Implement the semantics of setusercontext().

diff --git a/libopenbsd/setusercontext.c b/libopenbsd/setusercontext.c
index 692b51aef79e2c2f2ed0b7162806752b8596a86d..7a477b607356d384b5ede73536ef38487c29bffe 100644 (file)
--- a/libopenbsd/setusercontext.c
+++ b/libopenbsd/setusercontext.c
@@ -1,15 +1,21 @@
 /* Copyright 2015 Nathan Holstein */
 
+#include <sys/resource.h>
+#include <sys/stat.h>
+#include <sys/types.h>
 #include <errno.h>
-#include <stdio.h>
+#include <pwd.h>
 #include <stdlib.h>
+#include <unistd.h>
 
 #include "openbsd.h"
 
 int
-setusercontext(login_cap_t *lc, struct passwd *pwd, uid_t uid, unsigned int flags)
+setusercontext(login_cap_t *lc, struct passwd *pw, uid_t uid, unsigned int flags)
 {
-       if (lc != NULL || pwd == NULL ||
+       int ret;
+
+       if (lc != NULL || pw == NULL ||
                        (flags & ~(LOGIN_SETGROUP | LOGIN_SETPRIORITY |
                                   LOGIN_SETRESOURCES | LOGIN_SETUMASK |
                                   LOGIN_SETUSER)) != 0) {
@@ -17,8 +23,29 @@ setusercontext(login_cap_t *lc, struct passwd *pwd, uid_t uid, unsigned int flag
                return -1;
        }
 
-       fprintf(stderr, "failing setusercontext() for %d\n", (int) uid);
+       if (flags & LOGIN_SETGROUP) {
+               if ((ret = setgid(pw->pw_gid)) != 0)
+                       return ret;
+               if ((ret = initgroups(pw->pw_name, pw->pw_gid)) != 0)
+                       return ret;
+       }
+
+       if (flags & LOGIN_SETPRIORITY) {
+               if ((ret = setpriority(PRIO_PROCESS, getpid(), 0)) != 0)
+                       return ret;
+               if ((ret = setpriority(PRIO_USER, uid, 0)) != 0)
+                       return ret;
+       }
+
+       if (flags & LOGIN_SETRESOURCES) {
+       }
+
+       if (flags & LOGIN_SETUMASK)
+               umask(S_IWGRP | S_IWOTH);
+
+       if (flags & LOGIN_SETUSER)
+               return setuid(uid);
 
-       return -1;
+       return 0;
 }