Bugfixes

* pies/pies.c (component_cfg_param, pies_cfg_param): New keyword: allgroups. (pies_add_allgroups): New function. * pies/limits.c: Fix debug statements. * pies/progman.c (build_depmap): Rename to progman_build_depmap. Make extern, for future use. All callers updated. * pies/pies.h (progman_build_depmap): New proto.
author: Sergey Poznyakoff <gray@gnu.org.ua> 2008-11-11 15:13:54 +0000
committer: Sergey Poznyakoff <gray@gnu.org.ua> 2008-11-11 15:13:54 +0000
commit: 0af7127c5084ffc3550de8d98e00582975eb6113 (patch)
tree: 025df4a8afae34e999cb61d6255f4eb757e65687 /pies/pies.c
parent: 58073638e695a34728794daf83c63b740419daa4 (diff)
download: pies-0af7127c5084ffc3550de8d98e00582975eb6113.tar.gz
pies-0af7127c5084ffc3550de8d98e00582975eb6113.tar.bz2
1 files changed, 30 insertions, 0 deletions
diff --git a/pies/pies.c b/pies/pies.c
index b1d4940..9fc7a81 100644
--- a/pies/pies.c
+++ b/pies/pies.c
@@ -629,6 +629,9 @@ struct mu_cfg_param component_cfg_param[] = {
   { "group", mu_cfg_callback, NULL,
     mu_offsetof (struct component, privs.groups), _cb_group,
     N_("Retain supplementary group.") },
+  { "allgroups", mu_cfg_bool, NULL,
+    mu_offsetof (struct component, privs.allgroups), NULL,
+    N_("Retain all supplementary groups of which user is a member.") },
   { "umask", mu_cfg_callback, NULL,
     mu_offsetof (struct component, umask), _cb_umask,
     N_("Force this umask."),
@@ -780,6 +783,8 @@ struct mu_cfg_param pies_cfg_param[] = {
     N_("Run with this user privileges.") },
   { "group", mu_cfg_callback, &pies_user.groups, 0, _cb_group,
     N_("Retain supplementary group.") },
+  { "allgroups", mu_cfg_bool, &pies_user.allgroups, 0, NULL,
+    N_("Retain all supplementary groups of which user is a member.") },
   { "umask", mu_cfg_callback, &pies_umask, 0, _cb_umask,
     N_("Force this umask."),
     N_("arg: number") },
@@ -910,6 +915,29 @@ version (FILE *stream, struct argp_state *state)
 }
 
 
+static void
+pies_add_allgroups (mu_list_t *pgrouplist, const char *user)
+{
+  struct group *gr;
+  mu_list_t list;
+  if (!*pgrouplist)
+    mu_list_create (pgrouplist);
+  list = *pgrouplist;
+  setgrent ();
+  while (gr = getgrent ())
+    {
+      char **p;
+      for (p = gr->gr_mem; *p; p++)
+	if (strcmp (*p, user) == 0)
+	  {
+	    /* FIXME: Avoid duplicating gids */
+	    mu_list_append (list, (void*)gr->gr_gid);
+	    break;
+	  }
+    }
+  endgrent ();
+}
+
 void
 priv_setup (struct pies_privs_data *pr)
 {
@@ -921,6 +949,8 @@ priv_setup (struct pies_privs_data *pr)
 	  mu_error (_("No such user: %s"), pr->user);
 	  exit (EX_CONFIG);
 	}
+      if (pr->allgroups)
+	pies_add_allgroups (&pr->groups, pr->user);
       if (pw && switch_to_privs (pw->pw_uid, pw->pw_gid, pr->groups))
 	exit (EX_SOFTWARE);
     }
author	Sergey Poznyakoff <gray@gnu.org.ua>	2008-11-11 15:13:54 +0000
committer	Sergey Poznyakoff <gray@gnu.org.ua>	2008-11-11 15:13:54 +0000
commit	0af7127c5084ffc3550de8d98e00582975eb6113 (patch)
tree	025df4a8afae34e999cb61d6255f4eb757e65687 /pies/pies.c
parent	58073638e695a34728794daf83c63b740419daa4 (diff)
download	pies-0af7127c5084ffc3550de8d98e00582975eb6113.tar.gz pies-0af7127c5084ffc3550de8d98e00582975eb6113.tar.bz2