Added native utilities to mount/umount/chroot via capabilities(7).
Three new helpers will now be installed into ${libexecdir}:
- xbps-src-capchroot needs to have set CAP_SYS_CHROOT ep.
- xbps-src-chroot-cap{,u}mount: needs to have set CAP_SYS_ADMIN ep.
That means that libcap and setcap(8) are now required to install
xbps-src and use it as normal user.
--HG--
extra : convert_revision : 586d6526079e085f86bf3e393459d429f6f0ef99
This commit is contained in:
Juan RP
97
xbps-src/libexec/chroot.c
Normal file
97
xbps-src/libexec/chroot.c
Normal file
@@ -0,0 +1,97 @@
|
||||
/*
|
||||
* chroot() to target directory by using the CAP_CHROOT
|
||||
* capability set on the file.
|
||||
*
|
||||
* Juan RP - 2010/04/26 - Public Domain.
|
||||
*/
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdbool.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
#include <errno.h>
|
||||
#include <limits.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/mount.h>
|
||||
#include <sys/capability.h>
|
||||
|
||||
void
|
||||
usage(void)
|
||||
{
|
||||
fprintf(stderr, "Usage: xbps-src-capchroot <newroot> <args>\n");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
cap_t cap;
|
||||
cap_flag_value_t effective, permitted;
|
||||
struct stat st;
|
||||
char *path;
|
||||
|
||||
if (argc < 3)
|
||||
usage();
|
||||
|
||||
cap = cap_get_proc();
|
||||
if (cap == NULL) {
|
||||
fprintf(stderr, "cap_get_proc() returned %s!\n",
|
||||
strerror(errno));
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
cap_get_flag(cap, CAP_SYS_CHROOT, CAP_EFFECTIVE, &effective);
|
||||
cap_get_flag(cap, CAP_SYS_CHROOT, CAP_PERMITTED, &permitted);
|
||||
if ((effective != CAP_SET) && (permitted != CAP_SET)) {
|
||||
fprintf(stderr, "ERROR: missing 'cap_sys_chroot' capability!\n"
|
||||
"Please set it with: setcap cap_sys_chroot=ep %s'\n",
|
||||
argv[0]);
|
||||
cap_free(cap);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
cap_free(cap);
|
||||
|
||||
if ((path = realpath(argv[1], NULL)) == NULL) {
|
||||
fprintf(stderr, "ERROR: realpath() %s\n", strerror(errno));
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
/* Disallow chroot to '/' */
|
||||
if (strcmp(path, "/") == 0) {
|
||||
fprintf(stderr, "ERROR: chroot to / is not allowed!\n");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
/*
|
||||
* Check that uid/gid owns the dir and has rx perms on the
|
||||
* new target root and it is a directory.
|
||||
*/
|
||||
if (stat(path, &st) == -1) {
|
||||
fprintf(stderr, "ERROR: stat() on %s: %s\n",
|
||||
path, strerror(errno));
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
if (S_ISDIR(st.st_mode) == 0) {
|
||||
fprintf(stderr, "ERROR: '%s' not a directory!\n", path);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
if ((st.st_uid != getuid()) && (st.st_gid != getgid()) &&
|
||||
(st.st_mode & (S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP))) {
|
||||
fprintf(stderr, "ERROR: wrong permissions on %s!\n", path);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
/* All ok, change root and process argv on the target root dir. */
|
||||
if (chroot(path) == -1) {
|
||||
fprintf(stderr, "ERROR: chroot() on %s: %s\n", argv[1],
|
||||
strerror(errno));
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
if (chdir("/") == -1) {
|
||||
fprintf(stderr, "ERROR: chdir(): %s\n", strerror(errno));
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
argv += 2;
|
||||
(void)execvp(argv[0], argv);
|
||||
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
Reference in New Issue
Block a user