|
|
3a204fb |
From 39bcae063c959687458acdd9304732612bedf097 Mon Sep 17 00:00:00 2001
|
|
|
3a204fb |
From: Jakub Filak <jfilak@redhat.com>
|
|
|
3a204fb |
Date: Thu, 4 Jun 2015 18:35:43 +0200
|
|
|
3a204fb |
Subject: [PATCH] dd: make super-user UID and FS group configurable
|
|
|
3a204fb |
|
|
|
3a204fb |
The main goal of this patch is to enable running the unit tests for
|
|
|
3a204fb |
non-root users, because they cannot add a new user nor create files
|
|
|
3a204fb |
owned by 0 or having group 'abrt'.
|
|
|
3a204fb |
|
|
|
3a204fb |
The GID variable might be used by other projects than ABRT.
|
|
|
3a204fb |
|
|
|
3a204fb |
The super-user variable might be used by ABRT, if security people decide
|
|
|
3a204fb |
that abrtd must run under non-root user.
|
|
|
3a204fb |
|
|
|
3a204fb |
Signed-off-by: Jakub Filak <jfilak@redhat.com>
|
|
|
3a204fb |
---
|
|
|
3a204fb |
src/include/dump_dir.h | 26 ++++++++++++++++++++++++++
|
|
|
3a204fb |
src/lib/dump_dir.c | 25 ++++++++++++++++++-------
|
|
|
3a204fb |
2 files changed, 44 insertions(+), 7 deletions(-)
|
|
|
3a204fb |
|
|
|
3a204fb |
diff --git a/src/include/dump_dir.h b/src/include/dump_dir.h
|
|
|
3a204fb |
index b37b262..7643d86 100644
|
|
|
3a204fb |
--- a/src/include/dump_dir.h
|
|
|
3a204fb |
+++ b/src/include/dump_dir.h
|
|
|
3a204fb |
@@ -41,6 +41,32 @@ int create_symlink_lockfile_at(int dir_fd, const char *filename, const char *pid
|
|
|
3a204fb |
*/
|
|
|
3a204fb |
int secure_openat_read(int dir_fd, const char *filename);
|
|
|
3a204fb |
|
|
|
3a204fb |
+/******************************************************************************/
|
|
|
3a204fb |
+/* Global variables */
|
|
|
3a204fb |
+/******************************************************************************/
|
|
|
3a204fb |
+
|
|
|
3a204fb |
+/* UID of super-user (default 0)
|
|
|
3a204fb |
+ *
|
|
|
3a204fb |
+ * This variable is used by the dd* functions when they access security
|
|
|
3a204fb |
+ * sensitive elements. The functions will ONLY TRUST the contents of those
|
|
|
3a204fb |
+ * elements that ARE OWNED by super-user.
|
|
|
3a204fb |
+ */
|
|
|
3a204fb |
+extern uid_t dd_g_super_user_uid;
|
|
|
3a204fb |
+
|
|
|
3a204fb |
+/* GID of a dump diretory created via dd_create() with uid != -1
|
|
|
3a204fb |
+ *
|
|
|
3a204fb |
+ * The default value is -1 which means that the dd* functions must ignore this
|
|
|
3a204fb |
+ * variable.
|
|
|
3a204fb |
+ *
|
|
|
3a204fb |
+ * Initialize this variable only if you don't want to use the default group
|
|
|
3a204fb |
+ * ('abrt').
|
|
|
3a204fb |
+ */
|
|
|
3a204fb |
+extern gid_t dd_g_fs_group_gid;
|
|
|
3a204fb |
+
|
|
|
3a204fb |
+/******************************************************************************/
|
|
|
3a204fb |
+/* Dump Directory */
|
|
|
3a204fb |
+/******************************************************************************/
|
|
|
3a204fb |
+
|
|
|
3a204fb |
enum {
|
|
|
3a204fb |
DD_FAIL_QUIETLY_ENOENT = (1 << 0),
|
|
|
3a204fb |
DD_FAIL_QUIETLY_EACCES = (1 << 1),
|
|
|
3a204fb |
diff --git a/src/lib/dump_dir.c b/src/lib/dump_dir.c
|
|
|
3a204fb |
index 2cd14bb..1e3fc6a 100644
|
|
|
3a204fb |
--- a/src/lib/dump_dir.c
|
|
|
3a204fb |
+++ b/src/lib/dump_dir.c
|
|
|
3a204fb |
@@ -102,6 +102,12 @@ enum {
|
|
|
3a204fb |
// bits
|
|
|
3a204fb |
#define DD_MODE_TO_DIR_MODE(mode) ((mode) | (((mode) & 0444) >> 2))
|
|
|
3a204fb |
|
|
|
3a204fb |
+/* Owner of trusted elements */
|
|
|
3a204fb |
+uid_t dd_g_super_user_uid = 0;
|
|
|
3a204fb |
+
|
|
|
3a204fb |
+/* Group of new dump directories */
|
|
|
3a204fb |
+gid_t dd_g_fs_group_gid = (gid_t)-1;
|
|
|
3a204fb |
+
|
|
|
3a204fb |
|
|
|
3a204fb |
static char *load_text_file(const char *path, unsigned flags);
|
|
|
3a204fb |
static char *load_text_file_at(int dir_fd, const char *name, unsigned flags);
|
|
|
3a204fb |
@@ -1171,12 +1177,17 @@ struct dump_dir *dd_create_skeleton(const char *dir, uid_t uid, mode_t mode, int
|
|
|
3a204fb |
else
|
|
|
3a204fb |
error_msg("User %lu does not exist, using uid 0", (long)uid);
|
|
|
3a204fb |
|
|
|
3a204fb |
- /* Get ABRT's group gid */
|
|
|
3a204fb |
- struct group *gr = getgrnam("abrt");
|
|
|
3a204fb |
- if (gr)
|
|
|
3a204fb |
- dd->dd_gid = gr->gr_gid;
|
|
|
3a204fb |
+ if (dd_g_fs_group_gid == (uid_t)-1)
|
|
|
3a204fb |
+ {
|
|
|
3a204fb |
+ /* Get ABRT's group gid */
|
|
|
3a204fb |
+ struct group *gr = getgrnam("abrt");
|
|
|
3a204fb |
+ if (gr)
|
|
|
3a204fb |
+ dd->dd_gid = gr->gr_gid;
|
|
|
3a204fb |
+ else
|
|
|
3a204fb |
+ error_msg("Group 'abrt' does not exist, using gid 0");
|
|
|
3a204fb |
+ }
|
|
|
3a204fb |
else
|
|
|
3a204fb |
- error_msg("Group 'abrt' does not exist, using gid 0");
|
|
|
3a204fb |
+ dd->dd_gid = dd_g_fs_group_gid;
|
|
|
3a204fb |
#else
|
|
|
3a204fb |
/* Get ABRT's user uid */
|
|
|
3a204fb |
struct passwd *pw = getpwnam("abrt");
|
|
|
3a204fb |
@@ -1959,14 +1970,14 @@ int dd_stat_for_uid(struct dump_dir *dd, uid_t uid)
|
|
|
3a204fb |
{
|
|
|
3a204fb |
int ddstat = 0;
|
|
|
3a204fb |
|
|
|
3a204fb |
- if (uid == 0)
|
|
|
3a204fb |
+ if (uid == dd_g_super_user_uid)
|
|
|
3a204fb |
{
|
|
|
3a204fb |
log_debug("directory accessible by super-user");
|
|
|
3a204fb |
ddstat |= DD_STAT_ACCESSIBLE_BY_UID;
|
|
|
3a204fb |
}
|
|
|
3a204fb |
|
|
|
3a204fb |
#define DD_OWNER_FLAGS (DD_STAT_ACCESSIBLE_BY_UID | DD_STAT_OWNED_BY_UID)
|
|
|
3a204fb |
- if (dd->dd_uid == 0)
|
|
|
3a204fb |
+ if (dd->dd_uid == dd_g_super_user_uid)
|
|
|
3a204fb |
{
|
|
|
3a204fb |
log_debug("directory owned by super-user: checking meta-data");
|
|
|
3a204fb |
|
|
|
3a204fb |
--
|
|
|
3a204fb |
2.1.0
|
|
|
3a204fb |
|