- set_current_security_context(user_sid);
-#endif
- run_shell(tmp, 1, 0, 0); /* exec the shell finally. */
-
- return EXIT_FAILURE;
-}
-
-
-static int login_prompt(char *buf_name)
-{
- char buf[1024];
- char *sp, *ep;
- int i;
-
- for (i=0; i<EMPTY_USERNAME_COUNT; i++) {
- print_login_prompt();
-
- if (!fgets(buf, sizeof(buf)-1, stdin))
- return 0;
-
- if (!strchr(buf, '\n'))
- return 0;
-
- for (sp = buf; isspace(*sp); sp++) { }
- for (ep = sp; isgraph(*ep); ep++) { }
-
- *ep = '\0';
- safe_strncpy(buf_name, sp, USERNAME_SIZE);
- if (buf_name[0])
- return 1;
- }
- return 0;
-}
-
-
-static int check_nologin(int amroot)
-{
- if (access(bb_path_nologin_file, F_OK) == 0) {
- FILE *fp;
- int c;
-
- fp = fopen(bb_path_nologin_file, "r");
- if (fp) {
- while ((c = getc(fp)) != EOF)
- putchar((c=='\n') ? '\r' : c);
-
- fflush(stdout);
- fclose(fp);
- } else {
- puts("\r\nSystem closed for routine maintenance.\r");
- }
- if (!amroot)
- return 1;
-
- puts("\r\n[Disconnect bypassed -- root login allowed.]\r");
- }
- return 0;
-}
-
-#ifdef CONFIG_FEATURE_SECURETTY
-
-static int check_tty(const char *tty)
-{
- FILE *fp;
- int i;
- char buf[BUFSIZ];
-
- fp = fopen(bb_path_securetty_file, "r");
- if (fp) {
- while (fgets(buf, sizeof(buf)-1, fp)) {
- for(i = strlen(buf)-1; i>=0; --i) {
- if (!isspace(buf[i]))
- break;
- }
- buf[++i] = '\0';
- if ((buf[0]=='\0') || (buf[0]=='#'))
- continue;
-
- if (strcmp(buf, tty)== 0) {
- fclose(fp);
- return 1;
- }
- }
- fclose(fp);
- return 0;
- }
- /* A missing securetty file is not an error. */
- return 1;
-}
-
-#endif
-
-/* returns 1 if true */
-static int is_my_tty(const char *tty)
-{
- struct stat by_name, by_fd;
-
- if (stat(tty, &by_name) || fstat(0, &by_fd))
- return 0;
-
- if (by_name.st_rdev != by_fd.st_rdev)
- return 0;
- else
- return 1;
-}
-
-
-static void motd(void)
-{
- FILE *fp;
- int c;
-
- fp = fopen(bb_path_motd_file, "r");
- if (fp) {
- while ((c = getc(fp)) != EOF)
- putchar(c);
- fclose(fp);
- }
-}
-
-
-#ifdef CONFIG_FEATURE_UTMP
-// vv Taken from tinylogin utmp.c vv
-
-#define NO_UTENT \
- "No utmp entry. You must exec \"login\" from the lowest level \"sh\""
-#define NO_TTY \
- "Unable to determine your tty name."
-
-/*
- * checkutmp - see if utmp file is correct for this process
- *
- * System V is very picky about the contents of the utmp file
- * and requires that a slot for the current process exist.
- * The utmp file is scanned for an entry with the same process
- * ID. If no entry exists the process exits with a message.
- *
- * The "picky" flag is for network and other logins that may
- * use special flags. It allows the pid checks to be overridden.
- * This means that getty should never invoke login with any
- * command line flags.
- */
-
-static void checkutmp(int picky)
-{
- char *line;
- struct utmp *ut;
- pid_t pid = getpid();
-
- setutent();
-
- /* First, try to find a valid utmp entry for this process. */
- while ((ut = getutent()))
- if (ut->ut_pid == pid && ut->ut_line[0] && ut->ut_id[0] &&
- (ut->ut_type == LOGIN_PROCESS || ut->ut_type == USER_PROCESS))
- break;
-
- /* If there is one, just use it, otherwise create a new one. */
- if (ut) {
- utent = *ut;
- } else {
- time_t t_tmp;
-
- if (picky) {
- puts(NO_UTENT);
- exit(1);
- }
- line = ttyname(0);
- if (!line) {
- puts(NO_TTY);
- exit(1);
- }
- if (strncmp(line, "/dev/", 5) == 0)
- line += 5;
- memset(&utent, 0, sizeof(utent));
- utent.ut_type = LOGIN_PROCESS;
- utent.ut_pid = pid;
- strncpy(utent.ut_line, line, sizeof(utent.ut_line));
- /* XXX - assumes /dev/tty?? */
- strncpy(utent.ut_id, utent.ut_line + 3, sizeof(utent.ut_id));
- strncpy(utent.ut_user, "LOGIN", sizeof(utent.ut_user));
- t_tmp = (time_t)utent.ut_time;
- time(&t_tmp);
- }
-}
-
-/*
- * setutmp - put a USER_PROCESS entry in the utmp file
- *
- * setutmp changes the type of the current utmp entry to
- * USER_PROCESS. the wtmp file will be updated as well.
- */
-
-static void setutmp(const char *name, const char *line ATTRIBUTE_UNUSED)
-{
- time_t t_tmp = (time_t)utent.ut_time;
-
- utent.ut_type = USER_PROCESS;
- strncpy(utent.ut_user, name, sizeof(utent.ut_user));
- time(&t_tmp);
- /* other fields already filled in by checkutmp above */
- setutent();
- pututline(&utent);
- endutent();
-#ifdef CONFIG_FEATURE_WTMP
- if (access(bb_path_wtmp_file, R_OK|W_OK) == -1) {
- close(creat(bb_path_wtmp_file, 0664));
- }
- updwtmp(bb_path_wtmp_file, &utent);
-#endif
+ IF_SELINUX(set_current_security_context(user_sid);)
+
+ // util-linux login also does:
+ // /* start new session */
+ // setsid();
+ // /* TIOCSCTTY: steal tty from other process group */
+ // if (ioctl(0, TIOCSCTTY, 1)) error_msg...
+ // BBox login used to do this (see above):
+ // bb_setpgrp();
+ // If this stuff is really needed, add it and explain why!
+
+ /* Set signals to defaults */
+ /* Non-ignored signals revert to SIG_DFL on exec anyway */
+ /*signal(SIGALRM, SIG_DFL);*/
+
+ /* Is this correct? This way user can ctrl-c out of /etc/profile,
+ * potentially creating security breach (tested with bash 3.0).
+ * But without this, bash 3.0 will not enable ctrl-c either.
+ * Maybe bash is buggy?
+ * Need to find out what standards say about /bin/login -
+ * should we leave SIGINT etc enabled or disabled? */
+ signal(SIGINT, SIG_DFL);
+
+ /* Exec login shell with no additional parameters */
+ run_shell(tmp, 1, NULL, NULL);
+
+ /* return EXIT_FAILURE; - not reached */