hal/hald/linux2/probing shared.h,1.3,1.4
David Zeuthen
david at kemper.freedesktop.org
Wed Feb 22 13:10:08 PST 2006
- Previous message: hal/hald/linux2/addons addon-acpi.c, 1.15, 1.16 addon-keyboard.c,
1.3, 1.4 addon-pmu.c, 1.5, 1.6 addon-storage.c, 1.17, 1.18
- Next message: hal ChangeLog,1.820,1.821
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvs/hal/hal/hald/linux2/probing
In directory kemper:/tmp/cvs-serv5468/hald/linux2/probing
Modified Files:
shared.h
Log Message:
2006-02-22 David Zeuthen <davidz at redhat.com>
Patch from Martin Pitt <martin at piware.de>.
* hald/linux2/probing/shared.h (drop_privileges): Take an
additional parameter "keep_auxgroups"
* hald/linux2/addons/addon-storage.c (main): Add some comment that
we *could* drop privileges provided we were in the right group
* hald/linux2/addons/addon-pmu.c (main): Drop privileges
* hald/linux2/addons/addon-keyboard.c (main): Pass right parameter
to drop_privileges
* hald/linux2/addons/addon-acpi.c (main): Drop privileges
Index: shared.h
===================================================================
RCS file: /cvs/hal/hal/hald/linux2/probing/shared.h,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- shared.h 8 Feb 2006 13:54:44 -0000 1.3
+++ shared.h 22 Feb 2006 21:10:06 -0000 1.4
@@ -4,6 +4,8 @@
#include <time.h>
#include <sys/time.h>
+#include <pwd.h>
+#include <grp.h>
#include <sys/types.h>
#include <unistd.h>
@@ -52,37 +54,45 @@
_dbg ("%s:%d: " format "\n", __FILE__, __LINE__, ## arg); \
} while (0)
-/** Drop all but necessary privileges. Set the running user id to HAL_USER and
- * group to HAL_GROUP
+/** Drop root privileges: Set the running user id to HAL_USER and
+ * group to HAL_GROUP, and optionally retain auxiliary groups of HAL_USER.
*/
-static
-void drop_privileges () {
- struct passwd *pw = NULL;
- struct group *gr = NULL;
+static void
+drop_privileges (int keep_auxgroups)
+{
+ struct passwd *pw = NULL;
+ struct group *gr = NULL;
- /* determine user id */
- pw = getpwnam (HAL_USER);
- if (!pw) {
- printf ("drop_privileges: user " HAL_USER " does not exist");
- exit (-1);
- }
+ /* determine user id */
+ pw = getpwnam (HAL_USER);
+ if (!pw) {
+ dbg ("drop_privileges: user " HAL_USER " does not exist");
+ exit (-1);
+ }
- /* determine primary group id */
- gr = getgrnam (HAL_GROUP);
- if(!gr) {
- printf("drop_privileges: group " HAL_GROUP " does not exist");
- exit (-1);
- }
+ /* determine primary group id */
+ gr = getgrnam (HAL_GROUP);
+ if (!gr) {
+ dbg ("drop_privileges: group " HAL_GROUP " does not exist");
+ exit (-1);
+ }
- if( setgid (gr->gr_gid) ) {
- printf ("drop_privileges: could not set group id");
- exit (-1);
- }
+ if (keep_auxgroups) {
+ if (initgroups (HAL_USER, gr->gr_gid)) {
+ dbg ("drop_privileges: could not initialize groups");
+ exit (-1);
+ }
+ }
- if( setuid (pw->pw_uid)) {
- printf ("drop_privileges: could not set user id");
- exit (-1);
- }
+ if (setgid (gr->gr_gid)) {
+ dbg ("drop_privileges: could not set group id");
+ exit (-1);
+ }
+
+ if (setuid (pw->pw_uid)) {
+ dbg ("drop_privileges: could not set user id");
+ exit (-1);
+ }
}
-#endif
+#endif /* SHARED_H */
- Previous message: hal/hald/linux2/addons addon-acpi.c, 1.15, 1.16 addon-keyboard.c,
1.3, 1.4 addon-pmu.c, 1.5, 1.6 addon-storage.c, 1.17, 1.18
- Next message: hal ChangeLog,1.820,1.821
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the hal-commit
mailing list