diff options
author | Jon Bratseth <bratseth@yahoo-inc.com> | 2016-06-15 23:09:44 +0200 |
---|---|---|
committer | Jon Bratseth <bratseth@yahoo-inc.com> | 2016-06-15 23:09:44 +0200 |
commit | 72231250ed81e10d66bfe70701e64fa5fe50f712 (patch) | |
tree | 2728bba1131a6f6e5bdf95afec7d7ff9358dac50 /configd/src/apps/su |
Publish
Diffstat (limited to 'configd/src/apps/su')
-rw-r--r-- | configd/src/apps/su/.gitignore | 3 | ||||
-rw-r--r-- | configd/src/apps/su/CMakeLists.txt | 8 | ||||
-rw-r--r-- | configd/src/apps/su/main.cpp | 44 |
3 files changed, 55 insertions, 0 deletions
diff --git a/configd/src/apps/su/.gitignore b/configd/src/apps/su/.gitignore new file mode 100644 index 00000000000..343f531c8c1 --- /dev/null +++ b/configd/src/apps/su/.gitignore @@ -0,0 +1,3 @@ +/.depend +/Makefile +/run-as-yahoo diff --git a/configd/src/apps/su/CMakeLists.txt b/configd/src/apps/su/CMakeLists.txt new file mode 100644 index 00000000000..8883fe2344f --- /dev/null +++ b/configd/src/apps/su/CMakeLists.txt @@ -0,0 +1,8 @@ +# Copyright 2016 Yahoo Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +vespa_add_executable(configd_run-as-yahoo_app + SOURCES + main.cpp + OUTPUT_NAME run-as-yahoo + INSTALL bin + DEPENDS +) diff --git a/configd/src/apps/su/main.cpp b/configd/src/apps/su/main.cpp new file mode 100644 index 00000000000..7baa726d630 --- /dev/null +++ b/configd/src/apps/su/main.cpp @@ -0,0 +1,44 @@ +// Copyright 2016 Yahoo Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +#include <stdlib.h> +#include <stdio.h> +#include <unistd.h> +#include <pwd.h> +#include <grp.h> + +/** + * small utility to use instead of "su" when we want to just + * switch to the "yahoo" user without any more fuss + **/ + +int main(int argc, char** argv) +{ + if (argc < 2) { + fprintf(stderr, "missing arguments, usage: run-as-yahoo <cmd> [args ...]"); + exit(1); + } + struct passwd *p = getpwnam("yahoo"); + if (p == NULL) { + perror("FATAL error: user 'yahoo' missing in passwd file"); + exit(1); + } + gid_t g = p->pw_gid; + uid_t u = p->pw_uid; + + if (setgid(g) != 0) { + perror("FATAL error: could not change group id"); + exit(1); + } + size_t listsize = 1; + gid_t grouplist[1] = { g }; + if (setgroups(listsize, grouplist) != 0) { + perror("FATAL error: could not setgroups"); + exit(1); + } + if (setuid(u) != 0) { + perror("FATAL error: could not change user id"); + exit(1); + } + execvp(argv[1], &argv[1]); + perror("FATAL error: execvp failed"); + exit(1); +} |