Make login class support work on BSD/OS

CHANGES

@@ -1275,11 +1275,11 @@ Sudo 1.6.2 released.
 
 402) Fixed a typo/thinko that broke secureware support for long passwords.
 
-403) Added a new command line switch '-c' to support FreeBSD style login
+403) Added a new command line switch '-c' to support BSD login classes.
-     classes.  The '-c' option can be used to sudo a command with specific
+     The '-c' option can be used to sudo a command with specific resource
-     resource limits in the login.conf database.  This feature is optionally
+     limits in the login.conf database.  This feature is optionally enabled
-     enabled via the --with-logincap configure switch.  Based on a patch
+     via the --with-logincap configure switch.  Based on a patch from
-     from Michael D. Marchionna.
+     Michael D. Marchionna.
 
 404) Fixed a bug where sudo would hang around and consume CPU if we spawn
      a long-running process.

INSTALL

@@ -187,11 +187,12 @@ Special features/options:
 	access DCE via PAM before using this option.
 
   --with-logincap
-	Enable support for BSD login classes on FreeBSD.  This adds support
+	Enable support for BSD login classes on FreeBSD and BSD/OS.  This
-	for the login classes specified in /etc/login.conf.  By default,
+	adds support for the login classes specified in /etc/login.conf.
-	a login class is not applied unless the 'use_loginclass' option
+	By default, a login class is not applied unless the 'use_loginclass'
-	is defined in sudoers or the user specifies a class on the command
+	option is defined in sudoers or the user specifies a class on the
-	line.
+	command line.  It does *not*, however cause sudo to use BSD
+	authentication.
 
   --disable-sia
 	Disable SIA support.  This is the "Security Integration Architecture"

sudo.c

@@ -78,6 +78,9 @@
 #endif /* HAVE_GETPRPWNAM && HAVE_SET_AUTH_PARAMETERS */
 #ifdef HAVE_LOGINCAP
 # include <login_cap.h>
+# ifndef LOGIN_DEFROOTCLASS
+#  define LOGIN_DEFROOTCLASS	"daemon"
+# endif
 #endif
 
 #include "sudo.h"
@@ -1085,6 +1088,17 @@ set_loginclass(pw)
     struct passwd *pw;
 {
     login_cap_t *lc;
+    int errflags;
+
+    /*
+     * Don't make it a fatal error if the user didn't specify the login
+     * class themselves.  We do this because if login.conf gets
+     * corrupted we want the admin to be able to use sudo to fix it.
+     */
+    if (login_class)
+	errflags = NO_MAIL|MSG_ONLY;
+    else
+	errflags = NO_MAIL|MSG_ONLY|NO_EXIT;
 
     if (login_class && strcmp(login_class, "-") != 0) {
 	if (strcmp(*user_runas, "root") != 0 && user_uid != 0) {
@@ -1092,18 +1106,16 @@ set_loginclass(pw)
 		Argv[0], login_class);
 	    exit(1);
 	}
+    } else {
+	login_class = pw->pw_class;
+	if (!login_class || !*login_class)
+	    login_class =
+		(pw->pw_uid == 0) ? LOGIN_DEFROOTCLASS : LOGIN_DEFCLASS;
+    }
 
-	lc = login_getclass(login_class);
+    lc = login_getclass(login_class);
-	if (!lc || !lc->lc_class || strcmp(lc->lc_class, login_class) != 0)
+    if (!lc || !lc->lc_class || strcmp(lc->lc_class, login_class) != 0) {
-	    log_error(NO_MAIL|MSG_ONLY, "unknown login class: %s", login_class);
+	log_error(errflags, "unknown login class: %s", login_class);
-    } else if (!(lc = login_getpwclass(pw))) {
-	/*
-	 * This is not a fatal error if the user didn't specify the login
-	 * class themselves.  We do this because if login.conf gets
-	 * corrupted we want the admin to be able to use sudo to fix it.
-	 */
-	log_error(login_class ? NO_MAIL|MSG_ONLY : NO_MAIL|NO_EXIT|MSG_ONLY,
-	    "can't get class for user: %s", user_runas);
 	return(0);
     }
     
@@ -1111,7 +1123,7 @@ set_loginclass(pw)
     if (setusercontext(lc, pw, pw->pw_uid,
 	LOGIN_SETUSER|LOGIN_SETGROUP|LOGIN_SETRESOURCES|LOGIN_SETPRIORITY) < 0)
 	log_error(NO_MAIL|USE_ERRNO|MSG_ONLY,
-	    "setusercontext() failed for login class %s", lc);
+	    "setusercontext() failed for login class %s", login_class);
 
     login_close(lc);
     return(1);