=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/sudo/Attic/set_perms.c,v retrieving revision 1.12 retrieving revision 1.13 diff -c -r1.12 -r1.13 *** src/usr.bin/sudo/Attic/set_perms.c 2007/12/03 15:09:47 1.12 --- src/usr.bin/sudo/Attic/set_perms.c 2008/11/14 11:58:08 1.13 *************** *** 1,5 **** /* ! * Copyright (c) 1994-1996,1998-2006 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above --- 1,5 ---- /* ! * Copyright (c) 1994-1996,1998-2008 Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above *************** *** 42,52 **** #ifdef HAVE_UNISTD_H # include #endif /* HAVE_UNISTD_H */ - #ifdef HAVE_ERR_H - # include - #else - # include "emul/err.h" - #endif /* HAVE_ERR_H */ #include #include #include --- 42,47 ---- *************** *** 57,63 **** #include "sudo.h" #ifndef lint ! __unused static const char rcsid[] = "$Sudo: set_perms.c,v 1.30.2.7 2007/11/27 23:41:23 millert Exp $"; #endif /* lint */ #ifdef __TANDEM --- 52,58 ---- #include "sudo.h" #ifndef lint ! __unused static const char rcsid[] = "$Sudo: set_perms.c,v 1.44 2008/03/06 17:19:56 millert Exp $"; #endif /* lint */ #ifdef __TANDEM *************** *** 86,98 **** set_perms(perm) int perm; { if (perm == current_perm) return; switch (perm) { case PERM_ROOT: ! if (setresuid(ROOT_UID, ROOT_UID, ROOT_UID)) ! errx(1, "setresuid(ROOT_UID, ROOT_UID, ROOT_UID) failed, your operating system may have a broken setresuid() function\nTry running configure with --disable-setresuid"); (void) setresgid(-1, user_gid, -1); if (current_perm == PERM_RUNAS) restore_groups(); --- 81,97 ---- set_perms(perm) int perm; { + const char *errstr; + if (perm == current_perm) return; switch (perm) { case PERM_ROOT: ! if (setresuid(ROOT_UID, ROOT_UID, ROOT_UID)) { ! errstr = "setresuid(ROOT_UID, ROOT_UID, ROOT_UID)"; ! goto bad; ! } (void) setresgid(-1, user_gid, -1); if (current_perm == PERM_RUNAS) restore_groups(); *************** *** 100,121 **** case PERM_USER: (void) setresgid(-1, user_gid, -1); ! if (setresuid(user_uid, user_uid, ROOT_UID)) ! err(1, "setresuid(user_uid, user_uid, ROOT_UID)"); break; case PERM_FULL_USER: /* headed for exec() */ (void) setgid(user_gid); ! if (setresuid(user_uid, user_uid, user_uid)) ! err(1, "setresuid(user_uid, user_uid, user_uid)"); break; case PERM_RUNAS: runas_setgroups(); ! (void) setresgid(-1, runas_pw->pw_gid, -1); ! if (setresuid(-1, runas_pw->pw_uid, -1)) ! err(1, "unable to change to runas uid"); break; case PERM_FULL_RUNAS: --- 99,128 ---- case PERM_USER: (void) setresgid(-1, user_gid, -1); ! if (setresuid(user_uid, user_uid, ROOT_UID)) { ! errstr = "setresuid(user_uid, user_uid, ROOT_UID)"; ! goto bad; ! } break; case PERM_FULL_USER: /* headed for exec() */ (void) setgid(user_gid); ! if (setresuid(user_uid, user_uid, user_uid)) { ! errstr = "setresuid(user_uid, user_uid, user_uid)"; ! goto bad; ! } break; case PERM_RUNAS: runas_setgroups(); ! (void) setresgid(-1, runas_gr ? ! runas_gr->gr_gid : runas_pw->pw_gid, -1); ! if (setresuid(-1, runas_pw ? runas_pw->pw_uid : ! user_uid, -1)) { ! errstr = "unable to change to runas uid"; ! goto bad; ! } break; case PERM_FULL_RUNAS: *************** *** 123,136 **** runas_setup(); if (setresuid(def_stay_setuid ? user_uid : runas_pw->pw_uid, ! runas_pw->pw_uid, runas_pw->pw_uid)) ! err(1, "unable to change to runas uid"); break; case PERM_SUDOERS: /* assume euid == ROOT_UID, ruid == user */ if (setresgid(-1, SUDOERS_GID, -1)) ! err(1, "unable to change to sudoers gid"); /* * If SUDOERS_UID == ROOT_UID and SUDOERS_MODE --- 130,145 ---- runas_setup(); if (setresuid(def_stay_setuid ? user_uid : runas_pw->pw_uid, ! runas_pw->pw_uid, runas_pw->pw_uid)) { ! errstr = "unable to change to runas uid"; ! goto bad; ! } break; case PERM_SUDOERS: /* assume euid == ROOT_UID, ruid == user */ if (setresgid(-1, SUDOERS_GID, -1)) ! error(1, "unable to change to sudoers gid"); /* * If SUDOERS_UID == ROOT_UID and SUDOERS_MODE *************** *** 140,159 **** * work on all OS's. */ if (SUDOERS_UID == ROOT_UID) { ! if ((SUDOERS_MODE & 040) && setresuid(ROOT_UID, 1, ROOT_UID)) ! err(1, "setresuid(ROOT_UID, 1, ROOT_UID)"); } else { ! if (setresuid(ROOT_UID, SUDOERS_UID, ROOT_UID)) ! err(1, "setresuid(ROOT_UID, SUDOERS_UID, ROOT_UID)"); } break; case PERM_TIMESTAMP: ! if (setresuid(ROOT_UID, timestamp_uid, ROOT_UID)) ! err(1, "setresuid(ROOT_UID, timestamp_uid, ROOT_UID)"); break; } current_perm = perm; } #else --- 149,178 ---- * work on all OS's. */ if (SUDOERS_UID == ROOT_UID) { ! if ((SUDOERS_MODE & 040) && setresuid(ROOT_UID, 1, ROOT_UID)) { ! errstr = "setresuid(ROOT_UID, 1, ROOT_UID)"; ! goto bad; ! } } else { ! if (setresuid(ROOT_UID, SUDOERS_UID, ROOT_UID)) { ! errstr = "setresuid(ROOT_UID, SUDOERS_UID, ROOT_UID)"; ! goto bad; ! } } break; case PERM_TIMESTAMP: ! if (setresuid(ROOT_UID, timestamp_uid, ROOT_UID)) { ! errstr = "setresuid(ROOT_UID, timestamp_uid, ROOT_UID)"; ! goto bad; ! } break; } current_perm = perm; + return; + bad: + errorx(1, "%s: %s", errstr, + errno == EAGAIN ? "too many processes" : strerror(errno)); } #else *************** *** 169,183 **** set_perms(perm) int perm; { if (perm == current_perm) return; switch (perm) { case PERM_ROOT: ! if (setreuid(-1, ROOT_UID)) ! errx(1, "setreuid(-1, ROOT_UID) failed, your operating system may have a broken setreuid() function\nTry running configure with --disable-setreuid"); ! if (setuid(ROOT_UID)) ! err(1, "setuid(ROOT_UID)"); (void) setregid(-1, user_gid); if (current_perm == PERM_RUNAS) restore_groups(); --- 188,208 ---- set_perms(perm) int perm; { + const char *errstr; + if (perm == current_perm) return; switch (perm) { case PERM_ROOT: ! if (setreuid(-1, ROOT_UID)) { ! errstr = "setreuid(-1, ROOT_UID)"; ! goto bad; ! } ! if (setuid(ROOT_UID)) { ! errstr = "setuid(ROOT_UID)"; ! goto bad; ! } (void) setregid(-1, user_gid); if (current_perm == PERM_RUNAS) restore_groups(); *************** *** 185,220 **** case PERM_USER: (void) setregid(-1, user_gid); ! if (setreuid(ROOT_UID, user_uid)) ! err(1, "setreuid(ROOT_UID, user_uid)"); break; case PERM_FULL_USER: /* headed for exec() */ (void) setgid(user_gid); ! if (setreuid(user_uid, user_uid)) ! err(1, "setreuid(user_uid, user_uid)"); break; case PERM_RUNAS: runas_setgroups(); ! (void) setregid(-1, runas_pw->pw_gid); ! if (setreuid(-1, runas_pw->pw_uid)) ! err(1, "unable to change to runas uid"); break; case PERM_FULL_RUNAS: /* headed for exec(), assume euid == ROOT_UID */ runas_setup(); if (setreuid(def_stay_setuid ? user_uid : ! runas_pw->pw_uid, runas_pw->pw_uid)) ! err(1, "unable to change to runas uid"); break; case PERM_SUDOERS: /* assume euid == ROOT_UID, ruid == user */ if (setregid(-1, SUDOERS_GID)) ! err(1, "unable to change to sudoers gid"); /* * If SUDOERS_UID == ROOT_UID and SUDOERS_MODE --- 210,255 ---- case PERM_USER: (void) setregid(-1, user_gid); ! if (setreuid(ROOT_UID, user_uid)) { ! errstr = "setreuid(ROOT_UID, user_uid)"; ! goto bad; ! } break; case PERM_FULL_USER: /* headed for exec() */ (void) setgid(user_gid); ! if (setreuid(user_uid, user_uid)) { ! errstr = "setreuid(user_uid, user_uid)"; ! goto bad; ! } break; case PERM_RUNAS: runas_setgroups(); ! (void) setregid(-1, runas_gr ? ! runas_gr->gr_gid : runas_pw->pw_gid); ! if (setreuid(-1, ! runas_pw ? runas_pw->pw_uid : user_uid)) { ! errstr = "unable to change to runas uid"; ! goto bad; ! } break; case PERM_FULL_RUNAS: /* headed for exec(), assume euid == ROOT_UID */ runas_setup(); if (setreuid(def_stay_setuid ? user_uid : ! runas_pw->pw_uid, runas_pw->pw_uid)) { ! errstr = "unable to change to runas uid"; ! goto bad; ! } break; case PERM_SUDOERS: /* assume euid == ROOT_UID, ruid == user */ if (setregid(-1, SUDOERS_GID)) ! error(1, "unable to change to sudoers gid"); /* * If SUDOERS_UID == ROOT_UID and SUDOERS_MODE *************** *** 224,243 **** * work on all OS's. */ if (SUDOERS_UID == ROOT_UID) { ! if ((SUDOERS_MODE & 040) && setreuid(ROOT_UID, 1)) ! err(1, "setreuid(ROOT_UID, 1)"); } else { ! if (setreuid(ROOT_UID, SUDOERS_UID)) ! err(1, "setreuid(ROOT_UID, SUDOERS_UID)"); } break; case PERM_TIMESTAMP: ! if (setreuid(ROOT_UID, timestamp_uid)) ! err(1, "setreuid(ROOT_UID, timestamp_uid)"); break; } current_perm = perm; } # else /* !HAVE_SETRESUID && !HAVE_SETREUID */ --- 259,288 ---- * work on all OS's. */ if (SUDOERS_UID == ROOT_UID) { ! if ((SUDOERS_MODE & 040) && setreuid(ROOT_UID, 1)) { ! errstr = "setreuid(ROOT_UID, 1)"; ! goto bad; ! } } else { ! if (setreuid(ROOT_UID, SUDOERS_UID)) { ! errstr = "setreuid(ROOT_UID, SUDOERS_UID)"; ! goto bad; ! } } break; case PERM_TIMESTAMP: ! if (setreuid(ROOT_UID, timestamp_uid)) { ! errstr = "setreuid(ROOT_UID, timestamp_uid)"; ! goto bad; ! } break; } current_perm = perm; + return; + bad: + errorx(1, "%s: %s", errstr, + errno == EAGAIN ? "too many processes" : strerror(errno)); } # else /* !HAVE_SETRESUID && !HAVE_SETREUID */ *************** *** 251,256 **** --- 296,303 ---- set_perms(perm) int perm; { + const char *errstr; + if (perm == current_perm) return; *************** *** 259,268 **** * for these calls differ on various systems, we set * real and effective uids to ROOT_UID initially to be safe. */ ! if (seteuid(ROOT_UID)) ! err(1, "seteuid(ROOT_UID)"); ! if (setuid(ROOT_UID)) ! err(1, "setuid(ROOT_UID)"); switch (perm) { case PERM_ROOT: --- 306,319 ---- * for these calls differ on various systems, we set * real and effective uids to ROOT_UID initially to be safe. */ ! if (seteuid(ROOT_UID)) { ! errstr = "seteuid(ROOT_UID)"; ! goto bad; ! } ! if (setuid(ROOT_UID)) { ! errstr = "setuid(ROOT_UID)"; ! goto bad; ! } switch (perm) { case PERM_ROOT: *************** *** 274,307 **** case PERM_USER: (void) setegid(user_gid); ! if (seteuid(user_uid)) ! err(1, "seteuid(user_uid)"); break; case PERM_FULL_USER: /* headed for exec() */ (void) setgid(user_gid); ! if (setuid(user_uid)) ! err(1, "setuid(user_uid)"); break; case PERM_RUNAS: runas_setgroups(); ! (void) setegid(runas_pw->pw_gid); ! if (seteuid(runas_pw->pw_uid)) ! err(1, "unable to change to runas uid"); break; case PERM_FULL_RUNAS: /* headed for exec() */ runas_setup(); ! if (setuid(runas_pw->pw_uid)) ! err(1, "unable to change to runas uid"); break; case PERM_SUDOERS: if (setegid(SUDOERS_GID)) ! err(1, "unable to change to sudoers gid"); /* * If SUDOERS_UID == ROOT_UID and SUDOERS_MODE --- 325,367 ---- case PERM_USER: (void) setegid(user_gid); ! if (seteuid(user_uid)) { ! errstr = "seteuid(user_uid)"; ! goto bad; ! } break; case PERM_FULL_USER: /* headed for exec() */ (void) setgid(user_gid); ! if (setuid(user_uid)) { ! errstr = "setuid(user_uid)"; ! goto bad; ! } break; case PERM_RUNAS: runas_setgroups(); ! (void) setegid(runas_gr ? ! runas_gr->gr_gid : runas_pw->pw_gid); ! if (seteuid(runas_pw ? runas_pw->pw_uid : user_uid)) { ! errstr = "unable to change to runas uid"; ! goto bad; ! } break; case PERM_FULL_RUNAS: /* headed for exec() */ runas_setup(); ! if (setuid(runas_pw->pw_uid)) { ! errstr = "unable to change to runas uid"; ! goto bad; ! } break; case PERM_SUDOERS: if (setegid(SUDOERS_GID)) ! error(1, "unable to change to sudoers gid"); /* * If SUDOERS_UID == ROOT_UID and SUDOERS_MODE *************** *** 311,330 **** * work on all OS's. */ if (SUDOERS_UID == ROOT_UID) { ! if ((SUDOERS_MODE & 040) && seteuid(1)) ! err(1, "seteuid(1)"); } else { ! if (seteuid(SUDOERS_UID)) ! err(1, "seteuid(SUDOERS_UID)"); } break; case PERM_TIMESTAMP: ! if (seteuid(timestamp_uid)) ! err(1, "seteuid(timestamp_uid)"); break; } current_perm = perm; } # else /* !HAVE_SETRESUID && !HAVE_SETREUID && !HAVE_SETEUID */ --- 371,400 ---- * work on all OS's. */ if (SUDOERS_UID == ROOT_UID) { ! if ((SUDOERS_MODE & 040) && seteuid(1)) { ! errstr = "seteuid(1)"; ! goto bad; ! } } else { ! if (seteuid(SUDOERS_UID)) { ! errstr = "seteuid(SUDOERS_UID)"; ! goto bad; ! } } break; case PERM_TIMESTAMP: ! if (seteuid(timestamp_uid)) { ! errstr = "seteuid(timestamp_uid)"; ! goto bad; ! } break; } current_perm = perm; + return; + bad: + errorx(1, "%s: %s", errstr, + errno == EAGAIN ? "too many processes" : strerror(errno)); } # else /* !HAVE_SETRESUID && !HAVE_SETREUID && !HAVE_SETEUID */ *************** *** 338,364 **** set_perms(perm) int perm; { if (perm == current_perm) return; switch (perm) { case PERM_ROOT: ! if (setuid(ROOT_UID)) ! err(1, "setuid(ROOT_UID)"); if (current_perm == PERM_RUNAS) restore_groups(); break; case PERM_FULL_USER: (void) setgid(user_gid); ! if (setuid(user_uid)) ! err(1, "setuid(user_uid)"); break; case PERM_FULL_RUNAS: runas_setup(); ! if (setuid(runas_pw->pw_uid)) ! err(1, "unable to change to runas uid"); break; case PERM_USER: --- 408,442 ---- set_perms(perm) int perm; { + const char *errstr; + if (perm == current_perm) return; switch (perm) { case PERM_ROOT: ! if (setuid(ROOT_UID)) { ! errstr = "setuid(ROOT_UID)"; ! goto bad; ! } if (current_perm == PERM_RUNAS) restore_groups(); break; case PERM_FULL_USER: (void) setgid(user_gid); ! if (setuid(user_uid)) { ! errstr = "setuid(user_uid)"; ! goto bad; ! } break; case PERM_FULL_RUNAS: runas_setup(); ! if (setuid(runas_pw->pw_uid)) { ! errstr = "unable to change to runas uid"; ! goto bad; ! } break; case PERM_USER: *************** *** 370,375 **** --- 448,457 ---- } current_perm = perm; + return; + bad: + errorx(1, "%s: %s", errstr, + errno == EAGAIN ? "too many processes" : strerror(errno)); } # endif /* HAVE_SETEUID */ # endif /* HAVE_SETREUID */ *************** *** 430,441 **** --- 512,528 ---- static void runas_setup() { + gid_t gid; #ifdef HAVE_LOGIN_CAP_H int flags; extern login_cap_t *lc; #endif if (runas_pw->pw_name != NULL) { + gid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid; + #ifdef HAVE_GETUSERATTR + aix_setlimits(runas_pw->pw_name); + #endif #ifdef HAVE_PAM pam_prep_user(runas_pw); #endif /* HAVE_PAM */ *************** *** 448,467 **** flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY; if (!def_preserve_groups) SET(flags, LOGIN_SETGROUP); ! else if (setgid(runas_pw->pw_gid)) ! warn("cannot set gid to runas gid"); if (setusercontext(lc, runas_pw, runas_pw->pw_uid, flags)) { if (runas_pw->pw_uid != ROOT_UID) ! err(1, "unable to set user context"); else ! warn("unable to set user context"); } } #endif /* HAVE_LOGIN_CAP_H */ ! if (setgid(runas_pw->pw_gid)) ! warn("cannot set gid to runas gid"); /* ! * Initialize group vector unless asked not to. */ runas_setgroups(); } --- 535,554 ---- flags = LOGIN_SETRESOURCES|LOGIN_SETPRIORITY; if (!def_preserve_groups) SET(flags, LOGIN_SETGROUP); ! else if (setgid(gid)) ! warning("cannot set gid to runas gid"); if (setusercontext(lc, runas_pw, runas_pw->pw_uid, flags)) { if (runas_pw->pw_uid != ROOT_UID) ! error(1, "unable to set user context"); else ! warning("unable to set user context"); } } #endif /* HAVE_LOGIN_CAP_H */ ! if (setgid(gid)) ! warning("cannot set gid to runas gid"); /* ! * Initialize group vector */ runas_setgroups(); }