From 92a546cc45fd41ffe42547882e9a0bfabba951c6 Mon Sep 17 00:00:00 2001
From: Sebastian Harl <sh@tokkee.org>
Date: Tue, 28 Aug 2007 18:54:53 +0200
Subject: [PATCH] [PATCH 1/2] exec plugin: Added support to specify a group as
 well.

Now, the user and group as which the process should be executed can be
specified as the first argument to the "Exec" config option. The syntax is
identical to the one used by GNU's chown(1).

Signed-off-by: Sebastian Harl <sh@tokkee.org>
Signed-off-by: Florian Forster <octo@leeloo.lan.home.verplant.org>
---
 src/exec.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 46 insertions(+), 2 deletions(-)

diff --git a/src/exec.c b/src/exec.c
index 058e7c4d..21ac7c73 100644
--- a/src/exec.c
+++ b/src/exec.c
@@ -26,6 +26,7 @@
 
 #include <sys/types.h>
 #include <pwd.h>
+#include <grp.h>
 #include <signal.h>
 
 #include <pthread.h>
@@ -38,6 +39,7 @@ typedef struct program_list_s program_list_t;
 struct program_list_s
 {
   char           *user;
+  char           *group;
   char           *exec;
   int             pid;
   program_list_t *next;
@@ -96,6 +98,12 @@ static int exec_config (const char *key, const char *value)
 
     pl->next = pl_head;
     pl_head = pl;
+
+    pl->group = strchr (pl->user, ':');
+    if (NULL != pl->group) {
+      *pl->group = '\0';
+      pl->group++;
+    }
   }
   else
   {
@@ -109,15 +117,16 @@ static void exec_child (program_list_t *pl)
 {
   int status;
   int uid;
+  int gid;
   char *arg0;
 
   struct passwd *sp_ptr;
   struct passwd sp;
-  char pwnambuf[2048];
+  char nambuf[2048];
   char errbuf[1024];
 
   sp_ptr = NULL;
-  status = getpwnam_r (pl->user, &sp, pwnambuf, sizeof (pwnambuf), &sp_ptr);
+  status = getpwnam_r (pl->user, &sp, nambuf, sizeof (nambuf), &sp_ptr);
   if (status != 0)
   {
     ERROR ("exec plugin: getpwnam_r failed: %s",
@@ -145,6 +154,41 @@ static void exec_child (program_list_t *pl)
     exit (-1);
   }
 
+  if (NULL != pl->group)
+  {
+    if ('\0' != *pl->group) {
+      struct group *gr_ptr = NULL;
+      struct group gr;
+
+      status = getgrnam_r (pl->group, &gr, nambuf, sizeof (nambuf), &gr_ptr);
+      if (0 != status)
+      {
+	ERROR ("exec plugin: getgrnam_r failed: %s",
+	    sstrerror (errno, errbuf, sizeof (errbuf)));
+	exit (-1);
+      }
+      if (NULL == gr_ptr)
+      {
+	ERROR ("exec plugin: No such group: `%s'", pl->group);
+	exit (-1);
+      }
+
+      gid = gr.gr_gid;
+    }
+    else
+    {
+      gid = sp.pw_gid;
+    }
+
+    status = setgid (gid);
+    if (0 != status)
+    {
+      ERROR ("exec plugin: setgid failed: %s",
+	  sstrerror (errno, errbuf, sizeof (errbuf)));
+      exit (-1);
+    }
+  }
+
   arg0 = strrchr (pl->exec, '/');
   if (arg0 != NULL)
     arg0++;
-- 
2.11.0