1 /* nonroot.c: Various database functions for rights and users
2 Copyright (C) 1999-2000 Steinar H. Gunderson
4 This program is is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2 if the
6 License as published by the Free Software Foundation.
8 This program is distributed in the hope that it will be useful,
9 but WITHOUT ANY WARRANTY; without even the implied warranty of
10 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 GNU General Public License for more details.
13 You should have received a copy of the GNU General Public License
14 along with this program; if not, write to the Free Software
15 Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19 * make autoconf changeable!!!
21 #define USERS_FILE "/home/betaftpd/betaftpd.users"
22 #define GROUP_FILE "/home/betaftpd/betaftpd.groups"
31 #include <sys/types.h>
72 /* we will add cacheing of both users and rights LATER :-) */
74 int nr_userinfo(const char * const username, int * const uid,
75 char * const homedir, char * const rootdir,
76 const char * const password)
78 FILE *users_file = fopen(USERS_FILE, "r");
79 char this_username[256];
80 char real_password[256];
82 if (users_file == NULL) return 0; /* panic, reject all users */
85 * ignores gids atm, we may want to change that in the future
87 while (!feof(users_file)) {
88 fscanf(users_file, "%d %s %s %s %s %*[^\n]\n",
89 uid, this_username, real_password, homedir, rootdir);
90 if (strcmp(this_username, username) != 0) continue;
94 printf("pw = %s\n", real_password);
95 printf("uid = %u\n", *uid);
96 printf("hdir = %s\n", homedir);
97 printf("rdir = %s\nEND\n", rootdir);
99 if (strcmp(real_password, crypt(password, real_password)) == 0) {
107 return 0; /* no such user */
111 * Thank goodness for the Unix inventors, who invented all those nice flags! :-)
112 * Reduces my code size a lot :-)
114 int nr_check_permission(const uid_t uid, const char * const object,
115 const int perm, const int is_dir,
116 char * const ret_rights)
121 snprintf(temp, 256, "%s/.rights", object);
122 return nr_intperm(uid, temp, ".", perm, ret_rights);
126 snprintf(temp, 256, "%s", object); /* non-overflow */
128 ptr = strrchr(temp, '/');
130 return nr_intperm(uid, "./.rights", temp, perm, ret_rights);
135 snprintf(temp2, 256, "%s/.rights", temp);
136 return nr_intperm(uid, temp2, ptr + 1, perm, ret_rights);
141 int nr_intperm(const uid_t uid, const char * const rightfile,
142 const char * const entry, const int perm,
143 char * const ret_rights)
145 FILE *rights = fopen(rightfile, "r");
146 char default_rights[] = "---------";
147 char this_entry[256], these_rights[16], check_rights[16], *ptr;
148 int rights_assigned = 0;
149 uid_t this_uid, check_uid;
150 gid_t this_gid, check_gid;
152 printf("Checking permission %u for uid %d, file `%s', entry `%s'\n",
153 perm, uid, rightfile, entry);
158 printf("cwd is `%s'\n", buf);
161 if (rights == NULL) perror(rightfile);
163 if (ret_rights != NULL) strcpy(ret_rights, default_rights);
164 if (rights == NULL) return -1; /* no rights file -- no permission */
166 while (!feof(rights)) {
167 fscanf(rights, "%s %s %d %d\n", this_entry, these_rights,
168 &this_uid, &this_gid);
170 if (strcmp(this_entry, entry) == 0) rights_assigned = 1;
171 if (strcmp(this_entry, ".default") == 0) rights_assigned = 2;
173 if (rights_assigned != 0) {
174 if (ret_rights != NULL) strcpy(ret_rights, these_rights);
176 strcpy(check_rights, these_rights);
177 check_uid = this_uid;
178 check_gid = this_gid;
180 /* if we found a `real' (non-default) match, break right away */
181 if (rights_assigned == 1) break;
185 if (rights_assigned == 0) {
186 puts("no entry! denying...\n");
187 return -1; /* no entry, no access */
190 /* if we're only looking for at entry, return OK now */
192 puts("Only peeking; OK\n");
196 /* now on to the actual checking... */
198 if (perm != 4) ptr++; /* check the right bits */
199 if (perm == 1) ptr++;
201 printf("Actual rights are `%s', filtered: `%s'\n", check_rights, ptr);
203 if (ptr[6] != '-') return 0; /* all users */
204 if (uid == check_uid && ptr[0] != '-') return 0; /* user owner */
205 if (member_of_group(uid, check_gid) && ptr[3] != '-') return 0;
206 /* member of group */
208 return -1; /* no access */
211 int member_of_group(const uid_t uid, const gid_t gid)
213 printf("For now, `%s' is not member of `%s'\n",
214 nr_get_uname(uid), nr_get_gname(gid));
218 char username[256], groupname[256]; /* static buffer to return */
220 char *nr_get_uname(const uid_t uid)
222 FILE *users = fopen(USERS_FILE, "r");
225 if (users == NULL) return "error"; /* panic */
227 while (!feof(users)) {
228 if (fscanf(users, "%d %s %*[^\n]\n", &uid_this, username) < 2) continue;
229 if (uid_this == uid) return username;
231 snprintf(username, 256, "%d", uid);
235 char *nr_get_gname(const uid_t gid)
237 FILE *group = fopen(GROUP_FILE, "r");
240 if (group == NULL) return "error"; /* panic */
242 while (!feof(group)) {
243 if (fscanf(group, "%d %s\n", &gid_this, groupname) < 2) continue;
244 if (gid_this == gid) return groupname;
246 snprintf(groupname, 256, "%d", gid);
250 #endif /* !WANT_NONROOT */