]>
Commit | Line | Data |
---|---|---|
6adb1ef2 CM |
1 | /* |
2 | * libuser.c -- Utilize libuser to set a user attribute | |
3 | * (c) 2012 by Cody Maloney <cmaloney@theoreticalchaos.com> | |
4 | * | |
5 | * this program is free software. you can redistribute it and | |
6 | * modify it under the terms of the gnu general public license. | |
7 | * there is no warranty. | |
8 | * | |
9 | */ | |
10 | ||
11 | #include "libuser.h" | |
12 | ||
13 | #include <grp.h> | |
14 | #include <libuser/user.h> | |
15 | #include <unistd.h> | |
16 | ||
17 | #include "auth.h" | |
18 | #include "c.h" | |
19 | #include "nls.h" | |
20 | ||
21 | static int auth_lu(const char *service_name, struct lu_context *ctx, uid_t uid, | |
22 | const char *username); | |
23 | ||
24 | static int auth_lu(const char *service_name, struct lu_context *ctx, uid_t uid, | |
25 | const char *username) { | |
d86918b6 | 26 | if (!lu_uses_elevated_privileges(ctx)) { |
6adb1ef2 CM |
27 | /* Drop privileges */ |
28 | if (setegid(getgid()) == -1) | |
29 | err(EXIT_FAILURE, _("Couldn't drop group privileges")); | |
30 | if (seteuid(getuid()) == -1) | |
31 | err(EXIT_FAILURE, _("Couldn't drop group privileges")); | |
32 | return TRUE; | |
33 | } | |
34 | ||
35 | return auth_pam(service_name, uid, username); | |
36 | } | |
37 | ||
38 | int set_value_libuser(const char *service_name, const char *username, uid_t uid, | |
39 | const char *attr, const char *val) { | |
40 | struct lu_context *ctx; | |
41 | struct lu_error *error = NULL; | |
42 | struct lu_ent *ent; | |
43 | ||
44 | ctx = lu_start(username, lu_user, NULL, NULL, lu_prompt_console_quiet, | |
45 | NULL, &error); | |
46 | if (ctx == NULL) | |
47 | errx(EXIT_FAILURE, _("libuser initialization failed: %s."), | |
48 | lu_strerror(error)); | |
49 | ||
d86918b6 | 50 | if (!auth_lu(service_name, ctx, uid, username)) { |
6adb1ef2 CM |
51 | errno = EACCES; |
52 | err(EXIT_FAILURE, _("changing user attribute failed")); | |
53 | } | |
54 | ||
55 | /* Look up the user's record. */ | |
56 | ent = lu_ent_new(); | |
57 | if (lu_user_lookup_name(ctx, username, ent, &error) == FALSE) { | |
58 | lu_end(ctx); | |
59 | errx(EXIT_FAILURE, _("user \"%s\" does not exist."), username); | |
60 | } | |
61 | ||
62 | lu_ent_set_string(ent, attr, val); | |
63 | if (!lu_user_modify(ctx, ent, &error)) { | |
64 | lu_ent_free(ent); | |
65 | lu_end(ctx); | |
66 | errx(EXIT_FAILURE, _("user attribute not changed: %s"), lu_strerror(error)); | |
67 | } | |
68 | lu_ent_free(ent); | |
69 | lu_end(ctx); | |
d86918b6 KZ |
70 | |
71 | return 0; | |
6adb1ef2 | 72 | } |