diff options
| -rwxr-xr-x | configure | 26 | ||||
| -rw-r--r-- | sysif.c | 45 | ||||
| -rw-r--r-- | txr.1 | 36 |
3 files changed, 107 insertions, 0 deletions
@@ -2193,6 +2193,32 @@ else printf "no\n" fi +printf "Checking for {set,get}res{uid,gid} ... " + +cat > conftest.c <<! +#include <sys/types.h> +#include <unistd.h> + +int main(int argc, char **argv) +{ + uid_t ur, ue, us; + gid_t gr, ge, gs; + int gur = getresuid(&ur, &ue, &us); + int ggr = getresgid(&gr, &ge, &gs); + int sur = setresuid(0, 0, 0); + int sgr = setresgid(0, 0, 0); + return 0; +} +! + +if conftest ; then + printf "yes\n" + printf "#define HAVE_SETRESUID 1\n" >> $config_h + have_unistd=y +else + printf "no\n" +fi + printf "Checking for setgroups ... " cat > conftest.c <<! @@ -978,6 +978,44 @@ static val setgroups_wrap(val list) #endif +#if HAVE_SETRESUID + +static val getresuid_wrap(void) +{ + uid_t r, e, s; + if (getresuid(&r, &e, &s) != 0) + uw_throwf(system_error_s, lit("getresuid failed: ~d/~s"), + num(errno), string_utf8(strerror(errno)), nao); + return list(num(r), num(e), num(s), nao); +} + +static val getresgid_wrap(void) +{ + gid_t r, e, s; + if (getresgid(&r, &e, &s) != 0) + uw_throwf(system_error_s, lit("getresgid failed: ~d/~s"), + num(errno), string_utf8(strerror(errno)), nao); + return list(num(r), num(e), num(s), nao); +} + +static val setresuid_wrap(val r, val e, val s) +{ + if (setresuid(c_num(r), c_num(e), c_num(s)) != 0) + uw_throwf(system_error_s, lit("setresuid failed: ~d/~s"), + num(errno), string_utf8(strerror(errno)), nao); + return t; +} + +static val setresgid_wrap(val r, val e, val s) +{ + if (setresuid(c_num(r), c_num(e), c_num(s)) != 0) + uw_throwf(system_error_s, lit("setresuid failed: ~d/~s"), + num(errno), string_utf8(strerror(errno)), nao); + return t; +} + +#endif + #if HAVE_PWUID static val setpwent_wrap(void) @@ -1542,6 +1580,13 @@ void sysif_init(void) reg_fun(intern(lit("setgroups"), user_package), func_n1(setgroups_wrap)); #endif +#if HAVE_SETRESUID + reg_fun(intern(lit("getresuid"), user_package), func_n0(getresuid_wrap)); + reg_fun(intern(lit("getresgid"), user_package), func_n0(getresgid_wrap)); + reg_fun(intern(lit("setresuid"), user_package), func_n3(setresuid_wrap)); + reg_fun(intern(lit("setresgid"), user_package), func_n3(setresgid_wrap)); +#endif + #if HAVE_PWUID reg_fun(intern(lit("setpwent"), user_package), func_n0(setpwent_wrap)); reg_fun(intern(lit("endpwent"), user_package), func_n0(endpwent_wrap)); @@ -37006,6 +37006,42 @@ is returned. On failure, it throws an exception of type .codn system-error . +.coNP Functions @ getresuid and @ getresgid +.synb +.mets (getresuid) +.mets (getresgid) +.syne +.desc +These functions directly correspond to the POSIX C library functions +of the same names available in some Unix operating systems. +Each function retrieves a three element list of numeric IDs. +The +.code getresuid +function retrieves the real, effective and saved user ID of +the calling process. +The +.code getresgid +function retrieves the real, effective and saved group ID of +the calling process. + +.coNP Functions @ setresuid and @ setresgid +.synb +.mets (setresuid < real-uid < effective-uid << saved-uid ) +.mets (setresgid < real-gid < effective-gid << saved-gid ) +.syne +.desc +These functions directly correspond to the POSIX C library functions of the +same names available in some Unix operating systems. They change the real, +effective and saved user ID or group ID, respectively, of the calling process. + +A value of -1 for any of the IDs specifies that the ID is not to be changed. + +Only privileged processes may arbitrarily change IDs to different values. + +Unprivileged processes are restricted in the following way: +each of the new IDs that is replaced must have a new value which is equal to +one of the existing three IDs. + .SS* Unix Password Database .coNP Structure @ passwd |