Module: OsCtld::SwitchUser

Extended by:

OsCtl::Lib::Utils::System

Includes:

OsCtl::Lib::Utils::Log

Defined in:

lib/osctld/switch_user.rb

Constant Summary

SYSTEM_PATH =

%w(/bin /usr/bin /sbin /usr/sbin /run/current-system/sw/bin)

Class Method Summary

• .apply_prlimits(pid, prlimits) ⇒ Object

  Apply process resource limits.

• .close_fds(except: []) ⇒ Object

  Close open file descriptors.

• .fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block) ⇒ Object

  Fork a process running as unprivileged user.

• .switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}) ⇒ Object

  Switch the current process to an unprivileged user.

• .switch_to_system(sysuser, uid, gid, homedir) ⇒ Object

  Switch the current process to an unprivileged users, but do not change cgroups.

• .walk_fds {|fd| ... } ⇒ Object

  Yield all open file descriptors.

Class Method Details

.apply_prlimits(pid, prlimits) ⇒ Object

Apply process resource limits

Parameters:

• pid (Integer)
• prlimits (Hash)

# File 'lib/osctld/switch_user.rb', line 109

def self.apply_prlimits(pid, prlimits)
  prlimits.each do |name, limit|
    PrLimits.set(
      pid,
      PrLimits.resource_to_const(name),
      limit[:soft],
      limit[:hard]
    )
  end
end

.close_fds(except: []) ⇒ Object

Close open file descriptors

Parameters:

• except (Array<IO, Integer>) (defaults to: [])

# File 'lib/osctld/switch_user.rb', line 122

def self.close_fds(except: [])
  except_filenos = except.map do |v|
    if v.is_a?(::IO)
      v.fileno
    else
      v
    end
  end

  walk_fds do |fd|
    next if except_filenos.include?(fd)

    begin
      IO.new(fd).close
    rescue ArgumentError, Errno::EBADF
    end
  end
end

.fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block) ⇒ Object

Fork a process running as unprivileged user

Parameters:

• sysuser (String)
• ugid (Integer)
• homedir (String)
• cgroup_path (String)
• opts (Hash) (defaults to: {}) —

  options

Options Hash (opts):

• :chown_cgroups (Boolean) — default: true
• :prlimits (Hash)
• :oom_score_adj (Integer, nil)

# File 'lib/osctld/switch_user.rb', line 21

def self.fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block)
  r, w = IO.pipe

  keep_fds = (opts[:keep_fds] || []).clone

  if !opts.has_key?(:keep_stdfds) || opts[:keep_stdfds]
    keep_fds << 0 << 1 << 2
  end

  keep_fds << r

  pid = Process.fork do
    w.close
    close_fds(except: keep_fds)

    if opts[:oom_score_adj]
      File.open('/proc/self/oom_score_adj', 'w') do |f|
        f.write(opts[:oom_score_adj].to_s)
      end
    end

    switch_to(sysuser, ugid, homedir, cgroup_path, opts)

    msg = r.readline.strip
    r.close

    if msg == 'ready'
      block.call
    else
      exit(false)
    end
  end

  r.close

  apply_prlimits(pid, opts[:prlimits]) if opts[:prlimits]

  w.puts('ready')
  w.close
  pid
end

.switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}) ⇒ Object

Switch the current process to an unprivileged user

# File 'lib/osctld/switch_user.rb', line 64

def self.switch_to(sysuser, ugid, homedir, cgroup_path, opts = {})
  chown_cgroups = opts.has_key?(:chown_cgroups) ? opts[:chown_cgroups] : true

  # Environment
  ENV.delete('XDG_SESSION_ID')
  ENV.delete('XDG_RUNTIME_DIR')

  ENV['HOME'] = homedir
  ENV['USER'] = sysuser

  # CGroups
  CGroup.subsystems.each do |subsys|
    CGroup.mkpath(
      subsys,
      cgroup_path.split('/'),
      attach: true,
      chown: chown_cgroups ? ugid : false
    )
  end

  # Switch
  Process.groups = [ugid]
  Process::Sys.setgid(ugid)
  Process::Sys.setuid(ugid)
end

.switch_to_system(sysuser, uid, gid, homedir) ⇒ Object

Switch the current process to an unprivileged users, but do not change cgroups.

# File 'lib/osctld/switch_user.rb', line 92

def self.switch_to_system(sysuser, uid, gid, homedir)
  # Environment
  ENV.delete('XDG_SESSION_ID')
  ENV.delete('XDG_RUNTIME_DIR')

  ENV['HOME'] = homedir
  ENV['USER'] = sysuser

  # Switch
  Process.groups = [gid]
  Process::Sys.setgid(gid)
  Process::Sys.setuid(uid)
end

.walk_fds {|fd| ... } ⇒ Object

Yield all open file descriptors

Yield Parameters:

• fd (Integer)

# File 'lib/osctld/switch_user.rb', line 143

def self.walk_fds
  Dir.entries('/proc/self/fd').each do |v|
    next if %w(. ..).include?(v)
    yield(v.to_i)
  end
end