Skip to content

Commit

Permalink
su.c: implement --exec-command
Browse files Browse the repository at this point in the history
It's now possible to run commands as other users without shell
interpolation by using "--exec-command":

Read /etc/shadow as root without specifying user:
```
su --exec-command /bin/cat -- /etc/shadow
```

Or specify user:
```
su --exec-command /bin/cat root -- /etc/shadow
```
  • Loading branch information
vcaputo committed May 10, 2020
1 parent 41985df commit 1674a80
Showing 1 changed file with 39 additions and 4 deletions.
43 changes: 39 additions & 4 deletions src/su.c
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,7 @@ static bool do_interactive_shell = false;
static bool fakelogin = false;
static /*@observer@*/const char *shellstr;
static /*@null@*/char *command = NULL;
static /*@null@*/char *exec_command = NULL;
static int optidx;


Expand Down Expand Up @@ -440,12 +441,14 @@ static void usage (int status)
"\n"
"Options:\n"
" -c, --command COMMAND pass COMMAND to the invoked shell\n"
" -e, --exec PATH run PATH without shell, follow -- with args\n"
" -h, --help display this help message and exit\n"
" -, -l, --login make the shell a login shell\n"
" -m, -p,\n"
" --preserve-environment do not reset environment variables, and\n"
" keep the same shell\n"
" -s, --shell SHELL use SHELL instead of the default in passwd\n"
" -- pass all subsequent arguments on as-is\n"
"\n"
"If no username is given, assume root.\n"), (E_SUCCESS != status) ? stderr : stdout);
exit (status);
Expand Down Expand Up @@ -820,6 +823,19 @@ static void process_flags (int argc, char **argv)
}

command = argv[++optidx];
} else if (flags_match (arg, "--exec-command", "-e", NULL)) {
if (optidx == argc - 1) {
flag_arg_required (arg);
}

exec_command = argv[++optidx];

if (access (exec_command, X_OK) < 0) {
fprintf (stderr,
_("%s: unable to access \'%s\'\n"),
Prog, exec_command);
exit (E_BAD_ARG);
}
} else if (flags_match (arg, "--help", "-h", NULL)) {
usage (E_SUCCESS);
} else if (flags_match (arg, "--login", "-l", "-")) {
Expand All @@ -843,6 +859,17 @@ static void process_flags (int argc, char **argv)
}
}

if (NULL != exec_command && NULL != command) {
fprintf (stderr,
_("%s: COMMAND and PATH are mutually exclusive\n"),
argv[0]);
usage (E_USAGE);
}

if (NULL != exec_command) {
command = exec_command;
}

/* if next arg is not "--", treat as USER */
if (optidx < argc && strcmp (argv[optidx], "--")) {
STRFCPY (name, argv[optidx++]); /* use this login id */
Expand Down Expand Up @@ -1226,10 +1253,18 @@ int main (int argc, char **argv)
* with the rest of the command line included.
*/
argv[-1] = cp;
execve_shell (shellstr, &argv[-1], environ);
err = errno;
(void) fprintf (stderr,
_("Cannot execute %s\n"), shellstr);

if (NULL != exec_command) {
(void) execve (command, &argv[1], environ);
err = errno;
(void) fprintf (stderr,
_("Cannot execute \'%s\'\n"), command);
} else {
execve_shell (shellstr, &argv[-1], environ);
err = errno;
(void) fprintf (stderr,
_("Cannot execute \'%s\'\n"), shellstr);
}
errno = err;
} else {
(void) shell (shellstr, cp, environ);
Expand Down

0 comments on commit 1674a80

Please sign in to comment.