FWD » Core Development » User Interface

#include <sys/types.h>

#include <unistd.h>

#include <sys/wait.h>

#include <string.h>

#include <pwd.h>

#include <shadow.h>

#include <signal.h>

#include <grp.h>

#include <errno.h>

#include <stdio.h>

#include <stdlib.h>

#define _GNU_SOURCE

#include <crypt.h>

//link option: -lm -lcrypt

/** Global data */

struct passwd *pw;

struct spwd *sp;

/**

* Execute a command on a specified user environment.

* A child process is created via fork().

* The child process uid is set to the new user uid.

* The environment is also set for the new user.

*

* @param   command

*          Command to execute

* @param   args

*          Command arguments.

* @return  child_status

*          Child status on exit.

*/

int spawn(char* command, char* args)

{

    int child_pid, child_status;

    child_pid = fork();

    if (child_pid == 0)

    {

        if (setgid(pw->pw_gid) < 0 || getgid() != pw->pw_gid || getegid() != pw->pw_gid)

            perror("Could not setgid");

        if (setuid(pw->pw_uid) < 0 || getuid() != pw->pw_uid || geteuid() != pw->pw_uid)

            perror("Could not setuid");

        char* path = strdup(getenv("PATH"));

        setenv("HOME",pw->pw_dir,1);

        setenv("USER",pw->pw_name,1);

        setenv("LOGNAME",pw->pw_name,1);

        setenv("LOGIN",pw->pw_name,1); /*< Historical; only strictly needed on AIX */

        setenv("SHELL", pw->pw_shell[0] ? pw->pw_shell : "/bin/sh",1);

        setenv("PATH",path,1);

        free(path);

        if (chdir(getenv("HOME")) < 0)

            perror("chdir($HOME)");

        execlp(command, args, (char*)0);

        //perror("execlp()");

        _exit(10);

    }

    else if(child_pid < 0)

    {

        _exit(-1);

    }

    else

    {

        // wait for child to exit

        wait(&child_status);

    }

    return child_status;

}

/**

* Get user informations including uid and password.

* Check if the password match if the user exists

*

* @param   username

*          User name.

* @param   password

*          Use password.

* @return  0 - success.

*          1 - user does not exists

*          2 - password doe not match.

*/

int check_user (const char *username, const char *password)

{

    char *encrypted, *correct;

    pw = getpwnam(username);

    endpwent();

    if (!pw) return 1; //user doesn't really exist

    sp = getspnam(pw->pw_name);

    endspent();

    correct = sp ? sp->sp_pwdp : pw->pw_passwd;

    encrypted = crypt(password, correct);

    return strcmp(encrypted, correct) ? 2 : 0;  // bad pw=2, success=0

}

/**

* Main function.

*

* @param   argc

*          Number of command line arguments.

* @param   argv

*          Command line arguments.

*

* @return  Exit status

*/

int main(int argc, char *argv[]){

    int r, i;

    char args[1024] = "";

    if(argc < 4)

    {

        printf("Usage: spawn <usr> <psw> <command> [args]\n");

        exit(1);

    }

    // build arguments

    for(i=3;i< argc;i++)

    {

        strcat(args, argv[i]);

        if(i < argc-1)

            strcat(args, " ");

    }

    if(getuid() != 0 || geteuid() != 0)

    {

        printf("Must run as root.\n");

        exit(0);

    }

    r = check_user(argv[1],argv[2]);

    switch(r)

    {

        case 0:

            printf("OK UID=%d.\n", pw->pw_uid);

            r = spawn(argv[3], args);

            break;

        case 1:

            printf("Inavlid username.\n");

            break;

        case 2:

            printf("Inavlid password.\n");

            break;

    }

    printf("Exit status %d.\n", r);

    _exit(r);

}