start_stop_daemon: add -chuid support
This commit is contained in:
Denis Vlasenko
parent
f8ea0f3a66
commit
cce38586ae
@ -56,7 +56,6 @@ static int fileAction(const char *fileName, struct stat *statbuf,
|
|||||||
int chown_main(int argc, char **argv);
|
int chown_main(int argc, char **argv);
|
||||||
int chown_main(int argc, char **argv)
|
int chown_main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
char *groupName;
|
|
||||||
int retval = EXIT_SUCCESS;
|
int retval = EXIT_SUCCESS;
|
||||||
|
|
||||||
opt_complementary = "-2";
|
opt_complementary = "-2";
|
||||||
@ -65,24 +64,7 @@ int chown_main(int argc, char **argv)
|
|||||||
|
|
||||||
if (OPT_NODEREF) chown_func = lchown;
|
if (OPT_NODEREF) chown_func = lchown;
|
||||||
|
|
||||||
/* First, check if there is a group name here */
|
parse_chown_usergroup_or_die(&ugid, argv[0]);
|
||||||
groupName = strchr(*argv, '.'); /* deprecated? */
|
|
||||||
if (!groupName)
|
|
||||||
groupName = strchr(*argv, ':');
|
|
||||||
else
|
|
||||||
*groupName = ':'; /* replace '.' with ':' */
|
|
||||||
|
|
||||||
/* First, try parsing "user[:[group]]" */
|
|
||||||
if (!groupName) { /* "user" */
|
|
||||||
ugid.uid = get_ug_id(*argv, xuname2uid);
|
|
||||||
} else if (groupName == *argv) { /* ":group" */
|
|
||||||
ugid.gid = get_ug_id(groupName + 1, xgroup2gid);
|
|
||||||
} else {
|
|
||||||
if (!groupName[1]) /* "user:" */
|
|
||||||
*groupName = '\0';
|
|
||||||
if (!get_uidgid(&ugid, *argv, 1))
|
|
||||||
bb_error_msg_and_die("unknown user/group %s", *argv);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Ok, ready to do the deed now */
|
/* Ok, ready to do the deed now */
|
||||||
argv++;
|
argv++;
|
||||||
|
|||||||
@ -14,12 +14,11 @@
|
|||||||
|
|
||||||
static int signal_nr = 15;
|
static int signal_nr = 15;
|
||||||
static int user_id = -1;
|
static int user_id = -1;
|
||||||
static int quiet;
|
|
||||||
static char *userspec;
|
static char *userspec;
|
||||||
static char *chuid;
|
|
||||||
static char *cmdname;
|
static char *cmdname;
|
||||||
static char *execname;
|
static char *execname;
|
||||||
static char *pidfile;
|
static char *pidfile;
|
||||||
|
static smallint quiet;
|
||||||
|
|
||||||
struct pid_list {
|
struct pid_list {
|
||||||
struct pid_list *next;
|
struct pid_list *next;
|
||||||
@ -222,20 +221,28 @@ static const struct option long_options[] = {
|
|||||||
enum {
|
enum {
|
||||||
CTX_STOP = 0x1,
|
CTX_STOP = 0x1,
|
||||||
CTX_START = 0x2,
|
CTX_START = 0x2,
|
||||||
OPT_BACKGROUND = 0x4,
|
OPT_BACKGROUND = 0x4, // -b
|
||||||
OPT_QUIET = 0x8,
|
OPT_QUIET = 0x8, // -q
|
||||||
OPT_MAKEPID = 0x10,
|
OPT_MAKEPID = 0x10, // -m
|
||||||
OPT_OKNODO = 0x20 * ENABLE_FEATURE_START_STOP_DAEMON_FANCY,
|
OPT_a = 0x20, // -a
|
||||||
OPT_VERBOSE = 0x40 * ENABLE_FEATURE_START_STOP_DAEMON_FANCY,
|
OPT_n = 0x40, // -n
|
||||||
OPT_NICELEVEL = 0x80 * ENABLE_FEATURE_START_STOP_DAEMON_FANCY,
|
OPT_s = 0x80, // -s
|
||||||
|
OPT_u = 0x100, // -u
|
||||||
|
OPT_c = 0x200, // -c
|
||||||
|
OPT_x = 0x400, // -x
|
||||||
|
OPT_p = 0x800, // -p
|
||||||
|
OPT_OKNODO = 0x1000 * ENABLE_FEATURE_START_STOP_DAEMON_FANCY, // -o
|
||||||
|
OPT_VERBOSE = 0x2000 * ENABLE_FEATURE_START_STOP_DAEMON_FANCY, // -v
|
||||||
|
OPT_NICELEVEL = 0x4000 * ENABLE_FEATURE_START_STOP_DAEMON_FANCY, // -N
|
||||||
};
|
};
|
||||||
|
|
||||||
int start_stop_daemon_main(int argc, char **argv);
|
int start_stop_daemon_main(int argc, char **argv);
|
||||||
int start_stop_daemon_main(int argc, char **argv)
|
int start_stop_daemon_main(int argc, char **argv)
|
||||||
{
|
{
|
||||||
unsigned opt;
|
unsigned opt;
|
||||||
char *signame = NULL;
|
char *signame;
|
||||||
char *startas = NULL;
|
char *startas;
|
||||||
|
char *chuid;
|
||||||
#if ENABLE_FEATURE_START_STOP_DAEMON_FANCY
|
#if ENABLE_FEATURE_START_STOP_DAEMON_FANCY
|
||||||
// char *retry_arg = NULL;
|
// char *retry_arg = NULL;
|
||||||
// int retries = -1;
|
// int retries = -1;
|
||||||
@ -247,22 +254,22 @@ int start_stop_daemon_main(int argc, char **argv)
|
|||||||
|
|
||||||
/* Check required one context option was given */
|
/* Check required one context option was given */
|
||||||
opt_complementary = "K:S:?:K--S:S--K:m?p:K?xpun:S?xa";
|
opt_complementary = "K:S:?:K--S:S--K:m?p:K?xpun:S?xa";
|
||||||
opt = getopt32(argc, argv, "KSbqm"
|
opt = getopt32(argc, argv, "KSbqma:n:s:u:c:x:p:"
|
||||||
// USE_FEATURE_START_STOP_DAEMON_FANCY("ovN:R:")
|
USE_FEATURE_START_STOP_DAEMON_FANCY("ovN:"),
|
||||||
USE_FEATURE_START_STOP_DAEMON_FANCY("ovN:")
|
// USE_FEATURE_START_STOP_DAEMON_FANCY("ovN:R:"),
|
||||||
"a:n:s:u:c:x:p:"
|
&startas, &cmdname, &signame, &userspec, &chuid, &execname, &pidfile
|
||||||
USE_FEATURE_START_STOP_DAEMON_FANCY(,&opt_N)
|
USE_FEATURE_START_STOP_DAEMON_FANCY(,&opt_N)
|
||||||
// USE_FEATURE_START_STOP_DAEMON_FANCY(,&retry_arg)
|
// USE_FEATURE_START_STOP_DAEMON_FANCY(,&retry_arg)
|
||||||
,&startas, &cmdname, &signame, &userspec, &chuid, &execname, &pidfile);
|
);
|
||||||
|
|
||||||
quiet = (opt & OPT_QUIET) && !(opt & OPT_VERBOSE);
|
quiet = (opt & OPT_QUIET) && !(opt & OPT_VERBOSE);
|
||||||
|
|
||||||
if (signame) {
|
if (opt & OPT_s) {
|
||||||
signal_nr = get_signum(signame);
|
signal_nr = get_signum(signame);
|
||||||
if (signal_nr < 0) bb_show_usage();
|
if (signal_nr < 0) bb_show_usage();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!startas)
|
if (!(opt & OPT_a))
|
||||||
startas = execname;
|
startas = execname;
|
||||||
|
|
||||||
// USE_FEATURE_START_STOP_DAEMON_FANCY(
|
// USE_FEATURE_START_STOP_DAEMON_FANCY(
|
||||||
@ -303,11 +310,11 @@ int start_stop_daemon_main(int argc, char **argv)
|
|||||||
fprintf(pidf, "%d\n", pidt);
|
fprintf(pidf, "%d\n", pidt);
|
||||||
fclose(pidf);
|
fclose(pidf);
|
||||||
}
|
}
|
||||||
if (chuid) {
|
if (opt & OPT_c) {
|
||||||
user_id = bb_strtou(chuid, NULL, 10);
|
struct bb_uidgid_t ugid;
|
||||||
if (errno)
|
parse_chown_usergroup_or_die(&ugid, chuid);
|
||||||
user_id = xuname2uid(chuid);
|
if (ugid.gid != (gid_t) -1) xsetgid(ugid.gid);
|
||||||
xsetuid(user_id);
|
if (ugid.uid != (uid_t) -1) xsetuid(ugid.uid);
|
||||||
}
|
}
|
||||||
#if ENABLE_FEATURE_START_STOP_DAEMON_FANCY
|
#if ENABLE_FEATURE_START_STOP_DAEMON_FANCY
|
||||||
if (opt & OPT_NICELEVEL) {
|
if (opt & OPT_NICELEVEL) {
|
||||||
|
|||||||
@ -443,7 +443,10 @@ struct bb_uidgid_t {
|
|||||||
uid_t uid;
|
uid_t uid;
|
||||||
gid_t gid;
|
gid_t gid;
|
||||||
};
|
};
|
||||||
|
/* always sets uid and gid */
|
||||||
int get_uidgid(struct bb_uidgid_t*, const char*, int numeric_ok);
|
int get_uidgid(struct bb_uidgid_t*, const char*, int numeric_ok);
|
||||||
|
/* chown-like handling of "user[:[group]" */
|
||||||
|
void parse_chown_usergroup_or_die(struct bb_uidgid_t *u, char *user_group);
|
||||||
/* what is this? */
|
/* what is this? */
|
||||||
/*extern char *bb_getug(char *buffer, char *idname, long id, int bufsize, char prefix);*/
|
/*extern char *bb_getug(char *buffer, char *idname, long id, int bufsize, char prefix);*/
|
||||||
char *bb_getpwuid(char *name, long uid, int bufsize);
|
char *bb_getpwuid(char *name, long uid, int bufsize);
|
||||||
|
|||||||
@ -2893,7 +2893,7 @@
|
|||||||
"\n -N|--nicelevel <N> Add N to process's nice level" \
|
"\n -N|--nicelevel <N> Add N to process's nice level" \
|
||||||
) \
|
) \
|
||||||
"\n -s|--signal <signal> Signal to send (default TERM)" \
|
"\n -s|--signal <signal> Signal to send (default TERM)" \
|
||||||
"\n -U|--chuid <username>|<uid> Start process with this name"
|
"\n -c|--chuid <user>[:[<group>]] Change to specified user/group"
|
||||||
|
|
||||||
#define stat_trivial_usage \
|
#define stat_trivial_usage \
|
||||||
"[OPTION] FILE..."
|
"[OPTION] FILE..."
|
||||||
|
|||||||
@ -27,6 +27,7 @@ ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|||||||
|
|
||||||
#include "busybox.h"
|
#include "busybox.h"
|
||||||
|
|
||||||
|
/* Always sets uid and gid */
|
||||||
int get_uidgid(struct bb_uidgid_t *u, const char *ug, int numeric_ok)
|
int get_uidgid(struct bb_uidgid_t *u, const char *ug, int numeric_ok)
|
||||||
{
|
{
|
||||||
struct passwd *pwd;
|
struct passwd *pwd;
|
||||||
@ -53,6 +54,7 @@ int get_uidgid(struct bb_uidgid_t *u, const char *ug, int numeric_ok)
|
|||||||
goto skip;
|
goto skip;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
/* Either it is not numeric, or caller disallows numeric username */
|
||||||
pwd = getpwnam(user);
|
pwd = getpwnam(user);
|
||||||
if (!pwd)
|
if (!pwd)
|
||||||
return 0;
|
return 0;
|
||||||
@ -75,6 +77,40 @@ int get_uidgid(struct bb_uidgid_t *u, const char *ug, int numeric_ok)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* chown-like:
|
||||||
|
* "user" sets uid only,
|
||||||
|
* ":group" sets gid only
|
||||||
|
* "user:" sets uid and gid (to user's primary group id)
|
||||||
|
* "user:group" sets uid and gid
|
||||||
|
* ('unset' uid or gid is actually set to -1)
|
||||||
|
*/
|
||||||
|
void parse_chown_usergroup_or_die(struct bb_uidgid_t *u, char *user_group)
|
||||||
|
{
|
||||||
|
char *group;
|
||||||
|
|
||||||
|
u->uid = -1;
|
||||||
|
u->gid = -1;
|
||||||
|
|
||||||
|
/* Check if there is a group name */
|
||||||
|
group = strchr(user_group, '.'); /* deprecated? */
|
||||||
|
if (!group)
|
||||||
|
group = strchr(user_group, ':');
|
||||||
|
else
|
||||||
|
*group = ':'; /* replace '.' with ':' */
|
||||||
|
|
||||||
|
/* Parse "user[:[group]]" */
|
||||||
|
if (!group) { /* "user" */
|
||||||
|
u->uid = get_ug_id(user_group, xuname2uid);
|
||||||
|
} else if (group == user_group) { /* ":group" */
|
||||||
|
u->gid = get_ug_id(group + 1, xgroup2gid);
|
||||||
|
} else {
|
||||||
|
if (!group[1]) /* "user:" */
|
||||||
|
*group = '\0';
|
||||||
|
if (!get_uidgid(u, user_group, 1))
|
||||||
|
bb_error_msg_and_die("unknown user/group %s", user_group);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#if 0
|
#if 0
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
int main()
|
int main()
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user