Yeah, yeah... I forgot about 'svn add'... fixing that

author: Denis Vlasenko <vda.linux@googlemail.com> 2006-10-03 17:52:24 +0000
committer: Denis Vlasenko <vda.linux@googlemail.com> 2006-10-03 17:52:24 +0000
commit: f0a97fb43ab1ccab1904e7bc947a97c6e795900e (patch)
tree: 18d1b15a122612f7e456e6b27f682454a1e2fd19
parent: fe54458e46eef445da32862b2171392be8f01ab4 (diff)
download: busybox-w32-f0a97fb43ab1ccab1904e7bc947a97c6e795900e.tar.gz
busybox-w32-f0a97fb43ab1ccab1904e7bc947a97c6e795900e.tar.bz2
busybox-w32-f0a97fb43ab1ccab1904e7bc947a97c6e795900e.zip
6 files changed, 523 insertions, 0 deletions
diff --git a/runit/Config.in b/runit/Config.in
new file mode 100644
index 000000000..073ca1425
--- /dev/null
+++ b/runit/Config.in
@@ -0,0 +1,36 @@
+#
+# For a description of the syntax of this configuration file,
+# see scripts/kbuild/config-language.txt.
+#
+menu "Runit Utilities"
+config CONFIG_CHPST
+        bool "chpst"
+        default n
+        help
+          chpst changes the process state according to the given options, and
+          execs specified program.
+config CONFIG_SETUIDGID
+        bool "setuidgid"
+        help
+          Sets soft resource limits as specified by options
+config CONFIG_ENVUIDGID
+        bool "envuidgid"
+        help
+          Sets $UID to account's uid and $GID to account's gid
+config CONFIG_ENVDIR
+        bool "envdir"
+        help
+          Sets various environment variables as specified by files
+          in the given directory
+config CONFIG_SOFTLIMIT
+        bool "softlimit"
+        help
+          Sets soft resource limits as specified by options
+endmenu
diff --git a/runit/Makefile b/runit/Makefile
new file mode 100644
index 000000000..be65856fe
--- /dev/null
+++ b/runit/Makefile
@@ -0,0 +1,23 @@
+# Makefile for busybox
+#
+# Copyright (C) 1999-2005 by Erik Andersen <andersen@codepoet.org>
+#
+# Licensed under the GPL v2, see the file LICENSE in this tarball.
+ifndef top_srcdir
+top_srcdir=..
+endif
+ifndef top_builddir
+top_builddir=..
+endif
+srcdir=$(top_srcdir)/runit
+RUNIT_DIR:=./
+include $(top_srcdir)/Rules.mak
+include $(top_builddir)/.config
+include Makefile.in
+all: $(libraries-y)
+-include $(top_builddir)/.depend
+clean:
+        rm -f *.o *.a $(AR_TARGET)
diff --git a/runit/Makefile.in b/runit/Makefile.in
new file mode 100644
index 000000000..d8cea10c2
--- /dev/null
+++ b/runit/Makefile.in
@@ -0,0 +1,42 @@
+# Makefile for busybox
+#
+# Copyright (C) 1999-2005 by Erik Andersen <andersen@codepoet.org>
+#
+# Licensed under the GPL v2, see the file LICENSE in this tarball.
+RUNIT_AR:=runit.a
+ifndef RUNIT_DIR
+RUNIT_DIR:=$(top_builddir)/runit/
+endif
+srcdir=$(top_srcdir)/runit
+#unix_a:=buffer.o \
+#buffer_get.o buffer_put.o buffer_read.o buffer_write.o coe.o \
+#fd_copy.o fd_move.o fifo.o lock_ex.o lock_exnb.o \
+#ndelay_off.o ndelay_on.o open_append.o open_read.o \
+#open_trunc.o open_write.o openreadclose.o pathexec_env.o \
+#pathexec_run.o prot.o readclose.o seek_set.o sig.o \
+#sig_block.o sig_catch.o sig_pause.o stralloc_cat.o stralloc_catb.o \
+#stralloc_cats.o stralloc_eady.o stralloc_opyb.o stralloc_opys.o \
+#stralloc_pend.o wait_nohang.o \
+#wait_pid.o
+RUNIT-y:=
+RUNIT-$(CONFIG_CHPST) += chpst.o uidgid.o
+RUNIT-y:=$(sort $(RUNIT-y))
+ifneq ($(strip $(RUNIT-y)),)
+libraries-y+=$(RUNIT_DIR)$(RUNIT_AR)
+endif
+RUNIT_SRC-y:=$(patsubst %.o,$(srcdir)/%.c,$(RUNIT-y))
+RUNIT_SRC-a:=$(wildcard $(srcdir)/*.c)
+APPLET_SRC-y+=$(RUNIT_SRC-y)
+APPLET_SRC-a+=$(RUNIT_SRC-a)
+$(RUNIT_DIR)$(RUNIT_AR): $(patsubst %,$(RUNIT_DIR)%, $(RUNIT-y))
+        $(do_ar)
+$(RUNIT_DIR)%.o: $(srcdir)/%.c
+        $(compile.c)
diff --git a/runit/chpst.c b/runit/chpst.c
new file mode 100644
index 000000000..11ee3d733
--- /dev/null
+++ b/runit/chpst.c
@@ -0,0 +1,345 @@
+#include "busybox.h"
+#include <sys/types.h>
+#include <sys/resource.h>
+#include <grp.h>
+#include "uidgid.h"
+#include <sys/types.h>
+#include <dirent.h>
+static unsigned option_mask;
+// Must meatch constants in chpst_main!
+#define OPT_verbose  (option_mask & 0x2000)
+#define OPT_pgrp     (option_mask & 0x4000)
+#define OPT_nostdin  (option_mask & 0x8000)
+#define OPT_nostdout (option_mask & 0x10000)
+#define OPT_nostderr (option_mask & 0x20000)
+static char *set_user;
+static char *env_user;
+static const char *env_dir;
+static long limitd = -2;
+static long limits = -2;
+static long limitl = -2;
+static long limita = -2;
+static long limito = -2;
+static long limitp = -2;
+static long limitf = -2;
+static long limitc = -2;
+static long limitr = -2;
+static long limitt = -2;
+static long nicelvl;
+static const char *root;
+static void suidgid(char *user, unsigned dogrp)
+{
+        struct uidgid ugid;
+        if (!uidgid_get(&ugid, user, dogrp)) {
+                if (dogrp)
+                        bb_error_msg_and_die("unknown user/group: %s", user);
+                else
+                        bb_error_msg_and_die("unknown account: %s", user);
+        }
+        if (setgroups(ugid.gids, ugid.gid) == -1)
+                bb_perror_msg_and_die("setgroups");
+        xsetgid(*ugid.gid);
+        xsetuid(ugid.uid);
+}
+static void euidgid(char *user, unsigned dogrp)
+{
+        struct uidgid ugid;
+        if (!uidgid_get(&ugid, user, dogrp)) {
+                if (dogrp)
+                        bb_error_msg_and_die("unknown user/group: %s", user);
+                else
+                        bb_error_msg_and_die("unknown account: %s", user);
+        }
+        //FIXME: ultoa needed here!
+        xsetenv("GID", utoa(*ugid.gid));
+        xsetenv("UID", utoa(ugid.uid));
+}
+static void edir(const char *directory_name)
+{
+        int wdir;
+        DIR *dir;
+        struct dirent *d;
+        int fd;
+        wdir = xopen(".", O_RDONLY | O_NDELAY);
+        xchdir(directory_name);
+        dir = opendir(".");
+        if (!dir)
+                bb_perror_msg_and_die("opendir %s", directory_name);
+        for (;;) {
+                errno = 0;
+                d = readdir(dir);
+                if (!d) {
+                        if (errno) bb_perror_msg_and_die("readdir %s", directory_name);
+                        break;
+                }
+                if (d->d_name[0] == '.') continue;
+                fd = open(d->d_name, O_RDONLY | O_NDELAY);
+                if (fd < 0) {
+                        if ((errno == EISDIR) && env_dir) {
+                                if (OPT_verbose)
+                                        bb_perror_msg("warning: %s/%s is a directory", directory_name,
+                                                d->d_name);
+                                continue;
+                        } else
+                                bb_perror_msg_and_die("open %s/%s", directory_name, /* was exiting 111 */
+                                                     d->d_name);
+                }
+                if (fd >= 0) {
+                        char buf[256];
+                        char *tail;
+                        int size;
+                        size = safe_read(fd, buf, sizeof(buf)-1);
+                        if (size < 0)
+                                bb_perror_msg_and_die("read %s/%s", directory_name, /* was exiting 111 */
+                                                d->d_name);
+                        if (size == 0) {
+                                xsetenv(d->d_name, "");
+                                continue;
+                        }
+                        buf[size] = '\n';
+                        tail = memchr(buf, '\n', sizeof(buf));
+                        /* skip trailing whitespace */;
+                        while (1) {
+                                if (tail[0]==' ') tail[0] = '\0';
+                                if (tail[0]=='\t') tail[0] = '\0';
+                                if (tail[0]=='\n') tail[0] = '\0';
+                                if (tail == buf) break;
+                                tail--;
+                        }
+                        xsetenv(d->d_name, buf);
+                }
+        }
+        closedir(dir);
+        if (fchdir(wdir) == -1) bb_perror_msg_and_die("fchdir");
+        close(wdir);
+}
+static void limit(int what, long l)
+{
+        struct rlimit r;
+        if (getrlimit(what, &r) == -1) bb_perror_msg_and_die("getrlimit");
+        if ((l < 0) || (l > r.rlim_max))
+                r.rlim_cur = r.rlim_max;
+        else
+                r.rlim_cur = l;
+        if (setrlimit(what, &r) == -1) bb_perror_msg_and_die("setrlimit");
+}
+static void slimit(void)
+{
+        if (limitd >= -1) {
+#ifdef RLIMIT_DATA
+                limit(RLIMIT_DATA, limitd);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_DATA");
+#endif
+        }
+        if (limits >= -1) {
+#ifdef RLIMIT_STACK
+                limit(RLIMIT_STACK, limits);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_STACK");
+#endif
+        }
+        if (limitl >= -1) {
+#ifdef RLIMIT_MEMLOCK
+                limit(RLIMIT_MEMLOCK, limitl);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_MEMLOCK");
+#endif
+        }
+        if (limita >= -1) {
+#ifdef RLIMIT_VMEM
+                limit(RLIMIT_VMEM, limita);
+#else
+#ifdef RLIMIT_AS
+                limit(RLIMIT_AS, limita);
+#else
+                if (OPT_verbose)
+                        bb_error_msg("system does not support %s", "RLIMIT_VMEM");
+#endif
+#endif
+        }
+        if (limito >= -1) {
+#ifdef RLIMIT_NOFILE
+                limit(RLIMIT_NOFILE, limito);
+#else
+#ifdef RLIMIT_OFILE
+                limit(RLIMIT_OFILE, limito);
+#else
+                if (OPT_verbose)
+                        bb_error_msg("system does not support %s", "RLIMIT_NOFILE");
+#endif
+#endif
+        }
+        if (limitp >= -1) {
+#ifdef RLIMIT_NPROC
+                limit(RLIMIT_NPROC, limitp);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_NPROC");
+#endif
+        }
+        if (limitf >= -1) {
+#ifdef RLIMIT_FSIZE
+                limit(RLIMIT_FSIZE, limitf);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_FSIZE");
+#endif
+        }
+        if (limitc >= -1) {
+#ifdef RLIMIT_CORE
+                limit(RLIMIT_CORE, limitc);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_CORE");
+#endif
+        }
+        if (limitr >= -1) {
+#ifdef RLIMIT_RSS
+                limit(RLIMIT_RSS, limitr);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_RSS");
+#endif
+        }
+        if (limitt >= -1) {
+#ifdef RLIMIT_CPU
+                limit(RLIMIT_CPU, limitt);
+#else
+                if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_CPU");
+#endif
+        }
+}
+/* argv[0] */
+static void setuidgid(int, char **);
+static void envuidgid(int, char **);
+static void envdir(int, char **);
+static void softlimit(int, char **);
+int chpst_main(int argc, char **argv)
+{
+        if (bb_applet_name[3] == 'd') envdir(argc, argv);
+        if (bb_applet_name[1] == 'o') softlimit(argc, argv);
+        if (bb_applet_name[0] == 's') setuidgid(argc, argv);
+        if (bb_applet_name[0] == 'e') envuidgid(argc, argv);
+        // otherwise we are.......... chpst
+        {
+                char *m,*d,*o,*p,*f,*c,*r,*t,*n;
+                option_mask = bb_getopt_ulflags(argc, argv, "u:U:e:m:d:o:p:f:c:r:t:/:n:vP012",
+                                &set_user,&env_user,&env_dir,
+                                &m,&d,&o,&p,&f,&c,&r,&t,&root,&n);
+                // if (option_mask & 0x1) // -u
+                // if (option_mask & 0x2) // -U
+                // if (option_mask & 0x4) // -e
+                if (option_mask & 0x8) limits = limitl = limita = limitd = bb_xgetularg10(m); // -m
+                if (option_mask & 0x10) limitd = bb_xgetularg10(d); // -d
+                if (option_mask & 0x20) limito = bb_xgetularg10(o); // -o
+                if (option_mask & 0x40) limitp = bb_xgetularg10(p); // -p
+                if (option_mask & 0x80) limitf = bb_xgetularg10(f); // -f
+                if (option_mask & 0x100) limitc = bb_xgetularg10(c); // -c
+                if (option_mask & 0x200) limitr = bb_xgetularg10(r); // -r
+                if (option_mask & 0x400) limitt = bb_xgetularg10(t); // -t
+                // if (option_mask & 0x800) // -/
+                if (option_mask & 0x1000) nicelvl = bb_xgetlarg_bnd_sfx(n, 10, -20, 20, NULL); // -n
+                // The below consts should match #defines at top!
+                //if (option_mask & 0x2000) OPT_verbose = 1; // -v
+                //if (option_mask & 0x4000) OPT_pgrp = 1; // -P
+                //if (option_mask & 0x8000) OPT_nostdin = 1; // -0
+                //if (option_mask & 0x10000) OPT_nostdout = 1; // -1
+                //if (option_mask & 0x20000) OPT_nostderr = 1; // -2
+        }
+        if (!argv || !*argv) bb_show_usage();
+        
+        if (OPT_pgrp) setsid();
+        if (env_dir) edir(env_dir);
+        if (root) {
+                xchdir(root);
+                if (chroot(".") == -1)
+                        bb_perror_msg_and_die("chroot");
+        }
+        slimit();
+        if (nicelvl) {
+                errno = 0;
+                if (nice(nicelvl) == -1)
+                        bb_perror_msg_and_die("nice");
+        }
+        if (env_user) euidgid(env_user, 1);
+        if (set_user) suidgid(set_user, 1);
+        if (OPT_nostdin) close(0);
+        if (OPT_nostdout) close(1);
+        if (OPT_nostderr) close(2);
+        execvp(argv[0], argv);
+        bb_perror_msg_and_die("exec %s", argv[0]);
+}
+static void setuidgid(int argc, char **argv)
+{
+        const char *account;
+        account = *++argv;
+        if (!account) bb_show_usage();
+        if (!*++argv) bb_show_usage();
+        suidgid((char*)account, 0);
+        execvp(argv[0], argv);
+        bb_perror_msg_and_die("exec %s", argv[0]);
+}
+static void envuidgid(int argc, char **argv)
+{
+        const char *account;
+        account = *++argv;
+        if (!account) bb_show_usage();
+        if (!*++argv) bb_show_usage();
+        euidgid((char*)account, 0);
+        execvp(argv[0], argv);
+        bb_perror_msg_and_die("exec %s", argv[0]);
+}
+static void envdir(int argc, char **argv)
+{
+        const char *dir;
+        dir = *++argv;
+        if (!dir) bb_show_usage();
+        if (!*++argv) bb_show_usage();
+        edir(dir);
+        execvp(argv[0], argv);
+        bb_perror_msg_and_die("exec %s", argv[0]);
+}
+static void softlimit(int argc, char **argv)
+{
+        char *a,*c,*d,*f,*l,*m,*o,*p,*r,*s,*t;
+        option_mask = bb_getopt_ulflags(argc, argv, "a:c:d:f:l:m:o:p:r:s:t:",
+                        &a,&c,&d,&f,&l,&m,&o,&p,&r,&s,&t);
+        if (option_mask & 0x001) limita = bb_xgetularg10(a); // -a
+        if (option_mask & 0x002) limitc = bb_xgetularg10(c); // -c
+        if (option_mask & 0x004) limitd = bb_xgetularg10(d); // -d
+        if (option_mask & 0x008) limitf = bb_xgetularg10(f); // -f
+        if (option_mask & 0x010) limitl = bb_xgetularg10(l); // -l
+        if (option_mask & 0x020) limits = limitl = limita = limitd = bb_xgetularg10(m); // -m
+        if (option_mask & 0x040) limito = bb_xgetularg10(o); // -o
+        if (option_mask & 0x080) limitp = bb_xgetularg10(p); // -p
+        if (option_mask & 0x100) limitr = bb_xgetularg10(r); // -r
+        if (option_mask & 0x200) limits = bb_xgetularg10(s); // -s
+        if (option_mask & 0x400) limitt = bb_xgetularg10(t); // -t
+        argv += optind;
+        if (!argv[0]) bb_show_usage();
+        slimit();
+        execvp(argv[0], argv);
+        bb_perror_msg_and_die("exec %s", argv[0]);
+}
diff --git a/runit/uidgid.c b/runit/uidgid.c
new file mode 100644
index 000000000..a8fec409d
--- /dev/null
+++ b/runit/uidgid.c
@@ -0,0 +1,63 @@
+#include <sys/types.h>
+#include <pwd.h>
+#include <grp.h>
+#include "uidgid.h"
+static unsigned str_chr(const char *s, int c)
+{
+        const char *t = s;
+        while (t[0] && t[0] != (char)c)
+                t++;
+        return t - s;
+}
+unsigned uidgid_get(struct uidgid *u, char *ug, unsigned dogrp) {
+        char *g = 0;
+        struct passwd *pwd = 0;
+        struct group *gr = 0;
+        int i, d = 0;
+        if (dogrp)
+                d = str_chr(ug, ':');
+        if (ug[d] == ':') {
+                ug[d] = 0;
+                g = ug + d + 1;
+        }
+        pwd = getpwnam(ug);
+        if (!pwd) {
+                if (g) ug[d] = ':';
+                return 0;
+        }
+        if (g) {
+                ug[d] = ':';
+                for (i = 0; i < 60; ++i) {
+                        d = str_chr(g, ':');
+                        if (g[d] == ':') {
+                                g[d] = 0;
+                                gr = getgrnam(g);
+                                if (!gr) {
+                                        g[d] = ':';
+                                        return 0;
+                                }
+                                g[d] = ':';
+                                u->gid[i] = gr->gr_gid;
+                                g += d+1;
+                        }
+                        else {
+                                gr = getgrnam(g);
+                                if (!gr) return 0;
+                                u->gid[i++] = gr->gr_gid;
+                                break;
+                        }
+                }
+                u->gid[i] = 0;
+                u->gids = i;
+        }
+        if (!g) {
+                u->gid[0] = pwd->pw_gid;
+                u->gids = 1;
+        }
+        u->uid = pwd->pw_uid;
+        return 1;
+}
diff --git a/runit/uidgid.h b/runit/uidgid.h
new file mode 100644
index 000000000..1d47fe620
--- /dev/null
+++ b/runit/uidgid.h
@@ -0,0 +1,14 @@
+#ifndef UIDGID_H
+#define UIDGID_H
+#include <sys/types.h>
+struct uidgid {
+        uid_t uid;
+        gid_t gid[61];
+        int gids;
+};
+extern unsigned uidgid_get(struct uidgid *, char *, unsigned);
+#endif
author	Denis Vlasenko <vda.linux@googlemail.com>	2006-10-03 17:52:24 +0000
committer	Denis Vlasenko <vda.linux@googlemail.com>	2006-10-03 17:52:24 +0000
commit	f0a97fb43ab1ccab1904e7bc947a97c6e795900e (patch)
tree	18d1b15a122612f7e456e6b27f682454a1e2fd19
parent	fe54458e46eef445da32862b2171392be8f01ab4 (diff)
download	busybox-w32-f0a97fb43ab1ccab1904e7bc947a97c6e795900e.tar.gz busybox-w32-f0a97fb43ab1ccab1904e7bc947a97c6e795900e.tar.bz2 busybox-w32-f0a97fb43ab1ccab1904e7bc947a97c6e795900e.zip

diff --git a/runit/Config.in b/runit/Config.in new file mode 100644 index 000000000..073ca1425 --- /dev/null +++ b/runit/Config.in
@@ -0,0 +1,36 @@
	1	#
	2	# For a description of the syntax of this configuration file,
	3	# see scripts/kbuild/config-language.txt.
	4	#
	5
	6	menu "Runit Utilities"
	7
	8	config CONFIG_CHPST
	9	bool "chpst"
	10	default n
	11	help
	12	chpst changes the process state according to the given options, and
	13	execs specified program.
	14
	15	config CONFIG_SETUIDGID
	16	bool "setuidgid"
	17	help
	18	Sets soft resource limits as specified by options
	19
	20	config CONFIG_ENVUIDGID
	21	bool "envuidgid"
	22	help
	23	Sets $UID to account's uid and $GID to account's gid
	24
	25	config CONFIG_ENVDIR
	26	bool "envdir"
	27	help
	28	Sets various environment variables as specified by files
	29	in the given directory
	30
	31	config CONFIG_SOFTLIMIT
	32	bool "softlimit"
	33	help
	34	Sets soft resource limits as specified by options
	35
	36	endmenu


diff --git a/runit/Makefile b/runit/Makefile new file mode 100644 index 000000000..be65856fe --- /dev/null +++ b/runit/Makefile
@@ -0,0 +1,23 @@
	1	# Makefile for busybox
	2	#
	3	# Copyright (C) 1999-2005 by Erik Andersen <andersen@codepoet.org>
	4	#
	5	# Licensed under the GPL v2, see the file LICENSE in this tarball.
	6
	7	ifndef top_srcdir
	8	top_srcdir=..
	9	endif
	10	ifndef top_builddir
	11	top_builddir=..
	12	endif
	13	srcdir=$(top_srcdir)/runit
	14	RUNIT_DIR:=./
	15	include $(top_srcdir)/Rules.mak
	16	include $(top_builddir)/.config
	17	include Makefile.in
	18	all: $(libraries-y)
	19	-include $(top_builddir)/.depend
	20
	21	clean:
	22	rm -f .o .a $(AR_TARGET)
	23


diff --git a/runit/Makefile.in b/runit/Makefile.in new file mode 100644 index 000000000..d8cea10c2 --- /dev/null +++ b/runit/Makefile.in
@@ -0,0 +1,42 @@
	1	# Makefile for busybox
	2	#
	3	# Copyright (C) 1999-2005 by Erik Andersen <andersen@codepoet.org>
	4	#
	5	# Licensed under the GPL v2, see the file LICENSE in this tarball.
	6
	7	RUNIT_AR:=runit.a
	8	ifndef RUNIT_DIR
	9	RUNIT_DIR:=$(top_builddir)/runit/
	10	endif
	11	srcdir=$(top_srcdir)/runit
	12
	13	#unix_a:=buffer.o \
	14	#buffer_get.o buffer_put.o buffer_read.o buffer_write.o coe.o \
	15	#fd_copy.o fd_move.o fifo.o lock_ex.o lock_exnb.o \
	16	#ndelay_off.o ndelay_on.o open_append.o open_read.o \
	17	#open_trunc.o open_write.o openreadclose.o pathexec_env.o \
	18	#pathexec_run.o prot.o readclose.o seek_set.o sig.o \
	19	#sig_block.o sig_catch.o sig_pause.o stralloc_cat.o stralloc_catb.o \
	20	#stralloc_cats.o stralloc_eady.o stralloc_opyb.o stralloc_opys.o \
	21	#stralloc_pend.o wait_nohang.o \
	22	#wait_pid.o
	23
	24	RUNIT-y:=
	25	RUNIT-$(CONFIG_CHPST) += chpst.o uidgid.o
	26
	27	RUNIT-y:=$(sort $(RUNIT-y))
	28
	29	ifneq ($(strip $(RUNIT-y)),)
	30	libraries-y+=$(RUNIT_DIR)$(RUNIT_AR)
	31	endif
	32
	33	RUNIT_SRC-y:=$(patsubst %.o,$(srcdir)/%.c,$(RUNIT-y))
	34	RUNIT_SRC-a:=$(wildcard $(srcdir)/*.c)
	35	APPLET_SRC-y+=$(RUNIT_SRC-y)
	36	APPLET_SRC-a+=$(RUNIT_SRC-a)
	37
	38	$(RUNIT_DIR)$(RUNIT_AR): $(patsubst %,$(RUNIT_DIR)%, $(RUNIT-y))
	39	$(do_ar)
	40
	41	$(RUNIT_DIR)%.o: $(srcdir)/%.c
	42	$(compile.c)


diff --git a/runit/chpst.c b/runit/chpst.c new file mode 100644 index 000000000..11ee3d733 --- /dev/null +++ b/runit/chpst.c
@@ -0,0 +1,345 @@
	1	#include "busybox.h"
	2
	3	#include <sys/types.h>
	4	#include <sys/resource.h>
	5	#include <grp.h>
	6
	7	#include "uidgid.h"
	8
	9	#include <sys/types.h>
	10	#include <dirent.h>
	11
	12	static unsigned option_mask;
	13	// Must meatch constants in chpst_main!
	14	#define OPT_verbose (option_mask & 0x2000)
	15	#define OPT_pgrp (option_mask & 0x4000)
	16	#define OPT_nostdin (option_mask & 0x8000)
	17	#define OPT_nostdout (option_mask & 0x10000)
	18	#define OPT_nostderr (option_mask & 0x20000)
	19
	20	static char *set_user;
	21	static char *env_user;
	22	static const char *env_dir;
	23	static long limitd = -2;
	24	static long limits = -2;
	25	static long limitl = -2;
	26	static long limita = -2;
	27	static long limito = -2;
	28	static long limitp = -2;
	29	static long limitf = -2;
	30	static long limitc = -2;
	31	static long limitr = -2;
	32	static long limitt = -2;
	33	static long nicelvl;
	34	static const char *root;
	35
	36	static void suidgid(char *user, unsigned dogrp)
	37	{
	38	struct uidgid ugid;
	39
	40	if (!uidgid_get(&ugid, user, dogrp)) {
	41	if (dogrp)
	42	bb_error_msg_and_die("unknown user/group: %s", user);
	43	else
	44	bb_error_msg_and_die("unknown account: %s", user);
	45	}
	46	if (setgroups(ugid.gids, ugid.gid) == -1)
	47	bb_perror_msg_and_die("setgroups");
	48	xsetgid(*ugid.gid);
	49	xsetuid(ugid.uid);
	50	}
	51
	52	static void euidgid(char *user, unsigned dogrp)
	53	{
	54	struct uidgid ugid;
	55
	56	if (!uidgid_get(&ugid, user, dogrp)) {
	57	if (dogrp)
	58	bb_error_msg_and_die("unknown user/group: %s", user);
	59	else
	60	bb_error_msg_and_die("unknown account: %s", user);
	61	}
	62	//FIXME: ultoa needed here!
	63	xsetenv("GID", utoa(*ugid.gid));
	64	xsetenv("UID", utoa(ugid.uid));
	65	}
	66
	67	static void edir(const char *directory_name)
	68	{
	69	int wdir;
	70	DIR *dir;
	71	struct dirent *d;
	72	int fd;
	73
	74	wdir = xopen(".", O_RDONLY \| O_NDELAY);
	75	xchdir(directory_name);
	76	dir = opendir(".");
	77	if (!dir)
	78	bb_perror_msg_and_die("opendir %s", directory_name);
	79	for (;;) {
	80	errno = 0;
	81	d = readdir(dir);
	82	if (!d) {
	83	if (errno) bb_perror_msg_and_die("readdir %s", directory_name);
	84	break;
	85	}
	86	if (d->d_name[0] == '.') continue;
	87	fd = open(d->d_name, O_RDONLY \| O_NDELAY);
	88	if (fd < 0) {
	89	if ((errno == EISDIR) && env_dir) {
	90	if (OPT_verbose)
	91	bb_perror_msg("warning: %s/%s is a directory", directory_name,
	92	d->d_name);
	93	continue;
	94	} else
	95	bb_perror_msg_and_die("open %s/%s", directory_name, /* was exiting 111 */
	96	d->d_name);
	97	}
	98	if (fd >= 0) {
	99	char buf[256];
	100	char *tail;
	101	int size;
	102
	103	size = safe_read(fd, buf, sizeof(buf)-1);
	104	if (size < 0)
	105	bb_perror_msg_and_die("read %s/%s", directory_name, /* was exiting 111 */
	106	d->d_name);
	107	if (size == 0) {
	108	xsetenv(d->d_name, "");
	109	continue;
	110	}
	111	buf[size] = '\n';
	112	tail = memchr(buf, '\n', sizeof(buf));
	113	/* skip trailing whitespace */;
	114	while (1) {
	115	if (tail[0]==' ') tail[0] = '\0';
	116	if (tail[0]=='\t') tail[0] = '\0';
	117	if (tail[0]=='\n') tail[0] = '\0';
	118	if (tail == buf) break;
	119	tail--;
	120	}
	121	xsetenv(d->d_name, buf);
	122	}
	123	}
	124	closedir(dir);
	125	if (fchdir(wdir) == -1) bb_perror_msg_and_die("fchdir");
	126	close(wdir);
	127	}
	128
	129	static void limit(int what, long l)
	130	{
	131	struct rlimit r;
	132
	133	if (getrlimit(what, &r) == -1) bb_perror_msg_and_die("getrlimit");
	134	if ((l < 0) \|\| (l > r.rlim_max))
	135	r.rlim_cur = r.rlim_max;
	136	else
	137	r.rlim_cur = l;
	138	if (setrlimit(what, &r) == -1) bb_perror_msg_and_die("setrlimit");
	139	}
	140
	141	static void slimit(void)
	142	{
	143	if (limitd >= -1) {
	144	#ifdef RLIMIT_DATA
	145	limit(RLIMIT_DATA, limitd);
	146	#else
	147	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_DATA");
	148	#endif
	149	}
	150	if (limits >= -1) {
	151	#ifdef RLIMIT_STACK
	152	limit(RLIMIT_STACK, limits);
	153	#else
	154	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_STACK");
	155	#endif
	156	}
	157	if (limitl >= -1) {
	158	#ifdef RLIMIT_MEMLOCK
	159	limit(RLIMIT_MEMLOCK, limitl);
	160	#else
	161	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_MEMLOCK");
	162	#endif
	163	}
	164	if (limita >= -1) {
	165	#ifdef RLIMIT_VMEM
	166	limit(RLIMIT_VMEM, limita);
	167	#else
	168	#ifdef RLIMIT_AS
	169	limit(RLIMIT_AS, limita);
	170	#else
	171	if (OPT_verbose)
	172	bb_error_msg("system does not support %s", "RLIMIT_VMEM");
	173	#endif
	174	#endif
	175	}
	176	if (limito >= -1) {
	177	#ifdef RLIMIT_NOFILE
	178	limit(RLIMIT_NOFILE, limito);
	179	#else
	180	#ifdef RLIMIT_OFILE
	181	limit(RLIMIT_OFILE, limito);
	182	#else
	183	if (OPT_verbose)
	184	bb_error_msg("system does not support %s", "RLIMIT_NOFILE");
	185	#endif
	186	#endif
	187	}
	188	if (limitp >= -1) {
	189	#ifdef RLIMIT_NPROC
	190	limit(RLIMIT_NPROC, limitp);
	191	#else
	192	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_NPROC");
	193	#endif
	194	}
	195	if (limitf >= -1) {
	196	#ifdef RLIMIT_FSIZE
	197	limit(RLIMIT_FSIZE, limitf);
	198	#else
	199	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_FSIZE");
	200	#endif
	201	}
	202	if (limitc >= -1) {
	203	#ifdef RLIMIT_CORE
	204	limit(RLIMIT_CORE, limitc);
	205	#else
	206	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_CORE");
	207	#endif
	208	}
	209	if (limitr >= -1) {
	210	#ifdef RLIMIT_RSS
	211	limit(RLIMIT_RSS, limitr);
	212	#else
	213	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_RSS");
	214	#endif
	215	}
	216	if (limitt >= -1) {
	217	#ifdef RLIMIT_CPU
	218	limit(RLIMIT_CPU, limitt);
	219	#else
	220	if (OPT_verbose) bb_error_msg("system does not support %s", "RLIMIT_CPU");
	221	#endif
	222	}
	223	}
	224
	225	/* argv[0] */
	226	static void setuidgid(int, char **);
	227	static void envuidgid(int, char **);
	228	static void envdir(int, char **);
	229	static void softlimit(int, char **);
	230
	231	int chpst_main(int argc, char **argv)
	232	{
	233	if (bb_applet_name[3] == 'd') envdir(argc, argv);
	234	if (bb_applet_name[1] == 'o') softlimit(argc, argv);
	235	if (bb_applet_name[0] == 's') setuidgid(argc, argv);
	236	if (bb_applet_name[0] == 'e') envuidgid(argc, argv);
	237	// otherwise we are.......... chpst
	238
	239	{
	240	char m,d,o,p,f,c,r,t,*n;
	241	option_mask = bb_getopt_ulflags(argc, argv, "u:U:e:m:d:o:p:f:c:r:t:/:n:vP012",
	242	&set_user,&env_user,&env_dir,
	243	&m,&d,&o,&p,&f,&c,&r,&t,&root,&n);
	244	// if (option_mask & 0x1) // -u
	245	// if (option_mask & 0x2) // -U
	246	// if (option_mask & 0x4) // -e
	247	if (option_mask & 0x8) limits = limitl = limita = limitd = bb_xgetularg10(m); // -m
	248	if (option_mask & 0x10) limitd = bb_xgetularg10(d); // -d
	249	if (option_mask & 0x20) limito = bb_xgetularg10(o); // -o
	250	if (option_mask & 0x40) limitp = bb_xgetularg10(p); // -p
	251	if (option_mask & 0x80) limitf = bb_xgetularg10(f); // -f
	252	if (option_mask & 0x100) limitc = bb_xgetularg10(c); // -c
	253	if (option_mask & 0x200) limitr = bb_xgetularg10(r); // -r
	254	if (option_mask & 0x400) limitt = bb_xgetularg10(t); // -t
	255	// if (option_mask & 0x800) // -/
	256	if (option_mask & 0x1000) nicelvl = bb_xgetlarg_bnd_sfx(n, 10, -20, 20, NULL); // -n
	257	// The below consts should match #defines at top!
	258	//if (option_mask & 0x2000) OPT_verbose = 1; // -v
	259	//if (option_mask & 0x4000) OPT_pgrp = 1; // -P
	260	//if (option_mask & 0x8000) OPT_nostdin = 1; // -0
	261	//if (option_mask & 0x10000) OPT_nostdout = 1; // -1
	262	//if (option_mask & 0x20000) OPT_nostderr = 1; // -2
	263	}
	264	if (!argv \|\| !*argv) bb_show_usage();
	265
	266	if (OPT_pgrp) setsid();
	267	if (env_dir) edir(env_dir);
	268	if (root) {
	269	xchdir(root);
	270	if (chroot(".") == -1)
	271	bb_perror_msg_and_die("chroot");
	272	}
	273	slimit();
	274	if (nicelvl) {
	275	errno = 0;
	276	if (nice(nicelvl) == -1)
	277	bb_perror_msg_and_die("nice");
	278	}
	279	if (env_user) euidgid(env_user, 1);
	280	if (set_user) suidgid(set_user, 1);
	281	if (OPT_nostdin) close(0);
	282	if (OPT_nostdout) close(1);
	283	if (OPT_nostderr) close(2);
	284	execvp(argv[0], argv);
	285	bb_perror_msg_and_die("exec %s", argv[0]);
	286	}
	287
	288	static void setuidgid(int argc, char **argv)
	289	{
	290	const char *account;
	291
	292	account = *++argv;
	293	if (!account) bb_show_usage();
	294	if (!*++argv) bb_show_usage();
	295	suidgid((char*)account, 0);
	296	execvp(argv[0], argv);
	297	bb_perror_msg_and_die("exec %s", argv[0]);
	298	}
	299
	300	static void envuidgid(int argc, char **argv)
	301	{
	302	const char *account;
	303
	304	account = *++argv;
	305	if (!account) bb_show_usage();
	306	if (!*++argv) bb_show_usage();
	307	euidgid((char*)account, 0);
	308	execvp(argv[0], argv);
	309	bb_perror_msg_and_die("exec %s", argv[0]);
	310	}
	311
	312	static void envdir(int argc, char **argv)
	313	{
	314	const char *dir;
	315
	316	dir = *++argv;
	317	if (!dir) bb_show_usage();
	318	if (!*++argv) bb_show_usage();
	319	edir(dir);
	320	execvp(argv[0], argv);
	321	bb_perror_msg_and_die("exec %s", argv[0]);
	322	}
	323
	324	static void softlimit(int argc, char **argv)
	325	{
	326	char a,c,d,f,l,m,o,p,r,s,*t;
	327	option_mask = bb_getopt_ulflags(argc, argv, "a:c:d:f:l:m:o:p:r:s:t:",
	328	&a,&c,&d,&f,&l,&m,&o,&p,&r,&s,&t);
	329	if (option_mask & 0x001) limita = bb_xgetularg10(a); // -a
	330	if (option_mask & 0x002) limitc = bb_xgetularg10(c); // -c
	331	if (option_mask & 0x004) limitd = bb_xgetularg10(d); // -d
	332	if (option_mask & 0x008) limitf = bb_xgetularg10(f); // -f
	333	if (option_mask & 0x010) limitl = bb_xgetularg10(l); // -l
	334	if (option_mask & 0x020) limits = limitl = limita = limitd = bb_xgetularg10(m); // -m
	335	if (option_mask & 0x040) limito = bb_xgetularg10(o); // -o
	336	if (option_mask & 0x080) limitp = bb_xgetularg10(p); // -p
	337	if (option_mask & 0x100) limitr = bb_xgetularg10(r); // -r
	338	if (option_mask & 0x200) limits = bb_xgetularg10(s); // -s
	339	if (option_mask & 0x400) limitt = bb_xgetularg10(t); // -t
	340	argv += optind;
	341	if (!argv[0]) bb_show_usage();
	342	slimit();
	343	execvp(argv[0], argv);
	344	bb_perror_msg_and_die("exec %s", argv[0]);
	345	}


diff --git a/runit/uidgid.c b/runit/uidgid.c new file mode 100644 index 000000000..a8fec409d --- /dev/null +++ b/runit/uidgid.c
@@ -0,0 +1,63 @@
	1	#include <sys/types.h>
	2	#include <pwd.h>
	3	#include <grp.h>
	4	#include "uidgid.h"
	5
	6	static unsigned str_chr(const char *s, int c)
	7	{
	8	const char *t = s;
	9	while (t[0] && t[0] != (char)c)
	10	t++;
	11	return t - s;
	12	}
	13
	14
	15	unsigned uidgid_get(struct uidgid u, char ug, unsigned dogrp) {
	16	char *g = 0;
	17	struct passwd *pwd = 0;
	18	struct group *gr = 0;
	19	int i, d = 0;
	20
	21	if (dogrp)
	22	d = str_chr(ug, ':');
	23	if (ug[d] == ':') {
	24	ug[d] = 0;
	25	g = ug + d + 1;
	26	}
	27	pwd = getpwnam(ug);
	28	if (!pwd) {
	29	if (g) ug[d] = ':';
	30	return 0;
	31	}
	32	if (g) {
	33	ug[d] = ':';
	34	for (i = 0; i < 60; ++i) {
	35	d = str_chr(g, ':');
	36	if (g[d] == ':') {
	37	g[d] = 0;
	38	gr = getgrnam(g);
	39	if (!gr) {
	40	g[d] = ':';
	41	return 0;
	42	}
	43	g[d] = ':';
	44	u->gid[i] = gr->gr_gid;
	45	g += d+1;
	46	}
	47	else {
	48	gr = getgrnam(g);
	49	if (!gr) return 0;
	50	u->gid[i++] = gr->gr_gid;
	51	break;
	52	}
	53	}
	54	u->gid[i] = 0;
	55	u->gids = i;
	56	}
	57	if (!g) {
	58	u->gid[0] = pwd->pw_gid;
	59	u->gids = 1;
	60	}
	61	u->uid = pwd->pw_uid;
	62	return 1;
	63	}


diff --git a/runit/uidgid.h b/runit/uidgid.h new file mode 100644 index 000000000..1d47fe620 --- /dev/null +++ b/runit/uidgid.h
@@ -0,0 +1,14 @@
	1	#ifndef UIDGID_H
	2	#define UIDGID_H
	3
	4	#include <sys/types.h>
	5
	6	struct uidgid {
	7	uid_t uid;
	8	gid_t gid[61];
	9	int gids;
	10	};
	11
	12	extern unsigned uidgid_get(struct uidgid , char , unsigned);
	13
	14	#endif