1 # This file is part of NIT ( http://www.nitlanguage.org ).
3 # Copyright 2013 Alexis Laferrière <alexis.laf@xymus.net>
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 # Process privileges management utilities
19 # Used mainly by daemons and such to aquire resources as su and
20 # then drop back to a restricted user.
26 # Does the operating system know the user named `self`?
29 var passwd
= new Passwd.from_name
(to_s
)
30 return not passwd
.address_is_null
33 # Does the operating system know the group named `self`?
34 fun group_exists
: Bool
36 var passwd
= new Group.from_name
(to_s
)
37 return not passwd
.address_is_null
41 # Class to manage user groups
48 var group
: nullable String
50 # Drop privileges of the running program to those of `self`
52 # require: `user.user_exists and (group == null or group.group_exists)`
55 var passwd
= new Passwd.from_name
(user
)
56 assert not passwd
.address_is_null
62 var gpasswd
= new Group.from_name
(group
)
63 assert not gpasswd
.address_is_null
72 # Option to ask for a username and group
73 class OptionUserAndGroup
76 redef type VALUE: nullable UserGroup
78 init for_dropping_privileges
do init("Drop privileges to user:group or simply user", "-u", "--usergroup")
79 init(help
: String, names
: String...) do super(help
, null, names
)
81 redef fun convert
(str
)
83 var words
= str
.split
(":")
84 if words
.length
== 1 then
85 return new UserGroup(str
, null)
86 else if words
.length
== 2 then
87 return new UserGroup(words
[0], words
[1])
89 errors
.add
("Option {names.join(", ")} expected parameter in the format \"user
:group\
" or simply \"user\
".\n")
90 abort # FIXME only for nitc, remove and replace with next line when FFI is working in nitg