#include "privileges.h"

#include <cstdlib>
#include <iostream>
#include <string>
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>

#include "config.h"

using namespace std::string_literals;

namespace {

 int get_number_from_process(std::string command) {
  char value[100];

  FILE* p = popen(command.data(), "r");
  if (p == NULL)
   throw std::runtime_error("Error executing: "s + command);

  if (fgets(value, sizeof(value), p) == NULL)
   throw std::runtime_error("Error reading from command: "s + command);

  pclose(p);

  return atoi(value);
 }

}

void drop_privileges(const Config& config)
{
 // skip when run as user
 if (geteuid() != 0) {
  std::cout << "Note: not running as root -> not dropping privileges" << std::endl;
  return;
 }

 int gid = get_number_from_process("id -g "s + config.Group());
 if (setgid(gid) == -1)
  throw std::runtime_error("setgid()");
 
 int uid = get_number_from_process("id -u "s + config.User());
 if (setuid(uid) == -1)
  throw std::runtime_error("setuid()");
}