X-Git-Url: http://git.annexia.org/?a=blobdiff_plain;f=helper%2Fmain.c;h=b769bc795d38a73848438c6f47250be5ec345efb;hb=2e1e2d686ca8f819c202d2ed4e8a5c5758451f26;hp=f194008f324ed582e5d97682d6d777f6c66cfd7a;hpb=f6e12eccb65bef3eb57631e54199d8b1610e7c5c;p=febootstrap.git

diff --git a/helper/main.c b/helper/main.c
index f194008..b769bc7 100644
--- a/helper/main.c
+++ b/helper/main.c
@@ -28,23 +28,26 @@
 #include <sys/types.h>
 #include <sys/time.h>
 #include <assert.h>
+#include <grp.h>
+#include <pwd.h>
 
 #include "error.h"
+#include "xstrtol.h"
 
 #include "helper.h"
 
 struct timeval start_t;
 int verbose = 0;
 
-static const char *format = "cpio";
-
 enum { HELP_OPTION = CHAR_MAX + 1 };
 
-static const char *options = "f:k:vV";
+static const char *options = "f:g:k:u:vV";
 static const struct option long_options[] = {
   { "help", 0, 0, HELP_OPTION },
   { "format", required_argument, 0, 'f' },
+  { "group", 0, 0, 'g' },
   { "kmods", required_argument, 0, 'k' },
+  { "user", 0, 0, 'u' },
   { "verbose", 0, 0, 'v' },
   { "version", 0, 0, 'V' },
   { 0, 0, 0, 0 }
@@ -76,6 +79,12 @@ usage (FILE *f, const char *progname)
           "       Display this help text and exit.\n"
           "  -f cpio|ext2|checksum | --format cpio|ext2|checksum\n"
           "       Specify output format (default: cpio).\n"
+          "  -u user\n"
+          "       The user name or uid the appliance will run as. Use of this\n"
+          "       option requires root privileges.\n"
+          "  -g group\n"
+          "       The group name or gid the appliance will run as. Use of\n"
+          "       this option requires root privileges.\n"
           "  -k file | --kmods file\n"
           "       Specify kernel module whitelist.\n"
           "  --verbose | -v\n"
@@ -85,14 +94,76 @@ usage (FILE *f, const char *progname)
           progname, progname, progname, progname, progname, progname);
 }
 
+static uid_t
+parseuser (const char *id, const char *progname)
+{
+
+  struct passwd *pwd;
+
+  errno = 0;
+  pwd = getpwnam (id);
+
+  if (NULL == pwd) {
+    if (errno != 0) {
+      fprintf (stderr, "Error looking up user: %m\n");
+      exit (EXIT_FAILURE);
+    }
+
+    long val;
+    int err = xstrtol (id, NULL, 10, &val, "");
+    if (err != LONGINT_OK) {
+        fprintf (stderr, "%s is not a valid user name or uid\n", id);
+        usage (stderr, progname);
+        exit (EXIT_FAILURE);
+    }
+
+    return (uid_t) val;
+  }
+
+  return pwd->pw_uid;
+}
+
+static gid_t
+parsegroup (const char *id, const char *progname)
+{
+
+  struct group *grp;
+
+  errno = 0;
+  grp = getgrnam (id);
+
+  if (NULL == grp) {
+    if (errno != 0) {
+      fprintf (stderr, "Error looking up group: %m\n");
+      exit (EXIT_FAILURE);
+    }
+
+    long val;
+    int err = xstrtol (id, NULL, 10, &val, "");
+    if (err != LONGINT_OK) {
+        fprintf (stderr, "%s is not a valid group name or gid\n", id);
+        usage (stderr, progname);
+        exit (EXIT_FAILURE);
+    }
+
+    return (gid_t) val;
+  }
+
+  return grp->gr_gid;
+}
+
 int
 main (int argc, char *argv[])
 {
   /* First thing: start the clock. */
   gettimeofday (&start_t, NULL);
 
+  const char *format = "cpio";
   const char *whitelist = NULL;
 
+  uid_t euid = geteuid ();
+  gid_t egid = getegid ();
+
   /* Command line arguments. */
   for (;;) {
     int c = getopt_long (argc, argv, options, long_options, NULL);
@@ -107,6 +178,14 @@ main (int argc, char *argv[])
       format = optarg;
       break;
 
+    case 'u':
+      euid = parseuser (optarg, argv[0]);
+      break;
+
+    case 'g':
+      egid = parsegroup (optarg, argv[0]);
+      break;
+
     case 'k':
       whitelist = optarg;
       break;
@@ -125,6 +204,37 @@ main (int argc, char *argv[])
     }
   }
 
+  /* We need to set the real, not effective, uid here to work round a
+   * misfeature in bash. bash will automatically reset euid to uid when
+   * invoked. As shell is used in places by febootstrap-supermin-helper, this
+   * results in code running with varying privilege. */
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+
+  if (uid != euid || gid != egid) {
+    if (uid != 0) {
+      fprintf (stderr, "The -u and -g options require root privileges.\n");
+      usage (stderr, argv[0]);
+      exit (EXIT_FAILURE);
+    }
+
+    /* Need to become root first because setgid and setuid require it */
+    if (seteuid (0) == -1) {
+        perror ("seteuid");
+        exit (EXIT_FAILURE);
+    }
+
+    /* Set gid and uid to command-line parameters */
+    if (setgid (egid) == -1) {
+      perror ("setgid");
+      exit (EXIT_FAILURE);
+    }
+    if (setuid (euid) == -1) {
+      perror ("setuid");
+      exit (EXIT_FAILURE);
+    }
+  }
+
   /* Select the correct writer module. */
   struct writer *writer;
   int nr_outputs;