1/* $NetBSD$ */ 2 3/*++ 4/* NAME 5/* set_eugid 3 6/* SUMMARY 7/* set effective user and group attributes 8/* SYNOPSIS 9/* #include <set_eugid.h> 10/* 11/* void set_eugid(euid, egid) 12/* uid_t euid; 13/* gid_t egid; 14/* 15/* void SAVE_AND_SET_EUGID(uid, gid) 16/* uid_t uid; 17/* gid_t gid; 18/* 19/* void RESTORE_SAVED_EUGID() 20/* DESCRIPTION 21/* set_eugid() sets the effective user and group process attributes 22/* and updates the process group access list to be just the specified 23/* effective group id. 24/* 25/* SAVE_AND_SET_EUGID() opens a block that executes with the 26/* specified privilege. RESTORE_SAVED_EUGID() closes the block. 27/* DIAGNOSTICS 28/* All system call errors are fatal. 29/* SEE ALSO 30/* seteuid(2), setegid(2), setgroups(2) 31/* LICENSE 32/* .ad 33/* .fi 34/* The Secure Mailer license must be distributed with this software. 35/* AUTHOR(S) 36/* Wietse Venema 37/* IBM T.J. Watson Research 38/* P.O. Box 704 39/* Yorktown Heights, NY 10598, USA 40/*--*/ 41 42/* System library. */ 43 44#include <sys_defs.h> 45#include <unistd.h> 46#include <grp.h> 47#include <errno.h> 48 49/* Utility library. */ 50 51#include "msg.h" 52#include "set_eugid.h" 53 54/* set_eugid - set effective user and group attributes */ 55 56void set_eugid(uid_t euid, gid_t egid) 57{ 58 int saved_errno = errno; 59 60 if (geteuid() != 0) 61 if (seteuid(0)) 62 msg_fatal("set_eugid: seteuid(0): %m"); 63 if (setegid(egid) < 0) 64 msg_fatal("set_eugid: setegid(%ld): %m", (long) egid); 65 if (setgroups(1, &egid) < 0) 66 msg_fatal("set_eugid: setgroups(%ld): %m", (long) egid); 67 if (euid != 0 && seteuid(euid) < 0) 68 msg_fatal("set_eugid: seteuid(%ld): %m", (long) euid); 69 if (msg_verbose) 70 msg_info("set_eugid: euid %ld egid %ld", (long) euid, (long) egid); 71 errno = saved_errno; 72} 73