diff options
-rw-r--r-- | data/_coreutils/_metadata/version | 2 | ||||
-rw-r--r-- | data/_coreutils/coreutils-8.30.tar.xz | bin | 0 -> 5359532 bytes | |||
-rw-r--r-- | data/_coreutils/su.diff | 556 |
3 files changed, 557 insertions, 1 deletions
diff --git a/data/_coreutils/_metadata/version b/data/_coreutils/_metadata/version index 37722ebbc..b0aabe1d7 100644 --- a/data/_coreutils/_metadata/version +++ b/data/_coreutils/_metadata/version @@ -1 +1 @@ -7.4 +8.30 diff --git a/data/_coreutils/coreutils-8.30.tar.xz b/data/_coreutils/coreutils-8.30.tar.xz Binary files differnew file mode 100644 index 000000000..0ea8f879e --- /dev/null +++ b/data/_coreutils/coreutils-8.30.tar.xz diff --git a/data/_coreutils/su.diff b/data/_coreutils/su.diff new file mode 100644 index 000000000..4aaaadb2d --- /dev/null +++ b/data/_coreutils/su.diff @@ -0,0 +1,556 @@ +diff -uNr coreutils-8.30/build-aux/gen-lists-of-programs.sh coreutils-8.30+iPhone/build-aux/gen-lists-of-programs.sh +--- coreutils-8.30/build-aux/gen-lists-of-programs.sh 2017-04-30 19:00:58.000000000 -1000 ++++ coreutils-8.30+iPhone/build-aux/gen-lists-of-programs.sh 2018-08-02 23:08:50.000000000 -1000 +@@ -49,6 +49,7 @@ + cat + chcon + chgrp ++ su + chmod + chown + cksum +diff -uNr coreutils-8.30/src/local.mk coreutils-8.30+iPhone/src/local.mk +--- coreutils-8.30/src/local.mk 2018-06-24 14:43:17.000000000 -1000 ++++ coreutils-8.30+iPhone/src/local.mk 2018-08-02 23:08:01.000000000 -1000 +@@ -101,6 +101,7 @@ + src_cat_LDADD = $(LDADD) + src_chcon_LDADD = $(LDADD) + src_chgrp_LDADD = $(LDADD) ++src_su_LDADD = $(LDADD) + src_chmod_LDADD = $(LDADD) + src_chown_LDADD = $(LDADD) + src_chroot_LDADD = $(LDADD) +@@ -364,6 +365,7 @@ + src/relpath.c src/relpath.h + src_chown_SOURCES = src/chown.c src/chown-core.c + src_chgrp_SOURCES = src/chgrp.c src/chown-core.c ++src_su_SOURCES = src/su.c + src_kill_SOURCES = src/kill.c src/operand2sig.c + src_realpath_SOURCES = src/realpath.c src/relpath.c src/relpath.h + src_timeout_SOURCES = src/timeout.c src/operand2sig.c +diff -uNr coreutils-8.30/src/su.c coreutils-8.30+iPhone/src/su.c +--- coreutils-8.30/src/su.c 1969-12-31 14:00:00.000000000 -1000 ++++ coreutils-8.30+iPhone/src/su.c 2018-08-02 23:05:53.000000000 -1000 +@@ -0,0 +1,522 @@ ++/* su for GNU. Run a shell with substitute user and group IDs. ++ Copyright (C) 1992-2006, 2008 Free Software Foundation, Inc. ++ ++ This program is free software: you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation, either version 3 of the License, or ++ (at your option) any later version. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program. If not, see <http://www.gnu.org/licenses/>. */ ++ ++/* Run a shell with the real and effective UID and GID and groups ++ of USER, default `root'. ++ ++ The shell run is taken from USER's password entry, /bin/sh if ++ none is specified there. If the account has a password, su ++ prompts for a password unless run by a user with real UID 0. ++ ++ Does not change the current directory. ++ Sets `HOME' and `SHELL' from the password entry for USER, and if ++ USER is not root, sets `USER' and `LOGNAME' to USER. ++ The subshell is not a login shell. ++ ++ If one or more ARGs are given, they are passed as additional ++ arguments to the subshell. ++ ++ Does not handle /bin/sh or other shells specially ++ (setting argv[0] to "-su", passing -c only to certain shells, etc.). ++ I don't see the point in doing that, and it's ugly. ++ ++ This program intentionally does not support a "wheel group" that ++ restricts who can su to UID 0 accounts. RMS considers that to ++ be fascist. ++ ++ Compile-time options: ++ -DSYSLOG_SUCCESS Log successful su's (by default, to root) with syslog. ++ -DSYSLOG_FAILURE Log failed su's (by default, to root) with syslog. ++ ++ -DSYSLOG_NON_ROOT Log all su's, not just those to root (UID 0). ++ Never logs attempted su's to nonexistent accounts. ++ ++ Written by David MacKenzie <djm@gnu.ai.mit.edu>. */ ++ ++#include <config.h> ++#include <stdio.h> ++#include <getopt.h> ++#include <sys/types.h> ++#include <pwd.h> ++#include <grp.h> ++ ++/* Hide any system prototype for getusershell. ++ This is necessary because some Cray systems have a conflicting ++ prototype (returning `int') in <unistd.h>. */ ++#define getusershell _getusershell_sys_proto_ ++ ++#include "system.h" ++#include "getpass.h" ++ ++#undef getusershell ++ ++#if HAVE_SYSLOG_H && HAVE_SYSLOG ++# include <syslog.h> ++#else ++# undef SYSLOG_SUCCESS ++# undef SYSLOG_FAILURE ++# undef SYSLOG_NON_ROOT ++#endif ++ ++#if HAVE_SYS_PARAM_H ++# include <sys/param.h> ++#endif ++ ++#ifndef HAVE_ENDGRENT ++# define endgrent() ((void) 0) ++#endif ++ ++#ifndef HAVE_ENDPWENT ++# define endpwent() ((void) 0) ++#endif ++ ++#if HAVE_SHADOW_H ++# include <shadow.h> ++#endif ++ ++#include "error.h" ++ ++/* The official name of this program (e.g., no `g' prefix). */ ++#define PROGRAM_NAME "su" ++ ++#define AUTHORS proper_name ("David MacKenzie") ++ ++#if HAVE_PATHS_H ++# include <paths.h> ++#endif ++ ++/* The default PATH for simulated logins to non-superuser accounts. */ ++#ifdef _PATH_DEFPATH ++# define DEFAULT_LOGIN_PATH _PATH_DEFPATH ++#else ++# define DEFAULT_LOGIN_PATH ":/usr/ucb:/bin:/usr/bin" ++#endif ++ ++/* The default PATH for simulated logins to superuser accounts. */ ++#ifdef _PATH_DEFPATH_ROOT ++# define DEFAULT_ROOT_LOGIN_PATH _PATH_DEFPATH_ROOT ++#else ++# define DEFAULT_ROOT_LOGIN_PATH "/usr/ucb:/bin:/usr/bin:/etc" ++#endif ++ ++/* The shell to run if none is given in the user's passwd entry. */ ++#define DEFAULT_SHELL "/bin/sh" ++ ++/* The user to become if none is specified. */ ++#define DEFAULT_USER "root" ++ ++char *crypt (char const *key, char const *salt); ++char *getusershell (void); ++void endusershell (void); ++void setusershell (void); ++ ++extern char **environ; ++ ++static void run_shell (char const *, char const *, char **, size_t) ++ ATTRIBUTE_NORETURN; ++ ++/* If true, pass the `-f' option to the subshell. */ ++static bool fast_startup; ++ ++/* If true, simulate a login instead of just starting a shell. */ ++static bool simulate_login; ++ ++/* If true, change some environment vars to indicate the user su'd to. */ ++static bool change_environment; ++ ++static struct option const longopts[] = ++{ ++ {"command", required_argument, NULL, 'c'}, ++ {"fast", no_argument, NULL, 'f'}, ++ {"login", no_argument, NULL, 'l'}, ++ {"preserve-environment", no_argument, NULL, 'p'}, ++ {"shell", required_argument, NULL, 's'}, ++ {GETOPT_HELP_OPTION_DECL}, ++ {GETOPT_VERSION_OPTION_DECL}, ++ {NULL, 0, NULL, 0} ++}; ++ ++/* Add NAME=VAL to the environment, checking for out of memory errors. */ ++ ++static void ++xsetenv (char const *name, char const *val) ++{ ++ size_t namelen = strlen (name); ++ size_t vallen = strlen (val); ++ char *string = xmalloc (namelen + 1 + vallen + 1); ++ strcpy (string, name); ++ string[namelen] = '='; ++ strcpy (string + namelen + 1, val); ++ if (putenv (string) != 0) ++ xalloc_die (); ++} ++ ++#if defined SYSLOG_SUCCESS || defined SYSLOG_FAILURE ++/* Log the fact that someone has run su to the user given by PW; ++ if SUCCESSFUL is true, they gave the correct password, etc. */ ++ ++static void ++log_su (struct passwd const *pw, bool successful) ++{ ++ const char *new_user, *old_user, *tty; ++ ++# ifndef SYSLOG_NON_ROOT ++ if (pw->pw_uid) ++ return; ++# endif ++ new_user = pw->pw_name; ++ /* The utmp entry (via getlogin) is probably the best way to identify ++ the user, especially if someone su's from a su-shell. */ ++ old_user = getlogin (); ++ if (!old_user) ++ { ++ /* getlogin can fail -- usually due to lack of utmp entry. ++ Resort to getpwuid. */ ++ struct passwd *pwd = getpwuid (getuid ()); ++ old_user = (pwd ? pwd->pw_name : ""); ++ } ++ tty = ttyname (STDERR_FILENO); ++ if (!tty) ++ tty = "none"; ++ /* 4.2BSD openlog doesn't have the third parameter. */ ++ openlog (last_component (program_name), 0 ++# ifdef LOG_AUTH ++ , LOG_AUTH ++# endif ++ ); ++ syslog (LOG_NOTICE, ++# ifdef SYSLOG_NON_ROOT ++ "%s(to %s) %s on %s", ++# else ++ "%s%s on %s", ++# endif ++ successful ? "" : "FAILED SU ", ++# ifdef SYSLOG_NON_ROOT ++ new_user, ++# endif ++ old_user, tty); ++ closelog (); ++} ++#endif ++ ++/* Ask the user for a password. ++ Return true if the user gives the correct password for entry PW, ++ false if not. Return true without asking for a password if run by UID 0 ++ or if PW has an empty password. */ ++ ++static bool ++correct_password (const struct passwd *pw) ++{ ++ char *unencrypted, *encrypted, *correct; ++#if HAVE_GETSPNAM && HAVE_STRUCT_SPWD_SP_PWDP ++ /* Shadow passwd stuff for SVR3 and maybe other systems. */ ++ struct spwd *sp = getspnam (pw->pw_name); ++ ++ endspent (); ++ if (sp) ++ correct = sp->sp_pwdp; ++ else ++#endif ++ correct = pw->pw_passwd; ++ ++ if (getuid () == 0 || !correct || correct[0] == '\0') ++ return true; ++ ++ unencrypted = getpass (_("Password:")); ++ if (!unencrypted) ++ { ++ error (0, 0, _("getpass: cannot open /dev/tty")); ++ return false; ++ } ++ encrypted = crypt (unencrypted, correct); ++ memset (unencrypted, 0, strlen (unencrypted)); ++ return STREQ (encrypted, correct); ++} ++ ++/* Update `environ' for the new shell based on PW, with SHELL being ++ the value for the SHELL environment variable. */ ++ ++static void ++modify_environment (const struct passwd *pw, const char *shell) ++{ ++ if (simulate_login) ++ { ++ /* Leave TERM unchanged. Set HOME, SHELL, USER, LOGNAME, PATH. ++ Unset all other environment variables. */ ++ char const *term = getenv ("TERM"); ++ if (term) ++ term = xstrdup (term); ++ environ = xmalloc ((6 + !!term) * sizeof (char *)); ++ environ[0] = NULL; ++ if (term) ++ xsetenv ("TERM", term); ++ xsetenv ("HOME", pw->pw_dir); ++ xsetenv ("SHELL", shell); ++ xsetenv ("USER", pw->pw_name); ++ xsetenv ("LOGNAME", pw->pw_name); ++ xsetenv ("PATH", (pw->pw_uid ++ ? DEFAULT_LOGIN_PATH ++ : DEFAULT_ROOT_LOGIN_PATH)); ++ } ++ else ++ { ++ /* Set HOME, SHELL, and if not becoming a super-user, ++ USER and LOGNAME. */ ++ if (change_environment) ++ { ++ xsetenv ("HOME", pw->pw_dir); ++ xsetenv ("SHELL", shell); ++ if (pw->pw_uid) ++ { ++ xsetenv ("USER", pw->pw_name); ++ xsetenv ("LOGNAME", pw->pw_name); ++ } ++ } ++ } ++} ++ ++/* Become the user and group(s) specified by PW. */ ++ ++static void ++change_identity (const struct passwd *pw) ++{ ++#ifdef HAVE_INITGROUPS ++ errno = 0; ++ if (initgroups (pw->pw_name, pw->pw_gid) == -1) ++ error (EXIT_FAILURE, errno, _("cannot set groups")); ++ endgrent (); ++#endif ++ if (setgid (pw->pw_gid)) ++ error (EXIT_FAILURE, errno, _("cannot set group id")); ++ if (setuid (pw->pw_uid)) ++ error (EXIT_FAILURE, errno, _("cannot set user id")); ++} ++ ++/* Run SHELL, or DEFAULT_SHELL if SHELL is empty. ++ If COMMAND is nonzero, pass it to the shell with the -c option. ++ Pass ADDITIONAL_ARGS to the shell as more arguments; there ++ are N_ADDITIONAL_ARGS extra arguments. */ ++ ++static void ++run_shell (char const *shell, char const *command, char **additional_args, ++ size_t n_additional_args) ++{ ++ size_t n_args = 1 + fast_startup + 2 * !!command + n_additional_args + 1; ++ char const **args = xnmalloc (n_args, sizeof *args); ++ size_t argno = 1; ++ ++ if (simulate_login) ++ { ++ char *arg0; ++ char *shell_basename; ++ ++ shell_basename = last_component (shell); ++ arg0 = xmalloc (strlen (shell_basename) + 2); ++ arg0[0] = '-'; ++ strcpy (arg0 + 1, shell_basename); ++ args[0] = arg0; ++ } ++ else ++ args[0] = last_component (shell); ++ if (fast_startup) ++ args[argno++] = "-f"; ++ if (command) ++ { ++ args[argno++] = "-c"; ++ args[argno++] = command; ++ } ++ memcpy (args + argno, additional_args, n_additional_args * sizeof *args); ++ args[argno + n_additional_args] = NULL; ++ execv (shell, (char **) args); ++ ++ { ++ int exit_status = (errno == ENOENT ? EXIT_ENOENT : EXIT_CANNOT_INVOKE); ++ error (0, errno, "%s", shell); ++ exit (exit_status); ++ } ++} ++ ++/* Return true if SHELL is a restricted shell (one not returned by ++ getusershell), else false, meaning it is a standard shell. */ ++ ++static bool ++restricted_shell (const char *shell) ++{ ++ char *line; ++ ++ setusershell (); ++ while ((line = getusershell ()) != NULL) ++ { ++ if (*line != '#' && STREQ (line, shell)) ++ { ++ endusershell (); ++ return false; ++ } ++ } ++ endusershell (); ++ return true; ++} ++ ++void ++usage (int status) ++{ ++ if (status != EXIT_SUCCESS) ++ fprintf (stderr, _("Try `%s --help' for more information.\n"), ++ program_name); ++ else ++ { ++ printf (_("Usage: %s [OPTION]... [-] [USER [ARG]...]\n"), program_name); ++ fputs (_("\ ++Change the effective user id and group id to that of USER.\n\ ++\n\ ++ -, -l, --login make the shell a login shell\n\ ++ -c, --command=COMMAND pass a single COMMAND to the shell with -c\n\ ++ -f, --fast pass -f to the shell (for csh or tcsh)\n\ ++ -m, --preserve-environment do not reset environment variables\n\ ++ -p same as -m\n\ ++ -s, --shell=SHELL run SHELL if /etc/shells allows it\n\ ++"), stdout); ++ fputs (HELP_OPTION_DESCRIPTION, stdout); ++ fputs (VERSION_OPTION_DESCRIPTION, stdout); ++ fputs (_("\ ++\n\ ++A mere - implies -l. If USER not given, assume root.\n\ ++"), stdout); ++ emit_bug_reporting_address (); ++ } ++ exit (status); ++} ++ ++int ++main (int argc, char **argv) ++{ ++ int optc; ++ const char *new_user = DEFAULT_USER; ++ char *command = NULL; ++ char *shell = NULL; ++ struct passwd *pw; ++ struct passwd pw_copy; ++ ++ initialize_main (&argc, &argv); ++ set_program_name (argv[0]); ++ setlocale (LC_ALL, ""); ++ bindtextdomain (PACKAGE, LOCALEDIR); ++ textdomain (PACKAGE); ++ ++ initialize_exit_failure (EXIT_FAILURE); ++ atexit (close_stdout); ++ ++ fast_startup = false; ++ simulate_login = false; ++ change_environment = true; ++ ++ while ((optc = getopt_long (argc, argv, "c:flmps:", longopts, NULL)) != -1) ++ { ++ switch (optc) ++ { ++ case 'c': ++ command = optarg; ++ break; ++ ++ case 'f': ++ fast_startup = true; ++ break; ++ ++ case 'l': ++ simulate_login = true; ++ break; ++ ++ case 'm': ++ case 'p': ++ change_environment = false; ++ break; ++ ++ case 's': ++ shell = optarg; ++ break; ++ ++ case_GETOPT_HELP_CHAR; ++ ++ case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS); ++ ++ default: ++ usage (EXIT_FAILURE); ++ } ++ } ++ ++ if (optind < argc && STREQ (argv[optind], "-")) ++ { ++ simulate_login = true; ++ ++optind; ++ } ++ if (optind < argc) ++ new_user = argv[optind++]; ++ ++ pw = getpwnam (new_user); ++ if (! (pw && pw->pw_name && pw->pw_name[0] && pw->pw_dir && pw->pw_dir[0] ++ && pw->pw_passwd)) ++ error (EXIT_FAILURE, 0, _("user %s does not exist"), new_user); ++ ++ /* Make a copy of the password information and point pw at the local ++ copy instead. Otherwise, some systems (e.g. GNU/Linux) would clobber ++ the static data through the getlogin call from log_su. ++ Also, make sure pw->pw_shell is a nonempty string. ++ It may be NULL when NEW_USER is a username that is retrieved via NIS (YP), ++ but that doesn't have a default shell listed. */ ++ pw_copy = *pw; ++ pw = &pw_copy; ++ pw->pw_name = xstrdup (pw->pw_name); ++ pw->pw_passwd = xstrdup (pw->pw_passwd); ++ pw->pw_dir = xstrdup (pw->pw_dir); ++ pw->pw_shell = xstrdup (pw->pw_shell && pw->pw_shell[0] ++ ? pw->pw_shell ++ : DEFAULT_SHELL); ++ endpwent (); ++ ++ if (!correct_password (pw)) ++ { ++#ifdef SYSLOG_FAILURE ++ log_su (pw, false); ++#endif ++ error (EXIT_FAILURE, 0, _("incorrect password")); ++ } ++#ifdef SYSLOG_SUCCESS ++ else ++ { ++ log_su (pw, true); ++ } ++#endif ++ ++ if (!shell && !change_environment) ++ shell = getenv ("SHELL"); ++ if (shell && getuid () != 0 && restricted_shell (pw->pw_shell)) ++ { ++ /* The user being su'd to has a nonstandard shell, and so is ++ probably a uucp account or has restricted access. Don't ++ compromise the account by allowing access with a standard ++ shell. */ ++ error (0, 0, _("using restricted shell %s"), pw->pw_shell); ++ shell = NULL; ++ } ++ shell = xstrdup (shell ? shell : pw->pw_shell); ++ modify_environment (pw, shell); ++ ++ change_identity (pw); ++ if (simulate_login && chdir (pw->pw_dir) != 0) ++ error (0, errno, _("warning: cannot change directory to %s"), pw->pw_dir); ++ ++ run_shell (shell, command, argv + optind, MAX (0, argc - optind)); ++} |