Page MenuHomeFreeBSD
Differential D51703

chroot.2: Update errors and unprivileged use
ClosedPublic
Actions

Authored by emaste on Sat, Aug 2, 5:19 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Aug 8, 7:18 AM
Unknown Object (File)
Tue, Aug 5, 1:12 PM
Unknown Object (File)
Tue, Aug 5, 11:54 AM
Unknown Object (File)
Tue, Aug 5, 8:07 AM
Unknown Object (File)
Tue, Aug 5, 6:44 AM
Unknown Object (File)
Tue, Aug 5, 4:08 AM
Unknown Object (File)
Tue, Aug 5, 2:32 AM
Unknown Object (File)
Tue, Aug 5, 2:28 AM
View All 10 Files
Subscribers
allanjude
imp
ziaee

Details

Reviewers
kevans
kib
Commits
rG95f8c3e1ed0c: chroot.2: Update errors and unprivileged use
Summary
Include errors common to chroot and fchroot in a single list, followed
by errors unique to each.

Unprivileged chroot is permitted if the security.bsd.unprivileged_chroot
sysctl is set to 1.  Make note of this and update the EPERM description.

Reported by:    kevans

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

emaste created this revision.Sat, Aug 2, 5:19 PM
Herald added a subscriber: ziaee. · View Herald TranscriptSat, Aug 2, 5:19 PM
emaste requested review of this revision.Sat, Aug 2, 5:19 PM
emaste mentioned this in D51702: kernel: Allow unprivileged chroot by default.
kevans added inline comments.Sat, Aug 2, 5:35 PM
lib/libsys/chroot.2
66

I'd recommend noting the procctl(2) requirement as well- maybe this?

allanjude added a subscriber: allanjude.Sat, Aug 2, 5:42 PM
allanjude added inline comments.
lib/libsys/chroot.2
66

Is it meant to say you can't chroot if the process has enabled NO_NEW_PRIVS? or something else?

emaste updated this revision to Diff 159644.Sat, Aug 2, 5:42 PM
emaste retitled this revision from chroot.2: Note that unprivileged use is possible to chroot.2: Update errors and unprivileged use.
emaste edited the summary of this revision. (Show Details)
kevans added inline comments.Sat, Aug 2, 5:45 PM
lib/libsys/chroot.2
66

NO_NEW_PRIVS is the mechanism that blocks suid/sgid, so it must be toggled on before you can chroot(2) as non-root

emaste updated this revision to Diff 159647.Sat, Aug 2, 5:51 PM
emaste added a reviewer: kib.

update with @kevans feedback

kevans accepted this revision.Sat, Aug 2, 5:57 PM

Thanks!

This revision is now accepted and ready to land.Sat, Aug 2, 5:57 PM
kib added inline comments.Sat, Aug 2, 6:00 PM
lib/libsys/chroot.2
118–119

Which component?

emaste added inline comments.Sat, Aug 2, 6:06 PM
lib/libsys/chroot.2
118–119

This is pretty standard wording for ENOTDIR among other system calls, any component of the path name for chroot(2).

Did combining them into one list make it confusing? I can use ENOTDIR A component of the path name is not a directory. for chroot and ENOTDIR The file descriptor does not reference a directory. for fchroot.

kib added inline comments.Sat, Aug 2, 6:09 PM
lib/libsys/chroot.2
118–119

But there is no 'component of path' for fchdir, because there is no path.
The proposed reformulation is correct.

emaste added inline comments.Sat, Aug 2, 6:12 PM
lib/libsys/chroot.2
118–119

The same argument applies to EACCESS then, will undo combining that as well.

emaste updated this revision to Diff 159654.Sat, Aug 2, 6:18 PM

Unjoin EACCESS and ENOTDIR per @kib

This revision now requires review to proceed.Sat, Aug 2, 6:18 PM
emaste updated this revision to Diff 159655.Sat, Aug 2, 6:22 PM

Avoid shuffling existing errnos

kib accepted this revision.Sat, Aug 2, 6:35 PM
This revision is now accepted and ready to land.Sat, Aug 2, 6:35 PM
kevans accepted this revision.Sat, Aug 2, 6:42 PM
Closed by commit rG95f8c3e1ed0c: chroot.2: Update errors and unprivileged use (authored by emaste). · Explain WhySat, Aug 2, 6:44 PM
This revision was automatically updated to reflect the committed changes.
emaste added a commit: rG95f8c3e1ed0c: chroot.2: Update errors and unprivileged use.
Herald added a subscriber: imp. · View Herald TranscriptSat, Aug 2, 6:44 PM
ziaee added a comment.Sat, Aug 2, 9:54 PM

style.mdoc(5) asks sysctls are Va so you can apropos them. I wonder if we can combine Ql and Va.

Revision Contents
Changeset List

PathSize
lib/
libsys/
63 lines

Diff 159654

View Options

lib/libsys/chroot.2

Loading...