groot.cpp
Go to the documentation of this file.
1 //
2 // Copyright (C) 2001-2013 Graeme Walker <graeme_walker@users.sourceforge.net>
3 //
4 // This program is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // This program is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with this program. If not, see <http://www.gnu.org/licenses/>.
16 // ===
17 //
18 // groot.cpp
19 //
20 
21 #include "gdef.h"
22 #include "groot.h"
23 #include "gassert.h"
24 #include "gprocess.h"
25 #include "gdebug.h"
26 
27 G::Root * G::Root::m_this = NULL ;
28 bool G::Root::m_initialised = false ;
29 G::Identity G::Root::m_special( G::Identity::invalid() ) ;
30 G::Identity G::Root::m_nobody( G::Identity::invalid() ) ;
31 
32 G::Root::Root( bool change_group ) :
33  m_change_group(change_group)
34 {
35  if( m_this == NULL && m_initialised )
36  {
37  Process::beSpecial( m_special , m_change_group ) ;
38  m_this = this ;
39  }
40 }
41 
42 G::Root::~Root()
43 {
44  try
45  {
46  if( m_this == this && m_initialised )
47  {
48  m_this = NULL ;
49  Process::beOrdinary( m_nobody , m_change_group ) ;
50  }
51  }
52  catch( std::exception & e )
53  {
54  G_ERROR( "G::Root: cannot release root privileges: " << e.what() ) ;
55  }
56  catch(...)
57  {
58  G_ERROR( "G::Root: cannot release root privileges" ) ;
59  }
60 }
61 
62 G::Identity G::Root::start( SignalSafe safe )
63 {
64  if( !m_initialised ) return Identity::invalid() ;
65  return Process::beSpecial( safe , m_special , true ) ;
66 }
67 
68 void G::Root::stop( SignalSafe safe , Identity identity )
69 {
70  if( identity == Identity::invalid() ) return ;
71  Process::beOrdinary( safe , identity , true ) ;
72 }
73 
74 void G::Root::init( const std::string & nobody )
75 {
76  Process::revokeExtraGroups() ;
77  m_nobody = Identity(nobody) ;
78  m_special = Process::beOrdinary( SignalSafe() , m_nobody ) ;
79  m_initialised = true ;
80 }
81 
82 G::Identity G::Root::nobody()
83 {
84  return m_nobody ;
85 }
86 
G::Root::Root
Root(bool change_group=true)
Constructor.
Definition: groot.cpp:32
G::SignalSafe
An empty structure that is used to indicate a signal-safe, reentrant implementation.
Definition: gsignalsafe.h:35
G::Root::nobody
static Identity nobody()
Returns the 'nobody' identity.
Definition: groot.cpp:82
G::Identity::invalid
static Identity invalid()
Returns an invalid identity.
Definition: gidentity_unix.cpp:102
G::Identity
A very low-level interface to getpwnam() and the get/set/e/uid/gid functions.
Definition: gidentity.h:41
G::Root
A class which acquires the process's special privileges on construction and releases them on destruct...
Definition: groot.h:49
G::Root::start
static Identity start(SignalSafe)
A signal-safe alternative to construction.
Definition: groot.cpp:62
G::Root::stop
static void stop(SignalSafe, Identity)
A signal-safe alternative to destruction.
Definition: groot.cpp:68
G::Process::beOrdinary
static Identity beOrdinary(Identity nobody, bool change_group=true)
Revokes special privileges (root or suid).
Definition: gprocess_unix.cpp:154
G::Process::beSpecial
static Identity beSpecial(Identity special, bool change_group=true)
Re-acquires special privileges (either root or suid).
Definition: gprocess_unix.cpp:134
G_ERROR
#define G_ERROR(expr)
Definition: glog.h:108
G::Root::~Root
~Root()
Desctructor.
Definition: groot.cpp:42
G::Process::revokeExtraGroups
static void revokeExtraGroups()
Revokes secondary group memberships if really root or if suid.
Definition: gprocess_unix.cpp:125
G::Root::init
static void init(const std::string &nobody)
Initialises this class on process start-up by releasing root or suid privileges.
Definition: groot.cpp:74
Generated on Thu Jan 11 2018 00:25:33 for E-MailRelay by   doxygen 1.8.8