gitsrht-dispatch: add support for supplementary groups
This commit is contained in:
parent
5a74fbcf42
commit
389cc64d5d
|
@ -17,6 +17,7 @@ type Dispatcher struct {
|
|||
cmd string
|
||||
uid int
|
||||
gid int
|
||||
gids []int
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
@ -70,11 +71,20 @@ AuthorizedKeysUser=root`, os.Args[0])
|
|||
if err != nil {
|
||||
logger.Fatalf("Error looking up group %s: %v", spec[1], err)
|
||||
}
|
||||
groups, err := user.GroupIds()
|
||||
if err != nil {
|
||||
logger.Fatalf("Error looking up supplementary groups of user %s: %v", spec[0], err)
|
||||
}
|
||||
gids := make([]int, len(groups))
|
||||
for i, grp := range groups {
|
||||
sgid, _ := strconv.Atoi(grp)
|
||||
gids[i] = sgid
|
||||
}
|
||||
uid, _ := strconv.Atoi(user.Uid)
|
||||
gid, _ := strconv.Atoi(group.Gid)
|
||||
dispatchers[uid] = Dispatcher{cmd, uid, gid}
|
||||
logger.Printf("Registered dispatcher for %s(%d):%s(%d): %s",
|
||||
spec[0], uid, spec[1], gid, cmd)
|
||||
dispatchers[uid] = Dispatcher{cmd, uid, gid, gids}
|
||||
logger.Printf("Registered dispatcher for %s(%d):%s(%d):(%s): %s",
|
||||
spec[0], uid, spec[1], gid, strings.Join(groups, ","), cmd)
|
||||
}
|
||||
|
||||
var user *osuser.User
|
||||
|
@ -93,6 +103,7 @@ AuthorizedKeysUser=root`, os.Args[0])
|
|||
|
||||
if dispatcher, ok := dispatchers[uid]; ok {
|
||||
logger.Printf("Dispatching to %s", dispatcher.cmd)
|
||||
syscall.Setgroups(dispatcher.gids)
|
||||
syscall.Setgid(dispatcher.gid)
|
||||
syscall.Setuid(dispatcher.uid)
|
||||
if err := syscall.Exec(dispatcher.cmd, append([]string{
|
||||
|
|
Loading…
Reference in New Issue