current/SOURCES/autologin-1.0.0-mdv.patch

--- autologin-1.0.0/src/autologin.c.fred        2000-07-19 22:43:59.000000000 +0200
+++ autologin-1.0.0/src/autologin.c     2006-08-17 00:26:16.000000000 +0200
@@ -9,13 +9,16 @@
 #include <errno.h>
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <fcntl.h>
 #include <pwd.h>
 #define CONFIG "/etc/sysconfig/autologin"
-#define DEFAULT "/usr/X11R6/bin/startx"
+#define DEFAULT "/usr/bin/startx.autologin"
+#define        _PATH_DEFPATH "/usr/X11R6/bin:/usr/local/bin:/bin:/usr/bin"
 
 #ifdef HAVE_PAM
 #include <security/pam_appl.h>
 #include <sys/wait.h>
+#include <signal.h>
 static int PAM_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
 {
        /* We use PAM to authenticate for pam_console only, we don't need
@@ -27,6 +30,13 @@
        &PAM_conv,
        NULL
 };
+
+static pid_t child;
+
+static void sigterm_handler(int val) 
+{
+  kill(child, SIGTERM);
+}
 #endif
 
 char runthis[1024];
@@ -43,36 +53,36 @@
        char *dir, *shell;
        char *user=NULL;
        char *cmd=NULL;
+       int outfd;
 #ifdef HAVE_PAM
        pam_handle_t *pamh;
-       pid_t child;
        int status;
 #endif
 
        runthis[0]=0; runthis[1023]=0;
        if(getuid()) {
-               puts("ERROR: This program needs to change user IDs; therefore, it must be run as root.");
+               puts("autologin ERROR: This program needs to change user IDs; therefore, it must be run as root.");
                return 1;
        }
        if(stat(CONFIG, &st)) {
-               perror("ERROR: Couldn't stat "CONFIG":");
+               perror("autologin ERROR: Couldn't stat "CONFIG":");
                return 1;
        }
        if(st.st_mode & S_IWGRP) {
-               puts("ERROR: "CONFIG" must not be group-writable!");
+               puts("autologin ERROR: "CONFIG" must not be group-writable!");
                return 1;
        }
        if(st.st_mode & S_IWOTH) {
-               puts("ERROR: "CONFIG" must not be world-writable!");
+               puts("autologin ERROR: "CONFIG" must not be world-writable!");
                return 1;
        }
        if(st.st_uid || st.st_gid) {
-               puts("ERROR: "CONFIG" must be owned by user root, group root!");
+               puts("autologin ERROR: "CONFIG" must be owned by user root, group root!");
                return 1;
        }       
        f=fopen(CONFIG, "r");
        if(!f) {
-               perror("ERROR: Couldn't open "CONFIG":");
+               perror("autologin ERROR: Couldn't open "CONFIG":");
                return 1;
        }
        cfg=(char *) malloc(st.st_size+1);
@@ -107,10 +117,9 @@
        fclose(f);
        free(cfg);
        if(user==NULL) {
-               puts("ERROR: Required variable USER= not found in "CONFIG".");
                if(cmd)
                        free(cmd);
-               return 1;
+               return 0;
        }
        if(cmd==NULL) /* Try a reasonable default... */
                cmd=strdup(DEFAULT);
@@ -126,7 +135,7 @@
                dir=strdup(pw->pw_dir);
                shell=strdup(pw->pw_shell);
        } else {
-               printf("ERROR: No such user %s!\n", user);
+               printf("autologin ERROR: No such user %s!\n", user);
                return 1;
        }
 
@@ -138,6 +147,16 @@
        }
 #endif
 
+       outfd = open("/var/log/autologin.log", O_WRONLY | O_CREAT);
+       close(1);
+       close(2);
+       dup2(outfd, 1);
+       dup2(outfd, 2);
+       
+       setpgrp();
+       setsid();
+       initgroups(user, pw->pw_gid);
+       
        /* Take console ownership and satisfy PAM */
 #ifdef HAVE_PAM
        pam_start("autologin", user, &PAM_conversation, &pamh);
@@ -180,6 +199,7 @@
        setenv("SHELL", shell, 1);
        setenv("USER", user, 1);
        setenv("LOGNAME", user, 1);
+       setenv("PATH", _PATH_DEFPATH, 1);
 
        chdir(dir);
        free(user);
@@ -191,6 +211,7 @@
        return 2;
 #ifdef HAVE_PAM
        } else {
+               signal(SIGTERM, sigterm_handler);
                waitpid(child, &status, 0);
                pam_close_session(pamh, 0);
                pam_end(pamh, PAM_SUCCESS);
--- autologin-1.0.0/src/autologin.pam.fred      2000-07-19 20:57:49.000000000 +0200
+++ autologin-1.0.0/src/autologin.pam   2006-08-17 00:26:16.000000000 +0200
@@ -1,4 +1,4 @@
 #%PAM-1.0
-account   required   /lib/security/pam_unix.so
-session   required   /lib/security/pam_unix.so
+account   include    system-auth
+session   include    system-auth
 session   optional   /lib/security/pam_console.so
--- autologin-1.0.0/README.fred 2000-06-04 02:00:00.000000000 +0200
+++ autologin-1.0.0/README      2006-08-17 00:28:24.000000000 +0200
@@ -31,9 +31,7 @@
        specified above.
        If this setting is omitted, /usr/X11R6/bin/startx will be used.
 AUTOLOGIN={yes,no}
-       You can use this setting to turn off autologin even if it is
-       installed and the config file exists and is considered safe.
-       If this setting is omitted, "yes" is assumed.
+       If this setting is omitted, "no" is assumed.
 
 /etc/sysconfig/autologin must not be writable by anyone but root. If it is,
 it is detected as a possible cracking attempt and autologin will not run.
1	--- autologin-1.0.0/src/autologin.c.fred 2000-07-19 22:43:59.000000000 +0200
2	+++ autologin-1.0.0/src/autologin.c 2006-08-17 00:26:16.000000000 +0200
3	@@ -9,13 +9,16 @@
4	#include <errno.h>
5	#include <sys/types.h>
6	#include <sys/stat.h>
7	+#include <fcntl.h>
8	#include <pwd.h>
9	#define CONFIG "/etc/sysconfig/autologin"
10	-#define DEFAULT "/usr/X11R6/bin/startx"
11	+#define DEFAULT "/usr/bin/startx.autologin"
12	+#define _PATH_DEFPATH "/usr/X11R6/bin:/usr/local/bin:/bin:/usr/bin"
13
14	#ifdef HAVE_PAM
15	#include <security/pam_appl.h>
16	#include <sys/wait.h>
17	+#include <signal.h>
18	static int PAM_conv(int num_msg, const struct pam_message msg, struct pam_response resp, void *appdata_ptr)
19	{
20	/* We use PAM to authenticate for pam_console only, we don't need
21	@@ -27,6 +30,13 @@
22	&PAM_conv,
23	NULL
24	};
25	+
26	+static pid_t child;
27	+
28	+static void sigterm_handler(int val)
29	+{
30	+ kill(child, SIGTERM);
31	+}
32	#endif
33
34	char runthis[1024];
35	@@ -43,36 +53,36 @@
36	char dir, shell;
37	char *user=NULL;
38	char *cmd=NULL;
39	+ int outfd;
40	#ifdef HAVE_PAM
41	pam_handle_t *pamh;
42	- pid_t child;
43	int status;
44	#endif
45
46	runthis[0]=0; runthis[1023]=0;
47	if(getuid()) {
48	- puts("ERROR: This program needs to change user IDs; therefore, it must be run as root.");
49	+ puts("autologin ERROR: This program needs to change user IDs; therefore, it must be run as root.");
50	return 1;
51	}
52	if(stat(CONFIG, &st)) {
53	- perror("ERROR: Couldn't stat "CONFIG":");
54	+ perror("autologin ERROR: Couldn't stat "CONFIG":");
55	return 1;
56	}
57	if(st.st_mode & S_IWGRP) {
58	- puts("ERROR: "CONFIG" must not be group-writable!");
59	+ puts("autologin ERROR: "CONFIG" must not be group-writable!");
60	return 1;
61	}
62	if(st.st_mode & S_IWOTH) {
63	- puts("ERROR: "CONFIG" must not be world-writable!");
64	+ puts("autologin ERROR: "CONFIG" must not be world-writable!");
65	return 1;
66	}
67	if(st.st_uid \|\| st.st_gid) {
68	- puts("ERROR: "CONFIG" must be owned by user root, group root!");
69	+ puts("autologin ERROR: "CONFIG" must be owned by user root, group root!");
70	return 1;
71	}
72	f=fopen(CONFIG, "r");
73	if(!f) {
74	- perror("ERROR: Couldn't open "CONFIG":");
75	+ perror("autologin ERROR: Couldn't open "CONFIG":");
76	return 1;
77	}
78	cfg=(char *) malloc(st.st_size+1);
79	@@ -107,10 +117,9 @@
80	fclose(f);
81	free(cfg);
82	if(user==NULL) {
83	- puts("ERROR: Required variable USER= not found in "CONFIG".");
84	if(cmd)
85	free(cmd);
86	- return 1;
87	+ return 0;
88	}
89	if(cmd==NULL) /* Try a reasonable default... */
90	cmd=strdup(DEFAULT);
91	@@ -126,7 +135,7 @@
92	dir=strdup(pw->pw_dir);
93	shell=strdup(pw->pw_shell);
94	} else {
95	- printf("ERROR: No such user %s!\n", user);
96	+ printf("autologin ERROR: No such user %s!\n", user);
97	return 1;
98	}
99
100	@@ -138,6 +147,16 @@
101	}
102	#endif
103
104	+ outfd = open("/var/log/autologin.log", O_WRONLY \| O_CREAT);
105	+ close(1);
106	+ close(2);
107	+ dup2(outfd, 1);
108	+ dup2(outfd, 2);
109	+
110	+ setpgrp();
111	+ setsid();
112	+ initgroups(user, pw->pw_gid);
113	+
114	/* Take console ownership and satisfy PAM */
115	#ifdef HAVE_PAM
116	pam_start("autologin", user, &PAM_conversation, &pamh);
117	@@ -180,6 +199,7 @@
118	setenv("SHELL", shell, 1);
119	setenv("USER", user, 1);
120	setenv("LOGNAME", user, 1);
121	+ setenv("PATH", _PATH_DEFPATH, 1);
122
123	chdir(dir);
124	free(user);
125	@@ -191,6 +211,7 @@
126	return 2;
127	#ifdef HAVE_PAM
128	} else {
129	+ signal(SIGTERM, sigterm_handler);
130	waitpid(child, &status, 0);
131	pam_close_session(pamh, 0);
132	pam_end(pamh, PAM_SUCCESS);
133	--- autologin-1.0.0/src/autologin.pam.fred 2000-07-19 20:57:49.000000000 +0200
134	+++ autologin-1.0.0/src/autologin.pam 2006-08-17 00:26:16.000000000 +0200
135	@@ -1,4 +1,4 @@
136	#%PAM-1.0
137	-account required /lib/security/pam_unix.so
138	-session required /lib/security/pam_unix.so
139	+account include system-auth
140	+session include system-auth
141	session optional /lib/security/pam_console.so
142	--- autologin-1.0.0/README.fred 2000-06-04 02:00:00.000000000 +0200
143	+++ autologin-1.0.0/README 2006-08-17 00:28:24.000000000 +0200
144	@@ -31,9 +31,7 @@
145	specified above.
146	If this setting is omitted, /usr/X11R6/bin/startx will be used.
147	AUTOLOGIN={yes,no}
148	- You can use this setting to turn off autologin even if it is
149	- installed and the config file exists and is considered safe.
150	- If this setting is omitted, "yes" is assumed.
151	+ If this setting is omitted, "no" is assumed.
152
153	/etc/sysconfig/autologin must not be writable by anyone but root. If it is,
154	it is detected as a possible cracking attempt and autologin will not run.