Fix handling of user and group in default config and errors

This commit is contained in:
Tobias Reisinger 2024-03-04 16:28:20 +01:00
parent 79327d2efa
commit 6d31e1e2c9
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
3 changed files with 22 additions and 14 deletions

View file

@ -8,8 +8,8 @@ server {
database = "sqlite://emgauwa-controller.sqlite" database = "sqlite://emgauwa-controller.sqlite"
permissions { permissions {
user = "emgauwa" user = read("env:USER")
group = "emgauwa" group = read("env:USER")
} }
logging { logging {

View file

@ -8,8 +8,8 @@ server {
database = "sqlite://emgauwa-core.sqlite" database = "sqlite://emgauwa-core.sqlite"
permissions { permissions {
user = "emgauwa" user = read("env:USER")
group = "emgauwa" group = read("env:USER")
} }
logging { logging {

View file

@ -48,17 +48,21 @@ fn drop_privileges_group(group: &str) -> Result<(), Error> {
if let Ok(cstr) = CString::new(group.as_bytes()) { if let Ok(cstr) = CString::new(group.as_bytes()) {
let p = unsafe { libc::getgrnam(cstr.as_ptr()) }; let p = unsafe { libc::getgrnam(cstr.as_ptr()) };
if p.is_null() { if p.is_null() {
log::error!("Unable to getgrnam of group: {}", group); return Err(Error::new(
return Err(Error::last_os_error()); ErrorKind::Other,
format!("Unable to find group: {}", group),
));
} }
if unsafe { libc::setgid((*p).gr_gid) } != 0 { if unsafe { libc::setgid((*p).gr_gid) } != 0 {
log::error!("Unable to setgid of group: {}", group); return Err(Error::new(
return Err(Error::last_os_error()); ErrorKind::Other,
format!("Unable set gid for group: {}", group),
));
} }
} else { } else {
return Err(Error::new( return Err(Error::new(
ErrorKind::Other, ErrorKind::Other,
"Cannot create CString from String (group)!", format!("Cannot create CString from groupname: {}", group),
)); ));
} }
Ok(()) Ok(())
@ -69,17 +73,21 @@ fn drop_privileges_user(user: &str) -> Result<(), Error> {
if let Ok(cstr) = CString::new(user.as_bytes()) { if let Ok(cstr) = CString::new(user.as_bytes()) {
let p = unsafe { libc::getpwnam(cstr.as_ptr()) }; let p = unsafe { libc::getpwnam(cstr.as_ptr()) };
if p.is_null() { if p.is_null() {
log::error!("Unable to getpwnam of user: {}", user); return Err(Error::new(
return Err(Error::last_os_error()); ErrorKind::Other,
format!("Unable to find user: {}", user),
));
} }
if unsafe { libc::setuid((*p).pw_uid) } != 0 { if unsafe { libc::setuid((*p).pw_uid) } != 0 {
log::error!("Unable to setuid of user: {}", user); return Err(Error::new(
return Err(Error::last_os_error()); ErrorKind::Other,
format!("Unable set uid for user: {}", user),
));
} }
} else { } else {
return Err(Error::new( return Err(Error::new(
ErrorKind::Other, ErrorKind::Other,
"Cannot create CString from String (user)!", format!("Cannot create CString from username: {}", user),
)); ));
} }
Ok(()) Ok(())