diff options
| -rw-r--r-- | utils/login.c | 618 |
1 files changed, 457 insertions, 161 deletions
diff --git a/utils/login.c b/utils/login.c index 0cab4934..7d666afb 100644 --- a/utils/login.c +++ b/utils/login.c @@ -22,179 +22,330 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <argp.h> -#include <argz.h> #include <unistd.h> #include <paths.h> -#include <error.h> #include <ctype.h> +#include <utmp.h> #include <pwd.h> #include <grp.h> + #include <sys/fcntl.h> -#define DEFAULT_SHELL _PATH_BSHELL -#define DEFAULT_PATH _PATH_DEFPATH -#define DEFAULT_HOME "/u/nobody" +#include <argp.h> +#include <argz.h> +#include <envz.h> +#include <idvec.h> +#include <error.h> + +#define DEFAULT_NOBODY "login" #define DEFAULT_UMASK 0 +#define _PATH_MOTD "/etc/motd" /* XXX */ + +/* Which shell to use if we can't find the default one. */ +#define FAILURE_SHELL _PATH_BSHELL + +/* Defaults for various login parameters. */ +char *default_args[] = { + "SHELL=" _PATH_BSHELL, + "HOME=/u/login", + "USER=login", + "NAME=Not logged in", + "HUSHLOGIN=.hushlogin", /* Looked up relative new home dir. */ + "MOTD=" _PATH_MOTD, + 0 +}; +/* Default values for the new environment. */ +char *default_env[] = { + "PATH=" _PATH_DEFPATH, + 0 +}; + +/* Which things are copied from the login parameters into the environment. */ +char *copied_args[] = { "SHELL", "HOME", "NAME", "VIA", 0 }; + static struct argp_option options[] = { - {"shell", 's', "SHELL", 0, "Use SHELL as the new shell"}, - {"arg", 'a', "ARG", 0, "Add ARG to the shell's arguments"}, - {"arg0", '0', "ARG", 0, "Make ARG the shell's argv[0]"}, - {"environ", 'e', "ENTRY", 0, "Add ENTRY to the environment"}, - {"user", 'u', "USER", 0, "Add USER to the uids in the new shell"}, - {"aux-user", 'U', "USER", 0, "Add USER to the aux uids in the new shell"}, - {"group", 'g', "GROUP", 0, "Add GROUP to the gids in the new shell"}, - {"aux-group", 'G', "GROUP", 0, "Add GROUP to the aux gids in the new shell"}, - {"home", 'h', "DIR", 0, "Make DIR the CWD of the new shell"}, - {"umask", 'm', "MASK", 0, "Make UMASK the new shell's umask"}, - {"path", 'p', "PATH", 0, "Path put in environment by default"}, - {"no-environ", 'E', 0, 0, "Don't put default entries into the new environment"}, + {"arg0", '0', "ARG", 0, "Make ARG the shell's argv[0]"}, + {"environ", 'e', "ENTRY", 0, "Add ENTRY to the environment"}, + {"environ-default", 'E', "ENTRY", 0, "Use ENTRY as a default environment variable"}, + {"no-args", 'x', 0, 0, "Don't login args into the environment"}, + {"arg", 'a', "ARG", 0, "Add login parameter ARG"}, + {"arg-default", 'A', "ARG", 0, "Use ARG as a default login parameter"}, + {"no-environ", 'X', 0, 0, "Don't add the parent environment as default login params"}, + {"user", 'u', "USER", 0, "Add USER to the effective uids"}, + {"avail-user",'U', "USER", 0, "Add USER to the available uids"}, + {"group", 'g', "GROUP", 0, "Add GROUP to the effective groups"}, + {"avail-group",'G',"GROUP", 0, "Add GROUP to the available groups"}, + {"umask", 'm', "MASK", 0, "Use a umask of MASK"}, + {"nobody", 'n', "USER", 0, "Use USER's passwd entry to fetch the default" + "login params if there are no uids (default `" DEFAULT_NOBODY "')"}, + {"inherit-environ", 'p', 0, 0, "Inherit the parent's environment"}, + {"via", 'h', "HOST", 0, "This login is from HOST"}, + {"no-passwd", 'f', 0, 0, "Don't ask for passwords"}, + {"no-utmp", 'z', 0, 0, "Don't put an entry in utmp"}, {0, 0} }; -static char *args_doc = "[USER...]"; -static char *doc = 0; +static char *args_doc = "[USER [ARG...]]"; +static char *doc = +"To give args to the shell without specifying a user, use - for USER.\n" +"Current login parameters include HOME, SHELL, USER, NAME, and ROOT."; -/* These functions should be moved into argz.c in libshouldbelibc. */ - -/* Add BUF, of length BUF_)LEN to the argz vector in ARGZ & ARGZ_LEN. */ -static error_t -argz_append (char **argz, unsigned *argz_len, char *buf, unsigned buf_len) +/* Outputs whatever can be read from file descriptor FD to standard output, + and then close it. If FD is < 0, assumes an error happened, and prints an + error message using ERRNO and STR. */ +static void +cat (int fd, char *str) { - unsigned new_argz_len = *argz_len + buf_len; - char *new_argz = realloc (*argz, new_argz_len); - if (new_argz) + int rd = fd < 0 ? -1 : 1; + while (rd > 0) { - bcopy (buf, new_argz + *argz_len, buf_len); - *argz = new_argz; - *argz_len = new_argz_len; - return 0; + char buf[4096]; + rd = read (fd, buf, sizeof (buf)); + if (rd > 0) + write (0, buf, rd); } - else - return ENOMEM; -} - -/* Add STR to the argz vector in ARGZ & ARGZ_LEN. This should be moved into - argz.c in libshouldbelibc. */ -static error_t -argz_add (char **argz, unsigned *argz_len, char *str) -{ - return argz_append (argz, argz_len, str, strlen (str) + 1); + if (rd < 0) + error (0, errno, "%s", str); } -typedef unsigned id_t; - -struct ids -{ - id_t *ids; - unsigned num, alloced; -}; - -struct -ids *make_ids () +/* Add a utmp entry based on the parameters in ARGS & ARGS_LEN, from tty + TTY_FD. */ +static void +add_utmp_entry (char *args, unsigned args_len, int tty_fd) { - struct ids *ids = malloc (sizeof (struct ids)); - if (!ids) - error(8, ENOMEM, "Can't allocate id list"); - ids->ids = 0; - ids->num = ids->alloced = 0; - return ids; -} + extern void login (struct utmp *); /* in libutil */ + struct utmp utmp; + char bogus_tty[sizeof (_PATH_TTY) + 2]; + char *tty = ttyname (0), *tail; -void -ids_add (struct ids *ids, id_t id) -{ - if (ids->alloced == ids->num) + if (! tty) { - ids->alloced = ids->alloced * 2 + 1; - ids->ids = realloc (ids->ids, ids->alloced * sizeof (id_t)); - if (ids->ids == NULL) - error(8, ENOMEM, "Can't allocate id list"); + sprintf (bogus_tty, "%s??", _PATH_TTY); + tty = bogus_tty; } - ids->ids[ids->num++] = id; + tail = rindex (tty, '/'); + if (tail) + tty = tail + 1; + + bzero (&utmp, sizeof (utmp)); + + time (&utmp.ut_time); + strncpy (utmp.ut_name, envz_get (args, args_len, "USER") ?: "", + sizeof (utmp.ut_name)); + strncpy (utmp.ut_host, envz_get (args, args_len, "VIA") ?: "", + sizeof (utmp.ut_host)); + strncpy (utmp.ut_line, tty, sizeof (utmp.ut_line)); + + login (&utmp); } void main(int argc, char *argv[]) { - error_t err; + int i, fd; + error_t err = 0; int umask = DEFAULT_UMASK; - char *shell = 0; /* The shell program to run. */ - char *home = 0; /* The new home directory. */ - char *path = DEFAULT_PATH; /* The path put in environment. */ - char *arg0 = 0; /* The shell's argv[0]. */ - char *args = 0; /* The args to the shell. */ + char *nobody = DEFAULT_NOBODY; /* Where to get params if there is no user. */ + char *args = 0; /* The login parameters */ unsigned args_len = 0; + char *passwd = 0; /* Login parameters from /etc/passwd */ + unsigned passwd_len = 0; + char *args_defs = 0; /* Defaults for login parameters. */ + unsigned args_defs_len = 0; char *env = 0; /* The new environment. */ unsigned env_len = 0; - int no_environ = 0; /* True if we shouldn't add default entries. */ - struct ids *uids = make_ids (); /* The UIDs of the new shell. */ - struct ids *gids = make_ids (); /* The GIDs. */ - struct ids *aux_uids = make_ids (); /* The aux UIDs of the new shell. */ - struct ids *aux_gids = make_ids (); /* The aux GIDs. */ + char *env_defs = 0; /* Defaults for the environment. */ + unsigned env_defs_len = 0; + char *parent_env = 0; /* The environment we got from our parent */ + unsigned parent_env_len = 0; + int no_environ = 0; /* If false, use the env as default params. */ + int no_args = 0; /* If false, put login params in the env. */ + int inherit_environ = 0; /* True if we shouldn't clear our env. */ + int saw_user_arg = 0; /* True if we've seen the USER argument. */ + int no_passwd = 0; /* Don't bother verifying what we're doing. */ + int no_utmp = 0; /* Don't put an entry in utmp. */ + struct idvec *uids = make_idvec (); /* The UIDs of the new shell. */ + struct idvec *gids = make_idvec (); /* The GIDs. */ + struct idvec *aux_uids = make_idvec (); /* The aux UIDs of the new shell. */ + struct idvec *aux_gids = make_idvec (); /* The aux GIDs. */ + char *shell = 0; /* The shell program to run. */ + char *home = 0; /* The new home directory. */ + char *root = 0; /* The optional new root directory. */ + char *hushlogin = 0; /* The hushlogin file. */ + char *sh_arg0 = 0; /* The shell's argv[0]. */ + char *sh_args = 0; /* The args to the shell. */ + unsigned sh_args_len = 0; mach_port_t exec_node; /* The shell executable. */ mach_port_t home_node; /* The home directory node. */ - mach_port_t ports[INIT_PORT_MAX]; - int ints[INIT_INT_MAX]; + mach_port_t root_node; /* The root node. */ + mach_port_t ports[INIT_PORT_MAX]; /* Init ports for the new process. */ + int ints[INIT_INT_MAX]; /* Init ints for it. */ mach_port_t dtable[3]; /* File descriptors passed. */ - char *argz = 0; /* The shell's arg vector. */ - unsigned argz_len = 0; mach_port_t auth; /* The auth port for the new shell. */ mach_port_t auth_server = getauth (); mach_port_t proc_server = getproc (); + /* Returns a copy of the io/proc object PORT reauthenticated in AUTH. If an + error occurs, NAME is used to print an error message, and the program + exited. */ + mach_port_t + reauth (mach_port_t port, int is_proc, auth_t auth, char *name) + { + if (port) + { + mach_port_t rend = mach_reply_port (), new_port; + error_t err = + is_proc ? + proc_reauthenticate (port, rend, MACH_MSG_TYPE_MAKE_SEND) + : io_reauthenticate (port, rend, MACH_MSG_TYPE_MAKE_SEND); + + if (err) + error (12, err, "reauthenticating %s", name); + + err = + auth_user_authenticate (auth, port, + rend, MACH_MSG_TYPE_MAKE_SEND, + &new_port); + if (err) + error (13, err, "reauthenticating %s", name); + + if (is_proc) + /* proc_reauthenticate modifies the existing port. */ + { + /* We promised to make a copy, so do so... */ + mach_port_mod_refs (mach_task_self (), MACH_PORT_RIGHT_SEND, + port, 1); + if (new_port != MACH_PORT_NULL) + mach_port_deallocate (mach_task_self (), new_port); + } + else + port = new_port; + + mach_port_destroy (mach_task_self (), rend); + } + return port; + } + + /* Add the `=' separated environment entry ENTRY to ENV & ENV_LEN, exiting + with an error message if we can't. */ + void add_entry (char **env, unsigned *env_len, char *entry) + { + char *name = strsep (&entry, "="); + err = envz_add (env, env_len, name, entry); + if (err) + error (8, err, "Adding %s", entry); + } + + /* Make sure the user should be allowed to do this. */ + void verify_passwd (const char *name, const char *password) + { + if (! no_passwd && password && *password) + { + extern char *crypt (const char salt[2], const char *string); + char *prompt, *unencrypted, *encrypted; + + asprintf (&prompt, "Password for %s:", name); + unencrypted = getpass (prompt); + encrypted = crypt (unencrypted, password); + /* Paranoia may destroya. */ + memset (unencrypted, 0, strlen (unencrypted)); + + if (strcmp (encrypted, password) != 0) + error (50, 0, "%s: Invalid password", name); + } + } + /* Parse our options... */ error_t parse_opt (int key, char *arg, struct argp_state *state) { switch (key) { - case 's': shell = arg; break; - case 'm': umask = strtoul (arg, 0, 8); break; - case 'h': home = arg; break; - case 'p': path = arg; break; - - case 'e': - err = argz_add (&env, &env_len, arg); - if (err) - error (8, err, "Adding %s", arg); - break; - case 'a': - err = argz_add (&args, &args_len, arg); - if (err) - error (9, err, "Adding %s", arg); - break; - case '0': - arg0 = arg; - break; + case 'n': nobody = arg; break; + case 'm': umask = strtoul (arg, 0, 8); break; + case 'p': inherit_environ = 1; break; + case 'x': no_args = 1; break; + case 'X': no_environ = 1; break; + case 'e': add_entry (&env, &env_len, arg); break; + case 'E': add_entry (&env_defs, &env_defs_len, arg); break; + case 'a': add_entry (&args, &args_len, arg); break; + case 'A': add_entry (&args_defs, &args_defs_len, arg); break; + case '0': sh_arg0 = arg; break; + case 'h': envz_add (&args, &args_len, "VIA", arg); break; + case 'f': no_passwd = 1; break; + case 'z': no_utmp = 1; break; case ARGP_KEY_ARG: + if (saw_user_arg) + { + err = argz_add (&sh_args, &sh_args_len, arg); + if (err) + error (9, err, "Adding %s", arg); + break; + } + + saw_user_arg = 1; + if (strcmp (arg, "-") == 0) + arg = 0; /* Just like there weren't any args at all. */ + /* Fall through to deal with adding the user. */ + case 'u': case 'U': + case ARGP_KEY_NO_ARGS: { + /* USER is whom to look up. If it's 0, then we hit the end of + the sh_args without seeing a user, so we want to add defaults + values for `nobody'. */ + char *user = arg ?: nobody; struct passwd *pw = - isdigit (*arg) ? getpwuid (atoi (arg)) : getpwnam (arg); - if (! pw) - error (10, 0, "%s: Unknown user", arg); + isdigit (*user) ? getpwuid (atoi (user)) : getpwnam (user); - /* Should check password here. */ - - if (key != 'U') + if (! pw) + if (! arg) + /* It was nobody anyway. Just use the defaults. */ + break; + else + error (10, 0, "%s: Unknown user", user); + + if (arg + && ! idvec_contains (uids, pw->pw_uid) + && ! idvec_contains (aux_uids, pw->pw_uid)) + /* Check for a password, but only if we haven't already, and + it's not nobody. */ + verify_passwd (pw->pw_name, pw->pw_passwd); + + if (key == 'U') + /* Add aux-ids instead of real ones. */ { - ids_add (uids, pw->pw_uid); - ids_add (gids, pw->pw_gid); - - /* Add reasonable defaults. */ - if (! home && pw->pw_dir) - home = strdup (pw->pw_dir); - if (! shell && pw->pw_shell) - shell = strdup (pw->pw_shell); + idvec_add (aux_uids, pw->pw_uid); + idvec_add (aux_uids, pw->pw_gid); } else { - ids_add (aux_uids, pw->pw_uid); - ids_add (aux_uids, pw->pw_gid); + if (key == ARGP_KEY_ARG || uids->num == 0) + /* If it's the argument (as opposed to option) specifying a + user, or the first option user, then we get defaults for + various things from the password entry. */ + { + envz_add (&passwd, &passwd_len, "HOME", pw->pw_dir); + envz_add (&passwd, &passwd_len, "SHELL", pw->pw_shell); + envz_add (&passwd, &passwd_len, "NAME", pw->pw_gecos); + envz_add (&passwd, &passwd_len, "USER", pw->pw_name); + } + if (arg) /* A real user. */ + { + idvec_add (uids, pw->pw_uid); + idvec_add (gids, pw->pw_gid); + + if (key == ARGP_KEY_ARG) + /* The real user arg; make sure this is the first id in + the aux ids set (i.e. the `real' id). */ + { + idvec_insert (aux_uids, 0, pw->pw_uid); + idvec_insert (aux_gids, 0, pw->pw_gid); + } + } } } break; @@ -207,9 +358,12 @@ main(int argc, char *argv[]) if (! gr) error (11, 0, "%s: Unknown group", arg); - /* Should check password here. */ + if (! idvec_contains (gids, gr->gr_gid) + && ! idvec_contains (aux_gids, gr->gr_gid)) + /* Check for a password, but only if we haven't already. */ + verify_passwd (gr->gr_name, gr->gr_passwd); - ids_add (key == 'g' ? gids : aux_gids, gr->gr_gid); + idvec_add (key == 'g' ? gids : aux_gids, gr->gr_gid); } break; @@ -219,71 +373,213 @@ main(int argc, char *argv[]) } struct argp argp = {options, parse_opt, args_doc, doc}; + /* Don't allow logins if the nologin file exists. */ + fd = open (_PATH_NOLOGIN, O_RDONLY); + if (fd >= 0) + { + cat (fd, _PATH_NOLOGIN); + exit (40); + } + + /* Put in certain last-ditch defaults. */ + err = argz_create (default_args, &args_defs, &args_defs_len); + if (! err) + err = argz_create (default_env, &env_defs, &env_defs_len); + if (err) + error (23, err, "adding defaults"); + + err = argz_create (environ, &parent_env, &parent_env_len); + + /* Parse our options. */ argp_parse (&argp, argc, argv, 0, 0); - if (! shell) - shell = DEFAULT_SHELL; - if (! arg0) - arg0 = shell; - if (! home) - home = DEFAULT_HOME; + /* Now that we've parsed the command line, put together all these + environments we've gotten from various places. There are two targets: + (1) the login parameters, and (2) the child environment. + + The login parameters come from these sources (in priority order): + a) User specified (with the --arg option) + b) From the passwd file entry for the user being logged in as + c) From the parent environment, if --no-environ wasn't specified + d) From the user-specified defaults (--arg-default) + e) From last-ditch defaults given by the DEFAULT_* defines above + + The child environment is from: + a) User specified (--environ) + b) From the login parameters (if --no-args wasn't specified) + c) From the parent environment, if --inherit-environ was specified + d) From the user-specified default env values (--environ-default) + e) From last-ditch defaults given by the DEFAULT_* defines above + */ + + /* Merge the login parameters. */ + err = envz_merge (&args, &args_len, passwd, passwd_len, 0); + if (! err && ! no_environ) + err = envz_merge (&args, &args_len, parent_env, parent_env_len, 0); + if (! err) + err = envz_merge (&args, &args_len, args_defs, args_defs_len, 0); + if (err) + error (24, err, "merging parameters"); + + /* Verify the shell and home dir parameters. We make a copy of SHELL, as + we may frob ARGS ahead, and mess up where it's pointing. */ + shell = strdup (envz_get (args, args_len, "SHELL")); + home = envz_get (args, args_len, "HOME"); + root = envz_get (args, args_len, "ROOT"); - argz_add (&argz, &argz_len, arg0); - argz_append (&argz, &argz_len, args, args_len); + exec_node = file_name_lookup (shell, O_EXEC, 0); + if (exec_node == MACH_PORT_NULL) + { + err = errno; /* Save original lookup errno. */ - if (! no_environ) + if (strcmp (shell, FAILURE_SHELL) != 0) + exec_node = file_name_lookup (FAILURE_SHELL, O_EXEC, 0); + + /* Give the error message, but only exit if we couldn't default. */ + error (exec_node == MACH_PORT_NULL ? 1 : 0, err, "%s", shell); + + /* If we get here, we looked up the default shell ok. */ + shell = FAILURE_SHELL; + error (0, 0, "Using SHELL=%s", shell); + envz_add (&args, &args_len, "SHELL", shell); + } + + if (home && *home) { - char *entry; - asprintf (&entry, "HOME=%s", home); - argz_add (&env, &env_len, entry); - free (entry); - asprintf (&entry, "SHELL=%s", shell); - argz_add (&env, &env_len, entry); - free (entry); - if (path) + home_node = file_name_lookup (home, O_RDONLY, 0); + if (home_node == MACH_PORT_NULL) { - asprintf (&entry, "PATH=%s", path); - argz_add (&env, &env_len, entry); - free (entry); + error (0, errno, "%s", home); + error (0, 0, "Using HOME=/"); + home_node = getcrdir (); + envz_add (&args, &args_len, "HOME", "/"); } } + else + home_node = getcwdir (); - exec_node = file_name_lookup (shell, O_EXEC, 0); - if (exec_node == MACH_PORT_NULL) - error (1, errno, "%s", shell); + if (root && *root) + { + root_node = file_name_lookup (root, O_RDONLY, 0); + if (root_node == MACH_PORT_NULL) + error (40, errno, "%s", root); + } + else + root_node = getcrdir (); - home_node = file_name_lookup (home, O_RDONLY, 0); - if (home_node == MACH_PORT_NULL) - error (2, errno, "%s", home); + /* Build the child environment. */ + if (! no_args) + /* We can't just merge ARGS, because it may contain the parent + environment, which we don't always want in the child environment, so + we pick out only those values of args which actually *are* args. */ + { + char **name; + for (name = copied_args; *name && !err; name++) + if (! envz_get (env, env_len, *name)) + { + char *val = envz_get (args, args_len, *name); + if (val && *val) + err = envz_add (&env, &env_len, *name, val); + } + + if (!err && !envz_entry (args, args_len, "LOGNAME")) + /* Copy the user arg into the environment as LOGNAME. */ + { + char *user = envz_get (args, args_len, "USER"); + if (user) + err = envz_add (&env, &env_len, "LOGNAME", user); + } + } + if (! err && inherit_environ) + err = envz_merge (&env, &env_len, parent_env, parent_env_len, 0); + if (! err) + err = envz_merge (&env, &env_len, env_defs, env_defs_len, 0); + if (err) + error (24, err, "building environment"); + + if (! sh_arg0) + /* The shells argv[0] defaults to the basename of the shell. */ + { + char *shell_base = rindex (shell, '/'); + if (shell_base) + shell_base++; + else + shell_base = shell; + + sh_arg0 = malloc (strlen (shell_base) + 2); + if (! sh_arg0) + err = ENOMEM; + else + /* Prepend the name with a `-', as is the odd custom. */ + { + sh_arg0[0] = '-'; + strcpy (sh_arg0 + 1, shell_base); + } + } + if (! err) + err = argz_insert (&sh_args, &sh_args_len, sh_args, sh_arg0); + if (err) + error (21, err, "consing arguments"); err = auth_makeauth (auth_server, 0, MACH_MSG_TYPE_COPY_SEND, 0, - uids->ids, uids->num, gids->ids, gids->num, - aux_uids->ids, aux_uids->num, aux_gids->ids, aux_gids->num, + uids->ids, uids->num, aux_uids->ids, aux_uids->num, + gids->ids, gids->num, aux_gids->ids, aux_gids->num, &auth); if (err) - error (3, err, "authenticating"); + error (3, err, "Can't authenticate"); - bzero (ports, sizeof (*ports) * INIT_PORT_MAX); - ports[INIT_PORT_CRDIR] = getcrdir (); - ports[INIT_PORT_CWDIR] = home_node; - ports[INIT_PORT_AUTH] = auth; - ports[INIT_PORT_PROC] = proc_server; + proc_make_login_coll (proc_server); + if (aux_uids->num > 0) + proc_setowner (proc_server, aux_uids->ids[0]); + else if (uids->num > 0) + proc_setowner (proc_server, uids->ids[0]); + + /* Output the message of the day. */ + hushlogin = envz_get (args, args_len, "HUSHLOGIN"); + if (hushlogin && *hushlogin) + { + mach_port_t hush_login_node = + file_name_lookup_under (home_node, hushlogin, O_RDONLY, 0); + if (hush_login_node == MACH_PORT_NULL) + { + char *motd = envz_get (args, args_len, "MOTD"); + if (motd && *motd) + { + fd = open (motd, O_RDONLY); + if (fd >= 0) + cat (fd, motd); + } + } + else + mach_port_deallocate (mach_task_self (), hush_login_node); + } + + /* Get rid of any accumulated null entries in env. */ + envz_strip (&env, &env_len); bzero (ints, sizeof (*ints) * INIT_INT_MAX); ints[INIT_UMASK] = umask; - dtable[0] = getdport (0); - dtable[1] = getdport (1); - dtable[2] = getdport (2); + dtable[0] = reauth (getdport (0), 0, auth, "standard input"); + dtable[1] = reauth (getdport (1), 0, auth, "standard output"); + dtable[2] = reauth (getdport (2), 0, auth, "standard error"); + + for (i = 0; i < INIT_PORT_MAX; i++) + ports[i] = MACH_PORT_NULL; + ports[INIT_PORT_CRDIR] = reauth (root_node, 0, auth, "root directory"); + ports[INIT_PORT_CWDIR] = reauth (home_node, 0, auth, "home directory"); + ports[INIT_PORT_AUTH] = auth; + ports[INIT_PORT_PROC] = reauth (proc_server, 1, auth, "process port"); + + /* No more authentications to fail, so cross our fingers and add our utmp + entry. */ + if (! no_utmp) + add_utmp_entry (args, args_len, 0); err = file_exec (exec_node, mach_task_self (), -#if 0 EXEC_NEWTASK | EXEC_DEFAULTS | EXEC_SECURE, -#else - 0, -#endif - argz, argz_len, env, env_len, + sh_args, sh_args_len, env, env_len, dtable, MACH_MSG_TYPE_COPY_SEND, 3, ports, MACH_MSG_TYPE_COPY_SEND, INIT_PORT_MAX, ints, INIT_INT_MAX, |