mdw@git.distorted.org.uk Git - shells/blob - chrootsh.c

   1 /* -*-c-*-
   2  *
   3  * $Id: chrootsh.c,v 1.2 1999/04/21 09:07:55 mdw Exp $
   4  *
   5  * Chroot gaol shell
   6  *
   7  * (c) 1999 Mark Wooding
   8  */
   9
  10 /*----- Licensing notice --------------------------------------------------*
  11  *
  12  * This program is free software; you can redistribute it and/or modify
  13  * it under the terms of the GNU General Public License as published by
  14  * the Free Software Foundation; either version 2 of the License, or
  15  * (at your option) any later version.
  16  *
  17  * This program is distributed in the hope that it will be useful,
  18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20  * GNU General Public License for more details.
  21  *
  22  * You should have received a copy of the GNU General Public License
  23  * along with this program; if not, write to the Free Software Foundation,
  24  * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  25  */
  26
  27 /*----- Revision history --------------------------------------------------*
  28  *
  29  * $Log: chrootsh.c,v $
  30  * Revision 1.2  1999/04/21 09:07:55  mdw
  31  * Fiddle with copyright messages so that they're correct.
  32  *
  33  * Revision 1.1.1.1  1999/04/20 00:19:04  mdw
  34  * Initial versions.
  35  *
  36  */
  37
  38 /*----- Header files ------------------------------------------------------*/
  39
  40 #include <errno.h>
  41 #include <stdio.h>
  42 #include <stdlib.h>
  43 #include <string.h>
  44
  45 #include <sys/types.h>
  46 #include <unistd.h>
  47 #include <pwd.h>
  48
  49 extern char **environ;
  50
  51 /*----- Main code ---------------------------------------------------------*/
  52
  53 #ifndef CHROOTSH_PATH
  54 #  define CHROOTSH_PATH "/usr/bin/chrootsh"
  55 #endif
  56
  57 static const char *quis = "chrootsh";
  58
  59 static void *xmalloc(size_t sz)
  60 {
  61   void *p = malloc(sz);
  62   if (!p) {
  63     fprintf(stderr, "%s: not enough memory\n", quis);
  64     exit(EXIT_FAILURE);
  65   }
  66   return (p);
  67 }
  68
  69 static char *xstrdup(const char *p)
  70 {
  71   size_t sz = strlen(p) + 1;
  72   char *q = xmalloc(sz);
  73   memcpy(q, p, sz);
  74   return (q);
  75 }
  76
  77 int main(int argc, char *argv[])
  78 {
  79   struct passwd *pw;
  80   uid_t me = getuid();
  81   char **env;
  82   char **av;
  83
  84   /* --- Resolve the program name --- */
  85
  86   {
  87     char *p, *q;
  88     p = argv[0];
  89     for (q = argv[0]; *q; q++) {
  90       if (*q == '/')
  91         p = q + 1;
  92     }
  93     quis = p;
  94   }
  95
  96   /* --- Check the user is meant to be chrooted --- */
  97
  98   pw = getpwuid(me);
  99   if (!pw) {
 100     fprintf(stderr, "%s: you don't exist.  Go away.\n", quis);
 101     exit(EXIT_FAILURE);
 102   }
 103   if (strcmp(pw->pw_shell, CHROOTSH_PATH) != 0) {
 104     fprintf(stderr, "%s: you aren't a chrooted user\n", quis);
 105     exit(EXIT_FAILURE);
 106   }
 107   endpwent();
 108
 109   /* --- Chroot the user --- */
 110
 111   {
 112     char *p = xstrdup(pw->pw_dir);
 113     char *q = strstr(p, "/./");
 114     if (q)
 115       *q = 0;
 116
 117     if (chdir(p) || chroot(p)) {
 118       fprintf(stderr, "%s: couldn't call chroot: %s", quis, strerror(errno));
 119       exit(EXIT_FAILURE);
 120     }
 121     setuid(me);
 122     free(p);
 123   }
 124
 125   /* --- Read the new password block --- */
 126
 127   {
 128     char *p = xstrdup(pw->pw_name);
 129     pw = getpwnam(p);
 130     free(p);
 131     if (!pw) {
 132       fprintf(stderr, "%s: you don't exist in the gaol\n", quis);
 133       exit(EXIT_FAILURE);
 134     }
 135     endpwent();
 136   }
 137
 138   /* --- Now fiddle with environment strings and suchlike --- */
 139
 140   {
 141     size_t n;
 142     for (n = 0; environ[n]; n++)
 143       ;
 144     env = xmalloc((n + 1) * sizeof(char *));
 145
 146     for (n = 0; environ[n]; n++) {
 147       if (strncmp(environ[n], "HOME=", 5) == 0) {
 148         char *p = xmalloc(6 + strlen(pw->pw_dir));
 149         sprintf(p, "HOME=%s", pw->pw_dir);
 150         env[n] = p;
 151       } else if (strncmp(environ[n], "SHELL=", 6) == 0) {
 152         char *p = xmalloc(7 + strlen(pw->pw_shell));
 153         sprintf(p, "SHELL=%s", pw->pw_shell);
 154         env[n] = p;
 155       } else
 156         env[n] = environ[n];
 157     }
 158     env[n] = 0;
 159   }
 160
 161   /* --- Finally, sort the argument list --- */
 162
 163   {
 164     char *p, *q;
 165     int i;
 166
 167     av = xmalloc((argc + 1) * sizeof(char *));
 168     p = pw->pw_shell;
 169     for (q = p; *q; q++) {
 170       if (*q == '/')
 171         p = q + 1;
 172     }
 173     if (argv[0][0] == '-') {
 174       q = xmalloc(2 + strlen(p));
 175       *q = '-';
 176       strcpy(q + 1, p);
 177       av[0] = q;
 178     } else
 179       av[0] = p;
 180
 181     for (i = 1; i <= argc; i++)
 182       av[i] = argv[i];
 183   }
 184
 185   /* --- Change directory (again) --- */
 186
 187   if (chdir(pw->pw_dir))
 188     fprintf(stderr, "No directory, logging in with HOME=/\n");
 189
 190   /* --- Run the real shell --- */
 191
 192   execve(pw->pw_shell, av, env);
 193   fprintf(stderr, "%s: couldn't exec `%s': %s",
 194           quis, pw->pw_shell, strerror(errno));
 195   return (EXIT_FAILURE);
 196 }
 197
 198 /*----- That's all, folks -------------------------------------------------*/