This is the mail archive of the libc-hacker@sourceware.cygnus.com mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Hi, I have created a patch for glibc 2.2, which allows nscd to change the uid to a user without special privilegs at startup. This will only be done, if the admin configures it in nscd.conf, and no secure option (-S) is used. Thorsten -- Thorsten Kukuk http://www.suse.de/~kukuk/ kukuk@suse.de SuSE GmbH Schanzaeckerstr. 10 90443 Nuernberg Linux is like a Vorlon. It is incredibly powerful, gives terse, cryptic answers and has a lot of things going on in the background.
2000-04-20 Thorsten Kukuk <kukuk@suse.de> * nscd/nscd.c: Start new session for nscd, drop privilegs to configured user if requested and no -S parameter are used. * nscd/nscd.conf: Add new option "server-user" * nscd/nscd_conf.c: Add support for new "server-user" option. * nscd/nscd.h: Add protoype for server_user variable. Based on patch by Chris Wing <wingc@engin.umich.edu> --- nscd/nscd.c +++ nscd/nscd.c 2000/04/12 14:14:03 @@ -1,4 +1,4 @@ -/* Copyright (c) 1998, 1999 Free Software Foundation, Inc. +/* Copyright (c) 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998. @@ -62,6 +62,7 @@ int disabled_passwd; int disabled_group; int go_background = 1; +char *server_user = NULL; int secure[lastdb]; int secure_in_use; @@ -69,6 +70,7 @@ static int check_pid (const char *file); static int write_pid (const char *file); +static void drop_privileges (void); /* Name and version of program. */ static void print_version (FILE *stream, struct argp_state *state); @@ -140,6 +142,8 @@ if (fork ()) exit (0); + setsid (); + chdir ("/"); openlog ("nscd", LOG_CONS | LOG_ODELAY, LOG_DAEMON); @@ -164,6 +168,10 @@ /* Init databases. */ nscd_init (conffile); + /* Change to unprivileged UID if specifed in config file */ + if(server_user && !secure_in_use) + drop_privileges (); + /* Handle incoming requests */ start_threads (); @@ -362,4 +370,37 @@ fclose (fp); return 0; +} + +/* Look up the uid and gid associated with the user we are supposed to run + the server as, and then call setgid(), setgroups(), and setuid(). + Otherwise, abort- we should not run as root if the configuration file + specifically tells us not to. */ + +static void +drop_privileges (void) +{ + int buflen = 256; + char *buffer = alloca (buflen); + struct passwd resultbuf; + struct passwd *pwd; + + while (__getpwnam_r (server_user, &resultbuf, buffer, buflen, &pwd) != 0 + && errno == ERANGE) + { + errno = 0; + buflen += 256; + buffer = alloca (buflen); + } + + if(!pwd) + { + dbg_log (_("Failed to look up user '%s' to run server as"), + server_user); + exit(1); + } + + setgroups (0, NULL); + setgid (pwd->pw_gid); + setuid (pwd->pw_uid); } --- nscd/nscd.conf +++ nscd/nscd.conf 2000/04/12 14:15:47 @@ -8,6 +8,8 @@ # logfile <file> # debug-level <level> # threads <#threads to use> +# server-user <user to run server as instead of root> +# server-user is ignored if nscd is started with -S parameters # # enable-cache <service> <yes|no> # positive-time-to-live <service> <time in seconds> @@ -21,7 +23,7 @@ # logfile /var/log/nscd.log # threads 6 - +# server-user nobody debug-level 0 enable-cache passwd yes --- nscd/nscd_conf.c +++ nscd/nscd_conf.c 2000/04/12 14:17:31 @@ -1,6 +1,6 @@ /* Copyright (c) 1998 Free Software Foundation, Inc. This file is part of the GNU C Library. - Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1998. + Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as @@ -175,6 +175,13 @@ if (nthreads == -1) nthreads = MAX (atol (arg1), lastdb); } + else if (strcmp (entry, "server-user") == 0) + { + if (!arg1) + dbg_log (_("Must specify user name for server-user option"), arg1); + else + server_user = strdup (arg1); + } else dbg_log (_("Unknown option: %s %s %s"), entry, arg1, arg2); } --- nscd/nscd.h +++ nscd/nscd.h 2000/04/12 14:16:17 @@ -96,6 +96,9 @@ extern int secure[lastdb]; extern int secure_in_use; /* Is one of the above 1 ? */ +/* User name to run server processes as */ +extern char *server_user; + /* Prototypes for global functions. */ /* nscd.c */
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |