1 /* vi: set sw=4 ts=4: */
5 * Copyright (C) tons of folks. Tracking down who wrote what
6 * isn't something I'm going to worry about... If you wrote something
7 * here, please feel free to acknowledge your work.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 * Based in part on code from sash, Copyright (c) 1999 by David I. Bell
24 * Permission has been granted to redistribute this code under the GPL.
39 struct BB_applet *applet_using;
41 /* The -1 arises because of the {0,NULL,0,-1} entry above. */
42 const size_t NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
45 #ifdef CONFIG_FEATURE_SUID
47 static void check_suid ( struct BB_applet *app );
49 #ifdef CONFIG_FEATURE_SUID_CONFIG
56 static int parse_config_file ( void );
60 #define CONFIG_FILE "/etc/busybox.conf"
62 /* applets [] is const, so we have to define this "override" structure */
63 struct BB_suid_config {
64 struct BB_applet *m_applet;
70 struct BB_suid_config *m_next;
73 static struct BB_suid_config *suid_config;
75 #endif /* CONFIG_FEATURE_SUID_CONFIG */
77 #endif /* CONFIG_FEATURE_SUID */
81 extern void show_usage(void)
83 const char *format_string;
84 const char *usage_string = usage_messages;
87 for (i = applet_using - applets; i > 0; ) {
88 if (!*usage_string++) {
93 format_string = "%s\n\nUsage: %s %s\n\n";
94 if(*usage_string == '\b')
95 format_string = "%s\n\nNo help available.\n\n";
96 fprintf(stderr, format_string, full_version, applet_using->name, usage_string);
101 static int applet_name_compare(const void *x, const void *y)
103 const char *name = x;
104 const struct BB_applet *applet = y;
106 return strcmp(name, applet->name);
109 extern const size_t NUM_APPLETS;
111 struct BB_applet *find_applet_by_name(const char *name)
113 return bsearch(name, applets, NUM_APPLETS, sizeof(struct BB_applet),
114 applet_name_compare);
117 void run_applet_by_name(const char *name, int argc, char **argv)
119 static int recurse_level = 0;
120 extern int been_there_done_that; /* From busybox.c */
122 #ifdef CONFIG_FEATURE_SUID_CONFIG
123 if ( recurse_level == 0 )
124 config_ok = parse_config_file ( );
128 /* Do a binary search to find the applet entry given the name. */
129 if ((applet_using = find_applet_by_name(name)) != NULL) {
130 applet_name = applet_using->name;
131 if (argv[1] && strcmp(argv[1], "--help") == 0) {
132 if (strcmp(applet_using->name, "busybox")==0) {
134 applet_using = find_applet_by_name(argv[2]);
140 been_there_done_that=1;
141 busybox_main(0, NULL);
143 #ifdef CONFIG_FEATURE_SUID
144 check_suid ( applet_using );
147 exit((*(applet_using->main)) (argc, argv));
149 /* Just in case they have renamed busybox - Check argv[1] */
150 if (recurse_level == 1) {
151 run_applet_by_name("busybox", argc, argv);
157 #ifdef CONFIG_FEATURE_SUID
159 #ifdef CONFIG_FEATURE_SUID_CONFIG
161 /* check if u is member of group g */
162 static int ingroup ( uid_t u, gid_t g )
164 struct group *grp = getgrgid ( g );
169 for ( mem = grp-> gr_mem; *mem; mem++ ) {
170 struct passwd *pwd = getpwnam ( *mem );
172 if ( pwd && ( pwd-> pw_uid == u ))
182 void check_suid ( struct BB_applet *applet )
184 uid_t ruid = getuid ( ); /* real [ug]id */
185 uid_t rgid = getgid ( );
187 #ifdef CONFIG_FEATURE_SUID_CONFIG
189 struct BB_suid_config *sct;
191 for ( sct = suid_config; sct; sct = sct-> m_next ) {
192 if ( sct-> m_applet == applet )
196 mode_t m = sct-> m_mode;
198 if ( sct-> m_uid == ruid ) /* same uid */
200 else if (( sct-> m_gid == rgid ) || ingroup ( ruid, sct-> m_gid )) /* same group / in group */
203 if (!( m & S_IXOTH )) /* is x bit not set ? */
204 error_msg_and_die ( "You have no permission to run this applet!" );
206 if (( sct-> m_mode & ( S_ISGID | S_IXGRP )) == ( S_ISGID | S_IXGRP )) { /* *both* have to be set for sgid */
207 if ( setegid ( sct-> m_gid ))
208 error_msg_and_die ( "BusyBox binary has insufficient rights to set proper GID for applet!" );
211 setgid ( rgid ); /* no sgid -> drop */
213 if ( sct-> m_mode & S_ISUID ) {
214 if ( seteuid ( sct-> m_uid ))
215 error_msg_and_die ( "BusyBox binary has insufficient rights to set proper UID for applet!" );
218 setuid ( ruid ); /* no suid -> drop */
220 else { /* default: drop all priviledges */
227 #ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
228 static int onetime = 0;
232 fprintf ( stderr, "Using fallback suid method\n" );
238 if ( applet-> need_suid == _BB_SUID_ALWAYS ) {
239 if ( geteuid ( ) != 0 )
240 error_msg_and_die ( "This applet requires root priviledges!" );
242 else if ( applet-> need_suid == _BB_SUID_NEVER ) {
243 setgid ( rgid ); /* drop all priviledges */
248 #ifdef CONFIG_FEATURE_SUID_CONFIG
251 #define parse_error(x) { err=x; goto pe_label; }
254 int parse_config_file ( void )
263 /* is there a config file ? */
264 if ( stat ( CONFIG_FILE, &st ) == 0 ) {
265 /* is it owned by root with no write perm. for group and others ? */
266 if ( S_ISREG( st. st_mode ) && ( st. st_uid == 0 ) && (!( st. st_mode & ( S_IWGRP | S_IWOTH )))) {
267 /* that's ok .. then try to open it */
268 f = fopen ( CONFIG_FILE, "r" );
274 while ( fgets ( buffer, sizeof( buffer ) - 1, f )) {
280 p = strchr ( buffer, '#' );
283 p = buffer + xstrlen ( buffer );
284 while (( p > buffer ) && isspace ( *--p ))
291 p = strchr ( buffer, ']' );
293 if ( !p || ( p == ( buffer + 1 ))) /* no matching ] or empty [] */
294 parse_error ( "malformed section header" );
298 if ( strcasecmp ( buffer + 1, "SUID" ) == 0 )
301 section = -1; /* unknown section - just skip */
303 else if ( section ) {
307 struct BB_applet *applet;
309 p = strchr ( buffer, '=' ); /* <key>[::space::]*=[::space::]*<value> */
311 if ( !p || ( p == ( buffer + 1 ))) /* no = or key is empty */
312 parse_error ( "malformed keyword" );
315 while ( isspace ( buffer [--l] )) { } /* skip whitespace */
319 if (( applet = find_applet_by_name ( buffer ))) {
320 struct BB_suid_config *sct = xmalloc ( sizeof( struct BB_suid_config ));
322 sct-> m_applet = applet;
323 sct-> m_next = suid_config;
326 while ( isspace ( *++p )) { } /* skip whitespace */
331 case 'S': sct-> m_mode |= S_ISUID; break;
332 case 's': sct-> m_mode |= S_ISUID; /* no break */
333 case 'x': sct-> m_mode |= S_IXUSR; break;
335 default : parse_error ( "invalid user mode" );
339 case 's': sct-> m_mode |= S_ISGID; /* no break */
340 case 'x': sct-> m_mode |= S_IXGRP; break;
343 default : parse_error ( "invalid group mode" );
348 case 'x': sct-> m_mode |= S_IXOTH; break;
351 default : parse_error ( "invalid other mode" );
354 while ( isspace ( *++p )) { } /* skip whitespace */
356 if ( isdigit ( *p )) {
357 sct-> m_uid = strtol ( p, &p, 10 );
359 parse_error ( "parsing <uid>.<gid>" );
363 char *p2 = strchr ( p, '.' );
366 parse_error ( "parsing <uid>.<gid>" );
369 pwd = getpwnam ( p );
372 parse_error ( "invalid user name" );
374 sct-> m_uid = pwd-> pw_uid;
378 sct-> m_gid = strtol ( p, &p, 10 );
380 struct group *grp = getgrnam ( p );
383 parse_error ( "invalid group name" );
385 sct-> m_gid = grp-> gr_gid;
390 default: /* unknown - skip */
395 parse_error ( "keyword not within section" );
402 return 0; /* no config file or not readable (not an error) */
405 fprintf ( stderr, "Parse error in %s, line %d: %s\n", CONFIG_FILE, lc, err );
419 c-file-style: "linux"
projects / oweals / busybox.git / blob