inetd: use change_identity().

libbb: shrink our internal initgroups().
httpd: remove stray 'else' and 'index_page = "index.html"'

function                                             old     new   delta
httpd_main                                           750     743      -7
inetd_main                                          2033    2011     -22
bb_internal_initgroups                               251     228     -23
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-52)             Total: -52 bytes
This commit is contained in:
Denis Vlasenko 2008-03-20 15:12:58 +00:00
parent c52248e41c
commit 9230582315
4 changed files with 18 additions and 30 deletions

View File

@ -35,7 +35,7 @@ void change_identity(const struct passwd *pw)
{ {
if (initgroups(pw->pw_name, pw->pw_gid) == -1) if (initgroups(pw->pw_name, pw->pw_gid) == -1)
bb_perror_msg_and_die("can't set groups"); bb_perror_msg_and_die("can't set groups");
endgrent(); /* ?? */ endgrent(); /* helps to close a fd used internally by libc */
xsetgid(pw->pw_gid); xsetgid(pw->pw_gid);
xsetuid(pw->pw_uid); xsetuid(pw->pw_uid);
} }

View File

@ -630,12 +630,11 @@ int initgroups(const char *user, gid_t gid)
char buff[PWD_BUFFER_SIZE]; char buff[PWD_BUFFER_SIZE];
rv = -1; rv = -1;
grfile = fopen(_PATH_GROUP, "r");
if (grfile != NULL) {
/* We alloc space for 8 gids at a time. */ /* We alloc space for 8 gids at a time. */
group_list = (gid_t *) malloc(8*sizeof(gid_t *)); group_list = xmalloc(8 * sizeof(gid_t *));
if (group_list
&& ((grfile = fopen(_PATH_GROUP, "r")) != NULL)
) {
*group_list = gid; *group_list = gid;
num_groups = 1; num_groups = 1;
@ -645,13 +644,8 @@ int initgroups(const char *user, gid_t gid)
for (m = group.gr_mem; *m; m++) { for (m = group.gr_mem; *m; m++) {
if (!strcmp(*m, user)) { if (!strcmp(*m, user)) {
if (!(num_groups & 7)) { if (!(num_groups & 7)) {
gid_t *tmp = (gid_t *) gid_t *tmp = xrealloc(group_list,
realloc(group_list, (num_groups+8) * sizeof(gid_t *));
(num_groups+8) * sizeof(gid_t *));
if (!tmp) {
rv = -1;
goto DO_CLOSE;
}
group_list = tmp; group_list = tmp;
} }
group_list[num_groups++] = group.gr_gid; group_list[num_groups++] = group.gr_gid;
@ -662,13 +656,10 @@ int initgroups(const char *user, gid_t gid)
} }
rv = setgroups(num_groups, group_list); rv = setgroups(num_groups, group_list);
DO_CLOSE: free(group_list);
fclose(grfile); fclose(grfile);
} }
/* group_list will be NULL if initial malloc failed, which may trigger
* warnings from various malloc debuggers. */
free(group_list);
return rv; return rv;
} }
@ -677,7 +668,7 @@ int putpwent(const struct passwd *__restrict p, FILE *__restrict f)
int rv = -1; int rv = -1;
if (!p || !f) { if (!p || !f) {
errno=EINVAL; errno = EINVAL;
} else { } else {
/* No extra thread locking is needed above what fprintf does. */ /* No extra thread locking is needed above what fprintf does. */
if (fprintf(f, "%s:%s:%lu:%lu:%s:%s:%s\n", if (fprintf(f, "%s:%s:%lu:%lu:%s:%s:%s\n",
@ -702,7 +693,7 @@ int putgrent(const struct group *__restrict p, FILE *__restrict f)
int rv = -1; int rv = -1;
if (!p || !f) { /* Sigh... glibc checks. */ if (!p || !f) { /* Sigh... glibc checks. */
errno=EINVAL; errno = EINVAL;
} else { } else {
if (fprintf(f, "%s:%s:%lu:", if (fprintf(f, "%s:%s:%lu:",
p->gr_name, p->gr_passwd, p->gr_name, p->gr_passwd,

View File

@ -2340,7 +2340,7 @@ int httpd_main(int argc ATTRIBUTE_UNUSED, char **argv)
#if ENABLE_FEATURE_HTTPD_SETUID #if ENABLE_FEATURE_HTTPD_SETUID
if (opt & OPT_SETUID) { if (opt & OPT_SETUID) {
if (!get_uidgid(&ugid, s_ugid, 1)) if (!get_uidgid(&ugid, s_ugid, 1))
bb_error_msg_and_die("unrecognized user[:group] " bb_error_msg_and_die("unknown user[:group] "
"name '%s'", s_ugid); "name '%s'", s_ugid);
} }
#endif #endif
@ -2389,10 +2389,8 @@ int httpd_main(int argc ATTRIBUTE_UNUSED, char **argv)
#if ENABLE_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP #if ENABLE_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP
if (!(opt & OPT_INETD)) if (!(opt & OPT_INETD))
sighup_handler(0); sighup_handler(0);
else /* do not install HUP handler in inetd mode */
#endif #endif
index_page = "index.html"; parse_conf(default_path_httpd_conf, FIRST_PARSE);
parse_conf(default_path_httpd_conf, FIRST_PARSE);
xfunc_error_retval = 0; xfunc_error_retval = 0;
if (opt & OPT_INETD) if (opt & OPT_INETD)

View File

@ -142,15 +142,15 @@
/* Here's the scoop concerning the user[:group] feature: /* Here's the scoop concerning the user[:group] feature:
* 1) group is not specified: * 1) group is not specified:
* a) user = root: NO setuid() or setgid() is done * a) user = root: NO setuid() or setgid() is done
* b) other: setgid(primary group as found in passwd) * b) other: initgroups(name, primary group)
* initgroups(name, primary group) * setgid(primary group as found in passwd)
* setuid() * setuid()
* 2) group is specified: * 2) group is specified:
* a) user = root: setgid(specified group) * a) user = root: setgid(specified group)
* NO initgroups() * NO initgroups()
* NO setuid() * NO setuid()
* b) other: setgid(specified group) * b) other: initgroups(name, specified group)
* initgroups(name, specified group) * setgid(specified group)
* setuid() * setuid()
*/ */
@ -1383,9 +1383,8 @@ int inetd_main(int argc ATTRIBUTE_UNUSED, char **argv)
if (pwd->pw_uid) { if (pwd->pw_uid) {
if (sep->se_group) if (sep->se_group)
pwd->pw_gid = grp->gr_gid; pwd->pw_gid = grp->gr_gid;
xsetgid(pwd->pw_gid); /* initgroups, setgid, setuid: */
initgroups(pwd->pw_name, pwd->pw_gid); change_identity(pwd);
xsetuid(pwd->pw_uid);
} else if (sep->se_group) { } else if (sep->se_group) {
xsetgid(grp->gr_gid); xsetgid(grp->gr_gid);
setgroups(1, &grp->gr_gid); setgroups(1, &grp->gr_gid);