auth/box: preserve cwd name, but clear it out

Auth/box previously switched to /, rather than
preserving the cwd. This would break relative
paths to items that would get pulled into the
namespace.

This change removes the '-.' flag, and causes
auth/box to keep the current working directory,
making it more usable for scripting.
This commit is contained in:
Ori Bernstein 2022-07-26 04:57:40 +00:00
parent 520a39efcd
commit bc64cc50ac
2 changed files with 31 additions and 38 deletions

View file

@ -62,7 +62,7 @@ changeuser, convkeys, printnetkey, status, enable, disable, authsrv, guard.srv,
.PP .PP
.B auth/box .B auth/box
[ [
.B -d .B -s
] [ ] [
.B -rc .B -rc
.I file .I file
@ -298,9 +298,8 @@ the child namespace; the
flag specifies a string of driver flag specifies a string of driver
characters to keep. The characters to keep. The
.B -s .B -s
flag gives a base set of namespace flag initializes the namespace to what rc expects,
components, ones expected by rc, then passes and passes its arguments unmodified to /bin/rc.
the first argument as a script file to rc.
.PP .PP
.I As .I As
executes executes

View file

@ -2,7 +2,11 @@
#include <libc.h> #include <libc.h>
#include <auth.h> #include <auth.h>
static int debug; static int debug;
static char cwd[8192];
static char *parts[256];
static int mflags[nelem(parts)];
static int nparts;
static void static void
binderr(char *new, char *old, int flag) binderr(char *new, char *old, int flag)
@ -32,20 +36,14 @@ binderr(char *new, char *old, int flag)
fprint(2, "bind %s %s %s\n", dash, new, old); fprint(2, "bind %s %s %s\n", dash, new, old);
} }
if(bind(new, old, flag) < 0) if(bind(new, old, flag) < 0)
sysfatal("bind: %r"); sysfatal("bind %s: %r", new);
} }
static void static void
resolvenames(char **names, int nname) resolvenames(char **names, int nname)
{ {
int i; int i;
char buf[8192];
int fd;
fd = open(".", OREAD|OCEXEC);
if(fd < 0)
sysfatal("could not open .: %r");
fd2path(fd, buf, sizeof buf);
for(i = 0; i < nname; i++){ for(i = 0; i < nname; i++){
if(names[i] == nil) if(names[i] == nil)
continue; continue;
@ -55,10 +53,9 @@ resolvenames(char **names, int nname)
case '/': case '/':
break; break;
default: default:
names[i] = cleanname(smprint("%s/%s", buf, names[i])); names[i] = cleanname(smprint("%s/%s", cwd, names[i]));
} }
} }
close(fd);
} }
static void static void
@ -103,7 +100,8 @@ sandbox(char **names, int *flags, int nname)
free(d); free(d);
binderr(skel, dir, MBEFORE); binderr(skel, dir, MBEFORE);
} }
binderr(names[j], targ, flags[j]); if(flags[j] != -1)
binderr(names[j], targ, flags[j]);
} }
binderr(newroot, "/", MREPL); binderr(newroot, "/", MREPL);
} }
@ -133,16 +131,11 @@ skelfs(void)
sysfatal("/mnt/d mount setup: %r"); sysfatal("/mnt/d mount setup: %r");
} }
static char *parts[256];
static int mflags[nelem(parts)];
static int nparts;
static char *rc[] = { "/bin/rc", nil , nil};
static void static void
push(char *path, int flag) push(char *path, int flag)
{ {
if(nparts == nelem(parts)) if(nparts == nelem(parts))
sysfatal("component overflow"); sysfatal("too many bound paths");
parts[nparts] = path; parts[nparts] = path;
mflags[nparts++] = flag; mflags[nparts++] = flag;
} }
@ -150,23 +143,23 @@ push(char *path, int flag)
void void
usage(void) usage(void)
{ {
fprint(2, "usage %s: [ -d ] [ -r file ] [ -c dir ] [ -e devs ] [ -. path ] cmd args...\n", argv0); fprint(2, "usage %s: [ -r file ] [ -c dir ] [ -e devs ] cmd args...\n", argv0);
exits("usage"); exits("usage");
} }
void void
main(int argc, char **argv) main(int argc, char **argv)
{ {
char devs[1024]; char **argp, devs[128];
int dfd; int i, narg, dfd;
char *path;
char *a; char *a;
int sflag; int sflag;
nparts = 0; nparts = 0;
path = "/"; narg = 0;
memset(devs, 0, sizeof devs); memset(devs, 0, sizeof devs);
sflag = 0; sflag = 0;
argp = argv;
ARGBEGIN{ ARGBEGIN{
case 'D': case 'D':
debug++; debug++;
@ -184,9 +177,6 @@ main(int argc, char **argv)
case 'e': case 'e':
snprint(devs, sizeof devs, "%s%s", devs, EARGF(usage())); snprint(devs, sizeof devs, "%s%s", devs, EARGF(usage()));
break; break;
case '.':
path = EARGF(usage());
break;
case 's': case 's':
sflag = 1; sflag = 1;
break; break;
@ -195,18 +185,19 @@ main(int argc, char **argv)
break; break;
}ARGEND }ARGEND
if(argc == 0) if(argc == 0 && !sflag)
usage(); usage();
if(getwd(cwd, sizeof(cwd)) == nil)
sysfatal("getwd: %r");
push(cwd, -1);
if(sflag){ if(sflag){
snprint(devs, sizeof devs, "%s%s", devs, "|d"); snprint(devs, sizeof devs, "%s%s", devs, "|d");
push("/srv", MREPL|MCREATE); push("/srv", MREPL|MCREATE);
push("/env", MREPL|MCREATE); push("/env", MREPL|MCREATE);
push("/rc", MREPL); push("/rc", MREPL);
push("/bin", MREPL); push("/bin", MREPL);
push(argv[0], MREPL); argp[narg++] = "/bin/rc";
rc[1] = argv[0];
argv = rc;
} else { } else {
if(access(argv[0], AEXIST) == -1){ if(access(argv[0], AEXIST) == -1){
if((argv[0] = smprint("/bin/%s", argv[0])) == nil) if((argv[0] = smprint("/bin/%s", argv[0])) == nil)
@ -216,6 +207,9 @@ main(int argc, char **argv)
} }
push(argv[0], MREPL); push(argv[0], MREPL);
} }
for(i = 0; i < argc; i++)
argp[narg++] = argv[i];
argp[narg] = nil;
rfork(RFNAMEG|RFFDG); rfork(RFNAMEG|RFFDG);
skelfs(); skelfs();
@ -238,8 +232,8 @@ main(int argc, char **argv)
} }
close(dfd); close(dfd);
if(chdir(path) < 0) if(chdir(cwd) < 0)
sysfatal("can not cd to %s", path); sysfatal("chdir %s: %r", cwd);
exec(argv[0], argv); exec(argp[0], argp);
sysfatal("exec: %r"); sysfatal("exec: %r");
} }