experiments/clixon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

* Added -r command-line option to restconf daemon to NOT lower privileges to wwwuser if started from root.

Browse source
This commit is contained in:
Olof hagsand 2020-09-04 16:25:49 +02:00
parent f524a89b2d
commit ee057d5244
3 changed files with 34 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -52,6 +52,7 @@ Developers may need to change their code
### Minor changes ### Minor changes
* Added `-r` command-line option to restconf daemon to NOT lower privileges to wwwuser if started from root.
* Changed CLI help strings behaviour on query (?) for long and multi-line help strings. * Changed CLI help strings behaviour on query (?) for long and multi-line help strings.
* If multiple strings (eg "\n" in text), indent before each new line * If multiple strings (eg "\n" in text), indent before each new line
* Primarily for auto-cli where long help strings are generated from YANG descriptions, but applies as well for manual long/multi-line help strings * Primarily for auto-cli where long help strings are generated from YANG descriptions, but applies as well for manual long/multi-line help strings

10
apps/restconf/restconf_main_evhtp.c
View file

@ -80,7 +80,7 @@
#include "restconf_root.h" #include "restconf_root.h"
/* Command line options to be passed to getopt(3) */ /* Command line options to be passed to getopt(3) */
#define RESTCONF_OPTS "hD:f:l:p:d:y:a:u:o:P:sc" #define RESTCONF_OPTS "hD:f:l:p:d:y:a:u:ro:scP:"
/* See see listen(5) */ /* See see listen(5) */
#define SOCKET_LISTEN_BACKLOG 16 #define SOCKET_LISTEN_BACKLOG 16
@ -589,6 +589,7 @@ usage(clicon_handle h,
"\t-y <file>\t Load yang spec file (override yang main module)\n" "\t-y <file>\t Load yang spec file (override yang main module)\n"
"\t-a UNIX|IPv4|IPv6 Internal backend socket family\n" "\t-a UNIX|IPv4|IPv6 Internal backend socket family\n"
"\t-u <path|addr>\t Internal socket domain path or IP addr (see -a)\n" "\t-u <path|addr>\t Internal socket domain path or IP addr (see -a)\n"
"\t-r \t\t Do not drop privileges if run as root\n"
"\t-o <option>=<value> Set configuration option overriding config file (see clixon-config.yang)\n" "\t-o <option>=<value> Set configuration option overriding config file (see clixon-config.yang)\n"
"\t-s\t\t SSL server, https\n" "\t-s\t\t SSL server, https\n"
"\t-c\t\t SSL verify client certs\n" "\t-c\t\t SSL verify client certs\n"
@ -629,6 +630,7 @@ main(int argc,
char *restconf_ipv6_addr = NULL; char *restconf_ipv6_addr = NULL;
int i; int i;
struct evhtp_handle *eh = &_EVHTP_HANDLE; struct evhtp_handle *eh = &_EVHTP_HANDLE;
int drop_priveleges = 1;
/* In the startup, logs to stderr & debug flag set later */ /* In the startup, logs to stderr & debug flag set later */
clicon_log_init(__PROGRAM__, LOG_INFO, logdst); clicon_log_init(__PROGRAM__, LOG_INFO, logdst);
@ -724,6 +726,10 @@ main(int argc,
usage(h, argv0); usage(h, argv0);
clicon_option_str_set(h, "CLICON_SOCK", optarg); clicon_option_str_set(h, "CLICON_SOCK", optarg);
break; break;
case 'r':{ /* Do not drop privileges if run as root */
drop_priveleges = 0;
break;
}
case 'o':{ /* Configuration option */ case 'o':{ /* Configuration option */
char *val; char *val;
if ((val = index(optarg, '=')) == NULL) if ((val = index(optarg, '=')) == NULL)
@ -877,9 +883,11 @@ main(int argc,
if (cb) if (cb)
cbuf_free(cb); cbuf_free(cb);
} }
if (drop_priveleges){
/* Drop privileges to WWWUSER if started as root */ /* Drop privileges to WWWUSER if started as root */
if (restconf_drop_privileges(h, WWWUSER) < 0) if (restconf_drop_privileges(h, WWWUSER) < 0)
goto done; goto done;
}
/* Init cligen buffers */ /* Init cligen buffers */
cligen_buflen = clicon_option_int(h, "CLICON_CLI_BUF_START"); cligen_buflen = clicon_option_int(h, "CLICON_CLI_BUF_START");

14
apps/restconf/restconf_main_fcgi.c
View file

@ -88,7 +88,7 @@
#include "restconf_stream.h" #include "restconf_stream.h"
/* Command line options to be passed to getopt(3) */ /* Command line options to be passed to getopt(3) */
#define RESTCONF_OPTS "hD:f:l:p:d:y:a:u:o:" #define RESTCONF_OPTS "hD:f:l:p:d:y:a:u:ro:"
/*! Convert FCGI parameters to clixon runtime data /*! Convert FCGI parameters to clixon runtime data
* @param[in] h Clixon handle * @param[in] h Clixon handle
@ -178,6 +178,7 @@ usage(clicon_handle h,
"\t-y <file>\t Load yang spec file (override yang main module)\n" "\t-y <file>\t Load yang spec file (override yang main module)\n"
"\t-a UNIX|IPv4|IPv6 Internal backend socket family\n" "\t-a UNIX|IPv4|IPv6 Internal backend socket family\n"
"\t-u <path|addr>\t Internal socket domain path or IP addr (see -a)\n" "\t-u <path|addr>\t Internal socket domain path or IP addr (see -a)\n"
"\t-r \t\t Do not drop privileges if run as root\n"
"\t-o \"<option>=<value>\" Give configuration option overriding config file (see clixon-config.yang)\n", "\t-o \"<option>=<value>\" Give configuration option overriding config file (see clixon-config.yang)\n",
argv0, argv0,
clicon_restconf_dir(h) clicon_restconf_dir(h)
@ -213,6 +214,7 @@ main(int argc,
size_t cligen_buflen; size_t cligen_buflen;
size_t cligen_bufthreshold; size_t cligen_bufthreshold;
int dbg = 0; int dbg = 0;
int drop_priveleges = 1;
/* In the startup, logs to stderr & debug flag set later */ /* In the startup, logs to stderr & debug flag set later */
clicon_log_init(__PROGRAM__, LOG_INFO, logdst); clicon_log_init(__PROGRAM__, LOG_INFO, logdst);
@ -301,6 +303,10 @@ main(int argc,
usage(h, argv[0]); usage(h, argv[0]);
clicon_option_str_set(h, "CLICON_SOCK", optarg); clicon_option_str_set(h, "CLICON_SOCK", optarg);
break; break;
case 'r':{ /* Do not drop privileges if run as root */
drop_priveleges = 0;
break;
}
case 'o':{ /* Configuration option */ case 'o':{ /* Configuration option */
char *val; char *val;
if ((val = index(optarg, '=')) == NULL) if ((val = index(optarg, '=')) == NULL)
@ -423,8 +429,6 @@ main(int argc,
clicon_err(OE_CFG, errno, "FCGX_OpenSocket"); clicon_err(OE_CFG, errno, "FCGX_OpenSocket");
goto done; goto done;
} }
#if 1
{
/* Change group of fcgi sock fronting reverse proxy to WWWUSER, the effective group is clicon /* Change group of fcgi sock fronting reverse proxy to WWWUSER, the effective group is clicon
* which is backend. */ * which is backend. */
gid_t wgid = -1; gid_t wgid = -1;
@ -436,8 +440,6 @@ main(int argc,
clicon_err(OE_CFG, errno, "chown"); clicon_err(OE_CFG, errno, "chown");
goto done; goto done;
} }
}
#endif
if (clicon_socket_set(h, sock) < 0) if (clicon_socket_set(h, sock) < 0)
goto done; goto done;
/* umask settings may interfer: we want group to write: this is 774 */ /* umask settings may interfer: we want group to write: this is 774 */
@ -445,9 +447,11 @@ main(int argc,
clicon_err(OE_UNIX, errno, "chmod"); clicon_err(OE_UNIX, errno, "chmod");
goto done; goto done;
} }
if (drop_priveleges){
/* Drop privileges to WWWUSER if started as root */ /* Drop privileges to WWWUSER if started as root */
if (restconf_drop_privileges(h, WWWUSER) < 0) if (restconf_drop_privileges(h, WWWUSER) < 0)
goto done; goto done;
}
if (FCGX_InitRequest(req, sock, 0) != 0){ if (FCGX_InitRequest(req, sock, 0) != 0){
clicon_err(OE_CFG, errno, "FCGX_InitRequest"); clicon_err(OE_CFG, errno, "FCGX_InitRequest");
goto done; goto done;