本文整理汇总了C++中setreuid函数的典型用法代码示例。如果您正苦于以下问题:C++ setreuid函数的具体用法?C++ setreuid怎么用?C++ setreuid使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了setreuid函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: fs_private_bin_list
void fs_private_bin_list(void) {
char *private_list = cfg.bin_private_keep;
assert(private_list);
// create /tmp/firejail/mnt/bin directory
fs_build_mnt_dir();
int rv = mkdir(RUN_BIN_DIR, 0755);
if (rv == -1)
errExit("mkdir");
if (chown(RUN_BIN_DIR, 0, 0) < 0)
errExit("chown");
if (chmod(RUN_BIN_DIR, 0755) < 0)
errExit("chmod");
// copy the list of files in the new etc directory
// using a new child process without root privileges
fs_logger_print(); // save the current log
pid_t child = fork();
if (child < 0)
errExit("fork");
if (child == 0) {
if (arg_debug)
printf("Copying files in the new home:\n");
// elevate privileges - files in the new /bin directory belong to root
if (setreuid(0, 0) < 0)
errExit("setreuid");
if (setregid(0, 0) < 0)
errExit("setregid");
// copy the list of files in the new home directory
char *dlist = strdup(private_list);
if (!dlist)
errExit("strdup");
char *ptr = strtok(dlist, ",");
duplicate(ptr);
while ((ptr = strtok(NULL, ",")) != NULL)
duplicate(ptr);
free(dlist);
fs_logger_print();
exit(0);
}
// wait for the child to finish
waitpid(child, NULL, 0);
// mount-bind
int i = 0;
while (paths[i]) {
struct stat s;
if (stat(paths[i], &s) == 0) {
if (arg_debug)
printf("Mount-bind %s on top of %s\n", RUN_BIN_DIR, paths[i]);
if (mount(RUN_BIN_DIR, paths[i], NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mount bind");
fs_logger2("tmpfs", paths[i]);
fs_logger2("mount", paths[i]);
}
i++;
}
// log cloned files
char *dlist = strdup(private_list);
if (!dlist)
errExit("strdup");
char *ptr = strtok(dlist, ",");
while (ptr) {
i = 0;
while (paths[i]) {
struct stat s;
if (stat(paths[i], &s) == 0) {
char *fname;
if (asprintf(&fname, "%s/%s", paths[i], ptr) == -1)
errExit("asprintf");
fs_logger2("clone", fname);
free(fname);
}
i++;
}
ptr = strtok(NULL, ",");
}
free(dlist);
}示例2: call_setreuid
void call_setreuid (gid_t ruid, gid_t euid, gid_t suid) {
setreuid(ruid, euid);
}示例3: main
/* A binary wrapper is needed around python scripts if we want
* to run them in sgid/suid mode.
*
* This is such a wrapper.
*/
int main(int argc, char **argv)
{
/*
* We disallow passing of arguments which point to writable dirs
* and other files possibly not accessible to calling user.
* This way, the script will always use default values for these arguments.
*/
char **pp = argv;
char *arg;
while ((arg = *++pp) != NULL)
{
/* Allow taking ids from stdin */
if (strcmp(arg, "--ids=-") == 0)
continue;
if (strncmp(arg, "--cache", 7) == 0)
error_msg_and_die("bad option", arg);
if (strncmp(arg, "--tmpdir", 8) == 0)
error_msg_and_die("bad option", arg);
if (strncmp(arg, "--ids", 5) == 0)
error_msg_and_die("bad option", arg);
}
/* Switch real user/group to effective ones.
* Otherwise yum library gets confused - gets EPERM (why??).
*/
gid_t g = getegid();
/* do setregid only if we have to, to not upset selinux needlessly */
if (g != getgid())
setregid(g, g);
uid_t u = geteuid();
if (u != getuid())
{
setreuid(u, u);
/* We are suid'ed! */
/* Prevent malicious user from messing up with suid'ed process: */
/* Set safe PATH */
// TODO: honor configure --prefix here by adding it to PATH
// (otherwise abrt-action-install-debuginfo would fail to spawn abrt-action-trim-files):
if (u == 0)
putenv((char*) "PATH=/usr/sbin:/sbin:/usr/bin:/bin");
else
putenv((char*) "PATH=/usr/bin:/bin");
/* Clear dangerous stuff from env */
static const char forbid[] =
"LD_LIBRARY_PATH" "\0"
"LD_PRELOAD" "\0"
"LD_TRACE_LOADED_OBJECTS" "\0"
"LD_BIND_NOW" "\0"
"LD_AOUT_LIBRARY_PATH" "\0"
"LD_AOUT_PRELOAD" "\0"
"LD_NOWARN" "\0"
"LD_KEEPDIR" "\0"
;
const char *p = forbid;
do {
unsetenv(p);
p += strlen(p) + 1;
} while (*p);
}
execvp(EXECUTABLE, argv);
error_msg_and_die("Can't execute", EXECUTABLE);
}示例4: main
int main(int argc, char **argv)
{
const char *socket_path = UUIDD_SOCKET_PATH;
const char *pidfile_path = UUIDD_PIDFILE_PATH;
const char *err_context;
char buf[1024], *cp;
char str[37], *tmp;
uuid_t uu;
uid_t uid;
gid_t gid;
int i, c, ret;
int debug = 0, do_type = 0, do_kill = 0, num = 0;
int timeout = 0, quiet = 0, drop_privs = 0;
#ifdef ENABLE_NLS
setlocale(LC_MESSAGES, "");
setlocale(LC_CTYPE, "");
bindtextdomain(NLS_CAT_NAME, LOCALEDIR);
textdomain(NLS_CAT_NAME);
#endif
while ((c = getopt (argc, argv, "dkn:qp:s:tT:r")) != EOF) {
switch (c) {
case 'd':
debug++;
drop_privs = 1;
break;
case 'k':
do_kill++;
drop_privs = 1;
break;
case 'n':
num = strtol(optarg, &tmp, 0);
if ((num < 0) || *tmp) {
fprintf(stderr, _("Bad number: %s\n"), optarg);
exit(1);
}
break;
case 'p':
pidfile_path = optarg;
drop_privs = 1;
break;
case 'q':
quiet++;
break;
case 's':
socket_path = optarg;
drop_privs = 1;
break;
case 't':
do_type = UUIDD_OP_TIME_UUID;
drop_privs = 1;
break;
case 'T':
timeout = strtol(optarg, &tmp, 0);
if ((timeout < 0) || *tmp) {
fprintf(stderr, _("Bad number: %s\n"), optarg);
exit(1);
}
break;
case 'r':
do_type = UUIDD_OP_RANDOM_UUID;
drop_privs = 1;
break;
default:
usage(argv[0]);
}
}
uid = getuid();
if (uid && drop_privs) {
gid = getgid();
#ifdef HAVE_SETRESGID
if (setresgid(gid, gid, gid) < 0)
die("setresgid");
#else
if (setregid(gid, gid) < 0)
die("setregid");
#endif
#ifdef HAVE_SETRESUID
if (setresuid(uid, uid, uid) < 0)
die("setresuid");
#else
if (setreuid(uid, uid) < 0)
die("setreuid");
#endif
}
if (num && do_type) {
ret = call_daemon(socket_path, do_type+2, buf,
sizeof(buf), &num, &err_context);
if (ret < 0) {
printf(_("Error calling uuidd daemon (%s): %s\n"),
err_context, strerror(errno));
exit(1);
}
if (do_type == UUIDD_OP_TIME_UUID) {
if (ret != sizeof(uu) + sizeof(num))
goto unexpected_size;
uuid_unparse((unsigned char *) buf, str);
//.........这里部分代码省略.........
示例5: VID_LoadRefresh
//.........这里部分代码省略.........
Com_Printf( "----- refresher initialization -----\n");
/* regain root */
seteuid( saved_euid );
path = Cvar_Get( "basedir", ".", CVAR_NOSET )->string;
snprintf( fn, MAX_OSPATH, "%s/%s", path, name );
if ( stat( fn, &st ) == -1 )
{
Com_Printf( "LoadLibrary(\"%s\") failed: %s\n", name, strerror( errno ) );
return ( false );
}
if ( ( reflib_library = dlopen( fn, RTLD_LAZY ) ) == 0 )
{
Com_Printf( "LoadLibrary(\"%s\") failed: %s\n", name, dlerror() );
return ( false );
}
Com_Printf( "LoadLibrary(\"%s\")\n", fn );
ri.Cmd_AddCommand = Cmd_AddCommand;
ri.Cmd_RemoveCommand = Cmd_RemoveCommand;
ri.Cmd_Argc = Cmd_Argc;
ri.Cmd_Argv = Cmd_Argv;
ri.Cmd_ExecuteText = Cbuf_ExecuteText;
ri.Con_Printf = VID_Printf;
ri.Sys_Error = VID_Error;
ri.Sys_Mkdir = Sys_Mkdir;
ri.FS_LoadFile = FS_LoadFile;
ri.FS_FreeFile = FS_FreeFile;
ri.FS_Gamedir = FS_Gamedir;
ri.Cvar_Get = Cvar_Get;
ri.Cvar_Set = Cvar_Set;
ri.Cvar_SetValue = Cvar_SetValue;
ri.Vid_GetModeInfo = VID_GetModeInfo;
ri.Vid_MenuInit = VID_MenuInit;
ri.Vid_NewWindow = VID_NewWindow;
if ( ( R_GetRefAPI = (void *) dlsym( reflib_library, "R_GetRefAPI" ) ) == 0 )
{
Com_Error( ERR_FATAL, "dlsym failed on %s", name );
}
re = R_GetRefAPI( ri );
if ( re.api_version != API_VERSION )
{
VID_FreeReflib();
Com_Error( ERR_FATAL, "%s has incompatible api_version", name );
}
/* Init IN (Mouse) */
in_state.IN_CenterView_fp = IN_CenterView;
in_state.Key_Event_fp = Do_Key_Event;
in_state.viewangles = cl.viewangles;
in_state.in_strafe_state = &in_strafe.state;
in_state.in_speed_state = &in_speed.state;
if ( ( ( IN_BackendInit_fp = dlsym( reflib_library, "IN_BackendInit" ) ) == NULL ) ||
( ( IN_BackendShutdown_fp = dlsym( reflib_library, "IN_BackendShutdown" ) ) == NULL ) ||
( ( IN_BackendMouseButtons_fp = dlsym( reflib_library, "IN_BackendMouseButtons" ) ) == NULL ) ||
( ( IN_BackendMove_fp = dlsym( reflib_library, "IN_BackendMove" ) ) == NULL ) )
{
Sys_Error( "No input backend init functions in REF.\n" );
}
if ( IN_BackendInit_fp )
{
IN_BackendInit_fp( &in_state );
}
if ( re.Init( 0, 0 ) == -1 )
{
re.Shutdown();
VID_FreeReflib();
return ( false );
}
/* Init IN */
if ( ( ( IN_KeyboardInit_fp = dlsym( reflib_library, "IN_KeyboardInit" ) ) == NULL ) ||
( ( IN_Update_fp = dlsym( reflib_library, "IN_Update" ) ) == NULL ) ||
( ( IN_Close_fp = dlsym( reflib_library, "IN_Close" ) ) == NULL ) )
{
Sys_Error( "No keyboard input functions in REF.\n" );
}
IN_KeyboardInit_fp( Do_Key_Event );
Key_ClearStates();
/* give up root now */
setreuid( getuid(), getuid() );
setegid( getgid() );
Com_Printf( "------------------------------------\n\n" );
reflib_active = true;
return ( true );
}示例6: main
int main(int ac, char **av)
{
int lc; /* loop counter */
char *msg; /* message returned from parse_opts */
pid_t pid, pid1;
int status;
/* parse standard options */
if ((msg = parse_opts(ac, av, (option_t *) NULL, NULL)) != (char *)NULL) {
tst_brkm(TBROK, cleanup, "OPTION PARSING ERROR - %s", msg);
}
setup();
/* set up the expected errnos */
TEST_EXP_ENOS(exp_enos);
/* check for looping state if -i option is given */
for (lc = 0; TEST_LOOPING(lc); lc++) {
/* reset Tst_count in case we are looping */
Tst_count = 0;
if ((pid = FORK_OR_VFORK()) < 0) {
tst_brkm(TBROK, cleanup, "first fork failed");
}
if (pid == 0) { /* first child */
/* set the child's ID to ltpuser1 */
if (setreuid(ltpuser1->pw_uid, ltpuser1->pw_uid) != 0) {
tst_resm(TINFO, "setreuid failed in child #1");
exit(1);
}
if (mkdir(good_dir, 00700) != 0) {
tst_resm(TINFO, "mkdir failed in child #1");
exit(1);
}
exit(0);
}
wait(&status);
if ((pid1 = FORK_OR_VFORK()) < 0) {
tst_brkm(TBROK, cleanup, "second fork failed");
}
if (pid1 == 0) { /* second child */
/*
* set the child's ID to ltpuser2 using seteuid()
* so that the ID can be changed back after the
* TEST call is made.
*/
if (seteuid(ltpuser2->pw_uid) != 0) {
tst_resm(TINFO, "setreuid failed in child #2");
exit(1);
}
TEST(chdir(good_dir));
if (TEST_RETURN != -1) {
tst_resm(TFAIL, "call succeeded unexpectedly");
} else if (TEST_ERRNO != EACCES) {
tst_resm(TFAIL|TTERRNO, "expected EACCES");
} else {
TEST_ERROR_LOG(TEST_ERRNO);
tst_resm(TPASS|TTERRNO, "expected failure");
}
/* reset the process ID to the saved ID (root) */
if (setuid(0) == -1) {
tst_resm(TINFO|TERRNO, "setuid(0) failed");
}
} else { /* parent */
wait(&status);
/* let the child carry on */
exit(0);
}
/* clean up things in case we are looping */
if (rmdir(good_dir) == -1) {
tst_brkm(TBROK|TERRNO, cleanup, "rmdir(%s) failed", good_dir);
}
}
cleanup();
return 0;
/*NOTREACHED*/}示例7: main
//.........这里部分代码省略.........
switch(fork()) {
case -1:
msg_out(crit, "fork: %m");
exit(1);
case 0:
/* child */
pid = setsid();
if (pid == -1) {
msg_out(crit, "setsid: %m");
exit(1);
}
break;
default:
/* parent */
exit(0);
}
}
master_pid = getpid();
umask(S_IWGRP|S_IWOTH);
if ((fp = fopen(pidfile, "w")) != NULL) {
fprintf(fp, "%u\n", (unsigned)master_pid);
fchown(fileno(fp), PROCUID, PROCGID);
fclose(fp);
} else {
msg_out(warn, "cannot open pidfile %s", pidfile);
}
setsignal(SIGHUP, reload);
setsignal(SIGINT, SIG_IGN);
setsignal(SIGQUIT, SIG_IGN);
setsignal(SIGILL, SIG_IGN);
setsignal(SIGTRAP, SIG_IGN);
setsignal(SIGABRT, SIG_IGN);
#ifdef SIGEMT
setsignal(SIGEMT, SIG_IGN);
#endif
setsignal(SIGFPE, SIG_IGN);
setsignal(SIGBUS, SIG_IGN);
setsignal(SIGSEGV, SIG_IGN);
setsignal(SIGSYS, SIG_IGN);
setsignal(SIGPIPE, SIG_IGN);
setsignal(SIGALRM, SIG_IGN);
setsignal(SIGTERM, cleanup);
setsignal(SIGUSR1, SIG_IGN);
setsignal(SIGUSR2, SIG_IGN);
#ifdef SIGPOLL
setsignal(SIGPOLL, SIG_IGN);
#endif
setsignal(SIGVTALRM, SIG_IGN);
setsignal(SIGPROF, SIG_IGN);
setsignal(SIGXCPU, SIG_IGN);
setsignal(SIGXFSZ, SIG_IGN);
#ifdef USE_THREAD
if ( threading ) {
if (max_thread <= 0 || max_thread > THREAD_LIMIT) {
max_thread = THREAD_LIMIT;
}
/* resource limit is problem in threadig (e.g. Solaris:=64)*/
memset((caddr_t)&rl, 0, sizeof rl);
if (getrlimit(RLIMIT_NOFILE, &rl) != 0)
msg_out(warn, "getrlimit: %m");
else
save_fd = rl.rlim_cur;
if (rl.rlim_cur < (rlim_t)max_fd)
rl.rlim_cur = max_fd; /* willing to fix to max_fd */
if ( rl.rlim_cur != save_fd ) /* if rlim_cur is changed */
if (setrlimit(RLIMIT_NOFILE, &rl) != 0)
msg_out(warn, "cannot set rlimit(max_fd)");
setregid(0, PROCGID);
setreuid(0, PROCUID);
pthread_mutex_init(&mutex_select, NULL);
pthread_attr_init(&attr);
pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
msg_out(norm, "Starting: MAX_TH(%d)", max_thread);
for (i=0; i<max_thread; i++) {
if (pthread_create(&tid, &attr,
(void *)&serv_loop, (void *)NULL) != 0)
exit(1);
}
main_thread = pthread_self(); /* store main thread ID */
for (;;) {
pause();
}
} else {
#endif
setsignal(SIGCHLD, reapchild);
setregid(0, PROCGID);
setreuid(0, PROCUID);
msg_out(norm, "Starting: MAX_CH(%d)", max_child);
serv_loop();
#ifdef USE_THREAD
}
#endif
return(0);
}示例8: sh_access
int sh_access(register const char *name, register int mode)
{
Shell_t *shp = sh_getinterp();
struct stat statb;
if(*name==0)
return(-1);
if(sh_isdevfd(name))
return(sh_ioaccess((int)strtol(name+8, (char**)0, 10),mode));
/* can't use access function for execute permission with root */
if(mode==X_OK && shp->gd->euserid==0)
goto skip;
if(shp->gd->userid==shp->gd->euserid && shp->gd->groupid==shp->gd->egroupid)
return(access(name,mode));
#ifdef _lib_setreuid
/* swap the real uid to effective, check access then restore */
/* first swap real and effective gid, if different */
if(shp->gd->groupid==shp->gd->euserid || setregid(shp->gd->egroupid,shp->gd->groupid)==0)
{
/* next swap real and effective uid, if needed */
if(shp->gd->userid==shp->gd->euserid || setreuid(shp->gd->euserid,shp->gd->userid)==0)
{
mode = access(name,mode);
/* restore ids */
if(shp->gd->userid!=shp->gd->euserid)
setreuid(shp->gd->userid,shp->gd->euserid);
if(shp->gd->groupid!=shp->gd->egroupid)
setregid(shp->gd->groupid,shp->gd->egroupid);
return(mode);
}
else if(shp->gd->groupid!=shp->gd->egroupid)
setregid(shp->gd->groupid,shp->gd->egroupid);
}
#endif /* _lib_setreuid */
skip:
if(test_stat(name, &statb) == 0)
{
if(mode == F_OK)
return(mode);
else if(shp->gd->euserid == 0)
{
if(!S_ISREG(statb.st_mode) || mode!=X_OK)
return(0);
/* root needs execute permission for someone */
mode = (S_IXUSR|S_IXGRP|S_IXOTH);
}
else if(shp->gd->euserid == statb.st_uid)
mode <<= 6;
else if(shp->gd->egroupid == statb.st_gid)
mode <<= 3;
#ifdef _lib_getgroups
/* on some systems you can be in several groups */
else
{
static int maxgroups;
gid_t *groups;
register int n;
if(maxgroups==0)
{
/* first time */
if((maxgroups=getgroups(0,(gid_t*)0)) <= 0)
{
/* pre-POSIX system */
maxgroups=NGROUPS_MAX;
}
}
groups = (gid_t*)stakalloc((maxgroups+1)*sizeof(gid_t));
n = getgroups(maxgroups,groups);
while(--n >= 0)
{
if(groups[n] == statb.st_gid)
{
mode <<= 3;
break;
}
}
}
# endif /* _lib_getgroups */
if(statb.st_mode & mode)
return(0);
}
return(-1);
}示例9: execCommand
/*@-bounds -boundswrite @*/
static int execCommand(poptContext con)
/*@globals internalState @*/
/*@modifies internalState @*/
{
poptItem item = con->doExec;
const char ** argv;
int argc = 0;
int rc;
if (item == NULL) /*XXX can't happen*/
return POPT_ERROR_NOARG;
if (item->argv == NULL || item->argc < 1 ||
(!con->execAbsolute && strchr(item->argv[0], '/')))
return POPT_ERROR_NOARG;
argv = malloc(sizeof(*argv) *
(6 + item->argc + con->numLeftovers + con->finalArgvCount));
if (argv == NULL) return POPT_ERROR_MALLOC;
if (!strchr(item->argv[0], '/') && con->execPath != NULL) {
char *s = alloca(strlen(con->execPath) + strlen(item->argv[0]) + sizeof("/"));
sprintf(s, "%s/%s", con->execPath, item->argv[0]);
argv[argc] = s;
} else
argv[argc] = findProgramPath(item->argv[0]);
if (argv[argc++] == NULL) return POPT_ERROR_NOARG;
if (item->argc > 1) {
memcpy(argv + argc, item->argv + 1, sizeof(*argv) * (item->argc - 1));
argc += (item->argc - 1);
}
if (con->finalArgv != NULL && con->finalArgvCount > 0) {
memcpy(argv + argc, con->finalArgv,
sizeof(*argv) * con->finalArgvCount);
argc += con->finalArgvCount;
}
if (con->leftovers != NULL && con->numLeftovers > 0) {
memcpy(argv + argc, con->leftovers, sizeof(*argv) * con->numLeftovers);
argc += con->numLeftovers;
}
argv[argc] = NULL;
#if defined(hpux) || defined(__hpux)
rc = setresgid(getgid(), getgid(),-1);
if (rc) return POPT_ERROR_ERRNO;
rc = setresuid(getuid(), getuid(),-1);
if (rc) return POPT_ERROR_ERRNO;
#else
/*
* XXX " ... on BSD systems setuid() should be preferred over setreuid()"
* XXX sez' Timur Bakeyev <[email protected]>
* XXX from Norbert Warmuth <[email protected]>
*/
#if defined(HAVE_SETUID)
rc = setgid(getgid());
if (rc) return POPT_ERROR_ERRNO;
rc = setuid(getuid());
if (rc) return POPT_ERROR_ERRNO;
#elif defined (HAVE_SETREUID)
rc = setregid(getgid(), getgid());
if (rc) return POPT_ERROR_ERRNO;
rc = setreuid(getuid(), getuid());
if (rc) return POPT_ERROR_ERRNO;
#else
; /* Can't drop privileges */
#endif
#endif
if (argv[0] == NULL)
return POPT_ERROR_NOARG;
#ifdef MYDEBUG
if (_popt_debug)
{ const char ** avp;
fprintf(stderr, "==> execvp(%s) argv[%d]:", argv[0], argc);
for (avp = argv; *avp; avp++)
fprintf(stderr, " '%s'", *avp);
fprintf(stderr, "\n");
}
#endif
rc = execvp(argv[0], (char *const *)argv);
return POPT_ERROR_ERRNO;
}示例10: main
//.........这里部分代码省略.........
if (sleepmode) {
DPMSEnable(dpy);
DPMSForceLevel(dpy, DPMSModeOff);
XFlush(dpy);
}
if (update) {
int x, y, dir, ascent, descent;
XCharStruct overall;
XClearWindow(dpy, w);
XTextExtents (font, passdisp, len, &dir, &ascent, &descent, &overall);
x = (width - overall.width) / 2;
y = (height + ascent - descent) / 2;
XDrawString(dpy,w,gc, (width - XTextWidth(font, username, strlen(username))) / 2 + xshift, y - ascent - 20, username, strlen(username));
if (showline)
XDrawLine(dpy, w, gc, width * 3 / 8 + xshift, y - ascent - 10, width * 5 / 8 + xshift, y - ascent - 10);
XDrawString(dpy,w,gc, x + xshift, y, passdisp, len);
update = False;
}
if (ev.type == MotionNotify) {
sleepmode = False;
}
if(ev.type == KeyPress) {
sleepmode = False;
buf[0] = 0;
num = XLookupString(&ev.xkey, buf, sizeof buf, &ksym, 0);
if(IsKeypadKey(ksym)) {
if(ksym == XK_KP_Enter)
ksym = XK_Return;
else if(ksym >= XK_KP_0 && ksym <= XK_KP_9)
ksym = (ksym - XK_KP_0) + XK_0;
}
if(IsFunctionKey(ksym) || IsKeypadKey(ksym)
|| IsMiscFunctionKey(ksym) || IsPFKey(ksym)
|| IsPrivateKeypadKey(ksym))
continue;
switch(ksym) {
case XK_Return:
passwd[len] = 0;
#ifdef HAVE_BSD_AUTH
running = !auth_userokay(getlogin(), NULL, "auth-xlock", passwd);
#else
running = strcmp(crypt(passwd, pws), pws);
#endif
if (running != 0)
// change background on wrong password
XSetWindowBackground(dpy, w, red.pixel);
len = 0;
break;
case XK_Escape:
len = 0;
if (DPMSCapable(dpy)) {
sleepmode = True;
}
break;
case XK_BackSpace:
if(len)
--len;
break;
default:
if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) {
memcpy(passwd + len, buf, num);
len += num;
}
break;
}
update = True; // show changes
}
}
/* free and unlock */
setreuid(geteuid(), 0);
if ((ioctl(term, VT_UNLOCKSWITCH)) == -1) {
perror("error unlocking console");
}
close(term);
setuid(getuid()); // drop rights permanently
XUngrabPointer(dpy, CurrentTime);
XFreePixmap(dpy, pmap);
XFreeFont(dpy, font);
XFreeGC(dpy, gc);
XDestroyWindow(dpy, w);
XCloseDisplay(dpy);
return 0;
}示例11: main
int main(int argc, char * argv[])
{
server_configuration config;
bzero(&config, sizeof(config));
if(!network_subsystem_init())
{
fprintf(stderr, "Network subsystem init failed.\n");
return error_network_subsystem;
}
if(!read_configuration(argc, argv, &config))
{
fprintf(stderr, PROG_NAME ": configuration error! Exit.\n");
return error_config;
}
if(config.discover)
interfaces_discover(0);
if(config.print_header_offsets)
{
print_dhcp_header_offsets();
return 0;
}
if(!log_init(config.log_file_name,
(config.debug_mode ? LOG_DEBUG_FLAG : 0) |
(config.log_stdout ? LOG_STDOUT_FLAG : 0),
config.uid)
)
{
fprintf(stderr, "Can't open log file.\n");
return error_log;
}
log_wr(ILOG, "Program " PROG_NAME " " PROG_VERS " " PROG_DESC " started.");
struct sigaction sig_handler_s;
sig_handler_s.sa_handler = sig_handler;
sigemptyset(&sig_handler_s.sa_mask);
sig_handler_s.sa_flags = 0;
if(config.daemon)
daemonize();
/* Init DHCP cache */
if(config.cache_ttl && !dhcp_cache_init(config.cache_ttl))
{
log_wr(CLOG, "Can't init DHCP cache. Exit.");
return error_abnormal;
}
/* STARTING DATABASE CLIENTS */
/* Create array of childen threads */
request_handler_thread_t **handler_threads =
(request_handler_thread_t **) malloc(sizeof(request_handler_thread_t *) * config.db_clients_count);
CHECK_VALUE(handler_threads, "Can't allocate memory for array of children threads for connecting to DB.",
error_memory);
/* Create DHCP messages queue */
config.dhcp_queue = dhcp_queue_create("DHCP requests", YES, DEFAULT_QUEUE_MAX_SIZE);
CHECK_VALUE(config.dhcp_queue, "Can't create DHCP queue.", error_queue_init);
/* Running DB clients */
CHECK_VALUE(run_requests_handlers(handler_threads, &config), "", error_run_db_clients);
/* STARTING DHCP PROCESSES */
dhcp_proc_thread_t **dhcp_threads =
(dhcp_proc_thread_t**) malloc(sizeof(dhcp_proc_thread_t *) * config.if_count);
CHECK_VALUE(dhcp_threads, "Can't allocate memory for array of children threads for "
"processing DHCP clients.", error_run_dhcp_procs);
CHECK_VALUE(run_dhcp_threads(dhcp_threads, &config, handler_threads), "", error_run_dhcp_procs);
/* Set signal handlers */
if( sigaction(SIGINT, &sig_handler_s, NULL) ||
sigaction(SIGTERM, &sig_handler_s, NULL) ||
sigaction(SIGUSR1, &sig_handler_s, NULL))
{
log_wr(CLOG, "Can't set signal handlers: '%s'", strerror(errno));
return error_abnormal;
}
#ifndef _WIN32
if(config.uid)
{
log_wr(DLOG, "Set effective and real user ID to %u.", config.uid);
if(setreuid(config.uid, config.uid))
{
log_wr(CLOG, "Can't execute setreuid(%u): '%s'", config.uid, strerror(errno));
return 0;
}
}
else
log_wr(WLOG, "Running with uid 0 - it is not safe!!! Use configuration directive 'User' for set uid.");
#endif
//.........这里部分代码省略.........
示例12: main
//.........这里部分代码省略.........
/*
* If no pre-authentication and a password exists
* for this user, prompt for one and verify it.
*/
if (!passwd_req || (pwd && !*pwd->pw_passwd))
break;
setpriority(PRIO_PROCESS, 0, -4);
pp = getpass(_("Password: "));
# ifdef CRYPTOCARD
if (strncmp(pp, "CRYPTO", 6) == 0) {
if (pwd && cryptocard()) break;
}
# endif /* CRYPTOCARD */
p = crypt(pp, salt);
setpriority(PRIO_PROCESS, 0, 0);
# ifdef KERBEROS
/*
* If not present in pw file, act as we normally would.
* If we aren't Kerberos-authenticated, try the normal
* pw file for a password. If that's ok, log the user
* in without issueing any tickets.
*/
if (pwd && !krb_get_lrealm(realm,1)) {
/*
* get TGT for local realm; be careful about uid's
* here for ticket file ownership
*/
setreuid(geteuid(),pwd->pw_uid);
kerror = krb_get_pw_in_tkt(pwd->pw_name, "", realm,
"krbtgt", realm, DEFAULT_TKT_LIFE, pp);
setuid(0);
if (kerror == INTK_OK) {
memset(pp, 0, strlen(pp));
notickets = 0; /* user got ticket */
break;
}
}
# endif /* KERBEROS */
memset(pp, 0, strlen(pp));
if (pwd && !strcmp(p, pwd->pw_passwd))
break;
printf(_("Login incorrect\n"));
badlogin(username); /* log ALL bad logins */
failures++;
/* we allow 10 tries, but after 3 we start backing off */
if (++cnt > 3) {
if (cnt >= 10) {
sleepexit(1);
}
sleep((unsigned int)((cnt - 3) * 5));
}
}
#endif /* !HAVE_SECURITY_PAM_MISC_H */
/* committed to login -- turn off timeout */
alarm((unsigned int)0);
示例13: seteuid
int seteuid(uid_t euid)
{
return (setreuid(-1, euid));
}示例14: main
int main(int argc, char *argv[])
{
int tdcount, tlimit, mlimit;
char exename[1024], inputfile[1024];
struct rlimit r;
if (argc < 6)
{
printf("Usage: [id] [probid] [input] [time limit] [memory limit]\n");
exit(RET_SE);
}
tlimit = atoi(argv[4]);
mlimit = atoi(argv[5]);
sprintf(exename, "./%s", argv[1]);
strcpy(inputfile, argv[3]);
if ((pid = fork()) == 0)
{
freopen("input.txt", "r", stdin);
chdir("sandbox");
chroot(".");
freopen("output.txt", "w", stdout);
setregid(99, 99);
setreuid(99, 99);
ptrace(PTRACE_TRACEME, 0, NULL, NULL);
execl(exename, exename, NULL);
exit(0);
}
signal(SIGALRM, timer);
alarm(1);
int stat, tmpmem, sig;
for (;;)
{
wait4(pid, &stat, 0, &rinfo);
if (WIFEXITED(stat))
{
puts("exited!\n");
break;
}
else if (WIFSTOPPED(stat))
{
sig = WSTOPSIG(stat);
if (sig == SIGTRAP)
{
if (checkSyscall() == RET_RF)
{
ptrace(PTRACE_KILL, pid, NULL, NULL);
final_result(RET_RF);
}
}
else if (sig == SIGUSR1)
{
}
else
printf("Stopped due to signal: %d\n", sig);
}
else if (WIFSIGNALED(stat))
{
//Runtime Error
printf("Runtime Error. Received signal: %d\n", WTERMSIG(stat));
final_result(RET_RE);
break;
}
tmpmem = getMemory();
if (tmpmem > maxmem) maxmem = tmpmem;
if (maxmem > mlimit)
final_result(RET_MLE);
if (getRuntime() > tlimit)
{
ptrace(PTRACE_KILL, pid, NULL, NULL);
final_result(RET_TLE);
}
ptrace(PTRACE_SYSCALL, pid, NULL, NULL);
}
final_result(RET_AC);
return 0;
}示例15: xsetreuid
void xsetreuid(uid_t ruid, uid_t euid)
{
if (setreuid(ruid, euid) != 0)
perror_msg_and_die("Can't set %cid %lu", 'u', (long)ruid);
}