/src/qsnet/qshd.c

  1/*****************************************************************************\
  2 *  $Id$
  3 *****************************************************************************
  4 *  Copyright (C) 2001-2006 The Regents of the University of California.
  5 *  Produced at Lawrence Livermore National Laboratory (cf, DISCLAIMER).
  6 *  Written by Jim Garlick <garlick@llnl.gov>.
  7 *  UCRL-CODE-2003-005.
  8 *  
  9 *  This file is part of Pdsh, a parallel remote shell program.
 10 *  For details, see <http://www.llnl.gov/linux/pdsh/>.
 11 *  
 12 *  Pdsh is free software; you can redistribute it and/or modify it under
 13 *  the terms of the GNU General Public License as published by the Free
 14 *  Software Foundation; either version 2 of the License, or (at your option)
 15 *  any later version.
 16 *  
 17 *  Pdsh is distributed in the hope that it will be useful, but WITHOUT ANY
 18 *  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 19 *  FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
 20 *  details.
 21 *  
 22 *  You should have received a copy of the GNU General Public License along
 23 *  with Pdsh; if not, write to the Free Software Foundation, Inc.,
 24 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA.
 25 \*****************************************************************************/
 26
 27/*
 28 * This code is based on the BSD rcmd.c with MT safety added, and the 
 29 * interface changed.  Original UC regents header included below.
 30 */
 31
 32/*-
 33 * Copyright (c) 1988, 1989 The Regents of the University of California.
 34 * All rights reserved.
 35 *
 36 * Redistribution and use in source and binary forms, with or without
 37 * modification, are permitted provided that the following conditions
 38 * are met:
 39 * 1. Redistributions of source code must retain the above copyright
 40 *    notice, this list of conditions and the following disclaimer.
 41 * 2. Redistributions in binary form must reproduce the above copyright
 42 *    notice, this list of conditions and the following disclaimer in the
 43 *    documentation and/or other materials provided with the distribution.
 44 * 3. All advertising materials mentioning features or use of this software
 45 *    must display the following acknowledgement:
 46 *	This product includes software developed by the University of
 47 *	California, Berkeley and its contributors.
 48 * 4. Neither the name of the University nor the names of its contributors
 49 *    may be used to endorse or promote products derived from this software
 50 *    without specific prior written permission.
 51 *
 52 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
 53 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 54 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 55 * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
 56 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 57 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 58 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 59 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 60 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 61 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 62 * SUCH DAMAGE.
 63 */
 64
 65/*
 66 * PAM modifications by Michael K. Johnson <johnsonm@redhat.com>
 67 */
 68
 69char copyright[] =
 70"@(#) Copyright (c) 1988, 1989 The Regents of the University of California.\n"
 71"All rights reserved.\n";
 72
 73/*
 74 * From: @(#)rshd.c	5.38 (Berkeley) 3/2/91
 75 */
 76char rcsid[] = "$Id$";
 77/*#include "../version.h"*/
 78
 79#if     HAVE_CONFIG_H
 80#include "config.h"
 81#endif
 82
 83#if	HAVE_UNISTD_H
 84#include <unistd.h>          /* rresvport */
 85#endif
 86#include <sys/socket.h>      /* connect */
 87#include <sys/types.h>
 88#include <netinet/in.h>      /* sockaddr_in, htons */
 89#include <syslog.h>          /* syslog */
 90#include <stdio.h>              
 91#include <stdlib.h>
 92#include <netdb.h>
 93
 94#include "src/common/xmalloc.h"
 95#include "qshell.h"
 96
 97extern int paranoid;
 98extern int sent_null;
 99extern int allow_root_rhosts;
100#ifdef USE_PAM
101extern char *pam_errmsg;
102#endif
103
104static struct passwd *doauth(char *remuser, char *hostname, char *locuser) {
105    struct passwd *pwd;
106
107    if ((pwd= getpwnam_common(locuser)) == NULL)
108        return NULL;
109
110#ifdef USE_PAM
111    if (pamauth(pwd, "qshell", remuser, hostname, locuser) < 0) {
112        syslog(LOG_INFO | LOG_AUTH, "PAM Authentication Failure\n");
113        error("%s\n", pam_errmsg);
114        return NULL;
115    }
116#else
117    if ((pwd->pw_uid == 0 && !allow_root_rhosts) ||
118        (ruserok(hostname, pwd->pw_uid == 0, remuser, locuser) < 0)) {
119        syslog(LOG_INFO | LOG_AUTH, "Authentication Failure\n");
120        error("Permission Denied\n");
121        return NULL;
122    }
123#endif
124
125    return pwd;
126}
127
128static void qshd_get_args(struct sockaddr_in *fp, struct qshell_args *args) 
129{
130    char remuser[16];
131    char locuser[16];
132    char cmdbuf[ARG_MAX + 1];
133
134    if (args->port != 0) {
135        int lport = IPPORT_RESERVED - 1;
136        if ((args->sock = rresvport(&lport)) < 0) {
137            syslog(LOG_ERR, "can't get stderr port: %m");
138            exit(1);
139        }
140        if (args->port >= IPPORT_RESERVED) {
141            syslog(LOG_ERR, "2nd port not reserved\n");
142            exit(1);
143        }
144        fp->sin_port = htons(args->port);
145        if (connect(args->sock, (struct sockaddr *) fp, sizeof(*fp)) < 0) {
146            syslog(LOG_INFO, "connect second port: %m");
147            exit(1);
148        }
149    }
150
151    /* Get remote user name, local user name, and command */
152
153    if (getstr(remuser, sizeof(remuser), "remuser") < 0)
154        exit(1);
155
156    if (getstr(locuser, sizeof(locuser), "locuser") < 0)
157        exit(1);
158
159    if (getstr(cmdbuf,  sizeof(cmdbuf),  "command") < 0)
160        exit(1);
161
162    if ((args->hostname = findhostname(fp)) == NULL) {
163        error("Host Address Mismatch");
164        exit(1);
165    }
166
167    if ((args->pwd = doauth(remuser, args->hostname, locuser)) == NULL)
168        exit(1);
169
170    args->remuser = Strdup(remuser);
171    args->locuser = Strdup(remuser);
172    args->cmdbuf =  Strdup(cmdbuf);
173
174    return;
175}
176
177int main(int argc, char *argv[]) {
178    return qshell(argc, argv, &qshd_get_args, "qshd", 1);
179}
180
181/*
182 * vi:tabstop=4 shiftwidth=4 expandtab
183 */