From: Mathieu Desnoyers Date: Sat, 7 Jan 2012 21:19:51 +0000 (-0500) Subject: Move runas to common/ X-Git-Url: http://git.efficios.com/?p=lttng-tools.git;a=commitdiff_plain;h=58415b8b6071fddaa8f99c9799e9c30608dbb971 Move runas to common/ Signed-off-by: Mathieu Desnoyers --- diff --git a/Makefile.am b/Makefile.am index 39b9f2f94..b744596b1 100644 --- a/Makefile.am +++ b/Makefile.am @@ -3,7 +3,6 @@ ACLOCAL_AMFLAGS = -I config SUBDIRS = common \ liblttng-sessiond-comm \ libkernelctl \ - librunas \ liblttng-kconsumer \ liblttng-ustconsumer \ liblttng-consumer \ diff --git a/common/runas.c b/common/runas.c new file mode 100644 index 000000000..f612ccc75 --- /dev/null +++ b/common/runas.c @@ -0,0 +1,311 @@ +/* + * Copyright (C) 2011 - David Goulet + * Mathieu Desnoyers + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; only version 2 of the License. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 59 Temple + * Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +#define _GNU_SOURCE +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#define CHILD_STACK_SIZE 10485760 + +struct run_as_data { + int (*cmd)(void *data); + void *data; + uid_t uid; + gid_t gid; + int retval_pipe; +}; + +struct mkdir_data { + const char *path; + mode_t mode; +}; + +struct open_data { + const char *path; + int flags; + mode_t mode; +}; + +/* + * Create recursively directory using the FULL path. + */ +static +int _mkdir_recursive(void *_data) +{ + struct mkdir_data *data = _data; + const char *path; + char *p, tmp[PATH_MAX]; + struct stat statbuf; + mode_t mode; + size_t len; + int ret; + + path = data->path; + mode = data->mode; + + ret = snprintf(tmp, sizeof(tmp), "%s", path); + if (ret < 0) { + PERROR("snprintf mkdir"); + goto error; + } + + len = ret; + if (tmp[len - 1] == '/') { + tmp[len - 1] = 0; + } + + for (p = tmp + 1; *p; p++) { + if (*p == '/') { + *p = 0; + ret = stat(tmp, &statbuf); + if (ret < 0) { + ret = mkdir(tmp, mode); + if (ret < 0) { + if (!(errno == EEXIST)) { + PERROR("mkdir recursive"); + ret = -errno; + goto error; + } + } + } + *p = '/'; + } + } + + ret = mkdir(tmp, mode); + if (ret < 0) { + if (!(errno == EEXIST)) { + PERROR("mkdir recursive last piece"); + ret = -errno; + } else { + ret = 0; + } + } + +error: + return ret; +} + +static +int _mkdir(void *_data) +{ + struct mkdir_data *data = _data; + return mkdir(data->path, data->mode); +} + +static +int _open(void *_data) +{ + struct open_data *data = _data; + return open(data->path, data->flags, data->mode); +} + +static +int child_run_as(void *_data) +{ + struct run_as_data *data = _data; + size_t writelen, writeleft, index; + union { + int i; + char c[sizeof(int)]; + } sendret; + int ret; + + /* + * Child: it is safe to drop egid and euid while sharing the + * file descriptors with the parent process, since we do not + * drop "uid": therefore, the user we are dropping egid/euid to + * cannot attach to this process with, e.g. ptrace, nor map this + * process memory. + */ + if (data->gid != getegid()) { + ret = setegid(data->gid); + if (ret < 0) { + perror("setegid"); + return EXIT_FAILURE; + } + } + if (data->uid != geteuid()) { + ret = seteuid(data->uid); + if (ret < 0) { + perror("seteuid"); + return EXIT_FAILURE; + } + } + /* + * Also set umask to 0 for mkdir executable bit. + */ + umask(0); + sendret.i = (*data->cmd)(data->data); + /* send back return value */ + writeleft = sizeof(sendret); + index = 0; + do { + writelen = write(data->retval_pipe, &sendret.c[index], + writeleft); + if (writelen < 0) { + perror("write"); + return EXIT_FAILURE; + } + writeleft -= writelen; + index += writelen; + } while (writeleft > 0); + return EXIT_SUCCESS; +} + +static +int run_as(int (*cmd)(void *data), void *data, uid_t uid, gid_t gid) +{ + struct run_as_data run_as_data; + int ret = 0; + int status; + pid_t pid; + int retval_pipe[2]; + ssize_t readlen, readleft, index; + void *child_stack; + union { + int i; + char c[sizeof(int)]; + } retval; + + /* + * If we are non-root, we can only deal with our own uid. + */ + if (geteuid() != 0) { + if (uid != geteuid()) { + ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)", + uid, geteuid()); + return -EPERM; + } + } + + ret = pipe(retval_pipe); + if (ret < 0) { + perror("pipe"); + goto end; + } + run_as_data.data = data; + run_as_data.cmd = cmd; + run_as_data.uid = uid; + run_as_data.gid = gid; + run_as_data.retval_pipe = retval_pipe[1]; /* write end */ + child_stack = mmap(NULL, CHILD_STACK_SIZE, + PROT_WRITE | PROT_READ, + MAP_PRIVATE | MAP_GROWSDOWN | MAP_ANONYMOUS | MAP_STACK, + -1, 0); + if (child_stack == MAP_FAILED) { + perror("mmap"); + ret = -ENOMEM; + goto close_pipe; + } + /* + * Pointing to the middle of the stack to support architectures + * where the stack grows up (HPPA). + */ + pid = clone(child_run_as, child_stack + (CHILD_STACK_SIZE / 2), + CLONE_FILES | SIGCHLD | CLONE_VM, + &run_as_data, NULL); + if (pid < 0) { + perror("clone"); + ret = pid; + goto unmap_stack; + } + /* receive return value */ + readleft = sizeof(retval); + index = 0; + do { + readlen = read(retval_pipe[0], &retval.c[index], readleft); + if (readlen < 0) { + perror("read"); + ret = -1; + break; + } + readleft -= readlen; + index += readlen; + } while (readleft > 0); + + /* + * Parent: wait for child to return, in which case the + * shared memory map will have been created. + */ + pid = waitpid(pid, &status, 0); + if (pid < 0 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) { + perror("wait"); + ret = -1; + } +unmap_stack: + ret = munmap(child_stack, CHILD_STACK_SIZE); + if (ret < 0) { + perror("munmap"); + } +close_pipe: + close(retval_pipe[0]); + close(retval_pipe[1]); +end: + return retval.i; +} + +int mkdir_recursive_run_as(const char *path, mode_t mode, uid_t uid, gid_t gid) +{ + struct mkdir_data data; + + DBG3("mkdir() recursive %s with mode %d for uid %d and gid %d", + path, mode, uid, gid); + data.path = path; + data.mode = mode; + return run_as(_mkdir_recursive, &data, uid, gid); +} + +int mkdir_run_as(const char *path, mode_t mode, uid_t uid, gid_t gid) +{ + struct mkdir_data data; + + DBG3("mkdir() %s with mode %d for uid %d and gid %d", + path, mode, uid, gid); + data.path = path; + data.mode = mode; + return run_as(_mkdir, &data, uid, gid); +} + +/* + * Note: open_run_as is currently not working. We'd need to pass the fd + * opened in the child to the parent. + */ +int open_run_as(const char *path, int flags, mode_t mode, uid_t uid, gid_t gid) +{ + struct open_data data; + + DBG3("open() %s with flags %X mode %d for uid %d and gid %d", + path, flags, mode, uid, gid); + data.path = path; + data.flags = flags; + data.mode = mode; + return run_as(_open, &data, uid, gid); +} diff --git a/configure.ac b/configure.ac index 9b8d9d34f..a55dfd55d 100644 --- a/configure.ac +++ b/configure.ac @@ -139,7 +139,6 @@ AC_CONFIG_FILES([ liblttng-ustconsumer/Makefile liblttngctl/Makefile liblttng-sessiond-comm/Makefile - librunas/Makefile lttng-consumerd/Makefile lttng-sessiond/Makefile lttng/Makefile diff --git a/librunas/Makefile.am b/librunas/Makefile.am deleted file mode 100644 index 92ec27242..000000000 --- a/librunas/Makefile.am +++ /dev/null @@ -1,5 +0,0 @@ -AM_CPPFLAGS = -I$(top_srcdir)/include - -noinst_LTLIBRARIES = librunas.la - -librunas_la_SOURCES = runas.c diff --git a/librunas/runas.c b/librunas/runas.c deleted file mode 100644 index f612ccc75..000000000 --- a/librunas/runas.c +++ /dev/null @@ -1,311 +0,0 @@ -/* - * Copyright (C) 2011 - David Goulet - * Mathieu Desnoyers - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the Free - * Software Foundation; only version 2 of the License. - * - * This program is distributed in the hope that it will be useful, but WITHOUT - * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or - * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for - * more details. - * - * You should have received a copy of the GNU General Public License along with - * this program; if not, write to the Free Software Foundation, Inc., 59 Temple - * Place - Suite 330, Boston, MA 02111-1307, USA. - */ - -#define _GNU_SOURCE -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#define CHILD_STACK_SIZE 10485760 - -struct run_as_data { - int (*cmd)(void *data); - void *data; - uid_t uid; - gid_t gid; - int retval_pipe; -}; - -struct mkdir_data { - const char *path; - mode_t mode; -}; - -struct open_data { - const char *path; - int flags; - mode_t mode; -}; - -/* - * Create recursively directory using the FULL path. - */ -static -int _mkdir_recursive(void *_data) -{ - struct mkdir_data *data = _data; - const char *path; - char *p, tmp[PATH_MAX]; - struct stat statbuf; - mode_t mode; - size_t len; - int ret; - - path = data->path; - mode = data->mode; - - ret = snprintf(tmp, sizeof(tmp), "%s", path); - if (ret < 0) { - PERROR("snprintf mkdir"); - goto error; - } - - len = ret; - if (tmp[len - 1] == '/') { - tmp[len - 1] = 0; - } - - for (p = tmp + 1; *p; p++) { - if (*p == '/') { - *p = 0; - ret = stat(tmp, &statbuf); - if (ret < 0) { - ret = mkdir(tmp, mode); - if (ret < 0) { - if (!(errno == EEXIST)) { - PERROR("mkdir recursive"); - ret = -errno; - goto error; - } - } - } - *p = '/'; - } - } - - ret = mkdir(tmp, mode); - if (ret < 0) { - if (!(errno == EEXIST)) { - PERROR("mkdir recursive last piece"); - ret = -errno; - } else { - ret = 0; - } - } - -error: - return ret; -} - -static -int _mkdir(void *_data) -{ - struct mkdir_data *data = _data; - return mkdir(data->path, data->mode); -} - -static -int _open(void *_data) -{ - struct open_data *data = _data; - return open(data->path, data->flags, data->mode); -} - -static -int child_run_as(void *_data) -{ - struct run_as_data *data = _data; - size_t writelen, writeleft, index; - union { - int i; - char c[sizeof(int)]; - } sendret; - int ret; - - /* - * Child: it is safe to drop egid and euid while sharing the - * file descriptors with the parent process, since we do not - * drop "uid": therefore, the user we are dropping egid/euid to - * cannot attach to this process with, e.g. ptrace, nor map this - * process memory. - */ - if (data->gid != getegid()) { - ret = setegid(data->gid); - if (ret < 0) { - perror("setegid"); - return EXIT_FAILURE; - } - } - if (data->uid != geteuid()) { - ret = seteuid(data->uid); - if (ret < 0) { - perror("seteuid"); - return EXIT_FAILURE; - } - } - /* - * Also set umask to 0 for mkdir executable bit. - */ - umask(0); - sendret.i = (*data->cmd)(data->data); - /* send back return value */ - writeleft = sizeof(sendret); - index = 0; - do { - writelen = write(data->retval_pipe, &sendret.c[index], - writeleft); - if (writelen < 0) { - perror("write"); - return EXIT_FAILURE; - } - writeleft -= writelen; - index += writelen; - } while (writeleft > 0); - return EXIT_SUCCESS; -} - -static -int run_as(int (*cmd)(void *data), void *data, uid_t uid, gid_t gid) -{ - struct run_as_data run_as_data; - int ret = 0; - int status; - pid_t pid; - int retval_pipe[2]; - ssize_t readlen, readleft, index; - void *child_stack; - union { - int i; - char c[sizeof(int)]; - } retval; - - /* - * If we are non-root, we can only deal with our own uid. - */ - if (geteuid() != 0) { - if (uid != geteuid()) { - ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)", - uid, geteuid()); - return -EPERM; - } - } - - ret = pipe(retval_pipe); - if (ret < 0) { - perror("pipe"); - goto end; - } - run_as_data.data = data; - run_as_data.cmd = cmd; - run_as_data.uid = uid; - run_as_data.gid = gid; - run_as_data.retval_pipe = retval_pipe[1]; /* write end */ - child_stack = mmap(NULL, CHILD_STACK_SIZE, - PROT_WRITE | PROT_READ, - MAP_PRIVATE | MAP_GROWSDOWN | MAP_ANONYMOUS | MAP_STACK, - -1, 0); - if (child_stack == MAP_FAILED) { - perror("mmap"); - ret = -ENOMEM; - goto close_pipe; - } - /* - * Pointing to the middle of the stack to support architectures - * where the stack grows up (HPPA). - */ - pid = clone(child_run_as, child_stack + (CHILD_STACK_SIZE / 2), - CLONE_FILES | SIGCHLD | CLONE_VM, - &run_as_data, NULL); - if (pid < 0) { - perror("clone"); - ret = pid; - goto unmap_stack; - } - /* receive return value */ - readleft = sizeof(retval); - index = 0; - do { - readlen = read(retval_pipe[0], &retval.c[index], readleft); - if (readlen < 0) { - perror("read"); - ret = -1; - break; - } - readleft -= readlen; - index += readlen; - } while (readleft > 0); - - /* - * Parent: wait for child to return, in which case the - * shared memory map will have been created. - */ - pid = waitpid(pid, &status, 0); - if (pid < 0 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) { - perror("wait"); - ret = -1; - } -unmap_stack: - ret = munmap(child_stack, CHILD_STACK_SIZE); - if (ret < 0) { - perror("munmap"); - } -close_pipe: - close(retval_pipe[0]); - close(retval_pipe[1]); -end: - return retval.i; -} - -int mkdir_recursive_run_as(const char *path, mode_t mode, uid_t uid, gid_t gid) -{ - struct mkdir_data data; - - DBG3("mkdir() recursive %s with mode %d for uid %d and gid %d", - path, mode, uid, gid); - data.path = path; - data.mode = mode; - return run_as(_mkdir_recursive, &data, uid, gid); -} - -int mkdir_run_as(const char *path, mode_t mode, uid_t uid, gid_t gid) -{ - struct mkdir_data data; - - DBG3("mkdir() %s with mode %d for uid %d and gid %d", - path, mode, uid, gid); - data.path = path; - data.mode = mode; - return run_as(_mkdir, &data, uid, gid); -} - -/* - * Note: open_run_as is currently not working. We'd need to pass the fd - * opened in the child to the parent. - */ -int open_run_as(const char *path, int flags, mode_t mode, uid_t uid, gid_t gid) -{ - struct open_data data; - - DBG3("open() %s with flags %X mode %d for uid %d and gid %d", - path, flags, mode, uid, gid); - data.path = path; - data.flags = flags; - data.mode = mode; - return run_as(_open, &data, uid, gid); -} diff --git a/lttng-consumerd/Makefile.am b/lttng-consumerd/Makefile.am index a808e3ca8..9e8d036da 100644 --- a/lttng-consumerd/Makefile.am +++ b/lttng-consumerd/Makefile.am @@ -8,7 +8,7 @@ lttng_consumerd_LDADD = \ $(top_builddir)/libkernelctl/libkernelctl.la \ $(top_builddir)/liblttng-consumer/liblttng-consumer.la \ $(top_builddir)/liblttng-sessiond-comm/liblttng-sessiond-comm.la \ - $(top_builddir)/librunas/librunas.la + $(top_builddir)/common/libcommon.la if HAVE_LIBLTTNG_UST_CTL lttng_consumerd_LDADD += -llttng-ust-ctl diff --git a/lttng-sessiond/Makefile.am b/lttng-sessiond/Makefile.am index 00a87f4c3..b853e260b 100644 --- a/lttng-sessiond/Makefile.am +++ b/lttng-sessiond/Makefile.am @@ -37,7 +37,6 @@ lttng_sessiond_LDADD = -lrt -lurcu-common -lurcu \ $(top_builddir)/liblttng-sessiond-comm/liblttng-sessiond-comm.la \ $(top_builddir)/libkernelctl/libkernelctl.la \ $(top_builddir)/liblttngctl/liblttngctl.la \ - $(top_builddir)/librunas/librunas.la \ $(top_builddir)/common/libcommon.la if HAVE_LIBLTTNG_UST_CTL diff --git a/tests/Makefile.am b/tests/Makefile.am index 21bcace75..d775644c5 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -13,7 +13,7 @@ LIBLTTNG=$(top_srcdir)/liblttngctl/lttngctl.c \ $(top_srcdir)/liblttng-sessiond-comm/lttng-sessiond-comm.c test_sessions_SOURCES = test_sessions.c $(UTILS) $(SESSIONS) -test_sessions_LDADD = $(top_builddir)/common/libcommon.la $(top_builddir)/librunas/librunas.la +test_sessions_LDADD = $(top_builddir)/common/libcommon.la test_kernel_data_trace_SOURCES = test_kernel_data_trace.c $(UTILS) $(KERN_DATA_TRACE)