1 /* vi: set sw=4 ts=4: */
3 * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
14 #include <sys/resource.h>
16 #include <sys/types.h>
23 #define SULOGIN_PROMPT "\nGive root password for system maintenance\n" \
24 "(or type Control-D for normal startup):"
26 static const char * const forbid[] = {
35 "LD_TRACE_LOADED_OBJECTS",
37 "LD_AOUT_LIBRARY_PATH",
46 static void catchalarm(int ATTRIBUTE_UNUSED junk)
52 int sulogin_main(int argc, char **argv)
56 const char *name = "root";
59 #define pass bb_common_bufsiz1
63 const char * const *p;
64 #if ENABLE_FEATURE_SHADOWPASSWDS
65 struct spwd *spwd = NULL;
68 openlog("sulogin", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH);
70 if (strncmp(argv[1], "-t", 2) == 0) {
71 if (argv[1][2] == '\0') { /* -t NN */
73 timeout = atoi(argv[2]);
79 timeout = atoi(&argv[1][2]);
91 if (open(device, O_RDWR) == 0) {
95 syslog(LOG_WARNING, "cannot open %s\n", device);
100 if (access(bb_path_passwd_file, 0) == -1) {
101 syslog(LOG_WARNING, "No password file\n");
102 bb_error_msg_and_die("No password file\n");
104 if (!isatty(0) || !isatty(1) || !isatty(2)) {
109 /* Clear out anything dangerous from the environment */
110 for (p = forbid; *p; p++)
114 signal(SIGALRM, catchalarm);
115 if (!(pwd = getpwnam(name))) {
116 syslog(LOG_WARNING, "No password entry for `root'\n");
117 bb_error_msg_and_die("No password entry for `root'\n");
120 #if ENABLE_FEATURE_SHADOWPASSWDS
122 if (pwd && ((strcmp(pwd->pw_passwd, "x") == 0)
123 || (strcmp(pwd->pw_passwd, "*") == 0))) {
125 spwd = getspnam(name);
127 pwent.pw_passwd = spwd->sp_pwdp;
132 cp = bb_askpass(timeout, SULOGIN_PROMPT);
136 syslog(LOG_INFO, "Normal startup\n");
139 safe_strncpy(pass, cp, sizeof(pass));
140 memset(cp, 0, strlen(cp));
142 if (strcmp(pw_encrypt(pass, pwent.pw_passwd), pwent.pw_passwd) == 0) {
145 bb_do_delay(FAIL_DELAY);
146 puts("Login incorrect");
148 syslog(LOG_WARNING, "Incorrect root password\n");
150 memset(pass, 0, strlen(pass));
151 signal(SIGALRM, SIG_DFL);
152 puts("Entering System Maintenance Mode\n");
154 syslog(LOG_INFO, "System Maintenance Mode\n");
157 renew_current_security_context();
160 run_shell(pwent.pw_shell, 1, 0, 0);