From c1b3f3c26221272eb308bde5b78dce0f330c7ecc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexe=C3=AF=20KADIR?= Date: Sat, 17 Feb 2024 15:15:40 +0100 Subject: [PATCH] Added a user system --- src/backing.h | 14 -------- src/entry.c | 98 ++++++++++++++++++--------------------------------- src/entry.h | 25 ++++--------- src/sandbox.c | 44 ++++++++++++++++++++++- src/sandbox.h | 2 ++ 5 files changed, 86 insertions(+), 97 deletions(-) diff --git a/src/backing.h b/src/backing.h index ac97d1d..b7d284c 100644 --- a/src/backing.h +++ b/src/backing.h @@ -9,10 +9,6 @@ #define BACKING_POOL_DIR "/var/lib/sandbox/backings" #define MAX_BACKING_LENGTH 256 -typedef struct { - DiskInfo disk_info; -} BackingInfo; - /// @brief Checks whether the given backing disk id is valid. /// @param backing_id The backing disk id to check. /// @return True if the backing disk id is valid, false otherwise. @@ -45,13 +41,3 @@ Result remove_backing(const char* backing_id); /// @param out_backings The pointer to the null-terminated array of backing disk ids. The caller is responsible for freeing the memory of the array and its elements. /// @return The result of the operation. Result list_backings(char*** out_backings, size_t* out_count); - -/// @brief Gathers information about a backing disk. -/// @param backing_id The backing disk id. -/// @param out_info The information about the backing disk. -/// @return The result of the operation. -Result get_backing_info(const char* backing_id, BackingInfo* out_info); - -/// @brief Frees the resources used by the given backing disk information. -/// @param info The backing disk information to free. -void free_backing_info(BackingInfo* info); \ No newline at end of file diff --git a/src/entry.c b/src/entry.c index c46e858..82711ea 100644 --- a/src/entry.c +++ b/src/entry.c @@ -81,6 +81,40 @@ Result get_entry_type_path(const char* entry_id, char** out_path) { return result; } +Result get_entry_type(const char* entry_id, EntryType* out_type) { + // Get the path of the type file + char* type_path; + Result result = get_entry_type_path(entry_id, &type_path); + if (result != SUCCESS) + return result; + + // Read the type file + char* type; + result = read_file(type_path, &type); + if (result != SUCCESS) { + free(type_path); + return result; + } + + // Free the type path + free(type_path); + + // Check the type + if (strcmp(type, ENTRY_TYPE_ROOT_STRING) == 0) + *out_type = ENTRY_TYPE_ROOT; + else if (strcmp(type, ENTRY_TYPE_BACKED_STRING) == 0) + *out_type = ENTRY_TYPE_BACKED; + else if (strcmp(type, ENTRY_TYPE_AUTOMATIC_STRING) == 0) + *out_type = ENTRY_TYPE_AUTOMATIC; + else + *out_type = ENTRY_TYPE_UNKNOWN; + + // Free the type + free(type); + + return SUCCESS; +} + Result entry_exists(const char* entry_id, bool* out_exists) { *out_exists = false; @@ -405,67 +439,3 @@ Result reset_entry(const char* entry_id) { return result; } - -Result get_entry_info(const char* entry_id, EntryInfo* out_info) { - out_info->backing_id = NULL; - out_info->type = ENTRY_TYPE_UNKNOWN; - - // Get the path of the type file - char* type_path; - Result result = get_entry_type_path(entry_id, &type_path); - if (result != SUCCESS) - return result; - - // Read the type file - char* type; - result = read_file(type_path, &type); - if (result != SUCCESS) { - free(type_path); - return result; - } - - // Free the type path - free(type_path); - - // Check the type - if (strcmp(type, ENTRY_TYPE_ROOT_STRING) == 0) - out_info->type = ENTRY_TYPE_ROOT; - else if (strcmp(type, ENTRY_TYPE_BACKED_STRING) == 0) - out_info->type = ENTRY_TYPE_BACKED; - else if (strcmp(type, ENTRY_TYPE_AUTOMATIC_STRING) == 0) - out_info->type = ENTRY_TYPE_AUTOMATIC; - - // Free the type - free(type); - - // Get the path of the entry disk - char* disk_path; - result = get_entry_disk_path(entry_id, &disk_path); - if (result != SUCCESS) - return result; - - // Get the information about the disk - result = get_disk_info(disk_path, &out_info->disk_info); - - // Free the disk path - free(disk_path); - - if (result != SUCCESS) - return result; - - // Check if the disk is backed - if (out_info->disk_info.backing_file != NULL) { - out_info->backing_id = strdup(basename(out_info->disk_info.backing_file)); - if (out_info->backing_id == NULL) { - free_disk_info(&out_info->disk_info); - return OUT_OF_MEMORY; - } - } - - return SUCCESS; -} - -void free_entry_info(EntryInfo* info) { - free(info->backing_id); - free_disk_info(&info->disk_info); -} diff --git a/src/entry.h b/src/entry.h index ac97dd5..71a8e88 100644 --- a/src/entry.h +++ b/src/entry.h @@ -20,13 +20,6 @@ typedef enum { ENTRY_TYPE_AUTOMATIC } EntryType; -typedef struct { - EntryType type; - char* backing_id; - - DiskInfo disk_info; -} EntryInfo; - /// @brief Checks whether the given entry id is valid. /// @param entry_id The entry id to check. /// @return True if the entry id is valid, false otherwise. @@ -50,6 +43,12 @@ Result get_entry_disk_path(const char* entry_id, char** out_path); /// @return The result of the operation. Result get_entry_type_path(const char* entry_id, char** out_path); +/// @brief Gets the type of the given entry. +/// @param entry_id The entry id. +/// @param out_type The pointer to the output entry type. +/// @return The result of the operation. +Result get_entry_type(const char* entry_id, EntryType* out_type); + /// @brief Checks whether the given entry exists in the pool. /// @param entry_id The entry id. /// @param out_exists The pointer to the output boolean. @@ -103,17 +102,7 @@ Result reset_entry(const char* entry_id); /// @return The result of the operation. Result update_entry(const char* entry_id); -/// @brief Checks whether the given entry needs to be updated, and updates it if needed. This function will only update automatic entries. +/// @brief Checks whether the given entry needs to be updated, and updates it if needed. /// @param entry_id The entry id. /// @return The result of the operation. Result check_update_entry(const char* entry_id); - -/// @brief Gathers information about the given entry. -/// @param entry_id The entry id. -/// @param out_info The pointer to the output entry information. -/// @return The result of the operation. -Result get_entry_info(const char* entry_id, EntryInfo* out_info); - -/// @brief Frees the resources used by the given entry information. -/// @param info The entry information to free. -void free_entry_info(EntryInfo* info); diff --git a/src/sandbox.c b/src/sandbox.c index 1b6a6e2..3667420 100644 --- a/src/sandbox.c +++ b/src/sandbox.c @@ -7,6 +7,8 @@ #include #include #include +#include +#include #include const Command COMMANDS[] = { @@ -33,6 +35,32 @@ const Command COMMANDS[] = { }; int main(int argc, char* argv[]) { + // Check that the user 'sandbox' exists + struct passwd* user = getpwnam(SANDBOX_USER); + if (user == NULL) { + log_message(LOG_LEVEL_ERROR, "User '%s' does not exist. Please check the installation.", SANDBOX_USER); + return EXIT_FAILURE; + } + + // Check that the program is either run as root or as the user 'sandbox' + if (geteuid() != 0 && geteuid() != user->pw_uid) { + log_message(LOG_LEVEL_ERROR, "This program must be run as root or as the user '%s'.", SANDBOX_USER); + return EXIT_FAILURE; + } + + // If the program is run as root, switch to the user 'sandbox' + if (geteuid() == 0) { + if (setregid(user->pw_gid, user->pw_gid) != 0) { + log_message(LOG_LEVEL_ERROR, "Failed to switch to the user '%s'.", SANDBOX_USER); + return EXIT_FAILURE; + } + + if (setreuid(user->pw_uid, user->pw_uid) != 0) { + log_message(LOG_LEVEL_ERROR, "Failed to switch to the user '%s'.", SANDBOX_USER); + return EXIT_FAILURE; + } + } + if (argc < 2) return command_help(0, NULL); @@ -189,7 +217,21 @@ int command_add_entry(int argc, char* argv[]) { } int command_remove_entry(int argc, char* argv[]) { - // TODO: Call remove_entry + if (argc < 1) { + log_message(LOG_LEVEL_ERROR, "Missing entry id."); + return EXIT_FAILURE; + } + + const char* entry_id = argv[0]; + + for (int i = 1; i < argc; i++) { + log_message(LOG_LEVEL_ERROR, "Unknown option '%s'.", argv[i]); + return EXIT_FAILURE; + } + + Result result = remove_entry(entry_id); + if (result != SUCCESS) + return EXIT_FAILURE; return EXIT_SUCCESS; } diff --git a/src/sandbox.h b/src/sandbox.h index b9cdaef..6158962 100644 --- a/src/sandbox.h +++ b/src/sandbox.h @@ -2,6 +2,8 @@ #define VERSION "0.0.6" +#define SANDBOX_USER "sandbox" + typedef struct { int (*handler)(int argc, char* argv[]); const char* name;