+/*
+ * XXX: license?
+ */
+
/*
* The modules contains code to support cray t3e and sv1 computers.
* It is here to minimize the modifcations to the openssh base code.
#include "bsd-cray.h"
-char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */
+char cray_tmpdir[TPATHSIZ+1]; /* job TMPDIR path */
/*
* Functions.
void cray_set_tmpdir(struct utmp *);
-/*
+/*
* Orignal written by:
* Wayne Schroeder
* San Diego Supercomputer Center
void
cray_setup(uid_t uid, char *username)
{
- struct udb *p;
+ struct udb *p;
extern char *setlimits();
- int i, j;
- int accts[MAXVIDS];
- int naccts;
- int err;
- char *sr;
- int pid;
- struct jtab jbuf;
- int jid;
-
- if ((jid = getjtab (&jbuf)) < 0) fatal("getjtab: no jid");
-
- err = setudb(); /* open and rewind the Cray User DataBase */
- if(err != 0) fatal("UDB open failure");
- naccts = 0;
+ int i, j;
+ int accts[MAXVIDS];
+ int naccts;
+ int err;
+ char *sr;
+ int pid;
+ struct jtab jbuf;
+ int jid;
+
+ if ((jid = getjtab(&jbuf)) < 0)
+ fatal("getjtab: no jid");
+
+ err = setudb(); /* open and rewind the Cray User DataBase */
+ if (err != 0)
+ fatal("UDB open failure");
+ naccts = 0;
p = getudbnam(username);
- if (p == NULL) fatal("No UDB entry for %s", username);
- if(uid != p->ue_uid)
- fatal("UDB etnry %s uid(%d) does not match uid %d\n",
- username, p->ue_uid, uid);
- for(j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) {
- accts[naccts] = p->ue_acids[j];
- naccts++;
- }
- endudb(); /* close the udb */
-
- if (naccts != 0) {
- /* Perhaps someday we'll prompt users who have multiple accounts
- to let them pick one (like CRI's login does), but for now just set
- the account to the first entry. */
- if (acctid(0, accts[0]) < 0)
- fatal("System call acctid failed, accts[0]=%d",accts[0]);
+ if (p == NULL)
+ fatal("No UDB entry for %.100s", username);
+ if (uid != p->ue_uid)
+ fatal("UDB etnry %.100s uid(%d) does not match uid %d",
+ username, p->ue_uid, uid);
+ for (j = 0; p->ue_acids[j] != -1 && j < MAXVIDS; j++) {
+ accts[naccts] = p->ue_acids[j];
+ naccts++;
+ }
+ endudb(); /* close the udb */
+
+ if (naccts != 0) {
+ /* Perhaps someday we'll prompt users who have multiple accounts
+ to let them pick one (like CRI's login does), but for now just set
+ the account to the first entry. */
+ if (acctid(0, accts[0]) < 0)
+ fatal("System call acctid failed, accts[0]=%d", accts[0]);
}
-
- /* Now set limits, including CPU time for the (interactive) job and process,
- and set up permissions (for chown etc), etc. This is via an internal CRI
- routine, setlimits, used by CRI's login. */
- pid = getpid();
- sr = setlimits(username, C_PROC, pid, UDBRC_INTER);
- if (sr != NULL) fatal("%.200s", sr);
+ /* Now set limits, including CPU time for the (interactive) job and process,
+ and set up permissions (for chown etc), etc. This is via an internal CRI
+ routine, setlimits, used by CRI's login. */
- sr = setlimits(username, C_JOB, jid, UDBRC_INTER);
- if (sr != NULL) fatal("%.200s", sr);
+ pid = getpid();
+ sr = setlimits(username, C_PROC, pid, UDBRC_INTER);
+ if (sr != NULL)
+ fatal("%.200s", sr);
-}
+ sr = setlimits(username, C_JOB, jid, UDBRC_INTER);
+ if (sr != NULL)
+ fatal("%.200s", sr);
+}
-/*
+/*
* The rc.* and /etc/sdaemon methods of starting a program on unicos/unicosmk
* can have pal privileges that sshd can inherit which
* could allow a user to su to root with out a password.
drop_cray_privs()
{
#if defined(_SC_CRAY_PRIV_SU)
- priv_proc_t* privstate;
- int result;
- extern int priv_set_proc();
- extern priv_proc_t* priv_init_proc();
- struct usrv usrv;
+ priv_proc_t* privstate;
+ int result;
+ extern int priv_set_proc();
+ extern priv_proc_t* priv_init_proc();
+ struct usrv usrv;
/*
* If ether of theses two flags are not set
- * then don't allow this version of ssh to run.
- */
- if (!sysconf(_SC_CRAY_PRIV_SU)) fatal("Not PRIV_SU system.");
- if (!sysconf(_SC_CRAY_POSIX_PRIV)) fatal("Not POSIX_PRIV.");
+ * then don't allow this version of ssh to run.
+ */
+ if (!sysconf(_SC_CRAY_PRIV_SU))
+ fatal("Not PRIV_SU system.");
+ if (!sysconf(_SC_CRAY_POSIX_PRIV))
+ fatal("Not POSIX_PRIV.");
- debug ("Dropping privileges.");
+ debug("Dropping privileges.");
memset(&usrv, 0, sizeof(usrv));
- if (setusrv(&usrv) < 0)
- fatal ("%s(%d): setusrv(): %s\n", __FILE__, __LINE__, strerror(errno));
+ if (setusrv(&usrv) < 0)
+ fatal("%s(%d): setusrv(): %s\n", __FILE__, __LINE__,
+ strerror(errno));
if ((privstate = priv_init_proc()) != NULL) {
- result = priv_set_proc(privstate);
- if ( result != 0 ) fatal ("%s(%d): priv_set_proc(): %s\n",
- __FILE__, __LINE__, strerror(errno));
- priv_free_proc(privstate);
- }
- debug ("Privileges should be cleared...");
+ result = priv_set_proc(privstate);
+ if (result != 0 )
+ fatal("%s(%d): priv_set_proc(): %s\n",
+ __FILE__, __LINE__, strerror(errno));
+ priv_free_proc(privstate);
+ }
+ debug ("Privileges should be cleared...");
#else
-Cray systems must be run with _SC_CRAY_PRIV_SU on!
+ /* XXX: do this differently */
+# error Cray systems must be run with _SC_CRAY_PRIV_SU on!
#endif
}
cray_retain_utmp(struct utmp *ut, int pid)
{
int fd;
- struct utmp utmp;
-
- if ((fd = open(UTMP_FILE, O_RDONLY)) >= 0) {
- while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) {
- if (pid == utmp.ut_pid) {
- ut->ut_jid = utmp.ut_jid;
- strncpy(ut->ut_tpath, utmp.ut_tpath, TPATHSIZ);
- strncpy(ut->ut_host, utmp.ut_host, strlen(utmp.ut_host));
- strncpy(ut->ut_name, utmp.ut_name, strlen(utmp.ut_name));
- break;
+ struct utmp utmp;
+
+ if ((fd = open(UTMP_FILE, O_RDONLY)) != -1) {
+ while (read(fd, (char *)&utmp, sizeof(utmp)) == sizeof(utmp)) {
+ if (pid == utmp.ut_pid) {
+ ut->ut_jid = utmp.ut_jid;
+ strncpy(ut->ut_tpath, utmp.ut_tpath, TPATHSIZ);
+ strncpy(ut->ut_host, utmp.ut_host, strlen(utmp.ut_host));
+ strncpy(ut->ut_name, utmp.ut_name, strlen(utmp.ut_name));
+ break;
}
}
close(fd);
- }
+ }
+ /* XXX: error message? */
}
/*
cray_delete_tmpdir(char *login, int jid, uid_t uid)
{
int child;
- static char jtmp[TPATHSIZ];
- struct stat statbuf;
- int c;
- int wstat;
-
- for (c = 'a'; c <= 'z'; c++) {
- snprintf(jtmp, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
- if (stat(jtmp, &statbuf) == 0 && statbuf.st_uid == uid) break;
- }
+ static char jtmp[TPATHSIZ];
+ struct stat statbuf;
+ int c;
+ int wstat;
+
+ for (c = 'a'; c <= 'z'; c++) {
+ snprintf(jtmp, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
+ if (stat(jtmp, &statbuf) == 0 && statbuf.st_uid == uid)
+ break;
+ }
- if (c > 'z') return;
+ if (c > 'z')
+ return;
- if ((child = fork()) == 0) {
- execl(CLEANTMPCMD, CLEANTMPCMD, login, jtmp, 0);
- fatal("ssh_cray_rmtmpdir: execl of CLEANTMPCMD failed");
- }
+ if ((child = fork()) == 0) {
+ execl(CLEANTMPCMD, CLEANTMPCMD, login, jtmp, 0);
+ fatal("cray_delete_tmpdir: execl of CLEANTMPCMD failed");
+ }
- while (waitpid (child, &wstat, 0) == -1 && errno == EINTR);
+ while (waitpid(child, &wstat, 0) == -1 && errno == EINTR)
+ ;
}
/*
* Remove tmpdir on job termination.
*/
void
-cray_job_termination_handler (int sig)
+cray_job_termination_handler(int sig)
{
int jid;
char *login = NULL;
debug("Received SIG JOB.");
if ((jid = waitjob(&jtab)) == -1 ||
- (login = uid2nam(jtab.j_uid)) == NULL) return;
+ (login = uid2nam(jtab.j_uid)) == NULL)
+ return;
cray_delete_tmpdir(login, jid, jtab.j_uid);
}
-
/*
* Set job id and create tmpdir directory.
*/
-void
+void
cray_init_job(struct passwd *pw)
-{
- int jid;
- int c;
-
- jid = setjob(pw->pw_uid, WJSIGNAL);
- if (jid < 0) fatal("System call setjob failure");
-
- for (c = 'a'; c <= 'z'; c++) {
- snprintf(cray_tmpdir, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
- if (mkdir(cray_tmpdir, JTMPMODE) != 0) continue;
- if (chown(cray_tmpdir, pw->pw_uid, pw->pw_gid) != 0) {
- rmdir(cray_tmpdir);
- continue;
- }
- break;
- }
-
- if (c > 'z') cray_tmpdir[0] = '\0';
-}
+{
+ int jid;
+ int c;
+
+ jid = setjob(pw->pw_uid, WJSIGNAL);
+ if (jid < 0)
+ fatal("System call setjob failure");
+
+ for (c = 'a'; c <= 'z'; c++) {
+ snprintf(cray_tmpdir, TPATHSIZ, "%s/jtmp.%06d%c", JTMPDIR, jid, c);
+ if (mkdir(cray_tmpdir, JTMPMODE) != 0)
+ continue;
+ if (chown(cray_tmpdir, pw->pw_uid, pw->pw_gid) != 0) {
+ rmdir(cray_tmpdir);
+ continue;
+ }
+ break;
+ }
+
+ if (c > 'z')
+ cray_tmpdir[0] = '\0';
+}
void
cray_set_tmpdir(struct utmp *ut)
-{
- int jid;
- struct jtab jbuf;
+{
+ int jid;
+ struct jtab jbuf;
- if ((jid = getjtab (&jbuf)) < 0) return;
+ if ((jid = getjtab(&jbuf)) < 0)
+ return;
/*
* Set jid and tmpdir in utmp record.
- */
+ */
ut->ut_jid = jid;
strncpy(ut->ut_tpath, cray_tmpdir, TPATHSIZ);
-}
-
+}
#endif
andersk / openssh.git / blobdiff