[BACK]Return to sample_group.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sample_group
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sample_group / sample_group.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 16:23:02 2012 UTC (12 years, 4 months ago) by misho
Branches: sudo, MAIN
CVS tags: v1_8_3p2, HEAD
sudo

    1: /*
    2:  * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
    3:  *
    4:  * Permission to use, copy, modify, and distribute this software for any
    5:  * purpose with or without fee is hereby granted, provided that the above
    6:  * copyright notice and this permission notice appear in all copies.
    7:  *
    8:  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
    9:  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
   10:  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
   11:  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
   12:  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   13:  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   14:  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   15:  */
   16: 
   17: #include <config.h>
   18: 
   19: #include <sys/types.h>
   20: #include <sys/param.h>
   21: #include <sys/stat.h>
   22: 
   23: #include <stdio.h>
   24: #ifdef STDC_HEADERS
   25: # include <stdlib.h>
   26: # include <stddef.h>
   27: #else
   28: # ifdef HAVE_STDLIB_H
   29: #  include <stdlib.h>
   30: # endif
   31: #endif /* STDC_HEADERS */
   32: #ifdef HAVE_STRING_H
   33: # if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
   34: #  include <memory.h>
   35: # endif
   36: # include <string.h>
   37: #endif /* HAVE_STRING_H */
   38: #ifdef HAVE_STRINGS_H
   39: # include <strings.h>
   40: #endif /* HAVE_STRINGS_H */
   41: #ifdef HAVE_UNISTD_H
   42: # include <unistd.h>
   43: #endif /* HAVE_UNISTD_H */
   44: #include <ctype.h>
   45: #include <errno.h>
   46: #include <fcntl.h>
   47: #include <limits.h>
   48: #include <grp.h>
   49: #include <pwd.h>
   50: 
   51: #include "sudo_plugin.h"
   52: #include "missing.h"
   53: 
   54: /*
   55:  * Sample sudoers group plugin that uses an extra group file with the
   56:  * same format as /etc/group.
   57:  */
   58: 
   59: #undef TRUE
   60: #define TRUE 1
   61: #undef FALSE
   62: #define FALSE 0
   63: #undef ERROR
   64: #define ERROR -1
   65: 
   66: static sudo_printf_t sudo_log;
   67: 
   68: extern void mysetgrfile(const char *);
   69: extern void mysetgrent(void);
   70: extern void myendgrent(void);
   71: extern struct group *mygetgrnam(const char *);
   72: 
   73: static int
   74: sample_init(int version, sudo_printf_t sudo_printf, char *const argv[])
   75: {
   76:     struct stat sb;
   77: 
   78:     sudo_log = sudo_printf;
   79: 
   80:     if (GROUP_API_VERSION_GET_MAJOR(version) != GROUP_API_VERSION_MAJOR) {
   81: 	sudo_log(SUDO_CONV_ERROR_MSG,
   82: 	    "sample_group: incompatible major version %d, expected %d\n",
   83: 	    GROUP_API_VERSION_GET_MAJOR(version),
   84: 	    GROUP_API_VERSION_MAJOR);
   85: 	return ERROR;
   86:     }
   87: 
   88:     /* Sanity check the specified group file. */
   89:     if (argv == NULL || argv[0] == NULL) {
   90: 	sudo_log(SUDO_CONV_ERROR_MSG,
   91: 	    "sample_group: path to group file not specified\n");
   92: 	return ERROR;
   93:     }
   94:     if (stat(argv[0], &sb) != 0) {
   95: 	sudo_log(SUDO_CONV_ERROR_MSG,
   96: 	    "sample_group: %s: %s\n", argv[0], strerror(errno));
   97: 	return ERROR;
   98:     }
   99:     if ((sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
  100: 	sudo_log(SUDO_CONV_ERROR_MSG,
  101: 	    "%s must be only be writable by owner\n", argv[0]);
  102: 	return ERROR;
  103:     }
  104: 
  105:     mysetgrfile(argv[0]);
  106:     mysetgrent();
  107: 
  108:     return TRUE;
  109: }
  110: 
  111: static void
  112: sample_cleanup(void)
  113: {
  114:     myendgrent();
  115: }
  116: 
  117: /*
  118:  * Returns TRUE if "user" is a member of "group", else FALSE.
  119:  */
  120: static int
  121: sample_query(const char *user, const char *group, const struct passwd *pwd)
  122: {
  123:     struct group *grp;
  124:     char **member;
  125: 
  126:     grp = mygetgrnam(group);
  127:     if (grp != NULL) {
  128: 	for (member = grp->gr_mem; *member != NULL; member++) {
  129: 	    if (strcasecmp(user, *member) == 0)
  130: 		return TRUE;
  131: 	}
  132:     }
  133: 
  134:     return FALSE;
  135: }
  136: 
  137: struct sudoers_group_plugin group_plugin = {
  138:     GROUP_API_VERSION,
  139:     sample_init,
  140:     sample_cleanup,
  141:     sample_query
  142: };
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>