httpd: add -u user[:grp] support

runit/Kbuild

@@ -5,4 +5,4 @@
 # Licensed under the GPL v2, see the file LICENSE in this tarball.
 
 lib-y:=
-lib-$(CONFIG_CHPST) += chpst.o uidgid.o
+lib-$(CONFIG_CHPST) += chpst.o

runit/chpst.c

@@ -1,16 +1,9 @@
 #include "busybox.h"
 
-#include <sys/types.h>
-#include <sys/resource.h>
-#include <grp.h>
-
-#include "uidgid.h"
-
-#include <sys/types.h>
 #include <dirent.h>
 
 static unsigned option_mask;
-// Must meatch constants in chpst_main!
+// Must match constants in chpst_main!
 #define OPT_verbose  (option_mask & 0x2000)
 #define OPT_pgrp     (option_mask & 0x4000)
 #define OPT_nostdin  (option_mask & 0x8000)
@@ -33,34 +26,27 @@ static long limitt = -2;
 static long nicelvl;
 static const char *root;
 
-static void suidgid(char *user, unsigned dogrp)
+static void suidgid(char *user)
 {
-	struct uidgid ugid;
+	struct bb_uidgid_t ugid;
 
-	if (!uidgid_get(&ugid, user, dogrp)) {
-		if (dogrp)
-			bb_error_msg_and_die("unknown user/group: %s", user);
-		else
-			bb_error_msg_and_die("unknown account: %s", user);
+	if (!uidgid_get(&ugid, user)) {
+		bb_error_msg_and_die("unknown user/group: %s", user);
 	}
-	if (setgroups(ugid.gids, ugid.gid) == -1)
+	if (setgroups(1, &ugid.gid) == -1)
 		bb_perror_msg_and_die("setgroups");
-	xsetgid(*ugid.gid);
+	xsetgid(ugid.gid);
 	xsetuid(ugid.uid);
 }
 
-static void euidgid(char *user, unsigned dogrp)
+static void euidgid(char *user)
 {
-	struct uidgid ugid;
+	struct bb_uidgid_t ugid;
 
-	if (!uidgid_get(&ugid, user, dogrp)) {
-		if (dogrp)
-			bb_error_msg_and_die("unknown user/group: %s", user);
-		else
-			bb_error_msg_and_die("unknown account: %s", user);
+	if (!uidgid_get(&ugid, user)) {
+		bb_error_msg_and_die("unknown user/group: %s", user);
 	}
-	//FIXME: ultoa needed here!
-	xsetenv("GID", utoa(*ugid.gid));
+	xsetenv("GID", utoa(ugid.gid));
 	xsetenv("UID", utoa(ugid.uid));
 }
 
@@ -276,8 +262,8 @@ int chpst_main(int argc, char **argv)
 		if (nice(nicelvl) == -1)
 			bb_perror_msg_and_die("nice");
 	}
-	if (env_user) euidgid(env_user, 1);
-	if (set_user) suidgid(set_user, 1);
+	if (env_user) euidgid(env_user);
+	if (set_user) suidgid(set_user);
 	if (OPT_nostdin) close(0);
 	if (OPT_nostdout) close(1);
 	if (OPT_nostderr) close(2);
@@ -292,7 +278,7 @@ static void setuidgid(int argc, char **argv)
 	account = *++argv;
 	if (!account) bb_show_usage();
 	if (!*++argv) bb_show_usage();
-	suidgid((char*)account, 0);
+	suidgid((char*)account);
 	execvp(argv[0], argv);
 	bb_perror_msg_and_die("exec %s", argv[0]);
 }
@@ -304,7 +290,7 @@ static void envuidgid(int argc, char **argv)
 	account = *++argv;
 	if (!account) bb_show_usage();
 	if (!*++argv) bb_show_usage();
-	euidgid((char*)account, 0);
+	euidgid((char*)account);
 	execvp(argv[0], argv);
 	bb_perror_msg_and_die("exec %s", argv[0]);
 }

runit/uidgid.c

@@ -1,63 +0,0 @@
-#include <sys/types.h>
-#include <pwd.h>
-#include <grp.h>
-#include "uidgid.h"
-
-static unsigned str_chr(const char *s, int c)
-{
-	const char *t = s;
-	while (t[0] && t[0] != (char)c)
-		t++;
-	return t - s;
-}
-
-
-unsigned uidgid_get(struct uidgid *u, char *ug, unsigned dogrp) {
-	char *g = 0;
-	struct passwd *pwd = 0;
-	struct group *gr = 0;
-	int i, d = 0;
-
-	if (dogrp)
-		d = str_chr(ug, ':');
-	if (ug[d] == ':') {
-		ug[d] = 0;
-		g = ug + d + 1;
-	}
-	pwd = getpwnam(ug);
-	if (!pwd) {
-		if (g) ug[d] = ':';
-		return 0;
-	}
-	if (g) {
-		ug[d] = ':';
-		for (i = 0; i < 60; ++i) {
-			d = str_chr(g, ':');
-			if (g[d] == ':') {
-				g[d] = 0;
-				gr = getgrnam(g);
-				if (!gr) {
-					g[d] = ':';
-					return 0;
-				}
-				g[d] = ':';
-				u->gid[i] = gr->gr_gid;
-				g += d+1;
-			}
-			else {
-				gr = getgrnam(g);
-				if (!gr) return 0;
-				u->gid[i++] = gr->gr_gid;
-				break;
-			}
-		}
-		u->gid[i] = 0;
-		u->gids = i;
-	}
-	if (!g) {
-		u->gid[0] = pwd->pw_gid;
-		u->gids = 1;
-	}
-	u->uid = pwd->pw_uid;
-	return 1;
-}

runit/uidgid.h

@@ -1,14 +0,0 @@
-#ifndef UIDGID_H
-#define UIDGID_H
-
-#include <sys/types.h>
-
-struct uidgid {
-	uid_t uid;
-	gid_t gid[61];
-	int gids;
-};
-
-extern unsigned uidgid_get(struct uidgid *, char *, unsigned);
-
-#endif