Commit 3ebab1e5 authored by Russ Fish's avatar Russ Fish
Browse files

Factor the Cygwin password authentication hack out of program-agent into...

Factor the Cygwin password authentication hack out of program-agent into libtb, and use it in linktest as well.
parent cfe29831
......@@ -54,7 +54,7 @@ ifeq ($(SYSTEM),Linux)
LIBS += -ldl
endif
LIBTB_OBJS = $(LIBTBDIR)/log.o $(LIBTBDIR)/tbdefs.o
LIBTB_OBJS = $(LIBTBDIR)/log.o $(LIBTBDIR)/tbdefs.o $(LIBTBDIR)/be_user.o
DAEMON_OBJS = linktest.o version.o
LTEVENT_OBJS = ltevent.o
......
......@@ -18,6 +18,7 @@
#include <time.h>
#include "tbdefs.h"
#include "log.h"
#include "be_user.h"
#include "event.h"
#define TRUE 1
......@@ -362,6 +363,13 @@ exec_linktest(char *args, int buflen) {
argv[i] = NULL;
argv[0] = LINKTEST_SCRIPT;
#ifdef __CYGWIN__
/*
* Run as the swapper on Cygwin for access to the shared /proj dir.
*/
be_user(swapper);
#endif /* __CYGWIN__ */
/*
* Execute the script with the arguments from the event
*/
......
......@@ -40,6 +40,7 @@
#include "log.h"
#include "popenf.h"
#include "systemf.h"
#include "be_user.h"
#include "event.h"
#include <elvin/elvin.h>
#ifdef __CYGWIN__
......@@ -556,48 +557,7 @@ main(int argc, char **argv)
/*
* Flip to the user, but only if we are currently root.
*/
if (getuid() == 0) {
#ifdef __CYGWIN__
/*
* Present the plain-text password from the tmcc accounts file
* so remote Samba directory mounts like /proj can be accessed.
*/
FILE *pwd_file = fopen("/var/emulab/boot/tmcc/accounts", "r");
static char line[255], name[30], password[30];
int matched = 0;
while (pwd_file && fgets(line, 255, pwd_file)) {
if (sscanf(line, "ADDUSER LOGIN=%30s PSWD=%30s ",
name, password) == 2 &&
(matched = (strncmp(user, name, 30) == 0)))
break; /* Found it. */
}
fclose(pwd_file);
if (matched) {
info("cygwin_logon_user: name %s, password '%s'...",
pw->pw_name, password);
HANDLE hToken = cygwin_logon_user(pw, password);
if (hToken != INVALID_HANDLE_VALUE) {
info(" suceeded\n");
/* This sets context for setuid() below. */
cygwin_set_impersonation_token(hToken);
}
else
info(" failed\n");
}
else
info("AGENT: user %s, %s", pw->pw_name, "password not found\n");
#endif /* __CYGWIN__ */
/*
* Initialize the group list, and then flip to uid.
*/
if (setgid(pw->pw_gid) ||
initgroups(user, pw->pw_gid) ||
setuid(pw->pw_uid)) {
fatal("Could not become user: %s", user);
}
}
be_user(user);
if (access(LOGDIR, W_OK) < 0) {
fatal("Cannot write to log directory: %s", LOGDIR);
......
......@@ -24,7 +24,7 @@ control-install: client
include $(TESTBED_SRCDIR)/GNUmakerules
OBJS = log.o tbdefs.o popenf.o systemf.o
OBJS = log.o tbdefs.o popenf.o systemf.o be_user.o
CFLAGS += -O -g -Wall -I${OBJDIR} -I/usr/local/include
libtb.a: $(OBJS) tbdb.o
......@@ -40,6 +40,7 @@ tbdb.o: tbdb.h log.h tbdefs.h
tbdefs.o: tbdefs.h
popenf.o: popenf.h
systemf.o: systemf.h
be_user.o: be_user.h
install: all
......
/*
* EMULAB-COPYRIGHT
* Copyright (c) 2005 University of Utah and the Flux Group.
* All rights reserved.
*/
#include "config.h"
#include <stdio.h>
#include <errno.h>
#include <assert.h>
#include <string.h>
#include <sys/types.h>
#include <unistd.h>
#include <pwd.h>
#include <grp.h>
#ifdef __CYGWIN__
#include <w32api/windows.h>
#include <sys/cygwin.h>
#endif /* __CYGWIN__ */
#include "be_user.h"
#include "log.h"
int be_user(const char *user)
{
int retval = 1;
struct passwd *pw;
if ((pw = getpwnam(user)) == NULL) {
fatal("invalid user: %s", user);
}
if (getuid() == 0) {
#ifdef __CYGWIN__
/*
* On Windows, present the plain-text password from the tmcc accounts
* file so remote Samba directory mounts like /proj can be accessed.
*/
FILE *pwd_file = fopen("/var/emulab/boot/tmcc/accounts", "r");
static char line[255], name[30], password[30];
int matched = 0;
while (pwd_file && fgets(line, 255, pwd_file)) {
if (sscanf(line, "ADDUSER LOGIN=%30s PSWD=%30s ",
name, password) == 2 &&
(matched = (strncmp(user, name, 30) == 0)))
break; /* Found it. */
}
fclose(pwd_file);
if (matched) {
info("cygwin_logon_user: name %s, password '%s'...",
pw->pw_name, password);
HANDLE hToken = cygwin_logon_user(pw, password);
if (hToken != INVALID_HANDLE_VALUE) {
info(" suceeded\n");
/* This sets context for setuid() below. */
cygwin_set_impersonation_token(hToken);
retval = 0;
}
else
info(" failed\n");
}
else
info("user %s, %s", pw->pw_name, "password not found\n");
#endif /* __CYGWIN__ */
/*
* Initialize the group list, and then flip to uid.
*/
if (setgid(pw->pw_gid) ||
initgroups(user, pw->pw_gid) ||
setuid(pw->pw_uid)) {
fatal("Could not become user: %s", user);
}
}
return retval;
}
/*
* EMULAB-COPYRIGHT
* Copyright (c) 2005 University of Utah and the Flux Group.
* All rights reserved.
*/
/**
* @file be_user.h
*/
#ifndef _be_user_h
#define _be_user_h
#ifdef __cplusplus
extern "C" {
#endif
/* Flip to the user, but only if we are currently root. */
int be_user(const char *username);
#ifdef __cplusplus
}
#endif
#endif
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment