From 91606b17d2f8db5a1cbf32f7d780a6ac6f09bdd2 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 28 Jun 2000 08:22:29 +1000 Subject: [PATCH] - (djm) Patch from Michael Stone to add support for Irix 6.x array sessions, project id's, and system audit trail id. --- CREDITS | 1 + ChangeLog | 2 ++ acconfig.h | 9 +++++++++ configure.in | 4 +++- session.c | 26 ++++++++++++++++++++++++++ uidswap.c | 11 +++++++++++ 6 files changed, 52 insertions(+), 1 deletion(-) diff --git a/CREDITS b/CREDITS index c472261a3..1774e2760 100644 --- a/CREDITS +++ b/CREDITS @@ -45,6 +45,7 @@ Kiyokazu SUTO - Bugfixes Lutz Jaenicke - Bugfixes Marc G. Fournier - Solaris patches Matt Richards - AIX patches +Michael Stone - Irix enhancements Nalin Dahyabhai - PAM environment patch Niels Kristian Bech Jensen - Assorted patches Peter Kocks - Makefile fixes diff --git a/ChangeLog b/ChangeLog index a14a64349..8fcf1d561 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,8 @@ 20000628 - (djm) Fixes to lastlog code for Irix - (djm) Use atomicio in loginrec + - (djm) Patch from Michael Stone to add support for + Irix 6.x array sessions, project id's, and system audit trail id. 20000627 - (djm) Fixes to login code - not setting li->uid, cleanups diff --git a/acconfig.h b/acconfig.h index 20211a0af..0a042587f 100644 --- a/acconfig.h +++ b/acconfig.h @@ -15,6 +15,15 @@ /* Define if you want to enable AIX4's authenticate function */ #undef WITH_AIXAUTHENTICATE +/* Define if you have/want arrays (cluster-wide session managment, not C arrays) */ +#undef WITH_IRIX_ARRAY + +/* Define if you want IRIX project management */ +#undef WITH_IRIX_PROJECT + +/* Define if you want IRIX audit trails */ +#undef WITH_IRIX_AUDIT + /* Location of random number pool */ #undef RANDOM_POOL diff --git a/configure.in b/configure.in index ca433e569..c1bcb3424 100644 --- a/configure.in +++ b/configure.in @@ -90,7 +90,9 @@ case "$host" in CFLAGS="$CFLAGS -I/usr/local/include" LDFLAGS="$LDFLAGS" MANTYPE='$(CATMAN)' - AC_MSG_WARN([*** Irix 6.x is not tested, please report you experiences *** ]) + AC_DEFINE(WITH_IRIX_ARRAY) + AC_DEFINE(WITH_IRIX_PROJECT) + AC_DEFINE(WITH_IRIX_AUDIT) no_libsocket=1 no_libnsl=1 ;; diff --git a/session.c b/session.c index 892810847..1e22f477f 100644 --- a/session.c +++ b/session.c @@ -28,6 +28,10 @@ RCSID("$OpenBSD: session.c,v 1.20 2000/06/18 04:42:54 markus Exp $"); #include "auth.h" #include "auth-options.h" +#ifdef WITH_IRIX_PROJECT +#include +#endif /* WITH_IRIX_PROJECT */ + /* types */ #define TTYSZ 64 @@ -799,6 +803,9 @@ do_child(const char *command, struct passwd * pw, const char *term, extern char **environ; struct stat st; char *argv[10]; +#ifdef WITH_IRIX_PROJECT + prid_t projid; +#endif /* WITH_IRIX_PROJECT */ /* login(1) is only called if we execute the login shell */ if (options.use_login && command != NULL) @@ -836,6 +843,25 @@ do_child(const char *command, struct passwd * pw, const char *term, } endgrent(); +#ifdef WITH_IRIX_ARRAY + /* initialize array session */ + if (newarraysess() != 0) + fatal("Failed to set up new array session: %.100s", + strerror(errno)); +#endif /* WITH_IRIX_ARRAY */ + +#ifdef WITH_IRIX_PROJECT + /* initialize irix project info */ + if ((projid = getdfltprojuser(pw->pw_name)) == -1) { + debug("Failed to get project id, using projid 0"); + projid = 0; + } + + if (setprid(projid)) + fatal("Failed to initialize project %d for %s: %.100s", + (int)projid, pw->pw_name, strerror(errno)); +#endif /* WITH_IRIX_PROJECT */ + /* Permanently switch to the desired uid. */ permanently_set_uid(pw->pw_uid); } diff --git a/uidswap.c b/uidswap.c index 4213d34ec..3fd0eefee 100644 --- a/uidswap.c +++ b/uidswap.c @@ -11,6 +11,9 @@ RCSID("$OpenBSD: uidswap.c,v 1.7 2000/06/20 01:39:45 markus Exp $"); #include "ssh.h" #include "uidswap.h" +#ifdef WITH_IRIX_AUDIT +#include +#endif /* WITH_IRIX_AUDIT */ /* * Note: all these functions must work in all of the following cases: @@ -83,6 +86,14 @@ restore_uid() void permanently_set_uid(uid_t uid) { +#ifdef WITH_IRIX_AUDIT + if (sysconf(_SC_AUDIT)) { + debug("Setting sat id to %d", (int) uid); + if (satsetid(uid)) + fatal("error setting satid: %.100s", strerror(errno)); + } +#endif /* WITH_IRIX_AUDIT */ + if (setuid(uid) < 0) debug("setuid %d: %.100s", (int) uid, strerror(errno)); }