1 /* vi: set sw=4 ts=4: */
5 * Copyright (C) tons of folks. Tracking down who wrote what
6 * isn't something I'm going to worry about... If you wrote something
7 * here, please feel free to acknowledge your work.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 * Based in part on code from sash, Copyright (c) 1999 by David I. Bell
24 * Permission has been granted to redistribute this code under the GPL.
39 struct BB_applet *applet_using;
41 /* The -1 arises because of the {0,NULL,0,-1} entry above. */
42 const size_t NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
45 #ifdef CONFIG_FEATURE_SUID
47 static void check_suid ( struct BB_applet *app );
49 #ifdef CONFIG_FEATURE_SUID_CONFIG
56 static int parse_config_file ( void );
60 #define CONFIG_FILE "/etc/busybox.conf"
62 // applets [] is const, so we have to define this "override" structure
63 struct BB_suid_config {
64 struct BB_applet *m_applet;
70 struct BB_suid_config *m_next;
73 static struct BB_suid_config *suid_config;
75 #endif // CONFIG_FEATURE_SUID_CONFIG
77 #endif // CONFIG_FEATURE_SUID
81 extern void show_usage(void)
83 const char *format_string;
84 const char *usage_string = usage_messages;
87 for (i = applet_using - applets; i > 0; ) {
88 if (!*usage_string++) {
92 format_string = "%s\n\nUsage: %s %s\n\n";
93 if(*usage_string == 0)
94 format_string = "%s\n\nNo help available.\n\n";
95 fprintf(stderr, format_string,
96 full_version, applet_using->name, usage_string);
100 static int applet_name_compare(const void *x, const void *y)
102 const char *name = x;
103 const struct BB_applet *applet = y;
105 return strcmp(name, applet->name);
108 extern const size_t NUM_APPLETS;
110 struct BB_applet *find_applet_by_name(const char *name)
112 return bsearch(name, applets, NUM_APPLETS, sizeof(struct BB_applet),
113 applet_name_compare);
116 void run_applet_by_name(const char *name, int argc, char **argv)
118 static int recurse_level = 0;
119 extern int been_there_done_that; /* From busybox.c */
121 #ifdef CONFIG_FEATURE_SUID_CONFIG
122 if ( recurse_level == 0 )
123 config_ok = parse_config_file ( );
127 /* Do a binary search to find the applet entry given the name. */
128 if ((applet_using = find_applet_by_name(name)) != NULL) {
129 applet_name = applet_using->name;
130 if (argv[1] && strcmp(argv[1], "--help") == 0) {
131 if (strcmp(applet_using->name, "busybox")==0) {
133 applet_using = find_applet_by_name(argv[2]);
139 been_there_done_that=1;
140 busybox_main(0, NULL);
142 #ifdef CONFIG_FEATURE_SUID
143 check_suid ( applet_using );
146 exit((*(applet_using->main)) (argc, argv));
148 /* Just in case they have renamed busybox - Check argv[1] */
149 if (recurse_level == 1) {
150 run_applet_by_name("busybox", argc, argv);
156 #ifdef CONFIG_FEATURE_SUID
158 #ifdef CONFIG_FEATURE_SUID_CONFIG
160 // check if u is member of group g
161 static int ingroup ( uid_t u, gid_t g )
163 struct group *grp = getgrgid ( g );
168 for ( mem = grp-> gr_mem; *mem; mem++ ) {
169 struct passwd *pwd = getpwnam ( *mem );
171 if ( pwd && ( pwd-> pw_uid == u ))
181 void check_suid ( struct BB_applet *applet )
183 uid_t ruid = getuid ( ); // real [ug]id
184 uid_t rgid = getgid ( );
186 #ifdef CONFIG_FEATURE_SUID_CONFIG
188 struct BB_suid_config *sct;
190 for ( sct = suid_config; sct; sct = sct-> m_next ) {
191 if ( sct-> m_applet == applet )
195 mode_t m = sct-> m_mode;
197 if ( sct-> m_uid == ruid ) // same uid
199 else if (( sct-> m_gid == rgid ) || ingroup ( ruid, sct-> m_gid )) // same group / in group
202 if (!( m & S_IXOTH )) // is x bit not set ?
203 error_msg_and_die ( "You have no permission to run this applet!" );
205 if (( sct-> m_mode & ( S_ISGID | S_IXGRP )) == ( S_ISGID | S_IXGRP )) { // *both* have to be set for sgid
206 if ( setegid ( sct-> m_gid ))
207 error_msg_and_die ( "BusyBox binary has insufficient rights to set proper GID for applet!" );
210 setgid ( rgid ); // no sgid -> drop
212 if ( sct-> m_mode & S_ISUID ) {
213 if ( seteuid ( sct-> m_uid ))
214 error_msg_and_die ( "BusyBox binary has insufficient rights to set proper UID for applet!" );
217 setuid ( ruid ); // no suid -> drop
219 else { // default: drop all priviledges
226 #ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
227 static int onetime = 0;
231 fprintf ( stderr, "Using fallback suid method\n" );
237 if ( applet-> need_suid == _BB_SUID_ALWAYS ) {
238 if ( geteuid ( ) != 0 )
239 error_msg_and_die ( "This applet requires root priviledges!" );
241 else if ( applet-> need_suid == _BB_SUID_NEVER ) {
242 setgid ( rgid ); // drop all priviledges
247 #ifdef CONFIG_FEATURE_SUID_CONFIG
250 #define parse_error(x) { err=x; goto pe_label; }
253 int parse_config_file ( void )
262 // is there a config file ?
263 if ( stat ( CONFIG_FILE, &st ) == 0 ) {
264 // is it owned by root with no write perm. for group and others ?
265 if ( S_ISREG( st. st_mode ) && ( st. st_uid == 0 ) && (!( st. st_mode & ( S_IWGRP | S_IWOTH )))) {
266 // that's ok .. then try to open it
267 f = fopen ( CONFIG_FILE, "r" );
273 while ( fgets ( buffer, sizeof( buffer ) - 1, f )) {
279 p = strchr ( buffer, '#' );
282 p = buffer + xstrlen ( buffer );
283 while (( p > buffer ) && isspace ( *--p ))
290 p = strchr ( buffer, ']' );
292 if ( !p || ( p == ( buffer + 1 ))) // no matching ] or empty []
293 parse_error ( "malformed section header" );
297 if ( strcasecmp ( buffer + 1, "SUID" ) == 0 )
300 section = -1; // unknown section - just skip
302 else if ( section ) {
306 struct BB_applet *applet;
308 p = strchr ( buffer, '=' ); // <key>[::space::]*=[::space::]*<value>
310 if ( !p || ( p == ( buffer + 1 ))) // no = or key is empty
311 parse_error ( "malformed keyword" );
314 while ( isspace ( buffer [--l] )) { } // skip whitespace
318 if (( applet = find_applet_by_name ( buffer ))) {
319 struct BB_suid_config *sct = xmalloc ( sizeof( struct BB_suid_config ));
321 sct-> m_applet = applet;
322 sct-> m_next = suid_config;
325 while ( isspace ( *++p )) { } // skip whitespace
330 case 'S': sct-> m_mode |= S_ISUID; break;
331 case 's': sct-> m_mode |= S_ISUID; // no break
332 case 'x': sct-> m_mode |= S_IXUSR; break;
334 default : parse_error ( "invalid user mode" );
338 case 's': sct-> m_mode |= S_ISGID; // no break
339 case 'x': sct-> m_mode |= S_IXGRP; break;
342 default : parse_error ( "invalid group mode" );
347 case 'x': sct-> m_mode |= S_IXOTH; break;
350 default : parse_error ( "invalid other mode" );
353 while ( isspace ( *++p )) { } // skip whitespace
355 if ( isdigit ( *p )) {
356 sct-> m_uid = strtol ( p, &p, 10 );
358 parse_error ( "parsing <uid>.<gid>" );
362 char *p2 = strchr ( p, '.' );
365 parse_error ( "parsing <uid>.<gid>" );
368 pwd = getpwnam ( p );
371 parse_error ( "invalid user name" );
373 sct-> m_uid = pwd-> pw_uid;
377 sct-> m_gid = strtol ( p, &p, 10 );
379 struct group *grp = getgrnam ( p );
382 parse_error ( "invalid group name" );
384 sct-> m_gid = grp-> gr_gid;
389 default: // unknown - skip
394 parse_error ( "keyword not within section" );
401 return 0; // no config file or not readable (not an error)
404 fprintf ( stderr, "Parse error in %s, line %d: %s\n", CONFIG_FILE, lc, err );
418 c-file-style: "linux"