]>
Commit | Line | Data |
---|---|---|
ee645080 LP |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright 2015 Lennart Poettering | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
7 | under the terms of the GNU Lesser General Public License as published by | |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
9 | (at your option) any later version. | |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | Lesser General Public License for more details. | |
15 | ||
16 | You should have received a copy of the GNU Lesser General Public License | |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
18 | ***/ | |
19 | ||
07630cea | 20 | #include <grp.h> |
ee645080 LP |
21 | #include <sys/types.h> |
22 | #include <unistd.h> | |
ee645080 | 23 | |
b5efdb8a | 24 | #include "alloc-util.h" |
3ffd4af2 | 25 | #include "fd-util.h" |
ee645080 | 26 | #include "mkdir.h" |
3ffd4af2 | 27 | #include "nspawn-setuid.h" |
ee645080 | 28 | #include "process-util.h" |
07630cea LP |
29 | #include "signal-util.h" |
30 | #include "string-util.h" | |
b1d4f8e1 | 31 | #include "user-util.h" |
07630cea | 32 | #include "util.h" |
ee645080 LP |
33 | |
34 | static int spawn_getent(const char *database, const char *key, pid_t *rpid) { | |
35 | int pipe_fds[2]; | |
36 | pid_t pid; | |
37 | ||
38 | assert(database); | |
39 | assert(key); | |
40 | assert(rpid); | |
41 | ||
42 | if (pipe2(pipe_fds, O_CLOEXEC) < 0) | |
43 | return log_error_errno(errno, "Failed to allocate pipe: %m"); | |
44 | ||
45 | pid = fork(); | |
46 | if (pid < 0) | |
47 | return log_error_errno(errno, "Failed to fork getent child: %m"); | |
48 | else if (pid == 0) { | |
49 | int nullfd; | |
50 | char *empty_env = NULL; | |
51 | ||
52 | if (dup3(pipe_fds[1], STDOUT_FILENO, 0) < 0) | |
53 | _exit(EXIT_FAILURE); | |
54 | ||
55 | if (pipe_fds[0] > 2) | |
56 | safe_close(pipe_fds[0]); | |
57 | if (pipe_fds[1] > 2) | |
58 | safe_close(pipe_fds[1]); | |
59 | ||
60 | nullfd = open("/dev/null", O_RDWR); | |
61 | if (nullfd < 0) | |
62 | _exit(EXIT_FAILURE); | |
63 | ||
64 | if (dup3(nullfd, STDIN_FILENO, 0) < 0) | |
65 | _exit(EXIT_FAILURE); | |
66 | ||
67 | if (dup3(nullfd, STDERR_FILENO, 0) < 0) | |
68 | _exit(EXIT_FAILURE); | |
69 | ||
70 | if (nullfd > 2) | |
71 | safe_close(nullfd); | |
72 | ||
73 | (void) reset_all_signal_handlers(); | |
74 | (void) reset_signal_mask(); | |
75 | close_all_fds(NULL, 0); | |
76 | ||
77 | execle("/usr/bin/getent", "getent", database, key, NULL, &empty_env); | |
78 | execle("/bin/getent", "getent", database, key, NULL, &empty_env); | |
79 | _exit(EXIT_FAILURE); | |
80 | } | |
81 | ||
82 | pipe_fds[1] = safe_close(pipe_fds[1]); | |
83 | ||
84 | *rpid = pid; | |
85 | ||
86 | return pipe_fds[0]; | |
87 | } | |
88 | ||
89 | int change_uid_gid(const char *user, char **_home) { | |
90 | char line[LINE_MAX], *x, *u, *g, *h; | |
91 | const char *word, *state; | |
92 | _cleanup_free_ uid_t *uids = NULL; | |
93 | _cleanup_free_ char *home = NULL; | |
94 | _cleanup_fclose_ FILE *f = NULL; | |
95 | _cleanup_close_ int fd = -1; | |
96 | unsigned n_uids = 0; | |
97 | size_t sz = 0, l; | |
98 | uid_t uid; | |
99 | gid_t gid; | |
100 | pid_t pid; | |
101 | int r; | |
102 | ||
103 | assert(_home); | |
104 | ||
105 | if (!user || streq(user, "root") || streq(user, "0")) { | |
106 | /* Reset everything fully to 0, just in case */ | |
107 | ||
108 | r = reset_uid_gid(); | |
109 | if (r < 0) | |
110 | return log_error_errno(r, "Failed to become root: %m"); | |
111 | ||
112 | *_home = NULL; | |
113 | return 0; | |
114 | } | |
115 | ||
116 | /* First, get user credentials */ | |
117 | fd = spawn_getent("passwd", user, &pid); | |
118 | if (fd < 0) | |
119 | return fd; | |
120 | ||
121 | f = fdopen(fd, "r"); | |
122 | if (!f) | |
123 | return log_oom(); | |
124 | fd = -1; | |
125 | ||
126 | if (!fgets(line, sizeof(line), f)) { | |
ee645080 LP |
127 | if (!ferror(f)) { |
128 | log_error("Failed to resolve user %s.", user); | |
129 | return -ESRCH; | |
130 | } | |
131 | ||
d710aaf7 | 132 | return log_error_errno(errno, "Failed to read from getent: %m"); |
ee645080 LP |
133 | } |
134 | ||
135 | truncate_nl(line); | |
136 | ||
137 | wait_for_terminate_and_warn("getent passwd", pid, true); | |
138 | ||
139 | x = strchr(line, ':'); | |
140 | if (!x) { | |
141 | log_error("/etc/passwd entry has invalid user field."); | |
142 | return -EIO; | |
143 | } | |
144 | ||
145 | u = strchr(x+1, ':'); | |
146 | if (!u) { | |
147 | log_error("/etc/passwd entry has invalid password field."); | |
148 | return -EIO; | |
149 | } | |
150 | ||
151 | u++; | |
152 | g = strchr(u, ':'); | |
153 | if (!g) { | |
154 | log_error("/etc/passwd entry has invalid UID field."); | |
155 | return -EIO; | |
156 | } | |
157 | ||
158 | *g = 0; | |
159 | g++; | |
160 | x = strchr(g, ':'); | |
161 | if (!x) { | |
162 | log_error("/etc/passwd entry has invalid GID field."); | |
163 | return -EIO; | |
164 | } | |
165 | ||
166 | *x = 0; | |
167 | h = strchr(x+1, ':'); | |
168 | if (!h) { | |
169 | log_error("/etc/passwd entry has invalid GECOS field."); | |
170 | return -EIO; | |
171 | } | |
172 | ||
173 | h++; | |
174 | x = strchr(h, ':'); | |
175 | if (!x) { | |
176 | log_error("/etc/passwd entry has invalid home directory field."); | |
177 | return -EIO; | |
178 | } | |
179 | ||
180 | *x = 0; | |
181 | ||
182 | r = parse_uid(u, &uid); | |
183 | if (r < 0) { | |
184 | log_error("Failed to parse UID of user."); | |
185 | return -EIO; | |
186 | } | |
187 | ||
188 | r = parse_gid(g, &gid); | |
189 | if (r < 0) { | |
190 | log_error("Failed to parse GID of user."); | |
191 | return -EIO; | |
192 | } | |
193 | ||
194 | home = strdup(h); | |
195 | if (!home) | |
196 | return log_oom(); | |
197 | ||
198 | /* Second, get group memberships */ | |
199 | fd = spawn_getent("initgroups", user, &pid); | |
200 | if (fd < 0) | |
201 | return fd; | |
202 | ||
203 | fclose(f); | |
204 | f = fdopen(fd, "r"); | |
205 | if (!f) | |
206 | return log_oom(); | |
207 | fd = -1; | |
208 | ||
209 | if (!fgets(line, sizeof(line), f)) { | |
210 | if (!ferror(f)) { | |
211 | log_error("Failed to resolve user %s.", user); | |
212 | return -ESRCH; | |
213 | } | |
214 | ||
d710aaf7 | 215 | return log_error_errno(errno, "Failed to read from getent: %m"); |
ee645080 LP |
216 | } |
217 | ||
218 | truncate_nl(line); | |
219 | ||
220 | wait_for_terminate_and_warn("getent initgroups", pid, true); | |
221 | ||
222 | /* Skip over the username and subsequent separator whitespace */ | |
223 | x = line; | |
224 | x += strcspn(x, WHITESPACE); | |
225 | x += strspn(x, WHITESPACE); | |
226 | ||
227 | FOREACH_WORD(word, l, x, state) { | |
228 | char c[l+1]; | |
229 | ||
230 | memcpy(c, word, l); | |
231 | c[l] = 0; | |
232 | ||
233 | if (!GREEDY_REALLOC(uids, sz, n_uids+1)) | |
234 | return log_oom(); | |
235 | ||
236 | r = parse_uid(c, &uids[n_uids++]); | |
237 | if (r < 0) { | |
238 | log_error("Failed to parse group data from getent."); | |
239 | return -EIO; | |
240 | } | |
241 | } | |
242 | ||
243 | r = mkdir_parents(home, 0775); | |
244 | if (r < 0) | |
245 | return log_error_errno(r, "Failed to make home root directory: %m"); | |
246 | ||
247 | r = mkdir_safe(home, 0755, uid, gid); | |
248 | if (r < 0 && r != -EEXIST) | |
249 | return log_error_errno(r, "Failed to make home directory: %m"); | |
250 | ||
251 | (void) fchown(STDIN_FILENO, uid, gid); | |
252 | (void) fchown(STDOUT_FILENO, uid, gid); | |
253 | (void) fchown(STDERR_FILENO, uid, gid); | |
254 | ||
255 | if (setgroups(n_uids, uids) < 0) | |
256 | return log_error_errno(errno, "Failed to set auxiliary groups: %m"); | |
257 | ||
258 | if (setresgid(gid, gid, gid) < 0) | |
d2b8497d | 259 | return log_error_errno(errno, "setresgid() failed: %m"); |
ee645080 LP |
260 | |
261 | if (setresuid(uid, uid, uid) < 0) | |
d2b8497d | 262 | return log_error_errno(errno, "setresuid() failed: %m"); |
ee645080 LP |
263 | |
264 | if (_home) { | |
265 | *_home = home; | |
266 | home = NULL; | |
267 | } | |
268 | ||
269 | return 0; | |
270 | } |