diff options
author | Stefano Brivio <sbrivio@redhat.com> | 2023-06-28 17:45:36 +0200 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2023-06-28 17:47:35 +0200 |
commit | beeefb214a2dc8917b5a31945e740ecce4536764 (patch) | |
tree | f0dcb124e3d1c3763842c4119daf786fd222fce3 /cooker | |
parent | 7c783a3b82b27033b86f75c018f991ffa59fa548 (diff) | |
download | seitan-beeefb214a2dc8917b5a31945e740ecce4536764.tar seitan-beeefb214a2dc8917b5a31945e740ecce4536764.tar.gz seitan-beeefb214a2dc8917b5a31945e740ecce4536764.tar.bz2 seitan-beeefb214a2dc8917b5a31945e740ecce4536764.tar.lz seitan-beeefb214a2dc8917b5a31945e740ecce4536764.tar.xz seitan-beeefb214a2dc8917b5a31945e740ecce4536764.tar.zst seitan-beeefb214a2dc8917b5a31945e740ecce4536764.zip |
cooker, seitan: Add support for GID/UID in context
Similarly to namespace specifications, the special value "caller", as
well as login/group names and numeric UID/GIDs are supported.
Example of usage in demo/mknod.hjson. Light on checks and with some
TODOs left behind at the moment.
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'cooker')
-rw-r--r-- | cooker/call.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/cooker/call.c b/cooker/call.c index c3f290c..6dbfd29 100644 --- a/cooker/call.c +++ b/cooker/call.c @@ -458,14 +458,25 @@ static void parse_context(struct context_desc *cdesc, JSON_Object *obj) if (!strcmp(str, "caller")) { cdesc[n].spec = CONTEXT_SPEC_CALLER; } else { - cdesc[n].spec = CONTEXT_SPEC_PATH; - strncpy(cdesc[n].target.path, str, PATH_MAX); + cdesc[n].spec = CONTEXT_SPEC_NAME; + if (type == UID || type == GID) { + strncpy(cdesc[n].target.name, str, + LOGIN_NAME_MAX); + } else { + strncpy(cdesc[n].target.path, str, + PATH_MAX); + } } } else if ((num = json_object_get_number(obj, name))) { debug(" '%s' context: %lli", name, num); - cdesc[n].spec = CONTEXT_SPEC_PID; - cdesc[n].target.pid = num; + cdesc[n].spec = CONTEXT_SPEC_NUM; + if (type == UID) + cdesc[n].target.uid = num; + else if (type == GID) + cdesc[n].target.gid = num; + else + cdesc[n].target.pid = num; } else { die("invalid context specification"); } |