stjohn@oswego.Oswego.EDU (Dave St. John) (04/12/89)
The patch I posted previously didn't work correctly with exempt users. This
patch fixes that problem. The reason I put this into the program is that if you
have two groups of trusted people that are separate you can give them separate
privileges.
Dave St. John
---------------------------------------------------------------------------
UUCP: {your favorite backbone}!oswego!stjohn
INTERNET: stjohn@oswego.oswego.edu (129.3.1.1)
US Mail: Dave St. John
Instructional Computing Center
SUNY College at Oswego
Oswego, N.Y. 13126
Armadillo: to provide weapons to Spanish pickles
---------------------------------------------------------------------------
--------cut here----------cut here------------cut here---------------------
*** gone.c.orig Tue Apr 11 16:23:13 1989
--- gone.c Tue Apr 11 16:24:03 1989
***************
*** 109,118
register i = 1;
int intprint();
char *obuf = (char *) malloc (80L*25L);/** stdout buffer/one full screen**/
char *term = getenv("TERM"); /** Terminal type **/
char *liberator = NULL; /** Who liberated this terminal? **/
for (i = SIGHUP; i <= SIGUSR2; i++)
signal(i, intprint);
(void) signal(SIGINT, SIG_IGN);
--- 109,119 -----
register i = 1;
int intprint();
char *obuf = (char *) malloc (80L*25L);/** stdout buffer/one full screen**/
char *term = getenv("TERM"); /** Terminal type **/
char *liberator = NULL; /** Who liberated this terminal? **/
+ int wiz,exempt;
if (exemptuser())
timeouttime = 0;
while ((i <= argc-1) && (argv[i++][0] == '-')) {
***************
*** 110,119
int intprint();
char *obuf = (char *) malloc (80L*25L);/** stdout buffer/one full screen**/
char *term = getenv("TERM"); /** Terminal type **/
char *liberator = NULL; /** Who liberated this terminal? **/
for (i = SIGHUP; i <= SIGUSR2; i++)
signal(i, intprint);
(void) signal(SIGINT, SIG_IGN);
(void) signal(SIGQUIT, SIG_IGN);
--- 111,174 -----
char *obuf = (char *) malloc (80L*25L);/** stdout buffer/one full screen**/
char *term = getenv("TERM"); /** Terminal type **/
char *liberator = NULL; /** Who liberated this terminal? **/
int wiz,exempt;
+ if (exemptuser())
+ timeouttime = 0;
+
+ while ((i <= argc-1) && (argv[i++][0] == '-')) {
+ switch (argv[i-1][1]) {
+ case 'p':
+ ++pflag;
+ break;
+ #ifdef TIMEOUT
+ case 't':
+ timeouttime = atoi(argv[i++]);
+ break;
+ #endif
+ case 'd':
+ ++dflag;
+ break;
+ case 'c': { /** Change the password in the ~/.passwd file or create one **/
+ struct passwd *pwd;
+ FILE *pwdfile;
+ char path[80], *chpasswd();
+ char oldpw[12], newpw[12];
+
+ if ((pwd = getpwuid(getuid())) == NULL) {
+ printf("Intruder alert!?\n");
+ printf("Your account appears to be GONE.\n");
+ exit(1);
+ }
+ sprintf(path, "%s/.passwd", pwd->pw_dir);
+ if ((pwdfile = fopen(path, "r")) == NULL) {
+ strcpy(oldpw, "");
+ } else {
+ fscanf(pwdfile, "%s", oldpw);
+ fclose(pwdfile);
+ }
+
+ strcpy(newpw, chpasswd(oldpw));
+ sprintf(path, "%s/.passwd", pwd->pw_dir);
+ if ((pwdfile = fopen(path, "w+")) == NULL) {
+ fprintf(stderr,
+ "cannot change passwd, open of .passwd file failed.\n");
+ perror(path);
+ exit(1);
+ }
+ fprintf(pwdfile, "%s\n", newpw);
+ fclose(pwdfile);
+ exit(1);
+ }
+ default:
+ fprintf(stderr, "%s: Can\'t grok a %c\n", argv[0], argv[i-1][1]);
+ sleep (1);
+ break;
+ }
+ }
+
for (i = SIGHUP; i <= SIGUSR2; i++)
signal(i, intprint);
(void) signal(SIGINT, SIG_IGN);
(void) signal(SIGQUIT, SIG_IGN);
***************
*** 126,136
(void) signal(SIGTERM, die);
(void) signal(SIGCHLD, SIG_DFL);
#ifdef TIMEOUT
(void) signal(SIGALRM, timeout);
#endif
!
if (!isatty(0)) { /** pipes? ICK **/
fprintf(stderr,
"%s: Without a terminal? What\'s the point\?\n", argv[0]);
exit(-1);
} else if (!strcmp(term, "emacs")) { /** In emacs window **/
--- 181,192 -----
(void) signal(SIGTERM, die);
(void) signal(SIGCHLD, SIG_DFL);
#ifdef TIMEOUT
(void) signal(SIGALRM, timeout);
#endif
!
!
if (!isatty(0)) { /** pipes? ICK **/
fprintf(stderr,
"%s: Without a terminal? What\'s the point\?\n", argv[0]);
exit(-1);
} else if (!strcmp(term, "emacs")) { /** In emacs window **/
***************
*** 169,183
#ifdef UENT
muent = getuent(getuid());
#endif
- while ((i <= argc-1) && (argv[i++][0] == '-')) {
- switch (argv[i-1][1]) {
- case 'p':
- ++pflag;
- break;
#ifdef TIMEOUT
case 't':
timeouttime = atoi(argv[i++]);
break;
#endif
--- 225,234 -----
#ifdef UENT
muent = getuent(getuid());
#endif
#ifdef TIMEOUT
wiz = wizuser();
exempt = exemptuser();
if (!wiz)
if (!exempt)
***************
*** 175,187
switch (argv[i-1][1]) {
case 'p':
++pflag;
break;
#ifdef TIMEOUT
! case 't':
! timeouttime = atoi(argv[i++]);
! break;
#endif
case 'd':
++dflag;
break;
case 'c': { /** Change the password in the ~/.passwd file or create one **/
--- 226,248 -----
#ifdef UENT
muent = getuent(getuid());
#endif
#ifdef TIMEOUT
! wiz = wizuser();
! exempt = exemptuser();
! if (!wiz)
! if (!exempt)
! if (timeouttime > MAXTIMEOUT) {
! timeouttime = MAXTIMEOUT;
! fprintf(stderr, "Maximum time out is %d.\n", MAXTIMEOUT);
! fprintf(stderr, "You request has been degraded to that amount.\n");
! } else
! if (timeouttime < 1) {
! timeouttime = TIMEOUT;
! fprintf(stderr, "Timeout times must be greater and not equal to 0 minutes.\n");
! }
#endif
if (pflag && dflag)
fprintf(stderr, "%s: p option can not be specified with d.\n", argv[0]);
{
char buf[80];
***************
*** 179,240
#ifdef TIMEOUT
case 't':
timeouttime = atoi(argv[i++]);
break;
#endif
- case 'd':
- ++dflag;
- break;
- case 'c': { /** Change the password in the ~/.passwd file or create one **/
- struct passwd *pwd;
- FILE *pwdfile;
- char path[80], *chpasswd();
- char oldpw[12], newpw[12];
-
- if ((pwd = getpwuid(getuid())) == NULL) {
- printf("Intruder alert!?\n");
- printf("Your account appears to be GONE.\n");
- exit(1);
- }
- sprintf(path, "%s/.passwd", pwd->pw_dir);
- if ((pwdfile = fopen(path, "r")) == NULL) {
- strcpy(oldpw, "");
- } else {
- fscanf(pwdfile, "%s", oldpw);
- fclose(pwdfile);
- }
-
- strcpy(newpw, chpasswd(oldpw));
- sprintf(path, "%s/.passwd", pwd->pw_dir);
- if ((pwdfile = fopen(path, "w+")) == NULL) {
- fprintf(stderr,
- "cannot change passwd, open of .passwd file failed.\n");
- perror(path);
- exit(1);
- }
- fprintf(pwdfile, "%s\n", newpw);
- fclose(pwdfile);
- exit(1);
- }
- default:
- fprintf(stderr, "%s: Can\'t grok a %c\n", argv[0], argv[i-1][1]);
- sleep (1);
- break;
- }
- }
- #ifdef TIMEOUT
- if (!wizuser())
- if (timeouttime > MAXTIMEOUT) {
- timeouttime = MAXTIMEOUT;
- fprintf(stderr, "Maximum time out is %d.\n", MAXTIMEOUT);
- fprintf(stderr, "You request has been degraded to that amount.\n");
- } else
- if (timeouttime < 1) {
- timeouttime = TIMEOUT;
- fprintf(stderr, "Timeout times must be greater and not equal to 0 minutes.\n");
- }
- #endif
if (pflag && dflag)
fprintf(stderr, "%s: p option can not be specified with d.\n", argv[0]);
{
char buf[80];
--- 240,249 -----
if (timeouttime < 1) {
timeouttime = TIMEOUT;
fprintf(stderr, "Timeout times must be greater and not equal to 0 minutes.\n");
}
#endif
if (pflag && dflag)
fprintf(stderr, "%s: p option can not be specified with d.\n", argv[0]);
{
char buf[80];
***************
*** 347,357
} else {
printf("\nWelcome, %s, to this account%s.\n", liberator,
foo ? ", Oh Mighty Wizard" : "");
if (invalid)
printf("There were %d invalid before this sucessful one.\n", invalid);
! }
#ifndef dgux
restore_utmp();
#endif
--- 356,366 -----
} else {
printf("\nWelcome, %s, to this account%s.\n", liberator,
foo ? ", Oh Mighty Wizard" : "");
if (invalid)
printf("There were %d invalid before this sucessful one.\n", invalid);
! }
#ifndef dgux
restore_utmp();
#endif
***************
*** 361,371
fflush (stdout);
}
dodate ()
{
- #ifdef TIMEOUT
long foo[2];
#endif
#ifdef dgux
char *obuf = (char *) malloc(80*5);
#endif
--- 370,379 -----
fflush (stdout);
}
dodate ()
{
long foo[2];
#ifdef dgux
char *obuf = (char *) malloc(80*5);
#endif
char *tty = ttyname(0);
***************
*** 363,373
dodate ()
{
#ifdef TIMEOUT
long foo[2];
- #endif
#ifdef dgux
char *obuf = (char *) malloc(80*5);
#endif
char *tty = ttyname(0);
int count = 0, update();
--- 371,380 -----
}
dodate ()
{
long foo[2];
#ifdef dgux
char *obuf = (char *) malloc(80*5);
#endif
char *tty = ttyname(0);
int count = 0, update();
***************
*** 384,393
#ifdef dgux
setbuf(stdout, obuf);
#endif
if (timeouttime)
--timeouttime;
nice(10);
signal (SIGTERM, die);
--- 391,401 -----
#ifdef dgux
setbuf(stdout, obuf);
#endif
+ #ifdef TIMEOUT
if (timeouttime)
--timeouttime;
#endif
nice(10);
***************
*** 386,395
setbuf(stdout, obuf);
#endif
if (timeouttime)
--timeouttime;
nice(10);
signal (SIGTERM, die);
for (;;) {
if (pflag) { /* Touch the terminal every soo often */
--- 394,404 -----
#endif
#ifdef TIMEOUT
if (timeouttime)
--timeouttime;
+ #endif
nice(10);
signal (SIGTERM, die);
for (;;) {
if (pflag) { /* Touch the terminal every soo often */
***************
*** 398,408
}
if (++count > 5) {
count = 0;
do_screen();
}
!
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
/** Have to put all this in one printf for DG/UX **/
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
--- 407,418 -----
}
if (++count > 5) {
count = 0;
do_screen();
}
!
! #ifdef TIMEOUT
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
#endif
/** Have to put all this in one printf for DG/UX **/
***************
*** 401,410
do_screen();
}
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
/** Have to put all this in one printf for DG/UX **/
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
fflush (stdout); /** Moves cursor to Password: prompt **/
--- 411,421 -----
}
#ifdef TIMEOUT
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
+ #endif
/** Have to put all this in one printf for DG/UX **/
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
fflush (stdout); /** Moves cursor to Password: prompt **/
***************
*** 407,416
/** Have to put all this in one printf for DG/UX **/
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
fflush (stdout); /** Moves cursor to Password: prompt **/
sleep (60);
if (timeouttime)
--timeouttime;
}
}
die () {
--- 418,428 -----
/** Have to put all this in one printf for DG/UX **/
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
fflush (stdout); /** Moves cursor to Password: prompt **/
sleep (60);
+ #ifdef TIMEOUT
if (timeouttime)
--timeouttime;
#endif
}
}
***************
*** 409,418
fflush (stdout); /** Moves cursor to Password: prompt **/
sleep (60);
if (timeouttime)
--timeouttime;
}
}
die () {
exit (1);
}
--- 421,431 -----
fflush (stdout); /** Moves cursor to Password: prompt **/
sleep (60);
#ifdef TIMEOUT
if (timeouttime)
--timeouttime;
+ #endif
}
}
die () {
exit (1);
}
***************
*** 415,424
}
die () {
exit (1);
}
update () {
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
--- 428,438 -----
}
die () {
exit (1);
}
update () {
+ #ifdef TIMEOUT
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
#endif
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
***************
*** 417,426
exit (1);
}
update () {
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
fflush (stdout); /** Moves cursor to Password: prompt **/
signal(SIGHUP, update);
--- 431,441 -----
}
update () {
#ifdef TIMEOUT
if (timeouttime)
printf("\033[17;25HTimeout in \033[1m%d\033[0m minutes.", timeouttime);
+ #endif
printf ("\033[22;24Hload: %.2f, and %d users.\033[K\033[23;18HStarted up at %26s\033[20;37H", load(), users(), ctime(&startup_time));
fflush (stdout); /** Moves cursor to Password: prompt **/
signal(SIGHUP, update);
***************
*** 562,573
else { /* Less verbose... For terminals that can't do neat graphics.*/
#ifdef UENT
printf("This terminal has been locked by %s\n", muent.fullname);
#endif
printf("Terminal is LOCKED, RESERVED!\n");
! printf("NO TRESSPASSING. BEWARE OF DOG. NOBODY HOME.\n");
! printf("OUT TO LUNCH. TRESSPASSERS WILL BE PROSECUTED.\n");
}
fflush(stdout);
}
/** Do the crypt.
**/
--- 577,588 -----
else { /* Less verbose... For terminals that can't do neat graphics.*/
#ifdef UENT
printf("This terminal has been locked by %s\n", muent.fullname);
#endif
printf("Terminal is LOCKED, RESERVED!\n");
! printf("NO TRESPASSING. BEWARE OF DOG. NOBODY HOME.\n");
! printf("OUT TO LUNCH. TRESPASSERS WILL BE PROSECUTED.\n");
}
fflush(stdout);
}
/** Do the crypt.
**/
***************
*** 649,659
{ FILE *altpwf;
char pwf[40];
sprintf(pwf, "%s/.passwd", hisent->pw_dir);
if ((altpwf = fopen(pwf, "r")) == NULL)
! strcpy(wizusers->passwd, hisent->pw_passwd);
else {
fscanf(altpwf, "%s", wizusers->passwd);
fclose(altpwf);
}
}
--- 664,674 -----
{ FILE *altpwf;
char pwf[40];
sprintf(pwf, "%s/.passwd", hisent->pw_dir);
if ((altpwf = fopen(pwf, "r")) == NULL)
! strcpy(wizusers->passwd, hisent->pw_passwd);
else {
fscanf(altpwf, "%s", wizusers->passwd);
fclose(altpwf);
}
}
***************
*** 651,662
sprintf(pwf, "%s/.passwd", hisent->pw_dir);
if ((altpwf = fopen(pwf, "r")) == NULL)
strcpy(wizusers->passwd, hisent->pw_passwd);
else {
! fscanf(altpwf, "%s", wizusers->passwd);
! fclose(altpwf);
}
}
}
#ifdef WIZGROUP
--- 666,677 -----
sprintf(pwf, "%s/.passwd", hisent->pw_dir);
if ((altpwf = fopen(pwf, "r")) == NULL)
strcpy(wizusers->passwd, hisent->pw_passwd);
else {
! fscanf(altpwf, "%s", wizusers->passwd);
! fclose(altpwf);
}
}
}
#ifdef WIZGROUP
***************
*** 745,757
for (i = 0; gr->gr_mem[i] != NULL; i++)/* loop through each member */
if (!strcmp(gr->gr_mem[i], logname)) /* is he a valid member? */
return(1); /* user looks okay to me */
#endif
! /** Or if we are the author, then we are a wiz user **/
! if (!strcmp(logname, "lavallee"))
! return(1);
return(0); /* Not found */
}
/** Change the guys passwd from the ~/.passwd file... We return the new
--- 760,788 -----
for (i = 0; gr->gr_mem[i] != NULL; i++)/* loop through each member */
if (!strcmp(gr->gr_mem[i], logname)) /* is he a valid member? */
return(1); /* user looks okay to me */
#endif
!
! return(0); /* Not found */
! }
!
! int exemptuser()
! {
! #ifdef EXEMPTGROUP
! register i; /* index */
! char *group = EXEMPTGROUP; /* The name of the group */
! struct group *gr; /* group file entry */
! char *logname = (char *) getlogin (); /* login name of caller */
! gr = getgrnam(group); /* get id of authorized group */
!
! if (gr == NULL) return(0); /* groups does not exist */
!
! for (i = 0; gr->gr_mem[i] != NULL; i++)/* loop through each member */
! if (!strcmp(gr->gr_mem[i], logname)) /* is he a valid member? */
! return(1); /* user looks okay to me */
! #endif
return(0); /* Not found */
}
/** Change the guys passwd from the ~/.passwd file... We return the new
*** conf.h.orig Tue Apr 11 16:21:03 1989
--- conf.h Tue Apr 11 16:24:08 1989
***************
*** 15,25
** you don't have gethostname(2)
**/
/** You may undefine this if you don't want it **/
! #define WIZGROUP "wheel" /** Magic group:
* If you type in the password of someone
* in this group, you will get out.
*
* I think this is better than having a
* global password like "hasta la vista"
--- 15,25 -----
** you don't have gethostname(2)
**/
/** You may undefine this if you don't want it **/
! #define WIZGROUP "sys" /** Magic group:
* If you type in the password of someone
* in this group, you will get out.
*
* I think this is better than having a
* global password like "hasta la vista"
***************
*** 23,32
*
* I think this is better than having a
* global password like "hasta la vista"
* like some locks have.
**/
/** #define FCRYPT **/ /** define if you are useing fcrypt **/
#define __CONF__
#endif
--- 23,35 -----
*
* I think this is better than having a
* global password like "hasta la vista"
* like some locks have.
**/
+
+ #define EXEMPTGROUP "operator" /** Exempt group:
+ * if in this group TIMEOUT is not used **/
/** #define FCRYPT **/ /** define if you are useing fcrypt **/
#define __CONF__
#endif