|
Packit |
6c4009 |
/* pt_chmod - helper program for `grantpt'.
|
|
Packit |
6c4009 |
Copyright (C) 1998-2018 Free Software Foundation, Inc.
|
|
Packit |
6c4009 |
This file is part of the GNU C Library.
|
|
Packit |
6c4009 |
Contributed by C. Scott Ananian <cananian@alumni.princeton.edu>, 1998.
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
The GNU C Library is free software; you can redistribute it and/or
|
|
Packit |
6c4009 |
modify it under the terms of the GNU Lesser General Public
|
|
Packit |
6c4009 |
License as published by the Free Software Foundation; either
|
|
Packit |
6c4009 |
version 2.1 of the License, or (at your option) any later version.
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
The GNU C Library is distributed in the hope that it will be useful,
|
|
Packit |
6c4009 |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
6c4009 |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
6c4009 |
Lesser General Public License for more details.
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
You should have received a copy of the GNU Lesser General Public
|
|
Packit |
6c4009 |
License along with the GNU C Library; if not, see
|
|
Packit |
6c4009 |
<http://www.gnu.org/licenses/>. */
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
#include <argp.h>
|
|
Packit |
6c4009 |
#include <errno.h>
|
|
Packit |
6c4009 |
#include <error.h>
|
|
Packit |
6c4009 |
#include <grp.h>
|
|
Packit |
6c4009 |
#include <libintl.h>
|
|
Packit |
6c4009 |
#include <locale.h>
|
|
Packit |
6c4009 |
#include <signal.h>
|
|
Packit |
6c4009 |
#include <stdio.h>
|
|
Packit |
6c4009 |
#include <stdlib.h>
|
|
Packit |
6c4009 |
#include <string.h>
|
|
Packit |
6c4009 |
#include <sys/stat.h>
|
|
Packit |
6c4009 |
#include <unistd.h>
|
|
Packit |
6c4009 |
#ifdef HAVE_LIBCAP
|
|
Packit |
6c4009 |
# include <sys/capability.h>
|
|
Packit |
6c4009 |
# include <sys/prctl.h>
|
|
Packit |
6c4009 |
#endif
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
#include "pty-private.h"
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Get libc version number. */
|
|
Packit |
6c4009 |
#include "../version.h"
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
#define PACKAGE _libc_intl_domainname
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Name and version of program. */
|
|
Packit |
6c4009 |
static void print_version (FILE *stream, struct argp_state *state);
|
|
Packit |
6c4009 |
void (*argp_program_version_hook) (FILE *, struct argp_state *) = print_version;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Function to print some extra text in the help message. */
|
|
Packit |
6c4009 |
static char *more_help (int key, const char *text, void *input);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Data structure to communicate with argp functions. */
|
|
Packit |
6c4009 |
static struct argp argp =
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
NULL, NULL, NULL, NULL, NULL, more_help
|
|
Packit |
6c4009 |
};
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Print the version information. */
|
|
Packit |
6c4009 |
static void
|
|
Packit |
6c4009 |
print_version (FILE *stream, struct argp_state *state)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
fprintf (stream, "pt_chown %s%s\n", PKGVERSION, VERSION);
|
|
Packit |
6c4009 |
fprintf (stream, gettext ("\
|
|
Packit |
6c4009 |
Copyright (C) %s Free Software Foundation, Inc.\n\
|
|
Packit |
6c4009 |
This is free software; see the source for copying conditions. There is NO\n\
|
|
Packit |
6c4009 |
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.\n\
|
|
Packit |
6c4009 |
"), "2018");
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
static char *
|
|
Packit |
6c4009 |
more_help (int key, const char *text, void *input)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
char *cp;
|
|
Packit |
6c4009 |
char *tp;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
switch (key)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
case ARGP_KEY_HELP_PRE_DOC:
|
|
Packit |
6c4009 |
asprintf (&cp, gettext ("\
|
|
Packit |
6c4009 |
Set the owner, group and access permission of the slave pseudo\
|
|
Packit |
6c4009 |
terminal corresponding to the master pseudo terminal passed on\
|
|
Packit |
6c4009 |
file descriptor `%d'. This is the helper program for the\
|
|
Packit |
6c4009 |
`grantpt' function. It is not intended to be run directly from\
|
|
Packit |
6c4009 |
the command line.\n"),
|
|
Packit |
6c4009 |
PTY_FILENO);
|
|
Packit |
6c4009 |
return cp;
|
|
Packit |
6c4009 |
case ARGP_KEY_HELP_EXTRA:
|
|
Packit |
6c4009 |
/* We print some extra information. */
|
|
Packit |
6c4009 |
if (asprintf (&tp, gettext ("\
|
|
Packit |
6c4009 |
For bug reporting instructions, please see:\n\
|
|
Packit |
6c4009 |
%s.\n"), REPORT_BUGS_TO) < 0)
|
|
Packit |
6c4009 |
return NULL;
|
|
Packit |
6c4009 |
if (asprintf (&cp, gettext ("\
|
|
Packit |
6c4009 |
The owner is set to the current user, the group is set to `%s',\
|
|
Packit |
6c4009 |
and the access permission is set to `%o'.\n\n\
|
|
Packit |
6c4009 |
%s"),
|
|
Packit |
6c4009 |
TTY_GROUP, S_IRUSR|S_IWUSR|S_IWGRP, tp) < 0)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
free (tp);
|
|
Packit |
6c4009 |
return NULL;
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
return cp;
|
|
Packit |
6c4009 |
default:
|
|
Packit |
6c4009 |
break;
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
return (char *) text;
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
static int
|
|
Packit |
6c4009 |
do_pt_chown (void)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
char *pty;
|
|
Packit |
6c4009 |
struct stat64 st;
|
|
Packit |
6c4009 |
struct group *p;
|
|
Packit |
6c4009 |
gid_t gid;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Check that PTY_FILENO is a valid master pseudo terminal. */
|
|
Packit |
6c4009 |
pty = ptsname (PTY_FILENO);
|
|
Packit |
6c4009 |
if (pty == NULL)
|
|
Packit |
6c4009 |
return errno == EBADF ? FAIL_EBADF : FAIL_EINVAL;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Check that the returned slave pseudo terminal is a
|
|
Packit |
6c4009 |
character device. */
|
|
Packit |
6c4009 |
if (stat64 (pty, &st) < 0 || !S_ISCHR (st.st_mode))
|
|
Packit |
6c4009 |
return FAIL_EINVAL;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Get the group ID of the special `tty' group. */
|
|
Packit |
6c4009 |
p = getgrnam (TTY_GROUP);
|
|
Packit |
6c4009 |
gid = p ? p->gr_gid : getgid ();
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Set the owner to the real user ID, and the group to that special
|
|
Packit |
6c4009 |
group ID. */
|
|
Packit |
6c4009 |
if (chown (pty, getuid (), gid) < 0)
|
|
Packit |
6c4009 |
return FAIL_EACCES;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Set the permission mode to readable and writable by the owner,
|
|
Packit |
6c4009 |
and writable by the group. */
|
|
Packit |
6c4009 |
if ((st.st_mode & ACCESSPERMS) != (S_IRUSR|S_IWUSR|S_IWGRP)
|
|
Packit |
6c4009 |
&& chmod (pty, S_IRUSR|S_IWUSR|S_IWGRP) < 0)
|
|
Packit |
6c4009 |
return FAIL_EACCES;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
return 0;
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
int
|
|
Packit |
6c4009 |
main (int argc, char *argv[])
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
uid_t euid = geteuid ();
|
|
Packit |
6c4009 |
uid_t uid = getuid ();
|
|
Packit |
6c4009 |
int remaining;
|
|
Packit |
6c4009 |
sigset_t signalset;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Clear any signal mask from the parent process. */
|
|
Packit |
6c4009 |
sigemptyset (&signalset);
|
|
Packit |
6c4009 |
sigprocmask (SIG_SETMASK, &signalset, NULL);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
if (argc == 1 && euid == 0)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
#ifdef HAVE_LIBCAP
|
|
Packit |
6c4009 |
/* Drop privileges. */
|
|
Packit |
6c4009 |
if (uid != euid)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
static const cap_value_t cap_list[] =
|
|
Packit |
6c4009 |
{ CAP_CHOWN, CAP_FOWNER };
|
|
Packit |
6c4009 |
# define ncap_list (sizeof (cap_list) / sizeof (cap_list[0]))
|
|
Packit |
6c4009 |
cap_t caps = cap_init ();
|
|
Packit |
6c4009 |
if (caps == NULL)
|
|
Packit |
6c4009 |
return FAIL_ENOMEM;
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* There is no reason why these should not work. */
|
|
Packit |
6c4009 |
cap_set_flag (caps, CAP_PERMITTED, ncap_list, cap_list, CAP_SET);
|
|
Packit |
6c4009 |
cap_set_flag (caps, CAP_EFFECTIVE, ncap_list, cap_list, CAP_SET);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
int res = cap_set_proc (caps);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
cap_free (caps);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
if (__glibc_unlikely (res != 0))
|
|
Packit |
6c4009 |
return FAIL_EXEC;
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
#endif
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Normal invocation of this program is with no arguments and
|
|
Packit |
6c4009 |
with privileges. */
|
|
Packit |
6c4009 |
return do_pt_chown ();
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* We aren't going to be using privileges, so drop them right now. */
|
|
Packit |
6c4009 |
setuid (uid);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Set locale via LC_ALL. */
|
|
Packit |
6c4009 |
setlocale (LC_ALL, "");
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Set the text message domain. */
|
|
Packit |
6c4009 |
textdomain (PACKAGE);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* parse and process arguments. */
|
|
Packit |
6c4009 |
argp_parse (&argp, argc, argv, 0, &remaining, NULL);
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
if (remaining < argc)
|
|
Packit |
6c4009 |
{
|
|
Packit |
6c4009 |
/* We should not be called with any non-option parameters. */
|
|
Packit |
6c4009 |
error (0, 0, gettext ("too many arguments"));
|
|
Packit |
6c4009 |
argp_help (&argp, stdout, ARGP_HELP_SEE | ARGP_HELP_EXIT_ERR,
|
|
Packit |
6c4009 |
program_invocation_short_name);
|
|
Packit |
6c4009 |
return EXIT_FAILURE;
|
|
Packit |
6c4009 |
}
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
/* Check if we are properly installed. */
|
|
Packit |
6c4009 |
if (euid != 0)
|
|
Packit |
6c4009 |
error (FAIL_EXEC, 0, gettext ("needs to be installed setuid `root'"));
|
|
Packit |
6c4009 |
|
|
Packit |
6c4009 |
return EXIT_SUCCESS;
|
|
Packit |
6c4009 |
}
|