Commit | Line | Data |
---|---|---|
0a654ec0 TJ |
1 | /*************************************************************************** |
2 | * Copyright (C) 2008 by Intra2net AG - Thomas Jarosch * | |
3 | * thomas.jarosch@intra2net.com * | |
4 | * http://www.intra2net.com * | |
5 | ***************************************************************************/ | |
6 | #include <sys/types.h> | |
7 | #include <unistd.h> | |
8 | #include <pwd.h> | |
9 | #include <grp.h> | |
10 | ||
11 | #include <string> | |
12 | #include <stdexcept> | |
13 | #include "daemonfunc.hxx" | |
14 | ||
15 | using namespace std; | |
16 | ||
17 | /** | |
18 | * Fork into the background. | |
19 | */ | |
20 | void daemon::daemonize() | |
21 | { | |
22 | int pid=fork(); | |
23 | ||
24 | if (pid < 0) | |
25 | { | |
26 | throw runtime_error("fork() failed"); | |
27 | } | |
28 | if (pid > 0) | |
29 | { | |
30 | // parent process | |
31 | exit (0); | |
32 | } | |
33 | // pid==0 -> child process: continue | |
34 | } | |
35 | ||
36 | /** | |
37 | * Lookup uid for given username | |
38 | * @param username username to convert | |
39 | * @return uid of the user | |
40 | */ | |
41 | uid_t daemon::lookup_uid(const std::string &username) | |
42 | { | |
43 | struct passwd *user = getpwnam(username.c_str()); | |
44 | if (user == NULL) { | |
45 | throw runtime_error("user " + username + " not found"); | |
46 | } | |
47 | ||
48 | return user->pw_uid; | |
49 | } | |
50 | ||
51 | /** | |
52 | * Lookup gid for given group | |
53 | * @param group group to convert | |
54 | * @return gid of the group | |
55 | */ | |
56 | gid_t daemon::lookup_gid(const std::string &group) | |
57 | { | |
58 | struct group *my_group = getgrnam(group.c_str()); | |
59 | if (my_group == NULL) { | |
60 | throw runtime_error("group " + group + " not found"); | |
61 | } | |
62 | ||
63 | return my_group->gr_gid; | |
64 | } | |
65 | ||
66 | /** | |
09684efc | 67 | * Drop root privileges |
0a654ec0 TJ |
68 | * @param username User to become. Don't change user if empty |
69 | * @param group Group to become. Don't change group if empty | |
70 | */ | |
09684efc | 71 | void daemon::drop_root_privileges(const std::string &username, |
0a654ec0 TJ |
72 | const std::string &group) |
73 | { | |
74 | if (!group.empty()) { | |
75 | if (setgid(daemon::lookup_gid(group))) { | |
76 | throw runtime_error("Can't change to group " + group); | |
77 | } | |
78 | } | |
79 | ||
80 | if (!username.empty()) { | |
81 | if (setuid(daemon::lookup_uid(username))) { | |
82 | throw runtime_error("Can't change to user " + username); | |
83 | } | |
84 | } | |
85 | } |