File: root_flag.c

package info (click to toggle)
shadow 1%3A4.19.2-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 66,808 kB
  • sloc: sh: 44,185; ansic: 34,184; xml: 12,350; exp: 3,691; makefile: 1,655; python: 1,409; perl: 120; sed: 16
file content (113 lines) | stat: -rw-r--r-- 2,671 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
/*
 * SPDX-FileCopyrightText: 2011       , Julian Pidancet
 * SPDX-FileCopyrightText: 2011       , Nicolas François
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#include "config.h"

#ident "$Id$"

#include <stdio.h>

#include "defines.h"
/*@-exitarg@*/
#include "exitcodes.h"
#include "prototypes.h"
#include "shadowlog.h"
#include "string/strcmp/streq.h"
#include "string/strcmp/strprefix.h"
#include "string/strerrno.h"

#include <assert.h>


static void change_root (const char* newroot);

/*
 * process_root_flag - chroot if given the --root option
 *
 * This shall be called before accessing the passwd, group, shadow,
 * gshadow, useradd's default, login.defs files (non exhaustive list)
 * or authenticating the caller.
 *
 * The audit, syslog, or locale files shall be open before
 */
extern void process_root_flag (const char* short_opt, int argc, char **argv)
{
	const char *newroot = NULL;

	for (int i = 0; i < argc; i++) {
		const char  *val;

		val = strprefix(argv[i], "--root=");

		if (   streq(argv[i], "--root")
		    || val != NULL
		    || streq(argv[i], short_opt))
		{
			if (NULL != newroot) {
				fprintf (log_get_logfd(),
				         _("%s: multiple --root options\n"),
				         log_get_progname());
				exit (E_BAD_ARG);
			}

			if (val) {
				newroot = val;
			} else if (i + 1 == argc) {
				fprintf (log_get_logfd(),
				         _("%s: option '%s' requires an argument\n"),
				         log_get_progname(), argv[i]);
				exit (E_BAD_ARG);
			} else {
				newroot = argv[++ i];
			}
		}
	}

	if (NULL != newroot) {
		change_root (newroot);
	}
}

static void change_root (const char* newroot)
{
	/* Drop privileges */
	if (   (setregid (getgid (), getgid ()) != 0)
	    || (setreuid (getuid (), getuid ()) != 0)) {
		fprintf (log_get_logfd(), _("%s: failed to drop privileges (%s)\n"),
		         log_get_progname(), strerrno());
		exit (EXIT_FAILURE);
	}

	if ('/' != newroot[0]) {
		fprintf (log_get_logfd(),
		         _("%s: invalid chroot path '%s', only absolute paths are supported.\n"),
		         log_get_progname(), newroot);
		exit (E_BAD_ARG);
	}

	if (access (newroot, F_OK) != 0) {
		fprintf(log_get_logfd(),
		        _("%s: cannot access chroot directory %s: %s\n"),
		        log_get_progname(), newroot, strerrno());
		exit (E_BAD_ARG);
	}

	if (chroot (newroot) != 0) {
		fprintf(log_get_logfd(),
			        _("%s: unable to chroot to directory %s: %s\n"),
				log_get_progname(), newroot, strerrno());
		exit (E_BAD_ARG);
	}

	if (chdir ("/") != 0) {
		fprintf(log_get_logfd(),
			_("%s: cannot chdir in chroot directory %s: %s\n"),
		        log_get_progname(), newroot, strerrno());
		exit (E_BAD_ARG);
	}
}