1 /* vi: set sw=4 ts=4: */
5 * Copyright (C) tons of folks. Tracking down who wrote what
6 * isn't something I'm going to worry about... If you wrote something
7 * here, please feel free to acknowledge your work.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 * Based in part on code from sash, Copyright (c) 1999 by David I. Bell
24 * Permission has been granted to redistribute this code under the GPL.
40 static struct BB_applet *applet_using;
42 /* The -1 arises because of the {0,NULL,0,-1} entry above. */
43 const size_t NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
46 #ifdef CONFIG_FEATURE_SUID
48 static void check_suid (struct BB_applet *app);
50 #ifdef CONFIG_FEATURE_SUID_CONFIG
57 static void parse_config_file (void);
59 #define CONFIG_FILE "/etc/busybox.conf"
61 /* applets [] is const, so we have to define this "override" structure */
64 struct BB_applet *m_applet;
70 struct BB_suid_config *m_next;
73 static struct BB_suid_config *suid_config;
74 static int suid_cfg_readable;
76 #endif /* CONFIG_FEATURE_SUID_CONFIG */
78 #endif /* CONFIG_FEATURE_SUID */
85 const char *format_string;
86 const char *usage_string = usage_messages;
89 for (i = applet_using - applets; i > 0;) {
90 if (!*usage_string++) {
95 format_string = "%s\n\nUsage: %s %s\n\n";
96 if (*usage_string == '\b')
97 format_string = "%s\n\nNo help available.\n\n";
98 fprintf (stderr, format_string, bb_msg_full_version, applet_using->name,
105 applet_name_compare (const void *x, const void *y)
107 const char *name = x;
108 const struct BB_applet *applet = y;
110 return strcmp (name, applet->name);
113 extern const size_t NUM_APPLETS;
116 find_applet_by_name (const char *name)
118 return bsearch (name, applets, NUM_APPLETS, sizeof (struct BB_applet),
119 applet_name_compare);
123 run_applet_by_name (const char *name, int argc, char **argv)
125 static int recurse_level = 0;
126 extern int been_there_done_that; /* From busybox.c */
128 #ifdef CONFIG_FEATURE_SUID_CONFIG
129 if (recurse_level == 0)
130 parse_config_file ();
134 /* Do a binary search to find the applet entry given the name. */
135 if ((applet_using = find_applet_by_name (name)) != NULL) {
136 bb_applet_name = applet_using->name;
137 if (argv[1] && strcmp (argv[1], "--help") == 0) {
138 if (strcmp (applet_using->name, "busybox") == 0) {
140 applet_using = find_applet_by_name (argv[2]);
146 been_there_done_that = 1;
147 busybox_main (0, NULL);
149 #ifdef CONFIG_FEATURE_SUID
150 check_suid (applet_using);
153 exit ((*(applet_using->main)) (argc, argv));
155 /* Just in case they have renamed busybox - Check argv[1] */
156 if (recurse_level == 1) {
157 run_applet_by_name ("busybox", argc, argv);
163 #ifdef CONFIG_FEATURE_SUID
165 #ifdef CONFIG_FEATURE_SUID_CONFIG
167 /* check if u is member of group g */
169 ingroup (uid_t u, gid_t g)
171 struct group *grp = getgrgid (g);
176 for (mem = grp->gr_mem; *mem; mem++) {
177 struct passwd *pwd = getpwnam (*mem);
179 if (pwd && (pwd->pw_uid == u))
190 check_suid (struct BB_applet *applet)
192 uid_t ruid = getuid (); /* real [ug]id */
193 uid_t rgid = getgid ();
195 #ifdef CONFIG_FEATURE_SUID_CONFIG
196 if (suid_cfg_readable) {
197 struct BB_suid_config *sct;
199 for (sct = suid_config; sct; sct = sct->m_next) {
200 if (sct->m_applet == applet)
204 mode_t m = sct->m_mode;
206 if (sct->m_uid == ruid) /* same uid */
208 else if ((sct->m_gid == rgid) || ingroup (ruid, sct->m_gid)) /* same group / in group */
211 if (!(m & S_IXOTH)) /* is x bit not set ? */
212 bb_error_msg_and_die ("You have no permission to run this applet!");
214 if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { /* *both* have to be set for sgid */
215 if (setegid (sct->m_gid))
217 ("BusyBox binary has insufficient rights to set proper GID for applet!");
219 setgid (rgid); /* no sgid -> drop */
221 if (sct->m_mode & S_ISUID) {
222 if (seteuid (sct->m_uid))
224 ("BusyBox binary has insufficient rights to set proper UID for applet!");
226 setuid (ruid); /* no suid -> drop */
228 /* default: drop all priviledges */
234 #ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
235 static int onetime = 0;
239 fprintf (stderr, "Using fallback suid method\n");
245 if (applet->need_suid == _BB_SUID_ALWAYS) {
247 bb_error_msg_and_die ("This applet requires root priviledges!");
248 } else if (applet->need_suid == _BB_SUID_NEVER) {
249 setgid (rgid); /* drop all priviledges */
254 #ifdef CONFIG_FEATURE_SUID_CONFIG
256 /* This should probably be a libbb routine. In that case,
257 * I'd probably rename it to something like bb_trimmed_slice.
259 static char *get_trimmed_slice(char *s, char *e)
261 /* First, consider the value at e to be nul and back up until we
262 * reach a non-space char. Set the char after that (possibly at
263 * the original e) to nul. */
271 /* Next, advance past all leading space and return a ptr to the
272 * first non-space char; possibly the terminating nul. */
273 return (char *) bb_skip_whitespace(s);
277 #define parse_error(x) { err=x; goto pe_label; }
279 /* Don't depend on the tools to combine strings. */
280 static const char config_file[] = CONFIG_FILE;
282 /* There are 4 chars + 1 nul for each of user/group/other. */
283 static const char mode_chars[] = "Ssx-\0Ssx-\0Ttx-";
285 /* We don't supply a value for the nul, so an index adjustment is
286 * necessary below. Also, we use unsigned short here to save some
287 * space even though these are really mode_t values. */
288 static const unsigned short mode_mask[] = {
289 /* SST sst xxx --- */
290 S_ISUID, S_ISUID|S_IXUSR, S_IXUSR, 0, /* user */
291 S_ISGID, S_ISGID|S_IXGRP, S_IXGRP, 0, /* group */
292 0, S_IXOTH, S_IXOTH, 0 /* other */
295 static void parse_config_file(void)
297 struct BB_suid_config *sct_head;
298 struct BB_suid_config *sct;
299 struct BB_applet *applet;
308 assert(!suid_config); /* Should be set to NULL by bss init. */
310 if ((stat(config_file, &st) != 0) /* No config file? */
311 || !S_ISREG(st.st_mode) /* Not a regular file? */
312 || (st.st_uid != 0) /* Not owned by root? */
313 || (st.st_mode & (S_IWGRP | S_IWOTH)) /* Writable by non-root? */
314 || !(f = fopen(config_file, "r")) /* Can not open? */
319 suid_cfg_readable = 1;
326 if (!fgets(s, sizeof(buffer), f)) { /* Are we done? */
327 if (ferror(f)) { /* Make sure it wasn't a read error. */
328 parse_error("reading");
331 suid_config = sct_head; /* Success, so set the pointer. */
335 lc++; /* Got a (partial) line. */
337 /* If a line is too long for our buffer, we consider it an error.
338 * The following test does mistreat one corner case though.
339 * If the final line of the file does not end with a newline and
340 * yet exactly fills the buffer, it will be treated as too long
341 * even though there isn't really a problem. But it isn't really
342 * worth adding code to deal with such an unlikely situation, and
343 * we do err on the side of caution. Besides, the line would be
344 * too long if it did end with a newline. */
345 if (!strchr(s, '\n') && !feof(f)) {
346 parse_error("line too long");
349 /* Trim leading and trailing whitespace, ignoring comments, and
350 * check if the resulting string is empty. */
351 if (!*(s = get_trimmed_slice(s, strchrnul(s, '#')))) {
355 /* Check for a section header. */
358 /* Unlike the old code, we ignore leading and trailing
359 * whitespace for the section name. We also require that
360 * there are no stray characters after the closing bracket. */
361 if (!(e = strchr(s, ']')) /* Missing right bracket? */
362 || e[1] /* Trailing characters? */
363 || !*(s = get_trimmed_slice(s+1, e)) /* Missing name? */
365 parse_error("section header");
367 /* Right now we only have one section so just check it.
368 * If more sections are added in the future, please don't
369 * resort to cascading ifs with multiple strcasecmp calls.
370 * That kind of bloated code is all too common. A loop
371 * and a string table would be a better choice unless the
372 * number of sections is very small. */
373 if (strcasecmp(s, "SUID") == 0) {
377 section = -1; /* Unknown section so set to skip. */
381 /* Process sections. */
383 if (section == 1) { /* SUID */
384 /* Since we trimmed leading and trailing space above, we're
385 * now looking for strings of the form
386 * <key>[::space::]*=[::space::]*<value>
387 * where both key and value could contain inner whitespace. */
389 /* First get the key (an applet name in our case). */
390 if (!!(e = strchr(s, '='))) {
391 s = get_trimmed_slice(s, e);
393 if (!e || !*s) { /* Missing '=' or empty key. */
394 parse_error("keyword");
397 /* Ok, we have an applet name. Process the rhs if this
398 * applet is currently built in and ignore it otherwise.
399 * Note: This can hide config file bugs which only pop
400 * up when the busybox configuration is changed. */
401 if ((applet = find_applet_by_name(s))) {
402 /* Note: We currently don't check for duplicates!
403 * The last config line for each applet will be the
404 * one used since we insert at the head of the list.
405 * I suppose this could be considered a feature. */
406 sct = xmalloc(sizeof(struct BB_suid_config));
407 sct->m_applet = applet;
409 sct->m_next = sct_head;
412 /* Get the specified mode. */
414 e = (char *) bb_skip_whitespace(e+1);
416 for (i=0 ; i < 3 ; i++) {
418 if (!*(q = strchrnul(mode_chars + 5*i, *e++))) {
421 /* Adjust by -i to account for nul. */
422 sct->m_mode |= mode_mask[(q - mode_chars) - i];
425 /* Now get the the user/group info. */
427 s = (char *) bb_skip_whitespace(e);
429 /* Note: We require whitespace between the mode and the
430 * user/group info. */
431 if ((s == e) || !(e = strchr(s, '.'))) {
432 parse_error("<uid>.<gid>");
436 /* We can't use get_ug_id here since it would exit()
437 * if a uid or gid was not found. Oh well... */
441 sct->m_uid = strtoul(s, &e2, 10);
442 if (*e2 || (s == e2)) {
444 if (!(pwd = getpwnam(s))) {
447 sct->m_uid = pwd->pw_uid;
450 sct->m_gid = strtoul(e, &e2, 10);
451 if (*e2 || (e == e2)) {
453 if (!(grp = getgrnam(e))) {
454 parse_error("group");
456 sct->m_gid = grp->gr_gid;
463 /* Unknown sections are ignored. */
465 /* Encountering configuration lines prior to seeing a
466 * section header is treated as an error. This is how
467 * the old code worked, but it may not be desireable.
468 * We may want to simply ignore such lines in case they
469 * are used in some future version of busybox. */
471 parse_error("keyword outside section");
477 fprintf(stderr, "Parse error in %s, line %d: %s\n",
478 config_file, lc, err);
481 /* Release any allocated memory before returning. */
483 sct = sct_head->m_next;
497 c-file-style: "linux"
projects / oweals / busybox.git / blob