PERFORCE change 15001 for review
Robert Watson
rwatson at freebsd.org
Sat Jul 27 19:59:54 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15001
Change 15001 by rwatson at rwatson_paprika on 2002/07/27 12:59:09
Teach ugidfw to speak usernames and group names as well as
uids and gids, making it a lot easier to use.
Affected files ...
.. //depot/projects/trustedbsd/mac/usr.sbin/ugidfw/ugidfw.c#5 edit
Differences ...
==== //depot/projects/trustedbsd/mac/usr.sbin/ugidfw/ugidfw.c#5 (text+ko) ====
@@ -41,6 +41,8 @@
#include <security/mac_bsdextended/mac_bsdextended.h>
+#include <grp.h>
+#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -69,6 +71,8 @@
void
print_rule(int rulenum, struct mac_bsdextended_rule *rule)
{
+ struct group *grp;
+ struct passwd *pwd;
int anymode, unknownmode;
printf("%d ", rulenum);
@@ -77,20 +81,40 @@
printf("subject ");
if (rule->mbr_subject.mbi_flags & MBI_NEGATED)
printf("not ");
- if (rule->mbr_subject.mbi_flags & MBI_UID_DEFINED)
- printf("uid %u ", rule->mbr_subject.mbi_uid);
- if (rule->mbr_subject.mbi_flags & MBI_GID_DEFINED)
- printf("gid %u ", rule->mbr_subject.mbi_gid);
+ if (rule->mbr_subject.mbi_flags & MBI_UID_DEFINED) {
+ pwd = getpwuid(rule->mbr_subject.mbi_uid);
+ if (pwd != NULL)
+ printf("uid %s ", pwd->pw_name);
+ else
+ printf("uid %u ", rule->mbr_subject.mbi_uid);
+ }
+ if (rule->mbr_subject.mbi_flags & MBI_GID_DEFINED) {
+ grp = getgrgid(rule->mbr_subject.mbi_gid);
+ if (grp != NULL)
+ printf("gid %s ", grp->gr_name);
+ else
+ printf("gid %u ", rule->mbr_subject.mbi_gid);
+ }
}
if (rule->mbr_object.mbi_flags & (MBI_UID_DEFINED |
MBI_GID_DEFINED)) {
printf("object ");
if (rule->mbr_object.mbi_flags & MBI_NEGATED)
printf("not ");
- if (rule->mbr_object.mbi_flags & MBI_UID_DEFINED)
- printf("uid %u ", rule->mbr_object.mbi_uid);
- if (rule->mbr_object.mbi_flags & MBI_GID_DEFINED)
- printf("gid %u ", rule->mbr_object.mbi_gid);
+ if (rule->mbr_object.mbi_flags & MBI_UID_DEFINED) {
+ pwd = getpwuid(rule->mbr_object.mbi_uid);
+ if (pwd != NULL)
+ printf("uid %s ", pwd->pw_name);
+ else
+ printf("uid %u ", rule->mbr_object.mbi_uid);
+ }
+ if (rule->mbr_object.mbi_flags & MBI_GID_DEFINED) {
+ grp = getgrgid(rule->mbr_object.mbi_gid);
+ if (grp != NULL)
+ printf("gid %s ", grp->gr_name);
+ else
+ printf("gid %u ", rule->mbr_object.mbi_gid);
+ }
}
printf("mode ");
@@ -119,6 +143,8 @@
parse_identity(int argc, char *argv[],
struct mac_bsdextended_identity *identity)
{
+ struct group *grp;
+ struct passwd *pwd;
int uid_seen, gid_seen, not_seen;
int current;
char *endp;
@@ -154,13 +180,18 @@
fprintf(stderr, "uid short.\n");
return (-1);
}
- value = strtol(argv[current+1], &endp, 10);
- if (*endp != '\0') {
- fprintf(stderr, "invalid uid: '%s'\n",
- argv[current+1]);
- return (-1);
+ pwd = getpwnam(argv[current+1]);
+ if (pwd != NULL)
+ uid = pwd->pw_uid;
+ else {
+ value = strtol(argv[current+1], &endp, 10);
+ if (*endp != '\0') {
+ fprintf(stderr, "invalid uid: '%s'\n",
+ argv[current+1]);
+ return (-1);
+ }
+ uid = value;
}
- uid = value;
uid_seen = 1;
current += 2;
} else if (strcmp("gid", argv[current]) == 0) {
@@ -168,13 +199,18 @@
fprintf(stderr, "gid short.\n");
return (-1);
}
- value = strtol(argv[current+1], &endp, 10);
- if (*endp != '\0') {
- fprintf(stderr, "invalid gid: '%s'\n",
- argv[current+1]);
- return (-1);
+ grp = getgrnam(argv[current+1]);
+ if (grp != NULL)
+ gid = grp->gr_gid;
+ else {
+ value = strtol(argv[current+1], &endp, 10);
+ if (*endp != '\0') {
+ fprintf(stderr, "invalid gid: '%s'\n",
+ argv[current+1]);
+ return (-1);
+ }
+ gid = value;
}
- gid = value;
gid_seen = 1;
current += 2;
} else {
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list