6 * The modules contains code to support cray t3e and sv1 computers.
7 * It is here to minimize the modifcations to the openssh base code.
15 #include <sys/category.h>
20 #include <sys/secparm.h>
23 #include <sys/sectab.h>
32 char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */
37 void cray_retain_utmp(struct utmp *, int);
38 void cray_delete_tmpdir(char *, int, uid_t);
39 void cray_init_job(struct passwd *);
40 void cray_set_tmpdir(struct utmp *);
46 * San Diego Supercomputer Center
50 cray_setup(uid_t uid, char *username)
53 extern char *setlimits();
63 if ((jid = getjtab(&jbuf)) < 0)
64 fatal("getjtab: no jid");
66 err = setudb(); /* open and rewind the Cray User DataBase */
68 fatal("UDB open failure");
70 p = getudbnam(username);
72 fatal("No UDB entry for %.100s", username);
74 fatal("UDB entry %.100s uid(%d) does not match uid %d",
75 username, (int) p->ue_uid, (int) uid);
76 for (j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) {
77 accts[naccts] = p->ue_acids[j];
80 endudb(); /* close the udb */
83 /* Perhaps someday we'll prompt users who have multiple accounts
84 to let them pick one (like CRI's login does), but for now just set
85 the account to the first entry. */
86 if (acctid(0, accts[0]) < 0)
87 fatal("System call acctid failed, accts[0]=%d", accts[0]);
90 /* Now set limits, including CPU time for the (interactive) job and process,
91 and set up permissions (for chown etc), etc. This is via an internal CRI
92 routine, setlimits, used by CRI's login. */
95 sr = setlimits(username, C_PROC, pid, UDBRC_INTER);
99 sr = setlimits(username, C_JOB, jid, UDBRC_INTER);
106 * The rc.* and /etc/sdaemon methods of starting a program on unicos/unicosmk
107 * can have pal privileges that sshd can inherit which
108 * could allow a user to su to root with out a password.
109 * This subroutine clears all privileges.
114 #if defined(_SC_CRAY_PRIV_SU)
115 priv_proc_t* privstate;
117 extern int priv_set_proc();
118 extern priv_proc_t* priv_init_proc();
122 * If ether of theses two flags are not set
123 * then don't allow this version of ssh to run.
125 if (!sysconf(_SC_CRAY_PRIV_SU))
126 fatal("Not PRIV_SU system.");
127 if (!sysconf(_SC_CRAY_POSIX_PRIV))
128 fatal("Not POSIX_PRIV.");
130 debug("Dropping privileges.");
132 memset(&usrv, 0, sizeof(usrv));
133 if (setusrv(&usrv) < 0)
134 fatal("%s(%d): setusrv(): %s", __FILE__, __LINE__,
137 if ((privstate = priv_init_proc()) != NULL) {
138 result = priv_set_proc(privstate);
140 fatal("%s(%d): priv_set_proc(): %s",
141 __FILE__, __LINE__, strerror(errno));
142 priv_free_proc(privstate);
144 debug ("Privileges should be cleared...");
146 /* XXX: do this differently */
147 # error Cray systems must be run with _SC_CRAY_PRIV_SU on!
153 * Retain utmp/wtmp information - used by cray accounting.
156 cray_retain_utmp(struct utmp *ut, int pid)
161 if ((fd = open(UTMP_FILE, O_RDONLY)) != -1) {
162 while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) {
163 if (pid == utmp.ut_pid) {
164 ut->ut_jid = utmp.ut_jid;
165 /* XXX: MIN_SIZEOF here? can this go in loginrec? */
166 strncpy(ut->ut_tpath, utmp.ut_tpath, sizeof(utmp.ut_tpath));
167 strncpy(ut->ut_host, utmp.ut_host, sizeof(utmp.ut_host));
168 strncpy(ut->ut_name, utmp.ut_name, sizeof(utmp.ut_name));
174 /* XXX: error message? */
182 * find and delete jobs tmpdir.
185 cray_delete_tmpdir(char *login, int jid, uid_t uid)
188 static char jtmp[TPATHSIZ];
193 for (c = 'a'; c <= 'z'; c++) {
194 snprintf(jtmp, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
195 if (stat(jtmp, &statbuf) == 0 && statbuf.st_uid == uid)
202 if ((child = fork()) == 0) {
203 execl(CLEANTMPCMD, CLEANTMPCMD, login, jtmp, (char *)NULL);
204 fatal("cray_delete_tmpdir: execl of CLEANTMPCMD failed");
207 while (waitpid(child, &wstat, 0) == -1 && errno == EINTR)
212 * Remove tmpdir on job termination.
215 cray_job_termination_handler(int sig)
221 debug("Received SIG JOB.");
223 if ((jid = waitjob(&jtab)) == -1 ||
224 (login = uid2nam(jtab.j_uid)) == NULL)
227 cray_delete_tmpdir(login, jid, jtab.j_uid);
231 * Set job id and create tmpdir directory.
234 cray_init_job(struct passwd *pw)
239 jid = setjob(pw->pw_uid, WJSIGNAL);
241 fatal("System call setjob failure");
243 for (c = 'a'; c <= 'z'; c++) {
244 snprintf(cray_tmpdir, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
245 if (mkdir(cray_tmpdir, JTMPMODE) != 0)
247 if (chown(cray_tmpdir, pw->pw_uid, pw->pw_gid) != 0) {
255 cray_tmpdir[0] = '\0';
259 cray_set_tmpdir(struct utmp *ut)
264 if ((jid = getjtab(&jbuf)) < 0)
268 * Set jid and tmpdir in utmp record.
271 strncpy(ut->ut_tpath, cray_tmpdir, TPATHSIZ);