return 0;
}
+#ifndef CAP_CONTEXT
+# define CAP_CONTEXT 29
+#endif
+
static struct {
const char *option;
int bit;
{"CAP_SYS_RESOURCE",CAP_SYS_RESOURCE},
{"CAP_SYS_TIME", CAP_SYS_TIME},
{"CAP_MKNOD", CAP_MKNOD},
-#ifdef CAP_QUOTACTL
- {"CAP_QUOTACTL", CAP_QUOTACTL},
-#endif
+ {"CAP_CONTEXT", CAP_CONTEXT},
{NULL,0}
};
remove_cap = /* NOTE: keep in sync with chcontext.c */
(1<<CAP_LINUX_IMMUTABLE)|
+ (1<<CAP_NET_BIND_SERVICE)|
(1<<CAP_NET_BROADCAST)|
(1<<CAP_NET_ADMIN)|
(1<<CAP_NET_RAW)|
(1<<CAP_SYS_RESOURCE)|
(1<<CAP_SYS_TIME)|
(1<<CAP_MKNOD)|
-#ifdef CAP_QUOTACTL
- (1<<CAP_QUOTACTL)|
-#endif
-#ifdef CAP_CONTEXT
(1<<CAP_CONTEXT)|
-#endif
0
;
void runas_slice_user(char *username)
{
- struct passwd *pwd;
+ struct passwd pwdd, *pwd = &pwdd, *result;
+ char *pwdBuffer;
char *home_env, *logname_env, *mail_env, *shell_env, *user_env;
int home_len, logname_len, mail_len, shell_len, user_len;
+ long pwdBuffer_len;
static char *envp[10];
- if ((pwd = getpwnam(username)) == NULL) {
+
+ pwdBuffer_len = sysconf(_SC_GETPW_R_SIZE_MAX);
+ if (pwdBuffer_len == -1) {
+ perror("vserver: _SC_GETPW_R_SIZE_MAX not defined ");
+ exit(1);
+ }
+
+ pwdBuffer = (char*)malloc(pwdBuffer_len);
+ if (pwdBuffer == NULL) {
+ perror("vserver: malloc error ");
+ exit(1);
+ }
+
+ errno = 0;
+ if ((getpwnam_r(username,pwd,pwdBuffer,pwdBuffer_len, &result) != 0) || (errno != 0)) {
perror("vserver: getpwnam error ");
exit(1);
}
}
}
-
-
void slice_enter(char *context)
{
- struct passwd *pwd;
+ struct passwd pwdd, *pwd = &pwdd, *result;
+ char *pwdBuffer;
+ long pwdBuffer_len;
unsigned remove_cap;
uid_t uid;
- if ((pwd = getpwnam(context)) == NULL) {
+ pwdBuffer_len = sysconf(_SC_GETPW_R_SIZE_MAX);
+ if (pwdBuffer_len == -1) {
+ perror("vserver: _SC_GETPW_R_SIZE_MAX not defined ");
+ exit(1);
+ }
+
+ pwdBuffer = (char*)malloc(pwdBuffer_len);
+ if (pwdBuffer == NULL) {
+ perror("vserver: malloc error ");
+ exit(1);
+ }
+
+ errno = 0;
+ if ((getpwnam_r(context,pwd,pwdBuffer,pwdBuffer_len, &result) != 0) || (errno != 0)) {
fprintf(stderr,"vserver: getpwname(%s) failed",context);
+ perror("");
exit(2);
}
EXIT_ENOENT = 127
};
-extern void slice_enter(char *);
-extern void runas_slice_user(char *);
-
int main(int argc, char **argv)
{
- char *context, *username, *shell;
- struct passwd *pwd;
+ struct passwd pwdd, *pwd = &pwdd, *result;
+ char *context, *username, *shell, *pwdBuffer;
+ long pwdBuffer_len;
uid_t uid;
- int index, i;
+ int index, i;
if (argv[0][0]=='-')
index = 1;
/* With the uid/gid appropriately set. Let's figure out what the
* shell in the vserver's /etc/passwd is for the given username.
*/
- if ((pwd = getpwnam(username)) == NULL) {
+
+ pwdBuffer_len = sysconf(_SC_GETPW_R_SIZE_MAX);
+ if (pwdBuffer_len == -1) {
+ perror("vserver: _SC_GETPW_R_SIZE_MAX not defined ");
+ exit(1);
+ }
+ pwdBuffer = (char*)malloc(pwdBuffer_len);
+ if (pwdBuffer == NULL) {
+ perror("vserver: malloc error ");
+ exit(1);
+ }
+
+ errno = 0;
+ if ((getpwnam_r(username,pwd,pwdBuffer,pwdBuffer_len, &result) != 0) || (errno != 0)) {
fprintf(stderr,"vsh: getpwnam error failed for %s\n",username);
exit(1);
}