obwrap - first release.

1997-12-15 11:41:21 +00:00 · 1997-12-15 11:41:21 +00:00 · 3dcbf25ac5
parent 3031a07735
commit 3dcbf25ac5
3 changed files with 111 additions and 0 deletions
--- a/obwrap/.vimrc
+++ b/obwrap/.vimrc
@ -0,0 +1,9 @@
+map [18~ :cp
+map [19~ :cn
+set autoindent
+set errorformat=%f:%l:%m
+set exrc
+set number
+set ruler
+set shiftwidth=4
+set textwidth=72
--- a/obwrap/GNUmakefile
+++ b/obwrap/GNUmakefile
@ -0,0 +1,8 @@
+include GNUmakerules
+
+all: obwrap
+
+errno:
+clean:
+	rm obwrap
+install: $(BINDIR)/obwrap
--- a/obwrap/obwrap.c
+++ b/obwrap/obwrap.c
@ -0,0 +1,94 @@
+char obwrap_c_rcsid[] = 
+	"$Id: ";
+/* obwrap - wrapper for omniback scripts 
+ *
+ * Omniback leaves a lot of file descriptors open when executing its
+ * pre- and post-backup scripts. This means that any program started
+ * from such a script (e.g., oracle) will have open file descriptors
+ * on /var/opt/omni, which is a bad thing.
+ * This program closes all file descriptors except stdin and stdout,
+ * changes uid (if -u is given) and executes the specified program.
+ */
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <pwd.h>
+#include <unistd.h>
+
+#define nonstderr stdout	/* Omniback bogosity */
+
+char *cmnd;
+
+void usage(void) {
+    fprintf(stderr, "Usage: %s [-u user] path arg0 ...\n", cmnd);
+    exit(1);
+}
+
+
+int main(int argc, char **argv) {
+    int i;
+    int c;
+    int open_max = sysconf(_SC_OPEN_MAX);
+
+    cmnd = argv[0];
+
+    while ((c = getopt(argc, argv, "u:")) != EOF) {
+	switch (c) {
+	    case 'u': {
+		char *p;
+		uid_t uid;
+		gid_t gid;
+
+		uid = strtol(optarg, &p, 0);
+		if (*p != '\0') {
+		    struct passwd *pwd = getpwnam(optarg);
+		    if (!pwd) {
+			fprintf(nonstderr, "%s: no user %s\n", cmnd, optarg);
+			exit(1);
+		    }
+		    initgroups(optarg, pwd->pw_gid);
+		    setresgid(pwd->pw_gid, pwd->pw_gid, pwd->pw_gid);
+		    if (getgid() != pwd->pw_gid) {
+			fprintf(nonstderr, "%s: could not set gid %d (still %d)\n", cmnd, pwd->pw_gid, getgid());
+			exit(1);
+		    }
+		    if (getegid() != pwd->pw_gid) {
+			fprintf(nonstderr, "%s: could not set egid %d (still %d)\n", cmnd, pwd->pw_gid, getgid());
+			exit(1);
+		    }
+		    uid = pwd->pw_uid;
+			
+		}
+		setresuid(uid, uid, uid);
+		if (getuid() != uid) {
+		    fprintf(nonstderr, "%s: could not set uid %d (still %d)\n", cmnd, uid, getuid());
+		    exit(1);
+		}
+		if (geteuid() != uid) {
+		    fprintf(nonstderr, "%s: could not set euid %d (still %d)\n", cmnd, uid, geteuid());
+		    exit(1);
+		}
+		break;
+	    }
+	    default:
+		usage();
+		
+	}
+    }
+    if (optind == argc) usage();
+
+    for (i = 2; i < open_max; i++) {
+	close(i);
+    }
+
+    dup2(1, 2);
+
+    execv(argv[optind], argv + optind + 1);
+    fprintf(nonstderr, "%s: could not exec %s: %s\n",
+    		cmnd, argv[optind], strerror(errno));
+    exit(1);
+
+
+    return 0;
+}