1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
|
/* Utility to drop all authentication credentials.
Copyright (C) 2013 Free Software Foundation, Inc.
Written by Justus Winter <4winter@informatik.uni-hamburg.de>
This file is part of the GNU Hurd.
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License as
published by the Free Software Foundation; either version 2, or (at
your option) any later version.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. */
#include <argp.h>
#include <error.h>
#include <nullauth.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <version.h>
static char **args;
const char const *argp_program_version = STANDARD_HURD_VERSION (nullauth);
static const struct argp_option const options[] =
{
{ 0 }
};
static const char const doc[] =
"Drop all authentication credentials and run the given program.";
static const char const args_doc[] =
"PROGRAM [ARGUMENTS...]\tThe program to run";
error_t
parse_opt (int key, char *arg, struct argp_state *state)
{
switch (key)
{
case ARGP_KEY_ARGS:
args = state->argv + state->next;
break;
case ARGP_KEY_NO_ARGS:
argp_error (state, "expected program to run");
return EINVAL;
default:
return ARGP_ERR_UNKNOWN;
}
return 0;
}
static struct argp argp = {
options,
parse_opt,
args_doc,
doc,
NULL,
};
int
main (int argc, char *argv[])
{
error_t err;
/* Parse our command line. This shouldn't ever return an error. */
argp_parse (&argp, argc, argv, 0, 0, NULL);
/* Drop all privileges. */
err = setnullauth();
if (err)
error (1, err, "Could not drop privileges");
execv (args[0], args);
error (1, errno, "execv");
/* Not reached. */
return EXIT_FAILURE;
}
|