Diffstat (limited to 'core/opie-login/loginapplication.cpp') (more/less context) (ignore whitespace changes)
| -rw-r--r-- | core/opie-login/loginapplication.cpp | 74 |
1 files changed, 67 insertions, 7 deletions
diff --git a/core/opie-login/loginapplication.cpp b/core/opie-login/loginapplication.cpp index 8d86a71..1facf2d 100644 --- a/core/opie-login/loginapplication.cpp +++ b/core/opie-login/loginapplication.cpp | |||
| @@ -21,24 +21,26 @@ | |||
| 21 | -_. . . )=. = see the file COPYING. If not, write to the | 21 | -_. . . )=. = see the file COPYING. If not, write to the |
| 22 | -- :-=` Free Software Foundation, Inc., | 22 | -- :-=` Free Software Foundation, Inc., |
| 23 | 59 Temple Place - Suite 330, | 23 | 59 Temple Place - Suite 330, |
| 24 | Boston, MA 02111-1307, USA. | 24 | Boston, MA 02111-1307, USA. |
| 25 | 25 | ||
| 26 | */ | 26 | */ |
| 27 | 27 | ||
| 28 | #include <pwd.h> | 28 | #include <pwd.h> |
| 29 | #include <grp.h> | 29 | #include <grp.h> |
| 30 | #include <unistd.h> | 30 | #include <unistd.h> |
| 31 | #include <stdlib.h> | 31 | #include <stdlib.h> |
| 32 | #include <signal.h> | 32 | #include <signal.h> |
| 33 | #include <sys/stat.h> | ||
| 34 | #include <sys/wait.h> | ||
| 33 | 35 | ||
| 34 | #ifdef USEPAM | 36 | #ifdef USEPAM |
| 35 | extern "C" { | 37 | extern "C" { |
| 36 | #include <security/pam_appl.h> | 38 | #include <security/pam_appl.h> |
| 37 | } | 39 | } |
| 38 | #else | 40 | #else |
| 39 | #include <crypt.h> | 41 | #include <crypt.h> |
| 40 | #include <shadow.h> | 42 | #include <shadow.h> |
| 41 | #endif | 43 | #endif |
| 42 | 44 | ||
| 43 | #include "loginapplication.h" | 45 | #include "loginapplication.h" |
| 44 | 46 | ||
| @@ -149,53 +151,111 @@ bool LoginApplication::checkPassword ( const char *user, const char *pass ) | |||
| 149 | 151 | ||
| 150 | bool LoginApplication::changeIdentity ( ) | 152 | bool LoginApplication::changeIdentity ( ) |
| 151 | { | 153 | { |
| 152 | const char *DEFAULT_LOGIN_PATH = "/bin:/usr/bin"; | 154 | const char *DEFAULT_LOGIN_PATH = "/bin:/usr/bin"; |
| 153 | const char *DEFAULT_ROOT_LOGIN_PATH = "/usr/sbin:/bin:/usr/bin:/sbin"; | 155 | const char *DEFAULT_ROOT_LOGIN_PATH = "/usr/sbin:/bin:/usr/bin:/sbin"; |
| 154 | 156 | ||
| 155 | if ( !s_username ) | 157 | if ( !s_username ) |
| 156 | return false; | 158 | return false; |
| 157 | struct passwd *pw = ::getpwnam ( s_username ); | 159 | struct passwd *pw = ::getpwnam ( s_username ); |
| 158 | if ( !pw ) | 160 | if ( !pw ) |
| 159 | return false; | 161 | return false; |
| 160 | 162 | ||
| 163 | // we are still root at this point - try to run the pre-session script | ||
| 164 | if ( !runRootScript ( "OPIEDIR", "share/opie-login/pre-session", s_username )) | ||
| 165 | qWarning ( "failed to run $OPIEDIR/share/opie-login/pre-session" ); | ||
| 166 | |||
| 161 | bool fail = false; | 167 | bool fail = false; |
| 162 | fail |= ( ::initgroups ( pw-> pw_name, pw-> pw_gid )); | 168 | fail |= ( ::initgroups ( pw-> pw_name, pw-> pw_gid )); |
| 163 | ::endgrent ( ); | 169 | ::endgrent ( ); |
| 164 | fail |= ( ::setgid ( pw-> pw_gid )); | 170 | fail |= ( ::setgid ( pw-> pw_gid )); |
| 165 | fail |= ( ::setuid ( pw-> pw_uid )); | 171 | fail |= ( ::setuid ( pw-> pw_uid )); |
| 166 | 172 | ||
| 167 | fail |= ( ::chdir ( pw-> pw_dir ) && ::chdir ( "/" )); | 173 | fail |= ( ::chdir ( pw-> pw_dir ) && ::chdir ( "/" )); |
| 168 | 174 | ||
| 169 | fail |= ( ::setenv ( "HOME", pw-> pw_dir, 1 )); | 175 | fail |= ( ::setenv ( "HOME", pw-> pw_dir, 1 )); |
| 170 | fail |= ( ::setenv ( "SHELL", pw-> pw_shell, 1 )); | 176 | fail |= ( ::setenv ( "SHELL", pw-> pw_shell, 1 )); |
| 171 | fail |= ( ::setenv ( "USER", pw-> pw_name, 1 )); | 177 | fail |= ( ::setenv ( "USER", pw-> pw_name, 1 )); |
| 172 | fail |= ( ::setenv ( "LOGNAME", pw-> pw_name, 1 )); | 178 | fail |= ( ::setenv ( "LOGNAME", pw-> pw_name, 1 )); |
| 173 | fail |= ( ::setenv ( "PATH", ( pw-> pw_uid ? DEFAULT_LOGIN_PATH : DEFAULT_ROOT_LOGIN_PATH ), 1 )); | 179 | fail |= ( ::setenv ( "PATH", ( pw-> pw_uid ? DEFAULT_LOGIN_PATH : DEFAULT_ROOT_LOGIN_PATH ), 1 )); |
| 174 | 180 | ||
| 175 | return !fail; | 181 | return !fail; |
| 176 | } | 182 | } |
| 177 | 183 | ||
| 178 | bool LoginApplication::login ( ) | 184 | bool LoginApplication::login ( ) |
| 179 | { | 185 | { |
| 180 | char *opie = ::getenv ( "OPIEDIR" ); | 186 | execUserScript ( "HOME", ".opie-session" ); |
| 181 | char *arg = new char [::strlen ( opie ) + 8 + 1]; | 187 | execUserScript ( "OPIEDIR", "share/opie-login/opie-session" ); |
| 188 | execUserScript ( "OPIEDIR", "bin/qpe" ); | ||
| 189 | |||
| 190 | qWarning ( "failed to start an Opie session" ); | ||
| 191 | return false; | ||
| 192 | } | ||
| 193 | |||
| 194 | void LoginApplication::logout ( ) | ||
| 195 | { | ||
| 196 | // we are now root again - try to run the post-session script | ||
| 197 | if ( !runRootScript ( "OPIEDIR", "share/opie-login/post-session" )) | ||
| 198 | qWarning ( "failed to run $OPIEDIR/scripts/post-session" ); | ||
| 199 | } | ||
| 182 | 200 | ||
| 183 | ::strcpy ( arg, opie ); | ||
| 184 | ::strcat ( arg, "/bin/qpe" ); | ||
| 185 | 201 | ||
| 186 | // start qpe via a login shell | 202 | static char *buildarg ( const char *base, const char *script ) |
| 187 | ::execl ( "/bin/sh", "-sh", "-c", arg, 0 ); | 203 | { |
| 204 | const char *dir = base ? ::getenv ( base ) : "/"; | ||
| 205 | char *arg = new char [::strlen ( dir ) + ::strlen ( script ) + 2]; | ||
| 188 | 206 | ||
| 189 | return false; | 207 | ::strcpy ( arg, dir ); |
| 208 | ::strcat ( arg, "/" ); | ||
| 209 | ::strcat ( arg, script ); | ||
| 210 | |||
| 211 | return arg; | ||
| 212 | } | ||
| 213 | |||
| 214 | bool LoginApplication::runRootScript ( const char *base, const char *script, const char *param ) | ||
| 215 | { | ||
| 216 | bool res = false; | ||
| 217 | char *arg = buildarg ( base, script ); | ||
| 218 | |||
| 219 | struct stat st; | ||
| 220 | if (( ::stat ( arg, &st ) == 0 ) && ( st. st_uid == 0 )) { | ||
| 221 | pid_t child = ::fork ( ); | ||
| 222 | |||
| 223 | if ( child == 0 ) { | ||
| 224 | ::execl ( "/bin/sh", "-sh", arg, param, 0 ); | ||
| 225 | ::_exit ( -1 ); | ||
| 226 | } | ||
| 227 | else if ( child > 0 ) { | ||
| 228 | int status = 0; | ||
| 229 | |||
| 230 | while ( ::waitpid ( child, &status, 0 ) < 0 ) { } | ||
| 231 | res = ( WIFEXITED( status )) && ( WEXITSTATUS( status ) == 0 ); | ||
| 232 | } | ||
| 233 | } | ||
| 234 | |||
| 235 | delete [] arg; | ||
| 236 | return res; | ||
| 237 | } | ||
| 238 | |||
| 239 | void LoginApplication::execUserScript ( const char *base, const char *script ) | ||
| 240 | { | ||
| 241 | char *arg = buildarg ( base, script ); | ||
| 242 | |||
| 243 | struct stat st; | ||
| 244 | if ( ::stat ( arg, &st ) == 0 ) { | ||
| 245 | if ( st. st_mode & S_IXUSR ) | ||
| 246 | ::execl ( "/bin/sh", "-sh", "-c", arg, 0 ); | ||
| 247 | else | ||
| 248 | ::execl ( "/bin/sh", "-sh", arg, 0 ); | ||
| 249 | } | ||
| 190 | } | 250 | } |
| 191 | 251 | ||
| 192 | const char *LoginApplication::loginAs ( ) | 252 | const char *LoginApplication::loginAs ( ) |
| 193 | { | 253 | { |
| 194 | return s_username; | 254 | return s_username; |
| 195 | } | 255 | } |
| 196 | 256 | ||
| 197 | void LoginApplication::setLoginAs ( const char *name ) | 257 | void LoginApplication::setLoginAs ( const char *name ) |
| 198 | { | 258 | { |
| 199 | s_username = name; | 259 | s_username = name; |
| 200 | } | 260 | } |
| 201 | 261 | ||