kdelibs/kdesu/client.cpp

/* vi: ts=8 sts=4 sw=4
 *
 * This file is part of the KDE project, module kdesu.
 * Copyright (C) 1999,2000 Geert Jansen <jansen@kde.org>
 *
 * This is free software; you can use this library under the GNU Library
 * General Public License, version 2. See the file "COPYING.LIB" for the
 * exact licensing terms.
 *
 * client.cpp: A client for kdesud.
 */

#include "client.h"

#include <config.h>
#include <config-kdesu.h>

#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <pwd.h>
#include <errno.h>
#include <string.h>

#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/stat.h>

#include <QtCore/QBool>
#include <QtCore/QFile>
#include <QtCore/QRegExp>

#include <kdebug.h>
#include <kstandarddirs.h>
#include <ktoolinvocation.h>
#include <kde_file.h>

extern int kdesuDebugArea();

namespace KDESu {

class KDEsuClient::KDEsuClientPrivate {
public:
    KDEsuClientPrivate() : sockfd(-1) {}
    QString daemon;
    int sockfd;
    QByteArray sock;
};

#ifndef SUN_LEN
#define SUN_LEN(ptr) ((socklen_t) (((struct sockaddr_un *) 0)->sun_path) \
	             + strlen ((ptr)->sun_path))
#endif

KDEsuClient::KDEsuClient()
    :d(new KDEsuClientPrivate)
{
#ifdef Q_WS_X11
    QString display = QString::fromLatin1(qgetenv("DISPLAY"));
    if (display.isEmpty())
    {
        kWarning(kdesuDebugArea()) << k_lineinfo << "$DISPLAY is not set.";
        return;
    }

    // strip the screen number from the display
    display.remove(QRegExp("\\.[0-9]+$"));
#elif defined(Q_WS_QWS)
    QByteArray display("QWS");
#else
    QByteArray display("NODISPLAY");
#endif

    d->sock = QFile::encodeName( KStandardDirs::locateLocal("socket",
                                    QString("kdesud_").append(display)));
    connect();
}


KDEsuClient::~KDEsuClient()
{
    if (d->sockfd >= 0)
	close(d->sockfd);
    delete d;
}

int KDEsuClient::connect()
{
    if (d->sockfd >= 0)
	close(d->sockfd);
    if (access(d->sock, R_OK|W_OK))
    {
	d->sockfd = -1;
	return -1;
    }

    d->sockfd = socket(PF_UNIX, SOCK_STREAM, 0);
    if (d->sockfd < 0)
    {
	kWarning(kdesuDebugArea()) << k_lineinfo << "socket():" << perror;
	return -1;
    }
    struct sockaddr_un addr;
    addr.sun_family = AF_UNIX;
    strcpy(addr.sun_path, d->sock);

    if (::connect(d->sockfd, (struct sockaddr *) &addr, SUN_LEN(&addr)) < 0)
    {
        kWarning(kdesuDebugArea()) << k_lineinfo << "connect():" << perror;
	close(d->sockfd); d->sockfd = -1;
	return -1;
    }

#if !defined(SO_PEERCRED) || !defined(HAVE_STRUCT_UCRED)
# if defined(HAVE_GETPEEREID)
    uid_t euid;
    gid_t egid;
    // Security: if socket exists, we must own it
    if (getpeereid(d->sockfd, &euid, &egid) == 0)
    {
       if (euid != getuid())
       {
            kWarning(kdesuDebugArea()) << "socket not owned by me! socket uid =" << euid;
            close(d->sockfd); d->sockfd = -1;
            return -1;
       }
    }
# else
#  ifdef __GNUC__
#   warning "Using sloppy security checks"
#  endif
    // We check the owner of the socket after we have connected.
    // If the socket was somehow not ours an attacker will be able
    // to delete it after we connect but shouldn't be able to
    // create a socket that is owned by us.
    KDE_struct_stat s;
    if (KDE_lstat(d->sock, &s)!=0)
    {
        kWarning(kdesuDebugArea()) << "stat failed (" << d->sock << ")";
	close(d->sockfd); d->sockfd = -1;
	return -1;
    }
    if (s.st_uid != getuid())
    {
        kWarning(kdesuDebugArea()) << "socket not owned by me! socket uid =" << s.st_uid;
	close(d->sockfd); d->sockfd = -1;
	return -1;
    }
    if (!S_ISSOCK(s.st_mode))
    {
        kWarning(kdesuDebugArea()) << "socket is not a socket (" << d->sock << ")";
	close(d->sockfd); d->sockfd = -1;
	return -1;
    }
# endif
#else
    struct ucred cred;
    socklen_t siz = sizeof(cred);

    // Security: if socket exists, we must own it
    if (getsockopt(d->sockfd, SOL_SOCKET, SO_PEERCRED, &cred, &siz) == 0)
    {
        if (cred.uid != getuid())
        {
            kWarning(kdesuDebugArea()) << "socket not owned by me! socket uid =" << cred.uid;
            close(d->sockfd); d->sockfd = -1;
            return -1;
        }
    }
#endif

    return 0;
}

QByteArray KDEsuClient::escape(const QByteArray &str)
{
    QByteArray copy;
    copy.reserve(str.size() + 4);
    copy.append('"');
    for (int i = 0; i < str.size(); i++) {
        uchar c = str.at(i);
        if (c < 32) {
            copy.append('\\');
            copy.append('^');
            copy.append(c + '@');
        } else {
            if (c == '\\' || c == '"')
                copy.append('\\');
            copy.append(c);
        }
    }
    copy.append('"');
    return copy;
}

int KDEsuClient::command(const QByteArray &cmd, QByteArray *result)
{
    if (d->sockfd < 0)
	return -1;

    if (send(d->sockfd, cmd, cmd.length(), 0) != (int) cmd.length())
	return -1;

    char buf[1024];
    int nbytes = recv(d->sockfd, buf, 1023, 0);
    if (nbytes <= 0)
    {
	kWarning(kdesuDebugArea()) << k_lineinfo << "no reply from daemon.";
	return -1;
    }
    buf[nbytes] = '\000';

    QByteArray reply = buf;
    if (reply.left(2) != "OK")
	return -1;

    if (result)
	*result = reply.mid(3, reply.length()-4);
    return 0;
}

int KDEsuClient::setPass(const char *pass, int timeout)
{
    QByteArray cmd = "PASS ";
    cmd += escape(pass);
    cmd += ' ';
    cmd += QByteArray().setNum(timeout);
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::exec(const QByteArray &prog, const QByteArray &user, const QByteArray &options, const QList<QByteArray> &env)
{
    QByteArray cmd;
    cmd = "EXEC ";
    cmd += escape(prog);
    cmd += ' ';
    cmd += escape(user);
    if (!options.isEmpty() || !env.isEmpty())
    {
       cmd += ' ';
       cmd += escape(options);
       for (int i = 0; i < env.count(); ++i)
       {
          cmd += ' ';
          cmd += escape(env.at(i));
       }
    }
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::setHost(const QByteArray &host)
{
    QByteArray cmd = "HOST ";
    cmd += escape(host);
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::setPriority(int prio)
{
    QByteArray cmd;
    cmd += "PRIO ";
    cmd += QByteArray::number(prio);
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::setScheduler(int sched)
{
    QByteArray cmd;
    cmd += "SCHD ";
    cmd += QByteArray::number(sched);
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::delCommand(const QByteArray &key, const QByteArray &user)
{
    QByteArray cmd = "DEL ";
    cmd += escape(key);
    cmd += ' ';
    cmd += escape(user);
    cmd += '\n';
    return command(cmd);
}
int KDEsuClient::setVar(const QByteArray &key, const QByteArray &value, int timeout,
                        const QByteArray &group)
{
    QByteArray cmd = "SET ";
    cmd += escape(key);
    cmd += ' ';
    cmd += escape(value);
    cmd += ' ';
    cmd += escape(group);
    cmd += ' ';
    cmd += QByteArray().setNum(timeout);
    cmd += '\n';
    return command(cmd);
}

QByteArray KDEsuClient::getVar(const QByteArray &key)
{
    QByteArray cmd = "GET ";
    cmd += escape(key);
    cmd += '\n';
    QByteArray reply;
    command(cmd, &reply);
    return reply;
}

QList<QByteArray> KDEsuClient::getKeys(const QByteArray &group)
{
    QByteArray cmd = "GETK ";
    cmd += escape(group);
    cmd += '\n';
    QByteArray reply;
    command(cmd, &reply);
    int index=0, pos;
    QList<QByteArray> list;
    if( !reply.isEmpty() )
    {
        // kDebug(kdesuDebugArea()) << "Found a matching entry:" << reply;
        while (1)
        {
            pos = reply.indexOf( '\007', index );
            if( pos == -1 )
            {
                if( index == 0 )
                    list.append( reply );
                else
                    list.append( reply.mid(index) );
                break;
            }
            else
            {
                list.append( reply.mid(index, pos-index) );
            }
            index = pos+1;
        }
    }
    return list;
}

bool KDEsuClient::findGroup(const QByteArray &group)
{
    QByteArray cmd = "CHKG ";
    cmd += escape(group);
    cmd += '\n';
    if( command(cmd) == -1 )
        return false;
    return true;
}

int KDEsuClient::delVar(const QByteArray &key)
{
    QByteArray cmd = "DELV ";
    cmd += escape(key);
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::delGroup(const QByteArray &group)
{
    QByteArray cmd = "DELG ";
    cmd += escape(group);
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::delVars(const QByteArray &special_key)
{
    QByteArray cmd = "DELS ";
    cmd += escape(special_key);
    cmd += '\n';
    return command(cmd);
}

int KDEsuClient::ping()
{
    return command("PING\n");
}

int KDEsuClient::exitCode()
{
    QByteArray result;
    if (command("EXIT\n", &result) != 0)
       return -1;

    return result.toInt();
}

int KDEsuClient::stopServer()
{
    return command("STOP\n");
}

static QString findDaemon()
{
    QString daemon = KStandardDirs::locate("bin", "kdesud");
    if (daemon.isEmpty()) // if not in KDEDIRS, rely on PATH
	daemon = KStandardDirs::findExe("kdesud");

    if (daemon.isEmpty())
    {
	kWarning(kdesuDebugArea()) << k_lineinfo << "daemon not found.";
    }
    return daemon;
}

bool KDEsuClient::isServerSGID()
{
    if (d->daemon.isEmpty())
       d->daemon = findDaemon();
    if (d->daemon.isEmpty())
       return false;

    KDE_struct_stat sbuf;
    if (KDE::stat(d->daemon, &sbuf) < 0)
    {
	kWarning(kdesuDebugArea()) << k_lineinfo << "stat():" << perror;
	return false;
    }
    return (sbuf.st_mode & S_ISGID);
}

int KDEsuClient::startServer()
{
    if (d->daemon.isEmpty())
       d->daemon = findDaemon();
    if (d->daemon.isEmpty())
       return -1;

    if (!isServerSGID()) {
	kWarning(kdesuDebugArea()) << k_lineinfo << "kdesud not setgid!";
    }

    // kdesud only forks to the background after it is accepting
    // connections.
    // We start it via kdeinit to make sure that it doesn't inherit
    // any fd's from the parent process.
    int ret = KToolInvocation::kdeinitExecWait(d->daemon);
    connect();
    return ret;
}

}
initial import 2014-11-13 01:04:59 +02:00			`/* vi: ts=8 sts=4 sw=4`
			`*`
			`* This file is part of the KDE project, module kdesu.`
			`* Copyright (C) 1999,2000 Geert Jansen <jansen@kde.org>`
			`*`
			`* This is free software; you can use this library under the GNU Library`
			`* General Public License, version 2. See the file "COPYING.LIB" for the`
			`* exact licensing terms.`
			`*`
			`* client.cpp: A client for kdesud.`
			`*/`

			`#include "client.h"`

			`#include <config.h>`
			`#include <config-kdesu.h>`

			`#include <stdio.h>`
			`#include <unistd.h>`
			`#include <stdlib.h>`
			`#include <pwd.h>`
			`#include <errno.h>`
			`#include <string.h>`

			`#include <sys/types.h>`
			`#include <sys/socket.h>`
			`#include <sys/un.h>`
			`#include <sys/stat.h>`

			`#include <QtCore/QBool>`
			`#include <QtCore/QFile>`
			`#include <QtCore/QRegExp>`

			`#include <kdebug.h>`
			`#include <kstandarddirs.h>`
			`#include <ktoolinvocation.h>`
			`#include <kde_file.h>`

			`extern int kdesuDebugArea();`

			`namespace KDESu {`

			`class KDEsuClient::KDEsuClientPrivate {`
			`public:`
			`KDEsuClientPrivate() : sockfd(-1) {}`
			`QString daemon;`
			`int sockfd;`
			`QByteArray sock;`
			`};`

			`#ifndef SUN_LEN`
			`#define SUN_LEN(ptr) ((socklen_t) (((struct sockaddr_un *) 0)->sun_path) \`
			`+ strlen ((ptr)->sun_path))`
			`#endif`

			`KDEsuClient::KDEsuClient()`
			`:d(new KDEsuClientPrivate)`
			`{`
			`#ifdef Q_WS_X11`
			`QString display = QString::fromLatin1(qgetenv("DISPLAY"));`
			`if (display.isEmpty())`
			`{`
			`kWarning(kdesuDebugArea()) << k_lineinfo << "$DISPLAY is not set.";`
			`return;`
			`}`

			`// strip the screen number from the display`
			`display.remove(QRegExp("\\.[0-9]+$"));`
			`#elif defined(Q_WS_QWS)`
			`QByteArray display("QWS");`
			`#else`
			`QByteArray display("NODISPLAY");`
			`#endif`

			`d->sock = QFile::encodeName( KStandardDirs::locateLocal("socket",`
			`QString("kdesud_").append(display)));`
			`connect();`
			`}`


			`KDEsuClient::~KDEsuClient()`
			`{`
			`if (d->sockfd >= 0)`
			`close(d->sockfd);`
			`delete d;`
			`}`

			`int KDEsuClient::connect()`
			`{`
			`if (d->sockfd >= 0)`
			`close(d->sockfd);`
			`if (access(d->sock, R_OK\|W_OK))`
			`{`
			`d->sockfd = -1;`
			`return -1;`
			`}`

			`d->sockfd = socket(PF_UNIX, SOCK_STREAM, 0);`
			`if (d->sockfd < 0)`
			`{`
			`kWarning(kdesuDebugArea()) << k_lineinfo << "socket():" << perror;`
			`return -1;`
			`}`
			`struct sockaddr_un addr;`
			`addr.sun_family = AF_UNIX;`
			`strcpy(addr.sun_path, d->sock);`

			`if (::connect(d->sockfd, (struct sockaddr *) &addr, SUN_LEN(&addr)) < 0)`
			`{`
			`kWarning(kdesuDebugArea()) << k_lineinfo << "connect():" << perror;`
			`close(d->sockfd); d->sockfd = -1;`
			`return -1;`
			`}`

			`#if !defined(SO_PEERCRED) \|\| !defined(HAVE_STRUCT_UCRED)`
			`# if defined(HAVE_GETPEEREID)`
			`uid_t euid;`
			`gid_t egid;`
			`// Security: if socket exists, we must own it`
			`if (getpeereid(d->sockfd, &euid, &egid) == 0)`
			`{`
			`if (euid != getuid())`
			`{`
			`kWarning(kdesuDebugArea()) << "socket not owned by me! socket uid =" << euid;`
			`close(d->sockfd); d->sockfd = -1;`
			`return -1;`
			`}`
			`}`
			`# else`
			`# ifdef __GNUC__`
			`# warning "Using sloppy security checks"`
			`# endif`
			`// We check the owner of the socket after we have connected.`
			`// If the socket was somehow not ours an attacker will be able`
			`// to delete it after we connect but shouldn't be able to`
			`// create a socket that is owned by us.`
			`KDE_struct_stat s;`
			`if (KDE_lstat(d->sock, &s)!=0)`
			`{`
			`kWarning(kdesuDebugArea()) << "stat failed (" << d->sock << ")";`
			`close(d->sockfd); d->sockfd = -1;`
			`return -1;`
			`}`
			`if (s.st_uid != getuid())`
			`{`
			`kWarning(kdesuDebugArea()) << "socket not owned by me! socket uid =" << s.st_uid;`
			`close(d->sockfd); d->sockfd = -1;`
			`return -1;`
			`}`
			`if (!S_ISSOCK(s.st_mode))`
			`{`
			`kWarning(kdesuDebugArea()) << "socket is not a socket (" << d->sock << ")";`
			`close(d->sockfd); d->sockfd = -1;`
			`return -1;`
			`}`
			`# endif`
			`#else`
			`struct ucred cred;`
			`socklen_t siz = sizeof(cred);`

			`// Security: if socket exists, we must own it`
			`if (getsockopt(d->sockfd, SOL_SOCKET, SO_PEERCRED, &cred, &siz) == 0)`
			`{`
			`if (cred.uid != getuid())`
			`{`
			`kWarning(kdesuDebugArea()) << "socket not owned by me! socket uid =" << cred.uid;`
			`close(d->sockfd); d->sockfd = -1;`
			`return -1;`
			`}`
			`}`
			`#endif`

			`return 0;`
			`}`

			`QByteArray KDEsuClient::escape(const QByteArray &str)`
			`{`
			`QByteArray copy;`
			`copy.reserve(str.size() + 4);`
			`copy.append('"');`
			`for (int i = 0; i < str.size(); i++) {`
			`uchar c = str.at(i);`
			`if (c < 32) {`
			`copy.append('\\');`
			`copy.append('^');`
			`copy.append(c + '@');`
			`} else {`
			`if (c == '\\' \|\| c == '"')`
			`copy.append('\\');`
			`copy.append(c);`
			`}`
			`}`
			`copy.append('"');`
			`return copy;`
			`}`

			`int KDEsuClient::command(const QByteArray &cmd, QByteArray *result)`
			`{`
			`if (d->sockfd < 0)`
			`return -1;`

			`if (send(d->sockfd, cmd, cmd.length(), 0) != (int) cmd.length())`
			`return -1;`

			`char buf[1024];`
			`int nbytes = recv(d->sockfd, buf, 1023, 0);`
			`if (nbytes <= 0)`
			`{`
			`kWarning(kdesuDebugArea()) << k_lineinfo << "no reply from daemon.";`
			`return -1;`
			`}`
			`buf[nbytes] = '\000';`

			`QByteArray reply = buf;`
			`if (reply.left(2) != "OK")`
			`return -1;`

			`if (result)`
			`*result = reply.mid(3, reply.length()-4);`
			`return 0;`
			`}`

			`int KDEsuClient::setPass(const char *pass, int timeout)`
			`{`
			`QByteArray cmd = "PASS ";`
			`cmd += escape(pass);`
			`cmd += ' ';`
			`cmd += QByteArray().setNum(timeout);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::exec(const QByteArray &prog, const QByteArray &user, const QByteArray &options, const QList<QByteArray> &env)`
			`{`
			`QByteArray cmd;`
			`cmd = "EXEC ";`
			`cmd += escape(prog);`
			`cmd += ' ';`
			`cmd += escape(user);`
			`if (!options.isEmpty() \|\| !env.isEmpty())`
			`{`
			`cmd += ' ';`
			`cmd += escape(options);`
			`for (int i = 0; i < env.count(); ++i)`
			`{`
			`cmd += ' ';`
			`cmd += escape(env.at(i));`
			`}`
			`}`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::setHost(const QByteArray &host)`
			`{`
			`QByteArray cmd = "HOST ";`
			`cmd += escape(host);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::setPriority(int prio)`
			`{`
			`QByteArray cmd;`
			`cmd += "PRIO ";`
			`cmd += QByteArray::number(prio);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::setScheduler(int sched)`
			`{`
			`QByteArray cmd;`
			`cmd += "SCHD ";`
			`cmd += QByteArray::number(sched);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::delCommand(const QByteArray &key, const QByteArray &user)`
			`{`
			`QByteArray cmd = "DEL ";`
			`cmd += escape(key);`
			`cmd += ' ';`
			`cmd += escape(user);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`
			`int KDEsuClient::setVar(const QByteArray &key, const QByteArray &value, int timeout,`
			`const QByteArray &group)`
			`{`
			`QByteArray cmd = "SET ";`
			`cmd += escape(key);`
			`cmd += ' ';`
			`cmd += escape(value);`
			`cmd += ' ';`
			`cmd += escape(group);`
			`cmd += ' ';`
			`cmd += QByteArray().setNum(timeout);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`QByteArray KDEsuClient::getVar(const QByteArray &key)`
			`{`
			`QByteArray cmd = "GET ";`
			`cmd += escape(key);`
			`cmd += '\n';`
			`QByteArray reply;`
			`command(cmd, &reply);`
			`return reply;`
			`}`

			`QList<QByteArray> KDEsuClient::getKeys(const QByteArray &group)`
			`{`
			`QByteArray cmd = "GETK ";`
			`cmd += escape(group);`
			`cmd += '\n';`
			`QByteArray reply;`
			`command(cmd, &reply);`
			`int index=0, pos;`
			`QList<QByteArray> list;`
			`if( !reply.isEmpty() )`
			`{`
			`// kDebug(kdesuDebugArea()) << "Found a matching entry:" << reply;`
			`while (1)`
			`{`
			`pos = reply.indexOf( '\007', index );`
			`if( pos == -1 )`
			`{`
			`if( index == 0 )`
			`list.append( reply );`
			`else`
			`list.append( reply.mid(index) );`
			`break;`
			`}`
			`else`
			`{`
			`list.append( reply.mid(index, pos-index) );`
			`}`
			`index = pos+1;`
			`}`
			`}`
			`return list;`
			`}`

			`bool KDEsuClient::findGroup(const QByteArray &group)`
			`{`
			`QByteArray cmd = "CHKG ";`
			`cmd += escape(group);`
			`cmd += '\n';`
			`if( command(cmd) == -1 )`
			`return false;`
			`return true;`
			`}`

			`int KDEsuClient::delVar(const QByteArray &key)`
			`{`
			`QByteArray cmd = "DELV ";`
			`cmd += escape(key);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::delGroup(const QByteArray &group)`
			`{`
			`QByteArray cmd = "DELG ";`
			`cmd += escape(group);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::delVars(const QByteArray &special_key)`
			`{`
			`QByteArray cmd = "DELS ";`
			`cmd += escape(special_key);`
			`cmd += '\n';`
			`return command(cmd);`
			`}`

			`int KDEsuClient::ping()`
			`{`
			`return command("PING\n");`
			`}`

			`int KDEsuClient::exitCode()`
			`{`
			`QByteArray result;`
			`if (command("EXIT\n", &result) != 0)`
			`return -1;`

			`return result.toInt();`
			`}`

			`int KDEsuClient::stopServer()`
			`{`
			`return command("STOP\n");`
			`}`

			`static QString findDaemon()`
			`{`
			`QString daemon = KStandardDirs::locate("bin", "kdesud");`
			`if (daemon.isEmpty()) // if not in KDEDIRS, rely on PATH`
			`daemon = KStandardDirs::findExe("kdesud");`

			`if (daemon.isEmpty())`
			`{`
			`kWarning(kdesuDebugArea()) << k_lineinfo << "daemon not found.";`
			`}`
			`return daemon;`
			`}`

			`bool KDEsuClient::isServerSGID()`
			`{`
			`if (d->daemon.isEmpty())`
			`d->daemon = findDaemon();`
			`if (d->daemon.isEmpty())`
			`return false;`

			`KDE_struct_stat sbuf;`
			`if (KDE::stat(d->daemon, &sbuf) < 0)`
			`{`
			`kWarning(kdesuDebugArea()) << k_lineinfo << "stat():" << perror;`
			`return false;`
			`}`
			`return (sbuf.st_mode & S_ISGID);`
			`}`

			`int KDEsuClient::startServer()`
			`{`
			`if (d->daemon.isEmpty())`
			`d->daemon = findDaemon();`
			`if (d->daemon.isEmpty())`
			`return -1;`

			`if (!isServerSGID()) {`
			`kWarning(kdesuDebugArea()) << k_lineinfo << "kdesud not setgid!";`
			`}`

			`// kdesud only forks to the background after it is accepting`
			`// connections.`
			`// We start it via kdeinit to make sure that it doesn't inherit`
			`// any fd's from the parent process.`
			`int ret = KToolInvocation::kdeinitExecWait(d->daemon);`
			`connect();`
			`return ret;`
			`}`

			`}`