Files

 master

/

kgetty-persistent.c

Blame

Blame

Latest commit

 

History

History

295 lines (238 loc) · 5.82 KB

 master

/

kgetty-persistent.c

Top

File metadata and controls

• Code
• Blame

295 lines (238 loc) · 5.82 KB

Raw

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

#if 0

mini_start

mini_buf 1024

mini_exit

mini_vhangup

mini_open

mini_fopen

mini_fread

mini_fwrite

mini_close

mini_fflush

mini_ioctl

mini_printf

mini_fprintf

mini_printf

mini_strncpy

mini_strcmp

mini_memset

mini_sleep

mini_ftell

mini_fseek

mini_fchmod

mini_fchown

mini_sigemptyset

mini_sigaction

mini_isatty

mini_vexec

LDSCRIPT text_and_bss

shrinkelf

INCLUDESRC

return

#endif

/* See LICENSE file for copyright and license details. */

// kgetty, for kerberos. Use this for local logins only !

// The ticket cache is kept after the login,

// therefore, after the first login, it's possible

// to login at other virtual terminals without entering the password again.

//

// most of this is borrowed from the suckless project. (getty,and login)

// Added the code to get kerberos working for authentication

//

// misc

// dropping privilieges to "nobody".

// this user should be present on every unix system,

// with the uid/gid defined below.

// if not dropping privileges,

// running ksu as root would su to the given user,

// with a wrong or missing password as well.

// On the other hand, setting the tty up could

// need root rights.

// Therefore the code for dropping the user rights.

#define uid_nobody 65534

#define gid_nobody 65534

//#define TEST

static char *tty = "/dev/tty1";

static char *defaultterm = "linux";

static void usage(void){

printf("usage: kgetty [tty] [term] [cmd] [args...]\n");

exit(0);

}

void errprintf(const char *msg){

fprintf(stderr,"Error.\n");

fprintf(stderr,msg);

exit(1);

}

void errprintf2(const char *msg1,const char *msg2){

fprintf(stderr,"Error.\n");

fprintf(stderr,msg1);

fprintf(stderr,msg2);

exit(1);

}

void warnprintf2(const char *msg1,const char *msg2){

fprintf(stderr,msg1);

fprintf(stderr,msg2);

fprintf(stderr,"\n");

exit(1);

}

int main(int argc, char *argv[]){

//struct passwd *pw;

char *user;

char term[128], logname[LOGIN_NAME_MAX], c;

char hostname[HOST_NAME_MAX + 1];

// struct utmp usr;

struct sigaction sa;

FILE *fp;

int fd;

unsigned int i = 0;

ssize_t n;

long pos;

uid_t uid;

gid_t gid;

strncpy(term, defaultterm, sizeof(term));

if (argc > 1) {

tty = argv[1];

if (argc > 2)

strncpy(term, argv[2], sizeof(term));

}

sa.sa_handler = SIG_IGN;

sa.sa_flags = 0;

sigemptyset(&sa.sa_mask);

sigaction(SIGHUP, &sa, NULL);

// setenv("TERM", term, 1);

setsid();

#ifndef TEST

fd = open(tty, O_RDWR);

if (fd < 0)

errprintf2("open %s:", tty);

if (isatty(fd) == 0)

errprintf2("%s is not a tty\n", tty);

/* steal the controlling terminal if necessary */

/* if (ioctl(fd, TIOCSCTTY, (void *)1) != 0)

warnprintf2("TIOCSCTTY: could not set controlling tty\n");

*/

vhangup();

close(fd);

fd = open(tty, O_RDWR);

if (fd < 0)

errprintf2("open %s:", tty);

dup2(fd, 0);

dup2(fd, 1);

dup2(fd, 2);

if (fchown(fd, 0, 0) < 0)

warnprintf2("fchown ", tty);

if (fchmod(fd, 0600) < 0)

warnprintf2("fchmod ", tty);

if (fd > 2)

close(fd);

#endif

sa.sa_handler = SIG_DFL;

sa.sa_flags = 0;

sigemptyset(&sa.sa_mask);

sigaction(SIGHUP, &sa, NULL);

/* Clear all utmp entries for this tty */

/* fp = fopen(UTMP_PATH, "r+");

if (fp) {

do {

pos = ftell(fp);

if (fread(&usr, sizeof(usr), 1, fp) != 1)

break;

if (usr.ut_line[0] == '\0')

continue;

if (strcmp(usr.ut_line, tty) != 0)

continue;

memset(&usr, 0, sizeof(usr));

fseek(fp, pos, SEEK_SET);

if (fwrite(&usr, sizeof(usr), 1, fp) != 1)

break;

} while (1);

if (ferror(fp))

warnprintf2("I/O error: ", UTMP_PATH);

fclose(fp);

} */

//if (argc > 2)

// return execvp(argv[2], argv + 2);

// if (gethostname(hostname, sizeof(hostname)) == 0)

// printf("Kerberos@%s - login: ", hostname);

// else

printf("Kerberos - login: ");

fflush(stdout);

/* Flush pending input */

ioctl(0, TCFLSH, (void *)0);

memset(logname, 0, sizeof(logname));

while (1) {

n = read(0, &c, 1);

if (n < 0)

errprintf("read:");

if (n == 0)

return 1;

if (i >= sizeof(logname) - 1)

errprintf("login name too long\n");

if (c == '\n' || c == '\r')

break;

logname[i++] = c;

}

if (logname[0] == '-')

errprintf("login name cannot start with '-'\n");

if (logname[0] == '\0')

return 1;

printf("\n");

// get gid and uid.

//pw = getpwnam(&logname);

// if (!pw) { //user doesn't exist

/*

if (errno)

eprintf("getpwnam %s:", &logname);

else

eprintf("who are you?\n");*/

// better don't reveal, this user doesn't seem to exist. misc

// hopefully this user doesn't exist.

// when - well, there still is the password left to guess.

// need to emulate kerberos here, somehow ?

// sleep(1);

// return(1);

// }

//pw = getpwnam("krb5-micha");

// pw = getpwnam("nobody");

// if (!pw) {

// errprintf("Couldn't get uid of user nobody\n");

// }

// uid = pw->pw_uid;

// gid = pw->pw_gid;

// if (initgroups(&logname, gid) < 0)

// errprintf("initgroups:");

if (setgid(gid_nobody) < 0)

errprintf("setgid:");

if (setuid(uid_nobody) < 0)

errprintf("setuid:");

//printf("exec ksu.\n");

char *envp[] = {

envp[0]="KRB5CCNAME=FILE:/tmp/krb_csc",

envp[1]=0

};

char *argvpc[] = {

argvpc[0]="init",

argvpc[1]=&logname,

argvpc[2]="-c",

argvpc[3]="FILE:/tmp/krb5_csc",

0

};

char *argvp[] = {

argvp[0]="klist",

argvp[1]="/tmp/krb5_csc",

argvp[2]=NULL

};

int r = vexec("/usr/bin/klist",argvp,envp);

i = 0;

while ( r ){ // not authorized yet

if ( i++ > 2 )

exit(1);

r = vexec("/usr/bin/kinit",argvpc,envp);

}

return execve("/usr/bin/ksu",argvpc, envp );

//return execlp("/usr/bin/ksu", "ksu", &logname, "-n", &logname, "-k", NULL);

//execlp("/usr/bin/id", "id", NULL);

//return execlp("/usr/bin/ksu", "ksu", &logname, "-c", "FILE:/home/krb5-micha/.krb5/krb5m", NULL);

//return execlp("/usr/bin/ksu", "ksu", &logname, "-k", "-n", "krb5-micha", "-c", "FILE:/tmp/krb5-micha", NULL);

//return execlp("/bin/login", "login", "-p", logname, NULL);

}