mirror of https://gogs.blitter.com/RLabs/xs
Added server -L option to use host builtin login
Signed-off-by: Russ Magee <rmagee@gmail.com>
This commit is contained in:
parent
4c0b3a405d
commit
795adf6aa0
|
@ -38,6 +38,8 @@ var (
|
||||||
version string
|
version string
|
||||||
gitCommit string // set in -ldflags by build
|
gitCommit string // set in -ldflags by build
|
||||||
|
|
||||||
|
useSysLogin bool
|
||||||
|
|
||||||
// Log - syslog output (with no -d)
|
// Log - syslog output (with no -d)
|
||||||
Log *logger.Writer
|
Log *logger.Writer
|
||||||
)
|
)
|
||||||
|
@ -276,8 +278,18 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *hkexnet.C
|
||||||
|
|
||||||
var c *exec.Cmd
|
var c *exec.Cmd
|
||||||
if interactive {
|
if interactive {
|
||||||
//c = exec.Command("/bin/login", "-f", "-p", who) // nolint: gosec
|
if useSysLogin {
|
||||||
|
// Use the server's login binary (post-auth
|
||||||
|
// which is still done via our own bcrypt file)
|
||||||
|
// Things UNIX login does, like print the 'motd',
|
||||||
|
// and use the shell specified by /etc/passwd, will be done
|
||||||
|
// automagically, at the cost of another external tool
|
||||||
|
// dependency.
|
||||||
|
//
|
||||||
|
c = exec.Command("/bin/login", "-f", "-p", who) // nolint: gosec
|
||||||
|
} else {
|
||||||
c = exec.Command("/bin/bash", "-i", "-l") // nolint: gosec
|
c = exec.Command("/bin/bash", "-i", "-l") // nolint: gosec
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
c = exec.Command("/bin/bash", "-c", cmd) // nolint: gosec
|
c = exec.Command("/bin/bash", "-c", cmd) // nolint: gosec
|
||||||
}
|
}
|
||||||
|
@ -286,8 +298,13 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *hkexnet.C
|
||||||
//c.Env = []string{"HOME=" + u.HomeDir, "SUDO_GID=", "SUDO_UID=", "SUDO_USER=", "SUDO_COMMAND=", "MAIL=", "LOGNAME="+who}
|
//c.Env = []string{"HOME=" + u.HomeDir, "SUDO_GID=", "SUDO_UID=", "SUDO_USER=", "SUDO_COMMAND=", "MAIL=", "LOGNAME="+who}
|
||||||
c.Dir = u.HomeDir
|
c.Dir = u.HomeDir
|
||||||
c.SysProcAttr = &syscall.SysProcAttr{}
|
c.SysProcAttr = &syscall.SysProcAttr{}
|
||||||
//c.SysProcAttr.Credential = &syscall.Credential{}
|
if useSysLogin {
|
||||||
|
// If using server's login binary, drop to user creds
|
||||||
|
// is taken care of by it.
|
||||||
|
c.SysProcAttr.Credential = &syscall.Credential{}
|
||||||
|
} else {
|
||||||
c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
|
c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
|
||||||
|
}
|
||||||
c.Stdin = conn
|
c.Stdin = conn
|
||||||
c.Stdout = conn
|
c.Stdout = conn
|
||||||
c.Stderr = conn
|
c.Stderr = conn
|
||||||
|
@ -426,6 +443,7 @@ func main() {
|
||||||
|
|
||||||
flag.BoolVar(&vopt, "v", false, "show version")
|
flag.BoolVar(&vopt, "v", false, "show version")
|
||||||
flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen")
|
flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen")
|
||||||
|
flag.BoolVar(&useSysLogin, "L", false, "use system login")
|
||||||
flag.BoolVar(&chaffEnabled, "e", true, "enable chaff pkts")
|
flag.BoolVar(&chaffEnabled, "e", true, "enable chaff pkts")
|
||||||
flag.UintVar(&chaffFreqMin, "f", 100, "chaff pkt freq min (msecs)")
|
flag.UintVar(&chaffFreqMin, "f", 100, "chaff pkt freq min (msecs)")
|
||||||
flag.UintVar(&chaffFreqMax, "F", 5000, "chaff pkt freq max (msecs)")
|
flag.UintVar(&chaffFreqMax, "F", 5000, "chaff pkt freq max (msecs)")
|
||||||
|
|
Loading…
Reference in New Issue