本文整理汇总了Golang中syscall.Setgid函数的典型用法代码示例。如果您正苦于以下问题:Golang Setgid函数的具体用法?Golang Setgid怎么用?Golang Setgid使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了Setgid函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: chuser
func chuser(username string) (uid, gid int) {
usr, err := user.Lookup(username)
if err != nil {
fmt.Printf("failed to find user %q: %s", username, err)
}
uid, err = strconv.Atoi(usr.Uid)
if err != nil {
fmt.Printf("bad user ID %q: %s", usr.Uid, err)
}
gid, err = strconv.Atoi(usr.Gid)
if err != nil {
fmt.Printf("bad group ID %q: %s", usr.Gid, err)
}
if err := syscall.Setgid(gid); err != nil {
fmt.Printf("setgid(%d): %s", gid, err)
}
if err := syscall.Setuid(uid); err != nil {
fmt.Printf("setuid(%d): %s", uid, err)
}
return uid, gid
}示例2: SetupUser
// SetupUser changes the groups, gid, and uid for the user inside the container
func SetupUser(u string) error {
uid, gid, suppGids, home, err := user.GetUserGroupSupplementaryHome(u, syscall.Getuid(), syscall.Getgid(), "/")
if err != nil {
return fmt.Errorf("get supplementary groups %s", err)
}
if err := syscall.Setgroups(suppGids); err != nil {
return fmt.Errorf("setgroups %s", err)
}
if err := syscall.Setgid(gid); err != nil {
return fmt.Errorf("setgid %s", err)
}
if err := syscall.Setuid(uid); err != nil {
return fmt.Errorf("setuid %s", err)
}
// if we didn't get HOME already, set it based on the user's HOME
if envHome := os.Getenv("HOME"); envHome == "" {
if err := os.Setenv("HOME", home); err != nil {
return fmt.Errorf("set HOME %s", err)
}
}
return nil
}示例3: changeUser
// Takes care of dropping privileges to the desired user
func changeUser(args *DockerInitArgs) error {
if args.user == "" {
return nil
}
userent, err := utils.UserLookup(args.user)
if err != nil {
return fmt.Errorf("Unable to find user %v: %v", args.user, err)
}
uid, err := strconv.Atoi(userent.Uid)
if err != nil {
return fmt.Errorf("Invalid uid: %v", userent.Uid)
}
gid, err := strconv.Atoi(userent.Gid)
if err != nil {
return fmt.Errorf("Invalid gid: %v", userent.Gid)
}
if err := syscall.Setgid(gid); err != nil {
return fmt.Errorf("setgid failed: %v", err)
}
if err := syscall.Setuid(uid); err != nil {
return fmt.Errorf("setuid failed: %v", err)
}
return nil
}示例4: changeUser
// Takes care of dropping privileges to the desired user
func changeUser(u string) {
if u == "" {
return
}
userent, err := utils.UserLookup(u)
if err != nil {
log.Fatalf("Unable to find user %v: %v", u, err)
}
uid, err := strconv.Atoi(userent.Uid)
if err != nil {
log.Fatalf("Invalid uid: %v", userent.Uid)
}
gid, err := strconv.Atoi(userent.Gid)
if err != nil {
log.Fatalf("Invalid gid: %v", userent.Gid)
}
if err := syscall.Setgid(gid); err != nil {
log.Fatalf("setgid failed: %v", err)
}
if err := syscall.Setuid(uid); err != nil {
log.Fatalf("setuid failed: %v", err)
}
}示例5: DropPrivileges
func DropPrivileges(username string) error {
userInfo, err := user.Lookup(username)
if err != nil {
return err
}
uid, err := strconv.Atoi(userInfo.Uid)
if err != nil {
return err
}
gid, err := strconv.Atoi(userInfo.Gid)
if err != nil {
return err
}
// TODO: should set secondary groups too
err = syscall.Setgroups([]int{gid})
if err != nil {
return err
}
err = syscall.Setgid(gid)
if err != nil {
return err
}
err = syscall.Setuid(uid)
if err != nil {
return err
}
return nil
}示例6: SetupEnv
// SetupEnv will create pidfile and possibly change the workdir.
func SetupEnv(cfg *config.Config) error {
if cfg.System.User != "" {
// Get the current user
currentUser, err := user.Current()
if err != nil {
return fmt.Errorf("Could not get the current user: %s", err)
}
// If the current user is different than the wanted user, try to change it
if currentUser.Username != cfg.System.User {
wantedUser, err := user.Lookup(cfg.System.User)
if err != nil {
return err
}
uid, err := strconv.Atoi(wantedUser.Uid)
if err != nil {
return fmt.Errorf("Error converting UID [%s] to int: %s", wantedUser.Uid, err)
}
gid, err := strconv.Atoi(wantedUser.Gid)
if err != nil {
return fmt.Errorf("Error converting GID [%s] to int: %s", wantedUser.Gid, err)
}
if err = syscall.Setgid(gid); err != nil {
return fmt.Errorf("Setting group id: %s", err)
}
if err = syscall.Setuid(uid); err != nil {
return fmt.Errorf("Setting user id: %s", err)
}
}
}
if cfg.System.Workdir != "" {
if err := os.Chdir(cfg.System.Workdir); err != nil {
return fmt.Errorf("Could not chdir to '%s': %s", cfg.System.Workdir, err)
}
}
pFile, err := os.Create(cfg.System.Pidfile)
if err != nil {
return err
}
defer pFile.Close()
_, err = pFile.WriteString(fmt.Sprintf("%d", os.Getpid()))
if err != nil {
return err
}
return nil
}示例7: DropPrivileges
func DropPrivileges(uid int, gid int) (error, bool) {
if err := syscall.Setuid(uid); err != nil {
return err, false
}
if err := syscall.Setgid(gid); err != nil {
return err, false
}
return nil, true
}示例8: SetRuntimeGroup
// SetRuntimeGroup sets group on what to run as
func SetRuntimeGroup(groupname string) (err error) {
log.Printf("Setting gid to %s", groupname)
gstruct, err := user.LookupGroupId(groupname)
if err != nil {
return
}
egid, _ := strconv.Atoi(gstruct.Gid)
syscall.Setgid(egid)
return
}示例9: setuid
func setuid(u string, g string) (err error) {
if len(u) <= 0 {
return
}
uid := -1
gid := -1
for {
userent, err := user.Lookup(u)
if err != nil {
if userent, err = user.LookupId(u); err != nil {
log.Println("Unable to find user", u, err)
break
}
}
uid, err = strconv.Atoi(userent.Uid)
if err != nil {
log.Println("Invalid uid:", userent.Uid)
}
gid, err = strconv.Atoi(userent.Gid)
if err != nil {
log.Println("Invalid gid:", userent.Gid)
}
break
}
if uid < 0 {
uid, err = strconv.Atoi(u)
if err != nil {
log.Println("Invalid uid:", u, err)
return
}
}
if gid < 0 {
gid, err = strconv.Atoi(g)
if err != nil {
log.Println("Invalid gid:", g, err)
return
}
}
if err = syscall.Setgid(gid); err != nil {
log.Println("setgid failed: ", err)
}
if err = syscall.Setuid(uid); err != nil {
log.Println("setuid failed: ", err)
}
return
}示例10: DropPrivileges
func (s *internalService) DropPrivileges(arg *struct{ R internalDropArg }, result *struct{ R internalDropResult }) error {
if rv := syscall.Setgid(arg.R.Gid); rv != nil {
result.R.SetgidErrno = uintptr(rv.(syscall.Errno))
} else {
result.R.GidDropped = true
}
if rv := syscall.Setuid(arg.R.Uid); rv != nil {
result.R.SetuidErrno = uintptr(rv.(syscall.Errno))
} else {
result.R.UidDropped = true
}
return nil
}示例11: AttachFiles
func AttachFiles(containerId, fromFile, toDir, rootDir, perm, uid, gid string) error {
if containerId == "" {
return fmt.Errorf("Please make sure the arguments are not NULL!\n")
}
permInt, err := strconv.Atoi(perm)
if err != nil {
return err
}
// It just need the block device without copying any files
// FIXME whether we need to return an error if the target directory is null
if toDir == "" {
return nil
}
// Make a new file with the given premission and wirte the source file content in it
if _, err := os.Stat(fromFile); err != nil && os.IsNotExist(err) {
return err
}
buf, err := ioutil.ReadFile(fromFile)
if err != nil {
return err
}
targetDir := path.Join(rootDir, containerId, "rootfs", toDir)
_, err = os.Stat(targetDir)
targetFile := targetDir
if err != nil && os.IsNotExist(err) {
// we need to create a target directory with given premission
if err := os.MkdirAll(targetDir, os.FileMode(permInt)); err != nil {
return err
}
targetFile = targetDir + "/" + filepath.Base(fromFile)
} else {
targetFile = targetDir + "/" + filepath.Base(fromFile)
}
err = ioutil.WriteFile(targetFile, buf, os.FileMode(permInt))
if err != nil {
return err
}
user_id, _ := strconv.Atoi(uid)
err = syscall.Setuid(user_id)
if err != nil {
return err
}
group_id, _ := strconv.Atoi(gid)
err = syscall.Setgid(group_id)
if err != nil {
return err
}
return nil
}示例12: chrootuid
func chrootuid(dir, user string) {
pw_filename := "/etc/passwd"
pwf, err := os.Open(pw_filename)
if err != nil {
log.Fatalf("%%Can't open %s: %s", pw_filename, err)
}
pwr := bufio.NewReader(pwf)
for {
line, err := pwr.ReadString('\n')
if err != nil {
log.Fatalf("%%Can't find UID for %s: %s", user, err)
}
pw_row := strings.SplitN(line, ":", 5)
if len(pw_row) != 5 {
continue
}
if pw_row[0] == user {
uid, err = strconv.Atoi(pw_row[2])
if err != nil {
log.Fatalln("%Wrong UID:", err)
}
gid, err = strconv.Atoi(pw_row[3])
if err != nil {
log.Fatalln("%Wrong GID:", err)
}
break
}
}
err = syscall.Chroot(dir)
if err != nil {
log.Fatalln("%Chroot error:", err)
}
err = syscall.Setgid(gid)
if err != nil {
log.Fatalln("%Setgid error:", err)
}
err = syscall.Setuid(uid)
if err != nil {
log.Fatalln("%Setuid error:", err)
}
err = os.Chdir("/")
if err != nil {
log.Fatalln("%Can't cd to '/':", err)
}
}示例13: MaybeBecomeChildProcess
func MaybeBecomeChildProcess() {
lrs := os.Getenv("_RUNSIT_LAUNCH_INFO")
if lrs == "" {
return
}
defer os.Exit(2) // should never make it this far, though
lr := new(LaunchRequest)
d := gob.NewDecoder(base64.NewDecoder(base64.StdEncoding, strings.NewReader(lrs)))
err := d.Decode(lr)
if err != nil {
log.Fatalf("Failed to decode LaunchRequest in child: %v", err)
}
if lr.NumFiles != 0 {
var lim syscall.Rlimit
if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &lim); err != nil {
log.Fatalf("failed to get NOFILE rlimit: %v", err)
}
noFile := rlim_t(lr.NumFiles)
lim.Cur = noFile
lim.Max = noFile
if err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &lim); err != nil {
log.Fatalf("failed to set NOFILE rlimit: %v", err)
}
}
if lr.Gid != 0 {
if err := syscall.Setgid(lr.Gid); err != nil {
log.Fatalf("failed to Setgid(%d): %v", lr.Gid, err)
}
}
if len(lr.Gids) != 0 {
if err := syscall.Setgroups(lr.Gids); err != nil {
log.Printf("setgroups: %v", err)
}
}
if lr.Uid != 0 {
if err := syscall.Setuid(lr.Uid); err != nil {
log.Fatalf("failed to Setuid(%d): %v", lr.Uid, err)
}
}
if lr.Path != "" {
err = os.Chdir(lr.Dir)
if err != nil {
log.Fatalf("failed to chdir to %q: %v", lr.Dir, err)
}
}
err = syscall.Exec(lr.Path, lr.Argv, lr.Env)
log.Fatalf("failed to exec %q: %v", lr.Path, err)
}示例14: setgid
func setgid() error {
exe, err := exec.LookPath(os.Args[0])
if err != nil {
return err
}
st, err := os.Stat(exe)
if err != nil {
return err
}
gid := int(st.Sys().(*syscall.Stat_t).Gid)
return syscall.Setgid(gid)
}示例15: Init
// Init create pid file, set working dir, setgid and setuid.
func Init(userGroup, dir, pidFile string) error {
// change working dir
if err := os.Chdir(dir); err != nil {
return err
}
// create pid file
if err := ioutil.WriteFile(pidFile, []byte(fmt.Sprintf("%d\n", os.Getpid())), 0644); err != nil {
return err
}
// setuid and setgid
ug := strings.SplitN(userGroup, " ", 2)
usr := defaultUser
grp := defaultGroup
if len(ug) == 0 {
// default user and group (nobody)
} else if len(ug) == 1 {
usr = ug[0]
grp = ""
} else if len(ug) == 2 {
usr = ug[0]
grp = ug[1]
}
uid := 0
gid := 0
ui, err := user.Lookup(usr)
if err != nil {
return err
}
uid, _ = strconv.Atoi(ui.Uid)
// group no set
if grp == "" {
gid, _ = strconv.Atoi(ui.Gid)
} else {
// use user's group instread
// TODO LookupGroup
gid, _ = strconv.Atoi(ui.Gid)
}
if err := syscall.Setgid(gid); err != nil {
return err
}
if err := syscall.Setuid(uid); err != nil {
return err
}
return nil
}