3
Copyright (c) 2011 Canonical, Ltd.
8
#include <sys/resource.h>
19
int main(int argc, char *argv[], char *envp[])
21
char *apt_argv[] = {"/usr/bin/apt-get", "-q", "update", NULL};
22
char *apt_envp[] = {"PATH=/bin:/usr/bin", NULL, NULL};
24
// Set the HOME environment variable
25
struct passwd *pwd = getpwuid(geteuid());
27
fprintf(stderr, "error: Unable to find passwd entry for uid %d (%s)\n",
28
geteuid(), strerror(errno));
31
if (asprintf(&apt_envp[1], "HOME=%s", pwd->pw_dir) == -1) {
32
perror("error: Unable to create HOME environment variable");
36
// Drop any supplementary group
37
if (setgroups(0, NULL) == -1) {
38
perror("error: Unable to set supplementary groups IDs");
42
// Set real/effective gid and uid
43
if (setregid(pwd->pw_gid, pwd->pw_gid) == -1) {
44
fprintf(stderr, "error: Unable to set real and effective gid (%s)\n",
48
if (setreuid(pwd->pw_uid, pwd->pw_uid) == -1) {
49
perror("error: Unable to set real and effective uid");
53
// Close all file descriptors except the standard ones
55
if (getrlimit(RLIMIT_NOFILE, &rlp) == -1) {
56
perror("error: Unable to determine file descriptor limits");
60
if (rlp.rlim_max == RLIM_INFINITY || rlp.rlim_max > 4096)
63
file_max = rlp.rlim_max;
65
for (file = 3; file < file_max; file++) {
70
umask(S_IWGRP | S_IWOTH);
72
if (chdir("/") == -1) {
73
perror("error: Unable to change working directory");
78
execve(apt_argv[0], apt_argv, apt_envp);
79
perror("error: Unable to execute apt-get");