=", grp->gr_gid, grp->gr_name); } } showid(" groups=", grp->gr_gid, grp->gr_name); } groups = (gid_t *)toybuf; i = sizeof(toybuf)/sizeof(gid_t); ngroups = username ? getgrouplist(username, gid, groups, &i) : getgroups(i, groups); if (ngroups<0) perror_exit(0); for (i = 0; i<ngroups; i++) { if (i) xputc(' '); if (!(grp = getgrgid(groups[i]))) perror_msg(0); else if (flags & FLAG_G) s_or_u(grp->gr_name, grp->gr_gid, 0); else if (grp->gr_gid != egid) showid("", grp->gr_gid, grp->gr_name); } xputc('\n'); }
/* Creates a metaentry for the file/dir/etc at path */ struct metaentry * mentry_create(const char *path) { ssize_t lsize, vsize; char *list, *attr; struct stat sbuf; struct passwd *pbuf; struct group *gbuf; int i; struct metaentry *mentry; if (lstat(path, &sbuf)) { msg(MSG_ERROR, "lstat failed for %s: %s\n", path, strerror(errno)); return NULL; } pbuf = xgetpwuid(sbuf.st_uid); if (!pbuf) { msg(MSG_ERROR, "getpwuid failed for %s: uid %i not found\n", path, (int)sbuf.st_uid); return NULL; } gbuf = xgetgrgid(sbuf.st_gid); if (!gbuf) { msg(MSG_ERROR, "getgrgid failed for %s: gid %i not found\n", path, (int)sbuf.st_gid); return NULL; } mentry = mentry_alloc(); mentry->path = xstrdup(path); mentry->pathlen = strlen(mentry->path); mentry->owner = xstrdup(pbuf->pw_name); mentry->group = xstrdup(gbuf->gr_name); mentry->mode = sbuf.st_mode & 0177777; mentry->mtime = sbuf.st_mtim.tv_sec; mentry->mtimensec = sbuf.st_mtim.tv_nsec; /* symlinks have no xattrs */ if (S_ISLNK(mentry->mode)) return mentry; lsize = listxattr(path, NULL, 0); if (lsize < 0) { /* Perhaps the FS doesn't support xattrs? */ if (errno == ENOTSUP) return mentry; msg(MSG_ERROR, "listxattr failed for %s: %s\n", path, strerror(errno)); return NULL; } list = xmalloc(lsize); lsize = listxattr(path, list, lsize); if (lsize < 0) { msg(MSG_ERROR, "listxattr failed for %s: %s\n", path, strerror(errno)); free(list); return NULL; } i = 0; for (attr = list; attr < list + lsize; attr = strchr(attr, '\0') + 1) { if (*attr == '\0') continue; i++; } if (i == 0) return mentry; mentry->xattrs = i; mentry->xattr_names = xmalloc(i * sizeof(char *)); mentry->xattr_values = xmalloc(i * sizeof(char *)); mentry->xattr_lvalues = xmalloc(i * sizeof(ssize_t)); i = 0; for (attr = list; attr < list + lsize; attr = strchr(attr, '\0') + 1) { if (*attr == '\0') continue; mentry->xattr_names[i] = xstrdup(attr); vsize = getxattr(path, attr, NULL, 0); if (vsize < 0) { msg(MSG_ERROR, "getxattr failed for %s: %s\n", path, strerror(errno)); free(list); mentry_free(mentry); return NULL; } mentry->xattr_lvalues[i] = vsize; mentry->xattr_values[i] = xmalloc(vsize); vsize = getxattr(path, attr, mentry->xattr_values[i], vsize); if (vsize < 0) { msg(MSG_ERROR, "getxattr failed for %s: %s\n", path, strerror(errno)); free(list); mentry_free(mentry); return NULL; } i++; } free(list); return mentry; }
int vlock_main(int argc UNUSED_PARAM, char **argv) { #ifdef __linux__ struct vt_mode vtm; struct vt_mode ovtm; #endif struct termios term; struct termios oterm; struct passwd *pw; pw = xgetpwuid(getuid()); opt_complementary = "=0"; /* no params! */ getopt32(argv, "a"); /* Ignore some signals so that we don't get killed by them */ bb_signals(0 + (1 << SIGTSTP) + (1 << SIGTTIN) + (1 << SIGTTOU) + (1 << SIGHUP ) + (1 << SIGCHLD) /* paranoia :) */ + (1 << SIGQUIT) + (1 << SIGINT ) , SIG_IGN); #ifdef __linux__ /* We will use SIGUSRx for console switch control: */ /* 1: set handlers */ signal_SA_RESTART_empty_mask(SIGUSR1, release_vt); signal_SA_RESTART_empty_mask(SIGUSR2, acquire_vt); /* 2: unmask them */ sig_unblock(SIGUSR1); sig_unblock(SIGUSR2); #endif /* Revert stdin/out to our controlling tty * (or die if we have none) */ xmove_fd(xopen(CURRENT_TTY, O_RDWR), STDIN_FILENO); xdup2(STDIN_FILENO, STDOUT_FILENO); #ifdef __linux__ xioctl(STDIN_FILENO, VT_GETMODE, &vtm); ovtm = vtm; /* "console switches are controlled by us, not kernel!" */ vtm.mode = VT_PROCESS; vtm.relsig = SIGUSR1; vtm.acqsig = SIGUSR2; ioctl(STDIN_FILENO, VT_SETMODE, &vtm); #endif //TODO: use set_termios_to_raw() tcgetattr(STDIN_FILENO, &oterm); term = oterm; term.c_iflag |= IGNBRK; /* ignore serial break (why? VTs don't have breaks, right?) */ term.c_iflag &= ~BRKINT; /* redundant? "dont translate break to SIGINT" */ term.c_lflag &= ~(ISIG | ECHO | ECHOCTL); /* ignore ^C ^Z, echo off */ tcsetattr_stdin_TCSANOW(&term); while (1) { printf("Virtual console%s locked by %s.\n", /* "s" if -a, else "": */ "s" + !option_mask32, pw->pw_name ); if (ask_and_check_password(pw) > 0) { break; } bb_do_delay(LOGIN_FAIL_DELAY); puts("Incorrect password"); } #ifdef __linux__ ioctl(STDIN_FILENO, VT_SETMODE, &ovtm); #endif tcsetattr_stdin_TCSANOW(&oterm); fflush_stdout_and_exit(EXIT_SUCCESS); }
/*ARGSUSED*/ static void auto_lock(void) { #ifndef NO_CRYPT int i; char *srpp = NULL; struct passwd *pw; #undef XCRYPT #if defined(HAVE_AUTH_H) && defined(HAVE_GETAUTHUID) struct authorization *apw; extern char *crypt16 (const char *, const char *); # define XCRYPT(pw, a, b) crypt16(a, b) if ((pw = xgetpwuid(euid)) != NULL && /* effective user passwd */ (apw = getauthuid(euid)) != NULL) /* enhanced ultrix passwd */ srpp = apw->a_password; #elif defined(HAVE_SHADOW_H) struct spwd *spw; # define XCRYPT(pw, a, b) crypt(a, b) if ((pw = xgetpwuid(euid)) != NULL) { /* effective user passwd */ errno = 0; while ((spw = getspnam(pw->pw_name)) == NULL && errno == EINTR) { handle_pending_signals(); errno = 0; } if (spw != NULL) /* shadowed passwd */ srpp = spw->sp_pwdp; } #else #ifdef __CYGWIN__ # define XCRYPT(pw, a, b) cygwin_xcrypt(pw, a, b) #else # define XCRYPT(pw, a, b) crypt(a, b) #endif #if !defined(__MVS__) if ((pw = xgetpwuid(euid)) != NULL) /* effective user passwd */ srpp = pw->pw_passwd; #endif /* !MVS */ #endif if (srpp == NULL) { auto_logout(); /*NOTREACHED*/ return; } setalarm(0); /* Not for locking any more */ xputchar('\n'); for (i = 0; i < 5; i++) { const char *crpp; char *pp; #ifdef AFS char *afsname; Char *safs; if ((safs = varval(STRafsuser)) != STRNULL) afsname = short2str(safs); else if ((afsname = getenv("AFSUSER")) == NULL) afsname = pw->pw_name; #endif pp = xgetpass("Password:"******"\nIncorrect passwd for %s\n"), pw->pw_name); } #endif /* NO_CRYPT */ auto_logout(); }
int start_stop_daemon_main(int argc UNUSED_PARAM, char **argv) { unsigned opt; char *signame; char *startas; char *chuid; #if ENABLE_FEATURE_START_STOP_DAEMON_FANCY // char *retry_arg = NULL; // int retries = -1; char *opt_N; #endif INIT_G(); opt = GETOPT32(argv, "^" "KSbqtma:n:s:u:c:x:p:" IF_FEATURE_START_STOP_DAEMON_FANCY("ovN:R:") /* -K or -S is required; they are mutually exclusive */ /* -p is required if -m is given */ /* -xpun (at least one) is required if -K is given */ /* -xa (at least one) is required if -S is given */ /* -q turns off -v */ "\0" "K:S:K--S:S--K:m?p:K?xpun:S?xa" IF_FEATURE_START_STOP_DAEMON_FANCY("q-v"), LONGOPTS &startas, &cmdname, &signame, &userspec, &chuid, &execname, &pidfile IF_FEATURE_START_STOP_DAEMON_FANCY(,&opt_N) /* We accept and ignore -R <param> / --retry <param> */ IF_FEATURE_START_STOP_DAEMON_FANCY(,NULL) ); if (opt & OPT_s) { signal_nr = get_signum(signame); if (signal_nr < 0) bb_show_usage(); } if (!(opt & OPT_a)) startas = execname; if (!execname) /* in case -a is given and -x is not */ execname = startas; if (execname) { G.execname_sizeof = strlen(execname) + 1; G.execname_cmpbuf = xmalloc(G.execname_sizeof + 1); } // IF_FEATURE_START_STOP_DAEMON_FANCY( // if (retry_arg) // retries = xatoi_positive(retry_arg); // ) //argc -= optind; argv += optind; if (userspec) { user_id = bb_strtou(userspec, NULL, 10); if (errno) user_id = xuname2uid(userspec); } /* Both start and stop need to know current processes */ do_procinit(); if (opt & CTX_STOP) { int i = do_stop(); return (opt & OPT_OKNODO) ? 0 : (i <= 0); } if (G.found_procs) { if (!QUIET) printf("%s is already running\n%u\n", execname, (unsigned)G.found_procs->pid); return !(opt & OPT_OKNODO); } #ifdef OLDER_VERSION_OF_X if (execname) xstat(execname, &G.execstat); #endif *--argv = startas; if (opt & OPT_BACKGROUND) { #if BB_MMU bb_daemonize(DAEMON_DEVNULL_STDIO + DAEMON_CLOSE_EXTRA_FDS + DAEMON_DOUBLE_FORK); /* DAEMON_DEVNULL_STDIO is superfluous - * it's always done by bb_daemonize() */ #else /* Daemons usually call bb_daemonize_or_rexec(), but SSD can do * without: SSD is not itself a daemon, it _execs_ a daemon. * The usual NOMMU problem of "child can't run indefinitely, * it must exec" does not bite us: we exec anyway. */ pid_t pid = xvfork(); if (pid != 0) { /* parent */ /* why _exit? the child may have changed the stack, * so "return 0" may do bad things */ _exit(EXIT_SUCCESS); } /* Child */ setsid(); /* detach from controlling tty */ /* Redirect stdio to /dev/null, close extra FDs */ bb_daemon_helper(DAEMON_DEVNULL_STDIO + DAEMON_CLOSE_EXTRA_FDS); #endif } if (opt & OPT_MAKEPID) { /* User wants _us_ to make the pidfile */ write_pidfile(pidfile); } if (opt & OPT_c) { struct bb_uidgid_t ugid; parse_chown_usergroup_or_die(&ugid, chuid); if (ugid.uid != (uid_t) -1L) { struct passwd *pw = xgetpwuid(ugid.uid); if (ugid.gid != (gid_t) -1L) pw->pw_gid = ugid.gid; /* initgroups, setgid, setuid: */ change_identity(pw); } else if (ugid.gid != (gid_t) -1L) { xsetgid(ugid.gid); setgroups(1, &ugid.gid); } } #if ENABLE_FEATURE_START_STOP_DAEMON_FANCY if (opt & OPT_NICELEVEL) { /* Set process priority */ int prio = getpriority(PRIO_PROCESS, 0) + xatoi_range(opt_N, INT_MIN/2, INT_MAX/2); if (setpriority(PRIO_PROCESS, 0, prio) < 0) { bb_perror_msg_and_die("setpriority(%d)", prio); } } #endif execvp(startas, argv); bb_perror_msg_and_die("can't execute '%s'", startas); }
int crontab_main(int argc UNUSED_PARAM, char **argv) { const struct passwd *pas; const char *crontab_dir = CRONTABS; char *tmp_fname; char *new_fname; char *user_name; /* -u USER */ int fd; int src_fd; int opt_ler; /* file [opts] Replace crontab from file * - [opts] Replace crontab from stdin * -u user User * -c dir Crontab directory * -l List crontab for user * -e Edit crontab for user * -r Delete crontab for user * bbox also supports -d == -r, but most other crontab * implementations do not. Deprecated. */ enum { OPT_u = (1 << 0), OPT_c = (1 << 1), OPT_l = (1 << 2), OPT_e = (1 << 3), OPT_r = (1 << 4), OPT_ler = OPT_l + OPT_e + OPT_r, }; opt_complementary = "?1:dr"; /* max one argument; -d implies -r */ opt_ler = getopt32(argv, "u:c:lerd", &user_name, &crontab_dir); argv += optind; if (sanitize_env_if_suid()) { /* Clears dangerous stuff, sets PATH */ /* Run by non-root */ if (opt_ler & (OPT_u|OPT_c)) bb_error_msg_and_die(bb_msg_you_must_be_root); } if (opt_ler & OPT_u) { pas = xgetpwnam(user_name); } else { pas = xgetpwuid(getuid()); } #define user_name DONT_USE_ME_BEYOND_THIS_POINT /* From now on, keep only -l, -e, -r bits */ opt_ler &= OPT_ler; if ((opt_ler - 1) & opt_ler) /* more than one bit set? */ bb_show_usage(); /* Read replacement file under user's UID/GID/group vector */ src_fd = STDIN_FILENO; if (!opt_ler) { /* Replace? */ if (!argv[0]) bb_show_usage(); if (NOT_LONE_DASH(argv[0])) { src_fd = open_as_user(pas, argv[0]); if (src_fd < 0) bb_error_msg_and_die("user %s cannot read %s", pas->pw_name, argv[0]); } } /* cd to our crontab directory */ xchdir(crontab_dir); tmp_fname = NULL; /* Handle requested operation */ switch (opt_ler) { default: /* case OPT_r: Delete */ unlink(pas->pw_name); break; case OPT_l: /* List */ { char *args[2] = { pas->pw_name, NULL }; return bb_cat(args); /* list exits, * the rest go play with cron update file */ } case OPT_e: /* Edit */ tmp_fname = xasprintf("%s.%u", crontab_dir, (unsigned)getpid()); /* No O_EXCL: we don't want to be stuck if earlier crontabs * were killed, leaving stale temp file behind */ src_fd = xopen3(tmp_fname, O_RDWR|O_CREAT|O_TRUNC, 0600); fchown(src_fd, pas->pw_uid, pas->pw_gid); fd = open(pas->pw_name, O_RDONLY); if (fd >= 0) { bb_copyfd_eof(fd, src_fd); close(fd); xlseek(src_fd, 0, SEEK_SET); } close_on_exec_on(src_fd); /* don't want editor to see this fd */ edit_file(pas, tmp_fname); /* fall through */ case 0: /* Replace (no -l, -e, or -r were given) */ new_fname = xasprintf("%s.new", pas->pw_name); fd = open(new_fname, O_WRONLY|O_CREAT|O_TRUNC|O_APPEND, 0600); if (fd >= 0) { bb_copyfd_eof(src_fd, fd); close(fd); xrename(new_fname, pas->pw_name); } else { bb_error_msg("can't create %s/%s", crontab_dir, new_fname); } if (tmp_fname) unlink(tmp_fname); /*free(tmp_fname);*/ /*free(new_fname);*/ } /* switch */ /* Bump notification file. Handle window where crond picks file up * before we can write our entry out. */ while ((fd = open(CRONUPDATE, O_WRONLY|O_CREAT|O_APPEND, 0600)) >= 0) { struct stat st; fdprintf(fd, "%s\n", pas->pw_name); if (fstat(fd, &st) != 0 || st.st_nlink != 0) { /*close(fd);*/ break; } /* st.st_nlink == 0: * file was deleted, maybe crond missed our notification */ close(fd); /* loop */ } if (fd < 0) { bb_error_msg("can't append to %s/%s", crontab_dir, CRONUPDATE); } return 0; }
char* FAST_FUNC xuid2uname(uid_t uid) { /* Note: used in nofork applets (whoami), be careful not to leak anything */ struct passwd *pw = xgetpwuid(uid); return pw->pw_name; }
char* FAST_FUNC xuid2uname(uid_t uid) { struct passwd *pw = xgetpwuid(uid); return pw->pw_name; }