diff options
author | Ondrej Zajicek <santiago@crfreenet.org> | 2011-05-10 02:42:17 +0200 |
---|---|---|
committer | Ondrej Zajicek <santiago@crfreenet.org> | 2011-05-10 02:42:17 +0200 |
commit | 1bc2695744c729804af32d48ce68854cba4de8f7 (patch) | |
tree | e4c165bc0bba244437c462247fd7ffcd842c0918 /sysdep/linux/syspriv.h | |
parent | 46bb7e0d176a4dc0a47bb406988f92fb29cceaf4 (diff) |
Allows run with restricted privileges.
Adds option -u and -g to specify user and group.
When different user (than root) is specified,
linux capabilities CAP_NET_* are kept.
Diffstat (limited to 'sysdep/linux/syspriv.h')
-rw-r--r-- | sysdep/linux/syspriv.h | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/sysdep/linux/syspriv.h b/sysdep/linux/syspriv.h new file mode 100644 index 00000000..bfe19ac3 --- /dev/null +++ b/sysdep/linux/syspriv.h @@ -0,0 +1,62 @@ + +#include <sys/prctl.h> +#include <linux/capability.h> + +#ifndef _LINUX_CAPABILITY_VERSION_3 +#define _LINUX_CAPABILITY_VERSION_3 0x20080522 +#define _LINUX_CAPABILITY_U32S_3 2 +#endif + +/* capset() prototype is missing ... */ +int capset(cap_user_header_t hdrp, const cap_user_data_t datap); + +static inline int +set_capabilities(u32 caps) +{ + struct __user_cap_header_struct cap_hdr; + struct __user_cap_data_struct cap_dat[_LINUX_CAPABILITY_U32S_3]; + int err; + + cap_hdr.version = _LINUX_CAPABILITY_VERSION_3; + cap_hdr.pid = 0; + + memset(cap_dat, 0, sizeof(cap_dat)); + cap_dat[0].effective = cap_dat[0].permitted = caps; + + err = capset(&cap_hdr, cap_dat); + if (!err) + return 0; + + /* Kernel may support do not support our version of capability interface. + The last call returned supported version so we just retry it. */ + if (errno == EINVAL) + { + err = capset(&cap_hdr, cap_dat); + if (!err) + return 0; + } + + return -1; +} + +static void +drop_uid(uid_t uid) +{ + u32 caps = + CAP_TO_MASK(CAP_NET_BIND_SERVICE) | + CAP_TO_MASK(CAP_NET_BROADCAST) | + CAP_TO_MASK(CAP_NET_ADMIN) | + CAP_TO_MASK(CAP_NET_RAW); + + if (seteuid(uid) < 0) + die("seteuid: %m"); + + if (set_capabilities(caps) < 0) + die("capset: %m"); + + if (prctl(PR_SET_KEEPCAPS, 1) < 0) + die("prctl: %m"); + + if (setresuid(uid, uid, uid) < 0) + die("setresuid: %m"); +} |