public inbox for util-linux@vger.kernel.org
 help / color / mirror / Atom feed
From: Sami Kerola <kerolasa@iki.fi>
To: util-linux@vger.kernel.org
Cc: kerolasa@iki.fi
Subject: [PATCH 06/33] setpriv: allow login and group name option arguments
Date: Sat, 13 Apr 2013 20:54:34 +0100	[thread overview]
Message-ID: <1365882901-11429-7-git-send-email-kerolasa@iki.fi> (raw)
In-Reply-To: <1365882901-11429-1-git-send-email-kerolasa@iki.fi>

For an average user names are easier to use than uid and gid numbers.

Signed-off-by: Sami Kerola <kerolasa@iki.fi>
---
 sys-utils/setpriv.1 |  6 ++++--
 sys-utils/setpriv.c | 42 ++++++++++++++++++++++++++++++------------
 2 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/sys-utils/setpriv.1 b/sys-utils/setpriv.1
index c56d89f..c05473c 100644
--- a/sys-utils/setpriv.1
+++ b/sys-utils/setpriv.1
@@ -55,7 +55,8 @@ inheritable set, you are likely to become confused.  Do not do that.
 Lists all known capabilities.  Must be specified alone.
 .TP
 \fB\-\-ruid\fR \fIuid\fR, \fB\-\-euid\fR \fIuid\fR, \fB\-\-reuid\fR \fIuid\fR
-Sets the real, effective, or both \fIuid\fRs.
+Sets the real, effective, or both \fIuid\fRs.  The uid argument can be
+given as textual login name.
 .IP
 Setting
 .I uid
@@ -68,7 +69,8 @@ something like:
 \-\-reuid=1000 \-\-\:regid=1000 \-\-\:caps=\-\:all
 .TP
 \fB\-\-rgid\fR \fIgid\fR, \fB\-\-egid\fR \fIgid\fR, \fB\-\-regid\fR \fIgid\fR
-Sets the real, effective, or both \fIgid\fRs.
+Sets the real, effective, or both \fIgid\fRs.  The gid argument can be
+given as textual group name.
 .IP
 For safety, you must specify one of \-\-\:keep\-\:groups,
 \-\-\:clear\-\:groups, or \-\-\:groups if you set any primary
diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index a547fd7..7fa5f82 100644
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -23,10 +23,12 @@
 #include <getopt.h>
 #include <grp.h>
 #include <linux/securebits.h>
+#include <pwd.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <sys/prctl.h>
+#include <sys/types.h>
 #include <unistd.h>
 
 #include "c.h"
@@ -545,6 +547,28 @@ static void do_apparmor_profile(const char *label)
 		    _("write failed: %s"), _PATH_PROC_ATTR_EXEC);
 }
 
+static uid_t get_user(const char *s, const char *err)
+{
+	struct passwd *pw;
+	long tmp;
+	pw = getpwnam(s);
+	if (pw)
+		return pw->pw_uid;
+	tmp = strtol_or_err(s, err);
+	return tmp;
+}
+
+static gid_t get_group(const char *s, const char *err)
+{
+	struct group *gr;
+	long tmp;
+	gr = getgrnam(s);
+	if (gr)
+		return gr->gr_gid;
+	tmp = strtol_or_err(s, err);
+	return tmp;
+}
+
 int main(int argc, char **argv)
 {
 	enum {
@@ -627,43 +651,37 @@ int main(int argc, char **argv)
 			if (opts.have_ruid)
 				errx(EXIT_FAILURE, _("duplicate ruid"));
 			opts.have_ruid = 1;
-			opts.ruid = strtol_or_err(optarg,
-						  _("failed to parse ruid"));
+			opts.ruid = get_user(optarg, _("failed to parse ruid"));
 			break;
 		case EUID:
 			if (opts.have_euid)
 				errx(EXIT_FAILURE, _("duplicate euid"));
 			opts.have_euid = 1;
-			opts.euid = strtol_or_err(optarg,
-						  _("failed to parse euid"));
+			opts.euid = get_user(optarg, _("failed to parse euid"));
 			break;
 		case REUID:
 			if (opts.have_ruid || opts.have_euid)
 				errx(EXIT_FAILURE, _("duplicate ruid or euid"));
 			opts.have_ruid = opts.have_euid = 1;
-			opts.ruid = opts.euid = strtol_or_err(optarg,
-							      _("failed to parse reuid"));
+			opts.ruid = opts.euid = get_user(optarg, _("failed to parse reuid"));
 			break;
 		case RGID:
 			if (opts.have_rgid)
 				errx(EXIT_FAILURE, _("duplicate rgid"));
 			opts.have_rgid = 1;
-			opts.rgid = strtol_or_err(optarg,
-						  _("failed to parse rgid"));
+			opts.rgid = get_group(optarg, _("failed to parse rgid"));
 			break;
 		case EGID:
 			if (opts.have_egid)
 				errx(EXIT_FAILURE, _("duplicate egid"));
 			opts.have_egid = 1;
-			opts.egid = strtol_or_err(optarg,
-						  _("failed to parse egid"));
+			opts.egid = get_group(optarg, _("failed to parse egid"));
 			break;
 		case REGID:
 			if (opts.have_rgid || opts.have_egid)
 				errx(EXIT_FAILURE, _("duplicate rgid or egid"));
 			opts.have_rgid = opts.have_egid = 1;
-			opts.rgid = opts.egid = strtol_or_err(optarg,
-							      _("failed to parse regid"));
+			opts.rgid = opts.egid = get_group(optarg, _("failed to parse regid"));
 			break;
 		case CLEAR_GROUPS:
 			if (opts.clear_groups)
-- 
1.8.2.1


  parent reply	other threads:[~2013-04-13 19:55 UTC|newest]

Thread overview: 40+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-04-13 19:54 [PATCH 00/33] pull: bash completions, help screens, and file writing Sami Kerola
2013-04-13 19:54 ` [PATCH 01/33] bash-completion: add mount and umount Sami Kerola
2013-04-13 19:54 ` [PATCH 02/33] blkid, hwclock, ldattach: use program_invocation_short_name Sami Kerola
2013-04-13 19:54 ` [PATCH 03/33] utmpdump: add option to write to a file Sami Kerola
2013-04-13 19:54 ` [PATCH 04/33] cfdisk: add long options to the command Sami Kerola
2013-04-26 11:30   ` Karel Zak
2013-04-13 19:54 ` [PATCH 05/33] bash-completion: prefer bash 3.x 'here string' syntax Sami Kerola
2013-04-13 21:59   ` Dave Reisner
2013-04-26 11:38     ` Karel Zak
2013-04-26 12:29       ` Sami Kerola
2013-04-13 19:54 ` Sami Kerola [this message]
2013-04-13 19:54 ` [PATCH 07/33] build-sys: add --disable-setterm to ./configure Sami Kerola
2013-04-26 11:53   ` Karel Zak
2013-04-13 19:54 ` [PATCH 08/33] hexdump: add long options to the command Sami Kerola
2013-04-13 19:54 ` [PATCH 09/33] setsid: exit when control terminal cannot be set Sami Kerola
2013-04-13 19:54 ` [PATCH 10/33] cfdisk: check writing to a file was successful Sami Kerola
2013-04-13 19:54 ` [PATCH 11/33] setpriv: " Sami Kerola
2013-04-13 19:54 ` [PATCH 12/33] agetty: " Sami Kerola
2013-04-13 19:54 ` [PATCH 13/33] pg: " Sami Kerola
2013-04-13 19:54 ` [PATCH 14/33] libblkid: " Sami Kerola
2013-04-13 19:54 ` [PATCH 15/33] libmount: " Sami Kerola
2013-04-13 19:54 ` [PATCH 16/33] include: add close_fd() for noticing write errors before close() Sami Kerola
2013-04-13 19:54 ` [PATCH 17/33] fdformat: check writing to a file descriptor was successful Sami Kerola
2013-04-13 19:54 ` [PATCH 18/33] partx: " Sami Kerola
2013-04-13 19:54 ` [PATCH 19/33] resizepart: " Sami Kerola
2013-04-13 19:54 ` [PATCH 20/33] cfdisk: " Sami Kerola
2013-04-13 19:54 ` [PATCH 21/33] sfdisk: " Sami Kerola
2013-04-13 19:54 ` [PATCH 22/33] wdctl: " Sami Kerola
2013-04-13 19:54 ` [PATCH 23/33] fsck.cramfs: " Sami Kerola
2013-04-13 19:54 ` [PATCH 24/33] fsck.minix: " Sami Kerola
2013-04-13 19:54 ` [PATCH 25/33] mkfs.bfs: " Sami Kerola
2013-04-13 19:54 ` [PATCH 26/33] mkfs.cramfs: unify write check to a file descriptor Sami Kerola
2013-04-13 19:54 ` [PATCH 27/33] mkfs.minix: check writing to a file descriptor was successful Sami Kerola
2013-04-13 19:54 ` [PATCH 28/33] mkswap: unify write check to a file descriptor Sami Kerola
2013-04-13 19:54 ` [PATCH 29/33] swaplabel: check writing to a file descriptor was successful Sami Kerola
2013-04-13 19:54 ` [PATCH 30/33] fallocate: " Sami Kerola
2013-04-13 19:54 ` [PATCH 31/33] setpriv: " Sami Kerola
2013-04-13 19:55 ` [PATCH 32/33] swapon: " Sami Kerola
2013-04-13 19:55 ` [PATCH 33/33] wall: " Sami Kerola
2013-04-17 13:31 ` [PATCH 00/33] pull: bash completions, help screens, and file writing Karel Zak

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1365882901-11429-7-git-send-email-kerolasa@iki.fi \
    --to=kerolasa@iki.fi \
    --cc=util-linux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox