POTD skeleton #41.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2018-05-02 20:59:34 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2018-05-02 20:59:34 +0200
commit: 4f66937b2bfadfa54aa099ea9bbb9f2f0dc2416f (patch)
tree: c8512ec9d9bd91c3171248f65d619e2e6014c006 /src/jail.c
parent: e6d9e7073ea1e23a3b22440fa69ce92691ca328d (diff)
1 files changed, 28 insertions, 10 deletions
diff --git a/src/jail.c b/src/jail.c
index 1b5cb5b..e879c2c 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -12,6 +12,7 @@
 #include "jail.h"
 #include "socket.h"
 #include "server.h"
+#include "pterm.h"
 #include "utils.h"
 #include "log.h"
 
@@ -211,7 +212,7 @@ static int jail_accept_client(jail_ctx *ctx[],
     size_t i, rc = 0;
     int s;
     pid_t prisoner_pid;
-    jail_prisoner_process *args;
+    static jail_prisoner_process *args;
 
     for (i = 0; i < siz; ++i) {
         if (ctx[i]->sock.fd == event->data.fd) {
@@ -250,6 +251,7 @@ static int jail_accept_client(jail_ctx *ctx[],
 error:
             socket_close(&args->client_psock);
             free(args);
+            args = NULL;
             return rc;
         }
     }
@@ -262,9 +264,10 @@ static int jail_childfn(void *arg)
     jail_prisoner_process *args;
     const char *path_dev = "/dev";
     const char *path_devpts = "/dev/pts";
-    int s, term_fd;
-    struct termios *term = NULL;
-    struct winsize *win = NULL;
+    const char *path_proc = "/proc";
+    const char *path_shell = "/bin/sh";
+    char tty_name[TTYSZ+sizeof(long)];
+    int s, pty_fd, tty_fd;
     int unshare_flags = CLONE_NEWUTS|CLONE_NEWPID|CLONE_NEWIPC|
         CLONE_NEWNS|CLONE_NEWNET;
     pid_t self_pid, child_pid;
@@ -307,6 +310,15 @@ static int jail_childfn(void *arg)
     if (!dir_is_mountpoint(path_devpts) && mount_pts(path_devpts))
         FATAL("Mount devpts to '%s%s'", args->newroot, path_devpts);
 
+    D2("Mounting proc to '%s%s'", args->newroot, path_proc);
+    s = mkdir(path_proc, S_IRUSR|S_IWUSR|S_IXUSR|
+                         S_IRGRP|S_IXGRP|
+                         S_IROTH|S_IXOTH);
+    if (s && errno != EEXIST)
+        FATAL("Create directory '%s'", path_proc);
+    if (!dir_is_mountpoint(path_proc) && mount_proc(path_proc))
+        FATAL("Mount devpts to '%s%s'", args->newroot, path_proc)
+
     D2("Creating device files in '%s%s'", args->newroot, path_dev);
     if (create_device_files(path_dev)) {
         E2("Device file creation failed for rootfs '%s%s'",
@@ -314,16 +326,22 @@ static int jail_childfn(void *arg)
         exit(EXIT_FAILURE);
     }
 
-    D2("%s", "Forking a new pseudo terminal");
-    child_pid = forkpty(&term_fd, NULL, term, win);
+    if (pty_allocate(&pty_fd, &tty_fd, tty_name, TTYSZ))
+        FATAL("%s", "TTY allocation");
+
+    D2("Forking a new process for the slave tty from "
+       "parent pty with pid %d",
+       self_pid);
+    child_pid = fork();
     switch (child_pid) {
         case -1:
-            FATAL("Forking a new pseudo terminal for pid %d",
-                self_pid);
+            FATAL("Forking a new process for the slave tty from "
+                  "parent pty with pid %d",
+                  self_pid);
             break;
         case 0:
-            D2("Executing '%s'", "/bin/bash");
-            if (execl("/bin(bash", "/bin/bash", (char *) NULL))
+            D2("Executing '%s'", path_shell);
+            if (execl(path_shell, path_shell, (char *) NULL))
                 FATAL("Execute a shell for pid %d", self_pid);
             break;
         default:
author	Toni Uhlig <matzeton@googlemail.com>	2018-05-02 20:59:34 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2018-05-02 20:59:34 +0200
commit	4f66937b2bfadfa54aa099ea9bbb9f2f0dc2416f (patch)
tree	c8512ec9d9bd91c3171248f65d619e2e6014c006 /src/jail.c
parent	e6d9e7073ea1e23a3b22440fa69ce92691ca328d (diff)