mirrors/pulseaudio
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pulseaudio/pulseaudio.git synced 2025-11-07 13:30:03 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
pulseaudio/src/daemon/caps.c
Ryan Lortie 1da34e99b2 Add support for FreeBSD <sys/capability.h> 
cap_init() and friends are Linux-specific, so only use them if we're on
Linux.

Add support for FreeBSD capabilities if we find <sys/capability.h> to be
available there.

Add an #else (not Linux or FreeBSD) case with an #error requesting
contributions for other platforms.

This patch keeps the cap_init check in configure.ac but removes the
error if it fails.  This will ensure we link to -lcap if needed, but
won't fail for the case that capabilities are part of the core system
(as on FreeBSD).

We do however, modify the header check to ensure we fail if there is no
<sys/capability.h> at all and we are on a system where it could be
installed.  The logic here is that it is better to give the user the
chance to install it than it is to proceed silently with a disabled
security feature on a system where it could easily be supported.
--without-caps remains an option if the user wants to force it.

https://bugs.freedesktop.org/show_bug.cgi?id=72580
2013-12-20 21:48:50 +02:00

99 lines
2.7 KiB
C
Raw Blame History

/***
This file is part of PulseAudio.
Copyright 2004-2006 Lennart Poettering
Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB
PulseAudio is free software; you can redistribute it and/or modify
it under the terms of the GNU Lesser General Public License as published
by the Free Software Foundation; either version 2.1 of the License,
or (at your option) any later version.
PulseAudio is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with PulseAudio; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA.
***/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <unistd.h>
#include <errno.h>
#include <sys/types.h>
#include <pulsecore/i18n.h>
#include <pulsecore/macro.h>
#include <pulsecore/log.h>
#ifdef HAVE_SYS_CAPABILITY_H
#include <sys/capability.h>
#endif
#include "caps.h"
/* Glibc <= 2.2 has broken unistd.h */
#if defined(linux) && (__GLIBC__ <= 2 && __GLIBC_MINOR__ <= 2)
int setresgid(gid_t r, gid_t e, gid_t s);
int setresuid(uid_t r, uid_t e, uid_t s);
#endif
/* Drop root rights when called SUID root */
void pa_drop_root(void) {
#ifdef HAVE_GETUID
uid_t uid;
gid_t gid;
pa_log_debug(_("Cleaning up privileges."));
uid = getuid();
gid = getgid();
#if defined(HAVE_SETRESUID)
pa_assert_se(setresuid(uid, uid, uid) >= 0);
pa_assert_se(setresgid(gid, gid, gid) >= 0);
#elif defined(HAVE_SETREUID)
pa_assert_se(setreuid(uid, uid) >= 0);
pa_assert_se(setregid(gid, gid) >= 0);
#else
pa_assert_se(setuid(uid) >= 0);
pa_assert_se(seteuid(uid) >= 0);
pa_assert_se(setgid(gid) >= 0);
pa_assert_se(setegid(gid) >= 0);
#endif
pa_assert_se(getuid() == uid);
pa_assert_se(geteuid() == uid);
pa_assert_se(getgid() == gid);
pa_assert_se(getegid() == gid);
if (uid != 0)
pa_drop_caps();
#endif
}
void pa_drop_caps(void) {
#ifdef HAVE_SYS_CAPABILITY_H
#ifdef __linux
cap_t caps;
pa_assert_se(caps = cap_init());
pa_assert_se(cap_clear(caps) == 0);
pa_assert_se(cap_set_proc(caps) == 0);
pa_assert_se(cap_free(caps) == 0);
#elif __FreeBSD__
pa_assert_se (cap_enter () == 0);
#else
#error Don't know how to do capabilities on your system. Please send a patch.
#endif /* __linux */
#else /* HAVE_SYS_CAPABILITY_H */
pa_log_warn("Normally all extra capabilities would be dropped now, but "
"that's impossible because this Pulseaudio was built without "
"libcap support.");
#endif
}
Reference in a new issue View git blame Copy permalink