From: Roy Marples Date: Tue, 12 May 2020 10:23:03 +0000 (+0100) Subject: privsep: No longer need the chrootdir configure option. X-Git-Tag: v9.1.0~76 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a9671ceddfb947fd7eebf27d0062103e04f53dbf;p=thirdparty%2Fdhcpcd.git privsep: No longer need the chrootdir configure option. As we work with an empty chroot directory. --- diff --git a/Makefile.inc b/Makefile.inc index 19208808..ec5361a6 100644 --- a/Makefile.inc +++ b/Makefile.inc @@ -33,6 +33,3 @@ SED_STATUSARG= -e 's:@STATUSARG@:${STATUSARG}:g' SED_SCRIPT= -e 's:@SCRIPT@:${SCRIPT}:g' SED_SYS= -e 's:@SYSCONFDIR@:${SYSCONFDIR}:g' SED_DEFAULT_HOSTNAME= -e 's:@DEFAULT_HOSTNAME@:${DEFAULT_HOSTNAME}:g' -SED_CHROOT?= -e 's:@CHDIR^@::g' -e 's:@CHDIR$$@::g' \ - -e '/@CHDIR1@/d' -e '/@CHDIR2@/d' -SED_PRIVSEP_USER= -e 's:@PRIVSEP_USER@:${PRIVSEP_USER}:g' diff --git a/configure b/configure index 98410a8f..33fb494b 100755 --- a/configure +++ b/configure @@ -13,7 +13,6 @@ IPV4LL= INET6= PRIVSEP= PRIVSEP_USER= -PRIVSEP_CHROOT= ARC4RANDOM= CLOSEFROM= RBTREE= @@ -72,7 +71,6 @@ for x do --disable-privsep) PRIVSEP=no;; --enable-privsep) PRIVSEP=yes;; --privsepuser) PRIVSEP_USER=$var;; - --chrootdir) PRIVSEP_CHROOT=$var;; --prefix) PREFIX=$var;; --sysconfdir) SYSCONFDIR=$var;; --bindir|--sbindir) SBINDIR=$var;; @@ -581,22 +579,9 @@ if [ "$PRIVSEP" = yes ]; then echo "CPPFLAGS+= -DPRIVSEP" >>$CONFIG_MK echo "PRIVSEP_USER?= $PRIVSEP_USER" >>$CONFIG_MK - if [ -n "$PRIVSEP_CHROOT" ]; then - echo "PRIVSEP_CHROOT= $PRIVSEP_CHROOT" >>$CONFIG_MK - cat <>$CONFIG_MK -SED_CHROOT= -e 's:@CHDIR^@.*@CHDIR\$\$@:default of:g' \\ - -e 's:@CHDIR1@:.Pa \${PRIVSEP_CHROOT} .:g' \\ - -e 's:@CHDIR2@:A blank string chroots to the privileged separation users home directory.:g' -EOF - fi echo "#ifndef PRIVSEP_USER" >>$CONFIG_H echo "#define PRIVSEP_USER \"$PRIVSEP_USER\"" >>$CONFIG_H echo "#endif" >>$CONFIG_H - if [ -n "$PRIVSEP_CHROOT" ]; then - echo "#ifndef PRIVSEP_CHROOT" >>$CONFIG_H - echo "#define PRIVSEP_CHROOT \"$PRIVSEP_CHROOT\"" >>$CONFIG_H - echo "#endif" >>$CONFIG_H - fi echo "DHCPCD_SRCS+= privsep.c privsep-root.c privsep-inet.c" \ >>$CONFIG_MK if [ -z "$INET" ] || [ "$INET" = yes ]; then diff --git a/src/dhcpcd.8.in b/src/dhcpcd.8.in index 4188d6be..77b039f1 100644 --- a/src/dhcpcd.8.in +++ b/src/dhcpcd.8.in @@ -24,7 +24,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd April 30, 2020 +.Dd May 12, 2020 .Dt DHCPCD 8 .Os .Sh NAME @@ -35,7 +35,6 @@ .Op Fl 146ABbDdEGgHJKLMNPpqTV .Op Fl C , Fl Fl nohook Ar hook .Op Fl c , Fl Fl script Ar script -.Op Fl Fl chroot Ar chroot .Op Fl e , Fl Fl env Ar value .Op Fl F , Fl Fl fqdn Ar FQDN .Op Fl f , Fl Fl config Ar file @@ -263,15 +262,6 @@ Use this .Ar script instead of the default .Pa @SCRIPT@ . -.It Fl Fl chroot Ar chroot -.Xr chroot 3 -to the -.Ar chroot -directory rather than the -@CHDIR^@privilege separation users home directory.@CHDIR$@ -@CHDIR1@ -@CHDIR2@ -The privilege separation user is @PRIVSEP_USER@. .It Fl D , Fl Fl duid Use a DHCP Unique Identifier. If a system UUID is available, that will be used to create a DUID-UUID, diff --git a/src/dhcpcd.c b/src/dhcpcd.c index 7eb8109a..c2d10617 100644 --- a/src/dhcpcd.c +++ b/src/dhcpcd.c @@ -1848,9 +1848,6 @@ main(int argc, char **argv) #endif #ifdef PRIVSEP ctx.ps_root_fd = ctx.ps_data_fd = -1; -#ifdef PRIVSEP_CHROOT - ctx.ps_chroot = PRIVSEP_CHROOT; -#endif TAILQ_INIT(&ctx.ps_processes); #endif rt_init(&ctx); @@ -1916,19 +1913,6 @@ main(int argc, char **argv) case 'V': i = 2; break; -#ifdef PRIVSEP - case O_CHROOT: -#ifdef PRIVSEP_CHROOT - if (*optarg == '\0' || - (((optarg[0] == '"' && optarg[1] == '"') || - (optarg[0] == '\'' && optarg[1] == '\'')) && - optarg[2] == '\0')) - ctx.ps_chroot = NULL; - else -#endif - ctx.ps_chroot = optarg; - break; -#endif case '?': if (ctx.options & DHCPCD_PRINT_PIDFILE) continue; diff --git a/src/dhcpcd.h b/src/dhcpcd.h index f9ad9287..e0044c22 100644 --- a/src/dhcpcd.h +++ b/src/dhcpcd.h @@ -193,7 +193,6 @@ struct dhcpcd_ctx { #ifdef PRIVSEP struct passwd *ps_user; /* struct passwd for privsep user */ - const char *ps_chroot; pid_t ps_root_pid; int ps_root_fd; /* Privileged Actioneer commands */ int ps_data_fd; /* Data from root spawned processes */ diff --git a/src/if-options.c b/src/if-options.c index 329a3b2e..0cbf55ad 100644 --- a/src/if-options.c +++ b/src/if-options.c @@ -158,7 +158,6 @@ const struct option cf_options[] = { {"inactive", no_argument, NULL, O_INACTIVE}, {"mudurl", required_argument, NULL, O_MUDURL}, {"link_rcvbuf", required_argument, NULL, O_LINK_RCVBUF}, - {"chroot", required_argument, NULL, O_CHROOT}, {NULL, 0, NULL, '\0'} }; @@ -660,7 +659,6 @@ parse_option(struct dhcpcd_ctx *ctx, const char *ifname, struct if_options *ifo, #define ARG_REQUIRED if (arg == NULL) goto arg_required switch(opt) { - case O_CHROOT: /* FALLTHROUGH */ case 'f': /* FALLTHROUGH */ case 'g': /* FALLTHROUGH */ case 'n': /* FALLTHROUGH */ diff --git a/src/if-options.h b/src/if-options.h index 6f38b43d..1d9e3343 100644 --- a/src/if-options.h +++ b/src/if-options.h @@ -180,7 +180,6 @@ #define O_INACTIVE O_BASE + 47 #define O_MUDURL O_BASE + 48 #define O_MSUSERCLASS O_BASE + 49 -#define O_CHROOT O_BASE + 50 extern const struct option cf_options[]; diff --git a/src/privsep.c b/src/privsep.c index f34100c0..8d7c3723 100644 --- a/src/privsep.c +++ b/src/privsep.c @@ -81,6 +81,7 @@ int ps_init(struct dhcpcd_ctx *ctx) { struct passwd *pw; + struct stat st; errno = 0; if ((ctx->ps_user = pw = getpwnam(PRIVSEP_USER)) == NULL) { @@ -94,14 +95,10 @@ ps_init(struct dhcpcd_ctx *ctx) return -1; } - if (ctx->ps_chroot == NULL) - ctx->ps_chroot = pw->pw_dir; - - /* If we pickup the _dhcp user refuse the default directory */ - if (*ctx->ps_chroot != '/') { + if (stat(pw->pw_dir, &st) == -1 || !S_ISDIR(st.st_mode)) { ctx->options &= ~DHCPCD_PRIVSEP; logerrx("refusing chroot: %s: %s", - PRIVSEP_USER, ctx->ps_chroot); + PRIVSEP_USER, pw->pw_dir); errno = 0; return -1; } @@ -116,9 +113,9 @@ ps_dropprivs(struct dhcpcd_ctx *ctx, unsigned int flags) struct passwd *pw = ctx->ps_user; if (!(ctx->options & DHCPCD_FORKED)) - logdebugx("chrooting to `%s'", ctx->ps_chroot); - if (chroot(ctx->ps_chroot) == -1) - logerr("%s: chroot `%s'", __func__, ctx->ps_chroot); + logdebugx("chrooting to `%s'", pw->pw_dir); + if (chroot(pw->pw_dir) == -1) + logerr("%s: chroot `%s'", __func__, pw->pw_dir); if (chdir("/") == -1) logerr("%s: chdir `/'", __func__); diff --git a/src/script.c b/src/script.c index 1caf58ac..186b6e05 100644 --- a/src/script.c +++ b/src/script.c @@ -270,8 +270,8 @@ make_env(struct dhcpcd_ctx *ctx, const struct interface *ifp, goto eexit; #ifdef PRIVSEP - if (ctx->options & DHCPCD_PRIVSEP && ctx->ps_chroot != NULL) { - if (efprintf(fp, "chroot=%s", ctx->ps_chroot) == -1) + if (ctx->options & DHCPCD_PRIVSEP && ctx->ps_user != NULL) { + if (efprintf(fp, "chroot=%s", ctx->ps_user->pw_dir) == -1) goto eexit; } if (strcmp(reason, "CHROOT") == 0)