|
Lines 64-69
Link Here
|
| 64 |
err(1, "getgrouplist: %s", username); \ |
64 |
err(1, "getgrouplist: %s", username); \ |
| 65 |
} while (0) |
65 |
} while (0) |
|
|
66 |
|
| 66 |
int |
67 |
int |
| 67 |
main(int argc, char *argv[]) |
68 |
main(int argc, char *argv[]) |
| 68 |
{ |
69 |
{ |
|
Lines 73-82
Link Here
|
| 73 |
gid_t *groups = NULL; |
74 |
gid_t *groups = NULL; |
| 74 |
int ch, ngroups, uflag, Uflag; |
75 |
int ch, ngroups, uflag, Uflag; |
| 75 |
long ngroups_max; |
76 |
long ngroups_max; |
| 76 |
char *username; |
77 |
const char *username; |
|
|
78 |
const char *shell; |
| 79 |
|
| 80 |
ch = uflag = Uflag = 0; |
| 81 |
username = "root"; |
| 82 |
shell = "/bin/sh"; |
| 77 |
ch = uflag = Uflag = 0; |
|
|
| 78 |
username = NULL; |
| 79 |
ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; |
83 |
ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; |
| 80 |
if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) |
84 |
if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) |
| 81 |
err(1, "malloc"); |
85 |
err(1, "malloc"); |
|
Lines 100-111
Link Here
|
| 100 |
} |
104 |
} |
| 101 |
argc -= optind; |
105 |
argc -= optind; |
| 102 |
argv += optind; |
106 |
argv += optind; |
| 103 |
if (argc < 2) |
107 |
if (argc < 1) /* Need at least the jid */ |
| 104 |
usage(); |
108 |
usage(); |
| 105 |
if (uflag && Uflag) |
109 |
if (uflag && Uflag) |
| 106 |
usage(); |
110 |
usage(); |
| 107 |
if (uflag) |
111 |
if (uflag) |
|
|
112 |
/* User info from the host environment */ |
| 108 |
GET_USER_INFO; |
113 |
GET_USER_INFO; |
|
|
114 |
|
| 115 |
/* go into the jail */ |
| 109 |
jid = jail_getid(argv[0]); |
116 |
jid = jail_getid(argv[0]); |
| 110 |
if (jid < 0) |
117 |
if (jid < 0) |
| 111 |
errx(1, "%s", jail_errmsg); |
118 |
errx(1, "%s", jail_errmsg); |
|
Lines 113-132
Link Here
|
| 113 |
err(1, "jail_attach(%d)", jid); |
120 |
err(1, "jail_attach(%d)", jid); |
| 114 |
if (chdir("/") == -1) |
121 |
if (chdir("/") == -1) |
| 115 |
err(1, "chdir(): /"); |
122 |
err(1, "chdir(): /"); |
| 116 |
if (username != NULL) { |
123 |
|
| 117 |
if (Uflag) |
124 |
/* Setup user environment */ |
| 118 |
GET_USER_INFO; |
125 |
if (Uflag || (strcmp(username, "root")==0)) |
|
|
126 |
/* get user environment from jail */ |
| 127 |
GET_USER_INFO; |
| 128 |
if (Uflag) { |
| 129 |
/* setup the user according the jail environment */ |
| 119 |
if (setgroups(ngroups, groups) != 0) |
130 |
if (setgroups(ngroups, groups) != 0) |
| 120 |
err(1, "setgroups"); |
131 |
err(1, "setgroups"); |
| 121 |
if (setgid(pwd->pw_gid) != 0) |
132 |
if (setgid(pwd->pw_gid) != 0) |
| 122 |
err(1, "setgid"); |
133 |
err(1, "setgid"); |
| 123 |
if (setusercontext(lcap, pwd, pwd->pw_uid, |
134 |
if (setusercontext(lcap, pwd, pwd->pw_uid, |
| 124 |
LOGIN_SETALL & ~LOGIN_SETGROUP & ~LOGIN_SETLOGIN) != 0) |
135 |
LOGIN_SETALL & ~LOGIN_SETGROUP & ~LOGIN_SETLOGIN) != 0) |
| 125 |
err(1, "setusercontext"); |
136 |
err(1, "setusercontext"); |
| 126 |
login_close(lcap); |
137 |
login_close(lcap); |
| 127 |
} |
138 |
} |
| 128 |
if (execvp(argv[1], argv + 1) == -1) |
139 |
if (argc == 1) { |
| 129 |
err(1, "execvp(): %s", argv[1]); |
140 |
/* Get the user shell as command */ |
|
|
141 |
if (pwd->pw_shell) { |
| 142 |
argv[1] = pwd->pw_shell; |
| 143 |
} else |
| 144 |
argv[1] = (char*)shell; |
| 145 |
argv[2] = NULL; |
| 146 |
} |
| 147 |
if (execvp(argv[1], argv + 1) == -1) { |
| 148 |
err(1, "execvp(): %s", argv[1]); |
| 149 |
} |
| 130 |
exit(0); |
150 |
exit(0); |
| 131 |
} |
151 |
} |
|
Lines 135-140
Link Here
|
| 135 |
{ |
155 |
{ |
| 136 |
fprintf(stderr, "%s\n", |
156 |
fprintf(stderr, "%s\n", |
| 137 |
"usage: jexec [-u username | -U username] jail command ..."); |
157 |
"usage: jexec [-u username | -U username] jail [command] ..."); |
| 138 |
exit(1); |
158 |
exit(1); |
| 139 |
} |
159 |
} |