diff options
Diffstat (limited to 'os-posix.c')
| -rw-r--r-- | os-posix.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/os-posix.c b/os-posix.c index 0deddf3e41..8b686a44e1 100644 --- a/os-posix.c +++ b/os-posix.c @@ -28,6 +28,7 @@ #include <signal.h> #include <sys/types.h> #include <sys/wait.h> +#include <pwd.h> #include <libgen.h> /* Needed early for CONFIG_BSD etc. */ @@ -36,6 +37,8 @@ #include "net/slirp.h" #include "qemu-options.h" +static struct passwd *user_pwd; + void os_setup_early_signal_handling(void) { struct sigaction act; @@ -146,6 +149,31 @@ void os_parse_cmd_args(int index, const char *optarg) exit(1); break; #endif + case QEMU_OPTION_runas: + user_pwd = getpwnam(optarg); + if (!user_pwd) { + fprintf(stderr, "User \"%s\" doesn't exist\n", optarg); + exit(1); + } + break; } return; } + +void os_change_process_uid(void) +{ + if (user_pwd) { + if (setgid(user_pwd->pw_gid) < 0) { + fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid); + exit(1); + } + if (setuid(user_pwd->pw_uid) < 0) { + fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid); + exit(1); + } + if (setuid(0) != -1) { + fprintf(stderr, "Dropping privileges failed\n"); + exit(1); + } + } +} |