/*
* really.c - program for gaining privilege
*
- * Copyright (C) 1992-3 Ian Jackson <iwj10@cus.cam.ac.uk>
+ * Copyright (C) 1992-3 Ian Jackson <ian@davenant.greenend.org.uk>
*
* This is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as
- * published by the Free Software Foundation; either version 2,
+ * published by the Free Software Foundation; either version 3,
* or (at your option) any later version.
*
* This is distributed in the hope that it will be useful, but
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
- * License along with this file; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ * License along with this file; if not, consult the Free Software
+ * Foundation's website at www.fsf.org, or the GNU Project website at
+ * www.gnu.org.
*/
#include <stdio.h>
" -G|--gid <gid> } the group list\n"
"other really-options:\n"
" -h|--help display this message\n"
- " -R|--chroot <dir> chroot (but *not* chdir)\n",
+ " -R|--chroot <dir> chroot (but *not* chdir - danger!)\n",
stderr) == EOF) { perror("write usage"); exit(-1); }
}
};
#ifdef REALLY_CHECK_FILE
-static void checkroot(void) {
+static int checkroot(void) {
int r;
r= access(REALLY_CHECK_FILE,W_OK);
- if (r) { perror("sorry"); exit(-1); }
+ if (r) return -1;
+ return 0;
}
#endif
#ifdef REALLY_CHECK_GID
-static void checkroot(void) {
+static int checkroot(void) {
gid_t groups[512];
int r, i;
- r= getgid(); if (r==REALLY_CHECK_GID) return;
+ r= getgid(); if (r==REALLY_CHECK_GID) return 0;
if (r<0) { perror("getgid check"); exit(-1); }
r= getgroups(sizeof(groups)/sizeof(groups[0]),groups);
if (r<0) { perror("getgroups check"); exit(-1); }
for (i=0; i<r; i++)
- if (groups[i] == REALLY_CHECK_GID) return;
- fputs("sorry\n",stderr); exit(-1);
+ if (groups[i] == REALLY_CHECK_GID) return 0;
+ return -1;
}
#endif
#ifdef REALLY_CHECK_NONE
-static void checkroot(void) {
+static int checkroot(void) {
+ return 0;
}
#endif
int i, j, ngroups, ngroups_in, maingid, orgmaingid, mainuid, orgmainuid, r;
const char *cp;
- checkroot();
+ orgmainuid= getuid();
+ if (orgmainuid && checkroot()) { perror("sorry"); exit(-1); }
myopt(&argv,cmdinfos);
if (opt_groupsclear && !opt_ngids)
if (chroot(opt_chroot)) { perror("chroot failed"); exit(-1); }
}
orgmaingid= getgid();
- orgmainuid= getuid();
if (orgmaingid<0) { perror("getgid failed"); exit(-1); }
if (opt_user) {
r= initgroups(opt_user,pw->pw_gid);