From 39bcae063c959687458acdd9304732612bedf097 Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Thu, 4 Jun 2015 18:35:43 +0200
Subject: [PATCH] dd: make super-user UID and FS group configurable
The main goal of this patch is to enable running the unit tests for
non-root users, because they cannot add a new user nor create files
owned by 0 or having group 'abrt'.
The GID variable might be used by other projects than ABRT.
The super-user variable might be used by ABRT, if security people decide
that abrtd must run under non-root user.
Signed-off-by: Jakub Filak <jfilak@redhat.com>
---
src/include/dump_dir.h | 26 ++++++++++++++++++++++++++
src/lib/dump_dir.c | 25 ++++++++++++++++++-------
2 files changed, 44 insertions(+), 7 deletions(-)
diff --git a/src/include/dump_dir.h b/src/include/dump_dir.h
index b37b262..7643d86 100644
--- a/src/include/dump_dir.h
+++ b/src/include/dump_dir.h
@@ -41,6 +41,32 @@ int create_symlink_lockfile_at(int dir_fd, const char *filename, const char *pid
*/
int secure_openat_read(int dir_fd, const char *filename);
+/******************************************************************************/
+/* Global variables */
+/******************************************************************************/
+
+/* UID of super-user (default 0)
+ *
+ * This variable is used by the dd* functions when they access security
+ * sensitive elements. The functions will ONLY TRUST the contents of those
+ * elements that ARE OWNED by super-user.
+ */
+extern uid_t dd_g_super_user_uid;
+
+/* GID of a dump diretory created via dd_create() with uid != -1
+ *
+ * The default value is -1 which means that the dd* functions must ignore this
+ * variable.
+ *
+ * Initialize this variable only if you don't want to use the default group
+ * ('abrt').
+ */
+extern gid_t dd_g_fs_group_gid;
+
+/******************************************************************************/
+/* Dump Directory */
+/******************************************************************************/
+
enum {
DD_FAIL_QUIETLY_ENOENT = (1 << 0),
DD_FAIL_QUIETLY_EACCES = (1 << 1),
diff --git a/src/lib/dump_dir.c b/src/lib/dump_dir.c
index 2cd14bb..1e3fc6a 100644
--- a/src/lib/dump_dir.c
+++ b/src/lib/dump_dir.c
@@ -102,6 +102,12 @@ enum {
// bits
#define DD_MODE_TO_DIR_MODE(mode) ((mode) | (((mode) & 0444) >> 2))
+/* Owner of trusted elements */
+uid_t dd_g_super_user_uid = 0;
+
+/* Group of new dump directories */
+gid_t dd_g_fs_group_gid = (gid_t)-1;
+
static char *load_text_file(const char *path, unsigned flags);
static char *load_text_file_at(int dir_fd, const char *name, unsigned flags);
@@ -1171,12 +1177,17 @@ struct dump_dir *dd_create_skeleton(const char *dir, uid_t uid, mode_t mode, int
else
error_msg("User %lu does not exist, using uid 0", (long)uid);
- /* Get ABRT's group gid */
- struct group *gr = getgrnam("abrt");
- if (gr)
- dd->dd_gid = gr->gr_gid;
+ if (dd_g_fs_group_gid == (uid_t)-1)
+ {
+ /* Get ABRT's group gid */
+ struct group *gr = getgrnam("abrt");
+ if (gr)
+ dd->dd_gid = gr->gr_gid;
+ else
+ error_msg("Group 'abrt' does not exist, using gid 0");
+ }
else
- error_msg("Group 'abrt' does not exist, using gid 0");
+ dd->dd_gid = dd_g_fs_group_gid;
#else
/* Get ABRT's user uid */
struct passwd *pw = getpwnam("abrt");
@@ -1959,14 +1970,14 @@ int dd_stat_for_uid(struct dump_dir *dd, uid_t uid)
{
int ddstat = 0;
- if (uid == 0)
+ if (uid == dd_g_super_user_uid)
{
log_debug("directory accessible by super-user");
ddstat |= DD_STAT_ACCESSIBLE_BY_UID;
}
#define DD_OWNER_FLAGS (DD_STAT_ACCESSIBLE_BY_UID | DD_STAT_OWNED_BY_UID)
- if (dd->dd_uid == 0)
+ if (dd->dd_uid == dd_g_super_user_uid)
{
log_debug("directory owned by super-user: checking meta-data");
--
2.1.0