Improve previous commit by using setusercontext(3) and removing the group

option.  Bump doc date for manual page changes.

Reviewed by:	rwatson, ru, will (older version)
This commit is contained in:
Tom Rhodes 2007-03-19 12:12:53 +00:00
parent 1d8e1b8a5d
commit e6d4b388b9
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=167700
2 changed files with 23 additions and 44 deletions

View File

@ -26,7 +26,7 @@
.\" .\"
.\" $FreeBSD$ .\" $FreeBSD$
.\" .\"
.Dd March 9, 2007 .Dd March 19, 2007
.Dt DAEMON 8 .Dt DAEMON 8
.Os .Os
.Sh NAME .Sh NAME
@ -35,16 +35,15 @@
.Sh SYNOPSIS .Sh SYNOPSIS
.Nm .Nm
.Op Fl cf .Op Fl cf
.Op Fl u Ar user
.Op Fl g Ar group
.Op Fl p Ar pidfile .Op Fl p Ar pidfile
.Op Fl u Ar user
.Ar command arguments ... .Ar command arguments ...
.Sh DESCRIPTION .Sh DESCRIPTION
The The
.Nm .Nm
utility detaches itself from the controlling terminal and utility detaches itself from the controlling terminal and
executes the program specified by its arguments. executes the program specified by its arguments.
Privileges may be lowered to specified user and/or group. Privileges may be lowered to the specified user.
.Pp .Pp
The options are as follows: The options are as follows:
.Bl -tag -width indent .Bl -tag -width indent
@ -54,19 +53,17 @@ Change the current working directory to the root
.It Fl f .It Fl f
Redirect standard input, standard output and standard error to Redirect standard input, standard output and standard error to
.Pa /dev/null . .Pa /dev/null .
.It Fl g Ar group
Drop privileges to specified group.
.It Fl p Ar file .It Fl p Ar file
Write the ID of the created process into the Write the ID of the created process into the
.Ar file .Ar file
using using the
.It Fl u Ar user
Drop privileges to specified user.
.Xr pidfile 3 .Xr pidfile 3
functionality. functionality.
Note, that the file will be created shortly before the process is Note, that the file will be created shortly before the process is
actually executed, and will remain after the process exits (although actually executed, and will remain after the process exits (although
it will be removed if the execution fails). it will be removed if the execution fails).
.It Fl u Ar user
Run the program with the rights of user specified, requires privilege.
.El .El
.Sh EXIT STATUS .Sh EXIT STATUS
The The

View File

@ -36,13 +36,13 @@ __FBSDID("$FreeBSD$");
#include <err.h> #include <err.h>
#include <errno.h> #include <errno.h>
#include <pwd.h> #include <pwd.h>
#include <grp.h>
#include <libutil.h> #include <libutil.h>
#include <login_cap.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <unistd.h> #include <unistd.h>
static void restrict_process(const char *, const char *); static void restrict_process(const char *);
static void usage(void); static void usage(void);
int int
@ -50,12 +50,12 @@ main(int argc, char *argv[])
{ {
struct pidfh *pfh = NULL; struct pidfh *pfh = NULL;
int ch, nochdir, noclose, errcode; int ch, nochdir, noclose, errcode;
const char *pidfile, *user, *group; const char *pidfile, *user;
pid_t otherpid; pid_t otherpid;
nochdir = noclose = 1; nochdir = noclose = 1;
pidfile = user = group = NULL; pidfile = user = NULL;
while ((ch = getopt(argc, argv, "-cfg:p:u:")) != -1) { while ((ch = getopt(argc, argv, "-cf:p:u:")) != -1) {
switch (ch) { switch (ch) {
case 'c': case 'c':
nochdir = 0; nochdir = 0;
@ -63,15 +63,12 @@ main(int argc, char *argv[])
case 'f': case 'f':
noclose = 0; noclose = 0;
break; break;
case 'u':
user = optarg;
break;
case 'g':
group = optarg;
break;
case 'p': case 'p':
pidfile = optarg; pidfile = optarg;
break; break;
case 'u':
user = optarg;
break;
default: default:
usage(); usage();
} }
@ -82,12 +79,8 @@ main(int argc, char *argv[])
if (argc == 0) if (argc == 0)
usage(); usage();
if (user || group) { if (user != NULL)
if (getuid() != 0) restrict_process(user);
errx(1, "only root user is allowed to chroot "
"and change UID/GID");
restrict_process(user, group);
}
/* /*
* Try to open the pidfile before calling daemon(3), * Try to open the pidfile before calling daemon(3),
@ -126,34 +119,23 @@ main(int argc, char *argv[])
} }
static void static void
restrict_process(const char *user, const char *group) restrict_process(const char *user)
{ {
struct group *gr = NULL;
struct passwd *pw = NULL; struct passwd *pw = NULL;
errno = 0;
if (group != NULL) { pw = getpwnam(user);
if (initgroups(user, gr->gr_gid) == -1) if (pw == NULL)
errx(1, "User not in group list"); errx(1, "unknown user: %s", user);
if ((gr = getgrnam(group)) == NULL)
errx(1, "Group %s does not exist", group);
if (setgid(gr->gr_gid) == -1)
err(1, "%s", group);
}
if (user != NULL) { if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0)
if ((pw = getpwnam(user)) == NULL) errx(1, "failed to set user environment");
errx(1, "User %s does not exist", user);
if (setuid(pw->pw_uid) == -1)
err(1, "%s", user);
}
} }
static void static void
usage(void) usage(void)
{ {
(void)fprintf(stderr, (void)fprintf(stderr,
"usage: daemon [-cf] [-g group] [-p pidfile] [-u user] command " "usage: daemon [-cf] [-p pidfile] [-u user] command "
"arguments ...\n"); "arguments ...\n");
exit(1); exit(1);
} }