#!/bin/sh # This is a shell archive (shar 3.24) # made 06/26/1993 15:34 UTC by jum@ibm # Source directory /home/jum/src/dialup # # existing files WILL be overwritten # # This shar contains: # length mode name # ------ ---------- ------------------------------------------ # 2312 -rw-rw-r-- README # 1009 -r--r--r-- dialup.c # 285 -rw-rw-r-- Makefile # 34 -rw-rw-r-- ttypasswd # if touch 2>&1 | fgrep '[-amc]' > /dev/null then TOUCH=touch else TOUCH=true fi # ============= README ============== echo "x - extracting README (Text)" sed 's/^X//' << 'SHAR_EOF' > README && XAdding a Dialup Password to AIX 3 X--------------------------------- X XAIX has a feature to add external authentication methods to the login Xmachinery. This is accomplished by adding configuration information to Xthe files /etc/security/login.cfg and /etc/security/user. I have used Xthese feature to implement a System V style dialup password using a Xsmall C program. X XWe do have one modem connected to one of our RS/6000 boxes and do not Xwant every user that has an account on this system to use the system Xvia the modem. External logins using the uucp programs should not be Xaffected, though. I found the System V dialup password feature nice Xwhere one could set a password for a device, but only if a user has a Xcertain shell. This way one could not require a password if the login Xshell is /usr/lib/uucp/uucico. X XInstallation X------------ X XBecause the installation changes the way users log on to the system, be Xsure to do the installation using two terminals. On one terminal log on Xas root and stay logged in all the time, as if something goes wrong you Xwill need this terminal to back out if you have problems. X XCompile the program dialup.c and place it in a convenient location, we Xkeep such things in /usr/local/bin. Then add a declaration for the new Xauthentication method into the file /etc/security/login.cfg: X Xdialup: X program = /usr/local/bin/dialup X XThis declares the new login method "dialup". Then change the default Xentry (which is for all users) in the file /etc/security/user. Change Xthe line that looks like: X X auth1 = SYSTEM X Xto look like the following: X X auth1 = SYSTEM,dialup X XThis will tell the system that we would like to run the custom Xauthentication method "dialup" after the standard system one. X XCreate a file /etc/security/ttypasswd that has one line for every modem Xthat should be protected: X X/dev/tty1: X XThe encrypted password is encoded as in the file /etc/security/passwd Xin the entry for "password =". I have created a dummy user and used an Xeditor to copy the password from the passwd file. Be sure to not copy Xthe leading space. X XJens-Uwe Mager X XHELIOS Software GmbH XLavesstr. 80 X30159 Hannover 1 XGermany X XPhone: +49 511 3681093 XFAX: +49 511 3681095 XAppleLink: ger.xse0082 Attn: Jens-Uwe Mager Xuucp: jum@helios.de or heliosd!jum SHAR_EOF $TOUCH -am 0626173293 README && chmod 0664 README || echo "restore of README failed" set `wc -c README`;Wc_c=$1 if test "$Wc_c" != "2312"; then echo original size 2312, current size $Wc_c fi # ============= dialup.c ============== echo "x - extracting dialup.c (Text)" sed 's/^X//' << 'SHAR_EOF' > dialup.c && X/* X * @(#)dialup.c 1.1 revision of 92/10/26 13:57:36 X * This is an unpublished work copyright (c) 1992 Helios Software GmbH X * 3000 Hannover 1, Germany X */ X X#include X#include X#include X#include X Xchar *ttypasswd = "/etc/security/ttypasswd"; Xchar *uucico = "/usr/lib/uucp/uucico"; X Xchar *getpass(char *); Xchar *crypt(char *, char *); Xchar *ttyname(int); X Xmain(argc, argv) Xint argc; Xchar **argv; X{ X char *thistty = ttyname(0); X char buf[BUFSIZ]; X char *tty, *pwd; X char *p; X FILE *f; X char *user = "nobody"; X struct passwd *pw; X X if (argc > 1) X user = argv[1]; X if ((pw = getpwnam(user)) && strcmp(pw->pw_shell, uucico) == 0) X exit(0); X if ((f = fopen(ttypasswd, "r")) == 0) { X perror(ttypasswd); X exit(1); X } X while (fgets(buf, sizeof(buf), f)) { X tty = strtok(buf, ":\n"); X pwd = strtok(NULL, ":\n"); X if (strcmp(tty, thistty) == 0 && pwd[0]) { X p = getpass("dialup password:"); X if (strcmp(crypt(p, pwd), pwd) == 0) X break; X exit(1); X } X } X exit(0); X} SHAR_EOF $TOUCH -am 1026135792 dialup.c && chmod 0444 dialup.c || echo "restore of dialup.c failed" set `wc -c dialup.c`;Wc_c=$1 if test "$Wc_c" != "1009"; then echo original size 1009, current size $Wc_c fi # ============= Makefile ============== echo "x - extracting Makefile (Text)" sed 's/^X//' << 'SHAR_EOF' > Makefile && X# %W% revision of %E% %U% X# This is an unpublished work copyright (c) 1992 HELIOS Software GmbH X# 30159 Hannover 1, Germany X XCFLAGS=-O XFILES=README dialup.c Makefile ttypasswd X Xall: dialup X Xclean: X rm -f *.o X Xclobber: clean X rm -f dialup X Xdialup.shar: $(FILES) X shar $(FILES) >$@ SHAR_EOF $TOUCH -am 0626173493 Makefile && chmod 0664 Makefile || echo "restore of Makefile failed" set `wc -c Makefile`;Wc_c=$1 if test "$Wc_c" != "285"; then echo original size 285, current size $Wc_c fi # ============= ttypasswd ============== echo "x - extracting ttypasswd (Text)" sed 's/^X//' << 'SHAR_EOF' > ttypasswd && X/dev/tty1: SHAR_EOF $TOUCH -am 0626170693 ttypasswd && chmod 0664 ttypasswd || echo "restore of ttypasswd failed" set `wc -c ttypasswd`;Wc_c=$1 if test "$Wc_c" != "34"; then echo original size 34, current size $Wc_c fi exit 0