applets.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491
  1. /* vi: set sw=4 ts=4: */
  2. /*
  3. * Utility routines.
  4. *
  5. * Copyright (C) tons of folks. Tracking down who wrote what
  6. * isn't something I'm going to worry about... If you wrote something
  7. * here, please feel free to acknowledge your work.
  8. *
  9. * Based in part on code from sash, Copyright (c) 1999 by David I. Bell
  10. * Permission has been granted to redistribute this code under the GPL.
  11. *
  12. * Licensed under GPLv2 or later, see file License in this tarball for details.
  13. */
  14. #include "busybox.h"
  15. #include <assert.h>
  16. /* Apparently uclibc defines __GLIBC__ (compat trick?). Oh well. */
  17. #if ENABLE_STATIC && defined(__GLIBC__) && !defined(__UCLIBC__)
  18. #warning Static linking against glibc produces buggy executables
  19. #warning (glibc does not cope well with ld --gc-sections).
  20. #warning See sources.redhat.com/bugzilla/show_bug.cgi?id=3400
  21. #warning Note that glibc is unsuitable for static linking anyway.
  22. #warning If you still want to do it, remove -Wl,--gc-sections
  23. #warning from top-level Makefile and remove this warning.
  24. #endif
  25. #if ENABLE_SHOW_USAGE && !ENABLE_FEATURE_COMPRESS_USAGE
  26. static const char usage_messages[] =
  27. #define MAKE_USAGE
  28. #include "usage.h"
  29. #include "applets.h"
  30. ;
  31. #undef MAKE_USAGE
  32. #else
  33. #define usage_messages 0
  34. #endif /* ENABLE_SHOW_USAGE */
  35. #undef APPLET
  36. #undef APPLET_NOUSAGE
  37. #undef PROTOTYPES
  38. #include "applets.h"
  39. static struct BB_applet *applet_using;
  40. /* The -1 arises because of the {0,NULL,0,-1} entry above. */
  41. const unsigned short NUM_APPLETS = (sizeof (applets) / sizeof (struct BB_applet) - 1);
  42. #ifdef CONFIG_FEATURE_SUID_CONFIG
  43. #include <ctype.h>
  44. #define CONFIG_FILE "/etc/busybox.conf"
  45. /* applets [] is const, so we have to define this "override" structure */
  46. static struct BB_suid_config
  47. {
  48. struct BB_applet *m_applet;
  49. uid_t m_uid;
  50. gid_t m_gid;
  51. mode_t m_mode;
  52. struct BB_suid_config *m_next;
  53. } *suid_config;
  54. static int suid_cfg_readable;
  55. /* check if u is member of group g */
  56. static int ingroup(uid_t u, gid_t g)
  57. {
  58. struct group *grp = getgrgid(g);
  59. if (grp) {
  60. char **mem;
  61. for (mem = grp->gr_mem; *mem; mem++) {
  62. struct passwd *pwd = getpwnam(*mem);
  63. if (pwd && (pwd->pw_uid == u))
  64. return 1;
  65. }
  66. }
  67. return 0;
  68. }
  69. /* This should probably be a libbb routine. In that case,
  70. * I'd probably rename it to something like bb_trimmed_slice.
  71. */
  72. static char *get_trimmed_slice(char *s, char *e)
  73. {
  74. /* First, consider the value at e to be nul and back up until we
  75. * reach a non-space char. Set the char after that (possibly at
  76. * the original e) to nul. */
  77. while (e-- > s) {
  78. if (!isspace(*e)) {
  79. break;
  80. }
  81. }
  82. e[1] = 0;
  83. /* Next, advance past all leading space and return a ptr to the
  84. * first non-space char; possibly the terminating nul. */
  85. return skip_whitespace(s);
  86. }
  87. #define parse_error(x) { err=x; goto pe_label; }
  88. /* Don't depend on the tools to combine strings. */
  89. static const char config_file[] = CONFIG_FILE;
  90. /* There are 4 chars + 1 nul for each of user/group/other. */
  91. static const char mode_chars[] = "Ssx-\0Ssx-\0Ttx-";
  92. /* We don't supply a value for the nul, so an index adjustment is
  93. * necessary below. Also, we use unsigned short here to save some
  94. * space even though these are really mode_t values. */
  95. static const unsigned short mode_mask[] = {
  96. /* SST sst xxx --- */
  97. S_ISUID, S_ISUID|S_IXUSR, S_IXUSR, 0, /* user */
  98. S_ISGID, S_ISGID|S_IXGRP, S_IXGRP, 0, /* group */
  99. 0, S_IXOTH, S_IXOTH, 0 /* other */
  100. };
  101. static void parse_config_file(void)
  102. {
  103. struct BB_suid_config *sct_head;
  104. struct BB_suid_config *sct;
  105. struct BB_applet *applet;
  106. FILE *f;
  107. char *err;
  108. char *s;
  109. char *e;
  110. int i, lc, section;
  111. char buffer[256];
  112. struct stat st;
  113. assert(!suid_config); /* Should be set to NULL by bss init. */
  114. if ((stat(config_file, &st) != 0) /* No config file? */
  115. || !S_ISREG(st.st_mode) /* Not a regular file? */
  116. || (st.st_uid != 0) /* Not owned by root? */
  117. || (st.st_mode & (S_IWGRP | S_IWOTH)) /* Writable by non-root? */
  118. || !(f = fopen(config_file, "r")) /* Cannot open? */
  119. ) {
  120. return;
  121. }
  122. suid_cfg_readable = 1;
  123. sct_head = NULL;
  124. section = lc = 0;
  125. do {
  126. s = buffer;
  127. if (!fgets(s, sizeof(buffer), f)) { /* Are we done? */
  128. if (ferror(f)) { /* Make sure it wasn't a read error. */
  129. parse_error("reading");
  130. }
  131. fclose(f);
  132. suid_config = sct_head; /* Success, so set the pointer. */
  133. return;
  134. }
  135. lc++; /* Got a (partial) line. */
  136. /* If a line is too long for our buffer, we consider it an error.
  137. * The following test does mistreat one corner case though.
  138. * If the final line of the file does not end with a newline and
  139. * yet exactly fills the buffer, it will be treated as too long
  140. * even though there isn't really a problem. But it isn't really
  141. * worth adding code to deal with such an unlikely situation, and
  142. * we do err on the side of caution. Besides, the line would be
  143. * too long if it did end with a newline. */
  144. if (!strchr(s, '\n') && !feof(f)) {
  145. parse_error("line too long");
  146. }
  147. /* Trim leading and trailing whitespace, ignoring comments, and
  148. * check if the resulting string is empty. */
  149. if (!*(s = get_trimmed_slice(s, strchrnul(s, '#')))) {
  150. continue;
  151. }
  152. /* Check for a section header. */
  153. if (*s == '[') {
  154. /* Unlike the old code, we ignore leading and trailing
  155. * whitespace for the section name. We also require that
  156. * there are no stray characters after the closing bracket. */
  157. if (!(e = strchr(s, ']')) /* Missing right bracket? */
  158. || e[1] /* Trailing characters? */
  159. || !*(s = get_trimmed_slice(s+1, e)) /* Missing name? */
  160. ) {
  161. parse_error("section header");
  162. }
  163. /* Right now we only have one section so just check it.
  164. * If more sections are added in the future, please don't
  165. * resort to cascading ifs with multiple strcasecmp calls.
  166. * That kind of bloated code is all too common. A loop
  167. * and a string table would be a better choice unless the
  168. * number of sections is very small. */
  169. if (strcasecmp(s, "SUID") == 0) {
  170. section = 1;
  171. continue;
  172. }
  173. section = -1; /* Unknown section so set to skip. */
  174. continue;
  175. }
  176. /* Process sections. */
  177. if (section == 1) { /* SUID */
  178. /* Since we trimmed leading and trailing space above, we're
  179. * now looking for strings of the form
  180. * <key>[::space::]*=[::space::]*<value>
  181. * where both key and value could contain inner whitespace. */
  182. /* First get the key (an applet name in our case). */
  183. if (!!(e = strchr(s, '='))) {
  184. s = get_trimmed_slice(s, e);
  185. }
  186. if (!e || !*s) { /* Missing '=' or empty key. */
  187. parse_error("keyword");
  188. }
  189. /* Ok, we have an applet name. Process the rhs if this
  190. * applet is currently built in and ignore it otherwise.
  191. * Note: This can hide config file bugs which only pop
  192. * up when the busybox configuration is changed. */
  193. if ((applet = find_applet_by_name(s))) {
  194. /* Note: We currently don't check for duplicates!
  195. * The last config line for each applet will be the
  196. * one used since we insert at the head of the list.
  197. * I suppose this could be considered a feature. */
  198. sct = xmalloc(sizeof(struct BB_suid_config));
  199. sct->m_applet = applet;
  200. sct->m_mode = 0;
  201. sct->m_next = sct_head;
  202. sct_head = sct;
  203. /* Get the specified mode. */
  204. e = skip_whitespace(e+1);
  205. for (i=0 ; i < 3 ; i++) {
  206. const char *q;
  207. if (!*(q = strchrnul(mode_chars + 5*i, *e++))) {
  208. parse_error("mode");
  209. }
  210. /* Adjust by -i to account for nul. */
  211. sct->m_mode |= mode_mask[(q - mode_chars) - i];
  212. }
  213. /* Now get the the user/group info. */
  214. s = skip_whitespace(e);
  215. /* Note: We require whitespace between the mode and the
  216. * user/group info. */
  217. if ((s == e) || !(e = strchr(s, '.'))) {
  218. parse_error("<uid>.<gid>");
  219. }
  220. *e++ = 0;
  221. /* We can't use get_ug_id here since it would exit()
  222. * if a uid or gid was not found. Oh well... */
  223. {
  224. char *e2;
  225. sct->m_uid = strtoul(s, &e2, 10);
  226. if (*e2 || (s == e2)) {
  227. struct passwd *pwd = getpwnam(s);
  228. if (!pwd) {
  229. parse_error("user");
  230. }
  231. sct->m_uid = pwd->pw_uid;
  232. }
  233. sct->m_gid = strtoul(e, &e2, 10);
  234. if (*e2 || (e == e2)) {
  235. struct group *grp;
  236. if (!(grp = getgrnam(e))) {
  237. parse_error("group");
  238. }
  239. sct->m_gid = grp->gr_gid;
  240. }
  241. }
  242. }
  243. continue;
  244. }
  245. /* Unknown sections are ignored. */
  246. /* Encountering configuration lines prior to seeing a
  247. * section header is treated as an error. This is how
  248. * the old code worked, but it may not be desirable.
  249. * We may want to simply ignore such lines in case they
  250. * are used in some future version of busybox. */
  251. if (!section) {
  252. parse_error("keyword outside section");
  253. }
  254. } while (1);
  255. pe_label:
  256. fprintf(stderr, "Parse error in %s, line %d: %s\n",
  257. config_file, lc, err);
  258. fclose(f);
  259. /* Release any allocated memory before returning. */
  260. while (sct_head) {
  261. sct = sct_head->m_next;
  262. free(sct_head);
  263. sct_head = sct;
  264. }
  265. return;
  266. }
  267. #else
  268. #define parse_config_file() ((void)0)
  269. #endif /* CONFIG_FEATURE_SUID_CONFIG */
  270. #ifdef CONFIG_FEATURE_SUID
  271. static void check_suid(struct BB_applet *applet)
  272. {
  273. uid_t ruid = getuid(); /* real [ug]id */
  274. uid_t rgid = getgid();
  275. #ifdef CONFIG_FEATURE_SUID_CONFIG
  276. if (suid_cfg_readable) {
  277. struct BB_suid_config *sct;
  278. for (sct = suid_config; sct; sct = sct->m_next) {
  279. if (sct->m_applet == applet)
  280. break;
  281. }
  282. if (sct) {
  283. mode_t m = sct->m_mode;
  284. if (sct->m_uid == ruid)
  285. /* same uid */
  286. m >>= 6;
  287. else if ((sct->m_gid == rgid) || ingroup(ruid, sct->m_gid))
  288. /* same group / in group */
  289. m >>= 3;
  290. if (!(m & S_IXOTH)) /* is x bit not set ? */
  291. bb_error_msg_and_die("you have no permission to run this applet!");
  292. if (sct->m_gid != 0) {
  293. /* _both_ have to be set for sgid */
  294. if ((sct->m_mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
  295. xsetgid(sct->m_gid);
  296. } else xsetgid(rgid); /* no sgid -> drop */
  297. }
  298. if (sct->m_uid != 0) {
  299. if (sct->m_mode & S_ISUID) xsetuid(sct->m_uid);
  300. else xsetuid(ruid); /* no suid -> drop */
  301. }
  302. } else {
  303. /* default: drop all privileges */
  304. xsetgid(rgid);
  305. xsetuid(ruid);
  306. }
  307. return;
  308. } else {
  309. #ifndef CONFIG_FEATURE_SUID_CONFIG_QUIET
  310. static int onetime = 0;
  311. if (!onetime) {
  312. onetime = 1;
  313. fprintf(stderr, "Using fallback suid method\n");
  314. }
  315. #endif
  316. }
  317. #endif
  318. if (applet->need_suid == _BB_SUID_ALWAYS) {
  319. if (geteuid()) bb_error_msg_and_die("applet requires root privileges!");
  320. } else if (applet->need_suid == _BB_SUID_NEVER) {
  321. xsetgid(rgid); /* drop all privileges */
  322. xsetuid(ruid);
  323. }
  324. }
  325. #else
  326. #define check_suid(x)
  327. #endif /* CONFIG_FEATURE_SUID */
  328. #ifdef CONFIG_FEATURE_COMPRESS_USAGE
  329. #include "usage_compressed.h"
  330. #include "unarchive.h"
  331. static const char *unpack_usage_messages(void)
  332. {
  333. int input[2], output[2], pid;
  334. char *buf;
  335. if(pipe(input) < 0 || pipe(output) < 0)
  336. exit(1);
  337. pid = fork();
  338. switch (pid) {
  339. case -1: /* error */
  340. exit(1);
  341. case 0: /* child */
  342. close(input[1]);
  343. close(output[0]);
  344. uncompressStream(input[0], output[1]);
  345. exit(0);
  346. }
  347. /* parent */
  348. close(input[0]);
  349. close(output[1]);
  350. pid = fork();
  351. switch (pid) {
  352. case -1: /* error */
  353. exit(1);
  354. case 0: /* child */
  355. full_write(input[1], packed_usage, sizeof(packed_usage));
  356. exit(0);
  357. }
  358. /* parent */
  359. close(input[1]);
  360. buf = xmalloc(SIZEOF_usage_messages);
  361. full_read(output[0], buf, SIZEOF_usage_messages);
  362. return buf;
  363. }
  364. #else
  365. #define unpack_usage_messages() usage_messages
  366. #endif /* ENABLE_FEATURE_COMPRESS_USAGE */
  367. void bb_show_usage(void)
  368. {
  369. if (ENABLE_SHOW_USAGE) {
  370. const char *format_string;
  371. const char *usage_string = unpack_usage_messages();
  372. int i;
  373. for (i = applet_using - applets; i > 0;)
  374. if (!*usage_string++) --i;
  375. format_string = "%s\n\nUsage: %s %s\n\n";
  376. if (*usage_string == '\b')
  377. format_string = "%s\n\nNo help available.\n\n";
  378. fprintf(stderr, format_string, bb_msg_full_version,
  379. applet_using->name, usage_string);
  380. }
  381. exit(xfunc_error_retval);
  382. }
  383. static int applet_name_compare(const void *name, const void *vapplet)
  384. {
  385. const struct BB_applet *applet = vapplet;
  386. return strcmp(name, applet->name);
  387. }
  388. struct BB_applet *find_applet_by_name(const char *name)
  389. {
  390. return bsearch(name, applets, NUM_APPLETS, sizeof(struct BB_applet),
  391. applet_name_compare);
  392. }
  393. void run_applet_by_name(const char *name, int argc, char **argv)
  394. {
  395. if (ENABLE_FEATURE_SUID_CONFIG)
  396. parse_config_file();
  397. if (!strncmp(name, "busybox", 7))
  398. exit(busybox_main(argc, argv));
  399. /* Do a binary search to find the applet entry given the name. */
  400. applet_using = find_applet_by_name(name);
  401. if (applet_using) {
  402. applet_name = applet_using->name;
  403. if (argc == 2 && !strcmp(argv[1], "--help"))
  404. bb_show_usage();
  405. if (ENABLE_FEATURE_SUID)
  406. check_suid(applet_using);
  407. exit(applet_using->main(argc, argv));
  408. }
  409. }