1 /* $NetBSD: set_eugid.c,v 1.1.1.1 2009/06/23 10:09:00 tron Exp $ */
2
3 /*++
4 /* NAME
5 /* set_eugid 3
6 /* SUMMARY
7 /* set effective user and group attributes
8 /* SYNOPSIS
9 /* #include <set_eugid.h>
10 /*
11 /* void set_eugid(euid, egid)
12 /* uid_t euid;
13 /* gid_t egid;
14 /*
15 /* void SAVE_AND_SET_EUGID(uid, gid)
16 /* uid_t uid;
17 /* gid_t gid;
18 /*
19 /* void RESTORE_SAVED_EUGID()
20 /* DESCRIPTION
21 /* set_eugid() sets the effective user and group process attributes
22 /* and updates the process group access list to be just the specified
23 /* effective group id.
24 /*
25 /* SAVE_AND_SET_EUGID() opens a block that executes with the
26 /* specified privilege. RESTORE_SAVED_EUGID() closes the block.
27 /* DIAGNOSTICS
28 /* All system call errors are fatal.
29 /* SEE ALSO
30 /* seteuid(2), setegid(2), setgroups(2)
31 /* LICENSE
32 /* .ad
33 /* .fi
34 /* The Secure Mailer license must be distributed with this software.
35 /* AUTHOR(S)
36 /* Wietse Venema
37 /* IBM T.J. Watson Research
38 /* P.O. Box 704
39 /* Yorktown Heights, NY 10598, USA
40 /*--*/
41
42 /* System library. */
43
44 #include <sys_defs.h>
45 #include <unistd.h>
46 #include <grp.h>
47 #include <errno.h>
48
49 /* Utility library. */
50
51 #include "msg.h"
52 #include "set_eugid.h"
53
54 /* set_eugid - set effective user and group attributes */
55
set_eugid(uid_t euid,gid_t egid)56 void set_eugid(uid_t euid, gid_t egid)
57 {
58 int saved_errno = errno;
59
60 if (geteuid() != 0)
61 if (seteuid(0))
62 msg_fatal("set_eugid: seteuid(0): %m");
63 if (setegid(egid) < 0)
64 msg_fatal("set_eugid: setegid(%ld): %m", (long) egid);
65 if (setgroups(1, &egid) < 0)
66 msg_fatal("set_eugid: setgroups(%ld): %m", (long) egid);
67 if (euid != 0 && seteuid(euid) < 0)
68 msg_fatal("set_eugid: seteuid(%ld): %m", (long) euid);
69 if (msg_verbose)
70 msg_info("set_eugid: euid %ld egid %ld", (long) euid, (long) egid);
71 errno = saved_errno;
72 }
73