systemctl: make most operations NOPs in a chroot

[elogind.git] / src / execute.c

diff --git a/src/execute.c b/src/execute.c
index c1edf61fb1677d1ecbe3a78560595ea755cfd5c9..80c649f1c67d2f34a298f5c13292696014edc95d 100644 (file)
--- a/src/execute.c
+++ b/src/execute.c
@@ -646,7 +646,7 @@ static int enforce_groups(const ExecContext *context, const char *username, gid_
                 char **i;
 
                 /* Final step, initialize any manually set supplementary groups */
-                ngroups_max = (int) sysconf(_SC_NGROUPS_MAX);
+                assert_se((ngroups_max = (int) sysconf(_SC_NGROUPS_MAX)) > 0);
 
                 if (!(gids = new(gid_t, ngroups_max)))
                         return -ENOMEM;
@@ -1249,6 +1249,15 @@ int exec_spawn(ExecCommand *command,
                                 }
                         }
 
+                        if (context->capability_bounding_set_drop)
+                                for (i = 0; i <= CAP_LAST_CAP; i++)
+                                        if (context->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) i)) {
+                                                if (prctl(PR_CAPBSET_DROP, i) < 0) {
+                                                        r = EXIT_CAPABILITIES;
+                                                        goto fail_child;
+                                                }
+                                        }
+
                         if (context->user)
                                 if (enforce_user(context, uid) < 0) {
                                         r = EXIT_USER;
@@ -1641,7 +1650,7 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
                 fprintf(f,
                         "%sSyslogFacility: %s\n"
                         "%sSyslogLevel: %s\n",
-                        prefix, log_facility_to_string(LOG_FAC(c->syslog_priority)),
+                        prefix, log_facility_unshifted_to_string(c->syslog_priority >> 3),
                         prefix, log_level_to_string(LOG_PRI(c->syslog_priority)));
 
         if (c->capabilities) {
@@ -1664,15 +1673,15 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
                         (c->secure_bits & SECURE_NOROOT_LOCKED) ? "noroot-locked" : "");
 
         if (c->capability_bounding_set_drop) {
-                fprintf(f, "%sCapabilityBoundingSetDrop:", prefix);
+                fprintf(f, "%sCapabilityBoundingSet:", prefix);
 
                 for (i = 0; i <= CAP_LAST_CAP; i++)
-                        if (c->capability_bounding_set_drop & (1 << i)) {
+                        if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) i))) {
                                 char *t;
 
                                 if ((t = cap_to_name(i))) {
                                         fprintf(f, " %s", t);
-                                        free(t);
+                                        cap_free(t);
                                 }
                         }
 
@@ -1924,7 +1933,6 @@ DEFINE_STRING_TABLE_LOOKUP(exec_output, ExecOutput);
 
 static const char* const kill_mode_table[_KILL_MODE_MAX] = {
         [KILL_CONTROL_GROUP] = "control-group",
-        [KILL_PROCESS_GROUP] = "process-group",
         [KILL_PROCESS] = "process",
         [KILL_NONE] = "none"
 };