2a628ae13f
PR: 195759 Requested by: Jonathan Chen <jonc@chen.org.nz> Approved by: Henry Hu <henry.hu.sh@gmail.com> (maintainer)
46 lines
1.2 KiB
C++
46 lines
1.2 KiB
C++
--- switchuser.cpp.orig 2013-10-01 18:38:05.000000000 -0400
|
|
+++ switchuser.cpp 2014-12-15 22:14:16.000000000 -0500
|
|
@@ -9,6 +9,9 @@
|
|
(at your option) any later version.
|
|
*/
|
|
|
|
+#include <sys/types.h>
|
|
+#include <login_cap.h>
|
|
+
|
|
#include <cstdio>
|
|
#include "switchuser.h"
|
|
#include "util.h"
|
|
@@ -35,13 +38,27 @@
|
|
}
|
|
|
|
void SwitchUser::SetUserId() {
|
|
- if( (Pw == 0) ||
|
|
- (initgroups(Pw->pw_name, Pw->pw_gid) != 0) ||
|
|
- (setgid(Pw->pw_gid) != 0) ||
|
|
- (setuid(Pw->pw_uid) != 0) ) {
|
|
- logStream << APPNAME << ": could not switch user id" << endl;
|
|
- exit(ERR_EXIT);
|
|
+ if ((Pw != 0) && (setsid() != -1)) {
|
|
+ // TODO: allow users to override settings with .login.conf
|
|
+ login_cap_t *lc = login_getpwclass(Pw);
|
|
+ if ((lc != NULL) &&
|
|
+ (setusercontext(lc, Pw, Pw->pw_uid, LOGIN_SETALL) == 0)) {
|
|
+ login_close(lc);
|
|
+ return;
|
|
+ }
|
|
+ login_close(lc);
|
|
+ logStream << APPNAME << ": fail to set user context" << endl;
|
|
+ // fallback to old method
|
|
+ if ((setlogin(Pw->pw_name) == 0) &&
|
|
+ (initgroups(Pw->pw_name, Pw->pw_gid) == 0) &&
|
|
+ (setgid(Pw->pw_gid) == 0) &&
|
|
+ (setuid(Pw->pw_uid) == 0) ) {
|
|
+ return;
|
|
+ }
|
|
}
|
|
+
|
|
+ logStream << APPNAME << ": could not switch user id" << endl;
|
|
+ exit(ERR_EXIT);
|
|
}
|
|
|
|
void SwitchUser::Execute(const char* cmd) {
|