0002-su-login-Introduce-PREVENT_NO_AUTH.patch (2939B)
- From b52ef69b3b8442a77eeb18b7bf8f9b47148d6c34 Mon Sep 17 00:00:00 2001
- From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
- Date: Mon, 15 Mar 2021 10:25:50 +0100
- Subject: [PATCH 2/2] su & login: Introduce PREVENT_NO_AUTH
- ---
- etc/login.defs | 9 +++++++++
- lib/getdef.c | 1 +
- src/login.c | 13 +++++++++++--
- src/su.c | 20 +++++++++++++++-----
- 4 files changed, 36 insertions(+), 7 deletions(-)
- diff --git a/etc/login.defs b/etc/login.defs
- index a2f8cd50..f6b613a1 100644
- --- a/etc/login.defs
- +++ b/etc/login.defs
- @@ -428,3 +428,12 @@ USERGROUPS_ENAB yes
- # missing.
- #
- #FORCE_SHADOW yes
- +
- +#
- +# Prevents an empty password field to be interpreted as "no authentication
- +# required".
- +# Set to "yes" to prevent for all accounts
- +# Set to "superuser" to prevent for UID 0 / root (default)
- +# Set to "no" to not prevent for any account (dangerous, historical default)
- +
- +PREVENT_NO_AUTH yes
- diff --git a/lib/getdef.c b/lib/getdef.c
- index 00f6abfe..d25d13f4 100644
- --- a/lib/getdef.c
- +++ b/lib/getdef.c
- @@ -149,6 +149,7 @@ static struct itemdef def_table[] = {
- {"USE_TCB", NULL},
- #endif
- {"FORCE_SHADOW", NULL},
- + {"PREVENT_NO_AUTH", NULL},
- {NULL, NULL}
- };
- diff --git a/src/login.c b/src/login.c
- index 0c0b5c86..be84a884 100644
- --- a/src/login.c
- +++ b/src/login.c
- @@ -978,9 +978,18 @@ int main (int argc, char **argv)
- || ('*' == user_passwd[0])) {
- failed = true;
- }
- - /* Treat empty password field as invalid */
- +
- if (strcmp (user_passwd, "") == 0) {
- - failed = true;
- + char *prevent_no_auth = getdef_str("PREVENT_NO_AUTH");
- + if(prevent_no_auth == NULL) {
- + prevent_no_auth = "superuser";
- + }
- + if(strcmp(prevent_no_auth, "yes") == 0) {
- + failed = true;
- + } else if( (pwd->pw_uid == 0)
- + && (strcmp(prevent_no_auth, "superuser") == 0)) {
- + failed = true;
- + }
- }
- }
- diff --git a/src/su.c b/src/su.c
- index 638f533f..9cae4b2f 100644
- --- a/src/su.c
- +++ b/src/su.c
- @@ -499,15 +499,25 @@ static void check_perms_nopam (const struct passwd *pw)
- /*@observer@*/const char *password = pw->pw_passwd;
- RETSIGTYPE (*oldsig) (int);
- - if (strcmp (pw->pw_passwd, "") == 0) {
- - fprintf(stderr, _("Password field is empty, this is invalid.\n"));
- - exit(1);
- - }
- -
- if (caller_is_root) {
- return;
- }
- + if (strcmp (pw->pw_passwd, "") == 0) {
- + char *prevent_no_auth = getdef_str("PREVENT_NO_AUTH");
- + if(prevent_no_auth == NULL) {
- + prevent_no_auth = "superuser";
- + }
- + if(strcmp(prevent_no_auth, "yes") == 0) {
- + fprintf(stderr, _("Password field is empty, this is forbidden for all accounts.\n"));
- + exit(1);
- + } else if( (pw->pw_uid == 0)
- + && (strcmp(prevent_no_auth, "superuser") == 0)) {
- + fprintf(stderr, _("Password field is empty, this is forbidden for super-user.\n"));
- + exit(1);
- + }
- + }
- +
- /*
- * BSD systems only allow "wheel" to SU to root. USG systems don't,
- * so we make this a configurable option.
- --
- 2.26.3