2 * Copyright (c) 1980, 1987, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. All advertising materials mentioning features or use of this software
17 * must display the following acknowledgement:
18 * This product includes software developed by the University of
19 * California, Berkeley and its contributors.
20 * 4. Neither the name of the University nor the names of its contributors
21 * may be used to endorse or promote products derived from this software
22 * without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 * @(#) Copyright (c) 1980, 1987, 1993 The Regents of the University of California. All rights reserved.
37 * @(#)lock.c 8.1 (Berkeley) 6/6/93
38 * $FreeBSD: src/usr.bin/lock/lock.c,v 1.8.2.1 2002/09/15 22:32:56 dd Exp $
39 * $DragonFly: src/usr.bin/lock/lock.c,v 1.4 2005/03/13 21:17:47 liamfoy Exp $
43 * Lock a terminal up until the given key is entered or the given
46 * Timeout interval is by default TIMEOUT, it can be changed with
47 * an argument of the form -time where time is in minutes
50 #include <sys/param.h>
52 #include <sys/consio.h>
66 static void quit(int);
69 static void usage(void);
71 struct timeval timeout;
72 struct timeval zerotime;
73 struct sgttyb tty, ntty;
74 long nexttime; /* keep the timeout time */
75 int no_timeout; /* lock terminal forever */
76 int vtyunlock; /* Unlock flag and code. */
80 main(int argc, char **argv)
83 struct timeval timval;
85 struct itimerval ntimer, otimer;
87 int ch, failures, sectimeout, usemine, vtylock;
89 char *ap, *ep, *mypw, *ttynam, *tzn;
90 char hostname[MAXHOSTNAMELEN + 1], s[BUFSIZ], s1[BUFSIZ];
92 openlog("lock", LOG_ODELAY, LOG_AUTH);
99 while ((ch = getopt(argc, argv, "npt:v")) != -1)
102 tmp = strtol(optarg, &ep, 10);
103 if (*ep != NULL || tmp > INT_MAX || tmp < INT_MIN)
104 errx(1, "illegal timeout value");
105 sectimeout = (int)tmp;
109 if (!(pw = getpwuid(getuid())))
110 errx(1, "unknown uid %d", getuid());
111 mypw = strdup(pw->pw_passwd);
123 timeout.tv_sec = sectimeout * 60;
125 setuid(getuid()); /* discard privs */
127 if (ioctl(STDIN_FILENO, TIOCGETP, &tty)) /* get information for header */
128 err(1, "ioctl(TIOCGETP) failed");
130 gethostname(hostname, sizeof(hostname));
131 if (!(ttynam = ttyname(0)))
132 errx(1, "not a terminal?");
133 if (gettimeofday(&timval, (struct timezone *)NULL))
134 err(1, "gettimeofday");
135 nexttime = timval.tv_sec + (sectimeout * 60);
136 timval_sec = timval.tv_sec;
137 timp = localtime(&timval_sec);
141 signal(SIGINT, quit);
142 signal(SIGQUIT, quit);
143 ntty = tty; ntty.sg_flags &= ~ECHO;
144 if (ioctl(STDIN_FILENO, TIOCSETP, &ntty))
145 err(1, "ioctl(TIOSETP) failed");
148 /* get key and check again */
150 if (!fgets(s, sizeof(s), stdin) || *s == '\n')
154 * Don't need EOF test here, if we get EOF, then s1 != s
155 * and the right things will happen.
157 fgets(s1, sizeof(s1), stdin);
160 printf("\07lock: passwords didn't match.\n");
161 ioctl(STDIN_FILENO, TIOCSETP, &tty);
168 /* set signal handlers */
172 signal(SIGALRM, bye);
174 ntimer.it_interval = zerotime;
175 ntimer.it_value = timeout;
177 setitimer(ITIMER_REAL, &ntimer, &otimer);
180 * If this failed, we want to err out; warn isn't good
181 * enough, since we don't want the user to think that
182 * everything is nice and locked because they got a
185 if (ioctl(STDIN_FILENO, VT_LOCKSWITCH, &vtylock) == -1) {
186 ioctl(STDIN_FILENO, TIOCSETP, &tty);
187 err(1, "locking vty");
193 printf("lock: %s on %s.", ttynam, hostname);
195 printf(" no timeout.");
197 printf(" timeout in %d minute%s.", sectimeout,
198 sectimeout != 1 ? "s" : "");
200 printf(" vty locked.");
201 printf("\ntime now is %.20s%s%s", ap, tzn, ap + 19);
207 if (!fgets(s, sizeof(s), stdin)) {
213 s[strlen(s) - 1] = '\0';
214 if (!strcmp(mypw, crypt(s, mypw)))
217 else if (!strcmp(s, s1))
222 syslog(LOG_NOTICE, "%d ROOT UNLOCK FAILURE%s (%s on %s)",
223 failures, failures > 1 ? "S": "", ttynam, hostname);
224 if (ioctl(STDIN_FILENO, TIOCGETP, &ntty))
226 sleep(1); /* to discourage guessing */
229 syslog(LOG_NOTICE, "ROOT UNLOCK ON hostname %s port %s",
232 return(0); /* not reached */
239 fprintf(stderr, "usage: lock [-npv] [-t timeout]\n");
244 hi(int signo __unused)
246 struct timeval timval;
248 if (!gettimeofday(&timval, (struct timezone *)NULL)) {
249 printf("lock: type in the unlock key. ");
253 printf("timeout in %ld:%ld minutes\n",
254 (nexttime - timval.tv_sec) / 60,
255 (nexttime - timval.tv_sec) % 60);
261 quit(int signo __unused)
264 ioctl(STDIN_FILENO, TIOCSETP, &tty);
266 ioctl(STDIN_FILENO, VT_LOCKSWITCH, &vtyunlock);
271 bye(int signo __unused)
274 ioctl(STDIN_FILENO, TIOCSETP, &tty);
276 ioctl(STDIN_FILENO, VT_LOCKSWITCH, &vtyunlock);
277 printf("lock: timeout\n");