X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=common-src%2Fpipespawn.c;h=3574acc05cca24b248195a09462bf81f7ed778f4;hb=8eb7e8e19f1373f6be7f1f7837b997748ce31d0e;hp=16fd67cdda4dfc916cd0e3dc71ec8bd8001049dc;hpb=e442edb4d5816c4ad107ad9e71164f845eba70ad;p=debian%2Famanda

diff --git a/common-src/pipespawn.c b/common-src/pipespawn.c
index 16fd67c..3574acc 100644
--- a/common-src/pipespawn.c
+++ b/common-src/pipespawn.c
@@ -6,7 +6,7 @@
 
 char skip_argument[1];
 
-pid_t pipespawnv_passwd(char *prog, int pipedef,
+pid_t pipespawnv_passwd(char *prog, int pipedef, int need_root,
                   int *stdinfd, int *stdoutfd, int *stderrfd,
                   char **my_argv);
 
@@ -19,6 +19,7 @@ pid_t
 pipespawn(
     char *	prog,
     int		pipedef,
+    int         need_root,
     int *	stdinfd,
     int *	stdoutfd,
     int *	stderrfd,
@@ -49,7 +50,8 @@ pipespawn(
     }
     arglist_end(ap);
 
-    pid = pipespawnv_passwd(prog, pipedef, stdinfd, stdoutfd, stderrfd, argv);
+    pid = pipespawnv_passwd(prog, pipedef, need_root,
+			    stdinfd, stdoutfd, stderrfd, argv);
     amfree(argv);
     return pid;
 }
@@ -58,12 +60,14 @@ pid_t
 pipespawnv(
     char *	prog,
     int		pipedef,
+    int		need_root,
     int *	stdinfd,
     int *	stdoutfd,
     int *	stderrfd,
     char **	my_argv)
 {
-    return pipespawnv_passwd(prog, pipedef, stdinfd, stdoutfd, stderrfd,
+    return pipespawnv_passwd(prog, pipedef, need_root,
+			     stdinfd, stdoutfd, stderrfd,
 	my_argv);
 }
 
@@ -71,12 +75,12 @@ pid_t
 pipespawnv_passwd(
     char *	prog,
     int		pipedef,
+    int		need_root,
     int *	stdinfd,
     int *	stdoutfd,
     int *	stderrfd,
     char **	my_argv)
 {
-    int argc;
     pid_t pid;
     int i, inpipe[2], outpipe[2], errpipe[2], passwdpipe[2];
     char number[NUM_STR_SIZE];
@@ -100,12 +104,10 @@ pipespawnv_passwd(
     memset(outpipe, -1, SIZEOF(outpipe));
     memset(errpipe, -1, SIZEOF(errpipe));
     memset(passwdpipe, -1, SIZEOF(passwdpipe));
-    argc = 0;
 
     cmdline = stralloc(prog);
     for(arg = my_argv; *arg != NULL; arg++) {
 	if (*arg != skip_argument) {
-	    argc++;
 	    quoted = quote_string(*arg);
 	    cmdline = vstrextend(&cmdline, " ", quoted, NULL);
 	    amfree(quoted);
@@ -169,6 +171,7 @@ pipespawnv_passwd(
 	}
 	break;
     case 0:		/* child process */
+	debug_dup_stderr_to_debug();
 	if ((pipedef & STDIN_PIPE) != 0) {
 	    aclose(inpipe[1]);		/* close output side of pipe */
 	} else {
@@ -192,15 +195,18 @@ pipespawnv_passwd(
 	 * Shift the pipes to the standard file descriptors as requested.
 	 */
 	if(dup2(inpipe[0], 0) == -1) {
-	    error(_("error [spawn %s: dup2 in: %s]"), prog, strerror(errno));
+	    g_fprintf(stderr, "error [spawn %s: dup2 in: %s]", prog, strerror(errno));
+	    exit(1);
 	    /*NOTREACHED*/
 	}
 	if(dup2(outpipe[1], 1) == -1) {
-	    error(_("error [spawn %s: dup2 out: %s]"), prog, strerror(errno));
+	    g_fprintf(stderr, "error [spawn %s: dup2 out: %s]", prog, strerror(errno));
+	    exit(1);
 	    /*NOTREACHED*/
 	}
 	if(dup2(errpipe[1], 2) == -1) {
-	    error(_("error [spawn %s: dup2 err: %s]"), prog, strerror(errno));
+	    g_fprintf(stderr, "error [spawn %s: dup2 err: %s]", prog, strerror(errno));
+	    exit(1);
 	    /*NOTREACHED*/
 	}
 
@@ -225,6 +231,16 @@ pipespawnv_passwd(
 	    safe_fd(-1, 0);
 	}
 
+	if (need_root) {
+	    become_root();
+	} else {
+	    /* if our real userid is zero, the child shouldn't inherit
+	     * that, so drop privs permanently */
+	    if (getuid() == 0 && !set_root_privs(-1)) {
+		error(_("could not drop root privileges"));
+	    }
+	}
+
 	execve(prog, my_argv, env);
 	e = strerror(errno);
 	error(_("error [exec %s: %s]"), prog, e);