diff options
-rw-r--r-- | ChangeLog | 29 | ||||
-rw-r--r-- | conform/data/ucontext.h-data | 2 | ||||
-rw-r--r-- | iconv/iconv_prog.c | 44 | ||||
-rw-r--r-- | nscd/nscd.c | 43 | ||||
-rw-r--r-- | nscd/nscd.conf | 4 | ||||
-rw-r--r-- | nscd/nscd.h | 5 | ||||
-rw-r--r-- | nscd/nscd_conf.c | 11 | ||||
-rw-r--r-- | sysdeps/unix/sysv/linux/i386/sigaction.c | 14 | ||||
-rw-r--r-- | sysdeps/unix/sysv/linux/i386/sys/ucontext.h | 4 |
9 files changed, 130 insertions, 26 deletions
@@ -1,5 +1,34 @@ 2000-04-29 Ulrich Drepper <drepper@redhat.com> + * iconv/iconv_prog.c (main): Handle input file name "-" correctly. + Recognize option -s, -c, and -l. + +2000-04-20 Thorsten Kukuk <kukuk@suse.de> + + * nscd/nscd.c: Start new session for nscd, drop privilegs + to configured user if requested and no -S parameter are used. + * nscd/nscd.conf: Add new option "server-user". + * nscd/nscd_conf.c: Add support for new "server-user" option. + * nscd/nscd.h: Add declaration for server_user variable. + Based on patch by Chris Wing <wingc@engin.umich.edu> + +2000-04-29 Mark Kettenis <kettenis@gnu.org> + + * sysdeps/unix/sysv/linux/i386/sigaction.c: Add comment explaining + that changing the __restore and __restore_rt signal return code + will break GDB. + +2000-04-29 Mark Kettenis <kettenis@gnu.org> + + * sysdeps/unix/sysv/linux/i386/sys/ucontext.h: Do not include + <sys/user.h>. + +2000-04-29 Mark Kettenis <kettenis@gnu.org> + + * conform/data/ucontext.h-data: Allow ss_* instead of SS_*. + +2000-04-29 Ulrich Drepper <drepper@redhat.com> + * conform/conformtest.pl (@headers): Add sys/utsname.h, sys/un.h, sys/socket.h, spawn.h, netinet/tcp.h, netinet/in.h, net/if.h, and arpa/inet.h. diff --git a/conform/data/ucontext.h-data b/conform/data/ucontext.h-data index 3ad661e7b9..87a6025b55 100644 --- a/conform/data/ucontext.h-data +++ b/conform/data/ucontext.h-data @@ -16,5 +16,5 @@ function void makecontext (ucontext_t*, void(*)(void), int, ...) function int swapcontext (ucontext_t*, const ucontext_t*) allow uc_* -allow SS_* +allow ss_* allow *_t diff --git a/iconv/iconv_prog.c b/iconv/iconv_prog.c index f56409c358..9ad6033787 100644 --- a/iconv/iconv_prog.c +++ b/iconv/iconv_prog.c @@ -1,5 +1,5 @@ /* Convert text in given files from the specified from-set to the to-set. - Copyright (C) 1998, 1999 Free Software Foundation, Inc. + Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998. @@ -47,7 +47,7 @@ static void print_version (FILE *stream, struct argp_state *state); void (*argp_program_version_hook) (FILE *, struct argp_state *) = print_version; #define OPT_VERBOSE 1000 -#define OPT_LIST 1001 +#define OPT_LIST 'l' /* Definitions of arguments for argp functions. */ static const struct argp_option options[] = @@ -56,9 +56,11 @@ static const struct argp_option options[] = { "from-code", 'f', "NAME", 0, N_("encoding of original text") }, { "to-code", 't', "NAME", 0, N_("encoding for output") }, { NULL, 0, NULL, 0, N_("Information:") }, - { "list", OPT_LIST, NULL, 0, N_("list all known coded character sets") }, + { "list", 'l', NULL, 0, N_("list all known coded character sets") }, { NULL, 0, NULL, 0, N_("Output control:") }, + { NULL, 'c', NULL, 0, N_("omit invalid characters from output") }, { "output", 'o', "FILE", 0, N_("output file") }, + { "silent", 's', NULL, 0, N_("supress warnings") }, { "verbose", OPT_VERBOSE, NULL, 0, N_("print progress information") }, { NULL, 0, NULL, 0, NULL } }; @@ -71,10 +73,10 @@ Convert encoding of given files from one encoding to another."); static const char args_doc[] = N_("[FILE...]"); /* Prototype for option handler. */ -static error_t parse_opt __P ((int key, char *arg, struct argp_state *state)); +static error_t parse_opt (int key, char *arg, struct argp_state *state); /* Function to print some extra text in the help message. */ -static char *more_help __P ((int key, const char *text, void *input)); +static char *more_help (int key, const char *text, void *input); /* Data structure to communicate with argp functions. */ static struct argp argp = @@ -171,17 +173,24 @@ main (int argc, char *argv[]) { struct stat st; const char *addr; - int fd = open (argv[remaining], O_RDONLY); + int fd; + if (verbose) printf ("%s:\n", argv[remaining]); - - if (fd == -1) + if (strcmp (argv[remaining], "-") == 0) + fd = 0; + else { - error (0, errno, _("cannot open input file `%s'"), - argv[remaining]); - status = EXIT_FAILURE; - continue; + fd = open (argv[remaining], O_RDONLY); + + if (fd == -1) + { + error (0, errno, _("cannot open input file `%s'"), + argv[remaining]); + status = EXIT_FAILURE; + continue; + } } #ifdef _POSIX_MAPPED_FILES @@ -261,6 +270,15 @@ parse_opt (int key, char *arg, struct argp_state *state) case 'o': output_file = arg; break; + case 's': + /* Nothing, for now at least. We are not giving out any information + about missing character or so. */ + break; + case 'c': + /* Omit invalid characters from output. + XXX This option will become a meaning once we have different + modes of operation for the conversion functions. */ + break; case OPT_VERBOSE: verbose = 1; break; @@ -299,7 +317,7 @@ print_version (FILE *stream, struct argp_state *state) Copyright (C) %s Free Software Foundation, Inc.\n\ This is free software; see the source for copying conditions. There is NO\n\ warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\ -"), "1999"); +"), "2000"); fprintf (stream, gettext ("Written by %s.\n"), "Ulrich Drepper"); } diff --git a/nscd/nscd.c b/nscd/nscd.c index 45928f0f67..bc291d81d9 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -1,4 +1,4 @@ -/* Copyright (c) 1998, 1999 Free Software Foundation, Inc. +/* Copyright (c) 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998. @@ -62,6 +62,7 @@ int do_shutdown; int disabled_passwd; int disabled_group; int go_background = 1; +const char *server_user; int secure[lastdb]; int secure_in_use; @@ -69,6 +70,7 @@ static const char *conffile = _PATH_NSCDCONF; static int check_pid (const char *file); static int write_pid (const char *file); +static void drop_privileges (void); /* Name and version of program. */ static void print_version (FILE *stream, struct argp_state *state); @@ -140,6 +142,8 @@ main (int argc, char **argv) if (fork ()) exit (0); + setsid (); + chdir ("/"); openlog ("nscd", LOG_CONS | LOG_ODELAY, LOG_DAEMON); @@ -164,6 +168,10 @@ main (int argc, char **argv) /* Init databases. */ nscd_init (conffile); + /* Change to unprivileged UID if specifed in config file */ + if(server_user && !secure_in_use) + drop_privileges (); + /* Handle incoming requests */ start_threads (); @@ -364,3 +372,36 @@ write_pid (const char *file) return 0; } + +/* Look up the uid and gid associated with the user we are supposed to run + the server as, and then call setgid(), setgroups(), and setuid(). + Otherwise, abort- we should not run as root if the configuration file + specifically tells us not to. */ + +static void +drop_privileges (void) +{ + int buflen = 256; + char *buffer = alloca (buflen); + struct passwd resultbuf; + struct passwd *pwd; + + while (__getpwnam_r (server_user, &resultbuf, buffer, buflen, &pwd) != 0 + && errno == ERANGE) + { + errno = 0; + buflen += 256; + buffer = alloca (buflen); + } + + if(!pwd) + { + dbg_log (_("Failed to look up user '%s' to run server as"), + server_user); + exit(1); + } + + setgroups (0, NULL); + setgid (pwd->pw_gid); + setuid (pwd->pw_uid); +} diff --git a/nscd/nscd.conf b/nscd/nscd.conf index 0e43da33f5..226dda377f 100644 --- a/nscd/nscd.conf +++ b/nscd/nscd.conf @@ -8,6 +8,8 @@ # logfile <file> # debug-level <level> # threads <#threads to use> +# server-user <user to run server as instead of root> +# server-user is ignored if nscd is started with -S parameters # # enable-cache <service> <yes|no> # positive-time-to-live <service> <time in seconds> @@ -21,7 +23,7 @@ # logfile /var/log/nscd.log # threads 6 - +# server-user nobody debug-level 0 enable-cache passwd yes diff --git a/nscd/nscd.h b/nscd/nscd.h index 36fd1b3002..ab93a9ac3e 100644 --- a/nscd/nscd.h +++ b/nscd/nscd.h @@ -1,4 +1,4 @@ -/* Copyright (c) 1998, 1999 Free Software Foundation, Inc. +/* Copyright (c) 1998, 1999, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998. @@ -96,6 +96,9 @@ extern int nthreads; extern int secure[lastdb]; extern int secure_in_use; /* Is one of the above 1 ? */ +/* User name to run server processes as */ +extern const char *server_user; + /* Prototypes for global functions. */ /* nscd.c */ diff --git a/nscd/nscd_conf.c b/nscd/nscd_conf.c index 010b905fe8..9b8d75ce23 100644 --- a/nscd/nscd_conf.c +++ b/nscd/nscd_conf.c @@ -1,6 +1,6 @@ -/* Copyright (c) 1998 Free Software Foundation, Inc. +/* Copyright (c) 1998, 2000 Free Software Foundation, Inc. This file is part of the GNU C Library. - Contributed by Thorsten Kukuk <kukuk@vt.uni-paderborn.de>, 1998. + Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998. The GNU C Library is free software; you can redistribute it and/or modify it under the terms of the GNU Library General Public License as @@ -176,6 +176,13 @@ nscd_parse_file (const char *fname, struct database dbs[lastdb]) if (nthreads == -1) nthreads = MAX (atol (arg1), lastdb); } + else if (strcmp (entry, "server-user") == 0) + { + if (!arg1) + dbg_log (_("Must specify user name for server-user option"), arg1); + else + server_user = strdup (arg1); + } else dbg_log (_("Unknown option: %s %s %s"), entry, arg1, arg2); } diff --git a/sysdeps/unix/sysv/linux/i386/sigaction.c b/sysdeps/unix/sysv/linux/i386/sigaction.c index 2571f1d922..5e431218e9 100644 --- a/sysdeps/unix/sysv/linux/i386/sigaction.c +++ b/sysdeps/unix/sysv/linux/i386/sigaction.c @@ -148,12 +148,20 @@ __sigaction (int sig, const struct sigaction *act, struct sigaction *oact) weak_alias (__sigaction, sigaction) +/* NOTE: Please think twice before making any changes to the bits of + code below. GDB needs some intimate knowledge about it to + recognize them as signal trampolines, and make backtraces through + signal handlers work right. Important are both the names + (__restore and __restore_rt) and the exact instruction sequence. + If you ever feel the need to make any changes, please notify the + appropriate GDB maintainer. */ + #define RESTORE(name, syscall) RESTORE2 (name, syscall) #define RESTORE2(name, syscall) \ asm \ ( \ ".align 16\n" \ - "__" #name ":\n" \ + "__" #name ":\n" \ " movl $" #syscall ", %eax\n" \ " int $0x80" \ ); @@ -168,8 +176,8 @@ RESTORE (restore_rt, __NR_rt_sigreturn) # define RESTORE2(name, syscall) \ asm \ ( \ - ".align 8\n" \ - "__" #name ":\n" \ + ".align 8\n" \ + "__" #name ":\n" \ " popl %eax\n" \ " movl $" #syscall ", %eax\n" \ " int $0x80" \ diff --git a/sysdeps/unix/sysv/linux/i386/sys/ucontext.h b/sysdeps/unix/sysv/linux/i386/sys/ucontext.h index b6762ce1ae..41fd60a618 100644 --- a/sysdeps/unix/sysv/linux/i386/sys/ucontext.h +++ b/sysdeps/unix/sysv/linux/i386/sys/ucontext.h @@ -26,10 +26,6 @@ included in <signal.h>. */ #include <bits/sigcontext.h> -/* We also need the definition of the userlevel data representation - for the register contexts. */ -#include <sys/user.h> - /* Type for general register. */ typedef int greg_t; |