summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJim Meyering <jim@meyering.net>2003-07-10 14:37:04 +0000
committerJim Meyering <jim@meyering.net>2003-07-10 14:37:04 +0000
commitd743e47970f0db620d023be56d2461fbb55194cc (patch)
treeadcb10804097e8eb8e989992505b4876d4dd25d7
parent477fd9c12ed89ac43df10525944c94de2fdfa20c (diff)
downloadcoreutils-d743e47970f0db620d023be56d2461fbb55194cc.tar.xz
New program, solely for testing (not installed).
-rw-r--r--src/setuidgid.c136
1 files changed, 136 insertions, 0 deletions
diff --git a/src/setuidgid.c b/src/setuidgid.c
new file mode 100644
index 000000000..3e4780de9
--- /dev/null
+++ b/src/setuidgid.c
@@ -0,0 +1,136 @@
+/* setuidgid - run a command with the UID and GID of a specified user
+ Copyright (C) 2003 Free Software Foundation, Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2, or (at your option)
+ any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software Foundation,
+ Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
+
+/* Written by Jim Meyering */
+
+#include <config.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <pwd.h>
+#include <grp.h>
+
+#include "system.h"
+
+#include "closeout.h"
+#include "error.h"
+#include "long-options.h"
+#include "quote.h"
+
+#define PROGRAM_NAME "setuidgid"
+
+/* I wrote this program from scratch, based on the description of
+ D.J. Bernstein's program: http://cr.yp.to/daemontools/setuidgid.html. */
+#define AUTHORS "Jim Meyering"
+
+#define FAIL_STATUS 111
+
+char *program_name;
+
+void
+usage (int status)
+{
+ if (status != 0)
+ fprintf (stderr, _("Try `%s --help' for more information.\n"),
+ program_name);
+ else
+ {
+ printf (_("\
+Usage: %s USERNAME COMMAND [ARGUMENT]...\n\
+ or: %s OPTION\n\
+"),
+ program_name, program_name);
+
+ fputs (_("\
+Drop any supplemental groups, assume the user-ID and group-ID of\n\
+the specified USERNAME, and run COMMAND with any specified ARGUMENTs.\n\
+Exit with status 111 if unable to assume the required UID and GID.\n\
+Otherwise, exit with the exit status of COMMAND.\n\
+This program is useful only when run by root (UID=0).\n\
+\n\
+"), stdout);
+ fputs (HELP_OPTION_DESCRIPTION, stdout);
+ fputs (VERSION_OPTION_DESCRIPTION, stdout);
+ printf (_("\nReport bugs to <%s>.\n"), PACKAGE_BUGREPORT);
+ }
+ exit (status);
+}
+
+int
+main (int argc, char **argv)
+{
+ char const *user_id;
+ struct passwd *pwd;
+
+ initialize_main (&argc, &argv);
+ program_name = argv[0];
+ setlocale (LC_ALL, "");
+ bindtextdomain (PACKAGE, LOCALEDIR);
+ textdomain (PACKAGE);
+
+ atexit (close_stdout);
+
+ parse_long_options (argc, argv, PROGRAM_NAME, GNU_PACKAGE, VERSION,
+ AUTHORS, usage);
+
+ /* The above handles --help and --version.
+ Since there is no other invocation of getopt, handle `--' here. */
+ if (argc > 1 && STREQ (argv[1], "--"))
+ {
+ --argc;
+ ++argv;
+ }
+
+ if (argc <= 2)
+ {
+ error (0, 0, _("too few arguments"));
+ usage (FAIL_STATUS);
+ }
+
+ user_id = argv[1];
+ pwd = getpwnam (user_id);
+ if (pwd == NULL)
+ {
+ error (0, errno, _("unknown user-ID: %s"), quote (user_id));
+ exit (FAIL_STATUS);
+ }
+
+ if (setgroups (1, &pwd->pw_gid))
+ {
+ error (0, errno, _("cannot set supplemental group"));
+ exit (FAIL_STATUS);
+ }
+
+ if (setgid (pwd->pw_gid))
+ {
+ error (0, errno, _("cannot set group-ID to %ld"), (long) pwd->pw_gid);
+ exit (FAIL_STATUS);
+ }
+
+ if (setuid (pwd->pw_uid))
+ {
+ error (0, errno, _("cannot set user-ID to %ld"), (long) pwd->pw_uid);
+ exit (FAIL_STATUS);
+ }
+
+ {
+ char **cmd = argv + 2;
+ execvp (*cmd, cmd);
+
+ error (0, errno, "could not run command %s", quote (*cmd));
+ exit (FAIL_STATUS);
+ }
+}