1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2009 Ed Schouten <ed@FreeBSD.org> 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 */ 28 29 #include <sys/cdefs.h> 30 __FBSDID("$FreeBSD$"); 31 32 #include <pwd.h> 33 #include <unistd.h> 34 #include <stdlib.h> 35 #include <string.h> 36 #include <sysexits.h> 37 #include <ulog.h> 38 39 /* 40 * This setuid helper utility writes user login records to disk. 41 * Unprivileged processes are not capable of writing records to utmpx, 42 * but we do want to allow this for pseudo-terminals. Because a file 43 * descriptor to a pseudo-terminal master device can only be obtained by 44 * processes using the pseudo-terminal, we expect such a descriptor on 45 * stdin. 46 * 47 * It uses the real user ID of the calling process to determine the 48 * username. It does allow users to log arbitrary hostnames. 49 */ 50 51 static const char * 52 get_username(void) 53 { 54 const struct passwd *pw; 55 const char *login; 56 uid_t uid; 57 58 /* 59 * Attempt to determine the username corresponding to this login 60 * session. First, validate the results of getlogin() against 61 * the password database. If getlogin() returns invalid data, 62 * return an arbitrary username corresponding to this uid. 63 */ 64 uid = getuid(); 65 if ((login = getlogin()) != NULL && (pw = getpwnam(login)) != NULL && 66 pw->pw_uid == uid) 67 return (login); 68 if ((pw = getpwuid(uid)) != NULL) 69 return (pw->pw_name); 70 return (NULL); 71 } 72 73 int 74 main(int argc, char *argv[]) 75 { 76 const char *line, *user, *host; 77 78 /* Device line name. */ 79 if ((line = ptsname(STDIN_FILENO)) == NULL) 80 return (EX_USAGE); 81 82 if ((argc == 2 || argc == 3) && strcmp(argv[1], "login") == 0) { 83 /* Username. */ 84 user = get_username(); 85 if (user == NULL) 86 return (EX_OSERR); 87 88 /* Hostname. */ 89 host = argc == 3 ? argv[2] : NULL; 90 91 ulog_login(line, user, host); 92 return (EX_OK); 93 } else if (argc == 2 && strcmp(argv[1], "logout") == 0) { 94 ulog_logout(line); 95 return (EX_OK); 96 } 97 98 return (EX_USAGE); 99 } 100