linuxinstall/src/sandbox.c

36 lines
1.0 KiB
C
Raw Normal View History

#include "sandbox.h"
2024-02-18 18:09:53 +01:00
#include "utils.h"
2024-02-17 15:15:40 +01:00
#include <pwd.h>
#include <unistd.h>
2024-02-17 23:59:38 +01:00
2024-02-18 18:09:53 +01:00
int main(int argc, char** argv) {
// Ensure the sandbox user exists
2024-02-17 23:59:38 +01:00
struct passwd* pw = getpwnam(SANDBOX_USER);
if (pw == NULL) {
2024-02-18 18:09:53 +01:00
Log(LOG_LEVEL_ERROR, "User '%s' does not exist. Please check that the program is installed correctly.", SANDBOX_USER);
2024-02-17 15:15:40 +01:00
return EXIT_FAILURE;
}
2024-02-18 18:09:53 +01:00
// Check that the program is either run as root or as the sandbox user
if (geteuid() != 0 && geteuid() != pw->pw_uid) {
Log(LOG_LEVEL_ERROR, "This program must be run as root or as the user '%s'.", SANDBOX_USER);
2024-02-17 15:15:40 +01:00
return EXIT_FAILURE;
}
2024-02-18 18:09:53 +01:00
// If the program is run as root, switch to the sandbox user
2024-02-17 15:15:40 +01:00
if (geteuid() == 0) {
2024-02-18 18:09:53 +01:00
if (setregid(pw->pw_gid, pw->pw_gid) != 0) {
Log(LOG_LEVEL_ERROR, "Failed to switch to the group '%s'.", pw->pw_name);
return EXIT_FAILURE;
}
2024-02-18 18:09:53 +01:00
if (setreuid(pw->pw_uid, pw->pw_uid) != 0) {
Log(LOG_LEVEL_ERROR, "Failed to switch to the user '%s'.", pw->pw_name);
2024-02-18 14:43:38 +01:00
return EXIT_FAILURE;
}
}
2024-02-18 18:09:53 +01:00
// TODO: Parse commands from the command line
}