10Sstevel@tonic-gate /* 20Sstevel@tonic-gate * CDDL HEADER START 30Sstevel@tonic-gate * 40Sstevel@tonic-gate * The contents of this file are subject to the terms of the 50Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 60Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 70Sstevel@tonic-gate * with the License. 80Sstevel@tonic-gate * 90Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 100Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 110Sstevel@tonic-gate * See the License for the specific language governing permissions 120Sstevel@tonic-gate * and limitations under the License. 130Sstevel@tonic-gate * 140Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 150Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 160Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 170Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 180Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 190Sstevel@tonic-gate * 200Sstevel@tonic-gate * CDDL HEADER END 210Sstevel@tonic-gate */ 220Sstevel@tonic-gate /* 230Sstevel@tonic-gate * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 240Sstevel@tonic-gate * Use is subject to license terms. 250Sstevel@tonic-gate */ 260Sstevel@tonic-gate 270Sstevel@tonic-gate /* Copyright (c) 1983-1989 AT&T */ 280Sstevel@tonic-gate /* All Rights Reserved */ 290Sstevel@tonic-gate 300Sstevel@tonic-gate /* 310Sstevel@tonic-gate * Portions of this source code were derived from Berkeley 4.3 BSD 320Sstevel@tonic-gate * under license from the Regents of the University of California. 330Sstevel@tonic-gate */ 340Sstevel@tonic-gate 350Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 360Sstevel@tonic-gate 370Sstevel@tonic-gate #include <sys/types.h> 380Sstevel@tonic-gate #include <sys/ioctl.h> 390Sstevel@tonic-gate #include <sys/param.h> 400Sstevel@tonic-gate #include <sys/socket.h> 410Sstevel@tonic-gate #include <sys/time.h> 420Sstevel@tonic-gate #include <sys/filio.h> 430Sstevel@tonic-gate 440Sstevel@tonic-gate #include <netinet/in.h> 450Sstevel@tonic-gate #include <arpa/inet.h> 460Sstevel@tonic-gate 470Sstevel@tonic-gate #include <unistd.h> 480Sstevel@tonic-gate #include <string.h> 490Sstevel@tonic-gate #include <stdlib.h> 500Sstevel@tonic-gate #include <stdio.h> 510Sstevel@tonic-gate #include <stdarg.h> 520Sstevel@tonic-gate #include <errno.h> 530Sstevel@tonic-gate #include <pwd.h> 540Sstevel@tonic-gate #include <grp.h> 550Sstevel@tonic-gate #include <signal.h> 560Sstevel@tonic-gate #include <netdb.h> 570Sstevel@tonic-gate #include <syslog.h> 580Sstevel@tonic-gate #include <security/pam_appl.h> 590Sstevel@tonic-gate 600Sstevel@tonic-gate #ifdef SYSV 610Sstevel@tonic-gate #include <shadow.h> 620Sstevel@tonic-gate #endif /* SYSV */ 630Sstevel@tonic-gate 640Sstevel@tonic-gate #ifndef NCARGS 650Sstevel@tonic-gate #define NCARGS 5120 660Sstevel@tonic-gate #endif /* NCARGS */ 670Sstevel@tonic-gate 680Sstevel@tonic-gate #ifdef SYSV 690Sstevel@tonic-gate #define rindex strrchr 700Sstevel@tonic-gate #define killpg(a, b) kill(-(a), (b)) 710Sstevel@tonic-gate #else 720Sstevel@tonic-gate char *sprintf(); 730Sstevel@tonic-gate #endif /* SYSV */ 740Sstevel@tonic-gate 750Sstevel@tonic-gate #define MAXFD(A, B) ((A) > (B) ? (A) : (B)) 760Sstevel@tonic-gate 770Sstevel@tonic-gate static void error(char *fmt, ...); 780Sstevel@tonic-gate static void doit(int f, struct sockaddr_storage *fromp); 790Sstevel@tonic-gate static void getstr(char *buf, int cnt, char *err); 800Sstevel@tonic-gate 810Sstevel@tonic-gate static int legalenvvar(char *s); 820Sstevel@tonic-gate 830Sstevel@tonic-gate /* Function decls. for functions not in any header file. (Grrrr.) */ 840Sstevel@tonic-gate extern int audit_rexecd_setup(void); 850Sstevel@tonic-gate extern int audit_rexecd_success(char *, char *, char *); 860Sstevel@tonic-gate extern int audit_rexecd_fail(char *, char *, char *, char *); 870Sstevel@tonic-gate extern int audit_settid(int); /* set termnal ID */ 880Sstevel@tonic-gate 890Sstevel@tonic-gate /* PAM conversation function */ 900Sstevel@tonic-gate static int rexec_conv(int, struct pam_message **, 910Sstevel@tonic-gate struct pam_response **, void *); 920Sstevel@tonic-gate 930Sstevel@tonic-gate static pam_handle_t *pamh; /* authentication handle */ 940Sstevel@tonic-gate static struct pam_conv conv = { 950Sstevel@tonic-gate rexec_conv, 960Sstevel@tonic-gate NULL 970Sstevel@tonic-gate }; 980Sstevel@tonic-gate 990Sstevel@tonic-gate /* 1000Sstevel@tonic-gate * remote execute server: 1010Sstevel@tonic-gate * username\0 1020Sstevel@tonic-gate * password\0 1030Sstevel@tonic-gate * command\0 1040Sstevel@tonic-gate * data 1050Sstevel@tonic-gate * 1060Sstevel@tonic-gate * in.rexecd has been modified to run as the user invoking it. Hence there is no 1070Sstevel@tonic-gate * need to limit any privileges. 1080Sstevel@tonic-gate */ 1090Sstevel@tonic-gate /*ARGSUSED*/ 110*473Sbw int 1110Sstevel@tonic-gate main(int argc, char **argv) 1120Sstevel@tonic-gate { 1130Sstevel@tonic-gate struct sockaddr_storage from; 1140Sstevel@tonic-gate socklen_t fromlen; 1150Sstevel@tonic-gate 1160Sstevel@tonic-gate openlog("rexec", LOG_PID | LOG_ODELAY, LOG_DAEMON); 1170Sstevel@tonic-gate (void) audit_rexecd_setup(); /* BSM */ 1180Sstevel@tonic-gate fromlen = (socklen_t)sizeof (from); 1190Sstevel@tonic-gate if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { 1200Sstevel@tonic-gate (void) fprintf(stderr, "%s: ", argv[0]); 1210Sstevel@tonic-gate perror("getpeername"); 1220Sstevel@tonic-gate exit(1); 1230Sstevel@tonic-gate } 1240Sstevel@tonic-gate 1250Sstevel@tonic-gate if (audit_settid(0) != 0) { 1260Sstevel@tonic-gate perror("settid"); 1270Sstevel@tonic-gate exit(1); 1280Sstevel@tonic-gate } 1290Sstevel@tonic-gate 1300Sstevel@tonic-gate doit(0, &from); 131*473Sbw return (0); 1320Sstevel@tonic-gate } 1330Sstevel@tonic-gate 1340Sstevel@tonic-gate static char username[20] = "USER="; 1350Sstevel@tonic-gate static char homedir[64] = "HOME="; 1360Sstevel@tonic-gate static char shell[64] = "SHELL="; 1370Sstevel@tonic-gate 1380Sstevel@tonic-gate static char *envinit[] = 1390Sstevel@tonic-gate #ifdef SYSV 1400Sstevel@tonic-gate {homedir, shell, (char *)0, username, 1410Sstevel@tonic-gate (char *)0, (char *)0, (char *)0, (char *)0, 1420Sstevel@tonic-gate (char *)0, (char *)0, (char *)0, (char *)0, 1430Sstevel@tonic-gate (char *)0, (char *)0, (char *)0, (char *)0, 1440Sstevel@tonic-gate (char *)0, (char *)0, (char *)0, (char *)0, 1450Sstevel@tonic-gate (char *)0}; 1460Sstevel@tonic-gate #define ENVINIT_PATH 2 /* position of PATH in envinit[] */ 1470Sstevel@tonic-gate #define PAM_ENV_ELIM 16 /* max PAM environment variables */ 1480Sstevel@tonic-gate 1490Sstevel@tonic-gate /* 1500Sstevel@tonic-gate * See PSARC opinion 1992/025 1510Sstevel@tonic-gate */ 1520Sstevel@tonic-gate static char userpath[] = "PATH=/usr/bin:"; 1530Sstevel@tonic-gate static char rootpath[] = "PATH=/usr/sbin:/usr/bin"; 1540Sstevel@tonic-gate #else 1550Sstevel@tonic-gate {homedir, shell, "PATH=:/usr/ucb:/bin:/usr/bin", username, 0}; 1560Sstevel@tonic-gate #endif /* SYSV */ 1570Sstevel@tonic-gate 1580Sstevel@tonic-gate static struct sockaddr_storage asin; 1590Sstevel@tonic-gate static char pass[16]; 1600Sstevel@tonic-gate 1610Sstevel@tonic-gate static void 1620Sstevel@tonic-gate doit(int f, struct sockaddr_storage *fromp) 1630Sstevel@tonic-gate { 1640Sstevel@tonic-gate char cmdbuf[NCARGS+1], *cp; 1650Sstevel@tonic-gate char user[16]; 1660Sstevel@tonic-gate char hostname [MAXHOSTNAMELEN + 1]; 1670Sstevel@tonic-gate struct passwd *pwd; 1680Sstevel@tonic-gate int s; 1690Sstevel@tonic-gate ushort_t port; 1700Sstevel@tonic-gate pid_t pid; 1710Sstevel@tonic-gate int pv[2], cc; 1720Sstevel@tonic-gate fd_set readfrom, ready; 1730Sstevel@tonic-gate char buf[BUFSIZ], sig; 1740Sstevel@tonic-gate int one = 1; 1750Sstevel@tonic-gate int idx = 0, end_env = 0; 1760Sstevel@tonic-gate char **pam_env; 1770Sstevel@tonic-gate int status = PAM_AUTH_ERR; 1780Sstevel@tonic-gate char abuf[INET6_ADDRSTRLEN]; 1790Sstevel@tonic-gate struct in_addr v4dst; 1800Sstevel@tonic-gate socklen_t fromplen; 1810Sstevel@tonic-gate struct sockaddr_in *sin; 1820Sstevel@tonic-gate struct sockaddr_in6 *sin6; 1830Sstevel@tonic-gate 1840Sstevel@tonic-gate (void) signal(SIGINT, SIG_DFL); 1850Sstevel@tonic-gate (void) signal(SIGQUIT, SIG_DFL); 1860Sstevel@tonic-gate (void) signal(SIGTERM, SIG_DFL); 1870Sstevel@tonic-gate #ifdef DEBUG 1880Sstevel@tonic-gate { 1890Sstevel@tonic-gate int t = open("/dev/tty", 2); 1900Sstevel@tonic-gate if (t >= 0) { 1910Sstevel@tonic-gate #ifdef SYSV 1920Sstevel@tonic-gate (void) setsid(); 1930Sstevel@tonic-gate #else 1940Sstevel@tonic-gate (void) ioctl(t, TIOCNOTTY, (char *)0); 1950Sstevel@tonic-gate #endif /* SYSV */ 1960Sstevel@tonic-gate (void) close(t); 1970Sstevel@tonic-gate } 1980Sstevel@tonic-gate } 1990Sstevel@tonic-gate #endif 2000Sstevel@tonic-gate if (fromp->ss_family == AF_INET) { 2010Sstevel@tonic-gate sin = (struct sockaddr_in *)fromp; 2020Sstevel@tonic-gate fromplen = sizeof (struct sockaddr_in); 2030Sstevel@tonic-gate asin.ss_family = AF_INET; /* used for bind */ 2040Sstevel@tonic-gate } else if (fromp->ss_family == AF_INET6) { 2050Sstevel@tonic-gate sin6 = (struct sockaddr_in6 *)fromp; 2060Sstevel@tonic-gate fromplen = sizeof (struct sockaddr_in6); 2070Sstevel@tonic-gate asin.ss_family = AF_INET6; /* used for bind */ 2080Sstevel@tonic-gate } else { 2090Sstevel@tonic-gate syslog(LOG_ERR, "unknown address family %d\n", 2100Sstevel@tonic-gate fromp->ss_family); 2110Sstevel@tonic-gate exit(1); 2120Sstevel@tonic-gate } 2130Sstevel@tonic-gate /* 2140Sstevel@tonic-gate * store common info. for audit record 2150Sstevel@tonic-gate */ 2160Sstevel@tonic-gate 2170Sstevel@tonic-gate if (getnameinfo((const struct sockaddr *) fromp, fromplen, hostname, 2180Sstevel@tonic-gate sizeof (hostname), NULL, 0, 0) != 0) { 2190Sstevel@tonic-gate if (fromp->ss_family == AF_INET6) { 2200Sstevel@tonic-gate if (IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) { 2210Sstevel@tonic-gate struct in_addr ipv4_addr; 2220Sstevel@tonic-gate 2230Sstevel@tonic-gate IN6_V4MAPPED_TO_INADDR(&sin6->sin6_addr, 2240Sstevel@tonic-gate &ipv4_addr); 2250Sstevel@tonic-gate inet_ntop(AF_INET, &ipv4_addr, abuf, 2260Sstevel@tonic-gate sizeof (abuf)); 2270Sstevel@tonic-gate } else { 2280Sstevel@tonic-gate inet_ntop(AF_INET6, &sin6->sin6_addr, 2290Sstevel@tonic-gate abuf, sizeof (abuf)); 2300Sstevel@tonic-gate } 2310Sstevel@tonic-gate } else if (fromp->ss_family == AF_INET) { 2320Sstevel@tonic-gate inet_ntop(AF_INET, &sin->sin_addr, 2330Sstevel@tonic-gate abuf, sizeof (abuf)); 2340Sstevel@tonic-gate } 2350Sstevel@tonic-gate (void) strncpy(hostname, abuf, sizeof (hostname)); 2360Sstevel@tonic-gate } 2370Sstevel@tonic-gate (void) dup2(f, 0); 2380Sstevel@tonic-gate (void) dup2(f, 1); 2390Sstevel@tonic-gate (void) dup2(f, 2); 2400Sstevel@tonic-gate (void) alarm(60); 2410Sstevel@tonic-gate port = 0; 2420Sstevel@tonic-gate for (;;) { 2430Sstevel@tonic-gate char c; 2440Sstevel@tonic-gate if (read(f, &c, 1) != 1) 2450Sstevel@tonic-gate exit(1); 2460Sstevel@tonic-gate if (c == 0) 2470Sstevel@tonic-gate break; 2480Sstevel@tonic-gate port = port * 10 + c - '0'; 2490Sstevel@tonic-gate } 2500Sstevel@tonic-gate (void) alarm(0); 2510Sstevel@tonic-gate if (port != 0) { 2520Sstevel@tonic-gate s = socket(fromp->ss_family, SOCK_STREAM, 0); 2530Sstevel@tonic-gate if (s < 0) 2540Sstevel@tonic-gate exit(1); 2550Sstevel@tonic-gate if (bind(s, (struct sockaddr *)&asin, fromplen) < 0) 2560Sstevel@tonic-gate exit(1); 2570Sstevel@tonic-gate (void) alarm(60); 2580Sstevel@tonic-gate if (fromp->ss_family == AF_INET) { 2590Sstevel@tonic-gate sin->sin_port = htons((ushort_t)port); 2600Sstevel@tonic-gate } else if (fromp->ss_family == AF_INET6) { 2610Sstevel@tonic-gate sin6->sin6_port = htons((ushort_t)port); 2620Sstevel@tonic-gate } 2630Sstevel@tonic-gate if (connect(s, (struct sockaddr *)fromp, fromplen) < 0) 2640Sstevel@tonic-gate exit(1); 2650Sstevel@tonic-gate (void) alarm(0); 2660Sstevel@tonic-gate } 2670Sstevel@tonic-gate getstr(user, sizeof (user), "username"); 2680Sstevel@tonic-gate getstr(pass, sizeof (pass), "password"); 2690Sstevel@tonic-gate getstr(cmdbuf, sizeof (cmdbuf), "command"); 2700Sstevel@tonic-gate 2710Sstevel@tonic-gate setpwent(); 2720Sstevel@tonic-gate pwd = getpwnam(user); 2730Sstevel@tonic-gate if (pwd == NULL) { 2740Sstevel@tonic-gate (void) audit_rexecd_fail("Login incorrect", hostname, user, 2750Sstevel@tonic-gate cmdbuf); /* BSM */ 2760Sstevel@tonic-gate error("Login incorrect.\n"); 2770Sstevel@tonic-gate exit(1); 2780Sstevel@tonic-gate } 2790Sstevel@tonic-gate endpwent(); 2800Sstevel@tonic-gate 2810Sstevel@tonic-gate if (pam_start("rexec", user, &conv, &pamh) != PAM_SUCCESS) { 2820Sstevel@tonic-gate exit(1); 2830Sstevel@tonic-gate } 2840Sstevel@tonic-gate if (pam_set_item(pamh, PAM_RHOST, hostname) != PAM_SUCCESS) { 2850Sstevel@tonic-gate exit(1); 2860Sstevel@tonic-gate } 2870Sstevel@tonic-gate 2880Sstevel@tonic-gate if ((status = pam_authenticate(pamh, 0)) != PAM_SUCCESS) { 2890Sstevel@tonic-gate switch (status) { 2900Sstevel@tonic-gate case PAM_USER_UNKNOWN: 2910Sstevel@tonic-gate (void) audit_rexecd_fail("Login incorrect", hostname, 2920Sstevel@tonic-gate user, cmdbuf); /* BSM */ 2930Sstevel@tonic-gate error("Login incorrect.\n"); 2940Sstevel@tonic-gate break; 2950Sstevel@tonic-gate default: 2960Sstevel@tonic-gate (void) audit_rexecd_fail("Password incorrect", hostname, 2970Sstevel@tonic-gate user, cmdbuf); /* BSM */ 2980Sstevel@tonic-gate error("Password incorrect.\n"); 2990Sstevel@tonic-gate } 3000Sstevel@tonic-gate pam_end(pamh, status); 3010Sstevel@tonic-gate exit(1); 3020Sstevel@tonic-gate } 3030Sstevel@tonic-gate if ((status = pam_acct_mgmt(pamh, 0)) != PAM_SUCCESS) { 3040Sstevel@tonic-gate (void) audit_rexecd_fail("Account or Password Expired", 3050Sstevel@tonic-gate hostname, user, cmdbuf); 3060Sstevel@tonic-gate switch (status) { 3070Sstevel@tonic-gate case PAM_NEW_AUTHTOK_REQD: 3080Sstevel@tonic-gate error("Password Expired.\n"); 3090Sstevel@tonic-gate break; 3100Sstevel@tonic-gate case PAM_PERM_DENIED: 3110Sstevel@tonic-gate error("Account Expired.\n"); 3120Sstevel@tonic-gate break; 3130Sstevel@tonic-gate case PAM_AUTHTOK_EXPIRED: 3140Sstevel@tonic-gate error("Password Expired.\n"); 3150Sstevel@tonic-gate break; 3160Sstevel@tonic-gate default: 3170Sstevel@tonic-gate error("Login incorrect.\n"); 3180Sstevel@tonic-gate break; 3190Sstevel@tonic-gate } 3200Sstevel@tonic-gate pam_end(pamh, status); 3210Sstevel@tonic-gate exit(1); 3220Sstevel@tonic-gate } 3230Sstevel@tonic-gate 3240Sstevel@tonic-gate (void) write(2, "\0", 1); 3250Sstevel@tonic-gate 3260Sstevel@tonic-gate if (setgid((gid_t)pwd->pw_gid) < 0) { 3270Sstevel@tonic-gate (void) audit_rexecd_fail("Can't setgid", hostname, 3280Sstevel@tonic-gate user, cmdbuf); /* BSM */ 3290Sstevel@tonic-gate error("setgid"); 3300Sstevel@tonic-gate pam_end(pamh, PAM_ABORT); 3310Sstevel@tonic-gate exit(1); 3320Sstevel@tonic-gate } 3330Sstevel@tonic-gate (void) initgroups(pwd->pw_name, pwd->pw_gid); 3340Sstevel@tonic-gate 3350Sstevel@tonic-gate if ((status = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) { 3360Sstevel@tonic-gate (void) audit_rexecd_fail("Unable to establish credentials", 3370Sstevel@tonic-gate hostname, user, cmdbuf); /* BSM */ 3380Sstevel@tonic-gate error("Unable to establish credentials.\n"); 3390Sstevel@tonic-gate pam_end(pamh, PAM_SUCCESS); 3400Sstevel@tonic-gate } 3410Sstevel@tonic-gate 3420Sstevel@tonic-gate (void) audit_rexecd_success(hostname, user, cmdbuf); /* BSM */ 3430Sstevel@tonic-gate 3440Sstevel@tonic-gate if (setuid((uid_t)pwd->pw_uid) < 0) { 3450Sstevel@tonic-gate (void) audit_rexecd_fail("Can't setuid", hostname, 3460Sstevel@tonic-gate user, cmdbuf); /* BSM */ 3470Sstevel@tonic-gate error("setuid"); 3480Sstevel@tonic-gate pam_end(pamh, PAM_ABORT); 3490Sstevel@tonic-gate exit(1); 3500Sstevel@tonic-gate } 3510Sstevel@tonic-gate 3520Sstevel@tonic-gate 3530Sstevel@tonic-gate if (port) { 3540Sstevel@tonic-gate (void) pipe(pv); 3550Sstevel@tonic-gate pid = fork(); 3560Sstevel@tonic-gate if (pid == (pid_t)-1) { 3570Sstevel@tonic-gate error("Try again.\n"); 3580Sstevel@tonic-gate pam_end(pamh, PAM_ABORT); 3590Sstevel@tonic-gate exit(1); 3600Sstevel@tonic-gate } 3610Sstevel@tonic-gate if (pid) { 3620Sstevel@tonic-gate /* 3630Sstevel@tonic-gate * since the daemon is running as the user no need 3640Sstevel@tonic-gate * to prune privileges. 3650Sstevel@tonic-gate */ 3660Sstevel@tonic-gate (void) close(0); (void) close(1); (void) close(2); 3670Sstevel@tonic-gate (void) close(f); (void) close(pv[1]); 3680Sstevel@tonic-gate FD_ZERO(&readfrom); 3690Sstevel@tonic-gate FD_SET(s, &readfrom); 3700Sstevel@tonic-gate FD_SET(pv[0], &readfrom); 3710Sstevel@tonic-gate (void) ioctl(pv[0], FIONBIO, (char *)&one); 3720Sstevel@tonic-gate /* should set s nbio! */ 3730Sstevel@tonic-gate do { 3740Sstevel@tonic-gate ready = readfrom; 3750Sstevel@tonic-gate if (select(MAXFD(s, pv[0])+1, &ready, NULL, 3760Sstevel@tonic-gate NULL, NULL) < 0) { 3770Sstevel@tonic-gate perror("select:"); 3780Sstevel@tonic-gate exit(1); 3790Sstevel@tonic-gate } 3800Sstevel@tonic-gate if (FD_ISSET(s, &ready)) { 3810Sstevel@tonic-gate if (read(s, &sig, 1) <= 0) 3820Sstevel@tonic-gate FD_CLR(s, &readfrom); 3830Sstevel@tonic-gate else 3840Sstevel@tonic-gate (void) killpg(pid, sig); 3850Sstevel@tonic-gate } 3860Sstevel@tonic-gate if (FD_ISSET(pv[0], &ready)) { 3870Sstevel@tonic-gate cc = read(pv[0], buf, sizeof (buf)); 3880Sstevel@tonic-gate if (cc <= 0) { 3890Sstevel@tonic-gate (void) shutdown(s, 1+1); 3900Sstevel@tonic-gate FD_CLR(pv[0], &readfrom); 3910Sstevel@tonic-gate } else 3920Sstevel@tonic-gate (void) write(s, buf, cc); 3930Sstevel@tonic-gate } 3940Sstevel@tonic-gate } while (FD_ISSET(s, &readfrom) || 3950Sstevel@tonic-gate FD_ISSET(pv[0], &readfrom)); 3960Sstevel@tonic-gate exit(0); 3970Sstevel@tonic-gate } 3980Sstevel@tonic-gate /* setpgrp(0, getpid()); */ 3990Sstevel@tonic-gate (void) setsid(); /* Should be the same as above. */ 4000Sstevel@tonic-gate (void) close(s); (void)close(pv[0]); 4010Sstevel@tonic-gate (void) dup2(pv[1], 2); 4020Sstevel@tonic-gate } 4030Sstevel@tonic-gate 4040Sstevel@tonic-gate if (*pwd->pw_shell == '\0') 4050Sstevel@tonic-gate pwd->pw_shell = "/bin/sh"; 4060Sstevel@tonic-gate if (f > 2) 4070Sstevel@tonic-gate (void) close(f); 4080Sstevel@tonic-gate /* Change directory only after becoming the appropriate user. */ 4090Sstevel@tonic-gate if (chdir(pwd->pw_dir) < 0) { 4100Sstevel@tonic-gate error("No remote directory.\n"); 4110Sstevel@tonic-gate pam_end(pamh, PAM_ABORT); 4120Sstevel@tonic-gate exit(1); 4130Sstevel@tonic-gate } 4140Sstevel@tonic-gate #ifdef SYSV 4150Sstevel@tonic-gate if (pwd->pw_uid) 4160Sstevel@tonic-gate envinit[ENVINIT_PATH] = userpath; 4170Sstevel@tonic-gate else 4180Sstevel@tonic-gate envinit[ENVINIT_PATH] = rootpath; 4190Sstevel@tonic-gate #endif /* SYSV */ 4200Sstevel@tonic-gate (void) strncat(homedir, pwd->pw_dir, sizeof (homedir) - 6); 4210Sstevel@tonic-gate (void) strncat(shell, pwd->pw_shell, sizeof (shell) - 7); 4220Sstevel@tonic-gate (void) strncat(username, pwd->pw_name, sizeof (username) - 6); 4230Sstevel@tonic-gate 4240Sstevel@tonic-gate /* 4250Sstevel@tonic-gate * add PAM environment variables set by modules 4260Sstevel@tonic-gate * -- only allowed 16 (PAM_ENV_ELIM) 4270Sstevel@tonic-gate * -- check to see if the environment variable is legal 4280Sstevel@tonic-gate */ 4290Sstevel@tonic-gate for (end_env = 0; envinit[end_env] != 0; end_env++) 4300Sstevel@tonic-gate ; 4310Sstevel@tonic-gate if ((pam_env = pam_getenvlist(pamh)) != 0) { 4320Sstevel@tonic-gate while (pam_env[idx] != 0) { 4330Sstevel@tonic-gate if (idx < PAM_ENV_ELIM && 4340Sstevel@tonic-gate legalenvvar(pam_env[idx])) { 4350Sstevel@tonic-gate envinit[end_env + idx] = pam_env[idx]; 4360Sstevel@tonic-gate } 4370Sstevel@tonic-gate idx++; 4380Sstevel@tonic-gate } 4390Sstevel@tonic-gate } 4400Sstevel@tonic-gate 4410Sstevel@tonic-gate pam_end(pamh, PAM_SUCCESS); 4420Sstevel@tonic-gate 4430Sstevel@tonic-gate cp = rindex(pwd->pw_shell, '/'); 4440Sstevel@tonic-gate if (cp) 4450Sstevel@tonic-gate cp++; 4460Sstevel@tonic-gate else 4470Sstevel@tonic-gate cp = pwd->pw_shell; 4480Sstevel@tonic-gate (void) execle(pwd->pw_shell, cp, "-c", cmdbuf, (char *)0, envinit); 4490Sstevel@tonic-gate perror(pwd->pw_shell); 4500Sstevel@tonic-gate exit(1); 4510Sstevel@tonic-gate } 4520Sstevel@tonic-gate 4530Sstevel@tonic-gate static void 4540Sstevel@tonic-gate getstr(char *buf, int cnt, char *err) 4550Sstevel@tonic-gate { 4560Sstevel@tonic-gate char c; 4570Sstevel@tonic-gate 4580Sstevel@tonic-gate do { 4590Sstevel@tonic-gate if (read(0, &c, 1) != 1) 4600Sstevel@tonic-gate exit(1); 4610Sstevel@tonic-gate *buf++ = c; 4620Sstevel@tonic-gate if (--cnt == 0) { 4630Sstevel@tonic-gate error("%s too long\n", err); 4640Sstevel@tonic-gate exit(1); 4650Sstevel@tonic-gate } 4660Sstevel@tonic-gate } while (c != 0); 4670Sstevel@tonic-gate } 4680Sstevel@tonic-gate 4690Sstevel@tonic-gate static void 4700Sstevel@tonic-gate error(char *fmt, ...) 4710Sstevel@tonic-gate { 4720Sstevel@tonic-gate va_list ap; 4730Sstevel@tonic-gate char buf[BUFSIZ]; 4740Sstevel@tonic-gate 4750Sstevel@tonic-gate buf[0] = 1; 4760Sstevel@tonic-gate va_start(ap, fmt); 4770Sstevel@tonic-gate (void) vsprintf(buf+1, fmt, ap); 4780Sstevel@tonic-gate va_end(ap); 4790Sstevel@tonic-gate (void) write(2, buf, strlen(buf)); 4800Sstevel@tonic-gate } 4810Sstevel@tonic-gate 4820Sstevel@tonic-gate static char *illegal[] = { 4830Sstevel@tonic-gate "SHELL=", 4840Sstevel@tonic-gate "HOME=", 4850Sstevel@tonic-gate "LOGNAME=", 4860Sstevel@tonic-gate #ifndef NO_MAIL 4870Sstevel@tonic-gate "MAIL=", 4880Sstevel@tonic-gate #endif 4890Sstevel@tonic-gate "CDPATH=", 4900Sstevel@tonic-gate "IFS=", 4910Sstevel@tonic-gate "PATH=", 4920Sstevel@tonic-gate "USER=", 4930Sstevel@tonic-gate 0 4940Sstevel@tonic-gate }; 4950Sstevel@tonic-gate 4960Sstevel@tonic-gate /* 4970Sstevel@tonic-gate * legalenvvar - can PAM insert this environmental variable? 4980Sstevel@tonic-gate */ 4990Sstevel@tonic-gate 5000Sstevel@tonic-gate static int 5010Sstevel@tonic-gate legalenvvar(char *s) 5020Sstevel@tonic-gate { 5030Sstevel@tonic-gate register char **p; 5040Sstevel@tonic-gate 5050Sstevel@tonic-gate for (p = illegal; *p; p++) 5060Sstevel@tonic-gate if (strncmp(s, *p, strlen(*p)) == 0) 5070Sstevel@tonic-gate return (0); 5080Sstevel@tonic-gate 5090Sstevel@tonic-gate if (s[0] == 'L' && s[1] == 'D' && s[2] == '_') 5100Sstevel@tonic-gate return (0); 5110Sstevel@tonic-gate 5120Sstevel@tonic-gate return (1); 5130Sstevel@tonic-gate } 5140Sstevel@tonic-gate 5150Sstevel@tonic-gate /* 5160Sstevel@tonic-gate * rexec_conv - This is the conv (conversation) function called from 5170Sstevel@tonic-gate * a PAM authentication module to print error messages 5180Sstevel@tonic-gate * or garner information from the user. 5190Sstevel@tonic-gate */ 5200Sstevel@tonic-gate 5210Sstevel@tonic-gate /* ARGSUSED3 */ 5220Sstevel@tonic-gate static int 5230Sstevel@tonic-gate rexec_conv(int num_msg, struct pam_message **msg, 5240Sstevel@tonic-gate struct pam_response **response, void *appdata_ptr) 5250Sstevel@tonic-gate { 5260Sstevel@tonic-gate struct pam_message *m; 5270Sstevel@tonic-gate struct pam_response *r; 5280Sstevel@tonic-gate int i; 5290Sstevel@tonic-gate 5300Sstevel@tonic-gate if (num_msg <= 0) 5310Sstevel@tonic-gate return (PAM_CONV_ERR); 5320Sstevel@tonic-gate 5330Sstevel@tonic-gate *response = calloc(num_msg, sizeof (struct pam_response)); 5340Sstevel@tonic-gate if (*response == NULL) 5350Sstevel@tonic-gate return (PAM_BUF_ERR); 5360Sstevel@tonic-gate 5370Sstevel@tonic-gate m = *msg; 5380Sstevel@tonic-gate r = *response; 5390Sstevel@tonic-gate 5400Sstevel@tonic-gate if (m->msg_style == PAM_PROMPT_ECHO_OFF) { 5410Sstevel@tonic-gate if (pass[0] != '\0') { 5420Sstevel@tonic-gate r->resp = strdup(pass); 5430Sstevel@tonic-gate if (r->resp == NULL) { 5440Sstevel@tonic-gate /* free responses */ 5450Sstevel@tonic-gate r = *response; 5460Sstevel@tonic-gate for (i = 0; i < num_msg; i++, r++) { 5470Sstevel@tonic-gate if (r->resp) 5480Sstevel@tonic-gate free(r->resp); 5490Sstevel@tonic-gate } 5500Sstevel@tonic-gate free(*response); 5510Sstevel@tonic-gate *response = NULL; 5520Sstevel@tonic-gate return (PAM_BUF_ERR); 5530Sstevel@tonic-gate } 5540Sstevel@tonic-gate } 5550Sstevel@tonic-gate } 5560Sstevel@tonic-gate 5570Sstevel@tonic-gate return (PAM_SUCCESS); 5580Sstevel@tonic-gate } 559