diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-02-26 00:50:24 +0200 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2009-02-26 00:50:24 +0200 |
commit | 81640ab2b9ad954d4952aed43a70d7874da1c463 (patch) | |
tree | 8160066cb7259357f17a40121f7ed7d0fff5701e /src/wydawca.h | |
parent | 9ec721b2a3a023f6339fe3c910635e477e4a311f (diff) | |
download | wydawca-81640ab2b9ad954d4952aed43a70d7874da1c463.tar.gz wydawca-81640ab2b9ad954d4952aed43a70d7874da1c463.tar.bz2 |
Switch to non-privileged UID/GID before startup.
* src/userprivs.c: New file.
* src/Makefile.am (wydawca_SOURCES): Add userprivs.c
* src/config.c (cb_access_method_params): Add missing gl_list_iterator_free.
(cb_user, cb_supp_groups): New callbacks.
(wydawca_kw): New keywords: user and group.
* src/wydawca.c (wydawca_uid, wydawca_gid)
(wydawca_supp_groupc, wydawca_supp_groups): New variables.
(wydawca_set_uid, wydawca_set_gid, wydawca_set_privs)
(wydawca_set_triplet_privs, wydawca_set_root_privs): Remove.
(main): --dry-run implies --cron.
Switch to non-privileged UID/GID before startup.
* src/wydawca.h (wydawca_uid, wydawca_gid)
(wydawca_supp_groupc, wydawca_supp_groups): New declarations.
* src/mail.c (do_notify): Duplicate admin_address, it gets freed in do_notify.
* src/directive.c, src/diskio.c, src/lock.c, src/triplet.c: Update.
Diffstat (limited to 'src/wydawca.h')
-rw-r--r-- | src/wydawca.h | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/src/wydawca.h b/src/wydawca.h index f786271..81e6509 100644 --- a/src/wydawca.h +++ b/src/wydawca.h | |||
@@ -303,6 +303,10 @@ void make_default_meta (struct metadef kwexp[5], const char *user, | |||
303 | 303 | ||
304 | 304 | ||
305 | /* Global variables */ | 305 | /* Global variables */ |
306 | extern uid_t wydawca_uid; | ||
307 | extern gid_t wydawca_gid; | ||
308 | extern size_t wydawca_supp_groupc; | ||
309 | extern gid_t *wydawca_supp_groups; | ||
306 | extern char *conffile; /* Configuration file name */ | 310 | extern char *conffile; /* Configuration file name */ |
307 | extern int debug_level; /* Debugging level */ | 311 | extern int debug_level; /* Debugging level */ |
308 | extern int dry_run_mode; /* Dry run indicator */ | 312 | extern int dry_run_mode; /* Dry run indicator */ |
@@ -355,8 +359,8 @@ size_t trim_length (const char *str); | |||
355 | size_t trim (char *str); | 359 | size_t trim (char *str); |
356 | void logmsg (int prio, char *fmt, ...) GSC_PRINTFLIKE(2,3); | 360 | void logmsg (int prio, char *fmt, ...) GSC_PRINTFLIKE(2,3); |
357 | int test_dir (const char *name, int *ec); | 361 | int test_dir (const char *name, int *ec); |
358 | char *create_directory (const char *base, const char *name, | 362 | char *create_directory (const char *base, const char *name); |
359 | uid_t uid, gid_t gid); | 363 | int create_hierarchy (char *dir, size_t baselen); |
360 | void parse_config (void); | 364 | void parse_config (void); |
361 | void log_output (int prio, const char *prog, FILE *fp); | 365 | void log_output (int prio, const char *prog, FILE *fp); |
362 | 366 | ||
@@ -428,9 +432,6 @@ int process_directives (struct file_triplet *trp, | |||
428 | 432 | ||
429 | int enabled_spool_p (const struct spool *spool); | 433 | int enabled_spool_p (const struct spool *spool); |
430 | 434 | ||
431 | int wydawca_set_privs (uid_t uid, gid_t gid); | ||
432 | int wydawca_set_triplet_privs (struct file_triplet *trp); | ||
433 | int wydawca_set_root_privs (void); | ||
434 | 435 | ||
435 | 436 | ||
436 | int parse_time_interval (const char *str, time_t *pint, const char **endp); | 437 | int parse_time_interval (const char *str, time_t *pint, const char **endp); |
@@ -538,3 +539,6 @@ void wydawca_lock_init (void); | |||
538 | /* tcpwrap.h */ | 539 | /* tcpwrap.h */ |
539 | extern struct gconf_keyword tcpwrapper_kw[]; | 540 | extern struct gconf_keyword tcpwrapper_kw[]; |
540 | int tcpwrap_access(int fd); | 541 | int tcpwrap_access(int fd); |
542 | |||
543 | /* userprivs.c */ | ||
544 | int wydawca_userprivs (uid_t uid, gid_t gid, gid_t *grplist, size_t ngrp); | ||