projects / platform / core / system / kdbus-bus.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ad620d5)
test: add simple helper to drop privileges
authorDjalal Harouni <tixxdz@opendz.org>
Fri, 20 Jun 2014 16:49:57 +0000 (17:49 +0100)
committerDaniel Mack <zonque@gmail.com>
Fri, 20 Jun 2014 17:35:36 +0000 (19:35 +0200)
This is needed since we will add tests to fork() + drop privileges

Signed-off-by: Djalal Harouni <tixxdz@opendz.org>
test/kdbus-util.c patch | blob | history
test/kdbus-util.h patch | blob | history

diff --git a/test/kdbus-util.c b/test/kdbus-util.c
index b7dc057bdc3de2e5ad1ce89ae003de1bb78b756e..965c95d31139577925e8ce600a07dbdc1968391e 100644 (file)
--- a/test/kdbus-util.c
+++ b/test/kdbus-util.c
@@ -20,6 +20,7 @@
 #include <errno.h>
 #include <assert.h>
 #include <poll.h>
+#include <grp.h>
 #include <sys/ioctl.h>
 #include <sys/mman.h>
 
@@ -625,3 +626,31 @@ void add_match_empty(int fd)
        if (ret < 0)
                fprintf(stderr, "--- error adding conn match: %d (%m)\n", ret);
 }
+
+int drop_privileges(uid_t uid, gid_t gid)
+{
+       int ret;
+
+       ret = setgroups(0, NULL);
+       if (ret < 0) {
+               ret = -errno;
+               fprintf(stderr, "error setgroups: %d (%m)\n", ret);
+               return ret;
+       }
+
+       ret = setresgid(gid, gid, gid);
+       if (ret < 0) {
+               ret = -errno;
+               fprintf(stderr, "error setresgid: %d (%m)\n", ret);
+               return ret;
+       }
+
+       ret = setresuid(uid, uid, uid);
+       if (ret < 0) {
+               ret = -errno;
+               fprintf(stderr, "error setresuid: %d (%m)\n", ret);
+               return ret;
+       }
+
+       return ret;
+}
diff --git a/test/kdbus-util.h b/test/kdbus-util.h
index 977162275bb8476df85f3516e72f6bdda2878bf9..dd7d7b6058ffebe468161fc1b4b858afd0c8a083 100644 (file)
--- a/test/kdbus-util.h
+++ b/test/kdbus-util.h
@@ -55,3 +55,4 @@ struct kdbus_item *make_policy_name(const char *name);
 struct kdbus_item *make_policy_access(__u64 type, __u64 bits, __u64 id);
 void add_match_empty(int fd);
 
+int drop_privileges(uid_t uid, gid_t gid);
Domain: System / Uncategorized;