1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 /*
27 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
28 * Use is subject to license terms.
29 */
30
31 /*
32 * Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T
33 * All rights reserved.
34 *
35 * Copyright (c) 1987, 1988 Microsoft Corporation.
36 * All rights reserved.
37 */
38
39 /*
40 * sulogin - special login program exec'd from init to let user
41 * come up single user, or go to default init state straight away.
42 *
43 * Explain the scoop to the user, prompt for an authorized user
44 * name or ^D and then prompt for password or ^D. If the password
45 * is correct, check if the user is authorized, if so enter
46 * single user. ^D exits sulogin, and init will go to default init state.
47 *
48 * If /etc/passwd is missing, or there's no entry for root,
49 * go single user, no questions asked.
50 */
51
52 #include <sys/types.h>
53 #include <sys/stat.h>
54 #include <sys/param.h>
55 #include <sys/sysmsg_impl.h>
56 #include <sys/mkdev.h>
57 #include <sys/resource.h>
58 #include <sys/uadmin.h>
59 #include <sys/wait.h>
60 #include <sys/stermio.h>
61 #include <fcntl.h>
62 #include <termio.h>
63 #include <pwd.h>
64 #include <shadow.h>
65 #include <stdlib.h>
66 #include <stdio.h>
67 #include <signal.h>
68 #include <siginfo.h>
69 #include <utmpx.h>
70 #include <unistd.h>
71 #include <ucontext.h>
72 #include <string.h>
73 #include <strings.h>
74 #include <deflt.h>
75 #include <limits.h>
76 #include <errno.h>
77 #include <crypt.h>
78 #include <auth_attr.h>
79 #include <auth_list.h>
80 #include <nss_dbdefs.h>
81 #include <user_attr.h>
82 #include <sys/vt.h>
83 #include <sys/kd.h>
84
85 /*
86 * Intervals to sleep after failed login
87 */
88 #ifndef SLEEPTIME
89 #define SLEEPTIME 4 /* sleeptime before login incorrect msg */
90 #endif
91
92 #define SLEEPTIME_MAX 5 /* maximum sleeptime */
93
94 /*
95 * the name of the file containing the login defaults we deliberately
96 * use the same file as login(1)
97 */
98
99 #define DEFAULT_LOGIN "/etc/default/login"
100 #define DEFAULT_SULOGIN "/etc/default/sulogin"
101 #define DEFAULT_CONSOLE "/dev/console"
102
103 static char shell[] = "/sbin/sh";
104 static char su[] = "/sbin/su.static";
105 static int sleeptime = SLEEPTIME;
106 static int nchild = 0;
107 static pid_t pidlist[10];
108 static pid_t masterpid = 0;
109 static pid_t originalpid = 0;
110 static struct sigaction sa;
111 static struct termio ttymodes;
112
113 static char *findttyname(int fd);
114 static char *stripttyname(char *);
115 static char *sulogin_getinput(char *, int);
116 static void noop(int);
117 static void single(const char *, char *);
118 static void main_loop(char *, boolean_t);
119 static void parenthandler();
120 static void termhandler(int);
121 static void setupsigs(void);
122 static int pathcmp(char *, char *);
123 static void doit(char *, char *);
124 static void childcleanup(int);
125
126 #define ECHOON 0
127 #define ECHOOFF 1
128
129 /* ARGSUSED */
130 int
131 main(int argc, char **argv)
132 {
133 struct spwd *shpw;
134 int passreq = B_TRUE;
135 int flags;
136 int fd;
137 char *infop, *ptr, *p;
138 pid_t pid;
139 int bufsize;
140 struct stat st;
141 char cttyname[100];
142 char namedlist[500];
143 char scratchlist[500];
144 dev_t cttyd;
145
146 if (geteuid() != 0) {
147 (void) fprintf(stderr, "%s: must be root\n", argv[0]);
148 return (EXIT_FAILURE);
149 }
150
151 /* Do the magic to determine the children */
152 if ((fd = open(SYSMSG, 0)) < 0)
153 return (EXIT_FAILURE);
154
155 /*
156 * If the console supports the CIOCTTYCONSOLE ioctl, then fetch
157 * its console device list. If not, then we use the default
158 * console name.
159 */
160 if (ioctl(fd, CIOCTTYCONSOLE, &cttyd) == 0) {
161 if ((bufsize = ioctl(fd, CIOCGETCONSOLE, NULL)) < 0)
162 return (EXIT_FAILURE);
163
164 if (bufsize > 0) {
165 if ((infop = calloc(bufsize, sizeof (char))) == NULL)
166 return (EXIT_FAILURE);
167
168 if (ioctl(fd, CIOCGETCONSOLE, infop) < 0)
169 return (EXIT_FAILURE);
170
171 (void) snprintf(namedlist, sizeof (namedlist), "%s %s",
172 DEFAULT_CONSOLE, infop);
173 } else
174 (void) snprintf(namedlist, sizeof (namedlist), "%s",
175 DEFAULT_CONSOLE);
176 } else {
177 (void) snprintf(namedlist, sizeof (namedlist), "%s",
178 DEFAULT_CONSOLE);
179 cttyd = NODEV;
180 }
181
182 /*
183 * The attempt to turn the controlling terminals dev_t into a string
184 * may not be successful, thus leaving the variable cttyname as a
185 * NULL. This occurs if during boot we find
186 * the root partition (or some other partition)
187 * requires manual fsck, thus resulting in sulogin
188 * getting invoked. The ioctl for CIOCTTYCONSOLE
189 * called above returned NODEV for cttyd
190 * in these cases. NODEV gets returned when the vnode pointer
191 * in our session structure is NULL. In these cases it
192 * must be assumed that the default console is used.
193 *
194 * See uts/common/os/session.c:cttydev().
195 */
196 (void) strcpy(cttyname, DEFAULT_CONSOLE);
197 (void) strcpy(scratchlist, namedlist);
198 ptr = scratchlist;
199 while (ptr != NULL) {
200 p = strchr(ptr, ' ');
201 if (p == NULL) {
202 if (stat(ptr, &st))
203 return (EXIT_FAILURE);
204 if (st.st_rdev == cttyd)
205 (void) strcpy(cttyname, ptr);
206 break;
207 }
208 *p++ = '\0';
209 if (stat(ptr, &st))
210 return (EXIT_FAILURE);
211 if (st.st_rdev == cttyd) {
212 (void) strcpy(cttyname, ptr);
213 break;
214 }
215 ptr = p;
216 }
217
218 /*
219 * Use the same value of SLEEPTIME that login(1) uses. This
220 * is obtained by reading the file /etc/default/login using
221 * the def*() functions.
222 */
223
224 if (defopen(DEFAULT_LOGIN) == 0) {
225
226 /* ignore case */
227
228 flags = defcntl(DC_GETFLAGS, 0);
229 TURNOFF(flags, DC_CASE);
230 (void) defcntl(DC_SETFLAGS, flags);
231
232 if ((ptr = defread("SLEEPTIME=")) != NULL)
233 sleeptime = atoi(ptr);
234
235 if (sleeptime < 0 || sleeptime > SLEEPTIME_MAX)
236 sleeptime = SLEEPTIME;
237
238 (void) defopen(NULL); /* closes DEFAULT_LOGIN */
239 }
240
241 /*
242 * Use our own value of PASSREQ, separate from the one login(1) uses.
243 * This is obtained by reading the file /etc/default/sulogin using
244 * the def*() functions.
245 */
246
247 if (defopen(DEFAULT_SULOGIN) == 0) {
248 if ((ptr = defread("PASSREQ=")) != NULL)
249 if (strcmp("NO", ptr) == 0)
250 passreq = B_FALSE;
251
252 (void) defopen(NULL); /* closes DEFAULT_SULOGIN */
253 }
254
255 if (passreq == B_FALSE)
256 single(shell, NULL);
257
258 /*
259 * if no 'root' entry in /etc/shadow, give maint. mode single
260 * user shell prompt
261 */
262 setspent();
263 if ((shpw = getspnam("root")) == NULL) {
264 (void) fprintf(stderr, "\n*** Unable to retrieve `root' entry "
265 "in shadow password file ***\n\n");
266 single(shell, NULL);
267 }
268 endspent();
269 /*
270 * if no 'root' entry in /etc/passwd, give maint. mode single
271 * user shell prompt
272 */
273 setpwent();
274 if (getpwnam("root") == NULL) {
275 (void) fprintf(stderr, "\n*** Unable to retrieve `root' entry "
276 "in password file ***\n\n");
277 single(shell, NULL);
278 }
279 endpwent();
280 /* process with controlling tty treated special */
281 if ((pid = fork()) != (pid_t)0) {
282 if (pid == -1)
283 return (EXIT_FAILURE);
284 else {
285 setupsigs();
286 masterpid = pid;
287 originalpid = getpid();
288 /*
289 * init() was invoked from a console that was not
290 * the default console, nor was it an auxiliary.
291 */
292 if (cttyname[0] == NULL)
293 termhandler(0);
294 /* Never returns */
295
296 main_loop(cttyname, B_TRUE);
297 /* Never returns */
298 }
299 }
300 masterpid = getpid();
301 originalpid = getppid();
302 pidlist[nchild++] = originalpid;
303
304 sa.sa_handler = childcleanup;
305 sa.sa_flags = 0;
306 (void) sigemptyset(&sa.sa_mask);
307 (void) sigaction(SIGTERM, &sa, NULL);
308 (void) sigaction(SIGHUP, &sa, NULL);
309 sa.sa_handler = parenthandler;
310 sa.sa_flags = SA_SIGINFO;
311 (void) sigemptyset(&sa.sa_mask);
312 (void) sigaction(SIGUSR1, &sa, NULL);
313
314 sa.sa_handler = SIG_IGN;
315 sa.sa_flags = 0;
316 (void) sigemptyset(&sa.sa_mask);
317 (void) sigaction(SIGCHLD, &sa, NULL);
318 /*
319 * If there isn't a password on root, then don't permit
320 * the fanout capability of sulogin.
321 */
322 if (*shpw->sp_pwdp != '\0') {
323 ptr = namedlist;
324 while (ptr != NULL) {
325 p = strchr(ptr, ' ');
326 if (p == NULL) {
327 doit(ptr, cttyname);
328 break;
329 }
330 *p++ = '\0';
331 doit(ptr, cttyname);
332 ptr = p;
333 }
334 }
335 if (pathcmp(cttyname, DEFAULT_CONSOLE) != 0) {
336 if ((pid = fork()) == (pid_t)0) {
337 setupsigs();
338 main_loop(DEFAULT_CONSOLE, B_FALSE);
339 } else if (pid == -1)
340 return (EXIT_FAILURE);
341 pidlist[nchild++] = pid;
342 }
343 /*
344 * When parent is all done, it pauses until one of its children
345 * signals that its time to kill the underpriviledged.
346 */
347 (void) wait(NULL);
348
349 return (0);
350 }
351
352 /*
353 * These flags are taken from stty's "sane" table entries in
354 * usr/src/cmd/ttymon/sttytable.c
355 */
356 #define SET_IFLAG (BRKINT|IGNPAR|ISTRIP|ICRNL|IXON|IMAXBEL)
357 #define RESET_IFLAG (IGNBRK|PARMRK|INPCK|INLCR|IGNCR|IUCLC|IXOFF|IXANY)
358 #define SET_OFLAG (OPOST|ONLCR)
359 #define RESET_OFLAG (OLCUC|OCRNL|ONOCR|ONLRET|OFILL|OFDEL| \
360 NLDLY|CRDLY|TABDLY|BSDLY|VTDLY|FFDLY)
361 #define SET_LFLAG (ISIG|ICANON|IEXTEN|ECHO|ECHOK|ECHOE|ECHOKE|ECHOCTL)
362 #define RESET_LFLAG (XCASE|ECHONL|NOFLSH|STFLUSH|STWRAP|STAPPL)
363
364 /*
365 * Do the equivalent of 'stty sane' on the terminal since we don't know
366 * what state it was in on startup.
367 */
368 static void
369 sanitize_tty(int fd)
370 {
371 (void) ioctl(fd, TCGETA, &ttymodes);
372 ttymodes.c_iflag &= ~RESET_IFLAG;
373 ttymodes.c_iflag |= SET_IFLAG;
374 ttymodes.c_oflag &= ~RESET_OFLAG;
375 ttymodes.c_oflag |= SET_OFLAG;
376 ttymodes.c_lflag &= ~RESET_LFLAG;
377 ttymodes.c_lflag |= SET_LFLAG;
378 ttymodes.c_cc[VERASE] = CERASE;
379 ttymodes.c_cc[VKILL] = CKILL;
380 ttymodes.c_cc[VQUIT] = CQUIT;
381 ttymodes.c_cc[VINTR] = CINTR;
382 ttymodes.c_cc[VEOF] = CEOF;
383 ttymodes.c_cc[VEOL] = CNUL;
384 (void) ioctl(fd, TCSETAF, &ttymodes);
385 }
386
387 /*
388 * Fork a child of sulogin for each of the auxiliary consoles.
389 */
390 static void
391 doit(char *ptr, char *cttyname)
392 {
393 pid_t pid;
394
395 if (pathcmp(ptr, DEFAULT_CONSOLE) != 0 &&
396 pathcmp(ptr, cttyname) != 0) {
397 if ((pid = fork()) == (pid_t)0) {
398 setupsigs();
399 main_loop(ptr, B_FALSE);
400 } else if (pid == -1)
401 exit(EXIT_FAILURE);
402 pidlist[nchild++] = pid;
403 }
404 }
405
406 static int
407 pathcmp(char *adev, char *bdev)
408 {
409 struct stat st1;
410 struct stat st2;
411
412 if (adev == NULL || bdev == NULL)
413 return (1);
414
415 if (strcmp(adev, bdev) == 0)
416 return (0);
417
418 if (stat(adev, &st1) || !S_ISCHR(st1.st_mode))
419 return (1);
420
421 if (stat(bdev, &st2) || !S_ISCHR(st2.st_mode))
422 return (1);
423
424 if (st1.st_rdev == st2.st_rdev)
425 return (0);
426
427 return (1);
428 }
429
430 /* Handlers for the children at initialization */
431 static void
432 setupsigs()
433 {
434 sa.sa_handler = noop;
435 sa.sa_flags = 0;
436 (void) sigemptyset(&sa.sa_mask);
437 (void) sigaction(SIGINT, &sa, NULL);
438 (void) sigaction(SIGQUIT, &sa, NULL);
439
440 sa.sa_handler = termhandler;
441 sa.sa_flags = 0;
442 (void) sigemptyset(&sa.sa_mask);
443 (void) sigaction(SIGTERM, &sa, NULL);
444 (void) sigaction(SIGKILL, &sa, NULL);
445 (void) sigaction(SIGHUP, &sa, NULL);
446 }
447
448 static void
449 main_loop(char *devname, boolean_t cttyflag)
450 {
451 int fd, fb, i;
452 char *user = NULL; /* authorized user */
453 char *pass; /* password from user */
454 char *cpass; /* crypted password */
455 struct spwd spwd;
456 struct spwd *lshpw; /* local shadow */
457 char shadow[NSS_BUFLEN_SHADOW];
458 FILE *sysmsgfd;
459
460 for (i = 0; i < 3; i++)
461 (void) close(i);
462 if (cttyflag == B_FALSE) {
463 if (setsid() == -1)
464 exit(EXIT_FAILURE);
465 }
466 if ((fd = open(devname, O_RDWR)) < 0)
467 exit(EXIT_FAILURE);
468
469 /*
470 * In system maintenance mode, all virtual console instances
471 * of the svc:/system/console-login service are not available
472 * any more, and only the system console is available. So here
473 * we always switch to the system console in case at the moment
474 * the active console isn't it.
475 */
476 (void) ioctl(fd, VT_ACTIVATE, 1);
477
478 if (fd != 0)
479 (void) dup2(fd, STDIN_FILENO);
480 if (fd != 1)
481 (void) dup2(fd, STDOUT_FILENO);
482 if (fd != 2)
483 (void) dup2(fd, STDERR_FILENO);
484 if (fd > 2)
485 (void) close(fd);
486
487 /* Stop progress bar and reset console mode to text */
488 if ((fb = open("/dev/fb", O_RDONLY)) >= 0) {
489 (void) ioctl(fb, KDSETMODE, KD_RESETTEXT);
490 (void) close(fb);
491 }
492
493 sysmsgfd = fopen("/dev/sysmsg", "w");
494
495 sanitize_tty(fileno(stdin));
496
497 for (;;) {
498 do {
499 (void) printf("\nEnter user name for system "
500 "maintenance (control-d to bypass): ");
501 user = sulogin_getinput(devname, ECHOON);
502 if (user == NULL) {
503 /* signal other children to exit */
504 (void) sigsend(P_PID, masterpid, SIGUSR1);
505 /* ^D, so straight to default init state */
506 exit(EXIT_FAILURE);
507 }
508 } while (user[0] == '\0');
509 (void) printf("Enter %s password (control-d to bypass): ",
510 user);
511
512 if ((pass = sulogin_getinput(devname, ECHOOFF)) == NULL) {
513 /* signal other children to exit */
514 (void) sigsend(P_PID, masterpid, SIGUSR1);
515 /* ^D, so straight to default init state */
516 free(user);
517 exit(EXIT_FAILURE);
518 }
519 lshpw = getspnam_r(user, &spwd, shadow, sizeof (shadow));
520 if (lshpw == NULL) {
521 /*
522 * the user entered doesn't exist, too bad.
523 */
524 goto sorry;
525 }
526
527 /*
528 * There is a special case error to catch here:
529 * If the password is hashed with an algorithm
530 * other than the old unix crypt the call to crypt(3c)
531 * could fail if /usr is corrupt or not available
532 * since by default /etc/security/crypt.conf will
533 * have the crypt_ modules located under /usr/lib.
534 * Or it could happen if /etc/security/crypt.conf
535 * is corrupted.
536 *
537 * If this happens crypt(3c) will return NULL and
538 * set errno to ELIBACC for the former condition or
539 * EINVAL for the latter, in this case we bypass
540 * authentication and just verify that the user is
541 * authorized.
542 */
543
544 errno = 0;
545 cpass = crypt(pass, lshpw->sp_pwdp);
546 if (((cpass == NULL) && (lshpw->sp_pwdp[0] == '$')) &&
547 ((errno == ELIBACC) || (errno == EINVAL))) {
548 goto checkauth;
549 } else if ((cpass == NULL) ||
550 (strcmp(cpass, lshpw->sp_pwdp) != 0)) {
551 goto sorry;
552 }
553
554 checkauth:
555 /*
556 * There is a special case error here as well.
557 * If /etc/user_attr is corrupt, getusernam("root")
558 * returns NULL.
559 * In this case, we just give access because this is similar
560 * to the case of root not existing in /etc/passwd.
561 */
562
563 if ((getusernam("root") != NULL) &&
564 (chkauthattr(MAINTENANCE_AUTH, user) != 1)) {
565 goto sorry;
566 }
567 (void) fprintf(sysmsgfd, "\nsingle-user privilege "
568 "assigned to %s on %s.\n", user, devname);
569 (void) sigsend(P_PID, masterpid, SIGUSR1);
570 (void) wait(NULL);
571 free(user);
572 free(pass);
573 single(su, devname);
574 /* single never returns */
575
576 sorry:
577 (void) printf("\nLogin incorrect or user %s not authorized\n",
578 user);
579 free(user);
580 free(pass);
581 (void) sleep(sleeptime);
582 }
583 }
584
585 /*
586 * single() - exec shell for single user mode
587 */
588
589 static void
590 single(const char *cmd, char *ttyn)
591 {
592 struct utmpx *u;
593 char found = B_FALSE;
594
595 if (ttyn == NULL)
596 ttyn = findttyname(STDIN_FILENO);
597
598 /*
599 * utmpx records on the console device are expected to be "console"
600 * by other processes, such as dtlogin.
601 */
602 ttyn = stripttyname(ttyn);
603
604 /* update the utmpx file. */
605 while ((u = getutxent()) != NULL) {
606 if (strcmp(u->ut_line, ttyn) == 0) {
607 u->ut_tv.tv_sec = time(NULL);
608 u->ut_type = USER_PROCESS;
609 u->ut_pid = getpid();
610 if (strcmp(u->ut_user, "root") != 0)
611 (void) strcpy(u->ut_user, "root");
612 (void) pututxline(u);
613 found = B_TRUE;
614 break;
615 }
616 }
617 if (!found) {
618 struct utmpx entryx;
619
620 entryx.ut_tv.tv_sec = time(NULL);
621 entryx.ut_type = USER_PROCESS;
622 entryx.ut_pid = getpid();
623 (void) strcpy(entryx.ut_user, "root");
624 (void) strcpy(entryx.ut_line, ttyn);
625 entryx.ut_tv.tv_usec = 0;
626 entryx.ut_session = 0;
627 entryx.ut_id[0] = 'c';
628 entryx.ut_id[1] = 'o';
629 entryx.ut_id[2] = 's';
630 entryx.ut_id[3] = 'u';
631 entryx.ut_syslen = 1;
632 entryx.ut_host[0] = '\0';
633 entryx.ut_exit.e_termination = WTERMSIG(0);
634 entryx.ut_exit.e_exit = WEXITSTATUS(0);
635 (void) pututxline(&entryx);
636 }
637 endutxent();
638 (void) printf("Entering System Maintenance Mode\n\n");
639
640 if (execl(cmd, cmd, "-", (char *)0) < 0)
641 exit(EXIT_FAILURE);
642 }
643
644 /*
645 * sulogin_getinput() - hacked from the standard PAM tty conversation
646 * function getpassphrase() library version
647 * so we can distinguish newline and EOF.
648 * also don't need this routine to give a prompt.
649 *
650 * returns the password string, or NULL if the used typed EOF.
651 */
652
653 static char *
654 sulogin_getinput(char *devname, int echooff)
655 {
656 struct termio ttyb;
657 int c;
658 FILE *fi;
659 static char input[PASS_MAX + 1];
660 void (*saved_handler)();
661 char *rval = input;
662 int i = 0;
663
664 if ((fi = fopen(devname, "r")) == NULL) {
665 fi = stdin;
666 }
667
668 saved_handler = signal(SIGINT, SIG_IGN);
669
670 if (echooff) {
671 ttyb = ttymodes;
672 ttyb.c_lflag &= ~(ECHO | ECHOE | ECHONL);
673 (void) ioctl(fileno(fi), TCSETAF, &ttyb);
674 }
675
676 /* get characters up to PASS_MAX, but don't overflow */
677 while ((c = getc(fi)) != '\n' && (c != '\r')) {
678 if (c == EOF && i == 0) { /* ^D, no input */
679 rval = NULL;
680 break;
681 }
682 if (i < PASS_MAX) {
683 input[i++] = (char)c;
684 }
685 }
686 input[i] = '\0';
687 (void) fputc('\n', fi);
688 if (echooff) {
689 (void) ioctl(fileno(fi), TCSETAW, &ttymodes);
690 }
691
692 if (saved_handler != SIG_ERR)
693 (void) signal(SIGINT, saved_handler);
694 return (rval == NULL ? NULL : strdup(rval));
695 }
696
697 static char *
698 findttyname(int fd)
699 {
700 char *ttyn = ttyname(fd);
701
702 if (ttyn == NULL)
703 ttyn = "/dev/???";
704 else {
705 /*
706 * /dev/syscon and /dev/systty are usually links to
707 * /dev/console. prefer /dev/console.
708 */
709 if (((strcmp(ttyn, "/dev/syscon") == 0) ||
710 (strcmp(ttyn, "/dev/systty") == 0)) &&
711 access("/dev/console", F_OK))
712 ttyn = "/dev/console";
713 }
714 return (ttyn);
715 }
716
717 static char *
718 stripttyname(char *ttyn)
719 {
720 /* saw off the /dev/ */
721 if (strncmp(ttyn, "/dev/", sizeof ("/dev/") -1) == 0)
722 return (ttyn + sizeof ("/dev/") - 1);
723 else
724 return (ttyn);
725 }
726
727
728 /* ARGSUSED */
729 static void
730 noop(int sig)
731 {
732 /*
733 * This signal handler does nothing except return. We use it
734 * as the signal disposition in this program instead of
735 * SIG_IGN so that we do not have to restore the disposition
736 * back to SIG_DFL. Instead we allow exec(2) to set the
737 * dispostion to SIG_DFL to avoid a race condition.
738 */
739 }
740
741 /* ARGSUSED */
742 static void
743 parenthandler(int sig, siginfo_t *si, ucontext_t *uc)
744 {
745 int i;
746
747 /*
748 * We get here if someone has successfully entered a password
749 * from the auxiliary console and is getting the single-user shell.
750 * When this happens, the parent needs to kill the children
751 * that didn't get the shell.
752 *
753 */
754 for (i = 0; i < nchild; i++) {
755 if (pidlist[i] != si->__data.__proc.__pid)
756 (void) sigsend(P_PID, pidlist[i], SIGTERM);
757 }
758 sa.sa_handler = SIG_IGN;
759 sa.sa_flags = 0;
760 (void) sigemptyset(&sa.sa_mask);
761 (void) sigaction(SIGINT, &sa, NULL);
762 (void) sigaction(SIGQUIT, &sa, NULL);
763 (void) sigaction(SIGTERM, &sa, NULL);
764 (void) wait(NULL);
765 }
766
767 /*
768 * The master pid will get SIGTERM or SIGHUP from init, and then
769 * has to make sure the shell isn't still running.
770 */
771
772 /* ARGSUSED */
773 static void
774 childcleanup(int sig)
775 {
776 int i;
777
778 /* Only need to kill the child that became the shell. */
779 for (i = 0; i < nchild; i++) {
780 /* Don't kill gramps before his time */
781 if (pidlist[i] != getppid())
782 (void) sigsend(P_PID, pidlist[i], SIGHUP);
783 }
784 }
785
786 /* ARGSUSED */
787 static void
788 termhandler(int sig)
789 {
790 FILE *fi;
791 pid_t pid;
792
793 /* Processes come here when they fail to receive the password. */
794 if ((fi = fopen("/dev/tty", "r+")) == NULL)
795 fi = stdin;
796 else
797 setbuf(fi, NULL);
798 sanitize_tty(fileno(fi));
799 /* If you're the controlling tty, then just wait */
800 pid = getpid();
801 if (pid == originalpid || pid == masterpid) {
802 sa.sa_handler = SIG_IGN;
803 sa.sa_flags = 0;
804 (void) sigemptyset(&sa.sa_mask);
805 (void) sigaction(SIGINT, &sa, NULL);
806 (void) sigaction(SIGQUIT, &sa, NULL);
807 sa.sa_handler = SIG_DFL;
808 sa.sa_flags = 0;
809 (void) sigemptyset(&sa.sa_mask);
810 (void) sigaction(SIGTERM, &sa, NULL);
811 (void) sigaction(SIGHUP, &sa, NULL);
812 (void) wait(NULL);
813 }
814 exit(0);
815 }