This is an automated email from the git hooks/post-receive script.
rharwood pushed a commit to branch master in repository gssproxy.
commit f03d9b7451781877053cd0ebcb9ace1ba64176e6 Author: Stanislav Levin slev@altlinux.org AuthorDate: Sat Dec 29 11:56:30 2018 +0300
Make build with capabilities optional
Fixes: https://pagure.io/gssproxy/issue/239 Signed-off-by: Stanislav Levin slev@altlinux.org [rharwood@redhat.com: rebase, commit message] Reviewed-by: Robbie Harwood rharwood@redhat.com Reviewed-by: Simo Sorce simo@redhat.com --- Makefile.am | 6 +++++- conf_macros.m4 | 17 +++++++++++++++++ configure.ac | 15 +++++++++------ src/gp_init.c | 19 ++++++++++++++++--- src/gp_proxy.h | 2 ++ 5 files changed, 49 insertions(+), 10 deletions(-)
diff --git a/Makefile.am b/Makefile.am index 3595963..408391d 100644 --- a/Makefile.am +++ b/Makefile.am @@ -88,12 +88,16 @@ AM_CPPFLAGS += \ -DSYSCONFDIR="$(sysconfdir)" \ -DLOCALEDIR="$(localedir)"
-GSS_PROXY_LIBS = $(POPT_LIBS) $(KRB5_LIBS) $(VERTO_LIBS) $(INI_LIBS) $(GSSAPI_LIBS) $(GSSRPC_LIBS) $(CAP_LIBS) +GSS_PROXY_LIBS = $(POPT_LIBS) $(KRB5_LIBS) $(VERTO_LIBS) $(INI_LIBS) $(GSSAPI_LIBS) $(GSSRPC_LIBS)
if BUILD_SELINUX GSS_PROXY_LIBS += $(SELINUX_LIBS) endif
+if HAVE_CAP + GSS_PROXY_LIBS += $(CAP_LIBS) +endif + GP_RPCGEN_OBJ = rpcgen/gp_rpc_xdr.c rpcgen/gss_proxy_xdr.c rpcgen/gp_xdr.c GP_RPCCLI_OBJ = \ src/client/gpm_display_status.c \ diff --git a/conf_macros.m4 b/conf_macros.m4 index ceb46a7..d81792b 100644 --- a/conf_macros.m4 +++ b/conf_macros.m4 @@ -274,3 +274,20 @@ AC_DEFUN([WITH_HARDENING], ) AM_CONDITIONAL([BUILD_HARDENING], [test x"$with_hardening" = xyes]) ]) + +AC_DEFUN([WITH_CAP], + [ AC_ARG_WITH([cap], + [AC_HELP_STRING([--with-cap], + [Whether to build with libcap [no]] + ) + ], + [], + with_cap=no + ) + if test x"$with_cap" = xyes; then + HAVE_CAP=1 + AC_SUBST(HAVE_CAP) + AC_DEFINE_UNQUOTED([HAVE_CAP], [1], [Build with capabilities support]) + fi + ]) +AM_CONDITIONAL([HAVE_CAP], [test x$with_cap = xyes]) diff --git a/configure.ac b/configure.ac index a7f6aaf..4fbe5bf 100644 --- a/configure.ac +++ b/configure.ac @@ -280,12 +280,15 @@ AC_CHECK_LIB(gssrpc, gssrpc_xdrmem_create,, [$GSSAPI_LIBS $GSSRPC_LIBS]) AC_SUBST([GSSRPC_LIBS])
-AC_CHECK_FUNC([prctl],,[AC_MSG_ERROR([Failed to find prctl])]) -AC_CHECK_LIB([cap], [cap_set_proc],[CAP_LIBS=-lcap], - [AC_MSG_ERROR(["Failed to find libcap symbols"])]) -AC_SUBST([CAP_LIBS]) -AC_CHECK_HEADERS([sys/capability.h],, - [AC_MSG_ERROR([Could not find libcap headers])]) +WITH_CAP +if test x$HAVE_CAP != x; then + AC_CHECK_FUNC([prctl],,[AC_MSG_ERROR([Failed to find prctl])]) + AC_CHECK_LIB([cap], [cap_set_proc],[CAP_LIBS=-lcap], + [AC_MSG_ERROR(["Failed to find libcap symbols"])]) + AC_SUBST([CAP_LIBS]) + AC_CHECK_HEADERS([sys/capability.h],, + [AC_MSG_ERROR([Could not find libcap headers])]) +fi
AC_CHECK_FUNCS([__secure_getenv secure_getenv])
diff --git a/src/gp_init.c b/src/gp_init.c index 47a461c..6dc2398 100644 --- a/src/gp_init.c +++ b/src/gp_init.c @@ -1,21 +1,28 @@ /* Copyright (C) 2011,2015 the GSS-PROXY contributors, see COPYING for license */
+#include <config.h> + #include <errno.h> #include <fcntl.h> #include <grp.h> -#include <linux/capability.h> #include <locale.h> #include <pwd.h> #include <signal.h> #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <sys/capability.h> -#include <sys/prctl.h> #include <sys/stat.h> #include <sys/types.h> #include <unistd.h>
+#ifdef HAVE_CAP + +#include <linux/capability.h> +#include <sys/capability.h> +#include <sys/prctl.h> + +#endif + #include "gp_proxy.h"
void init_server(bool daemonize, int *wait_fd) @@ -227,6 +234,7 @@ int drop_privs(struct gp_config *cfg) return 0; }
+#ifdef HAVE_CAP /* Retain capabilities when changing UID to non-zero. We drop the ones we * don't need after the switch. */ ret = prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); @@ -236,6 +244,7 @@ int drop_privs(struct gp_config *cfg) ret, gp_strerror(ret)); return ret; } +#endif
ret = getpwnam_r(cfg->proxy_user, &pws, buf, 2048, &pw); if (ret) { @@ -267,6 +276,7 @@ int drop_privs(struct gp_config *cfg) return ret; }
+#ifdef HAVE_CAP /* Now drop the capabilities we don't need, and turn PR_SET_KEEPCAPS back * off. */ ret = drop_caps(); @@ -280,10 +290,12 @@ int drop_privs(struct gp_config *cfg) ret, gp_strerror(ret)); return ret; } +#endif
return 0; }
+#ifdef HAVE_CAP /* Remove all capabilties from the process. (In order to manipulate our * capability set, we need to have CAP_SETPCAP.) */ int clear_bound_caps() @@ -403,3 +415,4 @@ done: } return ret; } +#endif diff --git a/src/gp_proxy.h b/src/gp_proxy.h index 8763bcf..8ccb5ab 100644 --- a/src/gp_proxy.h +++ b/src/gp_proxy.h @@ -102,8 +102,10 @@ verto_ctx *init_event_loop(void); void init_proc_nfsd(struct gp_config *cfg); void write_pid(void); int drop_privs(struct gp_config *cfg); +#ifdef HAVE_CAP int drop_caps(void); int clear_bound_caps(void); +#endif
/* from gp_socket.c */ void free_unix_socket(verto_ctx *ctx, verto_ev *ev);