2014-02-20 14:18:41 +01:00
|
|
|
--- ./lib/rpmchroot.c.orig 2012-11-07 12:55:24.000000000 +0000
|
|
|
|
+++ ./lib/rpmchroot.c 2014-02-20 12:50:05.360815211 +0000
|
2011-05-16 18:07:44 +02:00
|
|
|
@@ -66,6 +66,7 @@ int rpmChrootIn(void)
|
|
|
|
} else if (rootState.chrootDone == 0) {
|
|
|
|
if (chdir("/") == 0 && chroot(rootState.rootDir) == 0) {
|
|
|
|
rootState.chrootDone = 1;
|
|
|
|
+ rpmugChroot(1);
|
|
|
|
} else {
|
|
|
|
rpmlog(RPMLOG_ERR, _("Unable to change root directory: %m\n"));
|
|
|
|
rc = -1;
|
|
|
|
@@ -91,6 +92,7 @@ int rpmChrootOut(void)
|
|
|
|
} else if (rootState.chrootDone == 1) {
|
|
|
|
if (chroot(".") == 0 && fchdir(rootState.cwd) == 0) {
|
|
|
|
rootState.chrootDone = 0;
|
|
|
|
+ rpmugChroot(0);
|
|
|
|
} else {
|
|
|
|
rpmlog(RPMLOG_ERR, _("Unable to restore root directory: %m\n"));
|
|
|
|
rc = -1;
|
2014-02-20 14:18:41 +01:00
|
|
|
--- ./lib/rpmug.c.orig 2014-02-05 13:04:37.000000000 +0000
|
|
|
|
+++ ./lib/rpmug.c 2014-02-20 12:50:05.361815211 +0000
|
|
|
|
@@ -10,6 +10,47 @@
|
|
|
|
#include "lib/rpmug.h"
|
|
|
|
#include "debug.h"
|
2010-03-26 16:30:18 +01:00
|
|
|
|
2011-05-16 18:07:44 +02:00
|
|
|
+#if defined(__GLIBC__)
|
|
|
|
+
|
|
|
|
+static int inchroot;
|
|
|
|
+
|
2010-03-26 16:30:18 +01:00
|
|
|
+/*
|
|
|
|
+ * Unfortunatelly glibc caches nss/nscd data and there is no
|
|
|
|
+ * good way to flush those caches when we did a chroot(). Thus
|
|
|
|
+ * we need to parse /etc/passwd and /etc/group ourselfs.
|
|
|
|
+ */
|
|
|
|
+static int safe_lookup(const char * file, const char * name)
|
|
|
|
+{
|
|
|
|
+ FILE *fp;
|
|
|
|
+ int l;
|
|
|
|
+ char buf[4096], *p;
|
|
|
|
+
|
|
|
|
+ if (!name || !*name)
|
|
|
|
+ return -1;
|
|
|
|
+ l = strlen(name);
|
|
|
|
+ if ((fp = fopen(file, "r")) == 0)
|
|
|
|
+ return -1;
|
|
|
|
+ while ((p = fgets(buf, sizeof(buf), fp)) != 0) {
|
|
|
|
+ if (*p == '#')
|
|
|
|
+ continue;
|
|
|
|
+ while (*p && (*p == ' ' || *p == '\t'))
|
|
|
|
+ p++;
|
|
|
|
+ if (strncmp(p, name, l) != 0 || p[l] != ':')
|
|
|
|
+ continue;
|
|
|
|
+ p = strchr(p + l + 1, ':');
|
|
|
|
+ if (!p)
|
|
|
|
+ continue;
|
|
|
|
+ fclose(fp);
|
|
|
|
+ p++;
|
|
|
|
+ while (*p && (*p == ' ' || *p == '\t'))
|
|
|
|
+ p++;
|
|
|
|
+ return atoi(p);
|
|
|
|
+ }
|
|
|
|
+ fclose(fp);
|
|
|
|
+ return -1;
|
|
|
|
+}
|
2011-05-16 18:07:44 +02:00
|
|
|
+#endif
|
2010-03-26 16:30:18 +01:00
|
|
|
+
|
2011-05-16 18:07:44 +02:00
|
|
|
/*
|
|
|
|
* These really ought to use hash tables. I just made the
|
|
|
|
* guess that most files would be owned by root or the same person/group
|
2014-02-20 14:18:41 +01:00
|
|
|
@@ -43,17 +84,28 @@ int rpmugUid(const char * thisUname, uid
|
2011-05-16 18:07:44 +02:00
|
|
|
lastUnameAlloced = thisUnameLen + 10;
|
|
|
|
lastUname = xrealloc(lastUname, lastUnameAlloced); /* XXX memory leak */
|
2010-03-26 16:30:18 +01:00
|
|
|
}
|
2011-05-16 18:07:44 +02:00
|
|
|
- strcpy(lastUname, thisUname);
|
2010-03-26 16:30:18 +01:00
|
|
|
|
|
|
|
- pwent = getpwnam(thisUname);
|
|
|
|
- if (pwent == NULL) {
|
|
|
|
- /* FIX: shrug */
|
|
|
|
- endpwent();
|
2011-05-16 18:07:44 +02:00
|
|
|
+#if defined(__GLIBC__)
|
|
|
|
+ if (inchroot) {
|
|
|
|
+ int uid = safe_lookup("/etc/passwd", thisUname);
|
2010-03-26 16:30:18 +01:00
|
|
|
+ if (uid < 0)
|
|
|
|
+ return -1;
|
2011-05-16 18:07:44 +02:00
|
|
|
+ lastUid = uid;
|
|
|
|
+ } else
|
|
|
|
+#endif
|
|
|
|
+ {
|
2010-03-26 16:30:18 +01:00
|
|
|
pwent = getpwnam(thisUname);
|
|
|
|
- if (pwent == NULL) return -1;
|
|
|
|
+ if (pwent == NULL) {
|
|
|
|
+ /* FIX: shrug */
|
|
|
|
+ endpwent();
|
|
|
|
+ pwent = getpwnam(thisUname);
|
|
|
|
+ if (pwent == NULL) return -1;
|
|
|
|
+ }
|
|
|
|
+ lastUid = pwent->pw_uid;
|
|
|
|
}
|
2011-05-16 18:07:44 +02:00
|
|
|
|
2010-03-26 16:30:18 +01:00
|
|
|
- lastUid = pwent->pw_uid;
|
2011-05-16 18:07:44 +02:00
|
|
|
+ strcpy(lastUname, thisUname);
|
|
|
|
+ lastUnameLen = thisUnameLen;
|
2010-03-26 16:30:18 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
*uid = lastUid;
|
2014-02-20 14:18:41 +01:00
|
|
|
@@ -86,18 +138,29 @@ int rpmugGid(const char * thisGname, gid
|
2011-05-16 18:07:44 +02:00
|
|
|
lastGnameAlloced = thisGnameLen + 10;
|
|
|
|
lastGname = xrealloc(lastGname, lastGnameAlloced); /* XXX memory leak */
|
2010-03-26 16:30:18 +01:00
|
|
|
}
|
2011-05-16 18:07:44 +02:00
|
|
|
- strcpy(lastGname, thisGname);
|
2010-03-26 16:30:18 +01:00
|
|
|
|
|
|
|
- grent = getgrnam(thisGname);
|
|
|
|
- if (grent == NULL) {
|
|
|
|
- /* FIX: shrug */
|
|
|
|
- endgrent();
|
2011-05-16 18:07:44 +02:00
|
|
|
+#if defined(__GLIBC__)
|
|
|
|
+ if (inchroot) {
|
|
|
|
+ int gid = safe_lookup("/etc/group", thisGname);
|
2010-03-26 16:30:18 +01:00
|
|
|
+ if (gid < 0)
|
|
|
|
+ return -1;
|
2011-05-16 18:07:44 +02:00
|
|
|
+ lastGid = gid;
|
|
|
|
+ } else
|
|
|
|
+#endif
|
|
|
|
+ {
|
2010-03-26 16:30:18 +01:00
|
|
|
grent = getgrnam(thisGname);
|
|
|
|
if (grent == NULL) {
|
|
|
|
- return -1;
|
|
|
|
+ /* FIX: shrug */
|
|
|
|
+ endgrent();
|
|
|
|
+ grent = getgrnam(thisGname);
|
|
|
|
+ if (grent == NULL) {
|
|
|
|
+ return -1;
|
|
|
|
+ }
|
|
|
|
}
|
|
|
|
+ lastGid = grent->gr_gid;
|
|
|
|
}
|
|
|
|
- lastGid = grent->gr_gid;
|
2011-05-16 18:07:44 +02:00
|
|
|
+ strcpy(lastGname, thisGname);
|
|
|
|
+ lastGnameLen = thisGnameLen;
|
2010-03-26 16:30:18 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
*gid = lastGid;
|
2014-02-20 14:18:41 +01:00
|
|
|
@@ -109,7 +172,7 @@ const char * rpmugUname(uid_t uid)
|
2011-05-16 18:07:44 +02:00
|
|
|
{
|
|
|
|
static uid_t lastUid = (uid_t) -1;
|
|
|
|
static char * lastUname = NULL;
|
|
|
|
- static size_t lastUnameLen = 0;
|
|
|
|
+ static size_t lastUnameAlloced = 0;
|
|
|
|
|
|
|
|
if (uid == (uid_t) -1) {
|
|
|
|
lastUid = (uid_t) -1;
|
2014-02-20 14:18:41 +01:00
|
|
|
@@ -126,9 +189,9 @@ const char * rpmugUname(uid_t uid)
|
2011-05-16 18:07:44 +02:00
|
|
|
|
|
|
|
lastUid = uid;
|
|
|
|
len = strlen(pwent->pw_name);
|
|
|
|
- if (lastUnameLen < len + 1) {
|
|
|
|
- lastUnameLen = len + 20;
|
|
|
|
- lastUname = xrealloc(lastUname, lastUnameLen);
|
|
|
|
+ if (lastUnameAlloced < len + 1) {
|
|
|
|
+ lastUnameAlloced = len + 20;
|
|
|
|
+ lastUname = xrealloc(lastUname, lastUnameAlloced);
|
|
|
|
}
|
|
|
|
strcpy(lastUname, pwent->pw_name);
|
2010-03-26 16:30:18 +01:00
|
|
|
|
2014-02-20 14:18:41 +01:00
|
|
|
@@ -140,7 +203,7 @@ const char * rpmugGname(gid_t gid)
|
2011-05-16 18:07:44 +02:00
|
|
|
{
|
|
|
|
static gid_t lastGid = (gid_t) -1;
|
|
|
|
static char * lastGname = NULL;
|
|
|
|
- static size_t lastGnameLen = 0;
|
|
|
|
+ static size_t lastGnameAlloced = 0;
|
|
|
|
|
|
|
|
if (gid == (gid_t) -1) {
|
|
|
|
lastGid = (gid_t) -1;
|
2014-02-20 14:18:41 +01:00
|
|
|
@@ -157,9 +220,9 @@ const char * rpmugGname(gid_t gid)
|
2011-05-16 18:07:44 +02:00
|
|
|
|
|
|
|
lastGid = gid;
|
|
|
|
len = strlen(grent->gr_name);
|
|
|
|
- if (lastGnameLen < len + 1) {
|
|
|
|
- lastGnameLen = len + 20;
|
|
|
|
- lastGname = xrealloc(lastGname, lastGnameLen);
|
|
|
|
+ if (lastGnameAlloced < len + 1) {
|
|
|
|
+ lastGnameAlloced = len + 20;
|
|
|
|
+ lastGname = xrealloc(lastGname, lastGnameAlloced);
|
|
|
|
}
|
|
|
|
strcpy(lastGname, grent->gr_name);
|
|
|
|
|
2014-02-20 14:18:41 +01:00
|
|
|
@@ -189,3 +252,16 @@ void rpmugFree(void)
|
|
|
|
rpmugUname(-1);
|
2011-05-16 18:07:44 +02:00
|
|
|
rpmugGname(-1);
|
|
|
|
}
|
|
|
|
+
|
|
|
|
+void rpmugChroot(int in)
|
2010-03-26 16:30:18 +01:00
|
|
|
+{
|
2011-05-16 18:07:44 +02:00
|
|
|
+ /* tell libc to drop caches / file descriptors */
|
|
|
|
+ endpwent();
|
|
|
|
+ endgrent();
|
|
|
|
+ /* drop our own caches */
|
|
|
|
+ rpmugUid(NULL, NULL);
|
|
|
|
+ rpmugGid(NULL, NULL);
|
|
|
|
+#if defined(__GLIBC__)
|
|
|
|
+ inchroot = in;
|
|
|
|
+#endif
|
2010-03-26 16:30:18 +01:00
|
|
|
+}
|
2014-02-20 14:18:41 +01:00
|
|
|
--- ./lib/rpmug.h.orig 2014-02-05 13:04:02.000000000 +0000
|
|
|
|
+++ ./lib/rpmug.h 2014-02-20 12:50:05.362815211 +0000
|
|
|
|
@@ -15,4 +15,6 @@ int rpmugInit(void);
|
2011-05-16 18:07:44 +02:00
|
|
|
|
|
|
|
void rpmugFree(void);
|
|
|
|
|
|
|
|
+void rpmugChroot(int in);
|
2010-03-26 16:30:18 +01:00
|
|
|
+
|
2011-05-16 18:07:44 +02:00
|
|
|
#endif /* _RPMUG_H */
|