priv_proc_setlogin.c revision 162271
1162271Srwatson/*- 2162271Srwatson * Copyright (c) 2006 nCircle Network Security, Inc. 3162271Srwatson * All rights reserved. 4162271Srwatson * 5162271Srwatson * This software was developed by Robert N. M. Watson for the TrustedBSD 6162271Srwatson * Project under contract to nCircle Network Security, Inc. 7162271Srwatson * 8162271Srwatson * Redistribution and use in source and binary forms, with or without 9162271Srwatson * modification, are permitted provided that the following conditions 10162271Srwatson * are met: 11162271Srwatson * 1. Redistributions of source code must retain the above copyright 12162271Srwatson * notice, this list of conditions and the following disclaimer. 13162271Srwatson * 2. Redistributions in binary form must reproduce the above copyright 14162271Srwatson * notice, this list of conditions and the following disclaimer in the 15162271Srwatson * documentation and/or other materials provided with the distribution. 16162271Srwatson * 17162271Srwatson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18162271Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19162271Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20162271Srwatson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR, NCIRCLE NETWORK SECURITY, 21162271Srwatson * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22162271Srwatson * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 23162271Srwatson * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 24162271Srwatson * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 25162271Srwatson * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 26162271Srwatson * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 27162271Srwatson * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28162271Srwatson * 29162271Srwatson * $FreeBSD: head/tools/regression/priv/priv_proc_setlogin.c 162271 2006-09-13 09:05:39Z rwatson $ 30162271Srwatson */ 31162271Srwatson 32162271Srwatson/* 33162271Srwatson * Test that privilege is required to call setlogin(). Do so by first 34162271Srwatson * querying with getlogin(), then setting the result back using setlogin(), 35162271Srwatson * at first with privilege, then without. 36162271Srwatson */ 37162271Srwatson 38162271Srwatson#include <err.h> 39162271Srwatson#include <errno.h> 40162271Srwatson#include <unistd.h> 41162271Srwatson 42162271Srwatson#include "main.h" 43162271Srwatson 44162271Srwatsonvoid 45162271Srwatsonpriv_proc_setlogin(void) 46162271Srwatson{ 47162271Srwatson char *loginname; 48162271Srwatson int error; 49162271Srwatson 50162271Srwatson assert_root(); 51162271Srwatson 52162271Srwatson loginname = getlogin(); 53162271Srwatson if (loginname == NULL) 54162271Srwatson err(-1, "getlogin"); 55162271Srwatson 56162271Srwatson /* 57162271Srwatson * First, with privilege. 58162271Srwatson */ 59162271Srwatson error = setlogin(loginname); 60162271Srwatson if (error) 61162271Srwatson err(-1, "setlogin(%s) as root", loginname); 62162271Srwatson 63162271Srwatson /* 64162271Srwatson * Then again, without privilege. 65162271Srwatson */ 66162271Srwatson set_euid(UID_OTHER); 67162271Srwatson 68162271Srwatson error = setlogin(loginname); 69162271Srwatson if (error == 0) 70162271Srwatson errx(-1, "setlogin(%s) succeeded as !root", loginname); 71162271Srwatson if (errno != EPERM) 72162271Srwatson err(-1, "setlogin(%s) wrong errno %d", loginname, errno); 73162271Srwatson} 74