From bd299782ca40756515acf1c3afa4d8662a2492f2 Mon Sep 17 00:00:00 2001
From: Sami Kerola
Date: Tue, 6 Oct 2015 23:15:54 +0100
Subject: nologin: require /etc/nologin.txt to be file

This makes silly practical jokes impossible, like for example symlinking
/dev/null or dev/random to /etc/nologin.txt

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
---
 login-utils/nologin.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'login-utils/nologin.c')

diff --git a/login-utils/nologin.c b/login-utils/nologin.c
index 3be50ca12..0a06ef8b6 100644
--- a/login-utils/nologin.c
+++ b/login-utils/nologin.c
@@ -3,6 +3,7 @@
  */
 
 #include <stdio.h>
+#include <sys/stat.h>
 #include <sys/types.h>
 #include <fcntl.h>
 #include <string.h>
@@ -38,6 +39,7 @@ static void __attribute__((__noreturn__)) usage(FILE *out)
 int main(int argc, char *argv[])
 {
 	int c, fd;
+	struct stat st;
 	static const struct option longopts[] = {
 		{ "help",    0, 0, 'h' },
 		{ "version", 0, 0, 'V' },
@@ -63,7 +65,8 @@ int main(int argc, char *argv[])
 	}
 
 	fd = open(_PATH_NOLOGIN_TXT, O_RDONLY);
-	if (fd >= 0) {
+	c = fstat(fd, &st);
+	if (fd >= 0 && !c && S_ISREG(st.st_mode)) {
 		char buf[BUFSIZ];
 		ssize_t rd;
 
-- 
cgit v1.2.3-55-g7522