Commit | Line | Data |
---|---|---|
b8c7cef9 H |
1 | //Harvie 2o11 - Warning: Not bulletproof yet! |
2 | #define ENV_PREFIX "JAIL_" | |
3 | #define DEFAULT_JAIL "/var/ssh-chroot" | |
4 | ||
4e98ead2 JL |
5 | #include <stdio.h> |
6 | #include <stdlib.h> | |
4e98ead2 | 7 | |
b8c7cef9 H |
8 | #define PAM_SM_SESSION |
9 | #include <security/pam_modules.h> | |
4e98ead2 | 10 | |
b8c7cef9 H |
11 | PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { |
12 | const char* user; | |
13 | pam_get_user(pamh, &user, "login: "); | |
14 | //printf("Welcome %s\n", user); | |
4e98ead2 | 15 | |
b8c7cef9 H |
16 | setenv(ENV_PREFIX "USER", user, 1); |
17 | setenv(ENV_PREFIX "DIR", DEFAULT_JAIL, 1); | |
18 | if(argc > 0) setenv(ENV_PREFIX "DIR", argv[0], 1); | |
4e98ead2 | 19 | |
4e98ead2 | 20 | |
b8c7cef9 H |
21 | //system("echo start $HOME; echo a && true && echo b && false && echo c"); |
22 | setuid(0); setgid(0); | |
23 | system("mkdir -p \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\""); | |
24 | system("chown root:root \"$JAIL_DIR/$JAIL_USER\""); | |
25 | system("chown \"$JAIL_USER:$JAIL_USER\" \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\""); | |
8acf9fe9 | 26 | system("mountpoint -q \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\" || mount -o bind \"/home/$JAIL_USER\" \"$JAIL_DIR/$JAIL_USER/$JAIL_USER\""); |
4e98ead2 | 27 | |
b8c7cef9 | 28 | return PAM_SUCCESS; //PAM_SESSION_ERR | PAM_SUCCESS |
4e98ead2 | 29 | } |