diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-02-26 00:50:24 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-02-26 00:50:24 +0200 |
commit | 81640ab2b9ad954d4952aed43a70d7874da1c463 (patch) | |
tree | 8160066cb7259357f17a40121f7ed7d0fff5701e /src/wydawca.c | |
parent | 9ec721b2a3a023f6339fe3c910635e477e4a311f (diff) | |
download | wydawca-81640ab2b9ad954d4952aed43a70d7874da1c463.tar.gz wydawca-81640ab2b9ad954d4952aed43a70d7874da1c463.tar.bz2 |
Switch to non-privileged UID/GID before startup.
* src/userprivs.c: New file.
* src/Makefile.am (wydawca_SOURCES): Add userprivs.c
* src/config.c (cb_access_method_params): Add missing gl_list_iterator_free.
(cb_user, cb_supp_groups): New callbacks.
(wydawca_kw): New keywords: user and group.
* src/wydawca.c (wydawca_uid, wydawca_gid)
(wydawca_supp_groupc, wydawca_supp_groups): New variables.
(wydawca_set_uid, wydawca_set_gid, wydawca_set_privs)
(wydawca_set_triplet_privs, wydawca_set_root_privs): Remove.
(main): --dry-run implies --cron.
Switch to non-privileged UID/GID before startup.
* src/wydawca.h (wydawca_uid, wydawca_gid)
(wydawca_supp_groupc, wydawca_supp_groups): New declarations.
* src/mail.c (do_notify): Duplicate admin_address, it gets freed in do_notify.
* src/directive.c, src/diskio.c, src/lock.c, src/triplet.c: Update.
Diffstat (limited to 'src/wydawca.c')
-rw-r--r-- | src/wydawca.c | 90 |
1 files changed, 22 insertions, 68 deletions
diff --git a/src/wydawca.c b/src/wydawca.c index 48c27e9..f02ac99 100644 --- a/src/wydawca.c +++ b/src/wydawca.c @@ -19,6 +19,10 @@ #include "argmatch.h" #include "version-etc.h" +uid_t wydawca_uid; +gid_t wydawca_gid; +size_t wydawca_supp_groupc; +gid_t *wydawca_supp_groups; char *conffile = SYSCONFDIR "/wydawca.rc" ; int debug_level; int dry_run_mode; @@ -265,73 +269,6 @@ collect_uids (int argc, char **argv) } -static int -wydawca_set_uid (uid_t uid) -{ - int rc; - - if (getuid () != 0) - return 0; -#if defined(HAVE_SETREUID) - rc = setreuid (0, uid); -#elif defined(HAVE_SETRESUID) - rc = setresuid (-1, uid, -1); -#elif defined(HAVE_SETEUID) - rc = seteuid (uid); -#else -# error "No way to reset user privileges?" -#endif - if (rc < 0) - logmsg (LOG_ERR, _("cannot switch to UID %d: %s (r=%d, e=%d)"), - uid, strerror (errno), getuid (), geteuid ()); - return rc; -} - -static int -wydawca_set_gid (gid_t gid) -{ - int rc; - - if (getuid () != 0) - return 0; -#if defined(HAVE_SETREGID) - rc = setregid (0, gid); -#elif defined(HAVE_SETRESGID) - rc = setresgid (-1, gid, -1); -#elif defined(HAVE_SETEGID) - rc = setegid (gid); -#else -# error "No way to reset user privileges?" -#endif - if (rc < 0) - logmsg (LOG_ERR, _("cannot switch to GID %d: %s (r=%d, e=%d)"), - gid, strerror (errno), getgid (), getegid ()); - return rc; -} - -int -wydawca_set_privs (uid_t uid, gid_t gid) -{ - if (wydawca_set_gid (gid)) - return -1; - if (wydawca_set_uid (uid)) - return -1; - return 0; -} - -int -wydawca_set_triplet_privs (struct file_triplet *trp) -{ - return wydawca_set_privs (TRIPLET_UID (trp), TRIPLET_GID (trp)); -} - -int -wydawca_set_root_privs () -{ - return wydawca_set_privs (0, 0); -} - - char **x_argv; extern int reconfigure; @@ -377,6 +314,8 @@ main (int argc, char **argv) if (lint_mode) exit (0); + if (dry_run_mode) + cron_option = 1; if (cron_option) daemon_mode = 0; if (foreground_option >= 0) @@ -394,6 +333,22 @@ main (int argc, char **argv) log_printer = syslog_printer; } + if (getgid () == 0) + { + if (wydawca_uid == 0) + { + if (!force_startup) + { + logmsg (LOG_CRIT, _("won't run with root privileges")); + exit (EX_UNAVAILABLE); + } + } + else if (wydawca_userprivs (wydawca_uid, wydawca_gid, + wydawca_supp_groups, + wydawca_supp_groupc)) + exit (EX_UNAVAILABLE); + } + mail_init (); wydawca_lock_init (); @@ -414,7 +369,6 @@ main (int argc, char **argv) if (reconfigure) { int i; - wydawca_set_uid (0); for (i = getdtablesize (); i > 2; i--) close (i); remove_pidfile (); |