From bfb603392a40955d64beb2bd7d3c2baa4d22df76 Mon Sep 17 00:00:00 2001 From: kim Date: Sun, 11 Jul 1999 23:41:10 +0000 Subject: [PATCH] Allow people in group wheel to use the ROOTAUTH group. Pick up SUROOTAUTH (presumably from /etc/mk.conf). --- usr.bin/su/Makefile | 6 +++++- usr.bin/su/su.c | 42 +++++++++++++++++++++--------------------- 2 files changed, 26 insertions(+), 22 deletions(-) diff --git a/usr.bin/su/Makefile b/usr.bin/su/Makefile index d60aaa57bdd6..f39daed87cd6 100644 --- a/usr.bin/su/Makefile +++ b/usr.bin/su/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.13 1999/02/18 21:22:52 scottr Exp $ +# $NetBSD: Makefile,v 1.14 1999/07/11 23:41:10 kim Exp $ # from: @(#)Makefile 8.1 (Berkeley) 7/19/93 PROG= su @@ -19,3 +19,7 @@ CPPFLAGS+=-DSKEY DPADD+= ${LIBSKEY} LDADD+= -lskey .endif + +.ifdef SUROOTAUTH +CPPFLAGS+=-DROOTAUTH=\"${SUROOTAUTH}\" +.endif diff --git a/usr.bin/su/su.c b/usr.bin/su/su.c index ff0efb376d51..76cf008e18e7 100644 --- a/usr.bin/su/su.c +++ b/usr.bin/su/su.c @@ -1,4 +1,4 @@ -/* $NetBSD: su.c,v 1.33 1999/03/22 03:25:33 abs Exp $ */ +/* $NetBSD: su.c,v 1.34 1999/07/11 23:41:10 kim Exp $ */ /* * Copyright (c) 1988 The Regents of the University of California. @@ -44,7 +44,7 @@ __COPYRIGHT( #if 0 static char sccsid[] = "@(#)su.c 8.3 (Berkeley) 4/2/94";*/ #else -__RCSID("$NetBSD: su.c,v 1.33 1999/03/22 03:25:33 abs Exp $"); +__RCSID("$NetBSD: su.c,v 1.34 1999/07/11 23:41:10 kim Exp $"); #endif #endif /* not lint */ @@ -189,6 +189,25 @@ main(argc, argv) int ok = pwd->pw_uid != 0; char **g; +#ifdef ROOTAUTH + /* + * Allow those in group rootauth to su to root, by supplying + * their own password. + */ + if (!ok && (gr = getgrnam(ROOTAUTH))) + for (g = gr->gr_mem;; ++g) { + if (!*g) { + ok = 0; + break; + } + if (!strcmp(username, *g)) { + pass = userpass; + user = username; + ok = 1; + break; + } + } +#endif /* * Only allow those in group SUGROUP to su to root, * but only if that group has any members. @@ -209,25 +228,6 @@ main(argc, argv) } } } -#ifdef ROOTAUTH - /* - * Allow those in group rootauth to su to root, by supplying - * their own password. - */ - if (!ok && (gr = getgrnam(ROOTAUTH))) - for (g = gr->gr_mem;; ++g) { - if (!*g) { - ok = 0; - break; - } - if (!strcmp(username, *g)) { - pass = userpass; - user = username; - ok = 1; - break; - } - } -#endif if (!ok) errx(1, "you are not listed in the correct secondary group (%s) to su %s.",