17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5d67944fbSScott Rotondo * Common Development and Distribution License (the "License"). 6d67944fbSScott Rotondo * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22d67944fbSScott Rotondo * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 24*48bbca81SDaniel Hoffman * Copyright (c) 2016 by Delphix. All rights reserved. 257c478bd9Sstevel@tonic-gate */ 267c478bd9Sstevel@tonic-gate 277c478bd9Sstevel@tonic-gate #include <syslog.h> 287c478bd9Sstevel@tonic-gate #include <pwd.h> 297c478bd9Sstevel@tonic-gate #include <unistd.h> 307c478bd9Sstevel@tonic-gate #include <strings.h> 317c478bd9Sstevel@tonic-gate #include <security/pam_appl.h> 327c478bd9Sstevel@tonic-gate #include <security/pam_modules.h> 337c478bd9Sstevel@tonic-gate #include <libintl.h> 347c478bd9Sstevel@tonic-gate 357c478bd9Sstevel@tonic-gate static int parse_allow_name(char *, char *); 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate /* 387c478bd9Sstevel@tonic-gate * pam_sm_acct_mgmt main account managment routine. 397c478bd9Sstevel@tonic-gate * XXX: The routine just prints out a warning message. 40*48bbca81SDaniel Hoffman * It may need to force the user to change their 417c478bd9Sstevel@tonic-gate * passwd. 427c478bd9Sstevel@tonic-gate */ 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate int 457c478bd9Sstevel@tonic-gate pam_sm_acct_mgmt( 467c478bd9Sstevel@tonic-gate pam_handle_t *pamh, 477c478bd9Sstevel@tonic-gate int flags, 487c478bd9Sstevel@tonic-gate int argc, 497c478bd9Sstevel@tonic-gate const char **argv) 507c478bd9Sstevel@tonic-gate { 517c478bd9Sstevel@tonic-gate char *user; 527c478bd9Sstevel@tonic-gate char *pg; 537c478bd9Sstevel@tonic-gate int i; 547c478bd9Sstevel@tonic-gate /*LINTED - set but not used. Would be used in a real module. */ 557c478bd9Sstevel@tonic-gate int debug = 0; 567c478bd9Sstevel@tonic-gate /*LINTED - set but not used. Would be used in a real module. */ 577c478bd9Sstevel@tonic-gate int nowarn = 0; 587c478bd9Sstevel@tonic-gate int error = 0; 597c478bd9Sstevel@tonic-gate 607c478bd9Sstevel@tonic-gate if (argc == 0) 617c478bd9Sstevel@tonic-gate return (PAM_SUCCESS); 627c478bd9Sstevel@tonic-gate 637c478bd9Sstevel@tonic-gate if (pam_get_item(pamh, PAM_USER, (void **)&user) != PAM_SUCCESS) 647c478bd9Sstevel@tonic-gate return (PAM_SERVICE_ERR); 657c478bd9Sstevel@tonic-gate 667c478bd9Sstevel@tonic-gate if (pam_get_item(pamh, PAM_SERVICE, (void **)&pg) != PAM_SUCCESS) 677c478bd9Sstevel@tonic-gate return (PAM_SERVICE_ERR); 687c478bd9Sstevel@tonic-gate 697c478bd9Sstevel@tonic-gate /* 707c478bd9Sstevel@tonic-gate * kludge alert. su needs to be handled specially for allow policy. 717c478bd9Sstevel@tonic-gate * we want to use the policy of the current user not the "destination" 727c478bd9Sstevel@tonic-gate * user. This will enable us to prevent su to root but not to rlogin, 737c478bd9Sstevel@tonic-gate * telnet, rsh, ftp to root. 747c478bd9Sstevel@tonic-gate * 757c478bd9Sstevel@tonic-gate * description of problem: user name is the "destination" name. not 767c478bd9Sstevel@tonic-gate * the current name. The allow policy needs to be applied to the 777c478bd9Sstevel@tonic-gate * current name in the case of su. user is "root" in this case and 787c478bd9Sstevel@tonic-gate * we will be getting the root policy instead of the user policy. 797c478bd9Sstevel@tonic-gate */ 807c478bd9Sstevel@tonic-gate if (strcmp(pg, "su") == 0) { 817c478bd9Sstevel@tonic-gate struct passwd *pw; 827c478bd9Sstevel@tonic-gate uid_t uid; 837c478bd9Sstevel@tonic-gate uid = getuid(); 847c478bd9Sstevel@tonic-gate pw = getpwuid(uid); 857c478bd9Sstevel@tonic-gate if (pw == NULL) 867c478bd9Sstevel@tonic-gate return (PAM_SYSTEM_ERR); 877c478bd9Sstevel@tonic-gate user = pw->pw_name; 887c478bd9Sstevel@tonic-gate } 897c478bd9Sstevel@tonic-gate 907c478bd9Sstevel@tonic-gate if (user == 0 || *user == '\0' || (strcmp(user, "root") == 0)) 917c478bd9Sstevel@tonic-gate return (PAM_SUCCESS); 927c478bd9Sstevel@tonic-gate 937c478bd9Sstevel@tonic-gate for (i = 0; i < argc; i++) { 947c478bd9Sstevel@tonic-gate if (strcasecmp(argv[i], "debug") == 0) 957c478bd9Sstevel@tonic-gate debug = 1; 967c478bd9Sstevel@tonic-gate else if (strcasecmp(argv[i], "nowarn") == 0) { 977c478bd9Sstevel@tonic-gate nowarn = 1; 987c478bd9Sstevel@tonic-gate flags = flags | PAM_SILENT; 997c478bd9Sstevel@tonic-gate } else if (strncmp(argv[i], "allow=", 6) == 0) 1007c478bd9Sstevel@tonic-gate error |= parse_allow_name(user, (char *)(argv[i]+6)); 1017c478bd9Sstevel@tonic-gate else 1027c478bd9Sstevel@tonic-gate syslog(LOG_DEBUG, "illegal option %s", argv[i]); 1037c478bd9Sstevel@tonic-gate } 1047c478bd9Sstevel@tonic-gate return (error?PAM_SUCCESS:PAM_AUTH_ERR); 1057c478bd9Sstevel@tonic-gate } 1067c478bd9Sstevel@tonic-gate 107d67944fbSScott Rotondo static char *getname(); 108d67944fbSScott Rotondo 1097c478bd9Sstevel@tonic-gate static int 1107c478bd9Sstevel@tonic-gate parse_allow_name(char *who, char *cp) 1117c478bd9Sstevel@tonic-gate { 1127c478bd9Sstevel@tonic-gate char name[256]; 1137c478bd9Sstevel@tonic-gate 1147c478bd9Sstevel@tonic-gate /* catch "allow=" */ 1157c478bd9Sstevel@tonic-gate if (*cp == '\0') 1167c478bd9Sstevel@tonic-gate return (0); 1177c478bd9Sstevel@tonic-gate while (cp) { 1187c478bd9Sstevel@tonic-gate cp = getname(cp, name); 1197c478bd9Sstevel@tonic-gate /* catch things such as =, and ,, */ 1207c478bd9Sstevel@tonic-gate if (*name == '\0') 1217c478bd9Sstevel@tonic-gate continue; 1227c478bd9Sstevel@tonic-gate if (strcmp(who, name) == 0) 1237c478bd9Sstevel@tonic-gate return (1); 1247c478bd9Sstevel@tonic-gate } 1257c478bd9Sstevel@tonic-gate return (0); 1267c478bd9Sstevel@tonic-gate } 1277c478bd9Sstevel@tonic-gate 1287c478bd9Sstevel@tonic-gate static char * 1297c478bd9Sstevel@tonic-gate getname(char *cp, char *name) 1307c478bd9Sstevel@tonic-gate { 1317c478bd9Sstevel@tonic-gate /* force name to be initially null string */ 1327c478bd9Sstevel@tonic-gate *name = '\0'; 1337c478bd9Sstevel@tonic-gate 1347c478bd9Sstevel@tonic-gate /* end of string? */ 1357c478bd9Sstevel@tonic-gate if (*cp == '\0') 1367c478bd9Sstevel@tonic-gate return ((char *)0); 1377c478bd9Sstevel@tonic-gate while (*cp) { 1387c478bd9Sstevel@tonic-gate /* end of name? */ 1397c478bd9Sstevel@tonic-gate if (*cp == ',' || *cp == '\0') 1407c478bd9Sstevel@tonic-gate break; 1417c478bd9Sstevel@tonic-gate *name++ = *cp++; 1427c478bd9Sstevel@tonic-gate } 1437c478bd9Sstevel@tonic-gate /* make name into string */ 1447c478bd9Sstevel@tonic-gate *name++ = '\0'; 1457c478bd9Sstevel@tonic-gate return ((*cp == '\0')? (char *)0 : ++cp); 1467c478bd9Sstevel@tonic-gate } 147