[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2] who --mesg now checks the group of TTY devices
From: |
Jim Meyering |
Subject: |
Re: [PATCH v2] who --mesg now checks the group of TTY devices |
Date: |
Mon, 25 Jan 2010 11:51:10 +0100 |
Kamil Dudka wrote:
> On Saturday 23 of January 2010 02:43:39 Kamil Dudka wrote:
>> On Saturday 23 of January 2010 00:54:44 Kamil Dudka wrote:
>> > # ls -l /dev/tty?
>> > crw--w----. 1 root root 4, 0 2010-01-22 18:48 /dev/tty0
>> > crw--w----. 1 root root 4, 1 2010-01-22 18:48 /dev/tty1
>> > crw--w----. 1 root tty 4, 2 2010-01-22 18:50 /dev/tty2
>> > crw-------. 1 root root 4, 3 2010-01-22 18:48 /dev/tty3
>> > crw-------. 1 root root 4, 4 2010-01-22 18:48 /dev/tty4
>> > crw-------. 1 root root 4, 5 2010-01-22 18:48 /dev/tty5
>> > crw-------. 1 root root 4, 6 2010-01-22 18:48 /dev/tty6
>> > crw--w----. 1 root tty 4, 7 2010-01-22 18:48 /dev/tty7
>> > crw--w----. 1 root tty 4, 8 2010-01-22 18:48 /dev/tty8
>> > crw--w----. 1 root tty 4, 9 2010-01-22 18:48 /dev/tty9
>>
>> The listing above is in fact a bit misleading since the group is changed
>> to "tty" within login.c from util-linux-ng.
>
> Note that util-linux-ng is not the only package providing login.
>
> Other systems may use e.g. shadow. Then the TTY group can be set
> in /etc/login.defs. Look at the TTYGROUP option here:
>
> http://vmlinux.org/cgi-bin/dwww?type=runman&location=login.defs/5
That's a good argument for making this configurable, as you've done.
Thanks.
I've pushed this,
[rewritten NEWS, and tweaked comments in the .m4 file]
>From aad0bde0b5aa6ccf2714f43676d4941f820c6283 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <address@hidden>
Date: Fri, 22 Jan 2010 15:17:19 +0100
Subject: [PATCH] who --mesg (-T) can use a more accurate test for TTY
writability
Enabled when coreutils is configured with --with-tty-group.
Based on a patch written by Piotr Gackiewicz. Details at
http://bugzilla.redhat.com/454261
* src/who.c (is_tty_writable): A new function returning true if a TTY
device is writable by the group. Additionally it checks the group to be
the same as TTY_GROUP_NAME when compiled with --with-tty-group.
* m4/jm-macros.m4: Introduce a new configure option --with-tty-group.
* NEWS: Mention the change.
---
NEWS | 12 ++++++++++++
THANKS | 1 +
m4/jm-macros.m4 | 19 +++++++++++++++++++
src/who.c | 22 +++++++++++++++++++++-
4 files changed, 53 insertions(+), 1 deletions(-)
diff --git a/NEWS b/NEWS
index 530ff95..f4c7f97 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,18 @@ GNU coreutils NEWS -*-
outline -*-
* Noteworthy changes in release ?.? (????-??-??) [?]
+** New features
+
+ who: the "+/-" --mesg (-T) indicator of whether a user/tty is accepting
+ messages could be incorrectly listed as "+", when in fact, the user was
+ not accepting messages (mesg no). Before, who would examine only the
+ permission bits, and not consider the group of the TTY device file.
+ Thus, if a login tty's group would change somehow e.g., to "root",
+ that would make it unwritable (via write(1)) by normal users, in spite
+ of whatever the permission bits might imply. Now, when configured
+ using the --with-tty-group[=NAME] option, who also compares the group
+ of the TTY device with NAME (or "tty" if no group name is specified).
+
* Noteworthy changes in release 8.4 (2010-01-13) [stable]
diff --git a/THANKS b/THANKS
index 1207368..d8cdf82 100644
--- a/THANKS
+++ b/THANKS
@@ -495,6 +495,7 @@ Philippe Schnoebelen address@hidden
Phillip Jones address@hidden
Piergiorgio Sartor address@hidden
Pieter Bowman address@hidden
+Piotr Gackiewicz address@hidden
Piotr Kwapulinski address@hidden
Prashant TR address@hidden
Priit Jõerüüt address@hidden
diff --git a/m4/jm-macros.m4 b/m4/jm-macros.m4
index 2713827..0ddbf2f 100644
--- a/m4/jm-macros.m4
+++ b/m4/jm-macros.m4
@@ -144,6 +144,25 @@ AC_DEFUN([coreutils_MACROS],
])
AC_REQUIRE([AM_LANGINFO_CODESET])
+
+ # Accept configure options: --with-tty-group[=GROUP], --without-tty-group
+ # You can determine the group of a TTY via 'stat --format %G /dev/tty'
+ # Omitting this option is equivalent to using --without-tty-group.
+ AC_ARG_WITH([tty-group],
+ AS_HELP_STRING([--with-tty-group[[[=NAME]]]],
+ [group used by system for TTYs, "tty" when not specified]
+ [ (default: do not rely on any group used for TTYs)]),
+ [tty_group_name=$withval],
+ [tty_group_name=no])
+
+ if test "x$tty_group_name" != xno; then
+ if test "x$tty_group_name" = xyes; then
+ tty_group_name=tty
+ fi
+ AC_MSG_NOTICE([TTY group used by system set to "$tty_group_name"])
+ AC_DEFINE_UNQUOTED([TTY_GROUP_NAME], ["$tty_group_name"],
+ [group used by system for TTYs])
+ fi
])
AC_DEFUN([gl_CHECK_ALL_HEADERS],
diff --git a/src/who.c b/src/who.c
index f71db3b..4859694 100644
--- a/src/who.c
+++ b/src/who.c
@@ -37,6 +37,10 @@
#include "hard-locale.h"
#include "quote.h"
+#ifdef TTY_GROUP_NAME
+# include <grp.h>
+#endif
+
/* The official name of this program (e.g., no `g' prefix). */
#define PROGRAM_NAME "who"
@@ -308,6 +312,22 @@ print_line (int userlen, const char *user, const char
state,
free (x_exitstr);
}
+/* Return true if a terminal device given as PSTAT allows other users
+ to send messages to; false otherwise */
+static bool
+is_tty_writable (struct stat const *pstat)
+{
+#ifdef TTY_GROUP_NAME
+ /* Ensure the group of the TTY device matches TTY_GROUP_NAME, more info at
+ https://bugzilla.redhat.com/454261 */
+ struct group *ttygr = getgrnam (TTY_GROUP_NAME);
+ if (!ttygr || (pstat->st_gid != ttygr->gr_gid))
+ return false;
+#endif
+
+ return pstat->st_mode & S_IWGRP;
+}
+
/* Send properly parsed USER_PROCESS info to print_line. The most
recent boot time is BOOTTIME. */
static void
@@ -346,7 +366,7 @@ print_user (const STRUCT_UTMP *utmp_ent, time_t boottime)
if (stat (line, &stats) == 0)
{
- mesg = (stats.st_mode & S_IWGRP) ? '+' : '-';
+ mesg = is_tty_writable (&stats) ? '+' : '-';
last_change = stats.st_atime;
}
else
--
1.6.6.1.557.g77031
- [PATCH] who: --mesg now respects also group of a TTY, Kamil Dudka, 2010/01/20
- Re: [PATCH] who: --mesg now respects also group of a TTY, Jim Meyering, 2010/01/21
- Re: [PATCH] who: --mesg now respects also group of a TTY, Kamil Dudka, 2010/01/21
- Re: [PATCH] who: --mesg now respects also group of a TTY, Jim Meyering, 2010/01/21
- [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/22
- Re: [PATCH v2] who --mesg now checks the group of TTY devices, Jim Meyering, 2010/01/22
- Re: [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/22
- Re: [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/22
- Re: [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/23
- Re: [PATCH v2] who --mesg now checks the group of TTY devices,
Jim Meyering <=