trustbridge: common/util.c comparison

Check sudo group membership if user to determine if he can elevate privileges

author	Andre Heinecke <andre.heinecke@intevation.de>
date	Tue, 24 Jun 2014 18:10:10 +0200
parents	78959fd970b0
children	175370634226

comparison

equal deleted inserted replaced

-:be30d50bc4f0
+:c7a35fa302ec
 * and comes with ABSOLUTELY NO WARRANTY!
 * See LICENSE.txt for details.
 */
 #include "util.h"
 #include "logging.h"
+#include "strhelp.h"
 #ifndef _WIN32
 #include <unistd.h>
 #include <sys/types.h>
+#include <pwd.h>
+#include <grp.h>
+#include <string.h>
 #else
 #include <windows.h>
 #endif
 bool
 }
 bool is_admin()
 {
 #ifndef _WIN32
-/* TODO implement */
+struct passwd *current_user = getpwuid (geteuid());
+int ngroups = 0,
+ret = 0,
+i = 0;
+gid_t * groups = NULL;
+if (current_user == NULL)
+{
+ERRORPRINTF ("Failed to obtain user information.");
+return false;
+}
+ret = getgrouplist (current_user->pw_name, current_user->pw_gid, NULL,
+&ngroups);
+if (ret != -1 || ngroups <= 0)
+{
+ERRORPRINTF ("Unknown error in getgrouplist call");
+return false;
+}
+groups = xmalloc (((unsigned int)ngroups) * sizeof (gid_t));
+ret = getgrouplist (current_user->pw_name, current_user->pw_gid, groups,
+&ngroups);
+if (ret != ngroups)
+{
+ERRORPRINTF ("Group length mismatch.");
+xfree (groups);
+return false;
+}
+for (i = 0; i < ngroups; i++)
+{
+struct group *gr = getgrgid (groups[i]);
+if (gr == NULL)
+{
+ERRORPRINTF ("Error in group enumeration");
+xfree (groups);
+return false;
+}
+if (strcmp("sudo", gr->gr_name) == 0)
+{
+DEBUGPRINTF ("User is in sudo group \n");
+xfree (groups);
+return true;
+}
+}
+DEBUGPRINTF ("User is not in sudo group");
 return false;
 #else
 bool retval = false;
 BOOL in_admin_group = FALSE;
 HANDLE hToken = NULL;

Mercurial > trustbridge