version 1.98, 2022/12/22 19:53:22 |
version 1.99, 2024/02/15 18:57:58 |
|
|
*lastr = rules[i]; |
*lastr = rules[i]; |
} |
} |
if (!*lastr) |
if (!*lastr) |
|
return -1; |
|
if ((*lastr)->action == PERMIT) |
return 0; |
return 0; |
return (*lastr)->action == PERMIT; |
return -1; |
} |
} |
|
|
static void |
static void |
|
|
uid_t uid, gid_t *groups, int ngroups, uid_t target) |
uid_t uid, gid_t *groups, int ngroups, uid_t target) |
{ |
{ |
const struct rule *rule; |
const struct rule *rule; |
|
int rv; |
|
|
setresuid(uid, uid, uid); |
setresuid(uid, uid, uid); |
if (pledge("stdio rpath getpw", NULL) == -1) |
if (pledge("stdio rpath getpw", NULL) == -1) |
|
|
parseconfig(confpath, 0); |
parseconfig(confpath, 0); |
if (!argc) |
if (!argc) |
exit(0); |
exit(0); |
|
rv = permit(uid, groups, ngroups, &rule, target, argv[0], |
if (permit(uid, groups, ngroups, &rule, target, argv[0], |
(const char **)argv + 1); |
(const char **)argv + 1)) { |
if (rv == 0) { |
printf("permit%s\n", (rule->options & NOPASS) ? " nopass" : ""); |
printf("permit%s\n", (rule->options & NOPASS) ? " nopass" : ""); |
exit(0); |
exit(0); |
} else { |
} else { |
|
|
} |
} |
|
|
cmd = argv[0]; |
cmd = argv[0]; |
if (!permit(uid, groups, ngroups, &rule, target, cmd, |
rv = permit(uid, groups, ngroups, &rule, target, cmd, |
(const char **)argv + 1)) { |
(const char **)argv + 1); |
|
if (rv != 0) { |
syslog(LOG_AUTHPRIV | LOG_NOTICE, |
syslog(LOG_AUTHPRIV | LOG_NOTICE, |
"command not permitted for %s: %s", mypw->pw_name, cmdline); |
"command not permitted for %s: %s", mypw->pw_name, cmdline); |
errc(1, EPERM, NULL); |
errc(1, EPERM, NULL); |