Mercurial > masqmail
comparison src/permissions.c @ 10:26e34ae9a3e3
changed indention and line wrapping to a more consistent style
author | meillo@marmaro.de |
---|---|
date | Mon, 27 Oct 2008 16:23:10 +0100 |
parents | 08114f7dcc23 |
children | f671821d8222 |
comparison
equal
deleted
inserted
replaced
9:31cc8a89cb74 | 10:26e34ae9a3e3 |
---|---|
19 #include "masqmail.h" | 19 #include "masqmail.h" |
20 #include <pwd.h> | 20 #include <pwd.h> |
21 #include <grp.h> | 21 #include <grp.h> |
22 | 22 |
23 /* is there really no function in libc for this? */ | 23 /* is there really no function in libc for this? */ |
24 gboolean is_ingroup(uid_t uid, gid_t gid) | 24 gboolean |
25 is_ingroup(uid_t uid, gid_t gid) | |
25 { | 26 { |
26 struct group *grent = getgrgid(gid); | 27 struct group *grent = getgrgid(gid); |
27 | 28 |
28 if(grent){ | 29 if (grent) { |
29 struct passwd *pwent = getpwuid(uid); | 30 struct passwd *pwent = getpwuid(uid); |
30 if(pwent){ | 31 if (pwent) { |
31 char *entry; | 32 char *entry; |
32 int i = 0; | 33 int i = 0; |
33 while((entry = grent->gr_mem[i++])){ | 34 while ((entry = grent->gr_mem[i++])) { |
34 if(strcmp(pwent->pw_name, entry) == 0) | 35 if (strcmp(pwent->pw_name, entry) == 0) |
35 return TRUE; | 36 return TRUE; |
36 } | 37 } |
37 } | 38 } |
38 } | 39 } |
39 return FALSE; | 40 return FALSE; |
40 } | 41 } |
41 | 42 |
42 gboolean is_privileged_user(uid_t uid) | 43 gboolean |
44 is_privileged_user(uid_t uid) | |
43 { | 45 { |
44 return (uid == 0) || (uid == conf.mail_uid) || (is_ingroup(uid, conf.mail_gid)); | 46 return (uid == 0) || (uid == conf.mail_uid) || (is_ingroup(uid, conf.mail_gid)); |
45 } | 47 } |
46 | 48 |
47 void set_euidgid(gint uid, gint gid, uid_t *old_uid, gid_t *old_gid) | 49 void |
50 set_euidgid(gint uid, gint gid, uid_t * old_uid, gid_t * old_gid) | |
48 { | 51 { |
49 if(old_uid) *old_uid = geteuid(); | 52 if (old_uid) |
50 if(old_gid) *old_gid = getegid(); | 53 *old_uid = geteuid(); |
54 if (old_gid) | |
55 *old_gid = getegid(); | |
51 | 56 |
52 seteuid(0); | 57 seteuid(0); |
53 | 58 |
54 if(setegid(gid) != 0){ | 59 if (setegid(gid) != 0) { |
55 logwrite(LOG_ALERT, "could not change gid to %d: %s\n", | 60 logwrite(LOG_ALERT, "could not change gid to %d: %s\n", gid, strerror(errno)); |
56 gid, strerror(errno)); | 61 exit(EXIT_FAILURE); |
57 exit(EXIT_FAILURE); | 62 } |
58 } | 63 if (seteuid(uid) != 0) { |
59 if(seteuid(uid) != 0){ | 64 logwrite(LOG_ALERT, "could not change uid to %d: %s\n", uid, strerror(errno)); |
60 logwrite(LOG_ALERT, "could not change uid to %d: %s\n", | 65 exit(EXIT_FAILURE); |
61 uid, strerror(errno)); | 66 } |
62 exit(EXIT_FAILURE); | |
63 } | |
64 } | 67 } |
65 | 68 |
66 void set_identity(uid_t old_uid, gchar *task_name) | 69 void |
70 set_identity(uid_t old_uid, gchar * task_name) | |
67 { | 71 { |
68 if(!conf.run_as_user){ | 72 if (!conf.run_as_user) { |
69 if(!is_privileged_user(old_uid)){ | 73 if (!is_privileged_user(old_uid)) { |
70 fprintf(stderr, | 74 fprintf(stderr, "must be root, %s or in group %s for %s.\n", DEF_MAIL_USER, DEF_MAIL_GROUP, task_name); |
71 "must be root, %s or in group %s for %s.\n", | 75 exit(EXIT_FAILURE); |
72 DEF_MAIL_USER, DEF_MAIL_GROUP, task_name); | 76 } |
73 exit(EXIT_FAILURE); | |
74 } | |
75 | 77 |
76 set_euidgid(conf.mail_uid, conf.mail_gid, NULL, NULL); | 78 set_euidgid(conf.mail_uid, conf.mail_gid, NULL, NULL); |
77 } | 79 } |
78 } | 80 } |