216 Commits

Author SHA1 Message Date
vasilito b0cfab717e login: remove diagnostics; keep the validated-cwd shell spawn fix 2026-07-18 23:07:58 +09:00
vasilito fbbb1d88cb login: hand the shell login's validated cwd, not raw home
The pre-exec child runs chdir(home) before execvp; chdir(/home/user) fails with
ENOENT on the live image (open succeeds, chdir does not) which aborted the whole
spawn before execve - the real reason the login shell never started. Use login's
already-validated cwd (home if reachable, else /). Diagnostics retained.
2026-07-18 21:26:27 +09:00
vasilito 02a86400cc login: pass shell console fds explicitly as Stdio (relibc inheritance drops login-shell stdio; getty does the same for login) 2026-07-18 18:13:44 +09:00
vasilito 1677bdd2c3 login: clear FD_CLOEXEC on stdio before spawning shell (+diag) so the login shell inherits console I/O 2026-07-18 17:56:46 +09:00
vasilito 09d078a555 login: fix termios flag cast type (tcflag_t) 2026-07-18 14:35:22 +09:00
vasilito 1cce5020ad login: reset the console terminal to canonical mode before the shell
The username is read with the liner line editor, which puts the console
pty into raw mode (ICANON/ECHO cleared) and does not restore it. In raw
mode the pty line discipline never flushes a completed line into the
slave read buffer the way a shell's canonical read_line expects, so the
interactive shell (brush) never receives a typed command even though
getty forwards it to the pty master. Reset stdin to sane cooked settings
(ICANON|ECHO|ISIG, ICRNL, OPOST|ONLCR, VMIN=1/VTIME=0) via tcsetattr
before spawning the shell.
2026-07-18 14:33:37 +09:00
vasilito e440bf86c1 login: restore blocking mode on console fds before spawning the shell
The login name is read via the liner line editor, which puts the console
fd into non-blocking (and raw) mode and does not restore it. The shell
inherits fd 0; an interactive shell doing blocking line reads on a
non-blocking pty slave never receives forwarded input (reads return
empty), so the shell can never run a command. Clear O_NONBLOCK on
stdin/stdout/stderr in spawn_shell before spawning. Restores the login
namespace restriction (skipping it did not affect the symptom).
2026-07-18 13:05:01 +09:00
vasilito c935e2689e login: DIAGNOSTIC — spawn login shell without namespace restriction
Getty forwards console input to the pty master correctly (verified), and
login reads the username fine, but after apply_login_schemes() restricts
the namespace the interactive shell's pty-slave read never returns the
forwarded input. Temporarily skip the restriction to confirm it is the
cause. Also removes the getty forward diagnostic.
2026-07-18 12:52:51 +09:00
vasilito 25826efb9e getty: temporary diag — log input forwarded from tty to pty 2026-07-18 12:42:04 +09:00
vasilito 106b7cb4e0 login: chdir to home (file scheme) before restricting the namespace
The login shell spawn was failing/hanging because login inherits its CWD
from init, which on the live image is on the 'initfs' scheme.
apply_login_schemes() switches to a namespace with only DEFAULT_SCHEMES
(no 'initfs'), leaving that inherited CWD fd unresolvable; relibc resolves
paths through the CWD fd (AT_REDOX_CWD_FD), so the shell child's chdir +
execve then fail with ENOENT (getty respawns login in a loop) or hang.
chdir into the user's home (on the always-present 'file' scheme, fallback
'/') while still in the full namespace, so the CWD fd stays valid after
the restriction and the shell spawns.
2026-07-18 11:01:23 +09:00
vasilito b6fb5ca2da login: drop spawn_shell CWD workaround and diagnostics
The real fix is in init (no longer leaves an initfs-scheme CWD that is
invalid in the restricted login namespace), so spawn_shell can stay
minimal again.
2026-07-18 10:43:07 +09:00
vasilito 36526f66a7 login: temporary spawn diagnostics to pinpoint shell-start hang 2026-07-18 10:26:46 +09:00
vasilito 0a1c31fd18 login: set a namespace-valid CWD before spawning the shell
After apply_login_schemes() swaps into the restricted login namespace
(only DEFAULT_SCHEMES), the CWD inherited from init on the live image is
/scheme/initfs, whose scheme is NOT in that namespace. File operations
that consult the CWD fd (notably the child's execve opening the shell
binary) then block, so the login shell never starts. chdir to the user's
home (fallback /), both on the always-present 'file' scheme, before
spawning. Also drops the temporary spawn_shell diagnostics.
2026-07-18 10:17:10 +09:00
vasilito 123649e200 login: add spawn_shell diagnostics to pinpoint shell-spawn ENOENT
Probe the shell binary and home directory in the (possibly restricted)
login namespace before spawning, and print the exact spawn error with
raw_os_error. This isolates whether a failed login shell spawn is due to
a missing binary, an unreachable cwd/home, or an exec-time error.
2026-07-18 08:08:20 +09:00
vasilito 0dc0cb73d1 Cargo.lock: regenerate after Cargo.toml version sync (branch 0.3.0 -> 0.3.1)
Cat 2 fork entries bumped: +rb0.3.0 -> +rb0.3.1
- libredox 0.1.18+rb0.3.0 -> 0.1.18+rb0.3.1
- redox-scheme 0.11.2+rb0.3.0 -> 0.11.2+rb0.3.1
- redox_syscall 0.9.0+rb0.3.0 -> 0.9.0+rb0.3.1
- userutils self 0.1.0+rb0.3.0 -> 0.1.0+rb0.3.1

Plus minor transitive patch bumps.

Part of Phase 0 fix for G1 (Cargo.lock drift).
2026-07-12 01:15:16 +03:00
vasilito 2bc1b8d5c7 userutils: apply Red Bear patches on latest upstream
- Path deps for redox_syscall, libredox, redox-scheme, relibc
- Login prompt fixes (standard C functions)
- Custom issue/motd branding
- Version suffix +rb0.3.1
- Author attribution
2026-07-11 11:35:08 +03:00
Jacob Lorentzon 2143eb7f33 Merge branch 'fix-sudo' into 'master'
fix: Set FD flag to send process fd during sudo

See merge request redox-os/userutils!64
2026-07-05 12:48:10 +02:00
Ibuki.O 8005fc0991 fix: Set FD flag to send process fd during sudo 2026-07-05 19:42:56 +09:00
Jeremy Soller 41ea648ef4 Merge branch 'libredox' into 'master'
misc: Update redox_syscall, libredox and redox-scheme

See merge request redox-os/userutils!63
2026-07-01 08:20:22 -06:00
Ibuki Omatsu c9af430c19 misc: Update redox_syscall, libredox and redox-scheme 2026-07-01 08:20:22 -06:00
Jeremy Soller dec67599f5 Merge branch 'ptyd-changes' into 'master'
getty: use standard C functions

See merge request redox-os/userutils!62
2026-06-03 19:25:21 -06:00
Connor-GH 2834434b9a getty: use standard C functions
grantpt() and unlockpt() need to be used according to the standard, even
though our grantpt is a no-op (since we auto-lock ptys as we give them
out).

This is part of my series for ptyd. This can be safely merged as long as
the relibc/ and base/ changes are merged at the same time.
2026-06-03 19:15:31 -05:00
Jeremy Soller 0c5274faa9 Merge branch 'sudo_switch_ns' into 'master'
sudo: Switch to the root namespace before execing the target process

See merge request redox-os/userutils!61
2026-03-01 07:05:31 -07:00
bjorn3 8bcdb70d76 sudo: Switch to the root namespace before execing the target process 2026-03-01 13:08:07 +01:00
Jeremy Soller 72424dd28b Merge branch 'namespace-improvement' into 'master'
Adapt sudo and getty to new namespace management, and enforce strict namespace at login.

See merge request redox-os/userutils!59
2026-01-20 20:58:27 -07:00
Ibuki Omatsu 3bdd1d9a6e Adapt sudo and getty to new namespace management, and enforce strict namespace at login. 2026-01-20 20:58:27 -07:00
Jeremy Soller 8ccf37d74a getty: determine correct tty size 2026-01-09 15:46:59 -07:00
Jeremy Soller 5375c180c4 Merge branch 'fix-compile' into 'master'
Fix compilation with newer syscall

See merge request redox-os/userutils!60
2025-12-28 06:20:48 -07:00
Wildan M 9dc487e1d8 Fix compilation with newer syscall 2025-12-28 17:40:14 +07:00
Jeremy Soller 1125042f6b Merge branch 'no_daemonize' into 'master'
Leave daemonization to init

See merge request redox-os/userutils!58
2025-11-30 07:25:24 -07:00
bjorn3 6d50c1220e Leave daemonization to init 2025-11-30 10:45:21 +01:00
Jeremy Soller 673c9bfd3e Update dependencies 2025-10-04 08:23:37 -06:00
Jeremy Soller 7316d58076 Merge branch 'minor-dependency-cleanup' into 'master'
Minor dependency cleanup

See merge request redox-os/userutils!56
2025-06-27 07:07:52 -06:00
James Matlik 6deaf4c51e Minor dependency cleanup
Fully use libredox instead of libc for all constants
2025-06-26 19:54:22 -04:00
Jeremy Soller 8ab3370d9a Merge branch 'passwd_no_setuid' into 'master'
passwd: Remove suid usage though the sudo daemon

See merge request redox-os/userutils!55
2025-04-20 19:58:06 +00:00
bjorn3 4ed8323351 passwd: Remove suid usage though the sudo daemon 2025-04-20 21:10:22 +02:00
bjorn3 cacb0dd67e passwd: Extract find_user 2025-04-20 20:54:52 +02:00
bjorn3 d514768aae passwd: Allow root to always change passwords
Previously root would need to know its own password. On Linux root can
change its own password without needing to enter its own password. It
can do so on Redox OS already anyway by directly editing /etc/shadow.
2025-04-20 20:52:24 +02:00
bjorn3 f557417ebf passwd: Extract ask_new_password 2025-04-20 20:40:37 +02:00
Jeremy Soller 479cce7b96 Merge branch 'simplify_passwd' into 'master'
passwd: Only allow locking accounts as root

See merge request redox-os/userutils!54
2025-04-20 18:36:57 +00:00
bjorn3 2e630a9f4d passwd: Only allow locking accounts as root
This is consistent with how Linux works and prevents accidentally
locking yourself out.
2025-04-20 20:23:17 +02:00
bjorn3 0a2dea6b04 passwd: Reduce code nesting and minor cleanups 2025-04-20 19:52:18 +02:00
Jeremy Soller 51d2db809f Merge branch 'su_no_setuid' into 'master'
Use the sudo daemon rather than setuid for su

See merge request redox-os/userutils!53
2025-04-20 15:22:33 +00:00
bjorn3 9c53a9a775 Use the sudo daemon rather than setuid for su 2025-04-20 16:46:50 +02:00
Jacob Lorentzon 9eadf3bb1d Merge branch 'fix_sudo' into 'master'
Fix sudo for procmgr

See merge request redox-os/userutils!52
2025-04-20 14:23:13 +00:00
bjorn3 bfd521ff49 Fix sudo for procmgr 2025-04-20 16:20:56 +02:00
Jeremy Soller 803fd8870f Merge branch 'no_setuid2' into 'master'
Introduce a sudo daemon as replacement for suid/escalated

See merge request redox-os/userutils!51
2025-04-16 15:49:21 +00:00
bjorn3 1fbb804f35 Introduce a sudo daemon as replacement for suid/escalated
This daemon will request the password of the user, check that the user
is in the sudo group and if everything checks out elevate the sudo
process to root after which the sudo process can exec the target process.
2025-04-14 20:16:33 +02:00
Jeremy Soller bd7592270d Merge branch 'cleanup' into 'master'
Various cleanups

See merge request redox-os/userutils!50
2025-04-13 20:15:18 +00:00
bjorn3 7fa1bf8df4 sudo: Simplify a bit 2025-04-13 18:03:49 +02:00
bjorn3 6a208c6b34 Rustfmt 2025-04-13 16:51:27 +02:00
bjorn3 6f2514ed95 Move to the 2024 edition 2025-04-13 16:50:06 +02:00
Jeremy Soller e3507e18bc Merge branch 'sudo_improvements' into 'master'
Cleanup the source of sudo a bit

See merge request redox-os/userutils!49
2025-03-11 21:28:12 +00:00
bjorn3 4ccec7baae sudo: Reduce indentation 2025-03-11 21:31:54 +01:00
bjorn3 88ccab8844 sudo: Rustfmt 2025-03-11 21:31:49 +01:00
Jeremy Soller dcec4b7f35 Merge branch 'deps' into 'master'
Bump dependencies

See merge request redox-os/userutils!48
2024-10-16 18:22:04 +00:00
Andrey Turkin 53992ad18c Bump dependencies 2024-10-16 21:17:20 +03:00
Jeremy Soller 7a96dab061 Merge branch 'no_legacy_scheme' into 'master'
Update redox_event and redox_users

See merge request redox-os/userutils!47
2024-08-19 16:47:45 +00:00
bjorn3 6907336a71 Update redox_event and redox_users
This remove all usages of the legacy scheme syntax
2024-08-19 18:43:15 +02:00
Jeremy Soller 97bbfc03cb Merge branch 'no_legacy_path' into 'master'
Use the new scheme format

See merge request redox-os/userutils!46
2024-07-11 23:31:57 +00:00
bjorn3 1e183ca4ba Use the new scheme format 2024-07-11 21:09:53 +02:00
Jeremy Soller 1530c8fceb Update dependencies 2024-03-31 06:58:16 -06:00
Jeremy Soller de5e7eb903 Use absolute path without scheme for default home and shell 2024-01-18 14:53:02 -07:00
Jeremy Soller b5a371be31 Do not set COLUMNS or LINES in getty 2024-01-18 14:52:13 -07:00
Jeremy Soller 5b9bb750f5 Merge branch 'use_fbcond' into 'master'
Fix for the introduction of fbcond

See merge request redox-os/userutils!45
2024-01-15 02:00:57 +00:00
bjorn3 41fde1045c Let fbcond rather than inputd handle input events 2024-01-14 18:30:51 +01:00
bjorn3 0148436174 Fix for the introduction of fbcond 2024-01-14 18:28:00 +01:00
Jeremy Soller 8071772c69 Merge branch 'contain_login' into 'master'
add option to getty to run contain_login

See merge request redox-os/userutils!44
2024-01-03 19:22:11 +00:00
Ron Williams 5cb44522f0 add option to getty to run contain_login 2023-12-19 21:00:27 -08:00
Jeremy Soller be77642b20 Merge branch 'libredox' into 'master'
Switch to libredox

See merge request redox-os/userutils!43
2023-11-05 12:57:33 +00:00
4lDO2 efd875b21e Use crates.io redox_event dependency. 2023-11-04 20:21:49 +01:00
4lDO2 8ab925eb65 Fully switch to libredox 2023-11-04 20:04:59 +01:00
4lDO2 ae3c0037d7 Update redox-daemon 2023-11-04 15:07:26 +01:00
4lDO2 8afb03544f Update redox_users. 2023-11-04 14:52:16 +01:00
4lDO2 01e612d79c Update dependencies. 2023-08-31 20:59:32 +02:00
Jeremy Soller f59cf56e6b Merge branch 'master' into 'master'
misc: getty open consumer channel to get events

See merge request redox-os/userutils!42
2023-08-02 15:11:28 +00:00
Anhad Singh 7c3c5f306e getty: make the consumer changes work with :debug
Signed-off-by: Anhad Singh <andypythonappdeveloper@gmail.com>
2023-07-22 18:15:43 +10:00
Anhad Singh 5e3956adf1 misc: getty open consumer channel to get events
Signed-off-by: Anhad Singh <andypythonappdeveloper@gmail.com>
2023-07-22 17:41:30 +10:00
Jeremy Soller 5a9cee6b22 Update libc crate 2023-02-11 14:41:07 -07:00
4lDO2 0621709286 Use redox-daemon in getty 2022-07-27 16:32:27 +02:00
Jeremy Soller f61edda364 Update Cargo.lock 2022-07-26 17:46:36 -06:00
4lDO2 cbed606ea7 Update syscall 2022-03-25 21:01:50 +01:00
4lDO2 09a04fc55b Update syscall. 2021-06-17 14:09:55 +02:00
Jeremy Soller bfa45b9da8 Update dependencies 2021-04-28 20:56:14 -06:00
Jeremy Soller 93b6791e29 Update redox_users 2021-01-26 12:52:03 -07:00
Jeremy Soller c33a464522 Update dependencies 2020-08-02 16:25:50 -06:00
Jeremy Soller 2fd54ec8d4 Update liner 2019-11-29 19:37:53 -07:00
Jeremy Soller 299d3ab37c Update dependencies 2019-10-02 20:54:46 -06:00
Jeremy Soller a208ce4aa8 Update redox_users 2019-08-07 20:00:09 -06:00
Jeremy Soller abf971b73e Update termion 2019-06-16 20:50:27 -06:00
Jeremy Soller 8d6649ec5a Merge changes from redox-unix 2019-06-15 09:34:55 -06:00
Jeremy Soller 32569c0620 Compile with LTO 2019-05-14 13:54:24 -06:00
Jeremy Soller dc387310f6 Update to new rust 2019-04-07 11:30:17 -06:00
Jeremy Soller 5b7594a64a Merge branch 'update-cargo-dot-lock' into 'master'
Update Cargo.lock

See merge request redox-os/userutils!41
2019-02-28 13:52:43 +00:00
Robin Randhawa bb0da5fa54 Update Cargo.lock
AArch64 builds broke because of a stale syscall crate ref.
2019-02-27 15:48:15 +00:00
Jeremy Soller c3e73ab0ce Update Cargo.lock 2018-10-14 19:56:48 -06:00
Jeremy Soller 957ef2ca5d Merge branch 'mggmuggins/usersv2' into 'master'
Update redox-users v0.2: Shadowfile support

See merge request redox-os/userutils!39
2018-08-17 12:24:27 +00:00
MggMuggins 48a8e2fa56 Update redox-users v0.2: Shadowfile support 2018-07-25 15:18:19 -05:00
Jeremy Soller 6635f8cb9e Update links to gitlab 2018-06-12 12:30:45 -06:00
Jeremy Soller 7d14b05a9d Merge pull request #38 from jD91mZM2/master
Support new edge-triggered model
2018-05-31 12:26:03 -06:00
jD91mZM2 3831828485 Return on EOF, don't break 2018-05-31 20:17:17 +02:00
jD91mZM2 e37ebb22f0 Support new edge-triggered model 2018-05-31 19:18:59 +02:00
Jeremy Soller 07e3c7e320 Remove debug print 2018-05-22 19:37:14 -06:00
Jeremy Soller a9ab9e18b3 Fix issues with new event method 2018-05-20 13:16:14 -06:00
Jeremy Soller f6b27be9d9 Update to new event 2018-05-20 11:08:13 -06:00
Jeremy Soller dd761d622f Merge pull request #37 from MggMuggins/master
Use Redox_users from crates.io
2018-03-28 13:19:22 -06:00
MggMuggins ba89992998 Update Cargo.lock 2018-03-28 13:37:34 -05:00
Jeremy Soller 4b32b682d4 Merge pull request #33 from MggMuggins/master
Implement Unimplemented; Bugs
2018-02-12 09:39:28 -07:00
MggMuggins 1d6b67cd42 Implement Unimplemented; Bugs
Fix a CLI bug with groupadd

Implement everything that involves removing user from groups, mostly
in userdel and usermod.
2018-02-12 09:07:17 -06:00
Jeremy Soller 235be05cf1 Merge pull request #32 from MggMuggins/master
Remove ArgParser dep, whoami
2018-02-10 11:23:46 -07:00
MggMuggins 69838054ab Remove ArgParser dep, whoami
Remove Arg parsing from sudo, (maybe in prep to deprecate in favor of
rudo)

Port login to clap-rs

Remove ArgParser dep

Remove whoami in favor of a link to id, and implemented linking in id.
2018-02-10 12:09:10 -06:00
Jeremy Soller a190dd55e3 Merge pull request #30 from MggMuggins/master
Port to clap-rs
2018-02-08 20:46:46 -07:00
MggMuggins fba0c70ae2 Port to clap-rs
I did a number of things here:

the *add, *mod, and *del utilities, as well as id recieved substantial
changes, probably what you'd call a rewrite. This was of course using
clap-rs. These should all be very stable at this point (except
unimplemented features in usermod, grr)

getty, passwd, and su are simply ported, using clap for arg parsing. I
didn't change any of the logic, just swapped ArgParser for clap.

Fixed a bug with passwd and unset passwords

I'll open issues about the ones I didn't mention.
2018-02-08 21:10:44 -06:00
Jeremy Soller e997bdd197 Merge pull request #28 from MggMuggins/master
Implement usermod, groupmod, userdel, groupdel; Fix passwd and useradd
2018-02-04 08:05:07 -07:00
MggMuggins d5e011a304 Implement usermod, groupmod, userdel, groupdel; Fix passwd and useradd
Here I've implemented the remainder of the core user utilities present
on most unix systems. They aren't particularly pretty, but they do work
for the most part.

Note that for some reason attempting to move the home directory of a
user via usermod -m does not work.

Also removing user's that have been deleted from groups is not yet
implemented, nor is updating /etc/passwd when a group id is changed.

Note that redox_users as used by Cargo.lock as of this commit is broken,
and may not work properly. If redox-os/users#11 is merged, cargo update
should fix.
2018-02-03 19:10:39 -06:00
Jeremy Soller 7bb8dea121 Merge pull request #27 from MggMuggins/master
Fix #26
2018-01-30 16:57:03 -07:00
MggMuggins cbb7f52381 Fix #26 2018-01-30 17:41:16 -06:00
Jeremy Soller b335c59e7e Merge pull request #25 from MggMuggins/master
Port to redox_users break-api
2018-01-29 19:47:32 -07:00
MggMuggins bc0dc6488b Update Cargo.lock; Fix su 2018-01-29 20:44:08 -06:00
MggMuggins 5e53b4b161 Port to redox_users break-api
All the utilities use the new API I defined in mu recent PR to
redox_users. `su`'s behavior was also fixed.

I also updated Cargo.toml (removing unused deps). This may require
another commit after my first PR is merged in order to appropriately
update Cargo.lock and make sure everything builds.
2018-01-29 16:39:52 -06:00
Jeremy Soller 02759b4a5a Fix bug causing ctrl-d to log in any user with su
Document su's logic
Return error code of shell from su
2018-01-22 08:01:02 -07:00
Jeremy Soller 5765da1ed9 Merge pull request #22 from goyox86/goyox86/unwrap_or_exit
Using new 'unwrap_or_exit' from libextra.
2017-12-15 12:40:50 -07:00
Jose Narvaez 0e327d8124 Using new 'unwrap_or_exit' from libextra. 2017-12-15 18:31:25 +00:00
Jeremy Soller 52cae8be05 Merge pull request #21 from MggMuggins/master
Add additional flags to user and groupadd; Update Cargo files
2017-12-10 07:26:59 -07:00
MggMuggins 0b8f40c234 Add additional flags to user and groupadd; Update Cargo files 2017-12-09 22:06:47 -06:00
Jeremy Soller 0db7c527a7 Merge pull request #20 from goyox86/goyox86/better-errors
Goyox86/better errors
2017-12-09 13:59:01 -07:00
Jose Narvaez cf8f7f3a25 Oops, commited local paths. Fixed. 2017-12-01 23:44:03 +00:00
Jose Narvaez fd81487760 Updated to new error types from redox_users and simplefied the inspection and downcasting of the error on login. 2017-12-01 23:16:14 +00:00
Jose Narvaez 13681c3442 Moved to new error hadling of . 2017-11-30 22:41:57 +00:00
Jeremy Soller 00eaa34aa6 Merge pull request #19 from fraang/master
Add missing included utility, add missing word
2017-11-29 06:30:14 -07:00
Florian R. A. Angermeier 0b1b978755 Add missing included utility, add missing word 2017-11-29 10:09:19 +01:00
Jeremy Soller dcf35e3548 Merge pull request #17 from MggMuggins/master
Implemented groupadd, fix for passwd compile
2017-11-28 21:12:39 -07:00
MggMuggins 65817077ee Cargo.lock update 2017-11-28 22:10:45 -06:00
MggMuggins d9d3635916 Implemented useradd; groupadd fix 2017-11-28 21:39:20 -06:00
MggMuggins 464b5c4aa5 Small fixes to better mesh with redox_users changes 2017-11-27 17:53:11 -06:00
MggMuggins 8fffeb1e57 Implemented groupadd, fix for passwd compile 2017-11-26 16:53:37 -06:00
Jeremy Soller 6b951a8bdc Merge pull request #15 from goyox86/goyox86-readme
README and docs tweaks.
2017-11-08 16:40:02 -07:00
Jose Narvaez 31d217b375 README and docs tweaks. 2017-11-08 23:23:00 +00:00
Jeremy Soller a857871fd8 Merge pull request #14 from goyox86/goyox86-redox-users
Migrated to `redox_users` and some refactoring and docs.
2017-11-08 16:09:24 -07:00
Jose Narvaez 0ed14bec6d Migrated to redox_users and some refactoring and docs.
Details

- Updated dependencies with `redox_users`.
- Migrated all user/group dependent functionality to calls to `redox_users`.
- Added top level documentation to the crate.
- Added a `spawn_shell` function to reuse a bit of code.
- `login`: Handled the case of an invalid login with "Login incorrect" (as in BSD).
- `passwd`: Refactored a bit and used `eprintln!` where possible.
- `su`: Refactored a bit and used `eprintln!` where possible.
- `sudo`: Refactored a bit to simplify logic also used `eprintln!` where possible.
- `whoami`: Refactored a bit and used `eprintln!/println!` where possible.
- Also added myself on the AUTHORS section :).
2017-11-08 22:49:00 +00:00
Jeremy Soller 28d097dbf3 Fix man pages 2017-10-14 08:49:19 -06:00
Jeremy Soller 1f9042f47c Update Cargo.lock 2017-10-11 20:54:45 -06:00
Jeremy Soller a1d096b0bf Update Cargo.lock 2017-10-04 20:29:41 -06:00
Jeremy Soller 712eb2967b Merge pull request #13 from andre-richter/master
Fix unused extern crates
2017-08-31 07:04:00 -06:00
Andre Richter 2a6615d343 Fix unused extern crates 2017-08-31 11:36:30 +02:00
Jeremy Soller bc31f4d490 Update Cargo.lock and Cargo.toml 2017-08-19 14:51:08 -06:00
Jeremy Soller aeda1ae4b4 Update Cargo.lock 2017-08-02 21:13:16 -06:00
Jeremy Soller d811d8758c Update password read to new method 2017-08-02 21:09:36 -06:00
Jeremy Soller f6fd552f45 Replace termion 2017-08-02 19:42:00 -06:00
Jeremy Soller d0e22dd165 Update Cargo.lock 2017-07-29 08:25:08 -06:00
Jeremy Soller c05f37f653 Merge pull request #10 from goyox86/goyox86/login-improvements
Revisited `login`.
2017-07-27 11:26:23 -06:00
Jeremy Soller 7cdd6c7e18 Merge pull request #11 from goyox86/goyox86/revisiting-su
Revisited `su`.
2017-07-26 17:02:04 -06:00
Jeremy Soller 8f0b9afac2 Merge pull request #12 from goyox86/goyox86/revisiting-passwd
Revisiting `passwd`.
2017-07-26 17:01:21 -06:00
Jose Narvaez 1aa558e205 Some improvements to login
- Added constants for standard file paths.
- Improved error reporting when opening the files.
- Used `Passwd::parse_file` instead of doing it manually.
- Removed all the calls to unwrap().
- Used `fail` to report errors and exit when possible.
2017-07-26 21:37:13 +01:00
Jose Narvaez 80e085e7f0 Revisiting passwd
- Replaced all `unwrap()` calls by `try()`.
- Replaced all `panic()` calls by `fail()`.
- Argument parsing is now all done by `ArgParser`.
- Used `Passwd::parse_file` where possible.
- This actually does not change the password, will be the next job.
2017-07-26 21:12:10 +01:00
Jose Narvaez b42b6dd835 Revisited su.
Details

- Moved cmd line args parsing to `ArgParser`.
- All the calls to `panic!` were replaced by calls to `fail`.
- Revisited synopsis in the docs.
- Using `try` where possible.
- Using `Passwd::parse_file` instead of doing it manually.
- Handled errors while parsing passwd file.
- Added some constants.
2017-07-26 20:41:05 +01:00
Jeremy Soller 1725b377cd Add Cargo.lock file 2017-07-26 08:04:04 -06:00
Jeremy Soller e35d0bc6cd Add Cargo.lock 2017-07-26 08:00:41 -06:00
Jeremy Soller 83d77f8124 Use PTY in getty to provide line control for raw consoles and vesad 2017-07-24 20:58:30 -06:00
Jeremy Soller 4e2561ed75 Correctly exit when parent, not child 2017-07-20 20:37:40 -06:00
Jeremy Soller ad00ba9eae Merge pull request #9 from goyox86/goyox86/getty-improved
Some improvements to `getty`
2017-07-20 17:54:08 -06:00
Jose Narvaez d4de8c0b79 Some improvements to getty
- Improved error handling over all.
- Switched to argument parsing by `ArgParser`.
- Replaced panics by calls to `fail.
- Removed unwraps ignoring results of syscalls when clearing the screen
and flushing stdout.
- Added docs for 'noclear' option.
- The current implementation was receiving n arguments and was
considering only the last one as the TTY this new one checks that we
have at least one and always use the first one.
- Added constants for columns and lines.
- Daemon receiver a reference to stderr to setup error reporting inside
there.
2017-07-20 23:49:37 +01:00
Jeremy Soller 73995693f6 Merge pull request #8 from goyox86/goyox86/some-tweaks
Some tweaks to the `id` docs and copy-pasta typos.
2017-07-20 11:47:53 -06:00
Jose Narvaez 4a4c45a7a7 Some tweaks to the id docs and copy-pasta typos.
Details

- Added docs for the `-r` flag of `id` also reindented to 80 cols.
- Fixed a typo on `getty`.
2017-07-20 17:34:06 +01:00
Jeremy Soller 6d5e183c81 Merge pull request #7 from goyox86/some-love
Some love to userutils \o/
2017-07-19 18:02:13 -06:00
Jose Narvaez ef5fdc82a0 Improved id and whoami.
Details

- New implementation of `id` inspired by BSD's one.
- Refactoring on `whoami`.
- Added few utility functions in `userutils` for getting processes user and group
real/effective ID and names.

Added docs do `getty`, `login`, `passwd`, `su`, and `sudo`.

Details

- The docs are from BSD's ones.
- Also added `ArgParser` to all of them and added a -h/--help flag
to all of them.
- This is the start of a revision of all of those commands.
2017-07-19 18:06:48 +01:00
Jeremy Soller e70be16a48 Merge pull request #6 from goyox86/whoami-improved
whoami improved and a bit of love to the crate.
2017-07-16 18:59:20 -06:00
Jose Narvaez 0d0f726277 Updated deps. 2017-07-16 22:49:58 +01:00
Jose Narvaez 3a06dbbc8e Implemented whoami on top of system calls.
Details

- The current implementataion the `whoami` utility relies
on a env var to determine the user. With this change we get
the effective user id of the context and lookup that id on
/etc/passwd.
- Added the Redox `libextra` dependency as it has some goodies
for error handling. This will allow to make this crate upto date
with `coreutils` practices.
- Added a new small `arg_parser` crate that was extracted from
`coreutils` as is now commen between `coreutils` and here.
2017-07-16 17:47:18 +01:00
Jeremy Soller 3ca18917f8 Update to use sudo password 2017-04-06 21:05:46 -06:00
Jeremy Soller 1ee223f926 Better error messages for sudo 2017-02-27 15:34:35 -07:00
Jeremy Soller b1e0ae8722 Fix issue with variable not passed to daemon 2017-02-07 20:39:07 -07:00
Jeremy Soller 880c664a24 Better failure detection in getty 2017-02-07 20:38:21 -07:00
Jeremy Soller bb463a8f02 Merge pull request #2 from xTibor/implement_whoami
Implement whoami
2017-01-15 21:19:50 -07:00
xTibor 63985a11ff Implement whoami 2017-01-16 00:19:24 +01:00
Jeremy Soller 2011976381 Use source from crates.io 2017-01-13 15:06:38 -07:00
Jeremy Soller 2fdef17559 Use liner to get username 2017-01-12 19:12:59 -07:00
Jeremy Soller ccae9c0b0a Correctly set environment 2017-01-10 09:50:23 -07:00
Jeremy Soller 13ef8943df Fix UID, GROUPS setting 2017-01-10 09:46:02 -07:00
Jeremy Soller 6208a242f6 Merge branch 'master' of https://github.com/redox-os/userutils 2017-01-10 09:44:58 -07:00
Jeremy Soller 4a7d61eb1c Set other environmental variables 2017-01-10 09:44:43 -07:00
Jeremy Soller 8083f84cbc Add resource directory 2017-01-09 17:16:38 -07:00
Jeremy Soller 901caafce3 Use upstream argon2rs 2016-12-29 07:52:11 -07:00
Jeremy Soller 45cb3e8208 Add clear argument 2016-12-19 21:38:00 -07:00
Jeremy Soller 095a5baafa Do not checkout rand 2016-12-10 22:03:02 -07:00
Jeremy Soller 80379e0eae Remove replacement for libc 2016-12-06 15:14:53 -07:00
Jeremy Soller 56da6a40b0 Manually enter/exit raw mode 2016-11-20 11:59:08 -07:00
Jeremy Soller 5f9ff4d19e Remove cargo.lock 2016-11-16 21:32:05 -07:00
Jeremy Soller d44639145b Update syscall 2016-11-15 17:05:49 -07:00
Jeremy Soller 6305f222ad Update syscall 2016-11-15 16:01:51 -07:00
Jeremy Soller ba16f79ada Update syscall 2016-11-14 12:16:28 -07:00
Jeremy Soller b59deda452 Update syscall 2016-11-10 21:08:56 -07:00
Jeremy Soller 48938fa3fd Use clone instead of threading to daemonize 2016-11-10 20:09:15 -07:00
Jeremy Soller 61203b6a72 Update libc 2016-11-10 11:29:36 -07:00
Jeremy Soller 69a21ddd1f Use upstream rand! 2016-11-09 10:31:31 -07:00
Jeremy Soller 30187e1c64 WIP passwd implementation 2016-11-08 11:54:10 -07:00
Jeremy Soller 7511f6dd5a Update rand 2016-11-07 11:27:45 -07:00
Jeremy Soller 24859cb7a6 Update syscall 2016-11-04 13:47:32 -06:00
Jeremy Soller 8a7f4bba83 Update libc 2016-11-03 17:39:57 -06:00
Jeremy Soller 98d7b64a16 Update libc 2016-11-03 17:17:07 -06:00
Jeremy Soller d765b381f8 Update redox_syscall 2016-11-03 15:09:46 -06:00
Jeremy Soller 0073f5695e Use syscall git 2016-11-03 13:50:34 -06:00
Jeremy Soller f27ed41bcb Use fmap, fix syscall crate name 2016-11-02 19:47:24 -06:00
Jeremy Soller 359fe4b018 Use crate of redox_syscall 2016-11-02 19:37:44 -06:00
Jeremy Soller 5ae17129d3 Use syscall from git 2016-10-31 13:33:22 -06:00
Jeremy Soller ad314add6a Update termion 2016-10-26 13:55:29 -06:00
Jeremy Soller afac2a3ccc Reenable clear in getty 2016-10-24 14:21:21 -06:00
Jeremy Soller 46631df4f0 Use OsRng to get random data for seed 2016-10-24 14:07:55 -06:00
Jeremy Soller d32f2dc10e Correctly use salt 2016-10-24 13:12:58 -06:00
Jeremy Soller e0fe388ccf Switch to argon2: WIP 2016-10-24 12:22:13 -06:00
Jeremy Soller a05b8f4d25 Update libc 2016-10-15 21:12:03 -06:00
Jeremy Soller 3b7448c8fd Path does not have to be set by login 2016-10-14 21:10:41 -06:00
Jeremy Soller b556eefe60 Remove qeustion marks 2016-10-14 17:57:27 -06:00
Jeremy Soller 17896532dc Skip display number 2016-10-07 19:24:10 -06:00
Jeremy Soller eaf26765c1 Add su 2016-10-07 10:42:00 -06:00
Jeremy Soller 860c1f5f25 Initial commit 2016-10-07 10:19:08 -06:00
23 changed files with 2936 additions and 1200 deletions
+1 -2
View File
@@ -1,2 +1 @@
/target
/Cargo.lock
/target/
+6
View File
@@ -0,0 +1,6 @@
language: rust
rust:
- nightly
sudo: false
notifications:
email: false
Generated
+656
View File
@@ -0,0 +1,656 @@
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 4
[[package]]
name = "ansi_term"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d52a9bb7ec0cf484c551830a7ce27bd20d67eac647e1befb56b0be4ee39a55d2"
dependencies = [
"winapi",
]
[[package]]
name = "arrayref"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "76a2e8124351fda1ef8aaaa3bbd7ebbcb486bbcd4225aca0aa0d84bb2db8fecb"
[[package]]
name = "arrayvec"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b"
[[package]]
name = "atty"
version = "0.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8"
dependencies = [
"hermit-abi",
"libc",
"winapi",
]
[[package]]
name = "base64"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8"
[[package]]
name = "bitflags"
version = "1.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
[[package]]
name = "bitflags"
version = "2.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4388bee8683e3d04af747c73422af53102d2bd24d9eadb6cbc100baef4b43f8"
[[package]]
name = "blake2b_simd"
version = "0.5.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587"
dependencies = [
"arrayref",
"arrayvec",
"constant_time_eq",
]
[[package]]
name = "bytecount"
version = "0.6.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "175812e0be2bccb6abe50bb8d566126198344f707e304f45c648fd8f2cc0365e"
[[package]]
name = "cfg-if"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9330f8b2ff13f34540b44e946ef35111825727b38d33286ef986142615121801"
[[package]]
name = "clap"
version = "2.34.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c"
dependencies = [
"ansi_term",
"atty",
"bitflags 1.3.2",
"strsim",
"textwrap",
"unicode-width",
"vec_map",
]
[[package]]
name = "constant_time_eq"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
[[package]]
name = "crossbeam-utils"
version = "0.8.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61803da095bee82a81bb1a452ecc25d3b2f1416d1897eb86430c6159ef717c17"
[[package]]
name = "either"
version = "1.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "91622ff5e7162018101f2fea40d6ebf4a78bbe5a49736a2020649edf9693679e"
[[package]]
name = "equivalent"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
[[package]]
name = "extra"
version = "0.1.0"
source = "git+https://gitlab.redox-os.org/redox-os/libextra.git#cf213969493db8667052a591e32a1e26d43c4234"
[[package]]
name = "generic-rt"
version = "0.1.0"
[[package]]
name = "getrandom"
version = "0.2.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ff2abc00be7fca6ebc474524697ae276ad847ad0a6b3faa4bcb027e9a4614ad0"
dependencies = [
"cfg-if",
"libc",
"wasi",
]
[[package]]
name = "goblin"
version = "0.10.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "17582616a7718cca54cec18e534a76c7c4aec11a8b9a85695712f262fd15a4c8"
dependencies = [
"log",
"plain",
"scroll",
]
[[package]]
name = "hashbrown"
version = "0.17.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed5909b6e89a2db4456e54cd5f673791d7eca6732202bbf2a9cc504fe2f9b84a"
[[package]]
name = "hermit-abi"
version = "0.1.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33"
dependencies = [
"libc",
]
[[package]]
name = "indexmap"
version = "2.14.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d466e9454f08e4a911e14806c24e16fba1b4c121d1ea474396f396069cf949d9"
dependencies = [
"equivalent",
"hashbrown",
]
[[package]]
name = "ioslice"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e571352c8a3b89074d12e3ee5173ffe162159105352aaaf1fc5764da747e31b"
dependencies = [
"libc",
"winapi",
]
[[package]]
name = "itertools"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186"
dependencies = [
"either",
]
[[package]]
name = "lazy_static"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
[[package]]
name = "libc"
version = "0.2.186"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "68ab91017fe16c622486840e4c83c9a37afeff978bd239b5293d61ece587de66"
[[package]]
name = "libredox"
version = "0.1.18+rb0.3.1"
dependencies = [
"bitflags 2.13.0",
"ioslice",
"libc",
"plain",
"redox_syscall",
]
[[package]]
name = "log"
version = "0.4.33"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0ceec5bc11778974d1bcb055b18002eba7f4b3518b6a0081b3af5f21666da9ad"
[[package]]
name = "memchr"
version = "2.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cf8baf1c55e62ffcace7a9f06f4bd9cd3f0c4beb022d3b367256b91b87513d98"
[[package]]
name = "numtoa"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6aa2c4e539b869820a2b82e1aef6ff40aa85e65decdd5185e83fb4b1249cd00f"
[[package]]
name = "orbclient"
version = "0.3.55"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5df339f526ea9a60e371768d50efc2f2508c7203290731565d1f7a6f71d21747"
dependencies = [
"libc",
"libredox",
"sdl2",
]
[[package]]
name = "plain"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6"
[[package]]
name = "proc-macro2"
version = "1.0.106"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8fd00f0bb2e90d81d1044c2b32617f68fcb9fa3bb7640c23e9c748e53fb30934"
dependencies = [
"unicode-ident",
]
[[package]]
name = "quote"
version = "1.0.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dfbc457d0c7a0759a614551b11a6409e5951f6c7537be1f1b7682b9ae9230368"
dependencies = [
"proc-macro2",
]
[[package]]
name = "redox-path"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "54ec1b67c01c63545205ea6d218b336751399f0d8974c1a635c28604bedb81bc"
[[package]]
name = "redox-rt"
version = "0.1.0"
dependencies = [
"bitflags 2.13.0",
"generic-rt",
"goblin",
"ioslice",
"libredox",
"plain",
"redox-path",
"redox_syscall",
]
[[package]]
name = "redox-scheme"
version = "0.11.2+rb0.3.1"
dependencies = [
"libredox",
"redox_syscall",
]
[[package]]
name = "redox_event"
version = "0.4.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c5018d583d6d2f5499352aea8d177e9067d1eb03ab17c78169d5ba7a30001b15"
dependencies = [
"bitflags 2.13.0",
"libredox",
]
[[package]]
name = "redox_liner"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ee4596948a78a2ac29268d4ee45f788789ac8c032c77cf255378e5c96ca0c779"
dependencies = [
"bytecount",
"itertools",
"strip-ansi-escapes",
"termion",
"unicode-width",
]
[[package]]
name = "redox_syscall"
version = "0.9.0+rb0.3.1"
dependencies = [
"bitflags 2.13.0",
]
[[package]]
name = "redox_termios"
version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "20145670ba436b55d91fc92d25e71160fbfbdd57831631c8d7d36377a476f1cb"
[[package]]
name = "redox_users"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43"
dependencies = [
"getrandom",
"libredox",
"rust-argon2",
"thiserror",
"zeroize",
]
[[package]]
name = "rust-argon2"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb"
dependencies = [
"base64",
"blake2b_simd",
"constant_time_eq",
"crossbeam-utils",
]
[[package]]
name = "scroll"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c1257cd4248b4132760d6524d6dda4e053bc648c9070b960929bf50cfb1e7add"
dependencies = [
"scroll_derive",
]
[[package]]
name = "scroll_derive"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed76efe62313ab6610570951494bdaa81568026e0318eaa55f167de70eeea67d"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "sdl2"
version = "0.38.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2d42407afc6a8ab67e36f92e80b8ba34cbdc55aaeed05249efe9a2e8d0e9feef"
dependencies = [
"bitflags 1.3.2",
"lazy_static",
"libc",
"sdl2-sys",
]
[[package]]
name = "sdl2-sys"
version = "0.38.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3ff61407fc75d4b0bbc93dc7e4d6c196439965fbef8e4a4f003a36095823eac0"
dependencies = [
"cfg-if",
"libc",
"version-compare",
]
[[package]]
name = "serde"
version = "1.0.228"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e"
dependencies = [
"serde_core",
"serde_derive",
]
[[package]]
name = "serde_core"
version = "1.0.228"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad"
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
version = "1.0.228"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "serde_spanned"
version = "0.6.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf41e0cfaf7226dca15e8197172c295a782857fcb97fad1808a166870dee75a3"
dependencies = [
"serde",
]
[[package]]
name = "strip-ansi-escapes"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2a8f8038e7e7969abb3f1b7c2a811225e9296da208539e0f79c5251d6cac0025"
dependencies = [
"vte",
]
[[package]]
name = "strsim"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a"
[[package]]
name = "syn"
version = "2.0.118"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b9ae57f904213ebb649ce6895b8a66c66f0203b9319718f69a5612a065b1422"
dependencies = [
"proc-macro2",
"quote",
"unicode-ident",
]
[[package]]
name = "termion"
version = "4.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f44138a9ae08f0f502f24104d82517ef4da7330c35acd638f1f29d3cd5475ecb"
dependencies = [
"libc",
"numtoa",
]
[[package]]
name = "textwrap"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060"
dependencies = [
"unicode-width",
]
[[package]]
name = "thiserror"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "toml"
version = "0.8.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc1beb996b9d83529a9e75c17a1686767d148d70663143c7854d8b4a09ced362"
dependencies = [
"serde",
"serde_spanned",
"toml_datetime",
"toml_edit",
]
[[package]]
name = "toml_datetime"
version = "0.6.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "22cddaf88f4fbc13c51aebbf5f8eceb5c7c5a9da2ac40a13519eb5b0a0e8f11c"
dependencies = [
"serde",
]
[[package]]
name = "toml_edit"
version = "0.22.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "41fe8c660ae4257887cf66394862d21dbca4a6ddd26f04a3560410406a2f819a"
dependencies = [
"indexmap",
"serde",
"serde_spanned",
"toml_datetime",
"toml_write",
"winnow",
]
[[package]]
name = "toml_write"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d99f8c9a7727884afe522e9bd5edbfc91a3312b36a77b5fb8926e4c31a41801"
[[package]]
name = "unicode-ident"
version = "1.0.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6e4313cd5fcd3dad5cafa179702e2b244f760991f45397d14d4ebf38247da75"
[[package]]
name = "unicode-width"
version = "0.1.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7dd6e30e90baa6f72411720665d41d89b9a3d039dc45b8faea1ddd07f617f6af"
[[package]]
name = "userutils"
version = "0.1.0+rb0.3.1"
dependencies = [
"clap",
"extra",
"ioslice",
"libc",
"libredox",
"orbclient",
"plain",
"redox-rt",
"redox-scheme",
"redox_event",
"redox_liner",
"redox_syscall",
"redox_termios",
"redox_users",
"serde",
"termion",
"toml",
]
[[package]]
name = "vec_map"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f1bddf1187be692e79c5ffeab891132dfb0f236ed36a43c7ed39f1165ee20191"
[[package]]
name = "version-compare"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "579a42fc0b8e0c63b76519a339be31bed574929511fa53c1a3acae26eb258f29"
[[package]]
name = "vte"
version = "0.14.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "231fdcd7ef3037e8330d8e17e61011a2c244126acc0a982f4040ac3f9f0bc077"
dependencies = [
"memchr",
]
[[package]]
name = "wasi"
version = "0.11.1+wasi-snapshot-preview1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b"
[[package]]
name = "winapi"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
dependencies = [
"winapi-i686-pc-windows-gnu",
"winapi-x86_64-pc-windows-gnu",
]
[[package]]
name = "winapi-i686-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
[[package]]
name = "winapi-x86_64-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
[[package]]
name = "winnow"
version = "0.7.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df79d97927682d2fd8adb29682d1140b343be4ac0f08fd68b7765d9c059d3945"
dependencies = [
"memchr",
]
[[package]]
name = "zeroize"
version = "1.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e13c156562582aa81c60cb29407084cdb54c4164760106ab78e6c5b0858cf64e"
dependencies = [
"zeroize_derive",
]
[[package]]
name = "zeroize_derive"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3c50655cbb0fe3fc43170059e702f1ce5e19b84cec58dc87b037a09935c2f328"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
+75 -31
View File
@@ -1,38 +1,82 @@
[package]
name = "libredox"
authors = ["4lDO2 <4lDO2@protonmail.com>", "vasilito <adminpupkin@gmail.com>"]
version = "0.1.18+rb0.3.1"
edition = "2021"
license = "MIT"
description = "Redox stable ABI"
repository = "https://gitea.redbearos.org/vasilito/RedBear-OS"
exclude = ["target"]
name = "userutils"
version = "0.1.0+rb0.3.1"
authors = ["Jeremy Soller <jackpot51@gmail.com>", "vasilito <adminpupkin@gmail.com>"]
edition = "2024"
[features]
default = ["base", "call", "std", "protocol", "redox_syscall"]
base = ["libc"]
call = ["base"]
std = ["base"]
protocol = ["plain", "bitflags"]
mkns = ["ioslice"]
# The `redox_syscall` feature activates the optional `redox_syscall`
# dep below. The `#[cfg(feature = "redox_syscall")]` attributes in
# src/lib.rs gate the `From` impls between `libredox::error::Error`
# and `syscall::Error`; without the feature, those impls are absent
# and `?` propagation between the two types fails. Mirroring
# upstream `libredox 0.1.18`'s feature structure.
redox_syscall = ["dep:redox_syscall"]
[[bin]]
name = "id"
path = "src/bin/id.rs"
[[bin]]
name = "getty"
path = "src/bin/getty.rs"
[[bin]]
name = "groupadd"
path = "src/bin/groupadd.rs"
[[bin]]
name = "groupdel"
path = "src/bin/groupdel.rs"
[[bin]]
name = "groupmod"
path = "src/bin/groupmod.rs"
[[bin]]
name = "login"
path = "src/bin/login.rs"
[[bin]]
name = "passwd"
path = "src/bin/passwd.rs"
[[bin]]
name = "su"
path = "src/bin/su.rs"
[[bin]]
name = "sudo"
path = "src/bin/sudo.rs"
[[bin]]
name = "useradd"
path = "src/bin/useradd.rs"
[[bin]]
name = "userdel"
path = "src/bin/userdel.rs"
[[bin]]
name = "usermod"
path = "src/bin/usermod.rs"
[dependencies]
bitflags = { version = "2", optional = true }
libc = { version = "0.2", optional = true }
# The redox_syscall package has [lib] name = "syscall", so
# in Rust code it is imported as `syscall`, NOT `redox_syscall`.
# This dep is optional and gated by the `redox_syscall` feature
# above. Matching upstream `libredox 0.1.18` structure.
redox_syscall = { path = "../syscall", optional = true }
ioslice = { version = "0.6", optional = true }
plain = { version = "0.2", optional = true }
clap = "2.33.0"
extra = { git = "https://gitlab.redox-os.org/redox-os/libextra.git" }
orbclient = "0.3.47"
plain = "0.2.3"
redox_liner = "0.5.2"
libredox = { path = "../libredox", features = ["mkns"] }
redox_termios = "0.1.3"
redox_event = "0.4.3"
redox-scheme = { path = "../redox-scheme" }
redox_syscall = { path = "../syscall" }
redox_users = "0.4.6"
termion = "4"
libc = "0.2"
serde = { version = "1.0.203", features = ["derive"] }
toml = "0.8.11"
ioslice = "0.6"
[target.'cfg(target_os = "redox")'.dependencies]
redox-rt = { path = "../relibc/redox-rt", default-features = false }
[patch.crates-io]
redox_syscall = { path = "../syscall" }
libredox = { path = "../libredox" }
redox-scheme = { path = "../redox-scheme" }
[profile.release]
lto = true
-44
View File
@@ -1,44 +0,0 @@
[package]
name = "libredox"
authors = ["4lDO2 <4lDO2@protonmail.com>"]
# Red Bear OS Phase J: version is 0.1.18 upstream. The
# redox_syscall dep is now required (not optional) because
# the local fork's acpi module (added in this commit) re-
# exports AcPiVerb from redox_syscall, and downstream recipes
# that don't enable the redox_syscall feature get an
# "unresolved import" error. Making the dep non-optional
# also matches the upstream 0.1.18 Cargo.toml pattern where
# the redox_syscall dep is unconditional.
version = "0.1.18"
edition = "2021"
license = "MIT"
description = "Redox stable ABI"
# Red Bear OS fork lives at the canonical outer repo
# (gitea.redbearos.org/vasilito/RedBear-OS).
repository = "https://gitea.redbearos.org/vasilito/RedBear-OS"
exclude = ["target"]
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[features]
default = ["base", "call", "std", "protocol"]
base = ["libc"]
call = ["base"]
std = ["base"]
protocol = ["plain", "bitflags", "redox_syscall"]
mkns = ["ioslice"]
[dependencies]
bitflags = { version = "2", optional = true }
libc = { version = "0.2", optional = true }
# Phase J: path override to the local fork (../syscall
# relative to the libredox fork's local/sources/libredox/
# path). This gives libredox access to the EnterS2Idle /
# ExitS2Idle AcpiVerb variants. Cargo's [patch.crates-io]
# in the workspace's outer Cargo.toml (in base/ and kernel/)
# is what wires this path through to the actual
# redox_syscall crate; this path entry is the libredox-
# side patch override for the same crate.
redox_syscall = { path = "../syscall", version = "0.8" }
ioslice = { version = "0.6", optional = true }
plain = { version = "0.2", optional = true }
+2 -2
View File
@@ -1,6 +1,6 @@
MIT License
The MIT License (MIT)
Copyright (c) 2023 4lDO2
Copyright (c) 2016 The Redox developers
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
+24
View File
@@ -0,0 +1,24 @@
# Redox OS user and group utilities.
The `userutils` crate contains the utilities for dealing with users and groups in Redox OS.
They are heavily influenced by UNIX and are, when needed, tailored to specific Redox use cases.
These implementations strive to be as simple as possible drawing particular
inspiration by BSD systems. They are indeed small, by choice.
[![Travis Build Status](https://travis-ci.org/redox-os/userutils.svg?branch=master)](https://travis-ci.org/redox-os/userutils)
**Currently included:**
- `getty`: Used by `init(8)` to open and initialize the TTY line, read a login name and invoke `login(1)`.
- `id`: Displays user identity.
- `login`: Allows users to login into the system
- `passwd`: Allows users to modify their passwords.
- `su`: Allows users to substitute identity.
- `sudo`: Enables users to execute a command as another user.
- `useradd`: Add a user
- `usermod`: Modify user information
- `userdel`: Delete a user
- `groupadd`: Add a user group
- `groupmod`: Modify group information
- `groupdel`: Remove a user group
+6
View File
@@ -0,0 +1,6 @@
########## Red Bear OS #########
# Login with the following: #
# `user` #
# `root`:`password` #
################################
+6
View File
@@ -0,0 +1,6 @@
########## Redox OS ##########
# Login with the following: #
# `user` #
# `root`:`password` #
##############################
+2
View File
@@ -0,0 +1,2 @@
Welcome to Red Bear OS!
+294
View File
@@ -0,0 +1,294 @@
#[macro_use]
extern crate clap;
use core::ptr::slice_from_raw_parts;
use std::error::Error;
use std::fs::File;
use std::io::{self, ErrorKind, Read, Stderr, Write};
use std::os::unix::io::{AsRawFd, FromRawFd, RawFd};
use std::process::{Child, Command, Stdio};
use std::str;
use std::time::{Duration, Instant};
use event::{EventFlags, RawEventQueue};
use extra::io::fail;
use libc::{grantpt, ptsname, strlen, unlockpt};
use libredox::call as redox;
use libredox::errno::EAGAIN;
use libredox::flag;
const _MAN_PAGE: &'static str = /* @MANSTART{getty} */
r#"
NAME
getty - set terminal mode
SYNOPSIS
getty [-J | --noclear | -C | --contain ] tty
getty [ -h | --help ]
DESCRIPTION
The getty utility is called by init(8) to open and initialize the tty line,
read a login name, and invoke login(1).
OPTIONS
-h, --help
Display this help and exit.
-J, --noclear
Do not clear the screen before forking login(1).
-C, --contain
Run contain_login instead of login
AUTHOR
Written by Jeremy Soller.
"#; /* @MANEND */
const DEFAULT_COLS: u16 = 80;
const DEFAULT_LINES: u16 = 30;
pub fn handle(
event_queue: &mut RawEventQueue,
tty_fd: RawFd,
master_fd: RawFd,
process: &mut Child,
) {
// tty_fd => Display
// master_fd => PTY
let handle_event = |event_id: usize| {
if event_id as RawFd == tty_fd {
let mut packet = [0; 4096];
loop {
let count = match redox::read(tty_fd as usize, &mut packet) {
Ok(0) => return,
Ok(count) => count,
Err(ref err) if err.errno() == EAGAIN => break,
Err(_) => panic!("getty: failed to read from TTY"),
};
redox::write(master_fd as usize, &packet[..count])
.expect("getty: failed to write master PTY");
}
} else if event_id as RawFd == master_fd {
let mut packet = [0; 4096];
loop {
let count = match redox::read(master_fd as usize, &mut packet) {
Ok(0) => return,
Ok(count) => count,
Err(ref err) if err.errno() == EAGAIN => break,
Err(_) => panic!("getty: failed to read from master TTY"),
};
redox::write(tty_fd as usize, &packet[1..count])
.expect("getty: failed to write to TTY");
if packet[0] & 1 == 1 {
let _ = redox::fsync(tty_fd as usize);
}
}
}
};
handle_event(tty_fd as usize);
handle_event(master_fd as usize);
'events: loop {
let sys_event = event_queue
.next()
.expect("getty: event queue stopped")
.expect("getty: failed to read event file");
handle_event(sys_event.fd);
match process.try_wait() {
Ok(status) => match status {
Some(_code) => break 'events,
None => (),
},
Err(err) => match err.kind() {
ErrorKind::WouldBlock => (),
_ => panic!("getty: failed to wait on child: {:?}", err),
},
}
}
let _ = process.kill();
process.wait().expect("getty: failed to wait on login");
}
pub fn getpty(columns: u16, lines: u16) -> (RawFd, String) {
let master = redox::open(
"/scheme/pty/ptmx",
flag::O_CLOEXEC | flag::O_RDWR | flag::O_CREAT | flag::O_NONBLOCK,
0,
)
.expect("getty: failed to create PTY");
if let Ok(winsize_fd) = redox::dup(master, b"winsize") {
let _ = redox::write(
winsize_fd,
&redox_termios::Winsize {
ws_row: lines,
ws_col: columns,
},
);
let _ = redox::close(winsize_fd);
}
let _ = unsafe { grantpt(master as RawFd) };
let _ = unsafe { unlockpt(master as RawFd) };
let name = unsafe { ptsname(master as RawFd) };
let count = unsafe { strlen(name) };
let buf = unsafe { &*slice_from_raw_parts(name.cast(), count) };
(master as RawFd, unsafe {
String::from_utf8_unchecked(Vec::from(&buf[..count]))
})
}
// termion cursor_pos prone to error and does not work on nonblocking files
fn tty_cursor_pos(tty: &mut File) -> Result<(u16, u16), Box<dyn Error>> {
write!(tty, "\x1B[6n")?;
tty.flush()?;
let timeout = Duration::from_millis(500);
let instant = Instant::now();
let mut data = String::new();
while instant.elapsed() < timeout {
let mut bytes = [0];
match tty.read(&mut bytes) {
Ok(count) => {
if count == 1 {
let c = bytes[0] as char;
if c == 'R' {
break;
}
data.push(c);
}
}
Err(err) => {
if err.kind() != ErrorKind::WouldBlock {
return Err(err.into());
}
}
}
}
if data.is_empty() {
return Err("cursor position timed out".into());
}
let beg = data.rfind('[').ok_or("failed to find [")?;
let coords: String = data.chars().skip(beg + 1).collect();
let mut nums = coords.split(';');
let row = nums.next().ok_or("failed to find row")?.parse::<u16>()?;
let col = nums.next().ok_or("failed to find col")?.parse::<u16>()?;
Ok((col, row))
}
fn tty_columns_lines(tty: &mut File) -> Result<(u16, u16), Box<dyn Error>> {
write!(tty, "{}", termion::cursor::Save)?;
tty.flush()?;
write!(tty, "{}", termion::cursor::Goto(999, 999))?;
tty.flush()?;
let res = tty_cursor_pos(tty);
write!(tty, "{}", termion::cursor::Restore)?;
tty.flush()?;
res
}
fn daemon(tty: &mut File, clear: bool, contain: bool, stderr: &mut Stderr) {
let (columns, lines) = tty_columns_lines(tty).unwrap_or((DEFAULT_COLS, DEFAULT_LINES));
let tty_fd = tty.as_raw_fd();
let (master_fd, pty) = getpty(columns, lines);
let mut event_queue = event::RawEventQueue::new().expect("getty: failed to open event queue");
event_queue
.subscribe(tty_fd as usize, 0, EventFlags::READ)
.expect("getty: failed to fevent TTY");
event_queue
.subscribe(master_fd as usize, 0, EventFlags::READ)
.expect("getty: failed to fevent master PTY");
loop {
if clear {
let _ = redox::write(tty_fd as usize, b"\x1Bc");
}
let _ = redox::fsync(tty_fd as usize);
let slave_stdin = redox::open(&pty, flag::O_CLOEXEC | flag::O_RDONLY, 0)
.expect("getty: failed to open slave stdin");
let slave_stdout = redox::open(&pty, flag::O_CLOEXEC | flag::O_WRONLY, 0)
.expect("getty: failed to open slave stdout");
let slave_stderr = redox::open(&pty, flag::O_CLOEXEC | flag::O_WRONLY, 0)
.expect("getty: failed to open slave stderr");
let mut command = if contain {
Command::new("contain_login")
} else {
Command::new("login")
};
unsafe {
command
.stdin(Stdio::from_raw_fd(slave_stdin as RawFd))
.stdout(Stdio::from_raw_fd(slave_stdout as RawFd))
.stderr(Stdio::from_raw_fd(slave_stderr as RawFd))
.env("TERM", "xterm-256color")
.env("TTY", &pty);
}
match command.spawn() {
Ok(mut process) => {
handle(&mut event_queue, tty_fd, master_fd, &mut process);
}
Err(err) => fail(&format!("getty: failed to execute login: {}", err), stderr),
}
}
}
pub fn main() {
let mut stderr = io::stderr();
let args = clap_app!(getty =>
(author: "Jeremy Soller")
(about: "Set terminal mode")
(@arg TTY: +required "")
(@arg NO_CLEAR: -J --("no-clear") "Do not clear the screen before forking")
(@arg CONTAIN: -C --("contain") "Run contain_login instead of login")
)
.get_matches();
let clear = !args.is_present("NO_CLEAR");
let contain = args.is_present("CONTAIN");
let vt = args.value_of("TTY").unwrap();
let buf: String;
let vt_path = if vt.parse::<usize>().is_ok() {
buf = format!("/scheme/fbcon/{vt}");
&*buf
} else {
vt
};
let mut tty = match redox::open(
&vt_path,
flag::O_CLOEXEC | flag::O_RDWR | flag::O_NONBLOCK,
0,
) {
Ok(fd) => unsafe { File::from_raw_fd(fd as RawFd) },
Err(err) => fail(
&format!("getty: failed to open TTY {}: {}", vt_path, err),
&mut stderr,
),
};
daemon(&mut tty, clear, contain, &mut stderr);
}
+82
View File
@@ -0,0 +1,82 @@
#[macro_use]
extern crate clap;
use extra::option::OptionalExt;
use std::process::exit;
use redox_users::{All, AllGroups, Config, Error, GroupBuilder};
const _MAN_PAGE: &'static str = /* @MANSTART{groupadd} */
r#"
NAME
groupadd - add a user group
SYNOPSIS
groupadd [ -f | --force ] GROUP
groupadd [ -h | --help ]
DESCRIPTION
The groupadd utility adds a new user group using values
passed on the command line and system defaults.
OPTIONS
-f, --force
Simply forces the exit status of the program to 0
even if the group already exists. A message is still
printed to stdout.
-g, --gid GID
The group id to use. This value must not be used and must
be non-negative. The default is to pick the smallest available
group id (between values defined in redox_users).
-h, --help
Display this help and exit.
AUTHOR
Written by Wesley Hershberger.
"#; /* @MANEND */
fn main() {
let args = clap_app!(groupadd =>
(author: "Wesley Hershberger")
(about: "Add groups based on the system's redox_users backend")
(@arg GROUP: +required "Add group GROUP")
(@arg FORCE: -f --force "Force the status of the program to be 0 even if the group exists")
(@arg GID: -g --gid +takes_value "Group id. Positive integer and must not be in use")
)
.get_matches();
let mut sys_groups = AllGroups::new(Config::default().writeable(true)).unwrap_or_exit(1);
let groupname = args.value_of("GROUP").unwrap();
let gid = match args.value_of("GID") {
Some(gid) => {
let id = gid.parse::<usize>().unwrap_or_exit(1);
if let Some(_group) = sys_groups.get_by_id(id) {
eprintln!("groupadd: group already exists");
exit(1);
}
id
}
None => sys_groups.get_unique_id().unwrap_or_else(|| {
eprintln!("groupadd: no available gid");
exit(1);
}),
};
let group = GroupBuilder::new(groupname).gid(gid);
match sys_groups.add_group(group) {
Ok(_) => (),
Err(Error::GroupAlreadyExists) if args.is_present("FORCE") => {
exit(0);
}
Err(err) => {
eprintln!("groupadd: {}", err);
exit(1);
}
}
sys_groups.save().unwrap_or_exit(1);
}
+47
View File
@@ -0,0 +1,47 @@
#[macro_use]
extern crate clap;
use extra::option::OptionalExt;
use redox_users::{All, AllGroups, Config};
const _MAN_PAGE: &'static str = /* @MANSTART{groupdel} */
r#"
NAME
groupdel - modify system files to delete groups
SYNOPSYS
groupdel [ options ] GROUP
groupdel [ -h | --help ]
DESCRIPTION
groupdel removes groups from whatever backend is employed by
the system's redox_users.
Note that you should not remove a primary user group before
removing the user. It is also generally wise not to remove
groups that still own files on the system.
OPTIONS
-h, --help
Print this help page and exit.
AUTHORS
Wesley Hershberger.
"#; /* @MANEND */
fn main() {
let matches = clap_app!(groupdel =>
(author: "Wesley Hershberger")
(about: "Removes a group from the system using redox_users")
(@arg GROUP: +required "Removes group GROUP")
)
.get_matches();
let group = matches.value_of("GROUP").unwrap();
let mut sys_groups = AllGroups::new(Config::default().writeable(true)).unwrap_or_exit(1);
sys_groups.remove_by_name(group.to_string());
sys_groups.save().unwrap_or_exit(1);
}
+81
View File
@@ -0,0 +1,81 @@
#[macro_use]
extern crate clap;
use std::process::exit;
use extra::option::OptionalExt;
use redox_users::{All, AllGroups, AllUsers, Config};
const _MAN_PAGE: &'static str = /* @MANSTART{groupmod} */
r#"
NAME
groupmod - modify group information
SYNOPSYS
groupmod [ options ] GROUP
groupmod [ -h | --help ]
DESCRIPTION
groupmod modifies a user group GROUP in the system's
redox_users backend.
OPTIONS
-h, --help
Print this help page and exit.
-g, --gid GID
Change GROUP's group id. GID must be a non-negative
decimal integer.
Files with GROUP's old gid will not be updated.
User's who use the old gid as their primary gid will
be updated.
-n, --name NAME
The name of the group will be set to NAME
AUTHORS
Wesley Hershberger.
"#; /* @MANEND */
fn main() {
let args = clap_app!(groupmod =>
(author: "Wesley Hershberger")
(about: "Modify users according to the system's redox_users backend")
(@arg GROUP: +required "Modify GROUP")
(@arg GID: -g --gid +takes_value "Change GROUP's group id. See man page for details")
(@arg NAME: -n --name +takes_value "Change GROUP's name")
)
.get_matches();
let groupname = args.value_of("GROUP").unwrap();
let mut sys_groups = AllGroups::new(Config::default().writeable(true)).unwrap_or_exit(1);
{
let group = sys_groups.get_mut_by_name(groupname).unwrap_or_else(|| {
eprintln!("groupmod: group not found: {}", groupname);
exit(1);
});
if let Some(gid) = args.value_of("GID") {
let gid = gid.parse::<usize>().unwrap_or_exit(1);
// Update users
let mut sys_users =
AllUsers::authenticator(Config::default().writeable(true)).unwrap_or_exit(1);
for user in sys_users.iter_mut() {
if user.gid == group.gid {
user.gid = gid;
}
}
sys_users.save().unwrap_or_exit(1);
group.gid = gid;
}
if let Some(name) = args.value_of("NAME") {
group.group = name.to_string();
}
}
sys_groups.save().unwrap_or_exit(1);
}
+163
View File
@@ -0,0 +1,163 @@
#[macro_use]
extern crate clap;
use std::env::args;
use std::process::exit;
use extra::option::OptionalExt;
use redox_users::{All, AllGroups, AllUsers, Config, get_egid, get_euid, get_gid, get_uid};
const _MAN_PAGE: &'static str = /* @MANSTART{id} */
r#"
NAME
id - display user identity
SYNOPSIS
id
id -g [-nr]
id -u [-nr]
id [ -h | --help ]
DESCRIPTION
The id utility displays the user and group names and numeric IDs, of
the calling process, to the standard output.
OPTIONS
-G, --groups
Display the different group IDs (effective and real) as white-space
separated numbers, in no particular order.
-g, --group
Display the effective group ID as a number.
-n, --name
Display the name of the user or group ID for the -g and -u options
instead of the number.
-u, --user
Display the effective user ID as a number.
-a
Ignored for compatibility with other id implementations.
-r, --real
Display the real ID for the -g and -u options instead of the effective ID.
-h, --help
Display help and exit.
AUTHOR
Written by Jose Narvaez.
"#; /* @MANEND */
pub fn main() {
let app = clap_app!(id =>
(author: "Jose Narvaez")
(about: "Get user and group information about the current user")
(@arg IGNORE: -a "Ignored for compatibility with other impls of id")
(@arg GROUPS: -G --groups conflicts_with[selector modifier] "Display current user's real and effective group id's")
(@group selector =>
(@arg GROUP: -g --group "Display current user's effective group id")
(@arg USER: -u --user "Display the effective userid")
)
(@group modifier =>
(@arg NAME: -n --name requires[selector] "Display names of groups/users instead of ids (use with -g or -u)")
(@arg REAL: -r --real requires[selector] "Display real id's instead of effective ids (use with -g and -u)")
)
);
let args = match &*args().nth(0).unwrap_or(String::new()) {
"whoami" => app.get_matches_from(["id", "-un"].iter()),
_ => app.get_matches(),
};
// Display the different group IDs (effective and real)
// as white-space separated numbers, in no particular order.
if args.is_present("GROUPS") {
let egid = get_egid().unwrap_or_exit(1);
let gid = get_gid().unwrap_or_exit(1);
println!("{} {}", egid, gid);
exit(0);
}
// Display effective/real process user ID UNIX user name
if args.is_present("USER") && args.is_present("NAME") {
// Did they pass -r? If so, we show the real
let uid = if args.is_present("REAL") {
get_uid()
} else {
get_euid()
}
.unwrap_or_exit(1);
let users = AllUsers::basic(Config::default()).unwrap_or_exit(1);
let user = users.get_by_id(uid).unwrap_or_exit(1);
println!("{}", user.user);
exit(0);
}
// Display real user ID
if args.is_present("USER") && args.is_present("REAL") {
let uid = get_uid().unwrap_or_exit(1);
println!("{}", uid);
exit(0);
}
// Display effective user ID
if args.is_present("USER") {
let euid = get_euid().unwrap_or_exit(1);
println!("{}", euid);
exit(0);
}
// Display effective/real process group ID UNIX group name
if args.is_present("GROUP") && args.is_present("NAME") {
// Did they pass -r? If so we show the real one
let gid = if args.is_present("REAL") {
get_gid()
} else {
get_egid()
}
.unwrap_or_exit(1);
let groups = AllGroups::new(Config::default()).unwrap_or_exit(1);
let group = groups.get_by_id(gid).unwrap_or_exit(1);
println!("{}", group.group);
exit(0);
}
// Display the real group ID
if args.is_present("GROUP") && args.is_present("REAL") {
let gid = get_gid().unwrap_or_exit(1);
println!("{}", gid);
exit(0);
}
// Display effective group ID
if args.is_present("GROUP") {
let egid = get_egid().unwrap_or_exit(1);
println!("{}", egid);
exit(0);
}
// We get everything we can and show
let euid = get_euid().unwrap_or_exit(1);
let egid = get_egid().unwrap_or_exit(1);
let users = AllUsers::basic(Config::default()).unwrap_or_exit(1);
let groups = AllGroups::new(Config::default()).unwrap_or_exit(1);
let user = users.get_by_id(euid).unwrap_or_exit(1);
let group = groups.get_by_id(egid).unwrap_or_exit(1);
println!("uid={}({}) gid={}({})", euid, user.user, egid, group.group);
exit(0);
}
+220
View File
@@ -0,0 +1,220 @@
#[macro_use]
extern crate clap;
use libredox::error::Result;
use std::fs::File;
use std::io::{self, Write};
use std::str;
use extra::option::OptionalExt;
use redox_users::{All, AllUsers, Config, User};
use termion::input::TermRead;
use userutils::spawn_shell;
const _MAN_PAGE: &'static str = /* @MANSTART{login} */
r#"
NAME
login - log into the computer
SYNOPSIS
login
DESCRIPTION
The login utility logs users (and pseudo-users) into the computer system.
OPTIONS
-h --help
Display help info and exit.
AUTHOR
Written by Jeremy Soller, Jose Narvaez.
"#; /* @MANEND */
const ISSUE_FILE: &'static str = "/etc/issue";
const MOTD_FILE: &'static str = "/etc/motd";
// TODO: Move to redox_users once the definition solidifies.
const DEFAULT_SCHEMES: [&'static str; 26] = [
// Kernel schemes
"debug",
"event",
"memory",
"pipe",
"serio",
"irq",
"time",
"sys",
// Base schemes
"rand",
"null",
"zero",
"log",
// Network schemes
"ip",
"icmp",
"tcp",
"udp",
// IPC schemes
"shm",
"chan",
"uds_stream",
"uds_dgram",
// File schemes
"file",
// Display schemes
"display.vesa",
"display*",
// Other schemes
"pty",
"sudo",
"audio",
];
pub fn apply_login_schemes(
user: &User<redox_users::auth::Full>,
default_schemes: &[&str],
) -> Result<libredox::Fd> {
let schemes = match load_config_schemes(user) {
Some(s) => s,
_ => default_schemes.iter().map(|s| s.to_string()).collect(),
};
let mut names: Vec<ioslice::IoSlice> = Vec::with_capacity(schemes.len());
for scheme in schemes.iter() {
names.push(ioslice::IoSlice::new(scheme.as_bytes()));
}
let ns_fd = libredox::call::mkns(&names)?;
let before_ns_fd = libredox::Fd::new(libredox::call::setns(ns_fd)?);
Ok(before_ns_fd)
}
fn load_config_schemes(user: &User<redox_users::auth::Full>) -> Option<Vec<String>> {
use serde::{Deserialize, Serialize};
use std::collections::BTreeMap;
use std::fs;
const LOGIN_SCHEMES_FILE: &'static str = "/etc/login_schemes.toml";
#[derive(Debug, Clone, Serialize, Deserialize)]
struct UserSchemeConfig {
pub schemes: Vec<String>,
}
#[derive(Debug, Clone, Serialize, Deserialize)]
struct LoginConfig {
#[serde(rename = "user_schemes")]
pub user_schemes: BTreeMap<String, UserSchemeConfig>,
}
let config_str = fs::read_to_string(LOGIN_SCHEMES_FILE).ok()?;
let config: LoginConfig = toml::from_str(&config_str).ok()?;
config
.user_schemes
.get(&user.user)
.map(|cfg| cfg.schemes.clone())
}
pub fn main() {
let mut stdout = io::stdout();
let mut stderr = io::stderr();
let _args = clap_app!(login =>
(author: "Jeremy Soller, Jose Narvaez")
(about: "Login as a user")
)
.get_matches();
if let Ok(mut issue) = File::open(ISSUE_FILE) {
io::copy(&mut issue, &mut stdout).r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
}
loop {
let user = liner::Context::new()
.read_line(
liner::Prompt::from("\x1B[1mRed Bear login:\x1B[0m "),
None,
&mut liner::BasicCompleter::new(Vec::<String>::new()),
)
.r#try(&mut stderr);
if !user.is_empty() {
let stdin = io::stdin();
let mut stdin = stdin.lock();
let sys_users = AllUsers::authenticator(Config::default()).unwrap_or_exit(1);
match sys_users.get_by_name(user) {
None => {
stdout.write(b"\nLogin incorrect\n").r#try(&mut stderr);
stdout.write(b"\n").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
continue;
}
Some(user) => {
// Establish a working directory on the `file` scheme (the
// user's home) BEFORE any namespace restriction. login runs
// with the CWD inherited from init, which on the live image
// lives on the `initfs` scheme. apply_login_schemes() below
// switches to a namespace containing only DEFAULT_SCHEMES
// (which excludes `initfs`), after which that inherited CWD
// fd is unresolvable — and because relibc resolves paths via
// the CWD fd (AT_REDOX_CWD_FD), the login shell's spawn
// (Command child chdir + execve) then fails or hangs. Doing
// this chdir here, while still in the full namespace, points
// the CWD at `file:` (home, fallback `/`), which remains
// valid inside the restricted login namespace.
if std::env::set_current_dir(&user.home).is_err() {
let _ = std::env::set_current_dir("/");
}
if user.is_passwd_blank() {
if let Ok(mut motd) = File::open(MOTD_FILE) {
io::copy(&mut motd, &mut stdout).r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
}
let before_ns_fd =
apply_login_schemes(user, &DEFAULT_SCHEMES).unwrap_or_exit(1);
let _ = syscall::fcntl(
before_ns_fd.raw(),
syscall::F_SETFD,
syscall::O_CLOEXEC,
);
spawn_shell(user).unwrap_or_exit(1);
let _ = syscall::fcntl(before_ns_fd.raw(), syscall::F_SETFD, 0);
let _ = libredox::call::close(
libredox::call::setns(before_ns_fd.into_raw()).unwrap_or_exit(1),
);
break;
}
stdout
.write_all(b"\x1B[1mpassword:\x1B[0m ")
.r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
if let Some(password) = stdin.read_passwd(&mut stdout).r#try(&mut stderr) {
stdout.write(b"\n").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
if user.verify_passwd(&password) {
if let Ok(mut motd) = File::open(MOTD_FILE) {
io::copy(&mut motd, &mut stdout).r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
}
spawn_shell(user).unwrap_or_exit(1);
break;
}
}
}
}
} else {
stdout.write(b"\n").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
}
}
}
+197
View File
@@ -0,0 +1,197 @@
#[macro_use]
extern crate clap;
use std::io;
use std::io::Write;
use std::process::exit;
use extra::option::OptionalExt;
use libredox::flag::O_CLOEXEC;
use libredox::errno::EPERM;
use redox_users::{All, AllUsers, Config, get_uid};
use termion::input::TermRead;
const _MAN_PAGE: &'static str = /* @MANSTART{passwd} */
r#"
NAME
passwd - modify a user's password
SYNOPSIS
passwd [ LOGIN ]
passwd [ -h | --help ]
DESCRIPTION
The passwd utility changes the user's local password. If the user is not
the super-user, passwd first prompts for the current password and will
not continue unless the correct password is entered.
OPTIONS
-h, --help
Display this help and exit.
-l, --lock
Lock the password of the named account. This changes the stored password
hash so that it matches no encrypted value ("!")
Users with locked passwords are not allowed to change their password.
AUTHOR
Written by Jeremy Soller, Jose Narvaez.
"#; /* @MANEND */
fn main() {
let mut stdin = io::stdin().lock();
let mut stdout = io::stdout().lock();
let mut stderr = io::stderr();
let args = clap_app!(passwd =>
(author: "Jeremy Soller, Jose Narvaez")
(about: "Set user passwords")
(@arg LOGIN: "Apply to login. Sets password for current user if not supplied")
(@arg LOCK: -l --lock "Lock the password for an account (no login)")
)
.get_matches();
if args.is_present("LOCK") {
if get_uid().unwrap_or_exit(1) != 0 {
eprintln!("passwd: only root is allowed to lock accounts");
exit(1);
}
let mut users =
AllUsers::authenticator(Config::default().writeable(true)).unwrap_or_exit(1);
let Some(login) = args.value_of("LOGIN") else {
eprintln!("passwd: no account specified to lock");
exit(1);
};
let user = users.get_mut_by_name(login).unwrap_or_else(|| {
eprintln!("passwd: user does not exist: {}", login);
exit(1);
});
user.unset_passwd();
users.save().unwrap_or_exit(1);
return;
}
let uid = get_uid().unwrap_or_exit(1);
if uid == 0 {
let mut users =
AllUsers::authenticator(Config::default().writeable(true)).unwrap_or_exit(1);
let user = find_user(&args, &mut users);
let msg = format!("changing password for '{}' \n", user.user);
stdout.write_all(&msg.as_bytes()).r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
let new_password = ask_new_password(stdin, stdout, stderr);
user.set_passwd(&new_password).unwrap_or_exit(1);
users.save().unwrap_or_exit(1);
return;
}
let mut users = AllUsers::basic(Config::default()).unwrap_or_exit(1);
let user = find_user(&args, &mut users);
if user.uid != uid {
eprintln!(
"passwd: you do not have permission to set the password of '{}'",
user.user
);
exit(1);
}
let msg = format!("changing password for '{}' \n", user.user);
stdout.write_all(&msg.as_bytes()).r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
drop(users); // Unlock /etc/passwd
stdout.write_all(b"current password: ").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
let file = libredox::call::open("/scheme/sudo/passwd", O_CLOEXEC, 0).unwrap();
if let Some(password) = stdin.read_passwd(&mut stdout).r#try(&mut stderr) {
stdout.write(b"\n").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
match libredox::call::write(file, password.as_bytes()) {
Ok(_) => {}
Err(err) if err.errno() == EPERM => {
eprintln!("passwd: incorrect current password");
exit(1);
}
Err(err) => panic!("{err}"),
}
} else {
eprintln!("passwd: incorrect current password");
exit(1);
}
let new_password = ask_new_password(stdin, stdout, stderr);
match libredox::call::write(file, new_password.as_bytes()) {
Ok(_) => {}
Err(err) if err.errno() == EPERM => {
eprintln!("passwd: invalid new password");
exit(1);
}
Err(err) => panic!("{err}"),
}
}
fn find_user<'a, T: Default>(
args: &clap::ArgMatches<'_>,
users: &'a mut AllUsers<T>,
) -> &'a mut redox_users::User<T> {
let uid = get_uid().unwrap_or_exit(1);
match args.value_of("LOGIN") {
Some(login) => users.get_mut_by_name(login).unwrap_or_else(|| {
eprintln!("passwd: user does not exist: {}", login);
exit(1);
}),
None => users.get_mut_by_id(uid).unwrap_or_else(|| {
eprintln!("passwd: you do not exist");
exit(1);
}),
}
}
fn ask_new_password(
mut stdin: io::StdinLock<'_>,
mut stdout: io::StdoutLock<'_>,
mut stderr: io::Stderr,
) -> String {
stdout.write_all(b"new password: ").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
let Some(new_password) = stdin.read_passwd(&mut stdout).r#try(&mut stderr) else {
eprintln!("passwd: no new password provided");
exit(1);
};
stdout.write(b"\nconfirm password: ").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
let Some(confirm_password) = stdin.read_passwd(&mut stdout).r#try(&mut stderr) else {
eprintln!("\npasswd: no confirm password provided");
exit(1);
};
stdout.write(b"\n").r#try(&mut stderr);
stdout.flush().r#try(&mut stderr);
if new_password != confirm_password {
eprintln!("passwd: new password does not match confirm password");
exit(1);
}
new_password
}
+84
View File
@@ -0,0 +1,84 @@
#[macro_use]
extern crate clap;
use std::io::{self, Write};
use std::process::exit;
use std::str;
use extra::option::OptionalExt;
use libredox::flag::O_CLOEXEC;
use redox_users::{All, AllUsers, Config, get_uid};
use syscall::EPERM;
use termion::input::TermRead;
use userutils::spawn_shell;
const _MAN_PAGE: &'static str = /* @MANSTART{su} */
r#"
NAME
su - substitute user identity
SYNOPSIS
su [ user ]
su [ -h | --help ]
DESCRIPTION
The su utility requests appropriate user credentials via PAM and switches to
that user ID (the default user is the superuser). A shell is then executed.
OPTIONS
-h, --help
Display this help and exit.
AUTHOR
Written by Jeremy Soller, Jose Narvaez.
"#; /* @MANEND */
pub fn main() {
let stdin = io::stdin();
let mut stdin = stdin.lock();
let stdout = io::stdout();
let mut stdout = stdout.lock();
let mut stderr = io::stderr();
let args = clap_app!(su =>
(author: "Jeremy Soller, Jose Narvaez")
(about: "substitue user identity")
(@arg LOGIN: "Login as LOGIN. Default is \'root\'")
)
.get_matches();
let target_user = args.value_of("LOGIN").unwrap_or("root");
let uid = get_uid().unwrap_or_exit(1);
let users = AllUsers::basic(Config::default()).unwrap_or_exit(1);
let user = users.get_by_name(&target_user).unwrap_or_exit(1);
// If the user executing su is root, then they can do anything without a password.
// Same if the user we're being asked to login as doesn't have a password.
if uid == 0 {
writeln!(stdout).unwrap_or_exit(1);
exit(spawn_shell(user).unwrap_or_exit(1));
} else {
let file = libredox::call::open("/scheme/sudo/su", O_CLOEXEC, 0).unwrap();
write!(stdout, "password: ").unwrap_or_exit(1);
stdout.flush().unwrap_or_exit(1);
// Read the password, reading an empty string if CTRL-d is specified
let password = stdin
.read_passwd(&mut stdout)
.r#try(&mut stderr)
.unwrap_or(String::new());
match libredox::call::write(file, password.as_bytes()) {
Ok(_) => exit(spawn_shell(user).unwrap_or_exit(1)),
Err(err) if err.errno() == EPERM => {
writeln!(stderr, "su: authentication failed").unwrap_or_exit(1);
exit(1);
}
Err(err) => panic!("{err}"),
}
}
}
+402
View File
@@ -0,0 +1,402 @@
use std::collections::HashMap;
use std::env;
use std::io::{self, Write};
use std::os::fd::{AsRawFd, FromRawFd, OwnedFd, RawFd};
use std::os::unix::process::CommandExt;
use std::process::{Command, exit};
use extra::option::OptionalExt;
use libredox::flag::O_CLOEXEC;
use libredox::protocol::ProcCall;
use redox_rt::sys::proc_call;
use redox_scheme::scheme::{SchemeSync, register_sync_scheme};
use redox_scheme::{
CallerCtx, OpenResult, RequestKind, Response, SendFdRequest, SignalBehavior, Socket,
};
use redox_users::{All, AllGroups, AllUsers, Config, get_uid};
use syscall::error::*;
use syscall::flag::*;
use syscall::schemev2::NewFdFlags;
use termion::input::TermRead;
const MAX_ATTEMPTS: u16 = 3;
const _MAN_PAGE: &'static str = /* @MANSTART{sudo} */
r#"
NAME
sudo - execute a command as another user
SYNOPSIS
sudo command
sudo [ -h | --help ]
DESCRIPTION
The sudo utility allows a permitted user to execute a command as the
superuser or another user, as specified by the security policy.
EXIT STATUS
Upon successful execution of a command, the exit status from sudo will
be the exit status of the program that was executed. In case of error
the exit status will be >0.
AUTHOR
Written by Jeremy Soller, Jose Narvaez, bjorn3.
"#; /* @MANEND */
fn main() {
if env::args().nth(1).as_deref() == Some("--daemon") {
daemon_main();
}
let mut args = env::args().skip(1);
let cmd = args.next().unwrap_or_else(|| {
eprintln!("sudo: no command provided");
exit(1);
});
let users = AllUsers::basic(Config::default()).unwrap_or_exit(1);
let uid = get_uid().unwrap_or_exit(1);
let user = users.get_by_id(uid).unwrap_or_exit(1);
if uid == 0 {
// We are root already. No need to elevate privileges
run_command_as_root(&cmd, &args.collect());
}
let file = libredox::call::open("/scheme/sudo", O_CLOEXEC, 0).unwrap();
let mut attempts = 0;
loop {
print!("[sudo] password for {}: ", user.user);
let _ = io::stdout().flush();
match io::stdin().read_passwd(&mut io::stdout()).unwrap() {
Some(password) => {
println!();
match libredox::call::write(file, password.as_bytes()) {
Ok(_) => break,
Err(err) if err.errno() == EPERM => {
attempts += 1;
eprintln!(
"sudo: incorrect password or not in sudo group ({}/{})",
attempts, MAX_ATTEMPTS,
);
if attempts >= MAX_ATTEMPTS {
exit(1);
}
}
Err(err) => panic!("{err}"),
}
}
None => {
println!();
exit(1);
}
}
}
// FIXME move to libredox
unsafe extern "C" {
safe fn redox_cur_procfd_v0() -> usize;
}
// Elevate privileges of our own process with help from the sudo daemon
syscall::sendfd(
file,
syscall::dup(redox_cur_procfd_v0(), &[]).unwrap(),
0,
0,
)
.unwrap();
// FIXME perhaps keep the original namespace available in a subdirectory of the namespace we switch to?
let ns = syscall::openat(file, "ns", 0, syscall::O_CLOEXEC).unwrap();
libredox::call::setns(ns).unwrap();
run_command_as_root(&cmd, &args.collect());
}
enum Policy {
Deny,
Authenticate,
}
fn policy_for_user(uid: u32) -> Policy {
let users = AllUsers::authenticator(Config::default()).unwrap_or_exit(1);
let groups = AllGroups::new(Config::default()).unwrap_or_exit(1);
let user = users.get_by_id(uid as usize).unwrap_or_exit(1);
let sudo_group = groups.get_by_name("sudo").unwrap_or_exit(1);
if !sudo_group.users.iter().any(|name| name == &user.user) {
return Policy::Deny;
}
Policy::Authenticate
}
fn run_command_as_root(cmd: &str, args: &Vec<String>) -> ! {
let mut command = Command::new(&cmd);
for arg in args {
command.arg(&arg);
}
command.uid(0);
command.gid(0);
command.env("USER", "root");
command.env("UID", "0");
command.env("GROUPS", "0");
let err = command.exec();
eprintln!("sudo: failed to execute {}: {}", cmd, err);
exit(1);
}
struct Scheme {
next_fd: usize,
handles: HashMap<usize, Handle>,
}
enum Handle {
AwaitingPassword { uid: u32 },
AwaitingRootPassword,
AwaitingContextFd,
AwaitingNamespaceFetch { ns: libredox::Fd },
AwaitingPasswordForPasswd { uid: u32 },
AwaitingNewPassword { uid: u32 },
Placeholder,
SchemeRoot,
}
impl SchemeSync for Scheme {
fn scheme_root(&mut self) -> Result<usize> {
let fd = self.next_fd;
self.next_fd = self.next_fd.checked_add(1).ok_or(Error::new(EMFILE))?;
self.handles.insert(fd, Handle::SchemeRoot);
Ok(fd)
}
fn openat(
&mut self,
dirfd: usize,
path: &str,
_flags: usize,
_fcntl_flags: u32,
ctx: &CallerCtx,
) -> Result<OpenResult> {
let handle = match self.handles.get_mut(&dirfd).ok_or(Error::new(EBADF))? {
Handle::SchemeRoot => match path {
"" => Handle::AwaitingPassword { uid: ctx.uid },
"su" => Handle::AwaitingRootPassword,
"passwd" => Handle::AwaitingPasswordForPasswd { uid: ctx.uid },
_ => return Err(Error::new(ENOENT)),
},
Handle::AwaitingNamespaceFetch { .. } => {
if path != "ns" {
return Err(Error::new(ENOENT));
}
let ns = match self.handles.insert(dirfd, Handle::Placeholder).unwrap() {
Handle::AwaitingNamespaceFetch { ns } => ns,
_ => unreachable!(),
};
return Ok(OpenResult::OtherScheme { fd: ns.into_raw() });
}
_ => return Err(Error::new(EINVAL)),
};
let fd = self.next_fd;
self.next_fd = self.next_fd.checked_add(1).ok_or(Error::new(EMFILE))?;
self.handles.insert(fd, handle);
Ok(OpenResult::ThisScheme {
number: fd,
flags: NewFdFlags::empty(),
})
}
fn write(
&mut self,
id: usize,
buf: &[u8],
_off: u64,
_flags: u32,
_ctx: &CallerCtx,
) -> Result<usize> {
let handle = self.handles.get_mut(&id).ok_or(Error::new(EBADF))?;
let validate_utf8 = |buf| std::str::from_utf8(buf).map_err(|_| Error::new(EINVAL));
match std::mem::replace(handle, Handle::Placeholder) {
Handle::AwaitingPassword { uid } => {
let users = AllUsers::authenticator(Config::default()).unwrap_or_exit(1);
let user = users.get_by_id(uid as usize).unwrap_or_exit(1);
match policy_for_user(uid) {
Policy::Deny => {
*handle = Handle::AwaitingPassword { uid };
return Err(Error::new(EPERM));
}
Policy::Authenticate => {
let password = validate_utf8(buf)?;
if user.verify_passwd(&password) {
*handle = Handle::AwaitingContextFd
} else {
*handle = Handle::AwaitingPassword { uid };
return Err(Error::new(EPERM));
}
}
}
}
Handle::AwaitingRootPassword => {
let users = AllUsers::authenticator(Config::default()).unwrap_or_exit(1);
let user = users.get_by_id(0).unwrap_or_exit(1);
let password = validate_utf8(buf)?;
if user.verify_passwd(&password) {
*handle = Handle::AwaitingContextFd
} else {
*handle = Handle::AwaitingRootPassword;
return Err(Error::new(EPERM));
}
}
Handle::AwaitingContextFd => {
*handle = Handle::AwaitingContextFd;
return Err(Error::new(EINVAL));
}
Handle::AwaitingPasswordForPasswd { uid } => {
let users =
AllUsers::authenticator(Config::default()).map_err(|_| Error::new(ENOLCK))?;
let user = users.get_by_id(uid as usize).ok_or(Error::new(EEXIST))?;
let password = validate_utf8(buf)?;
if user.verify_passwd(&password) {
*handle = Handle::AwaitingNewPassword { uid }
} else {
*handle = Handle::AwaitingPasswordForPasswd { uid };
return Err(Error::new(EPERM));
}
}
Handle::AwaitingNewPassword { uid } => {
let mut users = AllUsers::authenticator(Config::default().writeable(true))
.map_err(|_| Error::new(ENOLCK))?;
let user = users
.get_mut_by_id(uid as usize)
.ok_or(Error::new(EEXIST))?;
let new_password = validate_utf8(buf)?;
if user.set_passwd(&new_password).is_ok() {
users.save().map_err(|_| Error::new(ENOLCK))?;
*handle = Handle::Placeholder
} else {
*handle = Handle::AwaitingNewPassword { uid };
return Err(Error::new(EPERM));
}
}
Handle::AwaitingNamespaceFetch { .. } => {
eprintln!("sudo: found namespace fetch handle with ID {id}");
return Err(Error::new(EBADFD));
}
Handle::Placeholder => {
eprintln!("sudo: found placeholder handle with ID {id}");
return Err(Error::new(EBADFD));
}
Handle::SchemeRoot => {
eprintln!("sudo: found Scheme root handle with ID {id}");
return Err(Error::new(EBADFD));
}
}
Ok(buf.len())
}
}
impl Scheme {
fn on_close(&mut self, id: usize) {
self.handles.remove(&id);
}
fn on_sendfd(&mut self, socket: &Socket, req: &SendFdRequest) -> Result<usize> {
let handle = self.handles.get_mut(&req.id()).ok_or(Error::new(EBADF))?;
match std::mem::replace(handle, Handle::Placeholder) {
Handle::AwaitingContextFd => {
let mut proc_fd = usize::MAX;
req.obtain_fd(
socket,
FobtainFdFlags::empty(),
std::slice::from_mut(&mut proc_fd),
)?;
let proc_fd = unsafe { OwnedFd::from_raw_fd(proc_fd as RawFd) };
let [ruid, euid, suid] = [0, 0, 0];
let [rgid, egid, sgid] = [0, 0, 0];
let mut payload = [0; size_of::<u32>() * 6];
plain::slice_from_mut_bytes(&mut payload)
.unwrap()
.copy_from_slice(&[ruid, euid, suid, rgid, egid, sgid]);
if let Err(err) = proc_call(
proc_fd.as_raw_fd() as usize,
&mut payload,
CallFlags::empty(),
&[ProcCall::SetResugid as u64],
) {
eprintln!("failed to setresugid: {err}");
}
*handle = Handle::AwaitingNamespaceFetch {
ns: libredox::Fd::new(
syscall::dup(libredox::call::getns().unwrap(), b"").unwrap(),
),
};
}
old => {
*handle = old;
return Err(Error::new(EBADF));
}
}
Ok(0)
}
}
fn daemon_main() -> ! {
// TODO: Linux kernel audit-like logging?
let socket = Socket::create().expect("failed to open scheme socket");
let mut scheme = Scheme {
next_fd: 1,
handles: HashMap::new(),
};
let mut scheme_state = redox_scheme::scheme::SchemeState::new();
register_sync_scheme(&socket, "sudo", &mut scheme)
.expect("failed to register sudo scheme to namespace");
loop {
let Some(req) = socket
.next_request(SignalBehavior::Restart)
.expect("failed to get request")
else {
break;
};
let response = match req.kind() {
RequestKind::Call(call) => call.handle_sync(&mut scheme, &mut scheme_state),
RequestKind::SendFd(req) => Response::new(scheme.on_sendfd(&socket, &req), req),
RequestKind::OnClose { id } => {
scheme.on_close(id);
continue;
}
_ => continue,
};
socket
.write_response(response, SignalBehavior::Restart)
.expect("sudo: scheme write failed");
}
std::process::exit(0)
}
+205
View File
@@ -0,0 +1,205 @@
#[macro_use]
extern crate clap;
use std::process::exit;
use extra::option::OptionalExt;
use redox_users::{All, AllGroups, AllUsers, Config, GroupBuilder, UserBuilder};
use userutils::create_user_dir;
const _MAN_PAGE: &'static str = /* @MANSTART{useradd} */
r#"
NAME
useradd - add a new user
SYNOPSYS
useradd [ options ] LOGIN
useradd [ -h | --help ]
DESCRIPTION
The useradd utility creates a new user based on
system defaults and values passed on the command line.
Useradd creates a new group for the user by default and
can also be instructed to create the user's home directory.
Note that useradd creates a new user with the password
unset (no login). This is better documented with the
redox_users crate.
OPTIONS
-h, --help
Display this help and exit.
-c, --comment
Any text string, usually used as the user's full name.
Historically known as the GECOS field
-d, --home-dir HOME_DIR
The new user will be created with HOME_DIR as their home
directory. The default value is LOGIN prepended with "/home/".
This flag DOES NOT create the home directory. See --create-home
-g, --gid GID
The group id to use when creating the default login group. This value
must not be in use and must be non-negative. The default is to pick the
smallest available group id between values defined in redox_users.
-m, --create-home
Creates the user's home directory if it does not already exist.
This option is not enabled by default. This option must be specified
for a home directory to be created. If not set, the user's home dir is
set to "/"
-N, --no-user-group
Do not attempt to create the user's user group. Instead, the groupid
is set to 99 ("nobody"). -N and -g are mutually exclusive.
-s, --shell SHELL
The path to the user's default login shell. If not specified, the
default shell is set as "/bin/ion"
-u, --uid UID
The user id to use. This value must not be in use and must be
non-negative. The default is to pick the smallest available
user id between the defaults defined in redox_users
AUTHORS
Written by Wesley Hershberger.
"#; /* @MANEND */
const DEFAULT_SHELL: &'static str = "/bin/ion";
const DEFAULT_HOME: &'static str = "/home";
const DEFAULT_NO_GROUP: &'static str = "nobody";
fn main() {
let args = clap_app!(useradd =>
(author: "Wesley Hershberger")
(about: "Add users based on the system's redox_users backend")
(@arg LOGIN:
+required
"Add user LOGIN")
(@arg COMMENT:
-c --comment
+takes_value
"Set user description (GECOS field)")
(@arg HOME_DIR:
-d --("home-dir")
+takes_value
"Set LOGIN's home dir to HOME_DIR (does not create directory)")
(@arg CREATE_HOME:
-m --("create-home")
"Create the user's home directory")
(@arg SHELL:
-s --shell
+takes_value
"Set user's default login shell")
(@arg GID:
-g --gid
+takes_value
"Set LOGIN's primary group id. Positive integer and must not be in use.")
(@arg NO_USER_GROUP:
-N --("no-user-group")
conflicts_with[GID]
"Do not create primary user group (set gid to 99, \"nobody\")")
(@arg UID:
-u --uid
+takes_value
"Set LOGIN's user id. Positive ineger and must not be in use.")
)
.get_matches();
// unwrap is safe because of "+required". clap-rs is cool...
let login = args.value_of("LOGIN").unwrap();
let mut sys_users =
AllUsers::authenticator(Config::default().writeable(true)).unwrap_or_exit(1);
let mut sys_groups = AllGroups::new(Config::default().writeable(true)).unwrap_or_exit(1);
let uid = match args.value_of("UID") {
Some(uid) => {
let id = uid.parse::<usize>().unwrap_or_exit(1);
if let Some(_user) = sys_users.get_by_id(id) {
eprintln!("useradd: userid already in use: {}", id);
exit(1);
}
id
}
None => sys_users.get_unique_id().unwrap_or_else(|| {
eprintln!("useradd: no available uid");
exit(1);
}),
};
let gid = if args.is_present("NO_USER_GROUP") {
let nobody = sys_groups
.get_mut_by_name(DEFAULT_NO_GROUP)
.unwrap_or_else(|| {
eprintln!("useradd: group not found: {}", DEFAULT_NO_GROUP);
exit(1)
});
nobody.users.push(login.to_string());
99
} else {
let id = match args.value_of("GID") {
Some(id) => {
let id = id.parse::<usize>().unwrap_or_exit(1);
if let Some(_group) = sys_groups.get_by_id(id) {
eprintln!("useradd: group already exists with gid: {}", id);
exit(1);
}
id
}
None => sys_groups.get_unique_id().unwrap_or_else(|| {
eprintln!("useradd: no available gid");
exit(1);
}),
};
sys_groups
.add_group(GroupBuilder::new(login).gid(id).user(login))
.unwrap_or_else(|err| {
eprintln!("useradd: {}: {}", err, login);
exit(1);
});
id
};
let gecos = args.value_of("COMMENT").unwrap_or(login);
//Ugly way to satisfy the borrow checker...
let mut sys_homes = String::from(DEFAULT_HOME);
let userhome = args.value_of("HOME_DIR").unwrap_or_else(|| {
if args.is_present("CREATE_HOME") {
sys_homes.push_str("/");
sys_homes.push_str(&login);
sys_homes.as_str()
} else {
"/"
}
});
let shell = args.value_of("SHELL").unwrap_or(DEFAULT_SHELL);
let user = UserBuilder::new(login)
.uid(uid)
.gid(gid)
.name(gecos)
.home(userhome)
.shell(shell);
sys_users.add_user(user).unwrap_or_else(|err| {
eprintln!("useradd: {}: {}", err, login);
exit(1);
});
// Make sure to try and create the user/groups before we create
// their home, that way we get a permissions error that makes
// more sense
sys_groups.save().unwrap_or_exit(1);
sys_users.save().unwrap_or_exit(1);
if args.is_present("CREATE_HOME") {
//Shouldn't ever error...
let user = sys_users.get_by_id(uid).unwrap_or_exit(1);
create_user_dir(user, userhome).unwrap_or_exit(1);
}
}
+69
View File
@@ -0,0 +1,69 @@
#[macro_use]
extern crate clap;
use std::fs::remove_dir;
use std::process::exit;
use extra::option::OptionalExt;
use redox_users::{All, AllGroups, AllUsers, Config};
use userutils::AllGroupsExt;
const _MAN_PAGE: &'static str = /* @MANSTART{userdel} */
r#"
NAME
userdel - modify system files to delete users
SYNOPSYS
userdel [ options ] LOGIN
userdel [ -h | --help ]
DESCRIPTION
userdel removes users from whatever backend is employed by
the system's redox_users. The utility removes the user from
all groups of which they are a member.
It can also be used to manage removal of home directories.
OPTIONS
-h, --help
Print this help page and exit.
-r, --remove
The user's home directory and all files inside will be
removed.
AUTHORS
Wesley Hershberger.
"#; /* @MANEND */
fn main() {
let args = clap_app!(userdel =>
(author: "Wesley Hershberger")
(about: "Removes system users using redox_users")
(@arg LOGIN: +required "Remove user LOGIN")
(@arg REMOVE: -r --remove "Remove the user's home and all files and directories inside")
)
.get_matches();
let login = args.value_of("LOGIN").unwrap();
let mut sys_users =
AllUsers::authenticator(Config::default().writeable(true)).unwrap_or_exit(1);
let mut sys_groups = AllGroups::new(Config::default().writeable(true)).unwrap_or_exit(1);
{
sys_groups.remove_user_from_all_groups(login);
if args.is_present("REMOVE") {
let user = sys_users.get_by_name(login).unwrap_or_else(|| {
eprintln!("userdel: user does not exist: {}", login);
exit(1);
});
remove_dir(&user.home).unwrap_or_exit(1);
}
}
sys_users.remove_by_name(login.to_string());
sys_groups.save().unwrap_or_exit(1);
sys_users.save().unwrap_or_exit(1);
}
+196
View File
@@ -0,0 +1,196 @@
#[macro_use]
extern crate clap;
use std::fs::{remove_dir, rename};
use std::process::exit;
use extra::option::OptionalExt;
use redox_users::{All, AllGroups, AllUsers, Config};
use userutils::{AllGroupsExt, create_user_dir};
const _MAN_PAGE: &'static str = /* @MANSTART{usermod} */
r#"
NAME
usermod - modify user information
SYNOPSYS
usermod [ options ] LOGIN
usermod [ -h | --help ]
DESCRIPTION
The usermod utility can be used to modify user information.
This utility uses the redox_users API, so the backend is whatever
backend in use on the system for that API at the time.
See passwd for setting user passwords.
OPTIONS
-h, --help
Display this help and exit.
-c, --comment COMMENT
The comment field (or GECOS, historically) for the user. This
is typically the full name of the user, although sometimes it
includes an e-mail.
-d, --home-dir HOME_DIR
Sets the home directory to HOME_DIR and creates the directory.
See -m for move
-m, --move-home
Moves the the user's old home directory into the home directory
specified by --home-dir. Has no effect if passed without --home-dir
-G, --append-groups GROUP[,GROUP, ...]
Add this user to GROUP groups. This does not remove the user from
any group of which they are already a member.
-S, --set-groups GROUP[,GROUP, ...]
Remove the user from all groups of which they are a part and add
them to GROUP groups.
-g, --gid GID
Set the user's primary group id. If the group does not exist,
a warning is issued and no changes are applied.
-l, --login NEW_LOGIN
Set the new login name for the user. Must not be in use.
-s, --shell SHELL
Set the user's login shell as SHELL. This must be a full path.
-u, --uid UID
Set the user's user id. If another user's userid is the same as
UID, a warning is issued and no changes are applied. Note that
changing the value of the user's userid may have unexpected consequences.
AUTHORS
Written by Wesley Hershberger.
"#; /* @MANEND */
fn main() {
let args = clap_app!(usermod =>
(author: "Wesley Hershberger")
(about: "Modify users according to the system's redox_users backend")
(@arg LOGIN:
+required
"Apply modifications to LOGIN")
(@arg COMMENT:
-c --comment
+takes_value
"Set LOGIN's description (GECOS field)")
(@arg HOME_DIR:
-d --("home-dir")
+takes_value
"Create and set LOGIN's home directory")
(@arg MOVE_HOME:
-m --("move-home")
requires[HOME_DIR]
"Move LOGIN's old home to HOME_DIR (see --home-dir) instead of creating it. Requires -d")
(@arg APPEND_GROUPS:
-G --("append-groups")
+takes_value conflicts_with[SET_GROUPS]
"Add user to groups specified (comma separated list, see man page)")
(@arg SET_GROUPS:
-S --("set-groups")
+takes_value conflicts_with[APPEND_GROUPS]
"Set LOGIN's groups as specified (truncates existing, see man page)")
(@arg GID:
-g --gid
+takes_value
"Set LOGIN's primary group id. Group must exist")
(@arg NEW_LOGIN:
-l --login
+takes_value
"Set LOGIN's name to NEW_LOGIN")
(@arg SHELL:
-s --shell
+takes_value
"Set LOGIN's default login shell")
(@arg UID:
-u --uid
+takes_value
"Set LOGIN's user id. See man page for details")
).get_matches();
let login = args.value_of("LOGIN").unwrap();
//TODO: Does not always need shadowfile access
let mut sys_users =
AllUsers::authenticator(Config::default().writeable(true)).unwrap_or_exit(1);
let mut sys_groups;
if let Some(new_groups) = args.value_of("SET_GROUPS") {
sys_groups = AllGroups::new(Config::default().writeable(true)).unwrap_or_exit(1);
sys_groups.remove_user_from_all_groups(login);
sys_groups
.add_user_to_groups(login, new_groups.split(',').collect())
.unwrap_or_exit(1);
sys_groups.save().unwrap_or_exit(1);
}
if let Some(new_groups) = args.value_of("APPEND_GROUPS") {
sys_groups = AllGroups::new(Config::default().writeable(true)).unwrap_or_exit(1);
sys_groups
.add_user_to_groups(login, new_groups.split(',').collect())
.unwrap_or_exit(1);
sys_groups.save().unwrap_or_exit(1);
}
let uid = args.value_of("UID").map(|uid| {
let uid = uid.parse::<usize>().unwrap_or_exit(1);
if let Some(_user) = sys_users.get_by_id(uid) {
eprintln!("usermod: userid already in use: {}", uid);
exit(1);
}
uid
});
{
let user = sys_users.get_mut_by_name(&login).unwrap_or_else(|| {
eprintln!("usermod: user \"{}\" not found", login);
exit(1);
});
if let Some(gecos) = args.value_of("COMMENT") {
user.name = gecos.to_string();
}
if let Some(new_login) = args.value_of("NEW_LOGIN") {
user.user = new_login.to_string();
}
if let Some(shell) = args.value_of("SHELL") {
user.shell = shell.to_string();
}
if let Some(home) = args.value_of("HOME_DIR") {
if args.is_present("MOVE_HOME") {
rename(&user.home, &home).unwrap_or_exit(1);
} else {
create_user_dir(user, &home).unwrap_or_exit(1);
remove_dir(&user.home).unwrap_or_exit(1);
}
user.home = home.to_string();
}
if let Some(uid) = uid {
user.uid = uid;
}
if let Some(gid) = args.value_of("GID") {
sys_groups = AllGroups::new(Config::default()).unwrap_or_exit(1);
let gid = gid.parse::<usize>().unwrap_or_exit(1);
if let Some(_group) = sys_groups.get_by_id(gid) {
user.gid = gid;
} else {
eprintln!("usermod: no group found for id: {}", gid);
exit(1);
}
}
}
sys_users.save().unwrap_or_exit(1);
}
+120 -1123
View File
File diff suppressed because it is too large Load Diff