head	1.3;
access;
symbols
	RELEASE_9_0_0:1.2
	RELEASE_7_4_0:1.2
	RELEASE_8_2_0:1.2
	RELEASE_6_EOL:1.2
	RELEASE_8_1_0:1.2
	RELEASE_7_3_0:1.2
	RELEASE_8_0_0:1.2
	RELEASE_7_2_0:1.2
	RELEASE_7_1_0:1.2
	RELEASE_6_4_0:1.2
	RELEASE_5_EOL:1.2
	RELEASE_7_0_0:1.2
	RELEASE_6_3_0:1.2
	PRE_XORG_7:1.2
	RELEASE_4_EOL:1.2
	RELEASE_6_2_0:1.2
	RELEASE_6_1_0:1.2
	RELEASE_5_5_0:1.2
	RELEASE_6_0_0:1.2
	RELEASE_5_4_0:1.2
	RELEASE_4_11_0:1.2
	RELEASE_5_3_0:1.2
	RELEASE_4_10_0:1.2
	RELEASE_5_2_1:1.2
	RELEASE_5_2_0:1.2
	RELEASE_4_9_0:1.2
	RELEASE_5_1_0:1.1
	RELEASE_4_8_0:1.1
	RELEASE_5_0_0:1.1;
locks; strict;
comment	@# @;


1.3
date	2012.01.01.19.30.35;	author ohauer;	state dead;
branches;
next	1.2;

1.2
date	2003.07.18.14.28.07;	author ache;	state Exp;
branches;
next	1.1;

1.1
date	2002.10.30.01.56.05;	author ache;	state Exp;
branches;
next	;


desc
@@


1.3
log
@- remove apache13 and ports depending on apache13 from portstree
  ( EXPIRATION_DATE=2012-01-01 )

with hat apache@@
@
text
@--- src/support/suexec.c.orig	Wed Mar  5 18:50:29 2003
+++ src/support/suexec.c	Fri Jul 18 18:09:56 2003
@@@@ -90,6 +90,9 @@@@
 #include <sys/types.h>
 
 #include <stdarg.h>
+#ifdef LOGIN_CAP
+#include <login_cap.h>
+#endif
 
 #include "suexec.h"
 
@@@@ -322,6 +325,9 @@@@
 #ifdef LOG_EXEC
         fprintf(stderr, " -D LOG_EXEC=\"%s\"\n", LOG_EXEC);
 #endif
+#ifdef LOGIN_CAP
+	fprintf(stderr, " -D LOGIN_CAP\n");
+#endif
 #ifdef SAFE_PATH
         fprintf(stderr, " -D SAFE_PATH=\"%s\"\n", SAFE_PATH);
 #endif
@@@@ -480,7 +486,28 @@@@
 
     /*
      * Change UID/GID here so that the following tests work over NFS.
-     *
+     */
+
+#ifdef LOGIN_CAP
+    /*
+     * Set user context (resources, priority and grouplist).
+     * If unsuccessful, error out.
+     */
+    if (setusercontext(NULL, pw, uid, LOGIN_SETRESOURCES | LOGIN_SETPRIORITY |
+      LOGIN_SETGROUP | LOGIN_SETLOGIN) == -1) {
+	log_err("emerg: failed to set user context (%ld: %s)\n", uid, cmd);
+	exit(108);
+    }
+
+    /*
+     * Set gid to the target group. If unsuccessful, error out.
+     */
+    if ((setgid(gid)) != 0) {
+	log_err("emerg: failed to setgid (%ld: %s)\n", gid, cmd);
+	exit(109);
+    }
+#else /* !LOGIN_CAP */
+    /*
      * Initialize the group access list for the target user,
      * and setgid() to the target group. If unsuccessful, error out.
      */
@@@@ -488,6 +515,7 @@@@
 	log_err("emerg: failed to setgid (%ld: %s)\n", gid, cmd);
 	exit(109);
     }
+#endif /* LOGIN_CAP */
 
     /*
      * setuid() to the target user.  Error out on fail.
@


1.2
log
@Upgrade to 1.3.28
@
text
@@


1.1
log
@Additional suexec tuning and login.conf support in suexec

Submitted by:   Alexander Yurchenko <grange@@rt.mipt.ru>
@
text
@d1 2
a2 2
--- src/support/suexec.c.orig	Thu Mar 14 00:05:37 2002
+++ src/support/suexec.c	Wed Sep 25 00:22:18 2002
d13 3
a15 9
@@@@ -296,11 +299,14 @@@@
         fprintf(stderr, " -D DOC_ROOT=\"%s\"\n", DOC_ROOT);
 #endif
 #ifdef GID_MIN
-        fprintf(stderr, " -D GID_MID=%d\n", GID_MIN);
+        fprintf(stderr, " -D GID_MIN=%d\n", GID_MIN);
 #endif
 #ifdef HTTPD_USER
         fprintf(stderr, " -D HTTPD_USER=\"%s\"\n", HTTPD_USER);
d18 1
a18 1
+        fprintf(stderr, " -D LOGIN_CAP\n");
d20 2
a21 9
 #ifdef LOG_EXEC
         fprintf(stderr, " -D LOG_EXEC=\"%s\"\n", LOG_EXEC);
 #endif
@@@@ -311,7 +317,7 @@@@
         fprintf(stderr, " -D SUEXEC_UMASK=%03o\n", SUEXEC_UMASK);
 #endif
 #ifdef UID_MIN
-        fprintf(stderr, " -D UID_MID=%d\n", UID_MIN);
+        fprintf(stderr, " -D UID_MIN=%d\n", UID_MIN);
d23 1
a23 3
 #ifdef USERDIR_SUFFIX
         fprintf(stderr, " -D USERDIR_SUFFIX=\"%s\"\n", USERDIR_SUFFIX);
@@@@ -461,7 +467,28 @@@@
d53 1
a53 1
@@@@ -469,6 +496,7 @@@@
@

