emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
67b23e6043
busybox/runit/chpst.c

346 lines
8.8 KiB
C
Raw Normal View History

Yeah, yeah... I forgot about 'svn add'... fixing that
2006-10-03 23:22:24 +05:30
#include "busybox.h"
#include <sys/types.h>
#include <sys/resource.h>
#include <grp.h>
#include "uidgid.h"
#include <sys/types.h>
#include <dirent.h>
static unsigned option_mask;
// Must meatch constants in chpst_main!
#define OPT_verbose (option_mask & 0x2000)
#define OPT_pgrp (option_mask & 0x4000)
#define OPT_nostdin (option_mask & 0x8000)
#define OPT_nostdout (option_mask & 0x10000)
#define OPT_nostderr (option_mask & 0x20000)
static char *set_user;
static char *env_user;
static const char *env_dir;
static long limitd = -2;
static long limits = -2;
static long limitl = -2;
static long limita = -2;
static long limito = -2;
static long limitp = -2;
static long limitf = -2;
static long limitc = -2;
static long limitr = -2;
static long limitt = -2;
static long nicelvl;
static const char *root;
static void suidgid(char *user, unsigned dogrp)
{
struct uidgid ugid;
if (!uidgid_get(&ugid, user, dogrp)) {
if (dogrp)
bb_error_msg_and_die("unknown user/group: %s", user);
else
bb_error_msg_and_die("unknown account: %s", user);
}
if (setgroups(ugid.gids, ugid.gid) == -1)
bb_perror_msg_and_die("setgroups");
xsetgid(*ugid.gid);
xsetuid(ugid.uid);
}
static void euidgid(char *user, unsigned dogrp)
{
struct uidgid ugid;
if (!uidgid_get(&ugid, user, dogrp)) {
if (dogrp)
bb_error_msg_and_die("unknown user/group: %s", user);
else
bb_error_msg_and_die("unknown account: %s", user);
}
//FIXME: ultoa needed here!
xsetenv("GID", utoa(*ugid.gid));
xsetenv("UID", utoa(ugid.uid));
}
static void edir(const char *directory_name)
{
int wdir;
DIR *dir;
struct dirent *d;
int fd;
wdir = xopen(".", O_RDONLY | O_NDELAY);
xchdir(directory_name);
dir = opendir(".");
if (!dir)
bb_perror_msg_and_die("opendir %s", directory_name);
for (;;) {
errno = 0;
d = readdir(dir);
if (!d) {
if (errno) bb_perror_msg_and_die("readdir %s", directory_name);
break;
}
if (d->d_name[0] == '.') continue;
fd = open(d->d_name, O_RDONLY | O_NDELAY);
if (fd < 0) {
if ((errno == EISDIR) && env_dir) {
if (OPT_verbose)
bb_perror_msg("warning: %s/%s is a directory", directory_name,
d->d_name);
continue;
} else
bb_perror_msg_and_die("open %s/%s", directory_name, /* was exiting 111 */
d->d_name);
}
if (fd >= 0) {
char buf[256];
char *tail;
int size;
size = safe_read(fd, buf, sizeof(buf)-1);
if (size < 0)
bb_perror_msg_and_die("read %s/%s", directory_name, /* was exiting 111 */
d->d_name);
if (size == 0) {
xsetenv(d->d_name, "");
continue;
}
buf[size] = '\n';
tail = memchr(buf, '\n', sizeof(buf));
/* skip trailing whitespace */;
while (1) {
if (tail[0]==' ') tail[0] = '\0';
if (tail[0]=='\t') tail[0] = '\0';
if (tail[0]=='\n') tail[0] = '\0';
if (tail == buf) break;
tail--;
}
xsetenv(d->d_name, buf);
}
}
closedir(dir);
if (fchdir(wdir) == -1) bb_perror_msg_and_die("fchdir");
close(wdir);
}
static void limit(int what, long l)
{
struct rlimit r;
if (getrlimit(what, &r) == -1) bb_perror_msg_and_die("getrlimit");
if ((l < 0) || (l > r.rlim_max))
r.rlim_cur = r.rlim_max;
else
r.rlim_cur = l;
if (setrlimit(what, &r) == -1) bb_perror_msg_and_die("setrlimit");
}
static void slimit(void)
{
if (limitd >= -1) {
#ifdef RLIMIT_DATA
limit(RLIMIT_DATA, limitd);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_DATA");
#endif
}
if (limits >= -1) {
#ifdef RLIMIT_STACK
limit(RLIMIT_STACK, limits);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_STACK");
#endif
}
if (limitl >= -1) {
#ifdef RLIMIT_MEMLOCK
limit(RLIMIT_MEMLOCK, limitl);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_MEMLOCK");
#endif
}
if (limita >= -1) {
#ifdef RLIMIT_VMEM
limit(RLIMIT_VMEM, limita);
#else
#ifdef RLIMIT_AS
limit(RLIMIT_AS, limita);
#else
if (OPT_verbose)
bb_error_msg("system does not support %s", "RLIMIT_VMEM");
#endif
#endif
}
if (limito >= -1) {
#ifdef RLIMIT_NOFILE
limit(RLIMIT_NOFILE, limito);
#else
#ifdef RLIMIT_OFILE
limit(RLIMIT_OFILE, limito);
#else
if (OPT_verbose)
bb_error_msg("system does not support %s", "RLIMIT_NOFILE");
#endif
#endif
}
if (limitp >= -1) {
#ifdef RLIMIT_NPROC
limit(RLIMIT_NPROC, limitp);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_NPROC");
#endif
}
if (limitf >= -1) {
#ifdef RLIMIT_FSIZE
limit(RLIMIT_FSIZE, limitf);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_FSIZE");
#endif
}
if (limitc >= -1) {
#ifdef RLIMIT_CORE
limit(RLIMIT_CORE, limitc);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_CORE");
#endif
}
if (limitr >= -1) {
#ifdef RLIMIT_RSS
limit(RLIMIT_RSS, limitr);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_RSS");
#endif
}
if (limitt >= -1) {
#ifdef RLIMIT_CPU
limit(RLIMIT_CPU, limitt);
#else
if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_CPU");
#endif
}
}
/* argv[0] */
static void setuidgid(int, char **);
static void envuidgid(int, char **);
static void envdir(int, char **);
static void softlimit(int, char **);
int chpst_main(int argc, char **argv)
{
if (bb_applet_name[3] == 'd') envdir(argc, argv);
if (bb_applet_name[1] == 'o') softlimit(argc, argv);
if (bb_applet_name[0] == 's') setuidgid(argc, argv);
if (bb_applet_name[0] == 'e') envuidgid(argc, argv);
// otherwise we are.......... chpst
{
char *m,*d,*o,*p,*f,*c,*r,*t,*n;
getopt_ulflags -> getopt32. It is impossible to formulate sane ABI based on size of ulong because it can be 32-bit or 64-bit. Basically it means that you cannot portably use more that 32 option chars in one call anyway... Make it explicit.
2006-10-04 02:30:06 +05:30
option_mask = getopt32(argc, argv, "u:U:e:m:d:o:p:f:c:r:t:/:n:vP012",
Yeah, yeah... I forgot about 'svn add'... fixing that
2006-10-03 23:22:24 +05:30
&set_user,&env_user,&env_dir,
&m,&d,&o,&p,&f,&c,&r,&t,&root,&n);
// if (option_mask & 0x1) // -u
// if (option_mask & 0x2) // -U
// if (option_mask & 0x4) // -e
if (option_mask & 0x8) limits = limitl = limita = limitd = bb_xgetularg10(m); // -m
if (option_mask & 0x10) limitd = bb_xgetularg10(d); // -d
if (option_mask & 0x20) limito = bb_xgetularg10(o); // -o
if (option_mask & 0x40) limitp = bb_xgetularg10(p); // -p
if (option_mask & 0x80) limitf = bb_xgetularg10(f); // -f
if (option_mask & 0x100) limitc = bb_xgetularg10(c); // -c
if (option_mask & 0x200) limitr = bb_xgetularg10(r); // -r
if (option_mask & 0x400) limitt = bb_xgetularg10(t); // -t
// if (option_mask & 0x800) // -/
if (option_mask & 0x1000) nicelvl = bb_xgetlarg_bnd_sfx(n, 10, -20, 20, NULL); // -n
// The below consts should match #defines at top!
//if (option_mask & 0x2000) OPT_verbose = 1; // -v
//if (option_mask & 0x4000) OPT_pgrp = 1; // -P
//if (option_mask & 0x8000) OPT_nostdin = 1; // -0
//if (option_mask & 0x10000) OPT_nostdout = 1; // -1
//if (option_mask & 0x20000) OPT_nostderr = 1; // -2
}
if (!argv || !*argv) bb_show_usage();
if (OPT_pgrp) setsid();
if (env_dir) edir(env_dir);
if (root) {
xchdir(root);
if (chroot(".") == -1)
bb_perror_msg_and_die("chroot");
}
slimit();
if (nicelvl) {
errno = 0;
if (nice(nicelvl) == -1)
bb_perror_msg_and_die("nice");
}
if (env_user) euidgid(env_user, 1);
if (set_user) suidgid(set_user, 1);
if (OPT_nostdin) close(0);
if (OPT_nostdout) close(1);
if (OPT_nostderr) close(2);
execvp(argv[0], argv);
bb_perror_msg_and_die("exec %s", argv[0]);
}
static void setuidgid(int argc, char **argv)
{
const char *account;
account = *++argv;
if (!account) bb_show_usage();
if (!*++argv) bb_show_usage();
suidgid((char*)account, 0);
execvp(argv[0], argv);
bb_perror_msg_and_die("exec %s", argv[0]);
}
static void envuidgid(int argc, char **argv)
{
const char *account;
account = *++argv;
if (!account) bb_show_usage();
if (!*++argv) bb_show_usage();
euidgid((char*)account, 0);
execvp(argv[0], argv);
bb_perror_msg_and_die("exec %s", argv[0]);
}
static void envdir(int argc, char **argv)
{
const char *dir;
dir = *++argv;
if (!dir) bb_show_usage();
if (!*++argv) bb_show_usage();
edir(dir);
execvp(argv[0], argv);
bb_perror_msg_and_die("exec %s", argv[0]);
}
static void softlimit(int argc, char **argv)
{
char *a,*c,*d,*f,*l,*m,*o,*p,*r,*s,*t;
getopt_ulflags -> getopt32. It is impossible to formulate sane ABI based on size of ulong because it can be 32-bit or 64-bit. Basically it means that you cannot portably use more that 32 option chars in one call anyway... Make it explicit.
2006-10-04 02:30:06 +05:30
option_mask = getopt32(argc, argv, "a:c:d:f:l:m:o:p:r:s:t:",
Yeah, yeah... I forgot about 'svn add'... fixing that
2006-10-03 23:22:24 +05:30
&a,&c,&d,&f,&l,&m,&o,&p,&r,&s,&t);
if (option_mask & 0x001) limita = bb_xgetularg10(a); // -a
if (option_mask & 0x002) limitc = bb_xgetularg10(c); // -c
if (option_mask & 0x004) limitd = bb_xgetularg10(d); // -d
if (option_mask & 0x008) limitf = bb_xgetularg10(f); // -f
if (option_mask & 0x010) limitl = bb_xgetularg10(l); // -l
if (option_mask & 0x020) limits = limitl = limita = limitd = bb_xgetularg10(m); // -m
if (option_mask & 0x040) limito = bb_xgetularg10(o); // -o
if (option_mask & 0x080) limitp = bb_xgetularg10(p); // -p
if (option_mask & 0x100) limitr = bb_xgetularg10(r); // -r
if (option_mask & 0x200) limits = bb_xgetularg10(s); // -s
if (option_mask & 0x400) limitt = bb_xgetularg10(t); // -t
argv += optind;
if (!argv[0]) bb_show_usage();
slimit();
execvp(argv[0], argv);
bb_perror_msg_and_die("exec %s", argv[0]);
}
Reference in New Issue Copy Permalink