auth/as, auth/none, auth/newns: consistent handling of command arguments, cleanup

2016-12-22 21:39:59 +01:00 · 2016-12-22 21:39:59 +01:00 · 82bf19941e
commit 82bf19941e
parent 640adc8f82
4 changed files with 106 additions and 120 deletions
--- a/sys/man/8/auth
+++ b/sys/man/8/auth
@ -50,6 +50,8 @@ changeuser, convkeys, printnetkey, status, enable, disable, authsrv, guard.srv,
 .PP
 .B auth/none
 [
+.B -d
+] [
 .B -n
 .I namespace
 ]
@ -58,8 +60,16 @@ changeuser, convkeys, printnetkey, status, enable, disable, authsrv, guard.srv,
 \&...
 .PP
 .B auth/as
+[
+.B -d
+] [
+.B -n
+.I namespace
+]
 .I user
 .I command
+.I arg
+\&...
 .SH DESCRIPTION
 These administrative commands run only on the authentication server.
 .IR Changeuser
--- a/sys/src/cmd/auth/as.c
+++ b/sys/src/cmd/auth/as.c
@ -11,88 +11,62 @@
 #include <authsrv.h>
 #include "authcmdlib.h"

-int	debug;
+extern int newnsdebug;
+
+char	*defargv[] = { "/bin/rc", "-i", nil };
+char	*namespace = nil;

 int	becomeuser(char*);
-void	createuser(void);
-void	*emalloc(ulong);
-void	*erealloc(void*, ulong);
 void	initcap(void);
-int	mkcmd(char*, char*, int);
-int	myauth(int, char*);
-int	qidcmp(Qid, Qid);
-void	runas(char *, char *);
-void	usage(void);

-#pragma varargck	argpos clog 1
-#pragma varargck	argpos fatal 1
-
-static void
-fatal(char *fmt, ...)
+void
+usage(void)
 {
-	char msg[256];
-	va_list arg;
+	fprint(2, "usage: %s [-d] [-n namespace] user [cmd [args...]]\n", argv0);
+	exits("usage");
+}

-	va_start(arg, fmt);
-	vseprint(msg, msg + sizeof msg, fmt, arg);
-	va_end(arg);
-	error("%s", msg);
+void
+run(char **a)
+{
+	exec(a[0], a);
+
+	if(a[0][0] != '/' && a[0][0] != '#' &&
+	  (a[0][0] != '.' || (a[0][1] != '/' &&
+		             (a[0][1] != '.' ||  a[0][2] != '/'))))
+		exec(smprint("/bin/%s", a[0]), a);
+
+	sysfatal("exec: %s: %r", a[0]);
 }

 void
 main(int argc, char *argv[])
 {
-	debug = 0;
 	ARGBEGIN{
 	case 'd':
-		debug = 1;
+		newnsdebug = 1;
+		break;
+	case 'n':
+		namespace = EARGF(usage());
 		break;
 	default:
 		usage();
 	}ARGEND

-	initcap();
-	if(argc >= 2)
-		runas(argv[0], argv[1]);
-	else
+	if(argc == 0)
 		usage();
-}

-void
-runas(char *user, char *cmd)
-{
-	if(becomeuser(user) < 0)
-		sysfatal("can't change uid for %s: %r", user);
-	putenv("service", "rx");
-	execl("/bin/rc", "rc", "-lc", cmd, nil);
-	sysfatal("exec /bin/rc: %r");
-}
+	initcap();
+	if(becomeuser(argv[0]) < 0)
+		sysfatal("can't change uid for %s: %r", argv[0]);
+	if(newns(argv[0], namespace) < 0)
+		sysfatal("can't build namespace: %r");

-void *
-emalloc(ulong n)
-{
-	void *p;
+	argv++;
+	if(--argc == 0)
+		argv = defargv;

-	if(p = mallocz(n, 1))
-		return p;
-	fatal("out of memory");
-	return 0;
-}
-
-void *
-erealloc(void *p, ulong n)
-{
-	if(p = realloc(p, n))
-		return p;
-	fatal("out of memory");
-	return 0;
-}
-
-void
-usage(void)
-{
-	fprint(2, "usage: %s [-c] [user] [command]\n", argv0);
-	exits("usage");
+	run(argv);
 }

 /*
@ -105,7 +79,7 @@ initcap(void)
 {
 	caphashfd = open("#¤/caphash", OCEXEC|OWRITE);
 	if(caphashfd < 0)
-		fprint(2, "%s: opening #¤/caphash: %r\n", argv0);
+		fprint(2, "%s: opening #¤/caphash: %r", argv0);
 }

 /*
@ -126,7 +100,9 @@ mkcap(char *from, char *to)
 	/* create the capability */
 	nto = strlen(to);
 	nfrom = strlen(from);
-	cap = emalloc(nfrom+1+nto+1+sizeof(rand)*3+1);
+	cap = malloc(nfrom+1+nto+1+sizeof(rand)*3+1);
+	if(cap == nil)
+		sysfatal("malloc: %r");
 	sprint(cap, "%s@%s", from, to);
 	genrandom(rand, sizeof(rand));
 	key = cap+nfrom+1+nto+1;
@ -169,7 +145,5 @@ becomeuser(char *new)
 		return -1;
 	rv = usecap(cap);
 	free(cap);
-
-	newns(new, nil);
 	return rv;
 }
--- a/sys/src/cmd/auth/newns.c
+++ b/sys/src/cmd/auth/newns.c
@ -2,36 +2,35 @@
 #include <libc.h>
 #include <auth.h>

+extern int newnsdebug;
+
+char	*defargv[] = { "/bin/rc", "-i", nil };
+char	*namespace = "/lib/namespace";
+int	add = 0;
+
 void
 usage(void)
 {
-	fprint(2, "usage: newns [-ad] [-n namespace] [cmd [args...]]\n");
+	fprint(2, "usage: %s [-ad] [-n namespace] [cmd [args...]]\n", argv0);
 	exits("usage");
 }

-static int
-rooted(char *s)
+void
+run(char **a)
 {
-	if(s[0] == '/')
-		return 1;
-	if(s[0] == '.' && s[1] == '/')
-		return 1;
-	if(s[0] == '.' && s[1] == '.' && s[2] == '/')
-		return 1;
-	return 0;
+	exec(a[0], a);
+
+	if(a[0][0] != '/' && a[0][0] != '#' &&
+	  (a[0][0] != '.' || (a[0][1] != '/' &&
+		             (a[0][1] != '.' ||  a[0][2] != '/'))))
+		exec(smprint("/bin/%s", a[0]), a);
+
+	sysfatal("exec: %s: %r", a[0]);
 }

 void
 main(int argc, char **argv)
 {
-	extern int newnsdebug;
-	char *defargv[] = { "/bin/rc", "-i", nil };
-	char *nsfile, err[ERRMAX];
-	int add;
-
-	rfork(RFNAMEG);
-	add = 0;
-	nsfile = "/lib/namespace";
 	ARGBEGIN{
 	case 'a':
 		add = 1;
@ -40,23 +39,21 @@ main(int argc, char **argv)
 		newnsdebug = 1;
 		break;
 	case 'n':
-		nsfile = ARGF();
+		namespace = EARGF(usage());
 		break;
 	default:
 		usage();
 		break;
 	}ARGEND
+
+	if(add){
+		rfork(RFNAMEG);
+		addns(getuser(), namespace);
+	}else
+		newns(getuser(), namespace);
+
 	if(argc == 0)
 		argv = defargv;
-	if (add)
-		addns(getuser(), nsfile);
-	else
-		newns(getuser(), nsfile);
-	exec(argv[0], argv);
-	if(!rooted(argv[0])){
-		rerrstr(err, sizeof err);
-		exec(smprint("/bin/%s", argv[0]), argv);
-		errstr(err, sizeof err);
-	}
-	sysfatal("exec: %s: %r", argv[0]);
+
+	run(argv);
 }	
--- a/sys/src/cmd/auth/none.c
+++ b/sys/src/cmd/auth/none.c
@ -2,22 +2,40 @@
 #include <libc.h>
 #include <auth.h>

-char *namespace;
+extern int newnsdebug;
+
+char	*defargv[] = { "/bin/rc", "-i", nil };
+char	*namespace = nil;

 void
 usage(void)
 {
-	fprint(2, "usage: auth/none [-n namespace] [cmd ...]\n");
+	fprint(2, "usage: %s [-d] [-n namespace] [cmd [args...]]\n", argv0);
 	exits("usage");
 }

+void
+run(char **a)
+{
+	exec(a[0], a);
+
+	if(a[0][0] != '/' && a[0][0] != '#' &&
+	  (a[0][0] != '.' || (a[0][1] != '/' &&
+		             (a[0][1] != '.' ||  a[0][2] != '/'))))
+		exec(smprint("/bin/%s", a[0]), a);
+
+	sysfatal("exec: %s: %r", a[0]);
+}
+
 void
 main(int argc, char *argv[])
 {
-	char cmd[256];
 	int fd;

 	ARGBEGIN{
+	case 'd':
+		newnsdebug = 1;
+		break;
 	case 'n':
 		namespace = EARGF(usage());
 		break;
@ -25,31 +43,18 @@ main(int argc, char *argv[])
 		usage();
 	}ARGEND

-	if (rfork(RFENVG|RFNAMEG) < 0)
-		sysfatal("can't make new pgrp");
-
 	fd = open("#c/user", OWRITE);
-	if (fd < 0)
-		sysfatal("can't open #c/user");
-	if (write(fd, "none", strlen("none")) < 0)
-		sysfatal("can't become none");
+	if(fd < 0)
+		sysfatal("can't open #c/user: %r");
+	if(write(fd, "none", strlen("none")) < 0)
+		sysfatal("can't become none: %r");
 	close(fd);

-	if (newns("none", namespace) < 0)
-		sysfatal("can't build namespace");
+	if(newns("none", namespace) < 0)
+		sysfatal("can't build namespace: %r");

-	if (argc > 0) {
-		strecpy(cmd, cmd+sizeof cmd, argv[0]);
-		exec(cmd, &argv[0]);
-		if (strncmp(cmd, "/", 1) != 0
-		&& strncmp(cmd, "./", 2) != 0
-		&& strncmp(cmd, "../", 3) != 0) {
-			snprint(cmd, sizeof cmd, "/bin/%s", argv[0]);
-			exec(cmd, &argv[0]);
-		}
-	} else {
-		strcpy(cmd, "/bin/rc");
-		execl(cmd, cmd, nil);
-	}
-	sysfatal(cmd);
+	if(argc == 0)
+		argv = defargv;
+
+	run(argv);
 }