[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[hurd] 21/70: utils: add nullauth utility
|
From: |
Samuel Thibault |
|
Subject: |
[hurd] 21/70: utils: add nullauth utility |
|
Date: |
Mon, 16 Sep 2013 07:41:37 +0000 |
This is an automated email from the git hooks/post-receive script.
sthibault pushed a commit to branch upstream
in repository hurd.
commit 7808ed79f5dbcd9f24268d22f1838d9b6e8f25c6
Author: Justus Winter <address@hidden>
Date: Sat Jul 27 15:32:06 2013 +0200
utils: add nullauth utility
nullauth drops all authentication credentials and runs the given
program. This is also useful to drop privileges on behalf of
translators that do not need any credentials in some circumstances,
e.g.
% settrans -ap /hurd/nullauth -- /hurd/storeio -Tzero
makes storeio run without any credentials.
* utils/nullauth.c: New file.
* utils/Makefile: Build nullauth.
---
utils/Makefile | 6 ++--
utils/nullauth.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 93 insertions(+), 3 deletions(-)
diff --git a/utils/Makefile b/utils/Makefile
index de33751..8e8591f 100644
--- a/utils/Makefile
+++ b/utils/Makefile
@@ -22,7 +22,7 @@ targets = shd ps settrans showtrans syncfs fsysopts \
storeinfo login w uptime ids loginpr sush vmstat portinfo \
devprobe vminfo addauth rmauth unsu setauth ftpcp ftpdir storecat \
storeread msgport rpctrace mount gcore fakeauth fakeroot remap \
- umount
+ umount nullauth
special-targets = loginpr sush uptime fakeroot remap
SRCS = shd.c ps.c settrans.c syncfs.c showtrans.c addauth.c rmauth.c \
@@ -31,7 +31,7 @@ SRCS = shd.c ps.c settrans.c syncfs.c showtrans.c addauth.c
rmauth.c \
parse.c frobauth.c frobauth-mod.c setauth.c pids.c nonsugid.c \
unsu.c ftpcp.c ftpdir.c storeread.c storecat.c msgport.c \
rpctrace.c mount.c gcore.c fakeauth.c fakeroot.sh remap.sh \
- match-options.c umount.c
+ nullauth.c
OBJS = $(filter-out %.sh,$(SRCS:.c=.o))
HURDLIBS = ps ihash store fshelp ports ftpconn shouldbeinlibc
@@ -59,7 +59,7 @@ ftpcp ftpdir: ../libftpconn/libftpconn.a
settrans: ../libfshelp/libfshelp.a ../libports/libports.a
ps w ids settrans syncfs showtrans fsysopts storeinfo login vmstat portinfo \
devprobe vminfo addauth rmauth setauth unsu ftpcp ftpdir storeread \
- storecat msgport mount umount: \
+ storecat msgport mount umount nullauth: \
../libshouldbeinlibc/libshouldbeinlibc.a
$(filter-out $(special-targets), $(targets)): %: %.o
diff --git a/utils/nullauth.c b/utils/nullauth.c
new file mode 100644
index 0000000..a0d5d1b
--- /dev/null
+++ b/utils/nullauth.c
@@ -0,0 +1,90 @@
+/* Utility to drop all authentication credentials.
+
+ Copyright (C) 2013 Free Software Foundation, Inc.
+
+ Written by Justus Winter <address@hidden>
+
+ This file is part of the GNU Hurd.
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License as
+ published by the Free Software Foundation; either version 2, or (at
+ your option) any later version.
+
+ This program is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
+
+#include <argp.h>
+#include <error.h>
+#include <nullauth.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <version.h>
+
+static char **args;
+
+const char const *argp_program_version = STANDARD_HURD_VERSION (nullauth);
+
+static const struct argp_option const options[] =
+{
+ { 0 }
+};
+
+static const char const doc[] =
+ "Drop all authentication credentials and run the given program.";
+static const char const args_doc[] =
+ "PROGRAM [ARGUMENTS...]\tThe program to run";
+
+error_t
+parse_opt (int key, char *arg, struct argp_state *state)
+{
+ switch (key)
+ {
+ case ARGP_KEY_ARGS:
+ args = state->argv + state->next;
+ break;
+
+ case ARGP_KEY_NO_ARGS:
+ argp_error (state, "expected program to run");
+ return EINVAL;
+
+ default:
+ return ARGP_ERR_UNKNOWN;
+ }
+
+ return 0;
+}
+
+static struct argp argp = {
+ options,
+ parse_opt,
+ args_doc,
+ doc,
+ NULL,
+};
+�
+int
+main (int argc, char *argv[])
+{
+ error_t err;
+
+ /* Parse our command line. This shouldn't ever return an error. */
+ argp_parse (&argp, argc, argv, 0, 0, NULL);
+
+ /* Drop all privileges. */
+ err = setnullauth();
+ if (err)
+ error (1, err, "Could not drop privileges");
+
+ execv (args[0], args);
+ error (1, errno, "execv");
+
+ /* Not reached. */
+ return EXIT_FAILURE;
+}
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-hurd/hurd.git
- [hurd] branch upstream updated (de8b182 -> b2f8745), Samuel Thibault, 2013/09/16
- [hurd] 03/70: utils: escape arguments in fakeroot.sh, Samuel Thibault, 2013/09/16
- [hurd] 17/70: console-client: add daemonizing support, Samuel Thibault, 2013/09/16
- [hurd] 21/70: utils: add nullauth utility,
Samuel Thibault <=
- [hurd] 22/70: Disable transparent gzip/bzip2 decompression, Samuel Thibault, 2013/09/16
- [hurd] 19/70: trans: drop privileges in the null translator, Samuel Thibault, 2013/09/16
- [hurd] 35/70: proc: add proc_mark_important server code, Samuel Thibault, 2013/09/16
- [hurd] 20/70: tmpfs: drop privileges in the tmpfs translator, Samuel Thibault, 2013/09/16
- [hurd] 27/70: daemons: fix setsid(2) in console-run, Samuel Thibault, 2013/09/16
- [hurd] 14/70: Optimize translator string copy, Samuel Thibault, 2013/09/16
- [hurd] 13/70: libnetfs: properly respond to file_get_translator requests, Samuel Thibault, 2013/09/16
- [hurd] 23/70: Do not build gzip/bzip2 support, Samuel Thibault, 2013/09/16
- [hurd] 38/70: libdiskfs: register libdiskfs-based translators as important, Samuel Thibault, 2013/09/16
- [hurd] 34/70: proc: make the function check_owner available, Samuel Thibault, 2013/09/16