madmaurice
/
pidjail
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
26 Commits 1 Branch 0 Tags 69 KiB
Commit Graph

23 Commits

Author SHA1 Message Date
madmaurice 78cec967b2 Fix for previous commit 2021-01-15 20:22:22 +01:00
madmaurice dfbf2767f2 Handle signal handler setup error properly in head process 2021-01-15 20:22:22 +01:00
madmaurice d0feff88b1 Use static globals 2021-01-15 20:22:22 +01:00
madmaurice 2f56f84214 Use err.h instead of self-implemented error output 2021-01-15 20:22:22 +01:00
madmaurice 13c7aa2ca4 Just reuse argv instead of duplicating 2021-01-15 20:22:22 +01:00
madmaurice b37648d869 Remove remnants of debug code 2021-01-15 20:22:22 +01:00
madmaurice 5928224d87 Usage on stderr 2021-01-15 20:22:22 +01:00
madmaurice d1664d03f8 Replace redundent error handling 2021-01-15 20:22:22 +01:00
madmaurice bbb85d353e Drop root after unshare. 
Apparently only the unshare call needs root. The fork which results in
a new PID namespace does not.
 2021-01-15 20:22:22 +01:00
madmaurice 6655b38a47 Use sigaction instead of signal 
This way we don't have to handle EINTR.
 2021-01-15 20:22:22 +01:00
madmaurice 48445a573b Handle EINTR error code for wait and waitpid 2021-01-15 20:22:22 +01:00
madmaurice 12e4cd391a Don't use printf in signal handler 2021-01-15 20:22:22 +01:00
madmaurice 5fbd7abd26 More explanation 2021-01-15 20:22:22 +01:00
madmaurice 9ef65e0f4c Drop group rights first 
We might not be able to drop group rights after dropping user rights
so do group rights first.
 2021-01-15 20:22:22 +01:00
madmaurice ab8ef29376 Fix error message for setresgid 2021-01-15 20:22:22 +01:00
madmaurice 1ab32c39d0 Merge all the various definitions of the err variable 2021-01-15 20:22:22 +01:00
madmaurice b94fa5bfcf Clean up code style 2021-01-15 20:22:22 +01:00
madmaurice 6bd03ad564 Add sanity check 
As a sanity check whether we're able to regain root after dropping
it. If we are able to, then something went wrong.
 2021-01-15 20:22:22 +01:00
madmaurice 650a576c56 Make dropped root privileges permanent 
seteuid sets the effective uid but at the same time retains the old
effective uid as a so called saved uid, which allows the process to go
back to root at a later point in time. As we don't want that, we use
the function setresuid and setresgid instead, allowing to set the
real, effective and saved uid/gid. We keep the real uid/gid unchanged,
but set the effective and saved uid/gid to the value of the real uid.
This forbids us to not regain root priviliges.
 2021-01-15 20:22:22 +01:00
madmaurice 5fe9ba36a2 Add signal handler for SIGTERM 
When the head process receives a SIGTERM we have to forward that to the init
process, which in turn has to forward it to the executed process which is
jailed. That process can then decide to exit, which also terminates the init and
head process through SIGCHILD/wait means.
 2021-01-12 19:51:05 +01:00
madmaurice 1f5e1a9c1f Drop root privileges earlier 
We don't need the root privileges after we unshare and the first fork. Therefor
we can drop those for safety reasons.
 2021-01-12 19:50:07 +01:00
madmaurice f3cd63c137 Use execvp instead execv 
execvp resolves the executable location using PATH
 2021-01-12 13:24:08 +01:00
madmaurice 2c397da373 Initial version 2021-01-06 04:42:04 +01:00