INN commit: trunk (39 files)

INN Commit Russ_Allbery at isc.org
Sat Jan 12 09:22:19 UTC 2008


    Date: Saturday, January 12, 2008 @ 01:22:18
  Author: iulius
Revision: 7703

Support for "runasuser" and "runasgroup" options within inn.conf
in order to set the news user and the news group under which
the news server runs.

Remove all the occurrences of previous NEWSUSER and NEWSGRP
in the source code.  Instead of them, a new library "newsuser.h"
is called whenever we have to ensure that the program is running
as the right news user/group (ensure_news_* functions).

Many thanks to Ivan Shmakov for this patch.

Added:
  trunk/include/inn/newsuser.h
  trunk/lib/newsuser.c
Modified:
  trunk/MANIFEST
  trunk/Makefile
  trunk/Makefile.global.in
  trunk/backends/Makefile
  trunk/backends/innbind.c
  trunk/doc/pod/inn.conf.pod
  trunk/expire/Makefile
  trunk/expire/expire.c
  trunk/expire/expireover.c
  trunk/expire/makedbz.c
  trunk/expire/makehistory.c
  trunk/frontends/Makefile
  trunk/frontends/inews.c
  trunk/frontends/ovdb_init.c
  trunk/frontends/ovdb_monitor.c
  trunk/frontends/ovdb_stat.c
  trunk/frontends/rnews.c
  trunk/include/inn/innconf.h
  trunk/innd/Makefile
  trunk/innd/innd.c
  trunk/lib/Makefile
  trunk/lib/innconf.c
  trunk/m4/modes.m4
  trunk/m4/users.m4
  trunk/nnrpd/Makefile
  trunk/nnrpd/nnrpd.c
  trunk/nnrpd/tls.c
  trunk/perl/INN/Config.pm.in
  trunk/samples/inn.conf.in
  trunk/scripts/inncheck.in
  trunk/scripts/innshellvars.in
  trunk/scripts/innshellvars.pl.in
  trunk/scripts/innshellvars.tcl.in
  trunk/site/Makefile
  trunk/storage/Makefile
  trunk/storage/ovdb/ovdb.c
  trunk/storage/tradindexed/tdx-util.c

--------------------------------+
 MANIFEST                       |    2 
 Makefile                       |    8 +-
 Makefile.global.in             |   10 +--
 backends/Makefile              |    5 +
 backends/innbind.c             |   19 +++---
 doc/pod/inn.conf.pod           |   10 +++
 expire/Makefile                |   20 ++++---
 expire/expire.c                |   25 +--------
 expire/expireover.c            |   29 +---------
 expire/makedbz.c               |   29 +---------
 expire/makehistory.c           |   33 ++----------
 frontends/Makefile             |   12 ++--
 frontends/inews.c              |   50 +++++++++++-------
 frontends/ovdb_init.c          |    2 
 frontends/ovdb_monitor.c       |    2 
 frontends/ovdb_stat.c          |    2 
 frontends/rnews.c              |   17 ++----
 include/inn/innconf.h          |    2 
 include/inn/newsuser.h         |   24 ++++++++
 innd/Makefile                  |    3 -
 innd/innd.c                    |   22 --------
 lib/Makefile                   |    7 ++
 lib/innconf.c                  |    3 +
 lib/newsuser.c                 |  107 +++++++++++++++++++++++++++++++++++++++
 m4/modes.m4                    |    2 
 m4/users.m4                    |    4 -
 nnrpd/Makefile                 |    7 +-
 nnrpd/nnrpd.c                  |   15 +----
 nnrpd/tls.c                    |    2 
 perl/INN/Config.pm.in          |    4 -
 samples/inn.conf.in            |    3 +
 scripts/inncheck.in            |    5 -
 scripts/innshellvars.in        |    4 -
 scripts/innshellvars.pl.in     |    4 -
 scripts/innshellvars.tcl.in    |    4 -
 site/Makefile                  |    8 +-
 storage/Makefile               |   16 +++--
 storage/ovdb/ovdb.c            |   24 +++++---
 storage/tradindexed/tdx-util.c |   38 +++----------
 39 files changed, 319 insertions(+), 264 deletions(-)

Modified: MANIFEST
===================================================================
--- MANIFEST	2007-12-26 04:17:07 UTC (rev 7702)
+++ MANIFEST	2008-01-12 09:22:18 UTC (rev 7703)
@@ -393,6 +393,7 @@
 include/inn/messages.h                Header file for message functions
 include/inn/mmap.h                    Header file for mmap() functions
 include/inn/network.h                 Header file for network functions
+include/inn/newsuser.h                Header file for ensuring running as news
 include/inn/nntp.h                    Header file for NNTP functions and codes
 include/inn/options.h                 Header file for compile-time options
 include/inn/ov.h                      Header file for old overview API
@@ -515,6 +516,7 @@
 lib/mkstemp.c                         mkstemp replacement
 lib/mmap.c                            mmap manipulation routines
 lib/network.c                         Network utility functions
+lib/newsuser.c                        Ensure running as news user/group
 lib/nntp.c                            NNTP utility library
 lib/perl.c                            Perl hook support for nnrpd and innd
 lib/pread.c                           pread replacement

Modified: Makefile
===================================================================
--- Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -121,11 +121,11 @@
 	$(SSLBIN) req -new -x509 -nodes \
 	    -out $(PATHLIB)/cert.pem -days 366 \
 	    -keyout $(PATHLIB)/key.pem
-	chown $(NEWSUSER) $(PATHLIB)/cert.pem
-	chgrp $(NEWSGROUP) $(PATHLIB)/cert.pem
+	chown $(RUNASUSER) $(PATHLIB)/cert.pem
+	chgrp $(RUNASGROUP) $(PATHLIB)/cert.pem
 	chmod 640 $(PATHLIB)/cert.pem
-	chown $(NEWSUSER) $(PATHLIB)/key.pem
-	chgrp $(NEWSGROUP) $(PATHLIB)/key.pem
+	chown $(RUNASUSER) $(PATHLIB)/key.pem
+	chgrp $(RUNASGROUP) $(PATHLIB)/key.pem
 	chmod 600 $(PATHLIB)/key.pem
 
 

Modified: Makefile.global.in
===================================================================
--- Makefile.global.in	2007-12-26 04:17:07 UTC (rev 7702)
+++ Makefile.global.in	2008-01-12 09:22:18 UTC (rev 7703)
@@ -259,16 +259,16 @@
 ##  configure; inews and rnews are special and have configure flags to
 ##  control how they're installed.  See INSTALL for more information.
 
-NEWSUSER	= @NEWSUSER@
-NEWSGROUP	= @NEWSGRP@
+RUNASUSER	= @RUNASUSER@
+RUNASGROUP	= @RUNASGROUP@
 RNEWSGROUP	= @RNEWSGRP@
 
 INEWSMODE	= @INEWSMODE@
 RNEWSMODE	= @RNEWSMODE@
 FILEMODE	= @FILEMODE@
 
-OWNER		= -o $(NEWSUSER) -g $(NEWSGROUP)
-ROWNER		= -o $(NEWSUSER) -g $(RNEWSGROUP)
+OWNER		= -o $(RUNASUSER) -g $(RUNASGROUP)
+ROWNER		= -o $(RUNASUSER) -g $(RNEWSGROUP)
 
 INSTALL		= $(top)/support/install-sh -c
 
@@ -288,7 +288,7 @@
 ##  files like active and newsgroups that should have the same permissions as
 ##  article files.
 
-LI_SPRI		= $(LIBTOOL) $(INSTALL) -o root -g $(NEWSGROUP) -m 4550 -B .OLD
+LI_SPRI		= $(LIBTOOL) $(INSTALL) -o root -g $(RUNASGROUP) -m 4550 -B .OLD
 LI_XPRI		= $(LIBTOOL) $(INSTALL) $(OWNER) -m 0550 -B .OLD
 LI_XPUB		= $(LIBTOOL) $(INSTALL) $(OWNER) -m 0555 -B .OLD
 

Modified: backends/Makefile
===================================================================
--- backends/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ backends/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -164,8 +164,9 @@
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/portable/socket.h ../include/config.h \
   ../include/portable/getaddrinfo.h ../include/portable/getnameinfo.h \
-  ../include/inn/messages.h ../include/inn/defines.h \
-  ../include/inn/vector.h ../include/inn/libinn.h
+  ../include/inn/libinn.h ../include/inn/defines.h \
+  ../include/inn/messages.h ../include/inn/newsuser.h ../include/config.h \
+  ../include/clibrary.h ../include/inn/vector.h
 inndf.o: inndf.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/inn/innconf.h ../include/inn/defines.h \

Modified: backends/innbind.c
===================================================================
--- backends/innbind.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ backends/innbind.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -9,15 +9,15 @@
 #include "clibrary.h"
 #include "portable/socket.h"
 #include <errno.h>
-#include <pwd.h>
 #ifdef HAVE_STREAMS_SENDFD
 # include <stropts.h>
 #endif
 #include <syslog.h>
 
+#include "inn/libinn.h"
 #include "inn/messages.h"
+#include "inn/newsuser.h"
 #include "inn/vector.h"
-#include "inn/libinn.h"
 
 /* Macros to set the len attribute of sockaddrs. */
 #if HAVE_STRUCT_SOCKADDR_SA_LEN
@@ -267,7 +267,7 @@
 main(int argc, char *argv[])
 {
     struct passwd *pwd;
-    uid_t real_uid;
+    uid_t real_uid, uid;
     int i;
     bool done;
     struct binding binding = { 0, 0, NULL, 0 };
@@ -281,17 +281,16 @@
     message_program_name = "innbind";
 
     /* If we're running privileged (effective and real UIDs are different),
-       convert NEWSUSER to a UID and exit if run by another user.  Don't do
+       convert runasuser to a UID and exit if run by another user.  Don't do
        this if we're not running privileged to make installations that don't
        need privileged ports easier and to make testing easier. */
     real_uid = getuid();
     if (real_uid != geteuid()) {
-        pwd = getpwnam(NEWSUSER);
-        if (pwd == NULL)
-            die("cannot get UID for %s", NEWSUSER);
-        if (real_uid != pwd->pw_uid)
-            die("must be run by user %s (%lu), not %lu", NEWSUSER,
-                (unsigned long) pwd->pw_uid, (unsigned long) real_uid);
+        get_news_uid_gid(&uid, false, true);
+        if (real_uid != uid) {
+            die("must be run by runasuser (%lu), not %lu",
+                (unsigned long) uid, (unsigned long) real_uid);
+        }
     }
 
     /* If the first argument is -p, force creation of the socket and file

Modified: doc/pod/inn.conf.pod
===================================================================
--- doc/pod/inn.conf.pod	2007-12-26 04:17:07 UTC (rev 7702)
+++ doc/pod/inn.conf.pod	2008-01-12 09:22:18 UTC (rev 7703)
@@ -105,6 +105,16 @@
 not start.  A good value to use is the fully-qualified hostname of the
 system.
 
+=item I<runasgroup>
+
+The group under which the news server will run.  The default is C<news>
+and should not normally need to be changed.
+
+=item I<runasuser>
+
+The user under which the news server will run.  The default is C<news>
+and should not normally need to be changed.
+
 =item I<server>
 
 The name of the default NNTP server.  If I<nnrpdposthost> is not set and

Modified: expire/Makefile
===================================================================
--- expire/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ expire/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -97,13 +97,15 @@
   ../include/config.h ../include/inn/history.h ../include/inn/defines.h \
   ../include/inn/innconf.h ../include/inn/messages.h \
   ../include/inn/inndcomm.h ../include/inn/libinn.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
   ../include/inn/paths.h ../include/inn/storage.h
 expireover.o: expireover.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/inn/innconf.h ../include/inn/defines.h \
-  ../include/inn/messages.h ../include/inn/qio.h ../include/inn/libinn.h \
+  ../include/inn/libinn.h ../include/inn/messages.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
   ../include/inn/ov.h ../include/inn/storage.h ../include/inn/history.h \
-  ../include/inn/paths.h ../include/inn/storage.h
+  ../include/inn/paths.h ../include/inn/qio.h ../include/inn/storage.h
 fastrm.o: fastrm.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/inn/innconf.h ../include/inn/defines.h \
@@ -119,17 +121,19 @@
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/dbz.h ../include/inn/libinn.h \
   ../include/inn/defines.h ../include/inn/innconf.h \
-  ../include/inn/messages.h ../include/inn/qio.h ../include/inn/libinn.h \
-  ../include/inn/paths.h ../include/inn/storage.h
+  ../include/inn/libinn.h ../include/inn/messages.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
+  ../include/inn/paths.h ../include/inn/qio.h ../include/inn/storage.h
 makehistory.o: makehistory.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/portable/wait.h ../include/config.h \
   ../include/inn/buffer.h ../include/inn/defines.h \
   ../include/inn/history.h ../include/inn/innconf.h \
-  ../include/inn/messages.h ../include/inn/qio.h ../include/inn/wire.h \
-  ../include/inn/libinn.h ../include/inn/ov.h ../include/inn/storage.h \
-  ../include/inn/history.h ../include/inn/paths.h \
-  ../include/inn/storage.h
+  ../include/inn/libinn.h ../include/inn/messages.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
+  ../include/inn/ov.h ../include/inn/storage.h ../include/inn/history.h \
+  ../include/inn/paths.h ../include/inn/qio.h ../include/inn/storage.h \
+  ../include/inn/wire.h
 prunehistory.o: prunehistory.c ../include/config.h \
   ../include/inn/defines.h ../include/inn/system.h \
   ../include/inn/options.h ../include/clibrary.h ../include/config.h \

Modified: expire/expire.c
===================================================================
--- expire/expire.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ expire/expire.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -7,7 +7,6 @@
 #include "clibrary.h"
 #include <ctype.h>
 #include <errno.h>
-#include <pwd.h>
 #include <sys/stat.h>
 #include <syslog.h>
 #include <time.h>
@@ -17,6 +16,7 @@
 #include "inn/messages.h"
 #include "inn/inndcomm.h"
 #include "inn/libinn.h"
+#include "inn/newsuser.h"
 #include "inn/paths.h"
 #include "inn/storage.h"
 
@@ -488,25 +488,6 @@
 }
 
 
-/*
-**  Change to the news user if possible, and if not, die.  Used for operations
-**  that may create new database files so as not to mess up the ownership.
-*/
-static void
-setuid_news(void)
-{
-    struct passwd *pwd;
-
-    pwd = getpwnam(NEWSUSER);
-    if (pwd == NULL)
-        die("can't resolve %s to a UID (account doesn't exist?)", NEWSUSER);
-    if (getuid() == 0)
-        setuid(pwd->pw_uid);
-    if (getuid() != pwd->pw_uid)
-        die("must be run as %s", NEWSUSER);
-}
-
-
 int
 main(int ac, char *av[])
 {
@@ -627,8 +608,8 @@
     RealNow = Now;
     Now += TimeWarp;
 
-    /* Change users if necessary. */
-    setuid_news();
+    /* Change to the runasuser user and runasgroup group if necessary. */
+    ensure_news_user_grp(true, true);
 
     /* Parse the control file. */
     if (av[0]) {

Modified: expire/expireover.c
===================================================================
--- expire/expireover.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ expire/expireover.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -11,17 +11,17 @@
 #include "config.h"
 #include "clibrary.h"
 #include <errno.h>
-#include <pwd.h>
 #include <signal.h>
 #include <syslog.h>
 #include <time.h>
 
 #include "inn/innconf.h"
-#include "inn/messages.h"
-#include "inn/qio.h"
 #include "inn/libinn.h"
+#include "inn/messages.h"
+#include "inn/newsuser.h"
 #include "inn/ov.h"
 #include "inn/paths.h"
+#include "inn/qio.h"
 #include "inn/storage.h"
 
 static const char usage[] = "\
@@ -46,25 +46,6 @@
 }
 
 
-/*
-**  Change to the news user if possible, and if not, die.  Used for operations
-**  that may create new database files so as not to mess up the ownership.
-*/
-static void
-setuid_news(void)
-{
-    struct passwd *pwd;
-
-    pwd = getpwnam(NEWSUSER);
-    if (pwd == NULL)
-        die("can't resolve %s to a UID (account doesn't exist?)", NEWSUSER);
-    if (getuid() == 0)
-        setuid(pwd->pw_uid);
-    if (getuid() != pwd->pw_uid)
-        die("must be run as %s", NEWSUSER);
-}
-
-
 int
 main(int argc, char *argv[])
 {
@@ -142,8 +123,8 @@
     if (!innconf_read(NULL))
         exit(1);
 
-    /* Change to the news user if necessary. */
-    setuid_news();
+    /* Change to the runasuser user and runasgroup group if necessary. */
+    ensure_news_user_grp(true, true);
 
     /* Initialize the lowmark file, if one was requested. */
     if (lowmark_path != NULL) {

Modified: expire/makedbz.c
===================================================================
--- expire/makedbz.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ expire/makedbz.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -6,15 +6,15 @@
 #include "config.h"
 #include "clibrary.h"
 #include <errno.h>
-#include <pwd.h>
 #include <syslog.h>  
 
 #include "dbz.h"
 #include "inn/innconf.h"
-#include "inn/messages.h"
-#include "inn/qio.h"
 #include "inn/libinn.h"
+#include "inn/messages.h"
+#include "inn/newsuser.h"
 #include "inn/paths.h"
+#include "inn/qio.h"
 #include "inn/storage.h"
 
 /* FIXME: once we figure out how to integrate this stuff with the
@@ -230,25 +230,6 @@
 }
 
 
-/*
-**  Change to the news user if possible, and if not, die.  Used for operations
-**  that may create new database files, so as not to mess up the ownership.
-*/
-static void
-setuid_news(void)
-{
-    struct passwd *pwd;
-
-    pwd = getpwnam(NEWSUSER);
-    if (pwd == NULL)
-        die("can't resolve %s to a UID (account doesn't exist?)", NEWSUSER);
-    if (getuid() == 0)
-        setuid(pwd->pw_uid);
-    if (getuid() != pwd->pw_uid)
-        die("must be run as %s", NEWSUSER);
-}
-
-
 int
 main(int argc, char **argv)
 {
@@ -309,8 +290,8 @@
     if (chdir(HistoryDir) < 0)
         sysdie("cannot chdir to %s", HistoryDir);
 
-    /* Change users if necessary. */
-    setuid_news();
+    /* Change to the runasuser user and runasgroup group if necessary. */
+    ensure_news_user_grp(true, true);
 
     Rebuild(size, IgnoreOld, Overwrite);
     closelog();

Modified: expire/makehistory.c
===================================================================
--- expire/makehistory.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ expire/makehistory.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -8,20 +8,20 @@
 #include "portable/wait.h"
 #include <assert.h>
 #include <errno.h>
-#include <pwd.h>
 #include <syslog.h>
 #include <time.h>
 
 #include "inn/buffer.h"
 #include "inn/history.h"
 #include "inn/innconf.h"
-#include "inn/messages.h"
-#include "inn/qio.h"
-#include "inn/wire.h"
 #include "inn/libinn.h"
+#include "inn/messages.h"
+#include "inn/newsuser.h"
 #include "inn/ov.h"
 #include "inn/paths.h"
+#include "inn/qio.h"
 #include "inn/storage.h"
+#include "inn/wire.h"
 
 static const char usage[] = "\
 Usage: makehistory [-bOIax] [-f file] [-l count] [-s size] [-T tmpdir]\n\
@@ -742,27 +742,6 @@
 }
 
 
-/*
-**  Change to the news user if possible, and if not, die.  Used for operations
-**  that may create new database files, so as not to mess up the ownership.
-*/
-static void
-setuid_news(void)
-{
-    struct passwd *pwd;
-
-    if (getenv("INN_TESTSUITE") != NULL)
-        return;
-    pwd = getpwnam(NEWSUSER);
-    if (pwd == NULL)
-        die("can't resolve %s to a UID (account doesn't exist?)", NEWSUSER);
-    if (getuid() == 0)
-        setuid(pwd->pw_uid);
-    if (getuid() != pwd->pw_uid)
-        die("must be run as %s", NEWSUSER);
-}
-
-
 int
 main(int argc, char **argv)
 {
@@ -865,9 +844,9 @@
             sysdie("cannot chdir to %s", HistoryDir);
     }
 
-    /* Change users if necessary. */
+    /* Change to the runasuser user and runasgroup group if necessary. */
     if (!NoHistory || !WriteStdout)
-        setuid_news();
+        ensure_news_user_grp(true, true);
 
     /* Read in the overview schema */
     ARTreadschema(DoOverview);

Modified: frontends/Makefile
===================================================================
--- frontends/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ frontends/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -148,8 +148,9 @@
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/portable/time.h ../include/config.h \
   ../include/inn/innconf.h ../include/inn/defines.h \
-  ../include/inn/messages.h ../include/inn/libinn.h ../include/nntp.h \
-  ../include/inn/nntp.h ../include/inn/paths.h
+  ../include/inn/libinn.h ../include/inn/messages.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
+  ../include/inn/paths.h ../include/nntp.h ../include/inn/nntp.h
 innconfval.o: innconfval.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/inn/innconf.h ../include/inn/defines.h \
@@ -192,9 +193,10 @@
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/portable/wait.h ../include/config.h \
   ../include/inn/innconf.h ../include/inn/defines.h \
-  ../include/inn/messages.h ../include/inn/wire.h ../include/inn/libinn.h \
-  ../include/nntp.h ../include/inn/nntp.h ../include/inn/paths.h \
-  ../include/inn/storage.h
+  ../include/inn/libinn.h ../include/inn/messages.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
+  ../include/inn/paths.h ../include/inn/storage.h ../include/inn/wire.h \
+  ../include/nntp.h ../include/inn/nntp.h
 sm.o: sm.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/inn/buffer.h ../include/inn/defines.h \

Modified: frontends/inews.c
===================================================================
--- frontends/inews.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ frontends/inews.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -10,15 +10,15 @@
 #include <ctype.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <grp.h>
 #include <pwd.h>
 #include <sys/stat.h>
 
 #include "inn/innconf.h"
+#include "inn/libinn.h"
 #include "inn/messages.h"
-#include "inn/libinn.h"
+#include "inn/newsuser.h"
+#include "inn/paths.h"
 #include "nntp.h"
-#include "inn/paths.h"
 
 /* Signature handling.  The separator will be appended before the signature,
    and at most SIG_MAXLINES will be appended. */
@@ -339,8 +339,8 @@
 static bool
 AnAdministrator(char *name, gid_t group)
 {
-    struct passwd	*pwp;
-    struct group	*grp;
+    uid_t               news_uid;
+    gid_t               news_gid;
     char		**mem;
     char		*p;
 
@@ -348,21 +348,33 @@
 	return false;
 
     /* Find out who we are. */
-    if ((pwp = getpwnam(NEWSUSER)) == NULL)
-	/* Silent falure; clients might not have the group. */
-	return false;
-    if (getuid() == pwp->pw_uid)
-	return true;
+    if (get_news_uid_gid(&news_uid, &news_gid, false) != 0) {
+        /* Silent failure; clients might not have the group. */
+        return false;
+    }
+    if (getuid() == news_uid)
+        return true;
 
-    /* See if the we're in the right group. */
-    if ((grp = getgrnam(NEWSGRP)) == NULL || (mem = grp->gr_mem) == NULL)
-	/* Silent falure; clients might not have the group. */
-	return false;
-    if (group == grp->gr_gid)
-	return true;
-    while ((p = *mem++) != NULL)
-	if (strcmp(name, p) == 0)
-	    return true;
+    /* See if we are in the right group and examine process
+     * supplementary groups, rather than the group(5) file entry.
+     */
+    {
+        int ngroups = getgroups(0, 0);
+        gid_t *groups, *gp;
+        int rv;
+        int rest;
+
+        groups = (gid_t *) xmalloc(ngroups * sizeof(*groups));
+        if ((rv = getgroups(ngroups, groups)) < 0) {
+            /* Silent failure; client doesn't have the group. */
+            return false;
+        }
+        for (rest = ngroups, gp = groups; rest > 0; rest--, gp++) {
+            if (*gp == news_gid)
+                return true;
+        }
+    }
+    
     return false;
 }
 

Modified: frontends/ovdb_init.c
===================================================================
--- frontends/ovdb_init.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ frontends/ovdb_init.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -369,7 +369,7 @@
         die("ovmethod not set to ovdb in inn.conf");
 
     if(!ovdb_check_user())
-        die("command must be run as user " NEWSUSER);
+        die("command must be run as runasuser user");
 
     chdir(innconf->pathtmp);
 

Modified: frontends/ovdb_monitor.c
===================================================================
--- frontends/ovdb_monitor.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ frontends/ovdb_monitor.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -303,7 +303,7 @@
     if(strcmp(innconf->ovmethod, "ovdb"))
         die("ovmethod not set to ovdb in inn.conf");
     if(!ovdb_check_user())
-        die("command must be run as user " NEWSUSER);
+        die("command must be run as runasuser user");
     if(!ovdb_getlock(OVDB_LOCK_ADMIN))
         die("cannot lock database");
 

Modified: frontends/ovdb_stat.c
===================================================================
--- frontends/ovdb_stat.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ frontends/ovdb_stat.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -778,7 +778,7 @@
         exit(1);
 
     if(!ovdb_check_user())
-        die("command must be run as user " NEWSUSER);
+        die("command must be run as runasuser user");
     if(!ovdb_getlock(OVDB_LOCK_ADMIN))
         sysdie("cannot lock database");
     if(!ovdb_open(OV_READ|OVDB_SERVER))

Modified: frontends/rnews.c
===================================================================
--- frontends/rnews.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ frontends/rnews.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -14,17 +14,17 @@
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
-#include <pwd.h>
 #include <syslog.h>
 #include <sys/stat.h>
 
 #include "inn/innconf.h"
-#include "inn/messages.h"
-#include "inn/wire.h"
 #include "inn/libinn.h"
-#include "nntp.h"
+#include "inn/messages.h"
+#include "inn/newsuser.h"
 #include "inn/paths.h"
 #include "inn/storage.h"
+#include "inn/wire.h"
+#include "nntp.h"
 
 
 typedef struct _HEADER {
@@ -855,13 +855,10 @@
        other setups where rnews might be setuid news or be run by other
        processes in the news group. */
     if (getuid() == 0 || geteuid() == 0) {
-        struct passwd *pwd;
+        uid_t uid;
 
-        pwd = getpwnam(NEWSUSER);
-        if (pwd == NULL)
-            die("can't resolve %s to a UID (account doesn't exist?)",
-                NEWSUSER);
-        setuid(pwd->pw_uid);
+        get_news_uid_gid(&uid, false, true);
+        setuid(uid);
     }
 
     if (!innconf_read(NULL))

Modified: include/inn/innconf.h
===================================================================
--- include/inn/innconf.h	2007-12-26 04:17:07 UTC (rev 7702)
+++ include/inn/innconf.h	2008-01-12 09:22:18 UTC (rev 7703)
@@ -26,6 +26,8 @@
     char *mta;                  /* MTA for mailing to moderators, innmail */
     char *pathhost;             /* Entry for the Path: line */
     char *server;               /* Default server to connect to */
+    char *runasuser;            /* User to run under */
+    char *runasgroup;           /* Group to run under */
 
     /* Feed Configuration */
     long artcutoff;             /* Max accepted article age */

Added: include/inn/newsuser.h
===================================================================
--- include/inn/newsuser.h	                        (rev 0)
+++ include/inn/newsuser.h	2008-01-12 09:22:18 UTC (rev 7703)
@@ -0,0 +1,24 @@
+/* $Id$
+ *
+ * Declarations of functions to ensure running as "news" user/group.
+ *
+ * By Ivan Shmakov, 2007.
+ * This code is in the public domain.
+ *
+ */
+
+#ifndef RUNASUSER_H
+#define RUNASUSER_H 1
+
+#include "config.h"
+#include "clibrary.h"
+
+int get_news_uid_gid(uid_t *uid, gid_t *gid, bool may_die);
+
+/* The following functions die() on failure. */
+void ensure_news_user(bool may_setuid);
+void ensure_news_grp(bool may_setgid);
+void ensure_news_user_grp(bool may_setuid, bool may_setgid);
+
+#endif
+


Property changes on: trunk/include/inn/newsuser.h
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision
Name: svn:eol-style
   + native

Modified: innd/Makefile
===================================================================
--- innd/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ innd/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -119,7 +119,8 @@
 innd.o: innd.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/inn/innconf.h ../include/inn/defines.h \
-  ../include/inn/messages.h ../include/innperl.h innd.h \
+  ../include/inn/messages.h ../include/inn/newsuser.h ../include/config.h \
+  ../include/clibrary.h ../include/innperl.h innd.h \
   ../include/portable/time.h ../include/config.h \
   ../include/portable/socket.h ../include/portable/getaddrinfo.h \
   ../include/portable/getnameinfo.h ../include/inn/buffer.h \

Modified: innd/innd.c
===================================================================
--- innd/innd.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ innd/innd.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -5,11 +5,10 @@
 
 #include "config.h"
 #include "clibrary.h"
-#include <grp.h>
-#include <pwd.h>
 
 #include "inn/innconf.h"
 #include "inn/messages.h"
+#include "inn/newsuser.h"
 #include "innperl.h"
 
 #define DEFINE_DATA
@@ -278,8 +277,6 @@
     const char *name, *p;
     char *path;
     bool flag;
-    struct passwd *pwd;
-    struct group *grp;
     static char		WHEN[] = "PID file";
     int			i;
     char		buff[SMBUF];
@@ -314,22 +311,7 @@
 
     /* Make sure innd is running as the correct user.  If it is started as
        root, switch to running as the news user. */
-    grp = getgrnam(NEWSGRP);
-    if (grp == NULL)
-        die("SERVER cannot get GID for %s", NEWSGRP);
-    pwd = getpwnam(NEWSUSER);
-    if (pwd == NULL)
-        die("SERVER cannot get UID for %s", NEWSUSER);
-    if (getuid() == 0 || geteuid() == 0) {
-        setgid(grp->gr_gid);
-        setuid(pwd->pw_uid);
-    }
-    if (getuid() != pwd->pw_uid)
-        die("SERVER should run as user %s (%lu), not %lu", NEWSUSER,
-            (unsigned long) pwd->pw_uid, (unsigned long) getuid());
-    if (getgid() != grp->gr_gid)
-        die("SERVER should run as group %s (%lu), not %lu", NEWSGRP,
-            (unsigned long) grp->gr_gid, (unsigned long) getgid());
+    ensure_news_user_grp(true, true);
 
     /* Handle malloc debugging. */
 #if	defined(_DEBUG_MALLOC_INC)

Modified: lib/Makefile
===================================================================
--- lib/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ lib/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -11,7 +11,8 @@
 		dispatch.c fdflags.c fdlimit.c genid.c getfqdn.c \
 		getmodaddr.c hash.c hashtab.c hex.c innconf.c inndcomm.c \
 		list.c localopen.c lockfile.c makedir.c md5.c messages.c \
-		mmap.c network.c nntp.c qio.c radix32.c readin.c remopen.c \
+		mmap.c network.c newsuser.c nntp.c qio.c radix32.c \
+		readin.c remopen.c \
 		reservedfd.c resource.c sendarticle.c sendpass.c sequence.c \
 		timer.c tst.c uwildmat.c vector.c wire.c xfopena.c \
 		xmalloc.c xsignal.c xwrite.c
@@ -212,6 +213,10 @@
   ../include/portable/wait.h ../include/inn/innconf.h \
   ../include/inn/defines.h ../include/inn/messages.h \
   ../include/inn/network.h ../include/inn/libinn.h
+newsuser.o: newsuser.c ../include/config.h ../include/inn/defines.h \
+  ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
+  ../include/config.h ../include/inn/innconf.h ../include/inn/defines.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h
 nntp.o: nntp.c ../include/config.h ../include/inn/defines.h \
   ../include/inn/system.h ../include/inn/options.h ../include/clibrary.h \
   ../include/config.h ../include/portable/socket.h ../include/config.h \

Modified: lib/innconf.c
===================================================================
--- lib/innconf.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ lib/innconf.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -118,6 +118,9 @@
     { K(sourceaddress6),        STRING  (NULL) },
     { K(timer),                 NUMBER  (0) },
 
+    { K(runasuser),             STRING  (RUNASUSER) },
+    { K(runasgroup),            STRING  (RUNASGROUP) },
+
     { K(patharchive),           STRING  (NULL) },
     { K(patharticles),          STRING  (NULL) },
     { K(pathbin),               STRING  (NULL) },

Added: lib/newsuser.c
===================================================================
--- lib/newsuser.c	                        (rev 0)
+++ lib/newsuser.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -0,0 +1,107 @@
+/* $Id$
+ *
+ * Ensure running as "news" user/group.
+ *
+ * By Ivan Shmakov, 2007.
+ * This code is in the public domain.
+ *
+ */
+
+#include "config.h"
+#include "clibrary.h"
+
+#include <pwd.h>
+#include <grp.h>
+
+#include "inn/innconf.h"
+#include "inn/newsuser.h"
+
+/*
+ * Resolve runasuser to a UID and runasgroup to a GID.
+ */
+int
+get_news_uid_gid(uid_t *uid, gid_t *gid, bool may_die)
+{
+    /* NB:  get_news_uid_gid() may be called before innconf_read(). */
+    const char *runasuser = innconf != NULL ? innconf->runasuser : RUNASUSER;
+    const char *runasgroup  = innconf != NULL ? innconf->runasgroup  : RUNASGROUP;
+    bool fail = false;
+    struct passwd *pwd;
+    struct group *grp;
+
+    /* Resolve runasuser to a UID. */
+    if (!uid) {
+        /* Do nothing. */
+    } else if ((pwd = getpwnam(runasuser)) != 0) {
+        *uid = pwd->pw_uid;
+    } else if (may_die) {
+        die (("can't resolve %s to a UID"
+              " (account doesn't exist?)"), runasuser);
+    } else {
+        fail = true;
+    }
+    
+    /* Resolve runasgroup to a GID. */
+    if (!gid) {
+        /* Do nothing. */
+    } else if ((grp = getgrnam(runasgroup)) != 0) {
+        *gid = grp->gr_gid;
+    } else if (may_die) {
+        die (("can't resolve %s to a GID"
+              " (group doesn't exist?)"), runasgroup);
+    } else {
+        fail = true;
+    }
+
+    return fail ? -1 : 0;
+}
+
+/*
+ * Ensure running as runasuser user.
+ */
+void
+ensure_news_user(bool may_setuid)
+{
+    uid_t uid;
+
+    get_news_uid_gid(&uid, false, true);
+    if (geteuid() == 0) {
+        if (! may_setuid) {
+            /* NB:  mustn't be run as root, unless "may_setuid" is true. */
+            die("must be run as %s, not as root", innconf->runasuser);
+        }
+        setuid(uid);
+    }
+    if (geteuid() != uid || getuid() != uid) {
+        die("must be run as %s", innconf->runasuser);
+    }
+}
+
+/*
+ * Ensure running as runasgroup group.
+ */
+void
+ensure_news_grp(bool may_setgid)
+{
+    gid_t gid;
+
+    get_news_uid_gid(false, &gid, true);
+    if (may_setgid && geteuid() == 0) {
+        setgid(gid);
+    }
+    if (getegid() != gid || getgid() != gid) {
+        die ("must be run as %s group", innconf->runasgroup);
+    }
+}
+
+/*
+ * Ensure running as runasuser user and runasgroup group.
+ */
+void
+ensure_news_user_grp(bool may_setuid, bool may_setgid)
+{
+  /* NB:  changing the group first to lose root privileges last. */
+  ensure_news_grp(may_setgid);
+  ensure_news_user(may_setuid);
+}
+


Property changes on: trunk/lib/newsuser.c
___________________________________________________________________
Name: svn:keywords
   + Author Date Id Revision
Name: svn:eol-style
   + native

Modified: m4/modes.m4
===================================================================
--- m4/modes.m4	2007-12-26 04:17:07 UTC (rev 7702)
+++ m4/modes.m4	2008-01-12 09:22:18 UTC (rev 7703)
@@ -54,7 +54,7 @@
 dnl user for incoming batches, but this isn't necessary unless you're using
 dnl UUCP (which most people aren't) and setuid news is all that's needed.
 dnl Only do even that if it's explicitly requested at configure time.
-RNEWSGRP=$NEWSGRP
+RNEWSGRP=$RUNASGROUP
 RNEWSMODE=0500
 AC_ARG_ENABLE([uucp-rnews],
     [AC_HELP_STRING([--enable-uucp-rnews],

Modified: m4/users.m4
===================================================================
--- m4/users.m4	2007-12-26 04:17:07 UTC (rev 7702)
+++ m4/users.m4	2008-01-12 09:22:18 UTC (rev 7703)
@@ -14,10 +14,10 @@
 
 dnl And here they are.
 AC_DEFUN([INN_ARG_USERS],
-[_INN_ARG_USER([user], [news], [NEWSUSER],
+[_INN_ARG_USER([user], [news], [RUNASUSER],
     [AC_HELP_STRING([--with-news-user=USER], [News user name [news]])],
     [The user that INN should run as.])
-_INN_ARG_USER([group], [news], [NEWSGRP],
+_INN_ARG_USER([group], [news], [RUNASGROUP],
     [AC_HELP_STRING([--with-news-group=GROUP], [News group name [news]])],
     [The group that INN should run as.])
 _INN_ARG_USER([master], [usenet], [NEWSMASTER],

Modified: nnrpd/Makefile
===================================================================
--- nnrpd/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ nnrpd/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -167,9 +167,10 @@
   ../include/portable/socket.h ../include/portable/getaddrinfo.h \
   ../include/portable/getnameinfo.h ../include/portable/wait.h \
   ../include/inn/innconf.h ../include/inn/defines.h \
-  ../include/inn/messages.h ../include/inn/network.h \
-  ../include/inn/version.h ../include/inn/libinn.h ../include/inn/ov.h \
-  ../include/inn/storage.h ../include/inn/history.h nnrpd.h \
+  ../include/inn/libinn.h ../include/inn/messages.h \
+  ../include/inn/network.h ../include/inn/newsuser.h ../include/config.h \
+  ../include/clibrary.h ../include/inn/ov.h ../include/inn/storage.h \
+  ../include/inn/history.h ../include/inn/version.h nnrpd.h \
   ../include/portable/time.h ../include/inn/qio.h ../include/nntp.h \
   ../include/inn/nntp.h ../include/inn/paths.h ../include/inn/storage.h \
   ../include/inn/vector.h ../include/inn/timer.h tls.h

Modified: nnrpd/nnrpd.c
===================================================================
--- nnrpd/nnrpd.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ nnrpd/nnrpd.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -12,9 +12,7 @@
 #include "portable/setproctitle.h"
 #include "portable/socket.h"
 #include "portable/wait.h"
-#include <grp.h>
 #include <netdb.h>
-#include <pwd.h>
 #include <signal.h>
 
 #if HAVE_GETSPNAM
@@ -22,11 +20,12 @@
 #endif
 
 #include "inn/innconf.h"
+#include "inn/libinn.h"
 #include "inn/messages.h"
 #include "inn/network.h"
-#include "inn/version.h"
-#include "inn/libinn.h"
+#include "inn/newsuser.h"
 #include "inn/ov.h"
+#include "inn/version.h"
 #define MAINLINE
 #include "nnrpd.h"
 
@@ -687,7 +686,6 @@
     int			lfd, fd;
     pid_t		pid = -1;
     FILE                *pidfile;
-    struct passwd	*pwd;
     int			clienttimeout;
     char		*ConfFile = NULL;
     char                *path;
@@ -814,12 +812,7 @@
        running as root, everything's fine; the things we write it's okay to
        write as a member of the news group. */
     if (getuid() == 0) {
-        pwd = getpwnam(NEWSUSER);
-        if (pwd == NULL)
-            die("cant resolve %s to a UID (account doesn't exist?)", NEWSUSER);
-        setuid(pwd->pw_uid);
-        if (getuid() != pwd->pw_uid)
-            die("cant setuid to %s (%d)", NEWSUSER, pwd->pw_uid);
+        ensure_news_user_grp(true, true);
     }
 
     if (DaemonMode) {

Modified: nnrpd/tls.c
===================================================================
--- nnrpd/tls.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ nnrpd/tls.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -390,7 +390,7 @@
 	    buf.st_uid != getuid()) {
 	    syslog(L_ERROR, "bad ownership or permissions on private key"
                    " '%s': private key must be mode 600 and owned by "
-                   NEWSUSER, cert_file);
+                   "uid %d", cert_file, getuid());
 	    return (0);
 	}
 

Modified: perl/INN/Config.pm.in
===================================================================
--- perl/INN/Config.pm.in	2007-12-26 04:17:07 UTC (rev 7702)
+++ perl/INN/Config.pm.in	2008-01-12 09:22:18 UTC (rev 7703)
@@ -139,8 +139,8 @@
 my @SYSVAR = qw($newsmaster $newsuser $newsgroup
 $filemode $inewsmode $rnewsmode $umask $syslog_facility);
 our $newsmaster = '@NEWSMASTER@';
-our $newsuser = '@NEWSUSER@';
-our $newsgroup = '@NEWSGRP@';
+our $newsuser = ${runasuser};
+our $newsgroup = ${runasgroup};
 our $filemode = @FILEMODE@;      # It is a number.
 our $inewsmode = @INEWSMODE@;
 our $rnewsmode = @RNEWSMODE@;

Modified: samples/inn.conf.in
===================================================================
--- samples/inn.conf.in	2007-12-26 04:17:07 UTC (rev 7702)
+++ samples/inn.conf.in	2008-01-12 09:22:18 UTC (rev 7703)
@@ -24,6 +24,9 @@
 pathhost:               @HOSTNAME@
 pathnews:               @prefix@
 
+#runasuser:
+#runasgroup:
+
 # General Settings
 
 #domain:

Modified: scripts/inncheck.in
===================================================================
--- scripts/inncheck.in	2007-12-26 04:17:07 UTC (rev 7702)
+++ scripts/inncheck.in	2008-01-12 09:22:18 UTC (rev 7703)
@@ -9,9 +9,6 @@
 $ST_UID  = 4;
 $ST_GID  = 5;
 
-$newsuser = "$INN::Config::newsuser";
-$newsgroup = "$INN::Config::newsgroup";
-
 ##  We use simple names, mapping them to the real filenames only when
 ##  we actually need a filename.
 %paths = (
@@ -653,7 +650,7 @@
 sub
 checkperm
 {
-    local ($f, $m, $u, $g) = ( @_, $newsuser, $newsgroup);
+    local ($f, $m, $u, $g) = ( @_, $INN::Config::runasuser, $INN::Config::runasgroup);
     local (@sb, $owner, $group, $mode);
 
     die "Internal error, undefined name in perm from ", (caller(0))[2], "\n"

Modified: scripts/innshellvars.in
===================================================================
--- scripts/innshellvars.in	2007-12-26 04:17:07 UTC (rev 7702)
+++ scripts/innshellvars.in	2008-01-12 09:22:18 UTC (rev 7703)
@@ -97,8 +97,8 @@
 TEMPSOCKDIR=`echo ${INNDDIR}/ctlinndXXXXXX | ${SED} -e 's@/[^/]*$@@'`
 
 NEWSMASTER=@NEWSMASTER@
-NEWSUSER=@NEWSUSER@
-NEWSGROUP=@NEWSGRP@
+NEWSUSER=${RUNASUSER}
+NEWSGROUP=${RUNASGROUP}
 
 FILEMODE=@FILEMODE@
 INEWSMODE=@INEWSMODE@

Modified: scripts/innshellvars.pl.in
===================================================================
--- scripts/innshellvars.pl.in	2007-12-26 04:17:07 UTC (rev 7702)
+++ scripts/innshellvars.pl.in	2008-01-12 09:22:18 UTC (rev 7703)
@@ -101,8 +101,8 @@
 ($tempsockdir = "${innddir}/ctlinndXXXXXX") =~ s!/[^/]*$!! ;
 
 $newsmaster = '@NEWSMASTER@' ;
-$newsuser = '@NEWSUSER@' ;
-$newsgroup = '@NEWSGRP@' ;
+$newsuser = ${runasuser} ;
+$newsgroup = ${runasgroup} ;
 
 $do_dbz_tagged_hash = '@DO_DBZ_TAGGED_HASH@' ;
 

Modified: scripts/innshellvars.tcl.in
===================================================================
--- scripts/innshellvars.tcl.in	2007-12-26 04:17:07 UTC (rev 7702)
+++ scripts/innshellvars.tcl.in	2008-01-12 09:22:18 UTC (rev 7703)
@@ -92,8 +92,8 @@
 set inn_tempsockdir [ exec echo ${inn_innddir}/ctlinndXXXXXX | $inn_sed -e {s@/[^/]*$@@} ]
 
 set inn_newsmaster "@NEWSMASTER@"
-set inn_newsuser "@NEWSUSER@"
-set inn_newsgroup "@NEWSGRP@"
+set inn_newsuser "${inn_runasuser}"
+set inn_newsgroup "${inn_runasgroup}"
 
 set do_dbz_tagged_hash "@DO_DBZ_TAGGED_HASH@"
 

Modified: site/Makefile
===================================================================
--- site/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ site/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -131,13 +131,13 @@
 $D$(PATH_NEWSGROUPS):	; $(CP_DATA) newsgroups.minimal $@
 $D$(PATH_ACTIVE_TIMES):
 	touch $@
-	chown $(NEWSUSER) $@
-	chgrp $(NEWSGROUP) $@
+	chown $(RUNASUSER) $@
+	chgrp $(RUNASGROUP) $@
 	chmod $(FILEMODE) $@
 $D$(PATH_HISTORY):
 	touch $@
-	chown $(NEWSUSER) $@
-	chgrp $(NEWSGROUP) $@
+	chown $(RUNASUSER) $@
+	chgrp $(RUNASGROUP) $@
 	chmod $(FILEMODE) $@
 	$(PATHBIN)/makedbz -i -o
 

Modified: storage/Makefile
===================================================================
--- storage/Makefile	2007-12-26 04:17:07 UTC (rev 7702)
+++ storage/Makefile	2008-01-12 09:22:18 UTC (rev 7703)
@@ -178,7 +178,8 @@
   ../include/portable/getaddrinfo.h ../include/portable/getnameinfo.h \
   ../include/portable/time.h ../include/conffile.h \
   ../include/inn/innconf.h ../include/inn/defines.h \
-  ../include/inn/messages.h ../include/inn/libinn.h \
+  ../include/inn/libinn.h ../include/inn/messages.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
   ../include/inn/paths.h ../include/inn/storage.h ../include/inn/ov.h \
   ../include/inn/storage.h ../include/inn/history.h ovinterface.h \
   ../include/config.h ../include/inn/history.h ../include/inn/ov.h \
@@ -252,10 +253,11 @@
   ../include/inn/defines.h ../include/inn/system.h \
   ../include/inn/options.h ../include/clibrary.h ../include/config.h \
   ../include/inn/buffer.h ../include/inn/defines.h \
-  ../include/inn/history.h ../include/inn/innconf.h \
-  ../include/inn/messages.h ../include/inn/vector.h ../include/inn/wire.h \
-  ../include/inn/libinn.h ../include/inn/ov.h ../include/inn/storage.h \
-  ../include/inn/history.h ovinterface.h ../include/config.h \
-  ../include/inn/history.h ../include/inn/ov.h ../include/inn/storage.h \
-  ../include/inn/paths.h tradindexed/tdx-private.h \
+  ../include/inn/libinn.h ../include/inn/history.h \
+  ../include/inn/innconf.h ../include/inn/messages.h \
+  ../include/inn/newsuser.h ../include/config.h ../include/clibrary.h \
+  ../include/inn/ov.h ../include/inn/storage.h ../include/inn/history.h \
+  ../include/inn/paths.h ../include/inn/vector.h ../include/inn/wire.h \
+  ovinterface.h ../include/config.h ../include/inn/history.h \
+  ../include/inn/ov.h ../include/inn/storage.h tradindexed/tdx-private.h \
   ../include/inn/storage.h tradindexed/tdx-structure.h

Modified: storage/ovdb/ovdb.c
===================================================================
--- storage/ovdb/ovdb.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ storage/ovdb/ovdb.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -79,7 +79,6 @@
 #ifdef HAVE_LIMITS_H
 # include <limits.h>
 #endif
-#include <pwd.h>
 #include <signal.h>
 #ifdef HAVE_SYS_SELECT_H
 # include <sys/select.h>
@@ -92,8 +91,9 @@
 
 #include "conffile.h"
 #include "inn/innconf.h"
+#include "inn/libinn.h"
 #include "inn/messages.h"
-#include "inn/libinn.h"
+#include "inn/newsuser.h"
 #include "inn/paths.h"
 #include "inn/storage.h"
 
@@ -1370,19 +1370,23 @@
     return true;
 }
 
-/* make sure the effective uid is that of NEWSUSER */
+/* Make sure the effective uid is that of the runasuser user. */
 bool ovdb_check_user(void)
 {
     struct passwd *p;
     static int result = -1;
 
     if(result == -1) {
-	p = getpwnam(NEWSUSER);
-	if(!p) {
-            syswarn("OVDB: getpwnam(" NEWSUSER ") failed");
-	    return false;
-	}
-	result = (p->pw_uid == geteuid());
+        int rv;
+        uid_t uid;
+        
+        rv = get_news_uid_gid(&uid, false, false);
+
+        if (rv != 0) {
+            syswarn("OVDB: can't resolve runasuser user to a UID");
+            return false;
+        }
+        result = (uid == geteuid());
     }
     return result;
 }
@@ -1632,7 +1636,7 @@
 	clientmode = 0;
     }
     if(!ovdb_check_user()) {
-        warn("OVDB: must be running as " NEWSUSER " to access overview");
+        warn("OVDB: must be running as runasuser user to access overview");
 	return false;
     }
     if(!ovdb_getlock(OVDB_LOCK_NORMAL)) {

Modified: storage/tradindexed/tdx-util.c
===================================================================
--- storage/tradindexed/tdx-util.c	2007-12-26 04:17:07 UTC (rev 7702)
+++ storage/tradindexed/tdx-util.c	2008-01-12 09:22:18 UTC (rev 7703)
@@ -12,19 +12,19 @@
 #include "clibrary.h"
 #include <ctype.h>
 #include <dirent.h>
-#include <pwd.h>
 #include <sys/stat.h>
 
 #include "inn/buffer.h"
+#include "inn/libinn.h"
 #include "inn/history.h"
 #include "inn/innconf.h"
 #include "inn/messages.h"
+#include "inn/newsuser.h"
+#include "inn/ov.h"
+#include "inn/paths.h"
 #include "inn/vector.h"
 #include "inn/wire.h"
-#include "inn/libinn.h"
-#include "inn/ov.h"
 #include "ovinterface.h"
-#include "inn/paths.h"
 #include "tdx-private.h"
 #include "tdx-structure.h"
 
@@ -384,27 +384,6 @@
 
 
 /*
-**  Change to the news user if possible, and if not, die.  Used for operations
-**  that may change the overview files so as not to mess up the ownership.
-*/
-static void
-setuid_news(void)
-{
-    struct passwd *pwd;
-
-    if (getenv("INN_TESTSUITE") != NULL)
-        return;
-    pwd = getpwnam(NEWSUSER);
-    if (pwd == NULL)
-        die("can't resolve %s to a UID (account doesn't exist?)", NEWSUSER);
-    if (getuid() == 0)
-        setuid(pwd->pw_uid);
-    if (getuid() != pwd->pw_uid)
-        die("must be run as %s", NEWSUSER);
-}
-
-
-/*
 **  Parse an article number or range, returning the low and high values in the
 **  provided arguments.  Returns true if the number or range was parsed
 **  successfully, false otherwise.  Allows such constructs as "-", "20-", or
@@ -539,15 +518,18 @@
         tdx_index_audit(false);
         break;
     case 'F':
-        setuid_news();
+        if (getenv("INN_TESTSUITE") == NULL)
+            ensure_news_user_grp(true, true);
         tdx_index_audit(true);
         break;
     case 'R':
-        setuid_news();
+        if (getenv("INN_TESTSUITE") == NULL)
+            ensure_news_user_grp(true, true);
         group_rebuild(newsgroup, path);
         break;
     case 'c':
-        setuid_news();
+        if (getenv("INN_TESTSUITE") == NULL)
+            ensure_news_user_grp(true, true);
         group_create(newsgroup, artlow, arthigh, flag);
         break;
     case 'i':



More information about the inn-committers mailing list