annotate cinst/nssstore_linux.c @ 648:e41a2537b84d

Implement root installation We now iterate over all users that do not obviously have their login shell disabled and look for NSS directories in their home directory, dropping our privileges to do so.
author Andre Heinecke <andre.heinecke@intevation.de>
date Wed, 25 Jun 2014 12:44:47 +0200
parents 214bf504c54f
children 216a65d7fc4b
rev   line source
404
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
2 * Software engineering by Intevation GmbH
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
3 *
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
4 * This file is Free Software under the GNU GPL (v>=2)
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
5 * and comes with ABSOLUTELY NO WARRANTY!
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
6 * See LICENSE.txt for details.
17e1c8f37d72 Add License
Andre Heinecke <aheinecke@intevation.de>
parents: 384
diff changeset
7 */
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
8 #ifndef WIN32
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
9
321
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
10 /* @file
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
11 @brief Linux implementation of nssstore process control.
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
12 */
824ef90a6721 Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents: 305
diff changeset
13
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
14 #include <stdbool.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
15 #include <stdio.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
16 #include <unistd.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
17 #include <sys/types.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
18 #include <sys/wait.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
19 #include <string.h>
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
20 #include <stdlib.h>
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
21 #include <limits.h>
439
c88090a15ae4 Fix cinstprocesstest for new arguments. Handle errno on write errors
Andre Heinecke <aheinecke@intevation.de>
parents: 404
diff changeset
22 #include <errno.h>
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
23 #include <pwd.h>
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
24
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
25 #include "nssstore.h"
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
26 #include "logging.h"
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
27 #include "strhelp.h"
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
28
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
29 #define NSS_PROCESS_NAME "mozilla"
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
30
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
31 /**@brief get the current path of the executable
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
32 *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
33 * Looks up the current executables directory. The caller
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
34 * has to free the return value.
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
35 *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
36 * The returned value includes the last /
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
37 *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
38 * @returns the absolute directory of the currently executed executable or NULL
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
39 */
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
40 char *
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
41 get_exe_dir()
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
42 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
43 char *retval = NULL,
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
44 *p = NULL,
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
45 buf[PATH_MAX];
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
46 ssize_t ret;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
47 size_t path_len = 0;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
48
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
49 ret = readlink ("/proc/self/exe", buf, PATH_MAX);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
50 if (ret <= 0)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
51 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
52 ERRORPRINTF ("readlink failed\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
53 return NULL;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
54 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
55
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
56 buf[ret] = '\0';
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
57
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
58 /* cut off the filename */
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
59 p = strrchr (buf, '/');
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
60 if (p == NULL)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
61 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
62 ERRORPRINTF ("No filename found.\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
63 return NULL;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
64 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
65 *(p + 1) = '\0';
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
66
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
67 path_len = strlen (buf);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
68 retval = xmalloc (path_len + 1);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
69 strncpy (retval, buf, path_len);
476
e8d761c2d2d1 Make sure that retval is terminated
Andre Heinecke <aheinecke@intevation.de>
parents: 439
diff changeset
70 retval[path_len] = '\0';
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
71
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
72 return retval;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
73 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
74
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
75 /**@brief Start the process to install / remove
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
76 *
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
77 * This forks the process and executes the NSS installation
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
78 * process. It also writes the Instructions to that process.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
79 *
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
80 * @param [in] to_install strv of DER encoded certificates to be added.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
81 * @param [in] to_remove strv of DER encoded certificates to be remvoed.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
82 * @param [in] uid_t uid of the user to install certificates for.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
83 * @param [in] gid_t the gid of the user to install certificates for.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
84 * @param [in] homedir the homedir of the user.
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
85 *
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
86 * @returns childs pid on success. -1 on failure
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
87 */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
88 static int
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
89 start_procces_for_user (char **to_install, char **to_remove,
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
90 uid_t uid, gid_t gid, char *homedir)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
91 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
92 int pipe_fd[2];
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
93 pid_t pid = 0;
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
94 char *argv[2] = {NULL, NULL},
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
95 *envp[2] = {NULL, NULL},
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
96 *inst_dir = NULL;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
97 size_t homedir_len = 0,
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
98 exe_path_len = 0;
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
99 int ret = -1,
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
100 i = 0;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
101 FILE *stream = NULL;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
102 bool success = false;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
103
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
104 if (homedir == NULL)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
105 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
106 ERRORPRINTF ("Invalid call to start_process_for_user\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
107 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
108 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
109
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
110 homedir_len = strlen (homedir);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
111
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
112 /* Allocate space for HOME=homedir\0 */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
113 envp[0] = xmalloc (homedir_len + 6);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
114 envp[1] = NULL;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
115
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
116 ret = snprintf (envp[0], homedir_len + 6, "HOME=%s", homedir);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
117
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
118 if (ret < 0 || (size_t) ret != homedir_len + 5)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
119 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
120 ERRORPRINTF ("Error setting home env variable.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
121 xfree (envp[0]);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
122 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
123 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
124
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
125 /* Set up the file name of the installer process */
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
126 inst_dir = get_exe_dir();
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
127 if (inst_dir == NULL)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
128 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
129 ERRORPRINTF ("Failed to find installation directory.\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
130 xfree (envp[0]);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
131 return -1;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
132 }
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
133
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
134 exe_path_len = strlen(inst_dir) + strlen(NSS_PROCESS_NAME);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
135 argv[0] = xmalloc (exe_path_len + 1);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
136
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
137 ret = snprintf(argv[0], exe_path_len + 1, "%s%s", inst_dir, NSS_PROCESS_NAME);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
138 if (ret < 0 || (size_t) ret != exe_path_len)
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
139 {
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
140 ERRORPRINTF ("Error setting executable variable.\n");
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
141 xfree (argv[0]);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
142 return -1;
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
143 }
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
144
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
145 if (pipe (pipe_fd))
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
146 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
147 ERRORPRINTF ("Failed to create pipe.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
148 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
149 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
150
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
151 pid = fork();
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
152
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
153 if (pid == (pid_t) -1)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
154 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
155 ERRORPRINTF ("Failed to fork child.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
156 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
157 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
158
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
159 if (pid == (pid_t) 0)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
160 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
161 /* Drop privileges */
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
162 if (setgid (gid) || setuid (uid))
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
163 {
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
164 syslog_error_printf("Failed to drop privileges: %s", strerror(errno));
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
165 exit(-1);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
166 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
167
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
168 close (pipe_fd[1]);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
169 dup2 (pipe_fd[0], 0);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
170 close (pipe_fd[0]);
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
171 execve (argv[0], argv, envp);
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
172 exit (127);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
173 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
174
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
175 close (pipe_fd[0]);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
176 stream = fdopen(pipe_fd[1], "w");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
177 if (stream == NULL)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
178 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
179 ERRORPRINTF ("Failed to open pipe for writing\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
180 goto done;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
181 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
182
384
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
183 /* The NSS installer may exit on error before we are done
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
184 * telling it what to do. We want to handle that rather
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
185 * then die unexpectedly. */
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
186 signal(SIGPIPE, SIG_IGN);
638db75f0fdf Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents: 383
diff changeset
187
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
188 /* Send the instructions */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
189 for (i = 0; to_install && to_install[i]; i++)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
190 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
191 if (fprintf (stream, "I:%s\n", to_install[i]) <= 3)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
192 {
478
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
193 int err = errno;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
194 ERRORPRINTF ("Write failed: %s \n", strerror(err));
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
195 if (err == 32)
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
196 {
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
197 /* Broken pipe is expected if there are no NSS stores
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
198 to be found the process just exits. That's ok */
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
199 success = true;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
200 }
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
201 goto done;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
202 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
203 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
204
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
205 for (i = 0; to_remove && to_remove[i]; i++)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
206 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
207 if (fprintf (stream, "R:%s\n", to_remove[i]) <= 3)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
208 {
478
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
209 int err = errno;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
210 ERRORPRINTF ("Write failed: %s \n", strerror(err));
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
211 if (err == 32)
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
212 {
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
213 /* Broken pipe is expected if there are no NSS stores
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
214 to be found the process just exits. That's ok */
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
215 success = true;
214bf504c54f Handle broken pipe as it is expected behavior
Andre Heinecke <aheinecke@intevation.de>
parents: 476
diff changeset
216 }
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
217 goto done;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
218 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
219 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
220
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
221 success = true;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
222
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
223 done:
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
224 if (stream) {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
225 fclose (stream);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
226 }
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
227 xfree (argv[0]);
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
228 xfree (envp[0]);
383
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
229 close (pipe_fd[0]);
5eb7ee4ee819 Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents: 321
diff changeset
230 close (pipe_fd[1]);
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
231
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
232 if (success)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
233 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
234 return pid;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
235 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
236 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
237 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
238
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
239 int
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
240 write_stores_nss (char **to_install, char **to_remove)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
241 {
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
242 struct passwd *usr_it = NULL;
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
243 uid_t my_uid = geteuid();
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
244
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
245 if (my_uid != 0)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
246 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
247 /* Running as a user */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
248 char *homedir = getenv ("HOME");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
249 pid_t childprocess = -1; /* Only one child for single user installation */
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
250 int status = -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
251 if (!homedir)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
252 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
253 ERRORPRINTF ("Failed to find home directory\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
254 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
255
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
256 childprocess = start_procces_for_user (to_install, to_remove,
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
257 my_uid, getgid(), homedir);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
258
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
259 if (childprocess == -1)
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
260 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
261 ERRORPRINTF ("Failed to start childprocess!\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
262 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
263 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
264
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
265 childprocess = waitpid (childprocess, &status, 0);
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
266 if (childprocess == -1 || !WIFEXITED(status))
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
267 {
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
268 ERRORPRINTF ("Waitpid failed.\n");
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
269 return -1;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
270 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
271
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
272 return 0;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
273 }
648
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
274
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
275 setpwent();
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
276
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
277 while ((usr_it = getpwent ()) != NULL)
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
278 {
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
279 /* Skip obvious system accounts */
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
280 if (strcmp(usr_it->pw_shell, "/usr/sbin/nologin") == 0 ||
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
281 strcmp(usr_it->pw_shell, "/bin/false") == 0)
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
282 {
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
283 continue;
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
284 }
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
285 /* A check if the home directory starts with /home might be
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
286 appropiate */
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
287 start_procces_for_user (to_install,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
288 to_remove,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
289 usr_it->pw_uid,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
290 usr_it->pw_gid,
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
291 usr_it->pw_dir);
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
292
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
293 }
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
294
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
295 endpwent();
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
296
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
297 waitpid (-1, NULL, 0);
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
298
e41a2537b84d Implement root installation
Andre Heinecke <andre.heinecke@intevation.de>
parents: 478
diff changeset
299 DEBUGPRINTF ("NSS installation done\n");
302
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
300 return 0;
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
301 }
fac7e1b0e558 Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff changeset
302 #endif

http://wald.intevation.org/projects/trustbridge/