Annotation of embedaddon/sudo/plugins/sample_group/sample_group.c, revision 1.1.1.1
1.1 misho 1: /*
2: * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
3: *
4: * Permission to use, copy, modify, and distribute this software for any
5: * purpose with or without fee is hereby granted, provided that the above
6: * copyright notice and this permission notice appear in all copies.
7: *
8: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15: */
16:
17: #include <config.h>
18:
19: #include <sys/types.h>
20: #include <sys/param.h>
21: #include <sys/stat.h>
22:
23: #include <stdio.h>
24: #ifdef STDC_HEADERS
25: # include <stdlib.h>
26: # include <stddef.h>
27: #else
28: # ifdef HAVE_STDLIB_H
29: # include <stdlib.h>
30: # endif
31: #endif /* STDC_HEADERS */
32: #ifdef HAVE_STRING_H
33: # if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
34: # include <memory.h>
35: # endif
36: # include <string.h>
37: #endif /* HAVE_STRING_H */
38: #ifdef HAVE_STRINGS_H
39: # include <strings.h>
40: #endif /* HAVE_STRINGS_H */
41: #ifdef HAVE_UNISTD_H
42: # include <unistd.h>
43: #endif /* HAVE_UNISTD_H */
44: #include <ctype.h>
45: #include <errno.h>
46: #include <fcntl.h>
47: #include <limits.h>
48: #include <grp.h>
49: #include <pwd.h>
50:
51: #include "sudo_plugin.h"
52: #include "missing.h"
53:
54: /*
55: * Sample sudoers group plugin that uses an extra group file with the
56: * same format as /etc/group.
57: */
58:
59: #undef TRUE
60: #define TRUE 1
61: #undef FALSE
62: #define FALSE 0
63: #undef ERROR
64: #define ERROR -1
65:
66: static sudo_printf_t sudo_log;
67:
68: extern void mysetgrfile(const char *);
69: extern void mysetgrent(void);
70: extern void myendgrent(void);
71: extern struct group *mygetgrnam(const char *);
72:
73: static int
74: sample_init(int version, sudo_printf_t sudo_printf, char *const argv[])
75: {
76: struct stat sb;
77:
78: sudo_log = sudo_printf;
79:
80: if (GROUP_API_VERSION_GET_MAJOR(version) != GROUP_API_VERSION_MAJOR) {
81: sudo_log(SUDO_CONV_ERROR_MSG,
82: "sample_group: incompatible major version %d, expected %d\n",
83: GROUP_API_VERSION_GET_MAJOR(version),
84: GROUP_API_VERSION_MAJOR);
85: return ERROR;
86: }
87:
88: /* Sanity check the specified group file. */
89: if (argv == NULL || argv[0] == NULL) {
90: sudo_log(SUDO_CONV_ERROR_MSG,
91: "sample_group: path to group file not specified\n");
92: return ERROR;
93: }
94: if (stat(argv[0], &sb) != 0) {
95: sudo_log(SUDO_CONV_ERROR_MSG,
96: "sample_group: %s: %s\n", argv[0], strerror(errno));
97: return ERROR;
98: }
99: if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
100: sudo_log(SUDO_CONV_ERROR_MSG,
101: "%s must be only be writable by owner\n", argv[0]);
102: return ERROR;
103: }
104:
105: mysetgrfile(argv[0]);
106: mysetgrent();
107:
108: return TRUE;
109: }
110:
111: static void
112: sample_cleanup(void)
113: {
114: myendgrent();
115: }
116:
117: /*
118: * Returns TRUE if "user" is a member of "group", else FALSE.
119: */
120: static int
121: sample_query(const char *user, const char *group, const struct passwd *pwd)
122: {
123: struct group *grp;
124: char **member;
125:
126: grp = mygetgrnam(group);
127: if (grp != NULL) {
128: for (member = grp->gr_mem; *member != NULL; member++) {
129: if (strcasecmp(user, *member) == 0)
130: return TRUE;
131: }
132: }
133:
134: return FALSE;
135: }
136:
137: struct sudoers_group_plugin group_plugin = {
138: GROUP_API_VERSION,
139: sample_init,
140: sample_cleanup,
141: sample_query
142: };
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>