toybox/toys/lsb/su.c
<<
>>
Prefs 
   1/* su.c - switch user
   2 *
   3 * Copyright 2013 CE Strake <strake888@gmail.com>
   4 *
   5 * See http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/su.html
   6 * TODO: log su attempts
   7 * TODO: suid support
   8 * Supports undocumented compatibility options: -m synonym for -p, - for -l
   9
  10USE_SU(NEWTOY(su, "^lmpu:g:c:s:[!lmp]", TOYFLAG_BIN|TOYFLAG_ROOTONLY))
  11
  12config SU
  13  bool "su"
  14  default y
  15  help
  16    usage: su [-lp] [-u UID] [-g GID,...] [-s SHELL] [-c CMD] [USER [COMMAND...]]
  17
  18    Switch user, prompting for password of new user when not run as root.
  19
  20    With one argument, switch to USER and run user's shell from /etc/passwd.
  21    With no arguments, USER is root. If COMMAND line provided after USER,
  22    exec() it as new USER (bypassing shell). If -u or -g specified, first
  23    argument (if any) isn't USER (it's COMMAND).
  24
  25    first argument is USER name to switch to (which must exist).
  26    Non-root users are prompted for new user's password.
  27
  28    -s  Shell to use (default is user's shell from /etc/passwd)
  29    -c  Command line to pass to -s shell (ala sh -c "CMD")
  30    -l  Reset environment as if new login.
  31    -u  Switch to UID instead of USER
  32    -g  Switch to GID (only root allowed, can be comma separated list)
  33    -p  Preserve environment (except for $PATH and $IFS)
  34*/
  35
  36#define FOR_su
  37#include "toys.h"
  38
  39GLOBALS(
  40  char *s;
  41  char *c;
  42)
  43
  44void su_main()
  45{
  46  char *name, *passhash = 0, **argu, **argv;
  47  struct passwd *up;
  48  struct spwd *shp;
  49
  50  if (*toys.optargs && !strcmp("-", *toys.optargs)) {
  51    toys.optflags |= FLAG_l;
  52    toys.optargs++;
  53  }
  54
  55  if (*toys.optargs) name = *(toys.optargs++);
  56  else name = "root";
  57
  58  loggit(LOG_NOTICE, "%s->%s", getusername(geteuid()), name);
  59
  60  if (!(shp = getspnam(name))) perror_exit("no '%s'", name);
  61  if (getuid()) {
  62    if (*shp->sp_pwdp != '$') goto deny;
  63    if (read_password(toybuf, sizeof(toybuf), "Password: ")) goto deny;
  64    passhash = crypt(toybuf, shp->sp_pwdp);
  65    memset(toybuf, 0, sizeof(toybuf));
  66    if (!passhash || strcmp(passhash, shp->sp_pwdp)) goto deny;
  67  }
  68  closelog();
  69
  70  xsetuser(up = xgetpwnam(name));
  71
  72  if (FLAG(m)||FLAG(p)) {
  73    unsetenv("IFS");
  74    setenv("PATH", _PATH_DEFPATH, 1);
  75  } else reset_env(up, FLAG(l));
  76
  77  argv = argu = xmalloc(sizeof(char *)*(toys.optc + 4));
  78  *(argv++) = TT.s ? TT.s : up->pw_shell;
  79  loggit(LOG_NOTICE, "run %s", *argu);
  80
  81  if (FLAG(l)) *(argv++) = "-l";
  82  if (FLAG(c)) {
  83    *(argv++) = "-c";
  84    *(argv++) = TT.c;
  85  }
  86  while ((*(argv++) = *(toys.optargs++)));
  87  xexec(argu);
  88
  89deny:
  90  syslog(LOG_NOTICE, "No.");
  91  puts("No.");
  92  toys.exitval = 1;
  93}
  94
Hosted by Missing Link Electronics. The original LXR software by the LXR community, this experimental version by lxr@linux.no.