190 lines
4.9 KiB
Diff
190 lines
4.9 KiB
Diff
|
diff -uNr dhcp-4.0.0.ORIG/configure.ac dhcp-4.0.0/configure.ac
|
||
|
--- dhcp-4.0.0.ORIG/configure.ac 2008-09-02 10:57:37.000000000 +0100
|
||
|
+++ dhcp-4.0.0/configure.ac 2008-09-02 11:00:27.000000000 +0100
|
||
|
@@ -30,6 +30,17 @@
|
||
|
[Define to BIG_ENDIAN for MSB (Motorola or SPARC CPUs)
|
||
|
or LITTLE_ENDIAN for LSB (Intel CPUs).])
|
||
|
|
||
|
+# Paranoia/early chrooting is off by default
|
||
|
+AC_ARG_ENABLE(paranoia,
|
||
|
+ AC_HELP_STRING([--enable-paranoia],
|
||
|
+ [enable support for early chroot (default is no)]))
|
||
|
+if test "$enable_paranoia" != "no"; then
|
||
|
+ AC_DEFINE([PARANOIA], [1],
|
||
|
+ [Define to enable paranoia.])
|
||
|
+ AC_DEFINE([EARLY_CHROOT], [1],
|
||
|
+ [Define to 1 to chroot early.])
|
||
|
+fi
|
||
|
+
|
||
|
# DHCPv6 is off by default
|
||
|
AC_ARG_ENABLE(dhcpv6,
|
||
|
AC_HELP_STRING([--enable-dhcpv6],
|
||
|
diff -uNr dhcp-4.0.0.ORIG/server/dhcpd.c dhcp-4.0.0/server/dhcpd.c
|
||
|
--- dhcp-4.0.0.ORIG/server/dhcpd.c 2008-09-02 10:57:37.000000000 +0100
|
||
|
+++ dhcp-4.0.0/server/dhcpd.c 2008-09-02 10:57:54.000000000 +0100
|
||
|
@@ -46,6 +46,16 @@
|
||
|
#include <sys/types.h>
|
||
|
#include <signal.h>
|
||
|
|
||
|
+#if defined (PARANOIA)
|
||
|
+# include <sys/types.h>
|
||
|
+# include <unistd.h>
|
||
|
+# include <pwd.h>
|
||
|
+/* get around the ISC declaration of group */
|
||
|
+# define group real_group
|
||
|
+# include <grp.h>
|
||
|
+# undef group
|
||
|
+#endif /* PARANOIA */
|
||
|
+
|
||
|
static void usage(void);
|
||
|
|
||
|
struct iaddr server_identifier;
|
||
|
@@ -195,6 +205,21 @@
|
||
|
omapi_object_dereference (&listener, MDL);
|
||
|
}
|
||
|
|
||
|
+#if defined (PARANOIA)
|
||
|
+/* to be used in one of two possible scenarios */
|
||
|
+static void setup_chroot (char *chroot_dir) {
|
||
|
+ if (geteuid())
|
||
|
+ log_fatal ("you must be root to use chroot");
|
||
|
+ if (chroot(chroot_dir)) {
|
||
|
+ log_fatal ("chroot(\"%s\"): %m", chroot_dir);
|
||
|
+ }
|
||
|
+ if (chdir ("/")) {
|
||
|
+ /* probably permission denied */
|
||
|
+ log_fatal ("chdir(\"/\"): %m");
|
||
|
+ }
|
||
|
+}
|
||
|
+#endif /* PARANOIA */
|
||
|
+
|
||
|
#ifndef UNIT_TEST
|
||
|
int
|
||
|
main(int argc, char **argv) {
|
||
|
@@ -224,6 +249,14 @@
|
||
|
char *traceinfile = (char *)0;
|
||
|
char *traceoutfile = (char *)0;
|
||
|
#endif
|
||
|
+#if defined (PARANOIA)
|
||
|
+ char *set_user = 0;
|
||
|
+ char *set_group = 0;
|
||
|
+ char *set_chroot = 0;
|
||
|
+
|
||
|
+ uid_t set_uid = 0;
|
||
|
+ gid_t set_gid = 0;
|
||
|
+#endif /* PARANOIA */
|
||
|
|
||
|
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
|
||
|
2 (stderr) are open. To do this, we assume that when we
|
||
|
@@ -284,6 +317,20 @@
|
||
|
if (++i == argc)
|
||
|
usage ();
|
||
|
server = argv [i];
|
||
|
+#if defined (PARANOIA)
|
||
|
+ } else if (!strcmp (argv [i], "-user")) {
|
||
|
+ if (++i == argc)
|
||
|
+ usage ();
|
||
|
+ set_user = argv [i];
|
||
|
+ } else if (!strcmp (argv [i], "-group")) {
|
||
|
+ if (++i == argc)
|
||
|
+ usage ();
|
||
|
+ set_group = argv [i];
|
||
|
+ } else if (!strcmp (argv [i], "-chroot")) {
|
||
|
+ if (++i == argc)
|
||
|
+ usage ();
|
||
|
+ set_chroot = argv [i];
|
||
|
+#endif /* PARANOIA */
|
||
|
} else if (!strcmp (argv [i], "-cf")) {
|
||
|
if (++i == argc)
|
||
|
usage ();
|
||
|
@@ -438,6 +485,44 @@
|
||
|
trace_seed_stop, MDL);
|
||
|
#endif
|
||
|
|
||
|
+#if defined (PARANOIA)
|
||
|
+ /* get user and group info if those options were given */
|
||
|
+ if (set_user) {
|
||
|
+ struct passwd *tmp_pwd;
|
||
|
+
|
||
|
+ if (geteuid())
|
||
|
+ log_fatal ("you must be root to set user");
|
||
|
+
|
||
|
+ if (!(tmp_pwd = getpwnam(set_user)))
|
||
|
+ log_fatal ("no such user: %s", set_user);
|
||
|
+
|
||
|
+ set_uid = tmp_pwd->pw_uid;
|
||
|
+
|
||
|
+ /* use the user's group as the default gid */
|
||
|
+ if (!set_group)
|
||
|
+ set_gid = tmp_pwd->pw_gid;
|
||
|
+ }
|
||
|
+
|
||
|
+ if (set_group) {
|
||
|
+/* get around the ISC declaration of group */
|
||
|
+#define group real_group
|
||
|
+ struct group *tmp_grp;
|
||
|
+
|
||
|
+ if (geteuid())
|
||
|
+ log_fatal ("you must be root to set group");
|
||
|
+
|
||
|
+ if (!(tmp_grp = getgrnam(set_group)))
|
||
|
+ log_fatal ("no such group: %s", set_group);
|
||
|
+
|
||
|
+ set_gid = tmp_grp->gr_gid;
|
||
|
+#undef group
|
||
|
+ }
|
||
|
+
|
||
|
+# if defined (EARLY_CHROOT)
|
||
|
+ if (set_chroot) setup_chroot (set_chroot);
|
||
|
+# endif /* EARLY_CHROOT */
|
||
|
+#endif /* PARANOIA */
|
||
|
+
|
||
|
/* Default to the DHCP/BOOTP port. */
|
||
|
if (!local_port)
|
||
|
{
|
||
|
@@ -576,6 +661,10 @@
|
||
|
|
||
|
postconf_initialization (quiet);
|
||
|
|
||
|
+#if defined (PARANOIA) && !defined (EARLY_CHROOT)
|
||
|
+ if (set_chroot) setup_chroot (set_chroot);
|
||
|
+#endif /* PARANOIA && !EARLY_CHROOT */
|
||
|
+
|
||
|
/* test option should cause an early exit */
|
||
|
if (cftest && !lftest)
|
||
|
exit(0);
|
||
|
@@ -659,6 +748,22 @@
|
||
|
exit (0);
|
||
|
}
|
||
|
|
||
|
+#if defined (PARANOIA)
|
||
|
+ /* change uid to the specified one */
|
||
|
+
|
||
|
+ if (set_gid) {
|
||
|
+ if (setgroups (0, (void *)0))
|
||
|
+ log_fatal ("setgroups: %m");
|
||
|
+ if (setgid (set_gid))
|
||
|
+ log_fatal ("setgid(%d): %m", (int) set_gid);
|
||
|
+ }
|
||
|
+
|
||
|
+ if (set_uid) {
|
||
|
+ if (setuid (set_uid))
|
||
|
+ log_fatal ("setuid(%d): %m", (int) set_uid);
|
||
|
+ }
|
||
|
+#endif /* PARANOIA */
|
||
|
+
|
||
|
/* Read previous pid file. */
|
||
|
if ((i = open (path_dhcpd_pid, O_RDONLY)) >= 0) {
|
||
|
status = read(i, pbuf, (sizeof pbuf) - 1);
|
||
|
@@ -1039,6 +1144,10 @@
|
||
|
#else /* !DHCPv6 */
|
||
|
" [-cf config-file] [-lf lease-file]\n"
|
||
|
#endif /* DHCPv6 */
|
||
|
+#if defined (PARANOIA)
|
||
|
+ /* meld into the following string */
|
||
|
+ "\n [-user user] [-group group] [-chroot dir]"
|
||
|
+#endif /* PARANOIA */
|
||
|
#if defined (TRACING)
|
||
|
" [-tf trace-output-file]\n"
|
||
|
" [-play trace-input-file]\n"
|