nologin: add new command

Currently it's maintained as distro specific (or people use impolite
/bin/false way).

Signed-off-by: Karel Zak <kzak@redhat.com>

3 files changed, 135 insertions, 0 deletions

diff --git a/login-utils/Makemodule.am b/login-utils/Makemodule.am
index c5e8c07ae..aca028a29 100644
--- a/login-utils/Makemodule.am
+++ b/login-utils/Makemodule.am
@@ -60,6 +60,13 @@ endif
 endif # BUILD_LOGIN
 
 
+if BUILD_NOLOGIN
+sbin_PROGRAMS += nologin
+dist_man_MANS += login-utils/nologin.8
+nologin_SOURCES = login-utils/nologin.c
+endif
+
+
 if BUILD_UTMPDUMP
 usrbin_exec_PROGRAMS += utmpdump
 dist_man_MANS += login-utils/utmpdump.1
diff --git a/login-utils/nologin.8 b/login-utils/nologin.8
new file mode 100644
index 000000000..b4e10704e
--- /dev/null
+++ b/login-utils/nologin.8
@@ -0,0 +1,53 @@
+.\" -*- nroff -*-
+.TH NOLOGIN 8 "September 2013" "util-linux" "System Administration"
+.SH NAME
+nologin \- politely refuse a login
+.SH SYNOPSIS
+.B nologin
+.RB [ \-V ]
+.RB [ \-h ]
+.SH DESCRIPTION
+.B nologin
+displays a message that an account is not available and exits non-zero.  It is
+intended as a replacement shell field to deny login access to account.
+.PP
+If the file /etc/nologin.txt exists, nologin displays its contents to the 
+user instead of the default message.
+.PP
+The exit code returned by
+.B nologin
+is always 1.
+.PP
+.SH OPTIONS
+.IP "\fB\-h, \-\-help\fP"
+Print help and exit.
+.IP "\fB-V, \-\-version"
+Print version and exit.
+.SH NOTES
+.B nologin
+is per-account way to disable login (usually used for system accounts like http or ftp).
+.BR nologin (8)
+uses /etc/nologin.txt as optional source for non-default message, the login
+access is always refused independently on the file.
+.PP
+.BR pam_nologin (8)
+PAM module usually prevents all non-root users from logging into the system.
+.BR pam_nologin (8)
+functionality is controled by /var/run/nologin or /etc/nologin file. 
+.SH AUTHORS
+.UR kzak@redhat.com
+Karel Zak
+.UE
+.SH SEE ALSO
+.BR login (1),
+.BR passwd (5),
+.BR pam_nologin (8)
+.SH HISTORY
+The
+.B nologin
+command appeared in 4.4BSD.
+.SH AVAILABILITY
+The nologin command is part of the util-linux package and is available from
+.UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/
+Linux Kernel Archive
+.UE .
diff --git a/login-utils/nologin.c b/login-utils/nologin.c
new file mode 100644
index 000000000..a4fb82db6
--- /dev/null
+++ b/login-utils/nologin.c
@@ -0,0 +1,75 @@
+/*
+ * Copyright (C) 2013 Karel Zak <kzak@redhat.com>
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <string.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <getopt.h>
+
+#include "c.h"
+#include "nls.h"
+#include "pathnames.h"
+
+/*
+ * Always return EXIT_FAILURE (1), don't try to be smart!
+ */
+
+static void __attribute__((__noreturn__)) usage(FILE *out)
+{
+	fputs(USAGE_HEADER, out);
+
+	fprintf(out,
+		_(" %s [options]\n"), program_invocation_short_name);
+
+	fputs(USAGE_OPTIONS, out);
+	fputs(USAGE_HELP, out);
+	fputs(USAGE_VERSION, out);
+
+	fprintf(out, USAGE_MAN_TAIL("nologin(8)"));
+	exit(EXIT_FAILURE);
+}
+
+int main(int argc, char *argv[])
+{
+	int c, fd;
+	static const struct option longopts[] = {
+		{ "help",    0, 0, 'h' },
+		{ "version", 0, 0, 'V' },
+		{ NULL, 0, 0, 0 }
+	};
+
+	setlocale(LC_ALL, "");
+	bindtextdomain(PACKAGE, LOCALEDIR);
+	textdomain(PACKAGE);
+
+	while ((c = getopt_long(argc, argv, "hV", longopts, NULL)) != -1) {
+		switch (c) {
+		case 'h':
+			usage(stdout);
+			break;
+		case 'V':
+			printf(UTIL_LINUX_VERSION);
+			return EXIT_FAILURE;
+		default:
+			usage(stderr);
+			break;
+		}
+	}
+
+	fd = open(_PATH_NOLOGIN_TXT, O_RDONLY);
+	if (fd >= 0) {
+		char buf[BUFSIZ];
+		ssize_t rd;
+
+		while ((rd = read(fd, buf, sizeof(buf))) > 0)
+			ignore_result( write(STDOUT_FILENO, buf, rd) );
+		close(fd);
+	} else
+		fprintf(stdout, _("This account is currently not available.\n"));
+
+	return EXIT_FAILURE;
+}