[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-ports
Subject: call for japanese testers: kterm diff
From: Peter Valchev <pvalchev () sightly ! net>
Date: 2002-09-26 8:01:03
[Download RAW message or body]
This quick diff attempts to apply the latest modifications our xterm got
to kterm.
kterm needs suid root for pty allocation, but revokes root very early
it is setgid utmp for utmp management as well, and revokes gid utmp when
it is not needed
I want someone who uses this/can test it, to make sure that it works
and find/fix problems with it.
If nothing happens, I am tempted to remove the suid bit from the kterm
binary in the package. I know, that will remove some functionality
(although basic things will work), so help make this work
Index: patches/patch-Imakefile
===================================================================
RCS file: patches/patch-Imakefile
diff -N patches/patch-Imakefile
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-Imakefile 21 Sep 2002 21:16:13 -0000
@@ -0,0 +1,13 @@
+$OpenBSD$
+--- Imakefile.orig Thu Sep 19 20:07:05 2002
++++ Imakefile Sat Sep 21 15:16:07 2002
+@@ -80,7 +80,8 @@ SpecialCObjectRule(misc,$(_NOOP_),$(MISC
+ SpecialCObjectRule(charproc,$(_NOOP_),$(MISC_DEFINES))
+
+ #if InstallXtermSetUID
+-SetUIDProgramTarget(kterm,$(OBJS1),$(DEPLIBS1),XkbClientLibs \
XawClientLibs,$(TERMCAPLIB) $(PTYLIB)) \
++SetUIDProgramTarget(kterm,$(OBJS1),$(DEPLIBS1),XkbClientLibs \
XawClientLibs,$(TERMCAPLIB) $(PTYLIB) -lutil) ++INSTUIDFLAGS= -m 6755 -g utmp
+ #else
+ NormalProgramTarget(kterm,$(OBJS1),$(DEPLIBS1),XkbClientLibs \
XawClientLibs,$(TERMCAPLIB) $(PTYLIB)) + #endif
Index: patches/patch-KTerm_ad
===================================================================
RCS file: /cvs/ports/japanese/kterm/patches/patch-KTerm_ad,v
retrieving revision 1.1
diff -u -u -r1.1 patch-KTerm_ad
--- patches/patch-KTerm_ad 12 Mar 2002 19:59:55 -0000 1.1
+++ patches/patch-KTerm_ad 17 Sep 2002 04:28:49 -0000
@@ -1,7 +1,7 @@
$OpenBSD: patch-KTerm_ad,v 1.1 2002/03/12 19:59:55 fgsch Exp $
---- KTerm.ad.orig Sun Jun 23 05:00:22 1996
-+++ KTerm.ad Tue Mar 12 16:14:08 2002
-@@ -73,7 +73,8 @@ KTerm.JoinSession:False
+--- KTerm.ad.orig Mon Sep 16 22:06:36 2002
++++ KTerm.ad Mon Sep 16 22:06:36 2002
+@@ -75,7 +75,8 @@ KTerm.JoinSession:False
*fontMenu*font4*Label: Medium
*VT100*fontList4: -*-fixed-medium-r-normal--18-*,\
-*-gothic-medium-r-normal--18-*,\
@@ -11,7 +11,7 @@
*fontMenu*font5*Label: Large
*VT100*fontList5: -*-fixed-medium-r-normal--24-*,\
-*-gothic-medium-r-normal--24-*,\
-@@ -81,7 +82,8 @@ KTerm.JoinSession:False
+@@ -83,7 +84,8 @@ KTerm.JoinSession:False
*fontMenu*font6*Label: Huge
*VT100*fontList6: -*-fixed-medium-r-normal--26-*,\
-*-gothic-medium-r-normal--26-*,\
@@ -21,7 +21,7 @@
*fontMenu*fontescape*Label: Escape Sequence
*fontMenu*fontsel*Label: Selection
!fontescape and fontsel overridden by application
-@@ -94,7 +96,7 @@ KTerm.JoinSession:False
+@@ -96,7 +98,7 @@ KTerm.JoinSession:False
!*VT100*romanKanaBoldFont3: -*-*-bold-r-normal--16-*-jisx0201.1976-0
!*VT100*kanjiBoldFont3: -*-*-bold-r-normal--16-*-jisx0208.1983-0
Index: patches/patch-main_c
===================================================================
RCS file: /cvs/ports/japanese/kterm/patches/patch-main_c,v
retrieving revision 1.1
diff -u -u -r1.1 patch-main_c
--- patches/patch-main_c 12 Mar 2002 19:59:55 -0000 1.1
+++ patches/patch-main_c 21 Sep 2002 21:13:29 -0000
@@ -1,6 +1,6 @@
$OpenBSD: patch-main_c,v 1.1 2002/03/12 19:59:55 fgsch Exp $
---- main.c.orig Tue Mar 12 16:14:07 2002
-+++ main.c Tue Mar 12 16:14:08 2002
+--- main.c.orig Thu Sep 19 20:03:13 2002
++++ main.c Sat Sep 21 15:13:26 2002
@@ -142,9 +142,16 @@ static Bool IsPts = False;
#define WTMP
#endif
@@ -50,7 +50,31 @@
#define HAS_POSIX_SAVED_IDS
#endif
-@@ -434,6 +447,9 @@ static struct ltchars d_ltc;
+@@ -305,6 +318,12 @@ int Ptyfd;
+ #define USE_GET_PSEUDOTTY
+ #endif
+
++#ifdef __OpenBSD__
++#include <util.h>
++#include <sys/types.h>
++#include <grp.h>
++#endif
++
+ #ifndef UTMP_FILENAME
+ #ifdef UTMP_FILE
+ #define UTMP_FILENAME UTMP_FILE
+@@ -405,6 +424,10 @@ static SIGNAL_T reapchild ();
+
+ static Bool added_utmp_entry = False;
+
++#ifdef __OpenBSD__
++static gid_t utmpGid = -1;
++#endif
++
+ static Bool xterm_exiting = False;
+
+ /*
+@@ -434,6 +457,9 @@ static struct ltchars d_ltc;
static unsigned int d_lmode;
#endif /* TIOCLSET */
#else /* not USE_SYSV_TERMIO */
@@ -60,7 +84,7 @@
static struct sgttyb d_sg = {
0, 0, 0177, CKILL, EVENP|ODDP|ECHO|XTABS|CRMOD
};
-@@ -457,6 +473,7 @@ static struct jtchars d_jtc = {
+@@ -457,6 +483,7 @@ static struct jtchars d_jtc = {
'J', 'B'
};
#endif /* sony */
@@ -68,11 +92,26 @@
#endif /* USE_SYSV_TERMIO */
/* allow use of system default characters if defined and reasonable */
-@@ -1130,14 +1147,18 @@ char **argv;
+@@ -494,6 +521,8 @@ static struct jtchars d_jtc = {
+ #define CSTART ('Q'&037)
+ #endif
+
++static void set_owner(char *device, int uid, int gid, int mode);
++
+ static int parse_tty_modes ();
+ /*
+ * SYSV has the termio.c_cc[V] and ltchars; BSD has tchars and ltchars;
+@@ -1130,14 +1159,24 @@ char **argv;
strcpy (ptydev, PTYDEV);
#endif
-#ifdef USE_SYSV_TERMIO /* { */
++#ifdef __OpenBSD__
++ get_pty(NULL);
++ seteuid(getuid());
++ setuid(getuid());
++#endif /* __OpenBSD__ */
++
+#if defined(USE_SYSV_TERMIO) || defined(USE_POSIX_TERMIOS) /* { */
/* Initialization is done here rather than above in order
** to prevent any assumptions about the order of the contents
@@ -88,7 +127,7 @@
#if defined(macII) || defined(ATT) || defined(CRAY) /* { */
d_tio.c_cflag = B9600|CS8|CREAD|PARENB|HUPCL;
d_tio.c_lflag = ISIG|ICANON|ECHO|ECHOE|ECHOK;
-@@ -1161,9 +1182,11 @@ char **argv;
+@@ -1161,9 +1200,11 @@ char **argv;
d_tio.c_cc[VEOL2] = CNUL;
d_tio.c_cc[VSWTCH] = CNUL;
@@ -101,7 +140,7 @@
d_tio.c_cc[VREPRINT] = CRPRNT;
d_tio.c_cc[VDISCARD] = CFLUSH;
d_tio.c_cc[VWERASE] = CWERASE;
-@@ -1181,11 +1204,17 @@ char **argv;
+@@ -1181,11 +1222,17 @@ char **argv;
d_lmode = 0;
#endif /* } TIOCLSET */
#else /* }{ else !macII, ATT, CRAY */
@@ -119,7 +158,7 @@
d_tio.c_lflag = ISIG|ICANON|ECHO|ECHOE|ECHOK;
#ifdef ECHOKE
d_tio.c_lflag |= ECHOKE|IEXTEN;
-@@ -1193,11 +1222,13 @@ char **argv;
+@@ -1193,11 +1240,13 @@ char **argv;
#ifdef ECHOCTL
d_tio.c_lflag |= ECHOCTL|IEXTEN;
#endif
@@ -133,7 +172,7 @@
#ifdef __sgi
d_tio.c_cflag &= ~(HUPCL|PARENB);
d_tio.c_iflag |= BRKINT|ISTRIP|IGNPAR;
-@@ -1246,8 +1277,14 @@ char **argv;
+@@ -1246,8 +1295,14 @@ char **argv;
int i;
for (i = 0; i <= 2; i++) {
@@ -149,7 +188,7 @@
d_tio.c_cc[VINTR] = deftio.c_cc[VINTR];
d_tio.c_cc[VQUIT] = deftio.c_cc[VQUIT];
d_tio.c_cc[VERASE] = deftio.c_cc[VERASE];
-@@ -1302,9 +1339,11 @@ char **argv;
+@@ -1302,9 +1357,11 @@ char **argv;
d_ltc.t_werasc = '\377';
d_ltc.t_lnextc = '\377';
#endif /* } TIOCSLTC */
@@ -162,7 +201,81 @@
d_tio.c_cc[VREPRINT] = '\377';
d_tio.c_cc[VDISCARD] = '\377';
d_tio.c_cc[VWERASE] = '\377';
-@@ -2065,6 +2104,9 @@ spawn ()
+@@ -1361,7 +1418,14 @@ char **argv;
+ (void) fprintf(stderr, "setegid(%d): %s\n",
+ (int) egid, strerror(errno));
+ #endif
++#ifdef __OpenBSD__
++ if (resource.utmpInhibit) {
++ /* Can totally revoke group privs */
++ setegid(getgid());
++ setgid(getgid());
++ }
+ }
++#endif /* __OpenBSD__ */
+
+ waiting_for_initial_map = resource.wait_for_map;
+
+@@ -1716,9 +1780,37 @@ char *name;
+ * has problems, we can re-enter this function and get another one.
+ */
+
+-get_pty (pty)
+- int *pty;
++get_pty (int *pty)
+ {
++#ifdef __OpenBSD__
++ int result = 1;
++ static int m_tty = -1;
++ static int m_pty = -1;
++ struct group *ttygrp;
++
++ if (pty == NULL) {
++ result = openpty(&m_pty, &m_tty, ttydev, NULL, NULL);
++
++ seteuid(0);
++#ifdef XXX
++ if ((ttygrp = getgrnam(TTY_GROUP_NAME)) != 0) {
++#else
++ if ((ttygrp = getgrnam("tty")) != 0) {
++#endif
++ set_owner(ttydev, getuid(), ttygrp->gr_gid,
++ 0600);
++ } else {
++ set_owner(ttydev, getuid(), getgid(), 0600);
++ }
++ seteuid(getuid());
++ return result;
++ } else if (m_pty != -1) {
++ *pty = m_pty;
++ return (0);
++ } else {
++ return (-1);
++ }
++#endif /* __OpenBSD__ */
+ #ifdef __osf__
+ int tty;
+ return (openpty(pty, &tty, ttydev, NULL, NULL));
+@@ -2034,6 +2126,18 @@ void first_map_occurred ()
+ }
+ #endif /* USE_HANDSHAKE else !USE_HANDSHAKE */
+
++static void
++set_owner(char *device, int uid, int gid, int mode)
++{
++ if (chown (device, uid, gid) < 0) {
++ if (errno != ENOENT
++ && getuid() == 0) {
++ fprintf(stderr, "Cannot chown %s to %d,%d: %s\n",
++ device, uid, gid, strerror(errno));
++ }
++ }
++ chmod (device, mode);
++}
+
+ spawn ()
+ /*
+@@ -2065,6 +2169,9 @@ spawn ()
int zero = 0;
int status;
#else /* else not USE_SYSV_TERMIO */
@@ -172,7 +285,7 @@
unsigned lmode;
struct tchars tc;
struct ltchars ltc;
-@@ -2073,6 +2115,7 @@ spawn ()
+@@ -2073,6 +2180,7 @@ spawn ()
int jmode;
struct jtchars jtc;
#endif /* sony */
@@ -180,7 +293,7 @@
#endif /* USE_SYSV_TERMIO */
char termcap [1024];
-@@ -2168,9 +2211,9 @@ spawn ()
+@@ -2168,9 +2276,9 @@ spawn ()
#ifdef TIOCLSET
lmode = d_lmode;
#endif /* TIOCLSET */
@@ -192,7 +305,7 @@
sg = d_sg;
tc = d_tc;
discipline = d_disipline;
-@@ -2178,7 +2221,7 @@ spawn ()
+@@ -2178,7 +2286,7 @@ spawn ()
jmode = d_jmode;
jtc = d_jtc;
#endif /* sony */
@@ -201,7 +314,7 @@
} else {
SysError(ERROR_OPDEVTTY);
}
-@@ -2202,6 +2245,10 @@ spawn ()
+@@ -2202,6 +2310,10 @@ spawn ()
tio = d_tio;
#else /* not USE_SYSV_TERMIO */
@@ -212,7 +325,7 @@
if(ioctl(tty, TIOCGETP, (char *)&sg) == -1)
sg = d_sg;
if(ioctl(tty, TIOCGETC, (char *)&tc) == -1)
-@@ -2214,6 +2261,7 @@ spawn ()
+@@ -2214,6 +2326,7 @@ spawn ()
if(ioctl(tty, TIOCKGETC, (char *)&jtc) == -1)
jtc = d_jtc;
#endif /* sony */
@@ -220,7 +333,15 @@
#endif /* USE_SYSV_TERMIO */
close (tty);
/* tty is no longer an open fd! */
-@@ -2581,7 +2629,7 @@ spawn ()
+@@ -2508,6 +2621,7 @@ spawn ()
+ #endif /* USE_SYSV_PGRP */
+ }
+
++ perror("open ttydev");
+ #ifdef TIOCSCTTY
+ ioctl(tty, TIOCSCTTY, 0);
+ #endif
+@@ -2581,7 +2695,7 @@ spawn ()
* set up the tty modes
*/
{
@@ -229,7 +350,7 @@
#if defined(umips) || defined(CRAY) || defined(linux)
/* If the control tty had its modes screwed around with,
eg. by lineedit in the shell, or emacs, etc. then tio
-@@ -2598,12 +2646,15 @@ spawn ()
+@@ -2598,12 +2712,15 @@ spawn ()
tio.c_iflag &= ~(INLCR|IGNCR);
tio.c_iflag |= ICRNL;
/* ouput: cr->cr, nl is not return, no delays, ln->cr/nl */
@@ -245,7 +366,7 @@
#ifdef BAUD_0
/* baud rate is 0 (don't care) */
tio.c_cflag &= ~(CBAUD);
-@@ -2612,6 +2663,13 @@ spawn ()
+@@ -2612,6 +2729,13 @@ spawn ()
tio.c_cflag &= ~(CBAUD);
tio.c_cflag |= B9600;
#endif /* !BAUD_0 */
@@ -259,7 +380,7 @@
tio.c_cflag &= ~CSIZE;
if (screen->input_eight_bits)
tio.c_cflag |= CS8;
-@@ -2723,9 +2781,14 @@ spawn ()
+@@ -2723,9 +2847,14 @@ spawn ()
if (ioctl (tty, TIOCLSET, (char *)&lmode) == -1)
HsSysError(cp_pipe[1], ERROR_TIOCLSET);
#endif /* TIOCLSET */
@@ -275,7 +396,23 @@
#ifdef KTERM
sg.sg_flags &= ~(ALLDELAY | XTABS | CBREAK | RAW
| EVENP | ODDP);
-@@ -3272,11 +3335,11 @@ spawn ()
+@@ -3112,6 +3241,15 @@ spawn ()
+ #endif /* USE_HANDSHAKE */
+ #endif /* USE_SYSV_UTMP */
+
++#ifdef __OpenBSD__
++ /* Switch to real gid after writing utmp entry */
++ utmpGid = getegid();
++ if (getgid() != getegid()) {
++ utmpGid = getegid();
++ setegid(getgid());
++ }
++#endif /* __OpenBSD__ */
++
+ #ifdef USE_HANDSHAKE
+ /* Let our parent know that we set up our utmp entry
+ * so that it can clean up after us.
+@@ -3272,18 +3410,18 @@ spawn ()
shname_minus = malloc(strlen(shname) + 2);
(void) strcpy(shname_minus, "-");
(void) strcat(shname_minus, shname);
@@ -289,3 +426,24 @@
#ifdef USE_LOGIN_DASH_P
if (term->misc.login_shell && pw && added_utmp_entry)
+ execl (bin_login, "login", "-p", "-f", pw->pw_name, 0);
+ #endif
+ execlp (ptr, (term->misc.login_shell ? shname_minus : shname),
+- 0);
++ (void *)0);
+
+ /* Exec failed. */
+ fprintf (stderr, "%s: Could not exec %s!\n", xterm_name, ptr);
+@@ -3459,6 +3597,12 @@ Exit(n)
+ && added_utmp_entry
+ #endif /* USE_HANDSHAKE */
+ ) {
++#ifdef __OpenBSD__
++ if (utmpGid != -1) {
++ /* Switch back to group utmp */
++ setegid(utmpGid);
++ }
++#endif /* __OpenBSD__ */
+ ptyname = ttydev;
+ utmp.ut_type = USER_PROCESS;
+ if (PTYCHARLEN >= (int)strlen(ptyname))
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic