login/programs/pt_chown.c

   1 /* pt_chmod - helper program for `grantpt'.
   2    Copyright (C) 1998-2019 Free Software Foundation, Inc.
   3    This file is part of the GNU C Library.
   4    Contributed by C. Scott Ananian <cananian@alumni.princeton.edu>, 1998.
   5
   6    The GNU C Library is free software; you can redistribute it and/or
   7    modify it under the terms of the GNU Lesser General Public
   8    License as published by the Free Software Foundation; either
   9    version 2.1 of the License, or (at your option) any later version.
  10
  11    The GNU C Library is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14    Lesser General Public License for more details.
  15
  16    You should have received a copy of the GNU Lesser General Public
  17    License along with the GNU C Library; if not, see
  18    <https://www.gnu.org/licenses/>.  */
  19
  20 #include <argp.h>
  21 #include <errno.h>
  22 #include <error.h>
  23 #include <grp.h>
  24 #include <libintl.h>
  25 #include <locale.h>
  26 #include <signal.h>
  27 #include <stdio.h>
  28 #include <stdlib.h>
  29 #include <string.h>
  30 #include <sys/stat.h>
  31 #include <unistd.h>
  32 #ifdef HAVE_LIBCAP
  33 # include <sys/capability.h>
  34 # include <sys/prctl.h>
  35 #endif
  36
  37 #include "pty-private.h"
  38
  39 /* Get libc version number.  */
  40 #include "../version.h"
  41
  42 #define PACKAGE _libc_intl_domainname
  43
  44 /* Name and version of program.  */
  45 static void print_version (FILE *stream, struct argp_state *state);
  46 void (*argp_program_version_hook) (FILE *, struct argp_state *) = print_version;
  47
  48 /* Function to print some extra text in the help message.  */
  49 static char *more_help (int key, const char *text, void *input);
  50
  51 /* Data structure to communicate with argp functions.  */
  52 static struct argp argp =
  53 {
  54   NULL, NULL, NULL, NULL, NULL, more_help
  55 };
  56
  57
  58 /* Print the version information.  */
  59 static void
  60 print_version (FILE *stream, struct argp_state *state)
  61 {
  62   fprintf (stream, "pt_chown %s%s\n", PKGVERSION, VERSION);
  63   fprintf (stream, gettext ("\
  64 Copyright (C) %s Free Software Foundation, Inc.\n\
  65 This is free software; see the source for copying conditions.  There is NO\n\
  66 warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\
  67 "), "2019");
  68 }
  69
  70 static char *
  71 more_help (int key, const char *text, void *input)
  72 {
  73   char *cp;
  74   char *tp;
  75
  76   switch (key)
  77     {
  78     case ARGP_KEY_HELP_PRE_DOC:
  79       asprintf (&cp, gettext ("\
  80 Set the owner, group and access permission of the slave pseudo\
  81  terminal corresponding to the master pseudo terminal passed on\
  82  file descriptor `%d'.  This is the helper program for the\
  83  `grantpt' function.  It is not intended to be run directly from\
  84  the command line.\n"),
  85                 PTY_FILENO);
  86       return cp;
  87     case ARGP_KEY_HELP_EXTRA:
  88       /* We print some extra information.  */
  89       if (asprintf (&tp, gettext ("\
  90 For bug reporting instructions, please see:\n\
  91 %s.\n"), REPORT_BUGS_TO) < 0)
  92         return NULL;
  93       if (asprintf (&cp, gettext ("\
  94 The owner is set to the current user, the group is set to `%s',\
  95  and the access permission is set to `%o'.\n\n\
  96 %s"),
  97                     TTY_GROUP, S_IRUSR|S_IWUSR|S_IWGRP, tp) < 0)
  98         {
  99           free (tp);
 100           return NULL;
 101         }
 102       return cp;
 103     default:
 104       break;
 105     }
 106   return (char *) text;
 107 }
 108
 109 static int
 110 do_pt_chown (void)
 111 {
 112   char *pty;
 113   struct stat64 st;
 114   struct group *p;
 115   gid_t gid;
 116
 117   /* Check that PTY_FILENO is a valid master pseudo terminal.  */
 118   pty = ptsname (PTY_FILENO);
 119   if (pty == NULL)
 120     return errno == EBADF ? FAIL_EBADF : FAIL_EINVAL;
 121
 122   /* Check that the returned slave pseudo terminal is a
 123      character device.  */
 124   if (stat64 (pty, &st) < 0 || !S_ISCHR (st.st_mode))
 125     return FAIL_EINVAL;
 126
 127   /* Get the group ID of the special `tty' group.  */
 128   p = getgrnam (TTY_GROUP);
 129   gid = p ? p->gr_gid : getgid ();
 130
 131   /* Set the owner to the real user ID, and the group to that special
 132      group ID.  */
 133   if (chown (pty, getuid (), gid) < 0)
 134     return FAIL_EACCES;
 135
 136   /* Set the permission mode to readable and writable by the owner,
 137      and writable by the group.  */
 138   if ((st.st_mode & ACCESSPERMS) != (S_IRUSR|S_IWUSR|S_IWGRP)
 139       && chmod (pty, S_IRUSR|S_IWUSR|S_IWGRP) < 0)
 140     return FAIL_EACCES;
 141
 142   return 0;
 143 }
 144
 145
 146 int
 147 main (int argc, char *argv[])
 148 {
 149   uid_t euid = geteuid ();
 150   uid_t uid = getuid ();
 151   int remaining;
 152   sigset_t signalset;
 153
 154   /* Clear any signal mask from the parent process.  */
 155   sigemptyset (&signalset);
 156   sigprocmask (SIG_SETMASK, &signalset, NULL);
 157
 158   if (argc == 1 && euid == 0)
 159     {
 160 #ifdef HAVE_LIBCAP
 161   /* Drop privileges.  */
 162       if (uid != euid)
 163         {
 164           static const cap_value_t cap_list[] =
 165             { CAP_CHOWN, CAP_FOWNER     };
 166 # define ncap_list (sizeof (cap_list) / sizeof (cap_list[0]))
 167           cap_t caps = cap_init ();
 168           if (caps == NULL)
 169             return FAIL_ENOMEM;
 170
 171           /* There is no reason why these should not work.  */
 172           cap_set_flag (caps, CAP_PERMITTED, ncap_list, cap_list, CAP_SET);
 173           cap_set_flag (caps, CAP_EFFECTIVE, ncap_list, cap_list, CAP_SET);
 174
 175           int res = cap_set_proc (caps);
 176
 177           cap_free (caps);
 178
 179           if (__glibc_unlikely (res != 0))
 180             return FAIL_EXEC;
 181         }
 182 #endif
 183
 184       /* Normal invocation of this program is with no arguments and
 185          with privileges.  */
 186       return do_pt_chown ();
 187     }
 188
 189   /* We aren't going to be using privileges, so drop them right now. */
 190   setuid (uid);
 191
 192   /* Set locale via LC_ALL.  */
 193   setlocale (LC_ALL, "");
 194
 195   /* Set the text message domain.  */
 196   textdomain (PACKAGE);
 197
 198   /* parse and process arguments.  */
 199   argp_parse (&argp, argc, argv, 0, &remaining, NULL);
 200
 201   if (remaining < argc)
 202     {
 203       /* We should not be called with any non-option parameters.  */
 204       error (0, 0, gettext ("too many arguments"));
 205       argp_help (&argp, stdout, ARGP_HELP_SEE | ARGP_HELP_EXIT_ERR,
 206                  program_invocation_short_name);
 207       return EXIT_FAILURE;
 208     }
 209
 210   /* Check if we are properly installed.  */
 211   if (euid != 0)
 212     error (FAIL_EXEC, 0, gettext ("needs to be installed setuid `root'"));
 213
 214   return EXIT_SUCCESS;
 215 }