1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
|
/* pt_chmod - helper program for `grantpt'.
Copyright (C) 1998-2025 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
The GNU C Library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with the GNU C Library; if not, see
<https://www.gnu.org/licenses/>. */
#include <argp.h>
#include <errno.h>
#include <error.h>
#include <grp.h>
#include <libintl.h>
#include <locale.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/stat.h>
#include <unistd.h>
#ifdef HAVE_LIBCAP
# include <sys/capability.h>
# include <sys/prctl.h>
#endif
#include "pty-private.h"
/* Get libc version number. */
#include "../version.h"
#define PACKAGE _libc_intl_domainname
/* Name and version of program. */
static void print_version (FILE *stream, struct argp_state *state);
void (*argp_program_version_hook) (FILE *, struct argp_state *) = print_version;
/* Function to print some extra text in the help message. */
static char *more_help (int key, const char *text, void *input);
/* Data structure to communicate with argp functions. */
static struct argp argp =
{
NULL, NULL, NULL, NULL, NULL, more_help
};
/* Print the version information. */
static void
print_version (FILE *stream, struct argp_state *state)
{
fprintf (stream, "pt_chown %s%s\n", PKGVERSION, VERSION);
fprintf (stream, gettext ("\
Copyright (C) %s Free Software Foundation, Inc.\n\
This is free software; see the source for copying conditions. There is NO\n\
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\
"), "2024");
}
static char *
more_help (int key, const char *text, void *input)
{
char *cp;
char *tp;
switch (key)
{
case ARGP_KEY_HELP_PRE_DOC:
asprintf (&cp, gettext ("\
Set the owner, group and access permission of the slave pseudo\
terminal corresponding to the master pseudo terminal passed on\
file descriptor `%d'. This is the helper program for the\
`grantpt' function. It is not intended to be run directly from\
the command line.\n"),
PTY_FILENO);
return cp;
case ARGP_KEY_HELP_EXTRA:
/* We print some extra information. */
if (asprintf (&tp, gettext ("\
For bug reporting instructions, please see:\n\
%s.\n"), REPORT_BUGS_TO) < 0)
return NULL;
if (asprintf (&cp, gettext ("\
The owner is set to the current user, the group is set to `%s',\
and the access permission is set to `%o'.\n\n\
%s"),
TTY_GROUP, S_IRUSR|S_IWUSR|S_IWGRP, tp) < 0)
{
free (tp);
return NULL;
}
return cp;
default:
break;
}
return (char *) text;
}
static int
do_pt_chown (void)
{
char *pty;
struct stat64 st;
struct group *p;
gid_t gid;
/* Check that PTY_FILENO is a valid master pseudo terminal. */
pty = ptsname (PTY_FILENO);
if (pty == NULL)
return errno == EBADF ? FAIL_EBADF : FAIL_EINVAL;
/* Check that the returned slave pseudo terminal is a
character device. */
if (stat64 (pty, &st) < 0 || !S_ISCHR (st.st_mode))
return FAIL_EINVAL;
/* Get the group ID of the special `tty' group. */
p = getgrnam (TTY_GROUP);
gid = p ? p->gr_gid : getgid ();
/* Set the owner to the real user ID, and the group to that special
group ID. */
if (chown (pty, getuid (), gid) < 0)
return FAIL_EACCES;
/* Set the permission mode to readable and writable by the owner,
and writable by the group. */
if ((st.st_mode & ACCESSPERMS) != (S_IRUSR|S_IWUSR|S_IWGRP)
&& chmod (pty, S_IRUSR|S_IWUSR|S_IWGRP) < 0)
return FAIL_EACCES;
return 0;
}
int
main (int argc, char *argv[])
{
uid_t euid = geteuid ();
uid_t uid = getuid ();
int remaining;
sigset_t signalset;
/* Clear any signal mask from the parent process. */
sigemptyset (&signalset);
sigprocmask (SIG_SETMASK, &signalset, NULL);
if (argc == 1 && euid == 0)
{
#ifdef HAVE_LIBCAP
/* Drop privileges. */
if (uid != euid)
{
static const cap_value_t cap_list[] =
{ CAP_CHOWN, CAP_FOWNER };
# define ncap_list (sizeof (cap_list) / sizeof (cap_list[0]))
cap_t caps = cap_init ();
if (caps == NULL)
return FAIL_ENOMEM;
/* There is no reason why these should not work. */
cap_set_flag (caps, CAP_PERMITTED, ncap_list, cap_list, CAP_SET);
cap_set_flag (caps, CAP_EFFECTIVE, ncap_list, cap_list, CAP_SET);
int res = cap_set_proc (caps);
cap_free (caps);
if (__glibc_unlikely (res != 0))
return FAIL_EXEC;
}
#endif
/* Normal invocation of this program is with no arguments and
with privileges. */
return do_pt_chown ();
}
/* We aren't going to be using privileges, so drop them right now. */
setuid (uid);
/* Set locale via LC_ALL. */
setlocale (LC_ALL, "");
/* Set the text message domain. */
textdomain (PACKAGE);
/* parse and process arguments. */
argp_parse (&argp, argc, argv, 0, &remaining, NULL);
if (remaining < argc)
{
/* We should not be called with any non-option parameters. */
error (0, 0, gettext ("too many arguments"));
argp_help (&argp, stdout, ARGP_HELP_SEE | ARGP_HELP_EXIT_ERR,
program_invocation_short_name);
return EXIT_FAILURE;
}
/* Check if we are properly installed. */
if (euid != 0)
error (FAIL_EXEC, 0, gettext ("needs to be installed setuid `root'"));
return EXIT_SUCCESS;
}
|
