Changeset 534

Timestamp:

Sep 16, 2018, 8:56:38 PM (6 years ago)

Author:

katerina

Message:

Version 4.3.0, support for /etc/subuid, /etc/subgid

Location:

trunk

Files:

• Makefile.in (modified) (5 diffs)
• config.h.in (modified) (1 diff)
• configure.ac (modified) (2 diffs)
• depend.dep (modified) (2 diffs)
• depend.sum (modified) (1 diff)
• docs/Changelog (modified) (1 diff)
• src/sh_hash.c (modified) (1 diff)
• src/sh_subuid.c (added)
• src/sh_unix.c (modified) (6 diffs)

trunk/Makefile.in

@@ -128 +128 @@
         sh_restrict.h sh_sub.h sh_fInotify.h sh_checksum.h \
         sh_dbIO.h sh_dbIO_int.h sh_guid.h sh_dbCheck.h sh_dbCreate.h \
-        sh_sem.h
+        sh_sem.h sh_subuid.h
 
 
@@ -175 +175 @@
         $(srcsrc)/sh_checksum.c $(srcsrc)/sh_guid.c $(srcsrc)/sh_sem.c \
         $(srcsrc)/sh_dbIO.c $(srcsrc)/sh_dbCheck.c  $(srcsrc)/sh_dbCreate.c \
+        $(srcsrc)/sh_subuid.c \
         $(srcsrc)/t-test1.c 
 
@@ -197 +198 @@
         sh_audit.o sh_registry.o sh_ipvx.o sh_restrict.o \
         sh_filetype.o sh_sub.o sh_fInotify.o sh_checksum.o \
-        sh_guid.o sh_sem.o sh_dbIO.o sh_dbCheck.o sh_dbCreate.o 
+        sh_guid.o sh_sem.o sh_dbIO.o sh_dbCheck.o sh_dbCreate.o \
+        sh_subuid.o
 
 
@@ -1631 +1633 @@
 
 samhain.o: $(srcsrc)/samhain.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_getopt.h $(srcinc)/sh_readconf.h $(srcinc)/sh_hash.h $(srcinc)/sh_dbIO.h $(srcinc)/sh_restrict.h $(srcinc)/sh_nmail.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_mem.h $(srcinc)/sh_xfer.h $(srcinc)/sh_tools.h $(srcinc)/sh_hash.h $(srcinc)/sh_extern.h $(srcinc)/sh_modules.h $(srcinc)/sh_ignore.h $(srcinc)/sh_prelink.h $(srcinc)/sh_sem.h sh_MK.h $(srcinc)/sh_schedule.h 
-sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_restrict.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_sem.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_ignore.h 
+sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_restrict.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_sem.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_subuid.h $(srcinc)/sh_ignore.h 
 sh_utils.o: $(srcsrc)/sh_utils.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_entropy.h $(srcinc)/sh_pthread.h 
 sh_error.o: $(srcsrc)/sh_error.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_cat.h $(srcinc)/sh_database.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_nmail.h $(srcinc)/sh_xfer.h $(srcinc)/sh_prelude.h $(srcinc)/sh_pthread.h $(srcinc)/sh_tools.h $(srcinc)/sh_extern.h $(srcinc)/sh_checksum.h 
@@ -1727 +1729 @@
 sh_xload_client.o: $(srcsrc)/sh_xload_client.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_guid.h 
 sh_sem.o: $(srcsrc)/sh_sem.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_sem.h $(srcinc)/sh_error_min.h 
+sh_subuid.o: $(srcsrc)/sh_subuid.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_unix.h 

trunk/config.h.in

@@ -907 +907 @@
 /* Define to 1 if you have the <sys/stat.h> header file. */
 #undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/sysmacros.h> header file. */
+#undef HAVE_SYS_SYSMACROS_H
 
 /* Define to 1 if you have the <sys/types.h> header file. */

trunk/configure.ac

@@ -12 +12 @@
 dnl start
 dnl
-AM_INIT_AUTOMAKE(samhain, 4.2.4)
+AM_INIT_AUTOMAKE(samhain, 4.3.0)
 AC_DEFINE([SAMHAIN], 1, [Application is samhain])
 AC_CANONICAL_HOST
@@ -244 +244 @@
 
 AC_CHECK_HEADERS(stddef.h libgen.h sched.h malloc.h sys/uio.h \
-        sys/mman.h sys/param.h sys/inotify.h \
+        sys/mman.h sys/param.h sys/inotify.h sys/sysmacros.h \
         sys/vfs.h mntent.h \
         sys/select.h sys/socket.h netinet/in.h ifaddrs.h \

trunk/depend.dep

@@ -2 +2 @@
 # DO NOT DELETE THIS LINE
 samhain.o: $(srcsrc)/samhain.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_pthread.h $(srcinc)/sh_utils.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_files.h $(srcinc)/sh_getopt.h $(srcinc)/sh_readconf.h $(srcinc)/sh_hash.h $(srcinc)/sh_dbIO.h $(srcinc)/sh_restrict.h $(srcinc)/sh_nmail.h $(srcinc)/sh_tiger.h $(srcinc)/sh_gpg.h $(srcinc)/sh_mem.h $(srcinc)/sh_xfer.h $(srcinc)/sh_tools.h $(srcinc)/sh_hash.h $(srcinc)/sh_extern.h $(srcinc)/sh_modules.h $(srcinc)/sh_ignore.h $(srcinc)/sh_prelink.h $(srcinc)/sh_sem.h sh_MK.h $(srcinc)/sh_schedule.h 
-sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_restrict.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_sem.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_ignore.h 
+sh_unix.o: $(srcsrc)/sh_unix.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_unix.h $(srcinc)/sh_utils.h $(srcinc)/sh_mem.h $(srcinc)/sh_hash.h $(srcinc)/sh_tools.h $(srcinc)/sh_restrict.h $(srcinc)/sh_ipvx.h $(srcinc)/sh_tiger.h $(srcinc)/sh_prelink.h $(srcinc)/sh_pthread.h $(srcinc)/sh_sem.h $(srcinc)/sh_static.h $(srcinc)/sh_prelude.h $(srcinc)/zAVLTree.h $(srcinc)/sh_subuid.h $(srcinc)/sh_ignore.h 
 sh_utils.o: $(srcsrc)/sh_utils.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_entropy.h $(srcinc)/sh_pthread.h 
 sh_error.o: $(srcsrc)/sh_error.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_cat.h $(srcinc)/sh_database.h $(srcinc)/sh_error.h $(srcinc)/sh_utils.h $(srcinc)/sh_unix.h $(srcinc)/sh_tiger.h $(srcinc)/sh_nmail.h $(srcinc)/sh_xfer.h $(srcinc)/sh_prelude.h $(srcinc)/sh_pthread.h $(srcinc)/sh_tools.h $(srcinc)/sh_extern.h $(srcinc)/sh_checksum.h 
@@ -100 +100 @@
 sh_xload_client.o: $(srcsrc)/sh_xload_client.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_utils.h $(srcinc)/sh_fifo.h $(srcinc)/sh_guid.h 
 sh_sem.o: $(srcsrc)/sh_sem.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_sem.h $(srcinc)/sh_error_min.h 
+sh_subuid.o: $(srcsrc)/sh_subuid.c Makefile config_xor.h $(srcinc)/samhain.h $(srcinc)/sh_unix.h 

trunk/depend.sum

@@ -1 @@
-2959213307
+3903466696

trunk/docs/Changelog

@@ +1 @@
+4.3.0:
+        * add support for /etc/subuid, /etc/subgid maps
+        * fix compiler warning on Ubuntu 18.04
+
 4.2.4:
         * fix 'clobbered by..' compiler warning is src/sh_portcheck.c

trunk/src/sh_hash.c

@@ -24 +24 @@
 #include <stdio.h>
 #include <sys/types.h>
+#ifdef HAVE_SYS_SYSMACROS_H
+#include <sys/sysmacros.h>
+#endif
 #include <sys/stat.h>
 #include <unistd.h>

trunk/src/sh_unix.c

@@ -2827 +2827 @@
 
 /* --------- end caching code --------- */
-  
+
+#include "sh_subuid.h"
+
 char *  sh_unix_getUIDname (int level, uid_t uid, char * out, size_t len)
 {
@@ -2863 +2865 @@
   status = errno;
 #endif
- 
-  if (tempres == NULL) 
-    {
-      sh_error_handle (level, FIL__, __LINE__, EINVAL, MSG_E_PWNULL,
-                       sh_error_message(status, errbuf, sizeof(errbuf)),
-                       _("getpwuid"), (long) uid, _("completely missing"));
-#if defined(HAVE_PTHREAD) && defined (_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETGRGID_R)
-      SH_FREE(buffer);
-#endif
-      sh_userid_add(uid, NULL, CACHE_UID);
-      SL_RETURN( NULL, _("sh_unix_getUIDname"));
-    }
-
-
-  if (tempres->pw_name != NULL) 
+
+  /* case 1: we have it
+   */
+  if (tempres && tempres->pw_name != NULL) 
     {
 
@@ -2888 +2879 @@
 
       SL_RETURN( out, _("sh_unix_getUIDname"));
-    } 
-  else 
-    {
+    }
+
+#if defined(HAVE_PTHREAD) && defined (_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETGRGID_R)
+  SH_FREE(buffer);
+#endif
+  
+  if (tempres == NULL) 
+    {
+      char * pwname = sh_get_subuid ((unsigned long) uid);
+
+      if (pwname)
+        {
+          sl_strlcpy(out, pwname, len);
+          sh_userid_add(uid, out, CACHE_UID);
+          SL_RETURN( out, _("sh_unix_getUIDname"));
+        }
+
       sh_error_handle (level, FIL__, __LINE__, EINVAL, MSG_E_PWNULL,
                        sh_error_message(status, errbuf, sizeof(errbuf)),
-                       _("getpwuid"), (long) uid, _("pw_user"));
-#if defined(HAVE_PTHREAD) && defined (_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETGRGID_R)
-      SH_FREE(buffer);
-#endif
+                       _("getpwuid"), (long) uid, _("completely missing"));
+      sh_userid_add(uid, NULL, CACHE_UID);
       SL_RETURN( NULL, _("sh_unix_getUIDname"));
     }
-  /* notreached */
+
+
+  /* getwpuid returns struct, but no pw_name
+   */
+  sh_error_handle (level, FIL__, __LINE__, EINVAL, MSG_E_PWNULL,
+                   sh_error_message(status, errbuf, sizeof(errbuf)),
+                   _("getpwuid"), (long) uid, _("pw_user"));
+  SL_RETURN( NULL, _("sh_unix_getUIDname"));
 }
 
@@ -2959 +2969 @@
     }
 
-  if (tempres == NULL) 
-    {
-      sh_error_handle (level, FIL__, __LINE__, EINVAL, MSG_E_GRNULL,
-                       sh_error_message(status, errbuf, sizeof(errbuf)),
-                       _("getgrgid"), (long) gid, _("completely missing"));
-      
-#if defined(HAVE_PTHREAD) && defined (_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETGRGID_R)
-      SH_FREE(buffer);
-#endif
-
-      sh_userid_add(gid, NULL, CACHE_GID);
-      SL_RETURN( NULL, _("sh_unix_getGIDname"));
-    }
-
-  if (tempres->gr_name != NULL) 
+  if (tempres && tempres->gr_name != NULL) 
     {
 
@@ -2985 +2981 @@
       SL_RETURN( out, _("sh_unix_getGIDname"));
     } 
-  else 
-    {
+
+#if defined(HAVE_PTHREAD) && defined (_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETGRGID_R)
+  SH_FREE(buffer);
+#endif
+
+  if (tempres == NULL) 
+    {
+      char * grname = sh_get_subgid ((unsigned long) gid);
+
+      if (grname)
+        {
+          sl_strlcpy(out, grname, len);
+          sh_userid_add((uid_t)gid, out, CACHE_GID);
+          SL_RETURN( out, _("sh_unix_getGIDname"));
+        }
+
       sh_error_handle (level, FIL__, __LINE__, EINVAL, MSG_E_GRNULL,
                        sh_error_message(status, errbuf, sizeof(errbuf)),
-                       _("getgrgid"), (long) gid, _("gr_name"));
-
-#if defined(HAVE_PTHREAD) && defined (_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_GETGRGID_R)
-      SH_FREE(buffer);
-#endif
-
+                       _("getgrgid"), (long) gid, _("completely missing"));
+      sh_userid_add(gid, NULL, CACHE_GID);
       SL_RETURN( NULL, _("sh_unix_getGIDname"));
     }
-  /* notreached */
+
+  sh_error_handle (level, FIL__, __LINE__, EINVAL, MSG_E_GRNULL,
+                   sh_error_message(status, errbuf, sizeof(errbuf)),
+                   _("getgrgid"), (long) gid, _("gr_name"));
+  SL_RETURN( NULL, _("sh_unix_getGIDname"));
 }
 
@@ -3066 +3076 @@
 }
 
-
+/* return >0 on success, -1 on EOF */
 int sh_unix_getline (SL_TICKET fd, char * line, int sizeofline)
 {