2211 get_projid(const char *str, struct method_context *cip)
2219 		if (cip->uid == 0) {
2221 			cip->project = NULL;
2225 		switch (ret = lookup_pwd(cip)) {
2246 			pp = getdefaultproj(cip->pwd.pw_name, &proj, buf,
2256 			cip->project = strdup(str);
2257 			return (cip->project != NULL ? 0 : ENOMEM);
2286 		cip->project = strdup(pp->pj_name);
2288 		return (cip->project != NULL ? 0 : ENOMEM);
2805 	struct method_context *cip;
2824 	cip = malloc(sizeof (*cip));
2825 	if (cip == NULL)
2828 	(void) memset(cip, 0, sizeof (*cip));
2829 	cip->uid = (uid_t)-1;
2830 	cip->euid = (uid_t)-1;
2831 	cip->gid = (gid_t)-1;
2832 	cip->egid = (gid_t)-1;
2834 	cip->vbuf_sz = scf_limit(SCF_LIMIT_MAX_VALUE_LENGTH);
2835 	assert(cip->vbuf_sz >= 0);
2836 	cip->vbuf = malloc(cip->vbuf_sz);
2837 	if (cip->vbuf == NULL) {
2838 		free(cip);
2880 	ret = get_environment(h, methpg, cip, prop, val);
2882 		ret = get_environment(h, instpg, cip, prop, val);
2916 			cip->uid = 0;
2917 			cip->gid = 0;
3005 			    cip, err);
3007 			err = get_ids(pg, instpg, prop, val, cip, err);
3045 		ret = scf_value_get_astring(val, cip->vbuf, cip->vbuf_sz);
3052 			(void) strcpy(cip->vbuf, ":default");
3072 	if (strcmp(cip->vbuf, ":default") == 0 ||
3073 	    strcmp(cip->vbuf, ":home") == 0) {
3074 		switch (ret = lookup_pwd(cip)) {
3094 		cip->working_dir = strdup(cip->pwd.pw_dir);
3095 		if (cip->working_dir == NULL) {
3100 		cip->working_dir = strdup(cip->vbuf);
3101 		if (cip->working_dir == NULL) {
3135 			(void) strlcpy(cip->vbuf, ":default", cip->vbuf_sz);
3137 			ret = scf_value_get_astring(val, cip->vbuf,
3138 			    cip->vbuf_sz);
3147 			(void) strlcpy(cip->vbuf, ":default", cip->vbuf_sz);
3168 	if (scf_default_secflags(h, &cip->def_secflags) != 0) {
3174 	if (strcmp(cip->vbuf, ":default") != 0) {
3175 		if (secflags_parse(NULL, cip->vbuf,
3176 		    &cip->secflag_delta) != 0) {
3178 			    "security flags: %s", cip->vbuf);
3213 			ret = scf_value_get_astring(val, cip->vbuf,
3214 			    cip->vbuf_sz);
3217 			cip->corefile_pattern = strdup(cip->vbuf);
3218 			if (cip->corefile_pattern == NULL) {
3279 				(void) strcpy(cip->vbuf, ":default");
3281 				ret = scf_value_get_astring(val, cip->vbuf,
3282 				    cip->vbuf_sz);
3288 			(void) strcpy(cip->vbuf, ":default");
3291 		switch (ret = get_projid(cip->vbuf, cip)) {
3302 			    cip->vbuf);
3323 			    "Project ID \"%s\" too big.", cip->vbuf);
3328 			    "Project ID \"%s\" is invalid.", cip->vbuf);
3366 				(void) strcpy(cip->vbuf, ":default");
3368 				ret = scf_value_get_astring(val, cip->vbuf,
3369 				    cip->vbuf_sz);
3379 				(void) strcpy(cip->vbuf, ":default");
3399 		if (strcmp(cip->vbuf, ":default") != 0) {
3400 			cip->resource_pool = strdup(cip->vbuf);
3401 			if (cip->resource_pool == NULL) {
3414 		free(cip->pwbuf);
3415 		free(cip->vbuf);
3416 		free(cip->working_dir);
3418 		(void) memset(cip, 0, sizeof (*cip));
3419 		cip->uid = 0;
3420 		cip->gid = 0;
3421 		cip->euid = (uid_t)-1;
3422 		cip->egid = (gid_t)-1;
3424 		if (scf_default_secflags(h, &cip->def_secflags) != 0) {
3431 	*mcpp = cip;
3439 	if (cip->pwbuf != NULL) {
3440 		free(cip->pwbuf);
3441 		cip->pwbuf = NULL;
3444 	free(cip->vbuf);
3447 		restarter_free_method_context(cip);
3459  * environment variables in cip->env.
3497 restarter_set_method_context(struct method_context *cip, const char **fp)
3502 	cip->pwbuf = NULL;
3505 	if (cip->gid != (gid_t)-1) {
3506 		if (setregid(cip->gid,
3507 		    cip->egid != (gid_t)-1 ? cip->egid : cip->gid) != 0) {
3515 		if (cip->pwbuf == NULL) {
3516 			switch (ret = lookup_pwd(cip)) {
3536 		if (setregid(cip->pwd.pw_gid,
3537 		    cip->egid != (gid_t)-1 ?
3538 		    cip->egid : cip->pwd.pw_gid) != 0) {
3547 	if (cip->ngroups == -1) {
3548 		if (cip->pwbuf == NULL) {
3549 			switch (ret = lookup_pwd(cip)) {
3569 		/* Ok if cip->gid == -1 */
3570 		if (initgroups(cip->pwd.pw_name, cip->gid) != 0) {
3576 	} else if (cip->ngroups > 0 &&
3577 	    setgroups(cip->ngroups, cip->groups) != 0) {
3585 	if (cip->corefile_pattern != NULL) {
3588 		if (core_set_process_path(cip->corefile_pattern,
3589 		    strlen(cip->corefile_pattern) + 1, mypid) != 0) {
3598 	    &cip->def_secflags.ss_default) != 0) {
3605 	    &cip->def_secflags.ss_lower) != 0) {
3612 	    &cip->def_secflags.ss_upper) != 0) {
3619 	    &cip->secflag_delta) != 0) {
3626 		if (cip->project == NULL) {
3641 			switch (ret = lookup_pwd(cip)) {
3662 			switch (setproject(cip->project, cip->pwd.pw_name,
3678 		if (cip->resource_pool != NULL) {
3684 			if (pool_set_binding(cip->resource_pool, P_PID,
3722 	if (cip->lpriv_set != NULL) {
3723 		if (setppriv(PRIV_SET, PRIV_LIMIT, cip->lpriv_set) != 0) {
3729 	if (cip->priv_set != NULL) {
3730 		if (setppriv(PRIV_SET, PRIV_INHERITABLE, cip->priv_set) != 0) {
3743 	if (cip->lpriv_set == NULL && cip->priv_set != NULL) {
3749 	if (setreuid(cip->uid,
3750 	    cip->euid != (uid_t)-1 ? cip->euid : cip->uid) != 0) {
3757 	if (cip->priv_set != NULL) {
3758 		if (setppriv(PRIV_SET, PRIV_PERMITTED, cip->priv_set) != 0) {
3770 	if (cip->working_dir != NULL) {
3772 			r = chdir(cip->working_dir);
3783 	free(cip->pwbuf);
3784 	cip->pwbuf = NULL;

Indexes created Tue Jul 24 14:28:13 CEST 2018