X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;f=util-src%2Fpposix.c;h=94086ed64dc3ca24e77e7e8faec8a24dcecd7d96;hb=40f6eff7c498e233fead90192b54b7101e54f615;hp=9d10ec7ef0d16762290599209bb0862b7427e75f;hpb=df9561fe3ff0a87577aec81db51b3f57df785052;p=prosody.git diff --git a/util-src/pposix.c b/util-src/pposix.c index 9d10ec7e..94086ed6 100644 --- a/util-src/pposix.c +++ b/util-src/pposix.c @@ -1,39 +1,34 @@ -/* Prosody IM v0.1 --- Copyright (C) 2008 Matthew Wild --- Copyright (C) 2008 Waqas Hussain +/* Prosody IM v0.4 +-- Copyright (C) 2008-2009 Matthew Wild +-- Copyright (C) 2008-2009 Waqas Hussain +-- Copyright (C) 2009 Tobias Markmann -- --- This program is free software; you can redistribute it and/or --- modify it under the terms of the GNU General Public License --- as published by the Free Software Foundation; either version 2 --- of the License, or (at your option) any later version. --- --- This program is distributed in the hope that it will be useful, --- but WITHOUT ANY WARRANTY; without even the implied warranty of --- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --- GNU General Public License for more details. --- --- You should have received a copy of the GNU General Public License --- along with this program; if not, write to the Free Software --- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +-- This project is MIT/X11 licensed. Please see the +-- COPYING file in the source package for more information. +-- */ -/* pposix.c - POSIX support functions for Lua +/* +* pposix.c +* POSIX support functions for Lua */ -#define MODULE_VERSION "0.3.0" +#define MODULE_VERSION "0.3.1" #include #include #include +#include #include #include #include #include +#include +#include #include - +#include #include "lua.h" #include "lauxlib.h" @@ -78,10 +73,10 @@ static int lc_daemonize(lua_State *L) } /* Close stdin, stdout, stderr */ -/* close(0); + close(0); close(1); close(2); -*/ + /* Final fork, use it wisely */ if(fork()) exit(0); @@ -94,11 +89,16 @@ static int lc_daemonize(lua_State *L) /* Syslog support */ -char *facility_strings[] = { "auth", +const char * const facility_strings[] = { + "auth", +#if !(defined(sun) || defined(__sun)) "authpriv", +#endif "cron", "daemon", +#if !(defined(sun) || defined(__sun)) "ftp", +#endif "kern", "local0", "local1", @@ -117,10 +117,14 @@ char *facility_strings[] = { "auth", }; int facility_constants[] = { LOG_AUTH, +#if !(defined(sun) || defined(__sun)) LOG_AUTHPRIV, +#endif LOG_CRON, LOG_DAEMON, +#if !(defined(sun) || defined(__sun)) LOG_FTP, +#endif LOG_KERN, LOG_LOCAL0, LOG_LOCAL1, @@ -151,7 +155,7 @@ char* syslog_ident = NULL; int lc_syslog_open(lua_State* L) { - int facility = luaL_checkoption(L, 2, "daemon", &facility_strings); + int facility = luaL_checkoption(L, 2, "daemon", facility_strings); facility = facility_constants[facility]; luaL_checkstring(L, 1); @@ -165,7 +169,7 @@ int lc_syslog_open(lua_State* L) return 0; } -char *level_strings[] = { +const char * const level_strings[] = { "debug", "info", "notice", @@ -178,12 +182,12 @@ int level_constants[] = { LOG_INFO, LOG_NOTICE, LOG_WARNING, - LOG_EMERG, + LOG_CRIT, -1 }; int lc_syslog_log(lua_State* L) { - int level = luaL_checkoption(L, 1, "notice", &level_strings); + int level = luaL_checkoption(L, 1, "notice", level_strings); level = level_constants[level]; luaL_checkstring(L, 2); @@ -205,7 +209,7 @@ int lc_syslog_close(lua_State* L) int lc_syslog_setmask(lua_State* L) { - int level_idx = luaL_checkoption(L, 1, "notice", &level_strings); + int level_idx = luaL_checkoption(L, 1, "notice", level_strings); int mask = 0; do { @@ -224,12 +228,255 @@ int lc_getpid(lua_State* L) return 1; } +/* UID/GID functions */ + +int lc_getuid(lua_State* L) +{ + lua_pushinteger(L, getuid()); + return 1; +} + +int lc_getgid(lua_State* L) +{ + lua_pushinteger(L, getgid()); + return 1; +} + +int lc_setuid(lua_State* L) +{ + int uid = -1; + if(lua_gettop(L) < 1) + return 0; + if(!lua_isnumber(L, 1) && lua_tostring(L, 1)) + { + /* Passed UID is actually a string, so look up the UID */ + struct passwd *p; + p = getpwnam(lua_tostring(L, 1)); + if(!p) + { + lua_pushboolean(L, 0); + lua_pushstring(L, "no-such-user"); + return 2; + } + uid = p->pw_uid; + } + else + { + uid = lua_tonumber(L, 1); + } + + if(uid>-1) + { + /* Ok, attempt setuid */ + errno = 0; + if(setuid(uid)) + { + /* Fail */ + lua_pushboolean(L, 0); + switch(errno) + { + case EINVAL: + lua_pushstring(L, "invalid-uid"); + break; + case EPERM: + lua_pushstring(L, "permission-denied"); + break; + default: + lua_pushstring(L, "unknown-error"); + } + return 2; + } + else + { + /* Success! */ + lua_pushboolean(L, 1); + return 1; + } + } + + /* Seems we couldn't find a valid UID to switch to */ + lua_pushboolean(L, 0); + lua_pushstring(L, "invalid-uid"); + return 2; +} + +int lc_setgid(lua_State* L) +{ + int gid = -1; + if(lua_gettop(L) < 1) + return 0; + if(!lua_isnumber(L, 1) && lua_tostring(L, 1)) + { + /* Passed GID is actually a string, so look up the GID */ + struct group *g; + g = getgrnam(lua_tostring(L, 1)); + if(!g) + { + lua_pushboolean(L, 0); + lua_pushstring(L, "no-such-group"); + return 2; + } + gid = g->gr_gid; + } + else + { + gid = lua_tonumber(L, 1); + } + + if(gid>-1) + { + /* Ok, attempt setgid */ + errno = 0; + if(setgid(gid)) + { + /* Fail */ + lua_pushboolean(L, 0); + switch(errno) + { + case EINVAL: + lua_pushstring(L, "invalid-gid"); + break; + case EPERM: + lua_pushstring(L, "permission-denied"); + break; + default: + lua_pushstring(L, "unknown-error"); + } + return 2; + } + else + { + /* Success! */ + lua_pushboolean(L, 1); + return 1; + } + } + + /* Seems we couldn't find a valid GID to switch to */ + lua_pushboolean(L, 0); + lua_pushstring(L, "invalid-gid"); + return 2; +} + +/* Like POSIX's setrlimit()/getrlimit() API functions. + * + * Syntax: + * pposix.setrlimit( resource, soft limit, hard limit) + * + * Any negative limit will be replace with the current limit by an additional call of getrlimit(). + * + * Example usage: + * pposix.setrlimit("NOFILE", 1000, 2000) + */ +int string2resource(const char *s) { + if (!strcmp(s, "CORE")) return RLIMIT_CORE; + if (!strcmp(s, "CPU")) return RLIMIT_CPU; + if (!strcmp(s, "DATA")) return RLIMIT_DATA; + if (!strcmp(s, "FSIZE")) return RLIMIT_FSIZE; + if (!strcmp(s, "NOFILE")) return RLIMIT_NOFILE; + if (!strcmp(s, "STACK")) return RLIMIT_STACK; +#if !(defined(sun) || defined(__sun)) + if (!strcmp(s, "MEMLOCK")) return RLIMIT_MEMLOCK; + if (!strcmp(s, "NPROC")) return RLIMIT_NPROC; + if (!strcmp(s, "RSS")) return RLIMIT_RSS; +#endif + return -1; +} + +int lc_setrlimit(lua_State *L) { + int arguments = lua_gettop(L); + int softlimit = -1; + int hardlimit = -1; + const char *resource = NULL; + int rid = -1; + if(arguments < 1 || arguments > 3) { + lua_pushboolean(L, 0); + lua_pushstring(L, "incorrect-arguments"); + } + + resource = luaL_checkstring(L, 1); + softlimit = luaL_checkinteger(L, 2); + hardlimit = luaL_checkinteger(L, 3); + + rid = string2resource(resource); + if (rid != -1) { + struct rlimit lim; + struct rlimit lim_current; + + if (softlimit < 0 || hardlimit < 0) { + if (getrlimit(rid, &lim_current)) { + lua_pushboolean(L, 0); + lua_pushstring(L, "getrlimit-failed"); + return 2; + } + } + + if (softlimit < 0) lim.rlim_cur = lim_current.rlim_cur; + else lim.rlim_cur = softlimit; + if (hardlimit < 0) lim.rlim_max = lim_current.rlim_max; + else lim.rlim_max = hardlimit; + + if (setrlimit(rid, &lim)) { + lua_pushboolean(L, 0); + lua_pushstring(L, "setrlimit-failed"); + return 2; + } + } else { + /* Unsupported resoucrce. Sorry I'm pretty limited by POSIX standard. */ + lua_pushboolean(L, 0); + lua_pushstring(L, "invalid-resource"); + return 2; + } + lua_pushboolean(L, 1); + return 1; +} + +int lc_getrlimit(lua_State *L) { + int arguments = lua_gettop(L); + const char *resource = NULL; + int rid = -1; + struct rlimit lim; + + if (arguments != 1) { + lua_pushboolean(L, 0); + lua_pushstring(L, "invalid-arguments"); + return 2; + } + + resource = luaL_checkstring(L, 1); + rid = string2resource(resource); + if (rid != -1) { + if (getrlimit(rid, &lim)) { + lua_pushboolean(L, 0); + lua_pushstring(L, "getrlimit-failed."); + return 2; + } + } else { + /* Unsupported resoucrce. Sorry I'm pretty limited by POSIX standard. */ + lua_pushboolean(L, 0); + lua_pushstring(L, "invalid-resource"); + return 2; + } + lua_pushboolean(L, 1); + lua_pushnumber(L, lim.rlim_cur); + lua_pushnumber(L, lim.rlim_max); + return 3; +} + +void lc_abort(lua_State* L) +{ + abort(); +} + /* Register functions */ int luaopen_util_pposix(lua_State *L) { lua_newtable(L); + lua_pushcfunction(L, lc_abort); + lua_setfield(L, -2, "abort"); + lua_pushcfunction(L, lc_daemonize); lua_setfield(L, -2, "daemonize"); @@ -248,6 +495,22 @@ int luaopen_util_pposix(lua_State *L) lua_pushcfunction(L, lc_getpid); lua_setfield(L, -2, "getpid"); + lua_pushcfunction(L, lc_getuid); + lua_setfield(L, -2, "getuid"); + lua_pushcfunction(L, lc_getgid); + lua_setfield(L, -2, "getgid"); + + lua_pushcfunction(L, lc_setuid); + lua_setfield(L, -2, "setuid"); + lua_pushcfunction(L, lc_setgid); + lua_setfield(L, -2, "setgid"); + + lua_pushcfunction(L, lc_setrlimit); + lua_setfield(L, -2, "setrlimit"); + + lua_pushcfunction(L, lc_getrlimit); + lua_setfield(L, -2, "getrlimit"); + lua_pushliteral(L, "pposix"); lua_setfield(L, -2, "_NAME");