commit 2f72ee8820d33009ea41f08a38329760c739ffd7
parent 660c923cd63d80d1d1ba58c9228af2a9e3ca1fcc
Author: Zack Newman <zack@philomathiclife.com>
Date: Wed, 30 Jul 2025 14:18:16 -0600
use setuid and setgid instead of setresuid and setresgid on some platforms
Diffstat:
3 files changed, 72 insertions(+), 5 deletions(-)
diff --git a/Cargo.toml b/Cargo.toml
@@ -10,24 +10,30 @@ name = "priv_sep"
readme = "README.md"
repository = "https://git.philomathiclife.com/repos/priv_sep/"
rust-version = "1.86.0"
-version = "3.0.0-alpha.1.1"
+version = "3.0.0-alpha.1.2"
[lints.rust]
ambiguous_negative_literals = { level = "deny", priority = -1 }
closure_returning_async_block = { level = "deny", priority = -1 }
+deprecated_safe = { level = "deny", priority = -1 }
deref_into_dyn_supertrait = { level = "deny", priority = -1 }
ffi_unwind_calls = { level = "deny", priority = -1 }
future_incompatible = { level = "deny", priority = -1 }
+#fuzzy_provenance_casts = { level = "deny", priority = -1 }
impl_trait_redundant_captures = { level = "deny", priority = -1 }
-keyword-idents = { level = "deny", priority = -1 }
+keyword_idents = { level = "deny", priority = -1 }
let_underscore = { level = "deny", priority = -1 }
linker_messages = { level = "deny", priority = -1 }
+#lossy_provenance_casts = { level = "deny", priority = -1 }
macro_use_extern_crate = { level = "deny", priority = -1 }
meta_variable_misuse = { level = "deny", priority = -1 }
missing_copy_implementations = { level = "deny", priority = -1 }
missing_debug_implementations = { level = "deny", priority = -1 }
missing_docs = { level = "deny", priority = -1 }
+#multiple_supertrait_upcastable = { level = "deny", priority = -1 }
+#must_not_suspend = { level = "deny", priority = -1 }
non_ascii_idents = { level = "deny", priority = -1 }
+#non_exhaustive_omitted_patterns = { level = "deny", priority = -1 }
nonstandard_style = { level = "deny", priority = -1 }
redundant_imports = { level = "deny", priority = -1 }
redundant_lifetimes = { level = "deny", priority = -1 }
@@ -37,11 +43,12 @@ rust_2018_idioms = { level = "deny", priority = -1 }
rust_2021_compatibility = { level = "deny", priority = -1 }
rust_2024_compatibility = { level = "deny", priority = -1 }
single_use_lifetimes = { level = "deny", priority = -1 }
+#supertrait_item_shadowing_definition = { level = "deny", priority = -1 }
trivial_casts = { level = "deny", priority = -1 }
trivial_numeric_casts = { level = "deny", priority = -1 }
unit_bindings = { level = "deny", priority = -1 }
-unknown_lints = { level = "deny", priority = -1 }
unnameable_types = { level = "deny", priority = -1 }
+#unqualified_local_imports = { level = "deny", priority = -1 }
unreachable_pub = { level = "deny", priority = -1 }
unsafe_code = { level = "deny", priority = -1 }
unstable_features = { level = "deny", priority = -1 }
diff --git a/src/c.rs b/src/c.rs
@@ -111,9 +111,37 @@ unsafe extern "C" {
/// [`getegid`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/getegid.html).
pub(crate) safe fn getegid() -> IdT;
/// [`setresuid`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/setresuid.html).
+ #[cfg(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ ))]
pub(crate) safe fn setresuid(ruid: IdT, euid: IdT, suid: IdT) -> c_int;
+ /// [`setuid`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/setuid.html#).
+ #[cfg(not(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ )))]
+ pub(crate) safe fn setuid(uid: IdT) -> c_int;
/// [`setresgid`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/setresgid.html).
+ #[cfg(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ ))]
pub(crate) safe fn setresgid(rgid: IdT, egid: IdT, sgid: IdT) -> c_int;
+ /// [`setgid`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/setgid.html#).
+ #[cfg(not(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ )))]
+ pub(crate) safe fn setgid(gid: IdT) -> c_int;
/// [`chroot(2)`](https://manned.org/chroot.2).
pub(crate) fn chroot(path: *const c_char) -> c_int;
/// [`chdir`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/chdir.html).
diff --git a/src/lib.rs b/src/lib.rs
@@ -158,6 +158,8 @@ impl Uid {
/// Calls [`setresuid`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/setresuid.html)
/// passing `self` for the real, effective, and saved user IDs.
///
+ /// Note on some platforms `setuid` is called using `self`.
+ ///
/// # Errors
///
/// Errors iff `setresuid` does.
@@ -170,7 +172,21 @@ impl Uid {
/// ```
#[inline]
pub fn setresuid(self) -> Result<(), Error> {
- if c::setresuid(self.0, self.0, self.0) == SUCCESS {
+ #[cfg(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ ))]
+ let code = c::setresuid(self.0, self.0, self.0);
+ #[cfg(not(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ )))]
+ let code = c::setuid(self.0);
+ if code == SUCCESS {
Ok(())
} else {
Err(Error::last_os_error())
@@ -240,6 +256,8 @@ impl Gid {
/// Calls [`setresgid`](https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/setresgid.html)
/// passing `self` for the real, effective, and saved group IDs.
///
+ /// Note on some platforms `setgid` is called using `self`.
+ ///
/// # Errors
///
/// Errors iff `setresgid` does.
@@ -252,7 +270,21 @@ impl Gid {
/// ```
#[inline]
pub fn setresgid(self) -> Result<(), Error> {
- if c::setresgid(self.0, self.0, self.0) == SUCCESS {
+ #[cfg(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ ))]
+ let code = c::setresgid(self.0, self.0, self.0);
+ #[cfg(not(any(
+ target_os = "dragonfly",
+ target_os = "freebsd",
+ target_os = "linux",
+ target_os = "openbsd"
+ )))]
+ let code = c::setgid(self.0);
+ if code == SUCCESS {
Ok(())
} else {
Err(Error::last_os_error())
