1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1988, 1993 5 * The Regents of the University of California. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the University nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #if 0 33 #ifndef lint 34 static const char copyright[] = 35 "@(#) Copyright (c) 1988, 1993\n\ 36 The Regents of the University of California. All rights reserved.\n"; 37 #endif /* not lint */ 38 39 #ifndef lint 40 static char sccsid[] = "@(#)chroot.c 8.1 (Berkeley) 6/9/93"; 41 #endif /* not lint */ 42 #endif 43 #include <sys/cdefs.h> 44 __FBSDID("$FreeBSD$"); 45 46 #include <sys/types.h> 47 #include <sys/procctl.h> 48 49 #include <ctype.h> 50 #include <err.h> 51 #include <grp.h> 52 #include <limits.h> 53 #include <paths.h> 54 #include <pwd.h> 55 #include <stdbool.h> 56 #include <stdio.h> 57 #include <stdlib.h> 58 #include <string.h> 59 #include <unistd.h> 60 61 static void usage(void) __dead2; 62 63 int 64 main(int argc, char *argv[]) 65 { 66 struct group *gp; 67 struct passwd *pw; 68 char *endp, *p, *user, *group, *grouplist; 69 const char *shell; 70 gid_t gid, *gidlist; 71 uid_t uid; 72 int arg, ch, error, gids; 73 long ngroups_max; 74 bool nonprivileged; 75 76 gid = 0; 77 uid = 0; 78 user = group = grouplist = NULL; 79 nonprivileged = false; 80 while ((ch = getopt(argc, argv, "G:g:u:n")) != -1) { 81 switch(ch) { 82 case 'u': 83 user = optarg; 84 if (*user == '\0') 85 usage(); 86 break; 87 case 'g': 88 group = optarg; 89 if (*group == '\0') 90 usage(); 91 break; 92 case 'G': 93 grouplist = optarg; 94 if (*grouplist == '\0') 95 usage(); 96 break; 97 case 'n': 98 nonprivileged = true; 99 break; 100 case '?': 101 default: 102 usage(); 103 } 104 } 105 argc -= optind; 106 argv += optind; 107 108 if (argc < 1) 109 usage(); 110 111 if (group != NULL) { 112 if (isdigit((unsigned char)*group)) { 113 gid = (gid_t)strtoul(group, &endp, 0); 114 if (*endp != '\0') 115 goto getgroup; 116 } else { 117 getgroup: 118 if ((gp = getgrnam(group)) != NULL) 119 gid = gp->gr_gid; 120 else 121 errx(1, "no such group `%s'", group); 122 } 123 } 124 125 ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; 126 if ((gidlist = malloc(sizeof(gid_t) * ngroups_max)) == NULL) 127 err(1, "malloc"); 128 for (gids = 0; 129 (p = strsep(&grouplist, ",")) != NULL && gids < ngroups_max; ) { 130 if (*p == '\0') 131 continue; 132 133 if (isdigit((unsigned char)*p)) { 134 gidlist[gids] = (gid_t)strtoul(p, &endp, 0); 135 if (*endp != '\0') 136 goto getglist; 137 } else { 138 getglist: 139 if ((gp = getgrnam(p)) != NULL) 140 gidlist[gids] = gp->gr_gid; 141 else 142 errx(1, "no such group `%s'", p); 143 } 144 gids++; 145 } 146 if (p != NULL && gids == ngroups_max) 147 errx(1, "too many supplementary groups provided"); 148 149 if (user != NULL) { 150 if (isdigit((unsigned char)*user)) { 151 uid = (uid_t)strtoul(user, &endp, 0); 152 if (*endp != '\0') 153 goto getuser; 154 } else { 155 getuser: 156 if ((pw = getpwnam(user)) != NULL) 157 uid = pw->pw_uid; 158 else 159 errx(1, "no such user `%s'", user); 160 } 161 } 162 163 if (nonprivileged) { 164 arg = PROC_NO_NEW_PRIVS_ENABLE; 165 error = procctl(P_PID, getpid(), PROC_NO_NEW_PRIVS_CTL, &arg); 166 if (error != 0) 167 err(1, "procctl"); 168 } 169 170 if (chdir(argv[0]) == -1 || chroot(".") == -1) 171 err(1, "%s", argv[0]); 172 173 if (gids && setgroups(gids, gidlist) == -1) 174 err(1, "setgroups"); 175 if (group && setgid(gid) == -1) 176 err(1, "setgid"); 177 if (user && setuid(uid) == -1) 178 err(1, "setuid"); 179 180 if (argv[1]) { 181 execvp(argv[1], &argv[1]); 182 err(1, "%s", argv[1]); 183 } 184 185 if (!(shell = getenv("SHELL"))) 186 shell = _PATH_BSHELL; 187 execlp(shell, shell, "-i", (char *)NULL); 188 err(1, "%s", shell); 189 /* NOTREACHED */ 190 } 191 192 static void 193 usage(void) 194 { 195 (void)fprintf(stderr, "usage: chroot [-g group] [-G group,group,...] " 196 "[-u user] [-n] newroot [command]\n"); 197 exit(1); 198 } 199