source: MondoRescue/branches/2.2.2/mindi-busybox/applets/applets.c@ 1247

Last change on this file since 1247 was 821, checked in by Bruno Cornec, 18 years ago

Addition of busybox 1.2.1 as a mindi-busybox new package
This should avoid delivering binary files in mindi not built there (Fedora and Debian are quite serious about that)
File size: 12.5 KB
Line 
1/* vi: set sw=4 ts=4: */
2/*
3 * Utility routines.
4 *
5 * Copyright (C) tons of folks. Tracking down who wrote what
6 * isn't something I'm going to worry about... If you wrote something
7 * here, please feel free to acknowledge your work.
8 *
9 * Based in part on code from sash, Copyright (c) 1999 by David I. Bell
10 * Permission has been granted to redistribute this code under the GPL.
11 *
12 * Licensed under GPLv2 or later, see file License in this tarball for details.
13 */
14
15#include "busybox.h"
16#include <unistd.h>
17#include <string.h>
18#include <assert.h>
19
20#if ENABLE_SHOW_USAGE && !ENABLE_FEATURE_COMPRESS_USAGE
21static const char usage_messages[] =
22#define MAKE_USAGE
23#include "usage.h"
24#include "applets.h"
25;
26#undef MAKE_USAGE
27#else
28#define usage_messages 0
29#endif /* ENABLE_SHOW_USAGE */
30
31#undef APPLET
32#undef APPLET_NOUSAGE
33#undef PROTOTYPES
34#include "applets.h"
35
36static struct BB_applet *applet_using;
37
38/* The -1 arises because of the {0,NULL,0,-1} entry above. */
39const size_t NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
40
41
42#ifdef CONFIG_FEATURE_SUID_CONFIG
43
44#include <ctype.h>
45#include "pwd_.h"
46#include "grp_.h"
47
48#define CONFIG_FILE "/etc/busybox.conf"
49
50/* applets [] is const, so we have to define this "override" structure */
51static struct BB_suid_config
52{
53 struct BB_applet *m_applet;
54
55 uid_t m_uid;
56 gid_t m_gid;
57 mode_t m_mode;
58
59 struct BB_suid_config *m_next;
60} *suid_config;
61
62static int suid_cfg_readable;
63
64/* check if u is member of group g */
65static int ingroup (uid_t u, gid_t g)
66{
67 struct group *grp = getgrgid (g);
68
69 if (grp) {
70 char **mem;
71
72 for (mem = grp->gr_mem; *mem; mem++) {
73 struct passwd *pwd = getpwnam (*mem);
74
75 if (pwd && (pwd->pw_uid == u))
76 return 1;
77 }
78 }
79 return 0;
80}
81
82/* This should probably be a libbb routine. In that case,
83 * I'd probably rename it to something like bb_trimmed_slice.
84 */
85static char *get_trimmed_slice(char *s, char *e)
86{
87 /* First, consider the value at e to be nul and back up until we
88 * reach a non-space char. Set the char after that (possibly at
89 * the original e) to nul. */
90 while (e-- > s) {
91 if (!isspace(*e)) {
92 break;
93 }
94 }
95 e[1] = 0;
96
97 /* Next, advance past all leading space and return a ptr to the
98 * first non-space char; possibly the terminating nul. */
99 return skip_whitespace(s);
100}
101
102
103#define parse_error(x) { err=x; goto pe_label; }
104
105/* Don't depend on the tools to combine strings. */
106static const char config_file[] = CONFIG_FILE;
107
108/* There are 4 chars + 1 nul for each of user/group/other. */
109static const char mode_chars[] = "Ssx-\0Ssx-\0Ttx-";
110
111/* We don't supply a value for the nul, so an index adjustment is
112 * necessary below. Also, we use unsigned short here to save some
113 * space even though these are really mode_t values. */
114static const unsigned short mode_mask[] = {
115 /* SST sst xxx --- */
116 S_ISUID, S_ISUID|S_IXUSR, S_IXUSR, 0, /* user */
117 S_ISGID, S_ISGID|S_IXGRP, S_IXGRP, 0, /* group */
118 0, S_IXOTH, S_IXOTH, 0 /* other */
119};
120
121static void parse_config_file(void)
122{
123 struct BB_suid_config *sct_head;
124 struct BB_suid_config *sct;
125 struct BB_applet *applet;
126 FILE *f;
127 char *err;
128 char *s;
129 char *e;
130 int i, lc, section;
131 char buffer[256];
132 struct stat st;
133
134 assert(!suid_config); /* Should be set to NULL by bss init. */
135
136 if ((stat(config_file, &st) != 0) /* No config file? */
137 || !S_ISREG(st.st_mode) /* Not a regular file? */
138 || (st.st_uid != 0) /* Not owned by root? */
139 || (st.st_mode & (S_IWGRP | S_IWOTH)) /* Writable by non-root? */
140 || !(f = fopen(config_file, "r")) /* Can not open? */
141 ) {
142 return;
143 }
144
145 suid_cfg_readable = 1;
146 sct_head = NULL;
147 section = lc = 0;
148
149 do {
150 s = buffer;
151
152 if (!fgets(s, sizeof(buffer), f)) { /* Are we done? */
153 if (ferror(f)) { /* Make sure it wasn't a read error. */
154 parse_error("reading");
155 }
156 fclose(f);
157 suid_config = sct_head; /* Success, so set the pointer. */
158 return;
159 }
160
161 lc++; /* Got a (partial) line. */
162
163 /* If a line is too long for our buffer, we consider it an error.
164 * The following test does mistreat one corner case though.
165 * If the final line of the file does not end with a newline and
166 * yet exactly fills the buffer, it will be treated as too long
167 * even though there isn't really a problem. But it isn't really
168 * worth adding code to deal with such an unlikely situation, and
169 * we do err on the side of caution. Besides, the line would be
170 * too long if it did end with a newline. */
171 if (!strchr(s, '\n') && !feof(f)) {
172 parse_error("line too long");
173 }
174
175 /* Trim leading and trailing whitespace, ignoring comments, and
176 * check if the resulting string is empty. */
177 if (!*(s = get_trimmed_slice(s, strchrnul(s, '#')))) {
178 continue;
179 }
180
181 /* Check for a section header. */
182
183 if (*s == '[') {
184 /* Unlike the old code, we ignore leading and trailing
185 * whitespace for the section name. We also require that
186 * there are no stray characters after the closing bracket. */
187 if (!(e = strchr(s, ']')) /* Missing right bracket? */
188 || e[1] /* Trailing characters? */
189 || !*(s = get_trimmed_slice(s+1, e)) /* Missing name? */
190 ) {
191 parse_error("section header");
192 }
193 /* Right now we only have one section so just check it.
194 * If more sections are added in the future, please don't
195 * resort to cascading ifs with multiple strcasecmp calls.
196 * That kind of bloated code is all too common. A loop
197 * and a string table would be a better choice unless the
198 * number of sections is very small. */
199 if (strcasecmp(s, "SUID") == 0) {
200 section = 1;
201 continue;
202 }
203 section = -1; /* Unknown section so set to skip. */
204 continue;
205 }
206
207 /* Process sections. */
208
209 if (section == 1) { /* SUID */
210 /* Since we trimmed leading and trailing space above, we're
211 * now looking for strings of the form
212 * <key>[::space::]*=[::space::]*<value>
213 * where both key and value could contain inner whitespace. */
214
215 /* First get the key (an applet name in our case). */
216 if (!!(e = strchr(s, '='))) {
217 s = get_trimmed_slice(s, e);
218 }
219 if (!e || !*s) { /* Missing '=' or empty key. */
220 parse_error("keyword");
221 }
222
223 /* Ok, we have an applet name. Process the rhs if this
224 * applet is currently built in and ignore it otherwise.
225 * Note: This can hide config file bugs which only pop
226 * up when the busybox configuration is changed. */
227 if ((applet = find_applet_by_name(s))) {
228 /* Note: We currently don't check for duplicates!
229 * The last config line for each applet will be the
230 * one used since we insert at the head of the list.
231 * I suppose this could be considered a feature. */
232 sct = xmalloc(sizeof(struct BB_suid_config));
233 sct->m_applet = applet;
234 sct->m_mode = 0;
235 sct->m_next = sct_head;
236 sct_head = sct;
237
238 /* Get the specified mode. */
239
240 e = skip_whitespace(e+1);
241
242 for (i=0 ; i < 3 ; i++) {
243 const char *q;
244 if (!*(q = strchrnul(mode_chars + 5*i, *e++))) {
245 parse_error("mode");
246 }
247 /* Adjust by -i to account for nul. */
248 sct->m_mode |= mode_mask[(q - mode_chars) - i];
249 }
250
251 /* Now get the the user/group info. */
252
253 s = skip_whitespace(e);
254
255 /* Note: We require whitespace between the mode and the
256 * user/group info. */
257 if ((s == e) || !(e = strchr(s, '.'))) {
258 parse_error("<uid>.<gid>");
259 }
260 *e++ = 0;
261
262 /* We can't use get_ug_id here since it would exit()
263 * if a uid or gid was not found. Oh well... */
264 {
265 char *e2;
266
267 sct->m_uid = strtoul(s, &e2, 10);
268 if (*e2 || (s == e2)) {
269 struct passwd *pwd;
270 if (!(pwd = getpwnam(s))) {
271 parse_error("user");
272 }
273 sct->m_uid = pwd->pw_uid;
274 }
275
276 sct->m_gid = strtoul(e, &e2, 10);
277 if (*e2 || (e == e2)) {
278 struct group *grp;
279 if (!(grp = getgrnam(e))) {
280 parse_error("group");
281 }
282 sct->m_gid = grp->gr_gid;
283 }
284 }
285 }
286 continue;
287 }
288
289 /* Unknown sections are ignored. */
290
291 /* Encountering configuration lines prior to seeing a
292 * section header is treated as an error. This is how
293 * the old code worked, but it may not be desirable.
294 * We may want to simply ignore such lines in case they
295 * are used in some future version of busybox. */
296 if (!section) {
297 parse_error("keyword outside section");
298 }
299
300 } while (1);
301
302 pe_label:
303 fprintf(stderr, "Parse error in %s, line %d: %s\n",
304 config_file, lc, err);
305
306 fclose(f);
307 /* Release any allocated memory before returning. */
308 while (sct_head) {
309 sct = sct_head->m_next;
310 free(sct_head);
311 sct_head = sct;
312 }
313 return;
314}
315
316#else
317#define parse_config_file()
318#endif /* CONFIG_FEATURE_SUID_CONFIG */
319
320#ifdef CONFIG_FEATURE_SUID
321static void check_suid (struct BB_applet *applet)
322{
323 uid_t ruid = getuid (); /* real [ug]id */
324 uid_t rgid = getgid ();
325
326#ifdef CONFIG_FEATURE_SUID_CONFIG
327 if (suid_cfg_readable) {
328 struct BB_suid_config *sct;
329
330 for (sct = suid_config; sct; sct = sct->m_next) {
331 if (sct->m_applet == applet)
332 break;
333 }
334 if (sct) {
335 mode_t m = sct->m_mode;
336
337 if (sct->m_uid == ruid) /* same uid */
338 m >>= 6;
339 else if ((sct->m_gid == rgid) || ingroup (ruid, sct->m_gid)) /* same group / in group */
340 m >>= 3;
341
342 if (!(m & S_IXOTH)) /* is x bit not set ? */
343 bb_error_msg_and_die ("You have no permission to run this applet!");
344
345 if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) { /* *both* have to be set for sgid */
346 if (setegid (sct->m_gid))
347 bb_error_msg_and_die
348 ("BusyBox binary has insufficient rights to set proper GID for applet!");
349 } else
350 setgid (rgid); /* no sgid -> drop */
351
352 if (sct->m_mode & S_ISUID) {
353 if (seteuid (sct->m_uid))
354 bb_error_msg_and_die
355 ("BusyBox binary has insufficient rights to set proper UID for applet!");
356 } else
357 setuid (ruid); /* no suid -> drop */
358 } else {
359 /* default: drop all privileges */
360 setgid (rgid);
361 setuid (ruid);
362 }
363 return;
364 } else {
365#ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
366 static int onetime = 0;
367
368 if (!onetime) {
369 onetime = 1;
370 fprintf (stderr, "Using fallback suid method\n");
371 }
372#endif
373 }
374#endif
375
376 if (applet->need_suid == _BB_SUID_ALWAYS) {
377 if (geteuid () != 0)
378 bb_error_msg_and_die ("This applet requires root privileges!");
379 } else if (applet->need_suid == _BB_SUID_NEVER) {
380 setgid (rgid); /* drop all privileges */
381 setuid (ruid);
382 }
383}
384#else
385#define check_suid(x)
386#endif /* CONFIG_FEATURE_SUID */
387
388
389
390#if ENABLE_FEATURE_COMPRESS_USAGE
391
392#include "usage_compressed.h"
393#include "unarchive.h"
394
395static const char *unpack_usage_messages(void)
396{
397 int input[2], output[2], pid;
398 char *buf;
399
400 if(pipe(input) < 0 || pipe(output) < 0)
401 exit(1);
402
403 pid = fork();
404 switch (pid) {
405 case -1: /* error */
406 exit(1);
407 case 0: /* child */
408 close(input[1]);
409 close(output[0]);
410 uncompressStream(input[0], output[1]);
411 exit(0);
412 }
413 /* parent */
414
415 close(input[0]);
416 close(output[1]);
417 pid = fork();
418 switch (pid) {
419 case -1: /* error */
420 exit(1);
421 case 0: /* child */
422 bb_full_write(input[1], packed_usage, sizeof(packed_usage));
423 exit(0);
424 }
425 /* parent */
426 close(input[1]);
427
428 buf = xmalloc(SIZEOF_usage_messages);
429 bb_full_read(output[0], buf, SIZEOF_usage_messages);
430 return buf;
431}
432
433#else
434#define unpack_usage_messages() usage_messages
435#endif /* ENABLE_FEATURE_COMPRESS_USAGE */
436
437void bb_show_usage (void)
438{
439 if (ENABLE_SHOW_USAGE) {
440 const char *format_string;
441 const char *usage_string = unpack_usage_messages();
442 int i;
443
444 for (i = applet_using - applets; i > 0;)
445 if (!*usage_string++) --i;
446
447 format_string = "%s\n\nUsage: %s %s\n\n";
448 if (*usage_string == '\b')
449 format_string = "%s\n\nNo help available.\n\n";
450 fprintf (stderr, format_string, bb_msg_full_version,
451 applet_using->name, usage_string);
452 }
453
454 exit (bb_default_error_retval);
455}
456
457static int applet_name_compare (const void *x, const void *y)
458{
459 const char *name = x;
460 const struct BB_applet *applet = y;
461
462 return strcmp (name, applet->name);
463}
464
465extern const size_t NUM_APPLETS;
466
467struct BB_applet *find_applet_by_name (const char *name)
468{
469 return bsearch (name, applets, NUM_APPLETS, sizeof (struct BB_applet),
470 applet_name_compare);
471}
472
473void run_applet_by_name (const char *name, int argc, char **argv)
474{
475 if(ENABLE_FEATURE_SUID_CONFIG) parse_config_file ();
476
477 if(!strncmp(name, "busybox", 7)) busybox_main(argc, argv);
478 /* Do a binary search to find the applet entry given the name. */
479 applet_using = find_applet_by_name(name);
480 if(applet_using) {
481 bb_applet_name = applet_using->name;
482 if(argc==2 && !strcmp(argv[1], "--help")) bb_show_usage ();
483 if(ENABLE_FEATURE_SUID) check_suid (applet_using);
484 exit ((*(applet_using->main)) (argc, argv));
485 }
486}
Note: See TracBrowser for help on using the repository browser.