diff options
| author | Lennart Poettering <lennart@poettering.net> | 2004-09-23 22:42:49 +0000 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2004-09-23 22:42:49 +0000 |
| commit | ed36241085da8f797adf7d70ab702fee10e8cba0 (patch) | |
| tree | 9380bc0993a72ba998e51d62b6e08033cb462fc2 | |
| parent | 8176b3a1ba5020e0639f648a7f41f79f54cbcac2 (diff) | |
allow high priority scheduling only for users in group "realtime"
git-svn-id: file:///home/lennart/svn/public/pulseaudio/trunk@238 fefdeb5f-60dc-0310-8127-8f9354f1896f
| -rw-r--r-- | polyp/caps.c | 26 | ||||
| -rw-r--r-- | polyp/main.c | 26 | ||||
| -rw-r--r-- | polyp/util.c | 64 | ||||
| -rw-r--r-- | polyp/util.h | 1 |
4 files changed, 96 insertions, 21 deletions
diff --git a/polyp/caps.c b/polyp/caps.c index db00c604..258e13e4 100644 --- a/polyp/caps.c +++ b/polyp/caps.c @@ -36,14 +36,19 @@ #include "caps.h" void pa_drop_root(void) { - if (getuid() != 0 && geteuid() == 0) { - pa_log(__FILE__": Started SUID root, dropping root rights.\n"); - setuid(getuid()); - seteuid(getuid()); - } + uid_t uid = getuid(); + + if (uid == 0 || geteuid() != 0) + return; + + pa_log(__FILE__": dropping root rights.\n"); + + setuid(uid); + seteuid(uid); } #ifdef HAVE_SYS_CAPABILITY_H + int pa_limit_caps(void) { int r = -1; cap_t caps; @@ -53,14 +58,15 @@ int pa_limit_caps(void) { assert(caps); cap_clear(caps); + cap_set_flag(caps, CAP_EFFECTIVE, 1, &nice_cap, CAP_SET); cap_set_flag(caps, CAP_PERMITTED, 1, &nice_cap, CAP_SET); if (cap_set_proc(caps) < 0) goto fail; - pa_log(__FILE__": Started SUID root, capabilities limited.\n"); - + pa_log(__FILE__": dropped capabilities successfully.\n"); + r = 0; fail: @@ -78,10 +84,10 @@ int pa_drop_caps(void) { cap_clear(caps); - if (cap_set_proc(caps) < 0) + if (cap_set_proc(caps) < 0) { + pa_log(__FILE__": failed to drop capabilities: %s\n", strerror(errno)); goto fail; - - pa_drop_root(); + } r = 0; diff --git a/polyp/main.c b/polyp/main.c index 0e55528d..08677f7f 100644 --- a/polyp/main.c +++ b/polyp/main.c @@ -49,8 +49,6 @@ #include "dumpmodules.h" #include "caps.h" -static struct pa_mainloop *mainloop; - static void signal_callback(struct pa_mainloop_api*m, struct pa_signal_event *e, int sig, void *userdata) { pa_log(__FILE__": Got signal %s.\n", pa_strsignal(sig)); @@ -84,22 +82,33 @@ int main(int argc, char *argv[]) { struct pa_core *c; struct pa_strbuf *buf = NULL; struct pa_daemon_conf *conf; + struct pa_mainloop *mainloop; + char *s; int r, retval = 1, d = 0; int daemon_pipe[2] = { -1, -1 }; + gid_t gid = (gid_t) -1; + int suid_root; pa_limit_caps(); + + suid_root = getuid() != 0 && geteuid() == 0; + + if (suid_root && (pa_uid_in_group("realtime", &gid) <= 0 || gid >= 1000)) { + pa_log(__FILE__": WARNING: called SUID root, but not in group 'realtime'.\n"); + pa_drop_root(); + } r = lt_dlinit(); assert(r == 0); pa_log_set_ident("polypaudio"); - + conf = pa_daemon_conf_new(); - + if (pa_daemon_conf_load(conf, NULL) < 0) goto finish; - + if (pa_daemon_conf_env(conf) < 0) goto finish; @@ -107,13 +116,16 @@ int main(int argc, char *argv[]) { pa_log(__FILE__": failed to parse command line.\n"); goto finish; } - + pa_log_set_target(conf->auto_log_target ? PA_LOG_STDERR : conf->log_target, NULL); if (conf->high_priority && conf->cmd == PA_CMD_DAEMON) pa_raise_priority(); - + pa_drop_caps(); + + if (suid_root) + pa_drop_root(); if (conf->dl_search_path) lt_dlsetsearchpath(conf->dl_search_path); diff --git a/polyp/util.c b/polyp/util.c index 7148654a..1246bbb5 100644 --- a/polyp/util.c +++ b/polyp/util.c @@ -41,11 +41,8 @@ #include <sched.h> #include <sys/resource.h> #include <limits.h> -#include <sys/stat.h> -#include <sys/types.h> -#include <sys/stat.h> #include <unistd.h> - +#include <grp.h> #include <samplerate.h> @@ -444,3 +441,62 @@ int pa_parse_resample_method(const char *string) { else return -1; } + +static int is_group(gid_t gid, const char *name) { + struct group group, *result = NULL; + long n = sysconf(_SC_GETGR_R_SIZE_MAX); + void *data; + int r = -1; + + assert(n > 0); + data = pa_xmalloc(n); + + if (getgrgid_r(gid, &group, data, n, &result) < 0 || !result) { + pa_log(__FILE__ ": getgrgid_r(%u) failed: %s\n", gid, strerror(errno)); + goto finish; + } + + + r = strcmp(name, result->gr_name) == 0; + +finish: + pa_xfree(data); + + return r; +} + +int pa_uid_in_group(const char *name, gid_t *gid) { + gid_t *gids, tgid; + long n = sysconf(_SC_NGROUPS_MAX); + int r = -1, i; + + assert(n > 0); + + gids = pa_xmalloc(sizeof(gid_t)*n); + + if ((n = getgroups(n, gids)) < 0) { + pa_log(__FILE__": getgroups() failed: %s\n", strerror(errno)); + goto finish; + } + + for (i = 0; i < n; i++) { + if (is_group(gids[i], name) > 0) { + *gid = gids[i]; + r = 1; + goto finish; + } + } + + if (is_group(tgid = getgid(), name) > 0) { + *gid = tgid; + r = 1; + goto finish; + } + + r = 0; + +finish: + + pa_xfree(gids); + return r; +} diff --git a/polyp/util.h b/polyp/util.h index 4a387cef..8f4323f6 100644 --- a/polyp/util.h +++ b/polyp/util.h @@ -66,5 +66,6 @@ const char *pa_strsignal(int sig); int pa_parse_resample_method(const char *string); +int pa_uid_in_group(const char *name, gid_t *gid); #endif |