/*

 * This was written by Andrew G. Morgan <morgan@kernel.org>

 *

 * This is a program that is intended to exec a subsequent program.

 * The purpose of this 'execcap' wrapper is to limit the inheritable

 * capabilities of the exec()'d program.  All environment variables

 * are inherited.

 */

#include <sys/types.h>

#include <errno.h>

#include <stdio.h>

#include <sys/capability.h>

#include <unistd.h>

#include <string.h>

#include <stdlib.h>

static void usage(void)

{

    fprintf(stderr,

"usage: execcap <caps> <command-path> [command-args...]\n\n"

"  This program is a wrapper that can be used to limit the Inheritable\n"

"  capabilities of a program to be executed.  Note, this wrapper is\n"

"  intended to assist in overcoming a lack of support for filesystem\n"

"  capability attributes and should be used to launch other files.\n"

"  This program should _NOT_ be made setuid-0.\n\n"

"[Copyright (c) 1998 Andrew G. Morgan <morgan@kernel.org>]\n");

    exit(1);

}

int main(int argc, char **argv)

{

    cap_t new_caps;

    /* this program should not be made setuid-0 */

    if (getuid() && !geteuid()) {

	usage();

    }

    /* check that we have at least 2 arguments */

    if (argc < 3) {

	usage();

    }

    /* parse the first argument to obtain a set of capabilities */

    new_caps = cap_from_text(argv[1]);

    if (new_caps == NULL) {

	fprintf(stderr, "requested capabilities were not recognized\n");

	usage();

    }

    /* set these capabilities for the current process */

    if (cap_set_proc(new_caps) != 0) {

	fprintf(stderr, "unable to set capabilities: %s\n", strerror(errno));

	usage();

    }

    /* exec the program indicated by args 2 ... */

    execvp(argv[2], argv+2);

    /* if we fall through to here, our exec failed -- announce the fact */

    fprintf(stderr, "Unable to execute command: %s\n", strerror(errno));

    usage();

    return 0;

}