2 * Copyright (C) 2008 The Android Open Source Project
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
27 #include <private/android_filesystem_config.h>
29 void pwtoid(const char* tok, uid_t* uid, gid_t* gid) {
30 struct passwd* pw = getpwnam(tok);
32 if (uid) *uid = pw->pw_uid;
33 if (gid) *gid = pw->pw_gid;
37 uid_t tmpid = strtoul(tok, &end, 10);
38 if (errno != 0 || end == tok) error(1, errno, "invalid uid/gid '%s'", tok);
39 if (uid) *uid = tmpid;
40 if (gid) *gid = tmpid;
44 void extract_uidgids(const char* uidgids, uid_t* uid, gid_t* gid, gid_t* gids, int* gids_count) {
45 char *clobberablegids;
50 if (!uidgids || !*uidgids) {
56 clobberablegids = strdup(uidgids);
57 strcpy(clobberablegids, uidgids);
58 nexttok = clobberablegids;
59 tok = strsep(&nexttok, ",");
60 pwtoid(tok, uid, gid);
61 tok = strsep(&nexttok, ",");
63 /* gid is already set above */
65 free(clobberablegids);
68 pwtoid(tok, NULL, gid);
70 while ((gids_found < *gids_count) && (tok = strsep(&nexttok, ","))) {
71 pwtoid(tok, NULL, gids);
75 if (nexttok && gids_found == *gids_count) {
76 fprintf(stderr, "too many group ids\n");
78 *gids_count = gids_found;
79 free(clobberablegids);
82 int main(int argc, char** argv) {
83 uid_t current_uid = getuid();
84 if (current_uid != AID_ROOT && current_uid != AID_SHELL) error(1, 0, "not allowed");
86 // Handle -h and --help.
88 if (*argv && (strcmp(*argv, "--help") == 0 || strcmp(*argv, "-h") == 0)) {
90 "usage: su [UID[,GID[,GID2]...]] [COMMAND [ARG...]]\n"
92 "Switch to WHO (default 'root') and run the given command (default sh).\n"
94 "where WHO is a comma-separated list of user, group,\n"
95 "and supplementary groups in that order.\n"
100 // The default user is root.
104 // If there are any arguments, the first argument is the uid/gid/supplementary groups.
107 int gids_count = sizeof(gids)/sizeof(gids[0]);
108 extract_uidgids(*argv, &uid, &gid, gids, &gids_count);
110 if (setgroups(gids_count, gids)) {
111 error(1, errno, "setgroups failed");
117 if (setgid(gid)) error(1, errno, "setgid failed");
118 if (setuid(uid)) error(1, errno, "setuid failed");
120 // Reset parts of the environment.
121 setenv("PATH", _PATH_DEFPATH, 1);
123 struct passwd* pw = getpwuid(uid);
125 setenv("LOGNAME", pw->pw_name, 1);
126 setenv("USER", pw->pw_name, 1);
132 // Set up the arguments for exec.
133 char* exec_args[argc + 1]; // Having too much space is fine.
135 for (; *argv != NULL; ++i) {
136 exec_args[i] = *argv++;
138 // Default to the standard shell.
139 if (i == 0) exec_args[i++] = const_cast<char*>("/system/bin/sh");
142 execvp(exec_args[0], exec_args);
143 error(1, errno, "failed to exec %s", exec_args[0]);