# HG changeset patch # User Andre Heinecke # Date 1403626210 -7200 # Node ID c7a35fa302ec64f2e52eac3e97694b4758769f9b # Parent be30d50bc4f06c51a368d244ea25afba6b633dc6 Check sudo group membership if user to determine if he can elevate privileges diff -r be30d50bc4f0 -r c7a35fa302ec common/util.c --- a/common/util.c Tue Jun 24 15:24:09 2014 +0200 +++ b/common/util.c Tue Jun 24 18:10:10 2014 +0200 @@ -7,10 +7,14 @@ */ #include "util.h" #include "logging.h" +#include "strhelp.h" #ifndef _WIN32 #include #include +#include +#include +#include #else #include #endif @@ -42,7 +46,58 @@ bool is_admin() { #ifndef _WIN32 - /* TODO implement */ + struct passwd *current_user = getpwuid (geteuid()); + int ngroups = 0, + ret = 0, + i = 0; + gid_t * groups = NULL; + + if (current_user == NULL) + { + ERRORPRINTF ("Failed to obtain user information."); + return false; + } + + ret = getgrouplist (current_user->pw_name, current_user->pw_gid, NULL, + &ngroups); + + if (ret != -1 || ngroups <= 0) + { + ERRORPRINTF ("Unknown error in getgrouplist call"); + return false; + } + + groups = xmalloc (((unsigned int)ngroups) * sizeof (gid_t)); + + ret = getgrouplist (current_user->pw_name, current_user->pw_gid, groups, + &ngroups); + + if (ret != ngroups) + { + ERRORPRINTF ("Group length mismatch."); + xfree (groups); + return false; + } + + for (i = 0; i < ngroups; i++) + { + struct group *gr = getgrgid (groups[i]); + if (gr == NULL) + { + ERRORPRINTF ("Error in group enumeration"); + xfree (groups); + return false; + } + if (strcmp("sudo", gr->gr_name) == 0) + { + DEBUGPRINTF ("User is in sudo group \n"); + xfree (groups); + return true; + } + } + + DEBUGPRINTF ("User is not in sudo group"); + return false; #else bool retval = false;