diff options
| -rw-r--r-- | Makefile | 42 | ||||
| -rw-r--r-- | abuild-sudo.c | 81 |
2 files changed, 112 insertions, 11 deletions
@@ -3,6 +3,7 @@ PACKAGE := abuild VERSION := 2.11.2 prefix ?= /usr +bindir ?= $(prefix)/bin sysconfdir ?= /etc datadir ?= $(prefix)/share/$(PACKAGE) abuildrepo ?= ~/.cache/abuild @@ -12,7 +13,7 @@ LUA_SHAREDIR ?= $(prefix)/share/lua/$(LUA_VERSION)/ SCRIPTS := abuild buildrepo abuild-keygen abuild-sign newapkbuild \ abump apkgrel ap buildlab apkbuild-cpan -USR_BIN_FILES := $(SCRIPTS) abuild-tar +USR_BIN_FILES := $(SCRIPTS) abuild-tar abuild-sudo SAMPLES := sample.APKBUILD sample.initd sample.confd \ sample.pre-install sample.post-install @@ -31,6 +32,7 @@ endif CHMOD := chmod SED := sed TAR := tar +LINK = $(CC) $(OBJS-$@) -o $@ $(LDFLAGS) $(LDFLAGS-$@) $(LIBS-$@) SED_REPLACE := -e 's:@VERSION@:$(FULL_VERSION):g' \ -e 's:@prefix@:$(prefix):g' \ @@ -38,15 +40,23 @@ SED_REPLACE := -e 's:@VERSION@:$(FULL_VERSION):g' \ -e 's:@datadir@:$(datadir):g' \ -e 's:@abuildrepo@:$(abuildrepo):g' -SSL_CFLAGS := $(shell pkg-config --cflags openssl) -SSL_LIBS := $(shell pkg-config --libs openssl) +SSL_CFLAGS = $(shell pkg-config --cflags openssl) +SSL_LIBS = $(shell pkg-config --libs openssl) + +LDFLAGS ?= + +OBJS-abuild-tar = abuild-tar.o +LIBS-abuild-tar = $(SSL_LIBS) +CFLAGS-abuild-tar = $(SSL_CFLAGS) + +OBJS-abuild-sudo = abuild-sudo.o .SUFFIXES: .sh.in .in -.sh.in.sh: +%.sh: %.sh.in ${SED} ${SED_REPLACE} ${SED_EXTRA} $< > $@ ${CHMOD} +x $@ -.in: +%: %.in ${SED} ${SED_REPLACE} ${SED_EXTRA} $< > $@ ${CHMOD} +x $@ @@ -57,11 +67,17 @@ all: $(USR_BIN_FILES) clean: @rm -f $(USR_BIN_FILES) -abuild-tar: abuild-tar.c - $(CC) -o $@ $^ -Wl,--as-needed $(SSL_LIBS) +%.o: %.c + $(CC) $(CFLAGS) $(CFLAGS-$@) -o $@ -c $< -abuild-tar.static: abuild-tar.c - $(CC) -o $@ -static $(SSL_LIBS) $^ +abuild-sudo: abuild-sudo.o + $(LINK) + +abuild-tar: abuild-tar.o + $(LINK) + +abuild-tar.static: abuild-tar.o + $(CC) $(CFLAGS) $(CFLAGS-$@) -o $@ -static $(LIBS-$@) $^ help: @echo "$(P) makefile" @@ -69,10 +85,14 @@ help: @echo " make dist" install: $(USR_BIN_FILES) $(SAMPLES) abuild.conf functions.sh aports.lua - mkdir -p $(DESTDIR)/$(prefix)/bin $(DESTDIR)/$(sysconfdir) \ + install -d $(DESTDIR)/$(bindir) $(DESTDIR)/$(sysconfdir) \ $(DESTDIR)/$(datadir) for i in $(USR_BIN_FILES); do\ - install -m 755 $$i $(DESTDIR)/$(prefix)/bin/$$i;\ + install -m 755 $$i $(DESTDIR)/$(bindir)/$$i;\ + done + chmod 4111 $(DESTDIR)/$(prefix)/bin/abuild-sudo + for i in adduser addgroup apk; do \ + ln -fs abuild-sudo $(DESTDIR)/$(bindir)/abuild-$$i; \ done if [ -n "$(DESTDIR)" ] || [ ! -f "/$(sysconfdir)"/abuild.conf ]; then\ cp abuild.conf $(DESTDIR)/$(sysconfdir)/; \ diff --git a/abuild-sudo.c b/abuild-sudo.c new file mode 100644 index 0000000..8c61ad0 --- /dev/null +++ b/abuild-sudo.c @@ -0,0 +1,81 @@ + +#include <sys/types.h> + +#include <err.h> +#include <grp.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +#ifndef ABUILD_GROUP +#define ABUILD_GROUP "abuild" +#endif + +static const char* valid_cmds[] = { + "/bin/adduser", + "/bin/addgroup", + "/sbin/apk", + NULL +}; + +const char *get_command_path(const char *cmd) +{ + const char *p; + int i; + for (i = 0; valid_cmds[i] != NULL; i++) { + p = strrchr(valid_cmds[i], '/') + 1; + if (strcmp(p, cmd) == 0) + return valid_cmds[i]; + } + return NULL; +} + +int is_in_group(gid_t group) +{ + int ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; + gid_t *buf = malloc(ngroups_max * sizeof(gid_t)); + int ngroups, ret = 0; + int i; + if (buf == NULL) { + perror("malloc"); + return 0; + } + ngroups = getgroups(ngroups_max, buf); + for (i = 0; i < ngroups; i++) { + if (buf[i] == group) + break; + } + free(buf); + return i < ngroups; +} + + +int main(int argc, const char *argv[]) +{ + struct group *grent; + const char *cmd; + const char *path; + + grent = getgrnam(ABUILD_GROUP); + if (grent == NULL) + errx(1, "%s: Group not found", ABUILD_GROUP); + + if (!is_in_group(grent->gr_gid)) + errx(1, "Not a member of group %s\n", ABUILD_GROUP); + + cmd = strrchr(argv[0], '-'); + if (cmd == NULL) + errx(1, "Calling command has no '-'"); + cmd++; + + path = get_command_path(cmd); + if (path == NULL) + errx(1, "%s: Not a valid subcommand", cmd); + + argv[0] = path; + /* set our uid to root soo bbsuid --install works */ + setuid(0); + execv(path, (char * const*)argv); + return 1; +} |