Support multiple users interacting with shm with starterd
The permission restrictions of signals make it hard to have AOS
applications started as arbitrary users communicate. Instead, make
starter run as the provided --user with the effective UID that it
started with. This makes shmem end up with all the right permissions so
everything can communicate.
Change-Id: I3c7fbfe8a73e7341ca32c010da1c38b5ba787523
Signed-off-by: Austin Schuh <austin.linux@gmail.com>
diff --git a/aos/starter/starterd.cc b/aos/starter/starterd.cc
index 66786a9..b40776d 100644
--- a/aos/starter/starterd.cc
+++ b/aos/starter/starterd.cc
@@ -1,11 +1,40 @@
+#include <pwd.h>
+#include <sys/types.h>
+
#include "aos/init.h"
#include "gflags/gflags.h"
#include "starterd_lib.h"
DEFINE_string(config, "./config.json", "File path of aos configuration");
+DEFINE_string(user, "",
+ "Starter runs as though this user ran a SUID binary if set.");
int main(int argc, char **argv) {
aos::InitGoogle(&argc, &argv);
+ if (!FLAGS_user.empty()) {
+ uid_t uid;
+ uid_t gid;
+ {
+ struct passwd *user_data = getpwnam(FLAGS_user.c_str());
+ if (user_data != nullptr) {
+ uid = user_data->pw_uid;
+ gid = user_data->pw_gid;
+ } else {
+ LOG(FATAL) << "Could not find user " << FLAGS_user;
+ return 1;
+ }
+ }
+ constexpr int kUnchanged = -1;
+ if (setresgid(/* ruid */ gid, /* euid */ gid,
+ /* suid */ kUnchanged) != 0) {
+ PLOG(FATAL) << "Failed to change GID to " << FLAGS_user;
+ }
+
+ if (setresuid(/* ruid */ uid, /* euid */ uid,
+ /* suid */ kUnchanged) != 0) {
+ PLOG(FATAL) << "Failed to change UID to " << FLAGS_user;
+ }
+ }
aos::FlatbufferDetachedBuffer<aos::Configuration> config =
aos::configuration::ReadConfig(FLAGS_config);