From: Jordan Williams <jordan@jwillikers.com>
Date: Wed, 6 Mar 2024 14:32:34 +0000 (-0600)
Subject: Handle missing user when installing setuid in meson_post_install.py
X-Git-Tag: dbus-1.15.12~12^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b104667bd7ec55dda057ff4ffdde848336f253f4;p=thirdparty%2Fdbus.git

Handle missing user when installing setuid in meson_post_install.py

The logic that sets the dbus-daemon-launcher-helper setuid does not
handle the case where the group named the same as the dbus_user does not
exist.
This makes the assumption that the primary group of the dbus_user
has the same name as the dbus_user.
This may not be the case.

To remedy these issues, obtain the group id for dbus_user instead of
attempting to retrieve the group id by name.
To avoid a failure when the user does not exist, handle the KeyError
exception from the pwd.getpwnam function by printing a warning and
skipping the logic to set the binary setuid.
Perform an additional check to ensure that the dbus_user's primary group
 has only a single member.
Fail similarly if it has more than one member.

Resolves: #492
Signed-off-by: Simon McVittie <smcv@collabora.com>
---

diff --git a/meson_post_install.py b/meson_post_install.py
index cfc03b221..fe0633458 100755
--- a/meson_post_install.py
+++ b/meson_post_install.py
@@ -88,11 +88,35 @@ def post_install_exe():
     daemon_launch_helper = get_target('dbus-daemon-launch-helper')
     if daemon_launch_helper:
         import grp
+        import pwd
         exe_name = os.path.basename(daemon_launch_helper['install_filename'][0])
         exe_path = abs_libexecdir / exe_name
         dbus_user = get_option('dbus_user')
         if os.getuid() == 0:
-            os.chown(exe_path, 0, grp.getgrnam(dbus_user).gr_gid)
+            dbus_user_data = None
+            try:
+                dbus_user_data = pwd.getpwnam(dbus_user)
+            except KeyError:
+                print('Not installing {0} binary setuid!'.format(exe_path))
+                print('The dbus_user {0} does not exist!'.format(dbus_user))
+                return
+
+            dbus_group_data = None
+            try:
+                dbus_group_data = grp.getgrgid(dbus_user_data.pw_gid)
+            except KeyError:
+                print('Not installing {0} binary setuid!'.format(exe_path))
+                print('The dbus_user\'s primary group {0} does not exist!'.format(dbus_user))
+                return
+
+            if len(dbus_group_data.gr_mem) > 1:
+                print('Not installing {0} binary setuid!'.format(exe_path))
+                print('The dbus_user\'s primary group {0} contains {1} members when it '
+                      'should only contain one!'
+                      .format(dbus_user, len(dbus_group_data.gr_mem)))
+                return
+            
+            os.chown(exe_path, 0, dbus_user_data.pw_gid)
             os.chmod(exe_path, stat.S_ISUID | stat.S_IXUSR | stat.S_IXGRP)
         else:
             print('Not installing {0} binary setuid!'.format(exe_path))