#!/usr/bin/perl -w
use strict;
use POSIX qw(setgid setsid setuid);
my $i;
my $pid;
my @user;
my $dmon_id="furrypop";
my $outfile="/export/home/furrypop/daemon.out";
&write_log("Start");
chdir '/' or die "Can't chdir to /: $!";
open STDIN, '/dev/null' or die "Can't read /dev/null: $!";
open STDOUT, '>/dev/null' or die "Can't write to /dev/null: $!";
defined($pid = fork) or die "Can't fork: $!";
if ($pid) {
# parent-only processing follows...
&write_log("Parent");
sleep 10;
}
else {
# child-only processing follows...
# switch the ID under which the child is running
setsid or die "Can't start a new session: $!";
@user=getpwnam($dmon_id);
if (@user) {
# setuid $user[2] or die "Cannot switch ID to $dmon_id: $!";
# setgid $user[3] or die "Cannot switch group for $dmon_id: $!";
$< = $user[2];
$> = $user[2];
$( = $user[3];
$) = $user[3];
}
else {
die "Invalid user ID ($dmon_id)";
}
&write_log("Child");
sleep 10;
}
sub write_log {
open(OUTFILE, ">>$outfile") or die "Cannot open file $outfile : $!";
print OUTFILE "$_[0] pid $$\n user real $< effective $>\n group real $( effective $)\n";
close OUTFILE;
}
####
$< = $user[2];
$> = $user[2];
$( = $user[3];
$) = $user[3];
####
root 15569 8068 0 16:06:31 pts/12 0:00 /usr/bin/perl -w daemon_gid_test.pl
furrypop 15570 15569 0 16:06:31 ? 0:00 /usr/bin/perl -w daemon_gid_test.pl
####
Start pid 15569
user real 0 effective 0
group real 1 12 9 8 7 6 5 4 3 2 0 1 effective 1 12 9 8 7 6 5 4 3 2 0 1
Parent pid 15569
user real 0 effective 0
group real 1 12 9 8 7 6 5 4 3 2 0 1 effective 1 12 9 8 7 6 5 4 3 2 0 1
Child pid 15570
user real 514 effective 514
group real 1 12 9 8 7 6 5 4 3 2 0 1 effective 1 12 9 8 7 6 5 4 3 2 0 1
####
setuid $user[2] or die "Cannot switch ID to $dmon_id: $!";
setgid $user[3] or die "Cannot switch group for $dmon_id: $!";
####
root 15588 8068 0 16:08:50 pts/12 0:00 /usr/bin/perl -w daemon_gid_test.pl
root 15589 15588 0 16:08:50 ? 0:00 /usr/bin/perl -w daemon_gid_test.pl
####
Start pid 15588
user real 0 effective 0
group real 1 12 9 8 7 6 5 4 3 2 0 1 effective 1 12 9 8 7 6 5 4 3 2 0 1
Parent pid 15588
user real 0 effective 0
group real 1 12 9 8 7 6 5 4 3 2 0 1 effective 1 12 9 8 7 6 5 4 3 2 0 1
Child pid 15589
user real 514 effective 0
group real 350 12 9 8 7 6 5 4 3 2 0 1 effective 1 12 9 8 7 6 5 4 3 2 0 1