login: use open(2) rather then access(2) for $HOME/.hushlogin

As an NFS client with home directories on mounted NFS share - If the
NFS server exports the share with default root squashed, login cannot
access the filesystem to check for the existence of .hushlogin file.

It seems better to use open(2) rather than access(2).

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/login-utils/login.c b/login-utils/login.c
index c924a1f5d7c34ef427db1976587fe0b78b56d510..f3154259e2e5cc835d3ade336c2f35286d988010 100644 (file)
--- a/login-utils/login.c
+++ b/login-utils/login.c
@@ -352,6 +352,21 @@ get_pam_username(pam_handle_t *pamh, char **name)
 }
 #endif
 
+/*
+ * We need to check effective UID/GID. For example $HOME could be on root
+ * squashed NFS or on NFS with UID mapping and access(2) uses real UID/GID.
+ * The open(2) seems as the surest solution.
+ * -- kzak@redhat.com (10-Apr-2009)
+ */
+int
+effective_access(const char *path, int mode)
+{
+       int fd = open(path, mode);
+       if (fd != -1)
+               close(fd);
+       return fd == -1 ? -1 : 0;
+}
+
 int
 main(int argc, char **argv)
 {
@@ -885,7 +900,7 @@ main(int argc, char **argv)
                sprintf(tmpstr, "%s/%s", pwd->pw_dir, _PATH_HUSHLOGIN);
                setregid(-1, pwd->pw_gid);
                setreuid(0, pwd->pw_uid);
-               quietlog = (access(tmpstr, R_OK) == 0);
+               quietlog = (effective_access(tmpstr, O_RDONLY) == 0);
                setuid(0); /* setreuid doesn't do it alone! */
                setreuid(ruid, 0);
                setregid(-1, egid);