2 files changed, 30 insertions, 0 deletions
diff --git a/loginutils/Config.in b/loginutils/Config.in
index 71e0a3ae1..6e45b706a 100644
--- a/loginutils/Config.in
+++ b/loginutils/Config.in
@@ -111,6 +111,14 @@ config CONFIG_LOGIN
          Note that Busybox binary must be setuid root for this applet to
          work properly.
+config CONFIG_LOGIN_SCRIPTS
+        bool "Support for login scripts"
+        depends on CONFIG_LOGIN
+        default n
+        help
+          Enable this if you want login to execute $LOGIN_PRE_SUID_SCRIPT
+          just prior to swithching from root to logged-in user.
 config CONFIG_FEATURE_SECURETTY
        bool "Support for /etc/securetty"
        default y
diff --git a/loginutils/login.c b/loginutils/login.c
index 5b4edd8de..39d980fa8 100644
--- a/loginutils/login.c
+++ b/loginutils/login.c
@@ -15,6 +15,7 @@
 #include <sys/resource.h>
 #include <sys/stat.h>
 #include <sys/types.h>
+#include <sys/wait.h>
 #include <ctype.h>
 #include <time.h>
@@ -258,6 +259,27 @@ auth_ok:
        chown ( full_tty, pw-> pw_uid, pw-> pw_gid );
        chmod ( full_tty, 0600 );
+        if (ENABLE_LOGIN_SCRIPTS) {
+                char *script = getenv("LOGIN_PRE_SUID_SCRIPT");
+                if (script) {
+                        char *t_argv[2] = { script, NULL };
+                        switch(fork()) {
+                        case -1: break;
+                        case 0: /* child */
+                                xchdir("/");
+                                setenv("LOGIN_TTY", full_tty, 1);
+                                setenv("LOGIN_USER", pw->pw_name, 1);
+                                setenv("LOGIN_UID", utoa(pw->pw_uid), 1);
+                                setenv("LOGIN_GID", utoa(pw->pw_gid), 1);
+                                setenv("LOGIN_SHELL", pw->pw_shell, 1);
+                                execvp(script, t_argv);
+                                exit(1);
+                        default: /* parent */
+                                wait(NULL);
+                        }
+                }
+        }
        change_identity ( pw );
        tmp = pw-> pw_shell;
        if(!tmp || !*tmp)

diff --git a/loginutils/Config.in b/loginutils/Config.in index 71e0a3ae1..6e45b706a 100644 --- a/loginutils/Config.in +++ b/loginutils/Config.in
@@ -111,6 +111,14 @@ config CONFIG_LOGIN
111	Note that Busybox binary must be setuid root for this applet to	111	Note that Busybox binary must be setuid root for this applet to
112	work properly.	112	work properly.
113		113
		114	config CONFIG_LOGIN_SCRIPTS
		115	bool "Support for login scripts"
		116	depends on CONFIG_LOGIN
		117	default n
		118	help
		119	Enable this if you want login to execute $LOGIN_PRE_SUID_SCRIPT
		120	just prior to swithching from root to logged-in user.
		121
114	config CONFIG_FEATURE_SECURETTY	122	config CONFIG_FEATURE_SECURETTY
115	bool "Support for /etc/securetty"	123	bool "Support for /etc/securetty"
116	default y	124	default y


diff --git a/loginutils/login.c b/loginutils/login.c index 5b4edd8de..39d980fa8 100644 --- a/loginutils/login.c +++ b/loginutils/login.c
@@ -15,6 +15,7 @@
15	#include <sys/resource.h>	15	#include <sys/resource.h>
16	#include <sys/stat.h>	16	#include <sys/stat.h>
17	#include <sys/types.h>	17	#include <sys/types.h>
		18	#include <sys/wait.h>
18	#include <ctype.h>	19	#include <ctype.h>
19	#include <time.h>	20	#include <time.h>
20		21
@@ -258,6 +259,27 @@ auth_ok:
258	chown ( full_tty, pw-> pw_uid, pw-> pw_gid );	259	chown ( full_tty, pw-> pw_uid, pw-> pw_gid );
259	chmod ( full_tty, 0600 );	260	chmod ( full_tty, 0600 );
260		261
		262	if (ENABLE_LOGIN_SCRIPTS) {
		263	char *script = getenv("LOGIN_PRE_SUID_SCRIPT");
		264	if (script) {
		265	char *t_argv[2] = { script, NULL };
		266	switch(fork()) {
		267	case -1: break;
		268	case 0: /* child */
		269	xchdir("/");
		270	setenv("LOGIN_TTY", full_tty, 1);
		271	setenv("LOGIN_USER", pw->pw_name, 1);
		272	setenv("LOGIN_UID", utoa(pw->pw_uid), 1);
		273	setenv("LOGIN_GID", utoa(pw->pw_gid), 1);
		274	setenv("LOGIN_SHELL", pw->pw_shell, 1);
		275	execvp(script, t_argv);
		276	exit(1);
		277	default: /* parent */
		278	wait(NULL);
		279	}
		280	}
		281	}
		282
261	change_identity ( pw );	283	change_identity ( pw );
262	tmp = pw-> pw_shell;	284	tmp = pw-> pw_shell;
263	if(!tmp \|\| !*tmp)	285	if(!tmp \|\| !*tmp)