inn.conf: Support for `newsuser', `newsgrp' options (patch is, hopefully, included)

Julien ÉLIE julien at trigofacile.com
Fri Dec 21 20:15:35 UTC 2007


Hi Russ,

>> Looks like `ensure_news_user (0)' will fit there, like:
>
> ensure_news_user setuids to the news user, which is the wrong thing to do
> for innbind.  It needs to continue running as root and just needs to check
> that its real UID is the same as the news user (for security reasons).


Oh, you're right.
I have just adapted the patch to:

--- backends/innbind.c  (révision 7701)
+++ backends/innbind.c  (copie de travail)
@@ -9,15 +9,15 @@
 #include "clibrary.h"
 #include "portable/socket.h"
 #include <errno.h>
-#include <pwd.h>
 #ifdef HAVE_STREAMS_SENDFD
 # include <stropts.h>
 #endif
 #include <syslog.h>

+#include "inn/libinn.h"
 #include "inn/messages.h"
+#include "inn/newsuser.h"
 #include "inn/vector.h"
-#include "inn/libinn.h"

 /* Macros to set the len attribute of sockaddrs. */
 #if HAVE_STRUCT_SOCKADDR_SA_LEN
@@ -267,7 +267,7 @@
 main(int argc, char *argv[])
 {
     struct passwd *pwd;
-    uid_t real_uid;
+    uid_t real_uid, uid;
     int i;
     bool done;
     struct binding binding = { 0, 0, NULL, 0 };
@@ -281,17 +281,16 @@
     message_program_name = "innbind";

     /* If we're running privileged (effective and real UIDs are different),
-       convert NEWSUSER to a UID and exit if run by another user.  Don't do
+       convert newsuser to a UID and exit if run by another user.  Don't do
        this if we're not running privileged to make installations that don't
        need privileged ports easier and to make testing easier. */
     real_uid = getuid();
     if (real_uid != geteuid()) {
-        pwd = getpwnam(NEWSUSER);
-        if (pwd == NULL)
-            die("cannot get UID for %s", NEWSUSER);
-        if (real_uid != pwd->pw_uid)
-            die("must be run by user %s (%lu), not %lu", NEWSUSER,
-                (unsigned long) pwd->pw_uid, (unsigned long) real_uid);
+        get_news_uid_gid(&uid, 0, 1);
+        if (real_uid != uid) {
+            die("must be run by newsuser (%lu), not %lu",
+                (unsigned long) uid, (unsigned long) real_uid);
+        }
     }


And it works well !

-- 
Julien ÉLIE

« -- Comment s'appelle cette ville ?
  -- Divodurum.
  -- N'essaie pas de m'amadouer ! Non, je ne veux pas de rhum ! » (Astérix) 



More information about the inn-workers mailing list