1if [ ! "$_MUSTBEROOT_SUBR" ]; then _MUSTBEROOT_SUBR=1
2#
3# Copyright (c) 2006-2013 Devin Teske
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
--- 10 unchanged lines hidden (view full) ---
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26#
27# $FreeBSD: stable/9/usr.sbin/bsdconfig/share/mustberoot.subr 252995 2013-07-07 19:13:34Z dteske $
28#
29############################################################ INCLUDES
30
31BSDCFG_SHARE="/usr/share/bsdconfig"
32. $BSDCFG_SHARE/common.subr || exit 1
33f_dprintf "%s: loading includes..." mustberoot.subr
34f_include $BSDCFG_SHARE/dialog.subr
35
36BSDCFG_LIBE="/usr/libexec/bsdconfig"
37f_include_lang $BSDCFG_LIBE/include/messages.subr
38
39############################################################ CONFIGURATION
40# NOTE: These are not able to be overridden/inherited for security purposes.
41
42#
--- 29 unchanged lines hidden (view full) ---
72#
73# The following environment variables effect functionality:
74#
75# USE_XDIALOG Either NULL or Non-NULL. If given a value will indicate
76# that Xdialog(1) should be used instead of dialog(1).
77#
78f_become_root_via_sudo()
79{
80 local prompt hline height width rows msg
81
82 [ "$( id -u )" = "0" ] && return $SUCCESS
83
84 f_have sudo || f_die 1 "$msg_must_be_root_to_execute" "$pgm"
85
86 #
87 # Ask the user if it's OK to become root via sudo(8) and give them
88 # the option to save this preference (by touch(1)ing a file in the
89 # user's $HOME directory).
90 #
91 local checkpath="${HOME%/}/.bsdconfig_uses_sudo"
92 if [ ! -e "$checkpath" ]; then
93 prompt=$( printf "$msg_you_are_not_root_but" bsdconfig )
94 msg=$( printf "$msg_always_try_sudo_when_run_as" "$USER" )
95 local menu_list="
96 'X' '$msg_cancel_exit'
97 '1' '$msg'
98 '2' '$msg_try_sudo_only_this_once'
99 " # END-QUOTE
100 hline="$hline_arrows_tab_enter"
101
102 eval f_dialog_menu_size height width rows \
--- 16 unchanged lines hidden (view full) ---
119 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
120 ) || f_die
121 f_dialog_data_sanitize mtag
122
123 case "$mtag" in
124 X) # Cancel/Exit
125 f_die ;;
126 1) # Always try sudo(8) when run as $user
127 local err
128 if ! err=$( touch "$checkpath" 2>&1 ); then
129 f_dialog_msgbox "$err"
130 else
131 f_show_msg "$msg_created_path" "$checkpath"
132 fi
133 esac
134 else
135 #
136 # This user has created the path signing-off on sudo(8)-use
137 # but let's still give them a short/quick/unobtrusive reminder
138 #
139 f_dialog_info "$msg_becoming_root_via_sudo"
140 [ "$USE_XDIALOG" ] || sleep 0.6
--- 30 unchanged lines hidden (view full) ---
171 --cancel-label "$msg_cancel" \
172 --password --inputbox "$prompt" \
173 $height $width \
174 2>&1 > /dev/null
175 )
176 retval=$?
177
178 # Catch X11-related errors
179 if [ $retval -eq 255 ]; then
180 f_die $retval "$password"
181 elif [ $retval -ne 0 ]; then
182 # User cancelled
183 exit $retval
184 fi
185 else
186 password=$( $DIALOG \
187 --title "$DIALOG_TITLE" \
188 --backtitle "$DIALOG_BACKTITLE" \
189 --hline "$hline" \
--- 30 unchanged lines hidden (view full) ---
220 fi
221 done
222
223 #
224 # If user exhausted number of allowed password tries, log
225 # the security event and exit immediately.
226 #
227 if [ $nfailures -ge $PASSWD_TRIES ]; then
228 msg=$( printf "$msg_nfailed_attempts" "$nfailures" )
229 logger -p auth.notice -t sudo " " \
230 "$USER : $msg" \
231 "; TTY=$(tty)" \
232 "; PWD=$PWD" \
233 "; USER=root" \
234 "; COMMAND=$0"
235 f_die 1 "sudo: $msg"
236 fi
--- 74 unchanged lines hidden (view full) ---
311 --password --2inputsbox "$msg" \
312 $height $width \
313 "$field_username" "" \
314 "$field_password" "" \
315 2>&1 > /dev/null )
316 retval=$?
317
318 # Catch X11-related errors
319 [ $retval -eq 255 ] && f_die $retval "$user_pass"
320
321 # Exit if the user cancelled.
322 [ $retval -eq $SUCCESS ] || exit $retval
323
324 #
325 # Make sure the user exists and is non-root
326 #
327 local user password
328 user="${user_pass%%/*}"
329 password="${user_pass#*/}"
330 unset user_pass # scrub memory
--- 51 unchanged lines hidden (view full) ---
382 fi
383 done
384
385 #
386 # If user exhausted number of allowed password tries, log
387 # the security event and exit immediately.
388 #
389 if [ $nfailures -ge $PASSWD_TRIES ]; then
390 msg=$( printf "$msg_nfailed_attempts" "$nfailures" )
391 logger -p auth.notice -t sudo " " \
392 "${SUDO_USER:-$USER} : $msg" \
393 "; TTY=$(tty)" \
394 "; PWD=$PWD" \
395 "; USER=root" \
396 "; COMMAND=$0"
397 f_die 1 "sudo: $message"
398 fi
--- 27 unchanged lines hidden ---
2#
3# Copyright (c) 2006-2013 Devin Teske
4# All rights reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
--- 10 unchanged lines hidden (view full) ---
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26#
27# $FreeBSD: stable/9/usr.sbin/bsdconfig/share/mustberoot.subr 252995 2013-07-07 19:13:34Z dteske $
28#
29############################################################ INCLUDES
30
31BSDCFG_SHARE="/usr/share/bsdconfig"
32. $BSDCFG_SHARE/common.subr || exit 1
33f_dprintf "%s: loading includes..." mustberoot.subr
34f_include $BSDCFG_SHARE/dialog.subr
35
36BSDCFG_LIBE="/usr/libexec/bsdconfig"
37f_include_lang $BSDCFG_LIBE/include/messages.subr
38
39############################################################ CONFIGURATION
40# NOTE: These are not able to be overridden/inherited for security purposes.
41
42#
--- 29 unchanged lines hidden (view full) ---
72#
73# The following environment variables effect functionality:
74#
75# USE_XDIALOG Either NULL or Non-NULL. If given a value will indicate
76# that Xdialog(1) should be used instead of dialog(1).
77#
78f_become_root_via_sudo()
79{
80 local prompt hline height width rows msg
81
82 [ "$( id -u )" = "0" ] && return $SUCCESS
83
84 f_have sudo || f_die 1 "$msg_must_be_root_to_execute" "$pgm"
85
86 #
87 # Ask the user if it's OK to become root via sudo(8) and give them
88 # the option to save this preference (by touch(1)ing a file in the
89 # user's $HOME directory).
90 #
91 local checkpath="${HOME%/}/.bsdconfig_uses_sudo"
92 if [ ! -e "$checkpath" ]; then
93 prompt=$( printf "$msg_you_are_not_root_but" bsdconfig )
94 msg=$( printf "$msg_always_try_sudo_when_run_as" "$USER" )
95 local menu_list="
96 'X' '$msg_cancel_exit'
97 '1' '$msg'
98 '2' '$msg_try_sudo_only_this_once'
99 " # END-QUOTE
100 hline="$hline_arrows_tab_enter"
101
102 eval f_dialog_menu_size height width rows \
--- 16 unchanged lines hidden (view full) ---
119 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
120 ) || f_die
121 f_dialog_data_sanitize mtag
122
123 case "$mtag" in
124 X) # Cancel/Exit
125 f_die ;;
126 1) # Always try sudo(8) when run as $user
127 local err
128 if ! err=$( touch "$checkpath" 2>&1 ); then
129 f_dialog_msgbox "$err"
130 else
131 f_show_msg "$msg_created_path" "$checkpath"
132 fi
133 esac
134 else
135 #
136 # This user has created the path signing-off on sudo(8)-use
137 # but let's still give them a short/quick/unobtrusive reminder
138 #
139 f_dialog_info "$msg_becoming_root_via_sudo"
140 [ "$USE_XDIALOG" ] || sleep 0.6
--- 30 unchanged lines hidden (view full) ---
171 --cancel-label "$msg_cancel" \
172 --password --inputbox "$prompt" \
173 $height $width \
174 2>&1 > /dev/null
175 )
176 retval=$?
177
178 # Catch X11-related errors
179 if [ $retval -eq 255 ]; then
180 f_die $retval "$password"
181 elif [ $retval -ne 0 ]; then
182 # User cancelled
183 exit $retval
184 fi
185 else
186 password=$( $DIALOG \
187 --title "$DIALOG_TITLE" \
188 --backtitle "$DIALOG_BACKTITLE" \
189 --hline "$hline" \
--- 30 unchanged lines hidden (view full) ---
220 fi
221 done
222
223 #
224 # If user exhausted number of allowed password tries, log
225 # the security event and exit immediately.
226 #
227 if [ $nfailures -ge $PASSWD_TRIES ]; then
228 msg=$( printf "$msg_nfailed_attempts" "$nfailures" )
229 logger -p auth.notice -t sudo " " \
230 "$USER : $msg" \
231 "; TTY=$(tty)" \
232 "; PWD=$PWD" \
233 "; USER=root" \
234 "; COMMAND=$0"
235 f_die 1 "sudo: $msg"
236 fi
--- 74 unchanged lines hidden (view full) ---
311 --password --2inputsbox "$msg" \
312 $height $width \
313 "$field_username" "" \
314 "$field_password" "" \
315 2>&1 > /dev/null )
316 retval=$?
317
318 # Catch X11-related errors
319 [ $retval -eq 255 ] && f_die $retval "$user_pass"
320
321 # Exit if the user cancelled.
322 [ $retval -eq $SUCCESS ] || exit $retval
323
324 #
325 # Make sure the user exists and is non-root
326 #
327 local user password
328 user="${user_pass%%/*}"
329 password="${user_pass#*/}"
330 unset user_pass # scrub memory
--- 51 unchanged lines hidden (view full) ---
382 fi
383 done
384
385 #
386 # If user exhausted number of allowed password tries, log
387 # the security event and exit immediately.
388 #
389 if [ $nfailures -ge $PASSWD_TRIES ]; then
390 msg=$( printf "$msg_nfailed_attempts" "$nfailures" )
391 logger -p auth.notice -t sudo " " \
392 "${SUDO_USER:-$USER} : $msg" \
393 "; TTY=$(tty)" \
394 "; PWD=$PWD" \
395 "; USER=root" \
396 "; COMMAND=$0"
397 f_die 1 "sudo: $message"
398 fi
--- 27 unchanged lines hidden ---