/* Copyright (c) 2009 by Jeff Weisberg Author: Jeff Weisberg Created: 2009-Feb-21 11:42 (EST) Function: become root $Id: suex.c,v 1.1 2009/02/21 16:43:46 jaw Exp $ portions adapted from BSD su */ #include #include #include #include #include #include #include #include #include #include #define SUPER_GROUP_NAME "super-users" char *mytty(void); main(int argc, char **argv){ int retcode; char cmdline[1024]; int gids[NGROUPS_MAX],gidval; int i=0,uid, super_gid; int arg, nuid = 0, ngid = 0; struct passwd *pwd; struct group *grp; char *username; if ((pwd=getpwuid(uid = getuid()))==NULL){ /* you have no entry in pw file */ fprintf(stderr, "suex: who are you\n"); exit(-1); } if ( (grp=getgrnam(SUPER_GROUP_NAME))==NULL){ /* no super user group in group file */ fprintf(stderr, "suex: super user group non-existant\n"); exit(-1); } username = strdup(pwd->pw_name); openlog("suex:", LOG_PID|LOG_CONS, LOG_AUTH); /* tell syslog all about it */ gidval = getgroups(NGROUPS_MAX, gids); /* check if in group super-user */ while ( (i<=gidval)&&(gids[i] != grp->gr_gid) ) i++; if ( gids[i] != grp->gr_gid ){ syslog(LOG_AUTH|LOG_NOTICE, "suex failed for %s (%d) on %s", username, uid, mytty()); fprintf(stderr,"You are not authorized to use this command\nSorry!\n"); exit(-1); } /* parse cmd line */ /* -u user */ for(arg=1; argpw_uid; arg ++; continue; } break; } /* cmdline for logging */ cmdline[0] = 0; for(i=arg; i%d on %s [%s]", username, uid, nuid, mytty(), cmdline); if (argc > arg ){ execvp( argv[arg], &argv[arg] ); }else{ char *shell = getenv("SHELL"); if( !shell || !*shell ) shell = "sh"; execlp( shell, shell, 0 ); } fprintf(stderr, "%s: %s failed\n",argv[0],argv[1]); exit(-1); } char *mytty(void){ char *p; return((p=ttyname(STDERR_FILENO))?p:"Unknown tty"); }