1 kumpf 1.2 /*
  2           //%2006////////////////////////////////////////////////////////////////////////
  3           //
  4           // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
  5           // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
  6           // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
  7           // IBM Corp.; EMC Corporation, The Open Group.
  8           // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
  9           // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
 10           // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
 11           // EMC Corporation; VERITAS Software Corporation; The Open Group.
 12           // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
 13           // EMC Corporation; Symantec Corporation; The Open Group.
 14           //
 15           // Permission is hereby granted, free of charge, to any person obtaining a copy
 16           // of this software and associated documentation files (the "Software"), to
 17           // deal in the Software without restriction, including without limitation the
 18           // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 19           // sell copies of the Software, and to permit persons to whom the Software is
 20           // furnished to do so, subject to the following conditions:
 21           // 
 22 kumpf 1.2 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
 23           // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
 24           // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
 25           // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
 26           // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
 27           // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
 28           // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 29           // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 30           //
 31           //%/////////////////////////////////////////////////////////////////////////////
 32           */

 33 kumpf 1.3 #include <unistd.h>

 34 kumpf 1.2 #include <sys/types.h>
 35           #include <pwd.h>

 36 kumpf 1.3 #include <grp.h>

 37 kumpf 1.2 #include "User.h"
 38           #include "Log.h"
 39           #include "Strlcpy.h"
 40           
 41           #define PWD_BUFF_SIZE 4096
 42           
 43           /*
 44           **==============================================================================
 45           **
 46           ** GetUserInfo()
 47           **
 48           **     Lookup the given user's uid and gid.
 49           **
 50           **==============================================================================
 51           */
 52           
 53           int GetUserInfo(const char* user, int* uid, int* gid)
 54           {
 55               struct passwd pwd;
 56               char buffer[PWD_BUFF_SIZE];
 57               struct passwd* ptr = 0;
 58 kumpf 1.2 
 59               if (getpwnam_r(user, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
 60               {
 61                   Log(LL_TRACE, "getpwnam_r(%s, ...) failed", user);
 62                   return -1;
 63               }
 64           
 65               *uid = ptr->pw_uid;
 66               *gid = ptr->pw_gid;
 67           
 68               return 0;
 69           }
 70           
 71           /*
 72           **==============================================================================
 73           **
 74           ** GetUserName()
 75           **
 76           **     Lookup the user name for the specified user ID.
 77           **
 78           **==============================================================================
 79 kumpf 1.2 */
 80           
 81           int GetUserName(int uid, char username[EXECUTOR_BUFFER_SIZE])
 82           {
 83               struct passwd pwd;
 84               char buffer[PWD_BUFF_SIZE];
 85               struct passwd* ptr = 0;
 86           
 87               if (getpwuid_r(uid, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
 88               {
 89                   Log(LL_TRACE, "getpwuid_r(%d, ...) failed", uid);
 90                   username[0] = '\0';
 91                   return -1;
 92               }
 93           
 94               Strlcpy(username, ptr->pw_name, EXECUTOR_BUFFER_SIZE);
 95               return 0;
 96           }

 97 kumpf 1.3 
 98           /*
 99           **==============================================================================
100           **
101           ** SetUserContext()
102           **
103           **     Set the process user ID, group ID, and supplemental groups
104           **
105           **==============================================================================
106           */
107           
108           void SetUserContext(const char* username, int uid, int gid)
109           {
110               if ((int)getgid() != gid)
111               {
112                   if (setgid((gid_t)gid) != 0)
113                   {
114                       Log(LL_SEVERE, "setgid(%d) failed\n", gid);
115                       _exit(1);
116                   }
117               }
118 kumpf 1.3 
119               if (initgroups(username, gid) != 0)
120               {
121                   Log(LL_SEVERE, "initgroups(%s, %d) failed\n", username, gid);
122                   _exit(1);
123               }
124           
125               if ((int)getuid() != uid)
126               {
127                   if (setuid((uid_t)uid) != 0)
128                   {
129                       Log(LL_SEVERE, "setuid(%d) failed\n", uid);
130                       _exit(1);
131                   }
132               }
133           }