add uid/gid switching
git-svn-id: file:///raid/svn-personal/mokou/trunk@13 35d6bad2-6c5c-c749-ada2-a2c82cb3bd79
This commit is contained in:
parent
fadd30a380
commit
a4f1638405
|
@ -4,6 +4,7 @@
|
||||||
#define __MK_SERVICE_H__
|
#define __MK_SERVICE_H__
|
||||||
|
|
||||||
#include <stdbool.h>
|
#include <stdbool.h>
|
||||||
|
#include <pwd.h>
|
||||||
|
|
||||||
struct mk_service {
|
struct mk_service {
|
||||||
char* name;
|
char* name;
|
||||||
|
@ -12,6 +13,8 @@ struct mk_service {
|
||||||
char* pidfile;
|
char* pidfile;
|
||||||
char* stop;
|
char* stop;
|
||||||
bool stopped;
|
bool stopped;
|
||||||
|
uid_t uid;
|
||||||
|
gid_t gid;
|
||||||
};
|
};
|
||||||
|
|
||||||
void mk_service_scan(void);
|
void mk_service_scan(void);
|
||||||
|
|
|
@ -98,6 +98,9 @@ void mk_service_scan(void){
|
||||||
char* exec = NULL;
|
char* exec = NULL;
|
||||||
char* stop = NULL;
|
char* stop = NULL;
|
||||||
char* pidfile = NULL;
|
char* pidfile = NULL;
|
||||||
|
uid_t uid = 0;
|
||||||
|
gid_t gid = 0;
|
||||||
|
bool bad = false;
|
||||||
|
|
||||||
for(i = 0;; i++){
|
for(i = 0;; i++){
|
||||||
if(buffer[i] == '\n' || buffer[i] == 0){
|
if(buffer[i] == '\n' || buffer[i] == 0){
|
||||||
|
@ -127,6 +130,15 @@ void mk_service_scan(void){
|
||||||
}else if(strcmp(key, "stop") == 0){
|
}else if(strcmp(key, "stop") == 0){
|
||||||
if(stop != NULL) free(stop);
|
if(stop != NULL) free(stop);
|
||||||
stop = mk_strdup(value);
|
stop = mk_strdup(value);
|
||||||
|
}else if(strcmp(key, "user") == 0){
|
||||||
|
struct passwd* p = getpwnam(value);
|
||||||
|
if(p != NULL){
|
||||||
|
uid = p->pw_uid;
|
||||||
|
gid = p->pw_gid;
|
||||||
|
}else{
|
||||||
|
mk_log("Could not find the specified user");
|
||||||
|
bad = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
break;
|
break;
|
||||||
|
@ -140,7 +152,6 @@ void mk_service_scan(void){
|
||||||
}
|
}
|
||||||
fclose(f);
|
fclose(f);
|
||||||
|
|
||||||
bool bad = false;
|
|
||||||
if(exec == NULL){
|
if(exec == NULL){
|
||||||
char* log = mk_strcat(desc == NULL ? path : desc, ": Missing exec");
|
char* log = mk_strcat(desc == NULL ? path : desc, ": Missing exec");
|
||||||
mk_log(log);
|
mk_log(log);
|
||||||
|
@ -174,6 +185,8 @@ void mk_service_scan(void){
|
||||||
serv->stop = stop != NULL ? mk_strdup(stop) : NULL;
|
serv->stop = stop != NULL ? mk_strdup(stop) : NULL;
|
||||||
serv->exec = mk_strdup(exec);
|
serv->exec = mk_strdup(exec);
|
||||||
serv->pidfile = mk_strdup(pidfile);
|
serv->pidfile = mk_strdup(pidfile);
|
||||||
|
serv->uid = uid;
|
||||||
|
serv->gid = gid;
|
||||||
serv->stopped = false;
|
serv->stopped = false;
|
||||||
|
|
||||||
struct mk_service** oldsrvs = services;
|
struct mk_service** oldsrvs = services;
|
||||||
|
@ -291,6 +304,10 @@ int mk_stop_service(const char* name){
|
||||||
int n = open("/dev/null", O_RDWR);
|
int n = open("/dev/null", O_RDWR);
|
||||||
dup2(n, 1);
|
dup2(n, 1);
|
||||||
dup2(n, 2);
|
dup2(n, 2);
|
||||||
|
setgid(srv->gid);
|
||||||
|
setegid(srv->gid);
|
||||||
|
setuid(srv->uid);
|
||||||
|
seteuid(srv->uid);
|
||||||
execvp(pargv[0], pargv);
|
execvp(pargv[0], pargv);
|
||||||
_exit(-1);
|
_exit(-1);
|
||||||
}else{
|
}else{
|
||||||
|
@ -388,6 +405,10 @@ int mk_start_service(const char* name){
|
||||||
int n = open("/dev/null", O_RDWR);
|
int n = open("/dev/null", O_RDWR);
|
||||||
dup2(n, 1);
|
dup2(n, 1);
|
||||||
dup2(n, 2);
|
dup2(n, 2);
|
||||||
|
setgid(srv->gid);
|
||||||
|
setegid(srv->gid);
|
||||||
|
setuid(srv->uid);
|
||||||
|
seteuid(srv->uid);
|
||||||
execvp(pargv[0], pargv);
|
execvp(pargv[0], pargv);
|
||||||
_exit(-1);
|
_exit(-1);
|
||||||
}else{
|
}else{
|
||||||
|
|
Loading…
Reference in New Issue
Block a user