1 kumpf 1.2 /*
2 //%2006////////////////////////////////////////////////////////////////////////
3 //
4 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
5 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
6 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
7 // IBM Corp.; EMC Corporation, The Open Group.
8 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
9 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
10 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
11 // EMC Corporation; VERITAS Software Corporation; The Open Group.
12 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
13 // EMC Corporation; Symantec Corporation; The Open Group.
14 //
15 // Permission is hereby granted, free of charge, to any person obtaining a copy
16 // of this software and associated documentation files (the "Software"), to
17 // deal in the Software without restriction, including without limitation the
18 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
19 // sell copies of the Software, and to permit persons to whom the Software is
20 // furnished to do so, subject to the following conditions:
21 //
22 kumpf 1.2 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
23 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
24 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
25 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
26 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
27 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
28 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
29 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 //
31 //%/////////////////////////////////////////////////////////////////////////////
32 */
|
37 kumpf 1.2 #include "User.h"
38 #include "Log.h"
39 #include "Strlcpy.h"
40
41 #define PWD_BUFF_SIZE 4096
42
43 /*
44 **==============================================================================
45 **
46 ** GetUserInfo()
47 **
48 ** Lookup the given user's uid and gid.
49 **
50 **==============================================================================
51 */
52
53 int GetUserInfo(const char* user, int* uid, int* gid)
54 {
55 struct passwd pwd;
56 char buffer[PWD_BUFF_SIZE];
57 struct passwd* ptr = 0;
58 kumpf 1.2
59 if (getpwnam_r(user, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
60 {
61 Log(LL_TRACE, "getpwnam_r(%s, ...) failed", user);
62 return -1;
63 }
64
65 *uid = ptr->pw_uid;
66 *gid = ptr->pw_gid;
67
68 return 0;
69 }
70
71 /*
72 **==============================================================================
73 **
74 ** GetUserName()
75 **
76 ** Lookup the user name for the specified user ID.
77 **
78 **==============================================================================
79 kumpf 1.2 */
80
81 int GetUserName(int uid, char username[EXECUTOR_BUFFER_SIZE])
82 {
83 struct passwd pwd;
84 char buffer[PWD_BUFF_SIZE];
85 struct passwd* ptr = 0;
86
87 if (getpwuid_r(uid, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
88 {
89 Log(LL_TRACE, "getpwuid_r(%d, ...) failed", uid);
90 username[0] = '\0';
91 return -1;
92 }
93
94 Strlcpy(username, ptr->pw_name, EXECUTOR_BUFFER_SIZE);
95 return 0;
96 }
|
97 kumpf 1.3
98 /*
99 **==============================================================================
100 **
101 ** SetUserContext()
102 **
103 ** Set the process user ID, group ID, and supplemental groups
104 **
105 **==============================================================================
106 */
107
108 void SetUserContext(const char* username, int uid, int gid)
109 {
110 if ((int)getgid() != gid)
111 {
112 if (setgid((gid_t)gid) != 0)
113 {
114 Log(LL_SEVERE, "setgid(%d) failed\n", gid);
115 _exit(1);
116 }
117 }
118 kumpf 1.3
119 if (initgroups(username, gid) != 0)
120 {
121 Log(LL_SEVERE, "initgroups(%s, %d) failed\n", username, gid);
122 _exit(1);
123 }
124
125 if ((int)getuid() != uid)
126 {
127 if (setuid((uid_t)uid) != 0)
128 {
129 Log(LL_SEVERE, "setuid(%d) failed\n", uid);
130 _exit(1);
131 }
132 }
133 }
|