aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--configurable-definitions29
-rw-r--r--src/security.c68
2 files changed, 66 insertions, 31 deletions
diff --git a/configurable-definitions b/configurable-definitions
new file mode 100644
index 0000000..a26a551
--- /dev/null
+++ b/configurable-definitions
@@ -0,0 +1,29 @@
+TTY_PERM (default: 0600, type: int)
+
+ Mode for TTY devices
+
+
+FAILURE_SLEEP (default: 5, type: float)
+
+ Number of seconds to sleep on login failure.
+
+
+ERROR_SLEEP (default: 2, type: float)
+
+ Number of seconds to sleep on error.
+
+
+TIMEOUT_SECONDS (default: 60, type: int)
+
+ Number of seconds before timeout when waiting for a passphrase.
+
+
+OWN_VCSA (default: undefinied, type: #ifdef)
+
+ Take ownership of and change mode of VCSA device
+
+
+OWN_VCS (default: undefinied, type: #ifdef)
+
+ Take ownership of and change mode of VCS device
+
diff --git a/src/security.c b/src/security.c
index 5620749..af7df30 100644
--- a/src/security.c
+++ b/src/security.c
@@ -91,36 +91,42 @@ void chown_tty(uid_t owner, gid_t group, int with_fail)
fail("fchmod");
/* Also do the above for /dev/vcs[a][0-9]+ */
- if (ioctl(STDIN_FILENO, VT_GETSTATE, &vtstat) == 0)
- {
- int n = vtstat.v_active;
- char _vcs[16];
- char _vcsa[16];
-
- char* vcs = _vcs;
- char* vcsa = _vcsa;
- vcs += 16;
- vcsa += 16;
-
- if (n)
- {
- *--vcs = *--vcsa = 0;
- while (n)
- {
- *--vcs = *--vcsa = (n % 10) + '0';
- n /= 10;
- }
-
- vcs -= 8;
- vcsa -= 9;
- strcpy(vcs, "/dev/vcs");
- strcpy(vcsa, "/dev/vcsa");
-
- if (chown(vcs, owner, group) && with_fail) fail("chown");
- if (chown(vcsa, owner, group) && with_fail) fail("chown");
- if (chmod(vcs, TTY_PERM) && with_fail) fail("chmod");
- if (chmod(vcsa, TTY_PERM) && with_fail) fail("chmod");
- }
- }
+ #if defined(OWN_VCSA) || defined(OWN_VCS)
+ if (ioctl(STDIN_FILENO, VT_GETSTATE, &vtstat) == 0)
+ {
+ int n = vtstat.v_active;
+ char _vcs[16];
+ char _vcsa[16];
+
+ char* vcs = _vcs;
+ char* vcsa = _vcsa;
+ vcs += 16;
+ vcsa += 16;
+
+ if (n)
+ {
+ *--vcs = *--vcsa = 0;
+ while (n)
+ {
+ *--vcs = *--vcsa = (n % 10) + '0';
+ n /= 10;
+ }
+
+ vcs -= 8;
+ vcsa -= 9;
+ strcpy(vcs, "/dev/vcs");
+ strcpy(vcsa, "/dev/vcsa");
+
+ #ifdef OWN_VCS
+ if (chown(vcs, owner, group) && with_fail) fail("chown");
+ if (chmod(vcs, TTY_PERM) && with_fail) fail("chmod");
+ #endif
+ #ifdef OWN_VCSA
+ if (chown(vcsa, owner, group) && with_fail) fail("chown");
+ if (chmod(vcsa, TTY_PERM) && with_fail) fail("chmod");
+ #endif
+ }
+ }
+ #endif
}