From c3a88777291223b4ed750a3450abc373ecab8ecb Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Tue, 19 Nov 2013 02:19:08 +0100 Subject: m MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- src/cerberus.c | 19 +++++++++++++++++++ src/cerberus.h | 3 +++ src/login.c | 3 +++ 3 files changed, 25 insertions(+) (limited to 'src') diff --git a/src/cerberus.c b/src/cerberus.c index 6f0ce91..01cbe08 100644 --- a/src/cerberus.c +++ b/src/cerberus.c @@ -44,6 +44,10 @@ int main(int argc, char** argv) do_login(argc, argv); + /* Ignore signals */ + signal(SIGQUIT, SIG_IGN); + signal(SIGINT, SIG_IGN); + /* Wait for the login shell to exit */ waitpid(child_pid, &_status, 0); @@ -220,6 +224,12 @@ void do_login(int argc, char** argv) set_environ(entry, preserve_env); + /* Stop signal handling */ + signal(SIGALRM, SIG_DFL); + signal(SIGQUIT, SIG_DFL); + signal(SIGTSTP, SIG_IGN); + + child_pid = fork(); /* vfork cannot be used as the child changes the user, the parent would not be able to chown the TTY */ @@ -227,10 +237,19 @@ void do_login(int argc, char** argv) if (child_pid == -1) { perror("fork"); + sleep(ERROR_SLEEP); _exit(1); } else if (child_pid == 0) { + /* In case the shell does not do this */ + setsid(); + + /* Set controlling terminal */ + if (ioctl(STDIN_FILENO, TIOCSCTTY, 1)) + perror("TIOCSCTTY"); + signal(SIGINT, SIG_DFL); + /* Partial login */ /* TODO set supplemental groups */ set_user(entry); diff --git a/src/cerberus.h b/src/cerberus.h index e195245..706925a 100644 --- a/src/cerberus.h +++ b/src/cerberus.h @@ -26,7 +26,10 @@ #include #include #include +#include +#include #include +#include #ifdef USE_TTY_GROUP #include #endif diff --git a/src/login.c b/src/login.c index 3ad1204..32f118f 100644 --- a/src/login.c +++ b/src/login.c @@ -193,5 +193,8 @@ void exec_shell(struct passwd* entry) *(child_argv + child_argc) = NULL; execvp(*child_argv, child_argv + 1); + perror("execvp"); + sleep(ERROR_SLEEP); + _exit(1); } -- cgit v1.2.3-70-g09d2