2 files changed, 93 insertions, 3 deletions
diff --git a/utils/Makefile b/utils/Makefile
index de33751a..8e8591f7 100644
--- a/utils/Makefile
+++ b/utils/Makefile
@@ -22,7 +22,7 @@ targets = shd ps settrans showtrans syncfs fsysopts \
 	storeinfo login w uptime ids loginpr sush vmstat portinfo \
 	devprobe vminfo addauth rmauth unsu setauth ftpcp ftpdir storecat \
 	storeread msgport rpctrace mount gcore fakeauth fakeroot remap \
-	umount
+	umount nullauth
 
 special-targets = loginpr sush uptime fakeroot remap
 SRCS = shd.c ps.c settrans.c syncfs.c showtrans.c addauth.c rmauth.c \
@@ -31,7 +31,7 @@ SRCS = shd.c ps.c settrans.c syncfs.c showtrans.c addauth.c rmauth.c \
 	parse.c frobauth.c frobauth-mod.c setauth.c pids.c nonsugid.c \
 	unsu.c ftpcp.c ftpdir.c storeread.c storecat.c msgport.c \
 	rpctrace.c mount.c gcore.c fakeauth.c fakeroot.sh remap.sh \
-	match-options.c umount.c
+	nullauth.c
 
 OBJS = $(filter-out %.sh,$(SRCS:.c=.o))
 HURDLIBS = ps ihash store fshelp ports ftpconn shouldbeinlibc
@@ -59,7 +59,7 @@ ftpcp ftpdir: ../libftpconn/libftpconn.a
 settrans: ../libfshelp/libfshelp.a ../libports/libports.a
 ps w ids settrans syncfs showtrans fsysopts storeinfo login vmstat portinfo \
   devprobe vminfo addauth rmauth setauth unsu ftpcp ftpdir storeread \
-  storecat msgport mount umount: \
+  storecat msgport mount umount nullauth: \
 	../libshouldbeinlibc/libshouldbeinlibc.a
 
 $(filter-out $(special-targets), $(targets)): %: %.o
diff --git a/utils/nullauth.c b/utils/nullauth.c
new file mode 100644
index 00000000..a0d5d1b8
--- /dev/null
+++ b/utils/nullauth.c
@@ -0,0 +1,90 @@
+/* Utility to drop all authentication credentials.
+
+   Copyright (C) 2013 Free Software Foundation, Inc.
+
+   Written by Justus Winter <4winter@informatik.uni-hamburg.de>
+
+   This file is part of the GNU Hurd.
+
+   This program is free software; you can redistribute it and/or
+   modify it under the terms of the GNU General Public License as
+   published by the Free Software Foundation; either version 2, or (at
+   your option) any later version.
+
+   This program is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+
+#include <argp.h>
+#include <error.h>
+#include <nullauth.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <version.h>
+
+static char **args;
+
+const char const *argp_program_version = STANDARD_HURD_VERSION (nullauth);
+
+static const struct argp_option const options[] =
+{
+  { 0 }
+};
+
+static const char const doc[] =
+  "Drop all authentication credentials and run the given program.";
+static const char const args_doc[] =
+  "PROGRAM [ARGUMENTS...]\tThe program to run";
+
+error_t
+parse_opt (int key, char *arg, struct argp_state *state)
+{
+  switch (key)
+    {
+    case ARGP_KEY_ARGS:
+      args = state->argv + state->next;
+      break;
+
+    case ARGP_KEY_NO_ARGS:
+      argp_error (state, "expected program to run");
+      return EINVAL;
+
+    default:
+      return ARGP_ERR_UNKNOWN;
+    }
+
+  return 0;
+}
+
+static struct argp argp = {
+  options,
+  parse_opt,
+  args_doc,
+  doc,
+  NULL,
+};
+
+int
+main (int argc, char *argv[])
+{
+  error_t err;
+
+  /* Parse our command line.  This shouldn't ever return an error.  */
+  argp_parse (&argp, argc, argv, 0, 0, NULL);
+
+  /* Drop all privileges.  */
+  err = setnullauth();
+  if (err)
+    error (1, err, "Could not drop privileges");
+
+  execv (args[0], args);
+  error (1, errno, "execv");
+
+  /* Not reached.  */
+  return EXIT_FAILURE;
+}