Imported Upstream version 3.3.1

[debian/amanda] / common-src / pipespawn.c

diff --git a/common-src/pipespawn.c b/common-src/pipespawn.c
index 16fd67cdda4dfc916cd0e3dc71ec8bd8001049dc..3574acc05cca24b248195a09462bf81f7ed778f4 100644 (file)
--- a/common-src/pipespawn.c
+++ b/common-src/pipespawn.c
@@ -6,7 +6,7 @@
 
 char skip_argument[1];
 
-pid_t pipespawnv_passwd(char *prog, int pipedef,
+pid_t pipespawnv_passwd(char *prog, int pipedef, int need_root,
                   int *stdinfd, int *stdoutfd, int *stderrfd,
                   char **my_argv);
 
@@ -19,6 +19,7 @@ pid_t
 pipespawn(
     char *     prog,
     int                pipedef,
+    int         need_root,
     int *      stdinfd,
     int *      stdoutfd,
     int *      stderrfd,
@@ -49,7 +50,8 @@ pipespawn(
     }
     arglist_end(ap);
 
-    pid = pipespawnv_passwd(prog, pipedef, stdinfd, stdoutfd, stderrfd, argv);
+    pid = pipespawnv_passwd(prog, pipedef, need_root,
+                           stdinfd, stdoutfd, stderrfd, argv);
     amfree(argv);
     return pid;
 }
@@ -58,12 +60,14 @@ pid_t
 pipespawnv(
     char *     prog,
     int                pipedef,
+    int                need_root,
     int *      stdinfd,
     int *      stdoutfd,
     int *      stderrfd,
     char **    my_argv)
 {
-    return pipespawnv_passwd(prog, pipedef, stdinfd, stdoutfd, stderrfd,
+    return pipespawnv_passwd(prog, pipedef, need_root,
+                            stdinfd, stdoutfd, stderrfd,
        my_argv);
 }
 
@@ -71,12 +75,12 @@ pid_t
 pipespawnv_passwd(
     char *     prog,
     int                pipedef,
+    int                need_root,
     int *      stdinfd,
     int *      stdoutfd,
     int *      stderrfd,
     char **    my_argv)
 {
-    int argc;
     pid_t pid;
     int i, inpipe[2], outpipe[2], errpipe[2], passwdpipe[2];
     char number[NUM_STR_SIZE];
@@ -100,12 +104,10 @@ pipespawnv_passwd(
     memset(outpipe, -1, SIZEOF(outpipe));
     memset(errpipe, -1, SIZEOF(errpipe));
     memset(passwdpipe, -1, SIZEOF(passwdpipe));
-    argc = 0;
 
     cmdline = stralloc(prog);
     for(arg = my_argv; *arg != NULL; arg++) {
        if (*arg != skip_argument) {
-           argc++;
            quoted = quote_string(*arg);
            cmdline = vstrextend(&cmdline, " ", quoted, NULL);
            amfree(quoted);
@@ -169,6 +171,7 @@ pipespawnv_passwd(
        }
        break;
     case 0:            /* child process */
+       debug_dup_stderr_to_debug();
        if ((pipedef & STDIN_PIPE) != 0) {
            aclose(inpipe[1]);          /* close output side of pipe */
        } else {
@@ -192,15 +195,18 @@ pipespawnv_passwd(
         * Shift the pipes to the standard file descriptors as requested.
         */
        if(dup2(inpipe[0], 0) == -1) {
-           error(_("error [spawn %s: dup2 in: %s]"), prog, strerror(errno));
+           g_fprintf(stderr, "error [spawn %s: dup2 in: %s]", prog, strerror(errno));
+           exit(1);
            /*NOTREACHED*/
        }
        if(dup2(outpipe[1], 1) == -1) {
-           error(_("error [spawn %s: dup2 out: %s]"), prog, strerror(errno));
+           g_fprintf(stderr, "error [spawn %s: dup2 out: %s]", prog, strerror(errno));
+           exit(1);
            /*NOTREACHED*/
        }
        if(dup2(errpipe[1], 2) == -1) {
-           error(_("error [spawn %s: dup2 err: %s]"), prog, strerror(errno));
+           g_fprintf(stderr, "error [spawn %s: dup2 err: %s]", prog, strerror(errno));
+           exit(1);
            /*NOTREACHED*/
        }
 
@@ -225,6 +231,16 @@ pipespawnv_passwd(
            safe_fd(-1, 0);
        }
 
+       if (need_root) {
+           become_root();
+       } else {
+           /* if our real userid is zero, the child shouldn't inherit
+            * that, so drop privs permanently */
+           if (getuid() == 0 && !set_root_privs(-1)) {
+               error(_("could not drop root privileges"));
+           }
+       }
+
        execve(prog, my_argv, env);
        e = strerror(errno);
        error(_("error [exec %s: %s]"), prog, e);