Mercurial > trustbridge
annotate cinst/nssstore_linux.c @ 648:e41a2537b84d
Implement root installation
We now iterate over all users that do not obviously have their
login shell disabled and look for NSS directories in their home
directory, dropping our privileges to do so.
author | Andre Heinecke <andre.heinecke@intevation.de> |
---|---|
date | Wed, 25 Jun 2014 12:44:47 +0200 |
parents | 214bf504c54f |
children | 216a65d7fc4b |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 #ifndef WIN32 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 |
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
10 /* @file |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
11 @brief Linux implementation of nssstore process control. |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
12 */ |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
13 |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
14 #include <stdbool.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
15 #include <stdio.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 #include <unistd.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 #include <sys/types.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 #include <sys/wait.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 #include <string.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 #include <stdlib.h> |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
21 #include <limits.h> |
439
c88090a15ae4
Fix cinstprocesstest for new arguments. Handle errno on write errors
Andre Heinecke <aheinecke@intevation.de>
parents:
404
diff
changeset
|
22 #include <errno.h> |
648
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
23 #include <pwd.h> |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
25 #include "nssstore.h" |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
26 #include "logging.h" |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
27 #include "strhelp.h" |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
28 |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
29 #define NSS_PROCESS_NAME "mozilla" |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
30 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
31 /**@brief get the current path of the executable |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
32 * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
33 * Looks up the current executables directory. The caller |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
34 * has to free the return value. |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
35 * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
36 * The returned value includes the last / |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
37 * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
38 * @returns the absolute directory of the currently executed executable or NULL |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
39 */ |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
40 char * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
41 get_exe_dir() |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
42 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
43 char *retval = NULL, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
44 *p = NULL, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
45 buf[PATH_MAX]; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
46 ssize_t ret; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
47 size_t path_len = 0; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
48 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
49 ret = readlink ("/proc/self/exe", buf, PATH_MAX); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
50 if (ret <= 0) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
51 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
52 ERRORPRINTF ("readlink failed\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
53 return NULL; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
54 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
55 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
56 buf[ret] = '\0'; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
57 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
58 /* cut off the filename */ |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
59 p = strrchr (buf, '/'); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
60 if (p == NULL) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
61 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
62 ERRORPRINTF ("No filename found.\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
63 return NULL; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
64 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
65 *(p + 1) = '\0'; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
66 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
67 path_len = strlen (buf); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
68 retval = xmalloc (path_len + 1); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
69 strncpy (retval, buf, path_len); |
476
e8d761c2d2d1
Make sure that retval is terminated
Andre Heinecke <aheinecke@intevation.de>
parents:
439
diff
changeset
|
70 retval[path_len] = '\0'; |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
71 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
72 return retval; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
73 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
74 |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
75 /**@brief Start the process to install / remove |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
76 * |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
77 * This forks the process and executes the NSS installation |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
78 * process. It also writes the Instructions to that process. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
79 * |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
80 * @param [in] to_install strv of DER encoded certificates to be added. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
81 * @param [in] to_remove strv of DER encoded certificates to be remvoed. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
82 * @param [in] uid_t uid of the user to install certificates for. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
83 * @param [in] gid_t the gid of the user to install certificates for. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
84 * @param [in] homedir the homedir of the user. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
85 * |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
86 * @returns childs pid on success. -1 on failure |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
87 */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
88 static int |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
89 start_procces_for_user (char **to_install, char **to_remove, |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
90 uid_t uid, gid_t gid, char *homedir) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
91 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
92 int pipe_fd[2]; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
93 pid_t pid = 0; |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
94 char *argv[2] = {NULL, NULL}, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
95 *envp[2] = {NULL, NULL}, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
96 *inst_dir = NULL; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
97 size_t homedir_len = 0, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
98 exe_path_len = 0; |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
99 int ret = -1, |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
100 i = 0; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
101 FILE *stream = NULL; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
102 bool success = false; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
103 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
104 if (homedir == NULL) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
105 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
106 ERRORPRINTF ("Invalid call to start_process_for_user\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
107 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
108 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
109 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
110 homedir_len = strlen (homedir); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
111 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
112 /* Allocate space for HOME=homedir\0 */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
113 envp[0] = xmalloc (homedir_len + 6); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
114 envp[1] = NULL; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
115 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
116 ret = snprintf (envp[0], homedir_len + 6, "HOME=%s", homedir); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
117 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
118 if (ret < 0 || (size_t) ret != homedir_len + 5) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
119 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
120 ERRORPRINTF ("Error setting home env variable.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
121 xfree (envp[0]); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
122 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
123 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
124 |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
125 /* Set up the file name of the installer process */ |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
126 inst_dir = get_exe_dir(); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
127 if (inst_dir == NULL) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
128 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
129 ERRORPRINTF ("Failed to find installation directory.\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
130 xfree (envp[0]); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
131 return -1; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
132 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
133 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
134 exe_path_len = strlen(inst_dir) + strlen(NSS_PROCESS_NAME); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
135 argv[0] = xmalloc (exe_path_len + 1); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
136 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
137 ret = snprintf(argv[0], exe_path_len + 1, "%s%s", inst_dir, NSS_PROCESS_NAME); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
138 if (ret < 0 || (size_t) ret != exe_path_len) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
139 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
140 ERRORPRINTF ("Error setting executable variable.\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
141 xfree (argv[0]); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
142 return -1; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
143 } |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
144 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
145 if (pipe (pipe_fd)) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
146 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
147 ERRORPRINTF ("Failed to create pipe.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
148 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
149 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
150 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
151 pid = fork(); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
152 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
153 if (pid == (pid_t) -1) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
154 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
155 ERRORPRINTF ("Failed to fork child.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
156 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
157 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
158 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
159 if (pid == (pid_t) 0) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
160 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
161 /* Drop privileges */ |
648
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
162 if (setgid (gid) || setuid (uid)) |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
163 { |
648
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
164 syslog_error_printf("Failed to drop privileges: %s", strerror(errno)); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
165 exit(-1); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
166 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
167 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
168 close (pipe_fd[1]); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
169 dup2 (pipe_fd[0], 0); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
170 close (pipe_fd[0]); |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
171 execve (argv[0], argv, envp); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
172 exit (127); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
173 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
174 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
175 close (pipe_fd[0]); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
176 stream = fdopen(pipe_fd[1], "w"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
177 if (stream == NULL) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
178 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
179 ERRORPRINTF ("Failed to open pipe for writing\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
180 goto done; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
181 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
182 |
384
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
183 /* The NSS installer may exit on error before we are done |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
184 * telling it what to do. We want to handle that rather |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
185 * then die unexpectedly. */ |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
186 signal(SIGPIPE, SIG_IGN); |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
187 |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
188 /* Send the instructions */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
189 for (i = 0; to_install && to_install[i]; i++) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
190 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
191 if (fprintf (stream, "I:%s\n", to_install[i]) <= 3) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
192 { |
478
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
193 int err = errno; |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
194 ERRORPRINTF ("Write failed: %s \n", strerror(err)); |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
195 if (err == 32) |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
196 { |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
197 /* Broken pipe is expected if there are no NSS stores |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
198 to be found the process just exits. That's ok */ |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
199 success = true; |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
200 } |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
201 goto done; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
202 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
203 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
204 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
205 for (i = 0; to_remove && to_remove[i]; i++) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
206 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
207 if (fprintf (stream, "R:%s\n", to_remove[i]) <= 3) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
208 { |
478
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
209 int err = errno; |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
210 ERRORPRINTF ("Write failed: %s \n", strerror(err)); |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
211 if (err == 32) |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
212 { |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
213 /* Broken pipe is expected if there are no NSS stores |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
214 to be found the process just exits. That's ok */ |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
215 success = true; |
214bf504c54f
Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents:
476
diff
changeset
|
216 } |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
217 goto done; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
218 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
219 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
220 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
221 success = true; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
222 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
223 done: |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
224 if (stream) { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
225 fclose (stream); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
226 } |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
227 xfree (argv[0]); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
228 xfree (envp[0]); |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
229 close (pipe_fd[0]); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
230 close (pipe_fd[1]); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
231 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
232 if (success) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
233 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
234 return pid; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
235 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
236 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
237 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
238 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
239 int |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
240 write_stores_nss (char **to_install, char **to_remove) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
241 { |
648
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
242 struct passwd *usr_it = NULL; |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
243 uid_t my_uid = geteuid(); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
244 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
245 if (my_uid != 0) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
246 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
247 /* Running as a user */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
248 char *homedir = getenv ("HOME"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
249 pid_t childprocess = -1; /* Only one child for single user installation */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
250 int status = -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
251 if (!homedir) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
252 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
253 ERRORPRINTF ("Failed to find home directory\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
254 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
255 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
256 childprocess = start_procces_for_user (to_install, to_remove, |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
257 my_uid, getgid(), homedir); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
258 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
259 if (childprocess == -1) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
260 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
261 ERRORPRINTF ("Failed to start childprocess!\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
262 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
263 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
264 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
265 childprocess = waitpid (childprocess, &status, 0); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
266 if (childprocess == -1 || !WIFEXITED(status)) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
267 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
268 ERRORPRINTF ("Waitpid failed.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
269 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
270 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
271 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
272 return 0; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
273 } |
648
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
274 |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
275 setpwent(); |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
276 |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
277 while ((usr_it = getpwent ()) != NULL) |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
278 { |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
279 /* Skip obvious system accounts */ |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
280 if (strcmp(usr_it->pw_shell, "/usr/sbin/nologin") == 0 || |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
281 strcmp(usr_it->pw_shell, "/bin/false") == 0) |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
282 { |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
283 continue; |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
284 } |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
285 /* A check if the home directory starts with /home might be |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
286 appropiate */ |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
287 start_procces_for_user (to_install, |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
288 to_remove, |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
289 usr_it->pw_uid, |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
290 usr_it->pw_gid, |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
291 usr_it->pw_dir); |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
292 |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
293 } |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
294 |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
295 endpwent(); |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
296 |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
297 waitpid (-1, NULL, 0); |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
298 |
e41a2537b84d
Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents:
478
diff
changeset
|
299 DEBUGPRINTF ("NSS installation done\n"); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
300 return 0; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
301 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
302 #endif |