platform.c revision 323134 
1/*
2 * Copyright (c) 2006 Darren Tucker.  All rights reserved.
3 *
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include "includes.h"
18
19#include <stdarg.h>
20#include <unistd.h>
21
22#include "log.h"
23#include "buffer.h"
24#include "misc.h"
25#include "servconf.h"
26#include "key.h"
27#include "hostfile.h"
28#include "auth.h"
29#include "auth-pam.h"
30#include "platform.h"
31
32#include "openbsd-compat/openbsd-compat.h"
33
34extern int use_privsep;
35extern ServerOptions options;
36
37void
38platform_pre_listen(void)
39{
40#ifdef LINUX_OOM_ADJUST
41	/* Adjust out-of-memory killer so listening process is not killed */
42	oom_adjust_setup();
43#endif
44}
45
46void
47platform_pre_fork(void)
48{
49#ifdef USE_SOLARIS_PROCESS_CONTRACTS
50	solaris_contract_pre_fork();
51#endif
52}
53
54void
55platform_pre_restart(void)
56{
57#ifdef LINUX_OOM_ADJUST
58	oom_adjust_restore();
59#endif
60}
61
62void
63platform_post_fork_parent(pid_t child_pid)
64{
65#ifdef USE_SOLARIS_PROCESS_CONTRACTS
66	solaris_contract_post_fork_parent(child_pid);
67#endif
68}
69
70void
71platform_post_fork_child(void)
72{
73#ifdef USE_SOLARIS_PROCESS_CONTRACTS
74	solaris_contract_post_fork_child();
75#endif
76#ifdef LINUX_OOM_ADJUST
77	oom_adjust_restore();
78#endif
79}
80
81/* return 1 if we are running with privilege to swap UIDs, 0 otherwise */
82int
83platform_privileged_uidswap(void)
84{
85#ifdef HAVE_CYGWIN
86	/* uid 0 is not special on Cygwin so always try */
87	return 1;
88#else
89	return (getuid() == 0 || geteuid() == 0);
90#endif
91}
92
93/*
94 * This gets called before switching UIDs, and is called even when sshd is
95 * not running as root.
96 */
97void
98platform_setusercontext(struct passwd *pw)
99{
100#ifdef WITH_SELINUX
101	/* Cache selinux status for later use */
102	(void)ssh_selinux_enabled();
103#endif
104
105#ifdef USE_SOLARIS_PROJECTS
106	/*
107	 * If solaris projects were detected, set the default now, unless
108	 * we are using PAM in which case it is the responsibility of the
109	 * PAM stack.
110	 */
111	if (!options.use_pam && (getuid() == 0 || geteuid() == 0))
112		solaris_set_default_project(pw);
113#endif
114
115#if defined(HAVE_LOGIN_CAP) && defined (__bsdi__)
116	if (getuid() == 0 || geteuid() == 0)
117		setpgid(0, 0);
118# endif
119
120#if defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
121	/*
122	 * If we have both LOGIN_CAP and PAM, we want to establish creds
123	 * before calling setusercontext (in session.c:do_setusercontext).
124	 */
125	if (getuid() == 0 || geteuid() == 0) {
126		if (options.use_pam) {
127			do_pam_setcred(use_privsep);
128		}
129	}
130# endif /* USE_PAM */
131
132#if !defined(HAVE_LOGIN_CAP) && defined(HAVE_GETLUID) && defined(HAVE_SETLUID)
133	if (getuid() == 0 || geteuid() == 0) {
134		/* Sets login uid for accounting */
135		if (getluid() == -1 && setluid(pw->pw_uid) == -1)
136			error("setluid: %s", strerror(errno));
137	}
138#endif
139}
140
141/*
142 * This gets called after we've established the user's groups, and is only
143 * called if sshd is running as root.
144 */
145void
146platform_setusercontext_post_groups(struct passwd *pw)
147{
148#if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
149	/*
150	 * PAM credentials may take the form of supplementary groups.
151	 * These will have been wiped by the above initgroups() call.
152	 * Reestablish them here.
153	 */
154	if (options.use_pam) {
155		do_pam_setcred(use_privsep);
156	}
157#endif /* USE_PAM */
158
159#if !defined(HAVE_LOGIN_CAP) && (defined(WITH_IRIX_PROJECT) || \
160    defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY))
161	irix_setusercontext(pw);
162#endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */
163
164#ifdef _AIX
165	aix_usrinfo(pw);
166#endif /* _AIX */
167
168#ifdef HAVE_SETPCRED
169	/*
170	 * If we have a chroot directory, we set all creds except real
171	 * uid which we will need for chroot.  If we don't have a
172	 * chroot directory, we don't override anything.
173	 */
174	{
175		char **creds = NULL, *chroot_creds[] =
176		    { "REAL_USER=root", NULL };
177
178		if (options.chroot_directory != NULL &&
179		    strcasecmp(options.chroot_directory, "none") != 0)
180			creds = chroot_creds;
181
182		if (setpcred(pw->pw_name, creds) == -1)
183			fatal("Failed to set process credentials");
184	}
185#endif /* HAVE_SETPCRED */
186#ifdef WITH_SELINUX
187	ssh_selinux_setup_exec_context(pw->pw_name);
188#endif
189}
190
191char *
192platform_krb5_get_principal_name(const char *pw_name)
193{
194#ifdef USE_AIX_KRB_NAME
195	return aix_krb5_get_principal_name(pw_name);
196#else
197	return NULL;
198#endif
199}
200
201/*
202 * return 1 if the specified uid is a uid that may own a system directory
203 * otherwise 0.
204 */
205int
206platform_sys_dir_uid(uid_t uid)
207{
208	if (uid == 0)
209		return 1;
210#ifdef PLATFORM_SYS_DIR_UID
211	if (uid == PLATFORM_SYS_DIR_UID)
212		return 1;
213#endif
214	return 0;
215}
216