1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2009 Ed Schouten <ed@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/cdefs.h> 30 #include <pwd.h> 31 #include <unistd.h> 32 #include <stdlib.h> 33 #include <string.h> 34 #include <sysexits.h> 35 #include <ulog.h> 36 37 /* 38 * This setuid helper utility writes user login records to disk. 39 * Unprivileged processes are not capable of writing records to utmpx, 40 * but we do want to allow this for pseudo-terminals. Because a file 41 * descriptor to a pseudo-terminal master device can only be obtained by 42 * processes using the pseudo-terminal, we expect such a descriptor on 43 * stdin. 44 * 45 * It uses the real user ID of the calling process to determine the 46 * username. It does allow users to log arbitrary hostnames. 47 */ 48 49 static const char * 50 get_username(void) 51 { 52 const struct passwd *pw; 53 const char *login; 54 uid_t uid; 55 56 /* 57 * Attempt to determine the username corresponding to this login 58 * session. First, validate the results of getlogin() against 59 * the password database. If getlogin() returns invalid data, 60 * return an arbitrary username corresponding to this uid. 61 */ 62 uid = getuid(); 63 if ((login = getlogin()) != NULL && (pw = getpwnam(login)) != NULL && 64 pw->pw_uid == uid) 65 return (login); 66 if ((pw = getpwuid(uid)) != NULL) 67 return (pw->pw_name); 68 return (NULL); 69 } 70 71 int 72 main(int argc, char *argv[]) 73 { 74 const char *line, *user, *host; 75 76 /* Device line name. */ 77 if ((line = ptsname(STDIN_FILENO)) == NULL) 78 return (EX_USAGE); 79 80 if ((argc == 2 || argc == 3) && strcmp(argv[1], "login") == 0) { 81 /* Username. */ 82 user = get_username(); 83 if (user == NULL) 84 return (EX_OSERR); 85 86 /* Hostname. */ 87 host = argc == 3 ? argv[2] : NULL; 88 89 ulog_login(line, user, host); 90 return (EX_OK); 91 } else if (argc == 2 && strcmp(argv[1], "logout") == 0) { 92 ulog_logout(line); 93 return (EX_OK); 94 } 95 96 return (EX_USAGE); 97 } 98