Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/usr.sbin/rwhod Add -u option: rwhod will drop privledges and...
details: https://anonhg.NetBSD.org/src/rev/a41f2816e660
branches: trunk
changeset: 584284:a41f2816e660
user: tsarna <tsarna%NetBSD.org@localhost>
date: Mon Sep 12 16:13:13 2005 +0000
description:
Add -u option: rwhod will drop privledges and become the given user.
reviewed by jwise
diffstat:
usr.sbin/rwhod/rwhod.8 | 6 ++++--
usr.sbin/rwhod/rwhod.c | 50 +++++++++++++++++++++++++++++++++++++++++++++++---
2 files changed, 51 insertions(+), 5 deletions(-)
diffs (135 lines):
diff -r 179cb4035e90 -r a41f2816e660 usr.sbin/rwhod/rwhod.8
--- a/usr.sbin/rwhod/rwhod.8 Mon Sep 12 16:10:11 2005 +0000
+++ b/usr.sbin/rwhod/rwhod.8 Mon Sep 12 16:13:13 2005 +0000
@@ -26,7 +26,7 @@
.\" SUCH DAMAGE.
.\"
.\" from: @(#)rwhod.8 8.2 (Berkeley) 12/11/93
-.\" $NetBSD: rwhod.8,v 1.18 2005/09/11 23:45:04 wiz Exp $
+.\" $NetBSD: rwhod.8,v 1.19 2005/09/12 16:13:13 tsarna Exp $
.\"
.Dd August 9, 2005
.Dt RWHOD 8
@@ -47,7 +47,7 @@
.Em broadcast
messages on a network.
.Pp
-The following option is available:
+The following options are available:
.Bl -tag -width XXXXXXXXXXX
.It Fl i Ar interval
Allows for the broadcast interval to be changed from the default 3 minutes.
@@ -61,6 +61,8 @@
because higher values will cause
.Xr ruptime 1
to mark the host as being down.
+.It Fl u Ar user
+drop privledges and become the named user.
.El
.Pp
.Nm
diff -r 179cb4035e90 -r a41f2816e660 usr.sbin/rwhod/rwhod.c
--- a/usr.sbin/rwhod/rwhod.c Mon Sep 12 16:10:11 2005 +0000
+++ b/usr.sbin/rwhod/rwhod.c Mon Sep 12 16:13:13 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: rwhod.c,v 1.30 2005/07/05 02:46:36 christos Exp $ */
+/* $NetBSD: rwhod.c,v 1.31 2005/09/12 16:13:13 tsarna Exp $ */
/*
* Copyright (c) 1983, 1993
@@ -39,7 +39,7 @@
#if 0
static char sccsid[] = "@(#)rwhod.c 8.1 (Berkeley) 6/6/93";
#else
-__RCSID("$NetBSD: rwhod.c,v 1.30 2005/07/05 02:46:36 christos Exp $");
+__RCSID("$NetBSD: rwhod.c,v 1.31 2005/09/12 16:13:13 tsarna Exp $");
#endif
#endif /* not lint */
@@ -108,6 +108,7 @@
static void handleread(int);
static void quit(const char *);
static void rt_xaddrs(void *, void *, struct rt_addrinfo *);
+static int drop_privs(char *);
static void usage(void) __attribute__((__noreturn__));
static int verify(const char *);
#ifdef DEBUG
@@ -128,13 +129,14 @@
struct sockaddr_in sasin;
struct pollfd pfd[1];
struct timeval delta, next, now;
+ char *newuser = NULL;
setprogname(argv[0]);
if (getuid())
errx(EXIT_FAILURE, "not super user");
- while ((ch = getopt(argc, argv, "i:")) != -1) {
+ while ((ch = getopt(argc, argv, "i:u:")) != -1) {
switch (ch) {
case 'i':
time_interval = (int)strtol(optarg, &ep, 10);
@@ -160,6 +162,11 @@
errx(1, "Interval cannot be greater than"
" %d minutes", MAX_INTERVAL / 60);
break;
+
+ case 'u':
+ newuser = optarg;
+ break;
+
default:
usage();
}
@@ -206,6 +213,10 @@
if (!configure(s))
exit(EXIT_FAILURE);
+ if (newuser)
+ if (!drop_privs(newuser))
+ exit(EXIT_FAILURE);
+
send_host_information(s);
delta.tv_sec = time_interval;
delta.tv_usec = 0;
@@ -595,6 +606,39 @@
}
#endif
+static int
+drop_privs(char *newuser)
+{
+ struct passwd *pw;
+ gid_t gidset[1];
+
+ pw = getpwnam(newuser);
+ if (pw == NULL) {
+ syslog(LOG_ERR, "no user %.100s", newuser);
+ return 0;
+ }
+
+ endpwent();
+
+ gidset[0] = pw->pw_gid;
+ if (setgroups(1, gidset) == -1) {
+ syslog(LOG_ERR, "setgroups: %m");
+ return 0;
+ }
+
+ if (setgid(pw->pw_gid) == -1) {
+ syslog(LOG_ERR, "setgid: %m");
+ return 0;
+ }
+
+ if (setuid(pw->pw_uid) == -1) {
+ syslog(LOG_ERR, "setuid: %m");
+ return 0;
+ }
+
+ return 1;
+}
+
static void
usage(void)
{
Home |
Main Index |
Thread Index |
Old Index