diff options
| author | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2009-04-02 18:03:38 -0400 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2009-04-02 18:03:38 -0400 |
| commit | 72de062aaaf5453fd6318208001c4feab7ad1b77 (patch) | |
| tree | e2031fdf5e3b0a72864c9074b1516a183440ecb0 | |
| parent | 393a8f50cf181ae374bcaddc7eaa85dbfe73dee5 (diff) | |
| download | credmonger-72de062aaaf5453fd6318208001c4feab7ad1b77.tar.gz credmonger-72de062aaaf5453fd6318208001c4feab7ad1b77.tar.xz credmonger-72de062aaaf5453fd6318208001c4feab7ad1b77.zip | |
- just use euid/egid instead of mucking around with fsuid/fsgid
| -rw-r--r-- | src/credmonger.c | 52 |
1 files changed, 26 insertions, 26 deletions
diff --git a/src/credmonger.c b/src/credmonger.c index 3eb0517..df59daf 100644 --- a/src/credmonger.c +++ b/src/credmonger.c @@ -303,12 +303,12 @@ entries_poll(void) } /* Walk the list of entries. */ for (i = 0; (entries != NULL) && (entries[i] != NULL); i++) { - if (setfsuid(0) != 0) { - log_err(LOG_CRIT, "error resetting fsuid\n"); + if (setreuid(0, 0) != 0) { + log_err(LOG_CRIT, "error resetting uid\n"); _exit(1); } - if (setfsgid(0) != 0) { - log_err(LOG_CRIT, "error resetting fsgid\n"); + if (setregid(0, 0) != 0) { + log_err(LOG_CRIT, "error resetting gid\n"); _exit(1); } if (initgroups(startup_user, 0) != 0) { @@ -332,15 +332,15 @@ entries_poll(void) entries[i]->user); break; } - if (setfsgid(entries[i]->gid) != 0) { + if (setegid(entries[i]->gid) != 0) { log_err(LOG_CRIT, - "error resetting fsgid for \"%s\"\n", + "error resetting egid for \"%s\"\n", entries[i]->user); break; } - if (setfsuid(entries[i]->uid) != 0) { + if (seteuid(entries[i]->uid) != 0) { log_err(LOG_CRIT, - "error resetting fsuid for \"%s\"\n", + "error resetting euid for \"%s\"\n", entries[i]->user); break; } @@ -483,24 +483,24 @@ entries_poll(void) } /* Done with the ccache structure. */ krb5_cc_close(ctx, ccache); - /* Fixup permissions. */ - if (chown(fccache + strlen(FCC_PREFIX), - entries[i]->uid, entries[i]->gid) != 0) { - log_err(LOG_ERR, "error setting permissions " - "on \"%s\": %s\n", - fccache + strlen(FCC_PREFIX), - strerror(errno)); - } /* If the configuration doesn't want a unique ccache * name, overwrite the destination with the contents of * this temporary file. */ if (need_rename) { - rename(fccache + strlen(FCC_PREFIX), - entries[i]->fccache_pattern + - strlen(FCC_PREFIX)); - entries[i]->fccache = - entries[i]->fccache_pattern; - entries[i]->when = creds.times.endtime; + if (rename(fccache + strlen(FCC_PREFIX), + entries[i]->fccache_pattern + + strlen(FCC_PREFIX)) == 0) { + entries[i]->fccache = + entries[i]->fccache_pattern; + entries[i]->when = creds.times.endtime; + } else { + log_err(LOG_NOTICE, + "error renaming \"%s\" " + "to \"%s\"\n", + fccache + strlen(FCC_PREFIX), + entries[i]->fccache_pattern + + strlen(FCC_PREFIX)); + } } else { /* Remove the old file, and record this one. */ oldfile = entries[i]->fccache; @@ -529,12 +529,12 @@ entries_poll(void) krb5_free_unparsed_name(ctx, principal_name); krb5_free_principal(ctx, client); } - if (setfsuid(0) != 0) { - log_err(LOG_CRIT, "error resetting fsuid\n"); + if (setreuid(0, 0) != 0) { + log_err(LOG_CRIT, "error resetting uid\n"); _exit(1); } - if (setfsgid(0) != 0) { - log_err(LOG_CRIT, "error resetting fsgid\n"); + if (setregid(0, 0) != 0) { + log_err(LOG_CRIT, "error resetting gid\n"); _exit(1); } if (initgroups(startup_user, 0) != 0) { |