1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
#include <my_global.h>
#include <m_string.h>
#include <my_sys.h>
#include <my_pthread.h>
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
#ifdef HAVE_GRP_H
#include <grp.h>
#endif
struct passwd *my_check_user(const char *user, myf MyFlags)
{
struct passwd *user_info;
uid_t user_id= geteuid();
DBUG_ENTER("my_check_user");
// Don't bother if we aren't superuser
if (user_id)
{
if (user)
{
/* Don't give a warning, if real user is same as given with --user */
user_info= getpwnam(user);
if (!user_info || user_id != user_info->pw_uid)
{
my_errno= EPERM;
if (MyFlags & MY_WME)
my_printf_error(my_errno, "One can only use the --user switch if "
"running as root", MYF(ME_WARNING|ME_ERROR_LOG));
}
}
DBUG_RETURN(NULL);
}
if (!user)
{
if (MyFlags & MY_FAE)
{
my_errno= EINVAL;
my_printf_error(my_errno, "Please consult the Knowledge Base to find "
"out how to run mysqld as root!", MYF(ME_ERROR_LOG));
}
DBUG_RETURN(NULL);
}
if (!strcmp(user,"root"))
DBUG_RETURN(NULL);
if (!(user_info= getpwnam(user)))
{
// Allow a numeric uid to be used
int err= 0;
user_id= my_strtoll10(user, NULL, &err);
if (err || !(user_info= getpwuid(user_id)))
{
my_errno= EINVAL;
my_printf_error(my_errno, "Can't change to run as user '%s'. Please "
"check that the user exists!", MYF(ME_ERROR_LOG), user);
DBUG_RETURN(NULL);
}
}
DBUG_ASSERT(user_info);
DBUG_RETURN(user_info);
}
int my_set_user(const char *user, struct passwd *user_info, myf MyFlags)
{
DBUG_ENTER("my_set_user");
DBUG_ASSERT(user_info != 0);
#ifdef HAVE_INITGROUPS
initgroups(user, user_info->pw_gid);
#endif
if (setgid(user_info->pw_gid) == -1 || setuid(user_info->pw_uid) == -1)
{
my_errno= errno;
if (MyFlags & MY_WME)
my_printf_error(errno, "Cannot change uid/gid (errno: %d)", MYF(ME_ERROR_LOG),
errno);
DBUG_RETURN(my_errno);
}
DBUG_RETURN(0);
}
|