rdo/rdo.c

#include <pwd.h>
#include <err.h>
#include <shadow.h>
#include <crypt.h>
#include <unistd.h>
#include <stdio.h>
#include <string.h>
#include <bsd/readpassphrase.h>

void runprog(int argc, char** argv) {
	for(int i=0; i<argc; i++)
		argv[i] = argv[i + 1];

	setuid(0);
	setgid(0);
	
	if (execvp(argv[0], argv) != 0) 
		perror(argv[0]);
}

int main(int argc, char** argv) {
	if (argc < 2)
		errx(1, "Please specify a program to run");

	FILE* fp = fopen("/etc/rdo/username", "r");
	
	if (!fp)
		err(1, "Could not open /etc/rdo/username");

	int ruid = getuid();
	if (ruid == 0) {
		fclose(fp);
		runprog(argc, argv);
		return 0;
	}

	char username[64];
	fgets(username, 64, fp);
	fclose(fp);
	username[strcspn(username, "\n")] = 0;

	struct passwd* p = getpwnam(username);
	if (!p)
		err(1, "Could not get user info");

	int uid = p->pw_uid;
	if (uid != ruid && ruid != 0)
		errx(1, "You are not in the username file");

	struct spwd* shadowEntry = getspnam(username);

	if (!shadowEntry)
		err(1, "Could not get shadow entry");

	int tries = 0;
	char password[128];
	while (tries < 3) {
		if (!readpassphrase("(rdo) Password: ", password, sizeof(password), RPP_REQUIRE_TTY))
			err(1, "Could not get passphrase");

		if (strcmp(shadowEntry->sp_pwdp, crypt(password, shadowEntry->sp_pwdp)) == 0) {
			runprog(argc, argv);
			return 0;
		}
		
		fprintf(stderr, "Wrong password.\n");
		tries++;
	}
	errx(1, "Too many wrong password attempts.");
	return 1;
}
First Commit 2021-07-13 21:33:12 +02:00			`#include <pwd.h>`
Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`#include <err.h>`
First Commit 2021-07-13 21:33:12 +02:00			`#include <shadow.h>`
			`#include <crypt.h>`
			`#include <unistd.h>`
			`#include <stdio.h>`
			`#include <string.h>`
Get passphrase from TTY This is required for #1. 2021-07-13 22:23:27 +02:00			`#include <bsd/readpassphrase.h>`
First Commit 2021-07-13 21:33:12 +02:00
			`void runprog(int argc, char** argv) {`
Fix various formatting mistakes in rdo.c 2021-07-13 22:14:46 +02:00			`for(int i=0; i<argc; i++)`
			`argv[i] = argv[i + 1];`
Fix formatting in rdo.c 2021-07-13 22:46:57 +02:00
Fix various formatting mistakes in rdo.c 2021-07-13 22:14:46 +02:00			`setuid(0);`
			`setgid(0);`
Fix formatting in rdo.c 2021-07-13 22:46:57 +02:00
Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`if (execvp(argv[0], argv) != 0)`
			`perror(argv[0]);`
First Commit 2021-07-13 21:33:12 +02:00			`}`

			`int main(int argc, char** argv) {`
Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`if (argc < 2)`
			`errx(1, "Please specify a program to run");`
First Commit 2021-07-13 21:33:12 +02:00
			`FILE* fp = fopen("/etc/rdo/username", "r");`

Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`if (!fp)`
			`err(1, "Could not open /etc/rdo/username");`
First Commit 2021-07-13 21:33:12 +02:00
			`int ruid = getuid();`
			`if (ruid == 0) {`
			`fclose(fp);`
Fix various formatting mistakes in rdo.c 2021-07-13 22:14:46 +02:00			`runprog(argc, argv);`
			`return 0;`
Fix formatting in rdo.c 2021-07-13 22:46:57 +02:00			`}`
First Commit 2021-07-13 21:33:12 +02:00
			`char username[64];`
			`fgets(username, 64, fp);`
			`fclose(fp);`
			`username[strcspn(username, "\n")] = 0;`

			`struct passwd* p = getpwnam(username);`
Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`if (!p)`
			`err(1, "Could not get user info");`
First Commit 2021-07-13 21:33:12 +02:00
			`int uid = p->pw_uid;`
Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`if (uid != ruid && ruid != 0)`
			`errx(1, "You are not in the username file");`
First Commit 2021-07-13 21:33:12 +02:00
			`struct spwd* shadowEntry = getspnam(username);`

Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`if (!shadowEntry)`
			`err(1, "Could not get shadow entry");`
First Commit 2021-07-13 21:33:12 +02:00
			`int tries = 0;`
			`char password[128];`
			`while (tries < 3) {`
Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`if (!readpassphrase("(rdo) Password: ", password, sizeof(password), RPP_REQUIRE_TTY))`
			`err(1, "Could not get passphrase");`
Get passphrase from TTY This is required for #1. 2021-07-13 22:23:27 +02:00
First Commit 2021-07-13 21:33:12 +02:00			`if (strcmp(shadowEntry->sp_pwdp, crypt(password, shadowEntry->sp_pwdp)) == 0) {`
Fix various formatting mistakes in rdo.c 2021-07-13 22:14:46 +02:00			`runprog(argc, argv);`
Fix formatting in rdo.c 2021-07-13 22:46:57 +02:00			`return 0;`
First Commit 2021-07-13 21:33:12 +02:00			`}`
Fix formatting in rdo.c 2021-07-13 22:46:57 +02:00
First Commit 2021-07-13 21:33:12 +02:00			`fprintf(stderr, "Wrong password.\n");`
Fix various formatting mistakes in rdo.c 2021-07-13 22:14:46 +02:00			`tries++;`
First Commit 2021-07-13 21:33:12 +02:00			`}`
Improve error messages This commit makes rdo make use of the err.h header for more pleasant and convenient error logging. 2021-07-13 22:39:28 +02:00			`errx(1, "Too many wrong password attempts.");`
			`return 1;`
First Commit 2021-07-13 21:33:12 +02:00			`}`