msudo - Execute a command as another user version 0.3.

- use execv() instead of system() Config file format changed. Format of line in config file: user prgName arguments_in_regexp Example of config line, user "rohel" can start "/usr/sbin/arping some_parameters": rohel /usr/sbin/arping .* git-svn-id: https://ais-dataserver:8443/svn/WinConfig/trunk/projects/msudo@2952 30e310cc-b365-5d4b-8166-626653d85fd0
jrohel · Oct 29, 2013 · b79f52b · b79f52b
1 parent 2ef6f35
commit b79f52b
Show file tree

Hide file tree

Showing 2 changed files with 65 additions and 23 deletions.
diff --git a/msudo.c b/msudo.c
@@ -16,67 +16,109 @@ email: [email protected]
 #include <sys/types.h>
 #include <regex.h>
 
-int main(int argc, const char *argv[])
+int main(int argc, char *argv[])
 {
 	FILE *cfgFile;
 	uid_t my_uid;
 	struct passwd *pw;
 
-	if (argc!=2 || argv[1]=='\0')
+	if (argc<2 || argv[1]=='\0')
 	{
-		fprintf(stdout, "msudo version 0.2     Jaroslav Rohel, 2013\n\n", argv[0]);
+		fprintf(stdout, "msudo version 0.3     Jaroslav Rohel, 2013\n\n", argv[0]);
 		fprintf(stdout, "Usage:\n");
 		fprintf(stdout, "%s pathToPrgForExec_with_arguments\n\n", argv[0]);
 		fprintf(stdout, "Example:\n");
-		fprintf(stdout, "%s \"/usr/sbin/arping -i eth0 192.168.10.100\"\n\n", argv[0]);
+		fprintf(stdout, "%s /usr/sbin/arping -i eth0 192.168.10.100\n\n", argv[0]);
 		return -1;
 	}
 
 	// get my real name
 	my_uid = getuid();
 	pw = getpwuid(my_uid);
+//	printf("%s\n", pw->pw_name);
 
 	cfgFile = fopen(CFG_FILE_NAME, "r");
 	if (cfgFile)
 	{
-		const char *wantPrg = argv[1];
-
+		const char *wantPrgName = argv[1];
 		char username[1024];
-		char pattern[1024];
+		char prgname[1024];
+		char prgargspattern[1024];
+		char wantArgs[10000];
 //		char *pattern = "a[a-c]u";
+		int params;
 		int found = 0;
+		int exit = 0;
 
-		while (fscanf(cfgFile, "%1023s%*10000[ \t]%1023[^\n\r]%*10000[\n\r]", username, pattern) >= 2)
+		wantArgs[0] = '\0';
+		if (argc >= 3)
+		{
+			int i;
+			int firstArg = 2;
+			int freeLen = sizeof(wantArgs) - 1;
+			for (i=firstArg; i<argc; i++)
+			{
+				int srcLen = strlen(argv[i]);
+				if (srcLen+1 > freeLen)
+				{
+					fprintf(stderr, "Error: Too long arguments.\n");
+					exit = 1;
+					break;
+				}
+				if (i > firstArg)
+				{
+					strcat(wantArgs, " ");
+					freeLen--;
+				}
+//				strcat(wantArgs, "\"");
+				strncat(wantArgs, argv[i], srcLen);
+//				strcat(wantArgs, "\"");
+				freeLen -= srcLen;// + 2;
+			}
+		}
+
+		while (!exit && (params=fscanf(cfgFile, "%1023s%*10000[ \t]%1023s%*10000[ \t]%1023[^\n\r]%*10000[ \t\n\r]", username, prgname, prgargspattern)) >= 2)
 		{
 //			printf("UserName: %s\n", username);
 //			printf("PrgName: %s\n", prgname);
-			if (strcmp(username, pw->pw_name) == 0)
+//			printf("pattern: %s\n", prgargspattern);
+			if (strcmp(username, pw->pw_name)==0 && strcmp(wantPrgName, prgname)==0)
 			{
-				regex_t preg;
-				int rc;
 
-				rc = regcomp(&preg, pattern, 0);
-				if (rc)
+				if (params==2 && argc==2)
 				{
-					fprintf(stderr, "regcomp() failed, returning nonzero (%d)\n", rc);
+					found = 1;
 					break;
 				}
-				rc = regexec(&preg, wantPrg, 0, NULL, 0);
-				regfree(&preg);
-				if (!rc)
+				else if (params > 2)
 				{
-					found = 1;
-					break;
+					regex_t preg;
+					int rc;
+
+					rc = regcomp(&preg, prgargspattern, 0);
+					if (rc)
+					{
+						fprintf(stderr, "regcomp() failed, returning nonzero (%d)\n", rc);
+						break;
+					}
+					rc = regexec(&preg, wantArgs, 0, NULL, 0);
+					regfree(&preg);
+					if (!rc)
+					{
+						found = 1;
+						break;
+					}
 				}
 			}
 		}
 		fclose(cfgFile);
 		if (found)
 		{
 			printf("Starting\n");
-			system(wantPrg);
+//			system(wantPrgName);
+			execv(wantPrgName, &argv[1]);
 		}
-		else fprintf(stdout, "User \"%s\" is not allowed to start \"%s\"\n", pw->pw_name, wantPrg);
+		else fprintf(stdout, "User \"%s\" is not allowed to start program \"%s\" with arguments \"%s\"\n", pw->pw_name, wantPrgName, wantArgs);
 	}
 	else fprintf(stderr, "Can't open config file %s\n", CFG_FILE_NAME);
 	return 0;

diff --git a/msudo.conf b/msudo.conf
@@ -1,2 +1,2 @@
-rohel ^/home/rohel/prace/AIS/SVN/WinConfig/trunk/projects/msudo/test.sh$
-rohel ^/usr/sbin/arping.*$
+rohel /home/rohel/prace/AIS/SVN/WinConfig/trunk/projects/msudo/test.sh
+rohel /usr/sbin/arping .*