libexplain: libexplain/buffer/errno/setuid.c Source File

Go to the documentation of this file.
00001 /*
00002  * libexplain - Explain errno values returned by libc functions
00003  * Copyright (C) 2012, 2013 Peter Miller
00004  *
00005  * This program is free software; you can redistribute it and/or modify it
00006  * under the terms of the GNU Lesser General Public License as published by
00007  * the Free Software Foundation; either version 3 of the License, or (at
00008  * your option) any later version.
00009  *
00010  * This program is distributed in the hope that it will be useful, but
00011  * WITHOUT ANY WARRANTY; without even the implied warranty of
00012  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser
00013  * General Public License for more details.
00014  *
00015  * You should have received a copy of the GNU Lesser General Public License
00016  * along with this program. If not, see <http://www.gnu.org/licenses/>.
00017  */
00018 
00019 #include <libexplain/ac/errno.h>
00020 #include <libexplain/ac/unistd.h>
00021 
00022 #include <libexplain/buffer/dac.h>
00023 #include <libexplain/buffer/eagain.h>
00024 #include <libexplain/buffer/eperm.h>
00025 #include <libexplain/buffer/errno/generic.h>
00026 #include <libexplain/buffer/errno/setuid.h>
00027 #include <libexplain/buffer/rlimit.h>
00028 #include <libexplain/buffer/uid.h>
00029 #include <libexplain/explanation.h>
00030 #include <libexplain/option.h>
00031 
00032 
00033 static void
00034 explain_buffer_errno_setuid_system_call(explain_string_buffer_t *sb, int errnum,
00035     uid_t uid)
00036 {
00037     (void)errnum;
00038     explain_string_buffer_puts(sb, "setuid(uid = ");
00039     explain_buffer_uid(sb, uid);
00040     explain_string_buffer_putc(sb, ')');
00041 }
00042 
00043 
00044 void
00045 explain_buffer_errno_setuid_explanation(explain_string_buffer_t *sb, int errnum,
00046     const char *syscall_name, uid_t uid)
00047 {
00048     /*
00049      * http://www.opengroup.org/onlinepubs/009695399/functions/setuid.html
00050      */
00051     switch (errnum)
00052     {
00053     case EAGAIN:
00054 #if defined(EWOULDBLOCK) && EAGAIN != EWOULDBLOCK
00055     case EWOULDBLOCK:
00056 #endif
00057         if (uid != getuid())
00058         {
00059             explain_buffer_eagain_setuid(sb, "uid");
00060             break;
00061         }
00062         explain_buffer_eagain(sb, syscall_name);
00063         break;
00064 
00065     case EPERM:
00066         /*
00067          * uid does not match the real user ID or saved user ID of the
00068          * calling process, and the user is not privileged (Linux: does
00069          * not have the CAP_SETUID capability).
00070          */
00071         {
00072             uid_t ruid;
00073             uid_t euid;
00074             uid_t suid;
00075 #ifdef HAVE_GETRESUID
00076             if (getresuid(&ruid, &euid, &suid) < 0)
00077             {
00078                 /* unlikely, only possible error is EFAULT */
00079                 ruid = getuid();
00080                 euid = ruid;
00081                 suid = ruid;
00082             }
00083 #elif defined(GETREUID)
00084             if (getreuid(&ruid, &euid) < 0)
00085             {
00086                 /* unlikely, only possible error is EFAULT */
00087                 ruid = getuid();
00088                 euid = ruid;
00089             }
00090             suid = ruid;
00091 #else
00092             ruid = getuid();
00093             euid = ruid;
00094             suid = ruid;
00095 #endif
00096             if (uid != ruid && uid != suid)
00097             {
00098                 char ruid_str[100];
00099                 explain_string_buffer_t ruid_sb;
00100                 char suid_str[100];
00101                 explain_string_buffer_t suid_sb;
00102 
00103                 explain_string_buffer_init(&ruid_sb, ruid_str,
00104                     sizeof(ruid_str));
00105                 explain_buffer_uid(&ruid_sb, ruid);
00106                 explain_string_buffer_init(&suid_sb, suid_str,
00107                     sizeof(suid_str));
00108                 explain_buffer_uid(&suid_sb, suid);
00109 
00110                 explain_string_buffer_printf_gettext
00111                 (
00112                     sb,
00113                     i18n
00114                     (
00115                         /*
00116                          * xgettext: This error message is used to explain an
00117                          * EPERM error reported by the setuid system call, in
00118                          * the case where uid does not match the real ser ID or
00119                          * saved user ID of the calling process, and the user is
00120                          * not privileged (Linux: does not have the CAP_SETUID
00121                          * capability)
00122                          */
00123                         "uid does not match the real user ID (%1$s) or "
00124                         "the saved user ID (%2$s) of the calling process"
00125                     ),
00126                     ruid_str,
00127                     suid_str
00128                 );
00129                 explain_buffer_dac_setuid(sb);
00130                 break;
00131             }
00132         }
00133         /* Fall through... */
00134 
00135     default:
00136         explain_buffer_errno_generic(sb, errnum, syscall_name);
00137         break;
00138     }
00139 }
00140 
00141 
00142 void
00143 explain_buffer_errno_setuid(explain_string_buffer_t *sb, int errnum, uid_t uid)
00144 {
00145     explain_explanation_t exp;
00146 
00147     explain_explanation_init(&exp, errnum);
00148     explain_buffer_errno_setuid_system_call(&exp.system_call_sb, errnum, uid);
00149     explain_buffer_errno_setuid_explanation(&exp.explanation_sb, errnum,
00150         "setuid", uid);
00151     explain_explanation_assemble(&exp, sb);
00152 }
00153 
00154 
00155 /* vim: set ts=8 sw=4 et : */