1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2003 Networks Associates Technology, Inc. 5 * All rights reserved. 6 * 7 * This software was developed for the FreeBSD Project by Marshall 8 * Kirk McKusick and Network Associates Laboratories, the Security 9 * Research Division of Network Associates, Inc. under DARPA/SPAWAR 10 * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS 11 * research program. 12 * 13 * Redistribution and use in source and binary forms, with or without 14 * modification, are permitted provided that the following conditions 15 * are met: 16 * 1. Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 2. Redistributions in binary form must reproduce the above copyright 19 * notice, this list of conditions and the following disclaimer in the 20 * documentation and/or other materials provided with the distribution. 21 * 3. The names of the authors may not be used to endorse or promote 22 * products derived from this software without specific prior written 23 * permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 * 37 * $FreeBSD$ 38 */ 39 40 #include <sys/param.h> 41 #include <sys/mount.h> 42 #include <sys/stat.h> 43 44 #include <ufs/ufs/extattr.h> 45 #include <ufs/ufs/quota.h> 46 #include <ufs/ufs/ufsmount.h> 47 48 #include <err.h> 49 #include <errno.h> 50 #include <fcntl.h> 51 #include <grp.h> 52 #include <limits.h> 53 #include <mntopts.h> 54 #include <stdio.h> 55 #include <stdlib.h> 56 #include <string.h> 57 #include <sysexits.h> 58 #include <unistd.h> 59 60 static void 61 usage(void) 62 { 63 64 errx(EX_USAGE, "usage: mksnap_ffs snapshot_name"); 65 } 66 67 static int 68 isdir(const char *path, struct stat *stbufp) 69 { 70 71 if (stat(path, stbufp) < 0) 72 return (-1); 73 if (!S_ISDIR(stbufp->st_mode)) 74 return (0); 75 return (1); 76 } 77 78 static int 79 issamefs(const char *path, struct statfs *stfsp) 80 { 81 struct statfs stfsbuf; 82 struct stat stbuf; 83 84 if (isdir(path, &stbuf) != 1) 85 return (-1); 86 if (statfs(path, &stfsbuf) < 0) 87 return (-1); 88 if (fsidcmp(&stfsbuf.f_fsid, &stfsp->f_fsid) != 0) 89 return (0); 90 return (1); 91 } 92 93 int 94 main(int argc, char **argv) 95 { 96 char errmsg[255], path[PATH_MAX]; 97 char *cp, *snapname; 98 struct statfs stfsbuf; 99 struct group *grp; 100 struct stat stbuf; 101 struct iovec *iov; 102 int fd, iovlen; 103 104 if (argc == 2) 105 snapname = argv[1]; 106 else if (argc == 3) 107 snapname = argv[2]; /* Old usage. */ 108 else 109 usage(); 110 111 /* 112 * Check that the user running this program has permission 113 * to create and remove a snapshot file from the directory 114 * in which they have requested to have it made. If the 115 * directory is sticky and not owned by the user, then they 116 * will not be able to remove the snapshot when they are 117 * done with it. 118 */ 119 if (strlen(snapname) >= PATH_MAX) 120 errx(1, "pathname too long %s", snapname); 121 cp = strrchr(snapname, '/'); 122 if (cp == NULL) { 123 strlcpy(path, ".", PATH_MAX); 124 } else if (cp == snapname) { 125 strlcpy(path, "/", PATH_MAX); 126 } else { 127 strlcpy(path, snapname, cp - snapname + 1); 128 } 129 if (statfs(path, &stfsbuf) < 0) 130 err(1, "%s", path); 131 switch (isdir(path, &stbuf)) { 132 case -1: 133 err(1, "%s", path); 134 case 0: 135 errx(1, "%s: Not a directory", path); 136 default: 137 break; 138 } 139 if (access(path, W_OK) < 0) 140 err(1, "Lack write permission in %s", path); 141 if ((stbuf.st_mode & S_ISTXT) && stbuf.st_uid != getuid()) 142 errx(1, "Lack write permission in %s: Sticky bit set", path); 143 144 /* 145 * Work around an issue when mksnap_ffs is started in chroot'ed 146 * environment and f_mntonname contains absolute path within 147 * real root. 148 */ 149 for (cp = stfsbuf.f_mntonname; issamefs(cp, &stfsbuf) != 1; 150 cp = strchrnul(cp + 1, '/')) { 151 if (cp[0] == '\0') 152 errx(1, "%s: Not a mount point", stfsbuf.f_mntonname); 153 } 154 if (cp != stfsbuf.f_mntonname) 155 strlcpy(stfsbuf.f_mntonname, cp, sizeof(stfsbuf.f_mntonname)); 156 157 /* 158 * Having verified access to the directory in which the 159 * snapshot is to be built, proceed with creating it. 160 */ 161 if ((grp = getgrnam("operator")) == NULL) 162 errx(1, "Cannot retrieve operator gid"); 163 164 iov = NULL; 165 iovlen = 0; 166 build_iovec(&iov, &iovlen, "fstype", "ffs", 4); 167 build_iovec(&iov, &iovlen, "from", snapname, (size_t)-1); 168 build_iovec(&iov, &iovlen, "fspath", stfsbuf.f_mntonname, (size_t)-1); 169 build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); 170 build_iovec(&iov, &iovlen, "update", NULL, 0); 171 build_iovec(&iov, &iovlen, "snapshot", NULL, 0); 172 173 *errmsg = '\0'; 174 if (nmount(iov, iovlen, stfsbuf.f_flags) < 0) { 175 errmsg[sizeof(errmsg) - 1] = '\0'; 176 err(1, "Cannot create snapshot %s%s%s", snapname, 177 *errmsg != '\0' ? ": " : "", errmsg); 178 } 179 if ((fd = open(snapname, O_RDONLY)) < 0) 180 err(1, "Cannot open %s", snapname); 181 if (fstat(fd, &stbuf) != 0) 182 err(1, "Cannot stat %s", snapname); 183 if ((stbuf.st_flags & SF_SNAPSHOT) == 0) 184 errx(1, "File %s is not a snapshot", snapname); 185 if (fchown(fd, -1, grp->gr_gid) != 0) 186 err(1, "Cannot chown %s", snapname); 187 if (fchmod(fd, S_IRUSR | S_IRGRP) != 0) 188 err(1, "Cannot chmod %s", snapname); 189 190 exit(EXIT_SUCCESS); 191 } 192