Ladybird/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2025-06-11 18:20:43 +09:00
Code Activity

LoginServer+LibCore: Only create user temp directory from LoginServer

Browse source 
Other programs use Core::Account::login(), notably su(1), which stopped
working due to a missing "cpath" pledge promise.

This patch moves the /tmp/user/ creation logic to a separate function
that LoginServer can call.
This commit is contained in:
Andreas Kling 2022-08-15 14:05:54 +02:00
parent 32642394a9
commit 3f14582b85
Notes: sideshowbarker 2024-07-17 08:13:46 +09:00
3 changed files with 14 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

15
Userland/Libraries/LibCore/Account.cpp
View file

@ -149,17 +149,16 @@ bool Account::authenticate(SecretString const& password) const
return hash != nullptr && AK::timing_safe_compare(hash, m_password_hash.characters(), m_password_hash.length());
}
bool Account::login() const
ErrorOr<void> Account::create_user_temporary_directory_if_needed() const
{
auto const temporary_directory = String::formatted("/tmp/user/{}", m_uid);
if (auto result = Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::Yes); result.is_error()) {
dbgln("{}", result.release_error());
return false;
}
if (chown(temporary_directory.characters(), m_uid, m_gid) < 0)
return false;
TRY(Core::Directory::create(temporary_directory, Core::Directory::CreateDirectories::Yes));
TRY(Core::System::chown(temporary_directory, m_uid, m_gid));
return {};
}
bool Account::login() const
{
if (setgroups(m_extra_gids.size(), m_extra_gids.data()) < 0)
return false;

2
Userland/Libraries/LibCore/Account.h
View file

@ -42,6 +42,8 @@ public:
bool authenticate(SecretString const& password) const;
bool login() const;
ErrorOr<void> create_user_temporary_directory_if_needed() const;
String username() const { return m_username; }
String password_hash() const { return m_password_hash; }

5
Userland/Services/LoginServer/main.cpp
View file

@ -18,6 +18,11 @@
static void child_process(Core::Account const& account)
{
if (auto result = account.create_user_temporary_directory_if_needed(); result.is_error()) {
dbgln("Failed to create temporary directory for user {}: {}", account.username(), result.error());
exit(1);
}
if (!account.login()) {
dbgln("failed to switch users: {}", strerror(errno));
exit(1);