10Sstevel@tonic-gate /*
20Sstevel@tonic-gate * CDDL HEADER START
30Sstevel@tonic-gate *
40Sstevel@tonic-gate * The contents of this file are subject to the terms of the
54321Scasper * Common Development and Distribution License (the "License").
64321Scasper * You may not use this file except in compliance with the License.
70Sstevel@tonic-gate *
80Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
90Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing.
100Sstevel@tonic-gate * See the License for the specific language governing permissions
110Sstevel@tonic-gate * and limitations under the License.
120Sstevel@tonic-gate *
130Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each
140Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
150Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the
160Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying
170Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner]
180Sstevel@tonic-gate *
190Sstevel@tonic-gate * CDDL HEADER END
200Sstevel@tonic-gate */
21*6812Sraf
220Sstevel@tonic-gate /*
23*6812Sraf * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
240Sstevel@tonic-gate * Use is subject to license terms.
250Sstevel@tonic-gate */
260Sstevel@tonic-gate
270Sstevel@tonic-gate /* Copyright (c) 1988 AT&T */
280Sstevel@tonic-gate /* All Rights Reserved */
290Sstevel@tonic-gate
30*6812Sraf #pragma ident "%Z%%M% %I% %E% SMI"
310Sstevel@tonic-gate
32*6812Sraf #pragma weak _initgroups = initgroups
330Sstevel@tonic-gate
34*6812Sraf #include "lint.h"
350Sstevel@tonic-gate #include <stdlib.h>
360Sstevel@tonic-gate #include <errno.h>
370Sstevel@tonic-gate #include <grp.h>
380Sstevel@tonic-gate #include <sys/types.h>
394321Scasper #include <sys/param.h>
400Sstevel@tonic-gate #include <unistd.h>
410Sstevel@tonic-gate
420Sstevel@tonic-gate /* Private interface to the groups code in getgrnam.c */
430Sstevel@tonic-gate extern int _getgroupsbymember(const char *, gid_t[], int, int);
440Sstevel@tonic-gate
450Sstevel@tonic-gate int
initgroups(const char * uname,gid_t agroup)460Sstevel@tonic-gate initgroups(const char *uname, gid_t agroup)
470Sstevel@tonic-gate {
480Sstevel@tonic-gate gid_t *groups;
490Sstevel@tonic-gate long ngroups_max;
500Sstevel@tonic-gate int ngroups;
510Sstevel@tonic-gate int errsave, retsave;
520Sstevel@tonic-gate
530Sstevel@tonic-gate if ((ngroups_max = sysconf(_SC_NGROUPS_MAX)) < 0) {
540Sstevel@tonic-gate /* ==== Hope sysconf() set errno to something sensible */
550Sstevel@tonic-gate return (-1);
560Sstevel@tonic-gate }
570Sstevel@tonic-gate /*
580Sstevel@tonic-gate * ngroups_max is the maximum number of supplemental groups per
590Sstevel@tonic-gate * process. if no supplemental groups are allowed, we're done.
600Sstevel@tonic-gate */
610Sstevel@tonic-gate if (ngroups_max == 0)
620Sstevel@tonic-gate return (0);
630Sstevel@tonic-gate
640Sstevel@tonic-gate if ((groups = (gid_t *)calloc(ngroups_max, sizeof (gid_t))) == 0) {
650Sstevel@tonic-gate errno = ENOMEM;
660Sstevel@tonic-gate return (-1);
670Sstevel@tonic-gate }
680Sstevel@tonic-gate groups[0] = agroup;
690Sstevel@tonic-gate
700Sstevel@tonic-gate ngroups = _getgroupsbymember(uname, groups, (int)ngroups_max,
71*6812Sraf (agroup <= MAXUID) ? 1 : 0);
720Sstevel@tonic-gate if (ngroups < 0) {
730Sstevel@tonic-gate /* XXX -- man page does not define a value for errno in */
740Sstevel@tonic-gate /* this case. Should be looked into sometime. */
750Sstevel@tonic-gate free(groups);
760Sstevel@tonic-gate return (-1);
770Sstevel@tonic-gate }
780Sstevel@tonic-gate
790Sstevel@tonic-gate retsave = setgroups(ngroups, groups);
800Sstevel@tonic-gate errsave = errno;
810Sstevel@tonic-gate
820Sstevel@tonic-gate free(groups);
830Sstevel@tonic-gate
840Sstevel@tonic-gate errno = errsave;
850Sstevel@tonic-gate return (retsave);
860Sstevel@tonic-gate }
87