diff --git a/CHANGES b/CHANGES index bce5563..90824af 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,31 @@ CHANGES ======= +version 8.1.12 (Sep 5, 2005): + - printf() fix for autologin - patch by Menno Duursma + + - newly spawned (from SIGHUP) processes didn't properly close + primary socket + - SSL certificates now work again (anonymous ciphers are not + allowed if a certificate is used) + - client options -x, -u, -w, and -i can now take a console name + to restrict output - suggested by Evan McClure + + - convert program now installed in $libdir/conserver - patch by + Petter Reinholdtsen + - we now ignore SIGXFSZ, if it exists + - added 'limited' access option to remove certain functionality + from users - suggested by Sven Michels + - added client option -z/-Z for sending commands to servers + (reload, quit, etc) - based on suggestion by Joshua Pincus + + - added 'execrunas' and 'initrunas' console options to allow + 'exec' and 'initcmd' execution as another user and/or group - + based on patch by Gary Mills + - the east coast mirror had to shut down (for now, at least) + - crash from bad pointer manipulation during log replay - reported by + Ryan Kirkpatrick + version 8.1.11 (Nov 9, 2004): - fixed array bounds and stack tromping - reported by Emmett Hogan @@ -788,5 +813,5 @@ before version 6.05: and enhancements of various types were applied. # -# $Id: CHANGES,v 1.196 2004/11/09 09:01:41 bryan Exp $ +# $Id: CHANGES,v 1.210 2005/09/05 23:15:27 bryan Exp $ # diff --git a/INSTALL b/INSTALL index c217485..0d46cf9 100644 --- a/INSTALL +++ b/INSTALL @@ -228,10 +228,10 @@ Detailed Instructions step. + Next, make sure conserver runs during boot. The init script we - use under Solaris is installed in /etc/conserver.rc. - Use that or some form of it for your own /etc/init.d script or - an entry in startup files (/etc/rc, /etc/rc.local, or - whatever). + use under Solaris is installed in + /examples/conserver/conserver.rc. Use that or some + form of it for your own /etc/init.d script or an entry in + startup files (/etc/rc, /etc/rc.local, or whatever). + Now for the fun stuff. You need to create a conserver.cf and conserver.passwd file. Those are defined with the @@ -278,5 +278,5 @@ Other Information And Gotchas # -# $Id: INSTALL,v 1.38 2004/04/13 18:11:58 bryan Exp $ +# $Id: INSTALL,v 1.39 2005/05/21 13:47:16 bryan Exp $ # diff --git a/PROTOCOL b/PROTOCOL index 2580ef3..cf9297e 100644 --- a/PROTOCOL +++ b/PROTOCOL @@ -106,10 +106,13 @@ Upon successful login, the commands available are: groups provide ports for group leaders help this help message master provide a list of master servers + newlogs* close and open all logfiles (SIGUSR2) pid provide pid of master process quit* terminate conserver (SIGTERM) - restart* restart conserver (SIGHUP) + restart* restart conserver (SIGHUP) - deprecated + reconfig* reread config file (SIGHUP) version provide version info for server + up* bring up all downed consoles (SIGUSR1) * = requires admin privileges "exit" and "help" are the same as before the client logged login. @@ -130,23 +133,36 @@ names. The list includes any hosts (including the possibility of the local host) which have locally managed consoles. The client is not disconnected. +The "newlogs" command reopens all logfiles used by conserver, assuming +the user has administrative access. It responds with a message starting +with "ok" if successful and an error message otherwise (like +"unauthorized command"). The client is disconnected if it's successful. + The "pid" command responds with the pid of the master process (in this case, the one the client is talking to). The client is not disconnected. The "quit" command will shut down conserver, assuming the user has administrative access. It responds with a message starting with "ok" if -successful, and an error message otherwise (like "unauthorized -command"). The client is disconnected if it's successful. +successful and an error message otherwise (like "unauthorized command"). +The client is disconnected if it's successful. -The "restart" command will shut down conserver, assuming the user has -administrative access. It responds with a message starting with "ok" if -successful, and an error message otherwise (like "unauthorized -command"). The client is not disconnected. +The "restart" command has been deprecated. You should use "reconfig". + +The "reconfig" command will cause conserver to reread the configuration +file and apply any changes, assuming the user has administrative access. +It responds with a message starting with "ok" if successful and an error +message otherwise (like "unauthorized command"). The client is not +disconnected. The "version" command responds with the version string. The client is not disconnected. +The "up" command tries to "bring up" all disconnected consoles, assuming +the user has administrative access. It responds with a message starting +with "ok" if successful and an error message otherwise (like +"unauthorized command"). The client is disconnected if it's successful. + "group" Mode ------------ @@ -286,5 +302,5 @@ The more "interesting" escape sequences are the following. " -- spy mode]" # -# $Id: PROTOCOL,v 1.1 2004/04/16 16:50:55 bryan Exp $ +# $Id: PROTOCOL,v 1.2 2005/09/05 21:54:03 bryan Exp $ # diff --git a/README b/README index f7b911f..beeed60 100644 --- a/README +++ b/README @@ -21,7 +21,7 @@ Downloading Mirrors of the site are at: Australia http://planetmirror.com/pub/conserver/ - US-East http://conserver.syr.edu/ + Russia http://conserver.rinet.ru/ Systems Tested @@ -61,5 +61,5 @@ Contributions http://www.columbia.edu/acis/sy/unixdev/zinc # -# $Id: README,v 1.23 2004/05/27 23:39:29 bryan Exp $ +# $Id: README,v 1.24 2005/09/05 21:46:43 bryan Exp $ # diff --git a/TODO b/TODO index 4f9699b..b6d0eab 100644 --- a/TODO +++ b/TODO @@ -95,13 +95,20 @@ Bryan Stansell Sjolund - netgroup support? : Nikolaos Papavassiliou - + and Phil Dibowitz - send sequences to console on client connect? (to repaint screen, for example) : John Cagle - uucp locks : Sebastian Zagrodzki +- support more than 9 break sequences : Danish Mirza + thought it was easy, but adding more than could break things with + current encoding. doable, will have to think harder about it. + +- reintroduce console grouping : Martin Turba + + # -# $Id: TODO,v 1.52 2004/11/06 01:03:36 bryan Exp $ +# $Id: TODO,v 1.55 2005/06/06 23:02:36 bryan Exp $ # diff --git a/autologin/autologin.c b/autologin/autologin.c index e4dd5f0..12a179f 100644 --- a/autologin/autologin.c +++ b/autologin/autologin.c @@ -69,7 +69,7 @@ */ #ifndef lint -char *rcsid = "$Id: autologin.c,v 1.23 2002/09/21 06:29:39 bryan Exp $"; +char *rcsid = "$Id: autologin.c,v 1.24 2004/12/12 07:36:07 bryan Exp $"; #endif /* not lint */ extern char *progname; gid_t awGrps[NGROUPS_MAX]; @@ -126,7 +126,7 @@ Process() #if defined(HAVE_BSM_AUDIT_H) && defined(HAVE_LIBBSM) if (0 != gethostname(my_hostname, sizeof(my_hostname))) { - (void) fprintf(stderr, "%s: gethostname: %s\n", strerror(errno)); + (void) fprintf(stderr, "%s: gethostname: %s\n", progname, strerror(errno)); exit(1); /* NOTREACHED */ } diff --git a/config.guess b/config.guess index c28419d..ad5281e 100755 --- a/config.guess +++ b/config.guess @@ -1,9 +1,9 @@ #! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc. +# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. -timestamp='2004-10-25' +timestamp='2005-08-03' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -17,13 +17,15 @@ timestamp='2004-10-25' # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. + # Originally written by Per Bothner . # Please send patches to . Submit a context # diff and a properly formatted ChangeLog entry. @@ -53,7 +55,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO @@ -66,11 +68,11 @@ Try \`$me --help' for more information." while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) - echo "$timestamp" ; exit 0 ;; + echo "$timestamp" ; exit ;; --version | -v ) - echo "$version" ; exit 0 ;; + echo "$version" ; exit ;; --help | --h* | -h ) - echo "$usage"; exit 0 ;; + echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. @@ -123,7 +125,7 @@ case $CC_FOR_BUILD,$HOST_CC,$CC in ;; ,,*) CC_FOR_BUILD=$CC ;; ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ;' +esac ; set_cc_for_build= ;' # This is needed to find uname on a Pyramid OSx when run in the BSD universe. # (ghazi@noc.rutgers.edu 1994-08-24) @@ -196,55 +198,20 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # contains redundant information, the shorter form: # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" - exit 0 ;; - amd64:OpenBSD:*:*) - echo x86_64-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - amiga:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - cats:OpenBSD:*:*) - echo arm-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - hp300:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - luna88k:OpenBSD:*:*) - echo m88k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mac68k:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - macppc:OpenBSD:*:*) - echo powerpc-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvme68k:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvme88k:OpenBSD:*:*) - echo m88k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvmeppc:OpenBSD:*:*) - echo powerpc-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - sgi:OpenBSD:*:*) - echo mips64-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - sun3:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; + exit ;; *:OpenBSD:*:*) - echo ${UNAME_MACHINE}-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; *:ekkoBSD:*:*) echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} - exit 0 ;; + exit ;; macppc:MirBSD:*:*) echo powerppc-unknown-mirbsd${UNAME_RELEASE} - exit 0 ;; + exit ;; *:MirBSD:*:*) echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} - exit 0 ;; + exit ;; alpha:OSF1:*:*) case $UNAME_RELEASE in *4.0) @@ -297,37 +264,43 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit 0 ;; + exit ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead # of the specific Alpha model? echo alpha-pc-interix - exit 0 ;; + exit ;; 21064:Windows_NT:50:3) echo alpha-dec-winnt3.5 - exit 0 ;; + exit ;; Amiga*:UNIX_System_V:4.0:*) echo m68k-unknown-sysv4 - exit 0;; + exit ;; *:[Aa]miga[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-amigaos - exit 0 ;; + exit ;; *:[Mm]orph[Oo][Ss]:*:*) echo ${UNAME_MACHINE}-unknown-morphos - exit 0 ;; + exit ;; *:OS/390:*:*) echo i370-ibm-openedition - exit 0 ;; + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; *:OS400:*:*) echo powerpc-ibm-os400 - exit 0 ;; + exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} - exit 0;; + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) echo hppa1.1-hitachi-hiuxmpp - exit 0;; + exit ;; Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. if test "`(/bin/universe) 2>/dev/null`" = att ; then @@ -335,32 +308,32 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in else echo pyramid-pyramid-bsd fi - exit 0 ;; + exit ;; NILE*:*:*:dcosx) echo pyramid-pyramid-svr4 - exit 0 ;; + exit ;; DRS?6000:unix:4.0:6*) echo sparc-icl-nx6 - exit 0 ;; + exit ;; DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7 && exit 0 ;; + sparc) echo sparc-icl-nx7; exit ;; esac ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; i86pc:SunOS:5.*:*) echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize # SunOS6. Hard to guess exactly what SunOS6 will be like, but # it's likely to be more like Solaris than SunOS4. echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; sun4*:SunOS:*:*) case "`/usr/bin/arch -k`" in Series*|S4*) @@ -369,10 +342,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in esac # Japanese Language versions have a version number like `4.1.3-JL'. echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit 0 ;; + exit ;; sun3*:SunOS:*:*) echo m68k-sun-sunos${UNAME_RELEASE} - exit 0 ;; + exit ;; sun*:*:4.2BSD:*) UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 @@ -384,10 +357,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in echo sparc-sun-sunos${UNAME_RELEASE} ;; esac - exit 0 ;; + exit ;; aushp:SunOS:*:*) echo sparc-auspex-sunos${UNAME_RELEASE} - exit 0 ;; + exit ;; # The situation for MiNT is a little confusing. The machine name # can be virtually everything (everything which is not # "atarist" or "atariste" at least should have a processor @@ -398,40 +371,40 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) echo m68k-milan-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) echo m68k-hades-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) echo m68k-unknown-mint${UNAME_RELEASE} - exit 0 ;; + exit ;; m68k:machten:*:*) echo m68k-apple-machten${UNAME_RELEASE} - exit 0 ;; + exit ;; powerpc:machten:*:*) echo powerpc-apple-machten${UNAME_RELEASE} - exit 0 ;; + exit ;; RISC*:Mach:*:*) echo mips-dec-mach_bsd4.3 - exit 0 ;; + exit ;; RISC*:ULTRIX:*:*) echo mips-dec-ultrix${UNAME_RELEASE} - exit 0 ;; + exit ;; VAX*:ULTRIX*:*:*) echo vax-dec-ultrix${UNAME_RELEASE} - exit 0 ;; + exit ;; 2020:CLIX:*:* | 2430:CLIX:*:*) echo clipper-intergraph-clix${UNAME_RELEASE} - exit 0 ;; + exit ;; mips:*:*:UMIPS | mips:*:*:RISCos) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c @@ -455,32 +428,33 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in exit (-1); } EOF - $CC_FOR_BUILD -o $dummy $dummy.c \ - && $dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \ - && exit 0 + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } echo mips-mips-riscos${UNAME_RELEASE} - exit 0 ;; + exit ;; Motorola:PowerMAX_OS:*:*) echo powerpc-motorola-powermax - exit 0 ;; + exit ;; Motorola:*:4.3:PL8-*) echo powerpc-harris-powermax - exit 0 ;; + exit ;; Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) echo powerpc-harris-powermax - exit 0 ;; + exit ;; Night_Hawk:Power_UNIX:*:*) echo powerpc-harris-powerunix - exit 0 ;; + exit ;; m88k:CX/UX:7*:*) echo m88k-harris-cxux7 - exit 0 ;; + exit ;; m88k:*:4*:R4*) echo m88k-motorola-sysv4 - exit 0 ;; + exit ;; m88k:*:3*:R3*) echo m88k-motorola-sysv3 - exit 0 ;; + exit ;; AViiON:dgux:*:*) # DG/UX returns AViiON for all architectures UNAME_PROCESSOR=`/usr/bin/uname -p` @@ -496,29 +470,29 @@ EOF else echo i586-dg-dgux${UNAME_RELEASE} fi - exit 0 ;; + exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 - exit 0 ;; + exit ;; M88*:*:R3*:*) # Delta 88k system running SVR3 echo m88k-motorola-sysv3 - exit 0 ;; + exit ;; XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) echo m88k-tektronix-sysv3 - exit 0 ;; + exit ;; Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) echo m68k-tektronix-bsd - exit 0 ;; + exit ;; *:IRIX*:*:*) echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit 0 ;; + exit ;; ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' i*86:AIX:*:*) echo i386-ibm-aix - exit 0 ;; + exit ;; ia64:AIX:*:*) if [ -x /usr/bin/oslevel ] ; then IBM_REV=`/usr/bin/oslevel` @@ -526,7 +500,7 @@ EOF IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} - exit 0 ;; + exit ;; *:AIX:2:3) if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then eval $set_cc_for_build @@ -541,14 +515,18 @@ EOF exit(0); } EOF - $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0 - echo rs6000-ibm-aix3.2.5 + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then echo rs6000-ibm-aix3.2.4 else echo rs6000-ibm-aix3.2 fi - exit 0 ;; + exit ;; *:AIX:*:[45]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then @@ -562,28 +540,28 @@ EOF IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} fi echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit 0 ;; + exit ;; *:AIX:*:*) echo rs6000-ibm-aix - exit 0 ;; + exit ;; ibmrt:4.4BSD:*|romp-ibm:BSD:*) echo romp-ibm-bsd4.4 - exit 0 ;; + exit ;; ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit 0 ;; # report: romp-ibm BSD 4.3 + exit ;; # report: romp-ibm BSD 4.3 *:BOSX:*:*) echo rs6000-bull-bosx - exit 0 ;; + exit ;; DPX/2?00:B.O.S.:*:*) echo m68k-bull-sysv3 - exit 0 ;; + exit ;; 9000/[34]??:4.3bsd:1.*:*) echo m68k-hp-bsd - exit 0 ;; + exit ;; hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) echo m68k-hp-bsd4.4 - exit 0 ;; + exit ;; 9000/[34678]??:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` case "${UNAME_MACHINE}" in @@ -645,9 +623,19 @@ EOF esac if [ ${HP_ARCH} = "hppa2.0w" ] then - # avoid double evaluation of $set_cc_for_build - test -n "$CC_FOR_BUILD" || eval $set_cc_for_build - if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E -) | grep __LP64__ >/dev/null + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + grep __LP64__ >/dev/null then HP_ARCH="hppa2.0w" else @@ -655,11 +643,11 @@ EOF fi fi echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit 0 ;; + exit ;; ia64:HP-UX:*:*) HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` echo ia64-hp-hpux${HPUX_REV} - exit 0 ;; + exit ;; 3050*:HI-UX:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c @@ -687,158 +675,166 @@ EOF exit (0); } EOF - $CC_FOR_BUILD -o $dummy $dummy.c && $dummy && exit 0 + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } echo unknown-hitachi-hiuxwe2 - exit 0 ;; + exit ;; 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) echo hppa1.1-hp-bsd - exit 0 ;; + exit ;; 9000/8??:4.3bsd:*:*) echo hppa1.0-hp-bsd - exit 0 ;; + exit ;; *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) echo hppa1.0-hp-mpeix - exit 0 ;; + exit ;; hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) echo hppa1.1-hp-osf - exit 0 ;; + exit ;; hp8??:OSF1:*:*) echo hppa1.0-hp-osf - exit 0 ;; + exit ;; i*86:OSF1:*:*) if [ -x /usr/sbin/sysversion ] ; then echo ${UNAME_MACHINE}-unknown-osf1mk else echo ${UNAME_MACHINE}-unknown-osf1 fi - exit 0 ;; + exit ;; parisc*:Lites*:*:*) echo hppa1.1-hp-lites - exit 0 ;; + exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd - exit 0 ;; + exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit 0 ;; + exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd - exit 0 ;; + exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd - exit 0 ;; + exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd - exit 0 ;; + exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*[A-Z]90:*:*:*) echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*TS:*:*:*) echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*T3E:*:*:*) echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; CRAY*SV1:*:*:*) echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; *:UNICOS/mp:*:*) echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; + exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit 0 ;; + exit ;; 5000:UNIX_System_V:4.*:*) FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit 0 ;; + exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit 0 ;; + exit ;; sparc*:BSD/OS:*:*) echo sparc-unknown-bsdi${UNAME_RELEASE} - exit 0 ;; + exit ;; *:BSD/OS:*:*) echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit 0 ;; + exit ;; *:FreeBSD:*:*) echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit 0 ;; + exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin - exit 0 ;; + exit ;; i*:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 - exit 0 ;; + exit ;; + i*:windows32*:*) + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 + exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 - exit 0 ;; + exit ;; x86:Interix*:[34]*) echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//' - exit 0 ;; + exit ;; [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks - exit 0 ;; + exit ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we # UNAME_MACHINE based on the output of uname instead of i386? echo i586-pc-interix - exit 0 ;; + exit ;; i*:UWIN*:*) echo ${UNAME_MACHINE}-pc-uwin - exit 0 ;; + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; p*:CYGWIN*:*) echo powerpcle-unknown-cygwin - exit 0 ;; + exit ;; prep*:SunOS:5.*:*) echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; + exit ;; *:GNU:*:*) # the GNU system echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit 0 ;; + exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu - exit 0 ;; + exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix - exit 0 ;; + exit ;; arm*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; cris:Linux:*:*) echo cris-axis-linux-gnu - exit 0 ;; + exit ;; crisv32:Linux:*:*) echo crisv32-axis-linux-gnu - exit 0 ;; + exit ;; frv:Linux:*:*) echo frv-unknown-linux-gnu - exit 0 ;; + exit ;; ia64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; m32r*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; m68*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; mips:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c @@ -856,7 +852,7 @@ EOF #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` - test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0 + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; mips64:Linux:*:*) eval $set_cc_for_build @@ -875,14 +871,17 @@ EOF #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` - test x"${CPU}" != x && echo "${CPU}-unknown-linux-gnu" && exit 0 + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } ;; + or32:Linux:*:*) + echo or32-unknown-linux-gnu + exit ;; ppc:Linux:*:*) echo powerpc-unknown-linux-gnu - exit 0 ;; + exit ;; ppc64:Linux:*:*) echo powerpc64-unknown-linux-gnu - exit 0 ;; + exit ;; alpha:Linux:*:*) case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in EV5) UNAME_MACHINE=alphaev5 ;; @@ -896,7 +895,7 @@ EOF objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} - exit 0 ;; + exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in @@ -904,25 +903,25 @@ EOF PA8*) echo hppa2.0-unknown-linux-gnu ;; *) echo hppa-unknown-linux-gnu ;; esac - exit 0 ;; + exit ;; parisc64:Linux:*:* | hppa64:Linux:*:*) echo hppa64-unknown-linux-gnu - exit 0 ;; + exit ;; s390:Linux:*:* | s390x:Linux:*:*) echo ${UNAME_MACHINE}-ibm-linux - exit 0 ;; + exit ;; sh64*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; sh*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu - exit 0 ;; + exit ;; x86_64:Linux:*:*) echo x86_64-unknown-linux-gnu - exit 0 ;; + exit ;; i*86:Linux:*:*) # The BFD linker knows what the default object file format is, so # first see if it will tell us. cd to the root directory to prevent @@ -940,15 +939,15 @@ EOF ;; a.out-i386-linux) echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit 0 ;; + exit ;; coff-i386) echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit 0 ;; + exit ;; "") # Either a pre-BFD a.out linker (linux-gnuoldld) or # one that does not give us useful --help. echo "${UNAME_MACHINE}-pc-linux-gnuoldld" - exit 0 ;; + exit ;; esac # Determine whether the default compiler is a.out or elf eval $set_cc_for_build @@ -976,15 +975,18 @@ EOF #endif EOF eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` - test x"${LIBC}" != x && echo "${UNAME_MACHINE}-pc-linux-${LIBC}" && exit 0 - test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0 + test x"${LIBC}" != x && { + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit + } + test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both # sysname and nodename. echo i386-sequent-sysv4 - exit 0 ;; + exit ;; i*86:UNIX_SV:4.2MP:2.*) # Unixware is an offshoot of SVR4, but it has its own version # number series starting with 2... @@ -992,27 +994,27 @@ EOF # I just have to hope. -- rms. # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit 0 ;; + exit ;; i*86:OS/2:*:*) # If we were able to find `uname', then EMX Unix compatibility # is probably installed. echo ${UNAME_MACHINE}-pc-os2-emx - exit 0 ;; + exit ;; i*86:XTS-300:*:STOP) echo ${UNAME_MACHINE}-unknown-stop - exit 0 ;; + exit ;; i*86:atheos:*:*) echo ${UNAME_MACHINE}-unknown-atheos - exit 0 ;; - i*86:syllable:*:*) + exit ;; + i*86:syllable:*:*) echo ${UNAME_MACHINE}-pc-syllable - exit 0 ;; + exit ;; i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) echo i386-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; i*86:*DOS:*:*) echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit 0 ;; + exit ;; i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then @@ -1020,15 +1022,16 @@ EOF else echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} fi - exit 0 ;; - i*86:*:5:[78]*) + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; *Pent*|*Celeron) UNAME_MACHINE=i686 ;; esac echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} - exit 0 ;; + exit ;; i*86:*:3.2:*) if test -f /usr/options/cb.name; then UNAME_REL=`sed -n 's/.*Version //p' /dev/null 2>&1 ; then echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 else # Add other i860-SVR4 vendors below as they are discovered. echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 fi - exit 0 ;; + exit ;; mini*:CTIX:SYS*5:*) # "miniframe" echo m68010-convergent-sysv - exit 0 ;; + exit ;; mc68k:UNIX:SYSTEM5:3.51m) echo m68k-convergent-sysv - exit 0 ;; + exit ;; M680?0:D-NIX:5.3:*) echo m68k-diab-dnix - exit 0 ;; + exit ;; M68*:*:R3V[5678]*:*) - test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) OS_REL='' test -r /etc/.relid \ && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && echo i486-ncr-sysv4.3${OS_REL} && exit 0 + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && echo i486-ncr-sysv4 && exit 0 ;; + && { echo i486-ncr-sysv4; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; mc68030:UNIX_System_V:4.*:*) echo m68k-atari-sysv4 - exit 0 ;; + exit ;; TSUNAMI:LynxOS:2.*:*) echo sparc-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; + exit ;; SM[BE]S:UNIX_SV:*:*) echo mips-dde-sysv${UNAME_RELEASE} - exit 0 ;; + exit ;; RM*:ReliantUNIX-*:*:*) echo mips-sni-sysv4 - exit 0 ;; + exit ;; RM*:SINIX-*:*:*) echo mips-sni-sysv4 - exit 0 ;; + exit ;; *:SINIX-*:*:*) if uname -p 2>/dev/null >/dev/null ; then UNAME_MACHINE=`(uname -p) 2>/dev/null` @@ -1120,61 +1123,65 @@ EOF else echo ns32k-sni-sysv fi - exit 0 ;; + exit ;; PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort # says echo i586-unisys-sysv4 - exit 0 ;; + exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm echo hppa1.1-stratus-sysv4 - exit 0 ;; + exit ;; *:*:*:FTX*) # From seanf@swdc.stratus.com. echo i860-stratus-sysv4 - exit 0 ;; + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; *:VOS:*:*) # From Paul.Green@stratus.com. echo hppa1.1-stratus-vos - exit 0 ;; + exit ;; mc68*:A/UX:*:*) echo m68k-apple-aux${UNAME_RELEASE} - exit 0 ;; + exit ;; news*:NEWS-OS:6*:*) echo mips-sony-newsos6 - exit 0 ;; + exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then echo mips-nec-sysv${UNAME_RELEASE} else echo mips-unknown-sysv${UNAME_RELEASE} fi - exit 0 ;; + exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos - exit 0 ;; + exit ;; BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. echo powerpc-apple-beos - exit 0 ;; + exit ;; BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos - exit 0 ;; + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} - exit 0 ;; + exit ;; SX-5:SUPER-UX:*:*) echo sx5-nec-superux${UNAME_RELEASE} - exit 0 ;; + exit ;; SX-6:SUPER-UX:*:*) echo sx6-nec-superux${UNAME_RELEASE} - exit 0 ;; + exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit 0 ;; + exit ;; *:Rhapsody:*:*) echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit 0 ;; + exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown case $UNAME_PROCESSOR in @@ -1182,7 +1189,7 @@ EOF unknown) UNAME_PROCESSOR=powerpc ;; esac echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} - exit 0 ;; + exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) UNAME_PROCESSOR=`uname -p` if test "$UNAME_PROCESSOR" = "x86"; then @@ -1190,22 +1197,25 @@ EOF UNAME_MACHINE=pc fi echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} - exit 0 ;; + exit ;; *:QNX:*:4*) echo i386-pc-qnx - exit 0 ;; + exit ;; + NSE-?:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; NSR-?:NONSTOP_KERNEL:*:*) echo nsr-tandem-nsk${UNAME_RELEASE} - exit 0 ;; + exit ;; *:NonStop-UX:*:*) echo mips-compaq-nonstopux - exit 0 ;; + exit ;; BS2000:POSIX*:*:*) echo bs2000-siemens-sysv - exit 0 ;; + exit ;; DS/*:UNIX_System_V:*:*) echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit 0 ;; + exit ;; *:Plan9:*:*) # "uname -m" is not consistent, so use $cputype instead. 386 # is converted to i386 for consistency with other x86 @@ -1216,41 +1226,44 @@ EOF UNAME_MACHINE="$cputype" fi echo ${UNAME_MACHINE}-unknown-plan9 - exit 0 ;; + exit ;; *:TOPS-10:*:*) echo pdp10-unknown-tops10 - exit 0 ;; + exit ;; *:TENEX:*:*) echo pdp10-unknown-tenex - exit 0 ;; + exit ;; KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) echo pdp10-dec-tops20 - exit 0 ;; + exit ;; XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) echo pdp10-xkl-tops20 - exit 0 ;; + exit ;; *:TOPS-20:*:*) echo pdp10-unknown-tops20 - exit 0 ;; + exit ;; *:ITS:*:*) echo pdp10-unknown-its - exit 0 ;; + exit ;; SEI:*:*:SEIUX) echo mips-sei-seiux${UNAME_RELEASE} - exit 0 ;; + exit ;; *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit 0 ;; + exit ;; *:*VMS:*:*) UNAME_MACHINE=`(uname -p) 2>/dev/null` case "${UNAME_MACHINE}" in - A*) echo alpha-dec-vms && exit 0 ;; - I*) echo ia64-dec-vms && exit 0 ;; - V*) echo vax-dec-vms && exit 0 ;; + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; esac ;; *:XENIX:*:SysV) echo i386-pc-xenix - exit 0 ;; + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + exit ;; esac #echo '(No uname command or uname output not recognized.)' 1>&2 @@ -1282,7 +1295,7 @@ main () #endif #if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix"); exit (0); + printf ("arm-acorn-riscix\n"); exit (0); #endif #if defined (hp300) && !defined (hpux) @@ -1371,11 +1384,12 @@ main () } EOF -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && $dummy && exit 0 +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } # Apollos put the system type in the environment. -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; } +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } # Convex versions that predate uname can use getsysinfo(1) @@ -1384,22 +1398,22 @@ then case `getsysinfo -f cpu_type` in c1*) echo c1-convex-bsd - exit 0 ;; + exit ;; c2*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit 0 ;; + exit ;; c34*) echo c34-convex-bsd - exit 0 ;; + exit ;; c38*) echo c38-convex-bsd - exit 0 ;; + exit ;; c4*) echo c4-convex-bsd - exit 0 ;; + exit ;; esac fi @@ -1410,7 +1424,9 @@ This script, last modified $timestamp, has failed to recognize the operating system you are using. It is advised that you download the most up to date version of the config scripts from - ftp://ftp.gnu.org/pub/gnu/config/ + http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess +and + http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub If the version you run ($0) is already up to date, please send the following data and any information you think might be diff --git a/config.h.in b/config.h.in index fecc8ab..4f9dea1 100644 --- a/config.h.in +++ b/config.h.in @@ -355,6 +355,9 @@ /* Define to empty if `const' does not conform to ANSI C. */ #undef const +/* Define to `int' if doesn't define. */ +#undef gid_t + /* Define to `int' if does not define. */ #undef mode_t @@ -366,3 +369,6 @@ /* Define to `unsigned' if does not define. */ #undef size_t + +/* Define to `int' if doesn't define. */ +#undef uid_t diff --git a/config.sub b/config.sub index edb6b66..1c366df 100755 --- a/config.sub +++ b/config.sub @@ -1,9 +1,9 @@ #! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc. +# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. -timestamp='2004-08-29' +timestamp='2005-07-08' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -21,14 +21,15 @@ timestamp='2004-08-29' # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, -# Boston, MA 02111-1307, USA. - +# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA +# 02110-1301, USA. +# # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under # the same distribution terms that you use for the rest of that program. + # Please send patches to . Submit a context # diff and a properly formatted ChangeLog entry. # @@ -70,7 +71,7 @@ Report bugs and patches to ." version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO @@ -83,11 +84,11 @@ Try \`$me --help' for more information." while test $# -gt 0 ; do case $1 in --time-stamp | --time* | -t ) - echo "$timestamp" ; exit 0 ;; + echo "$timestamp" ; exit ;; --version | -v ) - echo "$version" ; exit 0 ;; + echo "$version" ; exit ;; --help | --h* | -h ) - echo "$usage"; exit 0 ;; + echo "$usage"; exit ;; -- ) # Stop option processing shift; break ;; - ) # Use stdin as input. @@ -99,7 +100,7 @@ while test $# -gt 0 ; do *local*) # First pass through any local machine types. echo $1 - exit 0;; + exit ;; * ) break ;; @@ -231,13 +232,14 @@ case $basic_machine in | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ + | bfin \ | c4x | clipper \ | d10v | d30v | dlx | dsp16xx \ | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ - | m32r | m32rle | m68000 | m68k | m88k | mcore \ + | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ @@ -246,6 +248,7 @@ case $basic_machine in | mips64vr4100 | mips64vr4100el \ | mips64vr4300 | mips64vr4300el \ | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ | mipsisa32 | mipsisa32el \ | mipsisa32r2 | mipsisa32r2el \ | mipsisa64 | mipsisa64el \ @@ -254,23 +257,28 @@ case $basic_machine in | mipsisa64sr71k | mipsisa64sr71kel \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ + | ms1 \ | msp430 \ | ns16k | ns32k \ - | openrisc | or32 \ + | or32 \ | pdp10 | pdp11 | pj | pjl \ | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ - | sh | sh[1234] | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ + | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ - | sparc | sparc64 | sparc86x | sparclet | sparclite | sparcv8 | sparcv9 | sparcv9b \ + | sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b \ | strongarm \ | tahoe | thumb | tic4x | tic80 | tron \ | v850 | v850e \ | we32k \ - | x86 | xscale | xstormy16 | xtensa \ + | x86 | xscale | xscalee[bl] | xstormy16 | xtensa \ | z8k) basic_machine=$basic_machine-unknown ;; + m32c) + basic_machine=$basic_machine-unknown + ;; m6811 | m68hc11 | m6812 | m68hc12) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown @@ -298,7 +306,7 @@ case $basic_machine in | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* \ - | bs2000-* \ + | bfin-* | bs2000-* \ | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ @@ -310,7 +318,7 @@ case $basic_machine in | ip2k-* | iq2000-* \ | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | mcore-* \ + | m88110-* | m88k-* | maxq-* | mcore-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ @@ -319,6 +327,7 @@ case $basic_machine in | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* \ | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ | mipsisa32-* | mipsisa32el-* \ | mipsisa32r2-* | mipsisa32r2el-* \ | mipsisa64-* | mipsisa64el-* \ @@ -327,6 +336,7 @@ case $basic_machine in | mipsisa64sr71k-* | mipsisa64sr71kel-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ + | ms1-* \ | msp430-* \ | none-* | np1-* | ns16k-* | ns32k-* \ | orion-* \ @@ -334,20 +344,23 @@ case $basic_machine in | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* \ - | sh-* | sh[1234]-* | sh[23]e-* | sh[34]eb-* | shbe-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc86x-* | sparclet-* | sparclite-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \ + | sparclite-* \ | sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \ | tahoe-* | thumb-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ | tron-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ - | x86-* | x86_64-* | xps100-* | xscale-* | xstormy16-* \ - | xtensa-* \ + | x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \ + | xstormy16-* | xtensa-* \ | ymp-* \ | z8k-*) ;; + m32c-*) + ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. 386bsd) @@ -489,6 +502,10 @@ case $basic_machine in basic_machine=m88k-motorola os=-sysv3 ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; dpx20 | dpx20-*) basic_machine=rs6000-bull os=-bosx @@ -754,9 +771,8 @@ case $basic_machine in basic_machine=hppa1.1-oki os=-proelf ;; - or32 | or32-*) + openrisc | openrisc-*) basic_machine=or32-unknown - os=-coff ;; os400) basic_machine=powerpc-ibm @@ -1029,6 +1045,10 @@ case $basic_machine in basic_machine=hppa1.1-winbond os=-proelf ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; xps | xps100) basic_machine=xps100-honeywell ;; @@ -1078,12 +1098,9 @@ case $basic_machine in we32k) basic_machine=we32k-att ;; - sh3 | sh4 | sh[34]eb | sh[1234]le | sh[23]ele) + sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; - sh64) - basic_machine=sh64-unknown - ;; sparc | sparcv8 | sparcv9 | sparcv9b) basic_machine=sparc-sun ;; @@ -1170,7 +1187,8 @@ case $os in | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ - | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly*) + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1188,7 +1206,7 @@ case $os in os=`echo $os | sed -e 's|nto|nto-qnx|'` ;; -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) ;; -mac*) @@ -1297,6 +1315,9 @@ case $os in -kaos*) os=-kaos ;; + -zvmoe) + os=-zvmoe + ;; -none) ;; *) @@ -1374,6 +1395,9 @@ case $basic_machine in *-be) os=-beos ;; + *-haiku) + os=-haiku + ;; *-ibm) os=-aix ;; @@ -1545,7 +1569,7 @@ case $basic_machine in esac echo $basic_machine$os -exit 0 +exit # Local variables: # eval: (add-hook 'write-file-hooks 'time-stamp) diff --git a/configure b/configure index f414b62..28a1eb1 100755 --- a/configure +++ b/configure @@ -4386,6 +4386,44 @@ _ACEOF fi +echo "$as_me:$LINENO: checking for uid_t in sys/types.h" >&5 +echo $ECHO_N "checking for uid_t in sys/types.h... $ECHO_C" >&6 +if test "${ac_cv_type_uid_t+set}" = set; then + echo $ECHO_N "(cached) $ECHO_C" >&6 +else + cat >conftest.$ac_ext <<_ACEOF +/* confdefs.h. */ +_ACEOF +cat confdefs.h >>conftest.$ac_ext +cat >>conftest.$ac_ext <<_ACEOF +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "uid_t" >/dev/null 2>&1; then + ac_cv_type_uid_t=yes +else + ac_cv_type_uid_t=no +fi +rm -f conftest* + +fi +echo "$as_me:$LINENO: result: $ac_cv_type_uid_t" >&5 +echo "${ECHO_T}$ac_cv_type_uid_t" >&6 +if test $ac_cv_type_uid_t = no; then + +cat >>confdefs.h <<\_ACEOF +#define uid_t int +_ACEOF + + +cat >>confdefs.h <<\_ACEOF +#define gid_t int +_ACEOF + +fi + echo "$as_me:$LINENO: checking for sig_atomic_t" >&5 echo $ECHO_N "checking for sig_atomic_t... $ECHO_C" >&6 diff --git a/configure.in b/configure.in index 000350f..db123c8 100644 --- a/configure.in +++ b/configure.in @@ -339,6 +339,7 @@ AC_TYPE_MODE_T AC_TYPE_SIGNAL AC_TYPE_PID_T AC_TYPE_SIZE_T +AC_TYPE_UID_T AC_CHECK_TYPE([sig_atomic_t],, AC_DEFINE(sig_atomic_t, volatile int, diff --git a/conserver.cf/INSTALL b/conserver.cf/INSTALL index 1efa2f5..23d5073 100644 --- a/conserver.cf/INSTALL +++ b/conserver.cf/INSTALL @@ -1,11 +1,11 @@ The two files you need to set up are the conserver.cf and conserver.passwd -files. See the sample conserver.cf and conserver.passwd files -for examples. You can start with those and then modify extensively. -The man page for conserver.cf and conserver.passwd should explain the -files with enough detail to get you going. +files. See the sample conserver.cf and conserver.passwd files for examples +(installed in /examples/conserver). You can start with those and +then modify extensively. The man page for conserver.cf and conserver.passwd +should explain the files with enough detail to get you going. That's about it. Good luck. # -# $Id: INSTALL,v 1.3 2003/07/04 18:21:21 bryan Exp $ +# $Id: INSTALL,v 1.4 2005/05/21 13:47:18 bryan Exp $ # diff --git a/conserver.cf/conserver.cf.man b/conserver.cf/conserver.cf.man index 88d711f..bd6ca33 100644 --- a/conserver.cf/conserver.cf.man +++ b/conserver.cf/conserver.cf.man @@ -1,5 +1,5 @@ -.\" $Id: conserver.cf.man,v 1.69 2004/11/06 00:20:30 bryan Exp $ -.TH CONSERVER.CF 5 "2004/11/06" "conserver-8.1.11" "conserver" +.\" $Id: conserver.cf.man,v 1.73 2005/06/09 07:09:31 bryan Exp $ +.TH CONSERVER.CF 5 "2005/06/09" "conserver-8.1.12" "conserver" .SH NAME conserver.cf \- console configuration file for .BR conserver (8) @@ -174,6 +174,31 @@ The access lists defined using the name are applied to the current access block. The included access block must be previously defined. .TP +\f3limited\fP [\f3!\fP]\f2username\fP[\f3,\fP...]|\f3""\fP +.br +Define a list of users with limited functionality on the console server. +These users will not be allowed to suspend their connection, +shift to another console, or attach to a local command. +If +.I username +matches a previously defined group name, all members of the previous +group are applied to the admin list (with access reversed if prefixed +with a `!'). +If +.I username +doesn't match a previously defined group and +.I username +begins with `@', the name (minus the `@') is checked against the +host's group database. +All users found in the group will be granted (or denied, if prefixed +with `!') access. +If +.I username +doesn't match a previous group and doesn't begin with `@', the users +will be granted (or denied, if prefixed with `!') access. +If the null string (``\f3""\fP'') is used, any +users previously defined for the console server's limited list are removed. +.TP \f3rejected\fP \f2hostname\fP[\f3,\fP...] .br The list of hostnames are added to the ``rejected'' list, which rejects @@ -524,6 +549,27 @@ If the null string (``\f3""\fP'') is used or no keyword is specified, conserver will use the command ``/bin/sh -i''. Only consoles of type ``exec'' will use this value. .TP +\f3execrunas\fP [\f2user\fP][:\f2group\fP]|\f3""\fP +.br +By default, the command invoked by +.B exec +is run with the same privileges as the server. +If the server is running with root privileges, this option resets the user +and/or group of the invoked process to +.I user +and +.I group +respectively. +.I user +may be a username or numeric uid and +.I group +may be a group name or numeric gid. +Either one is optional. +If the server is not running with root privileges, these values +are not used. +If the null string (``\f3""\fP'') is specified, the default of running +with the same privileges as the server is restored. +.TP \f3execsubst\fP \f2c\fP\f3=\fP\f2t\fP[\f2n\fP]\f2f\fP[\f3,\fP...]|\f3""\fP .br Perform character substitutions on the @@ -584,7 +630,7 @@ The default block defined using the name is applied to the current console or default block. The included default block must be previously defined. .TP -\f3initcmd\fP \f3command\fP|\f3""\fP +\f3initcmd\fP \f2command\fP|\f3""\fP .br Invoke .I command @@ -597,6 +643,27 @@ is passed as an argument to ``/bin/sh -ce''. If the null string (``\f3""\fP'') is used, the command is unset and nothing is invoked. .TP +\f3initrunas\fP [\f2user\fP][:\f2group\fP]|\f3""\fP +.br +By default, the command invoked by +.B initcmd +is run with the same privileges as the server. +If the server is running with root privileges, this option resets the user +and/or group of the invoked process to +.I user +and +.I group +respectively. +.I user +may be a username or numeric uid and +.I group +may be a group name or numeric gid. +Either one is optional. +If the server is not running with root privileges, these values +are not used. +If the null string (``\f3""\fP'') is specified, the default of running +with the same privileges as the server is restored. +.TP \f3initspinmax\fP \f2n\fP|\f3""\fP .br Set the maximum number of ``spins'' allowed for the console to @@ -607,7 +674,7 @@ where 0 <= A console is determined to be ``spinning'' if an attempt to initialize the console occurs in under .B initspintimer -seconds from it's previous initialization and this quick +seconds from its previous initialization and this quick initialization occurs .B initspinmax times in a row. @@ -661,7 +728,7 @@ no logging will occur. .br Enable automatic rotation of .B logfile -once it's size exceeds +once its size exceeds .I number bytes. Specifying @@ -810,7 +877,7 @@ Default is .BR autoreinit . .TP .B unloved -Enable the sending of this console's output (prefixed with it's +Enable the sending of this console's output (prefixed with its name) to the daemon's stdout (or the logfile if in daemon mode) when no clients are connected to the console. The conserver option diff --git a/conserver.cf/conserver.passwd.man b/conserver.cf/conserver.passwd.man index e27c77c..7da9d00 100644 --- a/conserver.cf/conserver.passwd.man +++ b/conserver.cf/conserver.passwd.man @@ -1,5 +1,5 @@ .\" $Id: conserver.passwd.man,v 1.10 2004/01/08 16:12:33 bryan Exp $ -.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.11" "conserver" +.TH CONSERVER.PASSWD 5 "2004/01/08" "conserver-8.1.12" "conserver" .SH NAME conserver.passwd \- user access information for .BR conserver (8) diff --git a/conserver.html b/conserver.html index 95ed81f..27b1a44 100644 --- a/conserver.html +++ b/conserver.html @@ -37,7 +37,6 @@ mirror:   Australia   Russia -   US-East   US-West (Primary)

@@ -183,11 +182,11 @@

Downloading

-

The current version, released on Nov 9, 2004, is 8.1.11.tar.gz. You can get it +

The current version, released on Sep 5, 2005, is 8.1.12.tar.gz. You can get it via FTP - or HTTP. See the FTP + or HTTP. See the CHANGES file for information on the latest updates.

diff --git a/conserver/Makefile.in b/conserver/Makefile.in index f9e8ea4..9051c88 100644 --- a/conserver/Makefile.in +++ b/conserver/Makefile.in @@ -7,6 +7,8 @@ sbindir = @sbindir@ sysconfdir = @sysconfdir@ mandir = @mandir@ datadir = @datadir@ +libdir = @libdir@ +pkglibdir = $(libdir)/conserver exampledir = $(datadir)/examples/conserver ### Installation programs and flags @@ -63,5 +65,7 @@ install: conserver $(INSTALL) conserver.man $(DESTDIR)$(mandir)/man8/conserver.8 $(MKDIR) $(DESTDIR)$(exampledir) $(INSTALL) conserver.rc $(DESTDIR)$(exampledir) + $(MKDIR) $(DESTDIR)$(pkglibdir) + $(INSTALL) convert $(DESTDIR)$(pkglibdir)/convert .PHONY: clean distclean install diff --git a/conserver/client.c b/conserver/client.c index 71c0e97..093d454 100644 --- a/conserver/client.c +++ b/conserver/client.c @@ -1,5 +1,5 @@ /* - * $Id: client.c,v 5.85 2004/10/25 07:18:18 bryan Exp $ + * $Id: client.c,v 5.89 2005/09/04 00:28:58 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -41,6 +41,7 @@ #include #include #include +#include #if defined(USE_LIBWRAP) #include @@ -250,25 +251,21 @@ Replay(pCE, fdOut, iBack) /* this is a mark and the previous line is also * a mark, so make (or continue) that range */ - if (0 == lines[ln - 1].mark_end->allocated) { + if (0 == lines[ln - 1].mark_end->used) { /* this is a new range - shuffle pointers * * remember that we are moving backward */ - *(lines[ln - 1].mark_end) = *(lines[ln - 1].line); - InitString(lines[ln - 1].line); - } - /* if unallocated, cheat and shuffle pointers */ - if (0 == lines[ln - 1].line->allocated) { - *(lines[ln - 1].line) = *(lines[ln].line); - InitString(lines[ln].line); - } else { + BuildStringN(lines[ln - 1].line->string, + lines[ln - 1].line->used - 1, + lines[ln - 1].mark_end); BuildString((char *)0, lines[ln - 1].line); - BuildStringN(lines[ln].line->string, - lines[ln].line->used - 1, - lines[ln - 1].line); - BuildString((char *)0, lines[ln].line); } + BuildString((char *)0, lines[ln - 1].line); + BuildStringN(lines[ln].line->string, + lines[ln].line->used - 1, + lines[ln - 1].line); + BuildString((char *)0, lines[ln].line); ln--; } lines[ln].is_mark = is_mark; @@ -385,6 +382,7 @@ Replay(pCE, fdOut, iBack) #define WHEN_ATTACH 0x02 #define WHEN_EXPERT 0x04 /* ZZZ no way to set his yet */ #define WHEN_ALWAYS 0x40 +#define IS_LIMITED 0x100 #define HALFLINE 40 @@ -395,7 +393,7 @@ typedef struct HLnode { static HELP aHLTable[] = { {WHEN_ALWAYS, ". disconnect"}, - {WHEN_ALWAYS, "; move to another console"}, + {WHEN_ALWAYS | IS_LIMITED, "; move to another console"}, {WHEN_ALWAYS, "a attach read/write"}, {WHEN_ALWAYS, "b send broadcast message"}, {WHEN_ATTACH, "c toggle flow control"}, @@ -417,8 +415,8 @@ static HELP aHLTable[] = { {WHEN_ALWAYS, "v show version info"}, {WHEN_ALWAYS, "w who is on this console"}, {WHEN_ALWAYS, "x show console baud info"}, - {WHEN_ALWAYS, "z suspend the connection"}, - {WHEN_ATTACH, "| attach local command"}, + {WHEN_ALWAYS | IS_LIMITED, "z suspend the connection"}, + {WHEN_ATTACH | IS_LIMITED, "| attach local command"}, {WHEN_ALWAYS, "? print this message"}, {WHEN_ALWAYS, " ignore/abort command"}, {WHEN_ALWAYS, "^R replay the last line"}, @@ -433,7 +431,7 @@ void #if PROTOTYPES HelpUser(CONSCLIENT *pCL) #else -HelpUser(pCL) +HelpUser(pCL, pCE) CONSCLIENT *pCL; #endif { @@ -456,9 +454,13 @@ HelpUser(pCL) BuildString((char *)0, acLine); for (i = 0; i < sizeof(aHLTable) / sizeof(HELP); ++i) { - if (0 == (aHLTable[i].iwhen & iCmp)) { + if (aHLTable[i].iwhen & IS_LIMITED && + ConsentUserOk(pLUList, pCL->username->string) == 1) continue; - } + + if (0 == (aHLTable[i].iwhen & iCmp)) + continue; + if (acLine->used != 0) { /* second part of line */ if (strlen(aHLTable[i].actext) < HALFLINE) { for (j = acLine->used; j <= HALFLINE; ++j) { diff --git a/conserver/client.h b/conserver/client.h index 1fbfc86..f8ae783 100644 --- a/conserver/client.h +++ b/conserver/client.h @@ -1,5 +1,5 @@ /* - * $Id: client.h,v 5.38 2004/10/25 07:18:18 bryan Exp $ + * $Id: client.h,v 5.40 2005/06/07 19:55:51 bryan Exp $ * * Copyright conserver.com, 2000 * diff --git a/conserver/consent.c b/conserver/consent.c index cfe8b69..77d0e75 100644 --- a/conserver/consent.c +++ b/conserver/consent.c @@ -1,5 +1,5 @@ /* - * $Id: consent.c,v 5.144 2004/10/25 07:25:35 bryan Exp $ + * $Id: consent.c,v 5.145 2005/06/08 18:09:40 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -421,6 +421,13 @@ StartInit(pCE) close(pout[0]); close(pin[1]); + if (geteuid() == 0) { + if (pCE->initgid != 0) + setgid(pCE->initgid); + if (pCE->inituid != 0) + setuid(pCE->inituid); + } + tcsetpgrp(0, iNewGrp); apcArgv[2] = pCE->initcmd; @@ -510,6 +517,15 @@ VirtDev(pCE) Error("[%s] fd sync error", pCE->server); Bye(EX_OSERR); } + + if (geteuid() == 0) { + if (pCE->execgid != 0) + setgid(pCE->execgid); + if (pCE->execuid != 0) { + fchown(0, pCE->execuid, -1); + setuid(pCE->execuid); + } + } # if HAVE_STROPTS_H && !defined(_AIX) /* SYSVr4 semantics for opening stream ptys (gregf) * under PTX (others?) we have to push the compatibility diff --git a/conserver/consent.h b/conserver/consent.h index d9d8936..faa25bf 100644 --- a/conserver/consent.h +++ b/conserver/consent.h @@ -1,5 +1,5 @@ /* - * $Id: consent.h,v 5.59 2004/10/25 07:18:18 bryan Exp $ + * $Id: consent.h,v 5.63 2005/06/08 18:09:40 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -100,6 +100,8 @@ typedef struct consent { /* console information */ /* type == EXEC */ char *exec; /* exec command */ char *execsubst; /* exec substitution pattern */ + uid_t execuid; /* user to run exec as */ + gid_t execgid; /* group to run exec as */ /* global stuff */ char *master; /* master hostname */ unsigned short breakNum; /* break type [1-9] */ @@ -107,6 +109,8 @@ typedef struct consent { /* console information */ off_t logfilemax; /* size limit for rolling logfile */ char *initcmd; /* initcmd command */ char *initsubst; /* initcmd substitution pattern */ + uid_t inituid; /* user to run initcmd as */ + gid_t initgid; /* group to run initcmd as */ char *motd; /* motd */ time_t idletimeout; /* idle timeout */ char *idlestring; /* string to print when idle */ diff --git a/conserver/conserver.man b/conserver/conserver.man index 280e11a..1cb524a 100644 --- a/conserver/conserver.man +++ b/conserver/conserver.man @@ -1,6 +1,6 @@ .\" @(#)conserver.8 01/06/91 OSU CIS; Thomas A. Fine -.\" $Id: conserver.man,v 1.50 2004/06/08 16:19:46 bryan Exp $ -.TH CONSERVER 8 "2004/06/08" "conserver-8.1.11" "conserver" +.\" $Id: conserver.man,v 1.51 2005/04/02 09:59:48 bryan Exp $ +.TH CONSERVER 8 "2005/04/02" "conserver-8.1.12" "conserver" .SH NAME conserver \- console server daemon .SH SYNOPSIS @@ -89,10 +89,10 @@ The server will .B not remove any files in the directory itself, just in case the directory is accidentally specified as ``/etc'' or some other critical location. -The server will do it's best to remove all the sockets when it shuts down, +The server will do its best to remove all the sockets when it shuts down, but it could stop ungracefully (crash, ``kill -9'', etc) and leave files behind. -It's would then be up to the admin (or a creative startup script) to clean +It would then be up to the admin (or a creative startup script) to clean up the directory before the server will start again. .PP .B Conserver @@ -427,7 +427,7 @@ The second style is the character-based, escape-sequence mode, while connected to a console. .PP The initial line-based mode begins the same for both the master process -and it's children. +and its children. Upon a successful (non-rejected) client connection, an ``ok'' is sent. The client then issues a command and the server responds to it with a result string (``ok'' being the sign of success for most commands). @@ -435,7 +435,7 @@ The commands available are ``help'', ``ssl'' (if SSL was built into the code), ``login'', and ``exit''. Using the ``login'' command, the client authenticates and gains access to the extended command set. -This is where the master process and it's children differ. +This is where the master process and its children differ. The master process gives the client access to global commands, and the child provides commands for interacting with the consoles it manages. The ``help'' command, in both cases, will provide a complete diff --git a/conserver/cutil.c b/conserver/cutil.c index 7b4ca43..2e04859 100644 --- a/conserver/cutil.c +++ b/conserver/cutil.c @@ -1,5 +1,5 @@ /* - * $Id: cutil.c,v 1.121 2004/11/09 08:37:05 bryan Exp $ + * $Id: cutil.c,v 1.122 2005/06/11 02:31:05 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -3067,7 +3067,7 @@ ParseFile(filename, fp, level) void #if PROTOTYPES -ProcessSubst(SUBST * s, char **repl, char **str, char *name, char *id) +ProcessSubst(SUBST *s, char **repl, char **str, char *name, char *id) #else ProcessSubst(s, repl, str, name, id) SUBST *s; @@ -3187,7 +3187,7 @@ ProcessSubst(s, repl, str, name, id) OutOfMem(); } - if (s != (SUBST *) 0 && repl != (char **)0) { + if (s != (SUBST *)0 && repl != (char **)0) { static STRING *result = (STRING *)0; if (result == (STRING *)0) diff --git a/conserver/group.c b/conserver/group.c index 4d7f420..2c9183c 100644 --- a/conserver/group.c +++ b/conserver/group.c @@ -1,5 +1,5 @@ /* - * $Id: group.c,v 5.311 2004/10/25 07:25:35 bryan Exp $ + * $Id: group.c,v 5.318 2005/06/08 18:09:40 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -1869,6 +1869,53 @@ AttemptSSL(pCL) } #endif +CONSENT * +#if PROTOTYPES +HuntForConsole(GRPENT *pGE, char *name) +#else +HuntForConsole(pGE, name) + GRPENT *pGE; + char *name; +#endif +{ + /* try to find a given console + * we assume all the right checks for ambiguity + * were already done by the master process, so + * the first match should be what the user wants + */ + CONSENT *pCE = (CONSENT *)0; + + if (name == (char *)0) + return pCE; + + for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { + NAMES *n = (NAMES *)0; + if (strcasecmp(name, pCE->server) == 0) + break; + for (n = pCE->aliases; n != (NAMES *)0; n = n->next) { + if (strcasecmp(name, n->name) == 0) + break; + } + if (n != (NAMES *)0) + break; + } + if (pCE == (CONSENT *)0 && config->autocomplete == FLAGTRUE) { + NAMES *n = (NAMES *)0; + int len = strlen(name); + for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { + if (strncasecmp(name, pCE->server, len) == 0) + break; + for (n = pCE->aliases; n != (NAMES *)0; n = n->next) { + if (strncasecmp(name, n->name, len) == 0) + break; + } + if (n != (NAMES *)0) + break; + } + } + return pCE; +} + void #if PROTOTYPES CommandAttach(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing, @@ -2000,18 +2047,24 @@ CommandDown(pGE, pCLServing, pCEServing, tyme) void #if PROTOTYPES CommandExamine(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing, - long tyme) + long tyme, char *args) #else -CommandExamine(pGE, pCLServing, pCEServing, tyme) +CommandExamine(pGE, pCLServing, pCEServing, tyme, args) GRPENT *pGE; CONSCLIENT *pCLServing; CONSENT *pCEServing; long tyme; + char *args; #endif { CONSENT *pCE; - for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { + if (args == (char *)0) + pCE = pGE->pCElist; + else + pCE = HuntForConsole(pGE, args); + + for (; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { char *d = (char *)0; char *b = (char *)0; char p = '\000'; @@ -2038,6 +2091,8 @@ CommandExamine(pGE, pCLServing, pCEServing, tyme) FilePrint(pCLServing->fd, FLAGFALSE, " %-24.24s on %-32.32s at %6.6s%c\r\n", pCE->server, d, b, p); + if (args != (char *)0) + break; } } @@ -2107,16 +2162,20 @@ CommandForce(pGE, pCLServing, pCEServing, tyme) void #if PROTOTYPES CommandGroup(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing, - long tyme) + long tyme, char *args) #else -CommandGroup(pGE, pCLServing, pCEServing, tyme) +CommandGroup(pGE, pCLServing, pCEServing, tyme, args) GRPENT *pGE; CONSCLIENT *pCLServing; CONSENT *pCEServing; long tyme; + char *args; #endif { CONSCLIENT *pCL; + CONSENT *pCE; + + pCE = HuntForConsole(pGE, args); /* we do not show the ctl console * else we'd get the client always @@ -2124,6 +2183,8 @@ CommandGroup(pGE, pCLServing, pCEServing, tyme) for (pCL = pGE->pCLall; (CONSCLIENT *)0 != pCL; pCL = pCL->pCLscan) { if (pGE->pCEctl == pCL->pCEto) continue; + if (pCE != (CONSENT *)0 && pCL->pCEto != pCE) + continue; FilePrint(pCLServing->fd, FLAGFALSE, " %-32.32s %c %-7.7s %6s %s\r\n", pCL->acid->string, pCL == pCLServing ? '*' : ' ', @@ -2135,18 +2196,24 @@ CommandGroup(pGE, pCLServing, pCEServing, tyme) void #if PROTOTYPES CommandHosts(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing, - long tyme) + long tyme, char *args) #else -CommandHosts(pGE, pCLServing, pCEServing, tyme) +CommandHosts(pGE, pCLServing, pCEServing, tyme, args) GRPENT *pGE; CONSCLIENT *pCLServing; CONSENT *pCEServing; long tyme; + char *args; #endif { CONSENT *pCE; - for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { + if (args == (char *)0) + pCE = pGE->pCElist; + else + pCE = HuntForConsole(pGE, args); + + for (; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { FilePrint(pCLServing->fd, FLAGFALSE, " %-24.24s %c %-4.4s %-.40s\r\n", pCE->server, pCE == pCEServing ? '*' : ' ', (pCE->fup && @@ -2159,25 +2226,33 @@ CommandHosts(pGE, pCLServing, pCEServing, tyme) "down", pCE->pCLwr ? pCE->pCLwr->acid->string : pCE-> pCLon ? "" : ""); + if (args != (char *)0) + break; } } void #if PROTOTYPES CommandInfo(GRPENT *pGE, CONSCLIENT *pCLServing, CONSENT *pCEServing, - long tyme) + long tyme, char *args) #else -CommandInfo(pGE, pCLServing, pCEServing, tyme) +CommandInfo(pGE, pCLServing, pCEServing, tyme, args) GRPENT *pGE; CONSCLIENT *pCLServing; CONSENT *pCEServing; long tyme; + char *args; #endif { CONSENT *pCE; CONSCLIENT *pCL; - for (pCE = pGE->pCElist; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { + if (args == (char *)0) + pCE = pGE->pCElist; + else + pCE = HuntForConsole(pGE, args); + + for (; pCE != (CONSENT *)0; pCE = pCE->pCEnext) { int comma = 0; char *s = (char *)0; FilePrint(pCLServing->fd, FLAGTRUE, "%s:%s,%lu,%hu:", pCE->server, @@ -2282,6 +2357,8 @@ CommandInfo(pGE, pCLServing, pCEServing, tyme) pCE->idletimeout, (pCE->idlestring == (char *)0 ? "" : pCE->idlestring)); BuildTmpString((char *)0); + if (args != (char *)0) + break; } } @@ -2721,7 +2798,6 @@ DoClientRead(pGE, pCLServing) { struct termios sbuf; CONSENT *pCEServing = pCLServing->pCEto; - CONSENT *pCE; int nr, i, l; unsigned char acIn[BUFSIZ], acInOrig[BUFSIZ]; time_t tyme; @@ -2919,53 +2995,8 @@ DoClientRead(pGE, pCLServing) "call requires argument\r\n", -1); else { CONSENT *pCEwant = (CONSENT *)0; - /* try to move to the given console - * we assume all the right checks for ambiguity - * were already done by the master process, so - * the first match should be what the user wants - */ - for (pCE = pGE->pCElist; pCE != (CONSENT *)0; - pCE = pCE->pCEnext) { - NAMES *n = (NAMES *)0; - if (strcasecmp(pcArgs, pCE->server) - == 0) { - pCEwant = pCE; - break; - } - for (n = pCE->aliases; n != (NAMES *)0; - n = n->next) { - if (strcasecmp(pcArgs, n->name) - == 0) { - pCEwant = pCE; - break; - } - } - if (n != (NAMES *)0) - break; - } - if (pCEwant == (CONSENT *)0 && - config->autocomplete == FLAGTRUE) { - NAMES *n = (NAMES *)0; - int len = strlen(pcArgs); - for (pCE = pGE->pCElist; pCE != (CONSENT *)0; - pCE = pCE->pCEnext) { - if (strncasecmp(pcArgs, pCE->server, len) - == 0) { - pCEwant = pCE; - break; - } - for (n = pCE->aliases; n != (NAMES *)0; - n = n->next) { - if (strncasecmp(pcArgs, n->name, len) - == 0) { - pCEwant = pCE; - break; - } - } - if (n != (NAMES *)0) - break; - } - } + + pCEwant = HuntForConsole(pGE, pcArgs); if (pCEwant == (CONSENT *)0) { FilePrint(pCLServing->fd, FLAGFALSE, @@ -3052,16 +3083,19 @@ DoClientRead(pGE, pCLServing) } } else if (pCLServing->iState == S_NORMAL && strcmp(pcCmd, "info") == 0) { - CommandInfo(pGE, pCLServing, pCEServing, tyme); + CommandInfo(pGE, pCLServing, pCEServing, tyme, pcArgs); } else if (pCLServing->iState == S_NORMAL && strcmp(pcCmd, "examine") == 0) { - CommandExamine(pGE, pCLServing, pCEServing, tyme); + CommandExamine(pGE, pCLServing, pCEServing, tyme, + pcArgs); } else if (pCLServing->iState == S_NORMAL && strcmp(pcCmd, "group") == 0) { - CommandGroup(pGE, pCLServing, pCEServing, tyme); + CommandGroup(pGE, pCLServing, pCEServing, tyme, + pcArgs); } else if (pCLServing->iState == S_NORMAL && strcmp(pcCmd, "hosts") == 0) { - CommandHosts(pGE, pCLServing, pCEServing, tyme); + CommandHosts(pGE, pCLServing, pCEServing, tyme, + pcArgs); } else if (pCLServing->iState == S_NORMAL && strcmp(pcCmd, "broadcast") == 0) { if (pcArgs == (char *)0) { @@ -3288,8 +3322,7 @@ DoClientRead(pGE, pCLServing) m = "read-only"; FilePrint(pCLServing->fd, FLAGFALSE, "[%s -- use %s %s ? for help]\r\n", - m, FmtCtl(pCLServing->ic[0], - acA1), + m, FmtCtl(pCLServing->ic[0], acA1), FmtCtl(pCLServing->ic[1], acA2)); } continue; @@ -3400,7 +3433,7 @@ DoClientRead(pGE, pCLServing) case '=': if (!pCLServing->fcon) { char *m = ConsState(pCEServing); - if (strcmp(m,"up") == 0) + if (strcmp(m, "up") == 0) FileWrite(pCLServing->fd, FLAGFALSE, "up]\r\n", -1); @@ -3414,6 +3447,11 @@ DoClientRead(pGE, pCLServing) break; case ';': if (pCLServing->fcon) { + if (ConsentUserOk + (pLUList, + pCLServing->username->string) == + 1) + goto unknownchar; FileSetQuoteIAC(pCLServing->fd, FLAGFALSE); FilePrint(pCLServing->fd, FLAGFALSE, @@ -3490,7 +3528,7 @@ DoClientRead(pGE, pCLServing) "group %s]\r\n", pGE->pCEctl->server); CommandGroup(pGE, pCLServing, pCEServing, - tyme); + tyme, (char *)0); break; case 'H': @@ -3507,7 +3545,7 @@ DoClientRead(pGE, pCLServing) FileWrite(pCLServing->fd, FLAGFALSE, "info]\r\n", -1); CommandInfo(pGE, pCLServing, pCEServing, - tyme); + tyme, (char *)0); break; case 'L': @@ -3587,7 +3625,7 @@ DoClientRead(pGE, pCLServing) FileWrite(pCLServing->fd, FLAGFALSE, "hosts]\r\n", -1); CommandHosts(pGE, pCLServing, pCEServing, - tyme); + tyme, (char *)0); break; case 'V': @@ -3614,10 +3652,14 @@ DoClientRead(pGE, pCLServing) FileWrite(pCLServing->fd, FLAGFALSE, "examine]\r\n", -1); CommandExamine(pGE, pCLServing, pCEServing, - tyme); + tyme, (char *)0); break; case '|': /* wait for client */ + if (ConsentUserOk + (pLUList, + pCLServing->username->string) == 1) + goto unknownchar; if (!pCLServing->fwr) { FileWrite(pCLServing->fd, FLAGFALSE, "attach to run local command]\r\n", @@ -3636,6 +3678,10 @@ DoClientRead(pGE, pCLServing) DEPRECATED; case 'z': /* suspend the client */ case '\032': + if (ConsentUserOk + (pLUList, + pCLServing->username->string) == 1) + goto unknownchar; FileSetQuoteIAC(pCLServing->fd, FLAGFALSE); FilePrint(pCLServing->fd, FLAGFALSE, "%c%c", OB_IAC, OB_SUSP); @@ -4094,6 +4140,9 @@ Kiddie(pGE, sfd) #endif #if defined(SIGPOLL) SimpleSignal(SIGPOLL, SIG_IGN); +#endif +#if defined(SIGXFSZ) + SimpleSignal(SIGXFSZ, SIG_IGN); #endif SimpleSignal(SIGTERM, FlagGoAway); SimpleSignal(SIGCHLD, FlagReapVirt); @@ -4166,7 +4215,7 @@ Kiddie(pGE, sfd) fSawChldHUP = 0; ReopenLogfile(); ReopenUnifiedlog(); - ReReadCfg(sfd); + ReReadCfg(sfd, -1); pGE = pGroups; ReOpen(pGE); ReUp(pGE, 0); @@ -4644,10 +4693,11 @@ Kiddie(pGE, sfd) */ void #if PROTOTYPES -Spawn(GRPENT *pGE) +Spawn(GRPENT *pGE, int msfd) #else -Spawn(pGE) +Spawn(pGE, msfd) GRPENT *pGE; + int msfd; #endif { pid_t pid; @@ -4724,7 +4774,8 @@ Spawn(pGE) if (!SetFlags(sfd, O_NONBLOCK, 0)) Bye(EX_OSERR); - while (bind(sfd, (struct sockaddr *)&lstn_port, sizeof(lstn_port)) < 0) { + while (bind(sfd, (struct sockaddr *)&lstn_port, sizeof(lstn_port)) + < 0) { if (bindBasePort && ( # if defined(EADDRINUSE) (errno == EADDRINUSE) || @@ -4781,6 +4832,10 @@ Spawn(pGE) pGE->imembers == 1 ? "console" : "consoles"); #endif + /* close the master fd - which is there *except* on startup */ + if (msfd != -1) + close(msfd); + /* clean out the master client lists - they aren't useful here and just * cause extra file descriptors and memory allocation to lie around, * not a very good thing! diff --git a/conserver/group.h b/conserver/group.h index fb55529..6e43244 100644 --- a/conserver/group.h +++ b/conserver/group.h @@ -1,5 +1,5 @@ /* - * $Id: group.h,v 5.47 2004/10/10 18:46:15 bryan Exp $ + * $Id: group.h,v 5.48 2005/05/21 17:56:14 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -64,7 +64,7 @@ typedef struct grpent { /* group info */ extern time_t timers[]; -extern void Spawn PARAMS((GRPENT *)); +extern void Spawn PARAMS((GRPENT *, int)); extern int CheckPass PARAMS((char *, char *)); extern void TagLogfile PARAMS((const CONSENT *, char *, ...)); extern void TagLogfileAct PARAMS((const CONSENT *, char *, ...)); diff --git a/conserver/main.c b/conserver/main.c index 351d0f1..e8a30eb 100644 --- a/conserver/main.c +++ b/conserver/main.c @@ -1,5 +1,5 @@ /* - * $Id: main.c,v 5.186 2004/07/14 05:28:42 bryan Exp $ + * $Id: main.c,v 5.196 2005/06/11 02:31:05 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -323,6 +323,7 @@ SetupSSL() #endif { if (ctx == (SSL_CTX *)0) { + char *ciphers; SSL_load_error_strings(); if (!SSL_library_init()) { Error("SetupSSL(): SSL_library_init() failed"); @@ -352,6 +353,9 @@ SetupSSL() config->sslcredentials); Bye(EX_SOFTWARE); } + ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH"; + } else { + ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH"; } SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback); SSL_CTX_set_options(ctx, @@ -362,8 +366,7 @@ SetupSSL() SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY); SSL_CTX_set_tmp_dh_callback(ctx, TmpDHCallback); - if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") != - 1) { + if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) { Error("SetupSSL(): setting SSL cipher list failed"); Bye(EX_SOFTWARE); } @@ -472,6 +475,9 @@ Daemonize() #if defined(SIGTSTP) SimpleSignal(SIGTSTP, SIG_IGN); #endif +#if defined(SIGXFSZ) + SimpleSignal(SIGXFSZ, SIG_IGN); +#endif fflush(stdout); fflush(stderr); @@ -697,6 +703,7 @@ DestroyDataStructures() pACList = pAC; } DestroyConsentUsers(&pADList); + DestroyConsentUsers(&pLUList); DestroyConfig(pConfig); DestroyConfig(optConf); @@ -721,7 +728,7 @@ DestroyDataStructures() DestroyBreakList(); DestroyStrings(); DestroyUserList(); - if (substData != (SUBST *) 0) + if (substData != (SUBST *)0) free(substData); } @@ -892,6 +899,9 @@ DumpDataStructures() EMPTYSTR(pCE->execSlave), EMPTYSTR(pCE->exec), (unsigned long)pCE->ipid)); + CONDDEBUG((1, + "DumpDataStructures(): execuid=%d, execgid=%d", + pCE->execuid, pCE->execgid)); break; case HOST: @@ -941,13 +951,16 @@ DumpDataStructures() FLAGSTR(pCE->crtscts))); #endif CONDDEBUG((1, - "DumpDataStructures(): reinitoncc=%s, striphigh=%s, unloved=%s", - FLAGSTR(pCE->reinitoncc), FLAGSTR(pCE->striphigh), + "DumpDataStructures(): reinitoncc=%s, striphigh=%s", + FLAGSTR(pCE->reinitoncc), FLAGSTR(pCE->striphigh))); + CONDDEBUG((1, "DumpDataStructures(): unloved=%s", FLAGSTR(pCE->unloved))); CONDDEBUG((1, "DumpDataStructures(): initpid=%lu, initcmd=%s, initfile=%d", (unsigned long)pCE->initpid, EMPTYSTR(pCE->initcmd), FileFDNum(pCE->initfile))); + CONDDEBUG((1, "DumpDataStructures(): inituid=%d, initgid=%d", + pCE->inituid, pCE->initgid)); CONDDEBUG((1, "DumpDataStructures(): motd=%s, idletimeout=%d, idlestring=%s", EMPTYSTR(pCE->motd), pCE->idletimeout, @@ -1552,7 +1565,7 @@ main(argc, argv) if (pGE->imembers == 0) continue; - Spawn(pGE); + Spawn(pGE, -1); Verbose("group #%d pid %lu on port %hu", pGE->id, (unsigned long)pGE->pid, pGE->port); } diff --git a/conserver/master.c b/conserver/master.c index 28b1ba9..2fc5090 100644 --- a/conserver/master.c +++ b/conserver/master.c @@ -1,5 +1,5 @@ /* - * $Id: master.c,v 5.128 2004/07/14 05:28:42 bryan Exp $ + * $Id: master.c,v 5.132 2005/09/05 22:22:53 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -68,9 +68,10 @@ FlagSawCHLD(sig) */ static void #if PROTOTYPES -FixKids() +FixKids(int msfd) #else -FixKids() +FixKids(msfd) + int msfd; #endif { pid_t pid; @@ -124,7 +125,7 @@ FixKids() /* this kid kid is dead, start another */ - Spawn(pGE); + Spawn(pGE, msfd); Verbose("group #%d pid %lu on port %hu", pGE->id, (unsigned long)pGE->pid, pGE->port); } @@ -497,15 +498,18 @@ DoNormalRead(pCLServing) (char *)0 }; static char *apcHelp2[] = { - "call provide port for given console\r\n", - "exit disconnect\r\n", - "groups provide ports for group leaders\r\n", - "help this help message\r\n", - "master provide a list of master servers\r\n", - "pid provide pid of master process\r\n", - "quit* terminate conserver (SIGTERM)\r\n", - "restart* restart conserver (SIGHUP)\r\n", - "version provide version info for server\r\n", + "call provide port for given console\r\n", + "exit disconnect\r\n", + "groups provide ports for group leaders\r\n", + "help this help message\r\n", + "master provide a list of master servers\r\n", + "newlogs* close and open all logfiles (SIGUSR2)\r\n", + "pid provide pid of master process\r\n", + "quit* terminate conserver (SIGTERM)\r\n", + "restart* restart conserver (SIGHUP) - deprecated\r\n", + "reconfig* reread config file (SIGHUP)\r\n", + "version provide version info for server\r\n", + "up* bring up all downed consoles (SIGUSR1)\r\n", "* = requires admin privileges\r\n", (char *)0 }; @@ -638,6 +642,41 @@ DoNormalRead(pCLServing) } else FileWrite(pCLServing->fd, FLAGFALSE, "unauthorized command\r\n", -1); + } else if (pCLServing->iState == S_NORMAL && + strcmp(pcCmd, "reconfig") == 0) { + if (ConsentUserOk(pADList, pCLServing->username->string) == + 1) { + FileWrite(pCLServing->fd, FLAGFALSE, + "ok -- reconfiguring\r\n", -1); + Verbose("reconfig command by %s", + pCLServing->acid->string); + kill(thepid, SIGHUP); + } else + FileWrite(pCLServing->fd, FLAGFALSE, + "unauthorized command\r\n", -1); + } else if (pCLServing->iState == S_NORMAL && + strcmp(pcCmd, "up") == 0) { + if (ConsentUserOk(pADList, pCLServing->username->string) == + 1) { + FileWrite(pCLServing->fd, FLAGFALSE, + "ok -- bringing up consoles\r\n", -1); + Verbose("up command by %s", pCLServing->acid->string); + kill(thepid, SIGUSR1); + } else + FileWrite(pCLServing->fd, FLAGFALSE, + "unauthorized command\r\n", -1); + } else if (pCLServing->iState == S_NORMAL && + strcmp(pcCmd, "newlogs") == 0) { + if (ConsentUserOk(pADList, pCLServing->username->string) == + 1) { + FileWrite(pCLServing->fd, FLAGFALSE, + "ok -- opening new logfiles\r\n", -1); + Verbose("newlogs command by %s", + pCLServing->acid->string); + kill(thepid, SIGUSR2); + } else + FileWrite(pCLServing->fd, FLAGFALSE, + "unauthorized command\r\n", -1); } else if (pCLServing->iState == S_NORMAL && strcmp(pcCmd, "groups") == 0) { int iSep = 1; @@ -707,6 +746,9 @@ Master() #endif #if defined(SIGPOLL) SimpleSignal(SIGPOLL, SIG_IGN); +#endif +#if defined(SIGXFSZ) + SimpleSignal(SIGXFSZ, SIG_IGN); #endif SimpleSignal(SIGCHLD, FlagSawCHLD); SimpleSignal(SIGTERM, FlagQuitIt); @@ -816,7 +858,7 @@ Master() for (fSawQuit = 0; !fSawQuit; /* can't close here :-( */ ) { if (fSawCHLD) { fSawCHLD = 0; - FixKids(); + FixKids(msfd); } if (fSawHUP) { fSawHUP = 0; @@ -824,7 +866,7 @@ Master() ReopenLogfile(); ReopenUnifiedlog(); SignalKids(SIGHUP); - ReReadCfg(msfd); + ReReadCfg(msfd, msfd); /* fix up the client descriptors since ReReadCfg() doesn't * see them like it can in the child processes */ for (pCL = pCLmall; pCL != (CONSCLIENT *)0; pCL = pCL->pCLscan) { diff --git a/conserver/readcfg.c b/conserver/readcfg.c index 563268a..58d3a89 100644 --- a/conserver/readcfg.c +++ b/conserver/readcfg.c @@ -1,5 +1,5 @@ /* - * $Id: readcfg.c,v 5.181 2004/10/25 07:18:19 bryan Exp $ + * $Id: readcfg.c,v 5.189 2005/09/05 21:55:49 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -25,6 +25,9 @@ #include +#include +#include + #include #include #include @@ -39,6 +42,7 @@ GRPENT *pGroups = (GRPENT *)0; REMOTE *pRCList = (REMOTE *)0; ACCESS *pACList = (ACCESS *)0; CONSENTUSERS *pADList = (CONSENTUSERS *)0; +CONSENTUSERS *pLUList = (CONSENTUSERS *)0; REMOTE *pRCUniq = (REMOTE *)0; CONFIG *pConfig = (CONFIG *)0; BREAKS breakList[9] = { @@ -242,7 +246,11 @@ BreakDestroy() { int i; for (i = 0; i < 9; i++) { - Msg("Break[%d] = `%s', delay=%d", i, breakList[i].seq->string, + Msg("Break[%d] = `%s', delay=%d", i, + breakList[i].seq == + (STRING *)0 ? "(null)" : (breakList[i].seq-> + string ? breakList[i].seq-> + string : "(null)"), breakList[i].delay); } } @@ -631,6 +639,14 @@ ApplyDefault(d, c) c->idletimeout = d->idletimeout; if (d->logfilemax != 0) c->logfilemax = d->logfilemax; + if (d->inituid != 0) + c->inituid = d->inituid; + if (d->initgid != 0) + c->initgid = d->initgid; + if (d->execuid != 0) + c->execuid = d->execuid; + if (d->execgid != 0) + c->execgid = d->execgid; if (d->raw != FLAGUNKNOWN) c->raw = d->raw; if (d->port != 0) @@ -933,7 +949,7 @@ DefaultItemDevice(id) ProcessDevice(parserDefaultTemp, id); } -SUBST *substData = (SUBST *) 0; +SUBST *substData = (SUBST *)0; int #if PROTOTYPES @@ -947,9 +963,8 @@ SubstCallback(c, s, i) { int retval = 0; - if (substData == (SUBST *) 0) { - if ((substData = - (SUBST *) calloc(1, sizeof(SUBST))) == (SUBST *) 0) + if (substData == (SUBST *)0) { + if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0) OutOfMem(); substData->callback = &SubstCallback; substData->tokens['p'] = ISNUMBER; @@ -1029,6 +1044,127 @@ DefaultItemInitsubst(id) "initsubst", id); } +void +#if PROTOTYPES +ProcessUidGid(uid_t * uid, gid_t * gid, char *id) +#else +ProcessUidGid(uid, gid, id) + uid_t *uid; + gid_t *gid; + char *id; +#endif +{ + char *colon = (char *)0; + int i; + + CONDDEBUG((1, "ProcessUidGid(%s) [%s:%d]", id, file, line)); + + *uid = *gid = 0; + + if (id == (char *)0 || id[0] == '\000') + return; + + /* hunt for colon */ + if ((colon = strchr(id, ':')) != (char *)0) + *colon = '\000'; + + if (id[0] != '\000') { + /* Look for non-numeric characters */ + for (i = 0; id[i] != '\000'; i++) + if (!isdigit((int)id[i])) + break; + if (id[i] == '\000') { + *uid = (uid_t) atoi(id); + } else { + struct passwd *pwd = (struct passwd *)0; + if ((pwd = getpwnam(id)) == (struct passwd *)0) { + CONDDEBUG((1, "ProcessUidGid(): getpwnam(%s): %s", id, + strerror(errno))); + if (isMaster) + Error("invalid user name `%s' [%s:%d]", id, file, + line); + } else { + *uid = pwd->pw_uid; + } + } + } + + if (colon != (char *)0) { + *colon = ':'; + colon++; + if (*colon != '\000') { + /* Look for non-numeric characters */ + for (i = 0; colon[i] != '\000'; i++) + if (!isdigit((int)colon[i])) + break; + if (colon[i] == '\000') { + *gid = (gid_t) atoi(colon); + } else { + struct group *grp = (struct group *)0; + if ((grp = getgrnam(colon)) == (struct group *)0) { + CONDDEBUG((1, "ProcessUidGid(): getgrnam(%s): %s", + colon, strerror(errno))); + if (isMaster) + Error("invalid group name `%s' [%s:%d]", colon, + file, line); + } else { + *gid = grp->gr_gid; + } + } + } + } +} + +void +#if PROTOTYPES +ProcessInitrunas(CONSENT *c, char *id) +#else +ProcessInitrunas(c, id) + CONSENT *c; + char *id; +#endif +{ + CONDDEBUG((1, "ProcessInitrunas(%s) [%s:%d]", id, file, line)); + ProcessUidGid(&(c->inituid), &(c->initgid), id); +} + +void +#if PROTOTYPES +ProcessExecrunas(CONSENT *c, char *id) +#else +ProcessExecrunas(c, id) + CONSENT *c; + char *id; +#endif +{ + CONDDEBUG((1, "ProcessExecrunas(%s) [%s:%d]", id, file, line)); + ProcessUidGid(&(c->execuid), &(c->execgid), id); +} + +void +#if PROTOTYPES +DefaultItemInitrunas(char *id) +#else +DefaultItemInitrunas(id) + char *id; +#endif +{ + CONDDEBUG((1, "DefaultItemInitrunas(%s) [%s:%d]", id, file, line)); + ProcessInitrunas(parserDefaultTemp, id); +} + +void +#if PROTOTYPES +DefaultItemExecrunas(char *id) +#else +DefaultItemExecrunas(id) + char *id; +#endif +{ + CONDDEBUG((1, "DefaultItemExecrunas(%s) [%s:%d]", id, file, line)); + ProcessExecrunas(parserDefaultTemp, id); +} + void #if PROTOTYPES ProcessExec(CONSENT *c, char *id) @@ -2595,6 +2731,14 @@ ConsoleAdd(c) SwapStr(&pCEmatch->exec, &c->exec); closeMatch = 0; } + if (pCEmatch->execuid != c->execuid) { + pCEmatch->execuid = c->execuid; + closeMatch = 0; + } + if (pCEmatch->execgid != c->execgid) { + pCEmatch->execgid = c->execgid; + closeMatch = 0; + } if (pCEmatch->ixany != c->ixany) { pCEmatch->ixany = c->ixany; closeMatch = 0; @@ -2711,6 +2855,8 @@ ConsoleAdd(c) pCEmatch->reinitoncc = c->reinitoncc; pCEmatch->autoreinit = c->autoreinit; pCEmatch->unloved = c->unloved; + pCEmatch->inituid = c->inituid; + pCEmatch->initgid = c->initgid; while (pCEmatch->aliases != (NAMES *)0) { NAMES *name; name = pCEmatch->aliases->next; @@ -3166,6 +3312,30 @@ ConsoleItemInitsubst(id) "initsubst", id); } +void +#if PROTOTYPES +ConsoleItemInitrunas(char *id) +#else +ConsoleItemInitrunas(id) + char *id; +#endif +{ + CONDDEBUG((1, "ConsoleItemInitrunas(%s) [%s:%d]", id, file, line)); + ProcessInitrunas(parserConsoleTemp, id); +} + +void +#if PROTOTYPES +ConsoleItemExecrunas(char *id) +#else +ConsoleItemExecrunas(id) + char *id; +#endif +{ + CONDDEBUG((1, "ConsoleItemExecrunas(%s) [%s:%d]", id, file, line)); + ProcessExecrunas(parserConsoleTemp, id); +} + void #if PROTOTYPES ConsoleItemExec(char *id) @@ -3447,6 +3617,7 @@ typedef struct parserAccess { STRING *name; ACCESS *access; CONSENTUSERS *admin; + CONSENTUSERS *limited; struct parserAccess *next; } PARSERACCESS; @@ -3496,6 +3667,7 @@ DestroyParserAccess(pa) a = n; } DestroyConsentUsers(&(pa->admin)); + DestroyConsentUsers(&(pa->limited)); free(pa); CONDDEBUG((2, "DestroyParserAccess(): %s", m)); } @@ -3626,6 +3798,7 @@ AccessDestroy() PARSERACCESS *p; ACCESS **ppa; CONSENTUSERS **pad; + CONSENTUSERS **plu; CONDDEBUG((1, "AccessDestroy() [%s:%d]", file, line)); @@ -3638,10 +3811,13 @@ AccessDestroy() pACList = (ACCESS *)0; DestroyConsentUsers(&(pADList)); + DestroyConsentUsers(&(pLUList)); pADList = (CONSENTUSERS *)0; + pLUList = (CONSENTUSERS *)0; ppa = &(pACList); pad = &(pADList); + plu = &(pLUList); for (p = parserAccesses; p != (PARSERACCESS *)0; p = p->next) { #if DUMPDATA @@ -3654,6 +3830,9 @@ AccessDestroy() for (u = p->admin; u != (CONSENTUSERS *)0; u = u->next) { Msg(" Admin = %s", u->user->name); } + for (u = p->limited; u != (CONSENTUSERS *)0; u = u->next) { + Msg(" Limited = %s", u->user->name); + } } #endif if ((p->name->used == 2 && p->name->string[0] == '*') || @@ -3667,6 +3846,11 @@ AccessDestroy() *pad = p->admin; p->admin = (CONSENTUSERS *)0; } + /* add any limited users to the list */ + if (p->limited != (CONSENTUSERS *)0) { + *plu = p->limited; + p->limited = (CONSENTUSERS *)0; + } /* advance to the end of the list so we can append more * this will potentially have duplicates in the access @@ -3679,6 +3863,9 @@ AccessDestroy() while (*pad != (CONSENTUSERS *)0) { pad = &((*pad)->next); } + while (*plu != (CONSENTUSERS *)0) { + plu = &((*plu)->next); + } } } @@ -3700,6 +3887,18 @@ AccessItemAdmin(id) ProcessRoRw(&(parserAccessTemp->admin), id); } +void +#if PROTOTYPES +AccessItemLimited(char *id) +#else +AccessItemLimited(id) + char *id; +#endif +{ + CONDDEBUG((1, "AccessItemLimited(%s) [%s:%d]", id, file, line)); + ProcessRoRw(&(parserAccessTemp->limited), id); +} + void #if PROTOTYPES AccessItemInclude(char *id) @@ -3729,6 +3928,9 @@ AccessItemInclude(id) } if (pa->admin != (CONSENTUSERS *)0) CopyConsentUserList(pa->admin, &(parserAccessTemp->admin)); + if (pa->limited != (CONSENTUSERS *)0) + CopyConsentUserList(pa->limited, + &(parserAccessTemp->limited)); } } } @@ -4393,6 +4595,7 @@ ITEM keyDefault[] = { {"device", DefaultItemDevice}, {"devicesubst", DefaultItemDevicesubst}, {"exec", DefaultItemExec}, + {"execrunas", DefaultItemExecrunas}, {"execsubst", DefaultItemExecsubst}, /* {"flow", DefaultItemFlow}, */ {"host", DefaultItemHost}, @@ -4400,6 +4603,7 @@ ITEM keyDefault[] = { {"idletimeout", DefaultItemIdletimeout}, {"include", DefaultItemInclude}, {"initcmd", DefaultItemInitcmd}, + {"initrunas", DefaultItemInitrunas}, {"initspinmax", DefaultItemInitspinmax}, {"initspintimer", DefaultItemInitspintimer}, {"initsubst", DefaultItemInitsubst}, @@ -4427,6 +4631,7 @@ ITEM keyConsole[] = { {"device", ConsoleItemDevice}, {"devicesubst", ConsoleItemDevicesubst}, {"exec", ConsoleItemExec}, + {"execrunas", ConsoleItemExecrunas}, {"execsubst", ConsoleItemExecsubst}, /* {"flow", ConsoleItemFlow}, */ {"host", ConsoleItemHost}, @@ -4434,6 +4639,7 @@ ITEM keyConsole[] = { {"idletimeout", ConsoleItemIdletimeout}, {"include", ConsoleItemInclude}, {"initcmd", ConsoleItemInitcmd}, + {"initrunas", ConsoleItemInitrunas}, {"initspinmax", ConsoleItemInitspinmax}, {"initspintimer", ConsoleItemInitspintimer}, {"initsubst", ConsoleItemInitsubst}, @@ -4458,6 +4664,7 @@ ITEM keyAccess[] = { {"admin", AccessItemAdmin}, {"allowed", AccessItemAllowed}, {"include", AccessItemInclude}, + {"limited", AccessItemLimited}, {"rejected", AccessItemRejected}, {"trusted", AccessItemTrusted}, {(char *)0, (void *)0} @@ -4555,10 +4762,11 @@ ReadCfg(filename, fp) void #if PROTOTYPES -ReReadCfg(int fd) +ReReadCfg(int fd, int msfd) #else -ReReadCfg(fd) +ReReadCfg(fd, msfd) int fd; + int msfd; #endif { FILE *fpConfig; @@ -4587,7 +4795,7 @@ ReReadCfg(fd) kill(thepid, SIGTERM); /* shoot myself in the head */ return; } else { - Error("no consoles to manage after reconfiguration - exiting"); + Msg("no consoles to manage in child process after reconfiguration - child exiting"); DeUtmp((GRPENT *)0, fd); } } @@ -4802,7 +5010,7 @@ ReReadCfg(fd) if (pGE->imembers == 0 || pGE->pid != -1) continue; - Spawn(pGE); + Spawn(pGE, msfd); Verbose("group #%d pid %lu on port %hu", pGE->id, (unsigned long)pGE->pid, pGE->port); diff --git a/conserver/readcfg.h b/conserver/readcfg.h index a5b99db..2ec23be 100644 --- a/conserver/readcfg.h +++ b/conserver/readcfg.h @@ -1,5 +1,5 @@ /* - * $Id: readcfg.h,v 5.41 2004/07/14 05:28:42 bryan Exp $ + * $Id: readcfg.h,v 5.45 2005/06/07 19:55:51 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -42,12 +42,13 @@ extern REMOTE *pRCList; /* list of remote consoles we know about */ extern REMOTE *pRCUniq; /* list of uniq console servers */ extern ACCESS *pACList; /* `who do you love' (or trust) */ extern CONSENTUSERS *pADList; /* list of admin users */ +extern CONSENTUSERS *pLUList; /* list of limited users */ extern BREAKS breakList[9]; /* list of break sequences */ extern CONFIG *pConfig; /* settings seen by config parser */ extern SUBST *substData; /* substitution function data */ extern void ReadCfg PARAMS((char *, FILE *)); -extern void ReReadCfg PARAMS((int)); +extern void ReReadCfg PARAMS((int, int)); extern void DestroyBreakList PARAMS((void)); extern void DestroyUserList PARAMS((void)); extern void DestroyConfig PARAMS((CONFIG *)); diff --git a/conserver/version.h b/conserver/version.h index c450bad..7067158 100644 --- a/conserver/version.h +++ b/conserver/version.h @@ -1,5 +1,5 @@ /* - * $Id: version.h,v 1.70 2004/11/09 08:24:01 bryan Exp $ + * $Id: version.h,v 1.71 2005/09/05 23:13:14 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -14,4 +14,4 @@ @(#) Copyright 2000 conserver.com.\n\ All rights reserved.\n" -#define THIS_VERSION "conserver.com version 8.1.11" +#define THIS_VERSION "conserver.com version 8.1.12" diff --git a/console/console.c b/console/console.c index 2297b77..f05e7d1 100644 --- a/console/console.c +++ b/console/console.c @@ -1,5 +1,5 @@ /* - * $Id: console.c,v 5.169 2004/10/25 07:18:20 bryan Exp $ + * $Id: console.c,v 5.176 2005/09/05 22:34:39 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -57,6 +57,7 @@ char *gotoName = (char *)0; char *prevName = (char *)0; CONFIG *optConf = (CONFIG *)0; CONFIG *config = (CONFIG *)0; +FLAG interact = FLAGFALSE; #if HAVE_OPENSSL SSL_CTX *ctx = (SSL_CTX *)0; @@ -69,6 +70,7 @@ SetupSSL() #endif { if (ctx == (SSL_CTX *)0) { + char *ciphers; SSL_load_error_strings(); if (!SSL_library_init()) { Error("SSL library initialization failed"); @@ -95,6 +97,9 @@ SetupSSL() config->sslcredentials); Bye(EX_UNAVAILABLE); } + ciphers = "ALL:!LOW:!EXP:!MD5:!aNULL:@STRENGTH"; + } else { + ciphers = "ALL:!LOW:!EXP:!MD5:@STRENGTH"; } SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback); SSL_CTX_set_options(ctx, @@ -104,8 +109,7 @@ SetupSSL() SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY); - if (SSL_CTX_set_cipher_list(ctx, "ALL:!LOW:!EXP:!MD5:@STRENGTH") != - 1) { + if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1) { Error("Setting SSL cipher list failed"); Bye(EX_UNAVAILABLE); } @@ -202,7 +206,7 @@ Usage(wantfull) #endif "f(F) force read/write connection (and replay)", "h output this message", - "i(I) display information in machine-parseable form (on master)", + "i(I) display status info in machine-parseable form (on master)", "l user use username instead of current username", "M master master server to poll first", "n do not read system-wide config file", @@ -222,21 +226,20 @@ Usage(wantfull) "V show version information", "w(W) show who is on which console (on master)", "x examine ports and baud rates", + "z(Z) cmd send a command to the (master) server (think 'z'ap)", (char *)0 }; - fprintf(stderr, - "usage: %s [-aAfFsS] [-7DEnUv] [-c cred] [-C config] [-M master] [-p port] [-e esc] [-l username] console\n", - progname); - fprintf(stderr, - " %s [-hiIPrRuVwWx] [-7DEnUv] [-c cred] [-C config] [-M master] [-p port] [-d [user][@console]] [-[bB] message] [-t [user][@console] message]\n", - progname); - fprintf(stderr, - " %s [-qQ] [-7DEnUv] [-c cred] [-C config] [-M master] [-p port]\n", - progname); + fprintf(stderr, "usage: %s [generic-args] [-aAfFsS] [-e esc] console\n\ + %s [generic-args] [-iIuwWx] [console]\n\ + %s [generic-args] [-hPqQrRV] [-[bB] message] [-d [user][@console]]\n\ + [-t [user][@console] message] [-[zZ] cmd]\n\n\ + generic-args: [-7DEnUv] [-c cred] [-C config] [-M master]\n\ + [-p port] [-l username]\n", progname, progname, progname); if (wantfull) { int i; + fprintf(stderr, "\n"); for (i = 0; full[i] != (char *)0; i++) fprintf(stderr, "\t%s\n", full[i]); } @@ -615,7 +618,7 @@ DestroyDataStructures() if (myAddrs != (struct in_addr *)0) free(myAddrs); DestroyStrings(); - if (substData != (SUBST *) 0) + if (substData != (SUBST *)0) free(substData); } @@ -1397,8 +1400,7 @@ CallUp(pcf, pcMaster, pcMach, pcHow, result) /* try to grok the state of the console */ FilePrint(pcf, FLAGFALSE, "%c%c=", chAttn, chEsc); r = ReadReply(pcf, 0); - if (strncmp(r, "[unknown", 8) != 0 && - strncmp(r, "[up]", 4) != 0) + if (strncmp(r, "[unknown", 8) != 0 && strncmp(r, "[up]", 4) != 0) FileWrite(cfstdout, FLAGFALSE, r, -1); printf("[Enter `"); @@ -1636,28 +1638,52 @@ DoCmds(master, pports, cmdi) Error("forwarding level too deep!"); Bye(EX_SOFTWARE); } - } else if (result[0] != '[') { /* did we not get a connection? */ - limit = 0; - FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName, - result); - FileClose(&pcf); - continue; + FileWrite(pcf, FLAGFALSE, "exit\r\n", 6); + t = ReadReply(pcf, 1); } else { - limit = 0; - CallUp(pcf, server, cmdarg, cmds[0], result); - if (pcf != gotoConsole) + /* if we're not trying to connect to a console */ + if (interact == FLAGFALSE) { + FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName, + result); FileClose(&pcf); - break; + continue; + } + if (result[0] != '[') { /* did we not get a connection? */ + limit = 0; + FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName, + result); + FileClose(&pcf); + continue; + } else { + limit = 0; + CallUp(pcf, server, cmdarg, cmds[0], result); + if (pcf != gotoConsole) + FileClose(&pcf); + break; + } } } else if (cmds[cmdi][0] == 'q') { - t = ReadReply(pcf, 0); - FileWrite(cfstdout, FLAGFALSE, t, -1); + if (cmdi == 0) { + t = ReadReply(pcf, 0); + FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName, t); + } else { + FilePrint(cfstdout, FLAGFALSE, "%s: %s", serverName, + result); + } + /* only say 'exit' if 'quit' failed...since it's dying anyway */ if (t[0] != 'o' || t[1] != 'k') { FileWrite(pcf, FLAGFALSE, "exit\r\n", 6); t = ReadReply(pcf, 1); } } else { /* all done */ + /* ok, this is whacky. if cmdi==0, we haven't read back the + * reply yet, so 't' is going to have multiple lines out output + * since we send the 'exit' command...first line (or set of + * lines) would be the previous command, and then a 'goodbye' + * (ideally). we monkey around below because of this. + * like i said. wacky. + */ FileWrite(pcf, FLAGFALSE, "exit\r\n", 6); t = ReadReply(pcf, cmdi == 0 ? 1 : 0); @@ -1668,6 +1694,7 @@ DoCmds(master, pports, cmdi) free(result); if ((result = StrDup(t)) == (char *)0) OutOfMem(); + /* strip off the goodbye from the tail of the result */ len = strlen(result); if (len > 8 && strcmp("goodbye\r\n", result + len - 9) == 0) { @@ -1688,9 +1715,12 @@ DoCmds(master, pports, cmdi) } } else if ((cmds[0][0] != 'b' && cmds[0][0] != 't') || (result[0] != 'o' || result[1] != 'k')) { - /* did a 'master' before this or doing a 'disconnect' */ + /* did a 'master' before this or doing a 'disconnect', + * 'reconfig', 'newlogs', or 'up' + */ if ((cmds[1] != (char *)0 && cmds[1][0] == 'm') || - cmds[0][0] == 'd') { + cmds[0][0] == 'd' || cmds[0][0] == 'r' || + cmds[0][0] == 'n' || cmds[0][0] == 'u') { FileWrite(cfstdout, FLAGTRUE, serverName, -1); FileWrite(cfstdout, FLAGTRUE, ": ", 2); } @@ -1702,7 +1732,7 @@ DoCmds(master, pports, cmdi) FileClose(&pcf); /* this would only be true if we got extra redirects (@... above) */ - if (cmds[cmdi][0] == 'c') + if (cmds[cmdi][0] == 'c' && interact == FLAGTRUE) DoCmds(server, result, cmdi); else if (cmdi > 0) DoCmds(server, result, cmdi - 1); @@ -1739,7 +1769,8 @@ main(argc, argv) int opt; int fLocal; static STRING *acPorts = (STRING *)0; - static char acOpts[] = "7aAb:B:c:C:d:De:EfFhiIl:M:np:PqQrRsSt:uUvVwWx"; + static char acOpts[] = + "7aAb:B:c:C:d:De:EfFhiIl:M:np:PqQrRsSt:uUvVwWxz:Z:"; extern int optind; extern int optopt; extern char *optarg; @@ -1748,6 +1779,23 @@ main(argc, argv) static STRING *consoleName = (STRING *)0; short readSystemConf = 1; char *userConf = (char *)0; + typedef struct zaps { + char *opt; + char *cmd; + char *desc; + } ZAPS; + ZAPS zap[] = { + {"bringup, SIGUSR1", "up", "bring up any consoles that are down"}, + {"help", (char *)0, "this help message"}, + {"pid", "pid", "display master process ids"}, + {"quit, SIGTERM", "quit", "terminate the server"}, + {"reconfig, SIGHUP", "reconfig", + "reread configuration file, then do 'reopen' actions"}, + {"reopen, SIGUSR2", "newlogs", + "reopen all logfiles, then do 'bringup' actions"}, + {"version", "version", "display version information"} + }; + int isZap = 0; isMultiProc = 0; /* make sure stuff DOESN'T have the pid */ @@ -1940,6 +1988,53 @@ main(argc, argv) fVersion = 1; break; + case 'Z': /* only send cmd this host */ + fLocal = 1; + /*fallthough */ + case 'z': /* send a command to the server */ + pcCmd = (char *)0; + for (isZap = sizeof(zap) / sizeof(ZAPS) - 1; isZap >= 0; + isZap--) { + char *token = (char *)0; + char *str = (char *)0; + if (zap[isZap].cmd == (char *)0) /* skip non-action ones */ + continue; + BuildTmpString((char *)0); + str = BuildTmpString(zap[isZap].opt); + for (token = strtok(str, ", "); token != (char *)0; + token = strtok(NULL, ", ")) { + if (strcasecmp(optarg, token) == 0) { + pcCmd = zap[isZap].cmd; + isZap++; + break; + } + } + if (pcCmd) + break; + } + if (isZap < 0) { + if (strcasecmp(optarg, "help") == 0) { + STRING *help; + help = AllocString(); + BuildString("available -z commands:\n\n", help); + for (isZap = 0; isZap < sizeof(zap) / sizeof(ZAPS); + isZap++) { + char *str; + BuildTmpString((char *)0); + str = + BuildTmpStringPrint(" %16s %s\n", + zap[isZap].opt, + zap[isZap].desc); + BuildString(str, help); + } + Error(help->string); + } else + Error("invalid -z command: `%s' (try `help')", + optarg); + Bye(EX_UNAVAILABLE); + } + break; + case 'h': /* huh? */ Usage(1); Bye(EX_OK); @@ -2068,6 +2163,7 @@ main(argc, argv) } if (*pcCmd == 'a' || *pcCmd == 'f' || *pcCmd == 's') { + /* attach, force-attach, and spy */ if (optind >= argc) { Error("missing console name"); Bye(EX_UNAVAILABLE); @@ -2077,6 +2173,7 @@ main(argc, argv) if ((cmdarg = StrDup(argv[optind++])) == (char *)0) OutOfMem(); } else if (*pcCmd == 't') { + /* text message */ if (optind >= argc) { Error("missing message text"); Bye(EX_UNAVAILABLE); @@ -2085,6 +2182,15 @@ main(argc, argv) free(cmdarg); if ((cmdarg = StrDup(argv[optind++])) == (char *)0) OutOfMem(); + } else if (*pcCmd == 'i' || *pcCmd == 'e' || *pcCmd == 'h' || + *pcCmd == 'g') { + /* info, e(x)amine, hosts (u), groups (w) */ + if (optind < argc) { + if (cmdarg != (char *)0) + free(cmdarg); + if ((cmdarg = StrDup(argv[optind++])) == (char *)0) + OutOfMem(); + } } if (optind < argc) { @@ -2156,12 +2262,18 @@ main(argc, argv) cmdi = -1; cmds[++cmdi] = pcCmd; - if (*pcCmd == 'q' || *pcCmd == 'v' || *pcCmd == 'p') { + if (*pcCmd == 'q' || *pcCmd == 'v' || *pcCmd == 'p' || *pcCmd == 'r' || + isZap) { if (!fLocal) cmds[++cmdi] = "master"; } else if (*pcCmd == 'a' || *pcCmd == 'f' || *pcCmd == 's') { ValidateEsc(); cmds[++cmdi] = "call"; + interact = FLAGTRUE; + } else if (cmdarg != (char *)0 && + (*pcCmd == 'i' || *pcCmd == 'e' || *pcCmd == 'h' || + *pcCmd == 'g')) { + cmds[++cmdi] = "call"; } else { cmds[++cmdi] = "groups"; if (!fLocal) diff --git a/console/console.man b/console/console.man index f387d13..398d7ce 100644 --- a/console/console.man +++ b/console/console.man @@ -1,10 +1,34 @@ -.\" $Id: console.man,v 1.55 2004/07/14 05:28:42 bryan Exp $ -.TH CONSOLE 1 "2004/07/14" "conserver-8.1.11" "conserver" +.\" $Id: console.man,v 1.58 2005/09/05 22:17:33 bryan Exp $ +.TH CONSOLE 1 "2005/09/05" "conserver-8.1.12" "conserver" .SH NAME console \- console server client program .SH SYNOPSIS .B console +.RI [ generic-args ] .RB [ \-aAfFsS ] +.BR [ \-e +.IR esc ] +.I console +.br +.B console +.RI [ generic-args ] +.RB [ \-iIuwWx ] +.RI [ console ] +.br +.B console +.RI [ generic-args ] +.RB [ \-hPqQrRV ] +.RB [ \- [ bB ] +.IR message ] +.RB [ \-d +.RI [ user ][\f3@\fP console ]] +.RB [ \-t +.RI [ user ][\f3@\fP console ] +.IR message ] +.RB [ \- [ zZ ] +.IR cmd ] +.PP +.IR generic-args : .RB [ \-7DEnUv ] .RB [ \-c .IR cred ] @@ -14,42 +38,8 @@ console \- console server client program .IR master ] .BR [ \-p .IR port ] -.BR [ \-e -.IR esc ] .BR [ \-l .IR user ] -.I console -.br -.B console -.RB [ \-hiIPrRuVwWx ] -.RB [ \-7DEnUv ] -.RB [ \-c -.IR cred ] -.RB [ \-C -.IR config ] -.RB [ \-M -.IR master ] -.RB [ \-p -.IR port ] -.RB [ \-d -.RI [ user ][\f3@\fP console ]] -.RB [ \- [ bB ] -.IR message ] -.RB [ \-t -.RI [ user ][\f3@\fP console ] -.IR message ] -.br -.B console -.RB [ \-qQ ] -.RB [ \-7DEnUv ] -.RB [ \-c -.IR cred ] -.RB [ \-C -.IR config ] -.RB [ \-M -.IR master ] -.RB [ \-p -.IR port ] .SH DESCRIPTION .B Console is used to manipulate console terminals remotely or to poll running @@ -129,7 +119,7 @@ Load an SSL certificate and key from the PEM encoded file .TP .BI \-C config Use the per-user configuration file -.IR conf . +.IR config . .TP .B \-d Disconnect the users specified by @@ -182,7 +172,7 @@ except it will force any existing connection into spy mode. Display a brief help message. .TP .B \-i -Display information in a machine-parseable format (see below for the details). +Display status information in a machine-parseable format (see below for the details). .TP .B \-I Same as @@ -338,6 +328,72 @@ but just acts on the primary server. .TP .B \-x Show a list of consoles and devices. +.TP +.BI \-z cmd +Sends a command +.RI ( cmd ) +to each server and displays the result. +The valid commands are: +.RS +.sp +.PD 0 +.TP 12 +.B bringup +Try to connect all consoles marked as down (this is equivalent +to sending the server a SIGUSR1) +.TP +.B SIGUSR1 +Same as +.B bringup +.TP +.B help +Displays the help message +.TP +.B pid +Returns the pid of the server (this is equivalent to +.BR \-P ) +.TP +.B quit +Instructs the server to shut down (this is equivalent to +.B \-q +or sending the server a SIGTERM) +.TP +.B SIGTERM +Same as +.B quit +.TP +.B reconfig +Instructs the server to reload the configuration file, then +perform the actions of +.B reopen +(this is equivalent to sending the server a SIGHUP) +.TP +.B SIGHUP +Same as +.B reconfig +.TP +.B reopen +Instructs the server to reopen all logfiles, then +perform the actions of +.B bringup +(this is equivalent to sending the server a SIGUSR2) +.TP +.B SIGUSR2 +Same as +.B reopen +.TP +.B version +Returns the version of the server (this is equivalent to +.BR \-V ) +.PD +.RE +.TP +.BI \-Z cmd +Same as +.B \-z +but just sends +.I cmd +to the primary server. .PP The .BR \-A , @@ -350,8 +406,15 @@ making the connection (as if were typed). .PP The +.BR \-i , +.BR \-u , +.BR \-w ", and" +.B \-x +options can be given a console name, which will limit their output to that console. +.PP +The .B \-i -option outputs information regarding each console in 15 colon-separated fields. +option outputs status information regarding each console in 15 colon-separated fields. .TP .I name The name of the console. diff --git a/console/readconf.c b/console/readconf.c index d09733a..a934022 100644 --- a/console/readconf.c +++ b/console/readconf.c @@ -1,5 +1,5 @@ /* - * $Id: readconf.c,v 5.2 2004/05/25 00:38:15 bryan Exp $ + * $Id: readconf.c,v 5.3 2005/06/11 02:32:21 bryan Exp $ * * Copyright conserver.com, 2000 * @@ -510,7 +510,7 @@ ConfigItemUsername(id) OutOfMem(); } -SUBST *substData = (SUBST *) 0; +SUBST *substData = (SUBST *)0; int #if PROTOTYPES @@ -524,9 +524,8 @@ SubstCallback(c, s, i) { int retval = 0; - if (substData == (SUBST *) 0) { - if ((substData = - (SUBST *) calloc(1, sizeof(SUBST))) == (SUBST *) 0) + if (substData == (SUBST *)0) { + if ((substData = (SUBST *)calloc(1, sizeof(SUBST))) == (SUBST *)0) OutOfMem(); substData->callback = &SubstCallback; substData->tokens['u'] = ISSTRING; diff --git a/contrib/redhat-rpm/conserver.spec b/contrib/redhat-rpm/conserver.spec index 7c9e391..822b2c3 100644 --- a/contrib/redhat-rpm/conserver.spec +++ b/contrib/redhat-rpm/conserver.spec @@ -4,7 +4,7 @@ # %define pkg conserver -%define ver 8.1.11 +%define ver 8.1.12 # define the name of the machine on which the main conserver # daemon will be running if you don't want to use the default diff --git a/contrib/solaris-package/pkginfo b/contrib/solaris-package/pkginfo index ce349b4..94c1855 100644 --- a/contrib/solaris-package/pkginfo +++ b/contrib/solaris-package/pkginfo @@ -1,7 +1,7 @@ PKG="conserver" NAME="Console server and client" CATEGORY="system" -VERSION="8.1.11" +VERSION="8.1.12" DESC="Console server and client" CLASSES=none ARCH=sparc diff --git a/test/dotest b/test/dotest index ef789d1..89bc1be 100755 --- a/test/dotest +++ b/test/dotest @@ -94,5 +94,7 @@ dotest 'cocacoc.' dotest EVAL "echo 'tu.' | ../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -e 'tu' shell" dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -R | sed -e 's/ [^ ]*$//'" dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x | sed -e 's/ on [^ ]* */ on /'" +dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x sh | sed -e '1s/^[^:]*//'" +dotest EVAL "../console/console -n -C /dev/null -M 127.0.0.1 -p 7777 -x shell | sed -e 's/ on [^ ]* */ on /'" cleanup diff --git a/test/results/test14 b/test/results/test14 new file mode 100644 index 0000000..00d9688 --- /dev/null +++ b/test/results/test14 @@ -0,0 +1,2 @@ +: ambiguous console abbreviation, `sh' + choices are shellb, shella, shell diff --git a/test/results/test15 b/test/results/test15 new file mode 100644 index 0000000..9362da6 --- /dev/null +++ b/test/results/test15 @@ -0,0 +1 @@ + shell on at Local