From owner-svn-src-stable@FreeBSD.ORG  Mon May  3 19:48:21 2010
Return-Path: <owner-svn-src-stable@FreeBSD.ORG>
Delivered-To: svn-src-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id EC98A106566B;
	Mon,  3 May 2010 19:48:21 +0000 (UTC)
	(envelope-from delphij@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [69.147.83.44])
	by mx1.freebsd.org (Postfix) with ESMTP id D0F448FC08;
	Mon,  3 May 2010 19:48:21 +0000 (UTC)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o43JmLv2075989;
	Mon, 3 May 2010 19:48:21 GMT (envelope-from delphij@svn.freebsd.org)
Received: (from delphij@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id o43JmL5D075986;
	Mon, 3 May 2010 19:48:21 GMT (envelope-from delphij@svn.freebsd.org)
Message-Id: <201005031948.o43JmL5D075986@svn.freebsd.org>
From: Xin LI <delphij@FreeBSD.org>
Date: Mon, 3 May 2010 19:48:21 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-stable@freebsd.org, svn-src-stable-6@freebsd.org
X-SVN-Group: stable-6
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r207582 - stable/6/usr.sbin/daemon
X-BeenThere: svn-src-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for all the -stable branches of the src tree
	<svn-src-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable>, 
	<mailto:svn-src-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable>
List-Post: <mailto:svn-src-stable@freebsd.org>
List-Help: <mailto:svn-src-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable>,
	<mailto:svn-src-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 May 2010 19:48:22 -0000

Author: delphij
Date: Mon May  3 19:48:21 2010
New Revision: 207582
URL: http://svn.freebsd.org/changeset/base/207582

Log:
  MFC r147906-201389, this sync'ed daemon(8) with -HEAD except the
  WARNS change.
  
  The most important change is the newly added privilege dropping
  feature by trhodes and others.
  
  Requested by:	glarkin
  PR:		bin/146266

Modified:
  stable/6/usr.sbin/daemon/daemon.8
  stable/6/usr.sbin/daemon/daemon.c
Directory Properties:
  stable/6/usr.sbin/daemon/   (props changed)

Modified: stable/6/usr.sbin/daemon/daemon.8
==============================================================================
--- stable/6/usr.sbin/daemon/daemon.8	Mon May  3 19:38:59 2010	(r207581)
+++ stable/6/usr.sbin/daemon/daemon.8	Mon May  3 19:48:21 2010	(r207582)
@@ -26,7 +26,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd August 30, 2001
+.Dd March 19, 2007
 .Dt DAEMON 8
 .Os
 .Sh NAME
@@ -36,12 +36,14 @@
 .Nm
 .Op Fl cf
 .Op Fl p Ar pidfile
+.Op Fl u Ar user
 .Ar command arguments ...
 .Sh DESCRIPTION
 The
 .Nm
 utility detaches itself from the controlling terminal and
 executes the program specified by its arguments.
+Privileges may be lowered to the specified user.
 .Pp
 The options are as follows:
 .Bl -tag -width indent
@@ -54,12 +56,14 @@ Redirect standard input, standard output
 .It Fl p Ar file
 Write the ID of the created process into the
 .Ar file
-using
+using the
 .Xr pidfile 3
 functionality.
 Note, that the file will be created shortly before the process is
 actually executed, and will remain after the process exits (although
 it will be removed if the execution fails).
+.It Fl u Ar user
+Run the program with the rights of user specified, requires privilege.
 .El
 .Sh EXIT STATUS
 The
@@ -77,6 +81,8 @@ standard error unless the
 .Fl f
 flag is specified.
 .Sh SEE ALSO
+.Xr setregid 2 ,
+.Xr setreuid 2 ,
 .Xr daemon 3 ,
 .Xr exec 3 ,
 .Xr pidfile 3 ,

Modified: stable/6/usr.sbin/daemon/daemon.c
==============================================================================
--- stable/6/usr.sbin/daemon/daemon.c	Mon May  3 19:38:59 2010	(r207581)
+++ stable/6/usr.sbin/daemon/daemon.c	Mon May  3 19:48:21 2010	(r207582)
@@ -35,24 +35,27 @@ __FBSDID("$FreeBSD$");
 
 #include <err.h>
 #include <errno.h>
+#include <pwd.h>
 #include <libutil.h>
+#include <login_cap.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
 
+static void restrict_process(const char *);
 static void usage(void);
 
 int
 main(int argc, char *argv[])
 {
-	struct pidfh *pfh;
+	struct pidfh *pfh = NULL;
 	int ch, nochdir, noclose, errcode;
-	const char *pidfile;
+	const char *pidfile, *user;
 	pid_t otherpid;
 
 	nochdir = noclose = 1;
-	pidfile = NULL;
-	while ((ch = getopt(argc, argv, "-cfp:")) != -1) {
+	pidfile = user = NULL;
+	while ((ch = getopt(argc, argv, "-cfp:u:")) != -1) {
 		switch (ch) {
 		case 'c':
 			nochdir = 0;
@@ -63,6 +66,9 @@ main(int argc, char *argv[])
 		case 'p':
 			pidfile = optarg;
 			break;
+		case 'u':
+			user = optarg;
+			break;
 		default:
 			usage();
 		}
@@ -72,6 +78,10 @@ main(int argc, char *argv[])
 
 	if (argc == 0)
 		usage();
+
+	if (user != NULL)
+		restrict_process(user);
+
 	/*
 	 * Try to open the pidfile before calling daemon(3),
 	 * to be able to report the error intelligently
@@ -109,9 +119,23 @@ main(int argc, char *argv[])
 }
 
 static void
+restrict_process(const char *user)
+{
+	struct passwd *pw = NULL;
+
+	pw = getpwnam(user);
+	if (pw == NULL)
+		errx(1, "unknown user: %s", user);
+
+	if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0)
+		errx(1, "failed to set user environment");
+}
+
+static void
 usage(void)
 {
 	(void)fprintf(stderr,
-	    "usage: daemon [-cf] [-p pidfile] command arguments ...\n");
+	    "usage: daemon [-cf] [-p pidfile] [-u user] command "
+		"arguments ...\n");
 	exit(1);
 }