From 6e2e00f2877ff0343285e272ef0f7d83250637db Mon Sep 17 00:00:00 2001 From: Konstantin Stepanov Date: Tue, 21 Jul 2015 11:32:22 +0300 Subject: [PATCH] add functions to set user and group --- src/lib.rs | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/src/lib.rs b/src/lib.rs index f02a228..5035f0b 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -127,6 +127,7 @@ use std::ptr::read; use std::str::from_utf8_unchecked; use std::collections::HashMap; use std::collections::hash_map::Entry::{Occupied, Vacant}; +use std::io::Error as IoError; pub mod mock; @@ -581,6 +582,60 @@ pub fn get_effective_groupname() -> Option { OSUsers::empty_cache().get_effective_groupname() } +/// Set current user for the running process, requires root priviledges. +pub fn set_current_uid(uid: uid_t) -> Result<(), io::Error> { + match unsafe { setuid(uid) } { + 0 => Ok(()), + -1 => Err(io::Error::last_os_error()) + _ => unreachable!() + } +} + +/// Set current group for the running process, requires root priviledges. +pub fn set_current_gid(gid: gid_t) -> Result<(), io::Error> { + match unsafe { setgid(gid) } { + 0 => Ok(()), + -1 => Err(io::Error::last_os_error()) + _ => unreachable!() + } +} + +/// Set effective user for the running process, requires root priviledges. +pub fn set_effective_uid(uid: uid_t) -> Result<(), io::Error> { + match unsafe { seteuid(uid) } { + 0 => Ok(()), + -1 => Err(io::Error::last_os_error()) + _ => unreachable!() + } +} + +/// Set effective user for the running process, requires root priviledges. +pub fn set_effective_gid(gid: gid_t) -> Result<(), io::Error> { + match unsafe { setegid(gid) } { + 0 => Ok(()), + -1 => Err(io::Error::last_os_error()) + _ => unreachable!() + } +} + +/// Atomically set current and effective user for the running process, requires root priviledges. +pub fn set_both_uid(ruid: uid_t, euid: uid_t) -> Result<(), io::Error> { + match unsafe { setreuid(ruid, euid) } { + 0 => Ok(()), + -1 => Err(io::Error::last_os_error()) + _ => unreachable!() + } +} + +/// Atomically set current and effective group for the running process, requires root priviledges. +pub fn set_both_gid(rgid: gid_t, egid: git_t) -> Result<(), io::Error> { + match unsafe { setregid(rgid, egid) } { + 0 => Ok(()), + -1 => Err(io::Error::last_os_error()) + _ => unreachable!() + } +} + #[cfg(test)] mod test { use super::{Users, OSUsers, get_current_username};