setpriv: new applet

Add a minimal 'setpriv' implementation supporting the NO_NEW_PRIVS bit.
Typical usage:

    $ busybox setpriv sudo uname
    Linux
    $ busybox setpriv --nnp sudo uname
    sudo: effective uid is not 0, is /usr/bin/sudo on a file system with
    the 'nosuid' option set or an NFS file system without root privileges?

function                                             old     new   delta
packed_usage                                       31580   31685    +105
setpriv_main                                           -      87     +87
prctl                                                  -      53     +53
static.setpriv_longopts                                -      22     +22
applet_names                                        2620    2628      +8
applet_main                                         1516    1520      +4
------------------------------------------------------------------------------
(add/remove: 5/0 grow/shrink: 3/0 up/down: 279/0)             Total: 279 bytes

Signed-off-by: Assaf Gordon <assafgordon@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

1 files changed, 73 insertions, 0 deletions

diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c
new file mode 100644
index 000000000..6bd663bf4
--- /dev/null
+++ b/util-linux/setpriv.c
@@ -0,0 +1,73 @@
+/* vi: set sw=4 ts=4: */
+/*
+ * setpriv implementation for busybox based on linux-utils-ng 2.29
+ *
+ * Copyright (C) 2017 by  <assafgordon@gmail.com>
+ *
+ * Licensed under GPLv2 or later, see file LICENSE in this source tree.
+ *
+ */
+//config:config SETPRIV
+//config:       bool "setpriv"
+//config:       default y
+//config:       select PLATFORM_LINUX
+//config:       select LONG_OPTS
+//config:       help
+//config:         Run a program with different Linux privilege settings.
+//config:         Requires kernel >= 3.5
+
+//applet:IF_SETPRIV(APPLET(setpriv, BB_DIR_BIN, BB_SUID_DROP))
+
+//kbuild:lib-$(CONFIG_SETPRIV) += setpriv.o
+
+//usage:#define setpriv_trivial_usage
+//usage:        "[OPTIONS] PROG [ARGS]"
+//usage:#define setpriv_full_usage "\n\n"
+//usage:       "Run PROG with different privilege settings\n"
+//usage:     "\n--nnp,--no-new-privs    Ignore setuid/setgid bits and file capabilities"
+
+//setpriv from util-linux 2.28:
+// -d, --dump               show current state (and do not exec anything)
+// --nnp, --no-new-privs    disallow granting new privileges
+// --inh-caps <caps,...>    set inheritable capabilities
+// --bounding-set <caps>    set capability bounding set
+// --ruid <uid>             set real uid
+// --euid <uid>             set effective uid
+// --rgid <gid>             set real gid
+// --egid <gid>             set effective gid
+// --reuid <uid>            set real and effective uid
+// --regid <gid>            set real and effective gid
+// --clear-groups           clear supplementary groups
+// --keep-groups            keep supplementary groups
+// --groups <group,...>     set supplementary groups
+// --securebits <bits>      set securebits
+// --selinux-label <label>  set SELinux label
+// --apparmor-profile <pr>  set AppArmor profile
+
+#include <sys/prctl.h>
+#include "libbb.h"
+
+#ifndef PR_SET_NO_NEW_PRIVS
+#define PR_SET_NO_NEW_PRIVS 38
+#endif
+
+int setpriv_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int setpriv_main(int argc UNUSED_PARAM, char **argv)
+{
+        static const char setpriv_longopts[] ALIGN1 =
+                "nnp\0"          No_argument    "\xff"
+                "no-new-privs\0" No_argument    "\xff"
+                ;
+        int opts;
+
+        opt_complementary = "-1";
+        applet_long_options = setpriv_longopts;
+        opts = getopt32(argv, "");
+        if (opts) {
+                if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0))
+                        bb_simple_perror_msg_and_die("prctl: NO_NEW_PRIVS");
+        }
+
+        argv += optind;
+        BB_EXECVP_or_die(argv);
+}