[basedb-cvs] basedb/src/jobRunner Makefile.am,NONE,1.1 jobRunner.c,NONE,1.1

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/basedb/basedb/src/jobRunner
In directory sc8-pr-cvs1:/tmp/cvs-serv4237/src/jobRunner

Added Files:
	Makefile.am jobRunner.c 
Log Message:
Added autoconf/automake functionality. Supports c/c++ compilation.

--- NEW FILE: Makefile.am ---
# $Id: Makefile.am,v 1.1 2003/02/06 00:43:35 kurri Exp $

bin_PROGRAMS = jobRunner

jobRunner_SOURCES = jobRunner.c

AM_CFLAGS= -DBASEJOBUSER_UID=$(JOBRUNNER_UID) -DBASEUSER_UID=$(BASE_UID)

--- NEW FILE: jobRunner.c ---
// $Id: jobRunner.c,v 1.1 2003/02/06 00:43:35 kurri Exp $
//
// BioArray Software Environment (BASE) - homepage http://base.thep.lu.se/
// Copyright (C) 2003 Carl Troein
//
// This file is part of BASE.
//
// BASE is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// BASE is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
//

// This program is to be installed as suid basejob (or whatever you
// choose to call that user). It takes the first argument to be the
// name of a plugin to run and subsequent arguments to be arguments
// to that program, just like nice or time or whatnot. The plugin is
// then run as the basejob user rather than the base user. If used
// correctly, this will protect your BASE installation against broken
// or malicious plugins, as well as against anyone who has managed to
// gain access to the plugin definition page in BASE.

#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <signal.h>
#include <sys/types.h>
extern int errno;

#ifndef BASEUSER_UID
#error BASEUSER_UID must be defined (as the UID of the BASE user)
#endif
#ifndef BASEJOBUSER_UID
#error BASEJOBUSER_UID must be defined (as the UID of the BASE job user)
#endif

#define STRINGIFY(x) #x

int main(int argc, char **argv)
{
	uid_t uid, euid;

	if(argc < 2)
	{
		fprintf(stderr, "jobRunner: too few arguments\n");
		return 125;
	}

	uid = getuid();
	euid = geteuid();
	if(uid != BASEUSER_UID)
	{
		fprintf(stderr, "jobRunner: may only be run by user "
			STRINGIFY(BASEUSER_UID) "\n");
		errno = EINVAL;
		return 125;
	}
	if(euid != BASEJOBUSER_UID)
	{
		fprintf(stderr, "jobRunner: the effective (suid) UID must be "
			STRINGIFY(BASEJOBUSER_UID) "\n");
		errno = EPERM;
		return 125;
	}
	if(setreuid(euid, (uid_t)-1))
	{
		perror("jobRunner: Unable to setreuid()");
		return 125;
	}

	signal(SIGHUP, SIG_IGN);

	execvp(argv[1], argv + 1);
	perror("jobRunner: plugin failed to execute");
	return 125;
}