From 1814aec611a5f9e03eceee81237ad3a3f51c954a Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 26 Oct 2011 23:56:54 +0000 Subject: Fix whitespace issues Cleanup trailing whitespaces, indentation that uses spaces before tabs, and blank lines at EOF. Make the project free of warnings reported by git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD --- modules/pam_namespace/md5.c | 2 +- modules/pam_namespace/namespace.conf | 4 +- modules/pam_namespace/namespace.conf.5.xml | 6 +- modules/pam_namespace/namespace.init | 2 +- modules/pam_namespace/pam_namespace.c | 330 ++++++++++++++--------------- modules/pam_namespace/pam_namespace.h | 7 +- 6 files changed, 175 insertions(+), 176 deletions(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/md5.c b/modules/pam_namespace/md5.c index c79fb357..ce4f7d6e 100644 --- a/modules/pam_namespace/md5.c +++ b/modules/pam_namespace/md5.c @@ -107,7 +107,7 @@ void MD5Name(MD5Update)(struct MD5Context *ctx, unsigned const char *buf, unsign } /* - * Final wrapup - pad to 64-byte boundary with the bit pattern + * Final wrapup - pad to 64-byte boundary with the bit pattern * 1 0* (64-bit count of bits processed, MSB-first) */ void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx) diff --git a/modules/pam_namespace/namespace.conf b/modules/pam_namespace/namespace.conf index f973225f..b611a0f2 100644 --- a/modules/pam_namespace/namespace.conf +++ b/modules/pam_namespace/namespace.conf @@ -5,8 +5,8 @@ # Uncommenting the following three lines will polyinstantiate # /tmp, /var/tmp and user's home directories. /tmp and /var/tmp will # be polyinstantiated based on the MLS level part of the security context as well as user -# name, Polyinstantion will not be performed for user root and adm for directories -# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users. +# name, Polyinstantion will not be performed for user root and adm for directories +# /tmp and /var/tmp, whereas home directories will be polyinstantiated for all users. # The user name and context is appended to the instance prefix. # # Note that instance directories do not have to reside inside the diff --git a/modules/pam_namespace/namespace.conf.5.xml b/modules/pam_namespace/namespace.conf.5.xml index 61c8673b..673099b0 100644 --- a/modules/pam_namespace/namespace.conf.5.xml +++ b/modules/pam_namespace/namespace.conf.5.xml @@ -61,7 +61,7 @@ The second field, instance_prefix is the string prefix used to build the pathname for the instantiation - of <polydir>. Depending on the polyinstantiation + of <polydir>. Depending on the polyinstantiation method it is then appended with "instance differentiation string" to generate the final instance directory path. This directory is created if it did not exist @@ -75,7 +75,7 @@ The third field, method, is the method used for polyinstantiation. It can take these values; "user" - for polyinstantiation based on user name, "level" for + for polyinstantiation based on user name, "level" for polyinstantiation based on process MLS level and user name, "context" for polyinstantiation based on process security context and user name, "tmpfs" for mounting tmpfs filesystem as an instance dir, and @@ -97,7 +97,7 @@ The method field can contain also following optional flags separated by : characters. - + create=mode,owner,group - create the polyinstantiated directory. The mode, owner and group parameters are optional. The default for mode is determined by umask, the default diff --git a/modules/pam_namespace/namespace.init b/modules/pam_namespace/namespace.init index 9898bf3a..9ab58062 100755 --- a/modules/pam_namespace/namespace.init +++ b/modules/pam_namespace/namespace.init @@ -1,5 +1,5 @@ #!/bin/sh -p -# It receives polydir path as $1, the instance path as $2, +# It receives polydir path as $1, the instance path as $2, # a flag whether the instance dir was newly created (0 - no, 1 - yes) in $3, # and user name in $4. # diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c index 4a99184a..f0bffa15 100644 --- a/modules/pam_namespace/pam_namespace.c +++ b/modules/pam_namespace/pam_namespace.c @@ -76,7 +76,7 @@ static void del_polydir_list(struct polydir_s *polydirs_ptr) struct polydir_s *dptr = polydirs_ptr; while (dptr) { - struct polydir_s *tptr = dptr; + struct polydir_s *tptr = dptr; dptr = dptr->next; del_polydir(tptr); } @@ -163,9 +163,9 @@ static int parse_create_params(char *params, struct polydir_s *poly) poly->group = (gid_t)ULONG_MAX; if (*params != '=') - return 0; + return 0; params++; - + next = strchr(params, ','); if (next != NULL) { *next = '\0'; @@ -182,7 +182,7 @@ static int parse_create_params(char *params, struct polydir_s *poly) params = next; if (params == NULL) - return 0; + return 0; next = strchr(params, ','); if (next != NULL) { *next = '\0'; @@ -200,22 +200,22 @@ static int parse_create_params(char *params, struct polydir_s *poly) if (params == NULL || *params == '\0') { if (pwd != NULL) poly->group = pwd->pw_gid; - return 0; + return 0; } grp = getgrnam(params); if (grp == NULL) - return -1; + return -1; poly->group = grp->gr_gid; - + return 0; } static int parse_iscript_params(char *params, struct polydir_s *poly) { if (*params != '=') - return 0; + return 0; params++; - + if (*params != '\0') { if (*params != '/') { /* path is relative to NAMESPACE_D_DIR */ if (asprintf(&poly->init_script, "%s%s", NAMESPACE_D_DIR, params) == -1) @@ -235,11 +235,11 @@ static int parse_method(char *method, struct polydir_s *poly, enum polymethod pm; char *sptr = NULL; static const char *method_names[] = { "user", "context", "level", "tmpdir", - "tmpfs", NULL }; + "tmpfs", NULL }; static const char *flag_names[] = { "create", "noinit", "iscript", - "shared", NULL }; + "shared", NULL }; static const unsigned int flag_values[] = { POLYDIR_CREATE, POLYDIR_NOINIT, - POLYDIR_ISCRIPT, POLYDIR_SHARED }; + POLYDIR_ISCRIPT, POLYDIR_SHARED }; int i; char *flag; @@ -247,41 +247,41 @@ static int parse_method(char *method, struct polydir_s *poly, pm = NONE; for (i = 0; method_names[i]; i++) { - if (strcmp(method, method_names[i]) == 0) { - pm = i + 1; /* 0 = NONE */ - } + if (strcmp(method, method_names[i]) == 0) { + pm = i + 1; /* 0 = NONE */ + } } if (pm == NONE) { pam_syslog(idata->pamh, LOG_NOTICE, "Unknown method"); return -1; } - + poly->method = pm; - + while ((flag=strtok_r(NULL, ":", &sptr)) != NULL) { - for (i = 0; flag_names[i]; i++) { - int namelen = strlen(flag_names[i]); - - if (strncmp(flag, flag_names[i], namelen) == 0) { - poly->flags |= flag_values[i]; - switch (flag_values[i]) { - case POLYDIR_CREATE: - if (parse_create_params(flag+namelen, poly) != 0) { + for (i = 0; flag_names[i]; i++) { + int namelen = strlen(flag_names[i]); + + if (strncmp(flag, flag_names[i], namelen) == 0) { + poly->flags |= flag_values[i]; + switch (flag_values[i]) { + case POLYDIR_CREATE: + if (parse_create_params(flag+namelen, poly) != 0) { pam_syslog(idata->pamh, LOG_CRIT, "Invalid create parameters"); - return -1; - } - break; + return -1; + } + break; - case POLYDIR_ISCRIPT: - if (parse_iscript_params(flag+namelen, poly) != 0) { + case POLYDIR_ISCRIPT: + if (parse_iscript_params(flag+namelen, poly) != 0) { pam_syslog(idata->pamh, LOG_CRIT, "Memory allocation error"); - return -1; - }; - break; - } - } - } + return -1; + }; + break; + } + } + } } return 0; @@ -337,7 +337,7 @@ static int process_line(char *line, const char *home, const char *rhome, poly = calloc(1, sizeof(*poly)); if (poly == NULL) - goto erralloc; + goto erralloc; /* * Initialize and scan the five strings from the line from the @@ -383,12 +383,12 @@ static int process_line(char *line, const char *home, const char *rhome, dir = NULL; goto erralloc; } - + if ((dir=expand_variables(dir, var_names, var_values)) == NULL) { instance_prefix = NULL; goto erralloc; } - + if ((instance_prefix=expand_variables(instance_prefix, var_names, var_values)) == NULL) { goto erralloc; @@ -409,12 +409,12 @@ static int process_line(char *line, const char *home, const char *rhome, if (len > 0 && rdir[len-1] == '/') { rdir[len-1] = '\0'; } - + if (dir[0] == '\0' || rdir[0] == '\0') { - pam_syslog(idata->pamh, LOG_NOTICE, "Invalid polydir"); - goto skipping; + pam_syslog(idata->pamh, LOG_NOTICE, "Invalid polydir"); + goto skipping; } - + /* * Populate polyinstantiated directory structure with appropriate * pathnames and the method with which to polyinstantiate. @@ -430,14 +430,14 @@ static int process_line(char *line, const char *home, const char *rhome, strcpy(poly->instance_prefix, instance_prefix); if (parse_method(method, poly, idata) != 0) { - goto skipping; + goto skipping; } if (poly->method == TMPDIR) { - if (sizeof(poly->instance_prefix) - strlen(poly->instance_prefix) < 7) { - pam_syslog(idata->pamh, LOG_NOTICE, "Pathnames too long"); - goto skipping; - } + if (sizeof(poly->instance_prefix) - strlen(poly->instance_prefix) < 7) { + pam_syslog(idata->pamh, LOG_NOTICE, "Pathnames too long"); + goto skipping; + } strcat(poly->instance_prefix, "XXXXXX"); } @@ -463,7 +463,7 @@ static int process_line(char *line, const char *home, const char *rhome, uid_t *uidptr; const char *ustr, *sstr; int count, i; - + if (*uids == '~') { poly->flags |= POLYDIR_EXCLUSIVE; uids++; @@ -488,8 +488,8 @@ static int process_line(char *line, const char *home, const char *rhome, pwd = pam_modutil_getpwnam(idata->pamh, ustr); if (pwd == NULL) { - pam_syslog(idata->pamh, LOG_ERR, "Unknown user %s in configuration", ustr); - poly->num_uids--; + pam_syslog(idata->pamh, LOG_ERR, "Unknown user %s in configuration", ustr); + poly->num_uids--; } else { *uidptr = pwd->pw_uid; uidptr++; @@ -508,7 +508,7 @@ static int process_line(char *line, const char *home, const char *rhome, erralloc: pam_syslog(idata->pamh, LOG_CRIT, "Memory allocation error"); - + skipping: if (idata->flags & PAMNS_IGN_CONFIG_ERR) retval = 0; @@ -554,9 +554,9 @@ static int parse_config_file(struct instance_data *idata) return PAM_SESSION_ERR; } if ((home=strdup(cpwd->pw_dir)) == NULL) { - pam_syslog(idata->pamh, LOG_CRIT, - "Memory allocation error"); - return PAM_SESSION_ERR; + pam_syslog(idata->pamh, LOG_CRIT, + "Memory allocation error"); + return PAM_SESSION_ERR; } cpwd = pam_modutil_getpwnam(idata->pamh, idata->ruser); @@ -568,10 +568,10 @@ static int parse_config_file(struct instance_data *idata) } if ((rhome=strdup(cpwd->pw_dir)) == NULL) { - pam_syslog(idata->pamh, LOG_CRIT, - "Memory allocation error"); - free(home); - return PAM_SESSION_ERR; + pam_syslog(idata->pamh, LOG_CRIT, + "Memory allocation error"); + free(home); + return PAM_SESSION_ERR; } /* @@ -594,7 +594,7 @@ static int parse_config_file(struct instance_data *idata) fil = fopen(confname, "r"); if (fil == NULL) { pam_syslog(idata->pamh, LOG_ERR, "Error opening config file %s", - confname); + confname); globfree(&globbuf); free(rhome); free(home); @@ -625,14 +625,14 @@ static int parse_config_file(struct instance_data *idata) if (n >= globbuf.gl_pathc) break; - confname = globbuf.gl_pathv[n]; + confname = globbuf.gl_pathv[n]; n++; } - + globfree(&globbuf); free(rhome); free(home); - + /* All done...just some debug stuff */ if (idata->flags & PAMNS_DEBUG) { struct polydir_s *dptr = idata->polydirs_ptr; @@ -640,7 +640,7 @@ static int parse_config_file(struct instance_data *idata) uid_t i; pam_syslog(idata->pamh, LOG_DEBUG, - dptr?"Configured poly dirs:":"No configured poly dirs"); + dptr?"Configured poly dirs:":"No configured poly dirs"); while (dptr) { pam_syslog(idata->pamh, LOG_DEBUG, "dir='%s' iprefix='%s' meth=%d", dptr->dir, dptr->instance_prefix, dptr->method); @@ -667,7 +667,7 @@ static int ns_override(struct polydir_s *polyptr, struct instance_data *idata, unsigned int i; if (idata->flags & PAMNS_DEBUG) - pam_syslog(idata->pamh, LOG_DEBUG, + pam_syslog(idata->pamh, LOG_DEBUG, "Checking for ns override in dir %s for uid %d", polyptr->dir, uid); @@ -745,7 +745,7 @@ static int form_context(const struct polydir_s *polyptr, rc = getexeccon(&scon); } if (rc < 0 || scon == NULL) { - pam_syslog(idata->pamh, LOG_ERR, + pam_syslog(idata->pamh, LOG_ERR, "Error getting exec context, %m"); return PAM_SESSION_ERR; } @@ -870,17 +870,17 @@ static int poly_name(const struct polydir_s *polyptr, char **i_name, } pm = USER; } - + switch (pm) { case USER: if (asprintf(i_name, "%s", idata->user) < 0) { *i_name = NULL; goto fail; - } - break; + } + break; #ifdef WITH_SELINUX - case LEVEL: + case LEVEL: case CONTEXT: if (selinux_trans_to_raw_context(*i_context, &rawcon) < 0) { pam_syslog(idata->pamh, LOG_ERR, "Error translating directory context"); @@ -890,27 +890,27 @@ static int poly_name(const struct polydir_s *polyptr, char **i_name, if (asprintf(i_name, "%s", rawcon) < 0) { *i_name = NULL; goto fail; - } + } } else { if (asprintf(i_name, "%s_%s", rawcon, idata->user) < 0) { *i_name = NULL; goto fail; - } + } } - break; + break; #endif /* WITH_SELINUX */ case TMPDIR: case TMPFS: if ((*i_name=strdup("")) == NULL) - goto fail; + goto fail; return PAM_SUCCESS; - default: - if (idata->flags & PAMNS_DEBUG) - pam_syslog(idata->pamh, LOG_ERR, "Unknown method"); - goto fail; + default: + if (idata->flags & PAMNS_DEBUG) + pam_syslog(idata->pamh, LOG_ERR, "Unknown method"); + goto fail; } if (idata->flags & PAMNS_DEBUG) @@ -919,24 +919,24 @@ static int poly_name(const struct polydir_s *polyptr, char **i_name, if ((idata->flags & PAMNS_GEN_HASH) || strlen(*i_name) > NAMESPACE_MAX_DIR_LEN) { hash = md5hash(*i_name, idata); if (hash == NULL) { - goto fail; + goto fail; } if (idata->flags & PAMNS_GEN_HASH) { - free(*i_name); + free(*i_name); *i_name = hash; hash = NULL; } else { - char *newname; - if (asprintf(&newname, "%.*s_%s", NAMESPACE_MAX_DIR_LEN-1-(int)strlen(hash), - *i_name, hash) < 0) { - goto fail; - } - free(*i_name); - *i_name = newname; + char *newname; + if (asprintf(&newname, "%.*s_%s", NAMESPACE_MAX_DIR_LEN-1-(int)strlen(hash), + *i_name, hash) < 0) { + goto fail; + } + free(*i_name); + *i_name = newname; } } rc = PAM_SUCCESS; - + fail: free(hash); #ifdef WITH_SELINUX @@ -959,34 +959,34 @@ static int protect_mount(int dfd, const char *path, struct instance_data *idata) { struct protect_dir_s *dir = idata->protect_dirs; char tmpbuf[64]; - + while (dir != NULL) { if (strcmp(path, dir->dir) == 0) { return 0; } dir = dir->next; } - + dir = calloc(1, sizeof(*dir)); - + if (dir == NULL) { return -1; } - + dir->dir = strdup(path); - + if (dir->dir == NULL) { free(dir); return -1; } - + snprintf(tmpbuf, sizeof(tmpbuf), "/proc/self/fd/%d", dfd); - + if (idata->flags & PAMNS_DEBUG) { pam_syslog(idata->pamh, LOG_INFO, "Protect mount of %s over itself", path); } - + if (mount(tmpbuf, tmpbuf, NULL, MS_BIND, NULL) != 0) { int save_errno = errno; pam_syslog(idata->pamh, LOG_ERR, @@ -996,7 +996,7 @@ static int protect_mount(int dfd, const char *path, struct instance_data *idata) errno = save_errno; return -1; } - + dir->next = idata->protect_dirs; idata->protect_dirs = dir; @@ -1019,15 +1019,15 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always, if (p == NULL) { goto error; } - + if (*dir == '/') { dfd = open("/", flags); if (dfd == -1) { goto error; } - dir++; /* assume / is safe */ + dir++; /* assume / is safe */ } - + while ((d=strchr(dir, '/')) != NULL) { *d = '\0'; dfd_next = openat(dfd, dir, flags); @@ -1042,8 +1042,8 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always, if (fstat(dfd, &st) != 0) { goto error; } - - if (flags & O_NOFOLLOW) { + + if (flags & O_NOFOLLOW) { /* we are inside user-owned dir - protect */ if (protect_mount(dfd, p, idata) == -1) goto error; @@ -1058,14 +1058,14 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always, } rv = openat(dfd, dir, flags); - + if (rv == -1) { if (!do_mkdir || mkdirat(dfd, dir, mode) != 0) { goto error; } rv = openat(dfd, dir, flags); } - + if (rv != -1) { if (fstat(rv, &st) != 0) { save_errno = errno; @@ -1082,7 +1082,7 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always, } } - if ((flags & O_NOFOLLOW) || always) { + if ((flags & O_NOFOLLOW) || always) { /* we are inside user-owned dir - protect */ if (protect_mount(rv, p, idata) == -1) { save_errno = errno; @@ -1251,7 +1251,7 @@ static int create_polydir(struct polydir_s *polyptr, pam_syslog(idata->pamh, LOG_DEBUG, "Polydir %s context: %s", dir, (char *)dircon); if (setfscreatecon(dircon) != 0) - pam_syslog(idata->pamh, LOG_NOTICE, + pam_syslog(idata->pamh, LOG_NOTICE, "Error setting context for directory %s: %m", dir); freecon(dircon); } @@ -1279,15 +1279,15 @@ static int create_polydir(struct polydir_s *polyptr, pam_syslog(idata->pamh, LOG_DEBUG, "Created polydir %s", dir); if (polyptr->mode != (mode_t)ULONG_MAX) { - /* explicit mode requested */ - if (fchmod(rc, mode) != 0) { + /* explicit mode requested */ + if (fchmod(rc, mode) != 0) { pam_syslog(idata->pamh, LOG_ERR, - "Error changing mode of directory %s: %m", dir); + "Error changing mode of directory %s: %m", dir); close(rc); umount(dir); /* undo the eventual protection bind mount */ - rmdir(dir); - return PAM_SESSION_ERR; - } + rmdir(dir); + return PAM_SESSION_ERR; + } } if (polyptr->owner != (uid_t)ULONG_MAX) @@ -1345,14 +1345,14 @@ static int create_instance(struct polydir_s *polyptr, char *ipath, struct stat * * attributes to match that of the original directory that is being * polyinstantiated. */ - + if (polyptr->method == TMPDIR) { - if (mkdtemp(polyptr->instance_prefix) == NULL) { + if (mkdtemp(polyptr->instance_prefix) == NULL) { pam_syslog(idata->pamh, LOG_ERR, "Error creating temporary instance %s, %m", polyptr->instance_prefix); polyptr->method = NONE; /* do not clean up! */ return PAM_SESSION_ERR; - } + } /* copy the actual directory name to ipath */ strcpy(ipath, polyptr->instance_prefix); } else if (mkdir(ipath, S_IRUSR) < 0) { @@ -1452,21 +1452,21 @@ static int ns_setup(struct polydir_s *polyptr, if (retval < 0 && errno != ENOENT) { pam_syslog(idata->pamh, LOG_ERR, "Polydir %s access error: %m", polyptr->dir); - return PAM_SESSION_ERR; + return PAM_SESSION_ERR; } if (retval < 0) { - if ((polyptr->flags & POLYDIR_CREATE) && + if ((polyptr->flags & POLYDIR_CREATE) && create_polydir(polyptr, idata) != PAM_SUCCESS) return PAM_SESSION_ERR; } else { - close(retval); + close(retval); } - + if (polyptr->method == TMPFS) { if (mount("tmpfs", polyptr->dir, "tmpfs", 0, NULL) < 0) { pam_syslog(idata->pamh, LOG_ERR, "Error mounting tmpfs on %s, %m", - polyptr->dir); + polyptr->dir); return PAM_SESSION_ERR; } @@ -1481,7 +1481,7 @@ static int ns_setup(struct polydir_s *polyptr, polyptr->dir); return PAM_SESSION_ERR; } - + /* * Obtain the name of instance pathname based on the * polyinstantiation method and instance context returned by @@ -1495,8 +1495,8 @@ static int ns_setup(struct polydir_s *polyptr, #endif if (retval != PAM_SUCCESS) { - if (retval != PAM_IGNORE) - pam_syslog(idata->pamh, LOG_ERR, "Error getting instance name"); + if (retval != PAM_IGNORE) + pam_syslog(idata->pamh, LOG_ERR, "Error getting instance name"); goto cleanup; } else { #ifdef WITH_SELINUX @@ -1526,8 +1526,8 @@ static int ns_setup(struct polydir_s *polyptr, #endif if (retval == PAM_IGNORE) { - newdir = 0; - retval = PAM_SUCCESS; + newdir = 0; + retval = PAM_SUCCESS; } if (retval != PAM_SUCCESS) { @@ -1647,7 +1647,7 @@ static int cleanup_tmpdirs(struct instance_data *idata) } if (!WIFEXITED(status) || WIFSIGNALED(status) > 0) { pam_syslog(idata->pamh, LOG_ERR, - "Error removing %s", pptr->instance_prefix); + "Error removing %s", pptr->instance_prefix); } } else if (pid < 0) { pam_syslog(idata->pamh, LOG_ERR, @@ -1686,14 +1686,14 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt) */ for (pptr = idata->polydirs_ptr; pptr; pptr = pptr->next) { if (ns_override(pptr, idata, idata->uid)) { - if (unmnt == NO_UNMNT || ns_override(pptr, idata, idata->ruid)) { - if (idata->flags & PAMNS_DEBUG) - pam_syslog(idata->pamh, LOG_DEBUG, + if (unmnt == NO_UNMNT || ns_override(pptr, idata, idata->ruid)) { + if (idata->flags & PAMNS_DEBUG) + pam_syslog(idata->pamh, LOG_DEBUG, "Overriding poly for user %d for dir %s", idata->uid, pptr->dir); } else { - if (idata->flags & PAMNS_DEBUG) - pam_syslog(idata->pamh, LOG_DEBUG, + if (idata->flags & PAMNS_DEBUG) + pam_syslog(idata->pamh, LOG_DEBUG, "Need unmount ns for user %d for dir %s", idata->ruid, pptr->dir); need_poly = 1; @@ -1721,7 +1721,7 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt) return PAM_SESSION_ERR; } } else { - del_polydir_list(idata->polydirs_ptr); + del_polydir_list(idata->polydirs_ptr); return PAM_SUCCESS; } @@ -1768,12 +1768,12 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt) * are available from */ strcpy(poly_parent, pptr->rdir); - fptr = strchr(poly_parent, '/'); - cptr = strrchr(poly_parent, '/'); - if (fptr && cptr && (fptr == cptr)) - strcpy(poly_parent, "/"); - else if (cptr) - *cptr = '\0'; + fptr = strchr(poly_parent, '/'); + cptr = strrchr(poly_parent, '/'); + if (fptr && cptr && (fptr == cptr)) + strcpy(poly_parent, "/"); + else if (cptr) + *cptr = '\0'; if (chdir(poly_parent) < 0) { pam_syslog(idata->pamh, LOG_ERR, "Can't chdir to %s, %m", poly_parent); @@ -1781,12 +1781,12 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt) } if (umount(pptr->rdir) < 0) { - int saved_errno = errno; - pam_syslog(idata->pamh, LOG_ERR, "Unmount of %s failed, %m", - pptr->rdir); - if (saved_errno != EINVAL) { - retval = PAM_SESSION_ERR; - goto out; + int saved_errno = errno; + pam_syslog(idata->pamh, LOG_ERR, "Unmount of %s failed, %m", + pptr->rdir); + if (saved_errno != EINVAL) { + retval = PAM_SESSION_ERR; + goto out; } } else if (idata->flags & PAMNS_DEBUG) pam_syslog(idata->pamh, LOG_DEBUG, "Umount succeeded %s", @@ -1803,20 +1803,20 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt) } out: if (retval != PAM_SUCCESS) { - cleanup_tmpdirs(idata); - unprotect_dirs(idata->protect_dirs); + cleanup_tmpdirs(idata); + unprotect_dirs(idata->protect_dirs); } else if (pam_set_data(idata->pamh, NAMESPACE_PROTECT_DATA, idata->protect_dirs, - cleanup_protect_data) != PAM_SUCCESS) { + cleanup_protect_data) != PAM_SUCCESS) { pam_syslog(idata->pamh, LOG_ERR, "Unable to set namespace protect data"); - cleanup_tmpdirs(idata); - unprotect_dirs(idata->protect_dirs); + cleanup_tmpdirs(idata); + unprotect_dirs(idata->protect_dirs); return PAM_SYSTEM_ERR; } else if (pam_set_data(idata->pamh, NAMESPACE_POLYDIR_DATA, idata->polydirs_ptr, - cleanup_polydir_data) != PAM_SUCCESS) { + cleanup_polydir_data) != PAM_SUCCESS) { pam_syslog(idata->pamh, LOG_ERR, "Unable to set namespace polydir data"); - cleanup_tmpdirs(idata); - pam_set_data(idata->pamh, NAMESPACE_PROTECT_DATA, NULL, NULL); - idata->protect_dirs = NULL; + cleanup_tmpdirs(idata); + pam_set_data(idata->pamh, NAMESPACE_PROTECT_DATA, NULL, NULL); + idata->protect_dirs = NULL; return PAM_SYSTEM_ERR; } return retval; @@ -1943,7 +1943,7 @@ static int get_user_data(struct instance_data *idata) int retval; char *user_name; struct passwd *pwd; - /* + /* * Lookup user and fill struct items */ retval = pam_get_item(idata->pamh, PAM_USER, (void*) &user_name ); @@ -1969,10 +1969,10 @@ static int get_user_data(struct instance_data *idata) /* Fill in RUSER too */ retval = pam_get_item(idata->pamh, PAM_RUSER, (void*) &user_name ); if ( user_name != NULL && retval == PAM_SUCCESS && user_name[0] != '\0' ) { - strncat(idata->ruser, user_name, sizeof(idata->ruser) - 1); - pwd = pam_modutil_getpwnam(idata->pamh, user_name); + strncat(idata->ruser, user_name, sizeof(idata->ruser) - 1); + pwd = pam_modutil_getpwnam(idata->pamh, user_name); } else { - pwd = pam_modutil_getpwuid(idata->pamh, getuid()); + pwd = pam_modutil_getpwuid(idata->pamh, getuid()); } if (!pwd) { pam_syslog(idata->pamh, LOG_ERR, "user unknown '%s'", user_name); @@ -2005,7 +2005,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED, #ifdef WITH_SELINUX if (is_selinux_enabled()) idata.flags |= PAMNS_SELINUX_ENABLED; - if (ctxt_based_inst_needed()) + if (ctxt_based_inst_needed()) idata.flags |= PAMNS_CTXT_BASED_INST; #endif @@ -2036,7 +2036,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED, unmnt = UNMNT_ONLY; if (strcmp(argv[i], "require_selinux") == 0) { if (!(idata.flags & PAMNS_SELINUX_ENABLED)) { - pam_syslog(idata.pamh, LOG_ERR, + pam_syslog(idata.pamh, LOG_ERR, "selinux_required option given and selinux is disabled"); return PAM_SESSION_ERR; } @@ -2047,7 +2047,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED, retval = get_user_data(&idata); if (retval != PAM_SUCCESS) - return retval; + return retval; if (root_shared()) { idata.flags |= PAMNS_MOUNT_PRIVATE; @@ -2135,13 +2135,13 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED, retval = get_user_data(&idata); if (retval != PAM_SUCCESS) - return retval; + return retval; retval = pam_get_data(idata.pamh, NAMESPACE_POLYDIR_DATA, (const void **)&polyptr); if (retval != PAM_SUCCESS || polyptr == NULL) - /* nothing to reset */ - return PAM_SUCCESS; - + /* nothing to reset */ + return PAM_SUCCESS; + idata.polydirs_ptr = polyptr; if (idata.flags & PAMNS_DEBUG) @@ -2160,7 +2160,7 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED, pam_set_data(idata.pamh, NAMESPACE_POLYDIR_DATA, NULL, NULL); pam_set_data(idata.pamh, NAMESPACE_PROTECT_DATA, NULL, NULL); - + return PAM_SUCCESS; } diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h index c49995c0..6bca31c4 100644 --- a/modules/pam_namespace/pam_namespace.h +++ b/modules/pam_namespace/pam_namespace.h @@ -1,5 +1,5 @@ /****************************************************************************** - * A module for Linux-PAM that will set the default namespace after + * A module for Linux-PAM that will set the default namespace after * establishing a session via PAM. * * (C) Copyright IBM Corporation 2005 @@ -134,9 +134,9 @@ enum polymethod { /* * Depending on the application using this namespace module, we * may need to unmount priviously bind mounted instance directory. - * Applications such as login and sshd, that establish a new + * Applications such as login and sshd, that establish a new * session unmount of instance directory is not needed. For applications - * such as su and newrole, that switch the identity, this module + * such as su and newrole, that switch the identity, this module * has to unmount previous instance directory first and re-mount * based on the new indentity. For other trusted applications that * just want to undo polyinstantiation, only unmount of previous @@ -182,4 +182,3 @@ struct instance_data { uid_t ruid; /* The uid of the requesting user */ unsigned long flags; /* Flags for debug, selinux etc */ }; - -- cgit v1.2.3 From c9c4faaf50c66d5e4d1b9d6c450c206c12f09f8a Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Thu, 27 Oct 2011 14:55:55 +0000 Subject: Rename all .cvsignore files to .gitignore --- modules/pam_namespace/.cvsignore | 9 --------- modules/pam_namespace/.gitignore | 9 +++++++++ 2 files changed, 9 insertions(+), 9 deletions(-) delete mode 100644 modules/pam_namespace/.cvsignore create mode 100644 modules/pam_namespace/.gitignore (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/.cvsignore b/modules/pam_namespace/.cvsignore deleted file mode 100644 index 59a9578c..00000000 --- a/modules/pam_namespace/.cvsignore +++ /dev/null @@ -1,9 +0,0 @@ -*.la -*.lo -.deps -.libs -Makefile -Makefile.in -README -namespace.conf.5 -pam_namespace.8 diff --git a/modules/pam_namespace/.gitignore b/modules/pam_namespace/.gitignore new file mode 100644 index 00000000..59a9578c --- /dev/null +++ b/modules/pam_namespace/.gitignore @@ -0,0 +1,9 @@ +*.la +*.lo +.deps +.libs +Makefile +Makefile.in +README +namespace.conf.5 +pam_namespace.8 -- cgit v1.2.3 From 3e7fb3233efe776d867be9d34b4b6e83ec59df86 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Thu, 27 Oct 2011 14:55:55 +0000 Subject: Update .gitignore files * .gitignore: Add common ignore patterns. * m4/.gitignore: Unignore local m4 files. * dynamic/.gitignore: Unignore Makefile. * libpamc/test/modules/.gitignore: Likewise. * libpamc/test/regress/.gitignore: Likewise. * po/.gitignore: Add Makevars.template. * conf/.gitignore: Remove common ignore patterns. * conf/pam_conv1/.gitignore: Likewise. * doc/.gitignore: Likewise. * doc/specs/.gitignore: Likewise. * doc/specs/formatter/.gitignore: Likewise. * examples/.gitignore: Likewise. * modules/pam_filter/upperLOWER/.gitignore: Likewise. * modules/pam_mkhomedir/.gitignore: Likewise. * modules/pam_selinux/.gitignore: Likewise. * modules/pam_stress/.gitignore: Likewise. * modules/pam_tally/.gitignore: Likewise. * modules/pam_tally2/.gitignore: Likewise. * modules/pam_timestamp/.gitignore: Likewise. * modules/pam_unix/.gitignore: Likewise. * tests/.gitignore: Likewise. * xtests/.gitignore: Likewise. * doc/adg/.gitignore: Remove. * doc/man/.gitignore: Remove. * doc/mwg/.gitignore: Remove. * doc/sag/.gitignore: Remove. * libpamc/.gitignore: Remove. * libpamc/test/.gitignore: Remove. * libpam/.gitignore: Remove. * libpam_misc/.gitignore: Remove. * modules/.gitignore: Remove. * modules/pam_access/.gitignore: Remove. * modules/pam_cracklib/.gitignore: Remove. * modules/pam_debug/.gitignore: Remove. * modules/pam_deny/.gitignore: Remove. * modules/pam_echo/.gitignore: Remove. * modules/pam_env/.gitignore: Remove. * modules/pam_exec/.gitignore: Remove. * modules/pam_faildelay/.gitignore: Remove. * modules/pam_filter/.gitignore: Remove. * modules/pam_ftp/.gitignore: Remove. * modules/pam_group/.gitignore: Remove. * modules/pam_issue/.gitignore: Remove. * modules/pam_keyinit/.gitignore: Remove. * modules/pam_lastlog/.gitignore: Remove. * modules/pam_limits/.gitignore: Remove. * modules/pam_listfile/.gitignore: Remove. * modules/pam_localuser/.gitignore: Remove. * modules/pam_loginuid/.gitignore: Remove. * modules/pam_mail/.gitignore: Remove. * modules/pam_motd/.gitignore: Remove. * modules/pam_namespace/.gitignore: Remove. * modules/pam_nologin/.gitignore: Remove. * modules/pam_permit/.gitignore: Remove. * modules/pam_pwhistory/.gitignore: Remove. * modules/pam_rhosts/.gitignore: Remove. * modules/pam_rootok/.gitignore: Remove. * modules/pam_securetty/.gitignore: Remove. * modules/pam_sepermit/.gitignore: Remove. * modules/pam_shells/.gitignore: Remove. * modules/pam_succeed_if/.gitignore: Remove. * modules/pam_time/.gitignore: Remove. * modules/pam_tty_audit/.gitignore: Remove. * modules/pam_umask/.gitignore: Remove. * modules/pam_userdb/.gitignore: Remove. * modules/pam_warn/.gitignore: Remove. * modules/pam_wheel/.gitignore: Remove. * modules/pam_xauth/.gitignore: Remove. --- modules/pam_namespace/.gitignore | 9 --------- 1 file changed, 9 deletions(-) delete mode 100644 modules/pam_namespace/.gitignore (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/.gitignore b/modules/pam_namespace/.gitignore deleted file mode 100644 index 59a9578c..00000000 --- a/modules/pam_namespace/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -*.la -*.lo -.deps -.libs -Makefile -Makefile.in -README -namespace.conf.5 -pam_namespace.8 -- cgit v1.2.3 From dc8b23cf9228ed432e9b7b2ee2209a06283241c0 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 28 Oct 2011 02:28:38 +0000 Subject: Use libpam.la/libpam_misc.la to link with -lpam/-lpam_misc GNU automake documentation recommends to avoid using -l options in LDADD or LIBADD when referring to libraries built by the package. Instead, it recommends to write the file name of the library explicitly, and use -l option only to list third-party libraries. As result, the default value of *_DEPENDENCIES will list all local libraries and omit the other ones. * modules/pam_access/Makefile.am (pam_access_la_LIBADD): Replace "-L$(top_builddir)/libpam -lpam" with "$(top_builddir)/libpam/libpam.la", to follow GNU automake recommendations. * modules/pam_cracklib/Makefile.am (pam_cracklib_la_LIBADD): Likewise. * modules/pam_debug/Makefile.am (pam_debug_la_LIBADD): Likewise. * modules/pam_deny/Makefile.am (pam_deny_la_LIBADD): Likewise. * modules/pam_echo/Makefile.am (pam_echo_la_LIBADD): Likewise. * modules/pam_env/Makefile.am (pam_env_la_LIBADD): Likewise. * modules/pam_exec/Makefile.am (pam_exec_la_LIBADD): Likewise. * modules/pam_faildelay/Makefile.am (pam_faildelay_la_LIBADD): Likewise. * modules/pam_filter/Makefile.am (pam_filter_la_LIBADD): Likewise. * modules/pam_filter/upperLOWER/Makefile.am (LDADD): Likewise. * modules/pam_ftp/Makefile.am (pam_ftp_la_LIBADD): Likewise. * modules/pam_group/Makefile.am (pam_group_la_LIBADD): Likewise. * modules/pam_issue/Makefile.am (pam_issue_la_LIBADD): Likewise. * modules/pam_keyinit/Makefile.am (pam_keyinit_la_LIBADD): Likewise. * modules/pam_lastlog/Makefile.am (pam_lastlog_la_LIBADD): Likewise. * modules/pam_limits/Makefile.am (pam_limits_la_LIBADD): Likewise. * modules/pam_listfile/Makefile.am (pam_listfile_la_LIBADD): Likewise. * modules/pam_localuser/Makefile.am (pam_localuser_la_LIBADD): Likewise. * modules/pam_loginuid/Makefile.am (pam_loginuid_la_LIBADD): Likewise. * modules/pam_mail/Makefile.am (pam_mail_la_LIBADD): Likewise. * modules/pam_mkhomedir/Makefile.am (pam_mkhomedir_la_LIBADD, mkhomedir_helper_LDADD): Likewise. * modules/pam_motd/Makefile.am (pam_motd_la_LIBADD): Likewise. * modules/pam_namespace/Makefile.am (pam_namespace_la_LIBADD): Likewise. * modules/pam_nologin/Makefile.am (pam_nologin_la_LIBADD): Likewise. * modules/pam_permit/Makefile.am (pam_permit_la_LIBADD): Likewise. * modules/pam_pwhistory/Makefile.am (pam_pwhistory_la_LIBADD): Likewise. * modules/pam_rhosts/Makefile.am (pam_rhosts_la_LIBADD): Likewise. * modules/pam_rootok/Makefile.am (pam_rootok_la_LIBADD): Likewise. * modules/pam_securetty/Makefile.am (pam_securetty_la_LIBADD): Likewise. * modules/pam_sepermit/Makefile.am (pam_sepermit_la_LIBADD): Likewise. * modules/pam_shells/Makefile.am (pam_shells_la_LIBADD): Likewise. * modules/pam_stress/Makefile.am (pam_stress_la_LIBADD): Likewise. * modules/pam_succeed_if/Makefile.am (pam_succeed_if_la_LIBADD): Likewise. * modules/pam_tally/Makefile.am (pam_tally_la_LIBADD): Likewise. * modules/pam_tally2/Makefile.am (pam_tally2_la_LIBADD, pam_tally2_LDADD): Likewise. * modules/pam_time/Makefile.am (pam_time_la_LIBADD): Likewise. * modules/pam_timestamp/Makefile.am (pam_timestamp_la_LIBADD, pam_timestamp_check_LDADD, hmacfile_LDADD): Likewise. * modules/pam_tty_audit/Makefile.am (pam_tty_audit_la_LIBADD): Likewise. * modules/pam_umask/Makefile.am (pam_umask_la_LIBADD): Likewise. * modules/pam_unix/Makefile.am (pam_unix_la_LIBADD): Likewise. * modules/pam_userdb/Makefile.am (pam_userdb_la_LIBADD): Likewise. * modules/pam_warn/Makefile.am (pam_warn_la_LIBADD): Likewise. * modules/pam_wheel/Makefile.am (pam_wheel_la_LIBADD): Likewise. * modules/pam_xauth/Makefile.am (pam_xauth_la_LIBADD): Likewise. * tests/Makefile.am (LDADD): Likewise. * examples/Makefile.am (LDADD): Replace "-L$(top_builddir)/libpam -lpam" with "$(top_builddir)/libpam/libpam.la", and "-L$(top_builddir)/libpam_misc -lpam_misc" with "$(top_builddir)/libpam_misc/libpam_misc.la", to follow GNU automake recommendations. * xtests/Makefile.am (LDADD): Likewise. * modules/pam_selinux/Makefile.am (pam_selinux_la_LIBADD): Likewise. --- modules/pam_namespace/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/Makefile.am b/modules/pam_namespace/Makefile.am index 44513de0..586a5436 100644 --- a/modules/pam_namespace/Makefile.am +++ b/modules/pam_namespace/Makefile.am @@ -34,7 +34,7 @@ noinst_HEADERS = md5.h pam_namespace.h argv_parse.h if HAVE_UNSHARE securelib_LTLIBRARIES = pam_namespace.la pam_namespace_la_SOURCES = pam_namespace.c md5.c argv_parse.c - pam_namespace_la_LIBADD = -L$(top_builddir)/libpam -lpam @LIBSELINUX@ + pam_namespace_la_LIBADD = $(top_builddir)/libpam/libpam.la @LIBSELINUX@ secureconf_DATA = namespace.conf secureconf_SCRIPTS = namespace.init -- cgit v1.2.3 From d5a261b8be2035bbf49726eb7ac792ee6d5a22d1 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Tue, 24 Jan 2012 20:03:28 +0100 Subject: Make / mount as rslave instead of bind mounting polydirs. * modules/pam_namespace/pam_namespace.c (protect_dir): Drop the always argument. (check_inst_parent): Drop the always argument from protect_dir(). (create_polydir): Likewise. (ns_setup): Likewise and do not mark the polydir with MS_PRIVATE. (setup_namespace): Mark the / with MS_SLAVE|MS_REC. * modules/pam_namespace/pam_namespace.8.xml: Reflect the change in docs. --- modules/pam_namespace/pam_namespace.8.xml | 10 ++++++-- modules/pam_namespace/pam_namespace.c | 40 +++++++++++++++---------------- 2 files changed, 27 insertions(+), 23 deletions(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/pam_namespace.8.xml b/modules/pam_namespace/pam_namespace.8.xml index 48021c80..6ec3ad23 100644 --- a/modules/pam_namespace/pam_namespace.8.xml +++ b/modules/pam_namespace/pam_namespace.8.xml @@ -246,12 +246,18 @@ This option can be used on systems where the / mount point or its submounts are made shared (for example with a mount --make-rshared / command). - The module will make the polyinstantiated directory mount points - private. Normally the pam_namespace will try to detect the + The module will mark the whole directory tree so any mount and + unmount operations in the polyinstantiation namespace are private. + Normally the pam_namespace will try to detect the shared / mount point and make the polyinstantiated directories private automatically. This option has to be used just when only a subtree is shared and / is not. + + Note that mounts and unmounts done in the private namespace will not + affect the parent namespace if this option is used or when the + shared / mount point is autodetected. + diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c index f0bffa15..470f493b 100644 --- a/modules/pam_namespace/pam_namespace.c +++ b/modules/pam_namespace/pam_namespace.c @@ -1003,7 +1003,7 @@ static int protect_mount(int dfd, const char *path, struct instance_data *idata) return 0; } -static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always, +static int protect_dir(const char *path, mode_t mode, int do_mkdir, struct instance_data *idata) { char *p = strdup(path); @@ -1082,7 +1082,7 @@ static int protect_dir(const char *path, mode_t mode, int do_mkdir, int always, } } - if ((flags & O_NOFOLLOW) || always) { + if (flags & O_NOFOLLOW) { /* we are inside user-owned dir - protect */ if (protect_mount(rv, p, idata) == -1) { save_errno = errno; @@ -1124,7 +1124,7 @@ static int check_inst_parent(char *ipath, struct instance_data *idata) if (trailing_slash) *trailing_slash = '\0'; - dfd = protect_dir(inst_parent, 0, 1, 0, idata); + dfd = protect_dir(inst_parent, 0, 1, idata); if (dfd == -1 || fstat(dfd, &instpbuf) < 0) { pam_syslog(idata->pamh, LOG_ERR, @@ -1259,7 +1259,7 @@ static int create_polydir(struct polydir_s *polyptr, } #endif - rc = protect_dir(dir, mode, 1, idata->flags & PAMNS_MOUNT_PRIVATE, idata); + rc = protect_dir(dir, mode, 1, idata); if (rc == -1) { pam_syslog(idata->pamh, LOG_ERR, "Error creating directory %s: %m", dir); @@ -1447,7 +1447,7 @@ static int ns_setup(struct polydir_s *polyptr, pam_syslog(idata->pamh, LOG_DEBUG, "Set namespace for directory %s", polyptr->dir); - retval = protect_dir(polyptr->dir, 0, 0, idata->flags & PAMNS_MOUNT_PRIVATE, idata); + retval = protect_dir(polyptr->dir, 0, 0, idata); if (retval < 0 && errno != ENOENT) { pam_syslog(idata->pamh, LOG_ERR, "Polydir %s access error: %m", @@ -1534,22 +1534,6 @@ static int ns_setup(struct polydir_s *polyptr, goto error_out; } - if (idata->flags & PAMNS_MOUNT_PRIVATE) { - /* - * Make the polyinstantiated dir private mount. This depends - * on making the dir a mount point in the protect_dir call. - */ - if (mount(polyptr->dir, polyptr->dir, NULL, MS_PRIVATE|MS_REC, NULL) < 0) { - pam_syslog(idata->pamh, LOG_ERR, "Error making %s a private mount, %m", - polyptr->dir); - goto error_out; - } - if (idata->flags & PAMNS_DEBUG) - pam_syslog(idata->pamh, LOG_DEBUG, - "Polyinstantiated directory %s made as private mount", polyptr->dir); - - } - /* * Bind mount instance directory on top of the polyinstantiated * directory to provide an instance of polyinstantiated directory @@ -1720,6 +1704,20 @@ static int setup_namespace(struct instance_data *idata, enum unmnt_op unmnt) "Unable to unshare from parent namespace, %m"); return PAM_SESSION_ERR; } + if (idata->flags & PAMNS_MOUNT_PRIVATE) { + /* + * Remount / as SLAVE so that nothing mounted in the namespace + * shows up in the parent + */ + if (mount("/", "/", NULL, MS_SLAVE | MS_REC , NULL) < 0) { + pam_syslog(idata->pamh, LOG_ERR, + "Failed to mark / as a slave mount point, %m"); + return PAM_SESSION_ERR; + } + if (idata->flags & PAMNS_DEBUG) + pam_syslog(idata->pamh, LOG_DEBUG, + "The / mount point was marked as slave"); + } } else { del_polydir_list(idata->polydirs_ptr); return PAM_SUCCESS; -- cgit v1.2.3 From 17a3f6715591b215a7fdd3127db4abe70ff26381 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 26 Jan 2012 14:50:51 +0100 Subject: Do not unmount anything by default in pam_namespace close session call. * modules/pam_namespace/pam_namespace.c (pam_sm_close_session): Recognize the unmount_on_close option and make the default to be to not unmount. * modules/pam_namespace/pam_namespace.h: Rename PAMNS_NO_UNMOUNT_ON_CLOSE to PAMNS_UNMOUNT_ON_CLOSE. * modules/pam_namespace/pam_namespace.8.xml: Document the change. --- modules/pam_namespace/pam_namespace.8.xml | 17 +++++++++-------- modules/pam_namespace/pam_namespace.c | 24 +++++++++++++----------- modules/pam_namespace/pam_namespace.h | 2 +- 3 files changed, 23 insertions(+), 20 deletions(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/pam_namespace.8.xml b/modules/pam_namespace/pam_namespace.8.xml index 6ec3ad23..f0f80d33 100644 --- a/modules/pam_namespace/pam_namespace.8.xml +++ b/modules/pam_namespace/pam_namespace.8.xml @@ -44,7 +44,7 @@ ignore_instance_parent_mode - no_unmount_on_close + unmount_on_close use_current_context @@ -195,16 +195,17 @@ - + - For certain trusted programs such as newrole, open session - is called from a child process while the parent performs - close session and pam end functions. For these commands - use this option to instruct pam_close_session to not - unmount the bind mounted polyinstantiated directory in the - parent. + Explicitly unmount the polyinstantiated directories instead + of relying on automatic namespace destruction after the last + process in a namespace exits. This option should be used + only in case it is ensured by other means that there cannot be + any processes running in the private namespace left after the + session close. It is also useful only in case there are + multiple pam session calls in sequence from the same process. diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c index 470f493b..a40f05e6 100644 --- a/modules/pam_namespace/pam_namespace.c +++ b/modules/pam_namespace/pam_namespace.c @@ -2108,24 +2108,26 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED, idata.flags |= PAMNS_DEBUG; if (strcmp(argv[i], "ignore_config_error") == 0) idata.flags |= PAMNS_IGN_CONFIG_ERR; - if (strcmp(argv[i], "no_unmount_on_close") == 0) - idata.flags |= PAMNS_NO_UNMOUNT_ON_CLOSE; + if (strcmp(argv[i], "unmount_on_close") == 0) + idata.flags |= PAMNS_UNMOUNT_ON_CLOSE; } if (idata.flags & PAMNS_DEBUG) pam_syslog(idata.pamh, LOG_DEBUG, "close_session - start"); /* - * For certain trusted programs such as newrole, open session - * is called from a child process while the parent perfoms - * close session and pam end functions. For these commands - * pam_close_session should not perform the unmount of the - * polyinstantiatied directory because it will result in - * undoing of parents polyinstantiatiaion. These commands - * will invoke pam_namespace with the "no_unmount_on_close" - * argument. + * Normally the unmount is implicitly done when the last + * process in the private namespace exits. + * If it is ensured that there are no child processes left in + * the private namespace by other means and if there are + * multiple sessions opened and closed sequentially by the + * same process, the "unmount_on_close" option might be + * used to unmount the polydirs explicitly. */ - if (idata.flags & PAMNS_NO_UNMOUNT_ON_CLOSE) { + if (!(idata.flags & PAMNS_UNMOUNT_ON_CLOSE)) { + pam_set_data(idata.pamh, NAMESPACE_POLYDIR_DATA, NULL, NULL); + pam_set_data(idata.pamh, NAMESPACE_PROTECT_DATA, NULL, NULL); + if (idata.flags & PAMNS_DEBUG) pam_syslog(idata.pamh, LOG_DEBUG, "close_session - sucessful"); return PAM_SUCCESS; diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h index 6bca31c4..1d0c11c6 100644 --- a/modules/pam_namespace/pam_namespace.h +++ b/modules/pam_namespace/pam_namespace.h @@ -101,7 +101,7 @@ #define PAMNS_GEN_HASH 0x00002000 /* Generate md5 hash for inst names */ #define PAMNS_IGN_CONFIG_ERR 0x00004000 /* Ignore format error in conf file */ #define PAMNS_IGN_INST_PARENT_MODE 0x00008000 /* Ignore instance parent mode */ -#define PAMNS_NO_UNMOUNT_ON_CLOSE 0x00010000 /* no unmount at session close */ +#define PAMNS_UNMOUNT_ON_CLOSE 0x00010000 /* Unmount at session close */ #define PAMNS_USE_CURRENT_CONTEXT 0x00020000 /* use getcon instead of getexeccon */ #define PAMNS_USE_DEFAULT_CONTEXT 0x00040000 /* use get_default_context instead of getexeccon */ #define PAMNS_MOUNT_PRIVATE 0x00080000 /* Make the polydir mounts private */ -- cgit v1.2.3 From 01e176ec352748487212e59723192d8dbdf53e29 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 23 Jul 2012 18:32:16 +0200 Subject: New autotools do not create empty directories on install. modules/pam_namespace/Makefile.am: Add install-data-local target to create namespaceddir. modules/pam_sepermit/Makefile.am: Add install-data-local target to create sepermitlockdir. --- modules/pam_namespace/Makefile.am | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/Makefile.am b/modules/pam_namespace/Makefile.am index 586a5436..a28f1960 100644 --- a/modules/pam_namespace/Makefile.am +++ b/modules/pam_namespace/Makefile.am @@ -38,7 +38,9 @@ if HAVE_UNSHARE secureconf_DATA = namespace.conf secureconf_SCRIPTS = namespace.init - namespaced_DATA = + +install-data-local: + mkdir -p $(namespaceddir) endif -- cgit v1.2.3 From c62981a43a7da5d7c10e432874e7c66b47a4f363 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Thu, 16 Aug 2012 15:46:56 +0200 Subject: Small documentation and define fixes modules/pam_limits/limits.conf.5.xml: Document race of maxlogins [#10] modules/pam_namespace/pam_namespace.h: Define MS_SLAVE if necessary modules/pam_pwhistory/pam_pwhistory.c: Document how the module works modules/pam_unix/pam_unix.8.xml: Document remember option obsoleted by pam_pwhistory [#6] --- modules/pam_namespace/pam_namespace.h | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h index 1d0c11c6..51d23886 100644 --- a/modules/pam_namespace/pam_namespace.h +++ b/modules/pam_namespace/pam_namespace.h @@ -81,6 +81,10 @@ #ifndef MS_PRIVATE #define MS_PRIVATE (1<<18) #endif +#ifndef MS_SLAVE +#define MS_SLAVE (1<<19) +#endif + /* * Module defines -- cgit v1.2.3 From d7e6b921cd34f7ad8fc4d05065c75d13ba330896 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Fri, 17 Aug 2012 14:46:40 +0200 Subject: Add missing $(DESTDIR) when making directories on install. modules/pam_namespace/Makefile.am: Add missing $(DESTDIR) when making $(namespaceddir) on install. modules/pam_sepermit/Makefile.am: Add missing $(DESTDIR) when making $(sepermitlockdir) on install. --- modules/pam_namespace/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/Makefile.am b/modules/pam_namespace/Makefile.am index a28f1960..ebb00f36 100644 --- a/modules/pam_namespace/Makefile.am +++ b/modules/pam_namespace/Makefile.am @@ -40,7 +40,7 @@ if HAVE_UNSHARE secureconf_SCRIPTS = namespace.init install-data-local: - mkdir -p $(namespaceddir) + mkdir -p $(DESTDIR)$(namespaceddir) endif -- cgit v1.2.3 From fbcbb0e302b0c7561e565531b47fba9477b238ba Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Wed, 10 Oct 2012 19:46:02 +0200 Subject: pam_namespace: add mntopts flag for tmpfs mount options modules/pam_namespace/pam_namespace.h: Add mount_opts member to polydir structure. modules/pam_namespace/pam_namespace.c (del_polydir): Free the mount_opts. (parse_method): Parse the mntopts flag. (ns_setup): Pass the mount_opts to mount(). modules/pam_namespace/namespace.conf.5.xml: Document the mntopts flag. --- modules/pam_namespace/namespace.conf.5.xml | 8 ++++++++ modules/pam_namespace/pam_namespace.c | 21 ++++++++++++++++++--- modules/pam_namespace/pam_namespace.h | 2 ++ 3 files changed, 28 insertions(+), 3 deletions(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/namespace.conf.5.xml b/modules/pam_namespace/namespace.conf.5.xml index 673099b0..c7698cb4 100644 --- a/modules/pam_namespace/namespace.conf.5.xml +++ b/modules/pam_namespace/namespace.conf.5.xml @@ -119,6 +119,14 @@ contain the user name and will be shared among all users. + mntopts=value + - value of this flag is passed to the mount call when the tmpfs mount is + done. It allows for example the specification of the maximum size of the + tmpfs instance that is created by the mount call. See + mount8 + for details. + + The directory where polyinstantiated instances are to be created, must exist and must have, by default, the mode of 0000. The diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c index a40f05e6..e0d5e30b 100644 --- a/modules/pam_namespace/pam_namespace.c +++ b/modules/pam_namespace/pam_namespace.c @@ -64,6 +64,7 @@ static void del_polydir(struct polydir_s *poly) if (poly) { free(poly->uid); free(poly->init_script); + free(poly->mount_opts); free(poly); } } @@ -237,9 +238,9 @@ static int parse_method(char *method, struct polydir_s *poly, static const char *method_names[] = { "user", "context", "level", "tmpdir", "tmpfs", NULL }; static const char *flag_names[] = { "create", "noinit", "iscript", - "shared", NULL }; + "shared", "mntopts", NULL }; static const unsigned int flag_values[] = { POLYDIR_CREATE, POLYDIR_NOINIT, - POLYDIR_ISCRIPT, POLYDIR_SHARED }; + POLYDIR_ISCRIPT, POLYDIR_SHARED, POLYDIR_MNTOPTS }; int i; char *flag; @@ -279,6 +280,20 @@ static int parse_method(char *method, struct polydir_s *poly, return -1; }; break; + + case POLYDIR_MNTOPTS: + if (flag[namelen] != '=') + break; + if (poly->method != TMPFS) { + pam_syslog(idata->pamh, LOG_WARNING, "Mount options applicable only to tmpfs method"); + break; + } + free(poly->mount_opts); /* if duplicate mntopts specified */ + if ((poly->mount_opts = strdup(flag+namelen+1)) == NULL) { + pam_syslog(idata->pamh, LOG_CRIT, "Memory allocation error"); + return -1; + } + break; } } } @@ -1464,7 +1479,7 @@ static int ns_setup(struct polydir_s *polyptr, } if (polyptr->method == TMPFS) { - if (mount("tmpfs", polyptr->dir, "tmpfs", 0, NULL) < 0) { + if (mount("tmpfs", polyptr->dir, "tmpfs", 0, polyptr->mount_opts) < 0) { pam_syslog(idata->pamh, LOG_ERR, "Error mounting tmpfs on %s, %m", polyptr->dir); return PAM_SESSION_ERR; diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h index 51d23886..47ebcc33 100644 --- a/modules/pam_namespace/pam_namespace.h +++ b/modules/pam_namespace/pam_namespace.h @@ -116,6 +116,7 @@ #define POLYDIR_NOINIT 0x00000004 /* no init script */ #define POLYDIR_SHARED 0x00000008 /* share context/level instances among users */ #define POLYDIR_ISCRIPT 0x00000010 /* non default init script */ +#define POLYDIR_MNTOPTS 0x00000020 /* mount options for tmpfs mount */ #define NAMESPACE_MAX_DIR_LEN 80 @@ -164,6 +165,7 @@ struct polydir_s { uid_t *uid; /* list of override uids */ unsigned int flags; /* polydir flags */ char *init_script; /* path to init script */ + char *mount_opts; /* mount options for tmpfs mount */ uid_t owner; /* user which should own the polydir */ gid_t group; /* group which should own the polydir */ mode_t mode; /* mode of the polydir */ -- cgit v1.2.3 From 183f91a212879229d37e4dce18edd7a141eefa12 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 28 Mar 2013 15:30:19 +0100 Subject: Fix strict aliasing issue in MD5 implementations. modules/pam_namespace/md5.c (MD5Final): Use memcpy instead of assignment. modules/pam_unix/md5.c (MD5Final): Use memcpy instead of assignment. --- modules/pam_namespace/md5.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'modules/pam_namespace') diff --git a/modules/pam_namespace/md5.c b/modules/pam_namespace/md5.c index ce4f7d6e..dc95ab14 100644 --- a/modules/pam_namespace/md5.c +++ b/modules/pam_namespace/md5.c @@ -142,8 +142,7 @@ void MD5Name(MD5Final)(unsigned char digest[16], struct MD5Context *ctx) byteReverse(ctx->in, 14); /* Append length in bits and transform */ - ((uint32 *) ctx->in)[14] = ctx->bits[0]; - ((uint32 *) ctx->in)[15] = ctx->bits[1]; + memcpy((uint32 *)ctx->in + 14, ctx->bits, 2*sizeof(uint32)); MD5Name(MD5Transform)(ctx->buf, (uint32 *) ctx->in); byteReverse((unsigned char *) ctx->buf, 4); -- cgit v1.2.3