+++ /dev/null
-2008-07-15 Love Hörnquist Åstrand <lha@it.su.se>
-
- * Makefile.am: no krb4
-
- * su.c: Drop kerberos 4 support.
-
-2007-10-19 Love Hörnquist Åstrand <lha@it.su.se>
-
- * su.c: read environment from _PATH_ETC_ENVIRONMENT
-
- * supaths.c: paths
-
-2007-08-02 Love Hörnquist Åstrand <lha@it.su.se>
-
- * su.c: Check all local realms when su-ing, from Magnus Holmberg.
-
-2007-06-19 Love Hörnquist Åstrand <lha@it.su.se>
-
- * su.c: If not root and not setuid, print warning.
-
-2006-01-17 Love Hörnquist Åstrand <lha@it.su.se>
-
- * su.c (group_member_p): rename from group_member to avoid name
- pollution from glibc headers. Fixed based on report from David Love.
-
-2006-01-12 Johan Danielsson <joda@pdc.kth.se>
-
- * su.c: fix reversed logic when deciding to print tty or not
-
-2005-10-22 Love Hörnquist Åstrand <lha@it.su.se>
-
- * su.c: Check return value from asprintf instead of string != NULL
- since it undefined behavior on Linux. From Björn Sandell
-
-2005-05-10 Dave Love <fx@gnu.org>
-
- * su.c: Include <crypt.h>.
-
-2003-09-03 Love Hörnquist Åstrand <lha@it.su.se>
-
- * su.c: s/des_read_pw_string/UI_UTIL_read_pw_string/
-
-2003-05-06 Johan Danielsson <joda@pdc.kth.se>
-
- * su.c: remove accidentally committed code that prints the command
- being executed
-
-2003-03-18 Love Hörnquist Åstrand <lha@it.su.se>
-
- * su.c (krb5_start_session): krb5_afslog doesn't depend on KRB4
- any more
-
-2002-02-19 Johan Danielsson <joda@pdc.kth.se>
-
- * su.c: make this build without krb5
-
-2002-01-09 Jacques Vidrine <n@nectar.cc>
-
- * su.c: Don't use getlogin() to determine whether we are root.
- Patch by joda.
-
-2001-06-12 Assar Westerlund <assar@sics.se>
-
- * su.c: check memory allocations. add some const
-
-2000-12-31 Assar Westerlund <assar@sics.se>
-
- * su.c (krb5_verify): handle krb5_init_context failure
- consistently
-
-2000-08-28 Johan Danielsson <joda@pdc.kth.se>
-
- * su.c: set KRBTKFILE
-
-2000-07-10 Assar Westerlund <assar@sics.se>
-
- * Makefile.am: actually install su
- * su.c (krb5_verify): try harder freeing. do not get upset on
- interrupted password read
-
-2000-06-09 Assar Westerlund <assar@sics.se>
-
- * su.c (main): work-around for setuid and capabilities bug fixed
- in Linux 2.2.16
-
-2000-06-03 Assar Westerlund <assar@sics.se>
-
- * su.c (main): just ignore shadow information if getspnam returns
- NULL
-
-1999-10-20 Assar Westerlund <assar@sics.se>
-
- * Makefile.am: use LIB_roken
-
-1999-09-28 Assar Westerlund <assar@sics.se>
-
- * su.c (krb5_verify): use krb5_verify_user_lrealm
-
-1999-08-04 Assar Westerlund <assar@sics.se>
-
- * su.c: add support for shadow passwords and rewrite some logic.
- From Miroslav Ruda <ruda@ics.muni.cz>
-
- * Makefile.am: add libkafs
-
-1999-06-15 Assar Westerlund <assar@sics.se>
-
- * su.c (main): conditionalize `getlogin'
-
-1999-05-11 Assar Westerlund <assar@sics.se>
-
- * su.c (verfiy_krb5): get the name out of the ccache before
- closing it
-
-1999-05-05 Assar Westerlund <assar@sics.se>
-
- * su.c: some more error checking
-
-Wed Apr 21 21:04:36 1999 Assar Westerlund <assar@sics.se>
-
- * su.c (-f): implement
-
- * su.c: implement -i
- (verify_krb5): correct the ownership on the credential cache
-
-Tue Apr 20 13:26:13 1999 Johan Danielsson <joda@hella.pdc.kth.se>
-
- * su.c: don't depend on paths.h
-
+++ /dev/null
-.\" Copyright (c) 2003 - 2006 Kungliga Tekniska Högskolan
-.\" (Royal Institute of Technology, Stockholm, Sweden).
-.\" All rights reserved.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\"
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\"
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in the
-.\" documentation and/or other materials provided with the distribution.
-.\"
-.\" 3. Neither the name of the Institute nor the names of its contributors
-.\" may be used to endorse or promote products derived from this software
-.\" without specific prior written permission.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.\" $Id$
-.\"
-.Dd January 12, 2006
-.Dt SU 1
-.Os HEIMDAL
-.Sh NAME
-.Nm su
-.Nd substitute user identity
-.Sh SYNOPSIS
-.Nm su
-.Op Fl K | Fl Fl no-kerberos
-.Op Fl f
-.Op Fl l | Fl Fl full
-.Op Fl m
-.Oo Fl i Ar instance \*(Ba Xo
-.Fl Fl instance= Ns Ar instance
-.Xc
-.Oc
-.Oo Fl c Ar command \*(Ba Xo
-.Fl Fl command= Ns Ar command
-.Xc
-.Oc
-.Op Ar login Op Ar "shell arguments"
-.Sh DESCRIPTION
-.Nm su
-will use Kerberos authentication provided that an instance for the
-user wanting to change effective UID is present in a file named
-.Pa .k5login
-in the target user id's home directory
-.Pp
-A special case exists where
-.Ql root Ap s
-.Pa ~/.k5login
-needs to contain an entry for:
-.Ql user Ns / Ns Ao instance Ac Ns @ Ns REALM
-for
-.Nm su
-to succed (where
-.Aq instance
-is
-.Ql root
-unless changed with
-.Fl i ) .
-.Pp
-In the absence of either an entry for current user in said file or
-other problems like missing
-.Ql host/hostname@REALM
-keys in the system's
-keytab, or user typing the wrong password,
-.Nm su
-will fall back to traditional
-.Pa /etc/passwd
-authentication.
-.Pp
-When using
-.Pa /etc/passwd
-authentication,
-.Nm su
-allows
-.Ql root
-access only to members of the group
-.Ql wheel ,
-or to any user (with knowledge of the
-.Ql root
-password) if that group
-does not exist, or has no members.
-.Pp
-The options are as follows:
-.Bl -item -width Ds
-.It
-.Fl K ,
-.Fl Fl no-kerberos
-don't use Kerberos.
-.It
-.Fl f
-don't read .cshrc.
-.It
-.Fl l ,
-.Fl Fl full
-simulate full login.
-.It
-.Fl m
-leave environment unmodified.
-.It
-.Fl i Ar instance ,
-.Fl Fl instance= Ns Ar instance
-root instance to use.
-.It
-.Fl c Ar command ,
-.Fl Fl command= Ns Ar command
-command to execute.
-.El
+++ /dev/null
-/*
- * Copyright (c) 1999 - 2008 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of KTH nor the names of its contributors may be
- * used to endorse or promote products derived from this software without
- * specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
- * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
- * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
- * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
- * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
- * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
-
-#include <config.h>
-
-RCSID("$Id$");
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <syslog.h>
-
-#ifdef HAVE_PATHS_H
-#include <paths.h>
-#endif
-
-#ifdef HAVE_SHADOW_H
-#include <shadow.h>
-#endif
-
-#include <pwd.h>
-#ifdef HAVE_CRYPT_H
-#include <crypt.h>
-#endif
-
-#include "crypto-headers.h"
-#ifdef KRB5
-#include <krb5.h>
-#endif
-#ifndef NO_AFS
-#include <kafs.h>
-#endif
-#include <err.h>
-#include <roken.h>
-#include <getarg.h>
-
-#include "supaths.h"
-
-#if !HAVE_DECL_ENVIRON
-extern char **environ;
-#endif
-
-int kerberos_flag = 1;
-int csh_f_flag;
-int full_login;
-int env_flag;
-char *kerberos_instance = "root";
-int help_flag;
-int version_flag;
-char *cmd;
-char tkfile[256];
-
-struct getargs args[] = {
- { "kerberos", 'K', arg_negative_flag, &kerberos_flag,
- "don't use kerberos", NULL },
- { NULL, 'f', arg_flag, &csh_f_flag,
- "don't read .cshrc", NULL },
- { "full", 'l', arg_flag, &full_login,
- "simulate full login", NULL },
- { NULL, 'm', arg_flag, &env_flag,
- "leave environment unmodified", NULL },
- { "instance", 'i', arg_string, &kerberos_instance,
- "root instance to use", NULL },
- { "command", 'c', arg_string, &cmd,
- "command to execute", NULL },
- { "help", 'h', arg_flag, &help_flag, NULL, NULL },
- { "version", 0, arg_flag, &version_flag, NULL, NULL },
-};
-
-
-static void
-usage (int ret)
-{
- arg_printusage (args,
- sizeof(args)/sizeof(*args),
- NULL,
- "[login [shell arguments]]");
- exit (ret);
-}
-
-static void
-free_info(struct passwd *p)
-{
- free (p->pw_name);
- free (p->pw_passwd);
- free (p->pw_dir);
- free (p->pw_shell);
- free (p);
-}
-
-static struct passwd*
-dup_info(const struct passwd *pwd)
-{
- struct passwd *info;
-
- info = malloc(sizeof(*info));
- if(info == NULL)
- return NULL;
- info->pw_name = strdup(pwd->pw_name);
- info->pw_passwd = strdup(pwd->pw_passwd);
- info->pw_uid = pwd->pw_uid;
- info->pw_gid = pwd->pw_gid;
- info->pw_dir = strdup(pwd->pw_dir);
- info->pw_shell = strdup(pwd->pw_shell);
- if(info->pw_name == NULL || info->pw_passwd == NULL ||
- info->pw_dir == NULL || info->pw_shell == NULL) {
- free_info (info);
- return NULL;
- }
- return info;
-}
-
-#ifdef KRB5
-static krb5_context context;
-static krb5_ccache ccache;
-
-static int
-krb5_verify(const struct passwd *login_info,
- const struct passwd *su_info,
- const char *instance)
-{
- krb5_error_code ret;
- krb5_principal p;
- krb5_realm *realms, *r;
- char *login_name = NULL;
- int user_ok = 0;
-
-#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN)
- login_name = getlogin();
-#endif
- ret = krb5_init_context (&context);
- if (ret) {
-#if 0
- warnx("krb5_init_context failed: %d", ret);
-#endif
- return 1;
- }
-
- ret = krb5_get_default_realms(context, &realms);
- if (ret)
- return 1;
-
- /* Check all local realms */
- for (r = realms; *r != NULL && !user_ok; r++) {
-
- if (login_name == NULL || strcmp (login_name, "root") == 0)
- login_name = login_info->pw_name;
- if (strcmp (su_info->pw_name, "root") == 0)
- ret = krb5_make_principal(context, &p, *r,
- login_name,
- instance,
- NULL);
- else
- ret = krb5_make_principal(context, &p, *r,
- su_info->pw_name,
- NULL);
- if (ret) {
- krb5_free_host_realm(context, realms);
- return 1;
- }
-
- /* if we are su-ing too root, check with krb5_kuserok */
- if (su_info->pw_uid == 0 && !krb5_kuserok(context, p, su_info->pw_name))
- continue;
-
- ret = krb5_cc_new_unique(context, krb5_cc_type_memory, NULL, &ccache);
- if(ret) {
- krb5_free_host_realm(context, realms);
- krb5_free_principal (context, p);
- return 1;
- }
- ret = krb5_verify_user(context, p, ccache, NULL, TRUE, NULL);
- krb5_free_principal (context, p);
- switch (ret) {
- case 0:
- user_ok = 1;
- break;
- case KRB5_LIBOS_PWDINTR :
- krb5_cc_destroy(context, ccache);
- break;
- case KRB5KRB_AP_ERR_BAD_INTEGRITY:
- case KRB5KRB_AP_ERR_MODIFIED:
- krb5_cc_destroy(context, ccache);
- krb5_warnx(context, "Password incorrect");
- break;
- default :
- krb5_cc_destroy(context, ccache);
- krb5_warn(context, ret, "krb5_verify_user");
- break;
- }
- }
- krb5_free_host_realm(context, realms);
- if (!user_ok)
- return 1;
- return 0;
-}
-
-static int
-krb5_start_session(void)
-{
- krb5_ccache ccache2;
- char *cc_name;
- int ret;
-
- ret = krb5_cc_new_unique(context, krb5_cc_type_file, NULL, &ccache2);
- if (ret) {
- krb5_cc_destroy(context, ccache);
- return 1;
- }
-
- ret = krb5_cc_copy_cache(context, ccache, ccache2);
- if (ret) {
- krb5_cc_destroy(context, ccache);
- krb5_cc_destroy(context, ccache2);
- return 1;
- }
-
- ret = asprintf(&cc_name, "%s:%s", krb5_cc_get_type(context, ccache2),
- krb5_cc_get_name(context, ccache2));
- if (ret == -1) {
- krb5_cc_destroy(context, ccache);
- krb5_cc_destroy(context, ccache2);
- errx(1, "malloc - out of memory");
- }
- esetenv("KRB5CCNAME", cc_name, 1);
-
-#ifndef NO_AFS
- /* convert creds? */
- if(k_hasafs()) {
- if (k_setpag() == 0)
- krb5_afslog(context, ccache2, NULL, NULL);
- }
-#endif
-
- krb5_cc_close(context, ccache2);
- krb5_cc_destroy(context, ccache);
- return 0;
-}
-#endif
-
-
-#define GROUP_MEMBER 0
-#define GROUP_MISSING 1
-#define GROUP_EMPTY 2
-#define GROUP_NOT_MEMBER 3
-
-static int
-group_member_p(const char *group, const char *user)
-{
- struct group *g;
- int i;
- g = getgrnam(group);
- if(g == NULL)
- return GROUP_MISSING;
- if(g->gr_mem[0] == NULL)
- return GROUP_EMPTY;
- for(i = 0; g->gr_mem[i] != NULL; i++)
- if(strcmp(user, g->gr_mem[i]) == 0)
- return GROUP_MEMBER;
- return GROUP_NOT_MEMBER;
-}
-
-static int
-verify_unix(struct passwd *login, struct passwd *su)
-{
- char prompt[128];
- char pw_buf[1024];
- char *pw;
- int r;
- if(su->pw_passwd != NULL && *su->pw_passwd != '\0') {
- snprintf(prompt, sizeof(prompt), "%s's password: ", su->pw_name);
- r = UI_UTIL_read_pw_string(pw_buf, sizeof(pw_buf), prompt, 0);
- if(r != 0)
- exit(0);
- pw = crypt(pw_buf, su->pw_passwd);
- memset_s(pw_buf, sizeof(pw_buf), 0, sizeof(pw_buf));
- if(strcmp(pw, su->pw_passwd) != 0) {
- syslog (LOG_ERR | LOG_AUTH, "%s to %s: incorrect password",
- login->pw_name, su->pw_name);
- return 1;
- }
- }
- /* if su:ing to root, check membership of group wheel or root; if
- that group doesn't exist, or is empty, allow anyone to su
- root */
- if(su->pw_uid == 0) {
-#ifndef ROOT_GROUP
-#define ROOT_GROUP "wheel"
-#endif
- int gs = group_member_p(ROOT_GROUP, login->pw_name);
- if(gs == GROUP_NOT_MEMBER) {
- syslog (LOG_ERR | LOG_AUTH, "%s to %s: not in group %s",
- login->pw_name, su->pw_name, ROOT_GROUP);
- return 1;
- }
- return 0;
- }
- return 0;
-}
-
-int
-main(int argc, char **argv)
-{
- int i, optidx = 0;
- char *su_user;
- struct passwd *su_info;
- struct passwd *login_info;
-
- struct passwd *pwd;
-
- char *shell;
-
- int ok = 0;
-
- setprogname (argv[0]);
-
- if(getarg(args, sizeof(args) / sizeof(args[0]), argc, argv, &optidx))
- usage(1);
-
- for (i=0; i < optidx; i++)
- if (strcmp(argv[i], "-") == 0) {
- full_login = 1;
- break;
- }
-
- if(help_flag)
- usage(0);
- if(version_flag) {
- print_version(NULL);
- exit(0);
- }
- if(optidx >= argc)
- su_user = "root";
- else
- su_user = argv[optidx++];
-
- if (geteuid() != 0)
- warnx("Not setuid and you are not root, expect this to fail");
-
- pwd = k_getpwnam(su_user);
- if(pwd == NULL)
- errx (1, "unknown login %s", su_user);
- if (pwd->pw_uid == 0 && strcmp ("root", su_user) != 0) {
- syslog (LOG_ALERT, "NIS attack, user %s has uid 0", su_user);
- errx (1, "unknown login %s", su_user);
- }
- su_info = dup_info(pwd);
- if (su_info == NULL)
- errx (1, "malloc: out of memory");
-
- pwd = getpwuid(getuid());
- if(pwd == NULL)
- errx(1, "who are you?");
- login_info = dup_info(pwd);
- if (login_info == NULL)
- errx (1, "malloc: out of memory");
- if(env_flag)
- shell = login_info->pw_shell;
- else
- shell = su_info->pw_shell;
- if(shell == NULL || *shell == '\0')
- shell = _PATH_BSHELL;
-
-
-#ifdef KRB5
- if(kerberos_flag && ok == 0 &&
- krb5_verify(login_info, su_info, kerberos_instance) == 0)
- ok = 5;
-#endif
-
- if(ok == 0 && login_info->pw_uid && verify_unix(login_info, su_info) != 0) {
- printf("Sorry!\n");
- exit(1);
- }
-
-#ifdef HAVE_GETSPNAM
- { struct spwd *sp;
- long today;
-
- sp = getspnam(su_info->pw_name);
- if (sp != NULL) {
- today = time(0)/(24L * 60 * 60);
- if (sp->sp_expire > 0) {
- if (today >= sp->sp_expire) {
- if (login_info->pw_uid)
- errx(1,"Your account has expired.");
- else
- printf("Your account has expired.");
- }
- else if (sp->sp_expire - today < 14)
- printf("Your account will expire in %d days.\n",
- (int)(sp->sp_expire - today));
- }
- if (sp->sp_max > 0) {
- if (today >= sp->sp_lstchg + sp->sp_max) {
- if (login_info->pw_uid)
- errx(1,"Your password has expired. Choose a new one.");
- else
- printf("Your password has expired. Choose a new one.");
- }
- else if (today >= sp->sp_lstchg + sp->sp_max - sp->sp_warn)
- printf("Your account will expire in %d days.\n",
- (int)(sp->sp_lstchg + sp->sp_max -today));
- }
- }
- }
-#endif
- {
- char *tty = ttyname (STDERR_FILENO);
- if (tty)
- syslog (LOG_NOTICE | LOG_AUTH, "%s to %s on %s",
- login_info->pw_name, su_info->pw_name, tty);
- else
- syslog (LOG_NOTICE | LOG_AUTH, "%s to %s",
- login_info->pw_name, su_info->pw_name);
- }
-
-
- if(!env_flag) {
- if(full_login) {
- char *t = getenv ("TERM");
- char **newenv = NULL;
- int j;
-
- i = read_environment(_PATH_ETC_ENVIRONMENT, &newenv);
-
- environ = malloc ((10 + i) * sizeof (char *));
- if (environ == NULL)
- err (1, "malloc");
- environ[0] = NULL;
-
- for (j = 0; j < i; j++) {
- char *p = strchr(newenv[j], '=');
- if (p == NULL)
- errx(1, "enviroment '%s' missing '='", newenv[j]);
- *p++ = 0;
- esetenv (newenv[j], p, 1);
- }
- free(newenv);
-
- esetenv ("PATH", _PATH_DEFPATH, 1);
- if (t)
- esetenv ("TERM", t, 1);
- if (chdir (su_info->pw_dir) < 0)
- errx (1, "no directory");
- }
- if (full_login || su_info->pw_uid)
- esetenv ("USER", su_info->pw_name, 1);
- esetenv("HOME", su_info->pw_dir, 1);
- esetenv("SHELL", shell, 1);
- }
-
- {
- char **new_argv;
- char *p;
-
- p = strrchr(shell, '/');
- if(p)
- p++;
- else
- p = shell;
-
- if (strcmp(p, "csh") != 0)
- csh_f_flag = 0;
-
- new_argv = malloc(((cmd ? 2 : 0) + 1 + argc - optidx + 1 + csh_f_flag)
- * sizeof(*new_argv));
- if (new_argv == NULL)
- err (1, "malloc");
- i = 0;
- if(full_login) {
- if (asprintf(&new_argv[i++], "-%s", p) == -1)
- errx (1, "malloc");
- } else
- new_argv[i++] = p;
- if (cmd) {
- new_argv[i++] = "-c";
- new_argv[i++] = cmd;
- }
-
- if (csh_f_flag)
- new_argv[i++] = "-f";
-
- for (argv += optidx; *argv; ++argv)
- new_argv[i++] = *argv;
- new_argv[i] = NULL;
-
- if(setgid(su_info->pw_gid) < 0)
- err(1, "setgid");
- if (initgroups (su_info->pw_name, su_info->pw_gid) < 0)
- err (1, "initgroups");
- if(setuid(su_info->pw_uid) < 0
- || (su_info->pw_uid != 0 && setuid(0) == 0))
- err(1, "setuid");
-
-#ifdef KRB5
- if (ok == 5)
- krb5_start_session();
-#endif
- execve(shell, new_argv, environ);
- }
-
- exit(1);
-}