marko10_000
/
flatpak-builder
forked from Mirrors/flatpak-builder
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add support for --with-priv-mode=caps 

This allows you to set the privs for the helper via file
capabilities instead of setuid.
You can also set the mode to none, but then you have to
manually set either setuid or filecaps (for instance via
a packaging script).
tingping/wmclass
Alexander Larsson 2015-02-08 23:37:47 +01:00
parent c8dd341440
commit 4ff10fee86
3 changed files with 24 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile.am
View File

@ -97,8 +97,14 @@ xdg_app_LDADD = $(BASE_LIBS) $(OSTREE_LIBS) $(SOUP_LIBS)
xdg_app_CFLAGS = $(BASE_CFLAGS) $(OSTREE_CFLAGS) $(SOUP_CFLAGS)
install-exec-hook:
if PRIV_MODE_SETUID
$(SUDO_BIN) chown root $(DESTDIR)$(bindir)/xdg-app-helper
$(SUDO_BIN) chmod u+s $(DESTDIR)$(bindir)/xdg-app-helper
else
if PRIV_MODE_FILECAPS
$(SUDO_BIN) setcap cap_sys_admin,cap_mknod+ep /gnome/bin/xdg-app-helper
endif
endif
completiondir = $(datadir)/bash-completion/completions
completion_DATA = completion/xdg-app

9
configure.ac
View File

@ -48,6 +48,15 @@ PKG_CHECK_MODULES(OSTREE, [libgsystem >= 2015.1 ostree-1 >= 2015.1])
AC_SUBST(OSTREE_CFLAGS)
AC_SUBST(OSTREE_LIBS)
AC_ARG_WITH(priv-mode,
AS_HELP_STRING([--with-priv-mode=setuid/caps/none],
[How to gain privileges]),
[],
[with_priv_mode="setuid"])
AM_CONDITIONAL(PRIV_MODE_SETUID, test "x$with_priv_mode" = "xsetuid")
AM_CONDITIONAL(PRIV_MODE_FILECAPS, test "x$with_priv_mode" = "xcaps")
AC_ARG_ENABLE(sudo,
AS_HELP_STRING([--enable-sudo],[Use sudo to set setuid flags on binaries during install]),
[SUDO_BIN="sudo"], [SUDO_BIN=""])

15
xdg-app-helper.c
View File

@ -1074,13 +1074,16 @@ acquire_caps (void)
struct __user_cap_header_struct hdr;
struct __user_cap_data_struct data;
/* Tell kernel not clear capabilities when dropping root */
if (prctl (PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0)
die_with_error ("prctl(PR_SET_KEEPCAPS) failed");
if (getuid () != geteuid ())
{
/* Tell kernel not clear capabilities when dropping root */
if (prctl (PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0)
die_with_error ("prctl(PR_SET_KEEPCAPS) failed");
/* Drop root uid, but retain the required permitted caps */
if (setuid (getuid ()) < 0)
die_with_error ("unable to drop privs");
/* Drop root uid, but retain the required permitted caps */
if (setuid (getuid ()) < 0)
die_with_error ("unable to drop privs");
}
memset (&hdr, 0, sizeof(hdr));
hdr.version = _LINUX_CAPABILITY_VERSION;