| version 1.34, 2000/09/15 07:13:50 |
version 1.34.2.1, 2000/12/08 09:03:15 |
|
|
| #include <string.h> |
#include <string.h> |
| #include <syslog.h> |
#include <syslog.h> |
| #include <unistd.h> |
#include <unistd.h> |
| |
#include <fcntl.h> |
| |
|
| #ifdef SKEY |
#ifdef SKEY |
| #include <skey.h> |
#include <skey.h> |
|
|
| KTEXT_ST ticket; |
KTEXT_ST ticket; |
| AUTH_DAT authdata; |
AUTH_DAT authdata; |
| struct hostent *hp; |
struct hostent *hp; |
| int kerno; |
int kerno, fd; |
| in_addr_t faddr; |
in_addr_t faddr; |
| char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN]; |
char hostname[MAXHOSTNAMELEN], savehost[MAXHOSTNAMELEN]; |
| char *ontty(), *krb_get_phost(); |
char *ontty(), *krb_get_phost(); |
| |
|
| |
/* Don't bother with Kerberos if there is no srvtab file */ |
| |
if ((fd = open(KEYFILE, O_RDONLY, 0)) < 0) |
| |
return (1); |
| |
close(fd); |
| |
|
| if (koktologin(username, lrealm, user) && !uid) { |
if (koktologin(username, lrealm, user) && !uid) { |
| (void)fprintf(stderr, "kerberos su: not in %s's ACL.\n", user); |
(void)fprintf(stderr, "kerberos su: not in %s's ACL.\n", user); |
| return (1); |
return (1); |
|
|
| return (1); |
return (1); |
| } |
} |
| |
|
| if (chown(krbtkfile, uid, -1) < 0) { |
/* |
| warn("chown"); |
* Set the owner of the ticket file to root but bail if someone |
| |
* has nefariously swapped a link in place of the file. |
| |
*/ |
| |
fd = open(krbtkfile, O_RDWR|O_NOFOLLOW, 0); |
| |
if (fd == -1) { |
| |
warn("unable to open ticket file"); |
| (void)unlink(krbtkfile); |
(void)unlink(krbtkfile); |
| return (1); |
return (1); |
| } |
} |
| |
if (fchown(fd, uid, -1) < 0) { |
| |
warn("fchown"); |
| |
(void)unlink(krbtkfile); |
| |
return (1); |
| |
} |
| |
close(fd); |
| |
|
| (void)setpriority(PRIO_PROCESS, 0, -2); |
(void)setpriority(PRIO_PROCESS, 0, -2); |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to su.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / su