1 /* 2 * Copyright (c) 2006 Darren Tucker. All rights reserved. 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17 #include "includes.h" 18 19 #include <stdarg.h> 20 #include <unistd.h> 21 22 #include "log.h" 23 #include "buffer.h" 24 #include "misc.h" 25 #include "servconf.h" 26 #include "key.h" 27 #include "hostfile.h" 28 #include "auth.h" 29 #include "auth-pam.h" 30 #include "platform.h" 31 32 #include "openbsd-compat/openbsd-compat.h" 33 34 extern int use_privsep; 35 extern ServerOptions options; 36 37 void 38 platform_pre_listen(void) 39 { 40 #ifdef LINUX_OOM_ADJUST 41 /* Adjust out-of-memory killer so listening process is not killed */ 42 oom_adjust_setup(); 43 #endif 44 } 45 46 void 47 platform_pre_fork(void) 48 { 49 #ifdef USE_SOLARIS_PROCESS_CONTRACTS 50 solaris_contract_pre_fork(); 51 #endif 52 } 53 54 void 55 platform_pre_restart(void) 56 { 57 #ifdef LINUX_OOM_ADJUST 58 oom_adjust_restore(); 59 #endif 60 } 61 62 void 63 platform_post_fork_parent(pid_t child_pid) 64 { 65 #ifdef USE_SOLARIS_PROCESS_CONTRACTS 66 solaris_contract_post_fork_parent(child_pid); 67 #endif 68 } 69 70 void 71 platform_post_fork_child(void) 72 { 73 #ifdef USE_SOLARIS_PROCESS_CONTRACTS 74 solaris_contract_post_fork_child(); 75 #endif 76 #ifdef LINUX_OOM_ADJUST 77 oom_adjust_restore(); 78 #endif 79 } 80 81 /* return 1 if we are running with privilege to swap UIDs, 0 otherwise */ 82 int 83 platform_privileged_uidswap(void) 84 { 85 #ifdef HAVE_CYGWIN 86 /* uid 0 is not special on Cygwin so always try */ 87 return 1; 88 #else 89 return (getuid() == 0 || geteuid() == 0); 90 #endif 91 } 92 93 /* 94 * This gets called before switching UIDs, and is called even when sshd is 95 * not running as root. 96 */ 97 void 98 platform_setusercontext(struct passwd *pw) 99 { 100 #ifdef WITH_SELINUX 101 /* Cache selinux status for later use */ 102 (void)ssh_selinux_enabled(); 103 #endif 104 105 #ifdef USE_SOLARIS_PROJECTS 106 /* 107 * If solaris projects were detected, set the default now, unless 108 * we are using PAM in which case it is the responsibility of the 109 * PAM stack. 110 */ 111 if (!options.use_pam && (getuid() == 0 || geteuid() == 0)) 112 solaris_set_default_project(pw); 113 #endif 114 115 #if defined(HAVE_LOGIN_CAP) && defined (__bsdi__) 116 if (getuid() == 0 || geteuid() == 0) 117 setpgid(0, 0); 118 # endif 119 120 #if defined(HAVE_LOGIN_CAP) && defined(USE_PAM) 121 /* 122 * If we have both LOGIN_CAP and PAM, we want to establish creds 123 * before calling setusercontext (in session.c:do_setusercontext). 124 */ 125 if (getuid() == 0 || geteuid() == 0) { 126 if (options.use_pam) { 127 do_pam_setcred(use_privsep); 128 } 129 } 130 # endif /* USE_PAM */ 131 132 #if !defined(HAVE_LOGIN_CAP) && defined(HAVE_GETLUID) && defined(HAVE_SETLUID) 133 if (getuid() == 0 || geteuid() == 0) { 134 /* Sets login uid for accounting */ 135 if (getluid() == -1 && setluid(pw->pw_uid) == -1) 136 error("setluid: %s", strerror(errno)); 137 } 138 #endif 139 } 140 141 /* 142 * This gets called after we've established the user's groups, and is only 143 * called if sshd is running as root. 144 */ 145 void 146 platform_setusercontext_post_groups(struct passwd *pw) 147 { 148 #if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM) 149 /* 150 * PAM credentials may take the form of supplementary groups. 151 * These will have been wiped by the above initgroups() call. 152 * Reestablish them here. 153 */ 154 if (options.use_pam) { 155 do_pam_setcred(use_privsep); 156 } 157 #endif /* USE_PAM */ 158 159 #if !defined(HAVE_LOGIN_CAP) && (defined(WITH_IRIX_PROJECT) || \ 160 defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)) 161 irix_setusercontext(pw); 162 #endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ 163 164 #ifdef _AIX 165 aix_usrinfo(pw); 166 #endif /* _AIX */ 167 168 #ifdef HAVE_SETPCRED 169 /* 170 * If we have a chroot directory, we set all creds except real 171 * uid which we will need for chroot. If we don't have a 172 * chroot directory, we don't override anything. 173 */ 174 { 175 char **creds = NULL, *chroot_creds[] = 176 { "REAL_USER=root", NULL }; 177 178 if (options.chroot_directory != NULL && 179 strcasecmp(options.chroot_directory, "none") != 0) 180 creds = chroot_creds; 181 182 if (setpcred(pw->pw_name, creds) == -1) 183 fatal("Failed to set process credentials"); 184 } 185 #endif /* HAVE_SETPCRED */ 186 #ifdef WITH_SELINUX 187 ssh_selinux_setup_exec_context(pw->pw_name); 188 #endif 189 } 190 191 char * 192 platform_krb5_get_principal_name(const char *pw_name) 193 { 194 #ifdef USE_AIX_KRB_NAME 195 return aix_krb5_get_principal_name(pw_name); 196 #else 197 return NULL; 198 #endif 199 } 200 201 /* 202 * return 1 if the specified uid is a uid that may own a system directory 203 * otherwise 0. 204 */ 205 int 206 platform_sys_dir_uid(uid_t uid) 207 { 208 if (uid == 0) 209 return 1; 210 #ifdef PLATFORM_SYS_DIR_UID 211 if (uid == PLATFORM_SYS_DIR_UID) 212 return 1; 213 #endif 214 return 0; 215 } 216
