nologin(8) overhaul

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

nologin(8) overhaul

Benjamin Baier
A /usr/bin/false vs. /sbin/nologin argument led me to nologin(8) so
here are some suggestions.

- de-lint
- return instead of exit()
- no need to tell an *possible evil* ssh user that pledge(2) failed
- some more churn/clean up

Greetings Ben

Index: nologin.c
===================================================================
RCS file: /cvs/src/sbin/nologin/nologin.c,v
retrieving revision 1.6
diff -u -p -r1.6 nologin.c
--- nologin.c 13 Oct 2015 07:10:38 -0000 1.6
+++ nologin.c 6 Mar 2016 08:46:24 -0000
@@ -26,19 +26,14 @@
  */
 
 #include <sys/types.h>
-#include <err.h>
 #include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
-/* Distinctly different from _PATH_NOLOGIN. */
-#define _PATH_NOLOGIN_TXT "/etc/nologin.txt"
-
 #define DEFAULT_MESG "This account is currently not available.\n"
 
-/*ARGSUSED*/
 int
 main(int argc, char *argv[])
 {
@@ -47,17 +42,16 @@ main(int argc, char *argv[])
  char nbuf[BUFSIZ];
 
  if (pledge("stdio rpath", NULL) == -1)
- err(1, "pledge");
+ return (1);
 
- nfd = open(_PATH_NOLOGIN_TXT, O_RDONLY);
- if (nfd < 0) {
+ nfd = open("/etc/nologin.txt", O_RDONLY);
+ if (nfd < 0)
  write(STDOUT_FILENO, DEFAULT_MESG, strlen(DEFAULT_MESG));
- exit (1);
+ else {
+ while ((nrd = read(nfd, nbuf, sizeof(nbuf))) != -1 && nrd != 0)
+ write(STDOUT_FILENO, nbuf, nrd);
+ close (nfd);
  }
 
- while ((nrd = read(nfd, nbuf, sizeof(nbuf))) != -1 && nrd != 0)
- write(STDOUT_FILENO, nbuf, nrd);
- close (nfd);
-
- exit (1);
+ return (1);
 }

Reply | Threaded
Open this post in threaded view
|

Re: nologin(8) overhaul

Benjamin Baier
Ping?
Also #include <sys/types.h> could be omitted, because it gets pulled in
by unistd.h.

On Sun, 6 Mar 2016 16:14:14 +0100
Benjamin Baier <[hidden email]> wrote:

> A /usr/bin/false vs. /sbin/nologin argument led me to nologin(8) so
> here are some suggestions.
>
> - de-lint
> - return instead of exit()
> - no need to tell an *possible evil* ssh user that pledge(2) failed
> - some more churn/clean up
>
> Greetings Ben
>
> Index: nologin.c
> ===================================================================
> RCS file: /cvs/src/sbin/nologin/nologin.c,v
> retrieving revision 1.6
> diff -u -p -r1.6 nologin.c
> --- nologin.c 13 Oct 2015 07:10:38 -0000 1.6
> +++ nologin.c 6 Mar 2016 08:46:24 -0000
> @@ -26,19 +26,14 @@
>   */
>  
>  #include <sys/types.h>
> -#include <err.h>
>  #include <fcntl.h>
>  #include <stdio.h>
>  #include <stdlib.h>
>  #include <string.h>
>  #include <unistd.h>
>  
> -/* Distinctly different from _PATH_NOLOGIN. */
> -#define _PATH_NOLOGIN_TXT "/etc/nologin.txt"
> -
>  #define DEFAULT_MESG "This account is currently not available.\n"
>  
> -/*ARGSUSED*/
>  int
>  main(int argc, char *argv[])
>  {
> @@ -47,17 +42,16 @@ main(int argc, char *argv[])
>   char nbuf[BUFSIZ];
>  
>   if (pledge("stdio rpath", NULL) == -1)
> - err(1, "pledge");
> + return (1);
>  
> - nfd = open(_PATH_NOLOGIN_TXT, O_RDONLY);
> - if (nfd < 0) {
> + nfd = open("/etc/nologin.txt", O_RDONLY);
> + if (nfd < 0)
>   write(STDOUT_FILENO, DEFAULT_MESG, strlen(DEFAULT_MESG));
> - exit (1);
> + else {
> + while ((nrd = read(nfd, nbuf, sizeof(nbuf))) != -1 && nrd != 0)
> + write(STDOUT_FILENO, nbuf, nrd);
> + close (nfd);
>   }
>  
> - while ((nrd = read(nfd, nbuf, sizeof(nbuf))) != -1 && nrd != 0)
> - write(STDOUT_FILENO, nbuf, nrd);
> - close (nfd);
> -
> - exit (1);
> + return (1);
>  }
>