version 1.70, 2015/10/30 19:45:03 |
version 1.71, 2018/08/23 16:52:13 |
|
|
uid_t ruid; |
uid_t ruid; |
u_int flags; |
u_int flags; |
|
|
if (pledge("stdio rpath getpw proc exec id", NULL) == -1) |
if (pledge("stdio unveil rpath getpw proc exec id", NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
|
while ((ch = getopt(argc, argv, "a:c:fKLlms:-")) != -1) |
while ((ch = getopt(argc, argv, "a:c:fKLlms:-")) != -1) |
|
|
} |
} |
} |
} |
|
|
|
if (unveil(_PATH_LOGIN_CONF, "r") == -1) |
|
err(1, "unveil"); |
|
if (unveil(_PATH_AUTHPROGDIR, "x") == -1) |
|
err(1, "unveil"); |
|
|
for (;;) { |
for (;;) { |
/* get target user, default to root unless in -L mode */ |
/* get target user, default to root unless in -L mode */ |
if (*argv) { |
if (*argv) { |
|
|
fprintf(stderr, "Login incorrect\n"); |
fprintf(stderr, "Login incorrect\n"); |
} |
} |
|
|
if (pledge("stdio rpath getpw exec id", NULL) == -1) |
if (pledge("stdio unveil rpath getpw exec id", NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
|
if (!altshell) { |
if (!altshell) { |
|
|
} |
} |
} |
} |
|
|
|
if (unveil(shell, "x") == -1) |
|
err(1, "unveil"); |
|
if (unveil(pwd->pw_dir, "r") == -1) |
|
err(1, "unveil"); |
|
|
if ((p = strrchr(shell, '/'))) |
if ((p = strrchr(shell, '/'))) |
avshell = p+1; |
avshell = p+1; |
else |
else |
|
|
if (login_getcapbool(lc, "requirehome", 0)) { |
if (login_getcapbool(lc, "requirehome", 0)) { |
auth_err(as, 1, "%s", pwd->pw_dir); |
auth_err(as, 1, "%s", pwd->pw_dir); |
} else { |
} else { |
|
if (unveil("/", "r") == -1) |
|
err(1, "unveil"); |
printf("No home directory %s!\n", pwd->pw_dir); |
printf("No home directory %s!\n", pwd->pw_dir); |
printf("Logging in with home = \"/\".\n"); |
printf("Logging in with home = \"/\".\n"); |
if (chdir("/") < 0) |
if (chdir("/") < 0) |
|
|
if (setenv("SHELL", shell, 1) == -1) |
if (setenv("SHELL", shell, 1) == -1) |
auth_err(as, 1, "unable to set environment"); |
auth_err(as, 1, "unable to set environment"); |
} |
} |
|
if (pledge("stdio rpath getpw exec id", NULL) == -1) |
|
err(1, "pledge"); |
|
|
np = *argv ? argv : argv - 1; |
np = *argv ? argv : argv - 1; |
if (iscsh == YES) { |
if (iscsh == YES) { |