← Back to branch summary

~ubuntu-branches/ubuntu/quantal/sudo/quantal-201204301718

« back to all changes in this revision

Viewing changes to set_perms.c

  • Committer: Bazaar Package Importer
  • Author(s): Michael Vogt
  • Date: 2011-05-23 09:50:37 UTC
  • mfrom: (1.3.13 sid)
  • Revision ID: james.westby@ubuntu.com-20110523095037-639dpkfk6qct0m0m
Tags: 1.7.4p6-1ubuntu1
* Merge from debian/unstable, remaining changes:
  - debian/patches/keep_home_by_default.patch: 
    + Set HOME in initial_keepenv_table. 
  - debian/rules:
    + compile with --without-lecture --with-tty-tickets (Ubuntu specific)
    + install man/man8/sudo_root.8 (Ubuntu specific)
    + install apport hooks
  - debian/sudoers: 
    + grant admin group sudo access
  - debian/sudo-ldap.dirs, debian/sudo.dirs: 
    + add usr/share/apport/package-hooks
* drop debian/patches/CVE-2011-0010.patch, applied upstream now

Show diffs side-by-side

added added

removed removed

Lines of Context:
set_perms.c
47
47
#ifdef HAVE_LOGIN_CAP_H
48
48
# include <login_cap.h>
49
49
#endif
 
50
#ifdef HAVE_PROJECT_H
 
51
# include <project.h>
 
52
# include <sys/task.h>
 
53
#endif
50
54
 
51
55
#include "sudo.h"
52
56
 
547
551
 
548
552
#endif /* HAVE_INITGROUPS */
549
553
 
 
554
#ifdef HAVE_PROJECT_H
 
555
static void
 
556
set_project(pw)
 
557
    struct passwd *pw;
 
558
{
 
559
    struct project proj;
 
560
    char buf[PROJECT_BUFSZ];
 
561
    int errval;
 
562
 
 
563
    /*
 
564
     * Collect the default project for the user and settaskid
 
565
     */
 
566
    setprojent();
 
567
    if (getdefaultproj(pw->pw_name, &proj, buf, sizeof(buf)) != NULL) {
 
568
        errval = setproject(proj.pj_name, pw->pw_name, TASK_NORMAL);
 
569
        switch(errval) {
 
570
        case 0:
 
571
            break;
 
572
        case SETPROJ_ERR_TASK:
 
573
            switch (errno) {
 
574
            case EAGAIN:
 
575
                warningx("resource control limit has been reached");
 
576
                break;
 
577
            case ESRCH:
 
578
                warningx("user \"%s\" is not a member of project \"%s\"",
 
579
                    pw->pw_name, proj.pj_name);
 
580
                break;
 
581
            case EACCES:
 
582
                warningx("the invoking task is final");
 
583
                break;
 
584
            default:
 
585
                warningx("could not join project \"%s\"", proj.pj_name);
 
586
            }
 
587
        case SETPROJ_ERR_POOL:
 
588
            switch (errno) {
 
589
            case EACCES:
 
590
                warningx("no resource pool accepting default bindings "
 
591
                    "exists for project \"%s\"", proj.pj_name);
 
592
                break;
 
593
            case ESRCH:
 
594
                warningx("specified resource pool does not exist for "
 
595
                    "project \"%s\"", proj.pj_name);
 
596
                break;
 
597
            default:
 
598
                warningx("could not bind to default resource pool for "
 
599
                    "project \"%s\"", proj.pj_name);
 
600
            }
 
601
            break;
 
602
        default:
 
603
            if (errval <= 0) {
 
604
                warningx("setproject failed for project \"%s\"", proj.pj_name);
 
605
            } else {
 
606
                warningx("warning, resource control assignment failed for "
 
607
                    "project \"%s\"", proj.pj_name);
 
608
            }
 
609
        }
 
610
    } else {
 
611
        warning("getdefaultproj");
 
612
    }
 
613
    endprojent();
 
614
}
 
615
#endif /* HAVE_PROJECT_H */
 
616
 
550
617
static void
551
618
runas_setup()
552
619
{
558
625
 
559
626
    if (runas_pw->pw_name != NULL) {
560
627
        gid = runas_gr ? runas_gr->gr_gid : runas_pw->pw_gid;
 
628
#ifdef HAVE_PROJECT_H
 
629
        set_project(runas_pw);
 
630
#endif
561
631
#ifdef HAVE_GETUSERATTR
562
632
        aix_prep_user(runas_pw->pw_name, user_ttypath);
563
633
#endif