diff --git a/src/etc/config.xml.sample b/src/etc/config.xml.sample index 26a4ec0c1..83d581ae8 100644 --- a/src/etc/config.xml.sample +++ b/src/etc/config.xml.sample @@ -204,7 +204,6 @@ admins $2b$10$YRVoF4SgskIsrXOvOQjGieB9XqHPRra9R7d80B3BZdbY/j21TwBfS 0 - /bin/csh 2000 2000 diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index 884d66d79..902637c4b 100644 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -356,16 +356,21 @@ function userHasPrivilege($userent, $privid = false) return true; } -function auth_get_shells() +function auth_get_shells($uid = 0) { $shells = array('' => '/sbin/nologin'); + if ($uid == 0) { + $shells = array('' => '/usr/local/etc/rc.initial'); + } + $etc_shells = @file_get_contents('/etc/shells'); if (!empty($etc_shells)) { $etc_shells = explode("\n", $etc_shells); foreach ($etc_shells as $shell) { $shell = trim($shell); - if (!empty($shell) && strpos($shell, '#') !== 0) { + if (!empty($shell) && strpos($shell, '#') !== 0 && + strpos($shell, '/usr/local/etc/rc') !== 0) { $shells[$shell] = $shell; } } @@ -440,14 +445,21 @@ function local_user_set(&$user, $force_password = false) return; } - $user_uid = $user['uid']; - $user_name = $user['name']; $user_pass = $user['password']; - $user_home = "/home/{$user_name}"; - $user_shell = isset($user['shell']) ? $user['shell'] : '/sbin/nologin'; - $user_group = 'nobody'; + $user_name = $user['name']; + $user_uid = $user['uid']; $lock_account = 'lock'; + if ($user_uid == 0) { + $user_shell = isset($user['shell']) ? $user['shell'] : '/usr/local/etc/rc.initial'; + $user_group = 'wheel'; + $user_home = '/root'; + } else { + $user_shell = isset($user['shell']) ? $user['shell'] : '/sbin/nologin'; + $user_home = "/home/{$user_name}"; + $user_group = 'nobody'; + } + @mkdir('/home', 0755); /* admins access gives wheely rights */ @@ -465,12 +477,6 @@ function local_user_set(&$user, $force_password = false) $user_pass = '*'; } - /* root user special handling */ - if ($user_uid == 0) { - $user_shell = isset($user['shell']) ? $user['shell'] : '/usr/local/etc/rc.initial'; - $user_group = 'wheel'; - $user_home = '/root'; - } /* read from pw db */ $fd = popen("/usr/sbin/pw usershow -n {$user_name} 2>&1", "r"); diff --git a/src/etc/rc.importer b/src/etc/rc.importer index b7d5840ea..c15d4cc39 100755 --- a/src/etc/rc.importer +++ b/src/etc/rc.importer @@ -27,6 +27,11 @@ INSTALL="/.probe.for.install.media" MNT="/tmp/hdrescue" +if [ "$(id -u)" != "0" ]; then + echo "Must be root." + exit 1 +fi + bootstrap_and_exit() { # ensure config directory structure diff --git a/src/etc/rc.initial b/src/etc/rc.initial index 87227d5fe..3c492f52b 100755 --- a/src/etc/rc.initial +++ b/src/etc/rc.initial @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (c) 2014-2017 Franco Fichtner +# Copyright (c) 2014-2018 Franco Fichtner # Copyright (c) 2004-2011 Scott Ullrich # Copyright (c) 2003-2004 Manuel Kasper # All rights reserved. @@ -9,6 +9,11 @@ trap : 2 trap : 3 +if [ "$(id -u)" != "0" ]; then + echo "Must be root." + exit 1 +fi + # shell started with parameters, passthrough to real shell if [ -n "${*}" ]; then /bin/csh "${@}" diff --git a/src/etc/rc.initial.password b/src/etc/rc.initial.password index 4f9851b85..5bcee1ab2 100755 --- a/src/etc/rc.initial.password +++ b/src/etc/rc.initial.password @@ -76,6 +76,9 @@ if (isset($argv[2]) && isset($argv[3]) && $argv[2] === '-h' && $argv[3] === '0') if (isset($admin_user['disabled'])) { unset($admin_user['disabled']); } + if (isset($admin_user['shell'])) { + unset($admin_user['shell']); + } echo "new password for user {$admin_user['name']}:"; shell_exec('/bin/stty -echo'); @@ -127,6 +130,9 @@ $admin_user['name'] = 'root'; if (isset($admin_user['disabled'])) { unset($admin_user['disabled']); } +if (isset($admin_user['shell'])) { + unset($admin_user['shell']); +} echo "\nType a new password: "; diff --git a/src/etc/rc.installer b/src/etc/rc.installer index de7d442fb..30f5b40b7 100755 --- a/src/etc/rc.installer +++ b/src/etc/rc.installer @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright (c) 2014-2017 Franco Fichtner +# Copyright (c) 2014-2018 Franco Fichtner # Copyright (c) 2004-2009 Scott Ullrich # # Redistribution and use in source and binary forms, with or without @@ -24,6 +24,11 @@ # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. +if [ "$(id -u)" != "0" ]; then + echo "Must be root." + exit 1 +fi + sysctl kern.geom.debugflags=16 >/dev/null sysctl net.link.ether.inet.log_arp_wrong_iface=0 >/dev/null diff --git a/src/www/system_usermanager.php b/src/www/system_usermanager.php index 9f4c51e7e..20dc32532 100644 --- a/src/www/system_usermanager.php +++ b/src/www/system_usermanager.php @@ -76,7 +76,6 @@ function get_user_privdesc(& $user) return $privs; } -// link user section $a_user = &config_read_array('system', 'user'); // reset errors and action @@ -95,7 +94,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { } if ($act == "expcert" && isset($id)) { // export certificate - $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); + $cert = &lookup_cert($a_user[$id]['cert'][$_GET['certid']]); $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.crt"); $exp_data = base64_decode($cert['crt']); @@ -108,7 +107,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { exit; } elseif ($act == "expckey" && isset($id)) { // export private key - $cert =& lookup_cert($a_user[$id]['cert'][$_GET['certid']]); + $cert = &lookup_cert($a_user[$id]['cert'][$_GET['certid']]); $exp_name = urlencode("{$a_user[$id]['name']}-{$cert['descr']}.key"); $exp_data = base64_decode($cert['prv']); $exp_size = strlen($exp_data); @@ -304,7 +303,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { } } - if (count($input_errors)==0) { + if (!empty($pconfig['shell']) && !in_array($pconfig['shell'], auth_get_shells(isset($id) ? $a_user[$id]['uid'] : $config['system']['nextuid']))) { + $input_errors[] = gettext('Invalid login shell provided.'); + } + + if (!count($input_errors)) { $userent = array(); if (isset($id)) { @@ -646,8 +649,8 @@ $( document ).ready(function() {