platform.c revision 323134
1/* 2 * Copyright (c) 2006 Darren Tucker. All rights reserved. 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17#include "includes.h" 18 19#include <stdarg.h> 20#include <unistd.h> 21 22#include "log.h" 23#include "buffer.h" 24#include "misc.h" 25#include "servconf.h" 26#include "key.h" 27#include "hostfile.h" 28#include "auth.h" 29#include "auth-pam.h" 30#include "platform.h" 31 32#include "openbsd-compat/openbsd-compat.h" 33 34extern int use_privsep; 35extern ServerOptions options; 36 37void 38platform_pre_listen(void) 39{ 40#ifdef LINUX_OOM_ADJUST 41 /* Adjust out-of-memory killer so listening process is not killed */ 42 oom_adjust_setup(); 43#endif 44} 45 46void 47platform_pre_fork(void) 48{ 49#ifdef USE_SOLARIS_PROCESS_CONTRACTS 50 solaris_contract_pre_fork(); 51#endif 52} 53 54void 55platform_pre_restart(void) 56{ 57#ifdef LINUX_OOM_ADJUST 58 oom_adjust_restore(); 59#endif 60} 61 62void 63platform_post_fork_parent(pid_t child_pid) 64{ 65#ifdef USE_SOLARIS_PROCESS_CONTRACTS 66 solaris_contract_post_fork_parent(child_pid); 67#endif 68} 69 70void 71platform_post_fork_child(void) 72{ 73#ifdef USE_SOLARIS_PROCESS_CONTRACTS 74 solaris_contract_post_fork_child(); 75#endif 76#ifdef LINUX_OOM_ADJUST 77 oom_adjust_restore(); 78#endif 79} 80 81/* return 1 if we are running with privilege to swap UIDs, 0 otherwise */ 82int 83platform_privileged_uidswap(void) 84{ 85#ifdef HAVE_CYGWIN 86 /* uid 0 is not special on Cygwin so always try */ 87 return 1; 88#else 89 return (getuid() == 0 || geteuid() == 0); 90#endif 91} 92 93/* 94 * This gets called before switching UIDs, and is called even when sshd is 95 * not running as root. 96 */ 97void 98platform_setusercontext(struct passwd *pw) 99{ 100#ifdef WITH_SELINUX 101 /* Cache selinux status for later use */ 102 (void)ssh_selinux_enabled(); 103#endif 104 105#ifdef USE_SOLARIS_PROJECTS 106 /* 107 * If solaris projects were detected, set the default now, unless 108 * we are using PAM in which case it is the responsibility of the 109 * PAM stack. 110 */ 111 if (!options.use_pam && (getuid() == 0 || geteuid() == 0)) 112 solaris_set_default_project(pw); 113#endif 114 115#if defined(HAVE_LOGIN_CAP) && defined (__bsdi__) 116 if (getuid() == 0 || geteuid() == 0) 117 setpgid(0, 0); 118# endif 119 120#if defined(HAVE_LOGIN_CAP) && defined(USE_PAM) 121 /* 122 * If we have both LOGIN_CAP and PAM, we want to establish creds 123 * before calling setusercontext (in session.c:do_setusercontext). 124 */ 125 if (getuid() == 0 || geteuid() == 0) { 126 if (options.use_pam) { 127 do_pam_setcred(use_privsep); 128 } 129 } 130# endif /* USE_PAM */ 131 132#if !defined(HAVE_LOGIN_CAP) && defined(HAVE_GETLUID) && defined(HAVE_SETLUID) 133 if (getuid() == 0 || geteuid() == 0) { 134 /* Sets login uid for accounting */ 135 if (getluid() == -1 && setluid(pw->pw_uid) == -1) 136 error("setluid: %s", strerror(errno)); 137 } 138#endif 139} 140 141/* 142 * This gets called after we've established the user's groups, and is only 143 * called if sshd is running as root. 144 */ 145void 146platform_setusercontext_post_groups(struct passwd *pw) 147{ 148#if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM) 149 /* 150 * PAM credentials may take the form of supplementary groups. 151 * These will have been wiped by the above initgroups() call. 152 * Reestablish them here. 153 */ 154 if (options.use_pam) { 155 do_pam_setcred(use_privsep); 156 } 157#endif /* USE_PAM */ 158 159#if !defined(HAVE_LOGIN_CAP) && (defined(WITH_IRIX_PROJECT) || \ 160 defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY)) 161 irix_setusercontext(pw); 162#endif /* defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) */ 163 164#ifdef _AIX 165 aix_usrinfo(pw); 166#endif /* _AIX */ 167 168#ifdef HAVE_SETPCRED 169 /* 170 * If we have a chroot directory, we set all creds except real 171 * uid which we will need for chroot. If we don't have a 172 * chroot directory, we don't override anything. 173 */ 174 { 175 char **creds = NULL, *chroot_creds[] = 176 { "REAL_USER=root", NULL }; 177 178 if (options.chroot_directory != NULL && 179 strcasecmp(options.chroot_directory, "none") != 0) 180 creds = chroot_creds; 181 182 if (setpcred(pw->pw_name, creds) == -1) 183 fatal("Failed to set process credentials"); 184 } 185#endif /* HAVE_SETPCRED */ 186#ifdef WITH_SELINUX 187 ssh_selinux_setup_exec_context(pw->pw_name); 188#endif 189} 190 191char * 192platform_krb5_get_principal_name(const char *pw_name) 193{ 194#ifdef USE_AIX_KRB_NAME 195 return aix_krb5_get_principal_name(pw_name); 196#else 197 return NULL; 198#endif 199} 200 201/* 202 * return 1 if the specified uid is a uid that may own a system directory 203 * otherwise 0. 204 */ 205int 206platform_sys_dir_uid(uid_t uid) 207{ 208 if (uid == 0) 209 return 1; 210#ifdef PLATFORM_SYS_DIR_UID 211 if (uid == PLATFORM_SYS_DIR_UID) 212 return 1; 213#endif 214 return 0; 215} 216