#endif /* HAVE_SANDBOX_H */
+/*
+ * Local functions...
+ */
+
+static void usage(void) __attribute__((noreturn));
+
+
/*
* 'main()' - Apply sandbox profile and execute program.
*/
main(int argc, /* I - Number of command-line args */
char *argv[]) /* I - Command-line arguments */
{
- uid_t uid; /* UID */
- gid_t gid; /* GID */
- int niceval; /* Nice value */
+ int i; /* Looping var */
+ const char *opt; /* Current option character */
+ uid_t uid = getuid(); /* UID */
+ gid_t gid = getgid(); /* GID */
+ int niceval = 0; /* Nice value */
#ifdef HAVE_SANDBOX_H
- char *sandbox_error = NULL; /* Sandbox error, if any */
+ char *sandbox_error = NULL; /* Sandbox error, if any */
#endif /* HAVE_SANDBOX_H */
+ /*
+ * Parse command-line...
+ */
+
+ for (i = 1; i < argc; i ++)
+ {
+ if (argv[i][0] == '-')
+ {
+ for (opt = argv[i] + 1; *opt; opt ++)
+ {
+ switch (*opt)
+ {
+ case 'g' : /* -g gid */
+ i ++;
+ if (i >= argc)
+ usage();
+
+ gid = (gid_t)atoi(argv[i]);
+ break;
+
+ case 'n' : /* -n nice-value */
+ i ++;
+ if (i >= argc)
+ usage();
+
+ niceval = atoi(argv[i]);
+ break;
+
+ case 'u' : /* -g gid */
+ i ++;
+ if (i >= argc)
+ usage();
+
+ uid = (uid_t)atoi(argv[i]);
+ break;
+
+ default :
+ fprintf(stderr, "cups-exec: Unknown option '-%c'.\n", *opt);
+ usage();
+ }
+ }
+ }
+ else
+ break;
+ }
+
/*
* Check that we have enough arguments...
*/
- if (argc < 7)
+ if ((i + 3) > argc)
{
- puts("Usage: cups-exec /path/to/profile UID GID NICE /path/to/program argv0 argv1 ... argvN");
- return (1);
+ fputs("cups-exec: Insufficient arguments.\n", stderr);
+ usage();
}
/*
* Change UID, GID, and nice value...
*/
- uid = (uid_t)atoi(argv[2]);
- gid = (gid_t)atoi(argv[3]);
- niceval = atoi(argv[4]);
-
if (uid)
nice(niceval);
* Run in a separate security profile...
*/
- if (strcmp(argv[1], "none") &&
- sandbox_init(argv[1], SANDBOX_NAMED_EXTERNAL, &sandbox_error))
+ if (strcmp(argv[i], "none") &&
+ sandbox_init(argv[i], SANDBOX_NAMED_EXTERNAL, &sandbox_error))
{
cups_file_t *fp; /* File */
char line[1024]; /* Line from file */
strerror(errno));
sandbox_free_error(sandbox_error);
- if ((fp = cupsFileOpen(argv[1], "r")) != NULL)
+ if ((fp = cupsFileOpen(argv[i], "r")) != NULL)
{
while (cupsFileGets(fp, line, sizeof(line)))
{
}
#endif /* HAVE_SANDBOX_H */
+ /*
+ * Execute the program...
+ */
+
+ execv(argv[i + 1], argv + i + 2);
+
/*
* If we get here, execv() failed...
*/
}
+/*
+ * 'usage()' - Show program usage.
+ */
+
+static void
+usage(void)
+{
+ fputs("Usage: cups-exec [-g gid] [-n nice-value] [-u uid] /path/to/profile /path/to/program argv0 argv1 ... argvN\n", stderr);
+ exit(1);
+}
+
+
/*
* End of "$Id$".
*/
{
int i; /* Looping var */
const char *exec_path = command; /* Command to be exec'd */
- char *real_argv[107], /* Real command-line arguments */
+ char *real_argv[110], /* Real command-line arguments */
cups_exec[1024]; /* Path to "cups-exec" program */
uid_t user; /* Command UID */
cupsd_proc_t *proc; /* New process record */
snprintf(nice_str, sizeof(nice_str), "%d", FilterNice);
real_argv[0] = cups_exec;
- real_argv[1] = profile;
- real_argv[2] = user_str;
- real_argv[3] = group_str;
+ real_argv[1] = (char *)"-g";
+ real_argv[2] = group_str;
+ real_argv[3] = (char *)"-n";
real_argv[4] = nice_str;
- real_argv[5] = (char *)command;
+ real_argv[5] = (char *)"-u";
+ real_argv[6] = user_str;
+ real_argv[7] = profile;
+ real_argv[8] = (char *)command;
for (i = 0;
- i < (int)(sizeof(real_argv) / sizeof(real_argv[0]) - 7) && argv[i];
+ i < (int)(sizeof(real_argv) / sizeof(real_argv[0]) - 10) && argv[i];
i ++)
- real_argv[i + 6] = argv[i];
+ real_argv[i + 9] = argv[i];
- real_argv[i + 6] = NULL;
+ real_argv[i + 9] = NULL;
argv = real_argv;
exec_path = cups_exec;
projects / thirdparty / cups.git / commitdiff
