aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMattias Andrée <maandree@operamail.com>2013-11-19 02:30:33 +0100
committerMattias Andrée <maandree@operamail.com>2013-11-19 02:30:33 +0100
commit2668d799b828d864c13d8a55b58965493d52a4f5 (patch)
treea78a07a164bddc9f0afbe6785c5a865def732506 /src
parentm (diff)
downloadlibpassphrase-2668d799b828d864c13d8a55b58965493d52a4f5.tar.gz
libpassphrase-2668d799b828d864c13d8a55b58965493d52a4f5.tar.bz2
libpassphrase-2668d799b828d864c13d8a55b58965493d52a4f5.tar.xz
set supplemental groups
Signed-off-by: Mattias Andrée <maandree@operamail.com>
Diffstat (limited to '')
-rw-r--r--src/cerberus.c12
-rw-r--r--src/cerberus.h3
2 files changed, 12 insertions, 3 deletions
diff --git a/src/cerberus.c b/src/cerberus.c
index 01cbe08..4f9dd0c 100644
--- a/src/cerberus.c
+++ b/src/cerberus.c
@@ -242,6 +242,8 @@ void do_login(int argc, char** argv)
}
else if (child_pid == 0)
{
+ int ret;
+
/* In case the shell does not do this */
setsid();
@@ -251,7 +253,15 @@ void do_login(int argc, char** argv)
signal(SIGINT, SIG_DFL);
/* Partial login */
- /* TODO set supplemental groups */
+ ret = entry->pw_uid
+ ? initgroups(username, entry->pw_gid) /* supplemental groups for user, can require network */
+ : setgroups(0, NULL); /* supplemental groups for root, does not require netork */
+ if (ret == -1)
+ {
+ perror(entry->pw_uid ? "initgroups" : "setgroups");
+ sleep(ERROR_SLEEP);
+ _exit(1);
+ }
set_user(entry);
exec_shell(entry);
}
diff --git a/src/cerberus.h b/src/cerberus.h
index 706925a..a2df554 100644
--- a/src/cerberus.h
+++ b/src/cerberus.h
@@ -30,9 +30,8 @@
#include <termios.h>
#include <sys/wait.h>
#include <sys/ioctl.h>
-#ifdef USE_TTY_GROUP
+#include <sys/types.h>
#include <grp.h>
-#endif
#include "config.h"