Print this page
2989 Eliminate use of LOGNAME_MAX in ON
1166 useradd have warning with name more 8 chars


   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License, Version 1.0 only
   6  * (the "License").  You may not use this file except in compliance
   7  * with the License.
   8  *
   9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10  * or http://www.opensolaris.org/os/licensing.
  11  * See the License for the specific language governing permissions
  12  * and limitations under the License.
  13  *
  14  * When distributing Covered Code, include this CDDL HEADER in each
  15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16  * If applicable, add the following below this CDDL HEADER, with the
  17  * fields enclosed by brackets "[]" replaced with your own identifying
  18  * information: Portions Copyright [yyyy] [name of copyright owner]
  19  *
  20  * CDDL HEADER END
  21  */
  22 /*


  23  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
  24  * Use is subject to license terms.
  25  */
  26 
  27 #pragma ident   "%Z%%M% %I%     %E% SMI"
  28 
  29 #include <sys/types.h>
  30 #include <sys/task.h>
  31 
  32 #include <alloca.h>
  33 #include <libproc.h>
  34 #include <libintl.h>
  35 #include <libgen.h>
  36 #include <limits.h>
  37 #include <project.h>
  38 #include <pwd.h>
  39 #include <secdb.h>
  40 #include <stdio.h>
  41 #include <stdlib.h>
  42 #include <string.h>
  43 #include <sys/varargs.h>
  44 #include <unistd.h>
  45 #include <errno.h>
  46 #include <signal.h>
  47 #include <priv_utils.h>
  48 


 637 
 638         /*
 639          * GLOBAL_ERR_SZ is pretty big. If the error is longer
 640          * than that, just truncate it, rather than chance missing
 641          * the error altogether.
 642          */
 643         (void) vsnprintf(global_error, GLOBAL_ERR_SZ-1, format, alist);
 644 
 645         va_end(alist);
 646 
 647 }
 648 
 649 /*
 650  * Given the input arguments, return the passwd structure that matches best.
 651  * Also, since we use getpwnam() and friends, subsequent calls to this
 652  * function will re-use the memory previously returned.
 653  */
 654 static struct passwd *
 655 match_user(uid_t uid, char *projname, int is_my_uid)
 656 {
 657         char prbuf[PROJECT_BUFSZ], username[LOGNAME_MAX+1];
 658         struct project prj;
 659         char *tmp_name;
 660         struct passwd *pw = NULL;
 661 
 662         /*
 663          * In order to allow users with the same UID but distinguishable
 664          * user names to be in different projects we play a guessing
 665          * game of which username is most appropriate. If we're checking
 666          * for the uid of the calling process, the login name is a
 667          * good starting point.
 668          */
 669         if (is_my_uid) {
 670                 if ((tmp_name = getlogin()) == NULL ||
 671                     (pw = getpwnam(tmp_name)) == NULL || (pw->pw_uid != uid) ||
 672                     (pw->pw_name == NULL))
 673                         pw = NULL;
 674         }
 675 
 676         /*
 677          * If the login name doesn't work,  we try the first match for


 679          */
 680         if (pw == NULL) {
 681                 if (((pw = getpwuid(uid)) == NULL) || pw->pw_name == NULL) {
 682                         preserve_error(gettext("cannot find username "
 683                             "for uid %d"), uid);
 684                         return (NULL);
 685                 }
 686         }
 687 
 688         /*
 689          * If projname wasn't supplied, we've done our best, so just return
 690          * what we've got now. Alternatively, if newtask's invoker has
 691          * superuser privileges, return the pw structure we've got now, with
 692          * no further checking from inproj(). Superuser should be able to
 693          * join any project, and the subsequent call to setproject() will
 694          * allow this.
 695          */
 696         if (projname == NULL || getuid() == (uid_t)0)
 697                 return (pw);
 698 
 699         (void) strcpy(username, pw->pw_name);

 700 
 701         if (inproj(username, projname, prbuf, PROJECT_BUFSZ) == 0) {
 702                 char **u;
 703                 tmp_name = NULL;
 704 
 705                 /*
 706                  * If the previous guesses didn't work, walk through all
 707                  * project members and test for UID-equivalence.
 708                  */
 709 
 710                 if (getprojbyname(projname, &prj, prbuf,
 711                     PROJECT_BUFSZ) == NULL) {
 712                         preserve_error(gettext("unknown project \"%s\""),
 713                             projname);
 714                         return (NULL);
 715                 }
 716 
 717                 for (u = prj.pj_users; *u; u++) {
 718                         if ((pw = getpwnam(*u)) == NULL)
 719                                 continue;




   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License, Version 1.0 only
   6  * (the "License").  You may not use this file except in compliance
   7  * with the License.
   8  *
   9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10  * or http://www.opensolaris.org/os/licensing.
  11  * See the License for the specific language governing permissions
  12  * and limitations under the License.
  13  *
  14  * When distributing Covered Code, include this CDDL HEADER in each
  15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16  * If applicable, add the following below this CDDL HEADER, with the
  17  * fields enclosed by brackets "[]" replaced with your own identifying
  18  * information: Portions Copyright [yyyy] [name of copyright owner]
  19  *
  20  * CDDL HEADER END
  21  */
  22 /*
  23  * Copyright (c) 2013 Gary Mills
  24  *
  25  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
  26  * Use is subject to license terms.
  27  */
  28 


  29 #include <sys/types.h>
  30 #include <sys/task.h>
  31 
  32 #include <alloca.h>
  33 #include <libproc.h>
  34 #include <libintl.h>
  35 #include <libgen.h>
  36 #include <limits.h>
  37 #include <project.h>
  38 #include <pwd.h>
  39 #include <secdb.h>
  40 #include <stdio.h>
  41 #include <stdlib.h>
  42 #include <string.h>
  43 #include <sys/varargs.h>
  44 #include <unistd.h>
  45 #include <errno.h>
  46 #include <signal.h>
  47 #include <priv_utils.h>
  48 


 637 
 638         /*
 639          * GLOBAL_ERR_SZ is pretty big. If the error is longer
 640          * than that, just truncate it, rather than chance missing
 641          * the error altogether.
 642          */
 643         (void) vsnprintf(global_error, GLOBAL_ERR_SZ-1, format, alist);
 644 
 645         va_end(alist);
 646 
 647 }
 648 
 649 /*
 650  * Given the input arguments, return the passwd structure that matches best.
 651  * Also, since we use getpwnam() and friends, subsequent calls to this
 652  * function will re-use the memory previously returned.
 653  */
 654 static struct passwd *
 655 match_user(uid_t uid, char *projname, int is_my_uid)
 656 {
 657         char prbuf[PROJECT_BUFSZ], username[LOGNAME_MAX_ILLUMOS+1];
 658         struct project prj;
 659         char *tmp_name;
 660         struct passwd *pw = NULL;
 661 
 662         /*
 663          * In order to allow users with the same UID but distinguishable
 664          * user names to be in different projects we play a guessing
 665          * game of which username is most appropriate. If we're checking
 666          * for the uid of the calling process, the login name is a
 667          * good starting point.
 668          */
 669         if (is_my_uid) {
 670                 if ((tmp_name = getlogin()) == NULL ||
 671                     (pw = getpwnam(tmp_name)) == NULL || (pw->pw_uid != uid) ||
 672                     (pw->pw_name == NULL))
 673                         pw = NULL;
 674         }
 675 
 676         /*
 677          * If the login name doesn't work,  we try the first match for


 679          */
 680         if (pw == NULL) {
 681                 if (((pw = getpwuid(uid)) == NULL) || pw->pw_name == NULL) {
 682                         preserve_error(gettext("cannot find username "
 683                             "for uid %d"), uid);
 684                         return (NULL);
 685                 }
 686         }
 687 
 688         /*
 689          * If projname wasn't supplied, we've done our best, so just return
 690          * what we've got now. Alternatively, if newtask's invoker has
 691          * superuser privileges, return the pw structure we've got now, with
 692          * no further checking from inproj(). Superuser should be able to
 693          * join any project, and the subsequent call to setproject() will
 694          * allow this.
 695          */
 696         if (projname == NULL || getuid() == (uid_t)0)
 697                 return (pw);
 698 
 699         (void) strncpy(username, pw->pw_name, sizeof (username) - 1);
 700         username[sizeof (username) - 1] = '\0';
 701 
 702         if (inproj(username, projname, prbuf, PROJECT_BUFSZ) == 0) {
 703                 char **u;
 704                 tmp_name = NULL;
 705 
 706                 /*
 707                  * If the previous guesses didn't work, walk through all
 708                  * project members and test for UID-equivalence.
 709                  */
 710 
 711                 if (getprojbyname(projname, &prj, prbuf,
 712                     PROJECT_BUFSZ) == NULL) {
 713                         preserve_error(gettext("unknown project \"%s\""),
 714                             projname);
 715                         return (NULL);
 716                 }
 717 
 718                 for (u = prj.pj_users; *u; u++) {
 719                         if ((pw = getpwnam(*u)) == NULL)
 720                                 continue;