src/patches/sysklogd-1.4.1-caen-owl-klogd-drop-root.diff

   1 diff -ur sysklogd-1.4.1.orig/klogd.8 sysklogd-1.4.1/klogd.8
   2 --- sysklogd-1.4.1.orig/klogd.8 Sun Mar 11 22:35:51 2001
   3 +++ sysklogd-1.4.1/klogd.8      Mon Oct  8 09:50:50 2001
   4 @@ -3,8 +3,9 @@
   5  .\" Sun Jul 30 01:35:55 MET: Martin Schulze: Updates
   6  .\" Sun Nov 19 23:22:21 MET: Martin Schulze: Updates
   7  .\" Mon Aug 19 09:42:08 CDT 1996: Dr. G.W. Wettstein: Updates
   8 +.\" Thu Feb 17 2000: Chris Wing: Unprivileged klogd feature
   9  .\"
  10 -.TH KLOGD 8 "21 August, 1999" "Version 1.4" "Linux System Administration"
  11 +.TH KLOGD 8 "8 October, 2001" "Version 1.4.1+CAEN/OW" "Linux System Administration"
  12  .SH NAME
  13  klogd \- Kernel Log Daemon
  14  .LP
  15 @@ -17,6 +18,12 @@
  16  .RB [ " \-f "
  17  .I fname
  18  ]
  19 +.RB [ " \-u "
  20 +.I username
  21 +]
  22 +.RB [ " \-j "
  23 +.I chroot_dir
  24 +]
  25  .RB [ " \-iI " ]
  26  .RB [ " \-n " ]
  27  .RB [ " \-o " ]
  28 @@ -45,6 +52,20 @@
  29  .TP
  30  .BI "\-f " file
  31  Log messages to the specified filename rather than to the syslog facility.
  32 +.TP
  33 +.BI "\-u " username
  34 +Tells klogd to become the specified user and drop root privileges before
  35 +starting logging.
  36 +.TP
  37 +.BI "\-j " chroot_dir
  38 +Tells klogd to
  39 +.BR chroot (2)
  40 +into this directory after initializing.
  41 +This option is only valid if the \-u option is also used to run klogd
  42 +without root privileges.
  43 +Note that the use of this option will prevent \-i and \-I from working
  44 +unless you set up the chroot directory in such a way that klogd can still
  45 +read the kernel module symbols.
  46  .TP
  47  .BI "\-i \-I"
  48  Signal the currently executing klogd daemon.  Both of these switches control
  49 diff -ur sysklogd-1.4.1.orig/klogd.c sysklogd-1.4.1/klogd.c
  50 --- sysklogd-1.4.1.orig/klogd.c Sun Mar 11 22:40:10 2001
  51 +++ sysklogd-1.4.1/klogd.c      Mon Oct  8 09:52:06 2001
  52 @@ -258,6 +258,8 @@
  53  #include <stdarg.h>
  54  #include <paths.h>
  55  #include <stdlib.h>
  56 +#include <pwd.h>
  57 +#include <grp.h>
  58  #include "klogd.h"
  59  #include "ksyms.h"
  60  #ifndef TESTING
  61 @@ -308,6 +310,9 @@
  62  int debugging = 0;
  63  int symbols_twice = 0;
  64
  65 +char *server_user = NULL;
  66 +char *chroot_dir = NULL;
  67 +int log_flags = 0;
  68
  69  /* Function prototypes. */
  70  extern int ksyslog(int type, char *buf, int len);
  71 @@ -528,8 +533,9 @@
  72          * First do a stat to determine whether or not the proc based
  73          * file system is available to get kernel messages from.
  74          */
  75 -       if ( use_syscall ||
  76 -           ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT)) )
  77 +       if (!server_user &&
  78 +           (use_syscall ||
  79 +           ((stat(_PATH_KLOG, &sb) < 0) && (errno == ENOENT))))
  80         {
  81                 /* Initialize kernel logging. */
  82                 ksyslog(1, NULL, 0);
  83 @@ -977,6 +983,27 @@
  84  }
  85
  86
  87 +static int drop_root(void)
  88 +{
  89 +       struct passwd *pw;
  90 +
  91 +       if (!(pw = getpwnam(server_user))) return -1;
  92 +
  93 +       if (!pw->pw_uid) return -1;
  94 +
  95 +       if (chroot_dir) {
  96 +               if (chroot(chroot_dir)) return -1;
  97 +               if (chdir("/")) return -1;
  98 +       }
  99 +
 100 +       if (setgroups(0, NULL)) return -1;
 101 +       if (setgid(pw->pw_gid)) return -1;
 102 +       if (setuid(pw->pw_uid)) return -1;
 103 +
 104 +       return 0;
 105 +}
 106 +
 107 +
 108  int main(argc, argv)
 109
 110         int argc;
 111 @@ -994,7 +1021,7 @@
 112         chdir ("/");
 113  #endif
 114         /* Parse the command-line. */
 115 -       while ((ch = getopt(argc, argv, "c:df:iIk:nopsvx2")) != EOF)
 116 +       while ((ch = getopt(argc, argv, "c:df:u:j:iIk:nopsvx2")) != EOF)
 117                 switch((char)ch)
 118                 {
 119                     case '2':           /* Print lines with symbols twice. */
 120 @@ -1016,6 +1043,10 @@
 121                     case 'I':
 122                         SignalDaemon(SIGUSR2);
 123                         return(0);
 124 +                   case 'j':           /* chroot 'j'ail */
 125 +                       chroot_dir = optarg;
 126 +                       log_flags |= LOG_NDELAY;
 127 +                       break;
 128                     case 'k':           /* Kernel symbol file. */
 129                         symfile = optarg;
 130                         break;
 131 @@ -1031,6 +1062,9 @@
 132                     case 's':           /* Use syscall interface. */
 133                         use_syscall = 1;
 134                         break;
 135 +                   case 'u':           /* Run as this user */
 136 +                       server_user = optarg;
 137 +                       break;
 138                     case 'v':
 139                         printf("klogd %s.%s\n", VERSION, PATCHLEVEL);
 140                         exit (1);
 141 @@ -1039,6 +1073,10 @@
 142                         break;
 143                 }
 144
 145 +       if (chroot_dir && !server_user) {
 146 +               fputs("'-j' is only valid with '-u'", stderr);
 147 +               exit(1);
 148 +       }
 149
 150         /* Set console logging level. */
 151         if ( log_level != (char *) 0 )
 152 @@ -1136,7 +1174,7 @@
 153                 }
 154         }
 155         else
 156 -               openlog("kernel", 0, LOG_KERN);
 157 +               openlog("kernel", log_flags, LOG_KERN);
 158
 159
 160         /* Handle one-shot logging. */
 161 @@ -1161,4 +1199,9 @@
 162                 }
 163         }
 164 +
 165 +       if (server_user && drop_root()) {
 166 +               syslog(LOG_ALERT, "klogd: failed to drop root");
 167 +               Terminate();
 168 +       }
 169
 170          /* The main loop. */