Date: Mon, 8 Jul 2002 20:56:47 +0100 (BST) From: Richard Rose <rik+freebsd@little-black-kitty.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: bin/40355: /sbin/nologin is a shell script Message-ID: <20020708195647.F30948B801@lost.little-black-kitty.net>
next in thread | raw e-mail | index | archive | help
>Number: 40355
>Category: bin
>Synopsis: /sbin/nologin is a shell script
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jul 08 13:00:02 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator: Richard Rose
>Release: FreeBSD 4.6-RC i386
>Organization:
N/A
>Environment:
System: FreeBSD lost.little-black-kitty.net 4.6-RC FreeBSD 4.6-RC #1: Wed May 29 00:39:40 BST 2002 rik@lost.little-black-kitty.net:/usr/obj/usr/src/sys/LOST i386
>Description:
/sbin/nologin is a /bin/sh shell script, that could possibly be subverted
by putting commands in /etc/suid_profile.
>How-To-Repeat:
N/A
>Fix:
Use nologinmsg instead. This is source I have written, under a 2 clause
BSD licence. My intention is to contribute it to the FreeBSD project,
as a replacement for /sbin/nologin.
To install into the source tree, just unshar under src/sbin.
The following is the shar archive of the source.
# This is a shell archive. Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file". Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
# nologinmsg/Makefile
# nologinmsg/nologinmsg.c
# nologinmsg/nologinmsg.8
# nologinmsg/pathnames.h
#
echo x - nologinmsg/Makefile
sed 's/^X//' >nologinmsg/Makefile << 'END-of-nologinmsg/Makefile'
X# $Id: Makefile,v 1.1.1.1 2002/07/08 19:20:52 rik Exp $
X
XPROG= nologinmsg
XMAN= nologinmsg.8
X
X.include <bsd.prog.mk>
END-of-nologinmsg/Makefile
echo x - nologinmsg/nologinmsg.c
sed 's/^X//' >nologinmsg/nologinmsg.c << 'END-of-nologinmsg/nologinmsg.c'
X/*
X * nologinmsg.c - A slightly improved nologin that will return a configurable
X * message, depending on how it is called.
X *
X * Copyright (c) 2002
X * Richard Rose. All rights reserved.
X *
X * Redistribution and use in source and binary forms, with or without
X * modification, are permitted provided that the following conditions
X * are met:
X * 1. Redistributions of source code must retain the above copyright
X * notice, this list of conditions and the following disclaimer.
X * 2. Redistributions in binary form must reproduce the above copyright
X * notice, this list of conditions and the following disclaimer in the
X * documentation and/or other materials provided with the distribution.
X *
X * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
X * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
X * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN
X * NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
X * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
X * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
X * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
X * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
X * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
X * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
X *
X * $Id: nologinmsg.c,v 1.1.1.1 2002/07/08 19:20:52 rik Exp $
X *
X * rik
X */
X
X#include <sys/types.h>
X#include <sys/stat.h>
X#include <stdlib.h>
X#include <string.h>
X#include <unistd.h>
X#include <sysexits.h>
X#include <limits.h>
X#include <err.h>
X#include <fcntl.h>
X#include <syslog.h>
X
X#include "pathnames.h"
X
X#define NOLOGINMSG_NAME "nologinmsg"
X#define NOLOGINMSG_MSG "This account is currently not available.\n"
X
X/*
X * main - Program entry point.
X * Check how we are called. If it is not the way we expect, then search
X * the hard coded path for a file named with the name we are called with,
X * or, if that fails, the name of the user we are being run as, and print
X * that. After printing a message, quit.
X */
Xint main (void)
X{
X char messagePath[PATH_MAX];
X char msgbuf[1024]; /* Arbitrary constant */
X char *user, *device;
X int fd, nbytes;
X struct stat buf;
X
X user = getlogin();
X if (user == NULL)
X user = "UNKNOWN";
X
X device = ttyname(0);
X if (device == NULL)
X device = "UNKNOWN";
X
X openlog( "nologinmsg", LOG_CONS, LOG_AUTH );
X syslog( LOG_WARNING, "%.35s on %.35s", user, device);
X closelog();
X
X if (strcmp( getprogname(), NOLOGINMSG_NAME ) == 0){
X /*
X * Check for a user names message. If it exists and we can read it,
X * then print that, otherwise print the standard message
X */
X strncpy( messagePath, NOLOGINMSG_PATH, sizeof( messagePath ) );
X strncat( messagePath, getlogin(),
X sizeof( messagePath ) - strlen( getlogin() ) );
X
X if (stat( messagePath, &buf ) != 0)
X goto printStandard;
X
X if ((buf.st_mode & S_IFREG) == 0)
X goto printStandard;
X
X fd = open( messagePath, O_RDONLY );
X if (fd == -1)
X goto printStandard;
X
X goto printFile;
X }
X
X /*
X * We have been invoked by a different name. Check for a specific message
X * to print, and print it if we can, else print the standard message
X */
X strncpy( messagePath, NOLOGINMSG_PATH, sizeof( messagePath ) );
X strncat( messagePath, getprogname(),
X sizeof( messagePath ) - strlen( getprogname() ) );
X
X if (stat( messagePath, &buf ) != 0){
X write( STDERR_FILENO, NOLOGINMSG_MSG, sizeof( NOLOGINMSG_MSG ) - 1 );
X exit( EX_UNAVAILABLE );
X }
X
X if ((buf.st_mode & S_IFREG) == 0)
X goto printStandard;
X
X fd = open( messagePath, O_RDONLY );
X if (fd == -1)
X goto printStandard;
X
XprintFile:
X for (;;){
X nbytes = read( fd, msgbuf, sizeof( msgbuf ) );
X write( STDERR_FILENO, msgbuf, nbytes );
X if (nbytes < sizeof( msgbuf ))
X exit( EX_UNAVAILABLE );
X }
X
XprintStandard:
X write( STDERR_FILENO, NOLOGINMSG_MSG, sizeof( NOLOGINMSG_MSG ) - 1 );
X exit( EX_UNAVAILABLE );
X}
X
END-of-nologinmsg/nologinmsg.c
echo x - nologinmsg/nologinmsg.8
sed 's/^X//' >nologinmsg/nologinmsg.8 << 'END-of-nologinmsg/nologinmsg.8'
X.\" Copyright (c) 2002
X.\" Richard Rose. All Rights Reserved
X.\"
X.\" Redistribution and use in source and binary forms, with or without
X.\" modification, are permitted provided that the following conditions
X.\" are met:
X.\" 1. Redistributions of source code must retain the above copyright
X.\" notice, this list of conditions and the following disclaimer.
X.\" 2. Redistributions in binary form must reproduce the above copyright
X.\" notice, this list of conditions and the following disclaimer in the
X.\" documentation and/or other materials provided with the distribution.
X.\"
X.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
X.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
X.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
X.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
X.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
X.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
X.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
X.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
X.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
X.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
X.\" SUCH DAMAGE.
X.Dd July 8, 2002
X.Dt NOLOGINMSG 8
X.Os
X.Sh NAME
X.Nm nologinmsg
X.Nd politely refuse a login
X.Sh SYNOPSIS
X.Nm
X.Sh DESCRIPTION
X.Nm Nologinmsg
Xdisplays a message that an account is not availavle and
Xexits non-zero.
XIt is intended as a replacement shell field for accounts that
Xhave been disabled.
XIt can also print per-user messages, or special messages,
Xdepending on how it is called, or whether it can find a better
Xmessage to print.
X.Pp
XTo create a per-user message, put the text of the message in
X.Pa /etc/nologinmsgs/USER
Xfile. Its contents will be printed if the user names USER logs
Xin.
X.Pp
XTo create a message that can be used for a group of users,
Xcreate a symbolic link to a new name for the binary, and use
Xthat name. In the
X.Pa /etc/nologinmsgs/
Xdirectory, place a text file of the same name, with the text
Xyou want printed when a user with this shell name logs in.
X.Pp
XIf the program name is not nologinmsg, then that file name
Xis checked, and printed if that exists. If it does not, then
Xthe standard error is printed.
XIf the program name is nologinmsg, and a user named file exists
Xthen that file is printed if possible, if not, the standard
Xerror message exists.
XIn all other cases, the standard message is printed.
X.Pp
XTo disable all logins,
Xinvestigage
X.Xr nologin 5 .
X.Sh SEE ALSO
X.Xr login 1
X.Xr nologin 5
X.Xr nologin 8
X.Sh HISTORY
XThe
X.Nm
Xcommand was written by Richard Rose and contributed to the FreeBSD Project
XThis man page needs looking at and checking.
END-of-nologinmsg/nologinmsg.8
echo x - nologinmsg/pathnames.h
sed 's/^X//' >nologinmsg/pathnames.h << 'END-of-nologinmsg/pathnames.h'
X/*
X * For licence, see nologinmsg.c
X *
X * $Id: pathnames.h,v 1.1.1.1 2002/07/08 19:20:52 rik Exp $
X */
X
X#define NOLOGINMSG_PATH "/etc/nologinmsgs/"
END-of-nologinmsg/pathnames.h
exit
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020708195647.F30948B801>