From f5e6769c33723a1d4b72722eff8bb68245ca3803 Mon Sep 17 00:00:00 2001 From: Justus Winter Date: Sat, 16 Apr 2016 16:12:35 +0200 Subject: [PATCH hurd 2/6] utils/settrans: get an authenticated root node in chroot mode * utils/settrans.c (get_credentials): New function. (main): Get an authenticated root node for the process we are chrooting. Signed-off-by: Justus Winter --- utils/settrans.c | 45 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/utils/settrans.c b/utils/settrans.c index 00cc358..399bd12 100644 --- a/utils/settrans.c +++ b/utils/settrans.c @@ -88,6 +88,44 @@ static char *args_doc = "NODE [TRANSLATOR ARG...]"; static char *doc = "Set the passive/active translator on NODE." "\vBy default the passive translator is set."; +/* Authentication of the current process. */ +uid_t *uids; +gid_t *gids; +size_t uids_len, gids_len; + +/* Initialize and populate the uids and gids vectors. */ +error_t +get_credentials (void) +{ + /* Fetch uids... */ + uids_len = geteuids (0, 0); + if (uids_len < 0) + return errno; + + uids = malloc (uids_len * sizeof (uid_t)); + if (! uids) + return ENOMEM; + + uids_len = geteuids (uids_len, uids); + if (uids_len < 0) + return errno; + + /* ... and gids. */ + gids_len = getgroups (0, 0); + if (gids_len < 0) + return errno; + + gids = malloc (gids_len * sizeof (gid_t)); + if (! uids) + return ENOMEM; + + gids_len = getgroups (gids_len, gids); + if (gids_len < 0) + return errno; + + return 0; +} + /* ---------------------------------------------------------------- */ int @@ -340,9 +378,14 @@ main(int argc, char *argv[]) mach_port_t root; file_t executable; char *prefixed_name; + + err = get_credentials (); + if (err) + error (6, err, "getting credentials"); + err = fsys_getroot (active_control, MACH_PORT_NULL, MACH_MSG_TYPE_COPY_SEND, - NULL, 0, NULL, 0, 0, + uids, uids_len, gids, gids_len, 0, &do_retry, retry_name, &root); mach_port_deallocate (mach_task_self (), active_control); if (err) -- 2.1.4