summaryrefslogtreecommitdiffstats
path: root/x11vnc/user.c
diff options
context:
space:
mode:
authorrunge <runge>2007-05-05 14:53:21 +0000
committerrunge <runge>2007-05-05 14:53:21 +0000
commit76d88e31114b5cc0f66f90e76eb9c734bbc9bf4b (patch)
treef73a4304be4d827eb62a9a7732563cc79391edaf /x11vnc/user.c
parent6378acecb04b2824179fea0ab168cbfcb960e70d (diff)
downloadlibtdevnc-76d88e31114b5cc0f66f90e76eb9c734bbc9bf4b.tar.gz
libtdevnc-76d88e31114b5cc0f66f90e76eb9c734bbc9bf4b.zip
x11vnc: add groups handling for -users mode.
Diffstat (limited to 'x11vnc/user.c')
-rw-r--r--x11vnc/user.c67
1 files changed, 64 insertions, 3 deletions
diff --git a/x11vnc/user.c b/x11vnc/user.c
index 25d818a..4fe39ce 100644
--- a/x11vnc/user.c
+++ b/x11vnc/user.c
@@ -237,7 +237,7 @@ static char **user_list(char *user_str) {
}
static void user2uid(char *user, uid_t *uid, gid_t *gid, char **name, char **home) {
- int numerical = 1;
+ int numerical = 1, gotgroup = 0;
char *q;
*uid = (uid_t) -1;
@@ -252,6 +252,46 @@ static void user2uid(char *user, uid_t *uid, gid_t *gid, char **name, char **hom
}
}
+ if (user2group != NULL) {
+ static int *did = NULL;
+ int i;
+
+ if (did == NULL) {
+ int n = 0;
+ i = 0;
+ while (user2group[i] != NULL) {
+ n++;
+ i++;
+ }
+ did = (int *) malloc((n+1) * sizeof(int));
+ i = 0;
+ for (i=0; i<n; i++) {
+ did[i] = 0;
+ }
+ }
+ i = 0;
+ while (user2group[i] != NULL) {
+ if (strstr(user2group[i], user) == user2group[i]) {
+ char *w = user2group[i] + strlen(user);
+ if (*w == '.') {
+ struct group* gr = getgrnam(++w);
+ if (! gr) {
+ rfbLog("Invalid group: %s\n", w);
+ clean_up_exit(1);
+ }
+ *gid = gr->gr_gid;
+ if (! did[i]) {
+ rfbLog("user2uid: using group %s (%d) for %s\n",
+ w, (int) *gid, user);
+ did[i] = 1;
+ }
+ gotgroup = 1;
+ }
+ }
+ i++;
+ }
+ }
+
if (numerical) {
int u = atoi(user);
@@ -271,7 +311,9 @@ static void user2uid(char *user, uid_t *uid, gid_t *gid, char **name, char **hom
}
if (pw) {
*uid = pw->pw_uid;
- *gid = pw->pw_gid;
+ if (! gotgroup) {
+ *gid = pw->pw_gid;
+ }
*name = pw->pw_name; /* n.b. use immediately */
*home = pw->pw_dir;
}
@@ -650,6 +692,7 @@ static int switch_user_env(uid_t uid, gid_t gid, char *name, char *home, int fb_
/* NO strtoks */
char *xauth;
int reset_fb = 0;
+ int grp_ok = 0;
#if !LIBVNCSERVER_HAVE_SETUID
return 0;
@@ -663,13 +706,31 @@ static int switch_user_env(uid_t uid, gid_t gid, char *name, char *home, int fb_
clean_shm(0);
free_tiles();
}
- if (setgid(gid) != 0) {
+#if LIBVNCSERVER_HAVE_INITGROUPS
+#if LIBVNCSERVER_HAVE_PWD_H
+ if (getpwuid(uid) != NULL && getenv("X11VNC_SINGLE_GROUP") == NULL) {
+ struct passwd *p = getpwuid(uid);
+ if (initgroups(p->pw_name, gid) == 0) {
+ grp_ok = 1;
+ } else {
+ rfbLogPerror("initgroups");
+ }
+ }
+#endif
+#endif
+ if (! grp_ok) {
+ if (setgid(gid) == 0) {
+ grp_ok = 1;
+ }
+ }
+ if (! grp_ok) {
if (reset_fb) {
/* 2 means we did clean_shm and free_tiles */
do_new_fb(2);
}
return 0;
}
+
if (setuid(uid) != 0) {
if (reset_fb) {
/* 2 means we did clean_shm and free_tiles */