Changeset View
Changeset View
Standalone View
Standalone View
lib/libugidfw/ugidfw.c
Context not available. | |||||
*/ | */ | ||||
#include <sys/param.h> | #include <sys/param.h> | ||||
#include <sys/errno.h> | #include <sys/errno.h> | ||||
#include <sys/jail.h> | |||||
#include <sys/time.h> | #include <sys/time.h> | ||||
#include <sys/sysctl.h> | #include <sys/sysctl.h> | ||||
#include <sys/ucred.h> | #include <sys/ucred.h> | ||||
#include <sys/uio.h> | |||||
#include <sys/mount.h> | #include <sys/mount.h> | ||||
#include <security/mac_bsdextended/mac_bsdextended.h> | #include <security/mac_bsdextended/mac_bsdextended.h> | ||||
Context not available. | |||||
} | } | ||||
static int | static int | ||||
bsde_get_jailid(const char *name, size_t buflen, char *errstr) | |||||
{ | |||||
char *ep; | |||||
int jid; | |||||
struct iovec jiov[4]; | |||||
/* Copy jail_getid(3) instead of messing with library dependancies */ | |||||
jid = strtoul(name, &ep, 10); | |||||
if (*name && !*ep) | |||||
return jid; | |||||
jiov[0].iov_base = __DECONST(char *, "name"); | |||||
eadler: I'm not a fan of this, though I understand its a copy | |||||
jamieAuthorUnsubmitted Not Done Inline ActionsYes, it's kind of ugly (same ugliness in libjail). But it's a limitation of struct iovec, which is geared toward bi-directional traffic even though the parameter names are always read-only. I didn't want to make a new data type, or to copy every name that gets passed to jail_get(2) or jail_set(2). jamie: Yes, it's kind of ugly (same ugliness in libjail). But it's a limitation of struct iovec… | |||||
jiov[0].iov_len = sizeof("name"); | |||||
jiov[1].iov_len = strlen(name) + 1; | |||||
jiov[1].iov_base = alloca(jiov[1].iov_len); | |||||
strcpy(jiov[1].iov_base, name); | |||||
if (errstr && buflen) { | |||||
jiov[2].iov_base = __DECONST(char *, "errmsg"); | |||||
jiov[2].iov_len = sizeof("errmsg"); | |||||
jiov[3].iov_base = errstr; | |||||
jiov[3].iov_len = buflen; | |||||
errstr[0] = 0; | |||||
jid = jail_get(jiov, 4, 0); | |||||
if (jid < 0 && !errstr[0]) | |||||
snprintf(errstr, buflen, "jail_get: %s", | |||||
strerror(errno)); | |||||
} else | |||||
jid = jail_get(jiov, 2, 0); | |||||
return jid; | |||||
} | |||||
static int | |||||
bsde_parse_subject(int argc, char *argv[], | bsde_parse_subject(int argc, char *argv[], | ||||
struct mac_bsdextended_subject *subject, size_t buflen, char *errstr) | struct mac_bsdextended_subject *subject, size_t buflen, char *errstr) | ||||
{ | { | ||||
int not_seen, flags; | int not_seen, flags; | ||||
int current, neg, nextnot; | int current, neg, nextnot; | ||||
char *endp; | |||||
uid_t uid_min, uid_max; | uid_t uid_min, uid_max; | ||||
gid_t gid_min, gid_max; | gid_t gid_min, gid_max; | ||||
int jid = 0; | int jid = 0; | ||||
long value; | |||||
current = 0; | current = 0; | ||||
flags = 0; | flags = 0; | ||||
Context not available. | |||||
snprintf(errstr, buflen, "one jail only"); | snprintf(errstr, buflen, "one jail only"); | ||||
return (-1); | return (-1); | ||||
} | } | ||||
value = strtol(argv[current+1], &endp, 10); | jid = bsde_get_jailid(argv[current+1], buflen, errstr); | ||||
if (*endp != '\0') { | if (jid < 0) | ||||
snprintf(errstr, buflen, "invalid jid: '%s'", | |||||
argv[current+1]); | |||||
return (-1); | return (-1); | ||||
} | |||||
jid = value; | |||||
flags |= MBS_PRISON_DEFINED; | flags |= MBS_PRISON_DEFINED; | ||||
if (nextnot) { | if (nextnot) { | ||||
neg ^= MBS_PRISON_DEFINED; | neg ^= MBS_PRISON_DEFINED; | ||||
Context not available. |
I'm not a fan of this, though I understand its a copy