Add a -i localname switch (restricted to root) to specify a different

local "login" name for rcmd(3).  This is particularly useful for things
like portslave and other packages with terminal server functionality
where a login can either run ppp locally or get shunted off to another
box via rlogin depending on radius authentication etc.  Quite often the
local box doesn't even have accounts, so a flag such as this is needed.
Obviously this is restricted to callers with uid == 0.
This commit is contained in:
Peter Wemm 1999-05-25 11:14:33 +00:00
parent 128cd97530
commit 7c8dec7b63
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=47488
2 changed files with 21 additions and 5 deletions

View File

@ -41,6 +41,7 @@
.Ar rlogin
.Op Fl 8DEKLdx
.Op Fl e Ar char
.Op Fl i Ar localname
.Op Fl k Ar realm
.Op Fl l Ar username
.Ar host
@ -98,6 +99,11 @@ option allows user specification of the escape character, which is
``~'' by default.
This specification may be as a literal character, or as an octal
value in the form \ennn.
.It Fl i
The
.Fl i
option allows the caller to specify a different local name to be used
for authentication. This option is restricted to processes with uid 0.
.It Fl k
The
.Fl k

View File

@ -40,7 +40,7 @@ static const char copyright[] =
#ifndef lint
static const char sccsid[] = "@(#)rlogin.c 8.1 (Berkeley) 6/6/93";
static const char rcsid[] =
"$Id: rlogin.c,v 1.17 1998/03/26 18:03:41 markm Exp $";
"$Id: rlogin.c,v 1.18 1998/10/09 06:45:28 markm Exp $";
#endif /* not lint */
/*
@ -154,6 +154,7 @@ main(argc, argv)
#ifdef KERBEROS
char *k;
#endif
char *localname = NULL;
argoff = dflag = Dflag = 0;
one = 1;
@ -174,9 +175,9 @@ main(argc, argv)
}
#ifdef KERBEROS
#define OPTIONS "8DEKLde:k:l:x"
#define OPTIONS "8DEKLde:i:k:l:x"
#else
#define OPTIONS "8DEKLde:l:"
#define OPTIONS "8DEKLde:i:l:"
#endif
while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1)
switch(ch) {
@ -204,6 +205,13 @@ main(argc, argv)
noescape = 0;
escapechar = getescape(optarg);
break;
case 'i':
if (getuid() != 0) {
fprintf(stderr, "rlogin: -i user: permission denied\n");
exit(1);
}
localname = optarg;
break;
#ifdef KERBEROS
case 'k':
dest_realm = dst_realm_buf;
@ -237,6 +245,8 @@ main(argc, argv)
errx(1, "unknown user id");
if (!user)
user = pw->pw_name;
if (!localname)
localname = pw->pw_name;
sp = NULL;
#ifdef KERBEROS
@ -324,10 +334,10 @@ main(argc, argv)
if (doencrypt)
errx(1, "the -x flag requires Kerberos authentication");
#endif /* CRYPT */
rem = rcmd(&host, sp->s_port, pw->pw_name, user, term, 0);
rem = rcmd(&host, sp->s_port, localname, user, term, 0);
}
#else
rem = rcmd(&host, sp->s_port, pw->pw_name, user, term, 0);
rem = rcmd(&host, sp->s_port, localname, user, term, 0);
#endif /* KERBEROS */
if (rem < 0)