diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-02-26 00:50:24 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-02-26 00:50:24 +0200 |
commit | 81640ab2b9ad954d4952aed43a70d7874da1c463 (patch) | |
tree | 8160066cb7259357f17a40121f7ed7d0fff5701e /src/wydawca.h | |
parent | 9ec721b2a3a023f6339fe3c910635e477e4a311f (diff) | |
download | wydawca-81640ab2b9ad954d4952aed43a70d7874da1c463.tar.gz wydawca-81640ab2b9ad954d4952aed43a70d7874da1c463.tar.bz2 |
Switch to non-privileged UID/GID before startup.
* src/userprivs.c: New file.
* src/Makefile.am (wydawca_SOURCES): Add userprivs.c
* src/config.c (cb_access_method_params): Add missing gl_list_iterator_free.
(cb_user, cb_supp_groups): New callbacks.
(wydawca_kw): New keywords: user and group.
* src/wydawca.c (wydawca_uid, wydawca_gid)
(wydawca_supp_groupc, wydawca_supp_groups): New variables.
(wydawca_set_uid, wydawca_set_gid, wydawca_set_privs)
(wydawca_set_triplet_privs, wydawca_set_root_privs): Remove.
(main): --dry-run implies --cron.
Switch to non-privileged UID/GID before startup.
* src/wydawca.h (wydawca_uid, wydawca_gid)
(wydawca_supp_groupc, wydawca_supp_groups): New declarations.
* src/mail.c (do_notify): Duplicate admin_address, it gets freed in do_notify.
* src/directive.c, src/diskio.c, src/lock.c, src/triplet.c: Update.
Diffstat (limited to 'src/wydawca.h')
-rw-r--r-- | src/wydawca.h | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/src/wydawca.h b/src/wydawca.h index f786271..81e6509 100644 --- a/src/wydawca.h +++ b/src/wydawca.h @@ -303,6 +303,10 @@ void make_default_meta (struct metadef kwexp[5], const char *user, /* Global variables */ +extern uid_t wydawca_uid; +extern gid_t wydawca_gid; +extern size_t wydawca_supp_groupc; +extern gid_t *wydawca_supp_groups; extern char *conffile; /* Configuration file name */ extern int debug_level; /* Debugging level */ extern int dry_run_mode; /* Dry run indicator */ @@ -355,8 +359,8 @@ size_t trim_length (const char *str); size_t trim (char *str); void logmsg (int prio, char *fmt, ...) GSC_PRINTFLIKE(2,3); int test_dir (const char *name, int *ec); -char *create_directory (const char *base, const char *name, - uid_t uid, gid_t gid); +char *create_directory (const char *base, const char *name); +int create_hierarchy (char *dir, size_t baselen); void parse_config (void); void log_output (int prio, const char *prog, FILE *fp); @@ -428,9 +432,6 @@ int process_directives (struct file_triplet *trp, int enabled_spool_p (const struct spool *spool); -int wydawca_set_privs (uid_t uid, gid_t gid); -int wydawca_set_triplet_privs (struct file_triplet *trp); -int wydawca_set_root_privs (void); int parse_time_interval (const char *str, time_t *pint, const char **endp); @@ -538,3 +539,6 @@ void wydawca_lock_init (void); /* tcpwrap.h */ extern struct gconf_keyword tcpwrapper_kw[]; int tcpwrap_access(int fd); + +/* userprivs.c */ +int wydawca_userprivs (uid_t uid, gid_t gid, gid_t *grplist, size_t ngrp); |