From ae83c5cccd9e1e31542b625ef2f6ddf3dcd26387 Mon Sep 17 00:00:00 2001 From: Krzysztof Konopko Date: Sat, 9 Mar 2013 14:28:03 +0000 Subject: [PATCH 2/2] Required plumbing for reading process credentials from procfs This doesn't do anything yet as _dbus_user_info_fill_pid() is not implemented yet and _dbus_user_database_lookup() ignores the `pid' argument. This plumbing is still useful though to ensure that things will work even if PID is not available: - PID doesn't make sense in the given context (e. g. parsing policies) - the OS doesn't provide procfs --- bus/bus.c | 6 ++++-- bus/bus.h | 3 ++- bus/connection.c | 13 ++++++++++--- bus/policy.c | 13 ++++++++++--- bus/policy.h | 3 ++- dbus/dbus-auth.c | 7 +++++-- dbus/dbus-connection.h | 1 + dbus/dbus-sysdeps-unix.c | 18 +++++++++++++++++- dbus/dbus-sysdeps-unix.h | 5 +++++ dbus/dbus-sysdeps-util-unix.c | 6 ++++-- dbus/dbus-sysdeps.h | 5 ++++- dbus/dbus-transport.c | 3 +++ dbus/dbus-userdb-util.c | 16 +++++++++------- dbus/dbus-userdb.c | 19 +++++++++++++------ dbus/dbus-userdb.h | 8 +++++++- 15 files changed, 96 insertions(+), 30 deletions(-) diff --git a/bus/bus.c b/bus/bus.c index e80e708..86a01a5 100644 --- a/bus/bus.c +++ b/bus/bus.c @@ -1177,10 +1177,12 @@ bus_context_get_loop (BusContext *context) dbus_bool_t bus_context_allow_unix_user (BusContext *context, - unsigned long uid) + unsigned long uid, + unsigned long pid) { return bus_policy_allow_unix_user (context->policy, - uid); + uid, + pid); } /* For now this is never actually called because the default diff --git a/bus/bus.h b/bus/bus.h index 3597884..ba23c0e 100644 --- a/bus/bus.h +++ b/bus/bus.h @@ -96,7 +96,8 @@ BusActivation* bus_context_get_activation (BusContext BusMatchmaker* bus_context_get_matchmaker (BusContext *context); DBusLoop* bus_context_get_loop (BusContext *context); dbus_bool_t bus_context_allow_unix_user (BusContext *context, - unsigned long uid); + unsigned long uid, + unsigned long pid); dbus_bool_t bus_context_allow_windows_user (BusContext *context, const char *windows_sid); BusPolicy* bus_context_get_policy (BusContext *context); diff --git a/bus/connection.c b/bus/connection.c index d69758c..bcc4bf5 100644 --- a/bus/connection.c +++ b/bus/connection.c @@ -371,6 +371,7 @@ dispatch_status_function (DBusConnection *connection, static dbus_bool_t allow_unix_user_function (DBusConnection *connection, unsigned long uid, + unsigned long pid, void *data) { BusConnectionData *d; @@ -378,8 +379,8 @@ allow_unix_user_function (DBusConnection *connection, d = BUS_CONNECTION_DATA (connection); _dbus_assert (d != NULL); - - return bus_context_allow_unix_user (d->connections->context, uid); + + return bus_context_allow_unix_user (d->connections->context, uid, pid); } static void @@ -840,13 +841,19 @@ bus_connection_get_unix_groups (DBusConnection *connection, DBusError *error) { unsigned long uid; + unsigned long pid; *groups = NULL; *n_groups = 0; if (dbus_connection_get_unix_user (connection, &uid)) { - if (!_dbus_unix_groups_from_uid (uid, groups, n_groups)) + if (!dbus_connection_get_unix_process_id (connection, &pid)) + { + pid = DBUS_PID_UNSET; + } + + if (!_dbus_unix_groups_from_uid (uid, pid, groups, n_groups)) { _dbus_verbose ("Did not get any groups for UID %lu\n", uid); diff --git a/bus/policy.c b/bus/policy.c index 379cea9..9322736 100644 --- a/bus/policy.c +++ b/bus/policy.c @@ -274,6 +274,7 @@ bus_policy_create_client_policy (BusPolicy *policy, { BusClientPolicy *client; dbus_uid_t uid; + dbus_pid_t pid; dbus_bool_t at_console; _dbus_assert (dbus_connection_get_is_authenticated (connection)); @@ -338,8 +339,13 @@ bus_policy_create_client_policy (BusPolicy *policy, } } + if (!dbus_connection_get_unix_process_id (connection, &pid)) + { + pid = DBUS_PID_UNSET; + } + /* Add console rules */ - at_console = _dbus_unix_user_is_at_console (uid, error); + at_console = _dbus_unix_user_is_at_console (uid, pid, error); if (at_console) { @@ -435,14 +441,15 @@ list_allows_user (dbus_bool_t def, dbus_bool_t bus_policy_allow_unix_user (BusPolicy *policy, - unsigned long uid) + unsigned long uid, + unsigned long pid) { dbus_bool_t allowed; unsigned long *group_ids; int n_group_ids; /* On OOM or error we always reject the user */ - if (!_dbus_unix_groups_from_uid (uid, &group_ids, &n_group_ids)) + if (!_dbus_unix_groups_from_uid (uid, pid, &group_ids, &n_group_ids)) { _dbus_verbose ("Did not get any groups for UID %lu\n", uid); diff --git a/bus/policy.h b/bus/policy.h index 3ff6f48..c7b78d3 100644 --- a/bus/policy.h +++ b/bus/policy.h @@ -117,7 +117,8 @@ BusClientPolicy* bus_policy_create_client_policy (BusPolicy *policy, DBusConnection *connection, DBusError *error); dbus_bool_t bus_policy_allow_unix_user (BusPolicy *policy, - unsigned long uid); + unsigned long uid, + unsigned long pid); dbus_bool_t bus_policy_allow_windows_user (BusPolicy *policy, const char *windows_sid); dbus_bool_t bus_policy_append_default_rule (BusPolicy *policy, diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c index d2c37a7..0a808b6 100644 --- a/dbus/dbus-auth.c +++ b/dbus/dbus-auth.c @@ -548,7 +548,9 @@ sha1_handle_first_client_response (DBusAuth *auth, } } - if (!_dbus_credentials_add_from_user (auth->desired_identity, data)) + if (!_dbus_credentials_add_from_user (auth->desired_identity, + data, + _dbus_credentials_get_unix_pid (auth->credentials))) { _dbus_verbose ("%s: Did not get a valid username from client\n", DBUS_AUTH_NAME (auth)); @@ -1078,7 +1080,8 @@ handle_server_data_external_mech (DBusAuth *auth, else { if (!_dbus_credentials_add_from_user (auth->desired_identity, - &auth->identity)) + &auth->identity, + _dbus_credentials_get_unix_pid (auth->credentials))) { _dbus_verbose ("%s: could not get credentials from uid string\n", DBUS_AUTH_NAME (auth)); diff --git a/dbus/dbus-connection.h b/dbus/dbus-connection.h index fe4d04e..d179a25 100644 --- a/dbus/dbus-connection.h +++ b/dbus/dbus-connection.h @@ -142,6 +142,7 @@ typedef void (* DBusWakeupMainFunction) (void *data); */ typedef dbus_bool_t (* DBusAllowUnixUserFunction) (DBusConnection *connection, unsigned long uid, + unsigned long pid, void *data); /** diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index a031059..1454ef5 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -2266,6 +2266,17 @@ fill_user_info (DBusUserInfo *info, return FALSE; } +dbus_bool_t +_dbus_user_info_fill_pid (DBusUserInfo *info, + dbus_uid_t uid, + dbus_pid_t pid, + DBusError *error) +{ + dbus_bool_t ret = FALSE; + + return ret; +} + /** * Gets user info for the given username. * @@ -3882,6 +3893,7 @@ _dbus_append_keyring_directory_for_credentials (DBusString *directory, DBusString homedir; DBusString dotdir; dbus_uid_t uid; + dbus_pid_t pid; _dbus_assert (credentials != NULL); _dbus_assert (!_dbus_credentials_are_anonymous (credentials)); @@ -3892,7 +3904,11 @@ _dbus_append_keyring_directory_for_credentials (DBusString *directory, uid = _dbus_credentials_get_unix_uid (credentials); _dbus_assert (uid != DBUS_UID_UNSET); - if (!_dbus_homedir_from_uid (uid, &homedir)) + pid = DBUS_PID_UNSET; + if (_dbus_credentials_include (credentials, DBUS_CREDENTIAL_UNIX_PROCESS_ID)) + pid = _dbus_credentials_get_unix_pid (credentials); + + if (!_dbus_homedir_from_uid (uid, pid, &homedir)) goto failed; #ifdef DBUS_BUILD_TESTS diff --git a/dbus/dbus-sysdeps-unix.h b/dbus/dbus-sysdeps-unix.h index a265b33..e59fecc 100644 --- a/dbus/dbus-sysdeps-unix.h +++ b/dbus/dbus-sysdeps-unix.h @@ -120,6 +120,10 @@ dbus_bool_t _dbus_user_info_fill (DBusUserInfo *info, dbus_bool_t _dbus_user_info_fill_uid (DBusUserInfo *info, dbus_uid_t uid, DBusError *error); +dbus_bool_t _dbus_user_info_fill_pid (DBusUserInfo *info, + dbus_uid_t uid, + dbus_pid_t pid, + DBusError *error); void _dbus_user_info_free (DBusUserInfo *info); dbus_bool_t _dbus_group_info_fill (DBusGroupInfo *info, @@ -128,6 +132,7 @@ dbus_bool_t _dbus_group_info_fill (DBusGroupInfo *info, dbus_bool_t _dbus_group_info_fill_gid (DBusGroupInfo *info, dbus_gid_t gid, DBusError *error); + void _dbus_group_info_free (DBusGroupInfo *info); dbus_uid_t _dbus_getuid (void); diff --git a/dbus/dbus-sysdeps-util-unix.c b/dbus/dbus-sysdeps-util-unix.c index 81098ca..ab62afb 100644 --- a/dbus/dbus-sysdeps-util-unix.c +++ b/dbus/dbus-sysdeps-util-unix.c @@ -975,10 +975,11 @@ _dbus_parse_unix_group_from_config (const DBusString *groupname, */ dbus_bool_t _dbus_unix_groups_from_uid (dbus_uid_t uid, + dbus_pid_t pid, dbus_gid_t **group_ids, int *n_group_ids) { - return _dbus_groups_from_uid (uid, group_ids, n_group_ids); + return _dbus_groups_from_uid (uid, pid, group_ids, n_group_ids); } /** @@ -992,9 +993,10 @@ _dbus_unix_groups_from_uid (dbus_uid_t uid, */ dbus_bool_t _dbus_unix_user_is_at_console (dbus_uid_t uid, + dbus_pid_t pid, DBusError *error) { - return _dbus_is_console_user (uid, error); + return _dbus_is_console_user (uid, pid, error); } diff --git a/dbus/dbus-sysdeps.h b/dbus/dbus-sysdeps.h index f4b0ac9..d88198f 100644 --- a/dbus/dbus-sysdeps.h +++ b/dbus/dbus-sysdeps.h @@ -191,7 +191,8 @@ dbus_bool_t _dbus_send_credentials_socket (int server_fd, DBusError *error); dbus_bool_t _dbus_credentials_add_from_user (DBusCredentials *credentials, - const DBusString *username); + const DBusString *username, + dbus_pid_t pid); dbus_bool_t _dbus_credentials_add_from_current_process (DBusCredentials *credentials); dbus_bool_t _dbus_append_user_from_current_process (DBusString *str); @@ -200,9 +201,11 @@ dbus_bool_t _dbus_parse_unix_user_from_config (const DBusString *username, dbus_bool_t _dbus_parse_unix_group_from_config (const DBusString *groupname, dbus_gid_t *gid_p); dbus_bool_t _dbus_unix_groups_from_uid (dbus_uid_t uid, + dbus_pid_t pid, dbus_gid_t **group_ids, int *n_group_ids); dbus_bool_t _dbus_unix_user_is_at_console (dbus_uid_t uid, + dbus_pid_t pid, DBusError *error); dbus_bool_t _dbus_unix_user_is_process_owner (dbus_uid_t uid); dbus_bool_t _dbus_windows_user_is_process_owner (const char *windows_sid); diff --git a/dbus/dbus-transport.c b/dbus/dbus-transport.c index 6b58fda..85961b4 100644 --- a/dbus/dbus-transport.c +++ b/dbus/dbus-transport.c @@ -536,6 +536,7 @@ auth_via_unix_user_function (DBusTransport *transport) DBusAllowUnixUserFunction unix_user_function; void *unix_user_data; dbus_uid_t uid; + dbus_pid_t pid; /* Dropping the lock here probably isn't that safe. */ @@ -546,12 +547,14 @@ auth_via_unix_user_function (DBusTransport *transport) unix_user_function = transport->unix_user_function; unix_user_data = transport->unix_user_data; uid = _dbus_credentials_get_unix_uid (auth_identity); + pid = _dbus_credentials_get_unix_pid (auth_identity); _dbus_verbose ("unlock\n"); _dbus_connection_unlock (connection); allow = (* unix_user_function) (connection, uid, + pid, unix_user_data); _dbus_verbose ("lock post unix user function\n"); diff --git a/dbus/dbus-userdb-util.c b/dbus/dbus-userdb-util.c index 16bf229..5a2a8cd 100644 --- a/dbus/dbus-userdb-util.c +++ b/dbus/dbus-userdb-util.c @@ -47,7 +47,8 @@ */ dbus_bool_t _dbus_is_console_user (dbus_uid_t uid, - DBusError *error) + dbus_pid_t pid, + DBusError *error) { DBusUserDatabase *db; @@ -115,7 +116,7 @@ _dbus_is_console_user (dbus_uid_t uid, /* TPTD: this should be cache-safe, we've locked the DB and _dbus_user_at_console doesn't pass it on. */ - info = _dbus_user_database_lookup (db, uid, NULL, error); + info = _dbus_user_database_lookup (db, uid, pid, NULL, error); if (info == NULL) { @@ -203,7 +204,7 @@ _dbus_get_user_id_and_primary_group (const DBusString *username, return FALSE; } - if (!_dbus_user_database_get_username (db, username, + if (!_dbus_user_database_get_username (db, username, DBUS_PID_UNSET, &info, NULL)) { _dbus_user_database_unlock_system (); @@ -379,6 +380,7 @@ _dbus_user_database_get_gid (DBusUserDatabase *db, */ dbus_bool_t _dbus_groups_from_uid (dbus_uid_t uid, + dbus_pid_t pid, dbus_gid_t **group_ids, int *n_group_ids) { @@ -396,7 +398,7 @@ _dbus_groups_from_uid (dbus_uid_t uid, return FALSE; } - if (!_dbus_user_database_get_uid (db, uid, + if (!_dbus_user_database_get_uid (db, uid, pid, &info, NULL)) { _dbus_user_database_unlock_system (); @@ -451,7 +453,7 @@ _dbus_userdb_test (const char *test_data_dir) if (!_dbus_get_user_id (username, &uid)) _dbus_assert_not_reached ("didn't get uid"); - if (!_dbus_groups_from_uid (uid, &group_ids, &n_group_ids)) + if (!_dbus_groups_from_uid (uid, _dbus_getpid (), &group_ids, &n_group_ids)) _dbus_assert_not_reached ("didn't get groups"); printf (" Current user: %s homedir: %s gids:", @@ -465,11 +467,11 @@ _dbus_userdb_test (const char *test_data_dir) dbus_error_init (&error); printf ("Is Console user: %i\n", - _dbus_is_console_user (uid, &error)); + _dbus_is_console_user (uid, _dbus_getpid(), &error)); printf ("Invocation was OK: %s\n", error.message ? error.message : "yes"); dbus_error_free (&error); printf ("Is Console user 4711: %i\n", - _dbus_is_console_user (4711, &error)); + _dbus_is_console_user (4711, _dbus_getpid(), &error)); printf ("Invocation was OK: %s\n", error.message ? error.message : "yes"); dbus_error_free (&error); diff --git a/dbus/dbus-userdb.c b/dbus/dbus-userdb.c index 4e8b39a..9c96cef 100644 --- a/dbus/dbus-userdb.c +++ b/dbus/dbus-userdb.c @@ -127,6 +127,7 @@ _dbus_is_a_number (const DBusString *str, DBusUserInfo* _dbus_user_database_lookup (DBusUserDatabase *db, dbus_uid_t uid, + dbus_pid_t pid, const DBusString *username, DBusError *error) { @@ -250,6 +251,7 @@ init_system_db (void) if (!_dbus_user_database_get_uid (system_db, _dbus_getuid (), + _dbus_getpid (), &info, &error)) { @@ -419,7 +421,7 @@ _dbus_homedir_from_username (const DBusString *username, return FALSE; } - if (!_dbus_user_database_get_username (db, username, + if (!_dbus_user_database_get_username (db, username, DBUS_PID_UNSET, &info, NULL)) { _dbus_user_database_unlock_system (); @@ -440,11 +442,13 @@ _dbus_homedir_from_username (const DBusString *username, * Gets the home directory for the given user. * * @param uid the uid + * "param pid the pid * @param homedir string to append home directory to * @returns #TRUE if user existed and we appended their homedir */ dbus_bool_t _dbus_homedir_from_uid (dbus_uid_t uid, + dbus_pid_t pid, DBusString *homedir) { DBusUserDatabase *db; @@ -458,7 +462,7 @@ _dbus_homedir_from_uid (dbus_uid_t uid, return FALSE; } - if (!_dbus_user_database_get_uid (db, uid, + if (!_dbus_user_database_get_uid (db, uid, pid, &info, NULL)) { _dbus_user_database_unlock_system (); @@ -491,7 +495,8 @@ _dbus_homedir_from_uid (dbus_uid_t uid, */ dbus_bool_t _dbus_credentials_add_from_user (DBusCredentials *credentials, - const DBusString *username) + const DBusString *username, + dbus_pid_t pid) { DBusUserDatabase *db; const DBusUserInfo *info; @@ -505,7 +510,7 @@ _dbus_credentials_add_from_user (DBusCredentials *credentials, return FALSE; } - if (!_dbus_user_database_get_username (db, username, + if (!_dbus_user_database_get_username (db, username, pid, &info, NULL)) { _dbus_user_database_unlock_system (); @@ -637,10 +642,11 @@ _dbus_user_database_unref (DBusUserDatabase *db) dbus_bool_t _dbus_user_database_get_uid (DBusUserDatabase *db, dbus_uid_t uid, + dbus_pid_t pid, const DBusUserInfo **info, DBusError *error) { - *info = _dbus_user_database_lookup (db, uid, NULL, error); + *info = _dbus_user_database_lookup (db, uid, pid, NULL, error); return *info != NULL; } @@ -656,10 +662,11 @@ _dbus_user_database_get_uid (DBusUserDatabase *db, dbus_bool_t _dbus_user_database_get_username (DBusUserDatabase *db, const DBusString *username, + dbus_pid_t pid, const DBusUserInfo **info, DBusError *error) { - *info = _dbus_user_database_lookup (db, DBUS_UID_UNSET, username, error); + *info = _dbus_user_database_lookup (db, DBUS_UID_UNSET, pid, username, error); return *info != NULL; } diff --git a/dbus/dbus-userdb.h b/dbus/dbus-userdb.h index cb49d9e..44e9ecb 100644 --- a/dbus/dbus-userdb.h +++ b/dbus/dbus-userdb.h @@ -58,6 +58,7 @@ void _dbus_user_database_flush (DBusUserDatabase *db); void _dbus_user_database_unref (DBusUserDatabase *db); dbus_bool_t _dbus_user_database_get_uid (DBusUserDatabase *db, dbus_uid_t uid, + dbus_pid_t pid, const DBusUserInfo **info, DBusError *error); dbus_bool_t _dbus_user_database_get_gid (DBusUserDatabase *db, @@ -66,6 +67,7 @@ dbus_bool_t _dbus_user_database_get_gid (DBusUserDatabase *db, DBusError *error); dbus_bool_t _dbus_user_database_get_username (DBusUserDatabase *db, const DBusString *username, + dbus_pid_t pid, const DBusUserInfo **info, DBusError *error); dbus_bool_t _dbus_user_database_get_groupname (DBusUserDatabase *db, @@ -75,6 +77,7 @@ dbus_bool_t _dbus_user_database_get_groupname (DBusUserDatabase *db, DBusUserInfo* _dbus_user_database_lookup (DBusUserDatabase *db, dbus_uid_t uid, + dbus_pid_t pid, const DBusString *username, DBusError *error); DBusGroupInfo* _dbus_user_database_lookup_group (DBusUserDatabase *db, @@ -99,10 +102,12 @@ dbus_bool_t _dbus_get_user_id_and_primary_group (const DBusString *username, dbus_gid_t *gid_p); dbus_bool_t _dbus_credentials_from_uid (dbus_uid_t user_id, DBusCredentials *credentials); -dbus_bool_t _dbus_groups_from_uid (dbus_uid_t uid, +dbus_bool_t _dbus_groups_from_uid (dbus_uid_t uid, + dbus_pid_t pid, dbus_gid_t **group_ids, int *n_group_ids); dbus_bool_t _dbus_is_console_user (dbus_uid_t uid, + dbus_pid_t pid, DBusError *error); dbus_bool_t _dbus_is_a_number (const DBusString *str, @@ -114,6 +119,7 @@ dbus_bool_t _dbus_homedir_from_username (const DBusString *username, DBusString *homedir); dbus_bool_t _dbus_homedir_from_uid (dbus_uid_t uid, + dbus_pid_t pid, DBusString *homedir); DBUS_END_DECLS -- 1.8.1.4