1 /* setgrp.c - by Michael Haardt. Set the gid if possible */
2 /* Added a bit more error recovery/reporting - poe */
3 /* Vesa Roukonen added code for asking password */
4 /* Currently maintained at ftp://ftp.daimi.aau.dk/pub/linux/poe/ */
6 /* 1999-02-22 Arkadiusz Mi¶kiewicz <misiek@pld.ORG.PL>
7 * - added Native Language Support
17 #include "pathnames.h"
29 /* try to read password from gshadow */
31 get_gshadow_pwd(char *groupname)
35 FILE *f = fopen(_PATH_GSHADOW, "r");
37 if (groupname == NULL || *groupname == '\0' || f == NULL)
40 while(fgets(buf, sizeof buf, f))
42 char *cp = strchr (buf, ':');
44 continue; /* any junk in gshadow? */
46 if (strcmp(buf, groupname) == 0)
49 break; /* only group name on line */
51 if ((cp = strchr(pwd, ':')) && pwd == cp+1 )
52 pwd = NULL; /* empty password */
59 return pwd ? strdup(pwd) : NULL;
63 allow_setgid(struct passwd *pe, struct group *ge)
69 if (getuid() == 0) return TRUE; /* root may do anything */
70 if (ge->gr_gid == pe->pw_gid) return TRUE; /* You can switch back to your default group */
73 while (*look && (notfound = strcmp(*look++,pe->pw_name)));
75 if(!notfound) return TRUE; /* member of group => OK */
77 /* Ask for password. Often there is no password in /etc/group, so
78 contrary to login et al. we let an empty password mean the same
79 as * in /etc/passwd */
81 /* check /etc/gshadow */
82 if (!(pwd = get_gshadow_pwd(ge->gr_name)))
85 if(pwd && *pwd && (xpwd = getpass(_("Password: ")))) {
86 if(strcmp(pwd, crypt(xpwd, pwd)) == 0)
87 return TRUE; /* password accepted */
90 return FALSE; /* default to denial */
94 main(int argc, char *argv[])
96 struct passwd *pw_entry;
97 struct group *gr_entry;
100 setlocale(LC_ALL, "");
101 bindtextdomain(PACKAGE, LOCALEDIR);
104 if (!(pw_entry = getpwuid(getuid()))) {
105 perror(_("newgrp: Who are you?"));
109 shell = (pw_entry->pw_shell[0] ? pw_entry->pw_shell : _PATH_BSHELL);
112 if(setgid(pw_entry->pw_gid) < 0) {
113 perror(_("newgrp: setgid"));
118 if (!(gr_entry = getgrnam(argv[1]))) {
120 perror(_("newgrp: No such group.")); /* error */
122 fprintf(stderr, "%s\n", _("newgrp: No such group.")); /* no group */
125 if(allow_setgid(pw_entry, gr_entry)) {
126 if(setgid(gr_entry->gr_gid) < 0) {
127 perror(_("newgrp: setgid"));
131 puts(_("newgrp: Permission denied"));
137 if(setuid(getuid()) < 0) {
138 perror(_("newgrp: setuid"));
142 fflush(stdout); fflush(stderr);
143 execl(shell,shell,(char*)0);
144 perror(_("No shell"));