// UID/GID Mapping
static int pakfire_jail_write_uidgid_mapping(struct pakfire_jail* jail,
- const char* path, uid_t mapped_id, size_t length) {
+ const char* path, const struct pakfire_subid* subid) {
int r = 1;
// Open file for writing
}
// Write configuration
- int bytes_written = fprintf(f, "%d %u %lu\n", 0, mapped_id, length);
+ int bytes_written = fprintf(f, "%d %u %lu\n", 0, subid->id, subid->length);
if (bytes_written <= 0) {
ERROR(jail->pakfire, "Could not write UID/GID mapping: %m\n");
goto ERROR;
return 0;
// Fetch SUBUID
- const struct pakfire_subuid* subuid = pakfire_subuid(jail->pakfire);
+ const struct pakfire_subid* subuid = pakfire_subuid(jail->pakfire);
if (!subuid)
return 1;
return 1;
DEBUG(jail->pakfire, "Mapping UID range (%u - %lu)\n",
- subuid->uid, subuid->uid + subuid->length);
+ subuid->id, subuid->id + subuid->length);
- return pakfire_jail_write_uidgid_mapping(jail, path, subuid->uid, subuid->length);
+ return pakfire_jail_write_uidgid_mapping(jail, path, subuid);
}
static int pakfire_jail_setup_gid_mapping(struct pakfire_jail* jail, pid_t pid) {
return 0;
// Fetch SUBGID
- const struct pakfire_subgid* subgid = pakfire_subgid(jail->pakfire);
+ const struct pakfire_subid* subgid = pakfire_subgid(jail->pakfire);
if (!subgid)
return 1;
return 1;
DEBUG(jail->pakfire, "Mapping GID range (%u - %lu)\n",
- subgid->gid, subgid->gid + subgid->length);
+ subgid->id, subgid->id + subgid->length);
- return pakfire_jail_write_uidgid_mapping(jail, path, subgid->gid, subgid->length);
+ return pakfire_jail_write_uidgid_mapping(jail, path, subgid);
}
static int pakfire_jail_setgroups(struct pakfire_jail* jail, pid_t pid) {
gid_t gid;
// Mapped UID/GID
- struct pakfire_subuid subuid;
- struct pakfire_subgid subgid;
+ struct pakfire_subid subuid;
+ struct pakfire_subid subgid;
// Pool
Pool* pool;
return (strcmp(pakfire->path, "/") == 0);
}
-const struct pakfire_subuid* pakfire_subuid(struct pakfire* pakfire) {
+const struct pakfire_subid* pakfire_subuid(struct pakfire* pakfire) {
return &pakfire->subuid;
}
-const struct pakfire_subgid* pakfire_subgid(struct pakfire* pakfire) {
+const struct pakfire_subid* pakfire_subgid(struct pakfire* pakfire) {
return &pakfire->subgid;
}
}
// Log
- DEBUG(p, " subuid = %u - %zu\n", p->subuid.uid, p->subuid.uid + p->subuid.length);
- DEBUG(p, " subgid = %u - %zu\n", p->subgid.gid, p->subgid.gid + p->subgid.length);
+ DEBUG(p, " subuid = %u - %zu\n", p->subuid.id, p->subuid.id + p->subuid.length);
+ DEBUG(p, " subgid = %u - %zu\n", p->subgid.id, p->subgid.id + p->subgid.length);
}
// Perform some safety checks
// SUBUID/SUBGID
-static struct pakfire_subuid __pakfire_subuid;
-static struct pakfire_subgid __pakfire_subgid;
-
-static struct pakfire_subuid* pakfire_fgetsubuid(struct pakfire* pakfire, FILE* f) {
+static struct pakfire_subid* pakfire_fgetsubid(struct pakfire* pakfire, FILE* f) {
+ static struct pakfire_subid subid;
int r;
char* line = NULL;
switch (i++) {
// First field has the name
case 0:
- pakfire_string_set(__pakfire_subuid.name, token);
+ pakfire_string_set(subid.name, token);
break;
- // Second field has the UID
+ // Second field has the ID
case 1:
- __pakfire_subuid.uid = strtoul(token, NULL, 10);
+ subid.id = strtoul(token, NULL, 10);
break;
// Third field has the length
case 2:
- __pakfire_subuid.length = strtoul(token, NULL, 10);
+ subid.length = strtoul(token, NULL, 10);
break;
}
}
// Check if length is greater than zero
- if (__pakfire_subuid.length == 0) {
+ if (subid.length == 0) {
DEBUG(pakfire, "Length equals zero: %s\n", line);
r = 1;
}
if (r)
return NULL;
- DEBUG(pakfire, "Parsed SUBUID entry: name=%s, subuid=%d, length=%zu\n",
- __pakfire_subuid.name, __pakfire_subuid.uid, __pakfire_subuid.length);
+ DEBUG(pakfire, "Parsed SUBID entry: name=%s, id=%d, length=%zu\n",
+ subid.name, subid.id, subid.length);
- return &__pakfire_subuid;
+ return &subid;
}
int pakfire_getsubuid(struct pakfire* pakfire, const uid_t uid,
- struct pakfire_subuid* subuid) {
- struct pakfire_subuid* entry = NULL;
+ struct pakfire_subid* subuid) {
+ struct pakfire_subid* entry = NULL;
int r = 1;
// Fetch information about the running user
// Walk through all entries
while (1) {
- entry = pakfire_fgetsubuid(pakfire, f);
+ entry = pakfire_fgetsubid(pakfire, f);
if (!entry)
break;
// Check for match
if (strcmp(entry->name, passwd->pw_name) == 0) {
- subuid->uid = entry->uid;
+ subuid->id = entry->id;
subuid->length = entry->length;
r = 0;
return r;
}
-static struct pakfire_subgid* pakfire_fgetsubgid(struct pakfire* pakfire, FILE* f) {
- int r;
-
- char* line = NULL;
- size_t length = 0;
- char* p = NULL;
-
- // Read the next line
- while (1) {
- r = getline(&line, &length, f);
- if (r < 0)
- goto ERROR;
-
- // Try reading the next line if this one was empty
- else if (r == 0)
- continue;
-
- // Fall through
- else
- break;
- }
-
- // Reset r
- r = 0;
-
- int i = 0;
-
- char* token = strtok_r(line, ":", &p);
- while (token) {
- switch (i++) {
- // First field has the name
- case 0:
- pakfire_string_set(__pakfire_subgid.name, token);
- break;
-
- // Second field has the GID
- case 1:
- __pakfire_subgid.gid = strtoul(token, NULL, 10);
- break;
-
- // Third field has the length
- case 2:
- __pakfire_subgid.length = strtoul(token, NULL, 10);
- break;
- }
-
- token = strtok_r(NULL, ":", &p);
- }
-
- // Check if length is greater than zero
- if (__pakfire_subgid.length == 0) {
- DEBUG(pakfire, "Length equals zero: %s\n", line);
- r = 1;
- }
-
-ERROR:
- if (line)
- free(line);
-
- if (r)
- return NULL;
-
- DEBUG(pakfire, "Parsed SUBGID entry: name=%s, subgid=%d, length=%zu\n",
- __pakfire_subgid.name, __pakfire_subgid.gid, __pakfire_subgid.length);
-
- return &__pakfire_subgid;
-}
-
int pakfire_getsubgid(struct pakfire* pakfire, const gid_t gid,
- struct pakfire_subgid* subgid) {
- struct pakfire_subgid* entry = NULL;
+ struct pakfire_subid* subgid) {
+ struct pakfire_subid* entry = NULL;
int r = 1;
// Fetch information about the running user
// Walk through all entries
while (1) {
- entry = pakfire_fgetsubgid(pakfire, f);
+ entry = pakfire_fgetsubid(pakfire, f);
if (!entry)
break;
// Check for match
if (strcmp(entry->name, group->gr_name) == 0) {
- subgid->gid = entry->gid;
+ subgid->id = entry->id;
subgid->length = entry->length;
r = 0;