|
Lines 158-172
Link Here
|
| 158 |
char * const *b; |
158 |
char * const *b; |
| 159 |
} np; |
159 |
} np; |
| 160 |
uid_t ruid; |
160 |
uid_t ruid; |
| 161 |
pid_t child_pid, child_pgrp, pid; |
|
|
| 162 |
int asme, ch, asthem, fastlogin, prio, i, retcode, |
161 |
int asme, ch, asthem, fastlogin, prio, i, retcode, |
| 163 |
statusp, setmaclabel; |
162 |
statusp, setmaclabel; |
| 164 |
u_int setwhat; |
163 |
u_int setwhat; |
| 165 |
char *username, *class, shellbuf[MAXPATHLEN]; |
164 |
char *username, *class, shellbuf[MAXPATHLEN]; |
| 166 |
const char *p, *user, *shell, *mytty, **nargv; |
165 |
const char *p, *user, *shell, *mytty, **nargv; |
| 167 |
const void *v; |
166 |
const void *v; |
| 168 |
struct sigaction sa, sa_int, sa_quit, sa_pipe; |
|
|
| 169 |
int temp, fds[2]; |
| 170 |
#ifdef USE_BSM_AUDIT |
167 |
#ifdef USE_BSM_AUDIT |
| 171 |
const char *aerr; |
168 |
const char *aerr; |
| 172 |
au_id_t auid; |
169 |
au_id_t auid; |
|
Lines 425-490
Link Here
|
| 425 |
} |
422 |
} |
| 426 |
} |
423 |
} |
| 427 |
|
424 |
|
| 428 |
/* |
|
|
| 429 |
* We must fork() before setuid() because we need to call |
| 430 |
* pam_setcred(pamh, PAM_DELETE_CRED) as root. |
| 431 |
*/ |
| 432 |
sa.sa_flags = SA_RESTART; |
| 433 |
sa.sa_handler = SIG_IGN; |
| 434 |
sigemptyset(&sa.sa_mask); |
| 435 |
sigaction(SIGINT, &sa, &sa_int); |
| 436 |
sigaction(SIGQUIT, &sa, &sa_quit); |
| 437 |
sigaction(SIGPIPE, &sa, &sa_pipe); |
| 438 |
sa.sa_handler = SIG_DFL; |
| 439 |
sigaction(SIGTSTP, &sa, NULL); |
| 440 |
statusp = 1; |
| 441 |
if (pipe(fds) == -1) { |
| 442 |
PAM_END(); |
| 443 |
err(1, "pipe"); |
| 444 |
} |
| 445 |
child_pid = fork(); |
| 446 |
switch (child_pid) { |
| 447 |
default: |
| 448 |
sa.sa_handler = SIG_IGN; |
| 449 |
sigaction(SIGTTOU, &sa, NULL); |
| 450 |
close(fds[0]); |
| 451 |
setpgid(child_pid, child_pid); |
| 452 |
if (tcgetpgrp(STDERR_FILENO) == getpgrp()) |
| 453 |
tcsetpgrp(STDERR_FILENO, child_pid); |
| 454 |
close(fds[1]); |
| 455 |
sigaction(SIGPIPE, &sa_pipe, NULL); |
| 456 |
while ((pid = waitpid(child_pid, &statusp, WUNTRACED)) != -1) { |
| 457 |
if (WIFSTOPPED(statusp)) { |
| 458 |
child_pgrp = getpgid(child_pid); |
| 459 |
if (tcgetpgrp(STDERR_FILENO) == child_pgrp) |
| 460 |
tcsetpgrp(STDERR_FILENO, getpgrp()); |
| 461 |
kill(getpid(), SIGSTOP); |
| 462 |
if (tcgetpgrp(STDERR_FILENO) == getpgrp()) { |
| 463 |
child_pgrp = getpgid(child_pid); |
| 464 |
tcsetpgrp(STDERR_FILENO, child_pgrp); |
| 465 |
} |
| 466 |
kill(child_pid, SIGCONT); |
| 467 |
statusp = 1; |
| 468 |
continue; |
| 469 |
} |
| 470 |
break; |
| 471 |
} |
| 472 |
tcsetpgrp(STDERR_FILENO, getpgrp()); |
| 473 |
if (pid == -1) |
| 474 |
err(1, "waitpid"); |
| 475 |
PAM_END(); |
| 476 |
exit(WEXITSTATUS(statusp)); |
| 477 |
case -1: |
| 478 |
PAM_END(); |
| 479 |
err(1, "fork"); |
| 480 |
case 0: |
| 481 |
close(fds[1]); |
| 482 |
read(fds[0], &temp, 1); |
| 483 |
close(fds[0]); |
| 484 |
sigaction(SIGPIPE, &sa_pipe, NULL); |
| 485 |
sigaction(SIGINT, &sa_int, NULL); |
| 486 |
sigaction(SIGQUIT, &sa_quit, NULL); |
| 487 |
|
| 488 |
/* |
425 |
/* |
| 489 |
* Set all user context except for: Environmental variables |
426 |
* Set all user context except for: Environmental variables |
| 490 |
* Umask Login records (wtmp, etc) Path |
427 |
* Umask Login records (wtmp, etc) Path |
|
Lines 555-561
Link Here
|
| 555 |
|
492 |
|
| 556 |
execv(shell, np.b); |
493 |
execv(shell, np.b); |
| 557 |
err(1, "%s", shell); |
494 |
err(1, "%s", shell); |
| 558 |
} |
|
|
| 559 |
} |
495 |
} |
| 560 |
|
496 |
|
| 561 |
static void |
497 |
static void |