mirror of https://github.com/ericonr/dotfiles.git
sourcecode: create enter-chroot.
Written in C, is a setid program and does the job of launch-chroot, which is being retired.
This commit is contained in:
parent
57cee8fd64
commit
98a15fa859
|
@ -1,14 +0,0 @@
|
|||
#!/bin/sh
|
||||
|
||||
# use with sudo -E
|
||||
|
||||
ROOTDIR="${1:-/mnt}"
|
||||
USERNAME="${SUDO_USER:-ericonr}"
|
||||
|
||||
chroot "$ROOTDIR" /bin/sudo -u $USERNAME \
|
||||
env CHROOTED=1 \
|
||||
XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR \
|
||||
WAYLAND_DISPLAY=$WAYLAND_DISPLAY \
|
||||
DISPLAY=$DISPLAY \
|
||||
DBUS_SESSION_BUS_ADDRESS=$DBUS_SESSION_BUS_ADDRESS \
|
||||
/bin/fish -C "cd"
|
|
@ -0,0 +1,2 @@
|
|||
sshfs-map/sshfs-map
|
||||
enter-chroot/enter-chroot
|
|
@ -0,0 +1,113 @@
|
|||
#define _XOPEN_SOURCE
|
||||
#define _BSD_SOURCE
|
||||
#include <stdbool.h>
|
||||
#include <errno.h>
|
||||
#include <stdio.h>
|
||||
#include <unistd.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <limits.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
|
||||
int main(int argc, char * const argv[])
|
||||
{
|
||||
char *mntpoint = "/mnt", *shell = "/bin/fish";
|
||||
bool check_chrooted = true;
|
||||
int c, rv;
|
||||
|
||||
while ((c = getopt(argc, argv, "m:s:c")) != -1) {
|
||||
switch (c) {
|
||||
case 'm':
|
||||
mntpoint = optarg;
|
||||
break;
|
||||
case 's':
|
||||
shell = optarg;
|
||||
break;
|
||||
case 'c':
|
||||
check_chrooted = false;
|
||||
break;
|
||||
default:
|
||||
puts("wrong usage");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
|
||||
uid_t
|
||||
uid = getuid(),
|
||||
euid = geteuid();
|
||||
gid_t
|
||||
gid = getgid(),
|
||||
egid = getegid();
|
||||
|
||||
char cwd[PATH_MAX];
|
||||
getcwd(cwd, PATH_MAX);
|
||||
|
||||
if (uid == 0 && gid == 0) {
|
||||
fputs("running as root", stderr);
|
||||
} else {
|
||||
fprintf(stderr, "running as %d:%d\n", uid, gid);
|
||||
}
|
||||
fprintf(stderr, "effective perms %d:%d\n", euid, egid);
|
||||
|
||||
// check if <mntpoint> exists and/or can be accessed
|
||||
{
|
||||
int mntpoint_rv = 0;
|
||||
struct stat mntpoint_stat = {0};
|
||||
mntpoint_rv = stat(mntpoint, &mntpoint_stat);
|
||||
if (mntpoint_rv == -1) {
|
||||
fprintf(stderr, "couldn't stat '%s': %m\n", mntpoint);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
|
||||
// check for the presense of <mntpoint>/chrooted
|
||||
if (check_chrooted) {
|
||||
char chrooted[PATH_MAX] = {0};
|
||||
int chrooted_rv = 0;
|
||||
struct stat chrooted_stat = {0};
|
||||
strncpy(chrooted, mntpoint, PATH_MAX);
|
||||
strncat(chrooted, "/chrooted", PATH_MAX - 1);
|
||||
fprintf(stderr, "checking file in '%s'\n", chrooted);
|
||||
|
||||
chrooted_rv = stat(chrooted, &chrooted_stat);
|
||||
if (chrooted_rv == -1 && errno == ENOENT) {
|
||||
fprintf(stderr, "'%s' doesn't exist, aborting...\n", chrooted);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
|
||||
rv = chroot(mntpoint);
|
||||
if (rv == -1) {
|
||||
fprintf(stderr, "chroot failed: %m\n");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
rv = setenv("CHROOTED", "1", 1);
|
||||
if (rv == -1) {
|
||||
fprintf(stderr, "CHROOTED not set in env: %m\n");
|
||||
// non-fatal
|
||||
}
|
||||
|
||||
rv = setgid(gid);
|
||||
if (rv == -1) {
|
||||
fprintf(stderr, "setgid failed: %m\n");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
rv = setuid(uid);
|
||||
if(rv == -1) {
|
||||
fprintf(stderr, "setuid failed: %m\n");
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
rv = chdir(cwd);
|
||||
if (rv == -1) {
|
||||
fprintf(stderr, "chdir failed: %m\n");
|
||||
// non-fatal
|
||||
}
|
||||
|
||||
char *shellv[] = {shell, NULL};
|
||||
rv = execv(shell, shellv);
|
||||
fprintf(stderr, "execv %s failed: %m\n", shell);
|
||||
return EXIT_FAILURE;
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/sh
|
||||
|
||||
set -e
|
||||
|
||||
rm -f enter-chroot
|
||||
make enter-chroot
|
||||
|
||||
install -m4755 enter-chroot /usr/local/bin/
|
|
@ -1 +0,0 @@
|
|||
sshfs-map
|
Loading…
Reference in New Issue