Module: OsCtld::SwitchUser

Extended by:

OsCtl::Lib::Utils::System

Includes:

OsCtl::Lib::Utils::Log

Defined in:

lib/osctld/switch_user.rb

Constant Summary

SYSTEM_PATH =

%w(/bin /usr/bin /sbin /usr/sbin /run/current-system/sw/bin)

Class Method Summary

• .apply_prlimits(pid, prlimits) ⇒ Object

  Apply process resource limits.

• .fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block) ⇒ Object

  Fork a process running as unprivileged user.

• .switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}) ⇒ Object

  Switch the current process to an unprivileged user.

• .switch_to_system(sysuser, uid, gid, homedir) ⇒ Object

  Switch the current process to an unprivileged users, but do not change cgroups.

Class Method Details

.apply_prlimits(pid, prlimits) ⇒ Object

Apply process resource limits

Parameters:

• pid (Integer)
• prlimits (Hash)

# File 'lib/osctld/switch_user.rb', line 98

def self.apply_prlimits(pid, prlimits)
  prlimits.each do |name, limit|
    PrLimits.set(
      pid,
      PrLimits.resource_to_const(name),
      limit[:soft],
      limit[:hard]
    )
  end
end

.fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block) ⇒ Object

Fork a process running as unprivileged user

Parameters:

• sysuser (String)
• ugid (Integer)
• homedir (String)
• cgroup_path (String)
• opts (Hash) (defaults to: {}) —

  options

Options Hash (opts):

• :chown_cgroups (Boolean) — default: true
• :prlimits (Hash)
• :oom_score_adj (Integer, nil)

# File 'lib/osctld/switch_user.rb', line 19

def self.fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block)
  r, w = IO.pipe

  pid = Process.fork do
    w.close

    if opts[:oom_score_adj]
      File.open('/proc/self/oom_score_adj', 'w') do |f|
        f.write(opts[:oom_score_adj].to_s)
      end
    end

    switch_to(sysuser, ugid, homedir, cgroup_path, opts)

    msg = r.readline.strip
    r.close

    if msg == 'ready'
      block.call
    else
      exit(false)
    end
  end

  r.close

  apply_prlimits(pid, opts[:prlimits]) if opts[:prlimits]

  w.puts('ready')
  w.close
  pid
end

.switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}) ⇒ Object

Switch the current process to an unprivileged user

# File 'lib/osctld/switch_user.rb', line 53

def self.switch_to(sysuser, ugid, homedir, cgroup_path, opts = {})
  chown_cgroups = opts.has_key?(:chown_cgroups) ? opts[:chown_cgroups] : true

  # Environment
  ENV.delete('XDG_SESSION_ID')
  ENV.delete('XDG_RUNTIME_DIR')

  ENV['HOME'] = homedir
  ENV['USER'] = sysuser

  # CGroups
  CGroup.subsystems.each do |subsys|
    CGroup.mkpath(
      subsys,
      cgroup_path.split('/'),
      attach: true,
      chown: chown_cgroups ? ugid : false
    )
  end

  # Switch
  Process.groups = [ugid]
  Process::Sys.setgid(ugid)
  Process::Sys.setuid(ugid)
end

.switch_to_system(sysuser, uid, gid, homedir) ⇒ Object

Switch the current process to an unprivileged users, but do not change cgroups.

# File 'lib/osctld/switch_user.rb', line 81

def self.switch_to_system(sysuser, uid, gid, homedir)
  # Environment
  ENV.delete('XDG_SESSION_ID')
  ENV.delete('XDG_RUNTIME_DIR')

  ENV['HOME'] = homedir
  ENV['USER'] = sysuser

  # Switch
  Process.groups = [gid]
  Process::Sys.setgid(gid)
  Process::Sys.setuid(uid)
end