unix package patch to add support for setting effective uid/gid

Don Stewart dons at galois.com
Mon May 17 12:53:01 EDT 2010 

Very odd that we have the getters, but none of the setters.
Looks good.

-- Don

emertens:
> Hello,
> 
> I believe that it would be useful for the unix package to support
> setting the effective user-id and group-id of a process. By setting the
> effective id instead of the real id you can toggle between real and
> set-user-id. It seems like a simple oversight that these functions have
> been left out of the unix package.
> 
> I have attached the darcs patch for these function. This patch does not
> explicitly bump the version number as I thought it might be integrated
> with other patches before a new release (That could be wrong).
> 
> -- 
> Eric Mertens <emertens at galois.com>
> Galois, Inc.

> Mon May 17 09:40:39 PDT 2010  Eric Mertens <emertens at galois.com>
>   * Add bindings for setting effective user-id and group-id
>   
>   Having the ability to set the effective user-id and group-id
>   enables the application to switch between the real user-id
>   and set-user-id multiple times.
> 
> New patches:
> 
> [Add bindings for setting effective user-id and group-id
> Eric Mertens <emertens at galois.com>**20100517164039
>  Ignore-this: cc36abd2917ef7a96709a111f31f651c
>  
>  Having the ability to set the effective user-id and group-id
>  enables the application to switch between the real user-id
>  and set-user-id multiple times.
> ] {
> hunk ./System/Posix/User.hsc 133
>  foreign import ccall unsafe "setuid"
>    c_setuid :: CUid -> IO CInt
>  
> +-- | @setEffectiveUserID uid@ calls @seteuid@ to set the effective
> +--   user-id associated with the current process to @uid at . This
> +--   does not update the real user-id or set-user-id.
> +setEffectiveUserID :: UserID -> IO ()
> +setEffectiveUserID uid = throwErrnoIfMinus1_ "setEffectiveUserID" (c_seteuid uid)
> +
> +foreign import ccall unsafe "seteuid"
> +  c_seteuid :: CUid -> IO CInt
> +
>  -- | @setGroupID gid@ calls @setgid@ to set the real, effective, and
>  --   saved set-group-id associated with the current process to @gid at .
>  setGroupID :: GroupID -> IO ()
> hunk ./System/Posix/User.hsc 150
>  foreign import ccall unsafe "setgid"
>    c_setgid :: CGid -> IO CInt
>  
> +-- | @setEffectiveGroupID uid@ calls @setegid@ to set the effective
> +--   group-id associated with the current process to @gid at . This
> +--   does not update the real group-id or set-group-id.
> +
> +foreign import ccall unsafe "setegid"
> +  c_setegid :: CGid -> IO CInt
> +
>  -- -----------------------------------------------------------------------------
>  -- User names
>  
> }
> 
> Context:
> 
> [Provide a dummy input file for queryfdoption01
> Matthias Kilian <kili at outback.escape.de>**20100418172619
>  Ignore-this: 4d7bfb388193ff6090f4a5fcfe798bbe
> ] 
> [mention that forkProcess is not supported with +RTS -Nn where n > 1
> Simon Marlow <marlowsd at gmail.com>**20100430082841
>  Ignore-this: c7bc7e8262bc72244061a9aba2dd468d
> ] 
> [make getAllGroupEntries work when called again; fixes #3816
> Simon Marlow <marlowsd at gmail.com>**20100329112713
>  Ignore-this: 8b5e3c1d8648d556b9f032a198a8475d
> ] 
> [add test for #3816
> Simon Marlow <marlowsd at gmail.com>**20100329112646
>  Ignore-this: 4d07e5956a5bc6dfb7be59473ccf6b98
> ] 
> [fix warnings
> Simon Marlow <marlowsd at gmail.com>**20100322131615
>  Ignore-this: 9fd97646b47d5d8d2957c0927885041e
> ] 
> [handleToFd: close both sides of a DuplexHandle (#3914)
> Simon Marlow <marlowsd at gmail.com>**20100319210802
>  Ignore-this: d1c17df79644a7ad140099d0c1474c81
> ] 
> [check for EINTR in openFd
> Simon Marlow <marlowsd at gmail.com>**20100127114600
>  Ignore-this: 28859b6a74c6d47d5c92db0eb688fa4c
> ] 
> [accept --with-cc to set the path to gcc (#2966)
> Simon Marlow <marlowsd at gmail.com>**20100127114329
>  Ignore-this: 127eccfccbfc849ce05aed5904d16b75
> ] 
> [System.Posix.Temp: rm whitespace
> gwern0 at gmail.com**20100119003437
>  Ignore-this: 33b2bcf99f7b6b21461ea0aee7c12ea8
> ] 
> [System.Posix.Temp: pad input filenames with 6 Xs
> gwern0 at gmail.com**20100119003022
>  Ignore-this: 1e5a45074881f75d58e3a0f02525b264
>  If the argument doesn't terminate in capital Xs, the C mkstemp will simply bomb out
>  with zero warning. This was not documented.
>  By arbitrarily sticking a bunch of Xes at the end of all arguments, we guarantee that
>  this exception will not be thrown, the type signature will not change, and no existing
>  code can break (since if it was manually avoiding the exception by adding "XXX" itself,
>  the temp files will now be simply 3 random characters longer, nothing worse).
> ] 
> [System.Posix.Temp: improve haddocks for mkstemp to explain what that returned String actually is
> gwern0 at gmail.com**20100119002755
>  Ignore-this: 5f5ec7871a687a024cda18b1b0d1e044
> ] 
> [fix base dependency: should be >= 4.2 (#3780), and bump verison to 2.4.0.1
> Simon Marlow <marlowsd at gmail.com>**20100113113803
>  Ignore-this: 121b61a9ea1ce1dcbe499285d1910d25
> ] 
> [no good reason these tests should be expect_fail, as far as I can tell
> Simon Marlow <marlowsd at gmail.com>**20091231145739
>  Ignore-this: a8f0dcb753f8520fb6953b7f9acd50c6
> ] 
> [Support for DragonFly
> Simon Marlow <marlowsd at gmail.com>**20091221110709
>  Ignore-this: cafb4888bc25aa8ed97ce947acabfaca
>  Not sure where this patch came from, I found it in my validate tree.
> ] 
> [Don't use absolute paths to headers (#3728)
> Simon Marlow <marlowsd at gmail.com>**20091221110634
>  Ignore-this: 64b17ec4d274fdc5bd9ee021d412c997
> ] 
> [Add Haiku (#3727)
> Simon Marlow <marlowsd at gmail.com>**20091221110554
>  Ignore-this: a76b1450c341d80312f1354efa95c8a0
> ] 
> [#include <fcntl.h>, not <sys/fcntl.h> (#3723)
> Simon Marlow <marlowsd at gmail.com>**20091216104154
>  Ignore-this: 9f11594ce66b2e2537b9a20a33912e0d
> ] 
> [forking works in GHCi too
> Simon Marlow <marlowsd at gmail.com>**20091111142055
>  Ignore-this: 90ead989e64e3cbffbae15e0c74b5f89
>  Or at least, it works well enough to run this test.  The main GHCi
>  thread is gone after forking, but the current evaluation continues to
>  run.
> ] 
> [add a test for #1185
> Simon Marlow <marlowsd at gmail.com>**20091021090741
>  Ignore-this: 581e367a446bc4a3996b09d39fbb102b
> ] 
> [run fdReadBuf only the threaded ways (fixed unregisterised failure)
> Simon Marlow <marlowsd at gmail.com>**20091008110126
>  Ignore-this: 7893c3ab18b25aa3c67b71633a1e7d35
> ] 
> [Add a test from trac #2969
> Ian Lynagh <igloo at earth.li>**20090923194837] 
> [Bump version to 2.4.0.0
> Ian Lynagh <igloo at earth.li>**20090920142001] 
> [Add comments about why user001 might fail on Linux.
> Simon Marlow <marlowsd at gmail.com>**20090917134046
>  See  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466647
> ] 
> [Allow building with base 4.2
> Ian Lynagh <igloo at earth.li>**20090911160736] 
> [remove dead code
> Simon Marlow <marlowsd at gmail.com>**20090908144627
>  Ignore-this: f7e3696e27307be289f9fbf85750fab8
> ] 
> [Use Foreign.Concurrent for Haskell finalizers (#3473)
> Simon Marlow <marlowsd at gmail.com>**20090908142536
>  Ignore-this: 72ce9a134562b451b0237e124d03c839
> ] 
> [Update to follow RTS tidyp changes
> Simon Marlow <marlowsd at gmail.com>**20090801193459
>  Ignore-this: 825b19edb4cee29945b179f21a8538e4
> ] 
> [NetBSD does not have support for symbol versioning, so updated systen
> Simon Marlow <marlowsd at gmail.com>**20090723075725
>  Ignore-this: 19a0cc5a913ba591074aab6c560ff5d8
>  functions need to be given a new name, and the header files contain
>  some __asm hackery in order to let the program call the correct function.
>  
>  This mean that you need to use the header files in order to call the
>  correct system functions, which prevents things like "foreign import ccall" from working.
>  
>  Ghc solves this with wrapper functions for some of the renamed functions,
>  but it has not been updated for newer versions of NetBSD that has recently
>  versioned some more functions.
>  
>  The attached patches introduces wrapper functions for all currently
>  NetBSD-versioned functions used in libraries/unix.  Solves ~20 testsuite
>  failures.
>  
>  Contributed by: Krister Walfridsson <krister.walfridsson at gmail.com>
> ] 
> [Fix warning
> Ian Lynagh <igloo at earth.li>**20090711112701] 
> [Fix some "warn-unused-do-bind" warnings where we want to ignore the value
> Ian Lynagh <igloo at earth.li>**20090710200806] 
> [Remove unused imports
> Ian Lynagh <igloo at earth.li>**20090707115900] 
> [Move directory stuff from base to here
> Simon Marlow <marlowsd at gmail.com>**20090625093258
>  Ignore-this: cd2ce9c12bac46285b5435f00c50a21e
>  leaving out Windows-specific hacks
> ] 
> [rename cache variables to keep recent autoconfs happy
> Ross Paterson <ross at soi.city.ac.uk>**20090616140611
>  Ignore-this: b522604509c77edeff37b3ec42f3741f
> ] 
> [TAG 2009-06-25
> Ian Lynagh <igloo at earth.li>**20090625160426] 
> Patch bundle hash:
> 04d8f50b091f7839082b270184e874d40325ca2c

> _______________________________________________
> Libraries mailing list
> Libraries at haskell.org
> http://www.haskell.org/mailman/listinfo/libraries

More information about the Libraries mailing list