X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=runit%2Fchpst.c;h=082d7268215ed0d32a7ba77a252f03a346486d18;hb=2ec91aead52d6ea6a42420005119ebb281a76cdc;hp=3fcef8eec3b16ff70f1c1a34c364a08f16ca908d;hpb=83ea643d8dc9b6f53706ba30bc4b53338f4f7994;p=oweals%2Fbusybox.git diff --git a/runit/chpst.c b/runit/chpst.c index 3fcef8eec..082d72682 100644 --- a/runit/chpst.c +++ b/runit/chpst.c @@ -25,61 +25,75 @@ OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -/* Busyboxed by Denis Vlasenko */ +/* Busyboxed by Denys Vlasenko */ /* Dependencies on runit_lib.c removed */ -#include "busybox.h" - +#include "libbb.h" #include -// Must match constants in chpst_main! -#define OPT_verbose (option_mask32 & 0x2000) -#define OPT_pgrp (option_mask32 & 0x4000) -#define OPT_nostdin (option_mask32 & 0x8000) -#define OPT_nostdout (option_mask32 & 0x10000) -#define OPT_nostderr (option_mask32 & 0x20000) - -static char *set_user; -static char *env_user; -static const char *env_dir; -static long limitd = -2; -static long limits = -2; -static long limitl = -2; -static long limita = -2; -static long limito = -2; -static long limitp = -2; -static long limitf = -2; -static long limitc = -2; -static long limitr = -2; -static long limitt = -2; -static int nicelvl; -static const char *root; - -static void suidgid(char *user) -{ - struct bb_uidgid_t ugid; +/* +Five applets here: chpst, envdir, envuidgid, setuidgid, softlimit. - if (!uidgid_get(&ugid, user)) { - bb_error_msg_and_die("unknown user/group: %s", user); - } - if (setgroups(1, &ugid.gid) == -1) - bb_perror_msg_and_die("setgroups"); - xsetgid(ugid.gid); - xsetuid(ugid.uid); -} +Only softlimit and chpst are taking options: -static void euidgid(char *user) -{ - struct bb_uidgid_t ugid; +# common +-o N Limit number of open files per process +-p N Limit number of processes per uid +-m BYTES Same as -d BYTES -s BYTES -l BYTES [-a BYTES] +-d BYTES Limit data segment +-f BYTES Limit output file sizes +-c BYTES Limit core file size +# softlimit +-a BYTES Limit total size of all segments +-s BYTES Limit stack segment +-l BYTES Limit locked memory size +-r BYTES Limit resident set size +-t N Limit CPU time +# chpst +-u USER[:GRP] Set uid and gid +-U USER[:GRP] Set $UID and $GID in environment +-e DIR Set environment variables as specified by files in DIR +-/ DIR Chroot to DIR +-n NICE Add NICE to nice value +-v Verbose +-P Create new process group +-0 -1 -2 Close fd 0,1,2 - if (!uidgid_get(&ugid, user)) { - bb_error_msg_and_die("unknown user/group: %s", user); - } - xsetenv("GID", utoa(ugid.gid)); - xsetenv("UID", utoa(ugid.uid)); -} +Even though we accept all these options for both softlimit and chpst, +they are not to be advertised on their help texts. +We have enough problems with feature creep in other people's +software, don't want to add our own. -static void edir(const char *directory_name) +envdir, envuidgid, setuidgid take no options, but they reuse code which +handles -e, -U and -u. +*/ + +enum { + OPT_a = (1 << 0) * ENABLE_SOFTLIMIT, + OPT_c = (1 << 1) * (ENABLE_SOFTLIMIT || ENABLE_CHPST), + OPT_d = (1 << 2) * (ENABLE_SOFTLIMIT || ENABLE_CHPST), + OPT_f = (1 << 3) * (ENABLE_SOFTLIMIT || ENABLE_CHPST), + OPT_l = (1 << 4) * ENABLE_SOFTLIMIT, + OPT_m = (1 << 5) * (ENABLE_SOFTLIMIT || ENABLE_CHPST), + OPT_o = (1 << 6) * (ENABLE_SOFTLIMIT || ENABLE_CHPST), + OPT_p = (1 << 7) * (ENABLE_SOFTLIMIT || ENABLE_CHPST), + OPT_r = (1 << 8) * ENABLE_SOFTLIMIT, + OPT_s = (1 << 9) * ENABLE_SOFTLIMIT, + OPT_t = (1 << 10) * ENABLE_SOFTLIMIT, + OPT_u = (1 << 11) * (ENABLE_CHPST || ENABLE_SETUIDGID), + OPT_U = (1 << 12) * (ENABLE_CHPST || ENABLE_ENVUIDGID), + OPT_e = (1 << 13) * (ENABLE_CHPST || ENABLE_ENVDIR), + OPT_root = (1 << 14) * ENABLE_CHPST, + OPT_n = (1 << 15) * ENABLE_CHPST, + OPT_v = (1 << 16) * ENABLE_CHPST, + OPT_P = (1 << 17) * ENABLE_CHPST, + OPT_0 = (1 << 18) * ENABLE_CHPST, + OPT_1 = (1 << 19) * ENABLE_CHPST, + OPT_2 = (1 << 20) * ENABLE_CHPST, +}; + +/* TODO: use recursive_action? */ +static NOINLINE void edir(const char *directory_name) { int wdir; DIR *dir; @@ -88,10 +102,12 @@ static void edir(const char *directory_name) wdir = xopen(".", O_RDONLY | O_NDELAY); xchdir(directory_name); - dir = opendir("."); - if (!dir) - bb_perror_msg_and_die("opendir %s", directory_name); + dir = xopendir("."); for (;;) { + RESERVE_CONFIG_BUFFER(buf, 256); + char *tail; + int size; + errno = 0; d = readdir(dir); if (!d) { @@ -100,11 +116,12 @@ static void edir(const char *directory_name) directory_name); break; } - if (d->d_name[0] == '.') continue; + if (d->d_name[0] == '.') + continue; fd = open(d->d_name, O_RDONLY | O_NDELAY); if (fd < 0) { - if ((errno == EISDIR) && env_dir) { - if (OPT_verbose) + if ((errno == EISDIR) && directory_name) { + if (option_mask32 & OPT_v) bb_perror_msg("warning: %s/%s is a directory", directory_name, d->d_name); continue; @@ -112,34 +129,30 @@ static void edir(const char *directory_name) bb_perror_msg_and_die("open %s/%s", directory_name, d->d_name); } - if (fd >= 0) { - char buf[256]; - char *tail; - int size; - - size = safe_read(fd, buf, sizeof(buf)-1); - if (size < 0) - bb_perror_msg_and_die("read %s/%s", - directory_name, d->d_name); - if (size == 0) { - unsetenv(d->d_name); - continue; - } - buf[size] = '\n'; - tail = memchr(buf, '\n', sizeof(buf)); - /* skip trailing whitespace */; - while (1) { - if (tail[0]==' ') tail[0] = '\0'; - if (tail[0]=='\t') tail[0] = '\0'; - if (tail[0]=='\n') tail[0] = '\0'; - if (tail == buf) break; - tail--; - } - xsetenv(d->d_name, buf); + size = full_read(fd, buf, sizeof(buf)-1); + close(fd); + if (size < 0) + bb_perror_msg_and_die("read %s/%s", + directory_name, d->d_name); + if (size == 0) { + unsetenv(d->d_name); + continue; } + buf[size] = '\n'; + tail = strchr(buf, '\n'); + /* skip trailing whitespace */ + while (1) { + *tail = '\0'; + tail--; + if (tail < buf || !isspace(*tail)) + break; + } + xsetenv(d->d_name, buf); + RELEASE_CONFIG_BUFFER(buf); } closedir(dir); - if (fchdir(wdir) == -1) bb_perror_msg_and_die("fchdir"); + if (fchdir(wdir) == -1) + bb_perror_msg_and_die("fchdir"); close(wdir); } @@ -147,227 +160,229 @@ static void limit(int what, long l) { struct rlimit r; - if (getrlimit(what, &r) == -1) bb_perror_msg_and_die("getrlimit"); + /* Never fails under Linux (except if you pass it bad arguments) */ + getrlimit(what, &r); if ((l < 0) || (l > r.rlim_max)) r.rlim_cur = r.rlim_max; else r.rlim_cur = l; - if (setrlimit(what, &r) == -1) bb_perror_msg_and_die("setrlimit"); + if (setrlimit(what, &r) == -1) + bb_perror_msg_and_die("setrlimit"); } -static void slimit(void) +int chpst_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; +int chpst_main(int argc UNUSED_PARAM, char **argv) { - if (limitd >= -1) { + struct bb_uidgid_t ugid; + char *set_user = set_user; /* for compiler */ + char *env_user = env_user; + char *env_dir = env_dir; + char *root; + char *nicestr; + unsigned limita; + unsigned limitc; + unsigned limitd; + unsigned limitf; + unsigned limitl; + unsigned limitm; + unsigned limito; + unsigned limitp; + unsigned limitr; + unsigned limits; + unsigned limitt; + unsigned opt; + + if ((ENABLE_CHPST && applet_name[0] == 'c') + || (ENABLE_SOFTLIMIT && applet_name[1] == 'o') + ) { + // FIXME: can we live with int-sized limits? + // can we live with 40000 days? + // if yes -> getopt converts strings to numbers for us + opt_complementary = "-1:a+:c+:d+:f+:l+:m+:o+:p+:r+:s+:t+"; + opt = getopt32(argv, "+a:c:d:f:l:m:o:p:r:s:t:u:U:e:" + IF_CHPST("/:n:vP012"), + &limita, &limitc, &limitd, &limitf, &limitl, + &limitm, &limito, &limitp, &limitr, &limits, &limitt, + &set_user, &env_user, &env_dir + IF_CHPST(, &root, &nicestr)); + argv += optind; + if (opt & OPT_m) { // -m means -asld + limita = limits = limitl = limitd = limitm; + opt |= (OPT_s | OPT_l | OPT_a | OPT_d); + } + } else { + option_mask32 = opt = 0; + argv++; + if (!*argv) + bb_show_usage(); + } + + // envdir? + if (ENABLE_ENVDIR && applet_name[3] == 'd') { + env_dir = *argv++; + opt |= OPT_e; + } + + // setuidgid? + if (ENABLE_SETUIDGID && applet_name[1] == 'e') { + set_user = *argv++; + opt |= OPT_u; + } + + // envuidgid? + if (ENABLE_ENVUIDGID && applet_name[0] == 'e' && applet_name[3] == 'u') { + env_user = *argv++; + opt |= OPT_U; + } + + // we must have PROG [ARGS] + if (!*argv) + bb_show_usage(); + + // set limits + if (opt & OPT_d) { #ifdef RLIMIT_DATA limit(RLIMIT_DATA, limitd); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_DATA"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "DATA"); #endif } - if (limits >= -1) { + if (opt & OPT_s) { #ifdef RLIMIT_STACK limit(RLIMIT_STACK, limits); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_STACK"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "STACK"); #endif } - if (limitl >= -1) { + if (opt & OPT_l) { #ifdef RLIMIT_MEMLOCK limit(RLIMIT_MEMLOCK, limitl); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_MEMLOCK"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "MEMLOCK"); #endif } - if (limita >= -1) { + if (opt & OPT_a) { #ifdef RLIMIT_VMEM limit(RLIMIT_VMEM, limita); #else #ifdef RLIMIT_AS limit(RLIMIT_AS, limita); #else - if (OPT_verbose) - bb_error_msg("system does not support %s", - "RLIMIT_VMEM"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "VMEM"); #endif #endif } - if (limito >= -1) { + if (opt & OPT_o) { #ifdef RLIMIT_NOFILE limit(RLIMIT_NOFILE, limito); #else #ifdef RLIMIT_OFILE limit(RLIMIT_OFILE, limito); #else - if (OPT_verbose) - bb_error_msg("system does not support %s", - "RLIMIT_NOFILE"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "NOFILE"); #endif #endif } - if (limitp >= -1) { + if (opt & OPT_p) { #ifdef RLIMIT_NPROC limit(RLIMIT_NPROC, limitp); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_NPROC"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "NPROC"); #endif } - if (limitf >= -1) { + if (opt & OPT_f) { #ifdef RLIMIT_FSIZE limit(RLIMIT_FSIZE, limitf); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_FSIZE"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "FSIZE"); #endif } - if (limitc >= -1) { + if (opt & OPT_c) { #ifdef RLIMIT_CORE limit(RLIMIT_CORE, limitc); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_CORE"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "CORE"); #endif } - if (limitr >= -1) { + if (opt & OPT_r) { #ifdef RLIMIT_RSS limit(RLIMIT_RSS, limitr); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_RSS"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "RSS"); #endif } - if (limitt >= -1) { + if (opt & OPT_t) { #ifdef RLIMIT_CPU limit(RLIMIT_CPU, limitt); #else - if (OPT_verbose) bb_error_msg("system does not support %s", - "RLIMIT_CPU"); + if (opt & OPT_v) + bb_error_msg("system does not support RLIMIT_%s", + "CPU"); #endif } -} -/* argv[0] */ -static void setuidgid(int, char **); -static void envuidgid(int, char **); -static void envdir(int, char **); -static void softlimit(int, char **); + if (opt & OPT_P) + setsid(); -int chpst_main(int argc, char **argv) -{ - if (applet_name[3] == 'd') envdir(argc, argv); - if (applet_name[1] == 'o') softlimit(argc, argv); - if (applet_name[0] == 's') setuidgid(argc, argv); - if (applet_name[0] == 'e') envuidgid(argc, argv); - // otherwise we are.......... chpst - - { - char *m,*d,*o,*p,*f,*c,*r,*t,*n; - getopt32(argc, argv, "+u:U:e:m:d:o:p:f:c:r:t:/:n:vP012", - &set_user,&env_user,&env_dir, - &m,&d,&o,&p,&f,&c,&r,&t,&root,&n); - // if (option_mask32 & 0x1) // -u - // if (option_mask32 & 0x2) // -U - // if (option_mask32 & 0x4) // -e - if (option_mask32 & 0x8) limits = limitl = limita = limitd = xatoul(m); // -m - if (option_mask32 & 0x10) limitd = xatoul(d); // -d - if (option_mask32 & 0x20) limito = xatoul(o); // -o - if (option_mask32 & 0x40) limitp = xatoul(p); // -p - if (option_mask32 & 0x80) limitf = xatoul(f); // -f - if (option_mask32 & 0x100) limitc = xatoul(c); // -c - if (option_mask32 & 0x200) limitr = xatoul(r); // -r - if (option_mask32 & 0x400) limitt = xatoul(t); // -t - // if (option_mask32 & 0x800) // -/ - if (option_mask32 & 0x1000) nicelvl = xatoi(n); // -n - // The below consts should match #defines at top! - //if (option_mask32 & 0x2000) OPT_verbose = 1; // -v - //if (option_mask32 & 0x4000) OPT_pgrp = 1; // -P - //if (option_mask32 & 0x8000) OPT_nostdin = 1; // -0 - //if (option_mask32 & 0x10000) OPT_nostdout = 1; // -1 - //if (option_mask32 & 0x20000) OPT_nostderr = 1; // -2 + if (opt & OPT_e) + edir(env_dir); + + // FIXME: chrooted jail must have /etc/passwd if we move this after chroot! + // OTOH chroot fails for non-roots! + // SOLUTION: cache uid/gid before chroot, apply uid/gid after + if (opt & OPT_U) { + xget_uidgid(&ugid, env_user); + xsetenv("GID", utoa(ugid.gid)); + xsetenv("UID", utoa(ugid.uid)); } - argv += optind; - if (!argv || !*argv) bb_show_usage(); - - if (OPT_pgrp) setsid(); - if (env_dir) edir(env_dir); - if (root) { + + if (opt & OPT_u) { + xget_uidgid(&ugid, set_user); + } + + if (opt & OPT_root) { xchdir(root); - if (chroot(".") == -1) - bb_perror_msg_and_die("chroot"); + xchroot("."); } - slimit(); - if (nicelvl) { + + if (opt & OPT_u) { + if (setgroups(1, &ugid.gid) == -1) + bb_perror_msg_and_die("setgroups"); + xsetgid(ugid.gid); + xsetuid(ugid.uid); + } + + if (opt & OPT_n) { errno = 0; - if (nice(nicelvl) == -1) + if (nice(xatoi(nicestr)) == -1) bb_perror_msg_and_die("nice"); } - if (env_user) euidgid(env_user); - if (set_user) suidgid(set_user); - if (OPT_nostdin) close(0); - if (OPT_nostdout) close(1); - if (OPT_nostderr) close(2); - execvp(argv[0], argv); - bb_perror_msg_and_die("exec %s", argv[0]); -} -static void setuidgid(int argc, char **argv) -{ - const char *account; + if (opt & OPT_0) + close(STDIN_FILENO); + if (opt & OPT_1) + close(STDOUT_FILENO); + if (opt & OPT_2) + close(STDERR_FILENO); - account = *++argv; - if (!account) bb_show_usage(); - if (!*++argv) bb_show_usage(); - suidgid((char*)account); - execvp(argv[0], argv); - bb_perror_msg_and_die("exec %s", argv[0]); -} - -static void envuidgid(int argc, char **argv) -{ - const char *account; - - account = *++argv; - if (!account) bb_show_usage(); - if (!*++argv) bb_show_usage(); - euidgid((char*)account); - execvp(argv[0], argv); - bb_perror_msg_and_die("exec %s", argv[0]); -} - -static void envdir(int argc, char **argv) -{ - const char *dir; - - dir = *++argv; - if (!dir) bb_show_usage(); - if (!*++argv) bb_show_usage(); - edir(dir); - execvp(argv[0], argv); - bb_perror_msg_and_die("exec %s", argv[0]); -} - -static void softlimit(int argc, char **argv) -{ - char *a,*c,*d,*f,*l,*m,*o,*p,*r,*s,*t; - getopt32(argc, argv, "+a:c:d:f:l:m:o:p:r:s:t:", - &a,&c,&d,&f,&l,&m,&o,&p,&r,&s,&t); - if (option_mask32 & 0x001) limita = xatoul(a); // -a - if (option_mask32 & 0x002) limitc = xatoul(c); // -c - if (option_mask32 & 0x004) limitd = xatoul(d); // -d - if (option_mask32 & 0x008) limitf = xatoul(f); // -f - if (option_mask32 & 0x010) limitl = xatoul(l); // -l - if (option_mask32 & 0x020) limits = limitl = limita = limitd = xatoul(m); // -m - if (option_mask32 & 0x040) limito = xatoul(o); // -o - if (option_mask32 & 0x080) limitp = xatoul(p); // -p - if (option_mask32 & 0x100) limitr = xatoul(r); // -r - if (option_mask32 & 0x200) limits = xatoul(s); // -s - if (option_mask32 & 0x400) limitt = xatoul(t); // -t - argv += optind; - if (!argv[0]) bb_show_usage(); - slimit(); - execvp(argv[0], argv); + BB_EXECVP(argv[0], argv); bb_perror_msg_and_die("exec %s", argv[0]); }