small clarifications

[opendoas.git] / doas.c

diff --git a/doas.c b/doas.c
index fb571e6db1640c9430e69cb5b861be6fb967c524..12c65302fd1fc4c04d2449f338f7a7bc834db1d7 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: doas.c,v 1.24 2015/07/26 19:14:46 tedu Exp $ */
+/* $OpenBSD: doas.c,v 1.26 2015/07/26 20:47:01 espie Exp $ */
 /*
  * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
  *
@@ -282,7 +282,7 @@ fail(void)
        exit(1);
 }
 
-static int
+static void __dead
 checkconfig(const char *confpath, int argc, char **argv,
     uid_t uid, gid_t *groups, int ngroups, uid_t target)
 {
@@ -322,8 +322,10 @@ main(int argc, char **argv, char **envp)
        int ngroups;
        int i, ch;
        int sflag = 0;
+       int nflag = 0;
 
-       while ((ch = getopt(argc, argv, "C:su:")) != -1) {
+       uid = getuid();
+       while ((ch = getopt(argc, argv, "C:nsu:")) != -1) {
                switch (ch) {
                case 'C':
                        confpath = optarg;
@@ -332,6 +334,9 @@ main(int argc, char **argv, char **envp)
                        if (parseuid(optarg, &target) != 0)
                                errx(1, "unknown user");
                        break;
+               case 'n':
+                       nflag = 1;
+                       break;
                case 's':
                        sflag = 1;
                        break;
@@ -396,6 +401,8 @@ main(int argc, char **argv, char **envp)
        }
 
        if (!(rule->options & NOPASS)) {
+               if (nflag)
+                       errx(1, "Authorization required");
                if (!auth_userokay(myname, NULL, NULL, NULL)) {
                        syslog(LOG_AUTHPRIV | LOG_NOTICE,
                            "failed password for %s", myname);