From d45cb127aac2929184dce83f03627dc44e3f5b16 Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Tue, 19 Dec 2023 12:52:13 +0000 Subject: [PATCH] jail: Only connect the current terminal if requested Signed-off-by: Michael Tremer --- src/libpakfire/jail.c | 88 +++++++++++++++++++++++++------------------ 1 file changed, 51 insertions(+), 37 deletions(-) diff --git a/src/libpakfire/jail.c b/src/libpakfire/jail.c index a14899584..83e7af91b 100644 --- a/src/libpakfire/jail.c +++ b/src/libpakfire/jail.c @@ -676,6 +676,10 @@ static int pakfire_jail_drain_buffer(struct pakfire_jail* jail, int fd, struct p if (!buffer->used) return 0; + // Do not try to write to an invalid file descriptor + if (fd < 0) + return 0; + // Drain the buffer r = write(fd, buffer->data, buffer->used); @@ -926,6 +930,10 @@ static int pakfire_jail_enable_raw_mode(struct pakfire_jail* jail, struct termios raw_attrs; int r; + // Skip if we don't know the file descriptor + if (stdio->fd < 0) + return 0; + // Skip everything if fd is not a TTY if (!isatty(stdio->fd)) return 0; @@ -978,6 +986,10 @@ static int pakfire_jail_restore_attrs(struct pakfire_jail* jail, const struct pakfire_jail_pty_stdio* stdio) { int r; + // Skip if we don't know the file descriptor + if (stdio->fd < 0) + return 0; + // Skip everything if fd is not a TTY if (!isatty(stdio->fd)) return 0; @@ -1011,50 +1023,52 @@ static int pakfire_jail_setup_pty_forwarding(struct pakfire_jail* jail, // Store the file descriptor ctx->pty.master.fd = fd; - // Configure stdin/stdout - ctx->pty.stdin.fd = STDIN_FILENO; - ctx->pty.stdout.fd = STDOUT_FILENO; + // Add the master to the event loop + r = pakfire_jail_epoll_add_fd(jail, epollfd, ctx->pty.master.fd, EPOLLIN|EPOLLOUT|EPOLLET); + if (r) + return r; - // Fetch dimensions - if (isatty(ctx->pty.stdout.fd)) { - r = ioctl(ctx->pty.stdout.fd, TIOCGWINSZ, &size); - if (r) { - CTX_ERROR(jail->ctx, "Failed to determine terminal dimensions: %s\n", strerror(errno)); - return -errno; - } + if (ctx->flags & PAKFIRE_JAIL_PTY_FORWARDING) { + // Configure stdin/stdout + ctx->pty.stdin.fd = STDIN_FILENO; + ctx->pty.stdout.fd = STDOUT_FILENO; - // Set dimensions - r = ioctl(ctx->pty.master.fd, TIOCSWINSZ, &size); - if (r) { - CTX_ERROR(jail->ctx, "Failed setting dimensions: %s\n", strerror(errno)); - return -errno; - } - } + // Fetch dimensions + if (isatty(ctx->pty.stdout.fd)) { + r = ioctl(ctx->pty.stdout.fd, TIOCGWINSZ, &size); + if (r) { + CTX_ERROR(jail->ctx, "Failed to determine terminal dimensions: %s\n", strerror(errno)); + return -errno; + } - // Enable RAW mode on standard input - r = pakfire_jail_enable_raw_mode(jail, &ctx->pty.stdin); - if (r) - return r; + // Set dimensions + r = ioctl(ctx->pty.master.fd, TIOCSWINSZ, &size); + if (r) { + CTX_ERROR(jail->ctx, "Failed setting dimensions: %s\n", strerror(errno)); + return -errno; + } + } - // Enable RAW mode on standard output - r = pakfire_jail_enable_raw_mode(jail, &ctx->pty.stdout); - if (r) - return r; + // Enable RAW mode on standard input + r = pakfire_jail_enable_raw_mode(jail, &ctx->pty.stdin); + if (r) + return r; - // Add the master to the event loop - r = pakfire_jail_epoll_add_fd(jail, epollfd, ctx->pty.master.fd, EPOLLIN|EPOLLOUT|EPOLLET); - if (r) - return r; + // Enable RAW mode on standard output + r = pakfire_jail_enable_raw_mode(jail, &ctx->pty.stdout); + if (r) + return r; - // Add standard input to the event loop - r = pakfire_jail_epoll_add_fd(jail, epollfd, ctx->pty.stdin.fd, EPOLLIN|EPOLLET); - if (r) - return r; + // Add standard input to the event loop + r = pakfire_jail_epoll_add_fd(jail, epollfd, ctx->pty.stdin.fd, EPOLLIN|EPOLLET); + if (r) + return r; - // Add standard output to the event loop - r = pakfire_jail_epoll_add_fd(jail, epollfd, ctx->pty.stdout.fd, EPOLLOUT|EPOLLET); - if (r) - return r; + // Add standard output to the event loop + r = pakfire_jail_epoll_add_fd(jail, epollfd, ctx->pty.stdout.fd, EPOLLOUT|EPOLLET); + if (r) + return r; + } return 0; } -- 2.47.2