|
version 1.3.2.3, 2013/04/09 08:56:57
|
version 1.5.2.1, 2015/06/15 15:52:34
|
|
Line 26 Log(int lvl, const char *fmt, ...)
|
Line 26 Log(int lvl, const char *fmt, ...)
|
| vfprintf(lf, fmt, lst); |
vfprintf(lf, fmt, lst); |
| va_end(lst); |
va_end(lst); |
| fprintf(lf, "\n"); |
fprintf(lf, "\n"); |
| vsyslog(LOG_WARNING, fmt, cp); | vsyslog(LOG_INFO, fmt, cp); |
| va_end(cp); |
va_end(cp); |
| } |
} |
| } |
} |
|
Line 45 Err(const char *fmt, ...)
|
Line 45 Err(const char *fmt, ...)
|
| va_end(cp); |
va_end(cp); |
| } |
} |
| |
|
| static void | static inline void |
| initProg() | DumpProc(const char *txt) |
| { |
{ |
| char d[MAXPATHLEN]; | Log(1, "%s:: uid:gid=%d:%d UID:GID=%d:%d Prio=%d Class=%s Name=%s Dir=%s Cmd=%s " |
| | "Script=%s From=%s:%s Get=%s", txt ? txt : __func__, |
| | geteuid(), getegid(), AIT_GET_I16(&proc.proc_uid), |
| | AIT_GET_I16(&proc.proc_gid), AIT_GET_I32(&proc.proc_prio), |
| | AIT_GET_STR(&proc.proc_class), AIT_GET_STR(&proc.proc_name), |
| | AIT_GET_STR(&proc.proc_dir), AIT_GET_STR(&proc.proc_cmd), |
| | getenv("PATH_TRANSLATED"), getenv("REMOTE_ADDR"), |
| | getenv("REMOTE_PORT"), getenv("REQUEST_URI")); |
| | } |
| |
|
| |
static int |
| |
initProg() |
| |
{ |
| AIT_SET_I16(&proc.proc_uid, getuid()); |
AIT_SET_I16(&proc.proc_uid, getuid()); |
| AIT_SET_I16(&proc.proc_gid, getgid()); |
AIT_SET_I16(&proc.proc_gid, getgid()); |
| AIT_SET_I32(&proc.proc_prio, getpriority(PRIO_PROCESS, 0)); |
AIT_SET_I32(&proc.proc_prio, getpriority(PRIO_PROCESS, 0)); |
| getcwd(d, sizeof d); | AIT_INIT_VAL2(&proc.proc_class, string); |
| AIT_SET_STR(&proc.proc_dir, d); | AIT_INIT_VAL2(&proc.proc_dir, string); |
| | AIT_INIT_VAL2(&proc.proc_name, string); |
| | AIT_INIT_VAL2(&proc.proc_cmd, string); |
| |
|
| #if 0 |
#if 0 |
| lf = fopen(DEFAULT_LOG, "a"); |
lf = fopen(DEFAULT_LOG, "a"); |
|
Line 63 initProg()
|
Line 76 initProg()
|
| lf = stdout; |
lf = stdout; |
| |
|
| openlog(PACKAGE_NAME, LOG_CONS | LOG_PID | LOG_NDELAY, LOG_USER); |
openlog(PACKAGE_NAME, LOG_CONS | LOG_PID | LOG_NDELAY, LOG_USER); |
| |
return 0; |
| } |
} |
| |
|
| static void |
static void |
|
Line 99 static inline int
|
Line 113 static inline int
|
| setUIDGID(char flg, const char *name) |
setUIDGID(char flg, const char *name) |
| { |
{ |
| struct stat sb; |
struct stat sb; |
| |
struct passwd *pass; |
| |
short uid, gid; |
| |
|
| if (stat(name, &sb) == -1) { | if (name) { |
| ESYSERR(0); | if (stat(name, &sb) == -1) { |
| return -1; | ESYSERR(0); |
| | return -1; |
| | } |
| | uid = sb.st_uid; |
| | gid = sb.st_gid; |
| | } else { |
| | pass = getpwnam(getenv("SUX_USER")); |
| | if (!pass) { |
| | Err("Error:: User %s not found", getenv("SUX_USER")); |
| | endpwent(); |
| | return -1; |
| | } |
| | uid = pass->pw_uid; |
| | gid = pass->pw_gid; |
| | endpwent(); |
| } |
} |
| |
|
| if (!(flg & SUX_GET_UID)) |
if (!(flg & SUX_GET_UID)) |
| AIT_SET_I16(&proc.proc_uid, sb.st_uid); | AIT_SET_I16(&proc.proc_uid, uid); |
| if (!(flg & SUX_GET_GID)) |
if (!(flg & SUX_GET_GID)) |
| AIT_SET_I16(&proc.proc_gid, sb.st_gid); | AIT_SET_I16(&proc.proc_gid, gid); |
| |
|
| return 0; |
return 0; |
| } |
} |
| |
|
| static inline int |
static inline int |
| SetClass() | setClassDir() |
| { |
{ |
| login_cap_t *cap; |
|
| struct passwd *pass; |
struct passwd *pass; |
| |
int ret = 0; |
| |
|
| pass = getpwuid(AIT_GET_I16(&proc.proc_uid)); |
pass = getpwuid(AIT_GET_I16(&proc.proc_uid)); |
| if (!pass) { |
if (!pass) { |
| Err("Error:: User with this UID %d not found", AIT_GET_I16(&proc.proc_uid)); |
Err("Error:: User with this UID %d not found", AIT_GET_I16(&proc.proc_uid)); |
| endpwent(); | ret = -1; |
| return -1; | } else { |
| } else | |
| AIT_SET_STR(&proc.proc_class, pass->pw_class); |
AIT_SET_STR(&proc.proc_class, pass->pw_class); |
| |
AIT_SET_STR(&proc.proc_dir, pass->pw_dir); |
| |
|
| cap = login_getclass(AIT_GET_STR(&proc.proc_class)); | if (setusercontext(NULL, pass, AIT_GET_I16(&proc.proc_uid), |
| if (!cap) { | LOGIN_SETLOGIN | LOGIN_SETGROUP | LOGIN_SETUSER | |
| Err("Error:: Cant get login class %s", AIT_GET_STR(&proc.proc_class)); | LOGIN_SETPRIORITY | LOGIN_SETRESOURCES)) { |
| endpwent(); | Err("Error:: Can't set login class %s", AIT_GET_STR(&proc.proc_class)); |
| return -1; | ret = -1; |
| | } |
| } |
} |
| |
|
| if (setusercontext(cap, pass, AIT_GET_I16(&proc.proc_uid), LOGIN_SETALL)) { |
|
| Err("Error:: Cant set login class %s", AIT_GET_STR(&proc.proc_class)); |
|
| login_close(cap); |
|
| endpwent(); |
|
| return -1; |
|
| } |
|
| |
|
| login_close(cap); |
|
| endpwent(); |
endpwent(); |
| return 0; | return ret; |
| } |
} |
| |
|
| static int |
static int |
|
Line 159 LoadCfgData(char flg)
|
Line 182 LoadCfgData(char flg)
|
| } |
} |
| if (!strcasecmp(str, "SCRIPT")) { |
if (!strcasecmp(str, "SCRIPT")) { |
| mode = 1; |
mode = 1; |
| if (setUIDGID(flg, AIT_GET_STR(&proc.proc_name)) == -1) | if (setUIDGID(flg, (getenv("SUX_USER") ? NULL : getenv("PATH_TRANSLATED"))) == -1) |
| return -1; |
return -1; |
| } else if (!strcasecmp(str, "FILE")) { |
} else if (!strcasecmp(str, "FILE")) { |
| mode = 2; |
mode = 2; |
| if (setUIDGID(flg, AIT_GET_STR(&proc.proc_name)) == -1) |
if (setUIDGID(flg, AIT_GET_STR(&proc.proc_name)) == -1) |
| return -1; |
return -1; |
| } else if (!strcasecmp(str, "DIR") && | } else if (!strcasecmp(str, "DIR")) { |
| (str = cfg_getAttribute(&cfg, "global", "directory"))) { | |
| mode = 3; |
mode = 3; |
| if (!(flg & SUX_GET_DIR)) | str = AIT_GET_STR(&proc.proc_dir) ? AIT_GET_STR(&proc.proc_dir) : "."; |
| AIT_SET_STR(&proc.proc_dir, str); | if (setUIDGID(flg, str) == -1) |
| |
| if (setUIDGID(flg, AIT_GET_STR(&proc.proc_dir)) == -1) | |
| return -1; |
return -1; |
| } else { |
} else { |
| Err("Error:: Unknown mode %s", str); |
Err("Error:: Unknown mode %s", str); |
|
Line 193 LoadCfgData(char flg)
|
Line 213 LoadCfgData(char flg)
|
| ELIBERR(cfg); |
ELIBERR(cfg); |
| return -1; |
return -1; |
| case 0: |
case 0: |
| cfg_loadAttribute(&cfg, "associate", "default", &proc.proc_cmd, DEFAULT_CMD); | cfg_loadAttribute(&cfg, "associate", "default", |
| | &proc.proc_cmd, DEFAULT_CMD); |
| } |
} |
| } else |
} else |
| AIT_SET_STR(&proc.proc_cmd, DEFAULT_CMD); |
AIT_SET_STR(&proc.proc_cmd, DEFAULT_CMD); |
|
Line 239 Run(char **argv, char flg)
|
Line 260 Run(char **argv, char flg)
|
| } |
} |
| array_Destroy(&acmd); |
array_Destroy(&acmd); |
| |
|
| if (SetClass()) { | if (setClassDir()) { |
| if (args) |
if (args) |
| e_free(args); |
e_free(args); |
| return -1; |
return -1; |
| } |
} |
| |
|
| if (flg & SUX_GET_FORCE) { |
if (flg & SUX_GET_FORCE) { |
| if (setgid(AIT_GET_I16(&proc.proc_gid)) == -1) { | if (setegid(AIT_GET_I16(&proc.proc_gid)) == -1) |
| ESYSERR(0); | goto err; |
| if (args) | if (seteuid(AIT_GET_I16(&proc.proc_uid)) == -1) |
| free(args); | goto err; |
| return -1; | if (setpriority(PRIO_PROCESS, 0, AIT_GET_I32(&proc.proc_prio)) == -1) |
| } | goto err; |
| if (setuid(AIT_GET_I16(&proc.proc_uid)) == -1) { | |
| ESYSERR(0); | |
| if (args) | |
| free(args); | |
| return -1; | |
| } | |
| if (setpriority(PRIO_PROCESS, 0, AIT_GET_I32(&proc.proc_prio)) == -1) { | |
| ESYSERR(0); | |
| if (args) | |
| free(args); | |
| return -1; | |
| } | |
| } |
} |
| |
|
| Log(0, "UID:GID=%d:%d Prio=%d Class=%s Name=%s Dir=%s Cmd=%s Script=%s", |
|
| proc.proc_uid, proc.proc_gid, proc.proc_prio, AIT_GET_STR(&proc.proc_class), |
|
| AIT_GET_STR(&proc.proc_name), AIT_GET_STR(&proc.proc_dir), |
|
| AIT_GET_STR(&proc.proc_cmd), getenv("PATH_TRANSLATED")); |
|
| |
|
| EVERBS(3) { |
EVERBS(3) { |
| char **el = args - 1; |
char **el = args - 1; |
| while (*++el) |
while (*++el) |
| Log(3, "args: %s", *el); |
Log(3, "args: %s", *el); |
| } |
} |
| |
|
| |
DumpProc(__func__); |
| |
|
| fflush(lf); |
fflush(lf); |
| |
|
| execve(cmd, args, environ); |
execve(cmd, args, environ); |
| if (args) | err: |
| free(args); | |
| ESYSERR(0); |
ESYSERR(0); |
| |
if (args) |
| |
e_free(args); |
| return -1; |
return -1; |
| } |
} |
| |
|
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sux.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / suX / src