usr/src/lib/pam_modules/sample/sample_acct_mgmt.c

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  * Copyright (c) 2016 by Delphix. All rights reserved.
  25  */
  26
  27 #include <syslog.h>
  28 #include <pwd.h>
  29 #include <unistd.h>
  30 #include <strings.h>
  31 #include <security/pam_appl.h>
  32 #include <security/pam_modules.h>
  33 #include <libintl.h>
  34
  35 static int parse_allow_name(char *, char *);
  36
  37 /*
  38  * pam_sm_acct_mgmt     main account managment routine.
  39  *                      XXX: The routine just prints out a warning message.
  40  *                           It may need to force the user to change their
  41  *                           passwd.
  42  */
  43
  44 int
  45 pam_sm_acct_mgmt(
  46         pam_handle_t *pamh,
  47         int     flags,
  48         int     argc,
  49         const char **argv)
  50 {
  51         char    *user;
  52         char    *pg;
  53         int     i;
  54         /*LINTED - set but not used. Would be used in a real module. */
  55         int     debug __unused = 0;
  56         /*LINTED - set but not used. Would be used in a real module. */
  57         int     nowarn __unused = 0;
  58         int     error = 0;
  59
  60         if (argc == 0)
  61                 return (PAM_SUCCESS);
  62
  63         if (pam_get_item(pamh, PAM_USER, (void **)&user) != PAM_SUCCESS)
  64                 return (PAM_SERVICE_ERR);
  65
  66         if (pam_get_item(pamh, PAM_SERVICE, (void **)&pg) != PAM_SUCCESS)
  67                 return (PAM_SERVICE_ERR);
  68
  69         /*
  70          * kludge alert. su needs to be handled specially for allow policy.
  71          * we want to use the policy of the current user not the "destination"
  72          * user. This will enable us to prevent su to root but not to rlogin,
  73          * telnet, rsh, ftp to root.
  74          *
  75          * description of problem: user name is the "destination" name. not
  76          * the current name. The allow policy needs to be applied to the
  77          * current name in the case of su. user is "root" in this case and
  78          * we will be getting the root policy instead of the user policy.
  79          */
  80         if (strcmp(pg, "su") == 0) {
  81                 struct passwd *pw;
  82                 uid_t uid;
  83                 uid = getuid();
  84                 pw = getpwuid(uid);
  85                 if (pw == NULL)
  86                         return (PAM_SYSTEM_ERR);
  87                 user = pw->pw_name;
  88         }
  89
  90         if (user == 0 || *user == '\0' || (strcmp(user, "root") == 0))
  91                 return (PAM_SUCCESS);
  92
  93         for (i = 0; i < argc; i++) {
  94                 if (strcasecmp(argv[i], "debug") == 0)
  95                         debug = 1;
  96                 else if (strcasecmp(argv[i], "nowarn") == 0) {
  97                         nowarn = 1;
  98                         flags = flags | PAM_SILENT;
  99                 } else if (strncmp(argv[i], "allow=", 6) == 0)
 100                         error |= parse_allow_name(user, (char *)(argv[i]+6));
 101                 else
 102                         syslog(LOG_DEBUG, "illegal option %s", argv[i]);
 103         }
 104         return (error?PAM_SUCCESS:PAM_AUTH_ERR);
 105 }
 106
 107 static char *getname();
 108
 109 static int
 110 parse_allow_name(char *who, char *cp)
 111 {
 112         char name[256];
 113
 114         /* catch "allow=" */
 115         if (*cp == '\0')
 116                 return (0);
 117         while (cp) {
 118                 cp = getname(cp, name);
 119                 /* catch things such as =, and ,, */
 120                 if (*name == '\0')
 121                         continue;
 122                 if (strcmp(who, name) == 0)
 123                         return (1);
 124         }
 125         return (0);
 126 }
 127
 128 static char *
 129 getname(char *cp, char *name)
 130 {
 131         /* force name to be initially null string */
 132         *name = '\0';
 133
 134         /* end of string? */
 135         if (*cp == '\0')
 136                 return ((char *)0);
 137         while (*cp) {
 138                 /* end of name? */
 139                 if (*cp == ',' || *cp == '\0')
 140                         break;
 141                 *name++ = *cp++;
 142         }
 143         /* make name into string */
 144         *name++ = '\0';
 145         return ((*cp == '\0')? (char *)0 : ++cp);
 146 }