diff options
author | snowball <snowball@yandex-team.ru> | 2022-02-10 16:46:32 +0300 |
---|---|---|
committer | Daniil Cherednik <dcherednik@yandex-team.ru> | 2022-02-10 16:46:32 +0300 |
commit | 83a8efcf3af051e3dd59c00d1d5dafc96412ec1e (patch) | |
tree | 1a2c5ffcf89eb53ecd79dbc9bc0a195c27404d0c /util/system/shellcommand.cpp | |
parent | 4d57126b1bae3cfd0f4f95c32d1a85ca684ee92c (diff) | |
download | ydb-83a8efcf3af051e3dd59c00d1d5dafc96412ec1e.tar.gz |
Restoring authorship annotation for <snowball@yandex-team.ru>. Commit 2 of 2.
Diffstat (limited to 'util/system/shellcommand.cpp')
-rw-r--r-- | util/system/shellcommand.cpp | 46 |
1 files changed, 23 insertions, 23 deletions
diff --git a/util/system/shellcommand.cpp b/util/system/shellcommand.cpp index d071d8a4b3..b1989b5c8c 100644 --- a/util/system/shellcommand.cpp +++ b/util/system/shellcommand.cpp @@ -28,11 +28,11 @@ using TPid = pid_t; using TWaitResult = pid_t; using TExitStatus = int; #define WAIT_PROCEED 0 - + #if defined(_darwin_) -using TGetGroupListGid = int; +using TGetGroupListGid = int; #else -using TGetGroupListGid = gid_t; +using TGetGroupListGid = gid_t; #endif #elif defined(_win_) #include <string> @@ -57,31 +57,31 @@ namespace { constexpr static size_t DATA_BUFFER_SIZE = 128 * 1024; #if defined(_unix_) - void SetUserGroups(const passwd* pw) { - int ngroups = 1; + void SetUserGroups(const passwd* pw) { + int ngroups = 1; THolder<gid_t, TFree> groups = THolder<gid_t, TFree>(static_cast<gid_t*>(malloc(ngroups * sizeof(gid_t)))); - if (getgrouplist(pw->pw_name, pw->pw_gid, reinterpret_cast<TGetGroupListGid*>(groups.Get()), &ngroups) == -1) { - groups.Reset(static_cast<gid_t*>(malloc(ngroups * sizeof(gid_t)))); - if (getgrouplist(pw->pw_name, pw->pw_gid, reinterpret_cast<TGetGroupListGid*>(groups.Get()), &ngroups) == -1) { - ythrow TSystemError() << "getgrouplist failed: user " << pw->pw_name << " (" << pw->pw_uid << ")"; - } - } - if (setgroups(ngroups, groups.Get()) == -1) { - ythrow TSystemError(errno) << "Unable to set groups for user " << pw->pw_name << Endl; - } - } - - void ImpersonateUser(const TShellCommandOptions::TUserOptions& userOpts) { - if (GetUsername() == userOpts.Name) { + if (getgrouplist(pw->pw_name, pw->pw_gid, reinterpret_cast<TGetGroupListGid*>(groups.Get()), &ngroups) == -1) { + groups.Reset(static_cast<gid_t*>(malloc(ngroups * sizeof(gid_t)))); + if (getgrouplist(pw->pw_name, pw->pw_gid, reinterpret_cast<TGetGroupListGid*>(groups.Get()), &ngroups) == -1) { + ythrow TSystemError() << "getgrouplist failed: user " << pw->pw_name << " (" << pw->pw_uid << ")"; + } + } + if (setgroups(ngroups, groups.Get()) == -1) { + ythrow TSystemError(errno) << "Unable to set groups for user " << pw->pw_name << Endl; + } + } + + void ImpersonateUser(const TShellCommandOptions::TUserOptions& userOpts) { + if (GetUsername() == userOpts.Name) { return; } - const passwd* newUser = getpwnam(userOpts.Name.c_str()); + const passwd* newUser = getpwnam(userOpts.Name.c_str()); if (!newUser) { ythrow TSystemError(errno) << "getpwnam failed"; } - if (userOpts.UseUserGroups) { - SetUserGroups(newUser); - } + if (userOpts.UseUserGroups) { + SetUserGroups(newUser); + } if (setuid(newUser->pw_uid)) { ythrow TSystemError(errno) << "setuid failed"; } @@ -727,7 +727,7 @@ void TShellCommand::TImpl::OnFork(TPipes& pipes, sigset_t oldmask, char* const* } if (!User.Name.empty()) { - ImpersonateUser(User); + ImpersonateUser(User); } if (Nice) { |