Cover V05, I03
Article
Listing 1
Listing 2
Listing 3
Listing 4
Listing 5
Listing 6
Listing 7

mar96.tar


Listing 1: amp.c

/******************************************************
*
* amp.c - front-end to amp.sh untility;
*         checks for user executing program
*         being in the "ADMGRP"
*
******************************************************/
#include <stdio.h>
#include <pwd.h>
#include <grp.h>
#include <errno.h>

#define SCRIPT "/usr/bin/amp/amp.sh"
#define ADMGRP "admgrp"
#define TRUE      1
#define FALSE     0

int execute();

main( argc, argv )
int argc;
char *argv[];
{
int iuid = -1,
inx = 0,
again = TRUE,
srcode = 1;        /* System return code  */
struct passwd *pwrd;   /* User's passwd entry */
struct group *gr;      /* ADMGRP group entry  */
struct passwd *getpwuid();
struct group *getgrnam();

/* Get User ID */
if( (iuid = getuid() ) >= 0)
{
/* Get passwd entry */
if( (pwrd = getpwuid( iuid )) != NULL )
{
/* Get admgrp group entry */
if( (gr = getgrnam( ADMGRP )) != NULL )
{
/* Loop through group entries */
/* until user is found;       */
/* otherwise print message    */
while( again )
{
if( gr->gr_mem[inx] == NULL )
{
printf( "Sorry, you are not \
authorized to run this program.\n" );
again = FALSE;
}
else if( strcmp( pwrd->pw_name, \
gr->gr_mem[inx]) == 0 )
{
again = FALSE;
srcode = execute( pwrd->pw_name );
}
else
inx++;
}
}
else
printf( "%s: Error finding \"%s\" \
group entry. Exiting now.\n", argv[0], ADMGRP );
}
else
printf( "%s: Error finding your password entry. \
Exiting now.\n", argv[0] );
}
else
printf( "%s: Error getting uid\n", argv[0] );

exit( srcode );
}

int execute( usrname )
char *usrname;
{
int frcode = FALSE;
char cmdstr[1024];

if( setuid(0) == 0 )
{
/* Concatenate script and user name */
strcpy( cmdstr, SCRIPT );
strcat( cmdstr, " " );
strcat( cmdstr, usrname );

/* Execute amp.sh script */
frcode = system( cmdstr );
}
else
printf( "Error: could not set UID \n" );

return( frcode );
}
/* End of File */