mirror of https://github.com/rd235/cado
$SHELL if no arg in cado (tnx Davide)
This commit is contained in:
Renzo Davoli
parent
bd4f6e067f
commit
499a930cd3
5
cado.1
5
cado.1
|
|
@ -6,8 +6,8 @@ cado \- Capability Ambient DO
|
||||||
[
|
[
|
||||||
.I OPTIONS
|
.I OPTIONS
|
||||||
]
|
]
|
||||||
[
|
|
||||||
.I capability_list
|
.I capability_list
|
||||||
|
[
|
||||||
.I command
|
.I command
|
||||||
[
|
[
|
||||||
.I args
|
.I args
|
||||||
|
|
@ -29,6 +29,9 @@ If it is allowed for the current user to run processes with the requested capabi
|
||||||
type their password (or to authenticate themselves as required by pam unless \fB-S\fR or \fB--scado\fR).
|
type their password (or to authenticate themselves as required by pam unless \fB-S\fR or \fB--scado\fR).
|
||||||
Once the authentication succeeds, \fBcado\fR executes the command granting the required ambient capabilities.
|
Once the authentication succeeds, \fBcado\fR executes the command granting the required ambient capabilities.
|
||||||
|
|
||||||
|
If \fIcommand\fR is omitted cado launch the command specified in the environment
|
||||||
|
variable $SHELL.
|
||||||
|
|
||||||
The file /etc/cado.conf (see \fBcado.conf\fR(5)) defines which capabilities can be provided by \fBcado\fR to each user.
|
The file /etc/cado.conf (see \fBcado.conf\fR(5)) defines which capabilities can be provided by \fBcado\fR to each user.
|
||||||
Cado itself is not a setuid executable, it uses the capability mechanism and it has an option to
|
Cado itself is not a setuid executable, it uses the capability mechanism and it has an option to
|
||||||
set its own capabilities. So after each change in the /etc/cado.conf, the capability set should be
|
set its own capabilities. So after each change in the /etc/cado.conf, the capability set should be
|
||||||
|
|
|
||||||
23
cado.c
23
cado.c
|
|
@ -64,7 +64,7 @@ struct option long_options[]={
|
||||||
|
|
||||||
void usage(char *progname) {
|
void usage(char *progname) {
|
||||||
fprintf(stderr,"%s - execute a command in a different capability ambient\n\n",progname);
|
fprintf(stderr,"%s - execute a command in a different capability ambient\n\n",progname);
|
||||||
fprintf(stderr,"usage: %s OPTIONS capability_list command [args]\n\n",progname);
|
fprintf(stderr,"usage: %s OPTIONS capability_list [command [args]]\n\n",progname);
|
||||||
fprintf(stderr,"Options:\n");
|
fprintf(stderr,"Options:\n");
|
||||||
fprintf(stderr," -h, --help display help message and exit\n");
|
fprintf(stderr," -h, --help display help message and exit\n");
|
||||||
fprintf(stderr," -f, --force do not display warnings, do what is allowed\n");
|
fprintf(stderr," -f, --force do not display warnings, do what is allowed\n");
|
||||||
|
|
@ -87,6 +87,8 @@ int main(int argc, char*argv[])
|
||||||
int scado=0;
|
int scado=0;
|
||||||
int pam_check_required = 1;
|
int pam_check_required = 1;
|
||||||
char copy_path[PATH_MAX] = "";
|
char copy_path[PATH_MAX] = "";
|
||||||
|
char *argvsh[]={getenv("SHELL"),NULL};
|
||||||
|
char **cmdargv;
|
||||||
|
|
||||||
while (1) {
|
while (1) {
|
||||||
int c=getopt_long(argc, argv, OPTSTRING, long_options, NULL);
|
int c=getopt_long(argc, argv, OPTSTRING, long_options, NULL);
|
||||||
|
|
@ -139,7 +141,7 @@ int main(int argc, char*argv[])
|
||||||
exit(0);
|
exit(0);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (argc - optind < 2)
|
if (argc - optind < 1)
|
||||||
usage(progname);
|
usage(progname);
|
||||||
|
|
||||||
/* parse the set of requested capabilities */
|
/* parse the set of requested capabilities */
|
||||||
|
|
@ -158,11 +160,22 @@ int main(int argc, char*argv[])
|
||||||
|
|
||||||
optind++;
|
optind++;
|
||||||
|
|
||||||
|
if (optind < argc)
|
||||||
|
cmdargv = argv + optind;
|
||||||
|
else {
|
||||||
|
cmdargv = argvsh;
|
||||||
|
if (cmdargv[0] == NULL) {
|
||||||
|
fprintf(stderr, "Error: $SHELL env variable not set.\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* scado mode, check if there is a pre-authorization for the command */
|
/* scado mode, check if there is a pre-authorization for the command */
|
||||||
if (scado) {
|
if (scado) {
|
||||||
uint64_t scado_caps = cado_scado_check(user_groups[0], argv[optind], copy_path);
|
uint64_t scado_caps = cado_scado_check(user_groups[0], cmdargv[0], copy_path);
|
||||||
if (verbose) {
|
if (verbose) {
|
||||||
printf("Scado permitted capabilities for %s:\n", argv[optind]);
|
printf("Scado permitted capabilities for %s:\n", cmdargv[0]);
|
||||||
printcapset(scado_caps, " ");
|
printcapset(scado_caps, " ");
|
||||||
}
|
}
|
||||||
okcaps &= scado_caps;
|
okcaps &= scado_caps;
|
||||||
|
|
@ -203,6 +216,6 @@ int main(int argc, char*argv[])
|
||||||
}
|
}
|
||||||
|
|
||||||
/* exec the command in the new ambient capability environment */
|
/* exec the command in the new ambient capability environment */
|
||||||
execvp(copy_path[0] == 0 ? argv[optind] : copy_path, argv+optind);
|
execvp(copy_path[0] == 0 ? cmdargv[0] : copy_path, cmdargv);
|
||||||
exit(2);
|
exit(2);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
8
cadrop.c
8
cadrop.c
|
|
@ -57,7 +57,13 @@ int main(int argc, char *argv[]) {
|
||||||
argv+=2;
|
argv+=2;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
if (*argv == NULL) argv = argvsh;
|
if (*argv == NULL) {
|
||||||
|
if (*argvsh == NULL) {
|
||||||
|
fprintf(stderr, "Error: $SHELL env variable not set.\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
argv = argvsh;
|
||||||
|
}
|
||||||
drop_ambient_cap(capset);
|
drop_ambient_cap(capset);
|
||||||
execvp(argv[0],argv);
|
execvp(argv[0],argv);
|
||||||
perror("exec");
|
perror("exec");
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue