mirror of
https://github.com/cwinfo/yggdrasil-go.git
synced 2024-12-22 17:35:39 +00:00
c22a746a1d
- Use unambiguous variable names (w/o package name conflict). - Fail on invalid input such as the empty string or `:`. - Do not change group without user, i.e. fail on `:group`. - Parse input using mnemonic APIs. - Do not juggle between integer types. - Unset supplementary groups. - Use set[ug]id(2) to follow the idiom of OpenBSD base programs. (cannot use setres[ug]id(2) as macOS does not have them.) Includes/Supersedes #1202. Fixes #927. I only tested on OpenBSD (so far), but other systems should just work.
58 lines
1.2 KiB
Go
58 lines
1.2 KiB
Go
//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
|
|
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
|
|
|
|
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"os/user"
|
|
"strconv"
|
|
"strings"
|
|
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
func chuser(input string) error {
|
|
givenUser, givenGroup, _ := strings.Cut(input, ":")
|
|
|
|
var (
|
|
err error
|
|
usr *user.User
|
|
grp *user.Group
|
|
uid, gid int
|
|
)
|
|
|
|
if usr, err = user.LookupId(givenUser); err != nil {
|
|
if usr, err = user.Lookup(givenUser); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
if uid, err = strconv.Atoi(usr.Uid); err != nil {
|
|
return err
|
|
}
|
|
|
|
if givenGroup != "" {
|
|
if grp, err = user.LookupGroupId(givenGroup); err != nil {
|
|
if grp, err = user.LookupGroup(givenGroup); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
gid, _ = strconv.Atoi(grp.Gid)
|
|
} else {
|
|
gid, _ = strconv.Atoi(usr.Gid)
|
|
}
|
|
|
|
if err := unix.Setgroups([]int{gid}); err != nil {
|
|
return fmt.Errorf("setgroups: %d: %v", gid, err)
|
|
}
|
|
if err := unix.Setgid(gid); err != nil {
|
|
return fmt.Errorf("setgid: %d: %v", gid, err)
|
|
}
|
|
if err := unix.Setuid(uid); err != nil {
|
|
return fmt.Errorf("setuid: %d: %v", uid, err)
|
|
}
|
|
|
|
return nil
|
|
}
|