*) ;;
esac])
+AC_ARG_WITH(project, [ --with-project enable Solaris project support],
+[case $with_project in
+ yes|no) ;;
+ no) ;;
+ *) AC_MSG_ERROR(["--with-project does not take an argument."])
+ ;;
+esac])
+
AC_MSG_CHECKING(whether to lecture users the first time they run sudo)
AC_ARG_WITH(lecture, [ --without-lecture don't print lecture for first-time sudoer],
[case $with_lecture in
AC_CHECK_HEADER(bsd_auth.h, AC_DEFINE(HAVE_BSD_AUTH_H)
[SUDO_ADD_AUTH([BSD authentication], [bsdauth.o], [true])], -)
fi
+if test ${with_project-'no'} != "no"; then
+ AC_CHECK_HEADER(project.h, AC_DEFINE(HAVE_PROJECT_H)
+ [SUDO_LIBS="${SUDO_LIBS} -lproject"], -)
+fi
dnl
dnl typedef checks
dnl
# define LOGIN_DEFROOTCLASS "daemon"
# endif
#endif
+#ifdef HAVE_PROJECT_H
+# include <project.h>
+# include <sys/task.h>
+#endif
#include "sudo.h"
#include "interfaces.h"
static int parse_args __P((int, char **));
static void initial_setup __P((void));
static void set_loginclass __P((struct passwd *));
+static void set_project __P((struct passwd *));
static void usage __P((int))
__attribute__((__noreturn__));
static void usage_excl __P((int))
{
int rval;
+ /* Set project if applicable. */
+ set_project(runas_pw);
+
/* Resolve the path and return. */
rval = FOUND;
user_stat = emalloc(sizeof(struct stat));
}
#endif /* HAVE_LOGIN_CAP_H */
+#ifdef HAVE_PROJECT_H
+static void
+set_project(pw)
+ struct passwd *pw;
+{
+ int errflags = NO_MAIL|MSG_ONLY|NO_EXIT;
+ int errval;
+ struct project proj;
+ struct project *resultp = '\0';
+ char buf[1024];
+
+ /*
+ * Collect the default project for the user and settaskid
+ */
+ setprojent();
+ if (resultp = getdefaultproj(pw->pw_name, &proj, buf, sizeof(buf))) {
+ errval = setproject(resultp->pj_name, pw->pw_name, TASK_NORMAL);
+ if (errval != 0) {
+ switch(errval) {
+ case SETPROJ_ERR_TASK:
+ if (errno == EAGAIN)
+ log_error(errflags, "resource control limit has been reached");
+ else if (errno == ESRCH)
+ log_error(errflags, "user \"%s\" is not a member of "
+ "project \"%s\"", pw->pw_name, resultp->pj_name);
+ else if (errno == EACCES)
+ log_error(errflags, "the invoking task is final");
+ else
+ log_error(errflags, "could not join project \"%s\"",
+ resultp->pj_name);
+ break;
+ case SETPROJ_ERR_POOL:
+ if (errno == EACCES)
+ log_error(errflags, "no resource pool accepting "
+ "default bindings exists for project \"%s\"",
+ resultp->pj_name);
+ else if (errno == ESRCH)
+ log_error(errflags, "specified resource pool does "
+ "not exist for project \"%s\"", resultp->pj_name);
+ else
+ log_error(errflags, "could not bind to default "
+ "resource pool for project \"%s\"", resultp->pj_name);
+ break;
+ default:
+ if (error <= 0) {
+ log_error(errflags, "setproject failed for project \"%s\"",
+ resultp->pj_name);
+ } else {
+ log_error(errflags, "warning, resource control assignment "
+ "failed for project \"%s\"", resultp->pj_name);
+ }
+ }
+ }
+ } else {
+ log_error(errflags, "getdefaultproj() error: %s", strerror(errno));
+ }
+ endprojent();
+}
+#else
+static void
+set_project(pw)
+ struct passwd *pw;
+{
+}
+#endif /* HAVE_PROJECT_H */
+
/*
* Look up the fully qualified domain name and set user_host and user_shost.
*/
projects / sudo / commitdiff