aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2008-11-15 18:14:31 +0000
committerSergey Poznyakoff <gray@gnu.org.ua>2008-11-15 18:14:31 +0000
commitb637f33757589c5787f732dafd1c5b44dfd66ff6 (patch)
tree02cb58a52615150deabb42a17c846dbb48591f43
parentb457676194c97d11a3326543069b24c38ebeb160 (diff)
downloadpies-b637f33757589c5787f732dafd1c5b44dfd66ff6.tar.gz
pies-b637f33757589c5787f732dafd1c5b44dfd66ff6.tar.bz2
Improve handling of program privileges.
* lib/libmf.h (struct mf_privs): New data type. (get_user_groups, mf_priv_setup, mf_epriv_setup): New prototypes. * lib/userprivs.c (get_user_groups, mf_priv_setup) (mf_epriv_setup): New functions. * smap/smap.c: If user is specified, switch to effective uid/gid, in order for msrv to create files with right privileges, on one hand, and to be able to create pidfile in root-owned directories (e.g. /var/run), on the other hand. This requires todays snapshot of Mailutils. * pies/pies.h (struct pies_privs_data): Remove (struct component): Change type of `privs' to struct mf_privs. (priv_setup): Remove. * pies/pies.c: Use mf_priv* stuff to manipulate privileges. * pies/progman.c: Likewise. * pies/meta1gram.y (list): allow for trailing comma.
-rw-r--r--pies/meta1gram.y4
-rw-r--r--pies/pies.c100
-rw-r--r--pies/pies.h10
-rw-r--r--pies/progman.c2
4 files changed, 14 insertions, 102 deletions
diff --git a/pies/meta1gram.y b/pies/meta1gram.y
index 91bcb6d..ae73f63 100644
--- a/pies/meta1gram.y
+++ b/pies/meta1gram.y
@@ -199,6 +199,10 @@ list : '{' values '}'
{
$$ = $2;
}
+ | '{' values ',' '}'
+ {
+ $$ = $2;
+ }
;
values : value
diff --git a/pies/pies.c b/pies/pies.c
index 7f1ed35..8c39cfa 100644
--- a/pies/pies.c
+++ b/pies/pies.c
@@ -21,7 +21,7 @@ int log_to_stderr; /* Use stderr for logging */
char *log_tag; /* override mu_log_tag */
mu_log_level_t debug_level;
mu_debug_t pies_debug;
-struct pies_privs_data pies_user;
+struct mf_privs pies_privs;
int foreground;
int command;
char *pidfile = STATEDIR "/pies.pid";
@@ -314,48 +314,6 @@ return_code_cfg_init ()
mu_cfg_section_add_params (section, return_code_cfg_param);
}
-
-static int
-_cb_group (mu_debug_t debug, void *data, mu_config_value_t *arg)
-{
- int argc, i;
- char **argv;
- mu_list_t *plist = data, list;
- int rc;
-
- if (mu_cfg_assert_value_type (arg, MU_CFG_STRING, debug))
- return 1;
- rc = mu_argcv_get_np (arg->v.string, strlen (arg->v.string),
- ",", NULL, 0, &argc, &argv, NULL);
- if (rc)
- {
- mu_cfg_format_error (debug, MU_DEBUG_ERROR,
- "mu_argcv_get: %s", mu_strerror (rc));
- return 1;
- }
- if (*plist)
- list = *plist;
- else
- {
- mu_list_create (&list);
- *plist = list;
- }
- for (i = 0; i < argc; i++)
- {
- struct group *group = getgrnam (argv[i]);
- if (!group)
- {
- mu_cfg_format_error (debug, MU_DEBUG_ERROR, _("Unknown group: %s"),
- argv[i]);
- continue;
- }
- mu_list_append (list, (void*)group->gr_gid);
- }
- mu_argcv_free (argc, argv);
- return 0;
-}
-
-
static int
_cb_command (mu_debug_t debug, void *data, mu_config_value_t *val)
{
@@ -677,8 +635,8 @@ struct mu_cfg_param component_cfg_param[] = {
{ "user", mu_cfg_string, NULL,
mu_offsetof (struct component, privs.user), NULL,
N_("Run with this user privileges.") },
- { "group", mu_cfg_callback, NULL,
- mu_offsetof (struct component, privs.groups), _cb_group,
+ { "group", MU_CFG_LIST_OF(mu_cfg_string), NULL,
+ mu_offsetof (struct component, privs.groups), NULL,
N_("Retain supplementary group.") },
{ "allgroups", mu_cfg_bool, NULL,
mu_offsetof (struct component, privs.allgroups), NULL,
@@ -886,11 +844,11 @@ struct mu_cfg_param pies_cfg_param[] = {
N_("Set location of the control file.") },
{ "stat-file", mu_cfg_string, &statfile, 0, NULL,
N_("Set location of the statistics output file.") },
- { "user", mu_cfg_string, &pies_user.user, 0, NULL,
+ { "user", mu_cfg_string, &pies_privs.user, 0, NULL,
N_("Run with this user privileges.") },
- { "group", mu_cfg_callback, &pies_user.groups, 0, _cb_group,
+ { "group", MU_CFG_LIST_OF(mu_cfg_string), &pies_privs.groups, 0, NULL,
N_("Retain supplementary group.") },
- { "allgroups", mu_cfg_bool, &pies_user.allgroups, 0, NULL,
+ { "allgroups", mu_cfg_bool, &pies_privs.allgroups, 0, NULL,
N_("Retain all supplementary groups of which user is a member.") },
{ "umask", mu_cfg_callback, &pies_umask, 0, _cb_umask,
N_("Force this umask."),
@@ -1047,48 +1005,6 @@ version (FILE *stream, struct argp_state *state)
}
-static void
-pies_add_allgroups (mu_list_t *pgrouplist, const char *user)
-{
- struct group *gr;
- mu_list_t list;
- if (!*pgrouplist)
- mu_list_create (pgrouplist);
- list = *pgrouplist;
- setgrent ();
- while (gr = getgrent ())
- {
- char **p;
- for (p = gr->gr_mem; *p; p++)
- if (strcmp (*p, user) == 0)
- {
- /* FIXME: Avoid duplicating gids */
- mu_list_append (list, (void*)gr->gr_gid);
- break;
- }
- }
- endgrent ();
-}
-
-void
-priv_setup (struct pies_privs_data *pr)
-{
- if (pr->user)
- {
- struct passwd *pw = getpwnam (pr->user);
- if (!pw)
- {
- mu_error (_("No such user: %s"), pr->user);
- exit (EX_CONFIG);
- }
- if (pr->allgroups)
- pies_add_allgroups (&pr->groups, pr->user);
- if (pw && switch_to_privs (pw->pw_uid, pw->pw_gid, pr->groups))
- exit (EX_SOFTWARE);
- }
-}
-
-
#define ACTION_CONT 0
#define ACTION_STOP 1
#define ACTION_RESTART 2
@@ -1377,7 +1293,7 @@ main (int argc, char **argv)
switch (command)
{
case OPT_RESTART:
- priv_setup (&pies_user);
+ mf_priv_setup (&pies_privs);
if (pies_umask)
umask (pies_umask);
exit (request_restart_components (argv + index));
@@ -1392,7 +1308,7 @@ main (int argc, char **argv)
exit (pies_stop ());
default:
- priv_setup (&pies_user);
+ mf_priv_setup (&pies_privs);
if (pies_umask)
umask (pies_umask);
}
diff --git a/pies/pies.h b/pies/pies.h
index 806c82f..2969222 100644
--- a/pies/pies.h
+++ b/pies/pies.h
@@ -73,13 +73,6 @@ struct retranslator
typedef struct limits_rec *limits_record_t;
-struct pies_privs_data
-{
- char *user;
- mu_list_t groups;
- int allgroups;
-};
-
#define MAX_RETURN_CODE 127
enum return_action
@@ -129,7 +122,7 @@ struct component
int disabled; /* The componenet is disabled */
int precious; /* The component is precious (cannot be disabled) */
char *rmfile; /* Try to remove this file before starting */
- struct pies_privs_data privs; /* UID/GIDS+groups to run under */
+ struct mf_privs privs; /* UID/GIDS+groups to run under */
mode_t umask; /* Umask to install before starting */
limits_record_t limits;/* System limits */
mu_url_t socket_url; /* Socket to listen on (if mode != pies_comp_exec) */
@@ -164,7 +157,6 @@ struct component *progman_lookup_component (const char *tag);
void log_setup (int want_stderr);
void signal_setup (RETSIGTYPE (*sf)(int));
-void priv_setup (struct pies_privs_data *pr);
typedef struct pies_depmap *pies_depmap_t;
typedef struct pies_depmap_pos *pies_depmap_pos_t;
diff --git a/pies/progman.c b/pies/progman.c
index 74b9b88..6691786 100644
--- a/pies/progman.c
+++ b/pies/progman.c
@@ -691,7 +691,7 @@ prog_start (struct prog *prog)
__MU_DEBUG1 (pies_debug, MU_DEBUG_TRACE4, "%s ", environ[i]);
mu_debug_printf (pies_debug, MU_DEBUG_TRACE4, "\n");
}
- priv_setup (&prog->v.p.comp->privs);
+ mf_priv_setup (&prog->v.p.comp->privs);
if (prog->v.p.comp->umask)
umask (prog->v.p.comp->umask);

Return to:

Send suggestions and report system problems to the System administrator.