1 /* vi: set sw=4 ts=4: */
5 * Copyright (C) tons of folks. Tracking down who wrote what
6 * isn't something I'm going to worry about... If you wrote something
7 * here, please feel free to acknowledge your work.
9 * Based in part on code from sash, Copyright (c) 1999 by David I. Bell
10 * Permission has been granted to redistribute this code under the GPL.
12 * Licensed under GPLv2 or later, see file License in this tarball for details.
23 /* Apparently uclibc defines __GLIBC__ (compat trick?). Oh well. */
24 #if ENABLE_STATIC && defined(__GLIBC__) && !defined(__UCLIBC__)
25 #warning Static linking against glibc produces buggy executables
26 #warning (glibc does not cope well with ld --gc-sections).
27 #warning See sources.redhat.com/bugzilla/show_bug.cgi?id=3400
28 #warning Note that glibc is unsuitable for static linking anyway.
29 #warning If you still want to do it, remove -Wl,--gc-sections
30 #warning from top-level Makefile and remove this warning.
33 #if ENABLE_SHOW_USAGE && !ENABLE_FEATURE_COMPRESS_USAGE
34 static const char usage_messages[] =
41 #define usage_messages 0
42 #endif /* ENABLE_SHOW_USAGE */
49 static struct BB_applet *applet_using;
51 /* The -1 arises because of the {0,NULL,0,-1} entry above. */
52 const unsigned short NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
55 #ifdef CONFIG_FEATURE_SUID_CONFIG
59 #define CONFIG_FILE "/etc/busybox.conf"
61 /* applets [] is const, so we have to define this "override" structure */
62 static struct BB_suid_config
64 struct BB_applet *m_applet;
70 struct BB_suid_config *m_next;
73 static int suid_cfg_readable;
75 /* check if u is member of group g */
76 static int ingroup(uid_t u, gid_t g)
78 struct group *grp = getgrgid(g);
83 for (mem = grp->gr_mem; *mem; mem++) {
84 struct passwd *pwd = getpwnam(*mem);
86 if (pwd && (pwd->pw_uid == u))
93 /* This should probably be a libbb routine. In that case,
94 * I'd probably rename it to something like bb_trimmed_slice.
96 static char *get_trimmed_slice(char *s, char *e)
98 /* First, consider the value at e to be nul and back up until we
99 * reach a non-space char. Set the char after that (possibly at
100 * the original e) to nul. */
108 /* Next, advance past all leading space and return a ptr to the
109 * first non-space char; possibly the terminating nul. */
110 return skip_whitespace(s);
114 #define parse_error(x) do { errmsg = x; goto pe_label; } while(0)
116 /* Don't depend on the tools to combine strings. */
117 static const char config_file[] = CONFIG_FILE;
119 /* There are 4 chars + 1 nul for each of user/group/other. */
120 static const char mode_chars[] = "Ssx-\0Ssx-\0Ttx-";
122 /* We don't supply a value for the nul, so an index adjustment is
123 * necessary below. Also, we use unsigned short here to save some
124 * space even though these are really mode_t values. */
125 static const unsigned short mode_mask[] = {
126 /* SST sst xxx --- */
127 S_ISUID, S_ISUID|S_IXUSR, S_IXUSR, 0, /* user */
128 S_ISGID, S_ISGID|S_IXGRP, S_IXGRP, 0, /* group */
129 0, S_IXOTH, S_IXOTH, 0 /* other */
132 static void parse_config_file(void)
134 struct BB_suid_config *sct_head;
135 struct BB_suid_config *sct;
136 struct BB_applet *applet;
145 assert(!suid_config); /* Should be set to NULL by bss init. */
147 if ((stat(config_file, &st) != 0) /* No config file? */
148 || !S_ISREG(st.st_mode) /* Not a regular file? */
149 || (st.st_uid != 0) /* Not owned by root? */
150 || (st.st_mode & (S_IWGRP | S_IWOTH)) /* Writable by non-root? */
151 || !(f = fopen(config_file, "r")) /* Cannot open? */
156 suid_cfg_readable = 1;
163 if (!fgets(s, sizeof(buffer), f)) { /* Are we done? */
164 if (ferror(f)) { /* Make sure it wasn't a read error. */
165 parse_error("reading");
168 suid_config = sct_head; /* Success, so set the pointer. */
172 lc++; /* Got a (partial) line. */
174 /* If a line is too long for our buffer, we consider it an error.
175 * The following test does mistreat one corner case though.
176 * If the final line of the file does not end with a newline and
177 * yet exactly fills the buffer, it will be treated as too long
178 * even though there isn't really a problem. But it isn't really
179 * worth adding code to deal with such an unlikely situation, and
180 * we do err on the side of caution. Besides, the line would be
181 * too long if it did end with a newline. */
182 if (!strchr(s, '\n') && !feof(f)) {
183 parse_error("line too long");
186 /* Trim leading and trailing whitespace, ignoring comments, and
187 * check if the resulting string is empty. */
188 if (!*(s = get_trimmed_slice(s, strchrnul(s, '#')))) {
192 /* Check for a section header. */
195 /* Unlike the old code, we ignore leading and trailing
196 * whitespace for the section name. We also require that
197 * there are no stray characters after the closing bracket. */
198 if (!(e = strchr(s, ']')) /* Missing right bracket? */
199 || e[1] /* Trailing characters? */
200 || !*(s = get_trimmed_slice(s+1, e)) /* Missing name? */
202 parse_error("section header");
204 /* Right now we only have one section so just check it.
205 * If more sections are added in the future, please don't
206 * resort to cascading ifs with multiple strcasecmp calls.
207 * That kind of bloated code is all too common. A loop
208 * and a string table would be a better choice unless the
209 * number of sections is very small. */
210 if (strcasecmp(s, "SUID") == 0) {
214 section = -1; /* Unknown section so set to skip. */
218 /* Process sections. */
220 if (section == 1) { /* SUID */
221 /* Since we trimmed leading and trailing space above, we're
222 * now looking for strings of the form
223 * <key>[::space::]*=[::space::]*<value>
224 * where both key and value could contain inner whitespace. */
226 /* First get the key (an applet name in our case). */
227 if (!!(e = strchr(s, '='))) {
228 s = get_trimmed_slice(s, e);
230 if (!e || !*s) { /* Missing '=' or empty key. */
231 parse_error("keyword");
234 /* Ok, we have an applet name. Process the rhs if this
235 * applet is currently built in and ignore it otherwise.
236 * Note: This can hide config file bugs which only pop
237 * up when the busybox configuration is changed. */
238 if ((applet = find_applet_by_name(s))) {
239 /* Note: We currently don't check for duplicates!
240 * The last config line for each applet will be the
241 * one used since we insert at the head of the list.
242 * I suppose this could be considered a feature. */
243 sct = xmalloc(sizeof(struct BB_suid_config));
244 sct->m_applet = applet;
246 sct->m_next = sct_head;
249 /* Get the specified mode. */
251 e = skip_whitespace(e+1);
253 for (i=0 ; i < 3 ; i++) {
255 if (!*(q = strchrnul(mode_chars + 5*i, *e++))) {
258 /* Adjust by -i to account for nul. */
259 sct->m_mode |= mode_mask[(q - mode_chars) - i];
262 /* Now get the the user/group info. */
264 s = skip_whitespace(e);
266 /* Note: We require whitespace between the mode and the
267 * user/group info. */
268 if ((s == e) || !(e = strchr(s, '.'))) {
269 parse_error("<uid>.<gid>");
273 /* We can't use get_ug_id here since it would exit()
274 * if a uid or gid was not found. Oh well... */
278 sct->m_uid = strtoul(s, &e2, 10);
279 if (*e2 || (s == e2)) {
280 struct passwd *pwd = getpwnam(s);
284 sct->m_uid = pwd->pw_uid;
287 sct->m_gid = strtoul(e, &e2, 10);
288 if (*e2 || (e == e2)) {
290 if (!(grp = getgrnam(e))) {
291 parse_error("group");
293 sct->m_gid = grp->gr_gid;
300 /* Unknown sections are ignored. */
302 /* Encountering configuration lines prior to seeing a
303 * section header is treated as an error. This is how
304 * the old code worked, but it may not be desirable.
305 * We may want to simply ignore such lines in case they
306 * are used in some future version of busybox. */
308 parse_error("keyword outside section");
314 fprintf(stderr, "Parse error in %s, line %d: %s\n",
315 config_file, lc, errmsg);
318 /* Release any allocated memory before returning. */
320 sct = sct_head->m_next;
327 #define parse_config_file() ((void)0)
328 #endif /* CONFIG_FEATURE_SUID_CONFIG */
330 #ifdef CONFIG_FEATURE_SUID
331 static void check_suid(struct BB_applet *applet)
333 uid_t ruid = getuid(); /* real [ug]id */
334 uid_t rgid = getgid();
336 #ifdef CONFIG_FEATURE_SUID_CONFIG
337 if (suid_cfg_readable) {
338 struct BB_suid_config *sct;
340 for (sct = suid_config; sct; sct = sct->m_next) {
341 if (sct->m_applet == applet)
345 mode_t m = sct->m_mode;
347 if (sct->m_uid == ruid)
350 else if ((sct->m_gid == rgid) || ingroup(ruid, sct->m_gid))
351 /* same group / in group */
354 if (!(m & S_IXOTH)) /* is x bit not set ? */
355 bb_error_msg_and_die("you have no permission to run this applet!");
357 if (sct->m_gid != 0) {
358 /* _both_ have to be set for sgid */
359 if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
361 } else xsetgid(rgid); /* no sgid -> drop */
363 if (sct->m_uid != 0) {
364 if (sct->m_mode & S_ISUID) xsetuid(sct->m_uid);
365 else xsetuid(ruid); /* no suid -> drop */
368 /* default: drop all privileges */
374 #ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
375 static int onetime = 0;
379 fprintf(stderr, "Using fallback suid method\n");
385 if (applet->need_suid == _BB_SUID_ALWAYS) {
386 if (geteuid()) bb_error_msg_and_die("applet requires root privileges!");
387 } else if (applet->need_suid == _BB_SUID_NEVER) {
388 xsetgid(rgid); /* drop all privileges */
393 #define check_suid(x)
394 #endif /* CONFIG_FEATURE_SUID */
398 #ifdef CONFIG_FEATURE_COMPRESS_USAGE
400 #include "usage_compressed.h"
401 #include "unarchive.h"
403 static const char *unpack_usage_messages(void)
405 int input[2], output[2], pid;
408 if(pipe(input) < 0 || pipe(output) < 0)
418 uncompressStream(input[0], output[1]);
430 full_write(input[1], packed_usage, sizeof(packed_usage));
436 buf = xmalloc(SIZEOF_usage_messages);
437 full_read(output[0], buf, SIZEOF_usage_messages);
442 #define unpack_usage_messages() usage_messages
443 #endif /* ENABLE_FEATURE_COMPRESS_USAGE */
445 void bb_show_usage(void)
447 if (ENABLE_SHOW_USAGE) {
448 const char *format_string;
449 const char *usage_string = unpack_usage_messages();
452 for (i = applet_using - applets; i > 0;)
453 if (!*usage_string++) --i;
455 format_string = "%s\n\nUsage: %s %s\n\n";
456 if (*usage_string == '\b')
457 format_string = "%s\n\nNo help available.\n\n";
458 fprintf(stderr, format_string, bb_msg_full_version,
459 applet_using->name, usage_string);
462 exit(xfunc_error_retval);
465 static int applet_name_compare(const void *name, const void *vapplet)
467 const struct BB_applet *applet = vapplet;
469 return strcmp(name, applet->name);
472 struct BB_applet *find_applet_by_name(const char *name)
474 return bsearch(name, applets, NUM_APPLETS, sizeof(struct BB_applet),
475 applet_name_compare);
478 void run_applet_by_name(const char *name, int argc, char **argv)
480 if (ENABLE_FEATURE_SUID_CONFIG)
483 if (!strncmp(name, "busybox", 7))
484 exit(busybox_main(argc, argv));
485 /* Do a binary search to find the applet entry given the name. */
486 applet_using = find_applet_by_name(name);
488 applet_name = applet_using->name;
489 if (argc == 2 && !strcmp(argv[1], "--help"))
491 if (ENABLE_FEATURE_SUID)
492 check_suid(applet_using);
493 exit(applet_using->main(argc, argv));
projects / oweals / busybox.git / blob