1if [ ! "$_MUSTBEROOT_SUBR" ]; then _MUSTBEROOT_SUBR=1
2#
3# Copyright (c) 2006-2013 Devin Teske
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
--- 10 unchanged lines hidden (view full) ---
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26#
27# $FreeBSD: stable/9/usr.sbin/bsdconfig/share/mustberoot.subr 263791 2014-03-27 03:20:47Z dteske $
28#
29############################################################ INCLUDES
30
31BSDCFG_SHARE="/usr/share/bsdconfig"
32. $BSDCFG_SHARE/common.subr || exit 1
33f_dprintf "%s: loading includes..." mustberoot.subr
34f_include $BSDCFG_SHARE/dialog.subr
35f_include $BSDCFG_SHARE/strings.subr
36
37BSDCFG_LIBE="/usr/libexec/bsdconfig"
38f_include_lang $BSDCFG_LIBE/include/messages.subr
39
40############################################################ CONFIGURATION
41# NOTE: These are not able to be overridden/inherited for security purposes.
42
43#
--- 29 unchanged lines hidden (view full) ---
73#
74# The following environment variables effect functionality:
75#
76# USE_XDIALOG Either NULL or Non-NULL. If given a value will indicate
77# that Xdialog(1) should be used instead of dialog(1).
78#
79f_become_root_via_sudo()
80{
81 local funcname=f_become_root_via_sudo
82 local prompt hline height width rows msg
83
84 [ "$( id -u )" = "0" ] && return $SUCCESS
85
86 f_have sudo || f_die 1 "$msg_must_be_root_to_execute" "$pgm"
87
88 #
89 # Ask the user if it's OK to become root via sudo(8) and give them
90 # the option to save this preference (by touch(1)ing a file in the
91 # user's $HOME directory).
92 #
93 local checkpath="${HOME%/}/.bsdconfig_uses_sudo"
94 if [ ! -e "$checkpath" ]; then
95 f_sprintf prompt "$msg_you_are_not_root_but" bsdconfig
96 f_sprintf msg "$msg_always_try_sudo_when_run_as" "$USER"
97 local menu_list="
98 'X' '$msg_cancel_exit'
99 '1' '$msg'
100 '2' '$msg_try_sudo_only_this_once'
101 " # END-QUOTE
102 hline="$hline_arrows_tab_enter"
103
104 eval f_dialog_menu_size height width rows \
--- 16 unchanged lines hidden (view full) ---
121 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
122 ) || f_die
123 f_dialog_data_sanitize mtag
124
125 case "$mtag" in
126 X) # Cancel/Exit
127 f_die ;;
128 1) # Always try sudo(8) when run as $user
129 f_eval_catch $funcname touch \
130 'touch "%s"' "$checkpath" &&
131 f_show_msg "$msg_created_path" "$checkpath"
132 esac
133 else
134 #
135 # This user has created the path signing-off on sudo(8)-use
136 # but let's still give them a short/quick/unobtrusive reminder
137 #
138 f_dialog_info "$msg_becoming_root_via_sudo"
139 [ "$USE_XDIALOG" ] || sleep 0.6
--- 30 unchanged lines hidden (view full) ---
170 --cancel-label "$msg_cancel" \
171 --password --inputbox "$prompt" \
172 $height $width \
173 2>&1 > /dev/null
174 )
175 retval=$?
176
177 # Catch X11-related errors
178 if [ $retval -eq $DIALOG_ESC ]; then
179 f_die $retval "$password"
180 elif [ $retval -ne $DIALOG_OK ]; then
181 # User cancelled
182 exit $retval
183 fi
184 else
185 password=$( $DIALOG \
186 --title "$DIALOG_TITLE" \
187 --backtitle "$DIALOG_BACKTITLE" \
188 --hline "$hline" \
--- 30 unchanged lines hidden (view full) ---
219 fi
220 done
221
222 #
223 # If user exhausted number of allowed password tries, log
224 # the security event and exit immediately.
225 #
226 if [ $nfailures -ge $PASSWD_TRIES ]; then
227 f_sprintf msg "$msg_nfailed_attempts" "$nfailures"
228 logger -p auth.notice -t sudo " " \
229 "$USER : $msg" \
230 "; TTY=$(tty)" \
231 "; PWD=$PWD" \
232 "; USER=root" \
233 "; COMMAND=$0"
234 f_die 1 "sudo: $msg"
235 fi
--- 74 unchanged lines hidden (view full) ---
310 --password --2inputsbox "$msg" \
311 $height $width \
312 "$field_username" "" \
313 "$field_password" "" \
314 2>&1 > /dev/null )
315 retval=$?
316
317 # Catch X11-related errors
318 [ $retval -eq $DIALOG_ESC ] && f_die $retval "$user_pass"
319
320 # Exit if the user cancelled.
321 [ $retval -eq $DIALOG_OK ] || exit $retval
322
323 #
324 # Make sure the user exists and is non-root
325 #
326 local user password
327 user="${user_pass%%/*}"
328 password="${user_pass#*/}"
329 unset user_pass # scrub memory
--- 51 unchanged lines hidden (view full) ---
381 fi
382 done
383
384 #
385 # If user exhausted number of allowed password tries, log
386 # the security event and exit immediately.
387 #
388 if [ $nfailures -ge $PASSWD_TRIES ]; then
389 f_sprintf msg "$msg_nfailed_attempts" "$nfailures"
390 logger -p auth.notice -t sudo " " \
391 "${SUDO_USER:-$USER} : $msg" \
392 "; TTY=$(tty)" \
393 "; PWD=$PWD" \
394 "; USER=root" \
395 "; COMMAND=$0"
396 f_die 1 "sudo: $message"
397 fi
--- 27 unchanged lines hidden ---
2#
3# Copyright (c) 2006-2013 Devin Teske
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
--- 10 unchanged lines hidden (view full) ---
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26#
27# $FreeBSD: stable/9/usr.sbin/bsdconfig/share/mustberoot.subr 263791 2014-03-27 03:20:47Z dteske $
28#
29############################################################ INCLUDES
30
31BSDCFG_SHARE="/usr/share/bsdconfig"
32. $BSDCFG_SHARE/common.subr || exit 1
33f_dprintf "%s: loading includes..." mustberoot.subr
34f_include $BSDCFG_SHARE/dialog.subr
35f_include $BSDCFG_SHARE/strings.subr
36
37BSDCFG_LIBE="/usr/libexec/bsdconfig"
38f_include_lang $BSDCFG_LIBE/include/messages.subr
39
40############################################################ CONFIGURATION
41# NOTE: These are not able to be overridden/inherited for security purposes.
42
43#
--- 29 unchanged lines hidden (view full) ---
73#
74# The following environment variables effect functionality:
75#
76# USE_XDIALOG Either NULL or Non-NULL. If given a value will indicate
77# that Xdialog(1) should be used instead of dialog(1).
78#
79f_become_root_via_sudo()
80{
81 local funcname=f_become_root_via_sudo
82 local prompt hline height width rows msg
83
84 [ "$( id -u )" = "0" ] && return $SUCCESS
85
86 f_have sudo || f_die 1 "$msg_must_be_root_to_execute" "$pgm"
87
88 #
89 # Ask the user if it's OK to become root via sudo(8) and give them
90 # the option to save this preference (by touch(1)ing a file in the
91 # user's $HOME directory).
92 #
93 local checkpath="${HOME%/}/.bsdconfig_uses_sudo"
94 if [ ! -e "$checkpath" ]; then
95 f_sprintf prompt "$msg_you_are_not_root_but" bsdconfig
96 f_sprintf msg "$msg_always_try_sudo_when_run_as" "$USER"
97 local menu_list="
98 'X' '$msg_cancel_exit'
99 '1' '$msg'
100 '2' '$msg_try_sudo_only_this_once'
101 " # END-QUOTE
102 hline="$hline_arrows_tab_enter"
103
104 eval f_dialog_menu_size height width rows \
--- 16 unchanged lines hidden (view full) ---
121 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
122 ) || f_die
123 f_dialog_data_sanitize mtag
124
125 case "$mtag" in
126 X) # Cancel/Exit
127 f_die ;;
128 1) # Always try sudo(8) when run as $user
129 f_eval_catch $funcname touch \
130 'touch "%s"' "$checkpath" &&
131 f_show_msg "$msg_created_path" "$checkpath"
132 esac
133 else
134 #
135 # This user has created the path signing-off on sudo(8)-use
136 # but let's still give them a short/quick/unobtrusive reminder
137 #
138 f_dialog_info "$msg_becoming_root_via_sudo"
139 [ "$USE_XDIALOG" ] || sleep 0.6
--- 30 unchanged lines hidden (view full) ---
170 --cancel-label "$msg_cancel" \
171 --password --inputbox "$prompt" \
172 $height $width \
173 2>&1 > /dev/null
174 )
175 retval=$?
176
177 # Catch X11-related errors
178 if [ $retval -eq $DIALOG_ESC ]; then
179 f_die $retval "$password"
180 elif [ $retval -ne $DIALOG_OK ]; then
181 # User cancelled
182 exit $retval
183 fi
184 else
185 password=$( $DIALOG \
186 --title "$DIALOG_TITLE" \
187 --backtitle "$DIALOG_BACKTITLE" \
188 --hline "$hline" \
--- 30 unchanged lines hidden (view full) ---
219 fi
220 done
221
222 #
223 # If user exhausted number of allowed password tries, log
224 # the security event and exit immediately.
225 #
226 if [ $nfailures -ge $PASSWD_TRIES ]; then
227 f_sprintf msg "$msg_nfailed_attempts" "$nfailures"
228 logger -p auth.notice -t sudo " " \
229 "$USER : $msg" \
230 "; TTY=$(tty)" \
231 "; PWD=$PWD" \
232 "; USER=root" \
233 "; COMMAND=$0"
234 f_die 1 "sudo: $msg"
235 fi
--- 74 unchanged lines hidden (view full) ---
310 --password --2inputsbox "$msg" \
311 $height $width \
312 "$field_username" "" \
313 "$field_password" "" \
314 2>&1 > /dev/null )
315 retval=$?
316
317 # Catch X11-related errors
318 [ $retval -eq $DIALOG_ESC ] && f_die $retval "$user_pass"
319
320 # Exit if the user cancelled.
321 [ $retval -eq $DIALOG_OK ] || exit $retval
322
323 #
324 # Make sure the user exists and is non-root
325 #
326 local user password
327 user="${user_pass%%/*}"
328 password="${user_pass#*/}"
329 unset user_pass # scrub memory
--- 51 unchanged lines hidden (view full) ---
381 fi
382 done
383
384 #
385 # If user exhausted number of allowed password tries, log
386 # the security event and exit immediately.
387 #
388 if [ $nfailures -ge $PASSWD_TRIES ]; then
389 f_sprintf msg "$msg_nfailed_attempts" "$nfailures"
390 logger -p auth.notice -t sudo " " \
391 "${SUDO_USER:-$USER} : $msg" \
392 "; TTY=$(tty)" \
393 "; PWD=$PWD" \
394 "; USER=root" \
395 "; COMMAND=$0"
396 f_die 1 "sudo: $message"
397 fi
--- 27 unchanged lines hidden ---