MySQL 9.0.0
Source Code Documentation
sys_user_operations.h
Go to the documentation of this file.
1/*
2 Copyright (c) 2021, 2024, Oracle and/or its affiliates.
3
4 This program is free software; you can redistribute it and/or modify
5 it under the terms of the GNU General Public License, version 2.0,
6 as published by the Free Software Foundation.
7
8 This program is designed to work with certain software (including
9 but not limited to OpenSSL) that is licensed under separate terms,
10 as designated in a particular file or component or in included license
11 documentation. The authors of MySQL hereby grant you an additional
12 permission to link the program and your derivative works with the
13 separately licensed software that they have either included with
14 the program or referenced in the documentation.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
24*/
25
26#ifndef MYSQLROUTER_SYS_USER_OPERATIONS_INCLUDED
27#define MYSQLROUTER_SYS_USER_OPERATIONS_INCLUDED
28
29#ifndef _WIN32
30#include <netdb.h>
31#include <pwd.h>
32#include <sys/stat.h>
33#include <sys/types.h>
34#endif
35
36#include <string>
37
38namespace mysqlrouter {
39
40#ifndef _WIN32
41
42/** @class SysUserOperationsBase
43 * @brief Base class to allow multiple SysUserOperations implementations
44 */
46 public:
47#ifdef __APPLE__
48 using gid_type = int;
49#else
50 using gid_type = gid_t;
51#endif
52 virtual ~SysUserOperationsBase() = default;
53
54 virtual int initgroups(const char *user, gid_type gid) = 0;
55 virtual int setgid(gid_t gid) = 0;
56 virtual int setuid(uid_t uid) = 0;
57 virtual int setegid(gid_t gid) = 0;
58 virtual int seteuid(uid_t uid) = 0;
59 virtual uid_t geteuid(void) = 0;
60 virtual struct passwd *getpwnam(const char *name) = 0;
61 virtual struct passwd *getpwuid(uid_t uid) = 0;
62 virtual int chown(const char *file, uid_t owner, gid_t group) = 0;
63};
64
65/** @class SysUserOperations
66 * @brief This class provides implementations of SysUserOperationsBase methods
67 */
69 public:
71
72 /** @brief Thin wrapper around system initgroups() */
73 int initgroups(const char *user, gid_type gid) override;
74
75 /** @brief Thin wrapper around system setgid() */
76 int setgid(gid_t gid) override;
77
78 /** @brief Thin wrapper around system setuid() */
79 int setuid(uid_t uid) override;
80
81 /** @brief Thin wrapper around system setegid() */
82 int setegid(gid_t gid) override;
83
84 /** @brief Thin wrapper around system seteuid() */
85 int seteuid(uid_t uid) override;
86
87 /** @brief Thin wrapper around system geteuid() */
88 uid_t geteuid() override;
89
90 /** @brief Thin wrapper around system getpwnam() */
91 struct passwd *getpwnam(const char *name) override;
92
93 /** @brief Thin wrapper around system getpwuid() */
94 struct passwd *getpwuid(uid_t uid) override;
95
96 /** @brief Thin wrapper around system chown() */
97 int chown(const char *file, uid_t owner, gid_t group) override;
98
99 private:
102 SysUserOperations() = default;
103};
104
105/** @brief Sets the owner of selected file/directory if it exists.
106 *
107 * @throws std::runtime_error in case of an error
108 *
109 * @param filepath path to the file/directory this operation
110 * applies to
111 * @param username name of the system user that should be new owner
112 * of the file
113 * @param user_info_arg passwd structure for the system user that should
114 * be new owner of the file
115 * @param sys_user_operations object for the system specific operation that
116 * should be used by the function
117 */
119 const std::string &filepath, const std::string &username,
120 struct passwd *user_info_arg,
121 mysqlrouter::SysUserOperationsBase *sys_user_operations);
122
123/** @brief Sets effective user of the calling process.
124 *
125 * @throws std::runtime_error in case of an error
126 *
127 * @param username name of the system user that the process should
128 * switch to
129 * @param permanently if it's tru then if the root is dropping
130 * privileges it can't be regained after this call
131 * @param sys_user_operations object for the system specific operation that
132 * should be used by the function
133 */
134void set_user(const std::string &username, bool permanently = false,
135 mysqlrouter::SysUserOperationsBase *sys_user_operations =
137
138/** @brief Checks if the given user can be switched to or made an owner of a
139 * selected file.
140 *
141 * @throws std::runtime_error in case of an error
142 *
143 * @param username name of the system user to check
144 * @param must_be_root make sure that the current user is root
145 * @param sys_user_operations object for the system specific operation that
146 * should be used by the function
147 * @return pointer to the user's passwd structure if the user can be switched to
148 * or nullptr otherwise
149 *
150 */
151struct passwd *check_user(
152 const std::string &username, bool must_be_root,
153 mysqlrouter::SysUserOperationsBase *sys_user_operations);
154
155#endif // ! _WIN32
156
157} // namespace mysqlrouter
158
159#endif // MYSQLROUTER_UTILS_INCLUDED
Base class to allow multiple SysUserOperations implementations.
Definition: sys_user_operations.h:45
virtual ~SysUserOperationsBase()=default
virtual int initgroups(const char *user, gid_type gid)=0
virtual struct passwd * getpwuid(uid_t uid)=0
virtual int seteuid(uid_t uid)=0
virtual int setuid(uid_t uid)=0
virtual int chown(const char *file, uid_t owner, gid_t group)=0
gid_t gid_type
Definition: sys_user_operations.h:50
virtual int setgid(gid_t gid)=0
virtual int setegid(gid_t gid)=0
virtual struct passwd * getpwnam(const char *name)=0
virtual uid_t geteuid(void)=0
This class provides implementations of SysUserOperationsBase methods.
Definition: sys_user_operations.h:68
int seteuid(uid_t uid) override
Thin wrapper around system seteuid()
Definition: sys_user_operations.cc:64
int initgroups(const char *user, gid_type gid) override
Thin wrapper around system initgroups()
Definition: sys_user_operations.cc:54
SysUserOperations(const SysUserOperations &)=delete
SysUserOperations operator=(const SysUserOperations &)=delete
struct passwd * getpwuid(uid_t uid) override
Thin wrapper around system getpwuid()
Definition: sys_user_operations.cc:72
uid_t geteuid() override
Thin wrapper around system geteuid()
Definition: sys_user_operations.cc:66
int setgid(gid_t gid) override
Thin wrapper around system setgid()
Definition: sys_user_operations.cc:58
int setegid(gid_t gid) override
Thin wrapper around system setegid()
Definition: sys_user_operations.cc:62
int setuid(uid_t uid) override
Thin wrapper around system setuid()
Definition: sys_user_operations.cc:60
static SysUserOperations * instance()
Definition: sys_user_operations.cc:49
int chown(const char *file, uid_t owner, gid_t group) override
Thin wrapper around system chown()
Definition: sys_user_operations.cc:76
struct passwd * getpwnam(const char *name) override
Thin wrapper around system getpwnam()
Definition: sys_user_operations.cc:68
static const char * filepath
Definition: myisamlog.cc:97
char * user
Definition: mysqladmin.cc:66
Definition: os0file.h:89
Definition: dim.h:358
struct passwd * check_user(const std::string &username, bool must_be_root, mysqlrouter::SysUserOperationsBase *sys_user_operations)
Checks if the given user can be switched to or made an owner of a selected file.
Definition: sys_user_operations.cc:152
void set_user(const std::string &username, bool permanently=false, mysqlrouter::SysUserOperationsBase *sys_user_operations=SysUserOperations::instance())
Sets effective user of the calling process.
Definition: sys_user_operations.cc:207
void set_owner_if_file_exists(const std::string &filepath, const std::string &username, struct passwd *user_info_arg, mysqlrouter::SysUserOperationsBase *sys_user_operations)
Sets the owner of selected file/directory if it exists.
Definition: sys_user_operations.cc:80
case opt name
Definition: sslopt-case.h:29