/[LeafOK_CVS]/pvpgn-1.7.4/src/common/give_up_root_privileges.c
ViewVC logotype

Annotation of /pvpgn-1.7.4/src/common/give_up_root_privileges.c

Parent Directory Parent Directory | Revision Log Revision Log

Revision 1.1 - (hide annotations)
Tue Jun 6 03:41:38 2006 UTC (19 years, 9 months ago) by sysadm
CVS Tags: pvpgn_1-7-4-0_MIL
Branch point for: GNU, MAIN
Content type: text/x-csrc 
Initial revision
1 sysadm 1.1 /*
2     * Copyright (C) 2001 Hakan Tandogan (hakan@gurkensalat.com)
3     *
4     * This program is free software; you can redistribute it and/or
5     * modify it under the terms of the GNU General Public License
6     * as published by the Free Software Foundation; either version 2
7     * of the License, or (at your option) any later version.
8     *
9     * This program is distributed in the hope that it will be useful,
10     * but WITHOUT ANY WARRANTY; without even the implied warranty of
11     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12     * GNU General Public License for more details.
13     *
14     * You should have received a copy of the GNU General Public License
15     * along with this program; if not, write to the Free Software
16     * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
17     */
18    
19     #include "common/setup_before.h"
20     #ifdef HAVE_STDDEF_H
21     # include <stddef.h>
22     #else
23     # ifndef NULL
24     # define NULL ((void *)0)
25     # endif
26     #endif
27     #ifdef STDC_HEADERS
28     # include <stdlib.h>
29     #endif
30     #ifdef HAVE_SYS_TYPES_H
31     # include <sys/types.h>
32     #endif
33     #ifdef HAVE_UNISTD_H
34     # include <unistd.h>
35     #endif
36     #ifdef HAVE_PWD_H
37     # include <pwd.h>
38     #endif
39     #ifdef HAVE_GRP_H
40     # include <grp.h>
41     #endif
42     #ifdef HAVE_STRING_H
43     # include <string.h>
44     #endif
45     #include <errno.h>
46     #include "compat/strerror.h"
47     #include "common/eventlog.h"
48     #include "common/give_up_root_privileges.h"
49     #include "common/setup_after.h"
50    
51    
52     #define ILLEGAL_ID -1
53    
54    
55     static int gurp_gname2id(const char *name);
56     static int gurp_uname2id(const char *name);
57    
58    
59     extern int give_up_root_privileges(char const * user_name, char const * group_name)
60     {
61     int user_id = 0;
62     int group_id = 0;
63    
64     eventlog(eventlog_level_debug,__FUNCTION__,"about to give up root privileges");
65    
66     if (user_name)
67     {
68     if ((user_id = gurp_uname2id(user_name))==ILLEGAL_ID)
69     { return -1; }
70     else
71     { eventlog(eventlog_level_debug,__FUNCTION__,"should change to user = '%s' (%d)", user_name, user_id); }
72     }
73     if (group_name)
74     {
75     if ((group_id = gurp_gname2id(group_name))==ILLEGAL_ID)
76     { return -1; }
77     else
78     { eventlog(eventlog_level_debug,__FUNCTION__,"should change to group = '%s' (%d)", group_name, group_id); }
79     }
80    
81     /* Change first the group ID, later we might not be able to anymore
82     * We can use setgid safely because we don't want to return to root
83     * privileges anymore
84     */
85    
86     #ifdef HAVE_SETGID
87     if (group_name)
88     {
89     if (-1 == setgid(group_id))
90     {
91     eventlog(eventlog_level_fatal,__FUNCTION__,"could not set gid to %d (setgid: %s)", group_id, pstrerror(errno));
92     return -1;
93     }
94     # ifdef HAVE_GETUID
95     eventlog(eventlog_level_info,__FUNCTION__,"Changed privileges to gid = %d", getgid());
96     # endif
97     }
98     #endif
99    
100     #ifdef HAVE_SETUID
101     if (user_name)
102     {
103     if (-1 == setuid(user_id))
104     {
105     eventlog(eventlog_level_fatal,__FUNCTION__,"could not set uid to %d (setuid: %s)", user_id, pstrerror(errno));
106     return -1;
107     }
108     # ifdef HAVE_GETGID
109     eventlog(eventlog_level_info,__FUNCTION__,"Changed privileges to uid = %d", getuid());
110     # endif
111     }
112     #endif
113    
114     return 0;
115     }
116    
117    
118     static int gurp_uname2id(const char *name)
119     {
120     int id = ILLEGAL_ID;
121    
122     if (name != NULL)
123     {
124     if (name[0] == '#')
125     {
126     id = atoi(&name[1]);
127     }
128     else
129     {
130     #ifdef HAVE_GETPWNAM
131     struct passwd * ent;
132    
133     eventlog(eventlog_level_debug,__FUNCTION__,"about to getpwnam(%s)", name);
134    
135     if (!(ent = getpwnam(name)))
136     {
137     eventlog(eventlog_level_fatal,__FUNCTION__,"cannot get password file entry for '%s' (getpwnam: %s)", name, pstrerror(errno));
138     return id;
139     }
140     id = ent->pw_uid;
141     #else
142     return id;
143     #endif
144     }
145     }
146    
147     return id;
148     }
149    
150    
151     static int gurp_gname2id(const char *name)
152     {
153     int id = ILLEGAL_ID;
154    
155     if (name != NULL)
156     {
157     if (name[0] == '#')
158     {
159     id = atoi(&name[1]);
160     }
161     else
162     {
163     #ifdef HAVE_GETGRNAM
164     struct group * ent;
165    
166     eventlog(eventlog_level_debug,__FUNCTION__,"about to getgrnam(%s)", name);
167    
168     if (!(ent = getgrnam(name)))
169     {
170     eventlog(eventlog_level_fatal,__FUNCTION__,"cannot get group file entry for '%s' (getgrnam: %s)", name, pstrerror(errno));
171     return id;
172     }
173     id = ent->gr_gid;
174     #else
175     return id;
176     #endif
177     }
178     }
179    
180     return id;
181     }
webmaster@leafok.com
 ViewVC Help
Powered by ViewVC 1.3.0-beta1