From e9e9719bba91ebc6a1362c6613552a70353aec29 Mon Sep 17 00:00:00 2001 From: Simon Wilkinson Date: Sun, 20 May 2012 17:43:10 +0100 Subject: [PATCH] log: Relocate pagsh Move the pagsh utility out of sys, and into log. This moves it closer to other token and PAG related utilities, and resolves a circular dependency between sys and auth. Change-Id: Ibbbfc0e3bebc9ecb70f05b137e10e65ff9e4aff6 Reviewed-on: http://gerrit.openafs.org/8028 Tested-by: BuildBot Reviewed-by: Jeffrey Altman --- src/log/.gitignore | 2 ++ src/log/Makefile.in | 25 ++++++++++++++---- src/log/pagsh.c | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++ src/sys/.gitignore | 2 -- src/sys/Makefile.in | 23 +++-------------- src/sys/pagsh.c | 74 ----------------------------------------------------- 6 files changed, 99 insertions(+), 100 deletions(-) create mode 100644 src/log/pagsh.c delete mode 100644 src/sys/pagsh.c diff --git a/src/log/.gitignore b/src/log/.gitignore index cf84a74..c5f418f 100644 --- a/src/log/.gitignore +++ b/src/log/.gitignore @@ -2,6 +2,8 @@ # git ls-files -i --exclude-standard # to check that you haven't inadvertently ignored any tracked files. +/pagsh +/pagsh.krb /kseal /tokens /tokens.krb diff --git a/src/log/Makefile.in b/src/log/Makefile.in index c70f7cc..49a48c3 100644 --- a/src/log/Makefile.in +++ b/src/log/Makefile.in @@ -35,7 +35,7 @@ KLIBRARIES=${TOP_LIBDIR}/libauth.krb.a \ # # Main targets # -all: unlog tokens tokens.krb +all: unlog tokens tokens.krb pagsh pagsh.krb # # Build targets @@ -43,6 +43,16 @@ all: unlog tokens tokens.krb kseal: kseal.o ${LIBRARIES} $(AFS_LDRULE) kseal.o ${LIBRARIES} $(LIB_roken) ${XLIBS} +pagsh: pagsh.o ${LIBRARIES} + $(AFS_LDRULE) pagsh.o ${LIBRARIES} $(LIB_roken) ${XLIBS} + +CFLAGS_pagsh.krb.o = -DAFS_KERBEROS_ENV +pagsh.krb.o: pagsh.c + $(AFS_CCRULE) $(srcdir)/pagsh.c + +pagsh.krb: pagsh.krb.o ${KLIBRARIES} + $(AFS_LDRULE) pagsh.krb.o ${KLIBRARIES} $(LIB_roken) ${XLIBS} + unlog: unlog.o ${LIBRARIES} $(AFS_LDRULE) unlog.o ${LIBRARIES} $(LIB_roken) ${XLIBS} @@ -59,7 +69,7 @@ tokens.o: tokens.c ${TOP_INCDIR}/rx/xdr.h AFS_component_version_number.c # # Install targets # -install: unlog tokens tokens.krb +install: unlog tokens tokens.krb pagsh pagsh.krb ${INSTALL} -d ${DESTDIR}${bindir} ${INSTALL} -d ${DESTDIR}${afssrvbindir} ${INSTALL} -d ${DESTDIR}${sbindir} @@ -68,8 +78,11 @@ install: unlog tokens tokens.krb ${INSTALL_PROGRAM} tokens.krb ${DESTDIR}${bindir}/tokens.krb ${INSTALL_PROGRAM} tokens ${DESTDIR}${afssrvbindir}/tokens ${INSTALL_PROGRAM} tokens.krb ${DESTDIR}${afssrvbindir}/tokens.krb + ${INSTALL_PROGRAM} pagsh ${DESTDIR}${bindir}/pagsh + ${INSTALL_PROGRAM} pagsh.krb ${DESTDIR}${bindir}/pagsh.krb -dest: unlog tokens tokens.krb + +dest: unlog tokens tokens.krb pagsh pagsh.krb ${INSTALL} -d ${DEST}/bin ${INSTALL} -d ${DEST}/root.server/usr/afs/bin ${INSTALL} -d ${DEST}/etc @@ -78,12 +91,14 @@ dest: unlog tokens tokens.krb ${INSTALL_PROGRAM} tokens.krb ${DEST}/bin/tokens.krb ${INSTALL_PROGRAM} tokens ${DEST}/root.server/usr/afs/bin/tokens ${INSTALL_PROGRAM} tokens.krb ${DEST}/root.server/usr/afs/bin/tokens.krb - + ${INSTALL_PROGRAM} pagsh ${DEST}/bin/pagsh + ${INSTALL_PROGRAM} pagsh.krb ${DEST}/bin/pagsh.krb # # Misc. targets # clean: - $(RM) -f *.o unlog tokens kseal core AFS_component_version_number.c tokens.krb + $(RM) -f *.o unlog tokens kseal pagsh pagsh.krb \ + core AFS_component_version_number.c tokens.krb test: cd test; $(MAKE) diff --git a/src/log/pagsh.c b/src/log/pagsh.c new file mode 100644 index 0000000..7bbdcfb --- /dev/null +++ b/src/log/pagsh.c @@ -0,0 +1,73 @@ +/* + * Copyright 2000, International Business Machines Corporation and others. + * All Rights Reserved. + * + * This software has been released under the terms of the IBM Public + * License. For details, see the LICENSE file in the top-level source + * directory or online at http://www.openafs.org/dl/license10.html + */ + +#include +#include + +#include + +#ifdef AFS_AIX32_ENV +# ifdef AFS_AIX51_ENV +# include +# ifdef HAVE_SYS_PAG_H +# include +# endif +# endif +#endif + +#include +#include +#include +#include + +#include "AFS_component_version_number.c" + +int +main(int argc, char *argv[]) +{ + struct passwd *pwe; + int uid, gid; + char *shell = "/bin/sh"; + +#ifdef AFS_AIX32_ENV + /* + * The following signal action for AIX is necessary so that in case of a + * crash (i.e. core is generated) we can include the user's data section + * in the core dump. Unfortunately, by default, only a partial core is + * generated which, in many cases, isn't too useful. + */ + struct sigaction nsa; + + sigemptyset(&nsa.sa_mask); + nsa.sa_handler = SIG_DFL; + nsa.sa_flags = SA_FULLDUMP; + sigaction(SIGSEGV, &nsa, NULL); +#endif + gid = getgid(); + uid = getuid(); + pwe = getpwuid(uid); + if (pwe == 0) { + fprintf(stderr, "Intruder alert.\n"); + } else { +/* shell = pwe->pw_shell; */ + } + if (setpag() == -1) { + perror("setpag"); + } +#ifdef AFS_KERBEROS_ENV + ktc_newpag(); +#endif + (void)setuid(uid); + (void)setgid(gid); + argv[0] = shell; + execvp(shell, argv); + perror(shell); + fprintf(stderr, "No shell\n"); + exit(1); +} diff --git a/src/sys/.gitignore b/src/sys/.gitignore index 89e6019..aa60e2d 100644 --- a/src/sys/.gitignore +++ b/src/sys/.gitignore @@ -2,8 +2,6 @@ # git ls-files -i --exclude-standard # to check that you haven't inadvertently ignored any tracked files. -/pagsh -/pagsh.krb /picobj /rmtsys.h /rmtsysd diff --git a/src/sys/Makefile.in b/src/sys/Makefile.in index 8161579..073ea8f 100644 --- a/src/sys/Makefile.in +++ b/src/sys/Makefile.in @@ -29,8 +29,6 @@ RMTOBJS=rmtsysnet.o rmtsysc.o rmtsys.cs.o rmtsys.xdr.o rmtsys.ss.o rmtsyss.o all: \ rmtsysd \ - pagsh \ - pagsh.krb \ ${TOP_INCDIR}/afs/afssyscalls.h \ ${TOP_INCDIR}/afs/afs.exp \ ${TOP_INCDIR}/afs/xfsattrs.h \ @@ -105,7 +103,7 @@ libsys.a: ${OBJECTS} ${RMTOBJS} syscall.o afsl.exp AFS_component_version_number. esac $(RANLIB) $@ -tests: pagsh pagsh.krb fixit iinc idec icreate iopen istat rmtsysd +tests: fixit iinc idec icreate iopen istat rmtsysd syscall.o: syscall.s @set -e; set -x; case "$(SYS_NAME)" in \ @@ -154,16 +152,7 @@ Krmtsys.h: rmtsys.xg rmtsysd: rmtsysd.o libsys.a $(AFS_LDRULE) rmtsysd.o ${LIBS} $(LIB_roken) -pagsh: pagsh.o libsys.a AFS_component_version_number.o - $(AFS_LDRULE) pagsh.o ${LIBS} $(LIB_roken) -CFLAGS_pagsh.krb.o = -DAFS_KERBEROS_ENV -pagsh.krb.o: pagsh.c - $(AFS_CCRULE) $(srcdir)/pagsh.c - -pagsh.krb: libsys.a pagsh.krb.o ${TOP_LIBDIR}/libauth.krb.a ${TOP_LIBDIR}/librxkad.a - $(AFS_LDRULE) pagsh.krb.o ${TOP_LIBDIR}/libauth.krb.a \ - ${TOP_LIBDIR}/librxkad.a ${LIBS} $(LIB_roken) # # Test programs. @@ -223,30 +212,26 @@ afsl.exp: ${srcdir}/afsl4.exp ${srcdir}/afsl5.exp # # Installation targets # -install: libsys.a rmtsysd afssyscalls.h pagsh pagsh.krb afs.exp xfsattrs.h +install: libsys.a rmtsysd afssyscalls.h afs.exp xfsattrs.h ${INSTALL} -d ${DESTDIR}${libdir}/afs ${INSTALL} -d ${DESTDIR}${sbindir} ${INSTALL} -d ${DESTDIR}${includedir}/afs ${INSTALL_DATA} libsys.a ${DESTDIR}${libdir}/afs/libsys.a ${INSTALL_PROGRAM} rmtsysd ${DESTDIR}${sbindir}/rmtsysd ${INSTALL_DATA} ${srcdir}/afssyscalls.h ${DESTDIR}${includedir}/afs/afssyscalls.h - ${INSTALL_PROGRAM} pagsh ${DESTDIR}${bindir}/pagsh - ${INSTALL_PROGRAM} pagsh.krb ${DESTDIR}${bindir}/pagsh.krb ${INSTALL_DATA} ${srcdir}/xfsattrs.h ${DESTDIR}${includedir}/afs/xfsattrs.h @set -x; case ${SYS_NAME} in \ rs_aix*) \ ${INSTALL_DATA} afs.exp ${DESTDIR}${includedir}/afs/afs.exp;; \ esac -dest: libsys.a rmtsysd afssyscalls.h pagsh pagsh.krb afs.exp xfsattrs.h +dest: libsys.a rmtsysd afssyscalls.h afs.exp xfsattrs.h ${INSTALL} -d ${DEST}/lib/afs ${INSTALL} -d ${DEST}/etc ${INSTALL} -d ${DEST}/bin ${INSTALL} -d ${DEST}/include/afs ${INSTALL_DATA} libsys.a ${DEST}/lib/afs/libsys.a ${INSTALL_PROGRAM} rmtsysd ${DEST}/etc/rmtsysd - ${INSTALL_PROGRAM} pagsh ${DEST}/bin/pagsh - ${INSTALL_PROGRAM} pagsh.krb ${DEST}/bin/pagsh.krb ${INSTALL_DATA} ${srcdir}/afssyscalls.h ${DEST}/include/afs/afssyscalls.h ${INSTALL_DATA} ${srcdir}/xfsattrs.h ${DEST}/include/afs/xfsattrs.h @set -x; case ${SYS_NAME} in \ @@ -262,6 +247,6 @@ include ../config/Makefile.version clean: $(RM) -f *.o libsys.a xfsinode iinc idec icreate iopen istat core \ rmtsysc rmtsyss *.o rmtsys.ss.c rmtsys.cs.c rmtsys.xdr.c rmtsys.h \ - rmtsysd AFS_component_version_number.c pagsh pagsh.krb \ + rmtsysd AFS_component_version_number.c \ afs.exp afsl.exp libafssetpag.* Krmtsys.cs.c Krmtsys.h Krmtsys.xdr.c $(RM) -rf picobj diff --git a/src/sys/pagsh.c b/src/sys/pagsh.c deleted file mode 100644 index 2083bc4..0000000 --- a/src/sys/pagsh.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright 2000, International Business Machines Corporation and others. - * All Rights Reserved. - * - * This software has been released under the terms of the IBM Public - * License. For details, see the LICENSE file in the top-level source - * directory or online at http://www.openafs.org/dl/license10.html - */ - -#include -#include - -#include - -#ifdef AFS_AIX32_ENV -# ifdef AFS_AIX51_ENV -# include -# ifdef HAVE_SYS_PAG_H -# include -# endif -# endif -#endif - -#include -#include -#include - -#include "sys_prototypes.h" - -#include "AFS_component_version_number.c" - -int -main(int argc, char *argv[]) -{ - struct passwd *pwe; - int uid, gid; - char *shell = "/bin/sh"; - -#ifdef AFS_AIX32_ENV - /* - * The following signal action for AIX is necessary so that in case of a - * crash (i.e. core is generated) we can include the user's data section - * in the core dump. Unfortunately, by default, only a partial core is - * generated which, in many cases, isn't too useful. - */ - struct sigaction nsa; - - sigemptyset(&nsa.sa_mask); - nsa.sa_handler = SIG_DFL; - nsa.sa_flags = SA_FULLDUMP; - sigaction(SIGSEGV, &nsa, NULL); -#endif - gid = getgid(); - uid = getuid(); - pwe = getpwuid(uid); - if (pwe == 0) { - fprintf(stderr, "Intruder alert.\n"); - } else { -/* shell = pwe->pw_shell; */ - } - if (setpag() == -1) { - perror("setpag"); - } -#ifdef AFS_KERBEROS_ENV - ktc_newpag(); -#endif - (void)setuid(uid); - (void)setgid(gid); - argv[0] = shell; - execvp(shell, argv); - perror(shell); - fprintf(stderr, "No shell\n"); - exit(1); -} -- 1.9.4