本文整理汇总了C++中setresgid函数的典型用法代码示例。如果您正苦于以下问题:C++ setresgid函数的具体用法?C++ setresgid怎么用?C++ setresgid使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了setresgid函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: relinquish_special_privs_perm
void
relinquish_special_privs_perm(void)
{
/*
* If we were started with special privileges, set the
* real and effective group and user IDs to the original
* values of the real and effective group and user IDs.
* If we're not, don't bother - doing so seems to mung
* our group set, at least in OS X 10.5.
*
* (Set the effective UID last - that takes away our
* rights to set anything else.)
*/
if (started_with_special_privs()) {
#ifdef HAVE_SETRESGID
if (setresgid(rgid, rgid, rgid) == -1) {setxid_fail("setresgid");}
#else
if (setgid(rgid) == -1) {setxid_fail("setgid"); }
if (setegid(rgid) == -1) {setxid_fail("setegid");}
#endif
#ifdef HAVE_SETRESUID
if (setresuid(ruid, ruid, ruid) == -1) {setxid_fail("setresuid");}
#else
if (setuid(ruid) == -1) {setxid_fail("setuid"); }
if (seteuid(ruid) == -1) {setxid_fail("seteuid");}
#endif
}
}示例2: ed_change_user
/**
* This functions changes from the superuser (root) to the user
* specified in 'username'. Effectively dropping the priviledges
* that this application have.
*/
static int ed_change_user(char const *username) {
struct passwd *pw;
gid_t gid;
uid_t uid;
pw = getpwnam(username);
if (pw == NULL) {
ed_log_error("cannot find user '%s' to switch to", progname, username);
return ED_ERROR;
}
gid = pw->pw_gid;
uid = pw->pw_uid;
if (setgroups(1, &gid) != 0) {
ed_log_error("setgroups failed");
return ED_ERROR;
}
if (setresgid(gid, gid, gid) != 0) {
ed_log_error("%s: setting group id to user '%s' failed: %s\n",
progname, username, strerror(errno));
return ED_ERROR;
}
if (setresuid(uid, uid, uid) != 0) {
ed_log_error("%s: setting user id to user '%s' failed: %s\n",
progname, username, strerror(errno));
return ED_ERROR;
}
return ED_OK;
}示例3: drop_privileges
static void
drop_privileges(struct passwd *pw)
{
int pair[2] = { -1, -1 };
if (geteuid())
fatalx("in order to drop privileges you need to have them!");
if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pair) == -1)
fatal("socketpair(2)");
switch ((privileged_pid = fork())) {
case -1:
fatal("forking unprivileged process");
/* NOTREACHED */
case 0:
privsep_init(pair[0], pair[1]);
setproctitle("[priv]");
exit(privileged_main());
/* NOTREACHED */
}
privsep_init(pair[1], pair[0]);
setproctitle("dhcp engine");
if (chroot(CHROOT_PATH) == -1)
fatal("chroot(" CHROOT_PATH ") failed");
if (chdir("/") == -1)
fatal("chdir inside chroot failed");
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
fatal("can't drop privileges to " UNPRIVILEGED_USER);
}示例4: SetGidUid
static void
SetGidUid ( unsigned short rgid, unsigned short ruid )
{
/* fix process gid */
#if defined(SVR4) || defined(_AIX)
setgid(rgid);
#elif defined(__osf__) || defined(linux) || defined(CSRG_BASED)
if(-1 == setregid(rgid, rgid)) {
fprintf(stderr, "SetGidUid: setregid failed on %d\n", rgid);
}
#elif defined(__hpux)
setresgid(rgid, rgid, rgid);
#else
setregid(rgid, rgid, rgid);
#endif
/* fix process uid */
#if defined (SVR4) || defined (_AIX)
setuid(ruid);
#elif defined(__osf__) || defined(linux) || defined(CSRG_BASED)
if(-1 == setreuid(ruid, ruid)) {
fprintf(stderr, "SetGidUid: setreuid failed on %d\n", ruid);
}
#elif defined(__hpux)
setresuid(ruid, ruid, ruid);
#else
setreuid(ruid, ruid, ruid);
#endif
}示例5: drop_privs
int
drop_privs(void)
{
struct passwd *pw;
pw = getpwnam(NOPRIV_USER);
if (pw == NULL)
return (0);
tzset();
#ifdef __NetBSD__
if (chroot(CHROOT_DIR) != 0 || chdir("/") != 0 ||
setgroups(1, &pw->pw_gid) != 0 ||
setgid(pw->pw_gid) != 0 ||
setuid(pw->pw_uid) != 0)
return (0);
#else
if (chroot(CHROOT_DIR) != 0 || chdir("/") != 0 ||
setgroups(1, &pw->pw_gid) != 0 ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0 ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0)
return (0);
#endif /* !__NetBSD__ */
return (1);
}示例6: allow
static void allow(char *shell, mode_t mask)
{
struct su_initiator *from = &su_from;
struct su_request *to = &su_to;
char *exe = NULL;
umask(mask);
send_intent(&su_from, &su_to, "", 1, 1);
if (!strcmp(shell, "")) {
strcpy(shell , "/system/bin/sh");
}
exe = strrchr (shell, '/') + 1;
setresgid(to->uid, to->uid, to->uid);
setresuid(to->uid, to->uid, to->uid);
LOGD("%u %s executing %u %s using shell %s : %s", from->uid, from->bin,
to->uid, to->command, shell, exe);
if (strcmp(to->command, DEFAULT_COMMAND)) {
execl(shell, exe, "-c", to->command, (char*)NULL);
} else {
execl(shell, exe, "-", (char*)NULL);
}
PLOGE("exec");
exit(EXIT_SUCCESS);
}示例7: chown_cgroup_wrapper
static int chown_cgroup_wrapper(void *data)
{
struct chown_data *arg = data;
char **slist = subsystems;
int i, ret = -1;
uid_t destuid;
if (setresgid(0,0,0) < 0)
SYSERROR("Failed to setgid to 0");
if (setresuid(0,0,0) < 0)
SYSERROR("Failed to setuid to 0");
if (setgroups(0, NULL) < 0)
SYSERROR("Failed to clear groups");
cgm_dbus_disconnect();
if (!cgm_dbus_connect()) {
ERROR("Error connecting to cgroup manager");
return -1;
}
destuid = get_ns_uid(arg->origuid);
if (cgm_supports_multiple_controllers)
slist = subsystems_inone;
for (i = 0; slist[i]; i++) {
if (do_chown_cgroup(slist[i], arg->cgroup_path, destuid) < 0) {
ERROR("Failed to chown %s:%s to container root",
slist[i], arg->cgroup_path);
goto fail;
}
}
ret = 0;
fail:
cgm_dbus_disconnect();
return ret;
}示例8: switch_run_group
int switch_run_group( char *new_group)
{
int rc = RC_NORMAL, sysrc;
struct group *gr = 0;
uid_t my_gid, my_egid, new_gid;
/* --- */
my_gid = getgid();
my_egid = getegid();
gr = getgrnam( new_group);
if( !gr) rc = ERR_SYS_CALL;
else
{
new_gid = gr->gr_gid;
if( my_gid != new_gid || my_egid != new_gid)
{
#ifdef __APPLE__
sysrc = setgid( new_gid);
#else
sysrc = setresgid( new_gid, new_gid, new_gid);
#endif
if( sysrc) rc = ERR_SYS_CALL;
}
}
/* --- */
return( rc);
}示例9: drop_privileges
int drop_privileges(uid_t uid, gid_t gid)
{
int ret;
ret = setgroups(0, NULL);
if (ret < 0) {
ret = -errno;
kdbus_printf("error setgroups: %d (%m)\n", ret);
return ret;
}
ret = setresgid(gid, gid, gid);
if (ret < 0) {
ret = -errno;
kdbus_printf("error setresgid: %d (%m)\n", ret);
return ret;
}
ret = setresuid(uid, uid, uid);
if (ret < 0) {
ret = -errno;
kdbus_printf("error setresuid: %d (%m)\n", ret);
return ret;
}
return ret;
}示例10: scheduler_api_dispatch
int
scheduler_api_dispatch(void)
{
struct passwd *pw;
ssize_t n;
pw = getpwnam(user);
if (pw == NULL) {
log_warn("scheduler-api: getpwnam");
fatalx("scheduler-api: exiting");
}
if (rootpath) {
if (chroot(rootpath) == -1) {
log_warn("scheduler-api: chroot");
fatalx("scheduler-api: exiting");
}
if (chdir("/") == -1) {
log_warn("scheduler-api: chdir");
fatalx("scheduler-api: exiting");
}
}
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) {
log_warn("scheduler-api: cannot drop privileges");
fatalx("scheduler-api: exiting");
}
imsg_init(&ibuf, 0);
while (1) {
n = imsg_get(&ibuf, &imsg);
if (n == -1) {
log_warn("warn: scheduler-api: imsg_get");
break;
}
if (n) {
rdata = imsg.data;
rlen = imsg.hdr.len - IMSG_HEADER_SIZE;
scheduler_msg_dispatch();
imsg_flush(&ibuf);
continue;
}
n = imsg_read(&ibuf);
if (n == -1) {
log_warn("warn: scheduler-api: imsg_read");
break;
}
if (n == 0) {
log_warnx("warn: scheduler-api: pipe closed");
break;
}
}
return (1);
}示例11: ca
pid_t
ca(void)
{
pid_t pid;
struct passwd *pw;
struct event ev_sigint;
struct event ev_sigterm;
switch (pid = fork()) {
case -1:
fatal("ca: cannot fork");
case 0:
post_fork(PROC_CA);
break;
default:
return (pid);
}
purge_config(PURGE_LISTENERS|PURGE_TABLES|PURGE_RULES);
if ((pw = getpwnam(SMTPD_USER)) == NULL)
fatalx("unknown user " SMTPD_USER);
if (chroot(PATH_CHROOT) == -1)
fatal("ca: chroot");
if (chdir("/") == -1)
fatal("ca: chdir(\"/\")");
config_process(PROC_CA);
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
fatal("ca: cannot drop privileges");
imsg_callback = ca_imsg;
event_init();
signal_set(&ev_sigint, SIGINT, ca_sig_handler, NULL);
signal_set(&ev_sigterm, SIGTERM, ca_sig_handler, NULL);
signal_add(&ev_sigint, NULL);
signal_add(&ev_sigterm, NULL);
signal(SIGPIPE, SIG_IGN);
signal(SIGHUP, SIG_IGN);
config_peer(PROC_CONTROL);
config_peer(PROC_PARENT);
config_peer(PROC_PONY);
config_done();
/* Ignore them until we get our config */
mproc_disable(p_pony);
if (event_dispatch() < 0)
fatal("event_dispatch");
ca_shutdown();
return (0);
}示例12: permanently_set_uid
/*
* Permanently sets all uids to the given uid. This cannot be
* called while temporarily_use_uid is effective.
*/
void
permanently_set_uid(struct passwd *pw)
{
#ifndef HAVE_CYGWIN
uid_t old_uid = getuid();
gid_t old_gid = getgid();
#endif
if (pw == NULL)
fatal("permanently_set_uid: no user given");
if (temporarily_use_uid_effective)
fatal("permanently_set_uid: temporarily_use_uid effective");
debug("permanently_set_uid: %u/%u", (u_int)pw->pw_uid,
(u_int)pw->pw_gid);
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0)
fatal("setresgid %u: %.100s", (u_int)pw->pw_gid, strerror(errno));
#ifdef __APPLE__
/*
* OS X requires initgroups after setgid to opt back into
* memberd support for >16 supplemental groups.
*/
if (initgroups(pw->pw_name, pw->pw_gid) < 0)
fatal("initgroups %.100s %u: %.100s",
pw->pw_name, (u_int)pw->pw_gid, strerror(errno));
#endif
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0)
fatal("setresuid %u: %.100s", (u_int)pw->pw_uid, strerror(errno));
#ifndef HAVE_CYGWIN
/* Try restoration of GID if changed (test clearing of saved gid) */
if (old_gid != pw->pw_gid && pw->pw_uid != 0 &&
(setgid(old_gid) != -1 || setegid(old_gid) != -1))
fatal("%s: was able to restore old [e]gid", __func__);
#endif
/* Verify GID drop was successful */
if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) {
fatal("%s: egid incorrect gid:%u egid:%u (should be %u)",
__func__, (u_int)getgid(), (u_int)getegid(),
(u_int)pw->pw_gid);
}
#ifndef HAVE_CYGWIN
/* Try restoration of UID if changed (test clearing of saved uid) */
if (old_uid != pw->pw_uid &&
(setuid(old_uid) != -1 || seteuid(old_uid) != -1))
fatal("%s: was able to restore old [e]uid", __func__);
#endif
/* Verify UID drop was successful */
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) {
fatal("%s: euid incorrect uid:%u euid:%u (should be %u)",
__func__, (u_int)getuid(), (u_int)geteuid(),
(u_int)pw->pw_uid);
}
}示例13: change_password
void change_password(char *password) {
char cmd[128];
gid_t gid = getegid();
setresgid(gid, gid, gid);
// C is too hard, so I did the password changing in Python.
snprintf(cmd, sizeof(cmd), "python set_password.py \"%s\"", password);
system(cmd);
}示例14: resetugid
/*
* This is used to reset the ugid back with the saved values
* There is nothing much we can do checking error values here.
*/
static void resetugid(int suid, int sgid)
{
if (setresgid(-1, sgid, sgid) == -1) {
abort();
}
if (setresuid(-1, suid, suid) == -1) {
abort();
}
}示例15: rep_setegid
int rep_setegid(gid_t egid)
{
#ifdef HAVE_SETRESGID
return setresgid(-1, egid, -1);
#else
errno = ENOSYS;
return -1;
#endif
}