openssh unix dev - Jun 2000 - 2.2.1p1 / AIX 4.2.1.0.06 login nits

Hi.

New (2.1.1p1) login code is nicer on AIX (4.2.1.0.06).  Thanks.

A couple of issues, though, which I haven't really dug into yet.  I'm
wondering if anyone else has seen them?  If not, I'll investigate &
report.

1.	If I set "UseLogin" to "yes", everything seems fine
except that
	the authentication agent forwarding doesn't work.  The "SSH"
	environment variables don't get propagated through to the user's
	shell.

2.	If I set "UseLogin" to "no", the above problem
disappears, but the
	user's resource limits are not set from /etc/security/limits.  In
	my case, the server inherits the hard limit on stack size (16384)
	from the parent process (init), and that's not enough stack space
	to load the C compiler, among other things.  :(

Thoughts?
Matt.
-- 
Any research done on how to efficiently use computers has been long lost
in the mad rush to upgrade systems to do things that aren't needed by
people who don't understand what they are really supposed to do with
them.				-- Graham Reed, in a.s.r.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url :
http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20000612/062f96d2/attachment.bin

Matt,

When login is called in session.c the environment variables are not passed
to it.  AIX login expects environment variables to be passed on the command
line in the form:

           /usr/bin/login -h <remote ip> -p -f -- <username>
DISPLAY=host:10.0 TZ=GMT0BST ...

There are restrictions, for example you cannot set PATH.  When login is
called in session.c the variables are not passed.

           /* Launch login(1). */

           execl("/usr/bin/login", "login", "-h",
get_remote_ipaddr(),
                 "-p", "-f", "--", pw->pw_name,
NULL);

The NULL needs to be replaced with a string containing the variables.
Unfortunately using execve (instead of execl) and using the environment
pointer does not have any effect -- login does not inherit the variables
passed in that way.

Could whoever has been working on the revamped login code (Andre?) take a
look into this?  It effectively breaks X11 forwarding :-(

Many thanks,
--------------------------------------------------------
 Doug Manton, AT&T EMEA Firewall and Security Solutions

              douglas.manton at uk.ibm.com
--------------------------------------------------------
"If privacy is outlawed, only outlaws will have privacy"

Here's a patch to support AIX's additional user information (various
hard and soft rlimits, default umask).  Special thanks to Matthew Clarke
for suggestions and help in testing.

I've also included a buffer overrun fix I ran into with Solaris 2.7
(loginrec.c). I haven't gone over the rest of this file too carefully,
but maybe this will help some other people.
-- 
Tom Bertelson           "Any sufficiently advanced technology
RHI Consulting           is indistinguishable from magic."
tbert at abac.com             -- Arthur C. Clarke
-------------- next part --------------
--- configure.in~	Thu Jun  8 21:58:35 2000
+++ configure.in	Fri Jun 16 11:21:23 2000
@@ -38,6 +38,8 @@
 	AC_DEFINE(BROKEN_GETADDRINFO)
 	dnl AIX handles lastlog as part of its login message
 	AC_DEFINE(DISABLE_LASTLOG)
+	MANTYPE='$(CATMAN)'
+	mansubdir=cat
 	;;
 *-*-hpux10*)
 	if test -z "$GCC"; then
@@ -168,7 +170,7 @@
 fi
 
 # Checks for header files.
-AC_CHECK_HEADERS(bstring.h endian.h lastlog.h login.h maillock.h netdb.h
netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h
sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stropts.h
sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h util.h utmp.h utmpx.h)
+AC_CHECK_HEADERS(bstring.h endian.h lastlog.h login.h maillock.h netdb.h
netgroup.h netinet/in_systm.h paths.h poll.h pty.h shadow.h security/pam_appl.h
sys/bitypes.h sys/bsdtty.h sys/cdefs.h sys/poll.h sys/select.h sys/stropts.h
sys/sysmacros.h sys/time.h sys/ttcompat.h stddef.h time.h usersec.h util.h
utmp.h utmpx.h)
 
 # Checks for library functions.
 AC_CHECK_FUNCS(arc4random atexit b64_ntop bcopy bindresvport_af clock
freeaddrinfo gai_strerror getaddrinfo getnameinfo getrusage innetgr md5_crypt
memmove mkdtemp on_exit openpty rresvport_af setenv seteuid setlogin
setproctitle setreuid snprintf strlcat strlcpy vsnprintf vhangup _getpty
__b64_ntop)
@@ -183,6 +185,11 @@
 AC_CHECK_FUNCS(entutxent getutxent getutxid getutxline pututxline )
 AC_CHECK_FUNCS(setutxent utmpxname)
 
+AC_CHECK_FUNC(getuserattr, 
+	[AC_DEFINE(HAVE_GETUSERATTR)],
+	[AC_CHECK_LIB(s, getuserattr, [LIBS="$LIBS -ls";
AC_DEFINE(HAVE_GETUSERATTR)])]
+)
+
 AC_CHECK_FUNC(login, 
 	[AC_DEFINE(HAVE_LOGIN)],
 	[AC_CHECK_LIB(bsd, login, [LIBS="$LIBS -lbsd";
AC_DEFINE(HAVE_LOGIN)])]
@@ -994,7 +1001,7 @@
 		[ char *lastlog = _PATH_LASTLOG; ],
 		[ AC_MSG_RESULT(yes) ],
 		[
-			AC_MSG_RESULT(no),
+			AC_MSG_RESULT(no)
 			system_lastlog_path=no
 		])
 	]
--- config.h.in~	Fri Jun  9 06:56:25 2000
+++ config.h.in	Fri Jun 16 11:21:24 2000
@@ -242,6 +242,9 @@
 /* Define if you have the gettimeofday function.  */
 #undef HAVE_GETTIMEOFDAY
 
+/* Define if you have the getuserattr function.  */
+#undef HAVE_GETUSERATTR
+
 /* Define if you have the getutent function.  */
 #undef HAVE_GETUTENT
 
@@ -421,6 +424,9 @@
 
 /* Define if you have the <time.h> header file.  */
 #undef HAVE_TIME_H
+
+/* Define if you have the <usersec.h> header file.  */
+#undef HAVE_USERSEC_H
 
 /* Define if you have the <util.h> header file.  */
 #undef HAVE_UTIL_H
--- loginrec.c~	Wed Jun  7 07:32:13 2000
+++ loginrec.c	Fri Jun 16 11:57:42 2000
@@ -1289,7 +1300,9 @@
 lastlog_populate_entry(struct logininfo *li, struct lastlog *last)
 {
 	line_fullname(li->line, last->ll_line, sizeof(li->line));
-	strlcpy(li->hostname, last->ll_host, sizeof(li->hostname));
+	strlcpy(li->hostname, last->ll_host,
+		sizeof(li->hostname) < sizeof(last->ll_host) + 1 ?
+		sizeof(li->hostname) : sizeof(last->ll_host) + 1);
 	li->tv_sec = last->ll_time;
 }
 
--- session.c~	Wed Jun  7 07:22:38 2000
+++ session.c	Fri Jun 16 11:21:24 2000
@@ -9,6 +9,9 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: session.c,v 1.17 2000/06/05 19:53:40 markus Exp $");
+#if defined(HAVE_USERSEC_H)
+#include <usersec.h>
+#endif
 
 #include "xmalloc.h"
 #include "ssh.h"
@@ -836,6 +839,41 @@
 	   switch, so we let login(1) to this for us. */
 	if (!options.use_login) {
 		if (getuid() == 0 || geteuid() == 0) {
+#if defined(HAVE_GETUSERATTR)
+			struct rlimit rlim;
+			rlim_t tlim;
+			int mask;
+
+#define set_limit(SOFT, HARD, RLIMIT, MULTIPLIER)			\
+	getrlimit(RLIMIT, &rlim);					\
+	tlim = (rlim_t) 0;						\
+	if (getuserattr(pw->pw_name, SOFT, &tlim, SEC_INT) != -1 &&
tlim) \
+		rlim.rlim_cur = tlim * MULTIPLIER;			\
+	tlim = (rlim_t) 0;						\
+	if (getuserattr(pw->pw_name, HARD, &tlim, SEC_INT) != -1 &&
tlim) \
+		rlim.rlim_max = tlim * MULTIPLIER;			\
+	if (rlim.rlim_cur > rlim.rlim_max)				\
+		rlim.rlim_max = rlim.rlim_cur;				\
+	if (setrlimit(RLIMIT, &rlim) != 0)				\
+		error("setrlimit(%.10s) failed: %.100s", SOFT, strerror(errno))
+
+			set_limit(S_UFSIZE, S_UFSIZE_HARD, RLIMIT_FSIZE, 512);
+			set_limit(S_UCPU, S_UCPU_HARD, RLIMIT_CPU, 1);
+			set_limit(S_UDATA, S_UDATA_HARD, RLIMIT_DATA, 512);
+			set_limit(S_USTACK, S_USTACK_HARD, RLIMIT_STACK, 512);
+			set_limit(S_URSS, S_URSS_HARD, RLIMIT_RSS, 512);
+			set_limit(S_UCORE, S_UCORE_HARD, RLIMIT_CORE, 512);
+#if defined(S_UNOFILE)
+			set_limit(S_UNOFILE, S_UNOFILE_HARD, RLIMIT_NOFILE, 1);
+#endif
+
+			if (getuserattr(pw->pw_name, S_UMASK, &mask, SEC_INT) != -1) {
+				/* Convert decimal to octal */
+				(void) snprintf(buf, sizeof buf, "%d", mask);
+				(void) sscanf(buf, "%o", &mask);
+				(void) umask(mask);
+			}
+#endif
 			if (setgid(pw->pw_gid) < 0) {
 				perror("setgid");
 				exit(1);