[Toybox] [PATCH] su: do not require /etc/shadow or a password there if called as root
Alexander Holler
holler at ahsoftware.de
Fri Nov 4 00:06:29 PDT 2022
---
toys/lsb/su.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/toys/lsb/su.c b/toys/lsb/su.c
index 74a87dbd..71df8a6b 100644
--- a/toys/lsb/su.c
+++ b/toys/lsb/su.c
@@ -45,7 +45,6 @@ void su_main()
{
char *name, *passhash = 0, **argu, **argv;
struct passwd *up;
- struct spwd *shp;
if (*toys.optargs && !strcmp("-", *toys.optargs)) {
toys.optflags |= FLAG_l;
@@ -57,8 +56,10 @@ void su_main()
loggit(LOG_NOTICE, "%s->%s", getusername(geteuid()), name);
- if (!(shp = getspnam(name))) perror_exit("no '%s'", name);
if (getuid()) {
+ struct spwd *shp;
+
+ if (!(shp = getspnam(name))) perror_exit("no '%s'", name);
if (*shp->sp_pwdp != '$') goto deny;
if (read_password(toybuf, sizeof(toybuf), "Password: ")) goto deny;
passhash = crypt(toybuf, shp->sp_pwdp);
--
2.25.1
More information about the Toybox
mailing list