| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
SUID_CFLAGS are not meant to override the makefile-wide AM_CFLAGS.
(We do not use AM_CFLAGS currently, but we will.)
Signed-off-by: Stepan Kasal <skasal@redhat.com>
|
| |
|
|
|
|
|
|
| |
The patch allows to define special CFLAGS for typical suid programs
(like mount, umount, chfn, ...). Some distributions use for example
"-fpic" for suid binaries.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The original newgrp command doesn't expect group pasword in /etc/gshadow
although almost all distributions use this file (and the gpasswd command).
The newgrp from util-linux is deprecated and better is use shadow-utils only.
Unfortunately, shadow-utils are broken too (see RH version where is bugfix).
In this case it's better fix util-linux version at least...
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
The login command reports AUDIT_USER_LOGIN message to audit system
(depends on --with-audit).
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
This support includes:
* non-PAM version supports IPv6 ranges in /etc/usertty
* utmp records with IPv6 addresses
Based on patch by: Milan Zazrivec <mzazrivec@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
The hnmatch() in checktty.c is checking IP addresses if the login util
is compiled without PAM support.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
On 64-bit platforms such as x86_64, glibc is usually built with 32-bit
compatibility for various structures. One of them is utmp.
What this means is that gettimeofday(&ut.ut_tv, NULL) on x86_64 will
end up overwriting the first parts of ut_addr_v6, leading to garbage
in the utmp file.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The login omits pam_acct_mgmt & chauth_tok when authentication is skipped.
Authentication may be skipped, for example, during krlogin because Kerberos
already took care of it. The problem with skipping pam_acct_mgmt is that it
allows users to use the system when maybe they should not be allowed, such that
if they have a Kerberos ticket, the other checks do not apply.
If a user had to use password authentication, pam_acct_mgmt may reject the user
for several reasons: not allowed to use the system at this time, not allowed to
use this system, user's account has been disabled, etc. Why should these tests
be skipped just because the user has a ticket?
Same with pam_chauthtok: the user may have a valid ticket, but if their
password has expired, they need to enter a new one right now.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If you manage to exec login with a userid other than root, and its
input / output directed to a terminal for which it does not have
read/write access, it will attempt to proceed (and can potentially
hang forever -- but this hang has been fixed in a previous commit).
It's better to check if we have permissions for terminal rather than
do any useless things.
From: Jason Vas Dias <jvdias@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
The PAM session modules typically write to syslog when leaving the
session. The openlog() is way how define a "ident" for syslog messages.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Login tries to set a timeout in main() by SIGALARM. If any restartable system
call is entered, such system calls can block indefinitely and will NOT be
interrupted by the SIGALRM.
The bug appears when the login program is run for a terminal for which it
doens't have read or write permission.
In that case, login hung until manually killed by the administrator in its
tcsetattr(...) call at login.c, line 460:
/* Kill processes left on this tty */
tcsetattr(0,TCSAFLUSH,&ttt);
This may possibly be a kernel bug - instead of returning EIO / EPERM, the
kernel continously sends an infinite number of SIGTTOU signals to the process .
An 80MB strace log file was generated, consisting of >1,000,000 repetitions
of :
4964 11:00:18 ioctl(0, SNDCTL_TMR_CONTINUE or TCSETSF, {c_iflags=0x106,
c_oflags=0x1805, c_cflags=0x800000be, c_lflags=0x3b, c_line=0,
c_cc="\x03\x1c\x7f\x15\x04\x00\x01\x00\x11\x13\x1a\x00\x12\x0f\x17\x16\x00\x00\x00"})
= ? ERESTARTSYS (To be restarted)
4964 11:00:18 --- SIGTTOU (Stopped (tty output)) @ 0 (0) ---
4964 11:00:18 --- SIGTTOU (Stopped (tty output)) @ 0 (0) ---
Login's alarm signal handler DOES get the SIGALRM after the 60 second timeout,
and timedout() is called; but then timedout2 calls ioctl(0, TCSETA, &ti), which
also blocks, because the ioctl(0, TCSETSF...) of tcsetattr is in progress, and
the exit() call of timedout2 is never reached, and the tcsetattr call is
restarted.
From: Jason Vas Dias <jvdias@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The login cannot ignore signals, because:
* SIGHUP is only way how inform session leader that controlling
tty goes away. The leader has to inform others processes in same
process group about the signal.
* SIGHUP/SIGTERM cannot kill wait(2)-ing login, we have to wait as long
as any child process exists. The PAM session has to be closed correctly.
* The child process (before setsid()) has to call exit() if a controlling
tty goes away.
This patch is inspired by patch from Red Hat that is very well tested for last
4 years in all Red Hat distros.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
|
| |
If for some reason the pam set credential call fails, it does not close the pam
session. pam open can mount drives, so calling pam close is important.
From: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
This patch add all missing headers, man pages and README files to automake
stuff and "make dist-gzip" produces useful tarball now.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| |
|
|
|
|
|
| |
The generated autotools stuff shouldn't be maintained by SCM. After check out
from git use ./autogen.sh. For more details see README.devel.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
