diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 21:12:02 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 21:12:02 +0000 |
commit | 77e50caaf2ef81cd91075cf836fed0e75718ffb4 (patch) | |
tree | 53b7b411290b63192fc9e924a3b6b65cdf67e9d0 /debian/vendor-h2o/share/h2o/setuidgid | |
parent | Adding upstream version 1.8.3. (diff) | |
download | dnsdist-77e50caaf2ef81cd91075cf836fed0e75718ffb4.tar.xz dnsdist-77e50caaf2ef81cd91075cf836fed0e75718ffb4.zip |
Adding debian version 1.8.3-2.debian/1.8.3-2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rwxr-xr-x | debian/vendor-h2o/share/h2o/setuidgid | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/debian/vendor-h2o/share/h2o/setuidgid b/debian/vendor-h2o/share/h2o/setuidgid new file mode 100755 index 0000000..c8e9a30 --- /dev/null +++ b/debian/vendor-h2o/share/h2o/setuidgid @@ -0,0 +1,46 @@ +#! /bin/sh +exec ${H2O_PERL:-perl} -x $0 "$@" +#! perl + +use strict; +use warnings; +use POSIX qw(setuid setgid); + +die "usage: share/h2o/setuidgid username child\n" + unless @ARGV >= 2; +my $username = shift @ARGV; + +# get user entry +my ($uid, @groups) = do { + my @e = getpwnam($username) + or die "unknown user: $username\n"; + +($e[2], $e[3]); +}; + +# add supp. groups to @groups +setgrent; +while (my @e = getgrent) { + if ($e[3] && grep { $_ eq $username } split /\s+/, $e[3]) { + push @groups, $e[2] + unless grep { $_ == $e[2] } @groups; + } +} +endgrent; + +# setgid +setgid($groups[0]) + or die "setgid failed:$!"; + +# setgroups +$! = 0; +$) = join " ", $groups[0], @groups; +die "setgroups failed:$!" + if $!; + +# setuid +setuid($uid) + or die "setuid failed:$!"; + +# exec +exec @ARGV + or die "failed to exec: $ARGV[0]:$!"; |