1 |
--- autologin-1.0.0/src/autologin.c.fred 2000-07-19 22:43:59.000000000 +0200 |
2 |
+++ autologin-1.0.0/src/autologin.c 2006-08-17 00:26:16.000000000 +0200 |
3 |
@@ -9,13 +9,16 @@ |
4 |
#include <errno.h> |
5 |
#include <sys/types.h> |
6 |
#include <sys/stat.h> |
7 |
+#include <fcntl.h> |
8 |
#include <pwd.h> |
9 |
#define CONFIG "/etc/sysconfig/autologin" |
10 |
-#define DEFAULT "/usr/X11R6/bin/startx" |
11 |
+#define DEFAULT "/usr/bin/startx.autologin" |
12 |
+#define _PATH_DEFPATH "/usr/X11R6/bin:/usr/local/bin:/bin:/usr/bin" |
13 |
|
14 |
#ifdef HAVE_PAM |
15 |
#include <security/pam_appl.h> |
16 |
#include <sys/wait.h> |
17 |
+#include <signal.h> |
18 |
static int PAM_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) |
19 |
{ |
20 |
/* We use PAM to authenticate for pam_console only, we don't need |
21 |
@@ -27,6 +30,13 @@ |
22 |
&PAM_conv, |
23 |
NULL |
24 |
}; |
25 |
+ |
26 |
+static pid_t child; |
27 |
+ |
28 |
+static void sigterm_handler(int val) |
29 |
+{ |
30 |
+ kill(child, SIGTERM); |
31 |
+} |
32 |
#endif |
33 |
|
34 |
char runthis[1024]; |
35 |
@@ -43,36 +53,36 @@ |
36 |
char *dir, *shell; |
37 |
char *user=NULL; |
38 |
char *cmd=NULL; |
39 |
+ int outfd; |
40 |
#ifdef HAVE_PAM |
41 |
pam_handle_t *pamh; |
42 |
- pid_t child; |
43 |
int status; |
44 |
#endif |
45 |
|
46 |
runthis[0]=0; runthis[1023]=0; |
47 |
if(getuid()) { |
48 |
- puts("ERROR: This program needs to change user IDs; therefore, it must be run as root."); |
49 |
+ puts("autologin ERROR: This program needs to change user IDs; therefore, it must be run as root."); |
50 |
return 1; |
51 |
} |
52 |
if(stat(CONFIG, &st)) { |
53 |
- perror("ERROR: Couldn't stat "CONFIG":"); |
54 |
+ perror("autologin ERROR: Couldn't stat "CONFIG":"); |
55 |
return 1; |
56 |
} |
57 |
if(st.st_mode & S_IWGRP) { |
58 |
- puts("ERROR: "CONFIG" must not be group-writable!"); |
59 |
+ puts("autologin ERROR: "CONFIG" must not be group-writable!"); |
60 |
return 1; |
61 |
} |
62 |
if(st.st_mode & S_IWOTH) { |
63 |
- puts("ERROR: "CONFIG" must not be world-writable!"); |
64 |
+ puts("autologin ERROR: "CONFIG" must not be world-writable!"); |
65 |
return 1; |
66 |
} |
67 |
if(st.st_uid || st.st_gid) { |
68 |
- puts("ERROR: "CONFIG" must be owned by user root, group root!"); |
69 |
+ puts("autologin ERROR: "CONFIG" must be owned by user root, group root!"); |
70 |
return 1; |
71 |
} |
72 |
f=fopen(CONFIG, "r"); |
73 |
if(!f) { |
74 |
- perror("ERROR: Couldn't open "CONFIG":"); |
75 |
+ perror("autologin ERROR: Couldn't open "CONFIG":"); |
76 |
return 1; |
77 |
} |
78 |
cfg=(char *) malloc(st.st_size+1); |
79 |
@@ -107,10 +117,9 @@ |
80 |
fclose(f); |
81 |
free(cfg); |
82 |
if(user==NULL) { |
83 |
- puts("ERROR: Required variable USER= not found in "CONFIG"."); |
84 |
if(cmd) |
85 |
free(cmd); |
86 |
- return 1; |
87 |
+ return 0; |
88 |
} |
89 |
if(cmd==NULL) /* Try a reasonable default... */ |
90 |
cmd=strdup(DEFAULT); |
91 |
@@ -126,7 +135,7 @@ |
92 |
dir=strdup(pw->pw_dir); |
93 |
shell=strdup(pw->pw_shell); |
94 |
} else { |
95 |
- printf("ERROR: No such user %s!\n", user); |
96 |
+ printf("autologin ERROR: No such user %s!\n", user); |
97 |
return 1; |
98 |
} |
99 |
|
100 |
@@ -138,6 +147,16 @@ |
101 |
} |
102 |
#endif |
103 |
|
104 |
+ outfd = open("/var/log/autologin.log", O_WRONLY | O_CREAT); |
105 |
+ close(1); |
106 |
+ close(2); |
107 |
+ dup2(outfd, 1); |
108 |
+ dup2(outfd, 2); |
109 |
+ |
110 |
+ setpgrp(); |
111 |
+ setsid(); |
112 |
+ initgroups(user, pw->pw_gid); |
113 |
+ |
114 |
/* Take console ownership and satisfy PAM */ |
115 |
#ifdef HAVE_PAM |
116 |
pam_start("autologin", user, &PAM_conversation, &pamh); |
117 |
@@ -180,6 +199,7 @@ |
118 |
setenv("SHELL", shell, 1); |
119 |
setenv("USER", user, 1); |
120 |
setenv("LOGNAME", user, 1); |
121 |
+ setenv("PATH", _PATH_DEFPATH, 1); |
122 |
|
123 |
chdir(dir); |
124 |
free(user); |
125 |
@@ -191,6 +211,7 @@ |
126 |
return 2; |
127 |
#ifdef HAVE_PAM |
128 |
} else { |
129 |
+ signal(SIGTERM, sigterm_handler); |
130 |
waitpid(child, &status, 0); |
131 |
pam_close_session(pamh, 0); |
132 |
pam_end(pamh, PAM_SUCCESS); |
133 |
--- autologin-1.0.0/src/autologin.pam.fred 2000-07-19 20:57:49.000000000 +0200 |
134 |
+++ autologin-1.0.0/src/autologin.pam 2006-08-17 00:26:16.000000000 +0200 |
135 |
@@ -1,4 +1,4 @@ |
136 |
#%PAM-1.0 |
137 |
-account required /lib/security/pam_unix.so |
138 |
-session required /lib/security/pam_unix.so |
139 |
+account include system-auth |
140 |
+session include system-auth |
141 |
session optional /lib/security/pam_console.so |
142 |
--- autologin-1.0.0/README.fred 2000-06-04 02:00:00.000000000 +0200 |
143 |
+++ autologin-1.0.0/README 2006-08-17 00:28:24.000000000 +0200 |
144 |
@@ -31,9 +31,7 @@ |
145 |
specified above. |
146 |
If this setting is omitted, /usr/X11R6/bin/startx will be used. |
147 |
AUTOLOGIN={yes,no} |
148 |
- You can use this setting to turn off autologin even if it is |
149 |
- installed and the config file exists and is considered safe. |
150 |
- If this setting is omitted, "yes" is assumed. |
151 |
+ If this setting is omitted, "no" is assumed. |
152 |
|
153 |
/etc/sysconfig/autologin must not be writable by anyone but root. If it is, |
154 |
it is detected as a possible cracking attempt and autologin will not run. |