DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 17:35:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

util: add function for dropping root privileges

Browse Source 
Share the code for dropping supplementary groups and setting effective,
saved, and real user UID/GID between system drivers.
This commit is contained in:
Miroslav Lichvar
2015-12-08 17:16:45 +01:00
parent 334ac06102
commit 3cf6acdf24
6 changed files with 28 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
util.c
View File

@@ -1118,6 +1118,26 @@ UTI_CheckDirPermissions(const char *path, mode_t perm, uid_t uid, gid_t gid)
/* ================================================== */
void
UTI_DropRoot(uid_t uid, gid_t gid)
{
/* Drop supplementary groups */
if (setgroups(0, NULL))
LOG_FATAL(LOGF_Util, "setgroups() failed : %s", strerror(errno));
/* Set effective, saved and real group ID */
if (setgid(gid))
LOG_FATAL(LOGF_Util, "setgid(%d) failed : %s", gid, strerror(errno));
/* Set effective, saved and real user ID */
if (setuid(uid))
LOG_FATAL(LOGF_Util, "setuid(%d) failed : %s", uid, strerror(errno));
DEBUG_LOG(LOGF_Util, "Dropped root privileges: UID %d GID %d", uid, gid);
}
/* ================================================== */
#define DEV_URANDOM "/dev/urandom"
void