-
Notifications
You must be signed in to change notification settings - Fork 73
/
cmd-wrapper.c
83 lines (65 loc) · 2.06 KB
/
cmd-wrapper.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <signal.h>
#include <strings.h>
#include <stdlib.h>
/********************************************
* Wrapper - Secure Yourself
*
* 2007 - Mike Golvach - [email protected]
* Modified 2012 by Jason Antman <[email protected]> <http://www.jasonantman.com>
* - configured for use as pre- and post-backup script wrapper
*
* USAGE: cmd-wrapper [pre|post]
*
* The latest version of this script can be found at:
* <https://github.com/jantman/misc-scripts/blob/master/cmd-wrapper.c>
*
********************************************/
/* Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License */
/* Define global variables */
int gid;
/* main(int argc, char **argv) - main process loop */
int main(int argc, char **argv, char **envp)
{
char *origcmd;
origcmd = getenv("SSH_ORIGINAL_COMMAND");
/* printf ("Original Command:%s\n", origcmd); */
/* Set euid and egid to actual user */
gid = getgid();
setegid(getgid());
seteuid(getuid());
/* Confirm user is in GROUP(502) group */
if ( gid != 502 ) {
printf("User Not Authorized! Exiting...\n");
exit(1);
}
/* Check argc count only at this point */
if ( argc != 1 ) {
printf("Usage: cmd-wrapper [pre|post]\n");
exit(1);
}
/* Set uid, gid, euid and egid to root */
setegid(0);
seteuid(0);
setgid(0);
setuid(0);
/* Check argv for proper arguments and run
* the corresponding script, if invoked.
*/
if ( strncmp(origcmd, "pre", 3) == 0 ) {
if (execl("/root/bin/rsnapshot-pre.sh", "rsnapshot-pre.sh", NULL) < 0) {
perror("Execl:");
}
} else if ( strncmp(origcmd, "post", 4) == 0 ) {
if (execl("/root/bin/rsnapshot-post.sh", "rsnapshot-post.sh", NULL) < 0) {
perror("Execl:");
}
} else {
printf("ERROR: Invalid command: %s\n", origcmd);
printf("Usage: COMMAND [pre|post]\n");
exit(1);
}
exit(0);
}