2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
23 */
24
25 /*
26 * zlogin provides three types of login which allow users in the global
27 * zone to access non-global zones.
28 *
29 * - "interactive login" is similar to rlogin(1); for example, the user could
30 * issue 'zlogin my-zone' or 'zlogin -e ^ -l me my-zone'. The user is
31 * granted a new pty (which is then shoved into the zone), and an I/O
32 * loop between parent and child processes takes care of the interactive
33 * session. In this mode, login(1) (and its -c option, which means
34 * "already authenticated") is employed to take care of the initialization
35 * of the user's session.
36 *
37 * - "non-interactive login" is similar to su(1M); the user could issue
38 * 'zlogin my-zone ls -l' and the command would be run as specified.
39 * In this mode, zlogin sets up pipes as the communication channel, and
40 * 'su' is used to do the login setup work.
41 *
71 #include <signal.h>
72 #include <stdarg.h>
73 #include <stdio.h>
74 #include <stdlib.h>
75 #include <string.h>
76 #include <strings.h>
77 #include <stropts.h>
78 #include <wait.h>
79 #include <zone.h>
80 #include <fcntl.h>
81 #include <libdevinfo.h>
82 #include <libintl.h>
83 #include <locale.h>
84 #include <libzonecfg.h>
85 #include <libcontract.h>
86 #include <libbrand.h>
87 #include <auth_list.h>
88 #include <auth_attr.h>
89 #include <secdb.h>
90
91 static int masterfd;
92 static struct termios save_termios;
93 static struct termios effective_termios;
94 static int save_fd;
95 static struct winsize winsize;
96 static volatile int dead;
97 static volatile pid_t child_pid = -1;
98 static int interactive = 0;
99 static priv_set_t *dropprivs;
100
101 static int nocmdchar = 0;
102 static int failsafe = 0;
103 static char cmdchar = '~';
104
105 static int pollerr = 0;
106
107 static const char *pname;
108 static char *username;
109
110 /*
1223
1224 return (new_env);
1225 }
1226
1227 /*
1228 * Finish the preparation of the envp array for exec'd non-interactive
1229 * zlogins. This is called in the child process *after* we zone_enter(), since
1230 * it derives things we can only know within the zone, such as $HOME, $SHELL,
1231 * etc. We need only do this in the non-interactive, mode, since otherwise
1232 * login(1) will do it. We don't do this in failsafe mode, since it presents
1233 * additional ways in which the command could fail, and we'd prefer to avoid
1234 * that.
1235 */
1236 static char **
1237 prep_env_noninteractive(const char *user_cmd, char **env)
1238 {
1239 size_t size;
1240 char **new_env;
1241 int e, i;
1242 char *estr;
1243 char varmail[LOGNAME_MAX + 11]; /* strlen(/var/mail/) = 10, NUL */
1244 char pwbuf[NSS_BUFLEN_PASSWD + 1];
1245 struct passwd pwent;
1246 struct passwd *pw = NULL;
1247
1248 assert(env != NULL);
1249 assert(failsafe == 0);
1250
1251 /*
1252 * Exec the "user_cmd" brand hook to get a pwent for the
1253 * login user. If this fails, HOME will be set to "/", SHELL
1254 * will be set to $DEFAULTSHELL, and we will continue to exec
1255 * SUPATH <login> -c <cmd>.
1256 */
1257 pw = zone_get_user_pw(user_cmd, &pwent, pwbuf, sizeof (pwbuf));
1258
1259 /*
1260 * Get existing envp size.
1261 */
1262 for (size = 0; env[size] != NULL; size++)
1263 ;
|
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2013 Gary Mills
23 *
24 * Copyright (c) 2003, 2010, Oracle and/or its affiliates. All rights reserved.
25 */
26
27 /*
28 * zlogin provides three types of login which allow users in the global
29 * zone to access non-global zones.
30 *
31 * - "interactive login" is similar to rlogin(1); for example, the user could
32 * issue 'zlogin my-zone' or 'zlogin -e ^ -l me my-zone'. The user is
33 * granted a new pty (which is then shoved into the zone), and an I/O
34 * loop between parent and child processes takes care of the interactive
35 * session. In this mode, login(1) (and its -c option, which means
36 * "already authenticated") is employed to take care of the initialization
37 * of the user's session.
38 *
39 * - "non-interactive login" is similar to su(1M); the user could issue
40 * 'zlogin my-zone ls -l' and the command would be run as specified.
41 * In this mode, zlogin sets up pipes as the communication channel, and
42 * 'su' is used to do the login setup work.
43 *
73 #include <signal.h>
74 #include <stdarg.h>
75 #include <stdio.h>
76 #include <stdlib.h>
77 #include <string.h>
78 #include <strings.h>
79 #include <stropts.h>
80 #include <wait.h>
81 #include <zone.h>
82 #include <fcntl.h>
83 #include <libdevinfo.h>
84 #include <libintl.h>
85 #include <locale.h>
86 #include <libzonecfg.h>
87 #include <libcontract.h>
88 #include <libbrand.h>
89 #include <auth_list.h>
90 #include <auth_attr.h>
91 #include <secdb.h>
92
93 #ifdef LOGNAME_MAX_ILLUMOS
94 #define _LOGNAME_MAX LOGNAME_MAX_ILLUMOS
95 #else /* LOGNAME_MAX_ILLUMOS */
96 #define _LOGNAME_MAX LOGNAME_MAX
97 #endif /* LOGNAME_MAX_ILLUMOS */
98
99 static int masterfd;
100 static struct termios save_termios;
101 static struct termios effective_termios;
102 static int save_fd;
103 static struct winsize winsize;
104 static volatile int dead;
105 static volatile pid_t child_pid = -1;
106 static int interactive = 0;
107 static priv_set_t *dropprivs;
108
109 static int nocmdchar = 0;
110 static int failsafe = 0;
111 static char cmdchar = '~';
112
113 static int pollerr = 0;
114
115 static const char *pname;
116 static char *username;
117
118 /*
1231
1232 return (new_env);
1233 }
1234
1235 /*
1236 * Finish the preparation of the envp array for exec'd non-interactive
1237 * zlogins. This is called in the child process *after* we zone_enter(), since
1238 * it derives things we can only know within the zone, such as $HOME, $SHELL,
1239 * etc. We need only do this in the non-interactive, mode, since otherwise
1240 * login(1) will do it. We don't do this in failsafe mode, since it presents
1241 * additional ways in which the command could fail, and we'd prefer to avoid
1242 * that.
1243 */
1244 static char **
1245 prep_env_noninteractive(const char *user_cmd, char **env)
1246 {
1247 size_t size;
1248 char **new_env;
1249 int e, i;
1250 char *estr;
1251 char varmail[_LOGNAME_MAX + 11]; /* strlen(/var/mail/) = 10, NUL */
1252 char pwbuf[NSS_BUFLEN_PASSWD + 1];
1253 struct passwd pwent;
1254 struct passwd *pw = NULL;
1255
1256 assert(env != NULL);
1257 assert(failsafe == 0);
1258
1259 /*
1260 * Exec the "user_cmd" brand hook to get a pwent for the
1261 * login user. If this fails, HOME will be set to "/", SHELL
1262 * will be set to $DEFAULTSHELL, and we will continue to exec
1263 * SUPATH <login> -c <cmd>.
1264 */
1265 pw = zone_get_user_pw(user_cmd, &pwent, pwbuf, sizeof (pwbuf));
1266
1267 /*
1268 * Get existing envp size.
1269 */
1270 for (size = 0; env[size] != NULL; size++)
1271 ;
|