本文整理汇总了C++中setresuid函数的典型用法代码示例。如果您正苦于以下问题:C++ setresuid函数的具体用法?C++ setresuid怎么用?C++ setresuid使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了setresuid函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: set_identity
void set_identity(unsigned int uid) {
/*
* Set effective uid back to root, otherwise setres[ug]id will fail
* if uid isn't root.
*/
if (seteuid(0)) {
PLOGE("seteuid (root)");
exit(EXIT_FAILURE);
}
if (setresgid(uid, uid, uid)) {
PLOGE("setresgid (%u)", uid);
exit(EXIT_FAILURE);
}
if (setresuid(uid, uid, uid)) {
PLOGE("setresuid (%u)", uid);
exit(EXIT_FAILURE);
}
}
开发者ID:TripNRaVeR,项目名称:Superuser,代码行数:18,代码来源:su.c
示例2: fr_suid_down
void fr_suid_down(void)
{
if (!doing_setuid) return;
if (setresuid(-1, server_uid, geteuid()) < 0) {
fprintf(stderr, "%s: Failed switching to uid %s: %s\n",
progname, uid_name, fr_syserror(errno));
fr_exit_now(1);
}
if (geteuid() != server_uid) {
fprintf(stderr, "%s: Failed switching uid: UID is incorrect\n",
progname);
fr_exit_now(1);
}
fr_set_dumpable(allow_core_dumps);
}
开发者ID:nvdnkpr,项目名称:freeradius-server,代码行数:18,代码来源:mainconfig.c
示例3: setperms
static void setperms (uid_t uid, gid_t gid)
{
char strbuf[ISC_STRERRORSIZE];
#if !defined(HAVE_SETEGID) && defined(HAVE_SETRESGID)
gid_t oldgid, tmpg;
#endif
#if !defined(HAVE_SETEUID) && defined(HAVE_SETRESUID)
uid_t olduid, tmpu;
#endif
#if defined(HAVE_SETEGID)
if (getegid () != gid && setegid (gid) == -1)
{
isc__strerror (errno, strbuf, sizeof (strbuf));
ns_main_earlywarning ("unable to set effective gid to %ld: %s", (long) gid, strbuf);
}
#elif defined(HAVE_SETRESGID)
if (getresgid (&tmpg, &oldgid, &tmpg) == -1 || oldgid != gid)
{
if (setresgid (-1, gid, -1) == -1)
{
isc__strerror (errno, strbuf, sizeof (strbuf));
ns_main_earlywarning ("unable to set effective " "gid to %d: %s", gid, strbuf);
}
}
#endif
#if defined(HAVE_SETEUID)
if (geteuid () != uid && seteuid (uid) == -1)
{
isc__strerror (errno, strbuf, sizeof (strbuf));
ns_main_earlywarning ("unable to set effective uid to %ld: %s", (long) uid, strbuf);
}
#elif defined(HAVE_SETRESUID)
if (getresuid (&tmpu, &olduid, &tmpu) == -1 || olduid != uid)
{
if (setresuid (-1, uid, -1) == -1)
{
isc__strerror (errno, strbuf, sizeof (strbuf));
ns_main_earlywarning ("unable to set effective " "uid to %d: %s", uid, strbuf);
}
}
#endif
}
开发者ID:274914765,项目名称:C,代码行数:44,代码来源:os.c
示例4: change_identity
/*
* Create the context as the user (not as root).
*
* Note that we change the *real* uid here, as changing the effective uid is
* not sufficient. This is due to an unfortunate historical error in the MIT
* krb5 libs, where they used %{uid} in the default_ccache_name. Changing that
* now might break some applications so we're sort of stuck with it.
*
* Unfortunately, doing this leaves the forked child vulnerable to signals and
* renicing, but this is the best we can do. In the event that a child is
* signalled before downcalling, the kernel will just eventually time out the
* upcall attempt.
*/
static int
change_identity(uid_t uid)
{
struct passwd *pw;
/* drop list of supplimentary groups first */
if (setgroups(0, NULL) != 0) {
printerr(0, "WARNING: unable to drop supplimentary groups!");
return errno;
}
/* try to get pwent for user */
pw = getpwuid(uid);
if (!pw) {
/* if that doesn't work, try to get one for "nobody" */
errno = 0;
pw = getpwnam("nobody");
if (!pw) {
printerr(0, "WARNING: unable to determine gid for uid %u\n", uid);
return errno ? errno : ENOENT;
}
}
/*
* Switch the GIDs. Note that we leave the saved-set-gid alone in an
* attempt to prevent attacks via ptrace()
*/
if (setresgid(pw->pw_gid, pw->pw_gid, -1) != 0) {
printerr(0, "WARNING: failed to set gid to %u!\n", pw->pw_gid);
return errno;
}
/*
* Switch UIDs, but leave saved-set-uid alone to prevent ptrace() by
* other processes running with this uid.
*/
if (setresuid(uid, uid, -1) != 0) {
printerr(0, "WARNING: Failed to setuid for user with uid %u\n",
uid);
return errno;
}
return 0;
}
开发者ID:Distrotech,项目名称:nfs-utils,代码行数:57,代码来源:gssd_proc.c
示例5: become_user_permanently
/****************************************************************************
Become the specified uid and gid - permanently !
there should be no way back if possible
****************************************************************************/
void become_user_permanently(uid_t uid, gid_t gid)
{
/*
* First - gain root privilege. We do this to ensure
* we can lose it again.
*/
gain_root_privilege();
gain_root_group_privilege();
#if USE_SETRESUID
setresgid(gid,gid,gid);
setgid(gid);
setresuid(uid,uid,uid);
setuid(uid);
#endif
#if USE_SETREUID
setregid(gid,gid);
setgid(gid);
setreuid(uid,uid);
setuid(uid);
#endif
#if USE_SETEUID
setegid(gid);
setgid(gid);
setuid(uid);
seteuid(uid);
setuid(uid);
#endif
#if USE_SETUIDX
setgidx(ID_REAL, gid);
setgidx(ID_EFFECTIVE, gid);
setgid(gid);
setuidx(ID_REAL, uid);
setuidx(ID_EFFECTIVE, uid);
setuid(uid);
#endif
assert_uid(uid, uid);
assert_gid(gid, gid);
}
开发者ID:jameshilliard,项目名称:WECB-BH-GPL,代码行数:48,代码来源:util_sec.c
示例6: drop_privs_to
void
drop_privs_to (const char *user, const char *group)
{
uid_t uid;
gid_t gid;
struct passwd *pw;
struct group *gr;
if (0 != getuid ())
return; /* not running as root to begin with; should (!) be harmless to continue
without dropping to 'nobody' (setting time will fail in the end) */
pw = getpwnam (user);
gr = getgrnam (group);
if (NULL == pw)
die ("Failed to obtain UID for `%s'\n", user);
if (NULL == gr)
die ("Failed to obtain GID for `%s'\n", group);
uid = pw->pw_uid;
if (0 == uid)
die ("UID for `%s' is 0, refusing to run SSL\n", user);
gid = pw->pw_gid;
if (0 == gid || 0 == gr->gr_gid)
die ("GID for `%s' is 0, refusing to run SSL\n", user);
if (pw->pw_gid != gr->gr_gid)
die ("GID for `%s' is not `%s' as expected, refusing to run SSL\n",
user, group);
if (0 != initgroups ( (const char *) user, gr->gr_gid))
die ("Unable to initgroups for `%s' in group `%s' as expected\n",
user, group);
#ifdef HAVE_SETRESGID
if (0 != setresgid (gid, gid, gid))
die ("Failed to setresgid: %s\n", strerror (errno));
#else
if (0 != (setgid (gid) | setegid (gid)))
die ("Failed to setgid: %s\n", strerror (errno));
#endif
#ifdef HAVE_SETRESUID
if (0 != setresuid (uid, uid, uid))
die ("Failed to setresuid: %s\n", strerror (errno));
#else
if (0 != (setuid (uid) | seteuid (uid)))
die ("Failed to setuid: %s\n", strerror (errno));
#endif
}
开发者ID:AlexeySalmin,项目名称:tlsdate,代码行数:44,代码来源:util.c
示例7: drop_privs
/*
* Do the real work of dropping privileges. Checks to
* see what the current uid/gid are, sets res gid and
* uid to the specified user's uid/gid and verifies
* that privs can't be restored to the initial uid/gid
*/
int drop_privs(struct passwd *pw) {
char *dir;
int uid = getuid();
int gid = getgid();
int result = -1;
#if defined DO_CHROOT
dir = "/";
if (chroot(pw->pw_dir) == -1) {;
#ifdef DEBUG
perror("chroot");
fprintf(stderr, "Failed chroot to %s", pw->pw_dir);
#endif
return -1;
}
#else
dir = pw->pw_dir;
#endif
initgroups(pw->pw_name, pw->pw_gid);
if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) < 0) return -1;
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) < 0) return -1;
if (pw->pw_gid != gid && (setgid(gid) != -1 || setegid(gid) != -1)) {
#ifdef DEBUG
printf(ERROR_BAD_GID, getgid(), pw->pw_gid);
#endif
return -1;
}
if (pw->pw_uid != uid && (setuid(uid) != -1 || seteuid(uid) != -1)) {
#ifdef DEBUG
printf(ERROR_BAD_UID, getuid(), pw->pw_uid);
#endif
return -1;
}
if (getgid() != pw->pw_gid || getegid() != pw->pw_gid) return -1;
if (getuid() != pw->pw_uid || geteuid() != pw->pw_uid) return -1;
if (chdir(dir) == -1) {;
#ifdef DEBUG
perror("chdir");
fprintf(stderr, "Failed chdir to %s", dir);
#endif
return -1;
}
return 0;
}
开发者ID:FlankerZ,项目名称:collabREate,代码行数:50,代码来源:server.cpp
示例8: change_rights
int change_rights ()
{
if (getuid () == 0 ) {
struct passwd *pw;
struct group *gr;
gid_t gid;
if ((gr = getgrnam(conf_group))) {
gid = gr->gr_gid;
if (setresgid(gid, gid, gid) != 0) {
log(LOG_WARNING, "cannot change gid");
return (1);
}
if (initgroups(conf_user, gid) == -1) {
log(LOG_WARNING, "cannot change gid");
return (1);
}
}
else {
log(LOG_WARNING, "cannot find group %s on system",
conf_group);
return (1);
}
if ((pw = getpwnam(conf_user))) {
if (chown(conf_socket_path, pw->pw_uid, gid) == -1) {
log(LOG_WARNING, "cannot change owner of "
"%s : %m", conf_socket_path);
return (1);
}
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0){
log(LOG_WARNING, "cannot change uid");
return (1);
}
}
else {
log(LOG_WARNING, "cannot find user %s on system",
conf_user);
return (1);
}
return (0);
}
log(LOG_WARNING, "User isn't root");
return (1);
}
开发者ID:fabienr,项目名称:sauthpf,代码行数:43,代码来源:conf.c
示例9: fr_suid_up
void fr_suid_up(void)
{
uid_t ruid, euid, suid;
if (getresuid(&ruid, &euid, &suid) < 0) {
radlog(L_ERR, "Failed getting saved UID's");
_exit(1);
}
if (setresuid(-1, suid, -1) < 0) {
radlog(L_ERR, "Failed switching to privileged user");
_exit(1);
}
if (geteuid() != suid) {
radlog(L_ERR, "Switched to unknown UID");
_exit(1);
}
}
开发者ID:Gejove,项目名称:freeradius-server,代码行数:19,代码来源:mainconfig.c
示例10: test_setresuid4
static void
test_setresuid4 (enum ACTION action, int tno)
{
if (action == PREPARE)
{
if (setresuid (nobody_uid, nobody_uid, -1) < 0)
{
printf ("setresuid failed: %m\n");
exit (1);
}
prev_ruid = nobody_uid;
prev_euid = nobody_uid;
nobody_uid = prev_suid;
return;
}
test_setresuid1 (action, tno);
}
开发者ID:AdvancedC,项目名称:glibc,代码行数:19,代码来源:tst-setuid1.c
示例11: RevertToSelf
gboolean RevertToSelf (void)
{
#ifdef HAVE_GETRESUID
uid_t ruid, euid;
#endif
uid_t suid = -1;
#ifdef HAVE_GETRESUID
if (getresuid (&ruid, &euid, &suid) < 0)
return FALSE;
#endif
#ifdef HAVE_SETRESUID
if (setresuid (-1, suid, -1) < 0)
return FALSE;
#else
return TRUE;
#endif
return (geteuid () == suid);
}
开发者ID:0ostreamo0,项目名称:mono,代码行数:19,代码来源:security.c
示例12: child
static void
child(const char *root, char *cmd[])
{
pid_t pid = (pid_t)syscall(SYS_getpid);
assert(pid == 1);
// die when parent dies
NONNEGATIVE(prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0));
NONNEGATIVE(sethostname(POE_HOSTNAME, strlen(POE_HOSTNAME)));
NONNEGATIVE(mount(NULL, "/", NULL, MS_PRIVATE | MS_REC, NULL));
NONNEGATIVE(mount(root, root, "bind", MS_BIND | MS_REC, NULL));
NONNEGATIVE(chroot(root));
// NONNEGATIVE(mount(NULL, "/proc", "proc", MS_NOSUID | MS_NOEXEC | MS_NODEV, NULL));
// NONNEGATIVE(mount(NULL, "/dev", "devtmpfs", MS_NOSUID | MS_NOEXEC, NULL));
// NONNEGATIVE(mount(NULL, "/dev/shm", "tmpfs", MS_NOSUID | MS_NODEV, NULL));
struct passwd *pw = getpwnam(POE_USERNAME);
if (!pw) ERROR("getpwnam() failed");
NONNEGATIVE(chdir("/tmp"));
NONNEGATIVE(setsid());
NONNEGATIVE(initgroups(POE_USERNAME, pw->pw_gid));
NONNEGATIVE(setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid));
NONNEGATIVE(setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid));
char *env[] = {
"PATH=/opt/bin:/usr/bin",
"USER=" POE_USERNAME,
"LOGNAME=" POE_USERNAME,
NULL,
NULL
};
NONNEGATIVE(asprintf(env + 3, "HOME=%s", pw->pw_dir));
// wait parent
NONNEGATIVE(kill(pid, SIGSTOP));
NONNEGATIVE(prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0));
poe_init_seccomp(SCMP_ACT_TRACE(0));
NONNEGATIVE(execvpe(cmd[0], cmd, env));
}
开发者ID:alphaKAI,项目名称:poe,代码行数:43,代码来源:sandbox.c
示例13: privdrop
void
privdrop(void)
{
struct passwd *pw;
struct stat sb;
if ((pw = getpwnam(SNDIO_USER)) == NULL)
errx(1, "unknown user %s", SNDIO_USER);
if (stat(pw->pw_dir, &sb) < 0)
err(1, "stat(\"%s\")", pw->pw_dir);
if (sb.st_uid != 0 || (sb.st_mode & 022) != 0)
errx(1, "%s has wrong permissions", pw->pw_dir);
if (setpriority(PRIO_PROCESS, 0, SNDIO_PRIO) < 0)
err(1, "setpriority");
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
err(1, "cannot drop privileges");
}
开发者ID:UNGLinux,项目名称:Obase,代码行数:19,代码来源:aucat.c
示例14: restore_re_uid_fromroot
static void restore_re_uid_fromroot(void)
{
#if USE_SETRESUID
setresuid(saved_ruid, saved_euid, -1);
#elif USE_SETREUID
setreuid(saved_ruid, -1);
setreuid(-1,saved_euid);
#elif USE_SETUIDX
setuidx(ID_REAL, saved_ruid);
setuidx(ID_EFFECTIVE, saved_euid);
#else
set_effective_uid(saved_euid);
if (getuid() != saved_ruid)
setuid(saved_ruid);
set_effective_uid(saved_euid);
#endif
assert_uid(saved_ruid, saved_euid);
}
开发者ID:jameshilliard,项目名称:WECB-BH-GPL,代码行数:19,代码来源:util_sec.c
示例15: main
int main(int argc, char **argv) {
char **newargv;
int i;
if (argc <= 1) {
exit(1);
}
newargv = argv + 1;
if (setresuid((uid_t)0, (uid_t)0, (uid_t)0)) {
perror("setresuid");
}
if (setresgid((gid_t)0, (gid_t)0, (gid_t)0)) {
perror("setresgid");
}
exit(execvp(newargv[0], newargv));
}
开发者ID:appliedcode,项目名称:eucalyptus,代码行数:19,代码来源:euca_rootwrap.c
示例16: main
int
main(int argc, char *argv[])
{
int ch, status;
struct passwd *pw;
if (getuid() != 0)
errx(EX_USAGE, "must be run as root");
while ((ch = getopt(argc, argv, "o:h")) != -1)
switch (ch) {
case 'o':
open_file(optarg);
break;
ex_usage:
case 'h':
usage();
exit(EX_USAGE);
/* NOTREACHED */
default:
exit(EX_USAGE);
}
argc -= optind;
argv += optind;
if (argc < 2)
goto ex_usage;
/* Drop privileges */
if ((pw = getpwnam(*argv)) == NULL)
errx(EX_USAGE, "getpwnam(%s) failed", *argv);
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
err(EX_OSERR, "cannot drop privileges");
argc--;
argv++;
status = execvp(*argv, argv);
err(status, "execvp(%s)", *argv);
}
开发者ID:yasuoka,项目名称:userdo,代码行数:42,代码来源:userdo.c
示例17: main
int main(int ac, char **av)
{
int lc;
const char *msg;
if ((msg = parse_opts(ac, av, NULL, NULL)) != NULL) {
tst_brkm(TBROK, NULL, "OPTION PARSING ERROR - %s", msg);
}
setup();
for (lc = 0; TEST_LOOPING(lc); lc++) {
int i;
/* reset tst_count in case we are looping */
tst_count = 0;
for (i = 0; i < TST_TOTAL; i++) {
/* Set the real, effective or user id */
TEST(setresuid(*test_data[i].real_uid,
*test_data[i].eff_uid,
*test_data[i].sav_uid));
if (TEST_RETURN == -1) {
TEST_ERROR_LOG(TEST_ERRNO);
tst_resm(TFAIL, "setresuid(%d, %d, %d) failed",
*test_data[i].real_uid,
*test_data[i].eff_uid,
*test_data[i].sav_uid);
} else {
uid_verify(test_data[i].exp_real_usr,
test_data[i].exp_eff_usr,
test_data[i].exp_sav_usr,
test_data[i].test_msg);
}
}
}
cleanup();
tst_exit();
}
开发者ID:MohdVara,项目名称:ltp,代码行数:42,代码来源:setresuid01.c
示例18: priv_sched_rtprio_setup
int
priv_sched_rtprio_setup(int asroot, int injail, struct test *test)
{
int another_uid, need_child;
/*
* Some tests require a second process with specific credentials.
* Set that up here, and kill in cleanup.
*/
need_child = 0;
if (test->t_test_func == priv_sched_rtprio_aproc_normal ||
test->t_test_func == priv_sched_rtprio_aproc_idle ||
test->t_test_func == priv_sched_rtprio_aproc_realtime) {
need_child = 1;
another_uid = 1;
}
if (test->t_test_func == priv_sched_rtprio_myproc_normal ||
test->t_test_func == priv_sched_rtprio_myproc_idle ||
test->t_test_func == priv_sched_rtprio_myproc_realtime) {
need_child = 1;
}
if (need_child) {
childproc = fork();
if (childproc < 0) {
warn("priv_sched_setup: fork");
return (-1);
}
if (childproc == 0) {
if (another_uid) {
if (setresuid(UID_THIRD, UID_THIRD,
UID_THIRD) < 0)
err(-1, "setresuid(%d)", UID_THIRD);
}
while (1)
sleep(1);
}
childproc_running = 1;
sleep(1); /* Allow dummy thread to change uids. */
}
return (0);
}
开发者ID:edgar-pek,项目名称:PerspicuOS,代码行数:42,代码来源:priv_sched_rtprio.c
示例19: main
int
main(int argc, char *argv[])
{
struct kinfo_proc kproc;
struct passwd *pw;
char *toexec = NULL;
uid_t uid;
if (argc > 1) {
argv ++;
if ((toexec = strdup(argv[0])) == NULL)
err(1, "strdup");
}
if ((pw = getpwnam(_SETUID_REGRESS_USER)) == NULL)
err(1, "unknown user \"%s\"", _SETUID_REGRESS_USER);
uid = getuid();
if (setresuid(pw->pw_uid, -1, -1) == -1)
err(1, "setuid");
checkuids(pw->pw_uid, uid, uid, "setuid");
/* should only respond to setuid upon exec */
if (issetugid())
errx(1, "process incorrectly as issetugid()");
if (read_kproc_pid(&kproc, getpid()) == -1)
err(1, "kproc read failed");
if (!(kproc.p_psflags & PS_SUGID))
errx(1, "PS_SUGID not set");
if (kproc.p_psflags & PS_SUGIDEXEC)
errx(1, "PS_SUGIDEXEC incorrectly set");
if (toexec != NULL)
if (execv(toexec, argv) == -1)
err(1, "exec of %s failed", toexec);
free(toexec);
exit(0);
}
开发者ID:ajinkya93,项目名称:OpenBSD,代码行数:42,代码来源:setresuid_real_exec.c
示例20: test_setuid2
static void
test_setuid2 (enum ACTION action, int tno)
{
if (action == PREPARE)
{
if (setresuid (nobody_uid, nobody_uid, -1) < 0)
{
printf ("setresuid failed: %m\n");
exit (1);
}
prev_ruid = nobody_uid;
prev_euid = nobody_uid;
return;
}
if (action != CHECK_AFTER)
check_prev_uid (tno);
if (action == SET && setuid (prev_suid) < 0)
{
printf ("setuid failed: %m\n");
exit (1);
}
if (action != CHECK_BEFORE)
{
uid_t ruid, euid, suid;
if (getresuid (&ruid, &euid, &suid) < 0)
{
printf ("getresuid failed: %d %m\n", tno);
exit (1);
}
if (ruid != nobody_uid || euid != prev_suid || suid != prev_suid)
{
printf ("after setuid %d (%d %d %d) != (%d %d %d)\n", tno,
ruid, euid, suid, nobody_uid, prev_suid, prev_suid);
exit (1);
}
}
}
开发者ID:AdvancedC,项目名称:glibc,代码行数:42,代码来源:tst-setuid1.c
注:本文中的setresuid函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论