[3233] in Kerberos-V5-bugs
krb5-appl/978: login.krb5 clearing TIOCSWINSZ on linux consoles
daemon@ATHENA.MIT.EDU (david@smyrph.net)
Thu Jul 19 21:54:07 2001
Resent-From: gnats@rt-11.mit.edu (GNATS Management)
Resent-To: krb5-unassigned@rt-11.mit.edu
Resent-Reply-To: krb5-bugs@MIT.EDU, david@smyrph.net
Message-Id: <200107200153.f6K1rsQ03293@inception.smyrph.net>
Date: Thu, 19 Jul 2001 21:53:54 -0400
From: david@smyrph.net
Reply-To: david@smyrph.net
To: krb5-bugs@mit.edu
>Number: 978
>Category: krb5-appl
>Synopsis: login.krb5 clearing TIOCSWINSZ on linux consoles
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: krb5-unassigned
>State: open
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Thu Jul 19 21:54:00 EDT 2001
>Last-Modified:
>Originator: me?
>Organization:
just my personal things - smyrph.net
>Release: krb5-1.2.2
>Environment:
Linux, slackware 7.1, Intel P3
System: Linux inception.smyrph.net 2.4.5-ac21 #2 Thu Jun 28 23:13:43 EDT 2001 i686 unknown
Architecture: i686
>Description:
if the linux text console is set to more than 25 rows (50 for example)
when login.krb5 clears the struct winsize for the terminal, the console
only uses the top 25 rows.
>How-To-Repeat:
set vga=1 on the linux command line (request 50 text rows), then replace
/bin/login with a symlink to login.krb5, and log into one of the virtual
coneoles. even though the text resolution is 50 rows, stty -a only
reports 25. (try running less, vim, or pine...)
>Fix:
Try this patch. (it also fixes another annoyance - lets you add
kinit_root = 1 to the [login] section of krb5.conf to specify getting
tickets when root logs in - but leaves the default to no to maintain
the existing security paranoia)
diff -u --new-file --recursive krb5-1.2.2/src/appl/bsd/login.c krb5-1.2.2.noclearwinsize/src/appl/bsd/login.c
--- krb5-1.2.2/src/appl/bsd/login.c Wed Feb 28 17:06:43 2001
+++ krb5-1.2.2.noclearwinsize/src/appl/bsd/login.c Thu Jul 19 21:41:22 2001
@@ -60,6 +60,8 @@
int login_accept_passwd = 0;
+int login_kinit_root = 0;
+
/*
* login [ name ]
* login -r hostname (for rlogind)
@@ -113,6 +115,7 @@
* initializing these values anyway -- tcgetattr *should* give
* them reasonable defaults... */
#define NO_INIT_CC
+#define NO_SET_TIOCSWINSZ
#endif
#include <errno.h>
@@ -348,6 +351,7 @@
"krb4_get_tickets", &login_krb4_get_tickets,
"krb4_convert", &login_krb4_convert,
"krb4_run_aklog", &login_krb_run_aklog,
+ "kinit_root", &login_kinit_root,
#endif /* KRB5_KRB4_COMPAT */
};
@@ -1291,7 +1295,7 @@
lpass_ok = unix_passwd_okay(user_pwstring);
- if (pwd->pw_uid != 0) { /* Don't get tickets for root */
+ if (pwd->pw_uid != 0 || login_kinit_root) { /* Don't get tickets for root */
try_krb5(&me, user_pwstring);
#ifdef KRB4_GET_TICKETS
@@ -1438,11 +1442,13 @@
quietlog = access(HUSHLOGIN, F_OK) == 0;
dolastlog(quietlog, tty);
+#ifndef NO_SET_TIOCSWINSZ
if (!hflag && !rflag && !kflag && !Kflag && !eflag) { /* XXX */
static struct winsize win = { 0, 0, 0, 0 };
(void)ioctl(0, TIOCSWINSZ, (char *)&win);
}
+#endif
(void)chown(ttyn, pwd->pw_uid,
(gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid);
>Audit-Trail:
>Unformatted:
