Subversion Repositories public

Rev

Rev 69 | Rev 83 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 69 Rev 77
Line 29... Line 29...
29
#define DONT_FOLLOW(mask) InotifyEvent::IsType(mask, IN_DONT_FOLLOW)
29
#define DONT_FOLLOW(mask) InotifyEvent::IsType(mask, IN_DONT_FOLLOW)
30
#else // IN_DONT_FOLLOW
30
#else // IN_DONT_FOLLOW
31
#define DONT_FOLLOW(mask) (false)
31
#define DONT_FOLLOW(mask) (false)
32
#endif // IN_DONT_FOLLOW
32
#endif // IN_DONT_FOLLOW
33
33
-
 
34
// this is not enough, but...
-
 
35
#define DEFAULT_PATH "/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin"
-
 
36
34
37
35
PROC_MAP UserTable::s_procMap;
38
PROC_MAP UserTable::s_procMap;
36
39
37
extern volatile bool g_fFinish;
40
extern volatile bool g_fFinish;
38
extern SUT_MAP g_ut;
41
extern SUT_MAP g_ut;
Line 382... Line 385...
382
        _exit(1);
385
        _exit(1);
383
      }
386
      }
384
    }
387
    }
385
    else {
388
    else {
386
      // for user table
389
      // for user table
387
      struct passwd* pwd = getpwnam(m_user.c_str());
-
 
388
      if (    pwd == NULL                 // user not found
-
 
389
          ||  setgid(pwd->pw_gid) != 0    // setting GID failed
-
 
390
          ||  setuid(pwd->pw_uid) != 0    // setting UID failed
-
 
391
          ||  execvp(argv[0], argv) != 0) // exec failed
-
 
392
      {
-
 
393
        syslog(LOG_ERR, "cannot exec process: %s", strerror(errno));
-
 
394
        _exit(1);
390
      RunAsUser(argv);
395
      }
-
 
396
    }
391
    }
397
  }
392
  }
398
  else if (pid > 0) {
393
  else if (pid > 0) {
399
    ProcData_t pd;
394
    ProcData_t pd;
400
    if (pE->IsNoLoop()) {
395
    if (pE->IsNoLoop()) {
Line 527... Line 522...
527
  }
522
  }
528
 
523
 
529
  return false; // no access right found
524
  return false; // no access right found
530
}
525
}
531
526
-
 
527
void UserTable::RunAsUser(char* const* argv) const
-
 
528
{
-
 
529
  struct passwd* pwd = getpwnam(m_user.c_str());
-
 
530
  if (    pwd == NULL                 // user not found
-
 
531
      ||  setgid(pwd->pw_gid) != 0    // setting GID failed
-
 
532
      ||  setuid(pwd->pw_uid) != 0)    // setting UID failed
-
 
533
  {
-
 
534
    goto failed;
-
 
535
  }
532
536
 
-
 
537
  if (pwd->pw_uid != 0) {
-
 
538
    if (clearenv() != 0)
-
 
539
      goto failed;
-
 
540
     
-
 
541
    if (    setenv("LOGNAME",   pwd->pw_name,   1) != 0
-
 
542
        ||  setenv("USER",      pwd->pw_name,   1) != 0
-
 
543
        ||  setenv("USERNAME",  pwd->pw_name,   1) != 0
-
 
544
        ||  setenv("HOME",      pwd->pw_dir,    1) != 0
-
 
545
        ||  setenv("SHELL",     pwd->pw_shell,  1) != 0
-
 
546
        ||  setenv("PATH",      DEFAULT_PATH,   1) != 0)
-
 
547
    {
-
 
548
      goto failed;
-
 
549
    }
-
 
550
  }
-
 
551
 
-
 
552
  execvp(argv[0], argv);  // this may return only on failure
-
 
553
 
-
 
554
failed:
-
 
555
   
-
 
556
  syslog(LOG_ERR, "cannot exec process: %s", strerror(errno));
-
 
557
  _exit(1);
-
 
558
}
533
559