lib/util/setid.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    setXXid() functions for Samba.
   4    Copyright (C) Jeremy Allison 2012
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #ifndef AUTOCONF_TEST
  21 #include "replace.h"
  22 #include "system/passwd.h"
  23
  24 #include "../lib/util/setid.h"
  25
  26 #else
  27
  28 /* Inside autoconf test. */
  29 #if defined(HAVE_UNISTD_H)
  30 #include <unistd.h>
  31 #endif
  32 #include <stdlib.h>
  33 #include <stdio.h>
  34 #include <sys/types.h>
  35 #include <errno.h>
  36
  37 #if defined(HAVE_UNISTD_H)
  38 #include <unistd.h>
  39 #endif
  40 #ifdef HAVE_SYS_PRIV_H
  41 #include <sys/priv.h>
  42 #endif
  43 #ifdef HAVE_SYS_ID_H
  44 #include <sys/id.h>
  45 #endif
  46 #ifdef HAVE_GRP_H
  47 #include <grp.h>
  48 #endif
  49
  50 /* autoconf tests don't include setid.h */
  51 int samba_setresuid(uid_t ruid, uid_t euid, uid_t suid);
  52 int samba_setresgid(gid_t rgid, gid_t egid, gid_t sgid);
  53 int samba_setreuid(uid_t ruid, uid_t euid);
  54 int samba_setregid(gid_t rgid, gid_t egid);
  55 int samba_seteuid(uid_t euid);
  56 int samba_setegid(gid_t egid);
  57 int samba_setuid(uid_t uid);
  58 int samba_setgid(gid_t gid);
  59 int samba_setuidx(int flags, uid_t uid);
  60 int samba_setgidx(int flags, gid_t gid);
  61 int samba_setgroups(size_t setlen, const gid_t *gidset);
  62
  63 #endif
  64
  65 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
  66 #if defined(HAVE_SYSCALL_H)
  67 #include <syscall.h>
  68 #endif
  69
  70 #if defined(HAVE_SYS_SYSCALL_H)
  71 #include <sys/syscall.h>
  72 #endif
  73
  74 /* Ensure we can't compile in a mixed syscall setup. */
  75 #if !defined(USE_LINUX_32BIT_SYSCALLS)
  76 #if defined(SYS_setresuid32) || defined(SYS_setresgid32) || defined(SYS_setreuid32) || defined(SYS_setregid32) || defined(SYS_setuid32) || defined(SYS_setgid32) || defined(SYS_setgroups32)
  77 #error Mixture of 32-bit Linux system calls and 64-bit calls.
  78 #endif
  79 #endif
  80
  81 #endif
  82
  83 /* All the setXX[ug]id functions and setgroups Samba uses. */
  84 int samba_setresuid(uid_t ruid, uid_t euid, uid_t suid)
  85 {
  86 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
  87 #if defined(USE_LINUX_32BIT_SYSCALLS)
  88         return syscall(SYS_setresuid32, ruid, euid, suid);
  89 #else
  90         return syscall(SYS_setresuid, ruid, euid, suid);
  91 #endif
  92 #elif defined(HAVE_SETRESUID)
  93         return setresuid(ruid, euid, suid);
  94 #else
  95         errno = ENOSYS;
  96         return -1;
  97 #endif
  98 }
  99
 100 int samba_setresgid(gid_t rgid, gid_t egid, gid_t sgid)
 101 {
 102 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 103 #if defined(USE_LINUX_32BIT_SYSCALLS)
 104         return syscall(SYS_setresgid32, rgid, egid, sgid);
 105 #else
 106         return syscall(SYS_setresgid, rgid, egid, sgid);
 107 #endif
 108 #elif defined(HAVE_SETRESGID)
 109         return setresgid(rgid, egid, sgid);
 110 #else
 111         errno = ENOSYS;
 112         return -1;
 113 #endif
 114 }
 115
 116 int samba_setreuid(uid_t ruid, uid_t euid)
 117 {
 118 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 119 #if defined(USE_LINUX_32BIT_SYSCALLS)
 120         return syscall(SYS_setreuid32, ruid, euid);
 121 #else
 122         return syscall(SYS_setreuid, ruid, euid);
 123 #endif
 124 #elif defined(HAVE_SETREUID)
 125         return setreuid(ruid, euid);
 126 #else
 127         errno = ENOSYS;
 128         return -1;
 129 #endif
 130 }
 131
 132 int samba_setregid(gid_t rgid, gid_t egid)
 133 {
 134 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 135 #if defined(USE_LINUX_32BIT_SYSCALLS)
 136         return syscall(SYS_setregid32, rgid, egid);
 137 #else
 138         return syscall(SYS_setregid, rgid, egid);
 139 #endif
 140 #elif defined(HAVE_SETREGID)
 141         return setregid(rgid, egid);
 142 #else
 143         errno = ENOSYS;
 144         return -1;
 145 #endif
 146 }
 147
 148 int samba_seteuid(uid_t euid)
 149 {
 150 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 151 #if defined(USE_LINUX_32BIT_SYSCALLS)
 152         /* seteuid is not a separate system call. */
 153         return syscall(SYS_setresuid32, -1, euid, -1);
 154 #else
 155         /* seteuid is not a separate system call. */
 156         return syscall(SYS_setresuid, -1, euid, -1);
 157 #endif
 158 #elif defined(HAVE_SETEUID)
 159         return seteuid(euid);
 160 #else
 161         errno = ENOSYS;
 162         return -1;
 163 #endif
 164 }
 165
 166 int samba_setegid(gid_t egid)
 167 {
 168 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 169 #if defined(USE_LINUX_32BIT_SYSCALLS)
 170         /* setegid is not a separate system call. */
 171         return syscall(SYS_setresgid32, -1, egid, -1);
 172 #else
 173         /* setegid is not a separate system call. */
 174         return syscall(SYS_setresgid, -1, egid, -1);
 175 #endif
 176 #elif defined(HAVE_SETEGID)
 177         return setegid(egid);
 178 #else
 179         errno = ENOSYS;
 180         return -1;
 181 #endif
 182 }
 183
 184 int samba_setuid(uid_t uid)
 185 {
 186 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 187 #if defined(USE_LINUX_32BIT_SYSCALLS)
 188         return syscall(SYS_setuid32, uid);
 189 #else
 190         return syscall(SYS_setuid, uid);
 191 #endif
 192 #elif defined(HAVE_SETUID)
 193         return setuid(uid);
 194 #else
 195         errno = ENOSYS;
 196         return -1;
 197 #endif
 198 }
 199
 200 int samba_setgid(gid_t gid)
 201 {
 202 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 203 #if defined(USE_LINUX_32BIT_SYSCALLS)
 204         return syscall(SYS_setgid32, gid);
 205 #else
 206         return syscall(SYS_setgid, gid);
 207 #endif
 208 #elif defined(HAVE_SETGID)
 209         return setgid(gid);
 210 #else
 211         errno = ENOSYS;
 212         return -1;
 213 #endif
 214 }
 215
 216 int samba_setuidx(int flags, uid_t uid)
 217 {
 218 #if defined(HAVE_SETUIDX)
 219         return setuidx(flags, uid);
 220 #else
 221         /* HAVE_LINUX_THREAD_CREDENTIALS doesn't have this. */
 222         errno = ENOSYS;
 223         return -1;
 224 #endif
 225 }
 226
 227 int samba_setgidx(int flags, gid_t gid)
 228 {
 229 #if defined(HAVE_SETGIDX)
 230         return setgidx(flags, gid);
 231 #else
 232         /* HAVE_LINUX_THREAD_CREDENTIALS doesn't have this. */
 233         errno = ENOSYS;
 234         return -1;
 235 #endif
 236 }
 237
 238 int samba_setgroups(size_t setlen, const gid_t *gidset)
 239 {
 240 #if defined(HAVE_LINUX_THREAD_CREDENTIALS)
 241 #if defined(USE_LINUX_32BIT_SYSCALLS)
 242         return syscall(SYS_setgroups32, setlen, gidset);
 243 #else
 244         return syscall(SYS_setgroups, setlen, gidset);
 245 #endif
 246 #elif defined(HAVE_SETGROUPS)
 247         return setgroups(setlen, gidset);
 248 #else
 249         errno = ENOSYS;
 250         return -1;
 251 #endif
 252 }