1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
extern crate libc;
use std::ffi::CString;
fn is_root() -> bool {
unsafe { libc::getuid() == 0 }
}
fn get_guids(name: &str, group: &str) -> (u32, u32) {
let p = unsafe { libc::getpwnam(CString::new(name).unwrap().as_ptr()) };
let g = unsafe { libc::getgrnam(CString::new(group).unwrap().as_ptr()) };
unsafe {
(
{
*g
}.gr_gid,
{
*p
}.pw_uid,
)
}
}
fn set_guid(name: &str, group: &str) -> bool {
let guids = get_guids(name, group);
unsafe { !(libc::setgid(guids.0) != 0 || libc::setuid(guids.1) != 0) }
}
pub fn daemonize(user: &str, group: &str) -> Result<(), String> {
if !is_root() {
Err(
"Starting this application requires root privileges".to_string(),
)
} else if !set_guid(user, group) {
Err(format!("Unable to set user to {} or {}", user, group))
} else {
unsafe {
if libc::daemon(0, 0) == 0 {
Ok(())
} else {
Err("Error on daemon call".to_string())
}
}
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_set_guid_to_root() {
assert_eq!(false, set_guid("root", "wheel"));
}
#[test]
fn test_not_root_daemonize() {
match daemonize("root", "wheel") {
Ok(_) => (),
Err(e) => assert_eq!("Starting this application requires root privileges", e),
}
}
}