[SCM] The rsync repository. - branch master updated

Sun Oct 7 17:37:23 MDT 2012

The branch, master has been updated
       via  0bacacc Perl version of lsh that can change user w/o sudo.
      from  d46f831 Fix bogus "vanished file" with "./" prefixes. Fixes bug 9212.

;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 0bacaccee6ee8e6614aaa21711f7656b8309ac53
Author: Wayne Davison <wayned at samba.org>
Date:   Sun Oct 7 16:20:41 2012 -0700

    Perl version of lsh that can change user w/o sudo.

-----------------------------------------------------------------------

Summary of changes:
 support/lsh.pl |   81 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 81 insertions(+), 0 deletions(-)
 create mode 100755 support/lsh.pl


Changeset truncated at 500 lines:

diff --git a/support/lsh.pl b/support/lsh.pl
new file mode 100755
index 0000000..2f64d31
--- /dev/null
+++ b/support/lsh.pl
@@ -0,0 +1,81 @@
+#!/usr/bin/perl
+# This script can be used as a "remote shell" command that is only
+# capable of pretending to connect to "localhost".  This is useful
+# for testing or for running a local copy where the sender and the
+# receiver needs to use different options (e.g. --fake-super).  If
+# we get -l USER, we try to become the USER, either directly (must
+# be root) or by using "sudo -H -u USER" (requires --sudo option).
+
+use strict;
+use warnings;
+use Getopt::Long;
+use English '-no_match_vars';
+
+&Getopt::Long::Configure('bundling');
+&Getopt::Long::Configure('require_order');
+GetOptions(
+    'l=s' => \( my $login_name ),
+    '1|2|4|6|A|a|C|f|g|k|M|N|n|q|s|T|t|V|v|X|x|Y' => sub { }, # Ignore
+    'b|c|D|e|F|i|L|m|O|o|p|R|S|w=s' => sub { }, # Ignore
+    'no-cd' => \( my $no_chdir ),
+    'sudo' => \( my $use_sudo ),
+) or &usage;
+&usage unless @ARGV > 1;
+
+my $host = shift;
+if ($host =~ s/^([^@]+)\@//) {
+    $login_name = $1;
+}
+if ($host ne 'localhost') {
+    die "lsh: unable to connect to host $host\n";
+}
+
+my ($home_dir, @cmd);
+if ($login_name) {
+    my ($uid, $gid);
+    if ($login_name =~ /\D/) {
+	$uid = getpwnam($login_name);
+	die "Unknown user: $login_name\n" unless defined $uid;
+    } else {
+	$uid = $login_name;
+    }
+    ($login_name, $gid, $home_dir) = (getpwuid($uid))[0,3,7];
+    if ($use_sudo) {
+	unshift @ARGV, "cd '$home_dir' &&" unless $no_chdir;
+	unshift @cmd, qw( sudo -H -u ), $login_name;
+	$no_chdir = 1;
+    } else {
+	my $groups = "$gid $gid";
+	while (my ($grgid, $grmembers) = (getgrent)[2,3]) {
+	    if ($grgid != $gid && $grmembers =~ /(^|\s)\Q$login_name\E(\s|$)/o) {
+		$groups .= " $grgid";
+	    }
+	}
+
+	my ($ruid, $euid) = ($UID, $EUID);
+	$GID = $EGID = $groups;
+	$UID = $EUID = $uid;
+	die "Cannot set ruid: $! (use --sudo?)\n" if $UID == $ruid && $ruid != $uid;
+	die "Cannot set euid: $! (use --sudo?)\n" if $EUID == $euid && $euid != $uid;
+
+	$ENV{USER} = $ENV{USERNAME} = $login_name;
+	$ENV{HOME} = $home_dir;
+    }
+} else {
+    $home_dir = (getpwuid($UID))[7];
+}
+
+unless ($no_chdir) {
+    chdir $home_dir or die "Unable to chdir to $home_dir: $!\n";
+}
+
+push @cmd, '/bin/sh', '-c', "@ARGV";
+exec @cmd;
+die "Failed to exec: $!\n";
+
+sub usage
+{
+    die <<EOT;
+Usage: lsh [-l user] [--sudo] [--no-cd] localhost COMMAND [...]
+EOT
+}


-- 
The rsync repository.
