1if [ ! "$_MUSTBEROOT_SUBR" ]; then _MUSTBEROOT_SUBR=1 2# 3# Copyright (c) 2006-2013 Devin Teske 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: --- 10 unchanged lines hidden (view full) --- 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26# |
27# $FreeBSD: stable/9/usr.sbin/bsdconfig/share/mustberoot.subr 263791 2014-03-27 03:20:47Z dteske $ |
28# 29############################################################ INCLUDES 30 31BSDCFG_SHARE="/usr/share/bsdconfig" 32. $BSDCFG_SHARE/common.subr || exit 1 33f_dprintf "%s: loading includes..." mustberoot.subr 34f_include $BSDCFG_SHARE/dialog.subr |
35f_include $BSDCFG_SHARE/strings.subr |
36 37BSDCFG_LIBE="/usr/libexec/bsdconfig" 38f_include_lang $BSDCFG_LIBE/include/messages.subr 39 40############################################################ CONFIGURATION 41# NOTE: These are not able to be overridden/inherited for security purposes. 42 43# --- 29 unchanged lines hidden (view full) --- 73# 74# The following environment variables effect functionality: 75# 76# USE_XDIALOG Either NULL or Non-NULL. If given a value will indicate 77# that Xdialog(1) should be used instead of dialog(1). 78# 79f_become_root_via_sudo() 80{ |
81 local funcname=f_become_root_via_sudo |
82 local prompt hline height width rows msg 83 84 [ "$( id -u )" = "0" ] && return $SUCCESS 85 86 f_have sudo || f_die 1 "$msg_must_be_root_to_execute" "$pgm" 87 88 # 89 # Ask the user if it's OK to become root via sudo(8) and give them 90 # the option to save this preference (by touch(1)ing a file in the 91 # user's $HOME directory). 92 # 93 local checkpath="${HOME%/}/.bsdconfig_uses_sudo" 94 if [ ! -e "$checkpath" ]; then |
95 f_sprintf prompt "$msg_you_are_not_root_but" bsdconfig 96 f_sprintf msg "$msg_always_try_sudo_when_run_as" "$USER" |
97 local menu_list=" 98 'X' '$msg_cancel_exit' 99 '1' '$msg' 100 '2' '$msg_try_sudo_only_this_once' 101 " # END-QUOTE 102 hline="$hline_arrows_tab_enter" 103 104 eval f_dialog_menu_size height width rows \ --- 16 unchanged lines hidden (view full) --- 121 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD 122 ) || f_die 123 f_dialog_data_sanitize mtag 124 125 case "$mtag" in 126 X) # Cancel/Exit 127 f_die ;; 128 1) # Always try sudo(8) when run as $user |
129 f_eval_catch $funcname touch \ 130 'touch "%s"' "$checkpath" && |
131 f_show_msg "$msg_created_path" "$checkpath" |
132 esac 133 else 134 # 135 # This user has created the path signing-off on sudo(8)-use 136 # but let's still give them a short/quick/unobtrusive reminder 137 # 138 f_dialog_info "$msg_becoming_root_via_sudo" 139 [ "$USE_XDIALOG" ] || sleep 0.6 --- 30 unchanged lines hidden (view full) --- 170 --cancel-label "$msg_cancel" \ 171 --password --inputbox "$prompt" \ 172 $height $width \ 173 2>&1 > /dev/null 174 ) 175 retval=$? 176 177 # Catch X11-related errors |
178 if [ $retval -eq $DIALOG_ESC ]; then |
179 f_die $retval "$password" |
180 elif [ $retval -ne $DIALOG_OK ]; then |
181 # User cancelled 182 exit $retval 183 fi 184 else 185 password=$( $DIALOG \ 186 --title "$DIALOG_TITLE" \ 187 --backtitle "$DIALOG_BACKTITLE" \ 188 --hline "$hline" \ --- 30 unchanged lines hidden (view full) --- 219 fi 220 done 221 222 # 223 # If user exhausted number of allowed password tries, log 224 # the security event and exit immediately. 225 # 226 if [ $nfailures -ge $PASSWD_TRIES ]; then |
227 f_sprintf msg "$msg_nfailed_attempts" "$nfailures" |
228 logger -p auth.notice -t sudo " " \ 229 "$USER : $msg" \ 230 "; TTY=$(tty)" \ 231 "; PWD=$PWD" \ 232 "; USER=root" \ 233 "; COMMAND=$0" 234 f_die 1 "sudo: $msg" 235 fi --- 74 unchanged lines hidden (view full) --- 310 --password --2inputsbox "$msg" \ 311 $height $width \ 312 "$field_username" "" \ 313 "$field_password" "" \ 314 2>&1 > /dev/null ) 315 retval=$? 316 317 # Catch X11-related errors |
318 [ $retval -eq $DIALOG_ESC ] && f_die $retval "$user_pass" |
319 320 # Exit if the user cancelled. |
321 [ $retval -eq $DIALOG_OK ] || exit $retval |
322 323 # 324 # Make sure the user exists and is non-root 325 # 326 local user password 327 user="${user_pass%%/*}" 328 password="${user_pass#*/}" 329 unset user_pass # scrub memory --- 51 unchanged lines hidden (view full) --- 381 fi 382 done 383 384 # 385 # If user exhausted number of allowed password tries, log 386 # the security event and exit immediately. 387 # 388 if [ $nfailures -ge $PASSWD_TRIES ]; then |
389 f_sprintf msg "$msg_nfailed_attempts" "$nfailures" |
390 logger -p auth.notice -t sudo " " \ 391 "${SUDO_USER:-$USER} : $msg" \ 392 "; TTY=$(tty)" \ 393 "; PWD=$PWD" \ 394 "; USER=root" \ 395 "; COMMAND=$0" 396 f_die 1 "sudo: $message" 397 fi --- 27 unchanged lines hidden --- |