Re: [PATCH v2] who --mesg now checks the group of TTY devices

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] who --mesg now checks the group of TTY devices

From:	Jim Meyering
Subject:	Re: [PATCH v2] who --mesg now checks the group of TTY devices
Date:	Mon, 25 Jan 2010 11:51:10 +0100

Kamil Dudka wrote:
> On Saturday 23 of January 2010 02:43:39 Kamil Dudka wrote:
>> On Saturday 23 of January 2010 00:54:44 Kamil Dudka wrote:
>> > # ls -l /dev/tty?
>> > crw--w----. 1 root root 4, 0 2010-01-22 18:48 /dev/tty0
>> > crw--w----. 1 root root 4, 1 2010-01-22 18:48 /dev/tty1
>> > crw--w----. 1 root tty  4, 2 2010-01-22 18:50 /dev/tty2
>> > crw-------. 1 root root 4, 3 2010-01-22 18:48 /dev/tty3
>> > crw-------. 1 root root 4, 4 2010-01-22 18:48 /dev/tty4
>> > crw-------. 1 root root 4, 5 2010-01-22 18:48 /dev/tty5
>> > crw-------. 1 root root 4, 6 2010-01-22 18:48 /dev/tty6
>> > crw--w----. 1 root tty  4, 7 2010-01-22 18:48 /dev/tty7
>> > crw--w----. 1 root tty  4, 8 2010-01-22 18:48 /dev/tty8
>> > crw--w----. 1 root tty  4, 9 2010-01-22 18:48 /dev/tty9
>>
>> The listing above is in fact a bit misleading since the group is changed
>> to "tty" within login.c from util-linux-ng.
>
> Note that util-linux-ng is not the only package providing login.
>
> Other systems may use e.g. shadow.  Then the TTY group can be set
> in /etc/login.defs.  Look at the TTYGROUP option here:
>
> http://vmlinux.org/cgi-bin/dwww?type=runman&location=login.defs/5

That's a good argument for making this configurable, as you've done.
Thanks.

I've pushed this,
[rewritten NEWS, and tweaked comments in the .m4 file]

>From aad0bde0b5aa6ccf2714f43676d4941f820c6283 Mon Sep 17 00:00:00 2001
From: Kamil Dudka <address@hidden>
Date: Fri, 22 Jan 2010 15:17:19 +0100
Subject: [PATCH] who --mesg (-T) can use a more accurate test for TTY 
writability

Enabled when coreutils is configured with --with-tty-group.
Based on a patch written by Piotr Gackiewicz.  Details at
http://bugzilla.redhat.com/454261

* src/who.c (is_tty_writable): A new function returning true if a TTY
device is writable by the group.  Additionally it checks the group to be
the same as TTY_GROUP_NAME when compiled with --with-tty-group.
* m4/jm-macros.m4: Introduce a new configure option --with-tty-group.
* NEWS: Mention the change.
---
 NEWS            |   12 ++++++++++++
 THANKS          |    1 +
 m4/jm-macros.m4 |   19 +++++++++++++++++++
 src/who.c       |   22 +++++++++++++++++++++-
 4 files changed, 53 insertions(+), 1 deletions(-)

diff --git a/NEWS b/NEWS
index 530ff95..f4c7f97 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,18 @@ GNU coreutils NEWS                                    -*- 
outline -*-

 * Noteworthy changes in release ?.? (????-??-??) [?]

+** New features
+
+  who: the "+/-" --mesg (-T) indicator of whether a user/tty is accepting
+  messages could be incorrectly listed as "+", when in fact, the user was
+  not accepting messages (mesg no).  Before, who would examine only the
+  permission bits, and not consider the group of the TTY device file.
+  Thus, if a login tty's group would change somehow e.g., to "root",
+  that would make it unwritable (via write(1)) by normal users, in spite
+  of whatever the permission bits might imply.  Now, when configured
+  using the --with-tty-group[=NAME] option, who also compares the group
+  of the TTY device with NAME (or "tty" if no group name is specified).
+

 * Noteworthy changes in release 8.4 (2010-01-13) [stable]

diff --git a/THANKS b/THANKS
index 1207368..d8cdf82 100644
--- a/THANKS
+++ b/THANKS
@@ -495,6 +495,7 @@ Philippe Schnoebelen                address@hidden
 Phillip Jones                       address@hidden
 Piergiorgio Sartor                  address@hidden
 Pieter Bowman                       address@hidden
+Piotr Gackiewicz                    address@hidden
 Piotr Kwapulinski                   address@hidden
 Prashant TR                         address@hidden
 Priit Jõerüüt                       address@hidden
diff --git a/m4/jm-macros.m4 b/m4/jm-macros.m4
index 2713827..0ddbf2f 100644
--- a/m4/jm-macros.m4
+++ b/m4/jm-macros.m4
@@ -144,6 +144,25 @@ AC_DEFUN([coreutils_MACROS],
     ])

   AC_REQUIRE([AM_LANGINFO_CODESET])
+
+  # Accept configure options: --with-tty-group[=GROUP], --without-tty-group
+  # You can determine the group of a TTY via 'stat --format %G /dev/tty'
+  # Omitting this option is equivalent to using --without-tty-group.
+  AC_ARG_WITH([tty-group],
+    AS_HELP_STRING([--with-tty-group[[[=NAME]]]],
+      [group used by system for TTYs, "tty" when not specified]
+      [ (default: do not rely on any group used for TTYs)]),
+    [tty_group_name=$withval],
+    [tty_group_name=no])
+
+  if test "x$tty_group_name" != xno; then
+    if test "x$tty_group_name" = xyes; then
+      tty_group_name=tty
+    fi
+    AC_MSG_NOTICE([TTY group used by system set to "$tty_group_name"])
+    AC_DEFINE_UNQUOTED([TTY_GROUP_NAME], ["$tty_group_name"],
+      [group used by system for TTYs])
+  fi
 ])

 AC_DEFUN([gl_CHECK_ALL_HEADERS],
diff --git a/src/who.c b/src/who.c
index f71db3b..4859694 100644
--- a/src/who.c
+++ b/src/who.c
@@ -37,6 +37,10 @@
 #include "hard-locale.h"
 #include "quote.h"

+#ifdef TTY_GROUP_NAME
+# include <grp.h>
+#endif
+
 /* The official name of this program (e.g., no `g' prefix).  */
 #define PROGRAM_NAME "who"

@@ -308,6 +312,22 @@ print_line (int userlen, const char *user, const char 
state,
   free (x_exitstr);
 }

+/* Return true if a terminal device given as PSTAT allows other users
+   to send messages to; false otherwise */
+static bool
+is_tty_writable (struct stat const *pstat)
+{
+#ifdef TTY_GROUP_NAME
+  /* Ensure the group of the TTY device matches TTY_GROUP_NAME, more info at
+     https://bugzilla.redhat.com/454261 */
+  struct group *ttygr = getgrnam (TTY_GROUP_NAME);
+  if (!ttygr || (pstat->st_gid != ttygr->gr_gid))
+    return false;
+#endif
+
+  return pstat->st_mode & S_IWGRP;
+}
+
 /* Send properly parsed USER_PROCESS info to print_line.  The most
    recent boot time is BOOTTIME. */
 static void
@@ -346,7 +366,7 @@ print_user (const STRUCT_UTMP *utmp_ent, time_t boottime)

   if (stat (line, &stats) == 0)
     {
-      mesg = (stats.st_mode & S_IWGRP) ? '+' : '-';
+      mesg = is_tty_writable (&stats) ? '+' : '-';
       last_change = stats.st_atime;
     }
   else
--
1.6.6.1.557.g77031

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] who: --mesg now respects also group of a TTY, Kamil Dudka, 2010/01/20
- Re: [PATCH] who: --mesg now respects also group of a TTY, Jim Meyering, 2010/01/21
  - Re: [PATCH] who: --mesg now respects also group of a TTY, Kamil Dudka, 2010/01/21
    - Re: [PATCH] who: --mesg now respects also group of a TTY, Jim Meyering, 2010/01/21
    - [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/22
    - Re: [PATCH v2] who --mesg now checks the group of TTY devices, Jim Meyering, 2010/01/22
    - Re: [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/22
    - Re: [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/22
    - Re: [PATCH v2] who --mesg now checks the group of TTY devices, Kamil Dudka, 2010/01/23
    - Re: [PATCH v2] who --mesg now checks the group of TTY devices, Jim Meyering <=

Prev by Date: [PATCH] tests: fix a syntax-check rule to pass in non-srcdir build
Next by Date: Re: Incorrect use of USE_XATTR in coreutils-8.4
Previous by thread: Re: [PATCH v2] who --mesg now checks the group of TTY devices
Next by thread: Issue with Terminal command
Index(es):
- Date
- Thread