*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
*****************************************************************************/
#if HAVE_CONFIG_H
# include <config.h>
#endif
-#ifdef HAVE_GETEUID
+#if defined (HAVE_GETEUID) && !defined (SYS_BEOS)
# define ENABLE_ROOTWRAP 1
#endif
#endif*/
/**
- * Converts username to UID.
+ * Tries to find a real non-root user to use
*/
-static uid_t parse_user (const char *name)
-{
- struct passwd *pw;
-
- pw = getpwnam (name);
- if (pw == NULL)
- return (uid_t)(-1);
-
- return pw->pw_uid;
-}
-
-
-/**
- * Tries to find a real non-root user ID
- */
-static uid_t guess_user (void)
+static struct passwd *guess_user (void)
{
const char *name;
+ struct passwd *pw;
uid_t uid;
/* Try real UID */
uid = getuid ();
if (uid)
- return uid;
+ if ((pw = getpwuid (uid)) != NULL)
+ return pw;
/* Try sudo */
name = getenv ("SUDO_USER");
if (name != NULL)
- {
- uid = parse_user (name);
- if (uid != (uid_t)(-1))
- return uid;
- }
+ if ((pw = getpwnam (name)) != NULL)
+ return pw;
/* Try VLC_USER */
name = getenv ("VLC_USER");
if (name != NULL)
- {
- uid = parse_user (name);
- if (uid != (uid_t)(-1))
- return uid;
- }
+ if ((pw = getpwnam (name)) != NULL)
+ return pw;
/* Try vlc */
- uid = parse_user ("vlc");
- if (uid != (uid_t)(-1))
- return uid;
+ if ((pw = getpwnam ("vlc")) != NULL)
+ return pw;
- /* Try nobody */
- uid = parse_user ("nobody");
- if (uid != (uid_t)(-1))
- return uid;
-
- return 65534;
-}
-
-
-/**
- * Returns the main GID associated with a given UID.
- */
-static gid_t guess_gid (uid_t uid)
-{
- struct passwd *pw;
-
- pw = getpwuid (uid);
- if (pw != NULL)
- return pw->pw_gid;
- return 65534;
+ return getpwuid (0);
}
const int val = 1;
setsockopt (sock, SOL_SOCKET, SO_REUSEADDR, &val, sizeof (val));
+#ifdef AF_INET6
if (ss.ss_family == AF_INET6)
setsockopt (sock, IPPROTO_IPV6, IPV6_V6ONLY, &val, sizeof (val));
-
+#endif
if (bind (sock, (struct sockaddr *)&ss, len) == 0)
{
send_fd (fd, sock);
{
struct rlimit lim;
int fd, pair[2];
+ struct passwd *pw;
uid_t u;
- gid_t g;
u = geteuid ();
/* Are we running with root privileges? */
fputs ("Starting VLC root wrapper...", stderr);
- u = guess_user ();
- fprintf (stderr, " using UID %u", (unsigned)u);
-
- g = guess_gid (u);
- fprintf (stderr, ", using GID %u\n", (unsigned)g);
+ pw = guess_user ();
+ if (pw == NULL)
+ return; /* Should we rather print an error and exit ? */
+ u = pw->pw_uid,
+ fprintf (stderr, " using UID %u (%s)\n", (unsigned)u, pw->pw_name);
if (u == 0)
{
fputs ("***************************************\n"
"***************************************\n"
"\n"
" It is potentially dangerous, "
- "and might not even work properly.", stderr);
+ "and might not even work properly.\n", stderr);
return;
}
/* GID */
- setgid (g);
- setgroups (0, NULL);
+ initgroups (pw->pw_name, pw->pw_gid);
+ setgid (pw->pw_gid);
if (socketpair (AF_LOCAL, SOCK_STREAM, 0, pair))
{
projects / vlc / blobdiff