Ticket #7832: drop_permissions.patch

libs/libmythdb/exitcodes.h

@@ -60 +60 @@
 #define BACKEND_EXIT_NO_CAP_CARD                  GENERIC_EXIT_START-11
 #define BACKEND_EXIT_NO_CHAN_DATA                 GENERIC_EXIT_START-12
 #define BACKEND_EXIT_START                        GENERIC_EXIT_START-12
+#define BACKEND_EXIT_PERMISSIONS_ERROR            GENERIC_EXIT_START-13
 
 // mythtranscode
 #define TRANSCODE_EXIT_OK                         GENERIC_EXIT_OK

programs/mythbackend/main.cpp

@@ -17 +17 @@
 #include <fstream>
 #include <cstdlib>
 #include <cerrno>
+#include <pwd.h>
 using namespace std;
 
 #ifndef _WIN32
@@ -472 +473 @@
     "-d or --daemon                 Runs mythbackend as a daemon" << endl <<
     "-v or --verbose debug-level    Use '-v help' for level info" << endl <<
     "--setverbose debug-level       Change debug level of running master backend" << endl <<
+    "--user username                Drop permissions to username after starting"  << endl <<
 
     "--printexpire                  List of auto-expire programs" << endl <<
     "--printsched                   Upcoming scheduled programs" << endl <<
@@ -547 +549 @@
     bool testsched = false;
     bool setverbose = false;
     QString newverbose = "";
+    QString username = "";
     bool resched = false;
     bool nosched = false;
     bool noupnp = false;
@@ -630 +633 @@
                 cerr << "Missing argument to --setverbose option\n";
                 return BACKEND_EXIT_INVALID_CMDLINE;
             }
-        } 
+        }
+        else if (!strcmp(a.argv()[argpos],"--user"))
+        {
+            if (a.argc()-1 > argpos)
+            {
+                username = a.argv()[argpos+1];
+                ++argpos;
+            }
+            else
+            {
+                cerr << "Missing argument to --user option\n";
+                return BACKEND_EXIT_INVALID_CMDLINE;
+            }
+        }
         else if (!strcmp(a.argv()[argpos],"--printsched"))
         {
             printsched = true;
@@ -835 +851 @@
         return BACKEND_EXIT_DAEMONIZING_ERROR;
     }
 
+    if (username.length() > 0)
+    {
+        struct passwd *user_info;
+        uid_t user_id = geteuid();
+        char c_username[username.length()+1];
 
+        strcpy(c_username, username.toAscii().data());
+        user_info = getpwnam(c_username);
+
+        if (user_id && (!user_info || user_id != user_info->pw_uid))
+        {
+            VERBOSE(VB_IMPORTANT, "The --user switch only works if running as root.");
+            return BACKEND_EXIT_PERMISSIONS_ERROR;
+        }
+        else if (user_info && user_id == user_info->pw_uid)
+            VERBOSE(VB_IMPORTANT, QString("Already running as '%1'").arg(username));
+        else if (!user_id && user_info)
+        {
+            if (setenv("HOME",user_info->pw_dir,1) == -1)
+            {
+                VERBOSE(VB_IMPORTANT, "Error setting home directory.");
+                return BACKEND_EXIT_PERMISSIONS_ERROR;
+            }
+            if (setgid(user_info->pw_gid) == -1)
+            {
+                VERBOSE(VB_IMPORTANT, "Error setting effective group.");
+                return BACKEND_EXIT_PERMISSIONS_ERROR;
+            }
+            if (setuid(user_info->pw_uid) == -1)
+            {
+                VERBOSE(VB_IMPORTANT, "Error setting effective user.");
+                return BACKEND_EXIT_PERMISSIONS_ERROR;
+            }
+        }
+        else
+        {
+            VERBOSE(VB_IMPORTANT, QString("Invalid user '%1' specified in arguments").arg(username));
+            return BACKEND_EXIT_PERMISSIONS_ERROR;
+        }
+    }
+
     if (pidfs)
     {
         pidfs << getpid() << endl;