aboutsummaryrefslogtreecommitdiff
path: root/toys/pending/su.c
blob: eac149c8f772e6db8768bffba21a8a84ef1ca823 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
/* su.c - switch user
 *
 * Copyright 2013 CE Strake <strake888@gmail.com>
 *
 * See http://refspecs.linuxfoundation.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/su.html
 * TODO: log su attempts

USE_SU(NEWTOY(su, "lmpc:s:", TOYFLAG_BIN|TOYFLAG_ROOTONLY))

config SU
  bool "su"
  default n
  help
    usage: su [-lmp] [-c CMD] [-s SHELL] [USER [ARGS...]]

    Switch to user (or root) and run shell (with optional command line).

    -s	shell to use
    -c	command to pass to shell with -c
    -l	login shell
    -(m|p)	preserve environment
*/

#define FOR_su
#include "toys.h"

GLOBALS(
  char *s;
  char *c;
)

static char *snapshot_env(char *name)
{
  char *s = getenv(name);

  if (s) return xmsprintf("%s=%s", name, s);

  return 0;
}

void su_main()
{
  char *name, *passhash = 0, **argu, **argv;
  struct passwd *up;
  struct spwd *shp;

  if (*toys.optargs && !strcmp("-", *toys.optargs)) {
    toys.optflags |= FLAG_l;
    toys.optargs++;
  }

  if (*toys.optargs) name = *(toys.optargs++);
  else name = "root";

  if (!(shp = getspnam(name))) perror_exit("no '%s'", name);
  if (*shp->sp_pwdp != '$') goto deny;
  if (read_password(toybuf, sizeof(toybuf), "Password: ")) goto deny;
  passhash = crypt(toybuf, shp->sp_pwdp);
  memset(toybuf, 0, sizeof(toybuf));
  if (!passhash || strcmp(passhash, shp->sp_pwdp)) goto deny;

  up = xgetpwnam(name);
  xsetuid(up->pw_uid);

  argv = argu = xmalloc(sizeof(char *)*(toys.optc + 4));
  *(argv++) = TT.s ? TT.s : up->pw_shell;

  if (toys.optflags & FLAG_l) {
    int i;
    char *stuff[] = {snapshot_env("TERM"), snapshot_env("DISPLAY"),
      snapshot_env("COLORTERM"), snapshot_env("XAUTHORITY")};

    clearenv();
    for (i=0; i < sizeof(stuff)/sizeof(char *); i++) putenv(stuff[i]);
    *(argv++) = "-l";
    xchdir(up->pw_dir);
  } else unsetenv("IFS");
  setenv("PATH", "/sbin:/bin:/usr/sbin:/usr/bin", 1);
  if (!(toys.optflags & (FLAG_m|FLAG_p))) {
    setenv("HOME", up->pw_dir, 1);
    setenv("SHELL", up->pw_shell, 1);
    setenv("USER", up->pw_name, 1);
    setenv("LOGNAME", up->pw_name, 1);
  } else unsetenv("IFS");

  if (toys.optflags & FLAG_c) {
    *(argv++) = "-c";
    *(argv++) = TT.c;
  }
  while ((*(argv++) = *(toys.optargs++)));
  xexec(argu);
  perror_exit("can't exec %s", *argu);

deny:
  puts("No.");
  toys.exitval = 1;
}