0ct0pu5/ladybird
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

SystemServer: Fetch any extra GIDs and call setgroups() before spawn

Browse source 
We now pick up all the user's extra GIDs from /etc/group and make
sure those are set before exec'ing a service.

This means we finally get to enjoy being in more than one group. :^)
This commit is contained in:
Andreas Kling 2020-01-04 13:04:46 +01:00
parent b4b8b8850a
commit c2b7c43f3c
Notes: sideshowbarker 2024-07-19 10:22:46 +09:00
3 changed files with 20 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Base/usr/share/man/man5/SystemServer.md
View file

@ -23,7 +23,7 @@ describing how to launch and manage this service.
* `KeepAlive` - whether the service should be restarted if it exits or crashes. For lazy services, this means the service will get respawned once a new connection is attempted on their socket after they exit or crash.
* `Lazy` - whether the service should only get spawned once a client attempts to connect to their socket.
* `Socket` - a path to a socket to create on behalf of the service. For lazy services, SystemServer will actually watch the socket for new connection attempts. An open file descriptor to this socket will be passed as fd 3 to the service.
* `User` - a name of the user to run the service as. This impacts what UID and GID the service processes have. By default, services are run as root.
* `User` - a name of the user to run the service as. This impacts what UID, GID (and extra GIDs) the service processes have. By default, services are run as root.
## Environment

24
Servers/SystemServer/Service.cpp
View file

@ -5,6 +5,7 @@
#include <LibCore/CConfigFile.h>
#include <LibCore/CLocalSocket.h>
#include <fcntl.h>
#include <grp.h>
#include <libgen.h>
#include <pwd.h>
#include <sched.h>
@ -13,20 +14,30 @@
#include <sys/stat.h>
#include <unistd.h>
struct UidAndGid {
struct UidAndGids {
uid_t uid;
gid_t gid;
Vector<gid_t> extra_gids;
};
static HashMap<String, UidAndGid>* s_user_map;
static HashMap<String, UidAndGids>* s_user_map;
static HashMap<pid_t, Service*> s_service_map;
void Service::resolve_user()
{
if (s_user_map == nullptr) {
s_user_map = new HashMap<String, UidAndGid>;
for (struct passwd* passwd = getpwent(); passwd; passwd = getpwent())
s_user_map->set(passwd->pw_name, { passwd->pw_uid, passwd->pw_gid });
s_user_map = new HashMap<String, UidAndGids>;
for (struct passwd* passwd = getpwent(); passwd; passwd = getpwent()) {
Vector<gid_t> extra_gids;
for (struct group* group = getgrent(); group; group = getgrent()) {
for (size_t m = 0; group->gr_mem[m]; ++m) {
if (!strcmp(group->gr_mem[m], passwd->pw_name))
extra_gids.append(group->gr_gid);
}
}
endgrent();
s_user_map->set(passwd->pw_name, { passwd->pw_uid, passwd->pw_gid, move(extra_gids) });
}
endpwent();
}
@ -37,6 +48,7 @@ void Service::resolve_user()
}
m_uid = user.value().uid;
m_gid = user.value().gid;
m_extra_gids = user.value().extra_gids;
}
Service* Service::find_by_pid(pid_t pid)
@ -189,7 +201,7 @@ void Service::spawn()
}
if (!m_user.is_null()) {
if (setgid(m_gid) < 0 || setuid(m_uid) < 0) {
if (setgid(m_gid) < 0 || setgroups(m_extra_gids.size(), m_extra_gids.data()) < 0 || setuid(m_uid) < 0) {
dbgprintf("Failed to drop privileges (GID=%u, UID=%u)\n", m_gid, m_uid);
exit(1);
}

1
Servers/SystemServer/Service.h
View file

@ -44,6 +44,7 @@ private:
String m_user;
uid_t m_uid { 0 };
gid_t m_gid { 0 };
Vector<gid_t> m_extra_gids;
// PID of the running instance of this service.
pid_t m_pid { -1 };