Mercurial > trustbridge
annotate cinst/nssstore_linux.c @ 406:5ee694fa3da7
Add license header for NSIS scripts
author | Andre Heinecke <aheinecke@intevation.de> |
---|---|
date | Wed, 16 Apr 2014 13:31:16 +0000 |
parents | 17e1c8f37d72 |
children | c88090a15ae4 |
rev | line source |
---|---|
404 | 1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
2 * Software engineering by Intevation GmbH | |
3 * | |
4 * This file is Free Software under the GNU GPL (v>=2) | |
5 * and comes with ABSOLUTELY NO WARRANTY! | |
6 * See LICENSE.txt for details. | |
7 */ | |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 #ifndef WIN32 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 |
321
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
10 /* @file |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
11 @brief Linux implementation of nssstore process control. |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
12 */ |
824ef90a6721
Move is_elevated into common/util.c file for better reuse
Andre Heinecke <aheinecke@intevation.de>
parents:
305
diff
changeset
|
13 |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
14 #include <stdbool.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
15 #include <stdio.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 #include <unistd.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 #include <sys/types.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 #include <sys/wait.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 #include <string.h> |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 #include <stdlib.h> |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
21 #include <limits.h> |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
22 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 #include "nssstore.h" |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 #include "logging.h" |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
25 #include "strhelp.h" |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
26 |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
27 #define NSS_PROCESS_NAME "mozilla" |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
28 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
29 /**@brief get the current path of the executable |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
30 * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
31 * Looks up the current executables directory. The caller |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
32 * has to free the return value. |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
33 * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
34 * The returned value includes the last / |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
35 * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
36 * @returns the absolute directory of the currently executed executable or NULL |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
37 */ |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
38 char * |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
39 get_exe_dir() |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
40 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
41 char *retval = NULL, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
42 *p = NULL, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
43 buf[PATH_MAX]; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
44 ssize_t ret; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
45 size_t path_len = 0; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
46 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
47 ret = readlink ("/proc/self/exe", buf, PATH_MAX); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
48 if (ret <= 0) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
49 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
50 ERRORPRINTF ("readlink failed\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
51 return NULL; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
52 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
53 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
54 buf[ret] = '\0'; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
55 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
56 /* cut off the filename */ |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
57 p = strrchr (buf, '/'); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
58 if (p == NULL) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
59 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
60 ERRORPRINTF ("No filename found.\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
61 return NULL; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
62 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
63 *(p + 1) = '\0'; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
64 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
65 path_len = strlen (buf); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
66 retval = xmalloc (path_len + 1); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
67 strncpy (retval, buf, path_len); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
68 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
69 return retval; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
70 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
71 |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
72 /**@brief Start the process to install / remove |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
73 * |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
74 * This forks the process and executes the NSS installation |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
75 * process. It also writes the Instructions to that process. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
76 * |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
77 * @param [in] to_install strv of DER encoded certificates to be added. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
78 * @param [in] to_remove strv of DER encoded certificates to be remvoed. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
79 * @param [in] uid_t uid of the user to install certificates for. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
80 * @param [in] gid_t the gid of the user to install certificates for. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
81 * @param [in] homedir the homedir of the user. |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
82 * |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
83 * @returns childs pid on success. -1 on failure |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
84 */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
85 static int |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
86 start_procces_for_user (char **to_install, char **to_remove, |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
87 uid_t uid, gid_t gid, char *homedir) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
88 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
89 int pipe_fd[2]; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
90 pid_t pid = 0; |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
91 char *argv[2] = {NULL, NULL}, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
92 *envp[2] = {NULL, NULL}, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
93 *inst_dir = NULL; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
94 size_t homedir_len = 0, |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
95 exe_path_len = 0; |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
96 int ret = -1, |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
97 i = 0; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
98 FILE *stream = NULL; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
99 bool success = false; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
100 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
101 if (homedir == NULL) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
102 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
103 ERRORPRINTF ("Invalid call to start_process_for_user\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
104 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
105 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
106 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
107 homedir_len = strlen (homedir); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
108 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
109 /* Allocate space for HOME=homedir\0 */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
110 envp[0] = xmalloc (homedir_len + 6); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
111 envp[1] = NULL; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
112 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
113 ret = snprintf (envp[0], homedir_len + 6, "HOME=%s", homedir); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
114 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
115 if (ret < 0 || (size_t) ret != homedir_len + 5) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
116 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
117 ERRORPRINTF ("Error setting home env variable.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
118 xfree (envp[0]); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
119 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
120 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
121 |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
122 /* Set up the file name of the installer process */ |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
123 inst_dir = get_exe_dir(); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
124 if (inst_dir == NULL) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
125 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
126 ERRORPRINTF ("Failed to find installation directory.\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
127 xfree (envp[0]); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
128 return -1; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
129 } |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
130 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
131 exe_path_len = strlen(inst_dir) + strlen(NSS_PROCESS_NAME); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
132 argv[0] = xmalloc (exe_path_len + 1); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
133 |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
134 ret = snprintf(argv[0], exe_path_len + 1, "%s%s", inst_dir, NSS_PROCESS_NAME); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
135 if (ret < 0 || (size_t) ret != exe_path_len) |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
136 { |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
137 ERRORPRINTF ("Error setting executable variable.\n"); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
138 xfree (argv[0]); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
139 return -1; |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
140 } |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
141 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
142 if (pipe (pipe_fd)) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
143 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
144 ERRORPRINTF ("Failed to create pipe.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
145 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
146 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
147 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
148 pid = fork(); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
149 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
150 if (pid == (pid_t) -1) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
151 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
152 ERRORPRINTF ("Failed to fork child.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
153 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
154 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
155 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
156 if (pid == (pid_t) 0) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
157 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
158 /* Drop privileges */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
159 if (setuid (uid) || setgid (gid)) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
160 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
161 exit(-1); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
162 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
163 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
164 close (pipe_fd[1]); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
165 dup2 (pipe_fd[0], 0); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
166 close (pipe_fd[0]); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
167 /* TODO find path based on current executable */ |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
168 execve (argv[0], argv, envp); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
169 exit (127); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
170 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
171 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
172 close (pipe_fd[0]); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
173 stream = fdopen(pipe_fd[1], "w"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
174 if (stream == NULL) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
175 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
176 ERRORPRINTF ("Failed to open pipe for writing\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
177 goto done; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
178 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
179 |
384
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
180 /* The NSS installer may exit on error before we are done |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
181 * telling it what to do. We want to handle that rather |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
182 * then die unexpectedly. */ |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
183 signal(SIGPIPE, SIG_IGN); |
638db75f0fdf
Ignore sigpipe if the child closed the channel or there is an error
Andre Heinecke <andre.heinecke@intevation.de>
parents:
383
diff
changeset
|
184 |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
185 /* Send the instructions */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
186 for (i = 0; to_install && to_install[i]; i++) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
187 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
188 if (fprintf (stream, "I:%s\n", to_install[i]) <= 3) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
189 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
190 ERRORPRINTF ("Write failed \n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
191 goto done; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
192 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
193 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
194 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
195 for (i = 0; to_remove && to_remove[i]; i++) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
196 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
197 if (fprintf (stream, "R:%s\n", to_remove[i]) <= 3) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
198 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
199 ERRORPRINTF ("Write failed \n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
200 goto done; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
201 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
202 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
203 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
204 success = true; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
205 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
206 done: |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
207 if (stream) { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
208 fclose (stream); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
209 } |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
210 xfree (argv[0]); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
211 xfree (envp[0]); |
383
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
212 close (pipe_fd[0]); |
5eb7ee4ee819
Look up executable name based on /proc/self/exe
Andre Heinecke <andre.heinecke@intevation.de>
parents:
321
diff
changeset
|
213 close (pipe_fd[1]); |
302
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
214 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
215 if (success) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
216 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
217 return pid; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
218 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
219 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
220 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
221 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
222 int |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
223 write_stores_nss (char **to_install, char **to_remove) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
224 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
225 uid_t my_uid = getuid(); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
226 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
227 if (my_uid != 0) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
228 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
229 /* Running as a user */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
230 char *homedir = getenv ("HOME"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
231 pid_t childprocess = -1; /* Only one child for single user installation */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
232 int status = -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
233 if (!homedir) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
234 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
235 ERRORPRINTF ("Failed to find home directory\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
236 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
237 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
238 childprocess = start_procces_for_user (to_install, to_remove, |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
239 my_uid, getgid(), homedir); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
240 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
241 if (childprocess == -1) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
242 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
243 ERRORPRINTF ("Failed to start childprocess!\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
244 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
245 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
246 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
247 childprocess = waitpid (childprocess, &status, 0); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
248 if (childprocess == -1 || !WIFEXITED(status)) |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
249 { |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
250 ERRORPRINTF ("Waitpid failed.\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
251 return -1; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
252 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
253 |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
254 return 0; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
255 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
256 printf ("Installation as root is not yet implemented\n"); |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
257 /* TODO root parse /etc/passwd for users with a home directory */ |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
258 return 0; |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
259 } |
fac7e1b0e558
Add nss store calling function and use it in cinst
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
260 #endif |