diff options
| author | Stefano Brivio <sbrivio@redhat.com> | 2021-10-16 06:15:05 +0200 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2021-10-16 16:53:40 +0200 |
| commit | 2c7d1ce088ba9b588652f58616eb2a8d7748ca88 (patch) | |
| tree | ebc970cb55445f6e1e8b0ee50a928d0bea787f7f | |
| parent | 1fd0c9b0e1f27098f9bf86e86285335e640317a5 (diff) | |
| download | passt-2c7d1ce088ba9b588652f58616eb2a8d7748ca88.tar passt-2c7d1ce088ba9b588652f58616eb2a8d7748ca88.tar.gz passt-2c7d1ce088ba9b588652f58616eb2a8d7748ca88.tar.bz2 passt-2c7d1ce088ba9b588652f58616eb2a8d7748ca88.tar.lz passt-2c7d1ce088ba9b588652f58616eb2a8d7748ca88.tar.xz passt-2c7d1ce088ba9b588652f58616eb2a8d7748ca88.tar.zst passt-2c7d1ce088ba9b588652f58616eb2a8d7748ca88.zip | |
passt: Static builds: don't redefine __vsyslog(), skip getpwnam() and initgroups()
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | conf.c | 3 | ||||
| -rw-r--r-- | passt.c | 15 | ||||
| -rw-r--r-- | util.c | 11 | ||||
| -rw-r--r-- | util.h | 2 |
5 files changed, 21 insertions, 12 deletions
@@ -11,7 +11,7 @@ all: passt pasta passt4netns qrap avx2: CFLAGS += -Ofast -mavx2 -ftree-vectorize -funroll-loops avx2: clean all -static: CFLAGS += -static +static: CFLAGS += -static -DGLIBC_NO_STATIC_NSS static: clean all seccomp.h: *.c $(filter-out seccomp.h,$(wildcard *.h)) @@ -293,7 +293,8 @@ static void get_dns(struct ctx *c) if ((fd = open("/etc/resolv.conf", O_RDONLY)) < 0) goto out; - while (!(*buf = 0) && line_read(buf, BUFSIZ, fd)) { + *buf = 0; + while (line_read(buf, BUFSIZ, fd)) { if (!dns_set && strstr(buf, "nameserver ") == buf) { p = strrchr(buf, ' '); if (!p) @@ -212,17 +212,22 @@ static void check_root(void) close(fd); fprintf(stderr, "Don't run this as root. Changing to nobody...\n"); +#ifndef GLIBC_NO_STATIC_NSS pw = getpwnam("nobody"); if (!pw) { perror("getpwnam"); exit(EXIT_FAILURE); } - if (initgroups(pw->pw_name, pw->pw_gid) || - setgid(pw->pw_gid) || setuid(pw->pw_uid)) { - fprintf(stderr, "Can't change to user/group nobody, exiting"); - exit(EXIT_FAILURE); - } + if (!initgroups(pw->pw_name, pw->pw_gid) && + !setgid(pw->pw_gid) && !setuid(pw->pw_uid)) + return; +#else + (void)pw; +#endif + + fprintf(stderr, "Can't change to user/group nobody, exiting"); + exit(EXIT_FAILURE); } /** @@ -37,7 +37,7 @@ #include "util.h" #include "passt.h" -/* For __openlog() and __setlogmask() wrappers, and __vsyslog() (replacement) */ +/* For __openlog() and __setlogmask() wrappers, and passt_vsyslog() */ static int log_mask; static int log_sock = -1; static char log_ident[BUFSIZ]; @@ -56,7 +56,7 @@ void name(const char *format, ...) { \ tp.tv_nsec / (100 * 1000)); \ } else { \ va_start(args, format); \ - __vsyslog(level, format, args); \ + passt_vsyslog(level, format, args); \ va_end(args); \ } \ \ @@ -121,12 +121,12 @@ void __setlogmask(int mask) } /** - * __vsyslog() - vsyslog() implementation not using heap memory + * passt_vsyslog() - vsyslog() implementation not using heap memory * @pri: Facility and level map, same as priority for vsyslog() * @format: Same as vsyslog() format * @ap: Same as vsyslog() ap */ -void __vsyslog(int pri, const char *format, va_list ap) +void passt_vsyslog(int pri, const char *format, va_list ap) { char buf[BUFSIZ]; int n; @@ -389,6 +389,9 @@ char *line_read(char *buf, size_t len, int fd) p = buf + strlen(buf) + 1; + while (*p == '\n' && strlen(p) && (size_t)(p - buf) < len) + p++; + if (!(nl = strchr(p, '\n'))) return NULL; *nl = 0; @@ -147,7 +147,7 @@ enum bind_type { struct ctx; void __openlog(const char *ident, int option, int facility); -void __vsyslog(int pri, const char *fmt, va_list ap); +void passt_vsyslog(int pri, const char *fmt, va_list ap); void __setlogmask(int mask); char *ipv6_l4hdr(struct ipv6hdr *ip6h, uint8_t *proto); int sock_l4(struct ctx *c, int af, uint8_t proto, uint16_t port, |