Asking for root passwd when booting single user
Greg Ward
greg at lbl-csam.arpa
Sun Dec 25 07:51:24 AEST 1988
Since using /bin/login in /.profile has numerous problems already
mentioned, such as timing out if not execed and booting mulituser without
repairing the filesystem otherwise, I have written a simple C program to
block until the user enters the correct password. I have installed it as
/etc/checkpass under 3.5, and the -l option tells the program to loop
until the correct password is entered. By default, it simply returns a
status indicating whether the password entered was correct. I don't know
about using this with yellow pages, since it reads /etc/passwd to do the
check.
First, compile the program:
cc -O -n -s checkpass.c -o /etc/checkpass
Then, insert this line (early) in /.profile:
/etc/checkpass -l root
When the machine boots singleuser, the program will set raw mode, block
signals, and prompt the user for the root password. If it is entered
incorrectly, it simply repeats the prompt. Note that this has the same
benefits and hazards of the 4.0 security lockout, namely an inability to
fix a busted or forgotton root password without booting from tape!
This software is public domain and as is...
------------------------ CUT HERE -----------------------------
/*
* checkpass.c - Verify password.
*
* 4/20/88
* Greg Ward
*/
#include <stdio.h>
#include <signal.h>
#include <pwd.h>
extern char *crypt(), *strcat(), *getpass();
main(argc, argv)
int argc;
char *argv[];
{
static char prompt[64] = "Password for ";
int loop = 0;
struct passwd *pwd;
int i;
/* block signals */
sigsetmask(~0);
/* get arguments */
for (i = 1; i < argc; i++)
if (!strcmp(argv[i], "-l"))
loop++;
else
break;
if (i != argc-1)
usage(argv[0]);
pwd = getpwnam(argv[i]); /* get password entry */
if (pwd == NULL) { /* bad user name */
fputs(argv[i], stderr);
fputs(": unknown login\n", stderr);
exit(1);
}
strcat(prompt, pwd->pw_name);
strcat(prompt, ":");
do /* check password */
if (!strcmp(pwd->pw_passwd, crypt(getpass(prompt), pwd->pw_passwd)))
exit(0);
while (loop);
exit(2); /* fail */
}
usage(progname)
char *progname;
{
fputs("Usage: ", stderr);
fputs(progname, stderr);
fputs(" [-l] logname\n", stderr);
exit(1);
}
More information about the Comp.sys.sun
mailing list