From 49a4df23e1763548e317e254d54b92a9e59cf9dc Mon Sep 17 00:00:00 2001 From: Jan Nieuwenhuizen Date: Sun, 6 Mar 2005 10:10:03 +0000 Subject: [PATCH] (do_chroot_jail): Small cleanups. Avoid constant error messages. --- ChangeLog | 3 ++ lily/main.cc | 80 ++++++++++++++++++++++++++++------------------------ 2 files changed, 46 insertions(+), 37 deletions(-) diff --git a/ChangeLog b/ChangeLog index e1c0284a75..c57227f155 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ 2005-03-06 Jan Nieuwenhuizen + * lily/main.cc (do_chroot_jail): Small cleanups. Avoid constant + error messages. + * flower/libc-extension.cc: * flower/include/libc-extension.hh: [Open]BSD fixes for cookie/funopen declarations. diff --git a/lily/main.cc b/lily/main.cc index 59eca12e20..d62189bcfb 100644 --- a/lily/main.cc +++ b/lily/main.cc @@ -260,83 +260,89 @@ prepend_load_path (String dir) void init_global_tweak_registry (); void init_fontconfig (); - static void do_chroot_jail () { - /* Now we chroot, setuid/setgrp and chdir. If something goes wrong, we exit (this is a - security-sensitive area). First we split jail_spec into its components, then we - retrieve the user/group id (necessarily *before* chroot'ing!) and finally we perform - the actual actions. */ + /* Now we chroot, setuid/setgrp and chdir. If something goes wrong, + we exit (this is a security-sensitive area). First we split + jail_spec into its components, then we retrieve the user/group id + (necessarily *before* chroot'ing) and finally we perform the + actual actions. */ - Array components = String_convert::split(jail_spec, ','); - if (components.size() < 3) + enum Jail { - error (_ ("too few elements in jail specification")); - exit(1); - } - if (components.size() > 4) + USER_NAME, GROUP_NAME, JAIL, DIR, JAIL_MAX + }; + + Array components = String_convert::split (jail_spec, ','); + if (components.size () != JAIL_MAX) { - error (_ ("too many elements in jail specification")); - exit(1); + error (_f ("expected %d arguments with jail, found: %d", JAIL_MAX, + components.size ())); + exit (2); } - int uid, gid; - char *user_name = components[0].get_str0 (); - char *group_name = components[1].get_str0 (); - char *jail = components[2].get_str0 (); - char *wd = components[3].get_str0 (); - + /* Hmm. */ errno = 0; - struct passwd *passwd = getpwnam(user_name); - if (passwd == NULL) + + int uid; + if (passwd *passwd = getpwnam (components[USER_NAME].to_str0 ())) + uid = passwd->pw_uid; + else { - if (errno == 0) - error (_ ("user not found")); + if (errno == 0) + error (_f ("no such user: %s", components[USER_NAME])); else - error(_f ("can't get user id from user name (%s)", strerror (errno))); + error(_f ("can't get user id from user name: %s: %s", + components[USER_NAME], + strerror (errno))); exit (3); } - uid = passwd->pw_uid; + /* Hmm. */ errno = 0; - struct group *group = getgrnam(group_name); - if (group == NULL) + + int gid; + if (group *group = getgrnam (components[GROUP_NAME].to_str0 ())) + gid = group->gr_gid; + else { if (errno == 0) - error (_ ("group not found")); + error (_f ("no such group: %s", components[GROUP_NAME])); else - error(_f ("can't get group id from group name (%s)", strerror (errno))); + error (_f ("can't get group id from group name: %s: ", + components[GROUP_NAME], + strerror (errno))); exit (3); } - gid = group->gr_gid; - if (chroot (jail)) + if (chroot (components[JAIL].to_str0 ())) { - error (_f ("can't chroot (%s)", strerror (errno))); + error (_f ("can't chroot to: %s: %s", components[JAIL], + strerror (errno))); exit (3); } if (setgid (gid)) { - error (_f ("can't change group id (%s)", strerror (errno))); + error (_f ("can't change group id to: %d: %s", gid, strerror (errno))); exit (3); } if (setuid (uid)) { - error (_f ("can't change user id (%s)", strerror (errno))); + error (_f ("can't change user id to: %d: %s", uid, strerror (errno))); exit (3); } - if (chdir (wd)) + if (chdir (components[DIR].to_str0 ())) { - error (_f ("can't change working directory (%s)", strerror (errno))); + error (_f ("can't change working directory to: %s: %s", components[DIR], + strerror (errno))); exit (3); } } - static void main_with_guile (void *, int, char **) { -- 2.39.5