diff options
author | Laurent Bercot <ska-skaware@skarnet.org> | 2015-01-15 20:51:39 +0000 |
---|---|---|
committer | Laurent Bercot <ska-skaware@skarnet.org> | 2015-01-15 20:51:39 +0000 |
commit | ebfd0ba17e0d4b220725018d16e294e8e22a1745 (patch) | |
tree | 4b29683050ce9e8f24f1920f1be38b2f837ef5ad /src/conn-tools/s6-accessrules-fs-from-cdb.c | |
parent | 20c7d8e1b328155145ce9e8648435e127b60c208 (diff) | |
download | s6-networking-ebfd0ba17e0d4b220725018d16e294e8e22a1745.tar.xz |
Move Unix domain socket and access control stuff to s6.
Move seekablepipe to s6-portable-utils.
Version: 2.0.1.0, release candidate
Diffstat (limited to 'src/conn-tools/s6-accessrules-fs-from-cdb.c')
-rw-r--r-- | src/conn-tools/s6-accessrules-fs-from-cdb.c | 177 |
1 files changed, 0 insertions, 177 deletions
diff --git a/src/conn-tools/s6-accessrules-fs-from-cdb.c b/src/conn-tools/s6-accessrules-fs-from-cdb.c deleted file mode 100644 index cbe67ef..0000000 --- a/src/conn-tools/s6-accessrules-fs-from-cdb.c +++ /dev/null @@ -1,177 +0,0 @@ -/* ISC license. */ - -#include <sys/types.h> -#include <sys/stat.h> -#include <errno.h> -#include <unistd.h> -#include <skalibs/bytestr.h> -#include <skalibs/uint16.h> -#include <skalibs/uint32.h> -#include <skalibs/cdb.h> -#include <skalibs/strerr2.h> -#include <skalibs/djbunix.h> - -#define USAGE "s6-accessrules-fs-from-cdb dir cdbfile" - -static char const *basedir ; -unsigned int basedirlen ; - -static void cleanup () -{ - int e = errno ; - rm_rf(basedir) ; - errno = e ; -} - -static int domkdir (char const *s) -{ - return mkdir(s, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH | S_ISGID) < 0 ? (errno == EEXIST) : 1 ; -} - -static void mkdirp (char *s) -{ - mode_t m = umask(0) ; - unsigned int len = str_len(s) ; - register unsigned int i = basedirlen + 1 ; - for (; i < len ; i++) if (s[i] == '/') - { - s[i] = 0 ; - if (!domkdir(s)) goto err ; - s[i] = '/' ; - } - if (!domkdir(s)) goto err ; - umask(m) ; - return ; - - err: - cleanup() ; - strerr_diefu2sys(111, "mkdir ", s) ; -} - -static void touchtrunc (char const *file) -{ - register int fd = open_trunc(file) ; - if (fd < 0) strerr_diefu2sys(111, "open_trunc ", file) ; - fd_close(fd) ; -} - -static int doenv (char const *dir, unsigned int dirlen, char *env, unsigned int envlen) -{ - mode_t m = umask(0) ; - unsigned int i = 0 ; - if (!domkdir(dir)) - { - cleanup() ; - strerr_diefu2sys(111, "mkdir ", dir) ; - } - umask(m) ; - while (i < envlen) - { - unsigned int n = byte_chr(env + i, envlen - i, 0) ; - if (i + n >= envlen) return 0 ; - { - unsigned int p = byte_chr(env + i, n, '=') ; - char tmp[dirlen + p + 2] ; - byte_copy(tmp, dirlen, dir) ; - tmp[dirlen] = '/' ; - byte_copy(tmp + dirlen + 1, p, env + i) ; - tmp[dirlen + p + 1] = 0 ; - if (p < n) - { - env[i+n] = '\n' ; - if (!openwritenclose_unsafe(tmp, env + i + p + 1, n - p)) - { - cleanup() ; - strerr_diefu2sys(111, "openwritenclose_unsafe ", tmp) ; - } - } - else touchtrunc(tmp) ; - } - i += n + 1 ; - } - return 1 ; -} - -static int doit (struct cdb *c) -{ - unsigned int klen = cdb_keylen(c) ; - unsigned int dlen = cdb_datalen(c) ; - { - uint16 envlen, execlen ; - char name[basedirlen + klen + 8] ; - char data[dlen] ; - byte_copy(name, basedirlen, basedir) ; - name[basedirlen] = '/' ; - if (!dlen || (dlen > 8201)) return (errno = EINVAL, 0) ; - if ((cdb_read(c, name+basedirlen+1, klen, cdb_keypos(c)) < 0) - || (cdb_read(c, data, dlen, cdb_datapos(c)) < 0)) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_read") ; - } - name[basedirlen + klen + 1] = 0 ; - mkdirp(name) ; - name[basedirlen + klen + 1] = '/' ; - if (data[0] == 'A') - { - byte_copy(name + basedirlen + klen + 2, 6, "allow") ; - touchtrunc(name) ; - } - else if (data[0] == 'D') - { - byte_copy(name + basedirlen + klen + 2, 5, "deny") ; - touchtrunc(name) ; - } - if (dlen < 3) return 1 ; - uint16_unpack_big(data + 1, &envlen) ; - if ((envlen > 4096U) || (3U + envlen > dlen)) return (errno = EINVAL, 0) ; - uint16_unpack_big(data + 3 + envlen, &execlen) ; - if ((execlen > 4096U) || (5U + envlen + execlen != dlen)) return (errno = EINVAL, 0) ; - if (envlen) - { - byte_copy(name + basedirlen + klen + 2, 4, "env") ; - if (!doenv(name, basedirlen + klen + 5, data + 3, envlen)) return (errno = EINVAL, 0) ; - } - byte_copy(name + basedirlen + klen + 2, 5, "exec") ; - if (execlen && !openwritenclose_unsafe(name, data + 5 + envlen, execlen)) - { - cleanup() ; - strerr_diefu2sys(111, "openwritenclose_unsafe ", name) ; - } - } - return 1 ; -} - -int main (int argc, char const *const *argv) -{ - struct cdb c = CDB_ZERO ; - uint32 kpos ; - PROG = "s6-accessrules-fs-from-cdb" ; - if (argc < 3) strerr_dieusage(100, USAGE) ; - if (cdb_mapfile(&c, argv[2]) < 0) strerr_diefu1sys(111, "cdb_mapfile") ; - basedir = argv[1] ; - basedirlen = str_len(argv[1]) ; - { - mode_t m = umask(0) ; - if (mkdir(basedir, S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH | S_ISGID) < 0) - strerr_diefu2sys(111, "mkdir ", basedir) ; - umask(m) ; - } - cdb_traverse_init(&c, &kpos) ; - for (;;) - { - register int r = cdb_nextkey(&c, &kpos) ; - if (r < 0) - { - cleanup() ; - strerr_diefu1sys(111, "cdb_nextkey") ; - } - else if (!r) break ; - else if (!doit(&c)) - { - cleanup() ; - strerr_diefu1sys(111, "handle key") ; - } - } - return 0 ; -} |