From owner-freebsd-hackers  Wed Sep  6 17:45:43 1995
Return-Path: hackers-owner
Received: (from majordom@localhost)
          by freefall.freebsd.org (8.6.11/8.6.6) id RAA00924
          for hackers-outgoing; Wed, 6 Sep 1995 17:45:43 -0700
Received: from UUCP-GW.CC.UH.EDU (UUCP-GW.CC.UH.EDU [129.7.1.11])
          by freefall.freebsd.org (8.6.11/8.6.6) with SMTP id RAA00912
          for <hackers@freebsd.org>; Wed, 6 Sep 1995 17:45:38 -0700
Received: from Taronga.COM by UUCP-GW.CC.UH.EDU with UUCP id AA13064
  (5.67a/IDA-1.5); Wed, 6 Sep 1995 19:32:17 -0500
Received: (from peter@localhost) by bonkers.taronga.com (8.6.11/8.6.9) id TAA02805; Wed, 6 Sep 1995 19:16:08 -0500
From: peter@taronga.com (Peter da Silva)
Message-Id: <199509070016.TAA02805@bonkers.taronga.com>
Subject: Patches to "su" to restore "su user -c cmd"
To: jkh@time.cdrom.com
Date: Wed, 6 Sep 1995 19:16:08 -0500 (CDT)
Cc: hackers@freebsd.org
X-Mailer: ELM [version 2.4 PL24]
Content-Type: text
Content-Length: 3859      
Sender: hackers-owner@freebsd.org
Precedence: bulk

I write:
> > In 1.1.5.1, the command "su" passed extra arguments to the shell. In 2.0.5,
> > this is disabled. Howcome? I have several scripts that need to start various
> > programs as particular users, so I've been using "su user -c command". What
> > is the recommended alternative?

Jordan writes:
> I commented on this just the other day.  What we need is `-c' to come
> back is what we need.

Here it is:

This is based on the 2.0.5 code. I compared the 1.1.5 code and the NetBSD
code.

The NetBSD/1.1.5.1 code, based on Net/2 I assume, was dated 1988:

 * Copyright (c) 1988 The Regents of the University of California.
 * All rights reserved.

There are minor differences between the two. It looks like the NetBSD
code depends on argv[-1] being there if you call "su -fm" which expands
into "_su -m -f". 

The 2.0.5 code seems to be based on 4.4:

 * Copyright (c) 1988, 1993, 1994
 *      The Regents of the University of California.  All rights reserved.

Changes forthwith, including a new man page:

*** su.1.ORIG	Wed Sep  6 19:09:12 1995
--- su.1	Wed Sep  6 19:08:06 1995
***************
*** 40,46 ****
  .Sh SYNOPSIS
  .Nm su
  .Op Fl Kflm
! .Op Ar login
  .Sh DESCRIPTION
  .Nm Su
  requests the Kerberos password for
--- 40,46 ----
  .Sh SYNOPSIS
  .Nm su
  .Op Fl Kflm
! .Op Ar login Op args
  .Sh DESCRIPTION
  .Nm Su
  requests the Kerberos password for
***************
*** 49,55 ****
  .Dq Ar login Ns .root ,
  if no login is provided), and switches to
  that user and group ID after obtaining a Kerberos ticket granting ticket.
! A shell is then executed.
  .Nm Su
  will resort to the local password file to find the password for
  .Ar login
--- 49,56 ----
  .Dq Ar login Ns .root ,
  if no login is provided), and switches to
  that user and group ID after obtaining a Kerberos ticket granting ticket.
! A shell is then executed, and any additional command line arguments after
! the login name are passed to this shell.
  .Nm Su
  will resort to the local password file to find the password for
  .Ar login
*** su.c.ORIG	Tue May 30 01:34:18 1995
--- su.c	Wed Sep  6 18:57:44 1995
***************
*** 82,98 ****
  {
  	extern char **environ;
  	struct passwd *pwd;
! 	char *p, **g, *user, *shell, *username, *cleanenv[20], *nargv[4], **np;
  	struct group *gr;
  	uid_t ruid;
  	int asme, ch, asthem, fastlogin, prio;
  	enum { UNSET, YES, NO } iscsh = UNSET;
  	char shellbuf[MAXPATHLEN];
  
- 	np = &nargv[3];
- 	*np-- = NULL;
  	asme = asthem = fastlogin = 0;
! 	while ((ch = getopt(argc, argv, ARGSTR)) != EOF)
  		switch((char)ch) {
  #ifdef KERBEROS
  		case 'K':
--- 82,98 ----
  {
  	extern char **environ;
  	struct passwd *pwd;
! 	char *p, **g, *user, *shell, *username, *cleanenv[20], **np;
  	struct group *gr;
  	uid_t ruid;
  	int asme, ch, asthem, fastlogin, prio;
  	enum { UNSET, YES, NO } iscsh = UNSET;
  	char shellbuf[MAXPATHLEN];
+ 	char **nargv;
+ 	int i;
  
  	asme = asthem = fastlogin = 0;
! 	while ((ch = getopt(argc, argv, ARGSTR)) != EOF) {
  		switch((char)ch) {
  #ifdef KERBEROS
  		case 'K':
***************
*** 117,123 ****
--- 117,144 ----
  			    ARGSTR);
  			exit(1);
  		}
+ 	}
  	argv += optind;
+ 	argc -= optind;
+ 
+ 	/* get target login information, default to root */
+ 	if (argc) {
+ 		user = *argv++;
+ 		--argc;
+ 	} else {
+ 		user = "root";
+ 	}
+ 
+ 	/* copy args */
+ 	nargv = malloc((sizeof *nargv) * (argc + 4));
+ 	if(!nargv) {
+ 		perror("su: malloc");
+ 		exit(1);
+ 	}
+ 
+ 	for(i = 0; i <= argc; i++)
+ 		nargv[i+3] = argv[i];
+ 	np = &nargv[2];
  
  	errno = 0;
  	prio = getpriority(PRIO_PROCESS, 0);
***************
*** 145,152 ****
  			iscsh = NO;
  		}
  
- 	/* get target login information, default to root */
- 	user = *argv ? *argv : "root";
  	if ((pwd = getpwnam(user)) == NULL) {
  		fprintf(stderr, "su: unknown login %s\n", user);
  		exit(1);
--- 166,171 ----