embedtools/src/cfexec.c - diff

Return to cfexec.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedtools / src

Diff for /embedtools/src/cfexec.c between versions 1.1 and 1.5.20.7

version 1.1, 2009/11/12 10:35:55	version 1.5.20.7, 2018/01/01 23:52:54
Line 5	Line 5
* $Author$	* $Author$
* $Id$	* $Id$
*	*
*************************************************************************/	*************************************************************************
	The ELWIX and AITNET software is distributed under the following
	terms:

	All of the documentation and software included in the ELWIX and AITNET
	Releases is copyrighted by ELWIX - Sofia/Bulgaria <info@elwix.org>

	Copyright 2004 - 2018
	by Michael Pounov <misho@elwix.org>. All rights reserved.

	Redistribution and use in source and binary forms, with or without
	modification, are permitted provided that the following conditions
	are met:
	1. Redistributions of source code must retain the above copyright
	notice, this list of conditions and the following disclaimer.
	2. Redistributions in binary form must reproduce the above copyright
	notice, this list of conditions and the following disclaimer in the
	documentation and/or other materials provided with the distribution.
	3. All advertising materials mentioning features or use of this software
	must display the following acknowledgement:
	This product includes software developed by Michael Pounov <misho@elwix.org>
	ELWIX - Embedded LightWeight unIX and its contributors.
	4. Neither the name of AITNET nor the names of its contributors
	may be used to endorse or promote products derived from this software
	without specific prior written permission.

	THIS SOFTWARE IS PROVIDED BY AITNET AND CONTRIBUTORS ``AS IS'' AND
	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
	FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	SUCH DAMAGE.
	*/
#include "global.h"	#include "global.h"


sl_config cfg;	cfg_root_t cfg;
int Verbose, Timeout, kq;	int Verbose, Timeout, kq;
char szUser[MAX_STR], szMount[MAXPATHLEN], szDev[MAXPATHLEN],	ait_val_t User, Mount, Chroot;
szChroot[MAXPATHLEN], szSess[MAXPATHLEN], szConfig[MAXPATHLEN];	char szSess[MAXPATHLEN], szSLCK[MAXPATHLEN], szConfig[MAXPATHLEN];
extern char compiled[], compiledby[], compilehost[];	extern char compiled[], compiledby[], compilehost[];

static void Usage()
	static void
	Usage()
{	{

printf( "CFExec is tool for managment R/W operation with CompactFlash\n"	printf( "CFExec is tool for managment R/W operation with CompactFlash\n"
Line 24 static void Usage()	Line 63 static void Usage()
"\t-v\t\tVerbose ...\n"	"\t-v\t\tVerbose ...\n"
"\t-c <dir>\tAfter execute chroot to dir [default=/]\n"	"\t-c <dir>\tAfter execute chroot to dir [default=/]\n"
"\t-u <user>\tAfter execute suid to user [default=root]\n"	"\t-u <user>\tAfter execute suid to user [default=root]\n"
"\t-d <dev>\tOther device [default=/dev/ufs/AITBSDonCF]\n"	"\t-m <mnt>\tOther mount dir [default=/]\n"
"\t-m <mnt>\tOther mount dir [default=/cf]\n"
"\t-t <sec>\tTimeout for autolock mount dir after seconds [default=300]\n"	"\t-t <sec>\tTimeout for autolock mount dir after seconds [default=300]\n"
	"\t-L <reason>\tService lock and set RW state of device with reason\n"
	"\t-U \t\tService unlock and set RO state of device\n"
"\n", compiled, compiledby, compilehost);	"\n", compiled, compiledby, compilehost);
}	}

static int update(int flags)	struct statfs *
	getmntpt(const char *name)
{	{
	struct statfs *mntbuf;
	int i, mntsize;

	mntsize = getmntinfo(&mntbuf, MNT_NOWAIT);
	for (i = mntsize - 1; i >= 0; i--) {
	if (!strcmp(mntbuf[i].f_mntfromname, name) \|\|
	!strcmp(mntbuf[i].f_mntonname, name))
	return &mntbuf[i];
	}

	return NULL;
	}

	static int
	update(int flags)
	{
struct ufs_args mnt;	struct ufs_args mnt;
	struct statfs *mntfs = getmntpt(AIT_GET_STR(&Mount));

memset(&mnt, 0, sizeof mnt);	memset(&mnt, 0, sizeof mnt);
mnt.fspec = szDev;	mnt.fspec = mntfs->f_mntfromname;
if (mount("ufs", szMount, flags, &mnt) == -1) {	#ifdef __NetBSD__
printf("Error:: can`t update mount %s #%d - %s\n", szMount, errno, strerror(errno));	if (mount(mntfs->f_fstypename, mntfs->f_mntonname, flags, &mnt, sizeof mnt) == -1) {
	#else
	if (mount(mntfs->f_fstypename, mntfs->f_mntonname, flags, &mnt) == -1) {
	#endif
	printf("Error:: can`t update mount %s #%d - %s\n", AIT_GET_STR(&Mount),
	errno, strerror(errno));
return -1;	return -1;
}	}

VERB(5) printf("Info(5):: safe mount for device %s to %s operation (%s)\n",	VERB(5) printf("Info(5):: safe mount %s for device %s to %s operation (%s)\n",
szDev, szMount, (flags & MNT_RDONLY) ? "ro" : "rw");	mntfs->f_fstypename, mntfs->f_mntfromname, mntfs->f_mntonname,
	(flags & MNT_RDONLY) ? "ro" : "rw");
return 0;	return 0;
}	}

static void setuser()	static void
	setuser()
{	{
struct passwd *pw;	struct passwd *pw;

pw = getpwnam(szUser);	pw = getpwnam(AIT_GET_LIKE(&User, char*));
if (pw) {	if (pw) {
setuid(pw->pw_uid);	setuid(pw->pw_uid);
setgid(pw->pw_gid);	setgid(pw->pw_gid);
endpwent();	endpwent();

VERB(5) printf("Info(5):: Suid to user %s.\n", szUser);	VERB(5) printf("Info(5):: Suid to user %s.\n", AIT_GET_STR(&User));
} else	} else
VERB(5) printf("Info(5):: Can`t suid to user %s !\n", szUser);	VERB(5) printf("Info(5):: Can`t suid to user %s !\n", AIT_GET_STR(&User));
}	}

static int mkevent(struct kevent chg, struct kevent evt)	static int
	mkevent(struct kevent chg, struct kevent evt)
{	{
int f;	int f;
char szStr[MAX_STR];	char szStr[STRSIZ];

f = open(szSess, O_CREAT \| O_WRONLY \| O_TRUNC, 0644);	f = open(szSess, O_CREAT \| O_WRONLY \| O_TRUNC, 0644);
if (f == -1) {	if (f == -1) {
printf("Error:: can`t lock session #%d - %s\n", errno, strerror(errno));	printf("Error:: can`t lock session #%d - %s\n", errno, strerror(errno));
return -1;	return -1;
} else {	} else {
memset(szStr, 0, MAX_STR);	memset(szStr, 0, sizeof szStr);
snprintf(szStr, MAX_STR, "%d", getpid());	snprintf(szStr, sizeof szStr, "%d", getpid());
write(f, szStr, strlen(szStr));	write(f, szStr, strlen(szStr));
}	}
VERB(3) printf("Created lock file %s\n", szSess);	VERB(3) printf("Created lock file %s\n", szSess);

kq = kqueue();	if (chg && evt) {
if (kq == -1) {	kq = kqueue();
printf("Error:: can`t execute safe mount #%d - %s\n", errno, strerror(errno));	if (kq == -1) {
close(f);	printf("Error:: can`t execute safe mount #%d - %s\n", errno, strerror(errno));
unlink(szSess);	close(f);
return -1;	unlink(szSess);
} else {	return -1;
memset(chg, 0, sizeof(struct kevent));	} else {
memset(evt, 0, sizeof(struct kevent));	memset(chg, 0, sizeof(struct kevent));
	memset(evt, 0, sizeof(struct kevent));

EV_SET(chg, f, EVFILT_VNODE, EV_ADD, NOTE_DELETE \| NOTE_RENAME \| NOTE_REVOKE, 0, NULL);	EV_SET(chg, f, EVFILT_VNODE, EV_ADD, NOTE_DELETE \| NOTE_RENAME \| NOTE_REVOKE,
	0, NULL);
	}
}	}

return f;	return f;
}	}

// ---------------------------------	static void
	cleanexit()
	{
	AIT_FREE_VAL(&User);
	AIT_FREE_VAL(&Mount);
	AIT_FREE_VAL(&Chroot);

int main(int argc, char **argv)	cfgUnloadConfig(&cfg);
	}

	static int
	s_unlck()
{	{
char ch;	if (access(szSLCK, F_OK))
const char *err;	return 2;

	if (access(szSess, F_OK) && update(MNT_UPDATE \| MNT_RDONLY) == -1)
	return 8;

	unlink(szSLCK);
	VERB(3) printf("Unlock & deleted service lock file %s\n", szSLCK);
	return 0;
	}

	static int
	s_lck(const char *reason)
	{
	int f;
	char szStr[STRSIZ];

	if (!access(szSLCK, F_OK)) {
	printf("cfexec already held service lock ...\n");
	return 127;
	}

	f = open(szSLCK, O_CREAT \| O_WRONLY \| O_TRUNC, 0644);
	if (f == -1) {
	printf("Error:: can`t service lock session #%d - %s\n", errno, strerror(errno));
	return 4;
	} else {
	memset(szStr, 0, sizeof szStr);
	snprintf(szStr, sizeof szStr, "[%d] - %s", getpid(), reason);
	write(f, szStr, strlen(szStr));
	}
	close(f);

	if (update(MNT_UPDATE) == -1) {
	unlink(szSLCK);
	return 5;
	}

	VERB(3) printf("Lock & created service lock file %s\n", szSLCK);
	return 0;
	}


	int
	main(int argc, char **argv)
	{
	char ch, mod = 0, reason[STRSIZ];
	const char *err = NULL;
struct kevent chg, evt;	struct kevent chg, evt;
struct timespec ts;	struct timespec ts;
pid_t pid;	pid_t pid;
int f, stat = 0;	int f, ret = 0, stat = 0;
// sigset_t sig, oldsig;

strlcpy(szConfig, DEFAULT_CONFIG, MAXPATHLEN);	strlcpy(szConfig, DEFAULT_CONFIG, MAXPATHLEN);
// Load variables from config if exists	/* Load variables from config if exists */
if (!LoadConfig(szConfig, &cfg)) {	if (!cfgLoadConfig(szConfig, &cfg)) {
cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("timeout"), CFG(szUser), MAX_STR, DEFAULT_TIMEOUT);	cfg_loadAttribute(&cfg, "cfexec", "timeout", &User, DEFAULT_TIMEOUT);
Timeout = strtonum(szUser, 1, 3600, &err);	#ifndef HAVE_STRTONUM
if (!Timeout) {	Timeout = (int) strtol(szUser, NULL, 0);
	#else
	Timeout = strtonum(AIT_GET_STR(&User), 0, 3600, &err);
	#endif
	AIT_FREE_VAL(&User);
	if (!Timeout && err) {
printf("Error:: in seconds for timeout %s - %s\n", optarg, err);	printf("Error:: in seconds for timeout %s - %s\n", optarg, err);
UnloadConfig(&cfg);	cfgUnloadConfig(&cfg);
return 1;	return 1;
}	}
cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("suid"), CFG(szUser), MAX_STR, DEFAULT_USER);	cfg_loadAttribute(&cfg, "cfexec", "suid", &User, DEFAULT_USER);
cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("mount"), CFG(szMount), MAXPATHLEN, DEFAULT_MOUNT);	cfg_loadAttribute(&cfg, "cfexec", "mount", &Mount, DEFAULT_MOUNT);
cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("device"), CFG(szDev), MAXPATHLEN, DEFAULT_DEVICE);	cfg_loadAttribute(&cfg, "cfexec", "chroot", &Chroot, DEFAULT_CHROOT);
cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("chroot"), CFG(szChroot), MAXPATHLEN, DEFAULT_CHROOT);

UnloadConfig(&cfg);	cfgUnloadConfig(&cfg);
} else {	} else {
Timeout = atoi(DEFAULT_TIMEOUT);	Timeout = atoi(DEFAULT_TIMEOUT);
strlcpy(szUser, DEFAULT_USER, MAX_STR);	AIT_SET_STR(&User, DEFAULT_USER);
strlcpy(szMount, DEFAULT_MOUNT, MAXPATHLEN);	AIT_SET_STR(&Mount, DEFAULT_MOUNT);
strlcpy(szDev, DEFAULT_DEVICE, MAXPATHLEN);	AIT_SET_STR(&Chroot, DEFAULT_CHROOT);
strlcpy(szChroot, DEFAULT_CHROOT, MAXPATHLEN);
}	}

// Load variables from arguments if exists	atexit(cleanexit);
while ((ch = getopt(argc, argv, "hvu:c:d:m:t:")) != -1)
	/* Load variables from arguments if exists */
	while ((ch = getopt(argc, argv, "hvUu:c:m:t:L:")) != -1)
switch (ch) {	switch (ch) {
case 'v':	case 'v':
Verbose++;	Verbose++;
break;	break;
case 'u':	case 'u':
strlcpy(szUser, optarg, MAX_STR);	AIT_SET_STR(&User, optarg);
break;	break;
case 'c':	case 'c':
strlcpy(szChroot, optarg, MAXPATHLEN);	AIT_SET_STR(&Chroot, optarg);
break;	break;
case 'd':
strlcpy(szDev, optarg, MAXPATHLEN);
break;
case 'm':	case 'm':
strlcpy(szMount, optarg, MAXPATHLEN);	AIT_SET_STR(&Mount, optarg);
break;	break;
	case 'L':
	strlcpy(reason, optarg, sizeof reason);
	mod = 1;
	break;
	case 'U':
	mod = -1;
	break;
case 't':	case 't':
Timeout = strtonum(optarg, 1, 3600, &err);	#ifndef HAVE_STRTONUM
if (!Timeout) {	Timeout = (int) strtol(optarg, NULL, 0);
	#else
	Timeout = strtonum(optarg, 0, 3600, &err);
	#endif
	if (!Timeout && err) {
printf("Error:: in seconds for timeout %s - %s\n",	printf("Error:: in seconds for timeout %s - %s\n",
optarg, err);	optarg, err);
return 1;	return 1;
Line 164 int main(int argc, char **argv)	Line 300 int main(int argc, char **argv)
argv += optind;	argv += optind;

memset(szSess, 0, MAXPATHLEN);	memset(szSess, 0, MAXPATHLEN);
snprintf(szSess, MAXPATHLEN, "%s%s-cfexec.LCK", DEFAULT_TMP, szMount);	snprintf(szSess, MAXPATHLEN, "%s%s-cfexec.LCK", DEFAULT_TMP, AIT_GET_STR(&Mount));
	memset(szSLCK, 0, MAXPATHLEN);
	snprintf(szSLCK, MAXPATHLEN, CFEXEC_SLOCK, DEFAULT_TMP);

VERB(3) printf("Info(3):: Chroot=%s SUID=%s Device=%s Mount=%s Timeout=%d Session=%s\n",	/* we have request for service lock! */
szChroot, szUser, szDev, szMount, Timeout, szSess);	if (mod) {
	VERB(3) printf("Info(3):: mode=%hhd\n", mod);
	if (mod == -1)
	ret = s_unlck();
	else
	ret = s_lck(reason);
	return ret;
	}

	VERB(3) printf("Info(3):: Chroot=%s SUID=%s Mount=%s Timeout=%d Session=%s\n",
	AIT_GET_STR(&Chroot), AIT_GET_STR(&User),
	AIT_GET_STR(&Mount), Timeout, szSess);

if (!access(szSess, F_OK)) {	if (!access(szSess, F_OK)) {
printf("cfexec already running ...\n");	printf("cfexec already running ...\n");
return 127;	return 127;
Line 184 int main(int argc, char **argv)	Line 333 int main(int argc, char **argv)
VERB(5) printf("Info(5):: Go safe mount.\n");	VERB(5) printf("Info(5):: Go safe mount.\n");
setsid();	setsid();

if (update(MNT_UPDATE) == -1)	if ((f = mkevent(&chg, &evt)) == -1)
return 4;	return 4;

if ((f = mkevent(&chg, &evt)) == -1)	if (update(MNT_UPDATE) == -1) {
return 5;	stat = 5;
	goto skip;
	}

memset(&ts, 0, sizeof ts);	if (Timeout) {
ts.tv_sec = Timeout;	memset(&ts, 0, sizeof ts);
switch (kevent(kq, &chg, 1, &evt, 1, &ts)) {	ts.tv_sec = Timeout;
	}
	switch (kevent(kq, &chg, 1, &evt, 1, !Timeout ? NULL : &ts)) {
case -1:	case -1:
printf("Error:: can`t execute safe mount #%d - %s\n",	printf("Error:: can`t execute safe mount #%d - %s\n",
errno, strerror(errno));	errno, strerror(errno));
stat = 7;	stat = 7;
break;	break;
case 0:	case 0:
	if (!access(szSLCK, F_OK)) {
	VERB(1) printf("Timeout reached - service locked\n");
	break;
	}
VERB(1) printf("Timeout reached - secure mount\n");	VERB(1) printf("Timeout reached - secure mount\n");
default:	default:
VERB(1) printf("Lock file is deleted - secure mount\n");	VERB(1) printf("Lock file is deleted - secure mount\n");
if (update(MNT_UPDATE \| MNT_RDONLY) == -1)	if (access(szSLCK, F_OK) && update(MNT_UPDATE \| MNT_RDONLY) == -1)
stat = 8;	stat = 8;
}	}
	skip:
close(kq);	close(kq);
close(f);	close(f);
unlink(szSess);	unlink(szSess);
Line 219 int main(int argc, char **argv)	Line 376 int main(int argc, char **argv)
sigprocmask(SIG_BLOCK, &sig, &oldsig);	sigprocmask(SIG_BLOCK, &sig, &oldsig);
*/	*/

if (update(MNT_UPDATE) == -1)	if ((f = mkevent(NULL, NULL)) == -1)
return 4;	return 4;
	else
	close(f);

	if (update(MNT_UPDATE) == -1) {
	unlink(szSess);
	return 5;
	}

switch ((pid = vfork())) {	switch ((pid = vfork())) {
case -1:	case -1:
printf("Error:: can`t execute safe mount #%d - %s\n",	printf("Error:: can`t execute safe mount #%d - %s\n",
errno, strerror(errno));	errno, strerror(errno));
return 5;	stat = 3;
	break;
case 0:	case 0:
VERB(5) printf("Go to running process %s\n", *argv);	VERB(5) printf("Go to running process %s\n", *argv);
if (chroot(szChroot) == -1) {	if (chroot(AIT_GET_STR(&Chroot)) == -1) {
printf("Error:: can`t chroot to dir %s #%d - %s\n",	printf("Error:: can`t chroot to dir %s #%d - %s\n",
szChroot, errno, strerror(errno));	AIT_GET_STR(&Chroot), errno, strerror(errno));
} else {	} else {
if (strncmp(szUser, "root", 5))	if (strncmp(AIT_GET_STR(&User), "root", 5))
setuser();	setuser();

chdir("/");	/* chdir("/"); */
execvp(*argv, argv);	execvp(*argv, argv);
}	}
_exit(127);	_exit(127);
break;	break;
default:	default:
waitpid(pid, &stat, 0);	waitpid(pid, &stat, 0);
	stat = WEXITSTATUS(stat);
VERB(3) printf("Return code: %d\n", stat);	VERB(3) printf("Return code: %d\n", stat);
if (stat == 32512)
stat = 127;

if (update(MNT_UPDATE \| MNT_RDONLY) == -1)	if (access(szSLCK, F_OK) && update(MNT_UPDATE \| MNT_RDONLY) == -1)
return 8;	stat = 8;
	break;
}	}

// sigprocmask(SIG_SETMASK, &oldsig, NULL);	unlink(szSess);
}	}

return stat;	return stat;

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1
changed lines
	Added in v.1.5.20.7