libmoost
|
00001 /* vim:set ts=3 sw=3 sts=3 et: */ 00028 #ifndef FM_LAST_MOOST_PROCESS_OWNERSHIP_H_ 00029 #define FM_LAST_MOOST_PROCESS_OWNERSHIP_H_ 00030 00031 #include "detail/ownership_posix.hpp" 00032 00033 namespace moost { namespace process { 00034 00045 class ownership 00046 { 00047 public: 00048 typedef detail::ownership::uid_type uid_type; 00049 typedef detail::ownership::gid_type gid_type; 00050 00057 bool is_superuser() const 00058 { 00059 return m_impl.is_superuser(); 00060 } 00061 00073 bool lookup_user(std::string& name, const uid_type& uid) const 00074 { 00075 return m_impl.lookup_user(name, uid); 00076 } 00077 00089 bool lookup_uid(uid_type& uid, const std::string& name) const 00090 { 00091 return m_impl.lookup_uid(uid, name); 00092 } 00093 00107 bool lookup_uid(uid_type& uid, gid_type& gid, const std::string& name) const 00108 { 00109 return m_impl.lookup_uid(uid, gid, name); 00110 } 00111 00119 void set_uid(uid_type uid) 00120 { 00121 m_impl.set_uid(uid); 00122 } 00123 00131 void set_effective_uid(uid_type uid) 00132 { 00133 m_impl.set_effective_uid(uid); 00134 } 00135 00143 uid_type get_uid() const 00144 { 00145 return m_impl.get_uid(); 00146 } 00147 00155 uid_type get_effective_uid() const 00156 { 00157 return m_impl.get_effective_uid(); 00158 } 00159 00171 bool lookup_group(std::string& name, const gid_type& gid) const 00172 { 00173 return m_impl.lookup_group(name, gid); 00174 } 00175 00187 bool lookup_gid(gid_type& gid, const std::string& name) const 00188 { 00189 return m_impl.lookup_gid(gid, name); 00190 } 00191 00199 void set_gid(gid_type gid) 00200 { 00201 m_impl.set_gid(gid); 00202 } 00203 00211 void set_effective_gid(gid_type gid) 00212 { 00213 m_impl.set_effective_gid(gid); 00214 } 00215 00223 gid_type get_gid() const 00224 { 00225 return m_impl.get_gid(); 00226 } 00227 00235 gid_type get_effective_gid() const 00236 { 00237 return m_impl.get_effective_gid(); 00238 } 00239 00248 bool set_user(const std::string& name) 00249 { 00250 uid_type uid; 00251 00252 if (!lookup_uid(uid, name)) 00253 { 00254 return false; 00255 } 00256 00257 set_uid(uid); 00258 00259 return true; 00260 } 00261 00270 bool set_effective_user(const std::string& name) 00271 { 00272 uid_type uid; 00273 00274 if (!lookup_uid(uid, name)) 00275 { 00276 return false; 00277 } 00278 00279 set_effective_uid(uid); 00280 00281 return true; 00282 } 00283 00292 bool set_group(const std::string& name) 00293 { 00294 gid_type gid; 00295 00296 if (!lookup_gid(gid, name)) 00297 { 00298 return false; 00299 } 00300 00301 set_gid(gid); 00302 00303 return true; 00304 } 00305 00314 bool set_effective_group(const std::string& name) 00315 { 00316 gid_type gid; 00317 00318 if (!lookup_gid(gid, name)) 00319 { 00320 return false; 00321 } 00322 00323 set_effective_gid(gid); 00324 00325 return true; 00326 } 00327 00336 std::string get_user() const 00337 { 00338 std::string name; 00339 00340 if (!lookup_user(name, get_uid())) 00341 { 00342 throw std::runtime_error("failed to lookup uid"); 00343 } 00344 00345 return name; 00346 } 00347 00356 std::string get_effective_user() const 00357 { 00358 std::string name; 00359 00360 if (!lookup_user(name, get_effective_uid())) 00361 { 00362 throw std::runtime_error("failed to lookup uid"); 00363 } 00364 00365 return name; 00366 } 00367 00376 std::string get_group() const 00377 { 00378 std::string name; 00379 00380 if (!lookup_group(name, get_gid())) 00381 { 00382 throw std::runtime_error("failed to lookup gid"); 00383 } 00384 00385 return name; 00386 } 00387 00396 std::string get_effective_group() const 00397 { 00398 std::string name; 00399 00400 if (!lookup_group(name, get_effective_gid())) 00401 { 00402 throw std::runtime_error("failed to lookup gid"); 00403 } 00404 00405 return name; 00406 } 00407 00419 void drop_privileges(const std::string& user, const std::string& group = "") 00420 { 00421 uid_type uid = 0; 00422 gid_type gid = 0; 00423 00424 if (group.empty()) 00425 { 00426 if (!lookup_uid(uid, gid, user)) 00427 { 00428 throw std::runtime_error("failed to lookup uid"); 00429 } 00430 } 00431 else 00432 { 00433 if (!lookup_uid(uid, user)) 00434 { 00435 throw std::runtime_error("failed to lookup uid"); 00436 } 00437 00438 if (!lookup_gid(gid, group)) 00439 { 00440 throw std::runtime_error("failed to lookup gid"); 00441 } 00442 } 00443 00444 set_gid(gid); 00445 set_uid(uid); 00446 } 00447 00448 private: 00449 detail::ownership m_impl; 00450 }; 00451 00452 } } 00453 00454 #endif