+ if (opt & LOGIN_OPT_f)
+ break; /* -f USER: success without asking passwd */
+
+ if (pw->pw_uid == 0 && !check_securetty())
+ goto auth_failed;
+
+ /* Don't check the password if password entry is empty (!) */
+ if (!pw->pw_passwd[0])
+ break;
+ fake_it:
+ /* authorization takes place here */
+ if (correct_password(pw))
+ break;
+#endif /* ENABLE_PAM */
+ auth_failed:
+ opt &= ~LOGIN_OPT_f;
+ bb_do_delay(FAIL_DELAY);
+ /* TODO: doesn't sound like correct English phrase to me */
+ puts("Login incorrect");
+ if (++count == 3) {
+ syslog(LOG_WARNING, "invalid password for '%s'%s",
+ username, fromhost);
+ return EXIT_FAILURE;
+ }
+ username[0] = '\0';
+ } /* while (1) */
+
+ alarm(0);
+ /* We can ignore /etc/nologin if we are logging in as root,
+ * it doesn't matter whether we are run by root or not */
+ if (pw->pw_uid != 0)
+ die_if_nologin();
+
+ write_utent(&utent, username);
+
+ IF_SELINUX(initselinux(username, full_tty, &user_sid));
+
+ /* Try these, but don't complain if they fail.
+ * _f_chown is safe wrt race t=ttyname(0);...;chown(t); */
+ fchown(0, pw->pw_uid, pw->pw_gid);
+ fchmod(0, 0600);
+
+ /* We trust environment only if we run by root */
+ if (ENABLE_LOGIN_SCRIPTS && run_by_root)
+ run_login_script(pw, full_tty);
+
+ change_identity(pw);
+ tmp = pw->pw_shell;
+ if (!tmp || !*tmp)
+ tmp = DEFAULT_SHELL;
+ /* setup_environment params: shell, clear_env, change_env, pw */
+ setup_environment(tmp, !(opt & LOGIN_OPT_p), 1, pw);
+
+ motd();
+
+ if (pw->pw_uid == 0)
+ syslog(LOG_INFO, "root login%s", fromhost);
+
+ /* well, a simple setexeccon() here would do the job as well,
+ * but let's play the game for now */
+ IF_SELINUX(set_current_security_context(user_sid);)
+
+ // util-linux login also does:
+ // /* start new session */
+ // setsid();
+ // /* TIOCSCTTY: steal tty from other process group */
+ // if (ioctl(0, TIOCSCTTY, 1)) error_msg...
+ // BBox login used to do this (see above):
+ // bb_setpgrp();
+ // If this stuff is really needed, add it and explain why!
+
+ /* Set signals to defaults */
+ /* Non-ignored signals revert to SIG_DFL on exec anyway */
+ /*signal(SIGALRM, SIG_DFL);*/
+
+ /* Is this correct? This way user can ctrl-c out of /etc/profile,
+ * potentially creating security breach (tested with bash 3.0).
+ * But without this, bash 3.0 will not enable ctrl-c either.
+ * Maybe bash is buggy?
+ * Need to find out what standards say about /bin/login -
+ * should we leave SIGINT etc enabled or disabled? */
+ signal(SIGINT, SIG_DFL);
+
+ /* Exec login shell with no additional parameters */
+ run_shell(tmp, 1, NULL, NULL);
+
+ /* return EXIT_FAILURE; - not reached */