Attachment #17290 for bug #31419

View | Details | Raw Unified | Return to bug 31419
Collapse All | Expand All

Lines 19-28 Link Here

(-)fbtab.5 (-4 / +2 lines)
19	All other lines consist of three fields delimited by	19	All other lines consist of three fields delimited by
20	whitespace: a login device (/dev/ttyv0), an octal	20	whitespace: a login device (/dev/ttyv0), an octal
21	permission number (0600), and a ":"-delimited list of	21	permission number (0600), and a ":"-delimited list of
22	devices (/dev/console). All device names are	22	device patterns (/dev/console, /dev/dsp*).
23	absolute paths.	23	All device patterns are absolute paths.
24	A path that ends in "/*" refers to all
25	directory entries except "." and "..".
26	.Pp	24	.Pp
27	If the tty argument (relative path) matches a login device	25	If the tty argument (relative path) matches a login device
28	name (absolute path), the permissions of the devices in the	26	name (absolute path), the permissions of the devices in the




#include <syslog.h>
#include <string.h>
#include <errno.h>
#include <glob.h>
#include <paths.h>
#include <unistd.h>
#include "pathnames.h"

/* login_protect - protect one device entry */

void
login_protect(table, pattern, mask, uid, gid)
	char	*table;
	char	*pattern;
	int	mask;
	uid_t	uid;
	gid_t	gid;
{
	glob_t  gl;
	char	*path;
	int     i;

	if (glob(pattern, GLOB_NOSORT, NULL, &gl) != 0)
		return;
	for (i = 0; i < gl.gl_pathc; i++) {
		path = gl.gl_pathv[i];
		/* clear flags of the device */
		if (chflags(path, 0) && errno != ENOENT && errno != EOPNOTSUPP)
			syslog(LOG_ERR, "%s: chflags(%s): %m", table, path);
		if (chmod(path, mask) && errno != ENOENT)
			syslog(LOG_ERR, "%s: chmod(%s): %m", table, path);
		if (chown(path, uid, gid) && errno != ENOENT)
			syslog(LOG_ERR, "%s: chown(%s): %m", table, path);
	buf[pathlen - 1] = 0;
	if ((dir = opendir(buf)) == 0) {
	    syslog(LOG_ERR, "%s: opendir(%s): %m", table, path);
	} else {
	    while ((ent = readdir(dir)) != 0) {
		if (strcmp(ent->d_name, ".") != 0
		    && strcmp(ent->d_name, "..") != 0) {
		    strcpy(buf + pathlen - 1, ent->d_name);
		    login_protect(table, buf, mask, uid, gid);
		}
	    }
	    closedir(dir);
	}
	globfree(&gl);
}

Return to bug 31419

Lines 65-71 Link Here

(-)login_fbtab.c (-35 / +23 lines)
65	#include <syslog.h>	65	#include <syslog.h>
66	#include <string.h>	66	#include <string.h>
67	#include <errno.h>	67	#include <errno.h>
68	#include <dirent.h>	68	#include <glob.h>
69	#include <paths.h>	69	#include <paths.h>
70	#include <unistd.h>	70	#include <unistd.h>
71	#include "pathnames.h"	71	#include "pathnames.h"
Lines 121-160 Link Here
121	/* login_protect - protect one device entry */	121	/* login_protect - protect one device entry */
122		122
123	void	123	void
124	login_protect(table, path, mask, uid, gid)	124	login_protect(table, pattern, mask, uid, gid)
125	char *table;	125	char *table;
126	char *path;	126	char *pattern;
127	int mask;	127	int mask;
128	uid_t uid;	128	uid_t uid;
129	gid_t gid;	129	gid_t gid;
130	{	130	{
131	char buf[BUFSIZ];	131	glob_t gl;
132	int pathlen = strlen(path);	132	char *path;
133	struct dirent *ent;	133	int i;
134	DIR *dir;	134
135		135	if (glob(pattern, GLOB_NOSORT, NULL, &gl) != 0)
136	if (strcmp("/*", path + pathlen - 2) != 0) {	136	return;
137	/* clear flags of the device */	137	for (i = 0; i < gl.gl_pathc; i++) {
138	if (chflags(path, 0) && errno != ENOENT && errno != EOPNOTSUPP)	138	path = gl.gl_pathv[i];
139	syslog(LOG_ERR, "%s: chflags(%s): %m", table, path);	139	/* clear flags of the device */
140	if (chmod(path, mask) && errno != ENOENT)	140	if (chflags(path, 0) && errno != ENOENT && errno != EOPNOTSUPP)
141	syslog(LOG_ERR, "%s: chmod(%s): %m", table, path);	141	syslog(LOG_ERR, "%s: chflags(%s): %m", table, path);
142	if (chown(path, uid, gid) && errno != ENOENT)	142	if (chmod(path, mask) && errno != ENOENT)
143	syslog(LOG_ERR, "%s: chown(%s): %m", table, path);	143	syslog(LOG_ERR, "%s: chmod(%s): %m", table, path);
144	} else {	144	if (chown(path, uid, gid) && errno != ENOENT)
145	strcpy(buf, path);	145	syslog(LOG_ERR, "%s: chown(%s): %m", table, path);
146	buf[pathlen - 1] = 0;
147	if ((dir = opendir(buf)) == 0) {
148	syslog(LOG_ERR, "%s: opendir(%s): %m", table, path);
149	} else {
150	while ((ent = readdir(dir)) != 0) {
151	if (strcmp(ent->d_name, ".") != 0
152	&& strcmp(ent->d_name, "..") != 0) {
153	strcpy(buf + pathlen - 1, ent->d_name);
154	login_protect(table, buf, mask, uid, gid);
155	}
156	}
157	closedir(dir);
158	}	146	}
159	}	147	globfree(&gl);
160	}	148	}