annotate cinst/nssstore_linux.c @ 824:a511c1f45c70

(Issue47) Drop privileges before executing NSS process.
author Andre Heinecke <andre.heinecke@intevation.de>
date Mon, 21 Jul 2014 18:51:34 +0200
parents e41a2537b84d
children 216a65d7fc4b
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
7 */
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
8 #ifndef WIN32
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
10 /* @file
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
11 @brief Linux implementation of nssstore process control.
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
12 */
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
13
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
14 #include <stdbool.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
15 #include <stdio.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 #include <unistd.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
17 #include <sys/types.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18 #include <sys/wait.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19 #include <string.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
20 #include <stdlib.h>
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
21 #include <limits.h>
439
c88090a15ae4 Fix cinstprocesstest for new arguments. Handle errno on write errors
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
22 #include <errno.h>
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
23 #include <pwd.h>
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
25 #include "nssstore.h"
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
26 #include "logging.h"
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
27 #include "strhelp.h"
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
28
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
29 #define NSS_PROCESS_NAME "mozilla"
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
30
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
31 /**@brief get the current path of the executable
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
32 *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
33 * Looks up the current executables directory. The caller
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
34 * has to free the return value.
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
35 *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
36 * The returned value includes the last /
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
37 *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
38 * @returns the absolute directory of the currently executed executable or NULL
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
39 */
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
40 char *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
41 get_exe_dir()
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
42 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
43 char *retval = NULL,
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
44 *p = NULL,
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
45 buf[PATH_MAX];
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
46 ssize_t ret;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
47 size_t path_len = 0;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
48
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
49 ret = readlink ("/proc/self/exe", buf, PATH_MAX);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
50 if (ret <= 0)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
51 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
52 ERRORPRINTF ("readlink failed\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
53 return NULL;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
54 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
55
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
56 buf[ret] = '\0';
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
57
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
58 /* cut off the filename */
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
59 p = strrchr (buf, '/');
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
60 if (p == NULL)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
61 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
62 ERRORPRINTF ("No filename found.\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
63 return NULL;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
64 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
65 *(p + 1) = '\0';
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
66
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
67 path_len = strlen (buf);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
68 retval = xmalloc (path_len + 1);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
69 strncpy (retval, buf, path_len);
476
e8d761c2d2d1 Make sure that retval is terminated
Andre Heinecke <aheinecke@intevation.de>
parents: 439
diff changeset
70 retval[path_len] = '\0';
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
71
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
72 return retval;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
73 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
74
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
75 /**@brief Start the process to install / remove
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
76 *
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
77 * This forks the process and executes the NSS installation
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
78 * process. It also writes the Instructions to that process.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
79 *
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
80 * @param [in] to_install strv of DER encoded certificates to be added.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
81 * @param [in] to_remove strv of DER encoded certificates to be remvoed.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
82 * @param [in] uid_t uid of the user to install certificates for.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
83 * @param [in] gid_t the gid of the user to install certificates for.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
84 * @param [in] homedir the homedir of the user.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
85 *
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
86 * @returns childs pid on success. -1 on failure
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
87 */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
88 static int
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
89 start_procces_for_user (char **to_install, char **to_remove,
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
90 uid_t uid, gid_t gid, char *homedir)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
91 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
92 int pipe_fd[2];
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
93 pid_t pid = 0;
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
94 char *argv[2] = {NULL, NULL},
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
95 *envp[2] = {NULL, NULL},
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
96 *inst_dir = NULL;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
97 size_t homedir_len = 0,
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
98 exe_path_len = 0;
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
99 int ret = -1,
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
100 i = 0;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
101 FILE *stream = NULL;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
102 bool success = false;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
103
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
104 if (homedir == NULL)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
105 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
106 ERRORPRINTF ("Invalid call to start_process_for_user\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
107 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
108 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
109
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
110 homedir_len = strlen (homedir);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
111
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
112 /* Allocate space for HOME=homedir\0 */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
113 envp[0] = xmalloc (homedir_len + 6);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
114 envp[1] = NULL;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
115
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
116 ret = snprintf (envp[0], homedir_len + 6, "HOME=%s", homedir);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
117
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
118 if (ret < 0 || (size_t) ret != homedir_len + 5)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
119 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
120 ERRORPRINTF ("Error setting home env variable.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
121 xfree (envp[0]);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
122 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
123 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
124
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
125 /* Set up the file name of the installer process */
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
126 inst_dir = get_exe_dir();
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
127 if (inst_dir == NULL)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
128 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
129 ERRORPRINTF ("Failed to find installation directory.\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
130 xfree (envp[0]);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
131 return -1;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
132 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
133
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
134 exe_path_len = strlen(inst_dir) + strlen(NSS_PROCESS_NAME);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
135 argv[0] = xmalloc (exe_path_len + 1);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
136
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
137 ret = snprintf(argv[0], exe_path_len + 1, "%s%s", inst_dir, NSS_PROCESS_NAME);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
138 if (ret < 0 || (size_t) ret != exe_path_len)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
139 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
140 ERRORPRINTF ("Error setting executable variable.\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
141 xfree (argv[0]);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
142 return -1;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
143 }
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
144
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
145 if (pipe (pipe_fd))
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
146 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
147 ERRORPRINTF ("Failed to create pipe.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
148 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
149 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
150
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
151 pid = fork();
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
152
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
153 if (pid == (pid_t) -1)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
154 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
155 ERRORPRINTF ("Failed to fork child.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
156 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
157 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
158
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
159 if (pid == (pid_t) 0)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
160 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
161 /* Drop privileges */
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
162 if (setgid (gid) || setuid (uid))
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
163 {
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
164 syslog_error_printf("Failed to drop privileges: %s", strerror(errno));
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
165 exit(-1);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
166 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
167
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
168 close (pipe_fd[1]);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
169 dup2 (pipe_fd[0], 0);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
170 close (pipe_fd[0]);
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
171 execve (argv[0], argv, envp);
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
172 exit (127);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
173 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
174
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
175 close (pipe_fd[0]);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
176 stream = fdopen(pipe_fd[1], "w");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
177 if (stream == NULL)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
178 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
179 ERRORPRINTF ("Failed to open pipe for writing\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
180 goto done;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
181 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
182
384
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
183 /* The NSS installer may exit on error before we are done
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
184 * telling it what to do. We want to handle that rather
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
185 * then die unexpectedly. */
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
186 signal(SIGPIPE, SIG_IGN);
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
187
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
188 /* Send the instructions */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
189 for (i = 0; to_install && to_install[i]; i++)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
190 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
191 if (fprintf (stream, "I:%s\n", to_install[i]) <= 3)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
192 {
478
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
193 int err = errno;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
194 ERRORPRINTF ("Write failed: %s \n", strerror(err));
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
195 if (err == 32)
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
196 {
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
197 /* Broken pipe is expected if there are no NSS stores
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
198 to be found the process just exits. That's ok */
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
199 success = true;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
200 }
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
201 goto done;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
202 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
203 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
204
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
205 for (i = 0; to_remove && to_remove[i]; i++)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
206 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
207 if (fprintf (stream, "R:%s\n", to_remove[i]) <= 3)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
208 {
478
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
209 int err = errno;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
210 ERRORPRINTF ("Write failed: %s \n", strerror(err));
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
211 if (err == 32)
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
212 {
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
213 /* Broken pipe is expected if there are no NSS stores
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
214 to be found the process just exits. That's ok */
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
215 success = true;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
216 }
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
217 goto done;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
218 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
219 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
220
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
221 success = true;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
222
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
223 done:
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
224 if (stream) {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
225 fclose (stream);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
226 }
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
227 xfree (argv[0]);
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
228 xfree (envp[0]);
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
229 close (pipe_fd[0]);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
230 close (pipe_fd[1]);
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
231
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
232 if (success)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
233 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
234 return pid;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
235 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
236 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
237 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
238
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
239 int
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
240 write_stores_nss (char **to_install, char **to_remove)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
241 {
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
242 struct passwd *usr_it = NULL;
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
243 uid_t my_uid = geteuid();
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
244
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
245 if (my_uid != 0)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
246 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
247 /* Running as a user */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
248 char *homedir = getenv ("HOME");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
249 pid_t childprocess = -1; /* Only one child for single user installation */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
250 int status = -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
251 if (!homedir)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
252 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
253 ERRORPRINTF ("Failed to find home directory\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
254 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
255
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
256 childprocess = start_procces_for_user (to_install, to_remove,
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
257 my_uid, getgid(), homedir);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
258
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
259 if (childprocess == -1)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
260 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
261 ERRORPRINTF ("Failed to start childprocess!\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
262 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
263 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
264
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
265 childprocess = waitpid (childprocess, &status, 0);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
266 if (childprocess == -1 || !WIFEXITED(status))
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
267 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
268 ERRORPRINTF ("Waitpid failed.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
269 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
270 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
271
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
272 return 0;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
273 }
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
274
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
275 setpwent();
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
276
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
277 while ((usr_it = getpwent ()) != NULL)
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
278 {
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
279 /* Skip obvious system accounts */
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
280 if (strcmp(usr_it->pw_shell, "/usr/sbin/nologin") == 0 ||
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
281 strcmp(usr_it->pw_shell, "/bin/false") == 0)
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
282 {
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
283 continue;
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
284 }
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
285 /* A check if the home directory starts with /home might be
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
286 appropiate */
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
287 start_procces_for_user (to_install,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
288 to_remove,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
289 usr_it->pw_uid,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
290 usr_it->pw_gid,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
291 usr_it->pw_dir);
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
292
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
293 }
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
294
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
295 endpwent();
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
296
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
297 waitpid (-1, NULL, 0);
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
298
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
299 DEBUGPRINTF ("NSS installation done\n");
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
300 return 0;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
301 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
302 #endif

http://wald.intevation.org/projects/trustbridge/