From 7808ed79f5dbcd9f24268d22f1838d9b6e8f25c6 Mon Sep 17 00:00:00 2001
From: Justus Winter <4winter@informatik.uni-hamburg.de>
Date: Sat, 27 Jul 2013 15:32:06 +0200
Subject: utils: add nullauth utility

nullauth drops all authentication credentials and runs the given
program. This is also useful to drop privileges on behalf of
translators that do not need any credentials in some circumstances,
e.g.

  % settrans -ap /hurd/nullauth -- /hurd/storeio -Tzero

makes storeio run without any credentials.

* utils/nullauth.c: New file.
* utils/Makefile: Build nullauth.
---
 utils/Makefile   |  6 ++--
 utils/nullauth.c | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 93 insertions(+), 3 deletions(-)
 create mode 100644 utils/nullauth.c

diff --git a/utils/Makefile b/utils/Makefile
index de33751a..8e8591f7 100644
--- a/utils/Makefile
+++ b/utils/Makefile
@@ -22,7 +22,7 @@ targets = shd ps settrans showtrans syncfs fsysopts \
 	storeinfo login w uptime ids loginpr sush vmstat portinfo \
 	devprobe vminfo addauth rmauth unsu setauth ftpcp ftpdir storecat \
 	storeread msgport rpctrace mount gcore fakeauth fakeroot remap \
-	umount
+	umount nullauth
 
 special-targets = loginpr sush uptime fakeroot remap
 SRCS = shd.c ps.c settrans.c syncfs.c showtrans.c addauth.c rmauth.c \
@@ -31,7 +31,7 @@ SRCS = shd.c ps.c settrans.c syncfs.c showtrans.c addauth.c rmauth.c \
 	parse.c frobauth.c frobauth-mod.c setauth.c pids.c nonsugid.c \
 	unsu.c ftpcp.c ftpdir.c storeread.c storecat.c msgport.c \
 	rpctrace.c mount.c gcore.c fakeauth.c fakeroot.sh remap.sh \
-	match-options.c umount.c
+	nullauth.c
 
 OBJS = $(filter-out %.sh,$(SRCS:.c=.o))
 HURDLIBS = ps ihash store fshelp ports ftpconn shouldbeinlibc
@@ -59,7 +59,7 @@ ftpcp ftpdir: ../libftpconn/libftpconn.a
 settrans: ../libfshelp/libfshelp.a ../libports/libports.a
 ps w ids settrans syncfs showtrans fsysopts storeinfo login vmstat portinfo \
   devprobe vminfo addauth rmauth setauth unsu ftpcp ftpdir storeread \
-  storecat msgport mount umount: \
+  storecat msgport mount umount nullauth: \
 	../libshouldbeinlibc/libshouldbeinlibc.a
 
 $(filter-out $(special-targets), $(targets)): %: %.o
diff --git a/utils/nullauth.c b/utils/nullauth.c
new file mode 100644
index 00000000..a0d5d1b8
--- /dev/null
+++ b/utils/nullauth.c
@@ -0,0 +1,90 @@
+/* Utility to drop all authentication credentials.
+
+   Copyright (C) 2013 Free Software Foundation, Inc.
+
+   Written by Justus Winter <4winter@informatik.uni-hamburg.de>
+
+   This file is part of the GNU Hurd.
+
+   This program is free software; you can redistribute it and/or
+   modify it under the terms of the GNU General Public License as
+   published by the Free Software Foundation; either version 2, or (at
+   your option) any later version.
+
+   This program is distributed in the hope that it will be useful, but
+   WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
+
+#include <argp.h>
+#include <error.h>
+#include <nullauth.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <version.h>
+
+static char **args;
+
+const char const *argp_program_version = STANDARD_HURD_VERSION (nullauth);
+
+static const struct argp_option const options[] =
+{
+  { 0 }
+};
+
+static const char const doc[] =
+  "Drop all authentication credentials and run the given program.";
+static const char const args_doc[] =
+  "PROGRAM [ARGUMENTS...]\tThe program to run";
+
+error_t
+parse_opt (int key, char *arg, struct argp_state *state)
+{
+  switch (key)
+    {
+    case ARGP_KEY_ARGS:
+      args = state->argv + state->next;
+      break;
+
+    case ARGP_KEY_NO_ARGS:
+      argp_error (state, "expected program to run");
+      return EINVAL;
+
+    default:
+      return ARGP_ERR_UNKNOWN;
+    }
+
+  return 0;
+}
+
+static struct argp argp = {
+  options,
+  parse_opt,
+  args_doc,
+  doc,
+  NULL,
+};
+
+int
+main (int argc, char *argv[])
+{
+  error_t err;
+
+  /* Parse our command line.  This shouldn't ever return an error.  */
+  argp_parse (&argp, argc, argv, 0, 0, NULL);
+
+  /* Drop all privileges.  */
+  err = setnullauth();
+  if (err)
+    error (1, err, "Could not drop privileges");
+
+  execv (args[0], args);
+  error (1, errno, "execv");
+
+  /* Not reached.  */
+  return EXIT_FAILURE;
+}
-- 
cgit v1.2.3