diff options
| author | Lennart Poettering <lennart@poettering.net> | 2013-03-22 17:44:15 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2013-03-22 17:44:19 +0100 |
| commit | 4468addca6d01a0d2d154371dd72f54307a9c786 (patch) | |
| tree | 01d5a809da50ccdf1621a5e5cb7813b262519ae4 /src/shared/util.c | |
| parent | 8e70580bb07ae46dc0b0bf377de6333540668acc (diff) | |
journalctl: give a nice hint about group membership based on ACLs of /var/log/journal
If we notice that we unprivileged and not in any of the groups which
have access to /var/log/journal, print a nice message about which groups
do.
This checks and prints all groups that are in the default ACL for
/var/log/journal, which is not necessarily correct for all journal
files, but pretty close.
Diffstat (limited to 'src/shared/util.c')
| -rw-r--r-- | src/shared/util.c | 36 |
1 files changed, 30 insertions, 6 deletions
diff --git a/src/shared/util.c b/src/shared/util.c index 872f6f7371..020b75d0f2 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -4190,6 +4190,23 @@ char* uid_to_name(uid_t uid) { return r; } +char* gid_to_name(gid_t gid) { + struct group *p; + char *r; + + if (gid == 0) + return strdup("root"); + + p = getgrgid(gid); + if (p) + return strdup(p->gr_name); + + if (asprintf(&r, "%lu", (unsigned long) gid) < 0) + return NULL; + + return r; +} + int get_group_creds(const char **groupname, gid_t *gid) { struct group *g; gid_t id; @@ -4228,14 +4245,10 @@ int get_group_creds(const char **groupname, gid_t *gid) { return 0; } -int in_group(const char *name) { - gid_t gid, *gids; +int in_gid(gid_t gid) { + gid_t *gids; int ngroups_max, r, i; - r = get_group_creds(&name, &gid); - if (r < 0) - return r; - if (getgid() == gid) return 1; @@ -4258,6 +4271,17 @@ int in_group(const char *name) { return 0; } +int in_group(const char *name) { + int r; + gid_t gid; + + r = get_group_creds(&name, &gid); + if (r < 0) + return r; + + return in_gid(gid); +} + int glob_exists(const char *path) { glob_t g; int r, k; |