1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 */ 22 /* 23 * Copyright 1998-1999,2003 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #pragma ident "%Z%%M% %I% %E% SMI" 28 29 #define BSD_COMP 30 #include <errno.h> 31 #include <fcntl.h> 32 #include <pwd.h> 33 #include <signal.h> 34 #include <stdio.h> 35 #include <stdlib.h> 36 #include <unistd.h> 37 38 #include <sac.h> /* for SC_WILDC */ 39 #include <utmpx.h> 40 41 #include <rpc/rpc.h> 42 #include <sys/file.h> 43 #include <sys/filio.h> 44 #include <sys/ioctl.h> 45 #include <sys/signal.h> 46 #include <sys/stat.h> 47 #include <sys/types.h> 48 #include <sys/wait.h> 49 50 /* 51 * # include <sys/label.h> 52 * # include <sys/audit.h> 53 * 54 * 55 * 56 * # include <pwdadj.h> 57 */ 58 59 #include <sys/ttold.h> 60 #include <stropts.h> 61 #include <sys/stream.h> 62 63 64 65 #include "rex.h" 66 67 #include <security/pam_appl.h> 68 pam_handle_t *pamh; 69 70 #define NTTYDISC 2 /* New ttydiscipline: stolen from ttold.h */ 71 72 /* 73 * unix_login - hairy junk to simulate logins for Unix 74 */ 75 76 int Master, Slave; /* sides of the pty */ 77 int Slave_is_closed_on_master_side; 78 79 static char *slavename; 80 extern char *ptsname(); 81 82 83 int InputSocket, /* Network sockets */ 84 OutputSocket; 85 int Helper1, /* pids of the helpers */ 86 Helper2; 87 char UserName[256]; /* saves the user name for loging */ 88 char HostName[256]; /* saves the host name for loging */ 89 90 static int TtySlot; /* slot number in Utmpx */ 91 92 /* 93 * pseudo-xprts used to add pty fds to svc_pollfd[]. This allows the 94 * polling for all i/o in one poll(). 95 */ 96 SVCXPRT uxprt[2]; 97 98 #define INPUTSOCKET 0 /* InputSocket xprt */ 99 #define MASTER 1 /* Master xprt */ 100 101 102 extern int child; /* pid of the executed process */ 103 extern int ChildDied; /* flag */ 104 extern int HasHelper; /* flag */ 105 106 extern void setproctitle(char *user, char *host); 107 extern int Debug; 108 109 extern void audit_rexd_fail(char *, char *, char *, uid_t, gid_t, 110 char *, char **); 111 112 #define bzero(s, n) memset((s), 0, (n)) 113 #define bcopy(a, b, c) memcpy((b), (a), (c)) 114 115 116 /* 117 * Check for user being able to run on this machine. 118 * returns 0 if OK, TRUE if problem, error message in "error" 119 * copies name of shell and home directory if user is valid. 120 */ 121 int 122 ValidUser(host, uid, gid, error, shell, dir, rst) 123 char *host; /* passed in */ 124 uid_t uid; 125 gid_t gid; 126 char *error; /* filled in on return */ 127 char *shell; /* filled in on return */ 128 char *dir; /* filled in on return */ 129 struct rex_start *rst; /* passed in */ 130 { 131 struct passwd *pw, *getpwuid(); 132 int v; 133 134 pw = getpwuid(uid); 135 if (pw == NULL || pw->pw_name == NULL) 136 { 137 errprintf(error, "rexd: User id %d not valid\n", uid); 138 audit_rexd_fail("user id is not valid", 139 host, 140 NULL, 141 uid, 142 gid, 143 NULL, 144 rst->rst_cmd); /* BSM */ 145 return (1); 146 } 147 strncpy(UserName, pw->pw_name, sizeof (UserName) - 1); 148 strncpy(HostName, host, sizeof (HostName) - 1); 149 strcpy(shell, pw->pw_shell); 150 strcpy(dir, pw->pw_dir); 151 setproctitle(pw->pw_name, host); 152 153 if (pam_start("rexd", pw->pw_name, NULL, &pamh) != PAM_SUCCESS || 154 pam_set_item(pamh, PAM_RHOST, host) != PAM_SUCCESS) { 155 audit_rexd_fail("user id is not valid", 156 host, 157 pw->pw_name, 158 uid, 159 gid, 160 shell, 161 rst->rst_cmd); /* BSM */ 162 errprintf(error, "rexd: User id %d not valid\n", uid); 163 if (pamh) { 164 pam_end(pamh, PAM_ABORT); 165 pamh = NULL; 166 } 167 return (1); 168 } 169 170 if ((v = pam_acct_mgmt(pamh, 0)) != PAM_SUCCESS) { 171 switch (v) { 172 case PAM_NEW_AUTHTOK_REQD: 173 errprintf(error, 174 "rexd: User id %d Password Expired\n", uid); 175 break; 176 case PAM_PERM_DENIED: 177 errprintf(error, 178 "rexd: User id %d Account Expired\n", uid); 179 break; 180 case PAM_AUTHTOK_EXPIRED: 181 errprintf(error, 182 "rexd: User id %d Password Expired\n", uid); 183 break; 184 default: 185 errprintf(error, 186 "rexd: User id %d not valid\n", uid); 187 break; 188 } 189 pam_end(pamh, PAM_ABORT); 190 pamh = NULL; 191 192 audit_rexd_fail("user account expired", 193 host, 194 pw->pw_name, 195 uid, 196 gid, 197 shell, 198 rst->rst_cmd); /* BSM */ 199 return (1); 200 } 201 202 return (0); 203 } 204 205 /* 206 * Add an audit record with argv that was pre-set, plus the given string 207 */ 208 209 /* 210 * Allocate a pseudo-terminal 211 * sets the global variables Master and Slave. 212 * returns 1 on error, 0 if OK 213 */ 214 int 215 AllocatePty(socket0, socket1) 216 int socket0, socket1; 217 { 218 219 int on = 1; 220 221 sigset(SIGHUP, SIG_IGN); 222 sigset(SIGTTOU, SIG_IGN); 223 sigset(SIGTTIN, SIG_IGN); 224 225 if ((Master = open("/dev/ptmx", O_RDWR)) == -1) { 226 if (Debug) 227 printf("open-ptmx-failure\n"); 228 perror("AloocatePtyMaster fails"); 229 return (1); /* error could not open /dev/ptmx */ 230 } 231 if (Debug) 232 printf("open-ptmx success Master =%d\n", Master); 233 if (Debug) 234 printf("Before grantpt...Master=%d\n", Master); 235 236 if (grantpt(Master) == -1) { 237 perror("could not grant slave pty"); 238 exit(1); 239 } 240 if (unlockpt(Master) == -1) { 241 perror("could not unlock slave pty"); 242 exit(1); 243 } 244 if ((slavename = ptsname(Master)) == NULL) { 245 perror("could not enable slave pty"); 246 exit(1); 247 } 248 if ((Slave = open(slavename, O_RDWR)) == -1) { 249 perror("could not open slave pty"); 250 exit(1); 251 } 252 if (ioctl(Slave, I_PUSH, "ptem") == -1) { 253 perror("ioctl I_PUSH ptem"); 254 exit(1); 255 } 256 if (ioctl(Slave, I_PUSH, "ldterm") == -1) { 257 perror("ioctl I_PUSH ldterm"); 258 exit(1); 259 } 260 if (ioctl(Slave, I_PUSH, "ttcompat") == -1) { 261 perror("ioctl I_PUSH ttcompat"); 262 exit(1); 263 } 264 265 Slave_is_closed_on_master_side = FALSE; 266 setsid(); /* get rid of controlling terminal */ 267 /* LoginUser(); */ 268 269 InputSocket = socket0; 270 OutputSocket = socket1; 271 ioctl(Master, FIONBIO, &on); 272 uxprt[INPUTSOCKET].xp_fd = InputSocket; 273 xprt_register(&uxprt[INPUTSOCKET]); 274 uxprt[MASTER].xp_fd = Master; 275 xprt_register(&uxprt[MASTER]); 276 return (0); 277 278 } 279 280 void 281 OpenPtySlave() 282 { 283 close(Slave); 284 Slave = open(slavename, O_RDWR); 285 if (Slave < 0) { 286 perror(slavename); 287 exit(1); 288 } 289 } 290 291 292 293 /* 294 * Special processing for interactive operation. 295 * Given pointers to three standard file descriptors, 296 * which get set to point to the pty. 297 */ 298 void 299 DoHelper(pfd0, pfd1, pfd2) 300 int *pfd0, *pfd1, *pfd2; 301 { 302 int pgrp; 303 304 305 sigset(SIGINT, SIG_IGN); 306 close(Master); 307 close(InputSocket); 308 close(OutputSocket); 309 310 *pfd0 = Slave; 311 *pfd1 = Slave; 312 *pfd2 = Slave; 313 } 314 315 316 /* 317 * destroy the helpers when the executing process dies 318 */ 319 KillHelper(grp) 320 int grp; 321 { 322 if (Debug) 323 printf("Enter KillHelper\n"); 324 close(Master); 325 xprt_unregister(&uxprt[MASTER]); 326 close(InputSocket); 327 xprt_unregister(&uxprt[INPUTSOCKET]); 328 close(OutputSocket); 329 LogoutUser(); 330 331 if (grp) 332 kill((-grp), SIGKILL); 333 } 334 335 336 /* 337 * edit the Unix traditional data files that tell who is logged 338 * into "the system" 339 */ 340 unsigned char utid[] = {'o', 'n', SC_WILDC, SC_WILDC}; 341 342 LoginUser() 343 { 344 345 char *user; 346 char *rhost; 347 /* the next 4 variables are needed for utmpx mgmt */ 348 int tmplen; 349 struct utmpx *u = NULL; 350 struct utmpx set_utmp; 351 char *ttyntail; 352 353 /* We're pretty drastic here, exiting if an error is detected */ 354 if (pam_set_item(pamh, PAM_TTY, slavename) != PAM_SUCCESS || 355 pam_get_item(pamh, PAM_USER, (void **) &user) != PAM_SUCCESS || 356 pam_get_item(pamh, PAM_RHOST, (void **) &rhost) != PAM_SUCCESS || 357 pam_open_session(pamh, 0) != PAM_SUCCESS) { 358 /* 359 * XXX should print something but for now we exit 360 */ 361 exit(1); 362 } 363 364 (void) memset((void *)&set_utmp, 0, sizeof (set_utmp)); 365 (void) time(&set_utmp.ut_tv.tv_sec); 366 set_utmp.ut_pid = getpid(); 367 if (rhost != NULL && rhost[0] != '\0') { 368 (void) strcpy(set_utmp.ut_host, rhost); 369 tmplen = strlen(rhost) + 1; 370 if (tmplen < sizeof (set_utmp.ut_host)) 371 set_utmp.ut_syslen = tmplen; 372 else 373 set_utmp.ut_syslen = sizeof (set_utmp.ut_host); 374 } else { 375 (void) memset(set_utmp.ut_host, 0, sizeof (set_utmp.ut_host)); 376 set_utmp.ut_syslen = 0; 377 } 378 (void) strcpy(set_utmp.ut_user, user); 379 380 /* 381 * Copy in the name of the tty minus the "/dev/" if a /dev/ is 382 * in the path name. 383 */ 384 ttyntail = slavename; 385 if (strstr(ttyntail, "/dev/") != 0) 386 ttyntail = ttyntail + strlen("/dev/"); 387 (void) strcpy(set_utmp.ut_line, ttyntail); 388 389 set_utmp.ut_type = USER_PROCESS; 390 if (utid != NULL) 391 (void) memcpy(set_utmp.ut_id, utid, sizeof (set_utmp.ut_id)); 392 /* 393 * Go through each entry one by one, looking only at INIT, 394 * LOGIN or USER Processes. Use the entry found if flags == 0 395 * and the line name matches, or if the process ID matches if 396 * the UPDATE_ENTRY flag is set. The UPDATE_ENTRY flag is mainly 397 * for login which normally only wants to update an entry if 398 * the pid fields matches. 399 */ 400 401 if (u == (struct utmpx *)NULL) { 402 (void) makeutx(&set_utmp); 403 } else 404 updwtmpx(WTMPX_FILE, &set_utmp); 405 406 } 407 408 /* 409 * edit the Unix traditional data files that tell who is logged 410 * into "the system". 411 */ 412 413 LogoutUser() 414 { 415 struct utmpx *up; 416 struct utmpx ut; 417 int pid; 418 char user[sizeof (ut.ut_user) + 1]; 419 char ttyn[sizeof (ut.ut_line) + 1]; 420 char rhost[sizeof (ut.ut_host) + 1]; 421 422 sighold(SIGCHLD); /* no disruption during cleanup */ 423 424 if (pamh) { 425 pam_end(pamh, PAM_SUCCESS); 426 pamh = NULL; 427 } 428 429 /* BEGIN RESET UTMP */ 430 pid = child; 431 setutxent(); 432 while (up = getutxent()) { 433 if (up->ut_pid == pid) { 434 if (up->ut_type == DEAD_PROCESS) { 435 /* 436 * Cleaned up elsewhere. 437 */ 438 break; 439 } 440 441 strncpy(user, up->ut_user, sizeof (up->ut_user)); 442 user[sizeof (up->ut_user)] = '\0'; 443 strncpy(ttyn, up->ut_line, sizeof (up->ut_line)); 444 ttyn[sizeof (up->ut_line)] = '\0'; 445 strncpy(rhost, up->ut_host, sizeof (up->ut_host)); 446 rhost[sizeof (up->ut_host)] = '\0'; 447 448 if ((pam_start("rexd", user, NULL, &pamh)) 449 == PAM_SUCCESS) { 450 (void) pam_set_item(pamh, PAM_TTY, ttyn); 451 (void) pam_set_item(pamh, PAM_RHOST, rhost); 452 (void) pam_close_session(pamh, 0); 453 (void) pam_end(pamh, PAM_SUCCESS); 454 pamh = NULL; 455 } 456 457 up->ut_type = DEAD_PROCESS; 458 up->ut_exit.e_termination = WTERMSIG(0); 459 up->ut_exit.e_exit = WEXITSTATUS(0); 460 (void) time(&up->ut_tv.tv_sec); 461 if (modutx(up) == NULL) { 462 /* 463 * Since modutx failed we'll 464 * write out the new entry 465 * ourselves. 466 */ 467 (void) pututxline(up); 468 updwtmpx("wtmpx", up); 469 } 470 break; 471 } 472 } 473 endutxent(); 474 /* END RESET UTMP */ 475 sigrelse(SIGCHLD); 476 } 477 478 /* 479 * set the pty modes to the given values 480 */ 481 SetPtyMode(mode) 482 struct rex_ttymode *mode; 483 { 484 struct sgttyb svr4_sgttyb_var; 485 int ldisc = NTTYDISC; 486 487 if (Debug) 488 printf("Enter SetPtyMode\n"); 489 if (Debug) 490 printf("SetPtyMode:opened slave\n"); 491 ioctl(Slave, TIOCSETD, &ldisc); 492 if (Debug) 493 printf("SetPtyMode:Slave TIOCSETD done\n"); 494 495 /* 496 * Copy from over-the-net(bsd) to SVR4 format 497 */ 498 svr4_sgttyb_var.sg_ispeed = mode->basic.sg_ispeed; 499 svr4_sgttyb_var.sg_ospeed = mode->basic.sg_ospeed; 500 svr4_sgttyb_var.sg_erase = mode->basic.sg_erase; 501 svr4_sgttyb_var.sg_kill = mode->basic.sg_kill; 502 svr4_sgttyb_var.sg_flags = (int)mode->basic.sg_flags; 503 /* 504 * Clear any possible sign extension caused by (int) 505 * typecast 506 */ 507 svr4_sgttyb_var.sg_flags &= 0xFFFF; 508 509 ioctl(Slave, TIOCSETN, &svr4_sgttyb_var); 510 if (Debug) 511 printf("SetPtyMode:Slave TIOCSETN done\n"); 512 ioctl(Slave, TIOCSETC, &mode->more); 513 if (Debug) 514 printf("SetPtyMode:Slave TIOCSETC done\n"); 515 ioctl(Slave, TIOCSLTC, &mode->yetmore); 516 if (Debug) 517 printf("SetPtyMode:Slave TIOCSLTC done\n"); 518 ioctl(Slave, TIOCLSET, &mode->andmore); 519 if (Debug) 520 printf("SetPtyMode:Slave TIOCSET done\n"); 521 522 /* Opened in AllocPty for parent, still open in child */ 523 if (Slave_is_closed_on_master_side == FALSE) { 524 close(Slave); 525 Slave_is_closed_on_master_side = TRUE; 526 } 527 } 528 529 /* 530 * set the pty window size to the given value 531 */ 532 SetPtySize(sizep) 533 struct rex_ttysize *sizep; 534 { 535 struct winsize newsize; 536 537 /* if size has changed, this ioctl changes it */ 538 /* *and* sends SIGWINCH to process group */ 539 540 newsize.ws_row = (unsigned short) sizep->ts_lines; 541 newsize.ws_col = (unsigned short) sizep->ts_cols; 542 543 (void) ioctl(Master, TIOCSWINSZ, &newsize); 544 if (Slave_is_closed_on_master_side == FALSE) { 545 close(Slave); 546 Slave_is_closed_on_master_side = TRUE; 547 } 548 } 549 550 551 /* 552 * send the given signal to the group controlling the terminal 553 */ 554 SendSignal(sig) 555 int sig; 556 { 557 pid_t pgrp; 558 559 pgrp = getpgid(child); 560 if (pgrp != (pid_t)-1) 561 (void) kill((-pgrp), sig); 562 } 563 564 /* 565 * called when the main select loop detects that we might want to 566 * read something. 567 */ 568 void 569 HelperRead(pollfd_t *fdp, int nfds, int *pollretval) 570 { 571 char buf[128]; 572 int retval; 573 extern int errno; 574 int mask; 575 int master = -1; 576 int inputsocket = -1; 577 578 /* 579 * fdp pollset may be compressed. Search for Master and 580 * InputSocket fds. 581 */ 582 int i; 583 for (i = 0; i < nfds; i++) { 584 if (fdp[i].fd == Master && fdp[i].revents != 0) 585 master = i; 586 if (fdp[i].fd == InputSocket && fdp[i].revents != 0) 587 inputsocket = i; 588 } 589 590 /* mask = sigsetmask (sigmask (SIGCHLD)); */ 591 mask = sighold(SIGCHLD); 592 retval = 0; 593 if (master != -1) { 594 if (!(fdp[master].revents & (POLLERR | POLLHUP | POLLNVAL))) { 595 retval = read(Master, buf, sizeof (buf)); 596 if (retval > 0) { 597 (void) write(OutputSocket, buf, retval); 598 } else { 599 if (errno != EINTR && errno != EIO && 600 errno != EWOULDBLOCK) 601 perror("pty read"); 602 /* 1 => further sends disallowed */ 603 shutdown(OutputSocket, 1); 604 xprt_unregister(&uxprt[MASTER]); 605 } 606 } 607 608 /* clear this event for svc_getreq_poll */ 609 fdp[master].revents = 0; 610 *pollretval = *pollretval - 1; 611 612 if (retval <= 0 && ChildDied) { 613 KillHelper(child); 614 HasHelper = 0; 615 if (inputsocket != -1) { 616 fdp[inputsocket].revents = 0; 617 *pollretval = *pollretval - 1; 618 } 619 goto done; 620 } 621 } 622 623 if (inputsocket != -1) { 624 if (!(fdp[inputsocket].revents & (POLLERR | POLLHUP | 625 POLLNVAL))) { 626 retval = read(InputSocket, buf, sizeof (buf)); 627 if (retval > 0) { 628 (void) write(Master, buf, retval); 629 } else { 630 if (errno != EINTR && errno != EWOULDBLOCK) 631 perror("socket read"); 632 xprt_unregister(&uxprt[INPUTSOCKET]); 633 } 634 } 635 636 /* clear this event for svc_getreq_poll */ 637 fdp[inputsocket].revents = 0; 638 *pollretval = *pollretval - 1; 639 } 640 641 done: 642 /* sigsetmask (mask); */ 643 sigrelse(SIGCHLD); 644 } 645