From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Sun, 19 Mar 2023 17:36:42 +0000 (+0100)
Subject: login: Initialize noauth from login.noauth credential
X-Git-Tag: v2.40-rc1~446^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=12252002ada4482c46ae4363c0a87c5c8ea62e8c;p=thirdparty%2Futil-linux.git

login: Initialize noauth from login.noauth credential

Let's check if we've been passed credentials by systemd and if so,
try to determine whether we need to auth the user to login from
the login.noauth credential.
---

diff --git a/login-utils/login.c b/login-utils/login.c
index 74bdf38a42..17b54a7f63 100644
--- a/login-utils/login.c
+++ b/login-utils/login.c
@@ -46,6 +46,7 @@
 #include <grp.h>
 #include <pwd.h>
 #include <utmpx.h>
+#include <path.h>
 
 #ifdef HAVE_LASTLOG_H
 # include <lastlog.h>
@@ -1287,6 +1288,39 @@ static void __attribute__((__noreturn__)) usage(void)
 	exit(EXIT_SUCCESS);
 }
 
+static void load_credentials(struct login_context *cxt) {
+	char *env;
+	DIR *dir;
+	struct dirent *d;
+	struct path_cxt *pc;
+
+	env = safe_getenv("CREDENTIALS_DIRECTORY");
+        if (!env)
+                return;
+
+	pc = ul_new_path("%s", env);
+	if (!pc) {
+		syslog(LOG_WARNING, _("failed to initialize path context"));
+		return;
+	}
+
+	dir = ul_path_opendir(pc, NULL);
+	if (!dir) {
+		syslog(LOG_WARNING, _("failed to open credentials directory"));
+		return;
+	}
+
+	while ((d = xreaddir(dir))) {
+		char *str;
+
+		if (strcmp(d->d_name, "login.noauth") == 0) {
+			ul_path_read_string(pc, &str, d->d_name);
+			if (str && strcmp(str, "yes") == 0)
+				cxt->noauth = 1;
+		}
+	}
+}
+
 static void initialize(int argc, char **argv, struct login_context *cxt)
 {
 	int c;
@@ -1318,6 +1352,8 @@ static void initialize(int argc, char **argv, struct login_context *cxt)
 	setpriority(PRIO_PROCESS, 0, 0);
 	process_title_init(argc, argv);
 
+	load_credentials(cxt);
+
 	while ((c = getopt_long(argc, argv, "fHh:pV", longopts, NULL)) != -1)
 		switch (c) {
 		case 'f':