void-packages/xbps-src/libexec/chroot.c
Juan RP e3dc3e3066 Added native utilities to mount/umount/chroot via capabilities(7).
Three new helpers will now be installed into ${libexecdir}:
 - xbps-src-capchroot needs to have set CAP_SYS_CHROOT ep.
 - xbps-src-chroot-cap{,u}mount: needs to have set CAP_SYS_ADMIN ep.

That means that libcap and setcap(8) are now required to install
xbps-src and use it as normal user.

--HG--
extra : convert_revision : 586d6526079e085f86bf3e393459d429f6f0ef99
2010-04-26 14:15:49 +02:00

97 lines
2.3 KiB
C

/*
* chroot() to target directory by using the CAP_CHROOT
* capability set on the file.
*
* Juan RP - 2010/04/26 - Public Domain.
*/
#include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <limits.h>
#include <sys/stat.h>
#include <sys/mount.h>
#include <sys/capability.h>
void
usage(void)
{
fprintf(stderr, "Usage: xbps-src-capchroot <newroot> <args>\n");
exit(EXIT_FAILURE);
}
int
main(int argc, char **argv)
{
cap_t cap;
cap_flag_value_t effective, permitted;
struct stat st;
char *path;
if (argc < 3)
usage();
cap = cap_get_proc();
if (cap == NULL) {
fprintf(stderr, "cap_get_proc() returned %s!\n",
strerror(errno));
exit(EXIT_FAILURE);
}
cap_get_flag(cap, CAP_SYS_CHROOT, CAP_EFFECTIVE, &effective);
cap_get_flag(cap, CAP_SYS_CHROOT, CAP_PERMITTED, &permitted);
if ((effective != CAP_SET) && (permitted != CAP_SET)) {
fprintf(stderr, "ERROR: missing 'cap_sys_chroot' capability!\n"
"Please set it with: setcap cap_sys_chroot=ep %s'\n",
argv[0]);
cap_free(cap);
exit(EXIT_FAILURE);
}
cap_free(cap);
if ((path = realpath(argv[1], NULL)) == NULL) {
fprintf(stderr, "ERROR: realpath() %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
/* Disallow chroot to '/' */
if (strcmp(path, "/") == 0) {
fprintf(stderr, "ERROR: chroot to / is not allowed!\n");
exit(EXIT_FAILURE);
}
/*
* Check that uid/gid owns the dir and has rx perms on the
* new target root and it is a directory.
*/
if (stat(path, &st) == -1) {
fprintf(stderr, "ERROR: stat() on %s: %s\n",
path, strerror(errno));
exit(EXIT_FAILURE);
}
if (S_ISDIR(st.st_mode) == 0) {
fprintf(stderr, "ERROR: '%s' not a directory!\n", path);
exit(EXIT_FAILURE);
}
if ((st.st_uid != getuid()) && (st.st_gid != getgid()) &&
(st.st_mode & (S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP))) {
fprintf(stderr, "ERROR: wrong permissions on %s!\n", path);
exit(EXIT_FAILURE);
}
/* All ok, change root and process argv on the target root dir. */
if (chroot(path) == -1) {
fprintf(stderr, "ERROR: chroot() on %s: %s\n", argv[1],
strerror(errno));
exit(EXIT_FAILURE);
}
if (chdir("/") == -1) {
fprintf(stderr, "ERROR: chdir(): %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
argv += 2;
(void)execvp(argv[0], argv);
exit(EXIT_FAILURE);
}