kylekrein/live-bootstrap
1
0
Fork 0
mirror of https://github.com/fosslinux/live-bootstrap.git synced 2026-03-23 11:36:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

improve error handling

Browse source
This commit is contained in:
MaxHearnden 2023-11-28 04:24:18 +00:00
parent f3cf29ed11
commit b7c57cac8b
1 changed files with 92 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

138
sysa/wrap.c
View file

@ -228,17 +228,6 @@ int chroot(char *path) {
#else #else
// From bootstrappable.c in M2libc
void require(int bool, char* error)
{
if(!bool)
{
fputs(error, stderr);
exit(EXIT_FAILURE);
}
}
extern int unshare(int flags); extern int unshare(int flags);
extern int mount(const char *source, const char *target, extern int mount(const char *source, const char *target,
@ -246,9 +235,57 @@ extern int mount(const char *source, const char *target,
#endif #endif
void touch(char *path) {
int fd = open(path, O_CREAT, 0777);
if (fd == -1) {
fputs("Failed to create file ", stderr);
fputs(path, stderr);
fputc('\n', stderr);
exit(EXIT_FAILURE);
}
if (close(fd) != 0) {
fputs("Failed to close file ", stderr);
fputs(path, stderr);
fputc('\n', stderr);
exit(EXIT_FAILURE);
}
}
void mkmount(
char *source, char *target, char *filesystemtype,
unsigned mountflags, void *data, int type
) {
int r = 0;
if (type) {
r = mkdir(target, 0755);
} else {
touch(target);
}
if (r != 0 && r != -17) {
fputs("Failed to create mountpoint ", stderr);
fputs(target, stderr);
fputc('\n', stderr);
exit(EXIT_FAILURE);
}
r = mount(source, target, filesystemtype, mountflags, data);
if (r != 0) {
fputs("Failed to mount directory ", stderr);
fputs(target, stderr);
fputc('\n', stderr);
exit(EXIT_FAILURE);
}
}
void set_map(int parent_id, char *path) { void set_map(int parent_id, char *path) {
int fd = open(path, O_WRONLY, 0); int fd = open(path, O_WRONLY, 0);
require(fd != -1, "Cannot open map file"); if (fd == -1) {
fputs("Failed to open map file ", stderr);
fputs(path, stderr);
fputc('\n', stderr);
exit(EXIT_FAILURE);
}
char *map_contents = calloc(38, sizeof(char)); char *map_contents = calloc(38, sizeof(char));
@ -266,21 +303,21 @@ void set_map(int parent_id, char *path) {
close(fd); close(fd);
} }
void touch(char *path) {
int fd = open(path, O_CREAT, 0777);
require(fd != -1, "Cannot open file");
close(fd);
}
void deny_setgroups() { void deny_setgroups() {
int fd = open("/proc/self/setgroups", O_WRONLY, 0777); int fd = open("/proc/self/setgroups", O_WRONLY, 0777);
require(fd != -1, "Failed to open /proc/self/setgroups"); if(fd == -1) {
fputs("Failed to open /proc/self/setgroups\n", stderr);
exit(EXIT_FAILURE);
}
write(fd, "deny", 4); write(fd, "deny", 4);
close(fd); close(fd);
} }
int main(int argc, char **argv) { int main(int argc, char **argv) {
require(argc > 1, "Expected at least one argument: command"); if(argc <= 1) {
fputs("Expected at least one argument: command\n", stderr);
exit(EXIT_FAILURE);
}
char *cwd = get_current_dir_name(); char *cwd = get_current_dir_name();
/* Do nothing if cwd is already root */ /* Do nothing if cwd is already root */
if (strcmp(cwd, "/")) { if (strcmp(cwd, "/")) {
@ -288,7 +325,10 @@ int main(int argc, char **argv) {
int gid = getegid(); int gid = getegid();
/* Don't create a user and mount namespace if we are already root */ /* Don't create a user and mount namespace if we are already root */
if (uid != 0) { if (uid != 0) {
require(unshare(CLONE_NEWUSER | CLONE_NEWNS) == 0, "Failed to create user and mount namespaces"); if (unshare(CLONE_NEWUSER | CLONE_NEWNS) != 0) {
fputs("Failed to create user and mount namespaces\n", stderr);
exit(EXIT_FAILURE);
}
/* Prevent the use of setgroups and make gid_map writeable */ /* Prevent the use of setgroups and make gid_map writeable */
deny_setgroups(); deny_setgroups();
/* Map the root user in the user namespace to our user id */ /* Map the root user in the user namespace to our user id */
@ -296,40 +336,43 @@ int main(int argc, char **argv) {
/* Map the root group in the user namespace to our group id */ /* Map the root group in the user namespace to our group id */
set_map(gid, "/proc/self/gid_map"); set_map(gid, "/proc/self/gid_map");
} }
mkdir ("dev", 0755); int r = mkdir("dev", 0755);
touch ("dev/null"); if (r != 0 && r != -17) {
mount ("/dev/null", "dev/null", "", MS_BIND, NULL); fputs("Failed to create dev folder\n", stderr);
touch ("dev/zero"); exit(EXIT_FAILURE);
mount ("/dev/zero", "dev/zero", "", MS_BIND, NULL); }
touch ("dev/random"); mkmount ("/dev/null", "dev/null", "", MS_BIND, NULL, 0);
mount ("/dev/random", "dev/random", "", MS_BIND, NULL); mkmount ("/dev/zero", "dev/zero", "", MS_BIND, NULL, 0);
touch ("dev/urandom"); mkmount ("/dev/random", "dev/random", "", MS_BIND, NULL, 0);
mount ("/dev/urandom", "dev/urandom", "", MS_BIND, NULL); mkmount ("/dev/urandom", "dev/urandom", "", MS_BIND, NULL, 0);
touch ("dev/ptmx"); mkmount ("/dev/ptmx", "dev/ptmx", "", MS_BIND, NULL, 0);
mount ("/dev/ptmx", "dev/ptmx", "", MS_BIND, NULL); mkmount ("/dev/tty", "dev/tty", "", MS_BIND, NULL, 0);
touch ("dev/tty"); mkmount ("tmpfs", "dev/shm", "tmpfs", 0, NULL, 1);
mount ("/dev/tty", "dev/tty", "", MS_BIND, NULL); mkmount ("/proc", "proc", "", MS_BIND | MS_REC, NULL, 1);
mkdir ("dev/shm", 0755); mkmount ("/sys", "sys", "", MS_BIND | MS_REC, NULL, 1);
mount ("tmpfs", "dev/shm", "tmpfs", 0, NULL); mkmount ("tmpfs", "tmp", "tmpfs", 0, NULL, 1);
mkdir ("proc", 0755); if (chroot (".") != 0) {
mount ("/proc", "proc", "", MS_BIND | MS_REC, NULL); fputs("Failed to chroot into .\n", stderr);
mkdir ("sys", 0755); exit(EXIT_FAILURE);
mount ("/sys", "sys", "", MS_BIND | MS_REC, NULL); }
mkdir ("tmp", 0755);
mount ("tmpfs", "tmp", "tmpfs", 0, NULL);
chroot (".");
} }
free(cwd); free(cwd);
char **newenv = malloc(3 * sizeof(char *)); char **newenv = malloc(3 * sizeof(char *));
int newenv_index = 0; int newenv_index = 0;
require(newenv != NULL, "Failed to allocate space for new environment."); if (newenv == NULL) {
fputs("Failed to allocate space for new environment\n", stderr);
exit(EXIT_FAILURE);
}
char *ARCH = getenv("ARCH"); char *ARCH = getenv("ARCH");
if (ARCH != NULL) { if (ARCH != NULL) {
newenv[0] = malloc(6 + strlen(ARCH)); newenv[0] = malloc(6 + strlen(ARCH));
require(newenv[0] != NULL, "Failed to allocate space for new environment."); if (newenv[0] == NULL) {
fputs("Failed to allocate space for new environment\n", stderr);
exit(EXIT_FAILURE);
}
strcpy(newenv[0], "ARCH="); strcpy(newenv[0], "ARCH=");
strcpy(newenv[0] + 5, ARCH); strcpy(newenv[0] + 5, ARCH);
newenv_index += 1; newenv_index += 1;
@ -338,7 +381,10 @@ int main(int argc, char **argv) {
char *ARCH_DIR = getenv("ARCH_DIR"); char *ARCH_DIR = getenv("ARCH_DIR");
if (ARCH_DIR != NULL) { if (ARCH_DIR != NULL) {
newenv[newenv_index] = malloc(10 + strlen(ARCH_DIR)); newenv[newenv_index] = malloc(10 + strlen(ARCH_DIR));
require(newenv[newenv_index] != NULL, "Failed to allocate space for new environment."); if (newenv[newenv_index] == NULL) {
fputs("Failed to allocate space for new environment\n", stderr);
exit(EXIT_FAILURE);
}
strcpy(newenv[newenv_index], "ARCH_DIR="); strcpy(newenv[newenv_index], "ARCH_DIR=");
strcpy(newenv[newenv_index] + 9, ARCH_DIR); strcpy(newenv[newenv_index] + 9, ARCH_DIR);
newenv_index += 1; newenv_index += 1;