1 /* vi: set sw=4 ts=4: */
10 #include <sys/resource.h>
13 #include <sys/types.h>
21 #define SULOGIN_PROMPT "\nGive root password for system maintenance\n" \
22 "(or type Control-D for normal startup):"
24 static const char * const forbid[] = {
33 "LD_TRACE_LOADED_OBJECTS",
35 "LD_AOUT_LIBRARY_PATH",
44 static void catchalarm(int junk)
50 extern int sulogin_main(int argc, char **argv)
53 char *device = (char *) 0;
54 const char *name = "root";
57 #define pass bb_common_bufsiz1
62 const char * const *p;
63 #ifdef CONFIG_FEATURE_SHADOWPASSWDS
64 struct spwd *spwd = NULL;
65 #endif /* CONFIG_FEATURE_SHADOWPASSWDS */
67 openlog("sulogin", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
69 if (strncmp(argv[1], "-t", 2) == 0) {
70 if (strcmp(argv[1], "-t") == 0) {
72 timeout = atoi(argv[2]);
89 if (open(device, O_RDWR) >= 0) {
93 syslog(LOG_WARNING, "cannot open %s\n", device);
98 if (access(bb_path_passwd_file, 0) == -1) {
99 syslog(LOG_WARNING, "No password file\n");
100 bb_error_msg_and_die("No password file\n");
102 if (!isatty(0) || !isatty(1) || !isatty(2)) {
107 /* Clear out anything dangerous from the environment */
108 for (p = forbid; *p; p++)
112 signal(SIGALRM, catchalarm);
113 if (!(pwd = getpwnam(name))) {
114 syslog(LOG_WARNING, "No password entry for `root'\n");
115 bb_error_msg_and_die("No password entry for `root'\n");
118 #ifdef CONFIG_FEATURE_SHADOWPASSWDS
120 if (pwd && ((strcmp(pwd->pw_passwd, "x") == 0)
121 || (strcmp(pwd->pw_passwd, "*") == 0))) {
123 spwd = getspnam(name);
125 pwent.pw_passwd = spwd->sp_pwdp;
128 #endif /* CONFIG_FEATURE_SHADOWPASSWDS */
130 cp = bb_askpass(timeout, SULOGIN_PROMPT);
134 syslog(LOG_INFO, "Normal startup\n");
137 safe_strncpy(pass, cp, sizeof(pass));
138 bzero(cp, strlen(cp));
140 if (strcmp(pw_encrypt(pass, pwent.pw_passwd), pwent.pw_passwd) == 0) {
145 while (difftime(now, start) < FAIL_DELAY) {
149 puts("Login incorrect");
151 syslog(LOG_WARNING, "Incorrect root password\n");
153 bzero(pass, strlen(pass));
154 signal(SIGALRM, SIG_DFL);
155 puts("Entering System Maintenance Mode\n");
157 syslog(LOG_INFO, "System Maintenance Mode\n");
159 #ifdef CONFIG_SELINUX
160 renew_current_security_context();
163 run_shell(pwent.pw_shell, 1, 0, 0);