17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * CDDL HEADER START
37c478bd9Sstevel@tonic-gate  *
47c478bd9Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
5d67944fbSScott Rotondo  * Common Development and Distribution License (the "License").
6d67944fbSScott Rotondo  * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate  *
87c478bd9Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate  * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate  * and limitations under the License.
127c478bd9Sstevel@tonic-gate  *
137c478bd9Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate  *
197c478bd9Sstevel@tonic-gate  * CDDL HEADER END
207c478bd9Sstevel@tonic-gate  */
217c478bd9Sstevel@tonic-gate /*
22d67944fbSScott Rotondo  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
237c478bd9Sstevel@tonic-gate  * Use is subject to license terms.
2448bbca81SDaniel Hoffman  * Copyright (c) 2016 by Delphix. All rights reserved.
257c478bd9Sstevel@tonic-gate  */
277c478bd9Sstevel@tonic-gate #include <syslog.h>
287c478bd9Sstevel@tonic-gate #include <pwd.h>
297c478bd9Sstevel@tonic-gate #include <unistd.h>
307c478bd9Sstevel@tonic-gate #include <strings.h>
317c478bd9Sstevel@tonic-gate #include <security/pam_appl.h>
327c478bd9Sstevel@tonic-gate #include <security/pam_modules.h>
337c478bd9Sstevel@tonic-gate #include <libintl.h>
357c478bd9Sstevel@tonic-gate static int parse_allow_name(char *, char *);
377c478bd9Sstevel@tonic-gate /*
387c478bd9Sstevel@tonic-gate  * pam_sm_acct_mgmt	main account managment routine.
397c478bd9Sstevel@tonic-gate  *			XXX: The routine just prints out a warning message.
4048bbca81SDaniel Hoffman  *			     It may need to force the user to change their
417c478bd9Sstevel@tonic-gate  *			     passwd.
427c478bd9Sstevel@tonic-gate  */
447c478bd9Sstevel@tonic-gate int
pam_sm_acct_mgmt(pam_handle_t * pamh,int flags,int argc,const char ** argv)457c478bd9Sstevel@tonic-gate pam_sm_acct_mgmt(
467c478bd9Sstevel@tonic-gate 	pam_handle_t *pamh,
477c478bd9Sstevel@tonic-gate 	int	flags,
487c478bd9Sstevel@tonic-gate 	int	argc,
497c478bd9Sstevel@tonic-gate 	const char **argv)
507c478bd9Sstevel@tonic-gate {
517c478bd9Sstevel@tonic-gate 	char	*user;
527c478bd9Sstevel@tonic-gate 	char	*pg;
537c478bd9Sstevel@tonic-gate 	int	i;
547c478bd9Sstevel@tonic-gate 	/*LINTED - set but not used. Would be used in a real module. */
55*ff7e8ba8SToomas Soome 	int	debug __unused = 0;
567c478bd9Sstevel@tonic-gate 	/*LINTED - set but not used. Would be used in a real module. */
57*ff7e8ba8SToomas Soome 	int	nowarn __unused = 0;
587c478bd9Sstevel@tonic-gate 	int	error = 0;
607c478bd9Sstevel@tonic-gate 	if (argc == 0)
617c478bd9Sstevel@tonic-gate 		return (PAM_SUCCESS);
637c478bd9Sstevel@tonic-gate 	if (pam_get_item(pamh, PAM_USER, (void **)&user) != PAM_SUCCESS)
647c478bd9Sstevel@tonic-gate 		return (PAM_SERVICE_ERR);
667c478bd9Sstevel@tonic-gate 	if (pam_get_item(pamh, PAM_SERVICE, (void **)&pg) != PAM_SUCCESS)
677c478bd9Sstevel@tonic-gate 		return (PAM_SERVICE_ERR);
697c478bd9Sstevel@tonic-gate 	/*
707c478bd9Sstevel@tonic-gate 	 * kludge alert. su needs to be handled specially for allow policy.
717c478bd9Sstevel@tonic-gate 	 * we want to use the policy of the current user not the "destination"
727c478bd9Sstevel@tonic-gate 	 * user. This will enable us to prevent su to root but not to rlogin,
737c478bd9Sstevel@tonic-gate 	 * telnet, rsh, ftp to root.
747c478bd9Sstevel@tonic-gate 	 *
757c478bd9Sstevel@tonic-gate 	 * description of problem: user name is the "destination" name. not
767c478bd9Sstevel@tonic-gate 	 * the current name. The allow policy needs to be applied to the
777c478bd9Sstevel@tonic-gate 	 * current name in the case of su. user is "root" in this case and
787c478bd9Sstevel@tonic-gate 	 * we will be getting the root policy instead of the user policy.
797c478bd9Sstevel@tonic-gate 	 */
807c478bd9Sstevel@tonic-gate 	if (strcmp(pg, "su") == 0) {
817c478bd9Sstevel@tonic-gate 		struct passwd *pw;
827c478bd9Sstevel@tonic-gate 		uid_t uid;
837c478bd9Sstevel@tonic-gate 		uid = getuid();
847c478bd9Sstevel@tonic-gate 		pw = getpwuid(uid);
857c478bd9Sstevel@tonic-gate 		if (pw == NULL)
867c478bd9Sstevel@tonic-gate 			return (PAM_SYSTEM_ERR);
877c478bd9Sstevel@tonic-gate 		user = pw->pw_name;
887c478bd9Sstevel@tonic-gate 	}
907c478bd9Sstevel@tonic-gate 	if (user == 0 || *user == '\0' || (strcmp(user, "root") == 0))
917c478bd9Sstevel@tonic-gate 		return (PAM_SUCCESS);
937c478bd9Sstevel@tonic-gate 	for (i = 0; i < argc; i++) {
947c478bd9Sstevel@tonic-gate 		if (strcasecmp(argv[i], "debug") == 0)
957c478bd9Sstevel@tonic-gate 			debug = 1;
967c478bd9Sstevel@tonic-gate 		else if (strcasecmp(argv[i], "nowarn") == 0) {
977c478bd9Sstevel@tonic-gate 			nowarn = 1;
987c478bd9Sstevel@tonic-gate 			flags = flags | PAM_SILENT;
997c478bd9Sstevel@tonic-gate 		} else if (strncmp(argv[i], "allow=", 6) == 0)
1007c478bd9Sstevel@tonic-gate 			error |= parse_allow_name(user, (char *)(argv[i]+6));
1017c478bd9Sstevel@tonic-gate 		else
1027c478bd9Sstevel@tonic-gate 			syslog(LOG_DEBUG, "illegal option %s", argv[i]);
1037c478bd9Sstevel@tonic-gate 	}
1047c478bd9Sstevel@tonic-gate 	return (error?PAM_SUCCESS:PAM_AUTH_ERR);
1057c478bd9Sstevel@tonic-gate }
107d67944fbSScott Rotondo static char *getname();
108d67944fbSScott Rotondo 
1097c478bd9Sstevel@tonic-gate static int
parse_allow_name(char * who,char * cp)1107c478bd9Sstevel@tonic-gate parse_allow_name(char *who, char *cp)
1117c478bd9Sstevel@tonic-gate {
1127c478bd9Sstevel@tonic-gate 	char name[256];
1147c478bd9Sstevel@tonic-gate 	/* catch "allow=" */
1157c478bd9Sstevel@tonic-gate 	if (*cp == '\0')
1167c478bd9Sstevel@tonic-gate 		return (0);
1177c478bd9Sstevel@tonic-gate 	while (cp) {
1187c478bd9Sstevel@tonic-gate 		cp = getname(cp, name);
1197c478bd9Sstevel@tonic-gate 		/* catch things such as =, and ,, */
1207c478bd9Sstevel@tonic-gate 		if (*name == '\0')
1217c478bd9Sstevel@tonic-gate 			continue;
1227c478bd9Sstevel@tonic-gate 		if (strcmp(who, name) == 0)
1237c478bd9Sstevel@tonic-gate 			return (1);
1247c478bd9Sstevel@tonic-gate 	}
1257c478bd9Sstevel@tonic-gate 	return (0);
1267c478bd9Sstevel@tonic-gate }
1287c478bd9Sstevel@tonic-gate static char *
getname(char * cp,char * name)1297c478bd9Sstevel@tonic-gate getname(char *cp, char *name)
1307c478bd9Sstevel@tonic-gate {
1317c478bd9Sstevel@tonic-gate 	/* force name to be initially null string */
1327c478bd9Sstevel@tonic-gate 	*name = '\0';
1347c478bd9Sstevel@tonic-gate 	/* end of string? */
1357c478bd9Sstevel@tonic-gate 	if (*cp == '\0')
1367c478bd9Sstevel@tonic-gate 		return ((char *)0);
1377c478bd9Sstevel@tonic-gate 	while (*cp) {
1387c478bd9Sstevel@tonic-gate 		/* end of name? */
1397c478bd9Sstevel@tonic-gate 		if (*cp == ',' || *cp == '\0')
1407c478bd9Sstevel@tonic-gate 			break;
1417c478bd9Sstevel@tonic-gate 		*name++ = *cp++;
1427c478bd9Sstevel@tonic-gate 	}
1437c478bd9Sstevel@tonic-gate 	/* make name into string */
1447c478bd9Sstevel@tonic-gate 	*name++ = '\0';
1457c478bd9Sstevel@tonic-gate 	return ((*cp == '\0')? (char *)0 : ++cp);
1467c478bd9Sstevel@tonic-gate }