From: Lennart Poettering Date: Tue, 1 Aug 2017 09:30:44 +0000 (+0200) Subject: core: rename EXEC_APPLY_PERMISSIONS → EXEC_APPLY_SANDBOXING X-Git-Tag: v235~237^2~9 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=1703fa41a73ff2225ca38e84df522ada49d05753;p=thirdparty%2Fsystemd.git core: rename EXEC_APPLY_PERMISSIONS → EXEC_APPLY_SANDBOXING "Permissions" was a bit of a misnomer, as it suggests that UNIX file permission bits are adjusted, which aren't really changed here. Instead, this is about UNIX credentials such as users or groups, as well as namespacing, hence let's use a more generic term here, without any misleading reference to UNIX file permissions: "sandboxing", which shall refer to all kinds of sandboxing technologies, including UID/GID dropping, selinux relabelling, namespacing, seccomp, and so on. --- diff --git a/src/core/execute.c b/src/core/execute.c index 194fb4b4c0b..0f20765f221 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -2039,7 +2039,7 @@ static int apply_mount_namespace( if (!context->dynamic_user && root_dir) ns_info.ignore_protect_paths = true; - apply_restrictions = (params->flags & EXEC_APPLY_PERMISSIONS) && !(command->flags & EXEC_COMMAND_FULLY_PRIVILEGED); + apply_restrictions = (params->flags & EXEC_APPLY_SANDBOXING) && !(command->flags & EXEC_COMMAND_FULLY_PRIVILEGED); r = setup_namespace(root_dir, root_image, &ns_info, rw, @@ -2302,7 +2302,7 @@ static int exec_child( const char *home = NULL, *shell = NULL; dev_t journal_stream_dev = 0; ino_t journal_stream_ino = 0; - bool needs_exec_restrictions, needs_mount_namespace; + bool needs_sandboxing, needs_mount_namespace; #ifdef HAVE_SELINUX bool needs_selinux = false; #endif @@ -2653,9 +2653,9 @@ static int exec_child( return r; } - needs_exec_restrictions = (params->flags & EXEC_APPLY_PERMISSIONS) && !(command->flags & EXEC_COMMAND_FULLY_PRIVILEGED); + needs_sandboxing = (params->flags & EXEC_APPLY_SANDBOXING) && !(command->flags & EXEC_COMMAND_FULLY_PRIVILEGED); - if (needs_exec_restrictions) { + if (needs_sandboxing) { if (context->pam_name && username) { r = setup_pam(context->pam_name, username, uid, gid, context->tty_path, &accum_env, fds, n_fds); if (r < 0) { @@ -2705,7 +2705,7 @@ static int exec_child( return r; /* Drop groups as early as possbile */ - if (needs_exec_restrictions) { + if (needs_sandboxing) { r = enforce_groups(context, gid, supplementary_gids, ngids); if (r < 0) { *exit_status = EXIT_GROUP; @@ -2714,7 +2714,7 @@ static int exec_child( } #ifdef HAVE_SELINUX - if (needs_exec_restrictions && needs_selinux && params->selinux_context_net && socket_fd >= 0) { + if (needs_sandboxing && needs_selinux && params->selinux_context_net && socket_fd >= 0) { r = mac_selinux_get_child_mls_label(socket_fd, command->path, context->selinux_context, &mac_selinux_context_net); if (r < 0) { *exit_status = EXIT_SELINUX_CONTEXT; @@ -2723,7 +2723,7 @@ static int exec_child( } #endif - if ((params->flags & EXEC_APPLY_PERMISSIONS) && context->private_users) { + if ((params->flags & EXEC_APPLY_SANDBOXING) && context->private_users) { r = setup_private_users(uid, gid); if (r < 0) { *exit_status = EXIT_USER; @@ -2747,7 +2747,7 @@ static int exec_child( return r; } - if (needs_exec_restrictions) { + if (needs_sandboxing) { int secure_bits = context->secure_bits; diff --git a/src/core/execute.h b/src/core/execute.h index 69cb0e56465..0c5811c5bd0 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -255,7 +255,7 @@ static inline bool exec_context_restrict_namespaces_set(const ExecContext *c) { } typedef enum ExecFlags { - EXEC_APPLY_PERMISSIONS = 1U << 0, + EXEC_APPLY_SANDBOXING = 1U << 0, EXEC_APPLY_CHROOT = 1U << 1, EXEC_APPLY_TTY_STDIN = 1U << 2, EXEC_NEW_KEYRING = 1U << 3, diff --git a/src/core/mount.c b/src/core/mount.c index d0b0cfe4b66..c3805ee055f 100644 --- a/src/core/mount.c +++ b/src/core/mount.c @@ -742,7 +742,7 @@ static int mount_spawn(Mount *m, ExecCommand *c, pid_t *_pid) { pid_t pid; int r; ExecParameters exec_params = { - .flags = EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN, + .flags = EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN, .stdin_fd = -1, .stdout_fd = -1, .stderr_fd = -1, diff --git a/src/core/service.c b/src/core/service.c index 2e94c4aea5d..a9c8a2ee15f 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -1236,7 +1236,7 @@ static int service_spawn( if (flags & EXEC_IS_CONTROL) { /* If this is a control process, mask the permissions/chroot application if this is requested. */ if (s->permissions_start_only) - exec_params.flags &= ~EXEC_APPLY_PERMISSIONS; + exec_params.flags &= ~EXEC_APPLY_SANDBOXING; if (s->root_directory_start_only) exec_params.flags &= ~EXEC_APPLY_CHROOT; } @@ -1570,7 +1570,7 @@ static void service_enter_stop_post(Service *s, ServiceResult f) { r = service_spawn(s, s->control_command, s->timeout_stop_usec, - EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_IS_CONTROL|EXEC_SETENV_RESULT, + EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_IS_CONTROL|EXEC_SETENV_RESULT, &s->control_pid); if (r < 0) goto fail; @@ -1681,7 +1681,7 @@ static void service_enter_stop(Service *s, ServiceResult f) { r = service_spawn(s, s->control_command, s->timeout_stop_usec, - EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_SETENV_RESULT, + EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_SETENV_RESULT, &s->control_pid); if (r < 0) goto fail; @@ -1760,7 +1760,7 @@ static void service_enter_start_post(Service *s) { r = service_spawn(s, s->control_command, s->timeout_start_usec, - EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL, + EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL, &s->control_pid); if (r < 0) goto fail; @@ -1838,7 +1838,7 @@ static void service_enter_start(Service *s) { r = service_spawn(s, c, timeout, - EXEC_PASS_FDS|EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG, + EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG, &pid); if (r < 0) goto fail; @@ -1897,7 +1897,7 @@ static void service_enter_start_pre(Service *s) { r = service_spawn(s, s->control_command, s->timeout_start_usec, - EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_APPLY_TTY_STDIN, + EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_APPLY_TTY_STDIN, &s->control_pid); if (r < 0) goto fail; @@ -1995,7 +1995,7 @@ static void service_enter_reload(Service *s) { r = service_spawn(s, s->control_command, s->timeout_start_usec, - EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL, + EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL, &s->control_pid); if (r < 0) goto fail; @@ -2033,7 +2033,7 @@ static void service_run_next_control(Service *s) { r = service_spawn(s, s->control_command, timeout, - EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL| + EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL| (IN_SET(s->control_command_id, SERVICE_EXEC_START_PRE, SERVICE_EXEC_STOP_POST) ? EXEC_APPLY_TTY_STDIN : 0)| (IN_SET(s->control_command_id, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST) ? EXEC_SETENV_RESULT : 0), &s->control_pid); @@ -2071,7 +2071,7 @@ static void service_run_next_main(Service *s) { r = service_spawn(s, s->main_command, s->timeout_start_usec, - EXEC_PASS_FDS|EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG, + EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG, &pid); if (r < 0) goto fail; diff --git a/src/core/socket.c b/src/core/socket.c index aed78613f68..9d8367e90bd 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -1762,7 +1762,7 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) { pid_t pid; int r; ExecParameters exec_params = { - .flags = EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN, + .flags = EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN, .stdin_fd = -1, .stdout_fd = -1, .stderr_fd = -1, diff --git a/src/core/swap.c b/src/core/swap.c index 86995a45d01..9553ee16a83 100644 --- a/src/core/swap.c +++ b/src/core/swap.c @@ -608,7 +608,7 @@ static int swap_spawn(Swap *s, ExecCommand *c, pid_t *_pid) { pid_t pid; int r; ExecParameters exec_params = { - .flags = EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN, + .flags = EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN, .stdin_fd = -1, .stdout_fd = -1, .stderr_fd = -1,