|
|
|
/*
|
|
|
|
us - User Switcher
|
|
|
|
Copyright (C) 2021 Alessandro Mauri
|
|
|
|
|
|
|
|
This program is free software: you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License version 3.
|
|
|
|
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
e-mail: alemauri001@tuta.io
|
|
|
|
*/
|
|
|
|
|
|
|
|
#define _POSIX_C_SOURCE 200809L
|
|
|
|
#define _DEFAULT_SOURCE
|
|
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <pwd.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <limits.h>
|
|
|
|
#include <grp.h>
|
|
|
|
#include <security/pam_appl.h>
|
|
|
|
#include <security/pam_misc.h>
|
|
|
|
|
|
|
|
static void usage (void);
|
|
|
|
static int perm_set (const char *, const char *);
|
|
|
|
|
|
|
|
// FIXME: misc_conv is a separate library, should stick to plain PAM
|
|
|
|
static struct pam_conv conv = {misc_conv, NULL};
|
|
|
|
|
|
|
|
int main (int argc, char *argv[])
|
|
|
|
{
|
|
|
|
// FIXME: change the default program to execute SHELL
|
|
|
|
if (argc < 2) {
|
|
|
|
usage();
|
|
|
|
exit(1);
|
|
|
|
}
|
|
|
|
|
|
|
|
uid_t ruid = getuid();
|
|
|
|
// gid_t rgid = getgid();
|
|
|
|
struct passwd *pw = getpwuid(ruid);
|
|
|
|
if (!pw) {
|
|
|
|
fprintf(stderr, "getpwid: %s\n", strerror(errno));
|
|
|
|
exit(errno);
|
|
|
|
}
|
|
|
|
const char *uname = pw->pw_name;
|
|
|
|
|
|
|
|
pam_handle_t *pamh;
|
|
|
|
int pam_err, count = 0;
|
|
|
|
|
|
|
|
// TODO: Add arguments
|
|
|
|
|
|
|
|
// TODO: add PAM authentication
|
|
|
|
pam_err = pam_start("User Switcher", uname, &conv, &pamh);
|
|
|
|
if (pam_err != PAM_SUCCESS) {
|
|
|
|
fprintf(stderr, "pam_start: %s\n", pam_strerror(pamh, pam_err));
|
|
|
|
exit(pam_err);
|
|
|
|
}
|
|
|
|
|
|
|
|
do {
|
|
|
|
pam_err = pam_authenticate(pamh, 0);
|
|
|
|
if (pam_err != PAM_SUCCESS)
|
|
|
|
printf("Auth failed: %s\n", pam_strerror(pamh, pam_err));
|
|
|
|
count++;
|
|
|
|
} while (pam_err != PAM_SUCCESS && count < 4);
|
|
|
|
if (pam_err != PAM_SUCCESS) {
|
|
|
|
fprintf(stderr, "better luck next time\n");
|
|
|
|
pam_end(pamh, pam_err);
|
|
|
|
exit(pam_err);
|
|
|
|
}
|
|
|
|
// FIXME: check again for the validity of the login for more security
|
|
|
|
// as in: https://docs.oracle.com/cd/E19120-01/open.solaris/819-2145/pam-20/index.html
|
|
|
|
// FIXME: ^C [SIGINT] will interrupt this call possibly causing a
|
|
|
|
// vulnerability
|
|
|
|
|
|
|
|
pam_end(pamh, pam_err);
|
|
|
|
// TODO: clean up env
|
|
|
|
|
|
|
|
// Copy argv and argc
|
|
|
|
int c_argc = argc - 1;
|
|
|
|
char **c_argv = malloc((c_argc + 1) * sizeof(char *));
|
|
|
|
if (!c_argv) {
|
|
|
|
fprintf(stderr, "malloc: %s\n", strerror(errno));
|
|
|
|
goto fail_end;
|
|
|
|
}
|
|
|
|
for (int i = 0; i < c_argc; i++)
|
|
|
|
c_argv[i] = strdup(argv[i+1]);
|
|
|
|
c_argc[c_argv] = NULL;
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
/* Set permissions */
|
|
|
|
if (perm_set(NULL, NULL) == -1) { // 0 = root
|
|
|
|
fprintf(stderr, "perm_set: %s\n", strerror(errno));
|
|
|
|
goto fail_end;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Execute the command */
|
|
|
|
if (execvp(*c_argv, c_argv) == -1) // execvp searches in path
|
|
|
|
fprintf(stderr, "execv: %s\n", strerror(errno));
|
|
|
|
|
|
|
|
|
|
|
|
/* We may no longer have permission to reset the permissions
|
|
|
|
// If exec fails reset the permissions
|
|
|
|
if (perm_set(pw->pw_name, NULL) == -1) { // 0 = root
|
|
|
|
fprintf(stderr, "perm_set: %s\n", strerror(errno));
|
|
|
|
goto fail_end;
|
|
|
|
} */
|
|
|
|
|
|
|
|
/* Cleanup and return */
|
|
|
|
fail_end:
|
|
|
|
|
|
|
|
/* Free up the copied argv */
|
|
|
|
for (int i = 0; i < c_argc; i++)
|
|
|
|
free(c_argv[i]);
|
|
|
|
free(c_argv);
|
|
|
|
return errno;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void usage (void)
|
|
|
|
{
|
|
|
|
// TODO: planned options
|
|
|
|
// -a [program]: like sudo's askpass
|
|
|
|
// -u [user]: change the default user from root to user
|
|
|
|
// -g [group]: change the primary group to [gorup]
|
|
|
|
// both -a and -g will accept numbers with #[num] like sudo
|
|
|
|
// -c [file]: manually select config file
|
|
|
|
// something about environment
|
|
|
|
// something about non interactiveness
|
|
|
|
printf("usage: us [command]\n");
|
|
|
|
}
|
|
|
|
|
|
|
|
static int perm_set (const char *user, const char *group)
|
|
|
|
{
|
|
|
|
if (!user)
|
|
|
|
user = "root";
|
|
|
|
|
|
|
|
struct passwd *pw;
|
|
|
|
struct group *gr;
|
|
|
|
uid_t uid;
|
|
|
|
gid_t gid;
|
|
|
|
long uid_l, gid_l;
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
if (user[0] != '#') {
|
|
|
|
pw = getpwnam(user);
|
|
|
|
} else {
|
|
|
|
uid_l = strtol(&user[1], NULL, 10);
|
|
|
|
if (uid_l < 0 || errno) {
|
|
|
|
errno = errno ? errno : EINVAL;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
pw = getpwuid((uid_t)uid_l);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!pw) {
|
|
|
|
if (!errno)
|
|
|
|
errno = EINVAL;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
uid = pw->pw_uid;
|
|
|
|
gid = pw->pw_gid;
|
|
|
|
|
|
|
|
if (group) {
|
|
|
|
if (group[0] != '#') {
|
|
|
|
gr = getgrnam(group);
|
|
|
|
} else {
|
|
|
|
gid_l = strtol(&group[1], NULL, 10);
|
|
|
|
if (gid_l < 0 || errno) {
|
|
|
|
errno = errno ? errno : EINVAL;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
gr = getgrgid((gid_t)gid_l);
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!gr) {
|
|
|
|
if (!errno)
|
|
|
|
errno = EINVAL;
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
gid = gr->gr_gid;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Set permissions, setting group perms first because in the case of
|
|
|
|
* dropping from higher permissions setting the uid first results in
|
|
|
|
* an error */
|
|
|
|
int err;
|
|
|
|
/* Non POSIX but implemented in most systems anyways */
|
|
|
|
err = initgroups(pw->pw_name, pw->pw_gid);
|
|
|
|
if (err == -1) {
|
|
|
|
printf("initgroups failed\n");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
// FIXME: ideally when failing reset the permissions
|
|
|
|
if (setregid(gid, gid) == -1) {
|
|
|
|
printf("setregid failed\n");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (setreuid(uid, uid) == -1) {
|
|
|
|
printf("setreuid failed\n");
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|