676aef1290
* Add missing tools: conntrack, dhcp_release(6), dhcp_lease_time * Patch dnsmasq to drop setuid Change-Id: I1c2d9d8e0e30a4ca0c9bf67ad50782b448505e86
114 lines
3.4 KiB
Diff
114 lines
3.4 KiB
Diff
Description: Drop code where dnsmasq drops privileges from root.
|
|
This code isn't required because in strict mode we run worker
|
|
processes as root:root and setuid is not allowed by the current
|
|
plugs.
|
|
Author: Corey Bryant <corey.bryant@canonical.com>
|
|
Forwarded: no
|
|
|
|
---
|
|
src/dnsmasq.c | 88 -----------------------------------------------------------
|
|
1 file changed, 88 deletions(-)
|
|
|
|
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
|
|
index 045ec53..4fe5531 100644
|
|
--- a/src/dnsmasq.c
|
|
+++ b/src/dnsmasq.c
|
|
@@ -578,94 +578,6 @@ int main (int argc, char **argv)
|
|
daemon->helperfd = create_helper(pipewrite, err_pipe[1], script_uid, script_gid, max_fd);
|
|
#endif
|
|
|
|
- if (!option_bool(OPT_DEBUG) && getuid() == 0)
|
|
- {
|
|
- int bad_capabilities = 0;
|
|
- gid_t dummy;
|
|
-
|
|
- /* remove all supplimentary groups */
|
|
- if (gp &&
|
|
- (setgroups(0, &dummy) == -1 ||
|
|
- setgid(gp->gr_gid) == -1))
|
|
- {
|
|
- send_event(err_pipe[1], EVENT_GROUP_ERR, errno, daemon->groupname);
|
|
- _exit(0);
|
|
- }
|
|
-
|
|
- if (ent_pw && ent_pw->pw_uid != 0)
|
|
- {
|
|
-#if defined(HAVE_LINUX_NETWORK)
|
|
- /* On linux, we keep CAP_NETADMIN (for ARP-injection) and
|
|
- CAP_NET_RAW (for icmp) if we're doing dhcp. If we have yet to bind
|
|
- ports because of DAD, or we're doing it dynamically,
|
|
- we need CAP_NET_BIND_SERVICE too. */
|
|
- if (is_dad_listeners() || option_bool(OPT_CLEVERBIND))
|
|
- data->effective = data->permitted = data->inheritable =
|
|
- (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) |
|
|
- (1 << CAP_SETUID) | (1 << CAP_NET_BIND_SERVICE);
|
|
- else
|
|
- data->effective = data->permitted = data->inheritable =
|
|
- (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID);
|
|
-
|
|
- /* Tell kernel to not clear capabilities when dropping root */
|
|
- if (capset(hdr, data) == -1 || prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1)
|
|
- bad_capabilities = errno;
|
|
-
|
|
-#elif defined(HAVE_SOLARIS_NETWORK)
|
|
- /* http://developers.sun.com/solaris/articles/program_privileges.html */
|
|
- priv_set_t *priv_set;
|
|
-
|
|
- if (!(priv_set = priv_str_to_set("basic", ",", NULL)) ||
|
|
- priv_addset(priv_set, PRIV_NET_ICMPACCESS) == -1 ||
|
|
- priv_addset(priv_set, PRIV_SYS_NET_CONFIG) == -1)
|
|
- bad_capabilities = errno;
|
|
-
|
|
- if (priv_set && bad_capabilities == 0)
|
|
- {
|
|
- priv_inverse(priv_set);
|
|
-
|
|
- if (setppriv(PRIV_OFF, PRIV_LIMIT, priv_set) == -1)
|
|
- bad_capabilities = errno;
|
|
- }
|
|
-
|
|
- if (priv_set)
|
|
- priv_freeset(priv_set);
|
|
-
|
|
-#endif
|
|
-
|
|
- if (bad_capabilities != 0)
|
|
- {
|
|
- send_event(err_pipe[1], EVENT_CAP_ERR, bad_capabilities, NULL);
|
|
- _exit(0);
|
|
- }
|
|
-
|
|
- /* finally drop root */
|
|
- if (setuid(ent_pw->pw_uid) == -1)
|
|
- {
|
|
- send_event(err_pipe[1], EVENT_USER_ERR, errno, daemon->username);
|
|
- _exit(0);
|
|
- }
|
|
-
|
|
-#ifdef HAVE_LINUX_NETWORK
|
|
- if (is_dad_listeners() || option_bool(OPT_CLEVERBIND))
|
|
- data->effective = data->permitted =
|
|
- (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_NET_BIND_SERVICE);
|
|
- else
|
|
- data->effective = data->permitted =
|
|
- (1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW);
|
|
- data->inheritable = 0;
|
|
-
|
|
- /* lose the setuid and setgid capbilities */
|
|
- if (capset(hdr, data) == -1)
|
|
- {
|
|
- send_event(err_pipe[1], EVENT_CAP_ERR, errno, NULL);
|
|
- _exit(0);
|
|
- }
|
|
-#endif
|
|
-
|
|
- }
|
|
- }
|
|
-
|
|
#ifdef HAVE_LINUX_NETWORK
|
|
free(hdr);
|
|
free(data);
|
|
--
|
|
2.11.0
|
|
|