diff options
| -rw-r--r-- | clientserver.c | 52 | ||||
| -rw-r--r-- | main.c | 5 | ||||
| -rw-r--r-- | uidlist.c | 66 | ||||
| -rw-r--r-- | util.c | 32 |
4 files changed, 89 insertions, 66 deletions
diff --git a/clientserver.c b/clientserver.c index d3bcb2d7..496a6ab4 100644 --- a/clientserver.c +++ b/clientserver.c @@ -432,46 +432,33 @@ static int add_a_group(int f_out, const char *gname) return 0; } +#ifdef HAVE_GETGROUPLIST +static int want_all_groups(int f_out, uid_t uid) +{ + const char *err; + gid_count = MAX_GID_LIST; + if ((err = getallgroups(uid, gid_list, &gid_count)) != NULL) { + rsyserr(FLOG, errno, "%s", err); + io_printf(f_out, "@ERROR: %s\n", err); + return -1; + } + return 0; +} +#elif defined HAVE_INITGROUPS static struct passwd *want_all_groups(int f_out, uid_t uid) { -#if defined HAVE_GETGROUPLIST || defined HAVE_INITGROUPS struct passwd *pw; if ((pw = getpwuid(uid)) == NULL) { rsyserr(FLOG, errno, "getpwuid failed"); io_printf(f_out, "@ERROR: getpwuid failed\n"); return NULL; } -# ifdef HAVE_GETGROUPLIST - /* Get all the process's groups, with the pw_gid group first. */ - gid_count = MAX_GID_LIST; - if (getgrouplist(pw->pw_name, pw->pw_gid, gid_list, &gid_count) < 0) { - rsyserr(FLOG, errno, "getgrouplist failed"); - io_printf(f_out, "@ERROR: getgrouplist failed\n"); - return NULL; - } - /* Paranoia: is the default group not first in the list? */ - if (gid_list[0] != pw->pw_gid) { - int j; - for (j = 0; j < gid_count; j++) { - if (gid_list[j] == pw->pw_gid) { - gid_list[j] = gid_list[0]; - gid_list[0] = pw->pw_gid; - break; - } - } - } -# else /* Start with the default group and initgroups() will add the reset. */ gid_count = 1; gid_list[0] = pw->pw_gid; -# endif return pw; -#else - rprintf(FLOG, "This rsync does not support a gid of \"*\"\n"); - io_printf(f_out, "@ERROR: invalid gid setting.\n"); - return NULL; -#endif } +#endif static void set_env_str(const char *var, const char *str) { @@ -498,7 +485,9 @@ static int rsync_module(int f_in, int f_out, int i, const char *addr, const char int argc; char **argv, **orig_argv, **orig_early_argv, *module_chdir; char line[BIGPATHBUFLEN]; +#if defined HAVE_INITGROUPS && !defined HAVE_GETGROUPLIST struct passwd *pw = NULL; +#endif uid_t uid; int set_uid; char *p, *err_msg = NULL; @@ -595,8 +584,17 @@ static int rsync_module(int f_in, int f_out, int i, const char *addr, const char if (p) { /* The "*" gid must be the first item in the list. */ if (strcmp(p, "*") == 0) { +#ifdef HAVE_GETGROUPLIST + if (want_all_groups(f_out, uid) < 0) + return -1; +#elif defined HAVE_INITGROUPS if ((pw = want_all_groups(f_out, uid)) == NULL) return -1; +#else + rprintf(FLOG, "This rsync does not support a gid of \"*\"\n"); + io_printf(f_out, "@ERROR: invalid gid setting.\n"); + return -1; +#endif } else if (add_a_group(f_out, p) < 0) return -1; while ((p = strtok(NULL, ", ")) != NULL) { @@ -43,6 +43,7 @@ extern int kluge_around_eof; extern int got_xfer_error; extern int msgs2stderr; extern int module_id; +extern int read_only; extern int copy_links; extern int copy_dirlinks; extern int copy_unsafe_links; @@ -764,7 +765,7 @@ static void do_server_sender(int f_in, int f_out, int argc, char *argv[]) exit_cleanup(RERR_SYNTAX); return; } - if (am_daemon && lp_read_only(module_id) && remove_source_files) { + if (am_daemon && read_only && remove_source_files) { rprintf(FERROR, "ERROR: --remove-%s-files cannot be used with a read-only module\n", remove_source_files == 1 ? "source" : "sent"); @@ -950,7 +951,7 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[]) argc, (long)getpid()); } - if (am_daemon && lp_read_only(module_id)) { + if (am_daemon && read_only) { rprintf(FERROR,"ERROR: module is read only\n"); exit_cleanup(RERR_SYNTAX); return; @@ -74,7 +74,7 @@ static struct idlist *add_to_list(struct idlist **root, id_t id, const char *nam } /* turn a uid into a user name */ -static const char *uid_to_name(uid_t uid) +char *uid_to_user(uid_t uid) { struct passwd *pass = getpwuid(uid); if (pass) @@ -83,7 +83,7 @@ static const char *uid_to_name(uid_t uid) } /* turn a gid into a group name */ -static const char *gid_to_name(gid_t gid) +char *gid_to_group(gid_t gid) { struct group *grp = getgrgid(gid); if (grp) @@ -91,6 +91,38 @@ static const char *gid_to_name(gid_t gid) return NULL; } +/* Parse a user name or (optionally) a number into a uid */ +int user_to_uid(const char *name, uid_t *uid_p, BOOL num_ok) +{ + struct passwd *pass; + if (!name || !*name) + return 0; + if (num_ok && name[strspn(name, "0123456789")] == '\0') { + *uid_p = atol(name); + return 1; + } + if (!(pass = getpwnam(name))) + return 0; + *uid_p = pass->pw_uid; + return 1; +} + +/* Parse a group name or (optionally) a number into a gid */ +int group_to_gid(const char *name, gid_t *gid_p, BOOL num_ok) +{ + struct group *grp; + if (!name || !*name) + return 0; + if (num_ok && name[strspn(name, "0123456789")] == '\0') { + *gid_p = atol(name); + return 1; + } + if (!(grp = getgrnam(name))) + return 0; + *gid_p = grp->gr_gid; + return 1; +} + static int is_in_group(gid_t gid) { #ifdef HAVE_GETGROUPS @@ -253,7 +285,7 @@ const char *add_uid(uid_t uid) return NULL; } - node = add_to_list(&uidlist, uid, uid_to_name(uid), 0, 0); + node = add_to_list(&uidlist, uid, uid_to_user(uid), 0, 0); return node->name; } @@ -271,7 +303,7 @@ const char *add_gid(gid_t gid) return NULL; } - node = add_to_list(&gidlist, gid, gid_to_name(gid), 0, 0); + node = add_to_list(&gidlist, gid, gid_to_group(gid), 0, 0); return node->name; } @@ -457,5 +489,29 @@ void parse_name_map(char *map, BOOL usernames) /* The 0 user/group doesn't get its name sent, so add it explicitly. */ recv_add_id(idlist_ptr, *idmap_ptr, 0, - numeric_ids ? NULL : usernames ? uid_to_name(0) : gid_to_name(0)); + numeric_ids ? NULL : usernames ? uid_to_user(0) : gid_to_group(0)); } + +#ifdef HAVE_GETGROUPLIST +const char *getallgroups(uid_t uid, gid_t *gid_list, int *size_ptr) +{ + struct passwd *pw; + if ((pw = getpwuid(uid)) == NULL) + return "getpwuid failed"; + /* Get all the process's groups, with the pw_gid group first. */ + if (getgrouplist(pw->pw_name, pw->pw_gid, gid_list, size_ptr) < 0) + return "getgrouplist failed"; + /* Paranoia: is the default group not first in the list? */ + if (gid_list[0] != pw->pw_gid) { + int j; + for (j = 0; j < *size_ptr; j++) { + if (gid_list[j] == pw->pw_gid) { + gid_list[j] = gid_list[0]; + gid_list[0] = pw->pw_gid; + break; + } + } + } + return NULL; +} +#endif @@ -542,38 +542,6 @@ void kill_all(int sig) } } -/* Parse a user name or (optionally) a number into a uid */ -int user_to_uid(const char *name, uid_t *uid_p, BOOL num_ok) -{ - struct passwd *pass; - if (!name || !*name) - return 0; - if (num_ok && name[strspn(name, "0123456789")] == '\0') { - *uid_p = atol(name); - return 1; - } - if (!(pass = getpwnam(name))) - return 0; - *uid_p = pass->pw_uid; - return 1; -} - -/* Parse a group name or (optionally) a number into a gid */ -int group_to_gid(const char *name, gid_t *gid_p, BOOL num_ok) -{ - struct group *grp; - if (!name || !*name) - return 0; - if (num_ok && name[strspn(name, "0123456789")] == '\0') { - *gid_p = atol(name); - return 1; - } - if (!(grp = getgrnam(name))) - return 0; - *gid_p = grp->gr_gid; - return 1; -} - /** Lock a byte range in a open file */ int lock_range(int fd, int offset, int len) { |