Attachment #150706 for bug #195759

Lines 1-5 Link Here

(-)./files/patch-CMakeLists.txt (-4 / +12 lines)
1	--- ./CMakeLists.txt.orig 2013-10-01 22:38:05.000000000 +0000	1	--- CMakeLists.txt.orig 2013-10-01 18:38:05.000000000 -0400
2	+++ ./CMakeLists.txt 2014-03-08 16:26:46.000000000 +0000	2	+++ CMakeLists.txt 2014-12-15 21:35:53.000000000 -0500
3	@@ -14,6 +14,7 @@	3	@@ -14,6 +14,7 @@
4	INCLUDE(CheckCCompilerFlag)	4	INCLUDE(CheckCCompilerFlag)
5	INCLUDE(CheckCXXCompilerFlag)	5	INCLUDE(CheckCXXCompilerFlag)
Lines 60-66 Link Here
60	include_directories(${PAM_INCLUDE_DIR})	60	include_directories(${PAM_INCLUDE_DIR})
61	else(PAM_FOUND)	61	else(PAM_FOUND)
62	message("\tPAM Not Found")	62	message("\tPAM Not Found")
63	@@ -221,7 +235,9 @@	63	@@ -195,6 +209,7 @@
		64	${FREETYPE_LIBRARY}
		65	${JPEG_LIBRARIES}
		66	${PNG_LIBRARIES}
		67	+ util
		68	libslim
		69	)
		70
		71	@@ -221,7 +236,9 @@
64	####### install	72	####### install
65	# slim	73	# slim
66	install(TARGETS slim RUNTIME DESTINATION bin)	74	install(TARGETS slim RUNTIME DESTINATION bin)
Lines 71-77 Link Here
71		79
72	if (BUILD_SHARED_LIBS)	80	if (BUILD_SHARED_LIBS)
73	set_target_properties(libslim PROPERTIES	81	set_target_properties(libslim PROPERTIES
74	@@ -236,9 +252,11 @@	82	@@ -236,9 +253,11 @@
75		83
76	# man file	84	# man file
77	install(FILES slim.1 DESTINATION ${MANDIR}/man1/)	85	install(FILES slim.1 DESTINATION ${MANDIR}/man1/)




--- app.cpp.orig	2013-10-01 18:38:05.000000000 -0400
+++ app.cpp	2014-12-18 00:18:29.000000000 -0500
@@ -14,6 +14,7 @@
 #include <unistd.h>
 #include <fcntl.h>
 #include <stdint.h>
+#include <login_cap.h>
 #include <cstring>
 #include <cstdio>
 #include <iostream>
@@ -32,6 +33,20 @@
 
 using namespace std;
 
+static const int LOGIN_CAP_VAR_COUNT = 4;
+static const char* LOGIN_CAP_VARS[] = {
+	"lang",
+	"charset",
+	"timezone",
+	"manpath",
+};
+static const char* LOGIN_CAP_ENVS[] = {
+	"LANG",
+	"MM_CHARSET",
+	"TZ",
+	"MANPATH",
+};
+
 #ifdef USE_PAM
 #include <string>
 
@@ -123,6 +138,22 @@
 	signal(sig, User1Signal);
 }
 
+static void AddToEnv(char*** curr_env, const char *name, const char *value) {
+	int n;
+	for (n = 0; (*curr_env)[n] != NULL; n++) ;
+	n++;
+	char** new_env = static_cast<char**>(malloc(sizeof(char*) * (n + 1)));
+	memcpy(new_env, *curr_env, sizeof(char*) * n);
+	char* entry = static_cast<char*>(malloc(strlen(name) + strlen(value) + 2));
+	strcpy(entry, name);
+	strcat(entry, "=");
+	strcat(entry, value);
+	new_env[n-1] = entry;
+	new_env[n] = NULL;
+	free(*curr_env);
+	*curr_env = new_env;
+}
+
 #ifdef USE_PAM
 App::App(int argc, char** argv)
   : pam(conv, static_cast<void*>(&LoginPanel)),
@@ -627,6 +658,17 @@
 
 #endif
 
+		login_cap_t *lc = login_getpwclass(pw);
+		if (lc != NULL) {
+			for (int i = 0; i < LOGIN_CAP_VAR_COUNT; i++) {
+				const char *value = login_getcapstr(lc, LOGIN_CAP_VARS[i], NULL, NULL);
+				if (value != NULL) {
+					AddToEnv(&child_env, LOGIN_CAP_ENVS[i], value);
+				}
+			}
+			login_close(lc);
+		}
+
 		/* Login process starts here */
 		SwitchUser Su(pw, cfg, DisplayName, child_env);
 		string session = LoginPanel->getSession();
@@ -941,7 +983,7 @@
 	}
 
 	if (!hasVtSet && daemonmode) {

Lines 7-13 Link Here

(-)./files/patch-slim.conf (-1 / +1 lines)
7	-default_xserver /usr/bin/X	7	-default_xserver /usr/bin/X
8	-#xserver_arguments -dpi 75	8	-#xserver_arguments -dpi 75
9	+# Use default path from /etc/login.conf	9	+# Use default path from /etc/login.conf
10	+default_path /sbin:/bin:/usr/sbin:/usr/bin:/usr/games:%%LOCALBASE%%/sbin:%%LOCALBASE%%/bin:$HOME/bin	10	+default_path /sbin:/bin:/usr/sbin:/usr/bin:/usr/games:%%LOCALBASE%%/sbin:%%LOCALBASE%%/bin
11	+default_xserver %%LOCALBASE%%/bin/X	11	+default_xserver %%LOCALBASE%%/bin/X
12	+# The X server needs to be started on an unused virtual terminal,	12	+# The X server needs to be started on an unused virtual terminal,
13	+# for FreeBSD in a default configuration, the first one of those is #09	13	+# for FreeBSD in a default configuration, the first one of those is #09




--- switchuser.cpp.orig	2013-10-01 18:38:05.000000000 -0400
+++ switchuser.cpp	2014-12-15 22:14:16.000000000 -0500
@@ -9,6 +9,9 @@
    (at your option) any later version.
 */
 
+#include <sys/types.h>
+#include <login_cap.h>
+
 #include <cstdio>
 #include "switchuser.h"
 #include "util.h"
@@ -35,13 +38,27 @@
 }
 
 void SwitchUser::SetUserId() {
-	if( (Pw == 0) ||
-			(initgroups(Pw->pw_name, Pw->pw_gid) != 0) ||
-			(setgid(Pw->pw_gid) != 0) ||
-			(setuid(Pw->pw_uid) != 0) ) {
-		logStream << APPNAME << ": could not switch user id" << endl;
-		exit(ERR_EXIT);
+	if ((Pw != 0) && (setsid() != -1)) {
+		// TODO: allow users to override settings with .login.conf
+		login_cap_t *lc = login_getpwclass(Pw);
+		if ((lc != NULL) &&
+				(setusercontext(lc, Pw, Pw->pw_uid, LOGIN_SETALL) == 0)) {
+			login_close(lc);
+			return;
+		}
+		login_close(lc);
+		logStream << APPNAME << ": fail to set user context" << endl;
+		// fallback to old method
+		if ((setlogin(Pw->pw_name) == 0) &&
+				(initgroups(Pw->pw_name, Pw->pw_gid) == 0) &&
+				(setgid(Pw->pw_gid) == 0) &&
+				(setuid(Pw->pw_uid) == 0) ) {
+			return;
+		}
 	}
+
+	logStream << APPNAME << ": could not switch user id" << endl;
+	exit(ERR_EXIT);
 }
 
 void SwitchUser::Execute(const char* cmd) {

Return to bug 195759

Lines 1-6 Link Here

(-)./files/patch-app.cpp (-3 / +73 lines)
1	--- ./app.cpp.orig 2012-12-31 07:03:42.000000000 -0600	1	--- app.cpp.orig 2013-10-01 18:38:05.000000000 -0400
2	+++ ./app.cpp 2013-03-23 14:10:35.000000000 -0500	2	+++ app.cpp 2014-12-18 00:18:29.000000000 -0500
3	@@ -931,7 +931,7 @@	3	@@ -14,6 +14,7 @@
		4	#include <unistd.h>
		5	#include <fcntl.h>
		6	#include <stdint.h>
		7	+#include <login_cap.h>
		8	#include <cstring>
		9	#include <cstdio>
		10	#include <iostream>
		11	@@ -32,6 +33,20 @@
		12
		13	using namespace std;
		14
		15	+static const int LOGIN_CAP_VAR_COUNT = 4;
		16	+static const char* LOGIN_CAP_VARS[] = {
		17	+ "lang",
		18	+ "charset",
		19	+ "timezone",
		20	+ "manpath",
		21	+};
		22	+static const char* LOGIN_CAP_ENVS[] = {
		23	+ "LANG",
		24	+ "MM_CHARSET",
		25	+ "TZ",
		26	+ "MANPATH",
		27	+};
		28	+
		29	#ifdef USE_PAM
		30	#include <string>
		31
		32	@@ -123,6 +138,22 @@
		33	signal(sig, User1Signal);
		34	}
		35
		36	+static void AddToEnv(char*** curr_env, const char name, const char value) {
		37	+ int n;
		38	+ for (n = 0; (*curr_env)[n] != NULL; n++) ;
		39	+ n++;
		40	+ char new_env = static_cast<char>(malloc(sizeof(char) (n + 1)));
		41	+ memcpy(new_env, curr_env, sizeof(char) * n);
		42	+ char* entry = static_cast<char*>(malloc(strlen(name) + strlen(value) + 2));
		43	+ strcpy(entry, name);
		44	+ strcat(entry, "=");
		45	+ strcat(entry, value);
		46	+ new_env[n-1] = entry;
		47	+ new_env[n] = NULL;
		48	+ free(*curr_env);
		49	+ *curr_env = new_env;
		50	+}
		51	+
		52	#ifdef USE_PAM
		53	App::App(int argc, char** argv)
		54	: pam(conv, static_cast<void*>(&LoginPanel)),
		55	@@ -627,6 +658,17 @@
		56
		57	#endif
		58
		59	+ login_cap_t *lc = login_getpwclass(pw);
		60	+ if (lc != NULL) {
		61	+ for (int i = 0; i < LOGIN_CAP_VAR_COUNT; i++) {
		62	+ const char *value = login_getcapstr(lc, LOGIN_CAP_VARS[i], NULL, NULL);
		63	+ if (value != NULL) {
		64	+ AddToEnv(&child_env, LOGIN_CAP_ENVS[i], value);
		65	+ }
		66	+ }
		67	+ login_close(lc);
68	+ }
69	+
70	/* Login process starts here */
71	SwitchUser Su(pw, cfg, DisplayName, child_env);
72	string session = LoginPanel->getSession();
73	@@ -941,7 +983,7 @@
4	}	74	}
5		75
6	if (!hasVtSet && daemonmode) {	76	if (!hasVtSet && daemonmode) {

Lines 1-11 Link Here

(-)./files/patch-switchuser.cpp (-9 / +44 lines)
1	--- ./switchuser.cpp.orig 2012-12-31 07:03:42.000000000 -0600	1	--- switchuser.cpp.orig 2013-10-01 18:38:05.000000000 -0400
2	+++ ./switchuser.cpp 2013-03-23 14:10:35.000000000 -0500	2	+++ switchuser.cpp 2014-12-15 22:14:16.000000000 -0500
3	@@ -36,6 +36,8 @@	3	@@ -9,6 +9,9 @@
		4	(at your option) any later version.
		5	*/
		6
		7	+#include <sys/types.h>
		8	+#include <login_cap.h>
		9	+
		10	#include <cstdio>
		11	#include "switchuser.h"
		12	#include "util.h"
		13	@@ -35,13 +38,27 @@
		14	}
4		15
5	void SwitchUser::SetUserId() {	16	void SwitchUser::SetUserId() {
6	if( (Pw == 0) \|\|	17	- if( (Pw == 0) \|\|
7	+ (setsid() == -1) \|\|	18	- (initgroups(Pw->pw_name, Pw->pw_gid) != 0) \|\|
8	+ (setlogin(Pw->pw_name) != 0) \|\|	19	- (setgid(Pw->pw_gid) != 0) \|\|
9	(initgroups(Pw->pw_name, Pw->pw_gid) != 0) \|\|	20	- (setuid(Pw->pw_uid) != 0) ) {
10	(setgid(Pw->pw_gid) != 0) \|\|	21	- logStream << APPNAME << ": could not switch user id" << endl;
11	(setuid(Pw->pw_uid) != 0) ) {	22	- exit(ERR_EXIT);
		23	+ if ((Pw != 0) && (setsid() != -1)) {
		24	+ // TODO: allow users to override settings with .login.conf
		25	+ login_cap_t *lc = login_getpwclass(Pw);
		26	+ if ((lc != NULL) &&
		27	+ (setusercontext(lc, Pw, Pw->pw_uid, LOGIN_SETALL) == 0)) {
		28	+ login_close(lc);
		29	+ return;
		30	+ }
		31	+ login_close(lc);
		32	+ logStream << APPNAME << ": fail to set user context" << endl;
		33	+ // fallback to old method
		34	+ if ((setlogin(Pw->pw_name) == 0) &&
		35	+ (initgroups(Pw->pw_name, Pw->pw_gid) == 0) &&
		36	+ (setgid(Pw->pw_gid) == 0) &&
		37	+ (setuid(Pw->pw_uid) == 0) ) {
		38	+ return;
		39	+ }
		40	}
		41	+
		42	+ logStream << APPNAME << ": could not switch user id" << endl;
		43	+ exit(ERR_EXIT);
		44	}
		45
		46	void SwitchUser::Execute(const char* cmd) {