X-Git-Url: https://git.armaanb.net/?a=blobdiff_plain;f=doas.c;h=ac3a42a3a171cd96680ed34446278f3dc1f8d473;hb=9474e418d2184e86408f0dce09ca250e36138672;hp=cbc365796d4e75373fae457b08b20930bfca5074;hpb=74449f015ff7a72300be5a27680d2c70af309328;p=opendoas.git

diff --git a/doas.c b/doas.c
index cbc3657..ac3a42a 100644
--- a/doas.c
+++ b/doas.c
@@ -15,11 +15,16 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+#include "config.h"
+
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 
 #include <limits.h>
+#ifdef HAVE_LOGIN_CAP_H
+#include <login_cap.h>
+#endif
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -31,7 +36,7 @@
 #include <errno.h>
 #include <fcntl.h>
 
-#include "includes.h"
+#include "openbsd.h"
 #include "doas.h"
 
 static void __dead
@@ -134,7 +139,7 @@ static int
 permit(uid_t uid, gid_t *groups, int ngroups, const struct rule **lastr,
     uid_t target, const char *cmd, const char **cmdargs)
 {
-	int i;
+	size_t i;
 
 	*lastr = NULL;
 	for (i = 0; i < nrules; i++) {
@@ -205,6 +210,8 @@ mygetpwuid_r(uid_t uid, struct passwd *pwd, struct passwd **result)
 	static long pwsz = 0;
 	size_t buflen;
 
+	*result = NULL;
+
 	if (pwsz == 0)
 		pwsz = sysconf(_SC_GETPW_R_SIZE_MAX);
 
@@ -323,7 +330,7 @@ main(int argc, char **argv)
 	if (geteuid())
 		errx(1, "not installed setuid");
 
-	parseconfig("/etc/doas.conf", 1);
+	parseconfig(DOAS_CONF, 1);
 
 	/* cmdline is used only for logging, no need to abort on truncate */
 	(void)strlcpy(cmdline, argv[0], sizeof(cmdline));
@@ -338,14 +345,14 @@ main(int argc, char **argv)
 	if (!permit(uid, groups, ngroups, &rule, target, cmd,
 	    (const char **)argv + 1)) {
 		syslog(LOG_AUTHPRIV | LOG_NOTICE,
-		    "failed command for %s: %s", mypw->pw_name, cmdline);
+		    "command not permitted for %s: %s", mypw->pw_name, cmdline);
 		errc(1, EPERM, NULL);
 	}
 
 #if defined(USE_SHADOW)
 	if (!(rule->options & NOPASS)) {
 		if (nflag)
-			errx(1, "Authorization required");
+			errx(1, "Authentication required");
 
 		shadowauth(mypw->pw_name, rule->options & PERSIST);
 	}
@@ -353,7 +360,7 @@ main(int argc, char **argv)
 	/* no authentication provider, only allow NOPASS rules */
 	(void) nflag;
 	if (!(rule->options & NOPASS))
-		errx(1, "Authorization required");
+		errx(1, "Authentication required");
 #endif
 
 	if ((p = getenv("PATH")) != NULL)
@@ -377,20 +384,33 @@ main(int argc, char **argv)
 	    rule->options & PERSIST);
 #endif
 
+#ifdef HAVE_LOGIN_CAP_H
+	if (setusercontext(NULL, targpw, target, LOGIN_SETGROUP |
+	    LOGIN_SETPATH |
+	    LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
+	    LOGIN_SETUSER) != 0)
+		errx(1, "failed to set user context for target");
+#else
 	if (setresgid(targpw->pw_gid, targpw->pw_gid, targpw->pw_gid) != 0)
 		err(1, "setresgid");
 	if (initgroups(targpw->pw_name, targpw->pw_gid) != 0)
 		err(1, "initgroups");
 	if (setresuid(target, target, target) != 0)
 		err(1, "setresuid");
+	if (setenv("PATH", safepath, 1) == -1)
+		err(1, "failed to set PATH '%s'", safepath);
+#endif
 
 	if (getcwd(cwdpath, sizeof(cwdpath)) == NULL)
 		cwd = "(failed)";
 	else
 		cwd = cwdpath;
 
-	syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s",
-	    mypw->pw_name, cmdline, targpw->pw_name, cwd);
+	if (!(rule->options & NOLOG)) {
+		syslog(LOG_AUTHPRIV | LOG_INFO,
+		    "%s ran command %s as %s from %s",
+		    mypw->pw_name, cmdline, targpw->pw_name, cwd);
+	}
 
 	envp = prepenv(rule, mypw, targpw);