2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2013 The FreeBSD Foundation
7 * This software was developed by Pawel Jakub Dawidek under sponsorship from
8 * the FreeBSD Foundation.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 #include <sys/cdefs.h>
33 __FBSDID("$FreeBSD$");
37 #include <sys/param.h>
45 #include <libcasper.h>
46 #include <libcasper_service.h>
50 static struct group ggrp;
52 static size_t gbufsize;
65 gbuffer = realloc(buf, gbufsize);
66 if (gbuffer == NULL) {
71 memset(gbuffer, 0, gbufsize);
77 group_unpack_string(const nvlist_t *nvl, const char *fieldname, char **fieldp,
78 char **bufferp, size_t *bufsizep)
83 str = nvlist_get_string(nvl, fieldname);
84 len = strlcpy(*bufferp, str, *bufsizep);
95 group_unpack_members(const nvlist_t *nvl, char ***fieldp, char **bufferp,
99 char **outstrs, *str, nvlname[64];
100 size_t nmem, datasize, strsize;
104 if (!nvlist_exists_number(nvl, "gr_nmem")) {
105 datasize = _ALIGNBYTES + sizeof(char *);
106 if (datasize >= *bufsizep)
108 outstrs = (char **)_ALIGN(*bufferp);
111 *bufferp += datasize;
112 *bufsizep -= datasize;
116 nmem = (size_t)nvlist_get_number(nvl, "gr_nmem");
117 datasize = _ALIGNBYTES + sizeof(char *) * (nmem + 1);
118 for (ii = 0; ii < nmem; ii++) {
119 n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii);
120 assert(n > 0 && n < (int)sizeof(nvlname));
121 mem = dnvlist_get_string(nvl, nvlname, NULL);
124 datasize += strlen(mem) + 1;
127 if (datasize >= *bufsizep)
130 outstrs = (char **)_ALIGN(*bufferp);
131 str = (char *)outstrs + sizeof(char *) * (nmem + 1);
132 for (ii = 0; ii < nmem; ii++) {
133 n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]", ii);
134 assert(n > 0 && n < (int)sizeof(nvlname));
135 mem = nvlist_get_string(nvl, nvlname);
136 strsize = strlen(mem) + 1;
137 memcpy(str, mem, strsize);
145 *bufferp += datasize;
146 *bufsizep -= datasize;
152 group_unpack(const nvlist_t *nvl, struct group *grp, char *buffer,
157 if (!nvlist_exists_string(nvl, "gr_name"))
160 memset(grp, 0, sizeof(*grp));
162 error = group_unpack_string(nvl, "gr_name", &grp->gr_name, &buffer,
166 error = group_unpack_string(nvl, "gr_passwd", &grp->gr_passwd, &buffer,
170 grp->gr_gid = (gid_t)nvlist_get_number(nvl, "gr_gid");
171 error = group_unpack_members(nvl, &grp->gr_mem, &buffer, &bufsize);
179 cap_getgrcommon_r(cap_channel_t *chan, const char *cmd, const char *name,
180 gid_t gid, struct group *grp, char *buffer, size_t bufsize,
181 struct group **result)
187 nvl = nvlist_create(0);
188 nvlist_add_string(nvl, "cmd", cmd);
189 if (strcmp(cmd, "getgrent") == 0 || strcmp(cmd, "getgrent_r") == 0) {
191 } else if (strcmp(cmd, "getgrnam") == 0 ||
192 strcmp(cmd, "getgrnam_r") == 0) {
193 nvlist_add_string(nvl, "name", name);
194 } else if (strcmp(cmd, "getgrgid") == 0 ||
195 strcmp(cmd, "getgrgid_r") == 0) {
196 nvlist_add_number(nvl, "gid", (uint64_t)gid);
200 nvl = cap_xfer_nvlist(chan, nvl);
206 error = (int)nvlist_get_number(nvl, "error");
213 if (!nvlist_exists_string(nvl, "gr_name")) {
220 getgr_r = (strcmp(cmd, "getgrent_r") == 0 ||
221 strcmp(cmd, "getgrnam_r") == 0 || strcmp(cmd, "getgrgid_r") == 0);
224 error = group_unpack(nvl, grp, buffer, bufsize);
225 if (getgr_r || error != ERANGE)
227 assert(buffer == gbuffer);
228 assert(bufsize == gbufsize);
229 error = group_resize();
232 /* Update pointers after resize. */
247 static struct group *
248 cap_getgrcommon(cap_channel_t *chan, const char *cmd, const char *name,
251 struct group *result;
256 error = cap_getgrcommon_r(chan, cmd, name, gid, &ggrp, gbuffer,
269 cap_getgrent(cap_channel_t *chan)
272 return (cap_getgrcommon(chan, "getgrent", NULL, 0));
276 cap_getgrnam(cap_channel_t *chan, const char *name)
279 return (cap_getgrcommon(chan, "getgrnam", name, 0));
283 cap_getgrgid(cap_channel_t *chan, gid_t gid)
286 return (cap_getgrcommon(chan, "getgrgid", NULL, gid));
290 cap_getgrent_r(cap_channel_t *chan, struct group *grp, char *buffer,
291 size_t bufsize, struct group **result)
294 return (cap_getgrcommon_r(chan, "getgrent_r", NULL, 0, grp, buffer,
299 cap_getgrnam_r(cap_channel_t *chan, const char *name, struct group *grp,
300 char *buffer, size_t bufsize, struct group **result)
303 return (cap_getgrcommon_r(chan, "getgrnam_r", name, 0, grp, buffer,
308 cap_getgrgid_r(cap_channel_t *chan, gid_t gid, struct group *grp, char *buffer,
309 size_t bufsize, struct group **result)
312 return (cap_getgrcommon_r(chan, "getgrgid_r", NULL, gid, grp, buffer,
317 cap_setgroupent(cap_channel_t *chan, int stayopen)
321 nvl = nvlist_create(0);
322 nvlist_add_string(nvl, "cmd", "setgroupent");
323 nvlist_add_bool(nvl, "stayopen", stayopen != 0);
324 nvl = cap_xfer_nvlist(chan, nvl);
327 if (nvlist_get_number(nvl, "error") != 0) {
328 errno = nvlist_get_number(nvl, "error");
338 cap_setgrent(cap_channel_t *chan)
342 nvl = nvlist_create(0);
343 nvlist_add_string(nvl, "cmd", "setgrent");
344 nvl = cap_xfer_nvlist(chan, nvl);
347 if (nvlist_get_number(nvl, "error") != 0) {
348 errno = nvlist_get_number(nvl, "error");
358 cap_endgrent(cap_channel_t *chan)
362 nvl = nvlist_create(0);
363 nvlist_add_string(nvl, "cmd", "endgrent");
364 /* Ignore any errors, we have no way to report them. */
365 nvlist_destroy(cap_xfer_nvlist(chan, nvl));
369 cap_grp_limit_cmds(cap_channel_t *chan, const char * const *cmds, size_t ncmds)
371 nvlist_t *limits, *nvl;
374 if (cap_limit_get(chan, &limits) < 0)
376 if (limits == NULL) {
377 limits = nvlist_create(0);
379 if (nvlist_exists_nvlist(limits, "cmds"))
380 nvlist_free_nvlist(limits, "cmds");
382 nvl = nvlist_create(0);
383 for (i = 0; i < ncmds; i++)
384 nvlist_add_null(nvl, cmds[i]);
385 nvlist_move_nvlist(limits, "cmds", nvl);
386 return (cap_limit_set(chan, limits));
390 cap_grp_limit_fields(cap_channel_t *chan, const char * const *fields,
393 nvlist_t *limits, *nvl;
396 if (cap_limit_get(chan, &limits) < 0)
398 if (limits == NULL) {
399 limits = nvlist_create(0);
401 if (nvlist_exists_nvlist(limits, "fields"))
402 nvlist_free_nvlist(limits, "fields");
404 nvl = nvlist_create(0);
405 for (i = 0; i < nfields; i++)
406 nvlist_add_null(nvl, fields[i]);
407 nvlist_move_nvlist(limits, "fields", nvl);
408 return (cap_limit_set(chan, limits));
412 cap_grp_limit_groups(cap_channel_t *chan, const char * const *names,
413 size_t nnames, const gid_t *gids, size_t ngids)
415 nvlist_t *limits, *groups;
420 if (cap_limit_get(chan, &limits) < 0)
422 if (limits == NULL) {
423 limits = nvlist_create(0);
425 if (nvlist_exists_nvlist(limits, "groups"))
426 nvlist_free_nvlist(limits, "groups");
428 groups = nvlist_create(0);
429 for (i = 0; i < ngids; i++) {
430 n = snprintf(nvlname, sizeof(nvlname), "gid%u", i);
431 assert(n > 0 && n < (int)sizeof(nvlname));
432 nvlist_add_number(groups, nvlname, (uint64_t)gids[i]);
434 for (i = 0; i < nnames; i++) {
435 n = snprintf(nvlname, sizeof(nvlname), "gid%u", i);
436 assert(n > 0 && n < (int)sizeof(nvlname));
437 nvlist_add_string(groups, nvlname, names[i]);
439 nvlist_move_nvlist(limits, "groups", groups);
440 return (cap_limit_set(chan, limits));
447 grp_allowed_cmd(const nvlist_t *limits, const char *cmd)
454 * If no limit was set on allowed commands, then all commands
457 if (!nvlist_exists_nvlist(limits, "cmds"))
460 limits = nvlist_get_nvlist(limits, "cmds");
461 return (nvlist_exists_null(limits, cmd));
465 grp_allowed_cmds(const nvlist_t *oldlimits, const nvlist_t *newlimits)
472 while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) {
473 if (type != NV_TYPE_NULL)
475 if (!grp_allowed_cmd(oldlimits, name))
476 return (ENOTCAPABLE);
483 grp_allowed_group(const nvlist_t *limits, const char *gname, gid_t gid)
493 * If no limit was set on allowed groups, then all groups are allowed.
495 if (!nvlist_exists_nvlist(limits, "groups"))
498 limits = nvlist_get_nvlist(limits, "groups");
500 while ((name = nvlist_next(limits, &type, &cookie)) != NULL) {
503 if (gid != (gid_t)-1 &&
504 nvlist_get_number(limits, name) == (uint64_t)gid) {
510 strcmp(nvlist_get_string(limits, name),
524 grp_allowed_groups(const nvlist_t *oldlimits, const nvlist_t *newlimits)
526 const char *name, *gname;
532 while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) {
535 gid = (gid_t)nvlist_get_number(newlimits, name);
540 gname = nvlist_get_string(newlimits, name);
545 if (!grp_allowed_group(oldlimits, gname, gid))
546 return (ENOTCAPABLE);
553 grp_allowed_field(const nvlist_t *limits, const char *field)
560 * If no limit was set on allowed fields, then all fields are allowed.
562 if (!nvlist_exists_nvlist(limits, "fields"))
565 limits = nvlist_get_nvlist(limits, "fields");
566 return (nvlist_exists_null(limits, field));
570 grp_allowed_fields(const nvlist_t *oldlimits, const nvlist_t *newlimits)
577 while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) {
578 if (type != NV_TYPE_NULL)
580 if (!grp_allowed_field(oldlimits, name))
581 return (ENOTCAPABLE);
588 grp_pack(const nvlist_t *limits, const struct group *grp, nvlist_t *nvl)
597 * If either name or GID is allowed, we allow it.
599 if (!grp_allowed_group(limits, grp->gr_name, grp->gr_gid))
602 if (grp_allowed_field(limits, "gr_name"))
603 nvlist_add_string(nvl, "gr_name", grp->gr_name);
605 nvlist_add_string(nvl, "gr_name", "");
606 if (grp_allowed_field(limits, "gr_passwd"))
607 nvlist_add_string(nvl, "gr_passwd", grp->gr_passwd);
609 nvlist_add_string(nvl, "gr_passwd", "");
610 if (grp_allowed_field(limits, "gr_gid"))
611 nvlist_add_number(nvl, "gr_gid", (uint64_t)grp->gr_gid);
613 nvlist_add_number(nvl, "gr_gid", (uint64_t)-1);
614 if (grp_allowed_field(limits, "gr_mem") && grp->gr_mem[0] != NULL) {
615 unsigned int ngroups;
617 for (ngroups = 0; grp->gr_mem[ngroups] != NULL; ngroups++) {
618 n = snprintf(nvlname, sizeof(nvlname), "gr_mem[%u]",
620 assert(n > 0 && n < (ssize_t)sizeof(nvlname));
621 nvlist_add_string(nvl, nvlname, grp->gr_mem[ngroups]);
623 nvlist_add_number(nvl, "gr_nmem", (uint64_t)ngroups);
630 grp_getgrent(const nvlist_t *limits, const nvlist_t *nvlin __unused,
640 if (grp_pack(limits, grp, nvlout))
648 grp_getgrnam(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout)
653 if (!nvlist_exists_string(nvlin, "name"))
655 name = nvlist_get_string(nvlin, "name");
656 assert(name != NULL);
659 grp = getgrnam(name);
663 (void)grp_pack(limits, grp, nvlout);
669 grp_getgrgid(const nvlist_t *limits, const nvlist_t *nvlin, nvlist_t *nvlout)
674 if (!nvlist_exists_number(nvlin, "gid"))
677 gid = (gid_t)nvlist_get_number(nvlin, "gid");
684 (void)grp_pack(limits, grp, nvlout);
690 grp_setgroupent(const nvlist_t *limits __unused, const nvlist_t *nvlin,
691 nvlist_t *nvlout __unused)
695 if (!nvlist_exists_bool(nvlin, "stayopen"))
698 stayopen = nvlist_get_bool(nvlin, "stayopen") ? 1 : 0;
700 return (setgroupent(stayopen) == 0 ? EFAULT : 0);
704 grp_setgrent(const nvlist_t *limits __unused, const nvlist_t *nvlin __unused,
705 nvlist_t *nvlout __unused)
714 grp_endgrent(const nvlist_t *limits __unused, const nvlist_t *nvlin __unused,
715 nvlist_t *nvlout __unused)
724 grp_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits)
726 const nvlist_t *limits;
731 if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "cmds") &&
732 !nvlist_exists_nvlist(newlimits, "cmds")) {
733 return (ENOTCAPABLE);
735 if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "fields") &&
736 !nvlist_exists_nvlist(newlimits, "fields")) {
737 return (ENOTCAPABLE);
739 if (oldlimits != NULL && nvlist_exists_nvlist(oldlimits, "groups") &&
740 !nvlist_exists_nvlist(newlimits, "groups")) {
741 return (ENOTCAPABLE);
745 while ((name = nvlist_next(newlimits, &type, &cookie)) != NULL) {
746 if (type != NV_TYPE_NVLIST)
748 limits = nvlist_get_nvlist(newlimits, name);
749 if (strcmp(name, "cmds") == 0)
750 error = grp_allowed_cmds(oldlimits, limits);
751 else if (strcmp(name, "fields") == 0)
752 error = grp_allowed_fields(oldlimits, limits);
753 else if (strcmp(name, "groups") == 0)
754 error = grp_allowed_groups(oldlimits, limits);
765 grp_command(const char *cmd, const nvlist_t *limits, nvlist_t *nvlin,
770 if (!grp_allowed_cmd(limits, cmd))
771 return (ENOTCAPABLE);
773 if (strcmp(cmd, "getgrent") == 0 || strcmp(cmd, "getgrent_r") == 0)
774 error = grp_getgrent(limits, nvlin, nvlout);
775 else if (strcmp(cmd, "getgrnam") == 0 || strcmp(cmd, "getgrnam_r") == 0)
776 error = grp_getgrnam(limits, nvlin, nvlout);
777 else if (strcmp(cmd, "getgrgid") == 0 || strcmp(cmd, "getgrgid_r") == 0)
778 error = grp_getgrgid(limits, nvlin, nvlout);
779 else if (strcmp(cmd, "setgroupent") == 0)
780 error = grp_setgroupent(limits, nvlin, nvlout);
781 else if (strcmp(cmd, "setgrent") == 0)
782 error = grp_setgrent(limits, nvlin, nvlout);
783 else if (strcmp(cmd, "endgrent") == 0)
784 error = grp_endgrent(limits, nvlin, nvlout);
791 CREATE_SERVICE("system.grp", grp_limit, grp_command, 0);
projects / FreeBSD / FreeBSD.git / blob