Module: OsCtld::SwitchUser

Extended by:
OsCtl::Lib::Utils::System
Includes:
OsCtl::Lib::Utils::Log
Defined in:
lib/osctld/switch_user.rb

Constant Summary collapse

SYSTEM_PATH =
%w(/bin /usr/bin /sbin /usr/sbin /run/current-system/sw/bin)

Class Method Summary collapse

Class Method Details

.apply_prlimits(pid, prlimits) ⇒ Object

Apply process resource limits

Parameters:

  • pid (Integer)
  • prlimits (Hash)


98
99
100
101
102
103
104
105
106
107
# File 'lib/osctld/switch_user.rb', line 98

def self.apply_prlimits(pid, prlimits)
  prlimits.each do |name, limit|
    PrLimits.set(
      pid,
      PrLimits.resource_to_const(name),
      limit[:soft],
      limit[:hard]
    )
  end
end

.fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block) ⇒ Object

Fork a process running as unprivileged user

Parameters:

  • sysuser (String)
  • ugid (Integer)
  • homedir (String)
  • cgroup_path (String)
  • opts (Hash) (defaults to: {})

    options

Options Hash (opts):

  • :chown_cgroups (Boolean) — default: true
  • :prlimits (Hash)
  • :oom_score_adj (Integer, nil)


19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'lib/osctld/switch_user.rb', line 19

def self.fork_and_switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}, &block)
  r, w = IO.pipe

  pid = Process.fork do
    w.close

    if opts[:oom_score_adj]
      File.open('/proc/self/oom_score_adj', 'w') do |f|
        f.write(opts[:oom_score_adj].to_s)
      end
    end

    switch_to(sysuser, ugid, homedir, cgroup_path, opts)

    msg = r.readline.strip
    r.close

    if msg == 'ready'
      block.call
    else
      exit(false)
    end
  end

  r.close

  apply_prlimits(pid, opts[:prlimits]) if opts[:prlimits]

  w.puts('ready')
  w.close
  pid
end

.switch_to(sysuser, ugid, homedir, cgroup_path, opts = {}) ⇒ Object

Switch the current process to an unprivileged user



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# File 'lib/osctld/switch_user.rb', line 53

def self.switch_to(sysuser, ugid, homedir, cgroup_path, opts = {})
  chown_cgroups = opts.has_key?(:chown_cgroups) ? opts[:chown_cgroups] : true

  # Environment
  ENV.delete('XDG_SESSION_ID')
  ENV.delete('XDG_RUNTIME_DIR')

  ENV['HOME'] = homedir
  ENV['USER'] = sysuser

  # CGroups
  CGroup.subsystems.each do |subsys|
    CGroup.mkpath(
      subsys,
      cgroup_path.split('/'),
      attach: true,
      chown: chown_cgroups ? ugid : false
    )
  end

  # Switch
  Process.groups = [ugid]
  Process::Sys.setgid(ugid)
  Process::Sys.setuid(ugid)
end

.switch_to_system(sysuser, uid, gid, homedir) ⇒ Object

Switch the current process to an unprivileged users, but do not change cgroups.



81
82
83
84
85
86
87
88
89
90
91
92
93
# File 'lib/osctld/switch_user.rb', line 81

def self.switch_to_system(sysuser, uid, gid, homedir)
  # Environment
  ENV.delete('XDG_SESSION_ID')
  ENV.delete('XDG_RUNTIME_DIR')

  ENV['HOME'] = homedir
  ENV['USER'] = sysuser

  # Switch
  Process.groups = [gid]
  Process::Sys.setgid(gid)
  Process::Sys.setuid(uid)
end