x11vnc: add groups handling for -users mode.

1 files changed, 30 insertions, 12 deletions

diff --git a/x11vnc/help.c b/x11vnc/help.c
index 548d81f..b465773 100644
--- a/x11vnc/help.c
+++ b/x11vnc/help.c
@@ -1619,9 +1619,10 @@ void print_help(int mode) {
 "                       Since this option switches userid it also affects the\n"
 "                       userid used to run the processes for the -accept and\n"
 "                       -gone options.  It also affects the ability to read\n"
-"                       files for options such as -connect, -allow, and -remap.\n"
-"                       Note that the -connect file is also sometimes written\n"
-"                       to.\n"
+"                       files for options such as -connect, -allow, and -remap\n"
+"                       and also the ultra and tight filetransfer feature if\n"
+"                       enabled.  Note that the -connect file is also sometimes\n"
+"                       written to.\n"
 "\n"
 "                       So be careful with this option since in some situations\n"
 "                       its use can decrease security.\n"
@@ -1630,9 +1631,10 @@ void print_help(int mode) {
 "                       if the display can still be successfully opened as that\n"
 "                       user (this is primarily to try to guess the actual owner\n"
 "                       of the session). Example: \"-users fred,wilma,betty\".\n"
-"                       Note that a malicious user \"barney\" by quickly using\n"
-"                       \"xhost +\" when logging in may possibly get the x11vnc\n"
-"                       process to switch to user \"fred\".  What happens next?\n"
+"                       Note that a malicious local user \"barney\" by\n"
+"                       quickly using \"xhost +\" when logging in may possibly\n"
+"                       get the x11vnc process to switch to user \"fred\".\n"
+"                       What happens next?\n"
 "\n"
 "                       Under display managers it may be a long time before\n"
 "                       the switch succeeds (i.e. a user logs in).  To instead\n"
@@ -1644,29 +1646,45 @@ void print_help(int mode) {
 "                       \"nobody\") is probably the only use of this option\n"
 "                       that increases security.\n"
 "\n"
+"                       Use the following notation to associate a group with\n"
+"                       a user: user1.group1,user2.group2,...  Note that\n"
+"                       initgroups(2) will still be called first to try to\n"
+"                       switch to ALL of a user's groups (primary and additional\n"
+"                       groups).  Only if that fails or it is not available\n"
+"                       then the single group specified as above (or the user's\n"
+"                       primary group if not specified) is switched to with\n"
+"                       setgid(2).  Use -env X11VNC_SINGLE_GROUP=1 to prevent\n"
+"                       trying initgroups(2) and only switch to the single\n"
+"                       group.  This sort of setting is only really needed to\n"
+"                       make the ultra or tight filetransfer permissions work\n"
+"                       properly. This format applies to any comma separated list\n"
+"                       of users, even the special \"=\" modes described below.\n"
+"\n"
 "                       In -unixpw mode, if \"-users unixpw=\" is supplied\n"
 "                       then after a user authenticates himself via the\n"
 "                       -unixpw mechanism, x11vnc will try to switch to that\n"
 "                       user as though \"-users +username\" had been supplied.\n"
 "                       If you want to limit which users this will be done for,\n"
 "                       provide them as a comma separated list after \"unixpw=\"\n"
+"                       Groups can also be specified as described above.\n"
 "\n"
 "                       Similarly, in -ssl mode, if \"-users sslpeer=\" is\n"
 "                       supplied then after an SSL client authenticates with his\n"
 "                       cert (the -sslverify option is required for this) x11vnc\n"
 "                       will extract a UNIX username from the \"emailAddress\"\n"
-"                       field (username@hostname.com) of the \"Subject\" in the\n"
+"                       field (username@hostname.com) of the \"Subject\" of the\n"
 "                       x509 SSL cert and then try to switch to that user as\n"
 "                       though \"-users +username\" had been supplied.  If you\n"
 "                       want to limit which users this will be done for, provide\n"
 "                       them as a comma separated list after \"sslpeer=\".\n"
 "                       Set the env. var X11VNC_SSLPEER_CN to use the Common\n"
 "                       Name (normally a hostname) instead of the Email field.\n"
-"                       NOTE: the x11vnc administrator must take great care\n"
-"                       that any client certs he adds to -sslverify have the\n"
-"                       correct UNIX username in the \"emailAddress\" field\n"
-"                       of the cert.  Otherwise a user may be able to log in\n"
-"                       as another.  The following command can be of use in\n"
+"\n"
+"                       NOTE: for sslpeer= mode the x11vnc administrator must\n"
+"                       take care that any client certs he adds to -sslverify\n"
+"                       have the intended UNIX username in the \"emailAddress\"\n"
+"                       field of the cert.  Otherwise a user may be able to\n"
+"                       log in as another.  This command can be of use in\n"
 "                       checking: \"openssl x509 -text -in file.crt\", see the\n"
 "                       \"Subject:\" line.  Also, along with the normal RFB_*\n"
 "                       env. vars. (see -accept) passed to external cmd=\n"