File chrootuid_1.3-5.diff of Package chrootuid
--- chrootuid-1.3.orig/chrootuid.1
+++ chrootuid-1.3/chrootuid.1
@@ -8,7 +8,7 @@
.SH SYNOPSIS
.na
.nf
-\fBchrootuid\fR \fInewroot newuser command\fR...
+\fBchrootuid\fR [-i] \fInewroot newuser command\fR...
.SH DESCRIPTION
.ad
.fi
@@ -24,19 +24,32 @@
in the restricted environment.
Only the superuser can use the \fBchrootuid\fR command.
+
+.SH OPTIONS
+.ad
+.fi
+There is only one option for \fBchrootuid\fR: -i. That option makes it
+run in \fIinteractive\fR mode. Errors will be printed on stderr instead of through
+syslog and the exit status will be 1 if there are any errors.
+
+.SH RETURN CODES
+.ad
+.fi
+The exit status of \fBchrootuid\fR when running on \fIdaemon\fR mode
+(default) is always 0.
+
+If it is running on \fIinteractive\fR mode, it will exit with an exit status of
+1 if there is any error in its invocation, otherwise the exit status is the
+exit status of \fIcommand\fR.
.SH DIAGNOSTICS
.ad
.fi
-The exit status is 1 when \fBchrootuid\fR has a problem, otherwise
-the exit status is the exit status of \fIcommand\fR.
+Problems are reported to the syslog daemon if running on \fIdaemon\fR mode.
+If running on \fIinteractive\fR mode, errors are reported on stderr.
.SH SEE ALSO
.na
.nf
chroot(8), su(1)
-.SH DIAGNOSTICS
-.ad
-.fi
-Problems are reported to the syslog daemon.
.SH AUTHOR(S)
.na
.nf
@@ -55,7 +68,7 @@
.SH LAST MODIFICATION
.na
.nf
-Wed Jul 25 11:25:08 EDT 2001
+Mon May 20 22:49:02 CEST 2007
.SH VERSION/RELEASE
.na
.nf
--- chrootuid-1.3.orig/Makefile
+++ chrootuid-1.3/Makefile
@@ -1,7 +1,8 @@
# @(#) Makefile 1.2 93/08/12 16:09:29
FILES = README Makefile chrootuid.c chrootuid.1
-CFLAGS = -O
+CFLAGS = -O2
+PREFIX = /usr/local
all: chrootuid chrootuid.1
@@ -15,8 +16,8 @@
@shar $(FILES)
install: chrootuid.1 chrootuid
- cp chrootuid /usr/local/bin
- cp chrootuid.1 /usr/local/man/man1
+ cp chrootuid $(PREFIX)/bin
+ cp chrootuid.1 $(PREFIX)/man/man1
clean:
rm -f *.o core chrootuid
--- chrootuid-1.3.orig/patch
+++ chrootuid-1.3/patch
@@ -0,0 +1,96 @@
+--- chrootuid-1.3/chrootuid.c.orig 2002-12-11 15:28:44 +0200
++++ chrootuid-1.3/chrootuid.c 2002-12-11 15:42:57 +0200
+@@ -50,9 +50,11 @@
+
+ #include <unistd.h>
+ #include <stdlib.h>
++#include <stdio.h>
++#include <errno.h>
++#include <string.h>
+ #include <pwd.h>
+ #include <grp.h>
+-#include <syslog.h>
+
+ int main(argc, argv)
+ int argc;
+@@ -65,12 +67,6 @@
+ * require only two arguments.
+ */
+
+-#ifdef LOG_DAEMON
+- (void) openlog(argv[0], LOG_PID | LOG_NDELAY, LOG_DAEMON);
+-#else
+- (void) openlog(argv[0], LOG_PID);
+-#endif
+-
+ /*
+ * Require proper amount of arguments. In all cases of error, exit with
+ * zero status because we have already reported the problem via syslogd.
+@@ -78,44 +74,44 @@
+ */
+
+ if (argc < 4) {
+- syslog(LOG_ERR, "usage: %s path user command", argv[0]);
+- return (0);
++ fprintf(stderr,"usage: %s path user command\n", argv[0]);
++ return (1);
+ }
+ /* Must step into the new subtree. */
+
+ if (chdir(argv[1])) {
+- syslog(LOG_ERR, "chdir(%s): %m", argv[1]);
+- return (0);
++ fprintf(stderr, "chdir(%s): %s\n", argv[1], strerror(errno));
++ return (1);
+ }
+ /* The user must be known in the *unrestricted* universe... */
+
+ if ((pwd = getpwnam(argv[2])) == 0) {
+- syslog(LOG_ERR, "%s: user unknown", argv[2]);
+- return (0);
++ fprintf(stderr, "%s: user unknown\n", argv[2]);
++ return (1);
+ }
+ /* initgroups() accesses the group file in the unrestricted universe... */
+
+ if (initgroups(pwd->pw_name, pwd->pw_gid) < 0) {
+- syslog(LOG_ERR, "initgroups: %m");
+- return (0);
++ fprintf(stderr, "initgroups: %s\n", strerror(errno));
++ return (1);
+ }
+ endgrent();
+
+ /* Do the chroot() before giving away root privileges. */
+
+ if (chroot(argv[1])) {
+- syslog(LOG_ERR, "chroot(%s): %m", argv[1]);
+- return (0);
++ fprintf(stderr, "chroot(%s): %s\n", argv[1], strerror(errno));
++ return (1);
+ }
+ /* Switch group id then user id. */
+
+ if (setgid(pwd->pw_gid)) {
+- syslog(LOG_ERR, "setgid(%d): %m", pwd->pw_gid);
+- return (0);
++ fprintf(stderr, "setgid(%d): %s\n", pwd->pw_gid, strerror(errno));
++ return (1);
+ }
+ if (setuid(pwd->pw_uid)) {
+- syslog(LOG_ERR, "setuid(%d): %m", pwd->pw_uid);
+- return (0);
++ fprintf(stderr, "setuid(%d): %s\n", pwd->pw_uid, strerror(errno));
++ return (1);
+ }
+ /* In case we still have the /etc/passwd file still open. */
+
+@@ -124,6 +120,6 @@
+ /* Run the command and hope for the best. */
+
+ (void) execv(argv[3], argv + 3);
+- syslog(LOG_ERR, "%s: %m", argv[3]);
+- return (0);
++ fprintf(stderr, "%s: %s", argv[3], strerror(errno));
++ return (1);
+ }
--- chrootuid-1.3.orig/chrootuid.c
+++ chrootuid-1.3/chrootuid.c
@@ -50,15 +50,23 @@
#include <unistd.h>
#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
#include <pwd.h>
#include <grp.h>
#include <syslog.h>
+extern char *optarg;
+extern int optind, opterr, optopt;
+
int main(argc, argv)
int argc;
char **argv;
{
struct passwd *pwd;
+ int interactive = 1;
+ int optstart = 0;
/*
* Open a channel to the syslog daemon. Older versions of openlog()
@@ -77,45 +85,91 @@
* No need to make inetd complain, too.
*/
- if (argc < 4) {
- syslog(LOG_ERR, "usage: %s path user command", argv[0]);
+ /* If we use -i, skip it over and increment optstart */
+ /* we cannot use the getopt library using:
+ * if (getopt(argc, argv, "i") != -1) {
+ * in order to preserve the arguments provided to the command
+ * This means that -i must be the *first* (and only) argument */
+ if ( argv[1] != NULL && strncmp(argv[1], "-i", 2) == 0 ) {
+ interactive = 0;
+ optstart++;
+ }
+
+ if (argc-optstart < 4) {
+ if (interactive) {
+ syslog(LOG_ERR, "usage: %s [-i] path user command", argv[0]);
+ } else {
+ fprintf(stderr,"usage: %s [-i] path user command\n", argv[0]);
+ return (1);
+ }
return (0);
}
/* Must step into the new subtree. */
- if (chdir(argv[1])) {
- syslog(LOG_ERR, "chdir(%s): %m", argv[1]);
- return (0);
+ if (chdir(argv[1+optstart])) {
+ if (interactive) {
+ syslog(LOG_ERR, "chdir(%s): %m", argv[1+optstart]);
+ return (0);
+ } else {
+ fprintf(stderr, "chdir(%s): %s\n", argv[1+optstart], strerror(errno));
+ return (1);
+ }
}
/* The user must be known in the *unrestricted* universe... */
- if ((pwd = getpwnam(argv[2])) == 0) {
- syslog(LOG_ERR, "%s: user unknown", argv[2]);
- return (0);
+ if ((pwd = getpwnam(argv[2+optstart])) == 0) {
+ if (interactive) {
+ syslog(LOG_ERR, "%s: user unknown", argv[2+optstart]);
+ return (0);
+ } else {
+ fprintf(stderr, "%s: user unknown\n", argv[2+optstart]);
+ return (1);
+ }
}
/* initgroups() accesses the group file in the unrestricted universe... */
if (initgroups(pwd->pw_name, pwd->pw_gid) < 0) {
- syslog(LOG_ERR, "initgroups: %m");
- return (0);
+ if (interactive) {
+ syslog(LOG_ERR, "initgroups: %m");
+ return (0);
+ } else {
+ fprintf(stderr, "initgroups: %s\n", strerror(errno));
+ return (1);
+ }
}
endgrent();
/* Do the chroot() before giving away root privileges. */
- if (chroot(argv[1])) {
- syslog(LOG_ERR, "chroot(%s): %m", argv[1]);
- return (0);
+ if (chroot(argv[1+optstart])) {
+ if (interactive) {
+ syslog(LOG_ERR, "chroot(%s): %m", argv[1+optstart]);
+ return (0);
+ } else {
+ fprintf(stderr, "chroot(%s): %s\n", argv[1+optstart], strerror(errno));
+ return (1);
+ }
+
}
/* Switch group id then user id. */
if (setgid(pwd->pw_gid)) {
- syslog(LOG_ERR, "setgid(%d): %m", pwd->pw_gid);
- return (0);
+ if (interactive) {
+ syslog(LOG_ERR, "setgid(%d): %m", pwd->pw_gid);
+ return (0);
+ } else {
+ fprintf(stderr, "setgid(%d): %s\n", pwd->pw_gid, strerror(errno));
+ return (1);
+ }
}
if (setuid(pwd->pw_uid)) {
- syslog(LOG_ERR, "setuid(%d): %m", pwd->pw_uid);
- return (0);
+ if (interactive) {
+ syslog(LOG_ERR, "setuid(%d): %m", pwd->pw_uid);
+ return (0);
+ } else {
+ fprintf(stderr, "setuid(%d): %s\n", pwd->pw_uid, strerror(errno));
+ return (1);
+ }
}
/* In case we still have the /etc/passwd file still open. */
@@ -123,7 +177,11 @@
/* Run the command and hope for the best. */
- (void) execv(argv[3], argv + 3);
- syslog(LOG_ERR, "%s: %m", argv[3]);
- return (0);
+ (void) execv(argv[3+optstart], argv + 3+optstart);
+ if (interactive) {
+ syslog(LOG_ERR, "%s: %m", argv[3+optstart]);
+ return (0);
+ }
+ fprintf(stderr, "%s: %s", argv[3+optstart], strerror(errno));
+ return (1);
}
