Submitted By: Robert Connolly (ashes) Date: 2005-01-26 Initial Package Version: 2.12p Upstream Status: Not Submitted Origin: http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/nologin/ Description: This patch adds /sbin/nologin and 'man 8 nologin', for polite login refusal. nologin will try to read /etc/nologin.txt to use it for a message, if /etc/nologin.txt does not exist it will use a hardcoded message. If you do not want nologin to try to read /etc/nologin.txt at all then use: make NOLOGIN_TXT=no diff -Naur util-linux-2.12p.orig/MCONFIG util-linux-2.12p/MCONFIG --- util-linux-2.12p.orig/MCONFIG 2005-01-26 14:59:48.050733892 +0000 +++ util-linux-2.12p/MCONFIG 2005-01-26 16:05:24.442594819 +0000 @@ -19,6 +19,12 @@ CPU=$(shell uname -m) ARCH=$(shell echo $(CPU) | sed 's/i.86/intel/;s/arm.*/arm/') +# If HAVE_NOLOGIN is set to "yes", then nologin will not be installed. +HAVE_NOLOGIN=no + +# If NOLOGIN_TXT is set to "no", then /etc/nologin.txt will not be used. +NOLOGIN_TXT=yes + # If HAVE_PAM is set to "yes", then login, chfn, chsh, and newgrp # will use PAM for authentication. Additionally, passwd will not be # installed as it is not PAM aware. diff -Naur util-linux-2.12p.orig/login-utils/Makefile util-linux-2.12p/login-utils/Makefile --- util-linux-2.12p.orig/login-utils/Makefile 2005-01-26 14:59:48.086723790 +0000 +++ util-linux-2.12p/login-utils/Makefile 2005-01-26 16:01:08.417442675 +0000 @@ -11,6 +11,8 @@ # Where to put man pages? +MAN8.NOLOGIN= nologin.8 + MAN1.MISC= last.1 mesg.1 wall.1 MAN1.PUTILS= chfn.1 chsh.1 login.1 newgrp.1 @@ -26,6 +28,8 @@ # Where to put binaries? # See the "install" rule for the links. . . +SBIN.NOLOGIN= nologin + SBIN.GETTY= agetty SBIN.INIT= simpleinit shutdown initctl @@ -80,7 +84,16 @@ WHAT_TO_INSTALL:=$(WHAT_TO_INSTALL) install-getty endif +ifeq "$(HAVE_NOLOGIN)" "no" +WHAT_TO_BUILD:=$(WHAT_TO_BUILD) all-nologin +WHAT_TO_INSTALL:=$(WHAT_TO_INSTALL) install-nologin +ifeq "$(NOLOGIN_TXT)" "yes" +CFLAGS += -DNOLOGIN_TXT +endif +endif + all: $(WHAT_TO_BUILD) +all-nologin: $(SBIN.NOLOGIN) all-passwd: $(USRBIN.PASSWD) all-putils: $(BIN.PUTILS) $(USRBIN.PUTILS) $(USRSBIN.PUTILS) all-init: $(SBIN.INIT) @@ -173,6 +186,12 @@ install: all $(WHAT_TO_INSTALL) +install-nologin: $(SBIN.NOLOGIN) + $(INSTALLDIR) $(SBINDIR) + $(INSTALLBIN) $(SBIN.NOLOGIN) $(SBINDIR) + $(INSTALLDIR) $(MAN8DIR) + $(INSTALLMAN) $(MAN8.NOLOGIN) $(MAN8DIR) + install-putils: $(BIN.PUTILS) $(USRBIN.PUTILS) $(USRSBIN.PUTILS) $(INSTALLDIR) $(BINDIR) $(USRBINDIR) $(USRSBINDIR) $(INSTALLBIN) $(BIN.PUTILS) $(BINDIR) @@ -227,4 +246,4 @@ clean distclean: -rm -f *.o *~ core $(BIN.PASSWD) $(SBIN.GETTY) $(SBIN.INIT) \ $(USRBIN.MISC) $(USRBIN.PASSWD) $(USRBIN.PUTILS) \ - $(USRSBIN.PUTILS) $(BIN.PUTILS) + $(USRSBIN.PUTILS) $(BIN.PUTILS) $(SBIN.NOLOGIN) diff -Naur util-linux-2.12p.orig/login-utils/nologin.8 util-linux-2.12p/login-utils/nologin.8 --- util-linux-2.12p.orig/login-utils/nologin.8 1970-01-01 00:00:00.000000000 +0000 +++ util-linux-2.12p/login-utils/nologin.8 2005-01-26 15:59:19.186105166 +0000 @@ -0,0 +1,57 @@ +.\" +.\" Copyright (c) 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)nologin.8 8.1 (Berkeley) 6/19/93 +.\" +.Dd February 15, 1997 +.Dt NOLOGIN 8 +.Os +.Sh NAME +.Nm nologin +.Nd politely refuse a login +.Sh SYNOPSIS +.Nm nologin +.Sh DESCRIPTION +.Nm +displays a message that an account is not available and +exits non-zero. +It is intended as a replacement shell field for accounts that +have been disabled. +.Pp +If the file +.Pa /etc/nologin.txt +exists, +.Nm +displays its contents to the user instead of the default message. +.Sh SEE ALSO +.Xr login 1 +.Sh HISTORY +The +.Nm +command appeared in +.Bx 4.4 . diff -Naur util-linux-2.12p.orig/login-utils/nologin.c util-linux-2.12p/login-utils/nologin.c --- util-linux-2.12p.orig/login-utils/nologin.c 1970-01-01 00:00:00.000000000 +0000 +++ util-linux-2.12p/login-utils/nologin.c 2005-01-26 16:07:49.941761790 +0000 @@ -0,0 +1,59 @@ +/* + * Copyright (c) 1997, Jason Downs. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS + * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include +#include + +#ifdef NOLOGIN_TXT +#define _PATH_NOLOGIN_TXT "/etc/nologin.txt" +#endif +#define DEFAULT_MESG "This account is currently not available.\n" + +int main(int argc, char *argv[]) +{ +#ifdef _PATH_NOLOGIN_TXT + int nfd; + ssize_t nrd; + char nbuf[BUFSIZ]; + + nfd = open(_PATH_NOLOGIN_TXT, O_RDONLY); + if (nfd < 0) { +#endif + write(STDOUT_FILENO, DEFAULT_MESG, strlen(DEFAULT_MESG)); + exit (1); +#ifdef _PATH_NOLOGIN_TXT + } + + while ((nrd = read(nfd, nbuf, sizeof(nbuf))) != -1 && nrd != 0) + write(STDOUT_FILENO, nbuf, nrd); + close (nfd); + + exit (1); +#endif +}