diff options
| author | Tyler Murphy <tylermurphy534@gmail.com> | 2022-11-10 16:22:29 -0500 |
|---|---|---|
| committer | Tyler Murphy <tylermurphy534@gmail.com> | 2022-11-10 16:22:29 -0500 |
| commit | b457c08923f1ef8d88005cf9781d1b4d5dd9552e (patch) | |
| tree | 0eb5e6a1f4e69628b406ed4d13dc8273d1f80a7e /src/main.rs | |
| parent | documentation and group support (diff) | |
| download | crab-b457c08923f1ef8d88005cf9781d1b4d5dd9552e.tar.gz crab-b457c08923f1ef8d88005cf9781d1b4d5dd9552e.tar.bz2 crab-b457c08923f1ef8d88005cf9781d1b4d5dd9552e.zip | |
move root priv fn, slight refactor
Diffstat (limited to 'src/main.rs')
| -rw-r--r-- | src/main.rs | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/src/main.rs b/src/main.rs index c6e8201..850d43b 100644 --- a/src/main.rs +++ b/src/main.rs @@ -14,7 +14,6 @@ const ERROR_CONFIG: u8 = 2; const ERROR_NO_USER: u8 = 3; const ERROR_NOT_AUTHORIZED: u8 = 4; const ERROR_AUTH_FAILED: u8 = 5; -const ERROR_RUN_ROOT: u8 = 6; fn main() -> ExitCode { @@ -74,19 +73,12 @@ fn main() -> ExitCode { } }; - // authenticate the user if !validate(&user.name, persist) { eprintln!("Authentication failed."); return ExitCode::from(ERROR_AUTH_FAILED); } - // set the uid and gid of the process to root to run the command as root - if !unistd::setuid(unistd::geteuid()).is_ok() || !unistd::setgid(unistd::getegid()).is_ok() { - eprintln!("Failed to set root permissions"); - return ExitCode::from(ERROR_RUN_ROOT); - }; - // execute the passed command let start = 1 + flags.arg_count; let err = exec::execvp(&args[start], &args[start..]); @@ -128,6 +120,7 @@ struct Config { /// * `false` - If the user failed to authenticate fn validate(user: &str, persist: bool) -> bool { if persist && persist::get_persist(user) { + secure::elevate_privilages(0, 0); return true; } let input = match rpassword::prompt_password(format!("crab ({}) password: ", user)) { @@ -142,6 +135,7 @@ fn validate(user: &str, persist: bool) -> bool { if !auth.authenticate().is_ok() || !auth.open_session().is_ok() { return false; } + secure::elevate_privilages(0, 0); if persist { persist::set_persist(user); } @@ -222,7 +216,7 @@ fn config(path: &str) -> Option<Config> { let mut identitys = vec![]; for (line_num, line) in file.split("\n").enumerate() { let args: Vec<&str> = line.split(" ").collect(); - if line.trim() == "" { + if line.starts_with("#") || line.trim() == "" { continue; } if args.len() < 2 { |