Age | Commit message (Collapse) | Author |
|
|
|
that for a macro that does it correctly. Why not just use strcmp,
you ask? Because we aren't doing a string compare, we're looking
for a prefix.
|
|
an LD_LIBRARY_PATH that included the pseudo library directory
and some other directories, the other directories would get
wiped out. Also a couple of whitespace rationalizatoins.
|
|
For reasons that may never be known, the /usr/bin/find on
RHEL5 contains its own local copies of regcomp() and
regexec(). Thus, when pseudo makes calls to these functions,
it gets the local copies in the binary instead of the ones in
libc.
But wait! That's not all. There's also the fascinating
detail that, for reasons unknown, these local copies have
an incompatible API, such that:
regexec(pattern, list, 1, pmatch, 0);
can write to more than one element of pmatch, and since
that's a local array of one member, that means that they
can crush something on the stack, such that a couple of
function calls later you get a segfault in Nothing In
Particular.
So. We try to grab the real regcomp/regexec from libc,
using dlsym, and if we can't, we fall back on whatever the
defaults were.
Inexplicably, this code actually made pseudo crash less often
on at least one target. This is madness within madness, and
I really have no idea why on earth /usr/bin/find, on a Linux
system, would have its own local copies of regcomp/regexec,
let alone why it would have copies that had substantially
different semantics.
|
|
Fixed a couple of allocation issues, corrected an off-by-one
error in environment setup.
|
|
Fix an obvious ld_preload/ld_library_path mixup in pseudo_util.c
Signed-off-by: Richard Purdie <richard.purdie@intel.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
|
|
Add local variable cache via get_value and set_value. The local cache
is setup at constructor time (or soon after).
Rewrite the pseudo_setupenv and pseudo_dropenv routines, add a new
pseudo_setupenvp and pseudo_dropenvp as well to handle the execve
cases.
We can now successfully use /usr/bin/env -i env and get pseudo values
back!
|
|
We can potentially under allocate memory due.
|
|
If the environment has been cleared (in an execve for instance),
we need to seed the environment with the PSEUDO_PREFIX,
PSEUDO_BINDIR, PSEUDO_LIBDIR, and PSEUDO_LOCALSTATEDIR values.
|
|
Add PSEUDO_BINDIR, PSEUDO_LIBDIR, and PSEUDO_LOCALSTATEDIR to allow for more
easy customization of PSEUDO components at run-time. If these are not set
they will be automatically generated based on the existing PSEUDO_PREFIX path.
PSEUDO_BINDIR = PSEUDO_PREFIX /bin
PSEUDO_LIBDIR = PSEUDO_PREFIX /lib
PSEUDO_LOCALSTATEDIR = PSEUDO_PREFIX /var/pseudo
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
|
|
|
|
libpseudo-foo.so.
|
|
The PSEUDO_SUFFIX thing is an installation quirk to allow our
build system to tag libpseudo.so with a checksum of the host libc.
However, we reuse a prebuilt pseudo server with the new pseudo
libraries; this means that encoding the suffix in the environment
hackery is a Bad Idea.
Update version number to 0.3, since this seems to wrap up a
hunk of development effort.
|
|
The PSEUDO_DEBUG_FILE feature is enhanced, and is now also used by the
pseudo server.
|
|
Address a couple of compiler warnings, add a couple of signals to the
list of caught signals, etcetera.
|
|
You can't use setenv() to modify the environment that will
be passed to a child process through execve()...
Also, fix the setupenv() to use PSEUDO_SUFFIX if defined.
Use execve() to spawn child processes, so we can use setupenv()
and dropenv().
|
|
* Add lckpwdf/ulckpwdf to guts/README
* Remove arguments from function pointer arguments.
While in theory the compar function pointer has always taken
"const struct dirent **", some systems (many) have declared
it instead as taking "const void *". For now, just omit
the types; a pointer to function taking unknown arguments
is a compatible type, and we never call the functions, we
just pass them to something else.
* Handle readlinkat() on systems without *at functions
* Fix pseudo_etc_file (spotted by "fortify")
When O_CREAT can be a flag, 0600 mode is needed. While we're
at it, remove a bogus dummy open.
* Fix mkdtemp()
Was returning the address of the internal buffer rather than the
user-provided buffer. Also fixed a typo in an error message.
* Don't call fgetgrent_r() with a null FILE *.
* A couple of other typo-type fixes.
|
|
It's not enough to rely on the usual chroot() stuff affecting the
file open, not least because these use the glibc-internal __open
which is not currently intercepted, but also because we want to
use the PSEUDO_PASSWD path when that's set but there's no chroot().
There's some extra magic in pseudo_etc_file to support these
operations, since they can legitimately create a file rather
than opening an existing one.
|
|
Moved readlink fixup into a general-purpose function for
removing chroot prefixes.
|
|
Spotted some glibc extensions to file modes, altered fopen logic.
Fix handling for the case where the underlying pseudo_pwd_fd or
pseudo_grp_fd are closed.
|
|
This is a first pass at handling password/group calls, allowing
the use of custom password/group files. In particular, when
chroot()ed to a particular directory, pseudo picks files in
that directory by default, to improve support for the typical
use case where pseudo uses chroot() only to jump into a virtual
target filesystem.
|
|
This allows us to track execution, although the tracking for it
requires some additional thought -- the basic assumption is that we
don't want to canonicalize names into the chroot() directory, but
since all the filename canonicalization assumes that we want this,
that will take some sneaking. It's a little useful as is, though,
so I'm running with it.
|
|
This patch adds support for checking whether a file was opened for
reading, writing, or both, as well as tracking append flags. It is
not very well tested. This is preparation for improved host
contamination checking.
|
|
None of them seem to have been genuine problems, but it's prettier now,
and some were questionable.
|
|
Add chroot() and a large number of things needed to make it work.
The list of intercepted calls is large but not exhaustive.
|
|
* Improve makewrappers handling of function pointer arguments.
* Regenerate wrappers when makewrappers is touched.
* Move path resolution from pseudo_client_op into wrapper
functions.
* Eliminate dependency on PATH_MAX.
* Related cleanup, such as tracking CWD better, and using
the tracked value for getcwd().
|
|
spotting these.) Check for failed calls to pseudo_prefix_path in
a couple of places, handle failed open of pid file, and make
pseudo_prefix_path robust in the case of a zero-length PSEUDO_PREFIX.
Also, don't try to overwrite the contents of an environment
variable anymore. (The amazing part? None of these have ever
caused a failure.)
|
|
|