--user option added to mysqlmanager

server-tools/instance-manager/mysql_connection.cc: removed unsed method server-tools/instance-manager/mysqlmanager.cc: add --user option handling server-tools/instance-manager/options.cc: --user option added server-tools/instance-manager/options.h: user option added + some cleanup
author: unknown <petr@mysql.com> 2005-02-05 14:04:49 +0300
committer: unknown <petr@mysql.com> 2005-02-05 14:04:49 +0300
commit: 95e650e50a7ab59597a1c55ec48d7f807b2352a2 (patch)
tree: c623164c5487108b15bc0b4c31f8bbab3812a1c7 /server-tools
parent: 87e104e44172ff4ed671d9d7c490d61e010c5fb3 (diff)
download: mariadb-git-95e650e50a7ab59597a1c55ec48d7f807b2352a2.tar.gz
4 files changed, 92 insertions, 11 deletions
diff --git a/server-tools/instance-manager/mysql_connection.cc b/server-tools/instance-manager/mysql_connection.cc
index d3f58bf3771..7947de70459 100644
--- a/server-tools/instance-manager/mysql_connection.cc
+++ b/server-tools/instance-manager/mysql_connection.cc
@@ -82,7 +82,6 @@ private:
 private:
   /* Names are conventionally the same as in mysqld */
   int check_connection();
-  int check_user(const char *user, const char *password);
   int do_command();
   int dispatch_command(enum enum_server_command command,
                        const char *text, uint len);
@@ -287,12 +286,6 @@ int Mysql_connection_thread::check_connection()
 }
 
 
-int Mysql_connection_thread::check_user(const char *user, const char *password)
-{
-  return 0;
-}
-
-
 int Mysql_connection_thread::do_command()
 {
   char *packet;
diff --git a/server-tools/instance-manager/mysqlmanager.cc b/server-tools/instance-manager/mysqlmanager.cc
index bdd7c4ebe78..e37dab911c1 100644
--- a/server-tools/instance-manager/mysqlmanager.cc
+++ b/server-tools/instance-manager/mysqlmanager.cc
@@ -22,6 +22,8 @@
 #include <my_sys.h>
 #include <string.h>
 #include <signal.h>
+#include <pwd.h>
+#include <grp.h>
 #include <sys/wait.h>
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -54,6 +56,8 @@
 static void init_environment(char *progname);
 static void daemonize(const char *log_file_name);
 static void angel(const Options &options);
+static struct passwd *check_user(const char *user);
+static int set_user(const char *user, struct passwd *user_info);
 
 
 /*
@@ -68,7 +72,19 @@ int main(int argc, char *argv[])
 {
   init_environment(argv[0]);
   Options options;
+  struct passwd *user_info;
+
   options.load(argc, argv);
+
+  if ((user_info= check_user(options.user)))
+  {
+      if (set_user(options.user, user_info))
+      {
+        options.cleanup();
+        return 1;
+      }
+  }
+
   if (options.run_as_service)
   {
     /* forks, and returns only in child */
@@ -84,6 +100,74 @@ int main(int argc, char *argv[])
 
 /******************* Auxilary functions implementation **********************/
 
+/* Change to run as another user if started with --user */
+
+static struct passwd *check_user(const char *user)
+{
+#if !defined(__WIN__) && !defined(OS2) && !defined(__NETWARE__)
+  struct passwd *user_info;
+  uid_t user_id= geteuid();
+
+  /* Don't bother if we aren't superuser */
+  if (user_id)
+  {
+    if (user)
+    {
+      /* Don't give a warning, if real user is same as given with --user */
+      user_info= getpwnam(user);
+      if ((!user_info || user_id != user_info->pw_uid))
+        log_info("One can only use the --user switch if running as root\n");
+    }
+    return NULL;
+  }
+  if (!user)
+  {
+    log_info("You are running mysqlmanager as root! This might introduce security problems. It is safer to use --user option istead.\n");
+    return NULL;
+  }
+  if (!strcmp(user, "root"))
+    return NULL;                 /* Avoid problem with dynamic libraries */
+ if (!(user_info= getpwnam(user)))
+  {
+    /* Allow a numeric uid to be used */
+    const char *pos;
+    for (pos= user; my_isdigit(default_charset_info, *pos); pos++) ;
+    if (*pos)                                   /* Not numeric id */
+      goto err;
+    if (!(user_info= getpwuid(atoi(user))))
+      goto err;
+    else
+      return user_info;
+  }
+  else
+    return user_info;
+
+err:
+  log_error("Fatal error: Can't change to run as user '%s' ;  Please check that the user exists!\n", user);
+#endif
+  return NULL;
+}
+
+static int set_user(const char *user, struct passwd *user_info)
+{
+  DBUG_ASSERT(user_info);
+#ifdef HAVE_INITGROUPS
+  initgroups((char*) user,user_info->pw_gid);
+#endif
+  if (setgid(user_info->pw_gid) == -1)
+  {
+    log_error("setgid() failed");
+    return 1;
+  }
+  if (setuid(user_info->pw_uid) == -1)
+  {
+    log_error("setuid() failed");
+    return 1;
+  }
+  return 0;
+}
+
+
 
 /*
   Init environment, common for daemon and non-daemon
diff --git a/server-tools/instance-manager/options.cc b/server-tools/instance-manager/options.cc
index db117de03e5..bf6ba1e9163 100644
--- a/server-tools/instance-manager/options.cc
+++ b/server-tools/instance-manager/options.cc
@@ -35,7 +35,8 @@ const char *Options::pid_file_name= QUOTE(DEFAULT_PID_FILE_NAME);
 const char *Options::socket_file_name= QUOTE(DEFAULT_SOCKET_FILE_NAME);
 const char *Options::password_file_name= QUOTE(DEFAULT_PASSWORD_FILE_NAME);
 const char *Options::default_mysqld_path= QUOTE(DEFAULT_MYSQLD_PATH);
-const char *Options::bind_address= 0;              /* No default value */
+const char *Options::bind_address= 0;           /* No default value */
+const char *Options::user= 0;                   /* No default value */
 uint Options::monitoring_interval= DEFAULT_MONITORING_INTERVAL;
 uint Options::port_number= DEFAULT_PORT;
 /* just to declare */
@@ -54,7 +55,6 @@ enum options {
   OPT_MYSQLD_PATH,
   OPT_RUN_AS_SERVICE,
   OPT_USER,
-  OPT_PASSWORD,
   OPT_MONITORING_INTERVAL,
   OPT_PORT,
   OPT_BIND_ADDRESS
@@ -107,6 +107,11 @@ static struct my_option my_long_options[] =
     "Daemonize and start angel process.", (gptr *) &Options::run_as_service,
     0, 0, GET_BOOL, NO_ARG, 0, 0, 1, 0, 0, 0 },
 
+  { "user", OPT_USER, "Username to start mysqlmanager",
+                   (gptr *) &Options::user,
+                   (gptr *) &Options::user,
+                   0, GET_STR, REQUIRED_ARG, 0, 0, 0, 0, 0, 0 },
+
   { "version", 'V', "Output version information and exit.", 0, 0, 0,
    GET_NO_ARG, NO_ARG, 0, 0, 0, 0, 0, 0 },
 
diff --git a/server-tools/instance-manager/options.h b/server-tools/instance-manager/options.h
index 8b673bd5fb1..bb6da51d1ca 100644
--- a/server-tools/instance-manager/options.h
+++ b/server-tools/instance-manager/options.h
@@ -34,8 +34,7 @@ struct Options
   static const char *socket_file_name;
   static const char *password_file_name;
   static const char *default_mysqld_path;
-  static const char *default_admin_user;
-  static const char *default_admin_password;
+  static const char *user;
   static uint monitoring_interval;
   static uint port_number;
   static const char *bind_address;
author	unknown <petr@mysql.com>	2005-02-05 14:04:49 +0300
committer	unknown <petr@mysql.com>	2005-02-05 14:04:49 +0300
commit	95e650e50a7ab59597a1c55ec48d7f807b2352a2 (patch)
tree	c623164c5487108b15bc0b4c31f8bbab3812a1c7 /server-tools
parent	87e104e44172ff4ed671d9d7c490d61e010c5fb3 (diff)
download	mariadb-git-95e650e50a7ab59597a1c55ec48d7f807b2352a2.tar.gz