system/doas
system/doas
1
0
Fork 0
mirror of https://github.com/slicer69/doas synced 2024-07-22 10:44:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #23 from Duncaen/setusercontext

Browse source 
fix the setusercontext(3) workaround
This commit is contained in:
Jesse Smith 2019-09-03 10:43:56 -03:00 committed by GitHub
parent 6886689b6b 6cf0236184
commit 79c6c61a73
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
doas.c
View file

@ -542,6 +542,23 @@ main(int argc, char **argv)
LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
LOGIN_SETUSER) != 0)
errx(1, "failed to set user context for target");
#else
#if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__)
if (setresgid(target_pw->pw_gid, target_pw->pw_gid, target_pw->pw_gid) == -1)
err(1, "setresgid");
#else
if (setregid(target_pw->pw_gid, target_pw->pw_gid) == -1)
err(1, "setregid");
#endif
if (initgroups(target_pw->pw_name, target_pw->pw_gid) == -1)
err(1, "initgroups");
#if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__)
if (setresuid(target, target, target) == -1)
err(1, "setresuid");
#else
if (setreuid(target, target) == -1)
err(1, "setreuid");
#endif
#endif
/*
if (pledge("stdio rpath exec", NULL) == -1)
@ -557,14 +574,6 @@ main(int argc, char **argv)
if (pledge("stdio exec", NULL) == -1)
err(1, "pledge");
*/
#ifndef HAVE_LOGIN_CAP_H
/* If we effectively are root, set the UID to actually be root to avoid
permission errors. */
if (target != 0)
setuid(target);
if ( geteuid() == ROOT_UID )
setuid(ROOT_UID);
#endif
syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s",
myname, cmdline, target_pw->pw_name, cwd);