henning points out that if you are seven levels deep when doas asks for a
password, it can be hard to tell who is asking for what password.
modify the prompt to include the program name and user@host.
Index: doas.c
===================================================================
RCS file: /cvs/src/usr.bin/doas/doas.c,v
retrieving revision 1.45
diff -u -p -r1.45 doas.c
--- doas.c 24 Oct 2015 19:23:48 -0000 1.45
+++ doas.c 2 Dec 2015 09:36:05 -0000
@@ -21,6 +21,7 @@
#include <limits.h>
#include <login_cap.h>
#include <bsd_auth.h>
+#include <readpassphrase.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
@@ -323,7 +324,7 @@ main(int argc, char **argv, char **envp)
char cwdpath[PATH_MAX];
const char *cwd;
- if (pledge("stdio rpath getpw proc exec id", NULL) == -1)
+ if (pledge("stdio rpath getpw tty proc exec id", NULL) == -1)
err(1, "pledge");
closefrom(STDERR_FILENO + 1);
@@ -405,11 +406,27 @@ main(int argc, char **argv, char **envp)
}
if (!(rule->options & NOPASS)) {
+ char *challenge = NULL, *response, rbuf[1024], cbuf[128];
+ auth_session_t *as;
+
if (nflag)
errx(1, "Authorization required");
- if (!auth_userokay(myname, NULL, "auth-doas", NULL)) {
+
+ if (!(as = auth_userchallenge(myname, NULL, "auth-doas",
+ &challenge)))
+ err(1, "auth challenge failed");
+ if (!challenge) {
+ char host[HOST_NAME_MAX + 1];
+ if (gethostname(host, sizeof(host)))
+ snprintf(host, sizeof(host), "?");
+ snprintf(cbuf, sizeof(cbuf),
+ "doas (%.32s@%.32s) password: ", myname, host);
+ challenge = cbuf;
+ }
+ response = readpassphrase(challenge, rbuf, sizeof(rbuf), 0);
+ if (!auth_userresponse(as, response, 0)) {
syslog(LOG_AUTHPRIV | LOG_NOTICE,
- "failed password for %s", myname);
+ "failed auth for %s", myname);
errc(1, EPERM, NULL);
}
}
