diff options
| author | Andrey V.Kosteltsev <AKosteltsev@IBS.RU> | 2022-09-24 21:18:00 +0300 |
|---|---|---|
| committer | Andrey V.Kosteltsev <AKosteltsev@IBS.RU> | 2022-09-24 21:18:00 +0300 |
| commit | 4d4bd1f1c468a0c580ec2c2bff0dbd9b00fd106d (patch) | |
| tree | 32aabdbd72ded46c44bbfd20db54f67e501f71c1 | |
| parent | ba5b49fecccc020d243ac64c6c99d54aa7044a66 (diff) | |
| download | sila-shell-4d4bd1f1c468a0c580ec2c2bff0dbd9b00fd106d.tar.xz | |
UI create only users which can be added into admin, operator,user groups
| -rw-r--r-- | src/commands.c | 3 | ||||
| -rw-r--r-- | src/main.c | 104 |
2 files changed, 79 insertions, 28 deletions
diff --git a/src/commands.c b/src/commands.c index 18d94aa..db26130 100644 --- a/src/commands.c +++ b/src/commands.c @@ -211,6 +211,7 @@ int com_ping( char *arg ) int com_useradd( char *arg ) { + /* temporary STUB. Should use busctl or REST */ if( !valid_argument( "useradd", arg ) ) return( 1 ); @@ -220,6 +221,7 @@ int com_useradd( char *arg ) int com_userdel( char *arg ) { + /* temporary STUB. Should use busctl or REST */ if( !valid_argument( "userdel", arg ) ) return( 1 ); @@ -229,6 +231,7 @@ int com_userdel( char *arg ) int com_userlist( char *arg ) { + /* temporary STUB. Should use busctl or REST */ if( !arg ) arg = ""; sprintf (syscom, "cat /etc/passwd | cut -f1 -d':' %s", arg); @@ -9,6 +9,7 @@ #include <unistd.h> #include <signal.h> #include <grp.h> +#include <pwd.h> #include <readline/readline.h> #include <readline/history.h> @@ -24,6 +25,7 @@ char pwd[PATH_MAX], home[PATH_MAX]; static sigset_t blockmask; +int can_quit = 0; COMMAND top_admin_list[] = { { "help", com_help, "Display this text" }, @@ -39,7 +41,6 @@ COMMAND top_operator_list[] = { { "?", com_help, "Synonym for `help'" }, { "shell", com_shell, "Activate submenu shell" }, { "users", com_users, "Activate submenu users" }, - { "quit", com_quit, "Quit using SILA Shell" }, { (char *)NULL, (rl_icpfunc_t *)NULL, (char *)NULL } }; @@ -47,7 +48,6 @@ COMMAND top_user_list[] = { { "help", com_help, "Display this text" }, { "?", com_help, "Synonym for `help'" }, { "shell", com_shell, "Activate submenu shell" }, - { "quit", com_quit, "Quit using SILA Shell" }, { (char *)NULL, (rl_icpfunc_t *)NULL, (char *)NULL } }; @@ -88,7 +88,6 @@ COMMAND shell_operator_list[] = { { "more", com_more, "View the contents of FILE" }, { "vi", com_vi, "Edit the contents of text FILE" }, { "..", com_top, "Return to top menu" }, - { "quit", com_quit, "Quit using SILA Shell" }, { (char *)NULL, (rl_icpfunc_t *)NULL, (char *)NULL } }; @@ -107,7 +106,6 @@ COMMAND shell_user_list[] = { { "more", com_more, "View the contents of FILE" }, { "vi", com_vi, "Edit the contents of text FILE" }, { "..", com_top, "Return to top menu" }, - { "quit", com_quit, "Quit using SILA Shell" }, { (char *)NULL, (rl_icpfunc_t *)NULL, (char *)NULL } }; @@ -130,7 +128,6 @@ COMMAND users_operator_list[] = { { "useradd", com_useradd, "Register new user" }, { "userdel", com_userdel, "Delete user" }, { "..", com_top, "Return to top menu" }, - { "quit", com_quit, "Quit using SILA Shell" }, { (char *)NULL, (rl_icpfunc_t *)NULL, (char *)NULL } }; @@ -139,7 +136,6 @@ COMMAND users_user_list[] = { { "?", com_help, "Synonym for `help'" }, { "list", com_userlist, "List users" }, { "..", com_top, "Return to top menu" }, - { "quit", com_quit, "Quit using SILA Shell" }, { (char *)NULL, (rl_icpfunc_t *)NULL, (char *)NULL } }; @@ -149,43 +145,93 @@ COMMAND_LIST users; COMMAND_LIST *current; +enum priv { + ADMIN, + OPERATOR, + USER +}; + +enum priv user_privileges() +{ + enum priv ret = USER; + gid_t *groups = NULL; + int ng = 0; + uid_t uid = getuid(); + struct passwd *pw = getpwuid( uid ); + + if( !pw ) return ret; + + (void)getgrouplist( pw->pw_name, pw->pw_gid, NULL, &ng ); + /* allocate groups[] */ + if( ng == 0 ) + { + fprintf( stderr, "Cannot get user groups list\n" ); + exit( 1 ); + } + groups = (gid_t *)malloc( sizeof(gid_t)* ng ); + if( !groups ) + { + fprintf( stderr, "Cannot allocate memory\n" ); + exit( 1 ); + } + if( getgrouplist( pw->pw_name, pw->pw_gid, groups, &ng ) == -1 ) + { + free( groups ); + fprintf( stderr, "getgrouplist() returned -1; ngroups = %d\n", ng ); + exit( 1 ); + } + + for( int i = 0; i < ng; i++ ) + { + struct group *gr = getgrgid(groups[i]); + + if( gr ) + { + if( !strncmp( gr->gr_name, "priv-operator", 10 ) ) + ret = OPERATOR; + } + } + + for( int i = 0; i < ng; i++ ) + { + struct group *gr = getgrgid(groups[i]); + + if( gr ) + { + if( !strncmp( gr->gr_name, "priv-admin", 10 ) ) + ret = ADMIN; + } + } + + free( groups ); + + return ret; +} + void cmd_lists_init( gid_t gid ) { - gid_t admin_gid = 0, operator_gid = 0, user_gid = 0; - struct group *grp = NULL; - - grp = getgrnam( "priv-admin" ); - if( grp != NULL ) - admin_gid = grp->gr_gid; - grp = getgrnam( "priv-operator" ); - if( grp != NULL ) - operator_gid = grp->gr_gid; - grp = getgrnam( "priv-user" ); - if( grp != NULL ) - user_gid = grp->gr_gid; + enum priv privileges = USER; + + privileges = user_privileges(); top.name = "top"; shell.name = "shell"; users.name = "users"; - if( admin_gid != 0 && (gid == admin_gid || gid == 0) ) + if( privileges == ADMIN || gid == 0 ) { + can_quit = 1; + top.list = &top_admin_list[0]; shell.list = &shell_admin_list[0]; users.list = &users_admin_list[0]; } - else if( operator_gid != 0 && gid == operator_gid ) + else if( privileges == OPERATOR ) { top.list = &top_operator_list[0]; shell.list = &shell_operator_list[0]; users.list = &users_operator_list[0]; } - else if( user_gid != 0 && gid == user_gid ) - { - top.list = &top_user_list[0]; - shell.list = &shell_user_list[0]; - users.list = &users_user_list[0]; - } else { top.list = &top_user_list[0]; @@ -345,8 +391,10 @@ int main( int argc, char **argv ) if( !line ) { - //continue; /* for non-priviledged users */ - break; /* for admin */ + if( !can_quit ) + continue; /* for non-priviledged users */ + else + break; /* for admin */ } /* |