+++ /dev/null
-diff --git a/configure.ac b/configure.ac
-index 87e85fa..ead559c 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1149,6 +1154,15 @@ UL_REQUIRES_HAVE([su], [security_pam_misc_h], [PAM header file])
- AM_CONDITIONAL(BUILD_SU, test "x$build_su" = xyes)
-
-
-+AC_ARG_ENABLE([runuser],
-+ AS_HELP_STRING([--disable-runuser], [do not build runuser]),
-+ [], enable_runuser=yes
-+)
-+UL_BUILD_INIT([runuser])
-+UL_REQUIRES_HAVE([runuser], [security_pam_misc_h], [PAM header file])
-+AM_CONDITIONAL(BUILD_RUNUSER, test "x$build_runuser" = xyes)
-+
-+
- AC_ARG_ENABLE([schedutils],
- AS_HELP_STRING([--disable-schedutils], [do not build chrt, ionice, teskset]),
- [], enable_schedutils=yes
-diff --git a/login-utils/Makemodule.am b/login-utils/Makemodule.am
-index e10da46..755a361 100644
---- a/login-utils/Makemodule.am
-+++ b/login-utils/Makemodule.am
-@@ -83,6 +83,8 @@
- dist_man_MANS += login-utils/su.1
- su_SOURCES = \
- login-utils/su.c \
-+ login-utils/su-common.c \
-+ login-utils/su-common.h \
- login-utils/logindefs.c \
- login-utils/logindefs.h
- su_CFLAGS = $(SUID_CFLAGS) $(AM_CFLAGS)
-@@ -91,6 +93,19 @@
- endif
-
-
-+if BUILD_RUNUSER
-+bin_PROGRAMS += runuser
-+dist_man_MANS += login-utils/runuser.1
-+runuser_SOURCES = \
-+ login-utils/runuser.c \
-+ login-utils/su-common.c \
-+ login-utils/su-common.h \
-+ login-utils/logindefs.c \
-+ login-utils/logindefs.h
-+runuser_LDADD = $(LDADD) -lpam -lpam_misc
-+endif
-+
-+
- if BUILD_NEWGRP
- usrbin_exec_PROGRAMS += newgrp
- dist_man_MANS += login-utils/newgrp.1
-diff --git a/login-utils/runuser.1 b/login-utils/runuser.1
-new file mode 100644
-index 0000000..66ad1c4
---- /dev/null
-+++ b/login-utils/runuser.1
-@@ -0,0 +1,230 @@
-+.TH RUNUSER "1" "August 2012" "util-linux" "User Commands"
-+.SH NAME
-+runuser \- run a command with substitute user and group ID
-+.SH SYNOPSIS
-+.B runuser
-+[options...] [\-] [user [args...]]
-+.SH DESCRIPTION
-+.B runuser
-+allows to run commands with substitute user and group ID.
-+The difference between the commands
-+.B runuser
-+and
-+.B su
-+is that
-+.B runuser
-+does not ask for password, because it may be executed by root user only.
-+The command
-+.B runuser
-+does not have to be installed with suid permissions.
-+.PP
-+When called without arguments
-+.B runuser
-+defaults to running an interactive shell as
-+.IR root .
-+.PP
-+For backward compatibility
-+.B runuser
-+defaults to not change the current directory and to only set the
-+environment variables
-+.B HOME
-+and
-+.B SHELL
-+(plus
-+.B USER
-+and
-+.B LOGNAME
-+if the target
-+.I user
-+is not root). It is recommended to always use the
-+.B \-\-login
-+option (instead it's shortcut
-+.BR \- )
-+to avoid side effects caused by mixing environments.
-+.PP
-+This version of
-+.B runuser
-+uses PAM for session management.
-+.SH OPTIONS
-+.TP
-+\fB\-c\fR \fIcommand\fR, \fB\-\-command\fR=\fIcommand\fR
-+Pass
-+.I command
-+to the shell with the
-+.B \-c
-+option.
-+.TP
-+\fB\-\-session\-command\fR=\fIcommand\fR
-+Same as
-+.B \-c
-+but do not create a new session (discouraged).
-+.TP
-+\fB\-f\fR, \fB\-\-fast\fR
-+Pass
-+.B \-f
-+to the shell which may or may not be useful depending on the
-+shell.
-+.TP
-+\fB\-g\fR, \fB\-\-group\fR=\fIgroup\fR\fR
-+specify the primary group, this option is allowed for root user only
-+.TP
-+\fB\-G\fR, \fB\-\-supp-group\fR=\fIgroup\fR\fR
-+specify a supplemental group, this option is allowed for root user only
-+.TP
-+\fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
-+Starts the shell as login shell with an environment similar to a real
-+login:
-+.RS 10
-+.TP
-+o
-+clears all environment variables except for
-+.B TERM
-+.TP
-+o
-+initializes the environment variables
-+.BR HOME ,
-+.BR SHELL ,
-+.BR USER ,
-+.BR LOGNAME ,
-+.B PATH
-+.TP
-+o
-+changes to the target user's home directory
-+.TP
-+o
-+sets argv[0] of the shell to
-+.RB ' \- '
-+in order to make the shell a login shell
-+.RE
-+.TP
-+\fB\-m\fR, \fB\-p\fR, \fB\-\-preserve-environment\fR
-+Preserves the whole environment, ie does not set
-+.BR HOME ,
-+.BR SHELL ,
-+.B USER
-+nor
-+.BR LOGNAME .
-+.TP
-+\fB\-s\fR \fISHELL\fR, \fB\-\-shell\fR=\fISHELL\fR
-+Runs the specified shell instead of the default. The shell to run is
-+selected according to the following rules in order:
-+.RS 10
-+.TP
-+o
-+the shell specified with
-+.B \-\-shell
-+.TP
-+o
-+The shell specified in the environment variable
-+.B SHELL
-+if the
-+.B \-\-preserve-environment
-+option is used.
-+.TP
-+o
-+the shell listed in the passwd entry of the target user
-+.TP
-+o
-+/bin/sh
-+.RE
-+.IP
-+If the target user has a restricted shell (i.e. not listed in
-+/etc/shells) the
-+.B \-\-shell
-+option and the
-+.B SHELL
-+environment variables are ignored unless the calling user is root.
-+.TP
-+\fB\-\-help\fR
-+Display help text and exit.
-+.TP
-+\fB\-\-version\fR
-+Display version information and exit.
-+.SH CONFIG FILES
-+.B runuser
-+reads the
-+.I /etc/default/runuser
-+and
-+.I /etc/login.defs
-+configuration files. The following configuration items are relevant
-+for
-+.BR runuser :
-+.PP
-+.B ENV_PATH
-+(string)
-+.RS 4
-+Defines the PATH environment variable for a regular user. The
-+default value is
-+.IR /usr/local/bin:\:/bin:\:/usr/bin .
-+.RE
-+.PP
-+.B ENV_ROOTPATH
-+(string)
-+.br
-+.B ENV_SUPATH
-+(string)
-+.RS 4
-+Defines the PATH environment variable for root. The default value is
-+.IR /usr/local/sbin:\:/usr/local/bin:\:/sbin:\:/bin:\:/usr/sbin:\:/usr/bin .
-+.RE
-+.PP
-+.B ALWAYS_SET_PATH
-+(boolean)
-+.RS 4
-+If set to
-+.I yes
-+and \-\-login and \-\-preserve\-environment were not specified
-+.B runuser
-+initializes
-+.BR PATH .
-+.RE
-+.SH EXIT STATUS
-+.B runuser
-+normally returns the exit status of the command it executed. If the
-+command was killed by a signal,
-+.B runuser
-+returns the number of the signal plus 128.
-+.PP
-+Exit status generated by
-+.B runuser
-+itself:
-+.RS 10
-+.TP
-+1
-+Generic error before executing the requested command
-+.TP
-+126
-+The requested command could not be executed
-+.TP
-+127
-+The requested command could was not found
-+.RE
-+.SH FILES
-+.PD 0
-+.TP 17
-+/etc/pam.d/runuser
-+default PAM configuration file
-+.TP
-+/etc/pam.d/runuser-l
-+PAM configuration file if \-\-login is specified
-+.TP
-+/etc/default/runuser
-+runuser specific logindef config file
-+.TP
-+/etc/login.defs
-+global logindef config file
-+.PD 1
-+.SH "SEE ALSO"
-+.BR pam (8),
-+.BR shells (5),
-+.BR login.defs (5),
-+.BR su (1)
-+.SH AUTHOR
-+Derived from coreutils' su which was based on an implemenation from
-+David MacKenzie and Fedora runuser command from Dan Walsh.
-+.SH AVAILABILITY
-+The runuser command is part of the util-linux package and is
-+available from
-+.UR ftp://\:ftp.kernel.org\:/pub\:/linux\:/utils\:/util-linux/
-+Linux Kernel Archive
-+.UE .
-diff --git a/login-utils/runuser.c b/login-utils/runuser.c
-new file mode 100644
-index 0000000..d761a14
---- /dev/null
-+++ b/login-utils/runuser.c
-@@ -0,0 +1,7 @@
-+
-+#include "su-common.h"
-+
-+int main(int argv, char **argc)
-+{
-+ return su_main(argv, argc, RUNUSER_MODE);
-+}
-diff --git a/login-utils/su-common.c b/login-utils/su-common.c
-new file mode 100644
-index 0000000..d1fecd7
---- /dev/null
-+++ b/login-utils/su-common.c
-@@ -0,0 +1,918 @@
-+/* su for Linux. Run a shell with substitute user and group IDs.
-+ Copyright (C) 1992-2006 Free Software Foundation, Inc.
-+ Copyright (C) 2012 SUSE Linux Products GmbH, Nuernberg
-+
-+ This program is free software; you can redistribute it and/or modify
-+ it under the terms of the GNU General Public License as published by
-+ the Free Software Foundation; either version 2, or (at your option)
-+ any later version.
-+
-+ This program is distributed in the hope that it will be useful,
-+ but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+ GNU General Public License for more details.
-+
-+ You should have received a copy of the GNU General Public License
-+ along with this program; if not, write to the Free Software Foundation,
-+ Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
-+
-+/* Run a shell with the real and effective UID and GID and groups
-+ of USER, default `root'.
-+
-+ The shell run is taken from USER's password entry, /bin/sh if
-+ none is specified there. If the account has a password, su
-+ prompts for a password unless run by a user with real UID 0.
-+
-+ Does not change the current directory.
-+ Sets `HOME' and `SHELL' from the password entry for USER, and if
-+ USER is not root, sets `USER' and `LOGNAME' to USER.
-+ The subshell is not a login shell.
-+
-+ If one or more ARGs are given, they are passed as additional
-+ arguments to the subshell.
-+
-+ Does not handle /bin/sh or other shells specially
-+ (setting argv[0] to "-su", passing -c only to certain shells, etc.).
-+ I don't see the point in doing that, and it's ugly.
-+
-+ Based on an implemenation by David MacKenzie <djm@gnu.ai.mit.edu>. */
-+
-+enum
-+{
-+ EXIT_CANNOT_INVOKE = 126,
-+ EXIT_ENOENT = 127
-+};
-+
-+#include <config.h>
-+#include <stdio.h>
-+#include <getopt.h>
-+#include <sys/types.h>
-+#include <pwd.h>
-+#include <grp.h>
-+#include <security/pam_appl.h>
-+#include <security/pam_misc.h>
-+#include <signal.h>
-+#include <sys/wait.h>
-+#include <syslog.h>
-+
-+#include "err.h"
-+
-+#include <stdbool.h>
-+#include "c.h"
-+#include "xalloc.h"
-+#include "nls.h"
-+#include "pathnames.h"
-+#include "env.h"
-+
-+/* name of the pam configuration files. separate configs for su and su - */
-+#define PAM_SRVNAME_SU "su"
-+#define PAM_SRVNAME_SU_L "su-l"
-+
-+#define PAM_SRVNAME_RUNUSER "runuser"
-+#define PAM_SRVNAME_RUNUSER_L "runuser-l"
-+
-+#define _PATH_LOGINDEFS_SU "/etc/defaults/su"
-+#define _PATH_LOGINDEFS_RUNUSER "/etc/defaults/runuser"
-+
-+#define is_pam_failure(_rc) ((_rc) != PAM_SUCCESS)
-+
-+#include "logindefs.h"
-+#include "su-common.h"
-+
-+/* The shell to run if none is given in the user's passwd entry. */
-+#define DEFAULT_SHELL "/bin/sh"
-+
-+/* The user to become if none is specified. */
-+#define DEFAULT_USER "root"
-+
-+#ifndef HAVE_ENVIRON_DECL
-+extern char **environ;
-+#endif
-+
-+static void run_shell (char const *, char const *, char **, size_t)
-+ __attribute__ ((__noreturn__));
-+
-+/* If true, pass the `-f' option to the subshell. */
-+static bool fast_startup;
-+
-+/* If true, simulate a login instead of just starting a shell. */
-+static bool simulate_login;
-+
-+/* If true, change some environment vars to indicate the user su'd to. */
-+static bool change_environment;
-+
-+/* If true, then don't call setsid() with a command. */
-+static int same_session = 0;
-+
-+/* SU_MODE_{RUNUSER,SU} */
-+static int su_mode;
-+
-+static bool _pam_session_opened;
-+static bool _pam_cred_established;
-+static sig_atomic_t volatile caught_signal = false;
-+static pam_handle_t *pamh = NULL;
-+
-+static int restricted = 1; /* zero for root user */
-+
-+static struct option const longopts[] =
-+{
-+ {"command", required_argument, NULL, 'c'},
-+ {"session-command", required_argument, NULL, 'C'},
-+ {"fast", no_argument, NULL, 'f'},
-+ {"login", no_argument, NULL, 'l'},
-+ {"preserve-environment", no_argument, NULL, 'p'},
-+ {"shell", required_argument, NULL, 's'},
-+ {"group", required_argument, NULL, 'g'},
-+ {"supp-group", required_argument, NULL, 'G'},
-+ {"help", no_argument, 0, 'h'},
-+ {"version", no_argument, 0, 'V'},
-+ {NULL, 0, NULL, 0}
-+};
-+
-+/* Log the fact that someone has run su to the user given by PW;
-+ if SUCCESSFUL is true, they gave the correct password, etc. */
-+
-+static void
-+log_su (struct passwd const *pw, bool successful)
-+{
-+ const char *new_user, *old_user, *tty;
-+
-+ new_user = pw->pw_name;
-+ /* The utmp entry (via getlogin) is probably the best way to identify
-+ the user, especially if someone su's from a su-shell. */
-+ old_user = getlogin ();
-+ if (!old_user)
-+ {
-+ /* getlogin can fail -- usually due to lack of utmp entry.
-+ Resort to getpwuid. */
-+ struct passwd *pwd = getpwuid (getuid ());
-+ old_user = (pwd ? pwd->pw_name : "");
-+ }
-+ tty = ttyname (STDERR_FILENO);
-+ if (!tty)
-+ tty = "none";
-+
-+ openlog (program_invocation_short_name, 0 , LOG_AUTH);
-+ syslog (LOG_NOTICE, "%s(to %s) %s on %s",
-+ successful ? "" :
-+ su_mode == RUNUSER_MODE ? "FAILED RUNUSER " : "FAILED SU ",
-+ new_user, old_user, tty);
-+ closelog ();
-+}
-+
-+static struct pam_conv conv =
-+{
-+ misc_conv,
-+ NULL
-+};
-+
-+static void
-+cleanup_pam (int retcode)
-+{
-+ int saved_errno = errno;
-+
-+ if (_pam_session_opened)
-+ pam_close_session (pamh, 0);
-+
-+ if (_pam_cred_established)
-+ pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT);
-+
-+ pam_end(pamh, retcode);
-+
-+ errno = saved_errno;
-+}
-+
-+/* Signal handler for parent process. */
-+static void
-+su_catch_sig (int sig __attribute__((__unused__)))
-+{
-+ caught_signal = true;
-+}
-+
-+/* Export env variables declared by PAM modules. */
-+static void
-+export_pamenv (void)
-+{
-+ char **env;
-+
-+ /* This is a copy but don't care to free as we exec later anyways. */
-+ env = pam_getenvlist (pamh);
-+ while (env && *env)
-+ {
-+ if (putenv (*env) != 0)
-+ err (EXIT_FAILURE, NULL);
-+ env++;
-+ }
-+}
-+
-+static void
-+create_watching_parent (void)
-+{
-+ pid_t child;
-+ sigset_t ourset;
-+ int status = 0;
-+ int retval;
-+
-+ retval = pam_open_session (pamh, 0);
-+ if (is_pam_failure(retval))
-+ {
-+ cleanup_pam (retval);
-+ errx (EXIT_FAILURE, _("cannot not open session: %s"),
-+ pam_strerror (pamh, retval));
-+ }
-+ else
-+ _pam_session_opened = 1;
-+
-+ child = fork ();
-+ if (child == (pid_t) -1)
-+ {
-+ cleanup_pam (PAM_ABORT);
-+ err (EXIT_FAILURE, _("cannot create child process"));
-+ }
-+
-+ /* the child proceeds to run the shell */
-+ if (child == 0)
-+ return;
-+
-+ /* In the parent watch the child. */
-+
-+ /* su without pam support does not have a helper that keeps
-+ sitting on any directory so let's go to /. */
-+ if (chdir ("/") != 0)
-+ warn (_("cannot change directory to %s"), "/");
-+
-+ sigfillset (&ourset);
-+ if (sigprocmask (SIG_BLOCK, &ourset, NULL))
-+ {
-+ warn (_("cannot block signals"));
-+ caught_signal = true;
-+ }
-+ if (!caught_signal)
-+ {
-+ struct sigaction action;
-+ action.sa_handler = su_catch_sig;
-+ sigemptyset (&action.sa_mask);
-+ action.sa_flags = 0;
-+ sigemptyset (&ourset);
-+ if (!same_session)
-+ {
-+ if (sigaddset(&ourset, SIGINT) || sigaddset(&ourset, SIGQUIT))
-+ {
-+ warn (_("cannot set signal handler"));
-+ caught_signal = true;
-+ }
-+ }
-+ if (!caught_signal && (sigaddset(&ourset, SIGTERM)
-+ || sigaddset(&ourset, SIGALRM)
-+ || sigaction(SIGTERM, &action, NULL)
-+ || sigprocmask(SIG_UNBLOCK, &ourset, NULL))) {
-+ warn (_("cannot set signal handler"));
-+ caught_signal = true;
-+ }
-+ if (!caught_signal && !same_session && (sigaction(SIGINT, &action, NULL)
-+ || sigaction(SIGQUIT, &action, NULL)))
-+ {
-+ warn (_("cannot set signal handler"));
-+ caught_signal = true;
-+ }
-+ }
-+ if (!caught_signal)
-+ {
-+ pid_t pid;
-+ for (;;)
-+ {
-+ pid = waitpid (child, &status, WUNTRACED);
-+
-+ if (pid != (pid_t)-1 && WIFSTOPPED (status))
-+ {
-+ kill (getpid (), SIGSTOP);
-+ /* once we get here, we must have resumed */
-+ kill (pid, SIGCONT);
-+ }
-+ else
-+ break;
-+ }
-+ if (pid != (pid_t)-1)
-+ if (WIFSIGNALED (status))
-+ status = WTERMSIG (status) + 128;
-+ else
-+ status = WEXITSTATUS (status);
-+ else
-+ status = 1;
-+ }
-+ else
-+ status = 1;
-+
-+ if (caught_signal)
-+ {
-+ fprintf (stderr, _("\nSession terminated, killing shell..."));
-+ kill (child, SIGTERM);
-+ }
-+
-+ cleanup_pam (PAM_SUCCESS);
-+
-+ if (caught_signal)
-+ {
-+ sleep (2);
-+ kill (child, SIGKILL);
-+ fprintf (stderr, _(" ...killed.\n"));
-+ }
-+ exit (status);
-+}
-+
-+static void
-+authenticate (const struct passwd *pw)
-+{
-+ const struct passwd *lpw;
-+ const char *cp, *srvname = NULL;
-+ int retval;
-+
-+ switch (su_mode) {
-+ case SU_MODE:
-+ srvname = simulate_login ? PAM_SRVNAME_SU_L : PAM_SRVNAME_SU;
-+ break;
-+ case RUNUSER_MODE:
-+ srvname = simulate_login ? PAM_SRVNAME_RUNUSER_L : PAM_SRVNAME_RUNUSER;
-+ break;
-+ }
-+
-+ retval = pam_start (srvname, pw->pw_name, &conv, &pamh);
-+ if (is_pam_failure(retval))
-+ goto done;
-+
-+ if (isatty (0) && (cp = ttyname (0)) != NULL)
-+ {
-+ const char *tty;
-+
-+ if (strncmp (cp, "/dev/", 5) == 0)
-+ tty = cp + 5;
-+ else
-+ tty = cp;
-+ retval = pam_set_item (pamh, PAM_TTY, tty);
-+ if (is_pam_failure(retval))
-+ goto done;
-+ }
-+
-+ lpw = getpwuid (getuid ());
-+ if (lpw && lpw->pw_name)
-+ {
-+ retval = pam_set_item (pamh, PAM_RUSER, (const void *) lpw->pw_name);
-+ if (is_pam_failure(retval))
-+ goto done;
-+ }
-+
-+ if (su_mode == RUNUSER_MODE)
-+ {
-+ /*
-+ * This is the only difference between runuser(1) and su(1). The command
-+ * runuser(1) does not required authentication, because user is root.
-+ */
-+ if (restricted)
-+ errx(EXIT_FAILURE, _("may not be used by non-root users"));
-+ return;
-+ }
-+
-+ retval = pam_authenticate (pamh, 0);
-+ if (is_pam_failure(retval))
-+ goto done;
-+
-+ retval = pam_acct_mgmt (pamh, 0);
-+ if (retval == PAM_NEW_AUTHTOK_REQD)
-+ {
-+ /* Password has expired. Offer option to change it. */
-+ retval = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
-+ }
-+
-+done:
-+
-+ log_su (pw, !is_pam_failure(retval));
-+
-+ if (is_pam_failure(retval))
-+ {
-+ const char *msg = pam_strerror(pamh, retval);
-+ pam_end(pamh, retval);
-+ sleep (getlogindefs_num ("FAIL_DELAY", 1));
-+ errx (EXIT_FAILURE, "%s", msg?msg:_("incorrect password"));
-+ }
-+}
-+
-+/* Add or clear /sbin and /usr/sbin for the su command
-+ used without `-'. */
-+
-+/* Set if /sbin is found in path. */
-+#define SBIN_MASK 0x01
-+/* Set if /usr/sbin is found in path. */
-+#define USBIN_MASK 0x02
-+
-+static char *
-+addsbin (const char *const path)
-+{
-+ unsigned char smask = 0;
-+ char *ptr, *tmp, *cur, *ret = NULL;
-+ size_t len;
-+
-+ if (!path || *path == 0)
-+ return NULL;
-+
-+ tmp = xstrdup (path);
-+ cur = tmp;
-+ for (ptr = strsep (&cur, ":"); ptr != NULL; ptr = strsep (&cur, ":"))
-+ {
-+ if (!strcmp (ptr, "/sbin"))
-+ smask |= SBIN_MASK;
-+ if (!strcmp (ptr, "/usr/sbin"))
-+ smask |= USBIN_MASK;
-+ }
-+
-+ if ((smask & (USBIN_MASK|SBIN_MASK)) == (USBIN_MASK|SBIN_MASK))
-+ {
-+ free (tmp);
-+ return NULL;
-+ }
-+
-+ len = strlen (path);
-+ if (!(smask & USBIN_MASK))
-+ len += strlen ("/usr/sbin:");
-+
-+ if (!(smask & SBIN_MASK))
-+ len += strlen (":/sbin");
-+
-+ ret = xmalloc (len + 1);
-+ strcpy (tmp, path);
-+
-+ *ret = 0;
-+ cur = tmp;
-+ for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":"))
-+ {
-+ if (!strcmp (ptr, "."))
-+ continue;
-+ if (*ret)
-+ strcat (ret, ":");
-+ if (!(smask & USBIN_MASK) && !strcmp (ptr, "/bin"))
-+ {
-+ strcat (ret, "/usr/sbin:");
-+ strcat (ret, ptr);
-+ smask |= USBIN_MASK;
-+ continue;
-+ }
-+ if (!(smask & SBIN_MASK) && !strcmp (ptr, "/usr/bin"))
-+ {
-+ strcat (ret, ptr);
-+ strcat (ret, ":/sbin");
-+ smask |= SBIN_MASK;
-+ continue;
-+ }
-+ strcat (ret, ptr);
-+ }
-+ free (tmp);
-+
-+ if (!(smask & USBIN_MASK))
-+ strcat (ret, ":/usr/sbin");
-+
-+ if (!(smask & SBIN_MASK))
-+ strcat (ret, ":/sbin");
-+
-+ return ret;
-+}
-+
-+static char *
-+clearsbin (const char *const path)
-+{
-+ char *ptr, *tmp, *cur, *ret = NULL;
-+
-+ if (!path || *path == 0)
-+ return NULL;
-+
-+ tmp = xstrdup (path);
-+
-+ ret = xmalloc (strlen (path) + 1);
-+ *ret = 0;
-+ cur = tmp;
-+ for (ptr = strsep (&cur, ":"); ptr; ptr = strsep (&cur, ":"))
-+ {
-+ if (!strcmp (ptr, "/sbin"))
-+ continue;
-+ if (!strcmp (ptr, "/usr/sbin"))
-+ continue;
-+ if (!strcmp (ptr, "/usr/local/sbin"))
-+ continue;
-+ if (*ret)
-+ strcat (ret, ":");
-+ strcat (ret, ptr);
-+ }
-+ free (tmp);
-+
-+ return ret;
-+}
-+
-+static void
-+set_path(const struct passwd* pw)
-+{
-+ int r;
-+ if (pw->pw_uid)
-+ r = logindefs_setenv("PATH", "ENV_PATH", _PATH_DEFPATH);
-+
-+ else if ((r = logindefs_setenv("PATH", "ENV_ROOTPATH", NULL)) != 0)
-+ r = logindefs_setenv("PATH", "ENV_SUPATH", _PATH_DEFPATH_ROOT);
-+
-+ if (r != 0)
-+ err (EXIT_FAILURE, _("failed to set PATH"));
-+}
-+
-+/* Update `environ' for the new shell based on PW, with SHELL being
-+ the value for the SHELL environment variable. */
-+
-+static void
-+modify_environment (const struct passwd *pw, const char *shell)
-+{
-+ if (simulate_login)
-+ {
-+ /* Leave TERM unchanged. Set HOME, SHELL, USER, LOGNAME, PATH.
-+ Unset all other environment variables. */
-+ char const *term = getenv ("TERM");
-+ if (term)
-+ term = xstrdup (term);
-+ environ = xmalloc ((6 + !!term) * sizeof (char *));
-+ environ[0] = NULL;
-+ if (term)
-+ xsetenv ("TERM", term, 1);
-+ xsetenv ("HOME", pw->pw_dir, 1);
-+ xsetenv ("SHELL", shell, 1);
-+ xsetenv ("USER", pw->pw_name, 1);
-+ xsetenv ("LOGNAME", pw->pw_name, 1);
-+ set_path(pw);
-+ }
-+ else
-+ {
-+ /* Set HOME, SHELL, and if not becoming a super-user,
-+ USER and LOGNAME. */
-+ if (change_environment)
-+ {
-+ xsetenv ("HOME", pw->pw_dir, 1);
-+ xsetenv ("SHELL", shell, 1);
-+ if (getlogindefs_bool ("ALWAYS_SET_PATH", 0))
-+ set_path(pw);
-+ else
-+ {
-+ char const *path = getenv ("PATH");
-+ char *new = NULL;
-+
-+ if (pw->pw_uid)
-+ new = clearsbin (path);
-+ else
-+ new = addsbin (path);
-+
-+ if (new)
-+ {
-+ xsetenv ("PATH", new, 1);
-+ free (new);
-+ }
-+ }
-+ if (pw->pw_uid)
-+ {
-+ xsetenv ("USER", pw->pw_name, 1);
-+ xsetenv ("LOGNAME", pw->pw_name, 1);
-+ }
-+ }
-+ }
-+
-+ export_pamenv ();
-+}
-+
-+/* Become the user and group(s) specified by PW. */
-+
-+static void
-+init_groups (const struct passwd *pw, gid_t *groups, int num_groups)
-+{
-+ int retval;
-+
-+ errno = 0;
-+
-+ if (num_groups)
-+ retval = setgroups (num_groups, groups);
-+ else
-+ retval = initgroups (pw->pw_name, pw->pw_gid);
-+
-+ if (retval == -1)
-+ {
-+ cleanup_pam (PAM_ABORT);
-+ err (EXIT_FAILURE, _("cannot set groups"));
-+ }
-+ endgrent ();
-+
-+ retval = pam_setcred (pamh, PAM_ESTABLISH_CRED);
-+ if (is_pam_failure(retval))
-+ errx (EXIT_FAILURE, "%s", pam_strerror (pamh, retval));
-+ else
-+ _pam_cred_established = 1;
-+}
-+
-+static void
-+change_identity (const struct passwd *pw)
-+{
-+ if (setgid (pw->pw_gid))
-+ err (EXIT_FAILURE, _("cannot set group id"));
-+ if (setuid (pw->pw_uid))
-+ err (EXIT_FAILURE, _("cannot set user id"));
-+}
-+
-+/* Run SHELL, or DEFAULT_SHELL if SHELL is empty.
-+ If COMMAND is nonzero, pass it to the shell with the -c option.
-+ Pass ADDITIONAL_ARGS to the shell as more arguments; there
-+ are N_ADDITIONAL_ARGS extra arguments. */
-+
-+static void
-+run_shell (char const *shell, char const *command, char **additional_args,
-+ size_t n_additional_args)
-+{
-+ size_t n_args = 1 + fast_startup + 2 * !!command + n_additional_args + 1;
-+ char const **args = xcalloc (n_args, sizeof *args);
-+ size_t argno = 1;
-+
-+ if (simulate_login)
-+ {
-+ char *arg0;
-+ char *shell_basename;
-+
-+ shell_basename = basename (shell);
-+ arg0 = xmalloc (strlen (shell_basename) + 2);
-+ arg0[0] = '-';
-+ strcpy (arg0 + 1, shell_basename);
-+ args[0] = arg0;
-+ }
-+ else
-+ args[0] = basename (shell);
-+ if (fast_startup)
-+ args[argno++] = "-f";
-+ if (command)
-+ {
-+ args[argno++] = "-c";
-+ args[argno++] = command;
-+ }
-+ memcpy (args + argno, additional_args, n_additional_args * sizeof *args);
-+ args[argno + n_additional_args] = NULL;
-+ execv (shell, (char **) args);
-+
-+ {
-+ int exit_status = (errno == ENOENT ? EXIT_ENOENT : EXIT_CANNOT_INVOKE);
-+ warn ("%s", shell);
-+ exit (exit_status);
-+ }
-+}
-+
-+/* Return true if SHELL is a restricted shell (one not returned by
-+ getusershell), else false, meaning it is a standard shell. */
-+
-+static bool
-+restricted_shell (const char *shell)
-+{
-+ char *line;
-+
-+ setusershell ();
-+ while ((line = getusershell ()) != NULL)
-+ {
-+ if (*line != '#' && !strcmp (line, shell))
-+ {
-+ endusershell ();
-+ return false;
-+ }
-+ }
-+ endusershell ();
-+ return true;
-+}
-+
-+static void __attribute__((__noreturn__))
-+usage (int status)
-+{
-+ if (status != EXIT_SUCCESS)
-+ fprintf (stderr, _("Try `%s --help' for more information.\n"),
-+ program_invocation_short_name);
-+ else
-+ {
-+ fputs(USAGE_HEADER, stdout);
-+ printf (_(" %s [options] [-] [USER [arg]...]\n"), program_invocation_short_name);
-+ fputs (_("\n\
-+ Change the effective user id and group id to that of USER.\n\
-+ A mere - implies -l. If USER not given, assume root.\n"), stdout);
-+ fputs(USAGE_OPTIONS, stdout);
-+ fputs (_("\
-+ -, -l, --login make the shell a login shell\n\
-+ -c, --command <command> pass a single command to the shell with -c\n\
-+ --session-command <command> pass a single command to the shell with -c\n\
-+ and do not create a new session\n\
-+ -g --group=group specify the primary group\n\
-+ -G --supp-group=group specify a supplemental group\n\
-+ -f, --fast pass -f to the shell (for csh or tcsh)\n\
-+ -m, --preserve-environment do not reset environment variables\n\
-+ -p same as -m\n\
-+ -s, --shell <shell> run shell if /etc/shells allows it\n\
-+"), stdout);
-+
-+ fputs(USAGE_SEPARATOR, stdout);
-+ fputs(USAGE_HELP, stdout);
-+ fputs(USAGE_VERSION, stdout);
-+ printf(USAGE_MAN_TAIL("su(1)"));
-+ }
-+ exit (status);
-+}
-+
-+static
-+void load_config(void)
-+{
-+ switch (su_mode) {
-+ case SU_MODE:
-+ logindefs_load_file(_PATH_LOGINDEFS_SU);
-+ break;
-+ case RUNUSER_MODE:
-+ logindefs_load_file(_PATH_LOGINDEFS_RUNUSER);
-+ break;
-+ }
-+
-+ logindefs_load_file(_PATH_LOGINDEFS);
-+}
-+
-+/*
-+ * Returns 1 if the current user is not root
-+ */
-+static int
-+evaluate_uid(void)
-+{
-+ uid_t ruid = getuid();
-+ uid_t euid = geteuid();
-+
-+ /* if we're really root and aren't running setuid */
-+ return (uid_t) 0 == ruid && ruid == euid ? 0 : 1;
-+}
-+
-+int
-+su_main (int argc, char **argv, int mode)
-+{
-+ int optc;
-+ const char *new_user = DEFAULT_USER;
-+ char *command = NULL;
-+ int request_same_session = 0;
-+ char *shell = NULL;
-+ struct passwd *pw;
-+ struct passwd pw_copy;
-+ struct group *gr;
-+ gid_t groups[NGROUPS_MAX];
-+ int num_supp_groups = 0;
-+ int use_gid = 0;
-+
-+ setlocale (LC_ALL, "");
-+ bindtextdomain (PACKAGE, LOCALEDIR);
-+ textdomain (PACKAGE);
-+
-+ su_mode = mode;
-+ fast_startup = false;
-+ simulate_login = false;
-+ change_environment = true;
-+
-+ while ((optc = getopt_long (argc, argv, "c:fg:G:lmps:hV", longopts, NULL)) != -1)
-+ {
-+ switch (optc)
-+ {
-+ case 'c':
-+ command = optarg;
-+ break;
-+
-+ case 'C':
-+ command = optarg;
-+ request_same_session = 1;
-+ break;
-+
-+ case 'f':
-+ fast_startup = true;
-+ break;
-+
-+ case 'g':
-+ gr = getgrnam(optarg);
-+ if (!gr)
-+ errx(EXIT_FAILURE, _("group %s does not exist"), optarg);
-+ use_gid = 1;
-+ groups[0] = gr->gr_gid;
-+ break;
-+
-+ case 'G':
-+ num_supp_groups++;
-+ if (num_supp_groups >= NGROUPS_MAX)
-+ errx(EXIT_FAILURE,
-+ _("can't specify more than %d supplemental groups"),
-+ NGROUPS_MAX - 1);
-+ gr = getgrnam(optarg);
-+ if (!gr)
-+ errx(EXIT_FAILURE, _("group %s does not exist"), optarg);
-+ groups[num_supp_groups] = gr->gr_gid;
-+ break;
-+
-+ case 'l':
-+ simulate_login = true;
-+ break;
-+
-+ case 'm':
-+ case 'p':
-+ change_environment = false;
-+ break;
-+
-+ case 's':
-+ shell = optarg;
-+ break;
-+
-+ case 'h':
-+ usage(0);
-+
-+ case 'V':
-+ printf(UTIL_LINUX_VERSION);
-+ exit(EXIT_SUCCESS);
-+
-+ default:
-+ usage (EXIT_FAILURE);
-+ }
-+ }
-+
-+ restricted = evaluate_uid ();
-+
-+ if (optind < argc && !strcmp (argv[optind], "-"))
-+ {
-+ simulate_login = true;
-+ ++optind;
-+ }
-+ if (optind < argc)
-+ new_user = argv[optind++];
-+
-+ if ((num_supp_groups || use_gid) && restricted)
-+ errx(EXIT_FAILURE, _("only root can specify alternative groups"));
-+
-+ logindefs_load_defaults = load_config;
-+
-+ pw = getpwnam (new_user);
-+ if (! (pw && pw->pw_name && pw->pw_name[0] && pw->pw_dir && pw->pw_dir[0]
-+ && pw->pw_passwd))
-+ errx (EXIT_FAILURE, _("user %s does not exist"), new_user);
-+
-+ /* Make a copy of the password information and point pw at the local
-+ copy instead. Otherwise, some systems (e.g. Linux) would clobber
-+ the static data through the getlogin call from log_su.
-+ Also, make sure pw->pw_shell is a nonempty string.
-+ It may be NULL when NEW_USER is a username that is retrieved via NIS (YP),
-+ but that doesn't have a default shell listed. */
-+ pw_copy = *pw;
-+ pw = &pw_copy;
-+ pw->pw_name = xstrdup (pw->pw_name);
-+ pw->pw_passwd = xstrdup (pw->pw_passwd);
-+ pw->pw_dir = xstrdup (pw->pw_dir);
-+ pw->pw_shell = xstrdup (pw->pw_shell && pw->pw_shell[0]
-+ ? pw->pw_shell
-+ : DEFAULT_SHELL);
-+ endpwent ();
-+
-+ if (num_supp_groups && !use_gid)
-+ {
-+ pw->pw_gid = groups[1];
-+ memmove (groups, groups + 1, sizeof(gid_t) * num_supp_groups);
-+ }
-+ else if (use_gid)
-+ {
-+ pw->pw_gid = groups[0];
-+ num_supp_groups++;
-+ }
-+
-+ authenticate (pw);
-+
-+ if (request_same_session || !command || !pw->pw_uid)
-+ same_session = 1;
-+
-+ if (!shell && !change_environment)
-+ shell = getenv ("SHELL");
-+ if (shell && getuid () != 0 && restricted_shell (pw->pw_shell))
-+ {
-+ /* The user being su'd to has a nonstandard shell, and so is
-+ probably a uucp account or has restricted access. Don't
-+ compromise the account by allowing access with a standard
-+ shell. */
-+ warnx (_("using restricted shell %s"), pw->pw_shell);
-+ shell = NULL;
-+ }
-+ shell = xstrdup (shell ? shell : pw->pw_shell);
-+
-+ init_groups (pw, groups, num_supp_groups);
-+
-+ create_watching_parent ();
-+ /* Now we're in the child. */
-+
-+ change_identity (pw);
-+ if (!same_session)
-+ setsid ();
-+
-+ /* Set environment after pam_open_session, which may put KRB5CCNAME
-+ into the pam_env, etc. */
-+
-+ modify_environment (pw, shell);
-+
-+ if (simulate_login && chdir (pw->pw_dir) != 0)
-+ warn (_("warning: cannot change directory to %s"), pw->pw_dir);
-+
-+ run_shell (shell, command, argv + optind, max (0, argc - optind));
-+}
-+
-+// vim: sw=2 cinoptions=>4,n-2,{2,^-2,\:2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1
-diff --git a/login-utils/su-common.h b/login-utils/su-common.h
-new file mode 100644
-index 0000000..7cf3769
---- /dev/null
-+++ b/login-utils/su-common.h
-@@ -0,0 +1,11 @@
-+#ifndef UTIL_LINUX_SU_COMMON_H
-+#define UTIL_LINUX_SU_COMMON_H
-+
-+enum {
-+ SU_MODE,
-+ RUNUSER_MODE
-+};
-+
-+extern int su_main(int argc, char **argv, int mode);
-+
-+#endif /* UTIL_LINUX_SU_COMMON */
-diff --git a/login-utils/su.1 b/login-utils/su.1
-index 598cebd..59e1731 100644
---- a/login-utils/su.1
-+++ b/login-utils/su.1
-@@ -59,6 +59,12 @@ Pass
- to the shell which may or may not be useful depending on the
- shell.
- .TP
-+\fB\-g\fR, \fB\-\-group\fR=\fIgroup\fR\fR
-+specify the primary group, this option is allowed for root user only
-+.TP
-+\fB\-G\fR, \fB\-\-supp-group\fR=\fIgroup\fR\fR
-+specify a supplemental group, this option is allowed for root user only
-+.TP
- \fB\-\fR, \fB\-l\fR, \fB\-\-login\fR
- Starts the shell as login shell with an environment similar to a real
- login:
-diff --git a/login-utils/su.c b/login-utils/su.c
-index c6b8bce..29c10f0 100644
---- a/login-utils/su.c
-+++ b/login-utils/su.c
-@@ -1,689 +1,8 @@
--/* su for Linux. Run a shell with substitute user and group IDs.
-- Copyright (C) 1992-2006 Free Software Foundation, Inc.
-- Copyright (C) 2012 SUSE Linux Products GmbH, Nuernberg
-
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; either version 2, or (at your option)
-- any later version.
-+#include "su-common.h"
-
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software Foundation,
-- Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */
--
--/* Run a shell with the real and effective UID and GID and groups
-- of USER, default `root'.
--
-- The shell run is taken from USER's password entry, /bin/sh if
-- none is specified there. If the account has a password, su
-- prompts for a password unless run by a user with real UID 0.
--
-- Does not change the current directory.
-- Sets `HOME' and `SHELL' from the password entry for USER, and if
-- USER is not root, sets `USER' and `LOGNAME' to USER.
-- The subshell is not a login shell.
--
-- If one or more ARGs are given, they are passed as additional
-- arguments to the subshell.
--
-- Does not handle /bin/sh or other shells specially
-- (setting argv[0] to "-su", passing -c only to certain shells, etc.).
-- I don't see the point in doing that, and it's ugly.
--
-- Based on an implemenation by David MacKenzie <djm@gnu.ai.mit.edu>. */
--
--enum
--{
-- EXIT_CANNOT_INVOKE = 126,
-- EXIT_ENOENT = 127
--};
--
--#include <config.h>
--#include <stdio.h>
--#include <getopt.h>
--#include <sys/types.h>
--#include <pwd.h>
--#include <grp.h>
--#include <security/pam_appl.h>
--#include <security/pam_misc.h>
--#include <signal.h>
--#include <sys/wait.h>
--#include <syslog.h>
--
--#include "err.h"
--
--#include <stdbool.h>
--#include "c.h"
--#include "xalloc.h"
--#include "nls.h"
--#include "pathnames.h"
--#include "env.h"
--
--/* name of the pam configuration files. separate configs for su and su - */
--#define PAM_SERVICE_NAME "su"
--#define PAM_SERVICE_NAME_L "su-l"
--
--#define is_pam_failure(_rc) ((_rc) != PAM_SUCCESS)
--
--#include "logindefs.h"
--
--/* The shell to run if none is given in the user's passwd entry. */
--#define DEFAULT_SHELL "/bin/sh"
--
--/* The user to become if none is specified. */
--#define DEFAULT_USER "root"
--
--#ifndef HAVE_ENVIRON_DECL
--extern char **environ;
--#endif
--
--static void run_shell (char const *, char const *, char **, size_t)
-- __attribute__ ((__noreturn__));
--
--/* If true, pass the `-f' option to the subshell. */
--static bool fast_startup;
--
--/* If true, simulate a login instead of just starting a shell. */
--static bool simulate_login;
--
--/* If true, change some environment vars to indicate the user su'd to. */
--static bool change_environment;
--
--/* If true, then don't call setsid() with a command. */
--int same_session = 0;
--
--static bool _pam_session_opened;
--static bool _pam_cred_established;
--static sig_atomic_t volatile caught_signal = false;
--static pam_handle_t *pamh = NULL;
--
--static struct option const longopts[] =
--{
-- {"command", required_argument, NULL, 'c'},
-- {"session-command", required_argument, NULL, 'C'},
-- {"fast", no_argument, NULL, 'f'},
-- {"login", no_argument, NULL, 'l'},
-- {"preserve-environment", no_argument, NULL, 'p'},
-- {"shell", required_argument, NULL, 's'},
-- {"help", no_argument, 0, 'h'},
-- {"version", no_argument, 0, 'V'},
-- {NULL, 0, NULL, 0}
--};
--
--/* Log the fact that someone has run su to the user given by PW;
-- if SUCCESSFUL is true, they gave the correct password, etc. */
--
--static void
--log_su (struct passwd const *pw, bool successful)
--{
-- const char *new_user, *old_user, *tty;
--
-- new_user = pw->pw_name;
-- /* The utmp entry (via getlogin) is probably the best way to identify
-- the user, especially if someone su's from a su-shell. */
-- old_user = getlogin ();
-- if (!old_user)
-- {
-- /* getlogin can fail -- usually due to lack of utmp entry.
-- Resort to getpwuid. */
-- struct passwd *pwd = getpwuid (getuid ());
-- old_user = (pwd ? pwd->pw_name : "");
-- }
-- tty = ttyname (STDERR_FILENO);
-- if (!tty)
-- tty = "none";
--
-- openlog (program_invocation_short_name, 0 , LOG_AUTH);
-- syslog (LOG_NOTICE, "%s(to %s) %s on %s",
-- successful ? "" : "FAILED SU ",
-- new_user, old_user, tty);
-- closelog ();
--}
--
--static struct pam_conv conv =
--{
-- misc_conv,
-- NULL
--};
--
--static void
--cleanup_pam (int retcode)
-+int main(int argv, char **argc)
- {
-- int saved_errno = errno;
--
-- if (_pam_session_opened)
-- pam_close_session (pamh, 0);
--
-- if (_pam_cred_established)
-- pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT);
--
-- pam_end(pamh, retcode);
--
-- errno = saved_errno;
--}
--
--/* Signal handler for parent process. */
--static void
--su_catch_sig (int sig __attribute__((__unused__)))
--{
-- caught_signal = true;
--}
--
--/* Export env variables declared by PAM modules. */
--static void
--export_pamenv (void)
--{
-- char **env;
--
-- /* This is a copy but don't care to free as we exec later anyways. */
-- env = pam_getenvlist (pamh);
-- while (env && *env)
-- {
-- if (putenv (*env) != 0)
-- err (EXIT_FAILURE, NULL);
-- env++;
-- }
--}
--
--static void
--create_watching_parent (void)
--{
-- pid_t child;
-- sigset_t ourset;
-- int status = 0;
-- int retval;
--
-- retval = pam_open_session (pamh, 0);
-- if (is_pam_failure(retval))
-- {
-- cleanup_pam (retval);
-- errx (EXIT_FAILURE, _("cannot not open session: %s"),
-- pam_strerror (pamh, retval));
-- }
-- else
-- _pam_session_opened = 1;
--
-- child = fork ();
-- if (child == (pid_t) -1)
-- {
-- cleanup_pam (PAM_ABORT);
-- err (EXIT_FAILURE, _("cannot create child process"));
-- }
--
-- /* the child proceeds to run the shell */
-- if (child == 0)
-- return;
--
-- /* In the parent watch the child. */
--
-- /* su without pam support does not have a helper that keeps
-- sitting on any directory so let's go to /. */
-- if (chdir ("/") != 0)
-- warn (_("cannot change directory to %s"), "/");
--
-- sigfillset (&ourset);
-- if (sigprocmask (SIG_BLOCK, &ourset, NULL))
-- {
-- warn (_("cannot block signals"));
-- caught_signal = true;
-- }
-- if (!caught_signal)
-- {
-- struct sigaction action;
-- action.sa_handler = su_catch_sig;
-- sigemptyset (&action.sa_mask);
-- action.sa_flags = 0;
-- sigemptyset (&ourset);
-- if (!same_session)
-- {
-- if (sigaddset(&ourset, SIGINT) || sigaddset(&ourset, SIGQUIT))
-- {
-- warn (_("cannot set signal handler"));
-- caught_signal = true;
-- }
-- }
-- if (!caught_signal && (sigaddset(&ourset, SIGTERM)
-- || sigaddset(&ourset, SIGALRM)
-- || sigaction(SIGTERM, &action, NULL)
-- || sigprocmask(SIG_UNBLOCK, &ourset, NULL))) {
-- warn (_("cannot set signal handler"));
-- caught_signal = true;
-- }
-- if (!caught_signal && !same_session && (sigaction(SIGINT, &action, NULL)
-- || sigaction(SIGQUIT, &action, NULL)))
-- {
-- warn (_("cannot set signal handler"));
-- caught_signal = true;
-- }
-- }
-- if (!caught_signal)
-- {
-- pid_t pid;
-- for (;;)
-- {
-- pid = waitpid (child, &status, WUNTRACED);
--
-- if (pid != (pid_t)-1 && WIFSTOPPED (status))
-- {
-- kill (getpid (), SIGSTOP);
-- /* once we get here, we must have resumed */
-- kill (pid, SIGCONT);
-- }
-- else
-- break;
-- }
-- if (pid != (pid_t)-1)
-- if (WIFSIGNALED (status))
-- status = WTERMSIG (status) + 128;
-- else
-- status = WEXITSTATUS (status);
-- else
-- status = 1;
-- }
-- else
-- status = 1;
--
-- if (caught_signal)
-- {
-- fprintf (stderr, _("\nSession terminated, killing shell..."));
-- kill (child, SIGTERM);
-- }
--
-- cleanup_pam (PAM_SUCCESS);
--
-- if (caught_signal)
-- {
-- sleep (2);
-- kill (child, SIGKILL);
-- fprintf (stderr, _(" ...killed.\n"));
-- }
-- exit (status);
--}
--
--static void
--authenticate (const struct passwd *pw)
--{
-- const struct passwd *lpw;
-- const char *cp;
-- int retval;
--
-- retval = pam_start (simulate_login ? PAM_SERVICE_NAME_L : PAM_SERVICE_NAME,
-- pw->pw_name, &conv, &pamh);
-- if (is_pam_failure(retval))
-- goto done;
--
-- if (isatty (0) && (cp = ttyname (0)) != NULL)
-- {
-- const char *tty;
--
-- if (strncmp (cp, "/dev/", 5) == 0)
-- tty = cp + 5;
-- else
-- tty = cp;
-- retval = pam_set_item (pamh, PAM_TTY, tty);
-- if (is_pam_failure(retval))
-- goto done;
-- }
--
-- lpw = getpwuid (getuid ());
-- if (lpw && lpw->pw_name)
-- {
-- retval = pam_set_item (pamh, PAM_RUSER, (const void *) lpw->pw_name);
-- if (is_pam_failure(retval))
-- goto done;
-- }
--
-- retval = pam_authenticate (pamh, 0);
-- if (is_pam_failure(retval))
-- goto done;
--
-- retval = pam_acct_mgmt (pamh, 0);
-- if (retval == PAM_NEW_AUTHTOK_REQD)
-- {
-- /* Password has expired. Offer option to change it. */
-- retval = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
-- }
--
--done:
--
-- log_su (pw, !is_pam_failure(retval));
--
-- if (is_pam_failure(retval))
-- {
-- const char *msg = pam_strerror(pamh, retval);
-- pam_end(pamh, retval);
-- sleep (getlogindefs_num ("FAIL_DELAY", 1));
-- errx (EXIT_FAILURE, "%s", msg?msg:_("incorrect password"));
-- }
--}
--
--static void
--set_path(const struct passwd* pw)
--{
-- int r;
-- if (pw->pw_uid)
-- r = logindefs_setenv("PATH", "ENV_PATH", _PATH_DEFPATH);
--
-- else if ((r = logindefs_setenv("PATH", "ENV_ROOTPATH", NULL)) != 0)
-- r = logindefs_setenv("PATH", "ENV_SUPATH", _PATH_DEFPATH_ROOT);
--
-- if (r != 0)
-- err (EXIT_FAILURE, _("failed to set PATH"));
--}
--
--/* Update `environ' for the new shell based on PW, with SHELL being
-- the value for the SHELL environment variable. */
--
--static void
--modify_environment (const struct passwd *pw, const char *shell)
--{
-- if (simulate_login)
-- {
-- /* Leave TERM unchanged. Set HOME, SHELL, USER, LOGNAME, PATH.
-- Unset all other environment variables. */
-- char const *term = getenv ("TERM");
-- if (term)
-- term = xstrdup (term);
-- environ = xmalloc ((6 + !!term) * sizeof (char *));
-- environ[0] = NULL;
-- if (term)
-- xsetenv ("TERM", term, 1);
-- xsetenv ("HOME", pw->pw_dir, 1);
-- xsetenv ("SHELL", shell, 1);
-- xsetenv ("USER", pw->pw_name, 1);
-- xsetenv ("LOGNAME", pw->pw_name, 1);
-- set_path(pw);
-- }
-- else
-- {
-- /* Set HOME, SHELL, and if not becoming a super-user,
-- USER and LOGNAME. */
-- if (change_environment)
-- {
-- xsetenv ("HOME", pw->pw_dir, 1);
-- xsetenv ("SHELL", shell, 1);
-- if (getlogindefs_bool ("ALWAYS_SET_PATH", 0))
-- set_path(pw);
--
-- if (pw->pw_uid)
-- {
-- xsetenv ("USER", pw->pw_name, 1);
-- xsetenv ("LOGNAME", pw->pw_name, 1);
-- }
-- }
-- }
--
-- export_pamenv ();
--}
--
--/* Become the user and group(s) specified by PW. */
--
--static void
--init_groups (const struct passwd *pw)
--{
-- int retval;
-- errno = 0;
-- if (initgroups (pw->pw_name, pw->pw_gid) == -1)
-- {
-- cleanup_pam (PAM_ABORT);
-- err (EXIT_FAILURE, _("cannot set groups"));
-- }
-- endgrent ();
--
-- retval = pam_setcred (pamh, PAM_ESTABLISH_CRED);
-- if (is_pam_failure(retval))
-- errx (EXIT_FAILURE, "%s", pam_strerror (pamh, retval));
-- else
-- _pam_cred_established = 1;
--}
--
--static void
--change_identity (const struct passwd *pw)
--{
-- if (setgid (pw->pw_gid))
-- err (EXIT_FAILURE, _("cannot set group id"));
-- if (setuid (pw->pw_uid))
-- err (EXIT_FAILURE, _("cannot set user id"));
--}
--
--/* Run SHELL, or DEFAULT_SHELL if SHELL is empty.
-- If COMMAND is nonzero, pass it to the shell with the -c option.
-- Pass ADDITIONAL_ARGS to the shell as more arguments; there
-- are N_ADDITIONAL_ARGS extra arguments. */
--
--static void
--run_shell (char const *shell, char const *command, char **additional_args,
-- size_t n_additional_args)
--{
-- size_t n_args = 1 + fast_startup + 2 * !!command + n_additional_args + 1;
-- char const **args = xcalloc (n_args, sizeof *args);
-- size_t argno = 1;
--
-- if (simulate_login)
-- {
-- char *arg0;
-- char *shell_basename;
--
-- shell_basename = basename (shell);
-- arg0 = xmalloc (strlen (shell_basename) + 2);
-- arg0[0] = '-';
-- strcpy (arg0 + 1, shell_basename);
-- args[0] = arg0;
-- }
-- else
-- args[0] = basename (shell);
-- if (fast_startup)
-- args[argno++] = "-f";
-- if (command)
-- {
-- args[argno++] = "-c";
-- args[argno++] = command;
-- }
-- memcpy (args + argno, additional_args, n_additional_args * sizeof *args);
-- args[argno + n_additional_args] = NULL;
-- execv (shell, (char **) args);
--
-- {
-- int exit_status = (errno == ENOENT ? EXIT_ENOENT : EXIT_CANNOT_INVOKE);
-- warn ("%s", shell);
-- exit (exit_status);
-- }
--}
--
--/* Return true if SHELL is a restricted shell (one not returned by
-- getusershell), else false, meaning it is a standard shell. */
--
--static bool
--restricted_shell (const char *shell)
--{
-- char *line;
--
-- setusershell ();
-- while ((line = getusershell ()) != NULL)
-- {
-- if (*line != '#' && !strcmp (line, shell))
-- {
-- endusershell ();
-- return false;
-- }
-- }
-- endusershell ();
-- return true;
--}
--
--static void __attribute__((__noreturn__))
--usage (int status)
--{
-- if (status != EXIT_SUCCESS)
-- fprintf (stderr, _("Try `%s --help' for more information.\n"),
-- program_invocation_short_name);
-- else
-- {
-- fputs(USAGE_HEADER, stdout);
-- printf (_(" %s [options] [-] [USER [arg]...]\n"), program_invocation_short_name);
-- fputs (_("\n\
-- Change the effective user id and group id to that of USER.\n\
-- A mere - implies -l. If USER not given, assume root.\n"), stdout);
-- fputs(USAGE_OPTIONS, stdout);
-- fputs (_("\
-- -, -l, --login make the shell a login shell\n\
-- -c, --command <command> pass a single command to the shell with -c\n\
-- --session-command <command> pass a single command to the shell with -c\n\
-- and do not create a new session\n\
-- -f, --fast pass -f to the shell (for csh or tcsh)\n\
-- -m, --preserve-environment do not reset environment variables\n\
-- -p same as -m\n\
-- -s, --shell <shell> run shell if /etc/shells allows it\n\
--"), stdout);
--
-- fputs(USAGE_SEPARATOR, stdout);
-- fputs(USAGE_HELP, stdout);
-- fputs(USAGE_VERSION, stdout);
-- printf(USAGE_MAN_TAIL("su(1)"));
-- }
-- exit (status);
--}
--
--static
--void load_config(void)
--{
-- logindefs_load_file("/etc/default/su");
-- logindefs_load_file(_PATH_LOGINDEFS);
--}
--
--int
--main (int argc, char **argv)
--{
-- int optc;
-- const char *new_user = DEFAULT_USER;
-- char *command = NULL;
-- int request_same_session = 0;
-- char *shell = NULL;
-- struct passwd *pw;
-- struct passwd pw_copy;
--
-- setlocale (LC_ALL, "");
-- bindtextdomain (PACKAGE, LOCALEDIR);
-- textdomain (PACKAGE);
--
-- fast_startup = false;
-- simulate_login = false;
-- change_environment = true;
--
-- while ((optc = getopt_long (argc, argv, "c:flmps:hV", longopts, NULL)) != -1)
-- {
-- switch (optc)
-- {
-- case 'c':
-- command = optarg;
-- break;
--
-- case 'C':
-- command = optarg;
-- request_same_session = 1;
-- break;
--
-- case 'f':
-- fast_startup = true;
-- break;
--
-- case 'l':
-- simulate_login = true;
-- break;
--
-- case 'm':
-- case 'p':
-- change_environment = false;
-- break;
--
-- case 's':
-- shell = optarg;
-- break;
--
-- case 'h':
-- usage(0);
--
-- case 'V':
-- printf(UTIL_LINUX_VERSION);
-- exit(EXIT_SUCCESS);
--
-- default:
-- usage (EXIT_FAILURE);
-- }
-- }
--
-- if (optind < argc && !strcmp (argv[optind], "-"))
-- {
-- simulate_login = true;
-- ++optind;
-- }
-- if (optind < argc)
-- new_user = argv[optind++];
--
-- logindefs_load_defaults = load_config;
--
-- pw = getpwnam (new_user);
-- if (! (pw && pw->pw_name && pw->pw_name[0] && pw->pw_dir && pw->pw_dir[0]
-- && pw->pw_passwd))
-- errx (EXIT_FAILURE, _("user %s does not exist"), new_user);
--
-- /* Make a copy of the password information and point pw at the local
-- copy instead. Otherwise, some systems (e.g. Linux) would clobber
-- the static data through the getlogin call from log_su.
-- Also, make sure pw->pw_shell is a nonempty string.
-- It may be NULL when NEW_USER is a username that is retrieved via NIS (YP),
-- but that doesn't have a default shell listed. */
-- pw_copy = *pw;
-- pw = &pw_copy;
-- pw->pw_name = xstrdup (pw->pw_name);
-- pw->pw_passwd = xstrdup (pw->pw_passwd);
-- pw->pw_dir = xstrdup (pw->pw_dir);
-- pw->pw_shell = xstrdup (pw->pw_shell && pw->pw_shell[0]
-- ? pw->pw_shell
-- : DEFAULT_SHELL);
-- endpwent ();
--
-- authenticate (pw);
--
-- if (request_same_session || !command || !pw->pw_uid)
-- same_session = 1;
--
-- if (!shell && !change_environment)
-- shell = getenv ("SHELL");
-- if (shell && getuid () != 0 && restricted_shell (pw->pw_shell))
-- {
-- /* The user being su'd to has a nonstandard shell, and so is
-- probably a uucp account or has restricted access. Don't
-- compromise the account by allowing access with a standard
-- shell. */
-- warnx (_("using restricted shell %s"), pw->pw_shell);
-- shell = NULL;
-- }
-- shell = xstrdup (shell ? shell : pw->pw_shell);
--
-- init_groups (pw);
--
-- create_watching_parent ();
-- /* Now we're in the child. */
--
-- change_identity (pw);
-- if (!same_session)
-- setsid ();
--
-- /* Set environment after pam_open_session, which may put KRB5CCNAME
-- into the pam_env, etc. */
--
-- modify_environment (pw, shell);
--
-- if (simulate_login && chdir (pw->pw_dir) != 0)
-- warn (_("warning: cannot change directory to %s"), pw->pw_dir);
--
-- run_shell (shell, command, argv + optind, max (0, argc - optind));
-+ return su_main(argv, argc, SU_MODE);
- }
-
--// vim: sw=2 cinoptions=>4,n-2,{2,^-2,\:2,=2,g0,h2,p5,t0,+2,(0,u0,w1,m1
projects / packages / util-linux.git / commitdiff