#include "sandbox.h" #include "utils.h" #include #include int main(int argc, char** argv) { // Ensure the sandbox user exists struct passwd* pw = getpwnam(SANDBOX_USER); if (pw == NULL) { Log(LOG_LEVEL_ERROR, "User '%s' does not exist. Please check that the program is installed correctly.", SANDBOX_USER); return EXIT_FAILURE; } // Check that the program is either run as root or as the sandbox user if (geteuid() != 0 && geteuid() != pw->pw_uid) { Log(LOG_LEVEL_ERROR, "This program must be run as root or as the user '%s'.", SANDBOX_USER); return EXIT_FAILURE; } // If the program is run as root, switch to the sandbox user if (geteuid() == 0) { if (setregid(pw->pw_gid, pw->pw_gid) != 0) { Log(LOG_LEVEL_ERROR, "Failed to switch to the group '%s'.", pw->pw_name); return EXIT_FAILURE; } if (setreuid(pw->pw_uid, pw->pw_uid) != 0) { Log(LOG_LEVEL_ERROR, "Failed to switch to the user '%s'.", pw->pw_name); return EXIT_FAILURE; } } // TODO: Parse commands from the command line }