getty can't execute a login program with arguments
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
util-linux (Ubuntu) |
Confirmed
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: util-linux
/sbin/getty can't run a login program if you pass arguments to the latter via the '-l' getty optional argument (e.g. in the tty config file).
how to reproduce:
update any tty config in /etc/init/ , e.g. tty6.conf:
exec /sbin/getty -n -i -l '/bin/login -p -f root' -8 38400 tty6
restart the terminal service: initcl restart tty4
the following error will be logged:
tty6: Can't exec /bin/login -p -f root: No such file or directory
reason: getty is using execl() to execute the login program specified with '-l' option.
fix: use execve(); patch included
One should be able to pass login command arguments to getty. Using a wrapper to encapsulate login program arguments hides readability and adds complexity when not necessary.
The attached patch does not alter in any way the existent getty functionality and usage. It just adds what's missing.
The attached patch does not create any security concerns unless getty is explicitly configured in such a way.
ProblemType: Bug
DistroRelease: Ubuntu 10.10
Package: util-linux 2.17.2-
ProcVersionSign
Uname: Linux 2.6.35-25-generic x86_64
NonfreeKernelMo
Architecture: amd64
Date: Thu Feb 3 18:27:12 2011
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100427.1)
ProcEnviron:
LANGUAGE=
LANG=en_US.utf8
LC_MESSAGES=
SHELL=/bin/bash
SourcePackage: util-linux
tags: | added: patch |
Changed in util-linux (Ubuntu): | |
status: | New → Incomplete |
Could you propose this patch upstream ? It seems like something that is generally useful and would be accepted.
I have two comments on the patch, though
1.) you did not use wordfree on the wordexp_t, i'm guessing just because this is a short lived program, but just for cleanliness, I'd think it would be good to add it.
2.) I could be missing something, but it looks to me like you will change the behavior of existing code.
Previously, the command run would be:
options.login -- logname
And now, it appears to me that that would be just:
options.login
Shouldn't you append the '--' 'logname' somehow ?