2018-10-03 16:33:33 +02:00
|
|
|
// +build !windows,!linux
|
2018-06-13 16:52:41 +02:00
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"os"
|
|
|
|
"os/exec"
|
|
|
|
"os/user"
|
|
|
|
"path/filepath"
|
2018-10-03 16:05:07 +02:00
|
|
|
"runtime"
|
2018-06-13 16:52:41 +02:00
|
|
|
"strconv"
|
|
|
|
"syscall"
|
2018-06-13 17:24:16 +02:00
|
|
|
|
2018-06-13 16:52:41 +02:00
|
|
|
"github.com/jedisct1/dlog"
|
|
|
|
)
|
|
|
|
|
|
|
|
func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
|
2018-08-04 00:57:52 +02:00
|
|
|
currentUser, err := user.Current()
|
2018-10-08 17:48:05 +02:00
|
|
|
if err != nil && currentUser.Uid != "0" {
|
|
|
|
dlog.Fatal("Root privileges are required in order to switch to a different user. Maybe try again with 'sudo'")
|
2018-08-04 00:57:52 +02:00
|
|
|
}
|
2018-06-13 16:52:41 +02:00
|
|
|
user, err := user.Lookup(userStr)
|
|
|
|
args := os.Args
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
dlog.Fatal(err)
|
|
|
|
}
|
|
|
|
uid, err := strconv.Atoi(user.Uid)
|
|
|
|
if err != nil {
|
|
|
|
dlog.Fatal(err)
|
|
|
|
}
|
|
|
|
gid, err := strconv.Atoi(user.Gid)
|
|
|
|
if err != nil {
|
|
|
|
dlog.Fatal(err)
|
|
|
|
}
|
2018-06-13 17:24:16 +02:00
|
|
|
execPath, err := exec.LookPath(args[0])
|
2018-06-13 16:52:41 +02:00
|
|
|
if err != nil {
|
|
|
|
dlog.Fatal(err)
|
|
|
|
}
|
2018-06-13 17:24:16 +02:00
|
|
|
path, err := filepath.Abs(execPath)
|
2018-06-13 16:52:41 +02:00
|
|
|
if err != nil {
|
|
|
|
dlog.Fatal(err)
|
|
|
|
}
|
|
|
|
|
2018-07-19 19:03:57 +02:00
|
|
|
ServiceManagerReadyNotify()
|
2018-07-07 17:21:21 +02:00
|
|
|
|
2018-06-13 17:24:16 +02:00
|
|
|
args = append(args, "-child")
|
2018-06-13 16:52:41 +02:00
|
|
|
|
|
|
|
dlog.Notice("Dropping privileges")
|
2018-10-03 16:05:07 +02:00
|
|
|
runtime.LockOSThread()
|
|
|
|
if _, _, rcode := syscall.RawSyscall(syscall.SYS_SETGROUPS, uintptr(0), uintptr(0), 0); rcode != 0 {
|
2018-12-23 18:11:55 +01:00
|
|
|
dlog.Fatalf("Unable to drop additional groups: %s", rcode.Error())
|
2018-10-03 16:05:07 +02:00
|
|
|
}
|
|
|
|
if _, _, rcode := syscall.RawSyscall(syscall.SYS_SETGID, uintptr(gid), 0, 0); rcode != 0 {
|
2018-12-23 18:11:55 +01:00
|
|
|
dlog.Fatalf("Unable to drop user privileges: %s", rcode.Error())
|
2018-10-03 16:05:07 +02:00
|
|
|
}
|
|
|
|
if _, _, rcode := syscall.RawSyscall(syscall.SYS_SETUID, uintptr(uid), 0, 0); rcode != 0 {
|
2018-12-23 18:11:55 +01:00
|
|
|
dlog.Fatalf("Unable to drop user privileges: %s", rcode.Error())
|
2018-10-03 16:05:07 +02:00
|
|
|
}
|
|
|
|
maxfd := uintptr(0)
|
|
|
|
for _, fd := range fds {
|
|
|
|
if fd.Fd() > maxfd {
|
|
|
|
maxfd = fd.Fd()
|
|
|
|
}
|
|
|
|
}
|
|
|
|
fdbase := maxfd + 1
|
|
|
|
for i, fd := range fds {
|
|
|
|
if _, _, rcode := syscall.RawSyscall(syscall.SYS_DUP2, fd.Fd(), fdbase+uintptr(i), 0); rcode != 0 {
|
2018-12-23 18:11:55 +01:00
|
|
|
dlog.Fatalf("Unable to clone file descriptor: [%s]", rcode.Error())
|
2018-10-03 16:05:07 +02:00
|
|
|
}
|
|
|
|
if _, _, rcode := syscall.RawSyscall(syscall.SYS_FCNTL, fd.Fd(), syscall.F_SETFD, syscall.FD_CLOEXEC); rcode != 0 {
|
2018-12-23 18:11:55 +01:00
|
|
|
dlog.Fatalf("Unable to set the close on exec flag: [%s]", rcode.Error())
|
2018-10-03 16:05:07 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
for i := range fds {
|
|
|
|
if _, _, rcode := syscall.RawSyscall(syscall.SYS_DUP2, fdbase+uintptr(i), uintptr(i)+3, 0); rcode != 0 {
|
2018-12-23 18:11:55 +01:00
|
|
|
dlog.Fatalf("Unable to reassign descriptor: [%s]", rcode.Error())
|
2018-07-01 23:06:28 +02:00
|
|
|
}
|
2018-06-13 16:52:41 +02:00
|
|
|
}
|
2018-10-05 01:06:44 +02:00
|
|
|
err = syscall.Exec(path, args, os.Environ())
|
|
|
|
dlog.Fatalf("Unable to reexecute [%s]: [%s]", path, err)
|
2018-10-03 16:05:07 +02:00
|
|
|
os.Exit(1)
|
2018-06-13 16:52:41 +02:00
|
|
|
}
|