Subject: Windows share mounting as user
From: Arthur Corliss (arthur@corlissfamily.org)
Date: Mon Mar 17 2003 - 11:55:42 AKST
Greetings:
Given the previous thread about windows share mounting, it made me think about
a more secure means of accomplishing that as a user. My previous C program
worked fine for me, since I'm the only person with an account on the box, but
it did have the disadvantage of needing to be recompiled every time I changed
my password.
So, attached is a better proggie that does the following:
o Gets the user logon from the process owner
o Gets the password by reading stdin
o Mounts the share on ~/windows
This leaves a binary with no embedded password strings, and allows it to be
used by all group users independently.
Don't know if anyone really cares or works in that kind of environment, but if
you do, this might be helpful. If anyone has any improvements/suggestions,
let me know, I'd greatly appreciate it. I'm barely literate in C, it's not my
primary language, so be gentle. ;-)
--Arthur Corliss
Bolverk's Lair -- http://arthur.corlissfamily.org/
Digital Mages -- http://www.digitalmages.com/
"Live Free or Die, the Only Way to Live" -- NH State Motto
-- Attached file included as plaintext by Listar --
-- File: winmount.c
// winmount.c -- Setuid wrapper for mounting my Windows home directory on the
// the server
//
// $Id: winmount.c,v 0.3 2003/03/17 20:38:49 acorliss Exp acorliss $
//
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <termios.h>
// Modify these as needed
#define SERVER "acsdata2"
#define MAXLENGTH 20
#define MNTPATH "/home/%s/windows"
// No modifications needed below
#define USAGE "Usage: winmount [-m] [-u]\n\t-m\tMount SMB share\n\t-u\tUnmount SMB share \n"
#define F1 "-m"
#define F2 "-u"
int main(int argc, char * argv[]) {
struct termios old, new;
int i;
int ruid;
int rgid;
int psize = MAXLENGTH;
char logon[8];
char password[20];
char options[100];
char share[50];
char mnt[50];
// Get the user's information, and determine mount point
ruid = getuid();
rgid = getgid();
strcpy(logon, getlogin());
sprintf(mnt, MNTPATH, logon);
// Swap the real/effective uids
setreuid (geteuid(), getuid());
// Make sure we have an argument and it's a legitimate option
if (argc != 2 || (strcmp(argv[1], F1) != 0 && strcmp(argv[1], F2) != 0)) {
printf(USAGE);
return 1;
}
// Process the mount command
if (strcmp(argv[1], F1) == 0) {
// Get the password
printf("Password: ");
// Turn echoing off or warn and exit
if (tcgetattr (fileno (stdin), &old) != 0)
return -1;
new = old;
new.c_lflag &= ~ECHO;
if (tcsetattr (fileno (stdin), TCSAFLUSH, &new) != 0)
return -1;
// Read the pasword
fgets(password, 20, stdin);
// Restore the term settings
(void) tcsetattr (fileno (stdin), TCSAFLUSH, &old);
printf("\r\n\n");
// Strip off the newline character
for (i = 0; i < MAXLENGTH ; i++)
if (password[i] == '\n') {
password[i] = '\0';
break;
}
// Compose the option/share strings
sprintf(share, "//%s/%s$", SERVER, logon);
sprintf(options, "username=%s,password=%s,uid=%d,gid=%d", logon,
password, ruid, rgid);
// Print info to screen
printf("Mounting %s at %s as user %s.\n", share, mnt, logon);
// Execute mount
execl("/bin/mount", "mount", "-t", "smbfs",
"-o", options, share, mnt, 0);
// Process the umount command
} else if (strcmp(argv[1], F2) == 0) {
execl("/bin/umount", "umount", mnt, 0);
}
}
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Mon Mar 17 2003 - 11:54:34 AKST