summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2019-01-06 18:11:02 +0000
committerLaurent Bercot <ska-skaware@skarnet.org>2019-01-06 18:11:02 +0000
commit48c4cf945317e6fd397a8ec4a918461fad96265f (patch)
tree2ffd82bdc529749fab9f9c054eec108c882d050d
parent62ca2e2698fbd0cc94b40bdc8d355a3a5d1ea239 (diff)
downloadutmps-e871cba246d790ccd5059ea4b57935db92d1926a.tar.xz
version: 0.0.2.0v0.0.2.0
utmps-wtmpd bugfix utmps-utmpd allows utmp group to write to utmp file
-rw-r--r--NEWS7
-rw-r--r--doc/index.html2
-rw-r--r--doc/overview.html3
-rw-r--r--doc/upgrade.html8
-rw-r--r--doc/utmps-utmpd.html2
-rw-r--r--package/info2
-rw-r--r--src/utmps/utmps-utmpd.c14
-rw-r--r--src/utmps/utmps-wtmpd.c2
8 files changed, 32 insertions, 8 deletions
diff --git a/NEWS b/NEWS
index e385f1d..4009e5d 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,12 @@
Changelog for utmps.
+In 0.0.2.0
+----------
+
+ - Bugfixes.
+ - Members of the utmp group can use pututxline().
+
+
In 0.0.1.3
----------
diff --git a/doc/index.html b/doc/index.html
index d0c0ab4..be076da 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -76,7 +76,7 @@ suitable replacement for
<h3> Download </h3>
<ul>
- <li> The current released version of utmps is <a href="utmps-0.0.1.3.tar.gz">0.0.1.3</a>. </li>
+ <li> The current released version of utmps is <a href="utmps-0.0.2.0.tar.gz">0.0.2.0</a>. </li>
<li> Alternatively, you can checkout a copy of the
<a href="//git.skarnet.org/cgi-bin/cgit.cgi/utmps/">utmps
git repository</a>:
diff --git a/doc/overview.html b/doc/overview.html
index 6860eea..d24028a 100644
--- a/doc/overview.html
+++ b/doc/overview.html
@@ -89,7 +89,8 @@ needs to be suid or sgid, and permissions can actually be quite fine-grained.
<ul>
<li> <a href="utmps-utmpd.html">utmps-utmpd</a> will allow any user to
-read from the utmp database, but will only allow root to write to it. </li>
+read from the utmp database, but will only allow root, or members of the
+same group utmps-utmpd runs as, to write to it. </li>
<li> <a href="utmps-wtmpd.html">utmps-wtmpd</a> will only allow a user
to add an entry to the wtmp database if the user is root, or if the
<tt>ut_user</tt> field of the added entry resolves to the user's effective
diff --git a/doc/upgrade.html b/doc/upgrade.html
index f6bd05f..ea33541 100644
--- a/doc/upgrade.html
+++ b/doc/upgrade.html
@@ -18,6 +18,14 @@
<h1> What has changed in utmps </h1>
+<h2> in 0.0.2.0 </h2>
+
+<ul>
+ <li> Members of the <em>utmp</em> group (if <em>utmp</em> is the name
+of the group the <a href="utmps-utmpd.html">utmps-utmpd</a> daemon runs as)
+can now use <tt>pututxline()</tt> to write to the utmp database. </li>
+</ul>
+
<h2> in 0.0.1.3 </h2>
<ul>
diff --git a/doc/utmps-utmpd.html b/doc/utmps-utmpd.html
index 78ca490..2bee9ad 100644
--- a/doc/utmps-utmpd.html
+++ b/doc/utmps-utmpd.html
@@ -56,7 +56,7 @@ for every client connection;
every instance reads the effective uid of the client in an environment
variable set by the superserver, which allows it to filter operations -
for instance, it allows any user to read from the database but it only
-allows root to write to it.
+allows root, and members of the group utmps-utmpd runs as, to write to it.
</p>
<p>
diff --git a/package/info b/package/info
index 3c772e7..e157d35 100644
--- a/package/info
+++ b/package/info
@@ -1,4 +1,4 @@
package=utmps
-version=0.0.1.3
+version=0.0.2.0
category=admin
package_macro_name=UTMPS
diff --git a/src/utmps/utmps-utmpd.c b/src/utmps/utmps-utmpd.c
index cde2ea0..06f3e9e 100644
--- a/src/utmps/utmps-utmpd.c
+++ b/src/utmps/utmps-utmpd.c
@@ -140,12 +140,16 @@ static void do_getline (void)
flush1() ;
}
-static void do_putline (uid_t uid)
+static void do_putline (uid_t uid, gid_t gid)
{
struct utmpx u ;
char buf[sizeof(struct utmpx)] ;
get0(buf, sizeof(struct utmpx)) ;
- if (uid) { answer(EPERM) ; return ; }
+ if (uid && gid != getegid())
+ {
+ answer(EPERM) ;
+ return ;
+ }
utmps_utmpx_unpack(buf, &u) ;
maybe_open() ;
for (;;)
@@ -186,11 +190,15 @@ static void do_rewind (void)
int main (void)
{
uid_t uid ;
+ gid_t gid ;
char const *x ;
PROG = "utmps-utmpd" ;
x = ucspi_get("REMOTEEUID") ;
if (!x) strerr_diefu1x(100, "get $IPCREMOTEEUID from environment") ;
if (!uid0_scan(x, &uid)) strerr_dieinvalid(100, "IPCREMOTEEUID") ;
+ x = ucspi_get("REMOTEEGID") ;
+ if (!x) strerr_diefu1x(100, "get $IPCREMOTEEGID from environment") ;
+ if (!gid0_scan(x, &gid)) strerr_dieinvalid(100, "IPCREMOTEEGID") ;
if (ndelay_on(0) < 0) strerr_diefu1sys(111, "set stdin non-blocking") ;
tain_now_g() ;
@@ -205,7 +213,7 @@ int main (void)
case 'e' : do_getent() ; break ;
case 'i' : do_getid() ; break ;
case 'l' : do_getline() ; break ;
- case 'E' : do_putline(uid) ; break ;
+ case 'E' : do_putline(uid, gid) ; break ;
case 'r' : do_rewind() ; break ;
default :
errno = EPROTO ;
diff --git a/src/utmps/utmps-wtmpd.c b/src/utmps/utmps-wtmpd.c
index c38168a..7aff741 100644
--- a/src/utmps/utmps-wtmpd.c
+++ b/src/utmps/utmps-wtmpd.c
@@ -89,7 +89,7 @@ int main (void)
answer(errno) ;
strerr_diefu1sys(111, "lseek on wtmp") ;
}
- w = allwrite(fd, buf + 1, sizeof(struct utmpx)) ;
+ w = allwrite(fd, buf, sizeof(struct utmpx)) ;
if (w < sizeof(struct utmpx))
{
int e = errno ;