loginutils/sulogin.c

   1 /* vi: set sw=4 ts=4: */
   2 /*
   3  * Mini sulogin implementation for busybox
   4  *
   5  * Licensed under GPLv2 or later, see file LICENSE in this source tree.
   6  */
   7
   8 //usage:#define sulogin_trivial_usage
   9 //usage:       "[-t N] [TTY]"
  10 //usage:#define sulogin_full_usage "\n\n"
  11 //usage:       "Single user login\n"
  12 //usage:     "\n        -t N    Timeout"
  13
  14 #include "libbb.h"
  15 #include <syslog.h>
  16
  17 int sulogin_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
  18 int sulogin_main(int argc UNUSED_PARAM, char **argv)
  19 {
  20         int timeout = 0;
  21         struct passwd *pwd;
  22         const char *shell;
  23
  24         logmode = LOGMODE_BOTH;
  25         openlog(applet_name, 0, LOG_AUTH);
  26
  27         opt_complementary = "t+"; /* -t N */
  28         getopt32(argv, "t:", &timeout);
  29         argv += optind;
  30
  31         if (argv[0]) {
  32                 close(0);
  33                 close(1);
  34                 dup(xopen(argv[0], O_RDWR));
  35                 close(2);
  36                 dup(0);
  37         }
  38
  39         /* Malicious use like "sulogin /dev/sda"? */
  40         if (!isatty(0) || !isatty(1) || !isatty(2)) {
  41                 logmode = LOGMODE_SYSLOG;
  42                 bb_error_msg_and_die("not a tty");
  43         }
  44
  45         /* Clear dangerous stuff, set PATH */
  46         sanitize_env_if_suid();
  47
  48         pwd = getpwuid(0);
  49         if (!pwd) {
  50                 goto auth_error;
  51         }
  52
  53         while (1) {
  54                 int r;
  55
  56                 r = ask_and_check_password_extended(pwd, timeout,
  57                         "Give root password for system maintenance\n"
  58                         "(or type Control-D for normal startup):"
  59                 );
  60                 if (r < 0) {
  61                         /* ^D, ^C, timeout, or read error */
  62                         bb_info_msg("Normal startup");
  63                         return 0;
  64                 }
  65                 if (r > 0) {
  66                         break;
  67                 }
  68                 bb_do_delay(LOGIN_FAIL_DELAY);
  69                 bb_info_msg("Login incorrect");
  70         }
  71
  72         bb_info_msg("System Maintenance Mode");
  73
  74         IF_SELINUX(renew_current_security_context());
  75
  76         shell = getenv("SUSHELL");
  77         if (!shell)
  78                 shell = getenv("sushell");
  79         if (!shell)
  80                 shell = pwd->pw_shell;
  81
  82         /* Exec login shell with no additional parameters. Never returns. */
  83         run_shell(shell, 1, NULL, NULL);
  84
  85  auth_error:
  86         bb_error_msg_and_die("no password entry for root");
  87 }