rpms/mgetty/devel mgetty-1.1.33-167830.patch, NONE, 1.1 mgetty-1.1.33-167830_tty_access.patch, NONE, 1.1
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Nov 15 16:05:55 UTC 2005
Author: jvdias
Update of /cvs/dist/rpms/mgetty/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv2334
Added Files:
mgetty-1.1.33-167830.patch
mgetty-1.1.33-167830_tty_access.patch
Log Message:
fix for some bug 167830 issues
mgetty-1.1.33-167830.patch:
login.c | 4 +++-
mgetty.c | 20 ++++++++++++++++++--
2 files changed, 21 insertions(+), 3 deletions(-)
--- NEW FILE mgetty-1.1.33-167830.patch ---
--- mgetty-1.1.33/mgetty.c.167830 2005-09-16 18:02:19.929881000 -0400
+++ mgetty-1.1.33/mgetty.c 2005-09-16 18:02:19.988822000 -0400
@@ -1011,7 +1011,15 @@
}
/* set permissions to "rw-------" for login */
- (void) chmod(devname, 0600);
+
+ /* JVD, 2005-09-16, : see Red Hat BZ 167830!
+ * If devname is owned by 'uucp', and we run login as a non-root userid,
+ * then login gets a terminal it has no RW perms for ... bad idea!
+ *
+ * Let users control the tty device access mode with with 'port-mode'!
+ */
+ if( ! c_isset(port_mode) )
+ (void) chmod(devname, 0600);
/* set ttystate for login ("after"),
* cr-nl mapping flags are set by getlogname()!
@@ -1058,7 +1066,15 @@
{
lprintf( L_WARN, "WARNING: starting login while DCD is low!" );
}
-
+
+ /* try to ensure the terminal buffers are clear when we hand over terminal to login:*/
+
+ tcflush(0, TCIOFLUSH);
+ tcgetattr(0,&tio);
+ tio.c_lflag &= ~TOSTOP;
+ tcsetattr(0,TCSANOW,&tio);
+ tcsetpgrp(0,getpid());
+
/* hand off to login dispatcher (which will call /bin/login) */
login_dispatch( buf, mgetty_state == St_callback_login? TRUE: FALSE,
c_string(login_config) );
--- mgetty-1.1.33/login.c.167830 2005-09-16 18:02:19.971839000 -0400
+++ mgetty-1.1.33/login.c 2005-09-16 18:02:19.999811000 -0400
@@ -18,7 +18,7 @@
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
-
+#include <sys/ioctl.h>
/* NeXTStep/86 has some byte order problems (Christian Starkjohann) */
#if defined(NeXT) && defined(__LITTLE_ENDIAN__) && !defined(NEXTSGTTY)
# define pw_uid pw_short_pad1
@@ -371,6 +371,8 @@
if ( fcntl(0, F_GETFD, 0 ) & 1 )
lprintf( L_WARN, "WARNING: close-on-exec bit set on FD 0 - OS BUG?" );
+ ioctl(0, TIOCSCTTY, (void*)1);
+
/* execute login */
execv( cmd, argv );
mgetty-1.1.33-167830_tty_access.patch:
login.c | 12 ++++++++++++
1 files changed, 12 insertions(+)
--- NEW FILE mgetty-1.1.33-167830_tty_access.patch ---
--- mgetty-1.1.33/login.c.167830_tty_access 2003-12-05 17:28:58.000000000 -0500
+++ mgetty-1.1.33/login.c 2005-11-15 11:03:04.000000000 -0500
@@ -256,6 +256,12 @@
{
lprintf( L_NOISE, "login: user id: %s (uid %d, gid %d)",
user_id, pw->pw_uid, pw->pw_gid );
+ /* get tty device name */
+ char devname[MAXLINE+1], stdinname[128];
+ snprintf(stdinname,128,"/proc/%d/fd/0",getpid());
+ int r = readlink(&(stdinname[0]),&(devname[0]),MAXLINE);
+ devname[r]='\0';
+
#if SECUREWARE
if ( setluid( pw->pw_uid ) == -1 )
{
@@ -266,9 +272,15 @@
{
lprintf( L_ERROR, "cannot set gid %d", pw->pw_gid );
}
+ initgroups(pw->pw_name,pw->pw_gid);
if ( setuid( pw->pw_uid ) == -1 )
{
lprintf( L_ERROR, "cannot set uid %d", pw->pw_uid );
+ }
+ if ( ( r > 0) && (access(devname, R_OK | W_OK) != 0) )
+ {
+ lprintf( L_FATAL, "user %s denied rw access to %s", user_id, devname );
+ exit(FAIL);
}
}
} /* end if (uid given) */
More information about the fedora-cvs-commits
mailing list