Lines 1-11
Link Here
|
1 |
--- ./switchuser.cpp.orig 2012-12-31 07:03:42.000000000 -0600 |
1 |
--- switchuser.cpp.orig 2013-10-01 18:38:05.000000000 -0400 |
2 |
+++ ./switchuser.cpp 2013-03-23 14:10:35.000000000 -0500 |
2 |
+++ switchuser.cpp 2014-12-15 22:14:16.000000000 -0500 |
3 |
@@ -36,6 +36,8 @@ |
3 |
@@ -9,6 +9,9 @@ |
|
|
4 |
(at your option) any later version. |
5 |
*/ |
6 |
|
7 |
+#include <sys/types.h> |
8 |
+#include <login_cap.h> |
9 |
+ |
10 |
#include <cstdio> |
11 |
#include "switchuser.h" |
12 |
#include "util.h" |
13 |
@@ -35,13 +38,27 @@ |
14 |
} |
4 |
|
15 |
|
5 |
void SwitchUser::SetUserId() { |
16 |
void SwitchUser::SetUserId() { |
6 |
if( (Pw == 0) || |
17 |
- if( (Pw == 0) || |
7 |
+ (setsid() == -1) || |
18 |
- (initgroups(Pw->pw_name, Pw->pw_gid) != 0) || |
8 |
+ (setlogin(Pw->pw_name) != 0) || |
19 |
- (setgid(Pw->pw_gid) != 0) || |
9 |
(initgroups(Pw->pw_name, Pw->pw_gid) != 0) || |
20 |
- (setuid(Pw->pw_uid) != 0) ) { |
10 |
(setgid(Pw->pw_gid) != 0) || |
21 |
- logStream << APPNAME << ": could not switch user id" << endl; |
11 |
(setuid(Pw->pw_uid) != 0) ) { |
22 |
- exit(ERR_EXIT); |
|
|
23 |
+ if ((Pw != 0) && (setsid() != -1)) { |
24 |
+ // TODO: allow users to override settings with .login.conf |
25 |
+ login_cap_t *lc = login_getpwclass(Pw); |
26 |
+ if ((lc != NULL) && |
27 |
+ (setusercontext(lc, Pw, Pw->pw_uid, LOGIN_SETALL) == 0)) { |
28 |
+ login_close(lc); |
29 |
+ return; |
30 |
+ } |
31 |
+ login_close(lc); |
32 |
+ logStream << APPNAME << ": fail to set user context" << endl; |
33 |
+ // fallback to old method |
34 |
+ if ((setlogin(Pw->pw_name) == 0) && |
35 |
+ (initgroups(Pw->pw_name, Pw->pw_gid) == 0) && |
36 |
+ (setgid(Pw->pw_gid) == 0) && |
37 |
+ (setuid(Pw->pw_uid) == 0) ) { |
38 |
+ return; |
39 |
+ } |
40 |
} |
41 |
+ |
42 |
+ logStream << APPNAME << ": could not switch user id" << endl; |
43 |
+ exit(ERR_EXIT); |
44 |
} |
45 |
|
46 |
void SwitchUser::Execute(const char* cmd) { |