Add --spoof-user. Tidy up servicepw &c in daemon.

[userv.git] / daemon.c

diff --git a/daemon.c b/daemon.c
index 49fff815bdf168dad5ef89480ceea166c47ef473..97bffa57d033861e2cce2056c3dfd178cecf840e 100644 (file)
--- a/daemon.c
+++ b/daemon.c
@@ -56,7 +56,7 @@ int restfdwantstate= tokv_word_rejectfd, restfdwantrw= 0;
 struct request_msg request_mbuf;
 char *serviceuser=0, *service=0, *logname=0, *cwd=0;
 char *overridedata=0, *userrcfile=0;
-char *serviceuser_dir=0, *serviceuser_shell=0;
+char *serviceuser_dir=0, *serviceuser_shell=0, *callinguser_shell;
 uid_t serviceuser_uid=-1;
 gid_t serviceuser_gid=-1;
 char *execpath=0, **execargs=0;
@@ -67,8 +67,6 @@ char *ehfilename=0;
 
 static FILE *swfile= 0, *srfile= 0;
 static pid_t child= -1, childtokill= -1;
-
-static struct passwd *servicepw, *callingpw;
 static const char **grouparray;
 
 static void sigchildhandler(int x) {
@@ -285,12 +283,12 @@ static int synchread(int fd, int ch) {
   return 0;
 }
 
-static const char *see_logname(void) { return servicepw->pw_name; }
-static const char *see_home(void) { return servicepw->pw_dir; }
-static const char *see_shell(void) { return servicepw->pw_shell; }
+static const char *see_logname(void) { return serviceuser; }
+static const char *see_home(void) { return serviceuser_dir; }
+static const char *see_shell(void) { return serviceuser_shell; }
 
 static const char *see_path(void) {
-  return servicepw->pw_uid ?
+  return serviceuser_uid ?
     "/usr/local/bin:/bin:/usr/bin" :
     "/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin";
 }
@@ -300,7 +298,7 @@ static const char *see_c_cwd(void) { return cwd; }
 static const char *see_c_logname(void) { return logname; }
 static const char *see_c_uid(void) {
   static char buf[CHAR_BIT*sizeof(uid_t)/3+4];
-  snyprintf(buf,sizeof(buf),"%lu",(unsigned long)callingpw->pw_uid);
+  snyprintf(buf,sizeof(buf),"%lu",(unsigned long)request_mbuf.callinguid);
   return buf;
 }
 
@@ -503,6 +501,7 @@ static void NONRETURNING servicerequest(int sfd) {
   struct stat stab;
   struct sigaction sig;
   struct group *cgrp;
+  struct passwd *pw;
 
   ensurelogopen(USERVD_LOGFACILITY);
   syslog(LOG_DEBUG,"call connected");
@@ -574,28 +573,26 @@ static void NONRETURNING servicerequest(int sfd) {
     if (close(tempfd)) syscallerror("close prelim fd onto pipe");
   }
 
-  servicepw= getpwnam(serviceuser);
-  if (!servicepw) syscallerror("look up service user");
-  assert(!strcmp(servicepw->pw_name,serviceuser));
-  serviceuser_dir= xstrdup(nondebug_serviceuserdir(servicepw->pw_dir));
-  serviceuser_shell= xstrdup(servicepw->pw_shell);
-  serviceuser_uid= servicepw->pw_uid;
-  serviceuser_gid= servicepw->pw_gid;
-  if (initgroups(servicepw->pw_name,servicepw->pw_gid)) syscallerror("initgroups");
-  if (setreuid(servicepw->pw_uid,servicepw->pw_uid)) syscallerror("setreuid 1");
-  if (setreuid(servicepw->pw_uid,servicepw->pw_uid)) syscallerror("setreuid 2");
-  if (servicepw->pw_uid)
-    if (!setreuid(servicepw->pw_uid,0)) miscerror("setreuid 3 unexpectedly succeeded");
+  pw= getpwnam(serviceuser);
+  if (!pw) miscerror("look up service user");
+  assert(!strcmp(pw->pw_name,serviceuser));
+  serviceuser_dir= xstrdup(nondebug_serviceuserdir(pw->pw_dir));
+  serviceuser_shell= xstrdup(pw->pw_shell);
+  serviceuser_uid= pw->pw_uid;
+  serviceuser_gid= pw->pw_gid;
+  if (initgroups(pw->pw_name,pw->pw_gid)) syscallerror("initgroups");
+  if (setreuid(pw->pw_uid,pw->pw_uid)) syscallerror("setreuid 1");
+  if (setreuid(pw->pw_uid,pw->pw_uid)) syscallerror("setreuid 2");
+  if (pw->pw_uid)
+    if (!setreuid(pw->pw_uid,0)) miscerror("setreuid 3 unexpectedly succeeded");
   if (errno != EPERM) syscallerror("setreuid 3 failed in unexpected way");
 
   debug_dumprequest(mypid);
 
-  callingpw= getpwnam(logname);
-  if (!callingpw) syscallerror("get passwd entry for calling user");
   grouparray= xmalloc(sizeof(char*)*request_mbuf.ngids);
   for (i=0; i<request_mbuf.ngids; i++) {
     cgrp= getgrgid(gidarray[i]);
-    if (!cgrp) syscallerror("get group entry for calling group");
+    if (!cgrp) miscerror("get group entry for calling group");
     grouparray[i]= xmstrsave(cgrp->gr_name);
   }