Allow root login if ro.debuggable is set (userdebug and eng builds)

Change-Id: I4aed01758ca5589a6bf1642e9f2f2894221c82b9 Signed-off-by: Mike Lockwood <lockwood@google.com>
author: Mike Lockwood <lockwood@google.com> 2011-12-29 15:30:07 -0500
committer: Mike Lockwood <lockwood@google.com> 2012-02-08 10:13:10 -0800
commit: 8e48564f68a59a5f436a1773f94284eab3af8abc (patch)
tree: cc74080c6e30bd335e8a8a52c0339c255d89e927
parent: 2f1b934246c78321625e8cb5af8a48ea2c09992f (diff)
download: openssh-8e48564f68a59a5f436a1773f94284eab3af8abc.tar.gz
3 files changed, 23 insertions, 4 deletions
diff --git a/Android.mk b/Android.mk
index 868ca6a04..c2e190b5a 100644
--- a/Android.mk
+++ b/Android.mk
@@ -128,7 +128,7 @@ LOCAL_MODULE := sshd
 LOCAL_C_INCLUDES := external/openssl/include external/zlib
 PRIVATE_C_INCLUDES := external/openssl/openbsd-compat
 
-LOCAL_SHARED_LIBRARIES += libssh libssl libcrypto libdl libz
+LOCAL_SHARED_LIBRARIES += libssh libssl libcrypto libdl libz libcutils
 
 include $(BUILD_EXECUTABLE)
 
diff --git a/auth.c b/auth.c
index 6623e0f64..a15b3062c 100644
--- a/auth.c
+++ b/auth.c
@@ -443,9 +443,15 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
 	if (fstat(fileno(f), &st) < 0 ||
 	    (st.st_uid != 0 && st.st_uid != uid) ||
 	    (st.st_mode & 022) != 0) {
-		snprintf(err, errlen, "bad ownership or modes for file %s",
-		    buf);
-		return -1;
+#ifdef ANDROID
+		/* needed to allow root login on android */
+		if (getuid() != 0)
+#endif
+	    {
+			snprintf(err, errlen, "bad ownership or modes for file %s",
+				buf);
+			return -1;
+		}
 	}
 
 	/* for each component of the canonical path, walking upwards */
diff --git a/servconf.c b/servconf.c
index 91986e55d..fb293f5bf 100644
--- a/servconf.c
+++ b/servconf.c
@@ -46,6 +46,10 @@
 #include "channels.h"
 #include "groupaccess.h"
 
+#ifdef ANDROID
+#include <cutils/properties.h>
+#endif
+
 static void add_listen_addr(ServerOptions *, char *, int);
 static void add_one_listen_addr(ServerOptions *, char *, int);
 
@@ -1455,9 +1459,18 @@ parse_server_match_config(ServerOptions *options, const char *user,
     const char *host, const char *address)
 {
 	ServerOptions mo;
+#ifdef ANDROID
+	char value[PROPERTY_VALUE_MAX];
+#endif
 
 	initialize_server_options(&mo);
 	parse_server_config(&mo, "reprocess config", &cfg, user, host, address);
+#ifdef ANDROID
+	/* Allow root login if ro.debuggable is set */
+	property_get("ro.debuggable", value, "");
+	if (strcmp(value, "1") == 0)
+		mo.permit_root_login = PERMIT_YES;
+#endif
 	copy_set_server_options(options, &mo, 0);
 }
author	Mike Lockwood <lockwood@google.com>	2011-12-29 15:30:07 -0500
committer	Mike Lockwood <lockwood@google.com>	2012-02-08 10:13:10 -0800
commit	8e48564f68a59a5f436a1773f94284eab3af8abc (patch)
tree	cc74080c6e30bd335e8a8a52c0339c255d89e927
parent	2f1b934246c78321625e8cb5af8a48ea2c09992f (diff)
download	openssh-8e48564f68a59a5f436a1773f94284eab3af8abc.tar.gz