thierrybo
/
libvirt
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 587 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2100 Commits
3 Branches
619 MiB
 
 
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
libvirt/tools/virt-login-shell-helper.c

431 lines
12 KiB
Raw Permalink Blame History 

  1. /*

  2.  * virt-login-shell-helper.c: a shell to connect to a container

  3.  *

  4.  * Copyright (C) 2013-2014 Red Hat, Inc.

  5.  *

  6.  * This library is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 2.1 of the License, or (at your option) any later version.

  10.  *

  11.  * This library is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public

  17.  * License along with this library.  If not, see

  18.  * <http://www.gnu.org/licenses/>.

  19.  */

  20. #include <config.h>

  21. 

  22. #include <getopt.h>

  23. #include <signal.h>

  24. #include <stdarg.h>

  25. #include <unistd.h>

  26. 

  27. #include "internal.h"

  28. #include "virerror.h"

  29. #include "virconf.h"

  30. #include "virutil.h"

  31. #include "virfile.h"

  32. #include "virprocess.h"

  33. #include "configmake.h"

  34. #include "virstring.h"

  35. #include "viralloc.h"

  36. #include "vircommand.h"

  37. #include "virgettext.h"

  38. #define VIR_FROM_THIS VIR_FROM_NONE

  39. 

  40. static const char *conf_file = SYSCONFDIR "/libvirt/virt-login-shell.conf";

  41. 

  42. static int virLoginShellAllowedUser(virConfPtr conf,

  43.                                     const char *name,

  44.                                     gid_t *groups,

  45.                                     size_t ngroups)

  46. {

  47.     int ret = -1;

  48.     size_t i;

  49.     char *gname = NULL;

  50.     char **users = NULL, **entries;

  51. 

  52.     if (virConfGetValueStringList(conf, "allowed_users", false, &users) < 0)

  53.         goto cleanup;

  54. 

  55. 

  56.     for (entries = users; entries && *entries; entries++) {

  57.         char *entry = *entries;

  58.         /*

  59.           If string begins with a % this indicates a linux group.

  60.           Check to see if the user is in the Linux Group.

  61.         */

  62.         if (entry[0] == '%') {

  63.             entry++;

  64.             if (!*entry)

  65.                 continue;

  66.             for (i = 0; i < ngroups; i++) {

  67.                 if (!(gname = virGetGroupName(groups[i])))

  68.                     continue;

  69.                 if (g_pattern_match_simple(entry, gname)) {

  70.                     ret = 0;

  71.                     goto cleanup;

  72.                 }

  73.                 VIR_FREE(gname);

  74.             }

  75.         } else {

  76.             if (g_pattern_match_simple(entry, name)) {

  77.                 ret = 0;

  78.                 goto cleanup;

  79.             }

  80.         }

  81.     }

  82.     virReportSystemError(EPERM,

  83.                          _("%s not matched against 'allowed_users' in %s"),

  84.                          name, conf_file);

  85.  cleanup:

  86.     VIR_FREE(gname);

  87.     virStringListFree(users);

  88.     return ret;

  89. }

  90. 

  91. 

  92. static int virLoginShellGetShellArgv(virConfPtr conf,

  93.                                      char ***shargv,

  94.                                      size_t *shargvlen)

  95. {

  96.     int rv;

  97. 

  98.     if ((rv = virConfGetValueStringList(conf, "shell", true, shargv)) < 0)

  99.         return -1;

  100. 

  101.     if (rv == 0) {

  102.         if (VIR_ALLOC_N(*shargv, 2) < 0)

  103.             return -1;

  104.         (*shargv)[0] = g_strdup("/bin/sh");

  105.         *shargvlen = 1;

  106.     } else {

  107.         *shargvlen = virStringListLength((const char *const *)shargv);

  108.     }

  109.     return 0;

  110. }

  111. 

  112. static char *progname;

  113. 

  114. /*

  115.  * Print usage

  116.  */

  117. static void

  118. usage(void)

  119. {

  120.     fprintf(stdout,

  121.             _("\n"

  122.               "Usage:\n"

  123.               "  %s [option]\n\n"

  124.               "Options:\n"

  125.               "  -h | --help            Display program help\n"

  126.               "  -V | --version         Display program version\n"

  127.               "  -c CMD                 Run CMD via shell\n"

  128.               "\n"

  129.               "libvirt login shell\n"),

  130.             progname);

  131.     return;

  132. }

  133. 

  134. /* Display version information. */

  135. static void

  136. show_version(void)

  137. {

  138.     printf("%s (%s) %s\n", progname, PACKAGE_NAME, PACKAGE_VERSION);

  139. }

  140. 

  141. 

  142. static void

  143. hideErrorFunc(void *opaque G_GNUC_UNUSED,

  144.               virErrorPtr err G_GNUC_UNUSED)

  145. {

  146. }

  147. 

  148. int

  149. main(int argc, char **argv)

  150. {

  151.     g_autoptr(virConf) conf = NULL;

  152.     const char *login_shell_path = conf_file;

  153.     pid_t cpid = -1;

  154.     int ret = EXIT_CANCELED;

  155.     int status;

  156.     unsigned long long uidval;

  157.     unsigned long long gidval;

  158.     uid_t uid;

  159.     gid_t gid;

  160.     char *name = NULL;

  161.     char **shargv = NULL;

  162.     size_t shargvlen = 0;

  163.     char *shcmd = NULL;

  164.     virSecurityModelPtr secmodel = NULL;

  165.     virSecurityLabelPtr seclabel = NULL;

  166.     virDomainPtr dom = NULL;

  167.     virConnectPtr conn = NULL;

  168.     char *homedir = NULL;

  169.     int arg;

  170.     int longindex = -1;

  171.     int ngroups;

  172.     gid_t *groups = NULL;

  173.     ssize_t nfdlist = 0;

  174.     int *fdlist = NULL;

  175.     int openmax;

  176.     size_t i;

  177.     const char *cmdstr = NULL;

  178.     char *tmp;

  179.     char *term = NULL;

  180.     virErrorPtr saved_err = NULL;

  181.     bool autoshell = false;

  182. 

  183.     struct option opt[] = {

  184.         {"help", no_argument, NULL, 'h'},

  185.         {"version", optional_argument, NULL, 'V'},

  186.         {NULL, 0, NULL, 0}

  187.     };

  188.     if (virInitialize() < 0) {

  189.         fprintf(stderr, _("Failed to initialize libvirt error handling"));

  190.         return EXIT_CANCELED;

  191.     }

  192. 

  193.     virSetErrorFunc(NULL, hideErrorFunc);

  194.     virSetErrorLogPriorityFunc(NULL);

  195. 

  196.     progname = argv[0];

  197.     if (virGettextInitialize() < 0)

  198.         return ret;

  199. 

  200.     if (geteuid() != 0) {

  201.         fprintf(stderr, _("%s: must be run as root\n"), argv[0]);

  202.         return ret;

  203.     }

  204. 

  205.     if (getuid() != 0) {

  206.         fprintf(stderr, _("%s: must not be run setuid root\n"), argv[0]);

  207.         return ret;

  208.     }

  209. 

  210.     while ((arg = getopt_long(argc, argv, "hVc:", opt, &longindex)) != -1) {

  211.         switch (arg) {

  212.         case 'h':

  213.             usage();

  214.             exit(EXIT_SUCCESS);

  215. 

  216.         case 'V':

  217.             show_version();

  218.             exit(EXIT_SUCCESS);

  219. 

  220.         case 'c':

  221.             cmdstr = optarg;

  222.             break;

  223. 

  224.         case '?':

  225.         default:

  226.             usage();

  227.             exit(EXIT_CANCELED);

  228.         }

  229.     }

  230. 

  231.     if (optind != (argc - 2)) {

  232.         virReportSystemError(EINVAL, _("%s expects UID and GID parameters"), progname);

  233.         goto cleanup;

  234.     }

  235. 

  236.     if (virStrToLong_ull(argv[optind], NULL, 10, &uidval) < 0 ||

  237.         ((uid_t)uidval) != uidval) {

  238.         virReportSystemError(EINVAL, _("%s cannot parse UID '%s'"),

  239.                              progname, argv[optind]);

  240.         goto cleanup;

  241.     }

  242. 

  243.     optind++;

  244.     if (virStrToLong_ull(argv[optind], NULL, 10, &gidval) < 0 ||

  245.         ((gid_t)gidval) != gidval) {

  246.         virReportSystemError(EINVAL, _("%s cannot parse GID '%s'"),

  247.                              progname, argv[optind]);

  248.         goto cleanup;

  249.     }

  250. 

  251.     uid = (uid_t)uidval;

  252.     gid = (gid_t)gidval;

  253. 

  254.     name = virGetUserName(uid);

  255.     if (!name)

  256.         goto cleanup;

  257. 

  258.     homedir = virGetUserDirectoryByUID(uid);

  259.     if (!homedir)

  260.         goto cleanup;

  261. 

  262.     if (!(conf = virConfReadFile(login_shell_path, 0)))

  263.         goto cleanup;

  264. 

  265.     if ((ngroups = virGetGroupList(uid, gid, &groups)) < 0)

  266.         goto cleanup;

  267. 

  268.     if (virLoginShellAllowedUser(conf, name, groups, ngroups) < 0)

  269.         goto cleanup;

  270. 

  271.     if (virLoginShellGetShellArgv(conf, &shargv, &shargvlen) < 0)

  272.         goto cleanup;

  273. 

  274.     if (virConfGetValueBool(conf, "auto_shell", &autoshell) < 0)

  275.         goto cleanup;

  276. 

  277.     conn = virConnectOpen("lxc:///system");

  278.     if (!conn)

  279.         goto cleanup;

  280. 

  281.     dom = virDomainLookupByName(conn, name);

  282.     if (!dom)

  283.         goto cleanup;

  284. 

  285.     if (!virDomainIsActive(dom) && virDomainCreate(dom) < 0) {

  286.         virErrorPtr last_error;

  287.         last_error = virGetLastError();

  288.         if (last_error->code != VIR_ERR_OPERATION_INVALID) {

  289.             virReportSystemError(last_error->code,

  290.                                  _("Can't create %s container: %s"),

  291.                                  name, last_error->message);

  292.             goto cleanup;

  293.         }

  294.     }

  295. 

  296.     openmax = sysconf(_SC_OPEN_MAX);

  297.     if (openmax < 0) {

  298.         virReportSystemError(errno,  "%s",

  299.                              _("sysconf(_SC_OPEN_MAX) failed"));

  300.         goto cleanup;

  301.     }

  302. 

  303.     if ((nfdlist = virDomainLxcOpenNamespace(dom, &fdlist, 0)) < 0)

  304.         goto cleanup;

  305.     if (VIR_ALLOC(secmodel) < 0)

  306.         goto cleanup;

  307.     if (VIR_ALLOC(seclabel) < 0)

  308.         goto cleanup;

  309.     if (virNodeGetSecurityModel(conn, secmodel) < 0)

  310.         goto cleanup;

  311.     if (virDomainGetSecurityLabel(dom, seclabel) < 0)

  312.         goto cleanup;

  313.     if (virSetUIDGID(0, 0, NULL, 0) < 0)

  314.         goto cleanup;

  315.     if (virDomainLxcEnterSecurityLabel(secmodel, seclabel, NULL, 0) < 0)

  316.         goto cleanup;

  317.     if (virDomainLxcEnterCGroup(dom, 0) < 0)

  318.         goto cleanup;

  319.     if (nfdlist > 0 &&

  320.         virDomainLxcEnterNamespace(dom, nfdlist, fdlist, NULL, NULL, 0) < 0)

  321.         goto cleanup;

  322.     if (virSetUIDGID(uid, gid, groups, ngroups) < 0)

  323.         goto cleanup;

  324.     if (chdir(homedir) < 0) {

  325.         virReportSystemError(errno, _("Unable to chdir(%s)"), homedir);

  326.         goto cleanup;

  327.     }

  328. 

  329.     if (autoshell) {

  330.         tmp = virGetUserShell(uid);

  331.         if (tmp) {

  332.             virStringListFree(shargv);

  333.             shargvlen = 1;

  334.             if (VIR_ALLOC_N(shargv[0], shargvlen + 1) < 0) {

  335.                 VIR_FREE(tmp);

  336.                 goto cleanup;

  337.             }

  338.             shargv[0] = tmp;

  339.             shargv[1] = NULL;

  340.         }

  341.     }

  342. 

  343.     if (cmdstr) {

  344.         if (VIR_REALLOC_N(shargv, shargvlen + 3) < 0)

  345.             goto cleanup;

  346.         shargv[shargvlen++] = g_strdup("-c");

  347.         shargv[shargvlen++] = g_strdup(cmdstr);

  348.         shargv[shargvlen] = NULL;

  349.     }

  350. 

  351.     /* We need to modify the first elementin shargv

  352.      * so that it has the relative filename and has

  353.      * a leading '-' to indicate it is a login shell

  354.      */

  355.     shcmd = shargv[0];

  356.     if (shcmd[0] != '/') {

  357.         virReportSystemError(errno,

  358.                              _("Shell '%s' should have absolute path"),

  359.                              shcmd);

  360.         goto cleanup;

  361.     }

  362.     tmp = strrchr(shcmd, '/');

  363.     shargv[0] = g_strdup(tmp);

  364.     shargv[0][0] = '-';

  365. 

  366.     /* We're duping the string because the clearenv()

  367.      * call will shortly release the pointer we get

  368.      * back from getenv() right here */

  369.     term = g_strdup(getenv("TERM"));

  370. 

  371.     /* A fork is required to create new process in correct pid namespace.  */

  372.     if ((cpid = virFork()) < 0)

  373.         goto cleanup;

  374. 

  375.     if (cpid == 0) {

  376.         int tmpfd;

  377. 

  378.         for (i = 3; i < openmax; i++) {

  379.             tmpfd = i;

  380.             VIR_MASS_CLOSE(tmpfd);

  381.         }

  382. 

  383.         clearenv();

  384.         g_setenv("PATH", "/bin:/usr/bin", TRUE);

  385.         g_setenv("SHELL", shcmd, TRUE);

  386.         g_setenv("USER", name, TRUE);

  387.         g_setenv("LOGNAME", name, TRUE);

  388.         g_setenv("HOME", homedir, TRUE);

  389.         if (term)

  390.             g_setenv("TERM", term, TRUE);

  391. 

  392.         if (execv(shcmd, (char *const*) shargv) < 0) {

  393.             virReportSystemError(errno, _("Unable to exec shell %s"),

  394.                                  shcmd);

  395.             virDispatchError(NULL);

  396.             return errno == ENOENT ? EXIT_ENOENT : EXIT_CANNOT_INVOKE;

  397.         }

  398.     }

  399. 

  400.     /* At this point, the parent is now waiting for the child to exit,

  401.      * but as that may take a long time, we release resources now.  */

  402.  cleanup:

  403.     saved_err = virSaveLastError();

  404. 

  405.     if (nfdlist > 0)

  406.         for (i = 0; i < nfdlist; i++)

  407.             VIR_FORCE_CLOSE(fdlist[i]);

  408.     VIR_FREE(fdlist);

  409.     if (dom)

  410.         virDomainFree(dom);

  411.     if (conn)

  412.         virConnectClose(conn);

  413.     virStringListFree(shargv);

  414.     VIR_FREE(shcmd);

  415.     VIR_FREE(term);

  416.     VIR_FREE(name);

  417.     VIR_FREE(homedir);

  418.     VIR_FREE(seclabel);

  419.     VIR_FREE(secmodel);

  420.     VIR_FREE(groups);

  421. 

  422.     if (virProcessWait(cpid, &status, true) == 0)

  423.         virProcessExitWithStatus(status);

  424. 

  425.     if (saved_err) {

  426.         virSetError(saved_err);

  427.         fprintf(stderr, "%s: %s\n", argv[0], virGetLastErrorMessage());

  428.     }

  429.     return ret;

  430. }