diff options
| -rw-r--r-- | configurable-definitions | 29 | ||||
| -rw-r--r-- | src/security.c | 68 |
2 files changed, 66 insertions, 31 deletions
diff --git a/configurable-definitions b/configurable-definitions new file mode 100644 index 0000000..a26a551 --- /dev/null +++ b/configurable-definitions @@ -0,0 +1,29 @@ +TTY_PERM (default: 0600, type: int) + + Mode for TTY devices + + +FAILURE_SLEEP (default: 5, type: float) + + Number of seconds to sleep on login failure. + + +ERROR_SLEEP (default: 2, type: float) + + Number of seconds to sleep on error. + + +TIMEOUT_SECONDS (default: 60, type: int) + + Number of seconds before timeout when waiting for a passphrase. + + +OWN_VCSA (default: undefinied, type: #ifdef) + + Take ownership of and change mode of VCSA device + + +OWN_VCS (default: undefinied, type: #ifdef) + + Take ownership of and change mode of VCS device + diff --git a/src/security.c b/src/security.c index 5620749..af7df30 100644 --- a/src/security.c +++ b/src/security.c @@ -91,36 +91,42 @@ void chown_tty(uid_t owner, gid_t group, int with_fail) fail("fchmod"); /* Also do the above for /dev/vcs[a][0-9]+ */ - if (ioctl(STDIN_FILENO, VT_GETSTATE, &vtstat) == 0) - { - int n = vtstat.v_active; - char _vcs[16]; - char _vcsa[16]; - - char* vcs = _vcs; - char* vcsa = _vcsa; - vcs += 16; - vcsa += 16; - - if (n) - { - *--vcs = *--vcsa = 0; - while (n) - { - *--vcs = *--vcsa = (n % 10) + '0'; - n /= 10; - } - - vcs -= 8; - vcsa -= 9; - strcpy(vcs, "/dev/vcs"); - strcpy(vcsa, "/dev/vcsa"); - - if (chown(vcs, owner, group) && with_fail) fail("chown"); - if (chown(vcsa, owner, group) && with_fail) fail("chown"); - if (chmod(vcs, TTY_PERM) && with_fail) fail("chmod"); - if (chmod(vcsa, TTY_PERM) && with_fail) fail("chmod"); - } - } + #if defined(OWN_VCSA) || defined(OWN_VCS) + if (ioctl(STDIN_FILENO, VT_GETSTATE, &vtstat) == 0) + { + int n = vtstat.v_active; + char _vcs[16]; + char _vcsa[16]; + + char* vcs = _vcs; + char* vcsa = _vcsa; + vcs += 16; + vcsa += 16; + + if (n) + { + *--vcs = *--vcsa = 0; + while (n) + { + *--vcs = *--vcsa = (n % 10) + '0'; + n /= 10; + } + + vcs -= 8; + vcsa -= 9; + strcpy(vcs, "/dev/vcs"); + strcpy(vcsa, "/dev/vcsa"); + + #ifdef OWN_VCS + if (chown(vcs, owner, group) && with_fail) fail("chown"); + if (chmod(vcs, TTY_PERM) && with_fail) fail("chmod"); + #endif + #ifdef OWN_VCSA + if (chown(vcsa, owner, group) && with_fail) fail("chown"); + if (chmod(vcsa, TTY_PERM) && with_fail) fail("chmod"); + #endif + } + } + #endif } |