search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fixup fromcvs/togit conversion
[minix-pkgsrc.git] / security / prelude-lml / files / run-prelude-lml.c
blob41e5888524a15a3053e1a18a74d59cde71ea3f82
1 #define PRELUDE_LML_USER "@PRELUDE_USER@"
2 #define PRELUDE_LML_PATH "@PREFIX@/bin/prelude-lml"
3
4 #include <unistd.h>
5 #include <string.h>
6 #include <stdio.h>
7 #include <errno.h>
8 #include <stdlib.h>
9 #include <sys/wait.h>
10 #include <pwd.h>
11 #include <syslog.h>
12
13 #define MAX_ARGS 40
14 #ifndef TRUE
15 #define TRUE 1
16 #endif /* TRUE */
17
18 #ifndef FALSE
19 #define FALSE 0
20 #endif /* FALSE */
21
22
23 void error_sys(char *str)
24
25 {
26 /* Output error message to syslog */
27 char msg[1024];
28 snprintf(msg, sizeof(msg), "run-prelude-lml : %s : %s", str, strerror(errno));
29 syslog(LOG_ALERT, msg);
30
31 }
32
33
34 int obtainUIDandGID(const char *name, uid_t *pw_uid, gid_t *pw_gid)
35 {
36 /* Obtain UID and GID from passwd entry identified by name */
37 struct passwd *pw_entry;
38 char msg[100];
39
40 if ((pw_entry = getpwnam(name)) == NULL)
41 {
42 snprintf(msg, sizeof(msg), "failed to get password entry for %s", name);
43 error_sys(msg);
44 return FALSE;
45 }
46 else
47 {
48 *pw_uid = pw_entry->pw_uid;
49 *pw_gid = pw_entry->pw_gid;
50 return TRUE;
51
52 }
53 }
54
55
56 int main (int argc, char **argv )
57
58 {
59
60 pid_t pid;
61 uid_t UID;
62 gid_t GID;
63 pid_t pidwait;
64 int waitstat;
65 int s;
66 int max_fd;
67
68 /* Sanity check */
69 if (argc > MAX_ARGS)
70 {
71 error_sys("arg buffer too small");
72 exit(-1);
73 }
74
75 if (geteuid() != 0)
76 {
77 error_sys("must be called by root");
78 exit(-1);
79 }
80
81 /* fork child that will become prelude-lml */
82 if ((pid = fork()) < 0)
83
84 error_sys("fork error");
85
86 else
87
88 {
89
90 if (pid == 0)
91
92 {
93
94 /* We're the child */
95 char *args[MAX_ARGS];
96 unsigned int i;
97
98 /* Become session leader */
99 setsid();
100
101 /* Change working directory to root directory.
102 The current working directory could be a mounted
103 filesystem; if the daemon stays on a mounted
104 filesystem it could prevent the filesystem from
105 being umounted. */
106 chdir("/");
107
108 /* Clear out file creation mask */
109 umask(0);
110
111 /* Close unneeded file descriptors */
112 max_fd = (int) sysconf(_SC_OPEN_MAX);
113 if (max_fd == -1)
114 max_fd = getdtablesize();
115 for (s = 3; s < max_fd; s++)
116 (void) close(s);
117
118 if (!obtainUIDandGID(PRELUDE_LML_USER, &UID, &GID))
119 exit(-1);
120
121 /* Drop privileges immediately */
122 if (setgid(GID) < 0)
123 {
124 /* It is VERY important to check return
125 value and not continue if setgid fails
126 */
127 error_sys ("setgid failed");
128 exit (-1);
129 }
130
131 if (setuid(UID) < 0)
132 {
133 /* It is VERY important to check return
134 value and not continue if setuid fails
135 */
136 error_sys ("setuid failed");
137 exit (-1);
138 }
139
140 /* Build calling argv */
141 args[0] = PRELUDE_LML_PATH;
142 for (i=1;i<argc;i++)
143 {
144 args[i] = argv[i];
145 }
146 args[i++] = NULL;
147
148 /* Finally transform self into prelude-lml */
149 if (execvp(PRELUDE_LML_PATH, args) < 0)
150 error_sys("execve error");
151 else
152 ; /* avoid if-then ambiguity */
153 }
154
155 else
156
157 {
158 /* We're the parent
159 Terminate
160 */
161 exit(0);
162 }
163
164 }
165
166 }
MINIX 3's pkgsrc repo mirror