ubase

suckless linux base utils
git clone git://git.2f30.org/ubase
Log | Files | Refs | README | LICENSE

commit bd4b6f4e47ae91b9d9c7a47874be5f4847e6a63b
parent e5d539a76f0335da2a1e0c495c16ee60fdff1d01
Author: sin <sin@2f30.org>
Date:   Tue,  3 Jun 2014 12:09:25 +0100

Add /etc/passwd support to su(1)

Diffstat:
Msu.c | 60++++++++++++++++++++++++++++++++++++++++++------------------
1 file changed, 42 insertions(+), 18 deletions(-)

diff --git a/su.c b/su.c @@ -58,42 +58,66 @@ main(int argc, char *argv[]) srand(time(NULL)); errno = 0; - spw = getspnam(usr); + pw = getpwnam(usr); if (errno) - eprintf("getspnam: %s:", usr); - else if (!spw) + eprintf("getpwnam: %s:", usr); + else if (!pw) eprintf("who are you?\n"); - switch (spw->sp_pwdp[0]) { + switch (pw->pw_passwd[0]) { case '!': case '*': eprintf("denied\n"); } + /* Empty password? Su now */ + if (pw->pw_passwd[0] == '\0') + goto dosu; + uid = getuid(); if (uid) { pass = getpass("Password: "); if (!pass) eprintf("getpass:"); + } - cryptpass = crypt(pass, spw->sp_pwdp); - explicit_bzero(pass, strlen(pass)); - if (!cryptpass) - eprintf("crypt:"); - - if (strcmp(cryptpass, spw->sp_pwdp) != 0) - eprintf(randreply()); - explicit_bzero(cryptpass, strlen(cryptpass)); + if (pw->pw_passwd[0] == 'x' && pw->pw_passwd[1] == '\0') { + errno = 0; + spw = getspnam(usr); + if (errno) + eprintf("getspnam: %s:", usr); + else if (!spw) + eprintf("who are you?\n"); + + switch (spw->sp_pwdp[0]) { + case '!': + case '*': + eprintf("denied\n"); + } + if (uid) { + cryptpass = crypt(pass, spw->sp_pwdp); + if (!cryptpass) + eprintf("crypt:"); + if (strcmp(cryptpass, spw->sp_pwdp) != 0) + eprintf(randreply()); + } explicit_bzero(spw, sizeof *spw); + } else { + if (uid) { + cryptpass = crypt(pass, pw->pw_passwd); + if (!cryptpass) + eprintf("crypt:"); + if (strcmp(cryptpass, pw->pw_passwd) != 0) + eprintf("login failed\n"); + } } - errno = 0; - pw = getpwnam(usr); - if (errno) - eprintf("getpwnam: %s", usr); - else if (!pw) - eprintf("who are you?\n"); + if (uid) { + explicit_bzero(pass, strlen(pass)); + explicit_bzero(cryptpass, strlen(cryptpass)); + } +dosu: if (initgroups(usr, pw->pw_gid) < 0) eprintf("initgroups:"); if (setgid(pw->pw_gid) < 0)