1 kumpf 1.2 /*
|
2 martin 1.4 //%LICENSE////////////////////////////////////////////////////////////////
|
3 martin 1.5 //
|
4 martin 1.4 // Licensed to The Open Group (TOG) under one or more contributor license
5 // agreements. Refer to the OpenPegasusNOTICE.txt file distributed with
6 // this work for additional information regarding copyright ownership.
7 // Each contributor licenses this file to you under the OpenPegasus Open
8 // Source License; you may not use this file except in compliance with the
9 // License.
|
10 martin 1.5 //
|
11 martin 1.4 // Permission is hereby granted, free of charge, to any person obtaining a
12 // copy of this software and associated documentation files (the "Software"),
13 // to deal in the Software without restriction, including without limitation
14 // the rights to use, copy, modify, merge, publish, distribute, sublicense,
15 // and/or sell copies of the Software, and to permit persons to whom the
16 // Software is furnished to do so, subject to the following conditions:
|
17 martin 1.5 //
|
18 martin 1.4 // The above copyright notice and this permission notice shall be included
19 // in all copies or substantial portions of the Software.
|
20 martin 1.5 //
|
21 martin 1.4 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
22 martin 1.5 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
23 martin 1.4 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
24 // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
25 // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
26 // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
27 // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
28 martin 1.5 //
|
29 martin 1.4 //////////////////////////////////////////////////////////////////////////
|
30 kumpf 1.2 */
|
31 kumpf 1.3 #include <unistd.h>
|
32 kumpf 1.2 #include <sys/types.h>
33 #include <pwd.h>
|
34 kumpf 1.3 #include <grp.h>
|
35 kumpf 1.2 #include "User.h"
36 #include "Log.h"
37 #include "Strlcpy.h"
38
39 #define PWD_BUFF_SIZE 4096
40
41 /*
42 **==============================================================================
43 **
44 ** GetUserInfo()
45 **
46 ** Lookup the given user's uid and gid.
47 **
48 **==============================================================================
49 */
50
51 int GetUserInfo(const char* user, int* uid, int* gid)
52 {
53 struct passwd pwd;
54 char buffer[PWD_BUFF_SIZE];
55 struct passwd* ptr = 0;
56 kumpf 1.2
57 if (getpwnam_r(user, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
58 {
59 Log(LL_TRACE, "getpwnam_r(%s, ...) failed", user);
60 return -1;
61 }
62
63 *uid = ptr->pw_uid;
64 *gid = ptr->pw_gid;
65
66 return 0;
67 }
68
69 /*
70 **==============================================================================
71 **
72 ** GetUserName()
73 **
74 ** Lookup the user name for the specified user ID.
75 **
76 **==============================================================================
77 kumpf 1.2 */
78
79 int GetUserName(int uid, char username[EXECUTOR_BUFFER_SIZE])
80 {
81 struct passwd pwd;
82 char buffer[PWD_BUFF_SIZE];
83 struct passwd* ptr = 0;
84
85 if (getpwuid_r(uid, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
86 {
87 Log(LL_TRACE, "getpwuid_r(%d, ...) failed", uid);
88 username[0] = '\0';
89 return -1;
90 }
91
92 Strlcpy(username, ptr->pw_name, EXECUTOR_BUFFER_SIZE);
93 return 0;
94 }
|
95 kumpf 1.3
96 /*
97 **==============================================================================
98 **
99 ** SetUserContext()
100 **
101 ** Set the process user ID, group ID, and supplemental groups
102 **
103 **==============================================================================
104 */
105
106 void SetUserContext(const char* username, int uid, int gid)
107 {
108 if ((int)getgid() != gid)
109 {
110 if (setgid((gid_t)gid) != 0)
111 {
112 Log(LL_SEVERE, "setgid(%d) failed\n", gid);
113 _exit(1);
114 }
115 }
116 kumpf 1.3
117 if (initgroups(username, gid) != 0)
118 {
119 Log(LL_SEVERE, "initgroups(%s, %d) failed\n", username, gid);
120 _exit(1);
121 }
122
123 if ((int)getuid() != uid)
124 {
125 if (setuid((uid_t)uid) != 0)
126 {
127 Log(LL_SEVERE, "setuid(%d) failed\n", uid);
128 _exit(1);
129 }
130 }
131 }
|