TODO

@@ -4,13 +4,4 @@
 	* SHELL -> to the target user's SHELL
 	* HOME -> to the target user's HOME
 
-- fork before exec, that is because processes might try to kill us or the 
+- Reconsider executing programs in a subshell
-	command but since they may run under elevated privileges they will get
-	permission denied error. If we remain the parent processes, unprivileged
-	proceses can send signals to us and we will relay them to our children
-	running at the same privilege as us. This is useful when:
-		- The child command hangs and we want to cose it, kinda
-			problematic but we could run kill with us as well
-		- The parent shell dies and children need to be killed, then 
-			since one of their children (us) has higher privileges
-			they can't kill us and we would end up as zombies

us.c

@@ -36,22 +36,21 @@ static int perm_set (struct passwd *, struct group *);
 static int authenticate (const char *);
 static struct passwd* user_to_passwd (const char *);
 static struct group* group_to_grp (const char *);
-//static int execvpe(const char *, char *const *, char *const *);
 
 // FIXME: misc_conv is a separate library, should stick to plain PAM or make
 // our own pam module
 static struct pam_conv conv = {misc_conv, NULL};
 
-extern char **environ;
-
 int main (int argc, char *argv[])
 {
+	// TODO: Add arguments
+	// FIXME: change the default program to execute SHELL
 	char *t_usr = "root", *t_grp = NULL;
 	struct passwd *t_pw;
 	struct group *t_gr;
-	int opt, err;
+	int opt;
-	int shellflag = 0, envflag = 0;
+	int shellflag = 0;
-	while ((opt = getopt(argc, argv, "A:u:g:C:se")) != -1) {
+	while ((opt = getopt(argc, argv, "A:u:g:C:s")) != -1) {
 		switch (opt) {
 		case 'A':
 			printf("-A is not yet implemented\n");
@@ -70,9 +69,6 @@ int main (int argc, char *argv[])
 		case 's':
 			shellflag = 1;
 			break;
-		case 'e':
-			envflag = 1;
-			break;
 		case '?':
 			usage();
 			exit(EINVAL);
@@ -91,12 +87,6 @@ int main (int argc, char *argv[])
 	}
 	uname = my_pw->pw_name;
 
-	/* Authenticate */
-	if (authenticate(uname) != PAM_SUCCESS)
-		exit(EXIT_FAILURE);
-
-
-	/* Get target user and group info */
 	t_pw = user_to_passwd(t_usr);
 	if (!t_pw) {
 		fprintf(stderr, "user_to_passwd: %s\n", strerror(errno));
@@ -113,86 +103,28 @@ int main (int argc, char *argv[])
 		shell = "/bin/sh";
 
 	/* Set argc and argv */
-	int c_argc = argc - optind;
+	char *command = NULL;
-	char **c_argv;
+	int size, popind = optind;
-	if (c_argc) {
+	if (argc - optind) {
-		c_argv = malloc(sizeof(char *) * (c_argc + 1));
+		for (size = 0; optind < argc; optind++)
-		if (!c_argv) {
+			size += strlen(argv[optind]) + 1;
+		command = malloc(sizeof(char) * size + 1);
+		if (!command) {
 			fprintf(stderr, "malloc: %s\n", strerror(errno));
 			exit(errno);
 		}
-		for (int i = 0; optind < argc; optind++, i++) {
+		memset(command, 0, size + 1);
-			c_argv[i] = strdup(argv[optind]);
+		for (optind = popind; optind < argc; optind++) {
-			if (!c_argv[i]) {
+			strcat(command, argv[optind]);
-				fprintf(stderr, "strdup: %s\n", strerror(errno));
+			strcat(command, " ");
-				exit(errno);
-			}
-		}
-	} else {
-		c_argc = 1;
-		c_argv = malloc(sizeof(char *) * (c_argc + 1));
-		if (!c_argv) {
-			fprintf(stderr, "malloc: %s\n", strerror(errno));
-			exit(errno);
-		}
-		c_argv[0] = strdup(shell);
-		if (!c_argv[0]) {
-			fprintf(stderr, "strdup: %s\n", strerror(errno));
-			exit(errno);
 		}
 	}
-	c_argv[c_argc] = NULL;
 
-	struct env_elem {
+	/* Authenticate */
-		char *name;
+	if (authenticate(uname) != PAM_SUCCESS)
-		char *value;
+		exit(EXIT_FAILURE);
-	};
 
-	struct env_elem env_keep[] = {
+	// TODO: clean up env
-		{"PATH", NULL},
-		{"TERM", NULL},
-		{"EDITOR", NULL},
-		{"VISUAL", NULL},
-		{"DISPLAY", NULL},
-		{"XAUTHORITY", NULL},
-		{NULL, NULL}
-	};
-
-	struct env_elem env_mod[] = {
-		{"USER", t_pw->pw_name},
-		{"LOGNAME", t_pw->pw_name},
-		{"SHELL", t_pw->pw_shell},
-		{"HOME", t_pw->pw_dir},
-		{NULL, NULL}
-	};
-
-	if (envflag) {	/* clear env */
-		for (int i = 0; env_keep[i].name; i++)
-			env_keep[i].value = strdup(getenv(env_keep[i].name));
-		environ = NULL; // in place of clearenv
-	}
-
-	for (int i = 0; env_mod[i].name; i++) {
-		err = setenv(env_mod[i].name, env_mod[i].value, 1);
-		if (err == -1) {
-			fprintf(stderr, "setenv: %s\n", strerror(errno));
-			goto fail_end;
-		}	
-	}
-
-	if (envflag) {
-		for (int i = 0; env_keep[i].name; i++) {
-			if (env_keep[i].value) {
-				err = setenv(env_keep[i].name, env_keep[i].value, 1);
-				if (err == -1) {
-					fprintf(stderr, "setenv: %s\n", strerror(errno));
-					goto fail_end;
-				}
-			}	
-		}
-	}
-	// do not override, we might be under more levels of 'us'
-	err = setenv("US_USER", my_pw->pw_name, 0);
 
 	errno = 0;
 	/* Set permissions */
@@ -202,16 +134,18 @@ int main (int argc, char *argv[])
 	}
 
 	/* Execute the command */
-	err = execvp(c_argv[0], c_argv);
+	int err;
+	if (command)
+		err = execl(shell, shell, "-c", command, (char *)NULL);
+	else
+		err = execl(shell, shell, (char *)NULL);
 	if (err == -1)
 		fprintf(stderr, "execl: %s\n", strerror(errno));
 
 	/* Cleanup and return */
 	fail_end:
 	/* Free up the copied argv */
-	for (int i=0; c_argv[i]; i++)
+	free(command);
-		free(c_argv[i]);
-	free(c_argv);
 	return errno;
 }
 
@@ -225,7 +159,7 @@ static inline void usage (void)
 	// -c [file]: manually select config file
 	// something about environment
 	// something about non interactiveness
-	printf("usage: us [-se] [-u user] [-g group] command [args]\n");
+	printf("usage: us [-s] [-u user] [-g group] command [args]\n");
 }
 
 static int perm_set (struct passwd *pw, struct group *gr)
@@ -255,6 +189,7 @@ static int perm_set (struct passwd *pw, struct group *gr)
 		return -1;
 	}
 
+	// FIXME: ideally when failing reset the permissions
 	if (setregid(gid, gid) == -1) {
 		printf("setregid failed\n");
 		return -1;
@@ -272,29 +207,24 @@ static int authenticate (const char *uname)
 {
 	pam_handle_t *pamh;
 	int pam_err, count = 0;
+	pam_err = pam_start("User Switcher", uname, &conv, &pamh);
+	if (pam_err != PAM_SUCCESS) {
+		fprintf(stderr, "pam_start: %s\n", pam_strerror(pamh, pam_err));
+		return pam_err;
+	}
 
 	do {
-		pam_err = pam_start("User Switcher", uname, &conv, &pamh);
-		if (pam_err != PAM_SUCCESS) {
-			fprintf(stderr, "pam_start: %s\n", pam_strerror(pamh, pam_err));
-			return pam_err;
-		}
-
 		pam_err = pam_authenticate(pamh, 0);
-		if (pam_err == PAM_SUCCESS) {
+		if (pam_err != PAM_SUCCESS)
-			pam_err = pam_acct_mgmt(pamh, 0);
-		}
-
-		if (pam_err != PAM_SUCCESS) {
 			printf("Auth failed: %s\n", pam_strerror(pamh, pam_err));
-			pam_end(pamh, pam_err);
+		// FIXME: count gets ignored because authentication service has
-		}
+		// a set amount of retries giving an error:
-
+		// Have exhausted maximum number of retries for service
 		count++;
-	} while (pam_err != PAM_SUCCESS && count < 3);
+	} while (pam_err != PAM_SUCCESS && count < 4);
-
 	if (pam_err != PAM_SUCCESS) {
 		fprintf(stderr, "better luck next time\n");
+		pam_end(pamh, pam_err);
 		return pam_err;
 	}
 	// FIXME: check again for the validity of the login for more security