va_list va;
const char *d;
unsigned int lvl = 0;
+ const char *prefix = "UWRAP";
d = getenv("UID_WRAPPER_DEBUGLEVEL");
if (d != NULL) {
lvl = atoi(d);
}
+ if (lvl < dbglvl) {
+ return;
+ }
+
va_start(va, format);
vsnprintf(buffer, sizeof(buffer), format, va);
va_end(va);
- if (lvl >= dbglvl) {
- const char *prefix = "UWRAP";
- switch (dbglvl) {
- case UWRAP_LOG_ERROR:
- prefix = "UWRAP_ERROR";
- break;
- case UWRAP_LOG_WARN:
- prefix = "UWRAP_WARN";
- break;
- case UWRAP_LOG_DEBUG:
- prefix = "UWRAP_DEBUG";
- break;
- case UWRAP_LOG_TRACE:
- prefix = "UWRAP_TRACE";
- break;
- }
-
- fprintf(stderr,
- "%s(%d) - %s: %s\n",
- prefix,
- (int)getpid(),
- function,
- buffer);
+ switch (dbglvl) {
+ case UWRAP_LOG_ERROR:
+ prefix = "UWRAP_ERROR";
+ break;
+ case UWRAP_LOG_WARN:
+ prefix = "UWRAP_WARN";
+ break;
+ case UWRAP_LOG_DEBUG:
+ prefix = "UWRAP_DEBUG";
+ break;
+ case UWRAP_LOG_TRACE:
+ prefix = "UWRAP_TRACE";
+ break;
}
+
+ fprintf(stderr,
+ "%s(%d) - %s: %s\n",
+ prefix,
+ (int)getpid(),
+ function,
+ buffer);
}
/*****************
{
char groups_str[GROUP_STRING_SIZE] = {0};
size_t groups_str_size = sizeof(groups_str);
- char unsigned_str[32] = {0};
+ char unsigned_str[16] = {0}; /* We need 10 + 1 (+ 1) */
int i;
/* UIDS */
if (id->ngroups > GROUP_MAX_COUNT) {
UWRAP_LOG(UWRAP_LOG_ERROR,
"ERROR: Number of groups (%u) exceeds maximum value "
- "uid_wrapper will handle (%u).",
+ "uid_wrapper can handle (%u).",
id->ngroups,
GROUP_MAX_COUNT);
exit(-1);
}
/* GROUPS */
- snprintf(unsigned_str, sizeof(unsigned_str), "%u", id->ngroups);
- setenv("UID_WRAPPER_INITIAL_GROUPS_COUNT", unsigned_str, 1);
-
for (i = 0; i < id->ngroups; i++) {
size_t groups_str_len = strlen(groups_str);
- size_t groups_str_avail = groups_str_size - groups_str_len;
- size_t len;
+ size_t groups_str_avail = groups_str_size - groups_str_len - 1;
+ int len;
len = snprintf(unsigned_str, sizeof(unsigned_str), ",%u", id->groups[i]);
if (len <= 1) {
- continue;
+ UWRAP_LOG(UWRAP_LOG_ERROR,
+ "snprintf failed for groups[%d]=%u",
+ i,
+ id->groups[i]);
+ break;
}
- if (len < groups_str_avail) {
- snprintf(groups_str + groups_str_len,
- groups_str_size - groups_str_len,
- "%s",
- i == 0 ? unsigned_str + 1 : unsigned_str);
+ if (((size_t)len) >= groups_str_avail) {
+ UWRAP_LOG(UWRAP_LOG_ERROR,
+ "groups env string is to small for %d groups",
+ i);
+ break;
+ }
+
+ len = snprintf(groups_str + groups_str_len,
+ groups_str_size - groups_str_len,
+ "%s",
+ i == 0 ? unsigned_str + 1 : unsigned_str);
+ if (len < 1) {
+ UWRAP_LOG(UWRAP_LOG_ERROR,
+ "snprintf failed to create groups string at groups[%d]=%u",
+ i,
+ id->groups[i]);
+ break;
}
}
- if (id->ngroups > 0) {
+ if (id->ngroups == i) {
setenv("UID_WRAPPER_INITIAL_GROUPS", groups_str, 1);
+
+ snprintf(unsigned_str, sizeof(unsigned_str), "%u", id->ngroups);
+ setenv("UID_WRAPPER_INITIAL_GROUPS_COUNT", unsigned_str, 1);
}
}
{
struct uwrap_thread *id = uwrap_tls_id;
+ UWRAP_LOCK_ALL;
+
/* uid_wrapper is loaded but not enabled */
if (id == NULL) {
return;
}
- UWRAP_LOCK_ALL;
-
/*
* What happens if another atfork prepare functions calls a uwrap
* function? So disable it in case another atfork prepare function
/* uid_wrapper is loaded but not enabled */
if (id == NULL) {
+ UWRAP_UNLOCK_ALL;
return;
}
/* uid_wrapper is loaded but not enabled */
if (id == NULL) {
+ UWRAP_UNLOCK_ALL;
return;
}
- uwrap_export_ids(id);
-
/*
* "Garbage collector" - Inspired by DESTRUCTOR.
* All threads (except one which called fork()) are dead now.. Dave
u = uwrap.ids;
}
+ uwrap_export_ids(id);
+
id->enabled = true;
UWRAP_UNLOCK_ALL;
if (i != ngroups) {
UWRAP_LOG(UWRAP_LOG_ERROR,
"ERROR: The number of groups (%u) passed, "
- "does not the number of groups (%u) we "
- "parsed",
+ "does not match the number of groups (%u) "
+ "we parsed.",
ngroups,
i);
exit(-1);
UWRAP_UNLOCK(uwrap_id);
- UWRAP_LOG(UWRAP_LOG_DEBUG, "Succeccfully initialized uid_wrapper");
+ UWRAP_LOG(UWRAP_LOG_DEBUG, "Successfully initialized uid_wrapper");
}
bool uid_wrapper_enabled(void)
static int uwrap_setreuid_thread(uid_t ruid, uid_t euid)
{
-#ifndef NDEBUG
struct uwrap_thread *id = uwrap_tls_id;
-#endif
uid_t new_ruid = -1, new_euid = -1, new_suid = -1;
int rc;
#ifdef HAVE_SETREUID
static int uwrap_setreuid(uid_t ruid, uid_t euid)
{
-#ifndef NDEBUG
struct uwrap_thread *id = uwrap_tls_id;
-#endif
uid_t new_ruid = -1, new_euid = -1, new_suid = -1;
int rc;
static int uwrap_setregid_thread(gid_t rgid, gid_t egid)
{
-#ifndef NDEBUG
struct uwrap_thread *id = uwrap_tls_id;
-#endif
gid_t new_rgid = -1, new_egid = -1, new_sgid = -1;
int rc;
#ifdef HAVE_SETREGID
static int uwrap_setregid(gid_t rgid, gid_t egid)
{
-#ifndef NDEBUG
struct uwrap_thread *id = uwrap_tls_id;
-#endif
gid_t new_rgid = -1, new_egid = -1, new_sgid = -1;
int rc;
git.samba.org / uid_wrapper.git / blobdiff