Subversion Repositories public

Rev

Rev 77 | Rev 100 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 77 Rev 83
Line 8... Line 8...
8
 * Copyright (C) 2006, 2007 Lukas Jelinek, <lukas@aiken.cz>
8
 * Copyright (C) 2006, 2007 Lukas Jelinek, <lukas@aiken.cz>
9
 *
9
 *
10
 * This program is free software; you can use it, redistribute
10
 * This program is free software; you can use it, redistribute
11
 * it and/or modify it under the terms of the GNU General Public
11
 * it and/or modify it under the terms of the GNU General Public
12
 * License, version 2 (see LICENSE-GPL).
12
 * License, version 2 (see LICENSE-GPL).
13
 *  
13
 *
-
 
14
 * Credits:
-
 
15
 *   David Santinoli (supplementary groups)
-
 
16
 *
14
 */
17
 */
15
18
16
19
17
#include <pwd.h>
20
#include <pwd.h>
18
#include <syslog.h>
21
#include <syslog.h>
19
#include <errno.h>
22
#include <errno.h>
20
#include <sys/wait.h>
23
#include <sys/wait.h>
21
#include <unistd.h>
24
#include <unistd.h>
22
#include <grp.h>
25
#include <grp.h>
-
 
26
#include <stdlib.h>
23
#include <sys/stat.h>
27
#include <sys/stat.h>
24
28
25
#include "usertable.h"
29
#include "usertable.h"
26
#include "incroncfg.h"
30
#include "incroncfg.h"
27
31
Line 525... Line 529...
525
}
529
}
526
530
527
void UserTable::RunAsUser(char* const* argv) const
531
void UserTable::RunAsUser(char* const* argv) const
528
{
532
{
529
  struct passwd* pwd = getpwnam(m_user.c_str());
533
  struct passwd* pwd = getpwnam(m_user.c_str());
530
  if (    pwd == NULL                 // user not found
534
  if (    pwd == NULL                 // check query result
531
      ||  setgid(pwd->pw_gid) != 0    // setting GID failed
535
      ||  setgid(pwd->pw_gid) != 0    // check GID
-
 
536
      ||  initgroups(m_user.c_str(),pwd->pw_gid) != 0 // check supplementary groups
532
      ||  setuid(pwd->pw_uid) != 0)    // setting UID failed
537
      ||  setuid(pwd->pw_uid) != 0)    // check UID
533
  {
538
  {
534
    goto failed;
539
    goto failed;
535
  }
540
  }
536
 
541
 
537
  if (pwd->pw_uid != 0) {
542
  if (pwd->pw_uid != 0) {