summaryrefslogtreecommitdiffstats
path: root/src/util
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2014-09-23 16:27:23 +0200
committerJakub Hrozek <jhrozek@redhat.com>2014-10-22 15:43:42 +0200
commit5eda23c28c582b43b2a0a165b1750f3875c0fa84 (patch)
tree2cf532925461c2292ad4252406cb4a0ad578bbb7 /src/util
parente373fffbb8e06d0d7682d095c734e8df8a499ba0 (diff)
downloadsssd-5eda23c28c582b43b2a0a165b1750f3875c0fa84.tar.gz
sssd-5eda23c28c582b43b2a0a165b1750f3875c0fa84.tar.xz
sssd-5eda23c28c582b43b2a0a165b1750f3875c0fa84.zip
UTIL: Add a function to convert id_t from a number or a name
We need a custom function that would convert a numeric or string input into uid_t. The function will be used to drop privileges in servers and also in the PAC and IFP responders. Includes a unit test to test all code that changed as well as a fix for a misnamed attribute in the csv_to_uid_list function synopsis. Reviewed-by: Pavel Reichl <preichl@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/util')
-rw-r--r--src/util/usertools.c44
-rw-r--r--src/util/util.c1
-rw-r--r--src/util/util.h2
3 files changed, 47 insertions, 0 deletions
diff --git a/src/util/usertools.c b/src/util/usertools.c
index 809b42d67..a0b914e2f 100644
--- a/src/util/usertools.c
+++ b/src/util/usertools.c
@@ -23,8 +23,11 @@
#include <pcre.h>
#include <errno.h>
#include <talloc.h>
+#include <pwd.h>
+#include <grp.h>
#include "confdb/confdb.h"
+#include "util/strtonum.h"
#include "util/util.h"
#include "util/safe-format-string.h"
#include "responder/common/responder.h"
@@ -659,3 +662,44 @@ sss_get_domain_name(TALLOC_CTX *mem_ctx,
return user_name;
}
+
+errno_t sss_user_by_name_or_uid(const char *input, uid_t *_uid, gid_t *_gid)
+{
+ uid_t uid;
+ errno_t ret;
+ char *endptr;
+ struct passwd *pwd;
+
+ /* Try if it's an ID first */
+ errno = 0;
+ uid = strtouint32(input, &endptr, 10);
+ if (errno != 0 || *endptr != '\0') {
+ ret = errno;
+ if (ret == ERANGE) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "UID [%s] is out of range.\n", input);
+ return ret;
+ }
+
+ /* Nope, maybe a username? */
+ pwd = getpwnam(input);
+ } else {
+ pwd = getpwuid(uid);
+ }
+
+ if (pwd == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "[%s] is neither a valid UID nor a user name which could be "
+ "resolved by getpwnam().\n", input);
+ return EINVAL;
+ }
+
+ if (_uid) {
+ *_uid = pwd->pw_uid;
+ }
+
+ if (_gid) {
+ *_gid = pwd->pw_gid;
+ }
+ return EOK;
+}
diff --git a/src/util/util.c b/src/util/util.c
index 7f80771ec..d78d37d97 100644
--- a/src/util/util.c
+++ b/src/util/util.c
@@ -21,6 +21,7 @@
#include <ctype.h>
#include <netdb.h>
#include <poll.h>
+#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <talloc.h>
diff --git a/src/util/util.h b/src/util/util.h
index df83aac7d..69074c93c 100644
--- a/src/util/util.h
+++ b/src/util/util.h
@@ -404,6 +404,8 @@ bool check_ipv6_addr(struct in6_addr *addr, uint8_t check);
const char * const * get_known_services(void);
+errno_t sss_user_by_name_or_uid(const char *input, uid_t *_uid, gid_t *_gid);
+
int split_on_separator(TALLOC_CTX *mem_ctx, const char *str,
const char sep, bool trim, bool skip_empty,
char ***_list, int *size);