commit 7bf3e29007350897cb708da01df845f4d58b4173
parent e8fe8ed8117bb1a58cd588b295352875d3c08c1a
Author: Laurent Bercot <ska-skaware@skarnet.org>
Date: Wed, 1 Aug 2018 20:26:05 +0000
Remove prot
Diffstat:
8 files changed, 2 insertions(+), 104 deletions(-)
diff --git a/NEWS b/NEWS
@@ -6,7 +6,7 @@ In 2.7.0.0
- Bugfixes.
- New functions: ipc_timed_sendv(), unlink_void()
- dir_close() now returns void and leaves errno unchanged
- - absolutepath(), sarealpath_tmp(), mininetstring functions removed
+ - absolutepath(), sarealpath_tmp(), mininetstring, prot functions removed
- djbunix.h doesn't include env.h anymore
diff --git a/doc/libstddjb/djbunix.html b/doc/libstddjb/djbunix.html
@@ -311,26 +311,6 @@ Opens <em>file</em> in write-only, non-blocking mode.
Returns a valid fd number if it succeeds, or -1 (and sets errno) if it fails.
</p>
-<h3> Privilege management </h3>
-
-<p>
-<code> int prot_readgroups (char const *name, gid_t *tab, unsigned int max) </code> <br />
-Reads the group database (normally <tt>/etc/group</tt>, but it can be
-altered via NSS) to get the list of supplementary groups for user <em>name</em>.
-Stores that list into the array pointed to by <em>tab</em>, which must be
-preallocated. Stores at most <em>max</em> elements into <em>tab</em>.
-Returns -1 and sets errno if it fails; else, returns the number of elements actually
-stored into <em>tab</em>.
-</p>
-
-<p>
-<code> int prot_grps (char const *name) </code> <br />
-Sets the kernel-maintained list of supplementary groups for the current process
-to the list of supplementary groups for user <em>name</em> according to the
-group database. This is a privileged operation.
-Returns -1 and sets errno if it fails; returns 0 if it succeeds.
-</p>
-
<h3> Executable search and execution, and environment </h3>
<p>
diff --git a/doc/upgrade.html b/doc/upgrade.html
@@ -23,7 +23,7 @@
<li> The <a href="libstddjb/djbunix.html">dir_close()</a> function now returns void
and leaves errno unchanged. </li>
<li> The <tt>absolutepath()</tt> and <tt>sarealpath_tmp()</tt> functions, as well
-as the <tt>skalibs/mininetstring.h</tt> family of functions, have been removed. </li>
+as the <tt>skalibs/mininetstring.h</tt> and <em>prot</em> family of functions, have been removed. </li>
<li> <a href="libstddjb/djbunix.html">skalibs/djbunix.h</a> does not include
<tt>skalibs/env.h</tt> anymore. </li>
</ul>
diff --git a/package/deps.mak b/package/deps.mak
@@ -455,9 +455,6 @@ src/libstddjb/pathexec_r_name.o src/libstddjb/pathexec_r_name.lo: src/libstddjb/
src/libstddjb/pathexec_run.o src/libstddjb/pathexec_run.lo: src/libstddjb/pathexec_run.c src/include/skalibs/config.h src/include/skalibs/djbunix.h src/include/skalibs/posixplz.h
src/libstddjb/pipe_internal.o src/libstddjb/pipe_internal.lo: src/libstddjb/pipe_internal.c src/include/skalibs/djbunix.h src/include/skalibs/nonposix.h src/include/skalibs/sysdeps.h
src/libstddjb/prog.o src/libstddjb/prog.lo: src/libstddjb/prog.c src/include/skalibs/strerr2.h
-src/libstddjb/prot.o src/libstddjb/prot.lo: src/libstddjb/prot.c src/include/skalibs/djbunix.h
-src/libstddjb/prot_grps.o src/libstddjb/prot_grps.lo: src/libstddjb/prot_grps.c src/include/skalibs/djbunix.h src/include/skalibs/setgroups.h
-src/libstddjb/prot_readgroups.o src/libstddjb/prot_readgroups.lo: src/libstddjb/prot_readgroups.c src/include/skalibs/djbunix.h
src/libstddjb/rm_rf.o src/libstddjb/rm_rf.lo: src/libstddjb/rm_rf.c src/include/skalibs/djbunix.h src/include/skalibs/skamisc.h
src/libstddjb/rm_rf_in_tmp.o src/libstddjb/rm_rf_in_tmp.lo: src/libstddjb/rm_rf_in_tmp.c src/include/skalibs/direntry.h src/include/skalibs/djbunix.h src/include/skalibs/stralloc.h
src/libstddjb/rm_rf_tmp.o src/libstddjb/rm_rf_tmp.lo: src/libstddjb/rm_rf_tmp.c src/include/skalibs/djbunix.h src/include/skalibs/stralloc.h
diff --git a/src/include/skalibs/djbunix.h b/src/include/skalibs/djbunix.h
@@ -71,12 +71,6 @@ extern void xpathexec0_run (char const *const *, char const *const *) gccattr_no
extern void xpathexec (char const *const *) gccattr_noreturn ;
extern void xpathexec0 (char const *const *) gccattr_noreturn ;
-#define prot_gid(gid) setgid(gid)
-#define prot_uid(uid) setuid(uid)
-extern int prot_readgroups (char const *, gid_t *, unsigned int) ;
-extern int prot_grps (char const *) ;
-extern int prot_setuidgid (char const *) ;
-
extern pid_t wait_nointr (int *) ;
extern pid_t waitpid_nointr (pid_t, int *, int) ;
#define wait_pid(pid, wstat) waitpid_nointr(pid, (wstat), 0)
diff --git a/src/libstddjb/prot.c b/src/libstddjb/prot.c
@@ -1,19 +0,0 @@
-/* ISC license. */
-
-/* MT-unsafe */
-
-#include <unistd.h>
-#include <pwd.h>
-#include <errno.h>
-#include <skalibs/djbunix.h>
-
-int prot_setuidgid (char const *name)
-{
- struct passwd *pw = getpwnam(name) ;
- if (!pw)
- {
- if (!errno) errno = ESRCH ;
- return 0 ;
- }
- return !prot_grps(name) && !setgid(pw->pw_gid) && !setuid(pw->pw_uid) ;
-}
diff --git a/src/libstddjb/prot_grps.c b/src/libstddjb/prot_grps.c
@@ -1,27 +0,0 @@
-/* ISC license. */
-
-/* MT-unsafe */
-
-#include <unistd.h>
-#include <pwd.h>
-#include <grp.h>
-#include <limits.h>
-#include <errno.h>
-#include <skalibs/setgroups.h>
-#include <skalibs/djbunix.h>
-
-int prot_grps (char const *name)
-{
- gid_t tab[NGROUPS_MAX] ;
- struct passwd *pw ;
- int n = prot_readgroups(name, tab, NGROUPS_MAX) ;
- if (n < 0) return n ;
- errno = 0 ;
- pw = getpwnam(name) ;
- if (!pw)
- {
- if (!errno) errno = ENOENT ;
- return -1 ;
- }
- return setgroups_and_gid(pw->pw_gid, n, tab) ;
-}
diff --git a/src/libstddjb/prot_readgroups.c b/src/libstddjb/prot_readgroups.c
@@ -1,27 +0,0 @@
-/* ISC license. */
-
-/* MT-unsafe */
-
-#include <grp.h>
-#include <errno.h>
-#include <string.h>
-#include <skalibs/djbunix.h>
-
-int prot_readgroups (char const *name, gid_t *tab, unsigned int max)
-{
- unsigned int n = 0 ;
- for (;;)
- {
- struct group *gr ;
- char **member ;
- errno = 0 ;
- if (n >= max) break ;
- gr = getgrent() ;
- if (!gr) break ;
- for (member = gr->gr_mem ; *member ; member++)
- if (!strcmp(name, *member)) break ;
- if (*member) tab[n++] = gr->gr_gid ;
- }
- endgrent() ;
- return errno ? -1 : n ;
-}
