Fix documentation for `ldconfig' command. Whoops.

[shells] / chrootsh.c

/* -*-c-*-
 *
 * $Id: chrootsh.c,v 1.4 1999/04/22 00:30:27 mdw Exp $
 *
 * Chroot gaol shell
 *
 * (c) 1999 Mark Wooding
 */

/*----- Licensing notice --------------------------------------------------* 
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software Foundation,
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

/*----- Revision history --------------------------------------------------* 
 *
 * $Log: chrootsh.c,v $
 * Revision 1.4  1999/04/22 00:30:27  mdw
 * Miscellanous tidying and security fixes.  Lots of thanks due to Clive
 * Jones.
 *
 * Revision 1.3  1999/04/21 22:52:43  mdw
 * Added a pile of syslog stuff, so that admins can see what this thing is
 * doing.
 *
 * Revision 1.2  1999/04/21 09:07:55  mdw
 * Fiddle with copyright messages so that they're correct.
 *
 * Revision 1.1.1.1  1999/04/20 00:19:04  mdw
 * Initial versions.
 *
 */

/*----- Header files ------------------------------------------------------*/

#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <sys/types.h>
#include <unistd.h>
#include <syslog.h>
#include <pwd.h>

extern char **environ;

/*----- Main code ---------------------------------------------------------*/

#ifndef CHROOTSH_PATH
#  define CHROOTSH_PATH "/usr/bin/chrootsh"
#endif

static const char *quis = "chrootsh";

static void *xmalloc(size_t sz)
{
  void *p = malloc(sz);
  if (!p) {
    setuid(getuid());
    fprintf(stderr, "%s: not enough memory\n", quis);
    exit(EXIT_FAILURE);
  }
  return (p);
}

static char *xstrdup(const char *p)
{
  size_t sz = strlen(p) + 1;
  char *q = xmalloc(sz);
  memcpy(q, p, sz);
  return (q);
}

int main(int argc, char *argv[])
{
  struct passwd *pw;
  uid_t me = getuid();
  char *myname;
  char **env;
  char **av;

  /* --- Resolve the program name --- */

  {
    char *p, *q;
    p = argv[0];
    for (q = argv[0]; *q; q++) {
      if (*q == '/')
        p = q + 1;
    }
    if (*p == '-')
      p++;
    quis = p;
    openlog(quis, LOG_PID | LOG_NDELAY, LOG_DAEMON);
  }

  /* --- Check the user is meant to be chrooted --- */

  {
    uid_t eff = geteuid();

    setreuid(eff, me);
    pw = getpwuid(me);
    if (!pw) {
      syslog(LOG_ERR, "executed by non-existant user (uid = %i)", (int)me);
      fprintf(stderr, "%s: you don't exist.  Go away.\n", quis);
      exit(EXIT_FAILURE);
    }
    if (strcmp(pw->pw_shell, CHROOTSH_PATH) != 0) {
      syslog(LOG_ERR, "executed by non-chrooted user `%s'", pw->pw_name);
      fprintf(stderr, "%s: you aren't a chrooted user\n", quis);
      exit(EXIT_FAILURE);
    }
    endpwent();
    setreuid(me, eff);
  }

  /* --- Chroot the user --- */

  {
    char *p = xstrdup(pw->pw_dir);
    char *q = strstr(p, "/./");
    if (q)
      *q = 0;
    
    if (chdir(p) || chroot(p)) {
      int e = errno;
      syslog(LOG_ERR, "error entering chroot gaol: %m");
      setuid(me);
      fprintf(stderr, "%s: couldn't call chroot: %s\n", quis, strerror(e));
      exit(EXIT_FAILURE);
    }
    setuid(me);
    free(p);
  }

  /* --- Read the new password block --- */

  myname = xstrdup(pw->pw_name);
  pw = getpwnam(myname);
  if (!pw) {
    syslog(LOG_ERR,
           "configuration error: user `%s' not defined in gaol", myname);
    fprintf(stderr, "%s: you don't exist in the gaol\n", quis);
    exit(EXIT_FAILURE);
  }
  endpwent();

  /* --- Now fiddle with environment strings and suchlike --- */

  {
    size_t n;
    char **homevar = 0;
    for (n = 0; environ[n]; n++)
      ;
    env = xmalloc((n + 1) * sizeof(char *));

    for (n = 0; environ[n]; n++) {
      if (strncmp(environ[n], "HOME=", 5) == 0) {
        char *p = xmalloc(6 + strlen(pw->pw_dir));
        sprintf(p, "HOME=%s", pw->pw_dir);
        homevar = &env[n];
        env[n] = p;
      } else if (strncmp(environ[n], "SHELL=", 6) == 0) {
        char *p = xmalloc(7 + strlen(pw->pw_shell));
        sprintf(p, "SHELL=%s", pw->pw_shell);
        env[n] = p;
      } else
        env[n] = environ[n];
    }
    env[n] = 0;

    /* --- Change directory (again) --- */

    if (chdir(pw->pw_dir)) {
      if (homevar) {
        free(*homevar);
        *homevar = "HOME=/";
      }
      fprintf(stderr, "No directory, logging in with HOME=/\n");
    }
  }

  /* --- Finally, sort the argument list --- */

  {
    char *p, *q;
    int i;

    av = xmalloc((argc + 1) * sizeof(char *));
    p = pw->pw_shell;
    for (q = p; *q; q++) {
      if (*q == '/')
        p = q + 1;
    }
    if (argv[0][0] == '-') {
      q = xmalloc(2 + strlen(p));
      *q = '-';
      strcpy(q + 1, p);
      av[0] = q;
    } else
      av[0] = p;

    for (i = 1; i <= argc; i++)
      av[i] = argv[i];
  }

  /* --- Run the real shell --- */

  syslog(LOG_INFO, "chroot user `%s' logged in ok", myname);
  closelog();
  execve(pw->pw_shell, av, env);
  fprintf(stderr, "%s: couldn't exec `%s': %s\n",
          quis, pw->pw_shell, strerror(errno));
  return (EXIT_FAILURE);
}

/*----- That's all, folks -------------------------------------------------*/