1 kumpf 1.2 /*

  2 martin 1.4 //%LICENSE////////////////////////////////////////////////////////////////

  3 martin 1.5 //

  4 martin 1.4 // Licensed to The Open Group (TOG) under one or more contributor license
  5            // agreements.  Refer to the OpenPegasusNOTICE.txt file distributed with
  6            // this work for additional information regarding copyright ownership.
  7            // Each contributor licenses this file to you under the OpenPegasus Open
  8            // Source License; you may not use this file except in compliance with the
  9            // License.

 10 martin 1.5 //

 11 martin 1.4 // Permission is hereby granted, free of charge, to any person obtaining a
 12            // copy of this software and associated documentation files (the "Software"),
 13            // to deal in the Software without restriction, including without limitation
 14            // the rights to use, copy, modify, merge, publish, distribute, sublicense,
 15            // and/or sell copies of the Software, and to permit persons to whom the
 16            // Software is furnished to do so, subject to the following conditions:

 17 martin 1.5 //

 18 martin 1.4 // The above copyright notice and this permission notice shall be included
 19            // in all copies or substantial portions of the Software.

 20 martin 1.5 //

 21 martin 1.4 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS

 22 martin 1.5 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

 23 martin 1.4 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
 24            // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
 25            // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
 26            // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
 27            // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 28 martin 1.5 //

 29 martin 1.4 //////////////////////////////////////////////////////////////////////////

 30 kumpf  1.2 */

 31 kumpf  1.3 #include <unistd.h>

 32 kumpf  1.2 #include <sys/types.h>
 33            #include <pwd.h>

 34 kumpf  1.3 #include <grp.h>

 35 kumpf  1.2 #include "User.h"
 36            #include "Log.h"
 37            #include "Strlcpy.h"
 38            
 39            #define PWD_BUFF_SIZE 4096
 40            
 41            /*
 42            **==============================================================================
 43            **
 44            ** GetUserInfo()
 45            **
 46            **     Lookup the given user's uid and gid.
 47            **
 48            **==============================================================================
 49            */
 50            
 51            int GetUserInfo(const char* user, int* uid, int* gid)
 52            {
 53                struct passwd pwd;
 54                char buffer[PWD_BUFF_SIZE];
 55                struct passwd* ptr = 0;
 56 kumpf  1.2 
 57                if (getpwnam_r(user, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
 58                {
 59                    Log(LL_TRACE, "getpwnam_r(%s, ...) failed", user);
 60                    return -1;
 61                }
 62            
 63                *uid = ptr->pw_uid;
 64                *gid = ptr->pw_gid;
 65            
 66                return 0;
 67            }
 68            
 69            /*
 70            **==============================================================================
 71            **
 72            ** GetUserName()
 73            **
 74            **     Lookup the user name for the specified user ID.
 75            **
 76            **==============================================================================
 77 kumpf  1.2 */
 78            
 79            int GetUserName(int uid, char username[EXECUTOR_BUFFER_SIZE])
 80            {
 81                struct passwd pwd;
 82                char buffer[PWD_BUFF_SIZE];
 83                struct passwd* ptr = 0;
 84            
 85                if (getpwuid_r(uid, &pwd, buffer, PWD_BUFF_SIZE, &ptr) != 0 || !ptr)
 86                {
 87                    Log(LL_TRACE, "getpwuid_r(%d, ...) failed", uid);
 88                    username[0] = '\0';
 89                    return -1;
 90                }
 91            
 92                Strlcpy(username, ptr->pw_name, EXECUTOR_BUFFER_SIZE);
 93                return 0;
 94            }

 95 kumpf  1.3 
 96            /*
 97            **==============================================================================
 98            **
 99            ** SetUserContext()
100            **
101            **     Set the process user ID, group ID, and supplemental groups
102            **
103            **==============================================================================
104            */
105            
106            void SetUserContext(const char* username, int uid, int gid)
107            {
108                if ((int)getgid() != gid)
109                {
110                    if (setgid((gid_t)gid) != 0)
111                    {
112                        Log(LL_SEVERE, "setgid(%d) failed\n", gid);
113                        _exit(1);
114                    }
115                }
116 kumpf  1.3 
117                if (initgroups(username, gid) != 0)
118                {
119                    Log(LL_SEVERE, "initgroups(%s, %d) failed\n", username, gid);
120                    _exit(1);
121                }
122            
123                if ((int)getuid() != uid)
124                {
125                    if (setuid((uid_t)uid) != 0)
126                    {
127                        Log(LL_SEVERE, "setuid(%d) failed\n", uid);
128                        _exit(1);
129                    }
130                }
131            }