From owner-freebsd-current Mon Mar 24 8: 5:40 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D256E37B401 for ; Mon, 24 Mar 2003 08:05:27 -0800 (PST) Received: from relay.macomnet.ru (relay.macomnet.ru [195.128.64.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7EEB943FB1 for ; Mon, 24 Mar 2003 08:05:26 -0800 (PST) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14]) by relay.macomnet.ru (8.11.6/8.11.6) with ESMTP id h2OG5O51924339 for ; Mon, 24 Mar 2003 19:05:24 +0300 (MSK) Date: Mon, 24 Mar 2003 19:05:24 +0300 (MSK) From: Maxim Konovalov To: current@freebsd.org Subject: jail(8) setuid-before-exec patch Message-ID: <20030324182942.O51952@news1.macomnet.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-6.0 required=5.0 tests=PATCH_UNIFIED_DIFF autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, Here is a patch which gives to jail(8) an ability to specify a user context before execv(3). Comments/suggestions? P.S. I am aware of bin/44320. Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.sbin/jail/Makefile,v retrieving revision 1.8 diff -u -r1.8 Makefile --- Makefile 20 Jul 2001 06:19:52 -0000 1.8 +++ Makefile 21 Mar 2003 14:16:25 -0000 @@ -2,6 +2,7 @@ PROG= jail MAN= jail.8 +LDADD= -lutil WARNS?= 2 Index: jail.8 =================================================================== RCS file: /home/ncvs/src/usr.sbin/jail/jail.8,v retrieving revision 1.41 diff -u -r1.41 jail.8 --- jail.8 18 Mar 2003 14:01:02 -0000 1.41 +++ jail.8 24 Mar 2003 15:06:08 -0000 @@ -41,11 +41,28 @@ .Nd "imprison process and its descendants" .Sh SYNOPSIS .Nm +.Op Fl u Ar username .Ar path hostname ip-number command ... .Sh DESCRIPTION The .Nm utility imprisons a process and all future descendants. +.Pp +The options are as follows: +.Bl -tag -width ".Fl u Ar username" +.It Fl u Ar username +The user name as whom the +.Ar command +should run. +.It Ar path +Directory which is to be the root of the prison. +.It Ar hostname +Hostname of the prison. +.It Ar ip-number +IP number assigned to the prison. +.It Ar command +Pathname of the program which is to be executed. +.El .Pp Please see the .Xr jail 2 Index: jail.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/jail/jail.c,v retrieving revision 1.8 diff -u -r1.8 jail.c --- jail.c 22 Apr 2002 13:44:43 -0000 1.8 +++ jail.c 21 Mar 2003 16:15:15 -0000 @@ -10,44 +10,97 @@ * */ -#include +#include #include #include #include #include +#include +#include +#include #include #include #include #include +static void usage(void); + int main(int argc, char **argv) { + login_cap_t *lcap; struct jail j; - int i; + struct passwd *pwd; struct in_addr in; + int ch, groups[NGROUPS], i, ngroups; + char *username; + + username = NULL; + + while ((ch = getopt(argc, argv, "u:")) != -1) + switch (ch) { + case 'u': + username = optarg; + break; + default: + usage(); + break; + } + argc -= optind; + argv += optind; + if (argc < 4) + usage(); - if (argc < 5) - errx(1, "usage: %s path hostname ip-number command ...\n", - argv[0]); - i = chdir(argv[1]); + if (username != NULL) { + pwd = getpwnam(username); + if (pwd == NULL) + err(1, "getpwnam %s", username); + lcap = login_getpwclass(pwd); + if (lcap == NULL) + err(1, "getpwclass failed", username); + ngroups = NGROUPS; + i = getgrouplist(username, pwd->pw_gid, groups, &ngroups); + if (i) + err(1, "getgrouplist %s", username); + } + i = chdir(argv[0]); if (i) - err(1, "chdir %s", argv[1]); + err(1, "chdir %s", argv[0]); memset(&j, 0, sizeof(j)); j.version = 0; - j.path = argv[1]; - j.hostname = argv[2]; - i = inet_aton(argv[3], &in); + j.path = argv[0]; + j.hostname = argv[1]; + i = inet_aton(argv[2], &in); if (!i) errx(1, "Couldn't make sense of ip-number\n"); j.ip_number = ntohl(in.s_addr); i = jail(&j); if (i) err(1, "Imprisonment failed"); - i = execv(argv[4], argv + 4); + if (username != NULL) { + i = setgroups(ngroups, groups); + if (i) + err(1, "setgroups failed"); + i = setgid(pwd->pw_gid); + if (i) + err(1, "setgid failed"); + i = setusercontext(lcap, pwd, pwd->pw_uid, + LOGIN_SETALL & ~LOGIN_SETGROUP); + if (i) + err(1, "setusercontext failed"); + } + i = execv(argv[3], argv + 3); if (i) - err(1, "execv(%s)", argv[4]); + err(1, "execv(%s)", argv[3]); exit (0); +} + +static void +usage(void) +{ + + errx(1, + "Usage: jail [-u username] path hostname ip-number command ..."); } %%% -- Maxim Konovalov, maxim@macomnet.ru, maxim@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message