| version 1.98, 2022/12/22 19:53:22 |
version 1.99, 2024/02/15 18:57:58 |
|
|
| *lastr = rules[i]; |
*lastr = rules[i]; |
| } |
} |
| if (!*lastr) |
if (!*lastr) |
| |
return -1; |
| |
if ((*lastr)->action == PERMIT) |
| return 0; |
return 0; |
| return (*lastr)->action == PERMIT; |
return -1; |
| } |
} |
| |
|
| static void |
static void |
|
|
| uid_t uid, gid_t *groups, int ngroups, uid_t target) |
uid_t uid, gid_t *groups, int ngroups, uid_t target) |
| { |
{ |
| const struct rule *rule; |
const struct rule *rule; |
| |
int rv; |
| |
|
| setresuid(uid, uid, uid); |
setresuid(uid, uid, uid); |
| if (pledge("stdio rpath getpw", NULL) == -1) |
if (pledge("stdio rpath getpw", NULL) == -1) |
|
|
| parseconfig(confpath, 0); |
parseconfig(confpath, 0); |
| if (!argc) |
if (!argc) |
| exit(0); |
exit(0); |
| |
rv = permit(uid, groups, ngroups, &rule, target, argv[0], |
| if (permit(uid, groups, ngroups, &rule, target, argv[0], |
(const char **)argv + 1); |
| (const char **)argv + 1)) { |
if (rv == 0) { |
| printf("permit%s\n", (rule->options & NOPASS) ? " nopass" : ""); |
printf("permit%s\n", (rule->options & NOPASS) ? " nopass" : ""); |
| exit(0); |
exit(0); |
| } else { |
} else { |
|
|
| } |
} |
| |
|
| cmd = argv[0]; |
cmd = argv[0]; |
| if (!permit(uid, groups, ngroups, &rule, target, cmd, |
rv = permit(uid, groups, ngroups, &rule, target, cmd, |
| (const char **)argv + 1)) { |
(const char **)argv + 1); |
| |
if (rv != 0) { |
| syslog(LOG_AUTHPRIV | LOG_NOTICE, |
syslog(LOG_AUTHPRIV | LOG_NOTICE, |
| "command not permitted for %s: %s", mypw->pw_name, cmdline); |
"command not permitted for %s: %s", mypw->pw_name, cmdline); |
| errc(1, EPERM, NULL); |
errc(1, EPERM, NULL); |
![[BACK]](/icons/back.gif){kind=icon}
Return to doas.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / doas