Commit | Line | Data |
---|---|---|
9bcf1061 | 1 | /*- |
94df1dc7 MK |
2 | * Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University |
3 | * of California. All rights reserved. | |
ede75793 | 4 | * |
9bcf1061 | 5 | * %sccs.include.redist.c% |
bcf1365c DF |
6 | */ |
7 | ||
8 | #ifndef lint | |
9 | char copyright[] = | |
94df1dc7 | 10 | "@(#) Copyright (c) 1980, 1987, 1988, 1991 The Regents of the University of California.\n\ |
bcf1365c | 11 | All rights reserved.\n"; |
ede75793 | 12 | #endif /* not lint */ |
bcf1365c | 13 | |
22d4760e | 14 | #ifndef lint |
0cbdb7cb | 15 | static char sccsid[] = "@(#)login.c 5.68 (Berkeley) %G%"; |
ede75793 | 16 | #endif /* not lint */ |
22d4760e | 17 | |
88a01c09 BJ |
18 | /* |
19 | * login [ name ] | |
d0faf133 | 20 | * login -r hostname (for rlogind) |
5dbe2745 MK |
21 | * login -h hostname (for telnetd, etc.) |
22 | * login -f name (for pre-authenticated login: datakit, xterm, etc.) | |
88a01c09 BJ |
23 | */ |
24 | ||
7a625b73 | 25 | #include <sys/param.h> |
3b8dd95e SL |
26 | #include <sys/stat.h> |
27 | #include <sys/time.h> | |
28 | #include <sys/resource.h> | |
9479aa87 | 29 | #include <sys/file.h> |
3b8dd95e | 30 | |
88a01c09 BJ |
31 | #include <utmp.h> |
32 | #include <signal.h> | |
22d4760e | 33 | #include <errno.h> |
9479aa87 BJ |
34 | #include <ttyent.h> |
35 | #include <syslog.h> | |
c89291e2 | 36 | #include <grp.h> |
80f91e3f | 37 | #include <pwd.h> |
ede75793 | 38 | #include <setjmp.h> |
80f91e3f | 39 | #include <stdio.h> |
38dde0cd | 40 | #include <string.h> |
0e08a2b3 | 41 | #include <tzfile.h> |
fb6e7f7e | 42 | #include "pathnames.h" |
c89291e2 | 43 | |
80f91e3f | 44 | #define TTYGRPNAME "tty" /* name of group to own ttys */ |
88a01c09 | 45 | |
3b8dd95e | 46 | /* |
80f91e3f KB |
47 | * This bounds the time given to login. Not a define so it can |
48 | * be patched on machines where it's too small. | |
3b8dd95e | 49 | */ |
a9b031fe | 50 | int timeout = 300; |
9bcf1061 KB |
51 | #ifdef KERBEROS |
52 | int notickets = 1; | |
0cbdb7cb KF |
53 | int rootlogin = 0; |
54 | #define ROOTLOGIN (rootlogin || (pwd && pwd->pw_uid == 0)) | |
55 | #else | |
56 | #define ROOTLOGIN (pwd && pwd->pw_uid == 0) | |
9bcf1061 | 57 | #endif |
86eb6c9e | 58 | |
659be7fb MK |
59 | struct passwd *pwd; |
60 | int failures; | |
657e5a3c | 61 | char term[64], *envinit[1], *hostname, *username, *tty; |
88a01c09 | 62 | |
c91c86eb KB |
63 | char *months[] = |
64 | { "Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", | |
65 | "Sep", "Oct", "Nov", "Dec" }; | |
66 | ||
88a01c09 | 67 | main(argc, argv) |
80f91e3f KB |
68 | int argc; |
69 | char **argv; | |
88a01c09 | 70 | { |
9bcf1061 | 71 | extern int optind; |
80f91e3f | 72 | extern char *optarg, **environ; |
c91c86eb KB |
73 | struct timeval tp; |
74 | struct tm *ttp; | |
83cc7253 | 75 | struct timeval tp; |
80f91e3f KB |
76 | struct group *gr; |
77 | register int ch; | |
659be7fb | 78 | register char *p; |
d0faf133 | 79 | int ask, fflag, hflag, pflag, rflag, cnt; |
71236658 | 80 | int quietlog, rval; |
9bcf1061 | 81 | char *domain, *salt, *ttyn; |
a339b173 | 82 | char tbuf[MAXPATHLEN + 2], tname[sizeof(_PATH_TTY) + 10]; |
e2a7a526 | 83 | char localhost[MAXHOSTNAMELEN]; |
c91c86eb | 84 | char *ctime(), *ttyname(), *stypeof(), *crypt(), *getpass(); |
80f91e3f KB |
85 | time_t time(); |
86 | off_t lseek(); | |
9bcf1061 | 87 | void timedout(); |
80f91e3f KB |
88 | |
89 | (void)signal(SIGALRM, timedout); | |
90 | (void)alarm((u_int)timeout); | |
91 | (void)signal(SIGQUIT, SIG_IGN); | |
92 | (void)signal(SIGINT, SIG_IGN); | |
93 | (void)setpriority(PRIO_PROCESS, 0, 0); | |
80f91e3f | 94 | |
9e76b9f1 KB |
95 | openlog("login", LOG_ODELAY, LOG_AUTH); |
96 | ||
3b8dd95e | 97 | /* |
d3737d51 | 98 | * -p is used by getty to tell login not to destroy the environment |
d0faf133 | 99 | * -r is used by rlogind to cause the autologin protocol; |
5dbe2745 | 100 | * -f is used to skip a second login authentication |
ee1eff74 MK |
101 | * -h is used by other servers to pass the name of the remote |
102 | * host to login so that it may be placed in utmp and wtmp | |
3b8dd95e | 103 | */ |
e2a7a526 KF |
104 | domain = NULL; |
105 | if (gethostname(localhost, sizeof(localhost)) < 0) | |
106 | syslog(LOG_ERR, "couldn't get local hostname: %m"); | |
107 | else | |
108 | domain = index(localhost, '.'); | |
80f91e3f | 109 | |
d0faf133 | 110 | fflag = hflag = pflag = rflag = 0; |
2d4a74b8 | 111 | uid = getuid(); |
d0faf133 | 112 | while ((ch = getopt(argc, argv, "fh:pr:")) != EOF) |
ede75793 | 113 | switch (ch) { |
80f91e3f | 114 | case 'f': |
d0faf133 KB |
115 | if (rflag) { |
116 | fprintf(stderr, | |
117 | "login: only one of -r and -f allowed.\n"); | |
118 | exit(1); | |
119 | } | |
80f91e3f | 120 | fflag = 1; |
80f91e3f KB |
121 | break; |
122 | case 'h': | |
2d4a74b8 | 123 | if (uid) { |
0e08a2b3 | 124 | (void)fprintf(stderr, |
80f91e3f | 125 | "login: -h for super-user only.\n"); |
b6f7cade | 126 | exit(1); |
5dbe2745 | 127 | } |
d0faf133 KB |
128 | if (rflag) { |
129 | fprintf(stderr, | |
130 | "login: only one of -r and -h allowed.\n"); | |
131 | exit(1); | |
132 | } | |
80f91e3f KB |
133 | hflag = 1; |
134 | if (domain && (p = index(optarg, '.')) && | |
abc4056e | 135 | strcasecmp(p, domain) == 0) |
80f91e3f KB |
136 | *p = 0; |
137 | hostname = optarg; | |
138 | break; | |
139 | case 'p': | |
d3737d51 | 140 | pflag = 1; |
80f91e3f | 141 | break; |
d0faf133 KB |
142 | case 'r': |
143 | if (hflag || fflag) { | |
144 | fprintf(stderr, | |
145 | "login: -f and -h not allowed with -r.\n"); | |
146 | exit(1); | |
147 | } | |
148 | if (getuid()) { | |
149 | fprintf(stderr, | |
150 | "login: -r for super-user only.\n"); | |
151 | exit(1); | |
152 | } | |
153 | /* "-r hostname" must be last args */ | |
154 | if (optind != argc) { | |
155 | fprintf(stderr, "Syntax error.\n"); | |
156 | exit(1); | |
157 | } | |
158 | rflag = 1; | |
159 | passwd_req = (doremotelogin(optarg) == -1); | |
160 | if (domain && (p = index(optarg, '.')) && | |
161 | !strcmp(p, domain)) | |
162 | *p = '\0'; | |
163 | hostname = optarg; | |
164 | break; | |
80f91e3f KB |
165 | case '?': |
166 | default: | |
2d4a74b8 KF |
167 | if (!uid) |
168 | syslog(LOG_ERR, "invalid flag %c", ch); | |
0e08a2b3 KB |
169 | (void)fprintf(stderr, |
170 | "usage: login [-fp] [username]\n"); | |
80f91e3f | 171 | exit(1); |
d3737d51 | 172 | } |
80f91e3f KB |
173 | argc -= optind; |
174 | argv += optind; | |
f0c0c252 | 175 | if (*argv) { |
80f91e3f | 176 | username = *argv; |
9bcf1061 KB |
177 | if (strlen(username) > UT_NAMESIZE) |
178 | username[UT_NAMESIZE] = '\0'; | |
659be7fb MK |
179 | ask = 0; |
180 | } else | |
f0c0c252 | 181 | ask = 1; |
d0faf133 KB |
182 | if (rflag) |
183 | ask = 0; | |
80f91e3f | 184 | |
80f91e3f KB |
185 | for (cnt = getdtablesize(); cnt > 2; cnt--) |
186 | close(cnt); | |
187 | ||
88a01c09 | 188 | ttyn = ttyname(0); |
a339b173 KB |
189 | if (ttyn == NULL || *ttyn == '\0') { |
190 | (void)sprintf(tname, "%s??", _PATH_TTY); | |
191 | ttyn = tname; | |
192 | } | |
80f91e3f KB |
193 | if (tty = rindex(ttyn, '/')) |
194 | ++tty; | |
9479aa87 | 195 | else |
80f91e3f KB |
196 | tty = ttyn; |
197 | ||
f0c0c252 | 198 | for (cnt = 0;; ask = 1) { |
f0c0c252 | 199 | if (ask) { |
ede75793 | 200 | fflag = 0; |
80f91e3f | 201 | getloginname(); |
ede75793 | 202 | } |
659be7fb | 203 | /* |
2d4a74b8 KF |
204 | * Note if trying multiple user names; log failures for |
205 | * previous user name, but don't bother logging one failure | |
659be7fb MK |
206 | * for nonexistent name (mistyped username). |
207 | */ | |
208 | if (failures && strcmp(tbuf, username)) { | |
209 | if (failures > (pwd ? 0 : 1)) | |
f0c0c252 | 210 | badlogin(tbuf); |
659be7fb | 211 | failures = 0; |
f0c0c252 | 212 | } |
659be7fb | 213 | (void)strcpy(tbuf, username); |
320a5e84 | 214 | |
ede75793 KB |
215 | if (pwd = getpwnam(username)) |
216 | salt = pwd->pw_passwd; | |
320a5e84 KB |
217 | else |
218 | salt = "xx"; | |
80f91e3f | 219 | |
3b8dd95e | 220 | /* |
cb400a97 KB |
221 | * if we have a valid account name, and it doesn't have a |
222 | * password, or the -f option was specified and the caller | |
223 | * is root or the caller isn't changing their uid, don't | |
224 | * authenticate. | |
3b8dd95e | 225 | */ |
cb400a97 KB |
226 | if (pwd && (*pwd->pw_passwd == '\0' || |
227 | fflag && (uid == 0 || uid == pwd->pw_uid))) | |
80f91e3f | 228 | break; |
e83bda0c | 229 | fflag = 0; |
80f91e3f | 230 | |
2d4a74b8 KF |
231 | /* |
232 | * If trying to log in as root, but with insecure terminal, | |
233 | * refuse the login attempt. | |
234 | */ | |
0cbdb7cb | 235 | if (ROOTLOGIN && !rootterm(tty)) { |
2d4a74b8 KF |
236 | (void)fprintf(stderr, |
237 | "%s login refused on this terminal.\n", | |
238 | pwd->pw_name); | |
239 | if (hostname) | |
240 | syslog(LOG_NOTICE, | |
241 | "LOGIN %s REFUSED FROM %s ON TTY %s", | |
242 | pwd->pw_name, hostname, tty); | |
243 | else | |
244 | syslog(LOG_NOTICE, | |
245 | "LOGIN %s REFUSED ON TTY %s", | |
246 | pwd->pw_name, tty); | |
247 | continue; | |
248 | } | |
249 | ||
9bcf1061 | 250 | (void)setpriority(PRIO_PROCESS, 0, -4); |
320a5e84 | 251 | |
9bcf1061 | 252 | p = getpass("Password:"); |
9d6a5a69 | 253 | |
320a5e84 | 254 | if (pwd) { |
9bcf1061 | 255 | bzero(p, strlen(p)); |
320a5e84 KB |
256 | |
257 | (void)setpriority(PRIO_PROCESS, 0, 0); | |
258 | ||
259 | if (pwd && !rval) | |
80f91e3f KB |
260 | break; |
261 | ||
320a5e84 | 262 | (void)printf("Login incorrect\n"); |
659be7fb | 263 | failures++; |
f0c0c252 KB |
264 | /* we allow 10 tries, but after 3 we start backing off */ |
265 | if (++cnt > 3) { | |
266 | if (cnt >= 10) { | |
267 | badlogin(username); | |
f0c0c252 KB |
268 | sleepexit(1); |
269 | } | |
270 | sleep((u_int)((cnt - 3) * 5)); | |
f570e1ff | 271 | } |
80f91e3f | 272 | } |
88a01c09 | 273 | |
80f91e3f KB |
274 | /* committed to login -- turn off timeout */ |
275 | (void)alarm((u_int)0); | |
276 | ||
a339b173 KB |
277 | /* paranoia... */ |
278 | endpwent(); | |
279 | ||
c374ff7b | 280 | /* if user not super-user, check for disabled logins */ |
0cbdb7cb | 281 | if (!(ROOTLOGIN)) |
c374ff7b KB |
282 | checknologin(); |
283 | ||
ede75793 | 284 | if (chdir(pwd->pw_dir) < 0) { |
0e08a2b3 | 285 | (void)printf("No directory %s!\n", pwd->pw_dir); |
ede75793 KB |
286 | if (chdir("/")) |
287 | exit(0); | |
288 | pwd->pw_dir = "/"; | |
0e08a2b3 | 289 | (void)printf("Logging in with home = \"/\".\n"); |
ede75793 | 290 | } |
83cc7253 KB |
291 | #define TWOWEEKS (14*24*60*60) |
292 | if (pwd->pw_change || pwd->pw_expire) | |
293 | (void)gettimeofday(&tp, (struct timezone *)NULL); | |
294 | if (pwd->pw_change) | |
295 | if (tp.tv_sec >= pwd->pw_change) { | |
296 | printf("Sorry -- your password has expired.\n"); | |
297 | sleepexit(1); | |
298 | } | |
299 | else if (tp.tv_sec - pwd->pw_change < TWOWEEKS) { | |
300 | ttp = localtime(&pwd->pw_change); | |
301 | printf("Warning: your password expires on %s %d, 19%d\n", | |
302 | months[ttp->tm_mon], ttp->tm_mday, ttp->tm_year); | |
303 | } | |
304 | if (pwd->pw_expire) | |
305 | if (tp.tv_sec >= pwd->pw_expire) { | |
306 | printf("Sorry -- your account has expired.\n"); | |
307 | sleepexit(1); | |
308 | } | |
309 | else if (tp.tv_sec - pwd->pw_expire < TWOWEEKS) { | |
310 | ttp = localtime(&pwd->pw_expire); | |
311 | printf("Warning: your account expires on %s %d, 19%d\n", | |
312 | months[ttp->tm_mon], ttp->tm_mday, ttp->tm_year); | |
313 | } | |
314 | ||
c91c86eb KB |
315 | if (pwd->pw_change || pwd->pw_expire) |
316 | (void)gettimeofday(&tp, (struct timezone *)NULL); | |
317 | if (pwd->pw_change) | |
318 | if (tp.tv_sec >= pwd->pw_change) { | |
0e08a2b3 | 319 | (void)printf("Sorry -- your password has expired.\n"); |
c91c86eb KB |
320 | sleepexit(1); |
321 | } | |
50112e48 | 322 | else if (pwd->pw_change - tp.tv_sec < |
44d9892d KB |
323 | 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) |
324 | (void)printf("Warning: your password expires on %s", | |
325 | ctime(&pwd->pw_expire)); | |
c91c86eb KB |
326 | if (pwd->pw_expire) |
327 | if (tp.tv_sec >= pwd->pw_expire) { | |
0e08a2b3 | 328 | (void)printf("Sorry -- your account has expired.\n"); |
c91c86eb KB |
329 | sleepexit(1); |
330 | } | |
50112e48 | 331 | else if (pwd->pw_expire - tp.tv_sec < |
44d9892d KB |
332 | 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) |
333 | (void)printf("Warning: your account expires on %s", | |
334 | ctime(&pwd->pw_expire)); | |
c91c86eb | 335 | |
ede75793 | 336 | /* nothing else left to fail -- really log in */ |
80f91e3f KB |
337 | { |
338 | struct utmp utmp; | |
339 | ||
9bcf1061 | 340 | bzero((void *)&utmp, sizeof(utmp)); |
80f91e3f KB |
341 | (void)time(&utmp.ut_time); |
342 | strncpy(utmp.ut_name, username, sizeof(utmp.ut_name)); | |
a829b33b KB |
343 | if (hostname) |
344 | strncpy(utmp.ut_host, hostname, sizeof(utmp.ut_host)); | |
80f91e3f KB |
345 | strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line)); |
346 | login(&utmp); | |
f570e1ff | 347 | } |
80f91e3f | 348 | |
f0c0c252 | 349 | dolastlog(quietlog); |
80f91e3f | 350 | |
80f91e3f KB |
351 | (void)chown(ttyn, pwd->pw_uid, |
352 | (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid); | |
353 | (void)chmod(ttyn, 0620); | |
354 | (void)setgid(pwd->pw_gid); | |
355 | ||
356 | initgroups(username, pwd->pw_gid); | |
357 | ||
ede75793 | 358 | if (*pwd->pw_shell == '\0') |
fb6e7f7e | 359 | pwd->pw_shell = _PATH_BSHELL; |
ede75793 | 360 | |
80f91e3f | 361 | /* destroy environment unless user has requested preservation */ |
d3737d51 SL |
362 | if (!pflag) |
363 | environ = envinit; | |
ede75793 KB |
364 | (void)setenv("HOME", pwd->pw_dir, 1); |
365 | (void)setenv("SHELL", pwd->pw_shell, 1); | |
d3737d51 | 366 | if (term[0] == '\0') |
659be7fb | 367 | strncpy(term, stypeof(tty), sizeof(term)); |
ede75793 KB |
368 | (void)setenv("TERM", term, 0); |
369 | (void)setenv("USER", pwd->pw_name, 1); | |
c502712b | 370 | (void)setenv("PATH", _PATH_DEFPATH, 0); |
d3737d51 | 371 | |
9479aa87 | 372 | if (tty[sizeof("tty")-1] == 'd') |
d3737d51 | 373 | syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); |
e83bda0c | 374 | /* if fflag is on, assume caller/authenticator has logged root login */ |
0cbdb7cb | 375 | if (ROOTLOGIN && fflag == 0) |
80f91e3f | 376 | if (hostname) |
0cbdb7cb KF |
377 | syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", |
378 | username, tty, hostname); | |
df9d9536 | 379 | else |
0cbdb7cb | 380 | syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty); |
80f91e3f | 381 | |
9bcf1061 KB |
382 | #ifdef KERBEROS |
383 | if (!quietlog && notickets == 1) | |
384 | (void)printf("Warning: no Kerberos tickets issued.\n"); | |
385 | #endif | |
386 | ||
4f8d3876 | 387 | if (!quietlog) { |
6821e9c5 | 388 | struct stat st; |
d3737d51 | 389 | |
94df1dc7 MK |
390 | printf( |
391 | "Copyright (c) 1980,1983,1986,1988,1990,1991 The Regents of the University\n%s", | |
392 | "of California. All rights reserved.\n\n"); | |
80f91e3f | 393 | motd(); |
fb6e7f7e | 394 | (void)sprintf(tbuf, "%s/%s", _PATH_MAILDIR, pwd->pw_name); |
80f91e3f | 395 | if (stat(tbuf, &st) == 0 && st.st_size != 0) |
0e08a2b3 | 396 | (void)printf("You have %smail.\n", |
80f91e3f | 397 | (st.st_mtime > st.st_atime) ? "new " : ""); |
f570e1ff | 398 | } |
80f91e3f KB |
399 | |
400 | (void)signal(SIGALRM, SIG_DFL); | |
401 | (void)signal(SIGQUIT, SIG_DFL); | |
402 | (void)signal(SIGINT, SIG_DFL); | |
403 | (void)signal(SIGTSTP, SIG_IGN); | |
404 | ||
405 | tbuf[0] = '-'; | |
406 | strcpy(tbuf + 1, (p = rindex(pwd->pw_shell, '/')) ? | |
407 | p + 1 : pwd->pw_shell); | |
0e08a2b3 | 408 | |
3d28f6dd KS |
409 | if (setlogin(pwd->pw_name) < 0) |
410 | syslog(LOG_ERR, "setlogin() failure: %m"); | |
a339b173 | 411 | |
0e08a2b3 | 412 | /* discard permissions last so can't get killed and drop core */ |
0cbdb7cb KF |
413 | if (ROOTLOGIN) |
414 | (void) setuid(0); | |
415 | else | |
416 | (void)setuid(pwd->pw_uid); | |
0e08a2b3 | 417 | |
80f91e3f | 418 | execlp(pwd->pw_shell, tbuf, 0); |
0e08a2b3 | 419 | (void)fprintf(stderr, "login: no shell: %s.\n", strerror(errno)); |
88a01c09 BJ |
420 | exit(0); |
421 | } | |
422 | ||
0cbdb7cb KF |
423 | #ifdef KERBEROS |
424 | #define NBUFSIZ (UT_NAMESIZE + 1 + 5) /* .root suffix */ | |
425 | #else | |
426 | #define NBUFSIZ (UT_NAMESIZE + 1) | |
427 | #endif | |
428 | ||
80f91e3f | 429 | getloginname() |
3b8dd95e | 430 | { |
80f91e3f | 431 | register int ch; |
0cbdb7cb KF |
432 | register char *p, *instance; |
433 | static char nbuf[NBUFSIZ]; | |
3b8dd95e | 434 | |
80f91e3f | 435 | for (;;) { |
0e08a2b3 | 436 | (void)printf("login: "); |
ede75793 | 437 | for (p = nbuf; (ch = getchar()) != '\n'; ) { |
f0c0c252 KB |
438 | if (ch == EOF) { |
439 | badlogin(username); | |
3b8dd95e | 440 | exit(0); |
f0c0c252 | 441 | } |
0cbdb7cb | 442 | if (p < nbuf + (NBUFSIZ - 1)) |
80f91e3f | 443 | *p++ = ch; |
3b8dd95e | 444 | } |
80f91e3f KB |
445 | if (p > nbuf) |
446 | if (nbuf[0] == '-') | |
0e08a2b3 | 447 | (void)fprintf(stderr, |
80f91e3f KB |
448 | "login names may not start with '-'.\n"); |
449 | else { | |
450 | *p = '\0'; | |
451 | username = nbuf; | |
ede75793 | 452 | break; |
80f91e3f | 453 | } |
3b8dd95e | 454 | } |
0cbdb7cb KF |
455 | #ifdef KERBEROS |
456 | if ((instance = index(nbuf, '.')) != NULL) { | |
457 | if (strncmp(instance, ".root", 5) == 0) { | |
458 | rootlogin++; | |
459 | } | |
460 | *instance = '\0'; | |
461 | if ((instance - nbuf) > UT_NAMESIZE) | |
462 | nbuf[UT_NAMESIZE] = '\0'; | |
463 | } else | |
464 | rootlogin = 0; | |
465 | #endif | |
3b8dd95e SL |
466 | } |
467 | ||
9bcf1061 | 468 | void |
3b8dd95e SL |
469 | timedout() |
470 | { | |
0e08a2b3 | 471 | (void)fprintf(stderr, "Login timed out after %d seconds\n", timeout); |
3b8dd95e SL |
472 | exit(0); |
473 | } | |
474 | ||
659be7fb MK |
475 | rootterm(ttyn) |
476 | char *ttyn; | |
88a01c09 | 477 | { |
80f91e3f | 478 | struct ttyent *t; |
1886582e | 479 | |
659be7fb | 480 | return((t = getttynam(ttyn)) && t->ty_status&TTY_SECURE); |
88a01c09 BJ |
481 | } |
482 | ||
ede75793 KB |
483 | jmp_buf motdinterrupt; |
484 | ||
80f91e3f | 485 | motd() |
f570e1ff | 486 | { |
ede75793 | 487 | register int fd, nchars; |
b32e4ad7 | 488 | sig_t oldint; |
bc0c28c1 | 489 | void sigint(); |
ede75793 | 490 | char tbuf[8192]; |
80f91e3f | 491 | |
fb6e7f7e | 492 | if ((fd = open(_PATH_MOTDFILE, O_RDONLY, 0)) < 0) |
80f91e3f KB |
493 | return; |
494 | oldint = signal(SIGINT, sigint); | |
ede75793 KB |
495 | if (setjmp(motdinterrupt) == 0) |
496 | while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) | |
497 | (void)write(fileno(stdout), tbuf, nchars); | |
80f91e3f | 498 | (void)signal(SIGINT, oldint); |
ede75793 | 499 | (void)close(fd); |
80f91e3f | 500 | } |
9479aa87 | 501 | |
bc0c28c1 | 502 | void |
80f91e3f KB |
503 | sigint() |
504 | { | |
ede75793 | 505 | longjmp(motdinterrupt, 1); |
80f91e3f KB |
506 | } |
507 | ||
508 | checknologin() | |
509 | { | |
510 | register int fd, nchars; | |
ede75793 | 511 | char tbuf[8192]; |
80f91e3f | 512 | |
fb6e7f7e | 513 | if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { |
80f91e3f KB |
514 | while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) |
515 | (void)write(fileno(stdout), tbuf, nchars); | |
516 | sleepexit(0); | |
f570e1ff | 517 | } |
f570e1ff BJ |
518 | } |
519 | ||
f0c0c252 | 520 | dolastlog(quiet) |
80f91e3f | 521 | int quiet; |
88a01c09 | 522 | { |
80f91e3f KB |
523 | struct lastlog ll; |
524 | int fd; | |
c91c86eb | 525 | char *ctime(); |
83cc7253 | 526 | char *ctime(); |
80f91e3f | 527 | |
fb6e7f7e | 528 | if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { |
ede75793 | 529 | (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); |
80f91e3f KB |
530 | if (!quiet) { |
531 | if (read(fd, (char *)&ll, sizeof(ll)) == sizeof(ll) && | |
532 | ll.ll_time != 0) { | |
0e08a2b3 | 533 | (void)printf("Last login: %.*s ", |
80f91e3f KB |
534 | 24-5, (char *)ctime(&ll.ll_time)); |
535 | if (*ll.ll_host != '\0') | |
0e08a2b3 | 536 | (void)printf("from %.*s\n", |
80f91e3f KB |
537 | sizeof(ll.ll_host), ll.ll_host); |
538 | else | |
0e08a2b3 | 539 | (void)printf("on %.*s\n", |
80f91e3f KB |
540 | sizeof(ll.ll_line), ll.ll_line); |
541 | } | |
ede75793 | 542 | (void)lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), L_SET); |
80f91e3f | 543 | } |
9bcf1061 | 544 | bzero((void *)&ll, sizeof(ll)); |
80f91e3f KB |
545 | (void)time(&ll.ll_time); |
546 | strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); | |
a829b33b KB |
547 | if (hostname) |
548 | strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); | |
80f91e3f KB |
549 | (void)write(fd, (char *)&ll, sizeof(ll)); |
550 | (void)close(fd); | |
88a01c09 | 551 | } |
88a01c09 BJ |
552 | } |
553 | ||
f0c0c252 KB |
554 | badlogin(name) |
555 | char *name; | |
556 | { | |
659be7fb | 557 | if (failures == 0) |
f0c0c252 | 558 | return; |
fdc8f1ac KB |
559 | if (hostname) { |
560 | syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s", | |
561 | failures, failures > 1 ? "S" : "", hostname); | |
562 | syslog(LOG_AUTHPRIV|LOG_NOTICE, | |
563 | "%d LOGIN FAILURE%s FROM %s, %s", | |
659be7fb | 564 | failures, failures > 1 ? "S" : "", hostname, name); |
fdc8f1ac KB |
565 | } else { |
566 | syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s", | |
567 | failures, failures > 1 ? "S" : "", tty); | |
568 | syslog(LOG_AUTHPRIV|LOG_NOTICE, | |
569 | "%d LOGIN FAILURE%s ON %s, %s", | |
659be7fb | 570 | failures, failures > 1 ? "S" : "", tty, name); |
fdc8f1ac | 571 | } |
f0c0c252 KB |
572 | } |
573 | ||
f570e1ff | 574 | #undef UNKNOWN |
80f91e3f | 575 | #define UNKNOWN "su" |
88a01c09 BJ |
576 | |
577 | char * | |
659be7fb MK |
578 | stypeof(ttyid) |
579 | char *ttyid; | |
88a01c09 | 580 | { |
80f91e3f | 581 | struct ttyent *t; |
88a01c09 | 582 | |
659be7fb | 583 | return(ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN); |
88a01c09 | 584 | } |
86eb6c9e | 585 | |
80f91e3f KB |
586 | sleepexit(eval) |
587 | int eval; | |
c89291e2 | 588 | { |
80f91e3f KB |
589 | sleep((u_int)5); |
590 | exit(eval); | |
c89291e2 | 591 | } |
d0faf133 KB |
592 | |
593 | doremotelogin(host) | |
594 | char *host; | |
595 | { | |
596 | static char lusername[UT_NAMESIZE+1]; | |
597 | char rusername[UT_NAMESIZE+1]; | |
598 | ||
599 | getstr(rusername, sizeof(rusername), "remuser"); | |
600 | getstr(lusername, sizeof(lusername), "locuser"); | |
601 | getstr(term, sizeof(term), "Terminal type"); | |
602 | username = lusername; | |
603 | pwd = getpwnam(username); | |
604 | if (pwd == NULL) | |
605 | return(-1); | |
606 | return(ruserok(host, (pwd->pw_uid == 0), rusername, username)); | |
607 | } | |
608 | ||
609 | char *speeds[] = { | |
610 | "0", "50", "75", "110", "134", "150", "200", "300", "600", | |
611 | "1200", "1800", "2400", "4800", "9600", "19200", "38400", | |
612 | }; | |
613 | #define NSPEEDS (sizeof(speeds) / sizeof(speeds[0])) | |
614 | ||
615 | doremoteterm(tp) | |
616 | struct sgttyb *tp; | |
617 | { | |
618 | register char *cp = index(term, '/'), **cpp; | |
619 | char *speed; | |
620 | ||
621 | if (cp) { | |
622 | *cp++ = '\0'; | |
623 | speed = cp; | |
624 | cp = index(speed, '/'); | |
625 | if (cp) | |
626 | *cp++ = '\0'; | |
627 | for (cpp = speeds; cpp < &speeds[NSPEEDS]; cpp++) | |
628 | if (strcmp(*cpp, speed) == 0) { | |
629 | tp->sg_ispeed = tp->sg_ospeed = cpp-speeds; | |
630 | break; | |
631 | } | |
632 | } | |
633 | tp->sg_flags = ECHO|CRMOD|ANYP|XTABS; | |
634 | } |