2 * The modules contains code to support cray t3e and sv1 computers.
3 * It is here to minimize the modifcations to the openssh base code.
11 #include <sys/category.h>
16 #include <sys/secparm.h>
19 #include <sys/sectab.h>
28 char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */
33 void cray_retain_utmp(struct utmp *, int);
34 void cray_create_tmpdir(int, uid_t, gid_t);
35 void cray_delete_tmpdir(char *, int , uid_t);
36 void cray_job_termination_handler (int);
37 void cray_init_job(struct passwd *);
38 void cray_set_tmpdir(struct utmp *);
44 * San Diego Supercomputer Center
48 cray_setup(uid_t uid, char *username)
51 extern char *setlimits();
61 if ((jid = getjtab (&jbuf)) < 0) fatal("getjtab: no jid");
63 err = setudb(); /* open and rewind the Cray User DataBase */
64 if(err != 0) fatal("UDB open failure");
66 p = getudbnam(username);
67 if (p == NULL) fatal("No UDB entry for %s", username);
69 fatal("UDB etnry %s uid(%d) does not match uid %d\n",
70 username, p->ue_uid, uid);
71 for(j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) {
72 accts[naccts] = p->ue_acids[j];
75 endudb(); /* close the udb */
78 /* Perhaps someday we'll prompt users who have multiple accounts
79 to let them pick one (like CRI's login does), but for now just set
80 the account to the first entry. */
81 if (acctid(0, accts[0]) < 0)
82 fatal("System call acctid failed, accts[0]=%d",accts[0]);
85 /* Now set limits, including CPU time for the (interactive) job and process,
86 and set up permissions (for chown etc), etc. This is via an internal CRI
87 routine, setlimits, used by CRI's login. */
90 sr = setlimits(username, C_PROC, pid, UDBRC_INTER);
91 if (sr != NULL) fatal("%.200s", sr);
93 sr = setlimits(username, C_JOB, jid, UDBRC_INTER);
94 if (sr != NULL) fatal("%.200s", sr);
100 * The rc.* and /etc/sdaemon methods of starting a program on unicos/unicosmk
101 * can have pal privileges that sshd can inherit which
102 * could allow a user to su to root with out a password.
103 * This subroutine clears all privileges.
108 #if defined(_SC_CRAY_PRIV_SU)
109 priv_proc_t* privstate;
111 extern int priv_set_proc();
112 extern priv_proc_t* priv_init_proc();
116 * If ether of theses two flags are not set
117 * then don't allow this version of ssh to run.
119 if (!sysconf(_SC_CRAY_PRIV_SU)) fatal("Not PRIV_SU system.");
120 if (!sysconf(_SC_CRAY_POSIX_PRIV)) fatal("Not POSIX_PRIV.");
122 debug ("Dropping privileges.");
124 memset(&usrv, 0, sizeof(usrv));
125 if (setusrv(&usrv) < 0)
126 fatal ("%s(%d): setusrv(): %s\n", __FILE__, __LINE__, strerror(errno));
128 if ((privstate = priv_init_proc()) != NULL) {
129 result = priv_set_proc(privstate);
130 if ( result != 0 ) fatal ("%s(%d): priv_set_proc(): %s\n",
131 __FILE__, __LINE__, strerror(errno));
132 priv_free_proc(privstate);
134 debug ("Privileges should be cleared...");
136 Cray systems must be run with _SC_CRAY_PRIV_SU on!
142 * Retain utmp/wtmp information - used by cray accounting.
145 cray_retain_utmp(struct utmp *ut, int pid)
150 if ((fd = open(UTMP_FILE, O_RDONLY)) >= 0) {
151 while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) {
152 if (pid == utmp.ut_pid) {
153 ut->ut_jid = utmp.ut_jid;
154 strncpy(ut->ut_tpath, utmp.ut_tpath, TPATHSIZ);
155 strncpy(ut->ut_host, utmp.ut_host, strlen(utmp.ut_host));
156 strncpy(ut->ut_name, utmp.ut_name, strlen(utmp.ut_name));
169 * find and delete jobs tmpdir.
172 cray_delete_tmpdir(char *login, int jid, uid_t uid)
175 static char jtmp[TPATHSIZ];
180 for (c = 'a'; c <= 'z'; c++) {
181 snprintf(jtmp, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
182 if (stat(jtmp, &statbuf) == 0 && statbuf.st_uid == uid) break;
187 if ((child = fork()) == 0) {
188 execl(CLEANTMPCMD, CLEANTMPCMD, login, jtmp, 0);
189 fatal("ssh_cray_rmtmpdir: execl of CLEANTMPCMD failed");
192 while (waitpid (child, &wstat, 0) == -1 && errno == EINTR);
196 * Remove tmpdir on job termination.
199 cray_job_termination_handler (int sig)
205 debug("Received SIG JOB.");
207 if ((jid = waitjob(&jtab)) == -1 ||
208 (login = uid2nam(jtab.j_uid)) == NULL) return;
210 cray_delete_tmpdir(login, jid, jtab.j_uid);
215 * Set job id and create tmpdir directory.
218 cray_init_job(struct passwd *pw)
223 jid = setjob(pw->pw_uid, WJSIGNAL);
224 if (jid < 0) fatal("System call setjob failure");
226 for (c = 'a'; c <= 'z'; c++) {
227 snprintf(cray_tmpdir, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
228 if (mkdir(cray_tmpdir, JTMPMODE) != 0) continue;
229 if (chown(cray_tmpdir, pw->pw_uid, pw->pw_gid) != 0) {
236 if (c > 'z') cray_tmpdir[0] = '\0';
240 cray_set_tmpdir(struct utmp *ut)
245 if ((jid = getjtab (&jbuf)) < 0) return;
248 * Set jid and tmpdir in utmp record.
251 strncpy(ut->ut_tpath, cray_tmpdir, TPATHSIZ);