From 09918cfe4f1f75bef96d5179e37d88f247baf781 Mon Sep 17 00:00:00 2001
From: Julian Blake Kongslie <jblake@omgwallhack.org>
Date: Thu, 11 Apr 2013 22:11:58 -0700
Subject: Adding a whole lot of debugging messages.

---
 main.cc | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

(limited to 'main.cc')

diff --git a/main.cc b/main.cc
index 27c7806..61946e3 100644
--- a/main.cc
+++ b/main.cc
@@ -10,17 +10,30 @@
 #include <utility>
 #include <vector>
 
+#ifdef NOISY
+#  define DEBUG(...) fprintf( stderr, __VA_ARGS__ )
+#else
+#  define DEBUG(...) do { } while ( 0 )
+#endif
+
 uid_t parse_user( const char *user ) {
 
   char *end;
   unsigned long tmp;
 
+  DEBUG( "insecuresuexec parse_user( %s )\n", user );
+
   tmp = strtoul( user, &end, 10 );
   if ( end != user && ! *end ) {
+    DEBUG( "  which is the uid %lu\n", tmp );
     return tmp;
   } else {
+    DEBUG( "  which is a username\n" );
+    errno = 0;
     struct passwd *pw = getpwnam( user );
+    assert_perror( errno );
     assert( pw );
+    DEBUG( "  corresponding to the uid %u\n", pw->pw_uid );
     return pw->pw_uid;
   };
 
@@ -31,12 +44,19 @@ gid_t parse_group( const char *group ) {
   char *end;
   unsigned long tmp;
 
+  DEBUG( "insecuresuexec parse_group( %s )\n", group );
+
   tmp = strtoul( group, &end, 10 );
   if ( end != group && ! *end ) {
+    DEBUG( "  which is the gid %lu\n", tmp );
     return tmp;
   } else {
+    DEBUG( "  which is a groupname\n" );
+    errno = 0;
     struct group *gr = getgrnam( group );
+    assert_perror( errno );
     assert( gr );
+    DEBUG( "  corresponding to the gid %u\n", gr->gr_gid );
     return gr->gr_gid;
   };
 
@@ -174,9 +194,13 @@ int main( int argc, char *argv[] ) {
   char *cmd = argv[3];
   char **args = argv + 3;
 
+  DEBUG( "insecuresuexec user=%s group=%s cmd=%s\n", user, group, cmd );
+
   uid_t uid;
   gid_t gid;
 
+  DEBUG( "insecuresuexec is parsing the command-line user and group...\n" );
+
   uid = parse_user( user );
   gid = parse_group( group );
 
@@ -186,8 +210,12 @@ int main( int argc, char *argv[] ) {
     _exit( 1 );
   };
 
+  DEBUG( "insecuresuexec is parsing the stored permissions...\n" );
+
   auto allowed = read_permissions( "/etc/insecuresuexec/permissions" );
 
+  DEBUG( "insecuresuexec is running the configured security checks...\n" );
+
   // the configurable security checks
   bool ok = false;
   for ( auto i = allowed->begin( ); i != allowed->end( ); ++i ) {
@@ -199,6 +227,8 @@ int main( int argc, char *argv[] ) {
     _exit( 1 );
   };
 
+  DEBUG( "insecuresuexec is going to go ahead with the exec...\n" );
+
   if ( setgroups( 0, NULL ) != 0 )
     assert_perror( errno );
 
-- 
cgit v1.2.3