1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2013 Nexenta Systems, Inc. All rights reserved. 24 * Copyright (c) 2016 by Delphix. All rights reserved. 25 */ 26 27 /* 28 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 29 * Use is subject to license terms. 30 */ 31 32 /* 33 * Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T 34 * All rights reserved. 35 * 36 * Copyright (c) 1987, 1988 Microsoft Corporation. 37 * All rights reserved. 38 */ 39 40 /* 41 * sulogin - special login program exec'd from init to let user 42 * come up single user, or go to default init state straight away. 43 * 44 * Explain the scoop to the user, prompt for an authorized user 45 * name or ^D and then prompt for password or ^D. If the password 46 * is correct, check if the user is authorized, if so enter 47 * single user. ^D exits sulogin, and init will go to default init state. 48 * 49 * If /etc/passwd is missing, or there's no entry for root, 50 * go single user, no questions asked. 51 */ 52 53 #include <sys/types.h> 54 #include <sys/stat.h> 55 #include <sys/param.h> 56 #include <sys/sysmsg_impl.h> 57 #include <sys/mkdev.h> 58 #include <sys/resource.h> 59 #include <sys/uadmin.h> 60 #include <sys/wait.h> 61 #include <sys/stermio.h> 62 #include <fcntl.h> 63 #include <termio.h> 64 #include <pwd.h> 65 #include <shadow.h> 66 #include <stdlib.h> 67 #include <stdio.h> 68 #include <signal.h> 69 #include <siginfo.h> 70 #include <utmpx.h> 71 #include <unistd.h> 72 #include <ucontext.h> 73 #include <string.h> 74 #include <strings.h> 75 #include <deflt.h> 76 #include <limits.h> 77 #include <errno.h> 78 #include <crypt.h> 79 #include <auth_attr.h> 80 #include <auth_list.h> 81 #include <nss_dbdefs.h> 82 #include <user_attr.h> 83 #include <sys/vt.h> 84 #include <sys/kd.h> 85 86 /* 87 * Intervals to sleep after failed login 88 */ 89 #ifndef SLEEPTIME 90 #define SLEEPTIME 4 /* sleeptime before login incorrect msg */ 91 #endif 92 93 #define SLEEPTIME_MAX 5 /* maximum sleeptime */ 94 95 /* 96 * the name of the file containing the login defaults we deliberately 97 * use the same file as login(1) 98 */ 99 100 #define DEFAULT_LOGIN "/etc/default/login" 101 #define DEFAULT_SULOGIN "/etc/default/sulogin" 102 #define DEFAULT_CONSOLE "/dev/console" 103 104 static char shell[] = "/sbin/sh"; 105 static char su[] = "/sbin/su.static"; 106 static int sleeptime = SLEEPTIME; 107 static int nchild = 0; 108 static pid_t pidlist[10]; 109 static pid_t masterpid = 0; 110 static pid_t originalpid = 0; 111 static struct sigaction sa; 112 static struct termio ttymodes; 113 114 static char *findttyname(int fd); 115 static char *stripttyname(char *); 116 static char *sulogin_getinput(char *, int); 117 static void noop(int); 118 static void single(const char *, char *); 119 static void main_loop(char *, boolean_t); 120 static void parenthandler(); 121 static void termhandler(int); 122 static void setupsigs(void); 123 static int pathcmp(char *, char *); 124 static void doit(char *, char *); 125 static void childcleanup(int); 126 127 #define ECHOON 0 128 #define ECHOOFF 1 129 130 /* ARGSUSED */ 131 int 132 main(int argc, char **argv) 133 { 134 struct spwd *shpw; 135 int passreq = B_TRUE; 136 int flags; 137 int fd; 138 char *infop, *ptr, *p; 139 pid_t pid; 140 int bufsize; 141 struct stat st; 142 char cttyname[100]; 143 char namedlist[500]; 144 char scratchlist[500]; 145 dev_t cttyd; 146 147 if (geteuid() != 0) { 148 (void) fprintf(stderr, "%s: must be root\n", argv[0]); 149 return (EXIT_FAILURE); 150 } 151 152 /* Do the magic to determine the children */ 153 if ((fd = open(SYSMSG, 0)) < 0) 154 return (EXIT_FAILURE); 155 156 /* 157 * If the console supports the CIOCTTYCONSOLE ioctl, then fetch 158 * its console device list. If not, then we use the default 159 * console name. 160 */ 161 if (ioctl(fd, CIOCTTYCONSOLE, &cttyd) == 0) { 162 if ((bufsize = ioctl(fd, CIOCGETCONSOLE, NULL)) < 0) 163 return (EXIT_FAILURE); 164 165 if (bufsize > 0) { 166 if ((infop = calloc(bufsize, sizeof (char))) == NULL) 167 return (EXIT_FAILURE); 168 169 if (ioctl(fd, CIOCGETCONSOLE, infop) < 0) 170 return (EXIT_FAILURE); 171 172 (void) snprintf(namedlist, sizeof (namedlist), "%s %s", 173 DEFAULT_CONSOLE, infop); 174 } else 175 (void) snprintf(namedlist, sizeof (namedlist), "%s", 176 DEFAULT_CONSOLE); 177 } else { 178 (void) snprintf(namedlist, sizeof (namedlist), "%s", 179 DEFAULT_CONSOLE); 180 cttyd = NODEV; 181 } 182 183 /* 184 * The attempt to turn the controlling terminals dev_t into a string 185 * may not be successful, thus leaving the variable cttyname as a 186 * NULL. This occurs if during boot we find 187 * the root partition (or some other partition) 188 * requires manual fsck, thus resulting in sulogin 189 * getting invoked. The ioctl for CIOCTTYCONSOLE 190 * called above returned NODEV for cttyd 191 * in these cases. NODEV gets returned when the vnode pointer 192 * in our session structure is NULL. In these cases it 193 * must be assumed that the default console is used. 194 * 195 * See uts/common/os/session.c:cttydev(). 196 */ 197 (void) strcpy(cttyname, DEFAULT_CONSOLE); 198 (void) strcpy(scratchlist, namedlist); 199 ptr = scratchlist; 200 while (ptr != NULL) { 201 p = strchr(ptr, ' '); 202 if (p == NULL) { 203 if (stat(ptr, &st)) 204 return (EXIT_FAILURE); 205 if (st.st_rdev == cttyd) 206 (void) strcpy(cttyname, ptr); 207 break; 208 } 209 *p++ = '\0'; 210 if (stat(ptr, &st)) 211 return (EXIT_FAILURE); 212 if (st.st_rdev == cttyd) { 213 (void) strcpy(cttyname, ptr); 214 break; 215 } 216 ptr = p; 217 } 218 219 /* 220 * Use the same value of SLEEPTIME that login(1) uses. This 221 * is obtained by reading the file /etc/default/login using 222 * the def*() functions. 223 */ 224 225 if (defopen(DEFAULT_LOGIN) == 0) { 226 227 /* ignore case */ 228 229 flags = defcntl(DC_GETFLAGS, 0); 230 TURNOFF(flags, DC_CASE); 231 (void) defcntl(DC_SETFLAGS, flags); 232 233 if ((ptr = defread("SLEEPTIME=")) != NULL) 234 sleeptime = atoi(ptr); 235 236 if (sleeptime < 0 || sleeptime > SLEEPTIME_MAX) 237 sleeptime = SLEEPTIME; 238 239 (void) defopen(NULL); /* closes DEFAULT_LOGIN */ 240 } 241 242 /* 243 * Use our own value of PASSREQ, separate from the one login(1) uses. 244 * This is obtained by reading the file /etc/default/sulogin using 245 * the def*() functions. 246 */ 247 248 if (defopen(DEFAULT_SULOGIN) == 0) { 249 if ((ptr = defread("PASSREQ=")) != NULL) 250 if (strcmp("NO", ptr) == 0) 251 passreq = B_FALSE; 252 253 (void) defopen(NULL); /* closes DEFAULT_SULOGIN */ 254 } 255 256 if (passreq == B_FALSE) 257 single(shell, NULL); 258 259 /* 260 * if no 'root' entry in /etc/shadow, give maint. mode single 261 * user shell prompt 262 */ 263 setspent(); 264 if ((shpw = getspnam("root")) == NULL) { 265 (void) fprintf(stderr, "\n*** Unable to retrieve `root' entry " 266 "in shadow password file ***\n\n"); 267 single(shell, NULL); 268 } 269 endspent(); 270 /* 271 * if no 'root' entry in /etc/passwd, give maint. mode single 272 * user shell prompt 273 */ 274 setpwent(); 275 if (getpwnam("root") == NULL) { 276 (void) fprintf(stderr, "\n*** Unable to retrieve `root' entry " 277 "in password file ***\n\n"); 278 single(shell, NULL); 279 } 280 endpwent(); 281 /* process with controlling tty treated special */ 282 if ((pid = fork()) != (pid_t)0) { 283 if (pid == -1) 284 return (EXIT_FAILURE); 285 else { 286 setupsigs(); 287 masterpid = pid; 288 originalpid = getpid(); 289 /* 290 * init() was invoked from a console that was not 291 * the default console, nor was it an auxiliary. 292 */ 293 if (cttyname[0] == NULL) 294 termhandler(0); 295 /* Never returns */ 296 297 main_loop(cttyname, B_TRUE); 298 /* Never returns */ 299 } 300 } 301 masterpid = getpid(); 302 originalpid = getppid(); 303 pidlist[nchild++] = originalpid; 304 305 sa.sa_handler = childcleanup; 306 sa.sa_flags = 0; 307 (void) sigemptyset(&sa.sa_mask); 308 (void) sigaction(SIGTERM, &sa, NULL); 309 (void) sigaction(SIGHUP, &sa, NULL); 310 sa.sa_handler = parenthandler; 311 sa.sa_flags = SA_SIGINFO; 312 (void) sigemptyset(&sa.sa_mask); 313 (void) sigaction(SIGUSR1, &sa, NULL); 314 315 sa.sa_handler = SIG_IGN; 316 sa.sa_flags = 0; 317 (void) sigemptyset(&sa.sa_mask); 318 (void) sigaction(SIGCHLD, &sa, NULL); 319 /* 320 * If there isn't a password on root, then don't permit 321 * the fanout capability of sulogin. 322 */ 323 if (*shpw->sp_pwdp != '\0') { 324 ptr = namedlist; 325 while (ptr != NULL) { 326 p = strchr(ptr, ' '); 327 if (p == NULL) { 328 doit(ptr, cttyname); 329 break; 330 } 331 *p++ = '\0'; 332 doit(ptr, cttyname); 333 ptr = p; 334 } 335 } 336 if (pathcmp(cttyname, DEFAULT_CONSOLE) != 0) { 337 if ((pid = fork()) == (pid_t)0) { 338 setupsigs(); 339 main_loop(DEFAULT_CONSOLE, B_FALSE); 340 } else if (pid == -1) 341 return (EXIT_FAILURE); 342 pidlist[nchild++] = pid; 343 } 344 /* 345 * When parent is all done, it pauses until one of its children 346 * signals that its time to kill the underpriviledged. 347 */ 348 (void) wait(NULL); 349 350 return (0); 351 } 352 353 /* 354 * These flags are taken from stty's "sane" table entries in 355 * usr/src/cmd/ttymon/sttytable.c 356 */ 357 #define SET_IFLAG (BRKINT|IGNPAR|ISTRIP|ICRNL|IXON|IMAXBEL) 358 #define RESET_IFLAG (IGNBRK|PARMRK|INPCK|INLCR|IGNCR|IUCLC|IXOFF|IXANY) 359 #define SET_OFLAG (OPOST|ONLCR) 360 #define RESET_OFLAG (OLCUC|OCRNL|ONOCR|ONLRET|OFILL|OFDEL| \ 361 NLDLY|CRDLY|TABDLY|BSDLY|VTDLY|FFDLY) 362 #define SET_LFLAG (ISIG|ICANON|IEXTEN|ECHO|ECHOK|ECHOE|ECHOKE|ECHOCTL) 363 #define RESET_LFLAG (XCASE|ECHONL|NOFLSH|STFLUSH|STWRAP|STAPPL) 364 365 /* 366 * Do the equivalent of 'stty sane' on the terminal since we don't know 367 * what state it was in on startup. 368 */ 369 static void 370 sanitize_tty(int fd) 371 { 372 (void) ioctl(fd, TCGETA, &ttymodes); 373 ttymodes.c_iflag &= ~RESET_IFLAG; 374 ttymodes.c_iflag |= SET_IFLAG; 375 ttymodes.c_oflag &= ~RESET_OFLAG; 376 ttymodes.c_oflag |= SET_OFLAG; 377 ttymodes.c_lflag &= ~RESET_LFLAG; 378 ttymodes.c_lflag |= SET_LFLAG; 379 ttymodes.c_cc[VERASE] = CERASE; 380 ttymodes.c_cc[VKILL] = CKILL; 381 ttymodes.c_cc[VQUIT] = CQUIT; 382 ttymodes.c_cc[VINTR] = CINTR; 383 ttymodes.c_cc[VEOF] = CEOF; 384 ttymodes.c_cc[VEOL] = CNUL; 385 (void) ioctl(fd, TCSETAF, &ttymodes); 386 } 387 388 /* 389 * Fork a child of sulogin for each of the auxiliary consoles. 390 */ 391 static void 392 doit(char *ptr, char *cttyname) 393 { 394 pid_t pid; 395 396 if (pathcmp(ptr, DEFAULT_CONSOLE) != 0 && 397 pathcmp(ptr, cttyname) != 0) { 398 if ((pid = fork()) == (pid_t)0) { 399 setupsigs(); 400 main_loop(ptr, B_FALSE); 401 } else if (pid == -1) 402 exit(EXIT_FAILURE); 403 pidlist[nchild++] = pid; 404 } 405 } 406 407 static int 408 pathcmp(char *adev, char *bdev) 409 { 410 struct stat st1; 411 struct stat st2; 412 413 if (adev == NULL || bdev == NULL) 414 return (1); 415 416 if (strcmp(adev, bdev) == 0) 417 return (0); 418 419 if (stat(adev, &st1) || !S_ISCHR(st1.st_mode)) 420 return (1); 421 422 if (stat(bdev, &st2) || !S_ISCHR(st2.st_mode)) 423 return (1); 424 425 if (st1.st_rdev == st2.st_rdev) 426 return (0); 427 428 return (1); 429 } 430 431 /* Handlers for the children at initialization */ 432 static void 433 setupsigs() 434 { 435 sa.sa_handler = noop; 436 sa.sa_flags = 0; 437 (void) sigemptyset(&sa.sa_mask); 438 (void) sigaction(SIGINT, &sa, NULL); 439 (void) sigaction(SIGQUIT, &sa, NULL); 440 441 sa.sa_handler = termhandler; 442 sa.sa_flags = 0; 443 (void) sigemptyset(&sa.sa_mask); 444 (void) sigaction(SIGTERM, &sa, NULL); 445 (void) sigaction(SIGKILL, &sa, NULL); 446 (void) sigaction(SIGHUP, &sa, NULL); 447 } 448 449 static void 450 main_loop(char *devname, boolean_t cttyflag) 451 { 452 int fd, fb, i; 453 char *user = NULL; /* authorized user */ 454 char *pass; /* password from user */ 455 char *cpass; /* crypted password */ 456 struct spwd spwd; 457 struct spwd *lshpw; /* local shadow */ 458 char shadow[NSS_BUFLEN_SHADOW]; 459 FILE *sysmsgfd; 460 461 for (i = 0; i < 3; i++) 462 (void) close(i); 463 if (cttyflag == B_FALSE) { 464 if (setsid() == -1) 465 exit(EXIT_FAILURE); 466 } 467 if ((fd = open(devname, O_RDWR)) < 0) 468 exit(EXIT_FAILURE); 469 470 /* 471 * In system maintenance mode, all virtual console instances 472 * of the svc:/system/console-login service are not available 473 * any more, and only the system console is available. So here 474 * we always switch to the system console in case at the moment 475 * the active console isn't it. 476 */ 477 (void) ioctl(fd, VT_ACTIVATE, 1); 478 479 if (fd != 0) 480 (void) dup2(fd, STDIN_FILENO); 481 if (fd != 1) 482 (void) dup2(fd, STDOUT_FILENO); 483 if (fd != 2) 484 (void) dup2(fd, STDERR_FILENO); 485 if (fd > 2) 486 (void) close(fd); 487 488 /* Stop progress bar and reset console mode to text */ 489 if ((fb = open("/dev/fb", O_RDONLY)) >= 0) { 490 (void) ioctl(fb, KDSETMODE, KD_RESETTEXT); 491 (void) close(fb); 492 } 493 494 sysmsgfd = fopen("/dev/sysmsg", "w"); 495 496 sanitize_tty(fileno(stdin)); 497 498 for (;;) { 499 do { 500 (void) printf("\nEnter user name for system " 501 "maintenance (control-d to bypass): "); 502 user = sulogin_getinput(devname, ECHOON); 503 if (user == NULL) { 504 /* signal other children to exit */ 505 (void) sigsend(P_PID, masterpid, SIGUSR1); 506 /* ^D, so straight to default init state */ 507 exit(EXIT_FAILURE); 508 } 509 } while (user[0] == '\0'); 510 (void) printf("Enter %s password (control-d to bypass): ", 511 user); 512 513 if ((pass = sulogin_getinput(devname, ECHOOFF)) == NULL) { 514 /* signal other children to exit */ 515 (void) sigsend(P_PID, masterpid, SIGUSR1); 516 /* ^D, so straight to default init state */ 517 free(user); 518 exit(EXIT_FAILURE); 519 } 520 lshpw = getspnam_r(user, &spwd, shadow, sizeof (shadow)); 521 if (lshpw == NULL) { 522 /* 523 * the user entered doesn't exist, too bad. 524 */ 525 goto sorry; 526 } 527 528 /* 529 * There is a special case error to catch here: 530 * If the password is hashed with an algorithm 531 * other than the old unix crypt the call to crypt(3c) 532 * could fail if /usr is corrupt or not available 533 * since by default /etc/security/crypt.conf will 534 * have the crypt_ modules located under /usr/lib. 535 * Or it could happen if /etc/security/crypt.conf 536 * is corrupted. 537 * 538 * If this happens crypt(3c) will return NULL and 539 * set errno to ELIBACC for the former condition or 540 * EINVAL for the latter, in this case we bypass 541 * authentication and just verify that the user is 542 * authorized. 543 */ 544 545 errno = 0; 546 cpass = crypt(pass, lshpw->sp_pwdp); 547 if (((cpass == NULL) && (lshpw->sp_pwdp[0] == '$')) && 548 ((errno == ELIBACC) || (errno == EINVAL))) { 549 goto checkauth; 550 } else if ((cpass == NULL) || 551 (strcmp(cpass, lshpw->sp_pwdp) != 0)) { 552 goto sorry; 553 } 554 555 checkauth: 556 /* 557 * There is a special case error here as well. 558 * If /etc/user_attr is corrupt, getusernam("root") 559 * returns NULL. 560 * In this case, we just give access because this is similar 561 * to the case of root not existing in /etc/passwd. 562 */ 563 564 if ((getusernam("root") != NULL) && 565 (chkauthattr(MAINTENANCE_AUTH, user) != 1)) { 566 goto sorry; 567 } 568 (void) fprintf(sysmsgfd, "\nsingle-user privilege " 569 "assigned to %s on %s.\n", user, devname); 570 (void) sigsend(P_PID, masterpid, SIGUSR1); 571 (void) wait(NULL); 572 free(user); 573 free(pass); 574 single(su, devname); 575 /* single never returns */ 576 577 sorry: 578 (void) printf("\nLogin incorrect or user %s not authorized\n", 579 user); 580 free(user); 581 free(pass); 582 (void) sleep(sleeptime); 583 } 584 } 585 586 /* 587 * single() - exec shell for single user mode 588 */ 589 590 static void 591 single(const char *cmd, char *ttyn) 592 { 593 struct utmpx *u; 594 char found = B_FALSE; 595 596 if (ttyn == NULL) 597 ttyn = findttyname(STDIN_FILENO); 598 599 /* 600 * utmpx records on the console device are expected to be "console" 601 * by other processes, such as dtlogin. 602 */ 603 ttyn = stripttyname(ttyn); 604 605 /* update the utmpx file. */ 606 while ((u = getutxent()) != NULL) { 607 if (strcmp(u->ut_line, ttyn) == 0) { 608 u->ut_tv.tv_sec = time(NULL); 609 u->ut_type = USER_PROCESS; 610 u->ut_pid = getpid(); 611 if (strcmp(u->ut_user, "root") != 0) 612 (void) strcpy(u->ut_user, "root"); 613 (void) pututxline(u); 614 found = B_TRUE; 615 break; 616 } 617 } 618 if (!found) { 619 struct utmpx entryx; 620 621 entryx.ut_tv.tv_sec = time(NULL); 622 entryx.ut_type = USER_PROCESS; 623 entryx.ut_pid = getpid(); 624 (void) strcpy(entryx.ut_user, "root"); 625 (void) strcpy(entryx.ut_line, ttyn); 626 entryx.ut_tv.tv_usec = 0; 627 entryx.ut_session = 0; 628 entryx.ut_id[0] = 'c'; 629 entryx.ut_id[1] = 'o'; 630 entryx.ut_id[2] = 's'; 631 entryx.ut_id[3] = 'u'; 632 entryx.ut_syslen = 1; 633 entryx.ut_host[0] = '\0'; 634 entryx.ut_exit.e_termination = WTERMSIG(0); 635 entryx.ut_exit.e_exit = WEXITSTATUS(0); 636 (void) pututxline(&entryx); 637 } 638 endutxent(); 639 (void) printf("Entering System Maintenance Mode\n\n"); 640 641 if (execl(cmd, cmd, "-", (char *)0) < 0) 642 exit(EXIT_FAILURE); 643 } 644 645 /* 646 * sulogin_getinput() - hacked from the standard PAM tty conversation 647 * function getpassphrase() library version 648 * so we can distinguish newline and EOF. 649 * also don't need this routine to give a prompt. 650 * 651 * returns the password string, or NULL if the used typed EOF. 652 */ 653 654 static char * 655 sulogin_getinput(char *devname, int echooff) 656 { 657 struct termio ttyb; 658 int c; 659 FILE *fi; 660 static char input[PASS_MAX + 1]; 661 void (*saved_handler)(); 662 char *rval = input; 663 int i = 0; 664 665 if ((fi = fopen(devname, "r")) == NULL) { 666 fi = stdin; 667 } 668 669 saved_handler = signal(SIGINT, SIG_IGN); 670 671 if (echooff) { 672 ttyb = ttymodes; 673 ttyb.c_lflag &= ~(ECHO | ECHOE | ECHONL); 674 (void) ioctl(fileno(fi), TCSETAF, &ttyb); 675 } 676 677 /* get characters up to PASS_MAX, but don't overflow */ 678 while ((c = getc(fi)) != '\n' && (c != '\r')) { 679 if (c == EOF && i == 0) { /* ^D, no input */ 680 rval = NULL; 681 break; 682 } 683 if (i < PASS_MAX) { 684 input[i++] = (char)c; 685 } 686 } 687 input[i] = '\0'; 688 (void) fputc('\n', fi); 689 if (echooff) { 690 (void) ioctl(fileno(fi), TCSETAW, &ttymodes); 691 } 692 693 if (saved_handler != SIG_ERR) 694 (void) signal(SIGINT, saved_handler); 695 return (rval == NULL ? NULL : strdup(rval)); 696 } 697 698 static char * 699 findttyname(int fd) 700 { 701 char *ttyn = ttyname(fd); 702 703 if (ttyn == NULL) 704 ttyn = "/dev/???"; 705 else { 706 /* 707 * /dev/syscon and /dev/systty are usually links to 708 * /dev/console. prefer /dev/console. 709 */ 710 if (((strcmp(ttyn, "/dev/syscon") == 0) || 711 (strcmp(ttyn, "/dev/systty") == 0)) && 712 access("/dev/console", F_OK)) 713 ttyn = "/dev/console"; 714 } 715 return (ttyn); 716 } 717 718 static char * 719 stripttyname(char *ttyn) 720 { 721 /* saw off the /dev/ */ 722 if (strncmp(ttyn, "/dev/", sizeof ("/dev/") -1) == 0) 723 return (ttyn + sizeof ("/dev/") - 1); 724 else 725 return (ttyn); 726 } 727 728 729 /* ARGSUSED */ 730 static void 731 noop(int sig) 732 { 733 /* 734 * This signal handler does nothing except return. We use it 735 * as the signal disposition in this program instead of 736 * SIG_IGN so that we do not have to restore the disposition 737 * back to SIG_DFL. Instead we allow exec(2) to set the 738 * dispostion to SIG_DFL to avoid a race condition. 739 */ 740 } 741 742 /* ARGSUSED */ 743 static void 744 parenthandler(int sig, siginfo_t *si, ucontext_t *uc) 745 { 746 int i; 747 748 /* 749 * We get here if someone has successfully entered a password 750 * from the auxiliary console and is getting the single-user shell. 751 * When this happens, the parent needs to kill the children 752 * that didn't get the shell. 753 * 754 */ 755 for (i = 0; i < nchild; i++) { 756 if (pidlist[i] != si->__data.__proc.__pid) 757 (void) sigsend(P_PID, pidlist[i], SIGTERM); 758 } 759 sa.sa_handler = SIG_IGN; 760 sa.sa_flags = 0; 761 (void) sigemptyset(&sa.sa_mask); 762 (void) sigaction(SIGINT, &sa, NULL); 763 (void) sigaction(SIGQUIT, &sa, NULL); 764 (void) sigaction(SIGTERM, &sa, NULL); 765 (void) wait(NULL); 766 } 767 768 /* 769 * The master pid will get SIGTERM or SIGHUP from init, and then 770 * has to make sure the shell isn't still running. 771 */ 772 773 /* ARGSUSED */ 774 static void 775 childcleanup(int sig) 776 { 777 int i; 778 779 /* Only need to kill the child that became the shell. */ 780 for (i = 0; i < nchild; i++) { 781 /* Don't kill grandparent before it's necessary */ 782 if (pidlist[i] != getppid()) 783 (void) sigsend(P_PID, pidlist[i], SIGHUP); 784 } 785 } 786 787 /* ARGSUSED */ 788 static void 789 termhandler(int sig) 790 { 791 FILE *fi; 792 pid_t pid; 793 794 /* Processes come here when they fail to receive the password. */ 795 if ((fi = fopen("/dev/tty", "r+")) == NULL) 796 fi = stdin; 797 else 798 setbuf(fi, NULL); 799 sanitize_tty(fileno(fi)); 800 /* If you're the controlling tty, then just wait */ 801 pid = getpid(); 802 if (pid == originalpid || pid == masterpid) { 803 sa.sa_handler = SIG_IGN; 804 sa.sa_flags = 0; 805 (void) sigemptyset(&sa.sa_mask); 806 (void) sigaction(SIGINT, &sa, NULL); 807 (void) sigaction(SIGQUIT, &sa, NULL); 808 sa.sa_handler = SIG_DFL; 809 sa.sa_flags = 0; 810 (void) sigemptyset(&sa.sa_mask); 811 (void) sigaction(SIGTERM, &sa, NULL); 812 (void) sigaction(SIGHUP, &sa, NULL); 813 (void) wait(NULL); 814 } 815 exit(0); 816 } 817