XRootD
Loading...
Searching...
No Matches
XrdSysPriv Class Reference

#include <XrdSysPriv.hh>

Collaboration diagram for XrdSysPriv:

Public Member Functions

virtual ~XrdSysPriv ()

Static Public Member Functions

static int ChangePerm (uid_t uid, gid_t gid)

Friends

class XrdSysPrivGuard

Detailed Description

Definition at line 54 of file XrdSysPriv.hh.

Constructor & Destructor Documentation

◆ ~XrdSysPriv()

virtual XrdSysPriv::~XrdSysPriv ( )
inlinevirtual

Definition at line 71 of file XrdSysPriv.hh.

71{ }

Member Function Documentation

◆ ChangePerm()

int XrdSysPriv::ChangePerm ( uid_t uid,
gid_t gid )
static

Definition at line 233 of file XrdSysPriv.cc.

234{
235 // Change permanently to entity newuid. Requires super-userprivileges.
236 // Provides a way to drop permanently su privileges.
237 // Return 0 on success, < 0 (== -errno) if any error occurs.
238
239 // Atomic action
240 XrdSysPriv::fgMutex.Lock();
241#if !defined(WINDOWS)
242 // Get UIDs
243 uid_t cruid = 0, ceuid = 0, csuid = 0;
244 if (getresuid(&cruid, &ceuid, &csuid) != 0) {
245 XrdSysPriv::fgMutex.UnLock();
246 return XSPERR(errno);
247 }
248
249 // Get GIDs
250 uid_t crgid = 0, cegid = 0, csgid = 0;
251 if (getresgid(&crgid, &cegid, &csgid) != 0) {
252 XrdSysPriv::fgMutex.UnLock();
253 return XSPERR(errno);
254 }
255 // Restore privileges, if needed
256 if (ceuid && XrdSysPriv::Restore(0) != 0) {
257 XrdSysPriv::fgMutex.UnLock();
258 return XSPERR(errno);
259 }
260 // Act only if needed
261 if (newgid != cegid || newgid != crgid) {
262
263 // Set newgid as GID, all levels
264 if (setresgid(newgid, newgid, newgid) != 0) {
265 XrdSysPriv::fgMutex.UnLock();
266 return XSPERR(errno);
267 }
268 // Get GIDs
269 uid_t rgid = 0, egid = 0, sgid = 0;
270 if (getresgid(&rgid, &egid, &sgid) != 0) {
271 XrdSysPriv::fgMutex.UnLock();
272 return XSPERR(errno);
273 }
274 // Make sure the new GIDs are all equal to the one asked
275 if (rgid != newgid || egid != newgid) {
276 XrdSysPriv::fgMutex.UnLock();
277 return XSPERR(errno);
278 }
279 }
280
281 // Act only if needed
282 if (newuid != ceuid || newuid != cruid) {
283
284 // Set newuid as UID, all levels
285 if (setresuid(newuid, newuid, newuid) != 0) {
286 XrdSysPriv::fgMutex.UnLock();
287 return XSPERR(errno);
288 }
289 // Get UIDs
290 uid_t ruid = 0, euid = 0, suid = 0;
291 if (getresuid(&ruid, &euid, &suid) != 0) {
292 XrdSysPriv::fgMutex.UnLock();
293 return XSPERR(errno);
294 }
295 // Make sure the new UIDs are all equal to the one asked
296 if (ruid != newuid || euid != newuid) {
297 XrdSysPriv::fgMutex.UnLock();
298 return XSPERR(errno);
299 }
300 }
301#endif
302 // Release the mutex
303 XrdSysPriv::fgMutex.UnLock();
304
305 // Done
306 return 0;
307}
#define XSPERR(x)
Definition XrdSysPriv.cc:53
static int getresgid(gid_t *r, gid_t *e, gid_t *)
Definition XrdSysPriv.cc:89
static int setresgid(gid_t r, gid_t e, gid_t)
Definition XrdSysPriv.cc:75
static int getresuid(uid_t *r, uid_t *e, uid_t *)
Definition XrdSysPriv.cc:96
static int setresuid(uid_t r, uid_t e, uid_t)
Definition XrdSysPriv.cc:82

References getresgid(), getresuid(), setresgid(), setresuid(), and XSPERR.

Here is the call graph for this function:

◆ XrdSysPrivGuard

friend class XrdSysPrivGuard
friend

Definition at line 56 of file XrdSysPriv.hh.

References XrdSysPrivGuard.

Referenced by XrdSysPrivGuard.


The documentation for this class was generated from the following files: