1 /* vi: set sw=4 ts=4: */
3 * vlock implementation for busybox
5 * Copyright (C) 2000 by spoon <spoon@ix.netcom.com>
6 * Written by spoon <spon@ix.netcom.com>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24 /* Shoutz to Michael K. Johnson <johnsonm@redhat.com>, author of the
25 * original vlock. I snagged a bunch of his code to write this
28 /* Fixed by Erik Andersen to do passwords the tinylogin way...
29 * It now works with md5, sha1, etc passwords. */
38 #include <sys/ioctl.h>
43 static struct passwd *pw;
44 static struct spwd *spw;
45 static struct vt_mode ovtm;
46 static struct termios oterm;
48 static int o_lock_all = 0;
50 /* getspuid - get a shadow entry by uid */
51 struct spwd *getspuid(uid_t uid)
56 if ((mypw = getpwuid(getuid())) == NULL) {
60 while ((sp = getspent()) != NULL) {
61 if (strcmp(mypw->pw_name, sp->sp_namp) == 0)
68 static void release_vt(int signo)
71 ioctl(vfd, VT_RELDISP, 1);
73 ioctl(vfd, VT_RELDISP, 0);
76 static void acquire_vt(int signo)
78 ioctl(vfd, VT_RELDISP, VT_ACKACQ);
81 static void restore_terminal(void)
83 ioctl(vfd, VT_SETMODE, &ovtm);
84 tcsetattr(STDIN_FILENO, TCSANOW, &oterm);
87 extern int vlock_main(int argc, char **argv)
100 if (strncmp(argv[1], "-a", 2)) {
107 if ((pw = getpwuid(getuid())) == NULL) {
108 error_msg_and_die("no password for uid %d\n", getuid());
110 #ifdef CONFIG_FEATURE_SHADOWPASSWDS
111 if ((strcmp(pw->pw_passwd, "x") == 0)
112 || (strcmp(pw->pw_passwd, "*") == 0)) {
114 if ((spw = getspuid(getuid())) == NULL) {
115 error_msg_and_die("could not read shadow password for uid %d: %s\n",
116 getuid(), strerror(errno));
119 pw->pw_passwd = spw->sp_pwdp;
122 #endif /* CONFIG_FEATURE_SHADOWPASSWDS */
123 if (pw->pw_passwd[0] == '!' || pw->pw_passwd[0] == '*') {
124 error_msg_and_die("Account disabled for uid %d\n", getuid());
127 /* we no longer need root privs */
131 if ((vfd = open("/dev/tty", O_RDWR)) < 0) {
132 error_msg_and_die("/dev/tty");
135 if (ioctl(vfd, VT_GETMODE, &vtm) < 0) {
136 error_msg_and_die("/dev/tty");
139 /* mask a bunch of signals */
140 sigprocmask(SIG_SETMASK, NULL, &sig);
141 sigdelset(&sig, SIGUSR1);
142 sigdelset(&sig, SIGUSR2);
143 sigaddset(&sig, SIGTSTP);
144 sigaddset(&sig, SIGTTIN);
145 sigaddset(&sig, SIGTTOU);
146 sigaddset(&sig, SIGHUP);
147 sigaddset(&sig, SIGCHLD);
148 sigaddset(&sig, SIGQUIT);
149 sigaddset(&sig, SIGINT);
151 sigemptyset(&(sa.sa_mask));
152 sa.sa_flags = SA_RESTART;
153 sa.sa_handler = release_vt;
154 sigaction(SIGUSR1, &sa, NULL);
155 sa.sa_handler = acquire_vt;
156 sigaction(SIGUSR2, &sa, NULL);
158 /* need to handle some signals so that we don't get killed by them */
159 sa.sa_handler = SIG_IGN;
160 sigaction(SIGHUP, &sa, NULL);
161 sigaction(SIGQUIT, &sa, NULL);
162 sigaction(SIGINT, &sa, NULL);
163 sigaction(SIGTSTP, &sa, NULL);
166 vtm.mode = VT_PROCESS;
167 vtm.relsig = SIGUSR1;
168 vtm.acqsig = SIGUSR2;
169 ioctl(vfd, VT_SETMODE, &vtm);
171 tcgetattr(STDIN_FILENO, &oterm);
173 term.c_iflag &= ~BRKINT;
174 term.c_iflag |= IGNBRK;
175 term.c_lflag &= ~ISIG;
176 term.c_lflag &= ~(ECHO | ECHOCTL);
177 tcsetattr(STDIN_FILENO, TCSANOW, &term);
180 char *pass, *crypt_pass;
184 printf("All Virtual Consoles locked.\n");
186 printf("This Virtual Console locked.\n");
190 snprintf(prompt, 100, "%s's password: ", pw->pw_name);
192 if ((pass = getpass(prompt)) == NULL) {
198 crypt_pass = pw_encrypt(pass, pw->pw_passwd);
199 if (strncmp(crypt_pass, pw->pw_passwd, sizeof(crypt_pass)) == 0) {
200 memset(pass, 0, strlen(pass));
201 memset(crypt_pass, 0, strlen(crypt_pass));
205 memset(pass, 0, strlen(pass));
206 memset(crypt_pass, 0, strlen(crypt_pass));
208 if (isatty(STDIN_FILENO) == 0) {
215 printf("Password incorrect.\n");
225 c-file-style: "linux"