sys: specify process context for dropping root

Similarly to enabling the syscall filter, specify what kind of chronyd
process is dropping the root privileges.

diff --git a/main.c b/main.c
index e8bf1220d5f25a054a3af52891ceed3535f441b7..b2149b1eea32a745f57365888b1b6d2151f7e885 100644 (file)
--- a/main.c
+++ b/main.c
@@ -625,7 +625,7 @@ int main
 
   /* Drop root privileges if the specified user has a non-zero UID */
   if (!geteuid() && (pw->pw_uid || pw->pw_gid))
-    SYS_DropRoot(pw->pw_uid, pw->pw_gid);
+    SYS_DropRoot(pw->pw_uid, pw->pw_gid, SYS_MAIN_PROCESS);
 
   REF_Initialise();
   SST_Initialise();

diff --git a/nts_ke_server.c b/nts_ke_server.c
index 2483d4be567469be5427f62e96621a3e6ffa15a7..32b3cdb69cf9e8a437b56ff880b7820853d7fc5e 100644 (file)
--- a/nts_ke_server.c
+++ b/nts_ke_server.c
@@ -646,7 +646,7 @@ run_helper(uid_t uid, gid_t gid, int scfilter_level)
   LOG_SetMinSeverity(log_severity);
 
   if (!geteuid() && (uid || gid))
-    SYS_DropRoot(uid, gid);
+    SYS_DropRoot(uid, gid, SYS_NTSKE_HELPER);
 
   NKS_Initialise();
 

diff --git a/sys.c b/sys.c
index 2088c09eda98048032754b218a08dcac8b9797d2..6359c33a16051dd14bcf2c98fbc28f15c0b71d26 100644 (file)
--- a/sys.c
+++ b/sys.c
@@ -97,16 +97,16 @@ SYS_Finalise(void)
 
 /* ================================================== */
 
-void SYS_DropRoot(uid_t uid, gid_t gid)
+void SYS_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
 #if defined(LINUX) && defined (FEAT_PRIVDROP)
-  SYS_Linux_DropRoot(uid, gid, !null_driver);
+  SYS_Linux_DropRoot(uid, gid, context, !null_driver);
 #elif defined(SOLARIS) && defined(FEAT_PRIVDROP)
-  SYS_Solaris_DropRoot(uid, gid);
+  SYS_Solaris_DropRoot(uid, gid, context);
 #elif (defined(NETBSD) || defined(FREEBSD)) && defined(FEAT_PRIVDROP)
-  SYS_NetBSD_DropRoot(uid, gid);
+  SYS_NetBSD_DropRoot(uid, gid, context);
 #elif defined(MACOSX) && defined(FEAT_PRIVDROP)
-  SYS_MacOSX_DropRoot(uid, gid);
+  SYS_MacOSX_DropRoot(uid, gid, context);
 #else
   LOG_FATAL("dropping root privileges not supported");
 #endif
@@ -114,7 +114,7 @@ void SYS_DropRoot(uid_t uid, gid_t gid)
 
 /* ================================================== */
 
-void SYS_EnableSystemCallFilter(int level, SYS_SystemCallContext context)
+void SYS_EnableSystemCallFilter(int level, SYS_ProcessContext context)
 {
 #if defined(LINUX) && defined(FEAT_SCFILTER)
   SYS_Linux_EnableSystemCallFilter(level, context);

diff --git a/sys.h b/sys.h
index 6c3f8f8bb583b485dd02e2fa43f39b5aa0a917d9..9272dafb06adf7631424b3af3b4f2c7030ad6c90 100644 (file)
--- a/sys.h
+++ b/sys.h
@@ -35,17 +35,17 @@ extern void SYS_Initialise(int clock_control);
 /* Called at the end of the run to do final clean-up */
 extern void SYS_Finalise(void);
 
-/* Drop root privileges to the specified user and group */
-extern void SYS_DropRoot(uid_t uid, gid_t gid);
-
 typedef enum {
   SYS_MAIN_PROCESS,
   SYS_NTSKE_HELPER,
-} SYS_SystemCallContext;
+} SYS_ProcessContext;
+
+/* Switch to the specified user and group in given context */
+extern void SYS_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context);
 
 /* Enable a system call filter to allow only system calls
    which chronyd normally needs after initialization */
-extern void SYS_EnableSystemCallFilter(int level, SYS_SystemCallContext context);
+extern void SYS_EnableSystemCallFilter(int level, SYS_ProcessContext context);
 
 extern void SYS_SetScheduler(int SchedPriority);
 extern void SYS_LockMemory(void);

diff --git a/sys_linux.c b/sys_linux.c
index 456a33267341a493177bb90e488a361c7a5f2e3f..2f7fa9fe7ae33fc01af928a040b92f36edb5c9b2 100644 (file)
--- a/sys_linux.c
+++ b/sys_linux.c
@@ -426,7 +426,7 @@ SYS_Linux_Finalise(void)
 
 #ifdef FEAT_PRIVDROP
 void
-SYS_Linux_DropRoot(uid_t uid, gid_t gid, int clock_control)
+SYS_Linux_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_control)
 {
   char cap_text[256];
   cap_t cap;
@@ -480,7 +480,7 @@ void check_seccomp_applicability(void)
 /* ================================================== */
 
 void
-SYS_Linux_EnableSystemCallFilter(int level, SYS_SystemCallContext context)
+SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context)
 {
   const int syscalls[] = {
     /* Clock */

diff --git a/sys_linux.h b/sys_linux.h
index 799049d56dabb3c11d7ec307f198313169ead6d5..b09ec31651bc7347721f33fb8f463368dac7557e 100644 (file)
--- a/sys_linux.h
+++ b/sys_linux.h
@@ -33,9 +33,9 @@ extern void SYS_Linux_Initialise(void);
 
 extern void SYS_Linux_Finalise(void);
 
-extern void SYS_Linux_DropRoot(uid_t uid, gid_t gid, int clock_control);
+extern void SYS_Linux_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context, int clock_control);
 
-extern void SYS_Linux_EnableSystemCallFilter(int level, SYS_SystemCallContext context);
+extern void SYS_Linux_EnableSystemCallFilter(int level, SYS_ProcessContext context);
 
 extern int SYS_Linux_CheckKernelVersion(int req_major, int req_minor);
 

diff --git a/sys_macosx.c b/sys_macosx.c
index 68f36ef04ea8dffd81cbe6085c0747749d2665f0..eb7297d64a73cfbeb5d50cb1397fa28491a4c0c8 100644 (file)
--- a/sys_macosx.c
+++ b/sys_macosx.c
@@ -415,7 +415,7 @@ SYS_MacOSX_SetScheduler(int SchedPriority)
 /* ================================================== */
 
 #ifdef FEAT_PRIVDROP
-void SYS_MacOSX_DropRoot(uid_t uid, gid_t gid)
+void SYS_MacOSX_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
   PRV_StartHelper();
 

diff --git a/sys_macosx.h b/sys_macosx.h
index 55556161d768381983e3bcc8c5ba4bcfff6abe64..09f0beba77a30fec6db583da66f1a693b0ad8148 100644 (file)
--- a/sys_macosx.h
+++ b/sys_macosx.h
@@ -30,8 +30,10 @@
 #ifndef GOT_SYS_MACOSX_H
 #define GOT_SYS_MACOSX_H
 
+#include "sys.h"
+
 void SYS_MacOSX_SetScheduler(int SchedPriority);
-void SYS_MacOSX_DropRoot(uid_t uid, gid_t gid);
+void SYS_MacOSX_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context);
 void SYS_MacOSX_Initialise(void);
 void SYS_MacOSX_Finalise(void);
 

diff --git a/sys_netbsd.c b/sys_netbsd.c
index 840d6a54f20f45e26ac3eb0b45f0598fe36136af..350f569926067f0e3130c8367fc932640a1eb56e 100644 (file)
--- a/sys_netbsd.c
+++ b/sys_netbsd.c
@@ -131,7 +131,7 @@ SYS_NetBSD_Finalise(void)
 
 #ifdef FEAT_PRIVDROP
 void
-SYS_NetBSD_DropRoot(uid_t uid, gid_t gid)
+SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
 #ifdef NETBSD
   int fd;

diff --git a/sys_netbsd.h b/sys_netbsd.h
index 052f5b7854e76131002230c151d9a3f381937806..756bc8a0add22fa742731d29ce894038d0eb0c02 100644 (file)
--- a/sys_netbsd.h
+++ b/sys_netbsd.h
@@ -28,10 +28,12 @@
 #ifndef GOT_SYS_NETBSD_H
 #define GOT_SYS_NETBSD_H
 
+#include "sys.h"
+
 void SYS_NetBSD_Initialise(void);
 
 void SYS_NetBSD_Finalise(void);
 
-void SYS_NetBSD_DropRoot(uid_t uid, gid_t gid);
+void SYS_NetBSD_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context);
 
 #endif

diff --git a/sys_solaris.c b/sys_solaris.c
index 21197b932351d902970720805b29b39a671ea641..9585100e1c2ff47524a734ad0541bafacc08c4c8 100644 (file)
--- a/sys_solaris.c
+++ b/sys_solaris.c
@@ -55,7 +55,7 @@ SYS_Solaris_Finalise(void)
 
 #ifdef FEAT_PRIVDROP
 void
-SYS_Solaris_DropRoot(uid_t uid, gid_t gid)
+SYS_Solaris_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context)
 {
   PRV_StartHelper();
   UTI_DropRoot(uid, gid);

diff --git a/sys_solaris.h b/sys_solaris.h
index 46015ba86605bec19872d5c8293ce06d27bd29e6..597923275e2b740ae595fa928af95934f217c677 100644 (file)
--- a/sys_solaris.h
+++ b/sys_solaris.h
@@ -27,10 +27,12 @@
 #ifndef GOT_SYS_SOLARIS_H
 #define GOT_SYS_SOLARIS_H
 
+#include "sys.h"
+
 void SYS_Solaris_Initialise(void);
 
 void SYS_Solaris_Finalise(void);
 
-void SYS_Solaris_DropRoot(uid_t uid, gid_t gid);
+void SYS_Solaris_DropRoot(uid_t uid, gid_t gid, SYS_ProcessContext context);
 
 #endif