1 /* vi: set sw=4 ts=4: */
3 * Mini sulogin implementation for busybox
5 * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
12 static const char forbid[] ALIGN1 =
19 "LD_LIBRARY_PATH" "\0"
21 "LD_TRACE_LOADED_OBJECTS" "\0"
23 "LD_AOUT_LIBRARY_PATH" "\0"
24 "LD_AOUT_PRELOAD" "\0"
28 //static void catchalarm(int ATTRIBUTE_UNUSED junk)
30 // exit(EXIT_FAILURE);
34 int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
35 int sulogin_main(int argc, char **argv)
43 #if ENABLE_FEATURE_SHADOWPASSWDS
44 /* Using _r function to avoid pulling in static buffers */
49 logmode = LOGMODE_BOTH;
50 openlog(applet_name, 0, LOG_AUTH);
52 if (getopt32(argv, "t:", &timeout_arg)) {
53 timeout = xatoi_u(timeout_arg);
59 dup(xopen(argv[optind], O_RDWR));
64 if (!isatty(0) || !isatty(1) || !isatty(2)) {
65 logmode = LOGMODE_SYSLOG;
66 bb_error_msg_and_die("not a tty");
69 /* Clear out anything dangerous from the environment */
76 // bb_askpass() already handles this
77 // signal(SIGALRM, catchalarm);
84 #if ENABLE_FEATURE_SHADOWPASSWDS
86 /* getspnam_r may return 0 yet set result to NULL.
87 * At least glibc 2.4 does this. Be extra paranoid here. */
88 struct spwd *result = NULL;
89 int r = getspnam_r(pwd->pw_name, &spw, buffer, sizeof(buffer), &result);
93 pwd->pw_passwd = result->sp_pwdp;
98 /* cp points to a static buffer that is zeroed every time */
99 cp = bb_askpass(timeout,
100 "Give root password for system maintenance\n"
101 "(or type Control-D for normal startup):");
104 bb_info_msg("Normal startup");
107 if (strcmp(pw_encrypt(cp, pwd->pw_passwd), pwd->pw_passwd) == 0) {
110 bb_do_delay(FAIL_DELAY);
111 bb_error_msg("login incorrect");
113 memset(cp, 0, strlen(cp));
114 // signal(SIGALRM, SIG_DFL);
116 bb_info_msg("System Maintenance Mode");
118 USE_SELINUX(renew_current_security_context());
120 shell = getenv("SUSHELL");
122 shell = getenv("sushell");
125 if (pwd->pw_shell[0])
126 shell = pwd->pw_shell;
128 /* Exec login shell with no additional parameters. Never returns. */
129 run_shell(shell, 1, NULL, NULL);
132 bb_error_msg_and_die("no password entry for root");