diff options
| author |  Hector Martin | 2010-01-30 00:33:57 +0100 |
|---|---|---|
| committer | Hector Martin | 2010-01-30 00:33:57 +0100 |
| commit | 9932ebe49a47c929c8345625a907e5d4e73fe3d5 (patch) | |
| tree | bb8324e926b9730a25c73273ab99aae2087844bf | |
| parent | db1429f4ab24433ec1b98721230305ed043aba66 (diff) | |
| download | usbmuxd-9932ebe49a47c929c8345625a907e5d4e73fe3d5.tar.gz usbmuxd-9932ebe49a47c929c8345625a907e5d4e73fe3d5.tar.bz2 | |
Require explicit username to drop privs
| -rw-r--r-- | daemon/main.c | 18 | ||||
| -rw-r--r-- | udev/85-usbmuxd.rules.in | 2 |
2 files changed, 12 insertions, 8 deletions
diff --git a/daemon/main.c b/daemon/main.c index 363f3d5..18b28a8 100644 --- a/daemon/main.c +++ b/daemon/main.c @@ -56,7 +56,7 @@ int should_discover; static int verbose = 0; static int foreground = 0; static int drop_privileges = 0; -static const char *drop_user = "usbmux"; +static const char *drop_user = NULL; static int opt_udev = 0; static int opt_exit = 0; static int exit_signal = 0; @@ -336,8 +336,7 @@ static void usage() printf("\t-h|--help Print this message.\n"); printf("\t-v|--verbose Be verbose (use twice or more to increase).\n"); printf("\t-f|--foreground Do not daemonize (implies one -v).\n"); - printf("\t-U|--user[=USER] Change to this user after startup (needs usb privileges).\n"); - printf("\t If USER is not specified, defaults to usbmux.\n"); + printf("\t-U|--user USER Change to this user after startup (needs usb privileges).\n"); printf("\t-u|--udev Run in udev operation mode.\n"); printf("\t-x|--exit Tell a running instance to exit if there are no devices\n"); printf("\t connected (must be in udev mode).\n"); @@ -361,7 +360,7 @@ static void parse_opts(int argc, char **argv) int c; while (1) { - c = getopt_long(argc, argv, "hfvuU::xX", longopts, (int *) 0); + c = getopt_long(argc, argv, "hfvuU:xX", longopts, (int *) 0); if (c == -1) { break; } @@ -378,8 +377,7 @@ static void parse_opts(int argc, char **argv) break; case 'U': drop_privileges = 1; - if(optarg) - drop_user = optarg; + drop_user = optarg; break; case 'u': opt_udev = 1; @@ -519,7 +517,13 @@ int main(int argc, char *argv[]) // drop elevated privileges if (drop_privileges && (getuid() == 0 || geteuid() == 0)) { - struct passwd *pw = getpwnam(drop_user); + struct passwd *pw; + if (!drop_user) { + usbmuxd_log(LL_FATAL, "No user to drop privileges to?"); + res = -1; + goto terminate; + } + pw = getpwnam(drop_user); if (!pw) { usbmuxd_log(LL_FATAL, "Dropping privileges failed, check if user '%s' exists!", drop_user); res = -1; diff --git a/udev/85-usbmuxd.rules.in b/udev/85-usbmuxd.rules.in index f68a5fa..f9c8376 100644 --- a/udev/85-usbmuxd.rules.in +++ b/udev/85-usbmuxd.rules.in @@ -1,7 +1,7 @@ # usbmuxd (iPhone "Apple Mobile Device" MUXer listening on /var/run/usbmuxd) # Forces iPhone 1.0, 3G, 3GS and iPodTouch 1 and 2 to USB configuration 3 and run usbmuxd -ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="05ac", ATTR{idProduct}=="129[0-9]", ATTR{bConfigurationValue}!="$attr{bNumConfigurations}", ATTR{bConfigurationValue}="$attr{bNumConfigurations}", RUN+="@CMAKE_INSTALL_PREFIX@/sbin/usbmuxd -u -U" +ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="05ac", ATTR{idProduct}=="129[0-9]", ATTR{bConfigurationValue}!="$attr{bNumConfigurations}", ATTR{bConfigurationValue}="$attr{bNumConfigurations}", RUN+="@CMAKE_INSTALL_PREFIX@/sbin/usbmuxd -u -U usbmux" # Exit usbmuxd when the last phone is removed ACTION=="remove", SUBSYSTEM=="usb", ENV{PRODUCT}=="5ac/129[0-9]/*", ENV{INTERFACE}=="255/*", RUN+="@CMAKE_INSTALL_PREFIX@/sbin/usbmuxd -x" |