aboutsummaryrefslogtreecommitdiff
path: root/utils/login.c
Commit message (Collapse)AuthorAgeFilesLines
* Pass mach_task_self when deallocating INIT_PORT_CWDIRFlavio Cruz2022-01-171-1/+1
| | | | Message-Id: <YeXBjT8t777b8+AF@viriathus>
* login: More port leaks fixesSamuel Thibault2022-01-041-2/+9
| | | | | | ports[INIT_PORT_CRDIR] and [INIT_PORT_CWDIR] were obtained from getcrdir() and getcwdir(), so a referenced needs to be released when replacing them.
* Fix leaking auth portsSamuel Thibault2022-01-041-4/+24
| | | | | | | | | | | We need to be extremely careful with auth ports since leaking them into subprocesses may expose a root-auth port to non-root processes. Notably, get_nonsugid_ids was caching it, thus preventing glibc's exec implementation from dropping it. Login is also reimplementing hurdexec but without all the cloexec logic. This commit fixes various auth leaks.
* login: Set non-insecure default umaskSamuel Thibault2019-11-111-1/+1
| | | | * utils/login.c (default_args): Set UMASK to 022.
* Fix warningsSamuel Thibault2018-03-051-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * libdiskfs/boot-start.c (diskfs_start_bootstrap): Fix printf format. * libfshelp/delegate.c: Include <alloca.h> and <stdlib.h>. * libfshelp/start-translator-long.c: Include <stdlib.h>. * libshouldbeinlibc/ugids-verify-auth.c (server_verify_make_auth): Fix prototypes for password_check_group and password_check_user. * libstore/argp.c: Include <stdlib.h>. * libstore/task.c: Include <stdlib.h>. * exec/exec.c: Include <mach/vm_param.h>. * libbpf/bpf_impl.c: Include <stdlib.h>. * proc/info.c (S_proc_getloginpids): Remove local variables leader_task and leader_sub. * proc/main.c (main): Remove local variable original_argv. * boot/boot.c (task_died, S_mach_notify_new_task): Fix printf format. * exec/elfcore.c: Include <alloca.h> and <mach/vm_param.h>. * trans/crash.c: Include <hurd/msg.h>. * trans/random.c: Include <signal.h>. * utils/login.c: Include <signal.h>. * utils/id.c: Include <hurd/msg.h>. * utils/devprobe.c: Include <stdlib.h>. * utils/addauth.c: Include <hurd/msg.h>. * utils/frobauth-mod.c: Include <hurd/msg.h>. * utils/storeread.c: Include <stdlib.h>. * utils/msgport.c: Include <hurd/msg.h>. * sutils/clookup.c (file_name_lookup_carefully): Fix lookup function prototype, make head and tail const. * utils/rpcscan.c: Include <stdlib.h>. * sutils/bless.c: Include <stdlib.h>. * fstests/fstests.c: Include <stdlib.h>. * startup/startup.c (argz_task_insert_right): Fix printf format. * init/init.c: Include <stdlib.h>.
* Add a file_exec_file_name RPCEmilio Pozuelo Monfort2018-01-081-7/+18
| | | | | | | | | | | | | | | | | | | | | | * hurd/fs.defs (file_exec): Deprecate in favor of... (file_exec_paths): ...this new RPC. * TODO: Update. * doc/hurd.texi: Update RPC name. * hurd/hurd_types.h: Update RPC name. * libdiskfs/boot-start.c: Update RPC name. * configure.ac: Check for presence of RPC stubs file_exec_paths exec_exec_paths. * exec/hashexec.c (check_hashbang): When file_exec_paths is available, use it instead of file_exec. * startup/startup.c (run, run_for_real, start_child): Likewise. * utils/login.c (main): Likewise. * libfshelp/start-translator-long.c (fshelp_start_translator_long): Likewise. * libdiskfs/file-exec.c (diskfs_S_file_exec): Move code to new function diskfs_S_file_exec_paths and call it. (diskfs_S_file_exec_paths): New function, use exec_exec_paths when available instead of exec_exec * libnetfs/file-exec.c (netfs_S_file_exec, netfs_S_file_exec_paths): Likewise. * trans/fakeroot.c (netfs_S_file_exec, netfs_S_file_exec_paths): Likewise. * libtrivfs/file-exec.c (trivfs_S_file_exec_paths): New function.
* Use our own variant of 'assert' and 'assert_perror'.Justus Winter2017-08-051-3/+3
| | | | | Our variants print stack traces on failures. This will make locating errors much easier.
* Replace `bzero' with `memset'Justus Winter2014-12-101-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For reference, this patch was created using the following semantic patch, and then manually applying the change in all functions containing nested functions, as those are not supported by Coccinelle. @@ expression A, B; @@ - bzero (A, B) + memset (A, 0, B) * auth/auth.c: Replace `bzero' with `memset'. * boot/boot.c: Likewise. * defpager/defpager.c: Likewise. * exec/exec.c: Likewise. Also, drop `safe_bzero' and just use `hurd_safe_memset' directly. * ext2fs/ext2fs.c: Likewise. * ext2fs/getblk.c: Likewise. * ext2fs/pager.c: Likewise. * fatfs/pager.c: Likewise. * ftpfs/dir.c: Likewise. * ftpfs/netfs.c: Likewise. * isofs/inode.c: Likewise. * isofs/pager.c: Likewise. * libdiskfs/file-getfh.c: Likewise. * libdiskfs/file-statfs.c: Likewise. * libfshelp/fetch-root.c: Likewise. * libfshelp/start-translator.c: Likewise. * libftpconn/create.c: Likewise. * libftpconn/open.c: Likewise. * libftpconn/unix.c: Likewise. * libpipe/pipe.c: Likewise. * libps/procstat.c: Likewise. * libps/spec.c: Likewise. * libshouldbeinlibc/cacheq.c: Likewise. * libshouldbeinlibc/idvec.c: Likewise. * libshouldbeinlibc/ugids.c: Likewise. * libstore/argp.c: Likewise. * libstore/enc.c: Likewise. * libstore/kids.c: Likewise. * libthreads/alpha/thread.c: Likewise. * libtreefs/fsys.c: Likewise. * libtrivfs/file-statfs.c: Likewise. * mach-defpager/default_pager.c: Likewise. * pfinet/glue-include/asm/uaccess.h: Likewise. * pfinet/io-ops.c: Likewise. * pfinet/options.c: Likewise. * pfinet/socket.c: Likewise. * pfinet/timer-emul.c: Likewise. * pflocal/io.c: Likewise. * startup/startup.c: Likewise. * storeio/storeio.c: Likewise. * sutils/fstab.c: Likewise. * usermux/usermux.c: Likewise. * utils/fakeauth.c: Likewise. * utils/frobauth.c: Likewise. * utils/login.c: Likewise. * utils/x.c: Likewise.
* Fix proc_getprocinfo callsSamuel Thibault2014-11-021-2/+2
| | | | | | | | | | | The deallocation also needs to be fixed. Also, fetch_procinfo already took care of the conversion. * exec/elfcore.c (dump_core): Fix procinfoCnt taken from proc_getprocinfo. * utils/login.c (check_owned): Likewise. * libps/procstat.c (merge_procinfo): Remove conversion between bytes and int, already handled by fetch_procinfo.
* Fix proc_getprocinfo callsSamuel Thibault2014-11-021-1/+1
| | | | | | | | | The procinfoCnt argument is the number of elements of the procinfo_t array, not its size in bytes. * exec/elfcore.c (dump_core): Fix procinfoCnt given to proc_getprocinfo. * libps/procstat.c (merge_procinfo): Likewise. * utils/login.c (check_owned): Likewise.
* fix common misspellingsJonathan Neuschäfer2011-08-201-1/+1
| | | | | | * Fix spelling with codespell[1] and manually review it. [1] http://git.profusion.mobi/cgit.cgi/lucas/codespell/
* Fix child lookups relative to new homedirSamuel Thibault2011-01-161-6/+5
| | | | | | * utils/login.c (main): Update `ports[INIT_PORT_CWDIR]' as soon as new cwd is determined according to HOME, since child lookups need to be relative to new homedir (e.g. for .hushlogin).
* Fix comment typoSamuel Thibault2011-01-161-1/+1
| | | | * utils/login.c (main): Fix comment typo.
* 2004-03-09 Marcus Brinkmann <marcus@gnu.org>Marcus Brinkmann2004-03-181-2/+0
| | | | | * login.c (main): Remove extern declaration and invocation of _argp_unlock_xxx.
* 2002-05-28 Roland McGrath <roland@frob.com>Roland McGrath2002-05-281-12/+12
| | | | | | | | | | | | | | | | * pids.c (add_fn_pids): unsigned -> size_t * w.c (add_utmp_procs): Likewise. * login.c (add_canonical_host): Likewise. * ps.c (main): Likewise. * login.c (add_entry, main): Likewise. * settrans.c (main): int -> size_t * showtrans.c (main): Likewise. * fsysopts.c (main): Likewise. * vmstat.c (main): Use int for FWIDTHS. * ping.c (main): size_t -> socklen_t * fakeauth.c (S_auth_getids, S_auth_makeauth, S_auth_server_authenticate): u_int -> size_t * showtrans.c (main): Cast field width/precision args to int.
* 1999-09-23 Mark Kettenis <kettenis@gnu.org>Roland McGrath1999-09-221-0/+1
| | | | * login.c (main): Pass controlling terminal ID port to the child.
* 1999-07-10 Roland McGrath <roland@baalperazim.frob.com>Roland McGrath1999-07-111-0/+1
| | | | | | | | * pids.c: Add #include <sys/mman.h> for munmap decl. * showtrans.c: Likewise. * login.c: Likewise. * storeread.c: Likewise. * msgport.c: Likewise.
* 1999-07-03 Thomas Bushnell, BSG <tb@mit.edu>Thomas Bushnell1999-07-031-3/+3
| | | | | | | | | | * login.c (cat): Use munmap instead of vm_deallocate. (check_owned): Likewise. (kill_login): Likewise. * storeread.c (main): Likewise. * showtrans.c (main): Likewise. * pids.c (add_fn_pids): Likewise. * msgport.c (cmd_getenv): Likewise.
* 1999-06-21 Roland McGrath <roland@baalperazim.frob.com>Roland McGrath1999-06-231-13/+12
| | | | | * login.c (main): For no-uids shell, default SH_ARG0 to informative value. Use asprintf to construct it.
* Fri Mar 12 15:22:02 1999 Thomas Bushnell, BSG <tb@mit.edu>Thomas Bushnell1999-03-121-0/+2
| | | | | * login.c (add_utmp_entry): Properly call setutent and endutent around the getutline call.
* Fri Feb 19 02:43:11 1999 Thomas Bushnell, BSG <tb@mit.edu>Thomas Bushnell1999-02-191-3/+7
| | | | | * login.c (main): Correctly implement -f instead of always acting as if it were set.
* Fri Feb 19 02:43:11 1999 Thomas Bushnell, BSG <tb@mit.edu>Thomas Bushnell1999-02-191-1/+3
| | | | | | * login.c (main): When transitioning from no UID's to having UID's create a new session like normal. Reported by Mark M. Kettenis <kettenis@wins.uva.nl>.
* 1999-02-06 Mark Kettenis <kettenis@gnu.org>Thomas Bushnell1999-02-101-2/+2
| | | | | * login.c (main): If no effective uid, really use first auxiliary uid to use as password entry to get parameters from.
* 1998-07-20 Roland McGrath <roland@baalperazim.frob.com>Roland McGrath1998-07-201-4/+4
| | | | | | | | | | | * ps.c (main): Fix return type to int, and use return. * ids.c (main): Likewise. * w.c (main): Likewise. * login.c (main): Likewise. * settrans.c (main): Likewise. * showtrans.c (main): Likewise. * fsysopts.c (main): Likewise. * storeinfo.c (main): Likewise.
* (main):Miles Bader1997-09-291-7/+4
| | | | Use ugids_verify_make_auth instead of ugids_verify and ugids_make_auth.
* (child_argps):Miles Bader1997-05-271-267/+103
| | | | | | | | | | New variable. (main): Use ugids operations instead of doing [ug]id frobbing ourselves. (options): Remove uid/gid args. <ugids.h>: New include.
* (main: verify_passwd):Miles Bader1997-05-151-8/+29
| | | | Add user-in-group-0-can-use-his-own-password-to-su hack.
* Wed Apr 16 15:59:41 1997 Thomas Bushnell, n/BSG <thomas@gnu.ai.mit.edu>Thomas Bushnell1997-04-161-2/+2
| | | | * login.c (add_utmp_entry): Revert change of December 10, 1996.
* Tue Dec 10 11:40:04 1996 Thomas Bushnell, n/BSG <thomas@gnu.ai.mit.edu>Thomas Bushnell1997-04-161-2/+2
| | | | | * login.c (add_utmp_entry): ut_addr has changed to be an array; stash the IP address in the first slot.
* (argp_program_version): Make const.Miles Bader1997-02-201-1/+1
|
* (main):Miles Bader1997-02-061-0/+4
| | | | Deal with crypt failing.
* (main):Miles Bader1997-02-061-2/+5
| | | | | Look for NOBODY in ARGS_DEFS too, and use a last ditch default if we can't find it anywhere.
* (main:verify_passwd):Miles Bader1996-09-251-0/+2
| | | | Only declare reference to crypt weak if HAVE_CRYPT isn't defined.
* *** empty log message ***Thomas Bushnell1996-09-051-1/+3
|
* (doc): Add program description.Miles Bader1996-08-271-0/+1
|
* (main/verify_passwd): Use #pragma weak instead of __attribute__ ((weak)).Miles Bader1996-08-011-9/+9
| | | | | | | (options): Change --inherit-environ to --preserve-environment. Change --no-environ to --no-environment-args. Change --environ to --envvar and --environ-default to --envvar-default.
* *** empty log message ***Thomas Bushnell1996-07-311-3/+2
|
* *** empty log message ***Thomas Bushnell1996-07-301-7/+10
|
* *** empty log message ***Thomas Bushnell1996-07-301-1/+5
|
* (main): If chown fails, print error message using errno, not -1.Michael I. Bushnell1996-07-171-1/+1
|
* (dog):Miles Bader1996-07-131-25/+15
| | | | | | | | Get rid of `Beware of dog' -- it can't ever happen. Rename watch_login calls to check_login; don't use return value. (check_login): Renamed from watch_login. Change type to void. Exit if there's no such process.
* (main): Only start a watchdog timer if in a new login coll.Miles Bader1996-07-121-49/+48
| | | | | (watch_login): New function. (dog): Use watch_login. Get rid of wierd rules for root-gone-away.
* (argp_program_version): New variable.Miles Bader1996-07-061-0/+2
|
* (add_utmp_entry): Pass the the basename of TTY to getutline.Miles Bader1996-07-061-15/+27
|
* (dog):Miles Bader1996-07-021-1/+1
| | | | | Include all args in the asprintf. Put the ARGV message in parens.
* (kill_login): Don't kill dog.Miles Bader1996-07-011-26/+37
| | | | | | (dog): Take new ARGV argument, and record status in it for ps. (main): Pass ARGV to dog. (add_utmp_entry): Always fill in UTMP.ut_line. Set UTMP.ut_type.
* (main): No need for EXEC_NEWTASK or EXEC_SECURE.Michael I. Bushnell1996-06-201-2/+1
|
* (hurd_file_name_path_lookup): Declaration removed.Miles Bader1996-06-191-58/+33
| | | | | | | | | (main: child_lookup): Pass 0 for new LOOKUP arg to hurd_file_name_path_lookup. (get_utmp_host): Function removed. (add_utmp_entry): Get rid of TTY_FD parameter. Don't search for the tty unless we need it to get the old host, since login does it for us. Also use the `existing host' in the case that a new one isn't specified. (main): Update call to add_utmp_entry.
* (dog): Don't print stupid message if login session is empty.Miles Bader1996-06-111-5/+14
| | | | (add_utmp_entry): Use gettimeofday instead of time to get the time.
* (check_owned): Return OWNED, not NOTOWNED.Miles Bader1996-05-281-1/+1
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 09:12:56 +0000