1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

extern crate libc;

use std::ffi::CString;

fn is_root() -> bool {
    unsafe { libc::getuid() == 0 }
}

fn get_guids(name: &str, group: &str) -> (u32, u32) {
    let p = unsafe { libc::getpwnam(CString::new(name).unwrap().as_ptr()) };
    let g = unsafe { libc::getgrnam(CString::new(group).unwrap().as_ptr()) };
    unsafe {
        (
            {
                *g
            }.gr_gid,
            {
                *p
            }.pw_uid,
        )
    }
}

fn set_guid(name: &str, group: &str) -> bool {
    let guids = get_guids(name, group);
    unsafe { !(libc::setgid(guids.0) != 0 || libc::setuid(guids.1) != 0) }
}

/// Daemonizes and privdrops the current process to the
/// user and group supplied as arguments.
///
/// ```
/// use daemonizer::*;
///
/// fn main() {
///     match daemonize("_daemon", "_daemon") {
///         Ok(v) => (),
///         Err(e) => (),
///     }
/// }
/// ```
pub fn daemonize(user: &str, group: &str) -> Result<(), String> {
    if !is_root() {
        Err(
            "Starting this application requires root privileges".to_string(),
        )
    } else if !set_guid(user, group) {
        Err(format!("Unable to set user to {} or {}", user, group))
    } else {
        unsafe {
            if libc::daemon(0, 0) == 0 {
                Ok(())
            } else {
                Err("Error on daemon call".to_string())
            }
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_set_guid_to_root() {
        assert_eq!(false, set_guid("root", "wheel"));
    }

    #[test]
    fn test_not_root_daemonize() {
        match daemonize("root", "wheel") {
            Ok(_) => (),
            Err(e) => assert_eq!("Starting this application requires root privileges", e),
        }
    }
}